Loading...
1// SPDX-License-Identifier: GPL-2.0-or-later
2/*
3 * vvvvvvvvvvvvvvvvvvvvvvv Original vvvvvvvvvvvvvvvvvvvvvvvvvvvvvvv
4 * Copyright (C) 1992 Eric Youngdale
5 * Simulate a host adapter with 2 disks attached. Do a lot of checking
6 * to make sure that we are not getting blocks mixed up, and PANIC if
7 * anything out of the ordinary is seen.
8 * ^^^^^^^^^^^^^^^^^^^^^^^ Original ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
9 *
10 * Copyright (C) 2001 - 2020 Douglas Gilbert
11 *
12 * For documentation see http://sg.danny.cz/sg/scsi_debug.html
13 */
14
15
16#define pr_fmt(fmt) KBUILD_MODNAME ":%s: " fmt, __func__
17
18#include <linux/module.h>
19
20#include <linux/kernel.h>
21#include <linux/errno.h>
22#include <linux/jiffies.h>
23#include <linux/slab.h>
24#include <linux/types.h>
25#include <linux/string.h>
26#include <linux/genhd.h>
27#include <linux/fs.h>
28#include <linux/init.h>
29#include <linux/proc_fs.h>
30#include <linux/vmalloc.h>
31#include <linux/moduleparam.h>
32#include <linux/scatterlist.h>
33#include <linux/blkdev.h>
34#include <linux/crc-t10dif.h>
35#include <linux/spinlock.h>
36#include <linux/interrupt.h>
37#include <linux/atomic.h>
38#include <linux/hrtimer.h>
39#include <linux/uuid.h>
40#include <linux/t10-pi.h>
41#include <linux/msdos_partition.h>
42#include <linux/random.h>
43#include <linux/xarray.h>
44#include <linux/prefetch.h>
45
46#include <net/checksum.h>
47
48#include <asm/unaligned.h>
49
50#include <scsi/scsi.h>
51#include <scsi/scsi_cmnd.h>
52#include <scsi/scsi_device.h>
53#include <scsi/scsi_host.h>
54#include <scsi/scsicam.h>
55#include <scsi/scsi_eh.h>
56#include <scsi/scsi_tcq.h>
57#include <scsi/scsi_dbg.h>
58
59#include "sd.h"
60#include "scsi_logging.h"
61
62/* make sure inq_product_rev string corresponds to this version */
63#define SDEBUG_VERSION "0190" /* format to fit INQUIRY revision field */
64static const char *sdebug_version_date = "20200710";
65
66#define MY_NAME "scsi_debug"
67
68/* Additional Sense Code (ASC) */
69#define NO_ADDITIONAL_SENSE 0x0
70#define LOGICAL_UNIT_NOT_READY 0x4
71#define LOGICAL_UNIT_COMMUNICATION_FAILURE 0x8
72#define UNRECOVERED_READ_ERR 0x11
73#define PARAMETER_LIST_LENGTH_ERR 0x1a
74#define INVALID_OPCODE 0x20
75#define LBA_OUT_OF_RANGE 0x21
76#define INVALID_FIELD_IN_CDB 0x24
77#define INVALID_FIELD_IN_PARAM_LIST 0x26
78#define WRITE_PROTECTED 0x27
79#define UA_RESET_ASC 0x29
80#define UA_CHANGED_ASC 0x2a
81#define TARGET_CHANGED_ASC 0x3f
82#define LUNS_CHANGED_ASCQ 0x0e
83#define INSUFF_RES_ASC 0x55
84#define INSUFF_RES_ASCQ 0x3
85#define POWER_ON_RESET_ASCQ 0x0
86#define BUS_RESET_ASCQ 0x2 /* scsi bus reset occurred */
87#define MODE_CHANGED_ASCQ 0x1 /* mode parameters changed */
88#define CAPACITY_CHANGED_ASCQ 0x9
89#define SAVING_PARAMS_UNSUP 0x39
90#define TRANSPORT_PROBLEM 0x4b
91#define THRESHOLD_EXCEEDED 0x5d
92#define LOW_POWER_COND_ON 0x5e
93#define MISCOMPARE_VERIFY_ASC 0x1d
94#define MICROCODE_CHANGED_ASCQ 0x1 /* with TARGET_CHANGED_ASC */
95#define MICROCODE_CHANGED_WO_RESET_ASCQ 0x16
96#define WRITE_ERROR_ASC 0xc
97#define UNALIGNED_WRITE_ASCQ 0x4
98#define WRITE_BOUNDARY_ASCQ 0x5
99#define READ_INVDATA_ASCQ 0x6
100#define READ_BOUNDARY_ASCQ 0x7
101#define INSUFF_ZONE_ASCQ 0xe
102
103/* Additional Sense Code Qualifier (ASCQ) */
104#define ACK_NAK_TO 0x3
105
106/* Default values for driver parameters */
107#define DEF_NUM_HOST 1
108#define DEF_NUM_TGTS 1
109#define DEF_MAX_LUNS 1
110/* With these defaults, this driver will make 1 host with 1 target
111 * (id 0) containing 1 logical unit (lun 0). That is 1 device.
112 */
113#define DEF_ATO 1
114#define DEF_CDB_LEN 10
115#define DEF_JDELAY 1 /* if > 0 unit is a jiffy */
116#define DEF_DEV_SIZE_PRE_INIT 0
117#define DEF_DEV_SIZE_MB 8
118#define DEF_ZBC_DEV_SIZE_MB 128
119#define DEF_DIF 0
120#define DEF_DIX 0
121#define DEF_PER_HOST_STORE false
122#define DEF_D_SENSE 0
123#define DEF_EVERY_NTH 0
124#define DEF_FAKE_RW 0
125#define DEF_GUARD 0
126#define DEF_HOST_LOCK 0
127#define DEF_LBPU 0
128#define DEF_LBPWS 0
129#define DEF_LBPWS10 0
130#define DEF_LBPRZ 1
131#define DEF_LOWEST_ALIGNED 0
132#define DEF_NDELAY 0 /* if > 0 unit is a nanosecond */
133#define DEF_NO_LUN_0 0
134#define DEF_NUM_PARTS 0
135#define DEF_OPTS 0
136#define DEF_OPT_BLKS 1024
137#define DEF_PHYSBLK_EXP 0
138#define DEF_OPT_XFERLEN_EXP 0
139#define DEF_PTYPE TYPE_DISK
140#define DEF_RANDOM false
141#define DEF_REMOVABLE false
142#define DEF_SCSI_LEVEL 7 /* INQUIRY, byte2 [6->SPC-4; 7->SPC-5] */
143#define DEF_SECTOR_SIZE 512
144#define DEF_UNMAP_ALIGNMENT 0
145#define DEF_UNMAP_GRANULARITY 1
146#define DEF_UNMAP_MAX_BLOCKS 0xFFFFFFFF
147#define DEF_UNMAP_MAX_DESC 256
148#define DEF_VIRTUAL_GB 0
149#define DEF_VPD_USE_HOSTNO 1
150#define DEF_WRITESAME_LENGTH 0xFFFF
151#define DEF_STRICT 0
152#define DEF_STATISTICS false
153#define DEF_SUBMIT_QUEUES 1
154#define DEF_TUR_MS_TO_READY 0
155#define DEF_UUID_CTL 0
156#define JDELAY_OVERRIDDEN -9999
157
158/* Default parameters for ZBC drives */
159#define DEF_ZBC_ZONE_SIZE_MB 128
160#define DEF_ZBC_MAX_OPEN_ZONES 8
161#define DEF_ZBC_NR_CONV_ZONES 1
162
163#define SDEBUG_LUN_0_VAL 0
164
165/* bit mask values for sdebug_opts */
166#define SDEBUG_OPT_NOISE 1
167#define SDEBUG_OPT_MEDIUM_ERR 2
168#define SDEBUG_OPT_TIMEOUT 4
169#define SDEBUG_OPT_RECOVERED_ERR 8
170#define SDEBUG_OPT_TRANSPORT_ERR 16
171#define SDEBUG_OPT_DIF_ERR 32
172#define SDEBUG_OPT_DIX_ERR 64
173#define SDEBUG_OPT_MAC_TIMEOUT 128
174#define SDEBUG_OPT_SHORT_TRANSFER 0x100
175#define SDEBUG_OPT_Q_NOISE 0x200
176#define SDEBUG_OPT_ALL_TSF 0x400
177#define SDEBUG_OPT_RARE_TSF 0x800
178#define SDEBUG_OPT_N_WCE 0x1000
179#define SDEBUG_OPT_RESET_NOISE 0x2000
180#define SDEBUG_OPT_NO_CDB_NOISE 0x4000
181#define SDEBUG_OPT_HOST_BUSY 0x8000
182#define SDEBUG_OPT_CMD_ABORT 0x10000
183#define SDEBUG_OPT_ALL_NOISE (SDEBUG_OPT_NOISE | SDEBUG_OPT_Q_NOISE | \
184 SDEBUG_OPT_RESET_NOISE)
185#define SDEBUG_OPT_ALL_INJECTING (SDEBUG_OPT_RECOVERED_ERR | \
186 SDEBUG_OPT_TRANSPORT_ERR | \
187 SDEBUG_OPT_DIF_ERR | SDEBUG_OPT_DIX_ERR | \
188 SDEBUG_OPT_SHORT_TRANSFER | \
189 SDEBUG_OPT_HOST_BUSY | \
190 SDEBUG_OPT_CMD_ABORT)
191#define SDEBUG_OPT_RECOV_DIF_DIX (SDEBUG_OPT_RECOVERED_ERR | \
192 SDEBUG_OPT_DIF_ERR | SDEBUG_OPT_DIX_ERR)
193
194/* As indicated in SAM-5 and SPC-4 Unit Attentions (UAs) are returned in
195 * priority order. In the subset implemented here lower numbers have higher
196 * priority. The UA numbers should be a sequence starting from 0 with
197 * SDEBUG_NUM_UAS being 1 higher than the highest numbered UA. */
198#define SDEBUG_UA_POR 0 /* Power on, reset, or bus device reset */
199#define SDEBUG_UA_BUS_RESET 1
200#define SDEBUG_UA_MODE_CHANGED 2
201#define SDEBUG_UA_CAPACITY_CHANGED 3
202#define SDEBUG_UA_LUNS_CHANGED 4
203#define SDEBUG_UA_MICROCODE_CHANGED 5 /* simulate firmware change */
204#define SDEBUG_UA_MICROCODE_CHANGED_WO_RESET 6
205#define SDEBUG_NUM_UAS 7
206
207/* when 1==SDEBUG_OPT_MEDIUM_ERR, a medium error is simulated at this
208 * sector on read commands: */
209#define OPT_MEDIUM_ERR_ADDR 0x1234 /* that's sector 4660 in decimal */
210#define OPT_MEDIUM_ERR_NUM 10 /* number of consecutive medium errs */
211
212/* SDEBUG_CANQUEUE is the maximum number of commands that can be queued
213 * (for response) per submit queue at one time. Can be reduced by max_queue
214 * option. Command responses are not queued when jdelay=0 and ndelay=0. The
215 * per-device DEF_CMD_PER_LUN can be changed via sysfs:
216 * /sys/class/scsi_device/<h:c:t:l>/device/queue_depth
217 * but cannot exceed SDEBUG_CANQUEUE .
218 */
219#define SDEBUG_CANQUEUE_WORDS 3 /* a WORD is bits in a long */
220#define SDEBUG_CANQUEUE (SDEBUG_CANQUEUE_WORDS * BITS_PER_LONG)
221#define DEF_CMD_PER_LUN SDEBUG_CANQUEUE
222
223/* UA - Unit Attention; SA - Service Action; SSU - Start Stop Unit */
224#define F_D_IN 1 /* Data-in command (e.g. READ) */
225#define F_D_OUT 2 /* Data-out command (e.g. WRITE) */
226#define F_D_OUT_MAYBE 4 /* WRITE SAME, NDOB bit */
227#define F_D_UNKN 8
228#define F_RL_WLUN_OK 0x10 /* allowed with REPORT LUNS W-LUN */
229#define F_SKIP_UA 0x20 /* bypass UAs (e.g. INQUIRY command) */
230#define F_DELAY_OVERR 0x40 /* for commands like INQUIRY */
231#define F_SA_LOW 0x80 /* SA is in cdb byte 1, bits 4 to 0 */
232#define F_SA_HIGH 0x100 /* SA is in cdb bytes 8 and 9 */
233#define F_INV_OP 0x200 /* invalid opcode (not supported) */
234#define F_FAKE_RW 0x400 /* bypass resp_*() when fake_rw set */
235#define F_M_ACCESS 0x800 /* media access, reacts to SSU state */
236#define F_SSU_DELAY 0x1000 /* SSU command delay (long-ish) */
237#define F_SYNC_DELAY 0x2000 /* SYNCHRONIZE CACHE delay */
238
239/* Useful combinations of the above flags */
240#define FF_RESPOND (F_RL_WLUN_OK | F_SKIP_UA | F_DELAY_OVERR)
241#define FF_MEDIA_IO (F_M_ACCESS | F_FAKE_RW)
242#define FF_SA (F_SA_HIGH | F_SA_LOW)
243#define F_LONG_DELAY (F_SSU_DELAY | F_SYNC_DELAY)
244
245#define SDEBUG_MAX_PARTS 4
246
247#define SDEBUG_MAX_CMD_LEN 32
248
249#define SDEB_XA_NOT_IN_USE XA_MARK_1
250
251/* Zone types (zbcr05 table 25) */
252enum sdebug_z_type {
253 ZBC_ZONE_TYPE_CNV = 0x1,
254 ZBC_ZONE_TYPE_SWR = 0x2,
255 ZBC_ZONE_TYPE_SWP = 0x3,
256};
257
258/* enumeration names taken from table 26, zbcr05 */
259enum sdebug_z_cond {
260 ZBC_NOT_WRITE_POINTER = 0x0,
261 ZC1_EMPTY = 0x1,
262 ZC2_IMPLICIT_OPEN = 0x2,
263 ZC3_EXPLICIT_OPEN = 0x3,
264 ZC4_CLOSED = 0x4,
265 ZC6_READ_ONLY = 0xd,
266 ZC5_FULL = 0xe,
267 ZC7_OFFLINE = 0xf,
268};
269
270struct sdeb_zone_state { /* ZBC: per zone state */
271 enum sdebug_z_type z_type;
272 enum sdebug_z_cond z_cond;
273 bool z_non_seq_resource;
274 unsigned int z_size;
275 sector_t z_start;
276 sector_t z_wp;
277};
278
279struct sdebug_dev_info {
280 struct list_head dev_list;
281 unsigned int channel;
282 unsigned int target;
283 u64 lun;
284 uuid_t lu_name;
285 struct sdebug_host_info *sdbg_host;
286 unsigned long uas_bm[1];
287 atomic_t num_in_q;
288 atomic_t stopped; /* 1: by SSU, 2: device start */
289 bool used;
290
291 /* For ZBC devices */
292 enum blk_zoned_model zmodel;
293 unsigned int zsize;
294 unsigned int zsize_shift;
295 unsigned int nr_zones;
296 unsigned int nr_conv_zones;
297 unsigned int nr_imp_open;
298 unsigned int nr_exp_open;
299 unsigned int nr_closed;
300 unsigned int max_open;
301 ktime_t create_ts; /* time since bootup that this device was created */
302 struct sdeb_zone_state *zstate;
303};
304
305struct sdebug_host_info {
306 struct list_head host_list;
307 int si_idx; /* sdeb_store_info (per host) xarray index */
308 struct Scsi_Host *shost;
309 struct device dev;
310 struct list_head dev_info_list;
311};
312
313/* There is an xarray of pointers to this struct's objects, one per host */
314struct sdeb_store_info {
315 rwlock_t macc_lck; /* for atomic media access on this store */
316 u8 *storep; /* user data storage (ram) */
317 struct t10_pi_tuple *dif_storep; /* protection info */
318 void *map_storep; /* provisioning map */
319};
320
321#define to_sdebug_host(d) \
322 container_of(d, struct sdebug_host_info, dev)
323
324enum sdeb_defer_type {SDEB_DEFER_NONE = 0, SDEB_DEFER_HRT = 1,
325 SDEB_DEFER_WQ = 2, SDEB_DEFER_POLL = 3};
326
327struct sdebug_defer {
328 struct hrtimer hrt;
329 struct execute_work ew;
330 ktime_t cmpl_ts;/* time since boot to complete this cmd */
331 int sqa_idx; /* index of sdebug_queue array */
332 int qc_idx; /* index of sdebug_queued_cmd array within sqa_idx */
333 int hc_idx; /* hostwide tag index */
334 int issuing_cpu;
335 bool init_hrt;
336 bool init_wq;
337 bool init_poll;
338 bool aborted; /* true when blk_abort_request() already called */
339 enum sdeb_defer_type defer_t;
340};
341
342struct sdebug_queued_cmd {
343 /* corresponding bit set in in_use_bm[] in owning struct sdebug_queue
344 * instance indicates this slot is in use.
345 */
346 struct sdebug_defer *sd_dp;
347 struct scsi_cmnd *a_cmnd;
348};
349
350struct sdebug_queue {
351 struct sdebug_queued_cmd qc_arr[SDEBUG_CANQUEUE];
352 unsigned long in_use_bm[SDEBUG_CANQUEUE_WORDS];
353 spinlock_t qc_lock;
354 atomic_t blocked; /* to temporarily stop more being queued */
355};
356
357static atomic_t sdebug_cmnd_count; /* number of incoming commands */
358static atomic_t sdebug_completions; /* count of deferred completions */
359static atomic_t sdebug_miss_cpus; /* submission + completion cpus differ */
360static atomic_t sdebug_a_tsf; /* 'almost task set full' counter */
361static atomic_t sdeb_inject_pending;
362static atomic_t sdeb_mq_poll_count; /* bumped when mq_poll returns > 0 */
363
364struct opcode_info_t {
365 u8 num_attached; /* 0 if this is it (i.e. a leaf); use 0xff */
366 /* for terminating element */
367 u8 opcode; /* if num_attached > 0, preferred */
368 u16 sa; /* service action */
369 u32 flags; /* OR-ed set of SDEB_F_* */
370 int (*pfp)(struct scsi_cmnd *, struct sdebug_dev_info *);
371 const struct opcode_info_t *arrp; /* num_attached elements or NULL */
372 u8 len_mask[16]; /* len_mask[0]-->cdb_len, then mask for cdb */
373 /* 1 to min(cdb_len, 15); ignore cdb[15...] */
374};
375
376/* SCSI opcodes (first byte of cdb) of interest mapped onto these indexes */
377enum sdeb_opcode_index {
378 SDEB_I_INVALID_OPCODE = 0,
379 SDEB_I_INQUIRY = 1,
380 SDEB_I_REPORT_LUNS = 2,
381 SDEB_I_REQUEST_SENSE = 3,
382 SDEB_I_TEST_UNIT_READY = 4,
383 SDEB_I_MODE_SENSE = 5, /* 6, 10 */
384 SDEB_I_MODE_SELECT = 6, /* 6, 10 */
385 SDEB_I_LOG_SENSE = 7,
386 SDEB_I_READ_CAPACITY = 8, /* 10; 16 is in SA_IN(16) */
387 SDEB_I_READ = 9, /* 6, 10, 12, 16 */
388 SDEB_I_WRITE = 10, /* 6, 10, 12, 16 */
389 SDEB_I_START_STOP = 11,
390 SDEB_I_SERV_ACT_IN_16 = 12, /* add ...SERV_ACT_IN_12 if needed */
391 SDEB_I_SERV_ACT_OUT_16 = 13, /* add ...SERV_ACT_OUT_12 if needed */
392 SDEB_I_MAINT_IN = 14,
393 SDEB_I_MAINT_OUT = 15,
394 SDEB_I_VERIFY = 16, /* VERIFY(10), VERIFY(16) */
395 SDEB_I_VARIABLE_LEN = 17, /* READ(32), WRITE(32), WR_SCAT(32) */
396 SDEB_I_RESERVE = 18, /* 6, 10 */
397 SDEB_I_RELEASE = 19, /* 6, 10 */
398 SDEB_I_ALLOW_REMOVAL = 20, /* PREVENT ALLOW MEDIUM REMOVAL */
399 SDEB_I_REZERO_UNIT = 21, /* REWIND in SSC */
400 SDEB_I_ATA_PT = 22, /* 12, 16 */
401 SDEB_I_SEND_DIAG = 23,
402 SDEB_I_UNMAP = 24,
403 SDEB_I_WRITE_BUFFER = 25,
404 SDEB_I_WRITE_SAME = 26, /* 10, 16 */
405 SDEB_I_SYNC_CACHE = 27, /* 10, 16 */
406 SDEB_I_COMP_WRITE = 28,
407 SDEB_I_PRE_FETCH = 29, /* 10, 16 */
408 SDEB_I_ZONE_OUT = 30, /* 0x94+SA; includes no data xfer */
409 SDEB_I_ZONE_IN = 31, /* 0x95+SA; all have data-in */
410 SDEB_I_LAST_ELEM_P1 = 32, /* keep this last (previous + 1) */
411};
412
413
414static const unsigned char opcode_ind_arr[256] = {
415/* 0x0; 0x0->0x1f: 6 byte cdbs */
416 SDEB_I_TEST_UNIT_READY, SDEB_I_REZERO_UNIT, 0, SDEB_I_REQUEST_SENSE,
417 0, 0, 0, 0,
418 SDEB_I_READ, 0, SDEB_I_WRITE, 0, 0, 0, 0, 0,
419 0, 0, SDEB_I_INQUIRY, 0, 0, SDEB_I_MODE_SELECT, SDEB_I_RESERVE,
420 SDEB_I_RELEASE,
421 0, 0, SDEB_I_MODE_SENSE, SDEB_I_START_STOP, 0, SDEB_I_SEND_DIAG,
422 SDEB_I_ALLOW_REMOVAL, 0,
423/* 0x20; 0x20->0x3f: 10 byte cdbs */
424 0, 0, 0, 0, 0, SDEB_I_READ_CAPACITY, 0, 0,
425 SDEB_I_READ, 0, SDEB_I_WRITE, 0, 0, 0, 0, SDEB_I_VERIFY,
426 0, 0, 0, 0, SDEB_I_PRE_FETCH, SDEB_I_SYNC_CACHE, 0, 0,
427 0, 0, 0, SDEB_I_WRITE_BUFFER, 0, 0, 0, 0,
428/* 0x40; 0x40->0x5f: 10 byte cdbs */
429 0, SDEB_I_WRITE_SAME, SDEB_I_UNMAP, 0, 0, 0, 0, 0,
430 0, 0, 0, 0, 0, SDEB_I_LOG_SENSE, 0, 0,
431 0, 0, 0, 0, 0, SDEB_I_MODE_SELECT, SDEB_I_RESERVE,
432 SDEB_I_RELEASE,
433 0, 0, SDEB_I_MODE_SENSE, 0, 0, 0, 0, 0,
434/* 0x60; 0x60->0x7d are reserved, 0x7e is "extended cdb" */
435 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
436 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
437 0, SDEB_I_VARIABLE_LEN,
438/* 0x80; 0x80->0x9f: 16 byte cdbs */
439 0, 0, 0, 0, 0, SDEB_I_ATA_PT, 0, 0,
440 SDEB_I_READ, SDEB_I_COMP_WRITE, SDEB_I_WRITE, 0,
441 0, 0, 0, SDEB_I_VERIFY,
442 SDEB_I_PRE_FETCH, SDEB_I_SYNC_CACHE, 0, SDEB_I_WRITE_SAME,
443 SDEB_I_ZONE_OUT, SDEB_I_ZONE_IN, 0, 0,
444 0, 0, 0, 0, 0, 0, SDEB_I_SERV_ACT_IN_16, SDEB_I_SERV_ACT_OUT_16,
445/* 0xa0; 0xa0->0xbf: 12 byte cdbs */
446 SDEB_I_REPORT_LUNS, SDEB_I_ATA_PT, 0, SDEB_I_MAINT_IN,
447 SDEB_I_MAINT_OUT, 0, 0, 0,
448 SDEB_I_READ, 0 /* SDEB_I_SERV_ACT_OUT_12 */, SDEB_I_WRITE,
449 0 /* SDEB_I_SERV_ACT_IN_12 */, 0, 0, 0, 0,
450 0, 0, 0, 0, 0, 0, 0, 0,
451 0, 0, 0, 0, 0, 0, 0, 0,
452/* 0xc0; 0xc0->0xff: vendor specific */
453 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
454 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
455 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
456 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
457};
458
459/*
460 * The following "response" functions return the SCSI mid-level's 4 byte
461 * tuple-in-an-int. To handle commands with an IMMED bit, for a faster
462 * command completion, they can mask their return value with
463 * SDEG_RES_IMMED_MASK .
464 */
465#define SDEG_RES_IMMED_MASK 0x40000000
466
467static int resp_inquiry(struct scsi_cmnd *, struct sdebug_dev_info *);
468static int resp_report_luns(struct scsi_cmnd *, struct sdebug_dev_info *);
469static int resp_requests(struct scsi_cmnd *, struct sdebug_dev_info *);
470static int resp_mode_sense(struct scsi_cmnd *, struct sdebug_dev_info *);
471static int resp_mode_select(struct scsi_cmnd *, struct sdebug_dev_info *);
472static int resp_log_sense(struct scsi_cmnd *, struct sdebug_dev_info *);
473static int resp_readcap(struct scsi_cmnd *, struct sdebug_dev_info *);
474static int resp_read_dt0(struct scsi_cmnd *, struct sdebug_dev_info *);
475static int resp_write_dt0(struct scsi_cmnd *, struct sdebug_dev_info *);
476static int resp_write_scat(struct scsi_cmnd *, struct sdebug_dev_info *);
477static int resp_start_stop(struct scsi_cmnd *, struct sdebug_dev_info *);
478static int resp_readcap16(struct scsi_cmnd *, struct sdebug_dev_info *);
479static int resp_get_lba_status(struct scsi_cmnd *, struct sdebug_dev_info *);
480static int resp_report_tgtpgs(struct scsi_cmnd *, struct sdebug_dev_info *);
481static int resp_unmap(struct scsi_cmnd *, struct sdebug_dev_info *);
482static int resp_rsup_opcodes(struct scsi_cmnd *, struct sdebug_dev_info *);
483static int resp_rsup_tmfs(struct scsi_cmnd *, struct sdebug_dev_info *);
484static int resp_verify(struct scsi_cmnd *, struct sdebug_dev_info *);
485static int resp_write_same_10(struct scsi_cmnd *, struct sdebug_dev_info *);
486static int resp_write_same_16(struct scsi_cmnd *, struct sdebug_dev_info *);
487static int resp_comp_write(struct scsi_cmnd *, struct sdebug_dev_info *);
488static int resp_write_buffer(struct scsi_cmnd *, struct sdebug_dev_info *);
489static int resp_sync_cache(struct scsi_cmnd *, struct sdebug_dev_info *);
490static int resp_pre_fetch(struct scsi_cmnd *, struct sdebug_dev_info *);
491static int resp_report_zones(struct scsi_cmnd *, struct sdebug_dev_info *);
492static int resp_open_zone(struct scsi_cmnd *, struct sdebug_dev_info *);
493static int resp_close_zone(struct scsi_cmnd *, struct sdebug_dev_info *);
494static int resp_finish_zone(struct scsi_cmnd *, struct sdebug_dev_info *);
495static int resp_rwp_zone(struct scsi_cmnd *, struct sdebug_dev_info *);
496
497static int sdebug_do_add_host(bool mk_new_store);
498static int sdebug_add_host_helper(int per_host_idx);
499static void sdebug_do_remove_host(bool the_end);
500static int sdebug_add_store(void);
501static void sdebug_erase_store(int idx, struct sdeb_store_info *sip);
502static void sdebug_erase_all_stores(bool apart_from_first);
503
504/*
505 * The following are overflow arrays for cdbs that "hit" the same index in
506 * the opcode_info_arr array. The most time sensitive (or commonly used) cdb
507 * should be placed in opcode_info_arr[], the others should be placed here.
508 */
509static const struct opcode_info_t msense_iarr[] = {
510 {0, 0x1a, 0, F_D_IN, NULL, NULL,
511 {6, 0xe8, 0xff, 0xff, 0xff, 0xc7, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} },
512};
513
514static const struct opcode_info_t mselect_iarr[] = {
515 {0, 0x15, 0, F_D_OUT, NULL, NULL,
516 {6, 0xf1, 0, 0, 0xff, 0xc7, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} },
517};
518
519static const struct opcode_info_t read_iarr[] = {
520 {0, 0x28, 0, F_D_IN | FF_MEDIA_IO, resp_read_dt0, NULL,/* READ(10) */
521 {10, 0xff, 0xff, 0xff, 0xff, 0xff, 0x3f, 0xff, 0xff, 0xc7, 0, 0,
522 0, 0, 0, 0} },
523 {0, 0x8, 0, F_D_IN | FF_MEDIA_IO, resp_read_dt0, NULL, /* READ(6) */
524 {6, 0xff, 0xff, 0xff, 0xff, 0xc7, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} },
525 {0, 0xa8, 0, F_D_IN | FF_MEDIA_IO, resp_read_dt0, NULL,/* READ(12) */
526 {12, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xbf,
527 0xc7, 0, 0, 0, 0} },
528};
529
530static const struct opcode_info_t write_iarr[] = {
531 {0, 0x2a, 0, F_D_OUT | FF_MEDIA_IO, resp_write_dt0, /* WRITE(10) */
532 NULL, {10, 0xfb, 0xff, 0xff, 0xff, 0xff, 0x3f, 0xff, 0xff, 0xc7,
533 0, 0, 0, 0, 0, 0} },
534 {0, 0xa, 0, F_D_OUT | FF_MEDIA_IO, resp_write_dt0, /* WRITE(6) */
535 NULL, {6, 0xff, 0xff, 0xff, 0xff, 0xc7, 0, 0, 0, 0, 0, 0, 0,
536 0, 0, 0} },
537 {0, 0xaa, 0, F_D_OUT | FF_MEDIA_IO, resp_write_dt0, /* WRITE(12) */
538 NULL, {12, 0xfb, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
539 0xbf, 0xc7, 0, 0, 0, 0} },
540};
541
542static const struct opcode_info_t verify_iarr[] = {
543 {0, 0x2f, 0, F_D_OUT_MAYBE | FF_MEDIA_IO, resp_verify,/* VERIFY(10) */
544 NULL, {10, 0xf7, 0xff, 0xff, 0xff, 0xff, 0xbf, 0xff, 0xff, 0xc7,
545 0, 0, 0, 0, 0, 0} },
546};
547
548static const struct opcode_info_t sa_in_16_iarr[] = {
549 {0, 0x9e, 0x12, F_SA_LOW | F_D_IN, resp_get_lba_status, NULL,
550 {16, 0x12, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
551 0xff, 0xff, 0xff, 0, 0xc7} }, /* GET LBA STATUS(16) */
552};
553
554static const struct opcode_info_t vl_iarr[] = { /* VARIABLE LENGTH */
555 {0, 0x7f, 0xb, F_SA_HIGH | F_D_OUT | FF_MEDIA_IO, resp_write_dt0,
556 NULL, {32, 0xc7, 0, 0, 0, 0, 0x3f, 0x18, 0x0, 0xb, 0xfa,
557 0, 0xff, 0xff, 0xff, 0xff} }, /* WRITE(32) */
558 {0, 0x7f, 0x11, F_SA_HIGH | F_D_OUT | FF_MEDIA_IO, resp_write_scat,
559 NULL, {32, 0xc7, 0, 0, 0, 0, 0x3f, 0x18, 0x0, 0x11, 0xf8,
560 0, 0xff, 0xff, 0x0, 0x0} }, /* WRITE SCATTERED(32) */
561};
562
563static const struct opcode_info_t maint_in_iarr[] = { /* MAINT IN */
564 {0, 0xa3, 0xc, F_SA_LOW | F_D_IN, resp_rsup_opcodes, NULL,
565 {12, 0xc, 0x87, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0,
566 0xc7, 0, 0, 0, 0} }, /* REPORT SUPPORTED OPERATION CODES */
567 {0, 0xa3, 0xd, F_SA_LOW | F_D_IN, resp_rsup_tmfs, NULL,
568 {12, 0xd, 0x80, 0, 0, 0, 0xff, 0xff, 0xff, 0xff, 0, 0xc7, 0, 0,
569 0, 0} }, /* REPORTED SUPPORTED TASK MANAGEMENT FUNCTIONS */
570};
571
572static const struct opcode_info_t write_same_iarr[] = {
573 {0, 0x93, 0, F_D_OUT_MAYBE | FF_MEDIA_IO, resp_write_same_16, NULL,
574 {16, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
575 0xff, 0xff, 0xff, 0x3f, 0xc7} }, /* WRITE SAME(16) */
576};
577
578static const struct opcode_info_t reserve_iarr[] = {
579 {0, 0x16, 0, F_D_OUT, NULL, NULL, /* RESERVE(6) */
580 {6, 0x1f, 0xff, 0xff, 0xff, 0xc7, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} },
581};
582
583static const struct opcode_info_t release_iarr[] = {
584 {0, 0x17, 0, F_D_OUT, NULL, NULL, /* RELEASE(6) */
585 {6, 0x1f, 0xff, 0, 0, 0xc7, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} },
586};
587
588static const struct opcode_info_t sync_cache_iarr[] = {
589 {0, 0x91, 0, F_SYNC_DELAY | F_M_ACCESS, resp_sync_cache, NULL,
590 {16, 0x6, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
591 0xff, 0xff, 0xff, 0xff, 0x3f, 0xc7} }, /* SYNC_CACHE (16) */
592};
593
594static const struct opcode_info_t pre_fetch_iarr[] = {
595 {0, 0x90, 0, F_SYNC_DELAY | FF_MEDIA_IO, resp_pre_fetch, NULL,
596 {16, 0x2, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
597 0xff, 0xff, 0xff, 0xff, 0x3f, 0xc7} }, /* PRE-FETCH (16) */
598};
599
600static const struct opcode_info_t zone_out_iarr[] = { /* ZONE OUT(16) */
601 {0, 0x94, 0x1, F_SA_LOW | F_M_ACCESS, resp_close_zone, NULL,
602 {16, 0x1, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
603 0xff, 0, 0, 0xff, 0xff, 0x1, 0xc7} }, /* CLOSE ZONE */
604 {0, 0x94, 0x2, F_SA_LOW | F_M_ACCESS, resp_finish_zone, NULL,
605 {16, 0x2, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
606 0xff, 0, 0, 0xff, 0xff, 0x1, 0xc7} }, /* FINISH ZONE */
607 {0, 0x94, 0x4, F_SA_LOW | F_M_ACCESS, resp_rwp_zone, NULL,
608 {16, 0x4, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
609 0xff, 0, 0, 0xff, 0xff, 0x1, 0xc7} }, /* RESET WRITE POINTER */
610};
611
612static const struct opcode_info_t zone_in_iarr[] = { /* ZONE IN(16) */
613 {0, 0x95, 0x6, F_SA_LOW | F_D_IN | F_M_ACCESS, NULL, NULL,
614 {16, 0x6, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
615 0xff, 0xff, 0xff, 0xff, 0x3f, 0xc7} }, /* REPORT ZONES */
616};
617
618
619/* This array is accessed via SDEB_I_* values. Make sure all are mapped,
620 * plus the terminating elements for logic that scans this table such as
621 * REPORT SUPPORTED OPERATION CODES. */
622static const struct opcode_info_t opcode_info_arr[SDEB_I_LAST_ELEM_P1 + 1] = {
623/* 0 */
624 {0, 0, 0, F_INV_OP | FF_RESPOND, NULL, NULL, /* unknown opcodes */
625 {0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} },
626 {0, 0x12, 0, FF_RESPOND | F_D_IN, resp_inquiry, NULL, /* INQUIRY */
627 {6, 0xe3, 0xff, 0xff, 0xff, 0xc7, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} },
628 {0, 0xa0, 0, FF_RESPOND | F_D_IN, resp_report_luns, NULL,
629 {12, 0xe3, 0xff, 0, 0, 0, 0xff, 0xff, 0xff, 0xff, 0, 0xc7, 0, 0,
630 0, 0} }, /* REPORT LUNS */
631 {0, 0x3, 0, FF_RESPOND | F_D_IN, resp_requests, NULL,
632 {6, 0xe1, 0, 0, 0xff, 0xc7, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} },
633 {0, 0x0, 0, F_M_ACCESS | F_RL_WLUN_OK, NULL, NULL,/* TEST UNIT READY */
634 {6, 0, 0, 0, 0, 0xc7, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} },
635/* 5 */
636 {ARRAY_SIZE(msense_iarr), 0x5a, 0, F_D_IN, /* MODE SENSE(10) */
637 resp_mode_sense, msense_iarr, {10, 0xf8, 0xff, 0xff, 0, 0, 0,
638 0xff, 0xff, 0xc7, 0, 0, 0, 0, 0, 0} },
639 {ARRAY_SIZE(mselect_iarr), 0x55, 0, F_D_OUT, /* MODE SELECT(10) */
640 resp_mode_select, mselect_iarr, {10, 0xf1, 0, 0, 0, 0, 0, 0xff,
641 0xff, 0xc7, 0, 0, 0, 0, 0, 0} },
642 {0, 0x4d, 0, F_D_IN, resp_log_sense, NULL, /* LOG SENSE */
643 {10, 0xe3, 0xff, 0xff, 0, 0xff, 0xff, 0xff, 0xff, 0xc7, 0, 0, 0,
644 0, 0, 0} },
645 {0, 0x25, 0, F_D_IN, resp_readcap, NULL, /* READ CAPACITY(10) */
646 {10, 0xe1, 0xff, 0xff, 0xff, 0xff, 0, 0, 0x1, 0xc7, 0, 0, 0, 0,
647 0, 0} },
648 {ARRAY_SIZE(read_iarr), 0x88, 0, F_D_IN | FF_MEDIA_IO, /* READ(16) */
649 resp_read_dt0, read_iarr, {16, 0xfe, 0xff, 0xff, 0xff, 0xff,
650 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xc7} },
651/* 10 */
652 {ARRAY_SIZE(write_iarr), 0x8a, 0, F_D_OUT | FF_MEDIA_IO,
653 resp_write_dt0, write_iarr, /* WRITE(16) */
654 {16, 0xfa, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
655 0xff, 0xff, 0xff, 0xff, 0xff, 0xc7} },
656 {0, 0x1b, 0, F_SSU_DELAY, resp_start_stop, NULL,/* START STOP UNIT */
657 {6, 0x1, 0, 0xf, 0xf7, 0xc7, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} },
658 {ARRAY_SIZE(sa_in_16_iarr), 0x9e, 0x10, F_SA_LOW | F_D_IN,
659 resp_readcap16, sa_in_16_iarr, /* SA_IN(16), READ CAPACITY(16) */
660 {16, 0x10, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
661 0xff, 0xff, 0xff, 0xff, 0x1, 0xc7} },
662 {0, 0x9f, 0x12, F_SA_LOW | F_D_OUT | FF_MEDIA_IO, resp_write_scat,
663 NULL, {16, 0x12, 0xf9, 0x0, 0xff, 0xff, 0, 0, 0xff, 0xff, 0xff,
664 0xff, 0xff, 0xff, 0xff, 0xc7} }, /* SA_OUT(16), WRITE SCAT(16) */
665 {ARRAY_SIZE(maint_in_iarr), 0xa3, 0xa, F_SA_LOW | F_D_IN,
666 resp_report_tgtpgs, /* MAINT IN, REPORT TARGET PORT GROUPS */
667 maint_in_iarr, {12, 0xea, 0, 0, 0, 0, 0xff, 0xff, 0xff,
668 0xff, 0, 0xc7, 0, 0, 0, 0} },
669/* 15 */
670 {0, 0, 0, F_INV_OP | FF_RESPOND, NULL, NULL, /* MAINT OUT */
671 {0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} },
672 {ARRAY_SIZE(verify_iarr), 0x8f, 0,
673 F_D_OUT_MAYBE | FF_MEDIA_IO, resp_verify, /* VERIFY(16) */
674 verify_iarr, {16, 0xf6, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
675 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0x3f, 0xc7} },
676 {ARRAY_SIZE(vl_iarr), 0x7f, 0x9, F_SA_HIGH | F_D_IN | FF_MEDIA_IO,
677 resp_read_dt0, vl_iarr, /* VARIABLE LENGTH, READ(32) */
678 {32, 0xc7, 0, 0, 0, 0, 0x3f, 0x18, 0x0, 0x9, 0xfe, 0, 0xff, 0xff,
679 0xff, 0xff} },
680 {ARRAY_SIZE(reserve_iarr), 0x56, 0, F_D_OUT,
681 NULL, reserve_iarr, /* RESERVE(10) <no response function> */
682 {10, 0xff, 0xff, 0xff, 0, 0, 0, 0xff, 0xff, 0xc7, 0, 0, 0, 0, 0,
683 0} },
684 {ARRAY_SIZE(release_iarr), 0x57, 0, F_D_OUT,
685 NULL, release_iarr, /* RELEASE(10) <no response function> */
686 {10, 0x13, 0xff, 0xff, 0, 0, 0, 0xff, 0xff, 0xc7, 0, 0, 0, 0, 0,
687 0} },
688/* 20 */
689 {0, 0x1e, 0, 0, NULL, NULL, /* ALLOW REMOVAL */
690 {6, 0, 0, 0, 0x3, 0xc7, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} },
691 {0, 0x1, 0, 0, resp_start_stop, NULL, /* REWIND ?? */
692 {6, 0x1, 0, 0, 0, 0xc7, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} },
693 {0, 0, 0, F_INV_OP | FF_RESPOND, NULL, NULL, /* ATA_PT */
694 {0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} },
695 {0, 0x1d, F_D_OUT, 0, NULL, NULL, /* SEND DIAGNOSTIC */
696 {6, 0xf7, 0, 0xff, 0xff, 0xc7, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} },
697 {0, 0x42, 0, F_D_OUT | FF_MEDIA_IO, resp_unmap, NULL, /* UNMAP */
698 {10, 0x1, 0, 0, 0, 0, 0x3f, 0xff, 0xff, 0xc7, 0, 0, 0, 0, 0, 0} },
699/* 25 */
700 {0, 0x3b, 0, F_D_OUT_MAYBE, resp_write_buffer, NULL,
701 {10, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xc7, 0, 0,
702 0, 0, 0, 0} }, /* WRITE_BUFFER */
703 {ARRAY_SIZE(write_same_iarr), 0x41, 0, F_D_OUT_MAYBE | FF_MEDIA_IO,
704 resp_write_same_10, write_same_iarr, /* WRITE SAME(10) */
705 {10, 0xff, 0xff, 0xff, 0xff, 0xff, 0x3f, 0xff, 0xff, 0xc7, 0,
706 0, 0, 0, 0, 0} },
707 {ARRAY_SIZE(sync_cache_iarr), 0x35, 0, F_SYNC_DELAY | F_M_ACCESS,
708 resp_sync_cache, sync_cache_iarr,
709 {10, 0x7, 0xff, 0xff, 0xff, 0xff, 0x3f, 0xff, 0xff, 0xc7, 0, 0,
710 0, 0, 0, 0} }, /* SYNC_CACHE (10) */
711 {0, 0x89, 0, F_D_OUT | FF_MEDIA_IO, resp_comp_write, NULL,
712 {16, 0xf8, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0, 0,
713 0, 0xff, 0x3f, 0xc7} }, /* COMPARE AND WRITE */
714 {ARRAY_SIZE(pre_fetch_iarr), 0x34, 0, F_SYNC_DELAY | FF_MEDIA_IO,
715 resp_pre_fetch, pre_fetch_iarr,
716 {10, 0x2, 0xff, 0xff, 0xff, 0xff, 0x3f, 0xff, 0xff, 0xc7, 0, 0,
717 0, 0, 0, 0} }, /* PRE-FETCH (10) */
718
719/* 30 */
720 {ARRAY_SIZE(zone_out_iarr), 0x94, 0x3, F_SA_LOW | F_M_ACCESS,
721 resp_open_zone, zone_out_iarr, /* ZONE_OUT(16), OPEN ZONE) */
722 {16, 0x3 /* SA */, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
723 0xff, 0xff, 0x0, 0x0, 0xff, 0xff, 0x1, 0xc7} },
724 {ARRAY_SIZE(zone_in_iarr), 0x95, 0x0, F_SA_LOW | F_M_ACCESS,
725 resp_report_zones, zone_in_iarr, /* ZONE_IN(16), REPORT ZONES) */
726 {16, 0x0 /* SA */, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
727 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xbf, 0xc7} },
728/* sentinel */
729 {0xff, 0, 0, 0, NULL, NULL, /* terminating element */
730 {0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} },
731};
732
733static int sdebug_num_hosts;
734static int sdebug_add_host = DEF_NUM_HOST; /* in sysfs this is relative */
735static int sdebug_ato = DEF_ATO;
736static int sdebug_cdb_len = DEF_CDB_LEN;
737static int sdebug_jdelay = DEF_JDELAY; /* if > 0 then unit is jiffies */
738static int sdebug_dev_size_mb = DEF_DEV_SIZE_PRE_INIT;
739static int sdebug_dif = DEF_DIF;
740static int sdebug_dix = DEF_DIX;
741static int sdebug_dsense = DEF_D_SENSE;
742static int sdebug_every_nth = DEF_EVERY_NTH;
743static int sdebug_fake_rw = DEF_FAKE_RW;
744static unsigned int sdebug_guard = DEF_GUARD;
745static int sdebug_host_max_queue; /* per host */
746static int sdebug_lowest_aligned = DEF_LOWEST_ALIGNED;
747static int sdebug_max_luns = DEF_MAX_LUNS;
748static int sdebug_max_queue = SDEBUG_CANQUEUE; /* per submit queue */
749static unsigned int sdebug_medium_error_start = OPT_MEDIUM_ERR_ADDR;
750static int sdebug_medium_error_count = OPT_MEDIUM_ERR_NUM;
751static atomic_t retired_max_queue; /* if > 0 then was prior max_queue */
752static int sdebug_ndelay = DEF_NDELAY; /* if > 0 then unit is nanoseconds */
753static int sdebug_no_lun_0 = DEF_NO_LUN_0;
754static int sdebug_no_uld;
755static int sdebug_num_parts = DEF_NUM_PARTS;
756static int sdebug_num_tgts = DEF_NUM_TGTS; /* targets per host */
757static int sdebug_opt_blks = DEF_OPT_BLKS;
758static int sdebug_opts = DEF_OPTS;
759static int sdebug_physblk_exp = DEF_PHYSBLK_EXP;
760static int sdebug_opt_xferlen_exp = DEF_OPT_XFERLEN_EXP;
761static int sdebug_ptype = DEF_PTYPE; /* SCSI peripheral device type */
762static int sdebug_scsi_level = DEF_SCSI_LEVEL;
763static int sdebug_sector_size = DEF_SECTOR_SIZE;
764static int sdeb_tur_ms_to_ready = DEF_TUR_MS_TO_READY;
765static int sdebug_virtual_gb = DEF_VIRTUAL_GB;
766static int sdebug_vpd_use_hostno = DEF_VPD_USE_HOSTNO;
767static unsigned int sdebug_lbpu = DEF_LBPU;
768static unsigned int sdebug_lbpws = DEF_LBPWS;
769static unsigned int sdebug_lbpws10 = DEF_LBPWS10;
770static unsigned int sdebug_lbprz = DEF_LBPRZ;
771static unsigned int sdebug_unmap_alignment = DEF_UNMAP_ALIGNMENT;
772static unsigned int sdebug_unmap_granularity = DEF_UNMAP_GRANULARITY;
773static unsigned int sdebug_unmap_max_blocks = DEF_UNMAP_MAX_BLOCKS;
774static unsigned int sdebug_unmap_max_desc = DEF_UNMAP_MAX_DESC;
775static unsigned int sdebug_write_same_length = DEF_WRITESAME_LENGTH;
776static int sdebug_uuid_ctl = DEF_UUID_CTL;
777static bool sdebug_random = DEF_RANDOM;
778static bool sdebug_per_host_store = DEF_PER_HOST_STORE;
779static bool sdebug_removable = DEF_REMOVABLE;
780static bool sdebug_clustering;
781static bool sdebug_host_lock = DEF_HOST_LOCK;
782static bool sdebug_strict = DEF_STRICT;
783static bool sdebug_any_injecting_opt;
784static bool sdebug_verbose;
785static bool have_dif_prot;
786static bool write_since_sync;
787static bool sdebug_statistics = DEF_STATISTICS;
788static bool sdebug_wp;
789/* Following enum: 0: no zbc, def; 1: host aware; 2: host managed */
790static enum blk_zoned_model sdeb_zbc_model = BLK_ZONED_NONE;
791static char *sdeb_zbc_model_s;
792
793enum sam_lun_addr_method {SAM_LUN_AM_PERIPHERAL = 0x0,
794 SAM_LUN_AM_FLAT = 0x1,
795 SAM_LUN_AM_LOGICAL_UNIT = 0x2,
796 SAM_LUN_AM_EXTENDED = 0x3};
797static enum sam_lun_addr_method sdebug_lun_am = SAM_LUN_AM_PERIPHERAL;
798static int sdebug_lun_am_i = (int)SAM_LUN_AM_PERIPHERAL;
799
800static unsigned int sdebug_store_sectors;
801static sector_t sdebug_capacity; /* in sectors */
802
803/* old BIOS stuff, kernel may get rid of them but some mode sense pages
804 may still need them */
805static int sdebug_heads; /* heads per disk */
806static int sdebug_cylinders_per; /* cylinders per surface */
807static int sdebug_sectors_per; /* sectors per cylinder */
808
809static LIST_HEAD(sdebug_host_list);
810static DEFINE_SPINLOCK(sdebug_host_list_lock);
811
812static struct xarray per_store_arr;
813static struct xarray *per_store_ap = &per_store_arr;
814static int sdeb_first_idx = -1; /* invalid index ==> none created */
815static int sdeb_most_recent_idx = -1;
816static DEFINE_RWLOCK(sdeb_fake_rw_lck); /* need a RW lock when fake_rw=1 */
817
818static unsigned long map_size;
819static int num_aborts;
820static int num_dev_resets;
821static int num_target_resets;
822static int num_bus_resets;
823static int num_host_resets;
824static int dix_writes;
825static int dix_reads;
826static int dif_errors;
827
828/* ZBC global data */
829static bool sdeb_zbc_in_use; /* true for host-aware and host-managed disks */
830static int sdeb_zbc_zone_size_mb;
831static int sdeb_zbc_max_open = DEF_ZBC_MAX_OPEN_ZONES;
832static int sdeb_zbc_nr_conv = DEF_ZBC_NR_CONV_ZONES;
833
834static int submit_queues = DEF_SUBMIT_QUEUES; /* > 1 for multi-queue (mq) */
835static int poll_queues; /* iouring iopoll interface.*/
836static struct sdebug_queue *sdebug_q_arr; /* ptr to array of submit queues */
837
838static DEFINE_RWLOCK(atomic_rw);
839static DEFINE_RWLOCK(atomic_rw2);
840
841static rwlock_t *ramdisk_lck_a[2];
842
843static char sdebug_proc_name[] = MY_NAME;
844static const char *my_name = MY_NAME;
845
846static struct bus_type pseudo_lld_bus;
847
848static struct device_driver sdebug_driverfs_driver = {
849 .name = sdebug_proc_name,
850 .bus = &pseudo_lld_bus,
851};
852
853static const int check_condition_result =
854 SAM_STAT_CHECK_CONDITION;
855
856static const int illegal_condition_result =
857 (DID_ABORT << 16) | SAM_STAT_CHECK_CONDITION;
858
859static const int device_qfull_result =
860 (DID_OK << 16) | SAM_STAT_TASK_SET_FULL;
861
862static const int condition_met_result = SAM_STAT_CONDITION_MET;
863
864
865/* Only do the extra work involved in logical block provisioning if one or
866 * more of the lbpu, lbpws or lbpws10 parameters are given and we are doing
867 * real reads and writes (i.e. not skipping them for speed).
868 */
869static inline bool scsi_debug_lbp(void)
870{
871 return 0 == sdebug_fake_rw &&
872 (sdebug_lbpu || sdebug_lbpws || sdebug_lbpws10);
873}
874
875static void *lba2fake_store(struct sdeb_store_info *sip,
876 unsigned long long lba)
877{
878 struct sdeb_store_info *lsip = sip;
879
880 lba = do_div(lba, sdebug_store_sectors);
881 if (!sip || !sip->storep) {
882 WARN_ON_ONCE(true);
883 lsip = xa_load(per_store_ap, 0); /* should never be NULL */
884 }
885 return lsip->storep + lba * sdebug_sector_size;
886}
887
888static struct t10_pi_tuple *dif_store(struct sdeb_store_info *sip,
889 sector_t sector)
890{
891 sector = sector_div(sector, sdebug_store_sectors);
892
893 return sip->dif_storep + sector;
894}
895
896static void sdebug_max_tgts_luns(void)
897{
898 struct sdebug_host_info *sdbg_host;
899 struct Scsi_Host *hpnt;
900
901 spin_lock(&sdebug_host_list_lock);
902 list_for_each_entry(sdbg_host, &sdebug_host_list, host_list) {
903 hpnt = sdbg_host->shost;
904 if ((hpnt->this_id >= 0) &&
905 (sdebug_num_tgts > hpnt->this_id))
906 hpnt->max_id = sdebug_num_tgts + 1;
907 else
908 hpnt->max_id = sdebug_num_tgts;
909 /* sdebug_max_luns; */
910 hpnt->max_lun = SCSI_W_LUN_REPORT_LUNS + 1;
911 }
912 spin_unlock(&sdebug_host_list_lock);
913}
914
915enum sdeb_cmd_data {SDEB_IN_DATA = 0, SDEB_IN_CDB = 1};
916
917/* Set in_bit to -1 to indicate no bit position of invalid field */
918static void mk_sense_invalid_fld(struct scsi_cmnd *scp,
919 enum sdeb_cmd_data c_d,
920 int in_byte, int in_bit)
921{
922 unsigned char *sbuff;
923 u8 sks[4];
924 int sl, asc;
925
926 sbuff = scp->sense_buffer;
927 if (!sbuff) {
928 sdev_printk(KERN_ERR, scp->device,
929 "%s: sense_buffer is NULL\n", __func__);
930 return;
931 }
932 asc = c_d ? INVALID_FIELD_IN_CDB : INVALID_FIELD_IN_PARAM_LIST;
933 memset(sbuff, 0, SCSI_SENSE_BUFFERSIZE);
934 scsi_build_sense(scp, sdebug_dsense, ILLEGAL_REQUEST, asc, 0);
935 memset(sks, 0, sizeof(sks));
936 sks[0] = 0x80;
937 if (c_d)
938 sks[0] |= 0x40;
939 if (in_bit >= 0) {
940 sks[0] |= 0x8;
941 sks[0] |= 0x7 & in_bit;
942 }
943 put_unaligned_be16(in_byte, sks + 1);
944 if (sdebug_dsense) {
945 sl = sbuff[7] + 8;
946 sbuff[7] = sl;
947 sbuff[sl] = 0x2;
948 sbuff[sl + 1] = 0x6;
949 memcpy(sbuff + sl + 4, sks, 3);
950 } else
951 memcpy(sbuff + 15, sks, 3);
952 if (sdebug_verbose)
953 sdev_printk(KERN_INFO, scp->device, "%s: [sense_key,asc,ascq"
954 "]: [0x5,0x%x,0x0] %c byte=%d, bit=%d\n",
955 my_name, asc, c_d ? 'C' : 'D', in_byte, in_bit);
956}
957
958static void mk_sense_buffer(struct scsi_cmnd *scp, int key, int asc, int asq)
959{
960 if (!scp->sense_buffer) {
961 sdev_printk(KERN_ERR, scp->device,
962 "%s: sense_buffer is NULL\n", __func__);
963 return;
964 }
965 memset(scp->sense_buffer, 0, SCSI_SENSE_BUFFERSIZE);
966
967 scsi_build_sense(scp, sdebug_dsense, key, asc, asq);
968
969 if (sdebug_verbose)
970 sdev_printk(KERN_INFO, scp->device,
971 "%s: [sense_key,asc,ascq]: [0x%x,0x%x,0x%x]\n",
972 my_name, key, asc, asq);
973}
974
975static void mk_sense_invalid_opcode(struct scsi_cmnd *scp)
976{
977 mk_sense_buffer(scp, ILLEGAL_REQUEST, INVALID_OPCODE, 0);
978}
979
980static int scsi_debug_ioctl(struct scsi_device *dev, unsigned int cmd,
981 void __user *arg)
982{
983 if (sdebug_verbose) {
984 if (0x1261 == cmd)
985 sdev_printk(KERN_INFO, dev,
986 "%s: BLKFLSBUF [0x1261]\n", __func__);
987 else if (0x5331 == cmd)
988 sdev_printk(KERN_INFO, dev,
989 "%s: CDROM_GET_CAPABILITY [0x5331]\n",
990 __func__);
991 else
992 sdev_printk(KERN_INFO, dev, "%s: cmd=0x%x\n",
993 __func__, cmd);
994 }
995 return -EINVAL;
996 /* return -ENOTTY; // correct return but upsets fdisk */
997}
998
999static void config_cdb_len(struct scsi_device *sdev)
1000{
1001 switch (sdebug_cdb_len) {
1002 case 6: /* suggest 6 byte READ, WRITE and MODE SENSE/SELECT */
1003 sdev->use_10_for_rw = false;
1004 sdev->use_16_for_rw = false;
1005 sdev->use_10_for_ms = false;
1006 break;
1007 case 10: /* suggest 10 byte RWs and 6 byte MODE SENSE/SELECT */
1008 sdev->use_10_for_rw = true;
1009 sdev->use_16_for_rw = false;
1010 sdev->use_10_for_ms = false;
1011 break;
1012 case 12: /* suggest 10 byte RWs and 10 byte MODE SENSE/SELECT */
1013 sdev->use_10_for_rw = true;
1014 sdev->use_16_for_rw = false;
1015 sdev->use_10_for_ms = true;
1016 break;
1017 case 16:
1018 sdev->use_10_for_rw = false;
1019 sdev->use_16_for_rw = true;
1020 sdev->use_10_for_ms = true;
1021 break;
1022 case 32: /* No knobs to suggest this so same as 16 for now */
1023 sdev->use_10_for_rw = false;
1024 sdev->use_16_for_rw = true;
1025 sdev->use_10_for_ms = true;
1026 break;
1027 default:
1028 pr_warn("unexpected cdb_len=%d, force to 10\n",
1029 sdebug_cdb_len);
1030 sdev->use_10_for_rw = true;
1031 sdev->use_16_for_rw = false;
1032 sdev->use_10_for_ms = false;
1033 sdebug_cdb_len = 10;
1034 break;
1035 }
1036}
1037
1038static void all_config_cdb_len(void)
1039{
1040 struct sdebug_host_info *sdbg_host;
1041 struct Scsi_Host *shost;
1042 struct scsi_device *sdev;
1043
1044 spin_lock(&sdebug_host_list_lock);
1045 list_for_each_entry(sdbg_host, &sdebug_host_list, host_list) {
1046 shost = sdbg_host->shost;
1047 shost_for_each_device(sdev, shost) {
1048 config_cdb_len(sdev);
1049 }
1050 }
1051 spin_unlock(&sdebug_host_list_lock);
1052}
1053
1054static void clear_luns_changed_on_target(struct sdebug_dev_info *devip)
1055{
1056 struct sdebug_host_info *sdhp;
1057 struct sdebug_dev_info *dp;
1058
1059 spin_lock(&sdebug_host_list_lock);
1060 list_for_each_entry(sdhp, &sdebug_host_list, host_list) {
1061 list_for_each_entry(dp, &sdhp->dev_info_list, dev_list) {
1062 if ((devip->sdbg_host == dp->sdbg_host) &&
1063 (devip->target == dp->target))
1064 clear_bit(SDEBUG_UA_LUNS_CHANGED, dp->uas_bm);
1065 }
1066 }
1067 spin_unlock(&sdebug_host_list_lock);
1068}
1069
1070static int make_ua(struct scsi_cmnd *scp, struct sdebug_dev_info *devip)
1071{
1072 int k;
1073
1074 k = find_first_bit(devip->uas_bm, SDEBUG_NUM_UAS);
1075 if (k != SDEBUG_NUM_UAS) {
1076 const char *cp = NULL;
1077
1078 switch (k) {
1079 case SDEBUG_UA_POR:
1080 mk_sense_buffer(scp, UNIT_ATTENTION, UA_RESET_ASC,
1081 POWER_ON_RESET_ASCQ);
1082 if (sdebug_verbose)
1083 cp = "power on reset";
1084 break;
1085 case SDEBUG_UA_BUS_RESET:
1086 mk_sense_buffer(scp, UNIT_ATTENTION, UA_RESET_ASC,
1087 BUS_RESET_ASCQ);
1088 if (sdebug_verbose)
1089 cp = "bus reset";
1090 break;
1091 case SDEBUG_UA_MODE_CHANGED:
1092 mk_sense_buffer(scp, UNIT_ATTENTION, UA_CHANGED_ASC,
1093 MODE_CHANGED_ASCQ);
1094 if (sdebug_verbose)
1095 cp = "mode parameters changed";
1096 break;
1097 case SDEBUG_UA_CAPACITY_CHANGED:
1098 mk_sense_buffer(scp, UNIT_ATTENTION, UA_CHANGED_ASC,
1099 CAPACITY_CHANGED_ASCQ);
1100 if (sdebug_verbose)
1101 cp = "capacity data changed";
1102 break;
1103 case SDEBUG_UA_MICROCODE_CHANGED:
1104 mk_sense_buffer(scp, UNIT_ATTENTION,
1105 TARGET_CHANGED_ASC,
1106 MICROCODE_CHANGED_ASCQ);
1107 if (sdebug_verbose)
1108 cp = "microcode has been changed";
1109 break;
1110 case SDEBUG_UA_MICROCODE_CHANGED_WO_RESET:
1111 mk_sense_buffer(scp, UNIT_ATTENTION,
1112 TARGET_CHANGED_ASC,
1113 MICROCODE_CHANGED_WO_RESET_ASCQ);
1114 if (sdebug_verbose)
1115 cp = "microcode has been changed without reset";
1116 break;
1117 case SDEBUG_UA_LUNS_CHANGED:
1118 /*
1119 * SPC-3 behavior is to report a UNIT ATTENTION with
1120 * ASC/ASCQ REPORTED LUNS DATA HAS CHANGED on every LUN
1121 * on the target, until a REPORT LUNS command is
1122 * received. SPC-4 behavior is to report it only once.
1123 * NOTE: sdebug_scsi_level does not use the same
1124 * values as struct scsi_device->scsi_level.
1125 */
1126 if (sdebug_scsi_level >= 6) /* SPC-4 and above */
1127 clear_luns_changed_on_target(devip);
1128 mk_sense_buffer(scp, UNIT_ATTENTION,
1129 TARGET_CHANGED_ASC,
1130 LUNS_CHANGED_ASCQ);
1131 if (sdebug_verbose)
1132 cp = "reported luns data has changed";
1133 break;
1134 default:
1135 pr_warn("unexpected unit attention code=%d\n", k);
1136 if (sdebug_verbose)
1137 cp = "unknown";
1138 break;
1139 }
1140 clear_bit(k, devip->uas_bm);
1141 if (sdebug_verbose)
1142 sdev_printk(KERN_INFO, scp->device,
1143 "%s reports: Unit attention: %s\n",
1144 my_name, cp);
1145 return check_condition_result;
1146 }
1147 return 0;
1148}
1149
1150/* Build SCSI "data-in" buffer. Returns 0 if ok else (DID_ERROR << 16). */
1151static int fill_from_dev_buffer(struct scsi_cmnd *scp, unsigned char *arr,
1152 int arr_len)
1153{
1154 int act_len;
1155 struct scsi_data_buffer *sdb = &scp->sdb;
1156
1157 if (!sdb->length)
1158 return 0;
1159 if (scp->sc_data_direction != DMA_FROM_DEVICE)
1160 return DID_ERROR << 16;
1161
1162 act_len = sg_copy_from_buffer(sdb->table.sgl, sdb->table.nents,
1163 arr, arr_len);
1164 scsi_set_resid(scp, scsi_bufflen(scp) - act_len);
1165
1166 return 0;
1167}
1168
1169/* Partial build of SCSI "data-in" buffer. Returns 0 if ok else
1170 * (DID_ERROR << 16). Can write to offset in data-in buffer. If multiple
1171 * calls, not required to write in ascending offset order. Assumes resid
1172 * set to scsi_bufflen() prior to any calls.
1173 */
1174static int p_fill_from_dev_buffer(struct scsi_cmnd *scp, const void *arr,
1175 int arr_len, unsigned int off_dst)
1176{
1177 unsigned int act_len, n;
1178 struct scsi_data_buffer *sdb = &scp->sdb;
1179 off_t skip = off_dst;
1180
1181 if (sdb->length <= off_dst)
1182 return 0;
1183 if (scp->sc_data_direction != DMA_FROM_DEVICE)
1184 return DID_ERROR << 16;
1185
1186 act_len = sg_pcopy_from_buffer(sdb->table.sgl, sdb->table.nents,
1187 arr, arr_len, skip);
1188 pr_debug("%s: off_dst=%u, scsi_bufflen=%u, act_len=%u, resid=%d\n",
1189 __func__, off_dst, scsi_bufflen(scp), act_len,
1190 scsi_get_resid(scp));
1191 n = scsi_bufflen(scp) - (off_dst + act_len);
1192 scsi_set_resid(scp, min_t(int, scsi_get_resid(scp), n));
1193 return 0;
1194}
1195
1196/* Fetches from SCSI "data-out" buffer. Returns number of bytes fetched into
1197 * 'arr' or -1 if error.
1198 */
1199static int fetch_to_dev_buffer(struct scsi_cmnd *scp, unsigned char *arr,
1200 int arr_len)
1201{
1202 if (!scsi_bufflen(scp))
1203 return 0;
1204 if (scp->sc_data_direction != DMA_TO_DEVICE)
1205 return -1;
1206
1207 return scsi_sg_copy_to_buffer(scp, arr, arr_len);
1208}
1209
1210
1211static char sdebug_inq_vendor_id[9] = "Linux ";
1212static char sdebug_inq_product_id[17] = "scsi_debug ";
1213static char sdebug_inq_product_rev[5] = SDEBUG_VERSION;
1214/* Use some locally assigned NAAs for SAS addresses. */
1215static const u64 naa3_comp_a = 0x3222222000000000ULL;
1216static const u64 naa3_comp_b = 0x3333333000000000ULL;
1217static const u64 naa3_comp_c = 0x3111111000000000ULL;
1218
1219/* Device identification VPD page. Returns number of bytes placed in arr */
1220static int inquiry_vpd_83(unsigned char *arr, int port_group_id,
1221 int target_dev_id, int dev_id_num,
1222 const char *dev_id_str, int dev_id_str_len,
1223 const uuid_t *lu_name)
1224{
1225 int num, port_a;
1226 char b[32];
1227
1228 port_a = target_dev_id + 1;
1229 /* T10 vendor identifier field format (faked) */
1230 arr[0] = 0x2; /* ASCII */
1231 arr[1] = 0x1;
1232 arr[2] = 0x0;
1233 memcpy(&arr[4], sdebug_inq_vendor_id, 8);
1234 memcpy(&arr[12], sdebug_inq_product_id, 16);
1235 memcpy(&arr[28], dev_id_str, dev_id_str_len);
1236 num = 8 + 16 + dev_id_str_len;
1237 arr[3] = num;
1238 num += 4;
1239 if (dev_id_num >= 0) {
1240 if (sdebug_uuid_ctl) {
1241 /* Locally assigned UUID */
1242 arr[num++] = 0x1; /* binary (not necessarily sas) */
1243 arr[num++] = 0xa; /* PIV=0, lu, naa */
1244 arr[num++] = 0x0;
1245 arr[num++] = 0x12;
1246 arr[num++] = 0x10; /* uuid type=1, locally assigned */
1247 arr[num++] = 0x0;
1248 memcpy(arr + num, lu_name, 16);
1249 num += 16;
1250 } else {
1251 /* NAA-3, Logical unit identifier (binary) */
1252 arr[num++] = 0x1; /* binary (not necessarily sas) */
1253 arr[num++] = 0x3; /* PIV=0, lu, naa */
1254 arr[num++] = 0x0;
1255 arr[num++] = 0x8;
1256 put_unaligned_be64(naa3_comp_b + dev_id_num, arr + num);
1257 num += 8;
1258 }
1259 /* Target relative port number */
1260 arr[num++] = 0x61; /* proto=sas, binary */
1261 arr[num++] = 0x94; /* PIV=1, target port, rel port */
1262 arr[num++] = 0x0; /* reserved */
1263 arr[num++] = 0x4; /* length */
1264 arr[num++] = 0x0; /* reserved */
1265 arr[num++] = 0x0; /* reserved */
1266 arr[num++] = 0x0;
1267 arr[num++] = 0x1; /* relative port A */
1268 }
1269 /* NAA-3, Target port identifier */
1270 arr[num++] = 0x61; /* proto=sas, binary */
1271 arr[num++] = 0x93; /* piv=1, target port, naa */
1272 arr[num++] = 0x0;
1273 arr[num++] = 0x8;
1274 put_unaligned_be64(naa3_comp_a + port_a, arr + num);
1275 num += 8;
1276 /* NAA-3, Target port group identifier */
1277 arr[num++] = 0x61; /* proto=sas, binary */
1278 arr[num++] = 0x95; /* piv=1, target port group id */
1279 arr[num++] = 0x0;
1280 arr[num++] = 0x4;
1281 arr[num++] = 0;
1282 arr[num++] = 0;
1283 put_unaligned_be16(port_group_id, arr + num);
1284 num += 2;
1285 /* NAA-3, Target device identifier */
1286 arr[num++] = 0x61; /* proto=sas, binary */
1287 arr[num++] = 0xa3; /* piv=1, target device, naa */
1288 arr[num++] = 0x0;
1289 arr[num++] = 0x8;
1290 put_unaligned_be64(naa3_comp_a + target_dev_id, arr + num);
1291 num += 8;
1292 /* SCSI name string: Target device identifier */
1293 arr[num++] = 0x63; /* proto=sas, UTF-8 */
1294 arr[num++] = 0xa8; /* piv=1, target device, SCSI name string */
1295 arr[num++] = 0x0;
1296 arr[num++] = 24;
1297 memcpy(arr + num, "naa.32222220", 12);
1298 num += 12;
1299 snprintf(b, sizeof(b), "%08X", target_dev_id);
1300 memcpy(arr + num, b, 8);
1301 num += 8;
1302 memset(arr + num, 0, 4);
1303 num += 4;
1304 return num;
1305}
1306
1307static unsigned char vpd84_data[] = {
1308/* from 4th byte */ 0x22,0x22,0x22,0x0,0xbb,0x0,
1309 0x22,0x22,0x22,0x0,0xbb,0x1,
1310 0x22,0x22,0x22,0x0,0xbb,0x2,
1311};
1312
1313/* Software interface identification VPD page */
1314static int inquiry_vpd_84(unsigned char *arr)
1315{
1316 memcpy(arr, vpd84_data, sizeof(vpd84_data));
1317 return sizeof(vpd84_data);
1318}
1319
1320/* Management network addresses VPD page */
1321static int inquiry_vpd_85(unsigned char *arr)
1322{
1323 int num = 0;
1324 const char *na1 = "https://www.kernel.org/config";
1325 const char *na2 = "http://www.kernel.org/log";
1326 int plen, olen;
1327
1328 arr[num++] = 0x1; /* lu, storage config */
1329 arr[num++] = 0x0; /* reserved */
1330 arr[num++] = 0x0;
1331 olen = strlen(na1);
1332 plen = olen + 1;
1333 if (plen % 4)
1334 plen = ((plen / 4) + 1) * 4;
1335 arr[num++] = plen; /* length, null termianted, padded */
1336 memcpy(arr + num, na1, olen);
1337 memset(arr + num + olen, 0, plen - olen);
1338 num += plen;
1339
1340 arr[num++] = 0x4; /* lu, logging */
1341 arr[num++] = 0x0; /* reserved */
1342 arr[num++] = 0x0;
1343 olen = strlen(na2);
1344 plen = olen + 1;
1345 if (plen % 4)
1346 plen = ((plen / 4) + 1) * 4;
1347 arr[num++] = plen; /* length, null terminated, padded */
1348 memcpy(arr + num, na2, olen);
1349 memset(arr + num + olen, 0, plen - olen);
1350 num += plen;
1351
1352 return num;
1353}
1354
1355/* SCSI ports VPD page */
1356static int inquiry_vpd_88(unsigned char *arr, int target_dev_id)
1357{
1358 int num = 0;
1359 int port_a, port_b;
1360
1361 port_a = target_dev_id + 1;
1362 port_b = port_a + 1;
1363 arr[num++] = 0x0; /* reserved */
1364 arr[num++] = 0x0; /* reserved */
1365 arr[num++] = 0x0;
1366 arr[num++] = 0x1; /* relative port 1 (primary) */
1367 memset(arr + num, 0, 6);
1368 num += 6;
1369 arr[num++] = 0x0;
1370 arr[num++] = 12; /* length tp descriptor */
1371 /* naa-5 target port identifier (A) */
1372 arr[num++] = 0x61; /* proto=sas, binary */
1373 arr[num++] = 0x93; /* PIV=1, target port, NAA */
1374 arr[num++] = 0x0; /* reserved */
1375 arr[num++] = 0x8; /* length */
1376 put_unaligned_be64(naa3_comp_a + port_a, arr + num);
1377 num += 8;
1378 arr[num++] = 0x0; /* reserved */
1379 arr[num++] = 0x0; /* reserved */
1380 arr[num++] = 0x0;
1381 arr[num++] = 0x2; /* relative port 2 (secondary) */
1382 memset(arr + num, 0, 6);
1383 num += 6;
1384 arr[num++] = 0x0;
1385 arr[num++] = 12; /* length tp descriptor */
1386 /* naa-5 target port identifier (B) */
1387 arr[num++] = 0x61; /* proto=sas, binary */
1388 arr[num++] = 0x93; /* PIV=1, target port, NAA */
1389 arr[num++] = 0x0; /* reserved */
1390 arr[num++] = 0x8; /* length */
1391 put_unaligned_be64(naa3_comp_a + port_b, arr + num);
1392 num += 8;
1393
1394 return num;
1395}
1396
1397
1398static unsigned char vpd89_data[] = {
1399/* from 4th byte */ 0,0,0,0,
1400'l','i','n','u','x',' ',' ',' ',
1401'S','A','T',' ','s','c','s','i','_','d','e','b','u','g',' ',' ',
1402'1','2','3','4',
14030x34,0,0,0,1,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,
14040xec,0,0,0,
14050x5a,0xc,0xff,0x3f,0x37,0xc8,0x10,0,0,0,0,0,0x3f,0,0,0,
14060,0,0,0,0x58,0x58,0x58,0x58,0x58,0x58,0x58,0x58,0x20,0x20,0x20,0x20,
14070x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,0,0,0,0x40,0x4,0,0x2e,0x33,
14080x38,0x31,0x20,0x20,0x20,0x20,0x54,0x53,0x38,0x33,0x30,0x30,0x33,0x31,
14090x53,0x41,
14100x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,
14110x20,0x20,
14120x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,
14130x10,0x80,
14140,0,0,0x2f,0,0,0,0x2,0,0x2,0x7,0,0xff,0xff,0x1,0,
14150x3f,0,0xc1,0xff,0x3e,0,0x10,0x1,0xb0,0xf8,0x50,0x9,0,0,0x7,0,
14160x3,0,0x78,0,0x78,0,0xf0,0,0x78,0,0,0,0,0,0,0,
14170,0,0,0,0,0,0,0,0x2,0,0,0,0,0,0,0,
14180x7e,0,0x1b,0,0x6b,0x34,0x1,0x7d,0x3,0x40,0x69,0x34,0x1,0x3c,0x3,0x40,
14190x7f,0x40,0,0,0,0,0xfe,0xfe,0,0,0,0,0,0xfe,0,0,
14200,0,0,0,0,0,0,0,0xb0,0xf8,0x50,0x9,0,0,0,0,
14210,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
14220,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
14230,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
14240x1,0,0xb0,0xf8,0x50,0x9,0xb0,0xf8,0x50,0x9,0x20,0x20,0x2,0,0xb6,0x42,
14250,0x80,0x8a,0,0x6,0x3c,0xa,0x3c,0xff,0xff,0xc6,0x7,0,0x1,0,0x8,
14260xf0,0xf,0,0x10,0x2,0,0x30,0,0,0,0,0,0,0,0x6,0xfe,
14270,0,0x2,0,0x50,0,0x8a,0,0x4f,0x95,0,0,0x21,0,0xb,0,
14280,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
14290,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
14300,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
14310,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
14320,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
14330,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
14340,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
14350,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
14360,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
14370,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
14380,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
14390,0,0,0,0,0,0,0,0,0,0,0,0,0,0xa5,0x51,
1440};
1441
1442/* ATA Information VPD page */
1443static int inquiry_vpd_89(unsigned char *arr)
1444{
1445 memcpy(arr, vpd89_data, sizeof(vpd89_data));
1446 return sizeof(vpd89_data);
1447}
1448
1449
1450static unsigned char vpdb0_data[] = {
1451 /* from 4th byte */ 0,0,0,4, 0,0,0x4,0, 0,0,0,64,
1452 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
1453 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
1454 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
1455};
1456
1457/* Block limits VPD page (SBC-3) */
1458static int inquiry_vpd_b0(unsigned char *arr)
1459{
1460 unsigned int gran;
1461
1462 memcpy(arr, vpdb0_data, sizeof(vpdb0_data));
1463
1464 /* Optimal transfer length granularity */
1465 if (sdebug_opt_xferlen_exp != 0 &&
1466 sdebug_physblk_exp < sdebug_opt_xferlen_exp)
1467 gran = 1 << sdebug_opt_xferlen_exp;
1468 else
1469 gran = 1 << sdebug_physblk_exp;
1470 put_unaligned_be16(gran, arr + 2);
1471
1472 /* Maximum Transfer Length */
1473 if (sdebug_store_sectors > 0x400)
1474 put_unaligned_be32(sdebug_store_sectors, arr + 4);
1475
1476 /* Optimal Transfer Length */
1477 put_unaligned_be32(sdebug_opt_blks, &arr[8]);
1478
1479 if (sdebug_lbpu) {
1480 /* Maximum Unmap LBA Count */
1481 put_unaligned_be32(sdebug_unmap_max_blocks, &arr[16]);
1482
1483 /* Maximum Unmap Block Descriptor Count */
1484 put_unaligned_be32(sdebug_unmap_max_desc, &arr[20]);
1485 }
1486
1487 /* Unmap Granularity Alignment */
1488 if (sdebug_unmap_alignment) {
1489 put_unaligned_be32(sdebug_unmap_alignment, &arr[28]);
1490 arr[28] |= 0x80; /* UGAVALID */
1491 }
1492
1493 /* Optimal Unmap Granularity */
1494 put_unaligned_be32(sdebug_unmap_granularity, &arr[24]);
1495
1496 /* Maximum WRITE SAME Length */
1497 put_unaligned_be64(sdebug_write_same_length, &arr[32]);
1498
1499 return 0x3c; /* Mandatory page length for Logical Block Provisioning */
1500
1501 return sizeof(vpdb0_data);
1502}
1503
1504/* Block device characteristics VPD page (SBC-3) */
1505static int inquiry_vpd_b1(struct sdebug_dev_info *devip, unsigned char *arr)
1506{
1507 memset(arr, 0, 0x3c);
1508 arr[0] = 0;
1509 arr[1] = 1; /* non rotating medium (e.g. solid state) */
1510 arr[2] = 0;
1511 arr[3] = 5; /* less than 1.8" */
1512 if (devip->zmodel == BLK_ZONED_HA)
1513 arr[4] = 1 << 4; /* zoned field = 01b */
1514
1515 return 0x3c;
1516}
1517
1518/* Logical block provisioning VPD page (SBC-4) */
1519static int inquiry_vpd_b2(unsigned char *arr)
1520{
1521 memset(arr, 0, 0x4);
1522 arr[0] = 0; /* threshold exponent */
1523 if (sdebug_lbpu)
1524 arr[1] = 1 << 7;
1525 if (sdebug_lbpws)
1526 arr[1] |= 1 << 6;
1527 if (sdebug_lbpws10)
1528 arr[1] |= 1 << 5;
1529 if (sdebug_lbprz && scsi_debug_lbp())
1530 arr[1] |= (sdebug_lbprz & 0x7) << 2; /* sbc4r07 and later */
1531 /* anc_sup=0; dp=0 (no provisioning group descriptor) */
1532 /* minimum_percentage=0; provisioning_type=0 (unknown) */
1533 /* threshold_percentage=0 */
1534 return 0x4;
1535}
1536
1537/* Zoned block device characteristics VPD page (ZBC mandatory) */
1538static int inquiry_vpd_b6(struct sdebug_dev_info *devip, unsigned char *arr)
1539{
1540 memset(arr, 0, 0x3c);
1541 arr[0] = 0x1; /* set URSWRZ (unrestricted read in seq. wr req zone) */
1542 /*
1543 * Set Optimal number of open sequential write preferred zones and
1544 * Optimal number of non-sequentially written sequential write
1545 * preferred zones fields to 'not reported' (0xffffffff). Leave other
1546 * fields set to zero, apart from Max. number of open swrz_s field.
1547 */
1548 put_unaligned_be32(0xffffffff, &arr[4]);
1549 put_unaligned_be32(0xffffffff, &arr[8]);
1550 if (sdeb_zbc_model == BLK_ZONED_HM && devip->max_open)
1551 put_unaligned_be32(devip->max_open, &arr[12]);
1552 else
1553 put_unaligned_be32(0xffffffff, &arr[12]);
1554 return 0x3c;
1555}
1556
1557#define SDEBUG_LONG_INQ_SZ 96
1558#define SDEBUG_MAX_INQ_ARR_SZ 584
1559
1560static int resp_inquiry(struct scsi_cmnd *scp, struct sdebug_dev_info *devip)
1561{
1562 unsigned char pq_pdt;
1563 unsigned char *arr;
1564 unsigned char *cmd = scp->cmnd;
1565 int alloc_len, n, ret;
1566 bool have_wlun, is_disk, is_zbc, is_disk_zbc;
1567
1568 alloc_len = get_unaligned_be16(cmd + 3);
1569 arr = kzalloc(SDEBUG_MAX_INQ_ARR_SZ, GFP_ATOMIC);
1570 if (! arr)
1571 return DID_REQUEUE << 16;
1572 is_disk = (sdebug_ptype == TYPE_DISK);
1573 is_zbc = (devip->zmodel != BLK_ZONED_NONE);
1574 is_disk_zbc = (is_disk || is_zbc);
1575 have_wlun = scsi_is_wlun(scp->device->lun);
1576 if (have_wlun)
1577 pq_pdt = TYPE_WLUN; /* present, wlun */
1578 else if (sdebug_no_lun_0 && (devip->lun == SDEBUG_LUN_0_VAL))
1579 pq_pdt = 0x7f; /* not present, PQ=3, PDT=0x1f */
1580 else
1581 pq_pdt = (sdebug_ptype & 0x1f);
1582 arr[0] = pq_pdt;
1583 if (0x2 & cmd[1]) { /* CMDDT bit set */
1584 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 1, 1);
1585 kfree(arr);
1586 return check_condition_result;
1587 } else if (0x1 & cmd[1]) { /* EVPD bit set */
1588 int lu_id_num, port_group_id, target_dev_id, len;
1589 char lu_id_str[6];
1590 int host_no = devip->sdbg_host->shost->host_no;
1591
1592 port_group_id = (((host_no + 1) & 0x7f) << 8) +
1593 (devip->channel & 0x7f);
1594 if (sdebug_vpd_use_hostno == 0)
1595 host_no = 0;
1596 lu_id_num = have_wlun ? -1 : (((host_no + 1) * 2000) +
1597 (devip->target * 1000) + devip->lun);
1598 target_dev_id = ((host_no + 1) * 2000) +
1599 (devip->target * 1000) - 3;
1600 len = scnprintf(lu_id_str, 6, "%d", lu_id_num);
1601 if (0 == cmd[2]) { /* supported vital product data pages */
1602 arr[1] = cmd[2]; /*sanity */
1603 n = 4;
1604 arr[n++] = 0x0; /* this page */
1605 arr[n++] = 0x80; /* unit serial number */
1606 arr[n++] = 0x83; /* device identification */
1607 arr[n++] = 0x84; /* software interface ident. */
1608 arr[n++] = 0x85; /* management network addresses */
1609 arr[n++] = 0x86; /* extended inquiry */
1610 arr[n++] = 0x87; /* mode page policy */
1611 arr[n++] = 0x88; /* SCSI ports */
1612 if (is_disk_zbc) { /* SBC or ZBC */
1613 arr[n++] = 0x89; /* ATA information */
1614 arr[n++] = 0xb0; /* Block limits */
1615 arr[n++] = 0xb1; /* Block characteristics */
1616 if (is_disk)
1617 arr[n++] = 0xb2; /* LB Provisioning */
1618 if (is_zbc)
1619 arr[n++] = 0xb6; /* ZB dev. char. */
1620 }
1621 arr[3] = n - 4; /* number of supported VPD pages */
1622 } else if (0x80 == cmd[2]) { /* unit serial number */
1623 arr[1] = cmd[2]; /*sanity */
1624 arr[3] = len;
1625 memcpy(&arr[4], lu_id_str, len);
1626 } else if (0x83 == cmd[2]) { /* device identification */
1627 arr[1] = cmd[2]; /*sanity */
1628 arr[3] = inquiry_vpd_83(&arr[4], port_group_id,
1629 target_dev_id, lu_id_num,
1630 lu_id_str, len,
1631 &devip->lu_name);
1632 } else if (0x84 == cmd[2]) { /* Software interface ident. */
1633 arr[1] = cmd[2]; /*sanity */
1634 arr[3] = inquiry_vpd_84(&arr[4]);
1635 } else if (0x85 == cmd[2]) { /* Management network addresses */
1636 arr[1] = cmd[2]; /*sanity */
1637 arr[3] = inquiry_vpd_85(&arr[4]);
1638 } else if (0x86 == cmd[2]) { /* extended inquiry */
1639 arr[1] = cmd[2]; /*sanity */
1640 arr[3] = 0x3c; /* number of following entries */
1641 if (sdebug_dif == T10_PI_TYPE3_PROTECTION)
1642 arr[4] = 0x4; /* SPT: GRD_CHK:1 */
1643 else if (have_dif_prot)
1644 arr[4] = 0x5; /* SPT: GRD_CHK:1, REF_CHK:1 */
1645 else
1646 arr[4] = 0x0; /* no protection stuff */
1647 arr[5] = 0x7; /* head of q, ordered + simple q's */
1648 } else if (0x87 == cmd[2]) { /* mode page policy */
1649 arr[1] = cmd[2]; /*sanity */
1650 arr[3] = 0x8; /* number of following entries */
1651 arr[4] = 0x2; /* disconnect-reconnect mp */
1652 arr[6] = 0x80; /* mlus, shared */
1653 arr[8] = 0x18; /* protocol specific lu */
1654 arr[10] = 0x82; /* mlus, per initiator port */
1655 } else if (0x88 == cmd[2]) { /* SCSI Ports */
1656 arr[1] = cmd[2]; /*sanity */
1657 arr[3] = inquiry_vpd_88(&arr[4], target_dev_id);
1658 } else if (is_disk_zbc && 0x89 == cmd[2]) { /* ATA info */
1659 arr[1] = cmd[2]; /*sanity */
1660 n = inquiry_vpd_89(&arr[4]);
1661 put_unaligned_be16(n, arr + 2);
1662 } else if (is_disk_zbc && 0xb0 == cmd[2]) { /* Block limits */
1663 arr[1] = cmd[2]; /*sanity */
1664 arr[3] = inquiry_vpd_b0(&arr[4]);
1665 } else if (is_disk_zbc && 0xb1 == cmd[2]) { /* Block char. */
1666 arr[1] = cmd[2]; /*sanity */
1667 arr[3] = inquiry_vpd_b1(devip, &arr[4]);
1668 } else if (is_disk && 0xb2 == cmd[2]) { /* LB Prov. */
1669 arr[1] = cmd[2]; /*sanity */
1670 arr[3] = inquiry_vpd_b2(&arr[4]);
1671 } else if (is_zbc && cmd[2] == 0xb6) { /* ZB dev. charact. */
1672 arr[1] = cmd[2]; /*sanity */
1673 arr[3] = inquiry_vpd_b6(devip, &arr[4]);
1674 } else {
1675 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 2, -1);
1676 kfree(arr);
1677 return check_condition_result;
1678 }
1679 len = min(get_unaligned_be16(arr + 2) + 4, alloc_len);
1680 ret = fill_from_dev_buffer(scp, arr,
1681 min(len, SDEBUG_MAX_INQ_ARR_SZ));
1682 kfree(arr);
1683 return ret;
1684 }
1685 /* drops through here for a standard inquiry */
1686 arr[1] = sdebug_removable ? 0x80 : 0; /* Removable disk */
1687 arr[2] = sdebug_scsi_level;
1688 arr[3] = 2; /* response_data_format==2 */
1689 arr[4] = SDEBUG_LONG_INQ_SZ - 5;
1690 arr[5] = (int)have_dif_prot; /* PROTECT bit */
1691 if (sdebug_vpd_use_hostno == 0)
1692 arr[5] |= 0x10; /* claim: implicit TPGS */
1693 arr[6] = 0x10; /* claim: MultiP */
1694 /* arr[6] |= 0x40; ... claim: EncServ (enclosure services) */
1695 arr[7] = 0xa; /* claim: LINKED + CMDQUE */
1696 memcpy(&arr[8], sdebug_inq_vendor_id, 8);
1697 memcpy(&arr[16], sdebug_inq_product_id, 16);
1698 memcpy(&arr[32], sdebug_inq_product_rev, 4);
1699 /* Use Vendor Specific area to place driver date in ASCII hex */
1700 memcpy(&arr[36], sdebug_version_date, 8);
1701 /* version descriptors (2 bytes each) follow */
1702 put_unaligned_be16(0xc0, arr + 58); /* SAM-6 no version claimed */
1703 put_unaligned_be16(0x5c0, arr + 60); /* SPC-5 no version claimed */
1704 n = 62;
1705 if (is_disk) { /* SBC-4 no version claimed */
1706 put_unaligned_be16(0x600, arr + n);
1707 n += 2;
1708 } else if (sdebug_ptype == TYPE_TAPE) { /* SSC-4 rev 3 */
1709 put_unaligned_be16(0x525, arr + n);
1710 n += 2;
1711 } else if (is_zbc) { /* ZBC BSR INCITS 536 revision 05 */
1712 put_unaligned_be16(0x624, arr + n);
1713 n += 2;
1714 }
1715 put_unaligned_be16(0x2100, arr + n); /* SPL-4 no version claimed */
1716 ret = fill_from_dev_buffer(scp, arr,
1717 min_t(int, alloc_len, SDEBUG_LONG_INQ_SZ));
1718 kfree(arr);
1719 return ret;
1720}
1721
1722/* See resp_iec_m_pg() for how this data is manipulated */
1723static unsigned char iec_m_pg[] = {0x1c, 0xa, 0x08, 0, 0, 0, 0, 0,
1724 0, 0, 0x0, 0x0};
1725
1726static int resp_requests(struct scsi_cmnd *scp,
1727 struct sdebug_dev_info *devip)
1728{
1729 unsigned char *cmd = scp->cmnd;
1730 unsigned char arr[SCSI_SENSE_BUFFERSIZE]; /* assume >= 18 bytes */
1731 bool dsense = !!(cmd[1] & 1);
1732 int alloc_len = cmd[4];
1733 int len = 18;
1734 int stopped_state = atomic_read(&devip->stopped);
1735
1736 memset(arr, 0, sizeof(arr));
1737 if (stopped_state > 0) { /* some "pollable" data [spc6r02: 5.12.2] */
1738 if (dsense) {
1739 arr[0] = 0x72;
1740 arr[1] = NOT_READY;
1741 arr[2] = LOGICAL_UNIT_NOT_READY;
1742 arr[3] = (stopped_state == 2) ? 0x1 : 0x2;
1743 len = 8;
1744 } else {
1745 arr[0] = 0x70;
1746 arr[2] = NOT_READY; /* NO_SENSE in sense_key */
1747 arr[7] = 0xa; /* 18 byte sense buffer */
1748 arr[12] = LOGICAL_UNIT_NOT_READY;
1749 arr[13] = (stopped_state == 2) ? 0x1 : 0x2;
1750 }
1751 } else if ((iec_m_pg[2] & 0x4) && (6 == (iec_m_pg[3] & 0xf))) {
1752 /* Information exceptions control mode page: TEST=1, MRIE=6 */
1753 if (dsense) {
1754 arr[0] = 0x72;
1755 arr[1] = 0x0; /* NO_SENSE in sense_key */
1756 arr[2] = THRESHOLD_EXCEEDED;
1757 arr[3] = 0xff; /* Failure prediction(false) */
1758 len = 8;
1759 } else {
1760 arr[0] = 0x70;
1761 arr[2] = 0x0; /* NO_SENSE in sense_key */
1762 arr[7] = 0xa; /* 18 byte sense buffer */
1763 arr[12] = THRESHOLD_EXCEEDED;
1764 arr[13] = 0xff; /* Failure prediction(false) */
1765 }
1766 } else { /* nothing to report */
1767 if (dsense) {
1768 len = 8;
1769 memset(arr, 0, len);
1770 arr[0] = 0x72;
1771 } else {
1772 memset(arr, 0, len);
1773 arr[0] = 0x70;
1774 arr[7] = 0xa;
1775 }
1776 }
1777 return fill_from_dev_buffer(scp, arr, min_t(int, len, alloc_len));
1778}
1779
1780static int resp_start_stop(struct scsi_cmnd *scp, struct sdebug_dev_info *devip)
1781{
1782 unsigned char *cmd = scp->cmnd;
1783 int power_cond, want_stop, stopped_state;
1784 bool changing;
1785
1786 power_cond = (cmd[4] & 0xf0) >> 4;
1787 if (power_cond) {
1788 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 4, 7);
1789 return check_condition_result;
1790 }
1791 want_stop = !(cmd[4] & 1);
1792 stopped_state = atomic_read(&devip->stopped);
1793 if (stopped_state == 2) {
1794 ktime_t now_ts = ktime_get_boottime();
1795
1796 if (ktime_to_ns(now_ts) > ktime_to_ns(devip->create_ts)) {
1797 u64 diff_ns = ktime_to_ns(ktime_sub(now_ts, devip->create_ts));
1798
1799 if (diff_ns >= ((u64)sdeb_tur_ms_to_ready * 1000000)) {
1800 /* tur_ms_to_ready timer extinguished */
1801 atomic_set(&devip->stopped, 0);
1802 stopped_state = 0;
1803 }
1804 }
1805 if (stopped_state == 2) {
1806 if (want_stop) {
1807 stopped_state = 1; /* dummy up success */
1808 } else { /* Disallow tur_ms_to_ready delay to be overridden */
1809 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 4, 0 /* START bit */);
1810 return check_condition_result;
1811 }
1812 }
1813 }
1814 changing = (stopped_state != want_stop);
1815 if (changing)
1816 atomic_xchg(&devip->stopped, want_stop);
1817 if (!changing || (cmd[1] & 0x1)) /* state unchanged or IMMED bit set in cdb */
1818 return SDEG_RES_IMMED_MASK;
1819 else
1820 return 0;
1821}
1822
1823static sector_t get_sdebug_capacity(void)
1824{
1825 static const unsigned int gibibyte = 1073741824;
1826
1827 if (sdebug_virtual_gb > 0)
1828 return (sector_t)sdebug_virtual_gb *
1829 (gibibyte / sdebug_sector_size);
1830 else
1831 return sdebug_store_sectors;
1832}
1833
1834#define SDEBUG_READCAP_ARR_SZ 8
1835static int resp_readcap(struct scsi_cmnd *scp,
1836 struct sdebug_dev_info *devip)
1837{
1838 unsigned char arr[SDEBUG_READCAP_ARR_SZ];
1839 unsigned int capac;
1840
1841 /* following just in case virtual_gb changed */
1842 sdebug_capacity = get_sdebug_capacity();
1843 memset(arr, 0, SDEBUG_READCAP_ARR_SZ);
1844 if (sdebug_capacity < 0xffffffff) {
1845 capac = (unsigned int)sdebug_capacity - 1;
1846 put_unaligned_be32(capac, arr + 0);
1847 } else
1848 put_unaligned_be32(0xffffffff, arr + 0);
1849 put_unaligned_be16(sdebug_sector_size, arr + 6);
1850 return fill_from_dev_buffer(scp, arr, SDEBUG_READCAP_ARR_SZ);
1851}
1852
1853#define SDEBUG_READCAP16_ARR_SZ 32
1854static int resp_readcap16(struct scsi_cmnd *scp,
1855 struct sdebug_dev_info *devip)
1856{
1857 unsigned char *cmd = scp->cmnd;
1858 unsigned char arr[SDEBUG_READCAP16_ARR_SZ];
1859 int alloc_len;
1860
1861 alloc_len = get_unaligned_be32(cmd + 10);
1862 /* following just in case virtual_gb changed */
1863 sdebug_capacity = get_sdebug_capacity();
1864 memset(arr, 0, SDEBUG_READCAP16_ARR_SZ);
1865 put_unaligned_be64((u64)(sdebug_capacity - 1), arr + 0);
1866 put_unaligned_be32(sdebug_sector_size, arr + 8);
1867 arr[13] = sdebug_physblk_exp & 0xf;
1868 arr[14] = (sdebug_lowest_aligned >> 8) & 0x3f;
1869
1870 if (scsi_debug_lbp()) {
1871 arr[14] |= 0x80; /* LBPME */
1872 /* from sbc4r07, this LBPRZ field is 1 bit, but the LBPRZ in
1873 * the LB Provisioning VPD page is 3 bits. Note that lbprz=2
1874 * in the wider field maps to 0 in this field.
1875 */
1876 if (sdebug_lbprz & 1) /* precisely what the draft requires */
1877 arr[14] |= 0x40;
1878 }
1879
1880 arr[15] = sdebug_lowest_aligned & 0xff;
1881
1882 if (have_dif_prot) {
1883 arr[12] = (sdebug_dif - 1) << 1; /* P_TYPE */
1884 arr[12] |= 1; /* PROT_EN */
1885 }
1886
1887 return fill_from_dev_buffer(scp, arr,
1888 min_t(int, alloc_len, SDEBUG_READCAP16_ARR_SZ));
1889}
1890
1891#define SDEBUG_MAX_TGTPGS_ARR_SZ 1412
1892
1893static int resp_report_tgtpgs(struct scsi_cmnd *scp,
1894 struct sdebug_dev_info *devip)
1895{
1896 unsigned char *cmd = scp->cmnd;
1897 unsigned char *arr;
1898 int host_no = devip->sdbg_host->shost->host_no;
1899 int n, ret, alen, rlen;
1900 int port_group_a, port_group_b, port_a, port_b;
1901
1902 alen = get_unaligned_be32(cmd + 6);
1903 arr = kzalloc(SDEBUG_MAX_TGTPGS_ARR_SZ, GFP_ATOMIC);
1904 if (! arr)
1905 return DID_REQUEUE << 16;
1906 /*
1907 * EVPD page 0x88 states we have two ports, one
1908 * real and a fake port with no device connected.
1909 * So we create two port groups with one port each
1910 * and set the group with port B to unavailable.
1911 */
1912 port_a = 0x1; /* relative port A */
1913 port_b = 0x2; /* relative port B */
1914 port_group_a = (((host_no + 1) & 0x7f) << 8) +
1915 (devip->channel & 0x7f);
1916 port_group_b = (((host_no + 1) & 0x7f) << 8) +
1917 (devip->channel & 0x7f) + 0x80;
1918
1919 /*
1920 * The asymmetric access state is cycled according to the host_id.
1921 */
1922 n = 4;
1923 if (sdebug_vpd_use_hostno == 0) {
1924 arr[n++] = host_no % 3; /* Asymm access state */
1925 arr[n++] = 0x0F; /* claim: all states are supported */
1926 } else {
1927 arr[n++] = 0x0; /* Active/Optimized path */
1928 arr[n++] = 0x01; /* only support active/optimized paths */
1929 }
1930 put_unaligned_be16(port_group_a, arr + n);
1931 n += 2;
1932 arr[n++] = 0; /* Reserved */
1933 arr[n++] = 0; /* Status code */
1934 arr[n++] = 0; /* Vendor unique */
1935 arr[n++] = 0x1; /* One port per group */
1936 arr[n++] = 0; /* Reserved */
1937 arr[n++] = 0; /* Reserved */
1938 put_unaligned_be16(port_a, arr + n);
1939 n += 2;
1940 arr[n++] = 3; /* Port unavailable */
1941 arr[n++] = 0x08; /* claim: only unavailalbe paths are supported */
1942 put_unaligned_be16(port_group_b, arr + n);
1943 n += 2;
1944 arr[n++] = 0; /* Reserved */
1945 arr[n++] = 0; /* Status code */
1946 arr[n++] = 0; /* Vendor unique */
1947 arr[n++] = 0x1; /* One port per group */
1948 arr[n++] = 0; /* Reserved */
1949 arr[n++] = 0; /* Reserved */
1950 put_unaligned_be16(port_b, arr + n);
1951 n += 2;
1952
1953 rlen = n - 4;
1954 put_unaligned_be32(rlen, arr + 0);
1955
1956 /*
1957 * Return the smallest value of either
1958 * - The allocated length
1959 * - The constructed command length
1960 * - The maximum array size
1961 */
1962 rlen = min_t(int, alen, n);
1963 ret = fill_from_dev_buffer(scp, arr,
1964 min_t(int, rlen, SDEBUG_MAX_TGTPGS_ARR_SZ));
1965 kfree(arr);
1966 return ret;
1967}
1968
1969static int resp_rsup_opcodes(struct scsi_cmnd *scp,
1970 struct sdebug_dev_info *devip)
1971{
1972 bool rctd;
1973 u8 reporting_opts, req_opcode, sdeb_i, supp;
1974 u16 req_sa, u;
1975 u32 alloc_len, a_len;
1976 int k, offset, len, errsts, count, bump, na;
1977 const struct opcode_info_t *oip;
1978 const struct opcode_info_t *r_oip;
1979 u8 *arr;
1980 u8 *cmd = scp->cmnd;
1981
1982 rctd = !!(cmd[2] & 0x80);
1983 reporting_opts = cmd[2] & 0x7;
1984 req_opcode = cmd[3];
1985 req_sa = get_unaligned_be16(cmd + 4);
1986 alloc_len = get_unaligned_be32(cmd + 6);
1987 if (alloc_len < 4 || alloc_len > 0xffff) {
1988 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 6, -1);
1989 return check_condition_result;
1990 }
1991 if (alloc_len > 8192)
1992 a_len = 8192;
1993 else
1994 a_len = alloc_len;
1995 arr = kzalloc((a_len < 256) ? 320 : a_len + 64, GFP_ATOMIC);
1996 if (NULL == arr) {
1997 mk_sense_buffer(scp, ILLEGAL_REQUEST, INSUFF_RES_ASC,
1998 INSUFF_RES_ASCQ);
1999 return check_condition_result;
2000 }
2001 switch (reporting_opts) {
2002 case 0: /* all commands */
2003 /* count number of commands */
2004 for (count = 0, oip = opcode_info_arr;
2005 oip->num_attached != 0xff; ++oip) {
2006 if (F_INV_OP & oip->flags)
2007 continue;
2008 count += (oip->num_attached + 1);
2009 }
2010 bump = rctd ? 20 : 8;
2011 put_unaligned_be32(count * bump, arr);
2012 for (offset = 4, oip = opcode_info_arr;
2013 oip->num_attached != 0xff && offset < a_len; ++oip) {
2014 if (F_INV_OP & oip->flags)
2015 continue;
2016 na = oip->num_attached;
2017 arr[offset] = oip->opcode;
2018 put_unaligned_be16(oip->sa, arr + offset + 2);
2019 if (rctd)
2020 arr[offset + 5] |= 0x2;
2021 if (FF_SA & oip->flags)
2022 arr[offset + 5] |= 0x1;
2023 put_unaligned_be16(oip->len_mask[0], arr + offset + 6);
2024 if (rctd)
2025 put_unaligned_be16(0xa, arr + offset + 8);
2026 r_oip = oip;
2027 for (k = 0, oip = oip->arrp; k < na; ++k, ++oip) {
2028 if (F_INV_OP & oip->flags)
2029 continue;
2030 offset += bump;
2031 arr[offset] = oip->opcode;
2032 put_unaligned_be16(oip->sa, arr + offset + 2);
2033 if (rctd)
2034 arr[offset + 5] |= 0x2;
2035 if (FF_SA & oip->flags)
2036 arr[offset + 5] |= 0x1;
2037 put_unaligned_be16(oip->len_mask[0],
2038 arr + offset + 6);
2039 if (rctd)
2040 put_unaligned_be16(0xa,
2041 arr + offset + 8);
2042 }
2043 oip = r_oip;
2044 offset += bump;
2045 }
2046 break;
2047 case 1: /* one command: opcode only */
2048 case 2: /* one command: opcode plus service action */
2049 case 3: /* one command: if sa==0 then opcode only else opcode+sa */
2050 sdeb_i = opcode_ind_arr[req_opcode];
2051 oip = &opcode_info_arr[sdeb_i];
2052 if (F_INV_OP & oip->flags) {
2053 supp = 1;
2054 offset = 4;
2055 } else {
2056 if (1 == reporting_opts) {
2057 if (FF_SA & oip->flags) {
2058 mk_sense_invalid_fld(scp, SDEB_IN_CDB,
2059 2, 2);
2060 kfree(arr);
2061 return check_condition_result;
2062 }
2063 req_sa = 0;
2064 } else if (2 == reporting_opts &&
2065 0 == (FF_SA & oip->flags)) {
2066 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 4, -1);
2067 kfree(arr); /* point at requested sa */
2068 return check_condition_result;
2069 }
2070 if (0 == (FF_SA & oip->flags) &&
2071 req_opcode == oip->opcode)
2072 supp = 3;
2073 else if (0 == (FF_SA & oip->flags)) {
2074 na = oip->num_attached;
2075 for (k = 0, oip = oip->arrp; k < na;
2076 ++k, ++oip) {
2077 if (req_opcode == oip->opcode)
2078 break;
2079 }
2080 supp = (k >= na) ? 1 : 3;
2081 } else if (req_sa != oip->sa) {
2082 na = oip->num_attached;
2083 for (k = 0, oip = oip->arrp; k < na;
2084 ++k, ++oip) {
2085 if (req_sa == oip->sa)
2086 break;
2087 }
2088 supp = (k >= na) ? 1 : 3;
2089 } else
2090 supp = 3;
2091 if (3 == supp) {
2092 u = oip->len_mask[0];
2093 put_unaligned_be16(u, arr + 2);
2094 arr[4] = oip->opcode;
2095 for (k = 1; k < u; ++k)
2096 arr[4 + k] = (k < 16) ?
2097 oip->len_mask[k] : 0xff;
2098 offset = 4 + u;
2099 } else
2100 offset = 4;
2101 }
2102 arr[1] = (rctd ? 0x80 : 0) | supp;
2103 if (rctd) {
2104 put_unaligned_be16(0xa, arr + offset);
2105 offset += 12;
2106 }
2107 break;
2108 default:
2109 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 2, 2);
2110 kfree(arr);
2111 return check_condition_result;
2112 }
2113 offset = (offset < a_len) ? offset : a_len;
2114 len = (offset < alloc_len) ? offset : alloc_len;
2115 errsts = fill_from_dev_buffer(scp, arr, len);
2116 kfree(arr);
2117 return errsts;
2118}
2119
2120static int resp_rsup_tmfs(struct scsi_cmnd *scp,
2121 struct sdebug_dev_info *devip)
2122{
2123 bool repd;
2124 u32 alloc_len, len;
2125 u8 arr[16];
2126 u8 *cmd = scp->cmnd;
2127
2128 memset(arr, 0, sizeof(arr));
2129 repd = !!(cmd[2] & 0x80);
2130 alloc_len = get_unaligned_be32(cmd + 6);
2131 if (alloc_len < 4) {
2132 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 6, -1);
2133 return check_condition_result;
2134 }
2135 arr[0] = 0xc8; /* ATS | ATSS | LURS */
2136 arr[1] = 0x1; /* ITNRS */
2137 if (repd) {
2138 arr[3] = 0xc;
2139 len = 16;
2140 } else
2141 len = 4;
2142
2143 len = (len < alloc_len) ? len : alloc_len;
2144 return fill_from_dev_buffer(scp, arr, len);
2145}
2146
2147/* <<Following mode page info copied from ST318451LW>> */
2148
2149static int resp_err_recov_pg(unsigned char *p, int pcontrol, int target)
2150{ /* Read-Write Error Recovery page for mode_sense */
2151 unsigned char err_recov_pg[] = {0x1, 0xa, 0xc0, 11, 240, 0, 0, 0,
2152 5, 0, 0xff, 0xff};
2153
2154 memcpy(p, err_recov_pg, sizeof(err_recov_pg));
2155 if (1 == pcontrol)
2156 memset(p + 2, 0, sizeof(err_recov_pg) - 2);
2157 return sizeof(err_recov_pg);
2158}
2159
2160static int resp_disconnect_pg(unsigned char *p, int pcontrol, int target)
2161{ /* Disconnect-Reconnect page for mode_sense */
2162 unsigned char disconnect_pg[] = {0x2, 0xe, 128, 128, 0, 10, 0, 0,
2163 0, 0, 0, 0, 0, 0, 0, 0};
2164
2165 memcpy(p, disconnect_pg, sizeof(disconnect_pg));
2166 if (1 == pcontrol)
2167 memset(p + 2, 0, sizeof(disconnect_pg) - 2);
2168 return sizeof(disconnect_pg);
2169}
2170
2171static int resp_format_pg(unsigned char *p, int pcontrol, int target)
2172{ /* Format device page for mode_sense */
2173 unsigned char format_pg[] = {0x3, 0x16, 0, 0, 0, 0, 0, 0,
2174 0, 0, 0, 0, 0, 0, 0, 0,
2175 0, 0, 0, 0, 0x40, 0, 0, 0};
2176
2177 memcpy(p, format_pg, sizeof(format_pg));
2178 put_unaligned_be16(sdebug_sectors_per, p + 10);
2179 put_unaligned_be16(sdebug_sector_size, p + 12);
2180 if (sdebug_removable)
2181 p[20] |= 0x20; /* should agree with INQUIRY */
2182 if (1 == pcontrol)
2183 memset(p + 2, 0, sizeof(format_pg) - 2);
2184 return sizeof(format_pg);
2185}
2186
2187static unsigned char caching_pg[] = {0x8, 18, 0x14, 0, 0xff, 0xff, 0, 0,
2188 0xff, 0xff, 0xff, 0xff, 0x80, 0x14, 0, 0,
2189 0, 0, 0, 0};
2190
2191static int resp_caching_pg(unsigned char *p, int pcontrol, int target)
2192{ /* Caching page for mode_sense */
2193 unsigned char ch_caching_pg[] = {/* 0x8, 18, */ 0x4, 0, 0, 0, 0, 0,
2194 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0};
2195 unsigned char d_caching_pg[] = {0x8, 18, 0x14, 0, 0xff, 0xff, 0, 0,
2196 0xff, 0xff, 0xff, 0xff, 0x80, 0x14, 0, 0, 0, 0, 0, 0};
2197
2198 if (SDEBUG_OPT_N_WCE & sdebug_opts)
2199 caching_pg[2] &= ~0x4; /* set WCE=0 (default WCE=1) */
2200 memcpy(p, caching_pg, sizeof(caching_pg));
2201 if (1 == pcontrol)
2202 memcpy(p + 2, ch_caching_pg, sizeof(ch_caching_pg));
2203 else if (2 == pcontrol)
2204 memcpy(p, d_caching_pg, sizeof(d_caching_pg));
2205 return sizeof(caching_pg);
2206}
2207
2208static unsigned char ctrl_m_pg[] = {0xa, 10, 2, 0, 0, 0, 0, 0,
2209 0, 0, 0x2, 0x4b};
2210
2211static int resp_ctrl_m_pg(unsigned char *p, int pcontrol, int target)
2212{ /* Control mode page for mode_sense */
2213 unsigned char ch_ctrl_m_pg[] = {/* 0xa, 10, */ 0x6, 0, 0, 0, 0, 0,
2214 0, 0, 0, 0};
2215 unsigned char d_ctrl_m_pg[] = {0xa, 10, 2, 0, 0, 0, 0, 0,
2216 0, 0, 0x2, 0x4b};
2217
2218 if (sdebug_dsense)
2219 ctrl_m_pg[2] |= 0x4;
2220 else
2221 ctrl_m_pg[2] &= ~0x4;
2222
2223 if (sdebug_ato)
2224 ctrl_m_pg[5] |= 0x80; /* ATO=1 */
2225
2226 memcpy(p, ctrl_m_pg, sizeof(ctrl_m_pg));
2227 if (1 == pcontrol)
2228 memcpy(p + 2, ch_ctrl_m_pg, sizeof(ch_ctrl_m_pg));
2229 else if (2 == pcontrol)
2230 memcpy(p, d_ctrl_m_pg, sizeof(d_ctrl_m_pg));
2231 return sizeof(ctrl_m_pg);
2232}
2233
2234
2235static int resp_iec_m_pg(unsigned char *p, int pcontrol, int target)
2236{ /* Informational Exceptions control mode page for mode_sense */
2237 unsigned char ch_iec_m_pg[] = {/* 0x1c, 0xa, */ 0x4, 0xf, 0, 0, 0, 0,
2238 0, 0, 0x0, 0x0};
2239 unsigned char d_iec_m_pg[] = {0x1c, 0xa, 0x08, 0, 0, 0, 0, 0,
2240 0, 0, 0x0, 0x0};
2241
2242 memcpy(p, iec_m_pg, sizeof(iec_m_pg));
2243 if (1 == pcontrol)
2244 memcpy(p + 2, ch_iec_m_pg, sizeof(ch_iec_m_pg));
2245 else if (2 == pcontrol)
2246 memcpy(p, d_iec_m_pg, sizeof(d_iec_m_pg));
2247 return sizeof(iec_m_pg);
2248}
2249
2250static int resp_sas_sf_m_pg(unsigned char *p, int pcontrol, int target)
2251{ /* SAS SSP mode page - short format for mode_sense */
2252 unsigned char sas_sf_m_pg[] = {0x19, 0x6,
2253 0x6, 0x0, 0x7, 0xd0, 0x0, 0x0};
2254
2255 memcpy(p, sas_sf_m_pg, sizeof(sas_sf_m_pg));
2256 if (1 == pcontrol)
2257 memset(p + 2, 0, sizeof(sas_sf_m_pg) - 2);
2258 return sizeof(sas_sf_m_pg);
2259}
2260
2261
2262static int resp_sas_pcd_m_spg(unsigned char *p, int pcontrol, int target,
2263 int target_dev_id)
2264{ /* SAS phy control and discover mode page for mode_sense */
2265 unsigned char sas_pcd_m_pg[] = {0x59, 0x1, 0, 0x64, 0, 0x6, 0, 2,
2266 0, 0, 0, 0, 0x10, 0x9, 0x8, 0x0,
2267 0, 0, 0, 0, 0, 0, 0, 0, /* insert SAS addr */
2268 0, 0, 0, 0, 0, 0, 0, 0, /* insert SAS addr */
2269 0x2, 0, 0, 0, 0, 0, 0, 0,
2270 0x88, 0x99, 0, 0, 0, 0, 0, 0,
2271 0, 0, 0, 0, 0, 0, 0, 0,
2272 0, 1, 0, 0, 0x10, 0x9, 0x8, 0x0,
2273 0, 0, 0, 0, 0, 0, 0, 0, /* insert SAS addr */
2274 0, 0, 0, 0, 0, 0, 0, 0, /* insert SAS addr */
2275 0x3, 0, 0, 0, 0, 0, 0, 0,
2276 0x88, 0x99, 0, 0, 0, 0, 0, 0,
2277 0, 0, 0, 0, 0, 0, 0, 0,
2278 };
2279 int port_a, port_b;
2280
2281 put_unaligned_be64(naa3_comp_a, sas_pcd_m_pg + 16);
2282 put_unaligned_be64(naa3_comp_c + 1, sas_pcd_m_pg + 24);
2283 put_unaligned_be64(naa3_comp_a, sas_pcd_m_pg + 64);
2284 put_unaligned_be64(naa3_comp_c + 1, sas_pcd_m_pg + 72);
2285 port_a = target_dev_id + 1;
2286 port_b = port_a + 1;
2287 memcpy(p, sas_pcd_m_pg, sizeof(sas_pcd_m_pg));
2288 put_unaligned_be32(port_a, p + 20);
2289 put_unaligned_be32(port_b, p + 48 + 20);
2290 if (1 == pcontrol)
2291 memset(p + 4, 0, sizeof(sas_pcd_m_pg) - 4);
2292 return sizeof(sas_pcd_m_pg);
2293}
2294
2295static int resp_sas_sha_m_spg(unsigned char *p, int pcontrol)
2296{ /* SAS SSP shared protocol specific port mode subpage */
2297 unsigned char sas_sha_m_pg[] = {0x59, 0x2, 0, 0xc, 0, 0x6, 0x10, 0,
2298 0, 0, 0, 0, 0, 0, 0, 0,
2299 };
2300
2301 memcpy(p, sas_sha_m_pg, sizeof(sas_sha_m_pg));
2302 if (1 == pcontrol)
2303 memset(p + 4, 0, sizeof(sas_sha_m_pg) - 4);
2304 return sizeof(sas_sha_m_pg);
2305}
2306
2307#define SDEBUG_MAX_MSENSE_SZ 256
2308
2309static int resp_mode_sense(struct scsi_cmnd *scp,
2310 struct sdebug_dev_info *devip)
2311{
2312 int pcontrol, pcode, subpcode, bd_len;
2313 unsigned char dev_spec;
2314 int alloc_len, offset, len, target_dev_id;
2315 int target = scp->device->id;
2316 unsigned char *ap;
2317 unsigned char arr[SDEBUG_MAX_MSENSE_SZ];
2318 unsigned char *cmd = scp->cmnd;
2319 bool dbd, llbaa, msense_6, is_disk, is_zbc, bad_pcode;
2320
2321 dbd = !!(cmd[1] & 0x8); /* disable block descriptors */
2322 pcontrol = (cmd[2] & 0xc0) >> 6;
2323 pcode = cmd[2] & 0x3f;
2324 subpcode = cmd[3];
2325 msense_6 = (MODE_SENSE == cmd[0]);
2326 llbaa = msense_6 ? false : !!(cmd[1] & 0x10);
2327 is_disk = (sdebug_ptype == TYPE_DISK);
2328 is_zbc = (devip->zmodel != BLK_ZONED_NONE);
2329 if ((is_disk || is_zbc) && !dbd)
2330 bd_len = llbaa ? 16 : 8;
2331 else
2332 bd_len = 0;
2333 alloc_len = msense_6 ? cmd[4] : get_unaligned_be16(cmd + 7);
2334 memset(arr, 0, SDEBUG_MAX_MSENSE_SZ);
2335 if (0x3 == pcontrol) { /* Saving values not supported */
2336 mk_sense_buffer(scp, ILLEGAL_REQUEST, SAVING_PARAMS_UNSUP, 0);
2337 return check_condition_result;
2338 }
2339 target_dev_id = ((devip->sdbg_host->shost->host_no + 1) * 2000) +
2340 (devip->target * 1000) - 3;
2341 /* for disks+zbc set DPOFUA bit and clear write protect (WP) bit */
2342 if (is_disk || is_zbc) {
2343 dev_spec = 0x10; /* =0x90 if WP=1 implies read-only */
2344 if (sdebug_wp)
2345 dev_spec |= 0x80;
2346 } else
2347 dev_spec = 0x0;
2348 if (msense_6) {
2349 arr[2] = dev_spec;
2350 arr[3] = bd_len;
2351 offset = 4;
2352 } else {
2353 arr[3] = dev_spec;
2354 if (16 == bd_len)
2355 arr[4] = 0x1; /* set LONGLBA bit */
2356 arr[7] = bd_len; /* assume 255 or less */
2357 offset = 8;
2358 }
2359 ap = arr + offset;
2360 if ((bd_len > 0) && (!sdebug_capacity))
2361 sdebug_capacity = get_sdebug_capacity();
2362
2363 if (8 == bd_len) {
2364 if (sdebug_capacity > 0xfffffffe)
2365 put_unaligned_be32(0xffffffff, ap + 0);
2366 else
2367 put_unaligned_be32(sdebug_capacity, ap + 0);
2368 put_unaligned_be16(sdebug_sector_size, ap + 6);
2369 offset += bd_len;
2370 ap = arr + offset;
2371 } else if (16 == bd_len) {
2372 put_unaligned_be64((u64)sdebug_capacity, ap + 0);
2373 put_unaligned_be32(sdebug_sector_size, ap + 12);
2374 offset += bd_len;
2375 ap = arr + offset;
2376 }
2377
2378 if ((subpcode > 0x0) && (subpcode < 0xff) && (0x19 != pcode)) {
2379 /* TODO: Control Extension page */
2380 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 3, -1);
2381 return check_condition_result;
2382 }
2383 bad_pcode = false;
2384
2385 switch (pcode) {
2386 case 0x1: /* Read-Write error recovery page, direct access */
2387 len = resp_err_recov_pg(ap, pcontrol, target);
2388 offset += len;
2389 break;
2390 case 0x2: /* Disconnect-Reconnect page, all devices */
2391 len = resp_disconnect_pg(ap, pcontrol, target);
2392 offset += len;
2393 break;
2394 case 0x3: /* Format device page, direct access */
2395 if (is_disk) {
2396 len = resp_format_pg(ap, pcontrol, target);
2397 offset += len;
2398 } else
2399 bad_pcode = true;
2400 break;
2401 case 0x8: /* Caching page, direct access */
2402 if (is_disk || is_zbc) {
2403 len = resp_caching_pg(ap, pcontrol, target);
2404 offset += len;
2405 } else
2406 bad_pcode = true;
2407 break;
2408 case 0xa: /* Control Mode page, all devices */
2409 len = resp_ctrl_m_pg(ap, pcontrol, target);
2410 offset += len;
2411 break;
2412 case 0x19: /* if spc==1 then sas phy, control+discover */
2413 if ((subpcode > 0x2) && (subpcode < 0xff)) {
2414 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 3, -1);
2415 return check_condition_result;
2416 }
2417 len = 0;
2418 if ((0x0 == subpcode) || (0xff == subpcode))
2419 len += resp_sas_sf_m_pg(ap + len, pcontrol, target);
2420 if ((0x1 == subpcode) || (0xff == subpcode))
2421 len += resp_sas_pcd_m_spg(ap + len, pcontrol, target,
2422 target_dev_id);
2423 if ((0x2 == subpcode) || (0xff == subpcode))
2424 len += resp_sas_sha_m_spg(ap + len, pcontrol);
2425 offset += len;
2426 break;
2427 case 0x1c: /* Informational Exceptions Mode page, all devices */
2428 len = resp_iec_m_pg(ap, pcontrol, target);
2429 offset += len;
2430 break;
2431 case 0x3f: /* Read all Mode pages */
2432 if ((0 == subpcode) || (0xff == subpcode)) {
2433 len = resp_err_recov_pg(ap, pcontrol, target);
2434 len += resp_disconnect_pg(ap + len, pcontrol, target);
2435 if (is_disk) {
2436 len += resp_format_pg(ap + len, pcontrol,
2437 target);
2438 len += resp_caching_pg(ap + len, pcontrol,
2439 target);
2440 } else if (is_zbc) {
2441 len += resp_caching_pg(ap + len, pcontrol,
2442 target);
2443 }
2444 len += resp_ctrl_m_pg(ap + len, pcontrol, target);
2445 len += resp_sas_sf_m_pg(ap + len, pcontrol, target);
2446 if (0xff == subpcode) {
2447 len += resp_sas_pcd_m_spg(ap + len, pcontrol,
2448 target, target_dev_id);
2449 len += resp_sas_sha_m_spg(ap + len, pcontrol);
2450 }
2451 len += resp_iec_m_pg(ap + len, pcontrol, target);
2452 offset += len;
2453 } else {
2454 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 3, -1);
2455 return check_condition_result;
2456 }
2457 break;
2458 default:
2459 bad_pcode = true;
2460 break;
2461 }
2462 if (bad_pcode) {
2463 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 2, 5);
2464 return check_condition_result;
2465 }
2466 if (msense_6)
2467 arr[0] = offset - 1;
2468 else
2469 put_unaligned_be16((offset - 2), arr + 0);
2470 return fill_from_dev_buffer(scp, arr, min_t(int, alloc_len, offset));
2471}
2472
2473#define SDEBUG_MAX_MSELECT_SZ 512
2474
2475static int resp_mode_select(struct scsi_cmnd *scp,
2476 struct sdebug_dev_info *devip)
2477{
2478 int pf, sp, ps, md_len, bd_len, off, spf, pg_len;
2479 int param_len, res, mpage;
2480 unsigned char arr[SDEBUG_MAX_MSELECT_SZ];
2481 unsigned char *cmd = scp->cmnd;
2482 int mselect6 = (MODE_SELECT == cmd[0]);
2483
2484 memset(arr, 0, sizeof(arr));
2485 pf = cmd[1] & 0x10;
2486 sp = cmd[1] & 0x1;
2487 param_len = mselect6 ? cmd[4] : get_unaligned_be16(cmd + 7);
2488 if ((0 == pf) || sp || (param_len > SDEBUG_MAX_MSELECT_SZ)) {
2489 mk_sense_invalid_fld(scp, SDEB_IN_CDB, mselect6 ? 4 : 7, -1);
2490 return check_condition_result;
2491 }
2492 res = fetch_to_dev_buffer(scp, arr, param_len);
2493 if (-1 == res)
2494 return DID_ERROR << 16;
2495 else if (sdebug_verbose && (res < param_len))
2496 sdev_printk(KERN_INFO, scp->device,
2497 "%s: cdb indicated=%d, IO sent=%d bytes\n",
2498 __func__, param_len, res);
2499 md_len = mselect6 ? (arr[0] + 1) : (get_unaligned_be16(arr + 0) + 2);
2500 bd_len = mselect6 ? arr[3] : get_unaligned_be16(arr + 6);
2501 if (md_len > 2) {
2502 mk_sense_invalid_fld(scp, SDEB_IN_DATA, 0, -1);
2503 return check_condition_result;
2504 }
2505 off = bd_len + (mselect6 ? 4 : 8);
2506 mpage = arr[off] & 0x3f;
2507 ps = !!(arr[off] & 0x80);
2508 if (ps) {
2509 mk_sense_invalid_fld(scp, SDEB_IN_DATA, off, 7);
2510 return check_condition_result;
2511 }
2512 spf = !!(arr[off] & 0x40);
2513 pg_len = spf ? (get_unaligned_be16(arr + off + 2) + 4) :
2514 (arr[off + 1] + 2);
2515 if ((pg_len + off) > param_len) {
2516 mk_sense_buffer(scp, ILLEGAL_REQUEST,
2517 PARAMETER_LIST_LENGTH_ERR, 0);
2518 return check_condition_result;
2519 }
2520 switch (mpage) {
2521 case 0x8: /* Caching Mode page */
2522 if (caching_pg[1] == arr[off + 1]) {
2523 memcpy(caching_pg + 2, arr + off + 2,
2524 sizeof(caching_pg) - 2);
2525 goto set_mode_changed_ua;
2526 }
2527 break;
2528 case 0xa: /* Control Mode page */
2529 if (ctrl_m_pg[1] == arr[off + 1]) {
2530 memcpy(ctrl_m_pg + 2, arr + off + 2,
2531 sizeof(ctrl_m_pg) - 2);
2532 if (ctrl_m_pg[4] & 0x8)
2533 sdebug_wp = true;
2534 else
2535 sdebug_wp = false;
2536 sdebug_dsense = !!(ctrl_m_pg[2] & 0x4);
2537 goto set_mode_changed_ua;
2538 }
2539 break;
2540 case 0x1c: /* Informational Exceptions Mode page */
2541 if (iec_m_pg[1] == arr[off + 1]) {
2542 memcpy(iec_m_pg + 2, arr + off + 2,
2543 sizeof(iec_m_pg) - 2);
2544 goto set_mode_changed_ua;
2545 }
2546 break;
2547 default:
2548 break;
2549 }
2550 mk_sense_invalid_fld(scp, SDEB_IN_DATA, off, 5);
2551 return check_condition_result;
2552set_mode_changed_ua:
2553 set_bit(SDEBUG_UA_MODE_CHANGED, devip->uas_bm);
2554 return 0;
2555}
2556
2557static int resp_temp_l_pg(unsigned char *arr)
2558{
2559 unsigned char temp_l_pg[] = {0x0, 0x0, 0x3, 0x2, 0x0, 38,
2560 0x0, 0x1, 0x3, 0x2, 0x0, 65,
2561 };
2562
2563 memcpy(arr, temp_l_pg, sizeof(temp_l_pg));
2564 return sizeof(temp_l_pg);
2565}
2566
2567static int resp_ie_l_pg(unsigned char *arr)
2568{
2569 unsigned char ie_l_pg[] = {0x0, 0x0, 0x3, 0x3, 0x0, 0x0, 38,
2570 };
2571
2572 memcpy(arr, ie_l_pg, sizeof(ie_l_pg));
2573 if (iec_m_pg[2] & 0x4) { /* TEST bit set */
2574 arr[4] = THRESHOLD_EXCEEDED;
2575 arr[5] = 0xff;
2576 }
2577 return sizeof(ie_l_pg);
2578}
2579
2580#define SDEBUG_MAX_LSENSE_SZ 512
2581
2582static int resp_log_sense(struct scsi_cmnd *scp,
2583 struct sdebug_dev_info *devip)
2584{
2585 int ppc, sp, pcode, subpcode, alloc_len, len, n;
2586 unsigned char arr[SDEBUG_MAX_LSENSE_SZ];
2587 unsigned char *cmd = scp->cmnd;
2588
2589 memset(arr, 0, sizeof(arr));
2590 ppc = cmd[1] & 0x2;
2591 sp = cmd[1] & 0x1;
2592 if (ppc || sp) {
2593 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 1, ppc ? 1 : 0);
2594 return check_condition_result;
2595 }
2596 pcode = cmd[2] & 0x3f;
2597 subpcode = cmd[3] & 0xff;
2598 alloc_len = get_unaligned_be16(cmd + 7);
2599 arr[0] = pcode;
2600 if (0 == subpcode) {
2601 switch (pcode) {
2602 case 0x0: /* Supported log pages log page */
2603 n = 4;
2604 arr[n++] = 0x0; /* this page */
2605 arr[n++] = 0xd; /* Temperature */
2606 arr[n++] = 0x2f; /* Informational exceptions */
2607 arr[3] = n - 4;
2608 break;
2609 case 0xd: /* Temperature log page */
2610 arr[3] = resp_temp_l_pg(arr + 4);
2611 break;
2612 case 0x2f: /* Informational exceptions log page */
2613 arr[3] = resp_ie_l_pg(arr + 4);
2614 break;
2615 default:
2616 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 2, 5);
2617 return check_condition_result;
2618 }
2619 } else if (0xff == subpcode) {
2620 arr[0] |= 0x40;
2621 arr[1] = subpcode;
2622 switch (pcode) {
2623 case 0x0: /* Supported log pages and subpages log page */
2624 n = 4;
2625 arr[n++] = 0x0;
2626 arr[n++] = 0x0; /* 0,0 page */
2627 arr[n++] = 0x0;
2628 arr[n++] = 0xff; /* this page */
2629 arr[n++] = 0xd;
2630 arr[n++] = 0x0; /* Temperature */
2631 arr[n++] = 0x2f;
2632 arr[n++] = 0x0; /* Informational exceptions */
2633 arr[3] = n - 4;
2634 break;
2635 case 0xd: /* Temperature subpages */
2636 n = 4;
2637 arr[n++] = 0xd;
2638 arr[n++] = 0x0; /* Temperature */
2639 arr[3] = n - 4;
2640 break;
2641 case 0x2f: /* Informational exceptions subpages */
2642 n = 4;
2643 arr[n++] = 0x2f;
2644 arr[n++] = 0x0; /* Informational exceptions */
2645 arr[3] = n - 4;
2646 break;
2647 default:
2648 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 2, 5);
2649 return check_condition_result;
2650 }
2651 } else {
2652 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 3, -1);
2653 return check_condition_result;
2654 }
2655 len = min_t(int, get_unaligned_be16(arr + 2) + 4, alloc_len);
2656 return fill_from_dev_buffer(scp, arr,
2657 min_t(int, len, SDEBUG_MAX_INQ_ARR_SZ));
2658}
2659
2660static inline bool sdebug_dev_is_zoned(struct sdebug_dev_info *devip)
2661{
2662 return devip->nr_zones != 0;
2663}
2664
2665static struct sdeb_zone_state *zbc_zone(struct sdebug_dev_info *devip,
2666 unsigned long long lba)
2667{
2668 return &devip->zstate[lba >> devip->zsize_shift];
2669}
2670
2671static inline bool zbc_zone_is_conv(struct sdeb_zone_state *zsp)
2672{
2673 return zsp->z_type == ZBC_ZONE_TYPE_CNV;
2674}
2675
2676static void zbc_close_zone(struct sdebug_dev_info *devip,
2677 struct sdeb_zone_state *zsp)
2678{
2679 enum sdebug_z_cond zc;
2680
2681 if (zbc_zone_is_conv(zsp))
2682 return;
2683
2684 zc = zsp->z_cond;
2685 if (!(zc == ZC2_IMPLICIT_OPEN || zc == ZC3_EXPLICIT_OPEN))
2686 return;
2687
2688 if (zc == ZC2_IMPLICIT_OPEN)
2689 devip->nr_imp_open--;
2690 else
2691 devip->nr_exp_open--;
2692
2693 if (zsp->z_wp == zsp->z_start) {
2694 zsp->z_cond = ZC1_EMPTY;
2695 } else {
2696 zsp->z_cond = ZC4_CLOSED;
2697 devip->nr_closed++;
2698 }
2699}
2700
2701static void zbc_close_imp_open_zone(struct sdebug_dev_info *devip)
2702{
2703 struct sdeb_zone_state *zsp = &devip->zstate[0];
2704 unsigned int i;
2705
2706 for (i = 0; i < devip->nr_zones; i++, zsp++) {
2707 if (zsp->z_cond == ZC2_IMPLICIT_OPEN) {
2708 zbc_close_zone(devip, zsp);
2709 return;
2710 }
2711 }
2712}
2713
2714static void zbc_open_zone(struct sdebug_dev_info *devip,
2715 struct sdeb_zone_state *zsp, bool explicit)
2716{
2717 enum sdebug_z_cond zc;
2718
2719 if (zbc_zone_is_conv(zsp))
2720 return;
2721
2722 zc = zsp->z_cond;
2723 if ((explicit && zc == ZC3_EXPLICIT_OPEN) ||
2724 (!explicit && zc == ZC2_IMPLICIT_OPEN))
2725 return;
2726
2727 /* Close an implicit open zone if necessary */
2728 if (explicit && zsp->z_cond == ZC2_IMPLICIT_OPEN)
2729 zbc_close_zone(devip, zsp);
2730 else if (devip->max_open &&
2731 devip->nr_imp_open + devip->nr_exp_open >= devip->max_open)
2732 zbc_close_imp_open_zone(devip);
2733
2734 if (zsp->z_cond == ZC4_CLOSED)
2735 devip->nr_closed--;
2736 if (explicit) {
2737 zsp->z_cond = ZC3_EXPLICIT_OPEN;
2738 devip->nr_exp_open++;
2739 } else {
2740 zsp->z_cond = ZC2_IMPLICIT_OPEN;
2741 devip->nr_imp_open++;
2742 }
2743}
2744
2745static void zbc_inc_wp(struct sdebug_dev_info *devip,
2746 unsigned long long lba, unsigned int num)
2747{
2748 struct sdeb_zone_state *zsp = zbc_zone(devip, lba);
2749 unsigned long long n, end, zend = zsp->z_start + zsp->z_size;
2750
2751 if (zbc_zone_is_conv(zsp))
2752 return;
2753
2754 if (zsp->z_type == ZBC_ZONE_TYPE_SWR) {
2755 zsp->z_wp += num;
2756 if (zsp->z_wp >= zend)
2757 zsp->z_cond = ZC5_FULL;
2758 return;
2759 }
2760
2761 while (num) {
2762 if (lba != zsp->z_wp)
2763 zsp->z_non_seq_resource = true;
2764
2765 end = lba + num;
2766 if (end >= zend) {
2767 n = zend - lba;
2768 zsp->z_wp = zend;
2769 } else if (end > zsp->z_wp) {
2770 n = num;
2771 zsp->z_wp = end;
2772 } else {
2773 n = num;
2774 }
2775 if (zsp->z_wp >= zend)
2776 zsp->z_cond = ZC5_FULL;
2777
2778 num -= n;
2779 lba += n;
2780 if (num) {
2781 zsp++;
2782 zend = zsp->z_start + zsp->z_size;
2783 }
2784 }
2785}
2786
2787static int check_zbc_access_params(struct scsi_cmnd *scp,
2788 unsigned long long lba, unsigned int num, bool write)
2789{
2790 struct scsi_device *sdp = scp->device;
2791 struct sdebug_dev_info *devip = (struct sdebug_dev_info *)sdp->hostdata;
2792 struct sdeb_zone_state *zsp = zbc_zone(devip, lba);
2793 struct sdeb_zone_state *zsp_end = zbc_zone(devip, lba + num - 1);
2794
2795 if (!write) {
2796 if (devip->zmodel == BLK_ZONED_HA)
2797 return 0;
2798 /* For host-managed, reads cannot cross zone types boundaries */
2799 if (zsp_end != zsp &&
2800 zbc_zone_is_conv(zsp) &&
2801 !zbc_zone_is_conv(zsp_end)) {
2802 mk_sense_buffer(scp, ILLEGAL_REQUEST,
2803 LBA_OUT_OF_RANGE,
2804 READ_INVDATA_ASCQ);
2805 return check_condition_result;
2806 }
2807 return 0;
2808 }
2809
2810 /* No restrictions for writes within conventional zones */
2811 if (zbc_zone_is_conv(zsp)) {
2812 if (!zbc_zone_is_conv(zsp_end)) {
2813 mk_sense_buffer(scp, ILLEGAL_REQUEST,
2814 LBA_OUT_OF_RANGE,
2815 WRITE_BOUNDARY_ASCQ);
2816 return check_condition_result;
2817 }
2818 return 0;
2819 }
2820
2821 if (zsp->z_type == ZBC_ZONE_TYPE_SWR) {
2822 /* Writes cannot cross sequential zone boundaries */
2823 if (zsp_end != zsp) {
2824 mk_sense_buffer(scp, ILLEGAL_REQUEST,
2825 LBA_OUT_OF_RANGE,
2826 WRITE_BOUNDARY_ASCQ);
2827 return check_condition_result;
2828 }
2829 /* Cannot write full zones */
2830 if (zsp->z_cond == ZC5_FULL) {
2831 mk_sense_buffer(scp, ILLEGAL_REQUEST,
2832 INVALID_FIELD_IN_CDB, 0);
2833 return check_condition_result;
2834 }
2835 /* Writes must be aligned to the zone WP */
2836 if (lba != zsp->z_wp) {
2837 mk_sense_buffer(scp, ILLEGAL_REQUEST,
2838 LBA_OUT_OF_RANGE,
2839 UNALIGNED_WRITE_ASCQ);
2840 return check_condition_result;
2841 }
2842 }
2843
2844 /* Handle implicit open of closed and empty zones */
2845 if (zsp->z_cond == ZC1_EMPTY || zsp->z_cond == ZC4_CLOSED) {
2846 if (devip->max_open &&
2847 devip->nr_exp_open >= devip->max_open) {
2848 mk_sense_buffer(scp, DATA_PROTECT,
2849 INSUFF_RES_ASC,
2850 INSUFF_ZONE_ASCQ);
2851 return check_condition_result;
2852 }
2853 zbc_open_zone(devip, zsp, false);
2854 }
2855
2856 return 0;
2857}
2858
2859static inline int check_device_access_params
2860 (struct scsi_cmnd *scp, unsigned long long lba,
2861 unsigned int num, bool write)
2862{
2863 struct scsi_device *sdp = scp->device;
2864 struct sdebug_dev_info *devip = (struct sdebug_dev_info *)sdp->hostdata;
2865
2866 if (lba + num > sdebug_capacity) {
2867 mk_sense_buffer(scp, ILLEGAL_REQUEST, LBA_OUT_OF_RANGE, 0);
2868 return check_condition_result;
2869 }
2870 /* transfer length excessive (tie in to block limits VPD page) */
2871 if (num > sdebug_store_sectors) {
2872 /* needs work to find which cdb byte 'num' comes from */
2873 mk_sense_buffer(scp, ILLEGAL_REQUEST, INVALID_FIELD_IN_CDB, 0);
2874 return check_condition_result;
2875 }
2876 if (write && unlikely(sdebug_wp)) {
2877 mk_sense_buffer(scp, DATA_PROTECT, WRITE_PROTECTED, 0x2);
2878 return check_condition_result;
2879 }
2880 if (sdebug_dev_is_zoned(devip))
2881 return check_zbc_access_params(scp, lba, num, write);
2882
2883 return 0;
2884}
2885
2886/*
2887 * Note: if BUG_ON() fires it usually indicates a problem with the parser
2888 * tables. Perhaps a missing F_FAKE_RW or FF_MEDIA_IO flag. Response functions
2889 * that access any of the "stores" in struct sdeb_store_info should call this
2890 * function with bug_if_fake_rw set to true.
2891 */
2892static inline struct sdeb_store_info *devip2sip(struct sdebug_dev_info *devip,
2893 bool bug_if_fake_rw)
2894{
2895 if (sdebug_fake_rw) {
2896 BUG_ON(bug_if_fake_rw); /* See note above */
2897 return NULL;
2898 }
2899 return xa_load(per_store_ap, devip->sdbg_host->si_idx);
2900}
2901
2902/* Returns number of bytes copied or -1 if error. */
2903static int do_device_access(struct sdeb_store_info *sip, struct scsi_cmnd *scp,
2904 u32 sg_skip, u64 lba, u32 num, bool do_write)
2905{
2906 int ret;
2907 u64 block, rest = 0;
2908 enum dma_data_direction dir;
2909 struct scsi_data_buffer *sdb = &scp->sdb;
2910 u8 *fsp;
2911
2912 if (do_write) {
2913 dir = DMA_TO_DEVICE;
2914 write_since_sync = true;
2915 } else {
2916 dir = DMA_FROM_DEVICE;
2917 }
2918
2919 if (!sdb->length || !sip)
2920 return 0;
2921 if (scp->sc_data_direction != dir)
2922 return -1;
2923 fsp = sip->storep;
2924
2925 block = do_div(lba, sdebug_store_sectors);
2926 if (block + num > sdebug_store_sectors)
2927 rest = block + num - sdebug_store_sectors;
2928
2929 ret = sg_copy_buffer(sdb->table.sgl, sdb->table.nents,
2930 fsp + (block * sdebug_sector_size),
2931 (num - rest) * sdebug_sector_size, sg_skip, do_write);
2932 if (ret != (num - rest) * sdebug_sector_size)
2933 return ret;
2934
2935 if (rest) {
2936 ret += sg_copy_buffer(sdb->table.sgl, sdb->table.nents,
2937 fsp, rest * sdebug_sector_size,
2938 sg_skip + ((num - rest) * sdebug_sector_size),
2939 do_write);
2940 }
2941
2942 return ret;
2943}
2944
2945/* Returns number of bytes copied or -1 if error. */
2946static int do_dout_fetch(struct scsi_cmnd *scp, u32 num, u8 *doutp)
2947{
2948 struct scsi_data_buffer *sdb = &scp->sdb;
2949
2950 if (!sdb->length)
2951 return 0;
2952 if (scp->sc_data_direction != DMA_TO_DEVICE)
2953 return -1;
2954 return sg_copy_buffer(sdb->table.sgl, sdb->table.nents, doutp,
2955 num * sdebug_sector_size, 0, true);
2956}
2957
2958/* If sip->storep+lba compares equal to arr(num), then copy top half of
2959 * arr into sip->storep+lba and return true. If comparison fails then
2960 * return false. */
2961static bool comp_write_worker(struct sdeb_store_info *sip, u64 lba, u32 num,
2962 const u8 *arr, bool compare_only)
2963{
2964 bool res;
2965 u64 block, rest = 0;
2966 u32 store_blks = sdebug_store_sectors;
2967 u32 lb_size = sdebug_sector_size;
2968 u8 *fsp = sip->storep;
2969
2970 block = do_div(lba, store_blks);
2971 if (block + num > store_blks)
2972 rest = block + num - store_blks;
2973
2974 res = !memcmp(fsp + (block * lb_size), arr, (num - rest) * lb_size);
2975 if (!res)
2976 return res;
2977 if (rest)
2978 res = memcmp(fsp, arr + ((num - rest) * lb_size),
2979 rest * lb_size);
2980 if (!res)
2981 return res;
2982 if (compare_only)
2983 return true;
2984 arr += num * lb_size;
2985 memcpy(fsp + (block * lb_size), arr, (num - rest) * lb_size);
2986 if (rest)
2987 memcpy(fsp, arr + ((num - rest) * lb_size), rest * lb_size);
2988 return res;
2989}
2990
2991static __be16 dif_compute_csum(const void *buf, int len)
2992{
2993 __be16 csum;
2994
2995 if (sdebug_guard)
2996 csum = (__force __be16)ip_compute_csum(buf, len);
2997 else
2998 csum = cpu_to_be16(crc_t10dif(buf, len));
2999
3000 return csum;
3001}
3002
3003static int dif_verify(struct t10_pi_tuple *sdt, const void *data,
3004 sector_t sector, u32 ei_lba)
3005{
3006 __be16 csum = dif_compute_csum(data, sdebug_sector_size);
3007
3008 if (sdt->guard_tag != csum) {
3009 pr_err("GUARD check failed on sector %lu rcvd 0x%04x, data 0x%04x\n",
3010 (unsigned long)sector,
3011 be16_to_cpu(sdt->guard_tag),
3012 be16_to_cpu(csum));
3013 return 0x01;
3014 }
3015 if (sdebug_dif == T10_PI_TYPE1_PROTECTION &&
3016 be32_to_cpu(sdt->ref_tag) != (sector & 0xffffffff)) {
3017 pr_err("REF check failed on sector %lu\n",
3018 (unsigned long)sector);
3019 return 0x03;
3020 }
3021 if (sdebug_dif == T10_PI_TYPE2_PROTECTION &&
3022 be32_to_cpu(sdt->ref_tag) != ei_lba) {
3023 pr_err("REF check failed on sector %lu\n",
3024 (unsigned long)sector);
3025 return 0x03;
3026 }
3027 return 0;
3028}
3029
3030static void dif_copy_prot(struct scsi_cmnd *scp, sector_t sector,
3031 unsigned int sectors, bool read)
3032{
3033 size_t resid;
3034 void *paddr;
3035 struct sdeb_store_info *sip = devip2sip((struct sdebug_dev_info *)
3036 scp->device->hostdata, true);
3037 struct t10_pi_tuple *dif_storep = sip->dif_storep;
3038 const void *dif_store_end = dif_storep + sdebug_store_sectors;
3039 struct sg_mapping_iter miter;
3040
3041 /* Bytes of protection data to copy into sgl */
3042 resid = sectors * sizeof(*dif_storep);
3043
3044 sg_miter_start(&miter, scsi_prot_sglist(scp),
3045 scsi_prot_sg_count(scp), SG_MITER_ATOMIC |
3046 (read ? SG_MITER_TO_SG : SG_MITER_FROM_SG));
3047
3048 while (sg_miter_next(&miter) && resid > 0) {
3049 size_t len = min_t(size_t, miter.length, resid);
3050 void *start = dif_store(sip, sector);
3051 size_t rest = 0;
3052
3053 if (dif_store_end < start + len)
3054 rest = start + len - dif_store_end;
3055
3056 paddr = miter.addr;
3057
3058 if (read)
3059 memcpy(paddr, start, len - rest);
3060 else
3061 memcpy(start, paddr, len - rest);
3062
3063 if (rest) {
3064 if (read)
3065 memcpy(paddr + len - rest, dif_storep, rest);
3066 else
3067 memcpy(dif_storep, paddr + len - rest, rest);
3068 }
3069
3070 sector += len / sizeof(*dif_storep);
3071 resid -= len;
3072 }
3073 sg_miter_stop(&miter);
3074}
3075
3076static int prot_verify_read(struct scsi_cmnd *scp, sector_t start_sec,
3077 unsigned int sectors, u32 ei_lba)
3078{
3079 unsigned int i;
3080 sector_t sector;
3081 struct sdeb_store_info *sip = devip2sip((struct sdebug_dev_info *)
3082 scp->device->hostdata, true);
3083 struct t10_pi_tuple *sdt;
3084
3085 for (i = 0; i < sectors; i++, ei_lba++) {
3086 int ret;
3087
3088 sector = start_sec + i;
3089 sdt = dif_store(sip, sector);
3090
3091 if (sdt->app_tag == cpu_to_be16(0xffff))
3092 continue;
3093
3094 ret = dif_verify(sdt, lba2fake_store(sip, sector), sector,
3095 ei_lba);
3096 if (ret) {
3097 dif_errors++;
3098 return ret;
3099 }
3100 }
3101
3102 dif_copy_prot(scp, start_sec, sectors, true);
3103 dix_reads++;
3104
3105 return 0;
3106}
3107
3108static int resp_read_dt0(struct scsi_cmnd *scp, struct sdebug_dev_info *devip)
3109{
3110 bool check_prot;
3111 u32 num;
3112 u32 ei_lba;
3113 int ret;
3114 u64 lba;
3115 struct sdeb_store_info *sip = devip2sip(devip, true);
3116 rwlock_t *macc_lckp = sip ? &sip->macc_lck : &sdeb_fake_rw_lck;
3117 u8 *cmd = scp->cmnd;
3118
3119 switch (cmd[0]) {
3120 case READ_16:
3121 ei_lba = 0;
3122 lba = get_unaligned_be64(cmd + 2);
3123 num = get_unaligned_be32(cmd + 10);
3124 check_prot = true;
3125 break;
3126 case READ_10:
3127 ei_lba = 0;
3128 lba = get_unaligned_be32(cmd + 2);
3129 num = get_unaligned_be16(cmd + 7);
3130 check_prot = true;
3131 break;
3132 case READ_6:
3133 ei_lba = 0;
3134 lba = (u32)cmd[3] | (u32)cmd[2] << 8 |
3135 (u32)(cmd[1] & 0x1f) << 16;
3136 num = (0 == cmd[4]) ? 256 : cmd[4];
3137 check_prot = true;
3138 break;
3139 case READ_12:
3140 ei_lba = 0;
3141 lba = get_unaligned_be32(cmd + 2);
3142 num = get_unaligned_be32(cmd + 6);
3143 check_prot = true;
3144 break;
3145 case XDWRITEREAD_10:
3146 ei_lba = 0;
3147 lba = get_unaligned_be32(cmd + 2);
3148 num = get_unaligned_be16(cmd + 7);
3149 check_prot = false;
3150 break;
3151 default: /* assume READ(32) */
3152 lba = get_unaligned_be64(cmd + 12);
3153 ei_lba = get_unaligned_be32(cmd + 20);
3154 num = get_unaligned_be32(cmd + 28);
3155 check_prot = false;
3156 break;
3157 }
3158 if (unlikely(have_dif_prot && check_prot)) {
3159 if (sdebug_dif == T10_PI_TYPE2_PROTECTION &&
3160 (cmd[1] & 0xe0)) {
3161 mk_sense_invalid_opcode(scp);
3162 return check_condition_result;
3163 }
3164 if ((sdebug_dif == T10_PI_TYPE1_PROTECTION ||
3165 sdebug_dif == T10_PI_TYPE3_PROTECTION) &&
3166 (cmd[1] & 0xe0) == 0)
3167 sdev_printk(KERN_ERR, scp->device, "Unprotected RD "
3168 "to DIF device\n");
3169 }
3170 if (unlikely((sdebug_opts & SDEBUG_OPT_SHORT_TRANSFER) &&
3171 atomic_read(&sdeb_inject_pending))) {
3172 num /= 2;
3173 atomic_set(&sdeb_inject_pending, 0);
3174 }
3175
3176 ret = check_device_access_params(scp, lba, num, false);
3177 if (ret)
3178 return ret;
3179 if (unlikely((SDEBUG_OPT_MEDIUM_ERR & sdebug_opts) &&
3180 (lba <= (sdebug_medium_error_start + sdebug_medium_error_count - 1)) &&
3181 ((lba + num) > sdebug_medium_error_start))) {
3182 /* claim unrecoverable read error */
3183 mk_sense_buffer(scp, MEDIUM_ERROR, UNRECOVERED_READ_ERR, 0);
3184 /* set info field and valid bit for fixed descriptor */
3185 if (0x70 == (scp->sense_buffer[0] & 0x7f)) {
3186 scp->sense_buffer[0] |= 0x80; /* Valid bit */
3187 ret = (lba < OPT_MEDIUM_ERR_ADDR)
3188 ? OPT_MEDIUM_ERR_ADDR : (int)lba;
3189 put_unaligned_be32(ret, scp->sense_buffer + 3);
3190 }
3191 scsi_set_resid(scp, scsi_bufflen(scp));
3192 return check_condition_result;
3193 }
3194
3195 read_lock(macc_lckp);
3196
3197 /* DIX + T10 DIF */
3198 if (unlikely(sdebug_dix && scsi_prot_sg_count(scp))) {
3199 int prot_ret = prot_verify_read(scp, lba, num, ei_lba);
3200
3201 if (prot_ret) {
3202 read_unlock(macc_lckp);
3203 mk_sense_buffer(scp, ABORTED_COMMAND, 0x10, prot_ret);
3204 return illegal_condition_result;
3205 }
3206 }
3207
3208 ret = do_device_access(sip, scp, 0, lba, num, false);
3209 read_unlock(macc_lckp);
3210 if (unlikely(ret == -1))
3211 return DID_ERROR << 16;
3212
3213 scsi_set_resid(scp, scsi_bufflen(scp) - ret);
3214
3215 if (unlikely((sdebug_opts & SDEBUG_OPT_RECOV_DIF_DIX) &&
3216 atomic_read(&sdeb_inject_pending))) {
3217 if (sdebug_opts & SDEBUG_OPT_RECOVERED_ERR) {
3218 mk_sense_buffer(scp, RECOVERED_ERROR, THRESHOLD_EXCEEDED, 0);
3219 atomic_set(&sdeb_inject_pending, 0);
3220 return check_condition_result;
3221 } else if (sdebug_opts & SDEBUG_OPT_DIF_ERR) {
3222 /* Logical block guard check failed */
3223 mk_sense_buffer(scp, ABORTED_COMMAND, 0x10, 1);
3224 atomic_set(&sdeb_inject_pending, 0);
3225 return illegal_condition_result;
3226 } else if (SDEBUG_OPT_DIX_ERR & sdebug_opts) {
3227 mk_sense_buffer(scp, ILLEGAL_REQUEST, 0x10, 1);
3228 atomic_set(&sdeb_inject_pending, 0);
3229 return illegal_condition_result;
3230 }
3231 }
3232 return 0;
3233}
3234
3235static void dump_sector(unsigned char *buf, int len)
3236{
3237 int i, j, n;
3238
3239 pr_err(">>> Sector Dump <<<\n");
3240 for (i = 0 ; i < len ; i += 16) {
3241 char b[128];
3242
3243 for (j = 0, n = 0; j < 16; j++) {
3244 unsigned char c = buf[i+j];
3245
3246 if (c >= 0x20 && c < 0x7e)
3247 n += scnprintf(b + n, sizeof(b) - n,
3248 " %c ", buf[i+j]);
3249 else
3250 n += scnprintf(b + n, sizeof(b) - n,
3251 "%02x ", buf[i+j]);
3252 }
3253 pr_err("%04d: %s\n", i, b);
3254 }
3255}
3256
3257static int prot_verify_write(struct scsi_cmnd *SCpnt, sector_t start_sec,
3258 unsigned int sectors, u32 ei_lba)
3259{
3260 int ret;
3261 struct t10_pi_tuple *sdt;
3262 void *daddr;
3263 sector_t sector = start_sec;
3264 int ppage_offset;
3265 int dpage_offset;
3266 struct sg_mapping_iter diter;
3267 struct sg_mapping_iter piter;
3268
3269 BUG_ON(scsi_sg_count(SCpnt) == 0);
3270 BUG_ON(scsi_prot_sg_count(SCpnt) == 0);
3271
3272 sg_miter_start(&piter, scsi_prot_sglist(SCpnt),
3273 scsi_prot_sg_count(SCpnt),
3274 SG_MITER_ATOMIC | SG_MITER_FROM_SG);
3275 sg_miter_start(&diter, scsi_sglist(SCpnt), scsi_sg_count(SCpnt),
3276 SG_MITER_ATOMIC | SG_MITER_FROM_SG);
3277
3278 /* For each protection page */
3279 while (sg_miter_next(&piter)) {
3280 dpage_offset = 0;
3281 if (WARN_ON(!sg_miter_next(&diter))) {
3282 ret = 0x01;
3283 goto out;
3284 }
3285
3286 for (ppage_offset = 0; ppage_offset < piter.length;
3287 ppage_offset += sizeof(struct t10_pi_tuple)) {
3288 /* If we're at the end of the current
3289 * data page advance to the next one
3290 */
3291 if (dpage_offset >= diter.length) {
3292 if (WARN_ON(!sg_miter_next(&diter))) {
3293 ret = 0x01;
3294 goto out;
3295 }
3296 dpage_offset = 0;
3297 }
3298
3299 sdt = piter.addr + ppage_offset;
3300 daddr = diter.addr + dpage_offset;
3301
3302 ret = dif_verify(sdt, daddr, sector, ei_lba);
3303 if (ret) {
3304 dump_sector(daddr, sdebug_sector_size);
3305 goto out;
3306 }
3307
3308 sector++;
3309 ei_lba++;
3310 dpage_offset += sdebug_sector_size;
3311 }
3312 diter.consumed = dpage_offset;
3313 sg_miter_stop(&diter);
3314 }
3315 sg_miter_stop(&piter);
3316
3317 dif_copy_prot(SCpnt, start_sec, sectors, false);
3318 dix_writes++;
3319
3320 return 0;
3321
3322out:
3323 dif_errors++;
3324 sg_miter_stop(&diter);
3325 sg_miter_stop(&piter);
3326 return ret;
3327}
3328
3329static unsigned long lba_to_map_index(sector_t lba)
3330{
3331 if (sdebug_unmap_alignment)
3332 lba += sdebug_unmap_granularity - sdebug_unmap_alignment;
3333 sector_div(lba, sdebug_unmap_granularity);
3334 return lba;
3335}
3336
3337static sector_t map_index_to_lba(unsigned long index)
3338{
3339 sector_t lba = index * sdebug_unmap_granularity;
3340
3341 if (sdebug_unmap_alignment)
3342 lba -= sdebug_unmap_granularity - sdebug_unmap_alignment;
3343 return lba;
3344}
3345
3346static unsigned int map_state(struct sdeb_store_info *sip, sector_t lba,
3347 unsigned int *num)
3348{
3349 sector_t end;
3350 unsigned int mapped;
3351 unsigned long index;
3352 unsigned long next;
3353
3354 index = lba_to_map_index(lba);
3355 mapped = test_bit(index, sip->map_storep);
3356
3357 if (mapped)
3358 next = find_next_zero_bit(sip->map_storep, map_size, index);
3359 else
3360 next = find_next_bit(sip->map_storep, map_size, index);
3361
3362 end = min_t(sector_t, sdebug_store_sectors, map_index_to_lba(next));
3363 *num = end - lba;
3364 return mapped;
3365}
3366
3367static void map_region(struct sdeb_store_info *sip, sector_t lba,
3368 unsigned int len)
3369{
3370 sector_t end = lba + len;
3371
3372 while (lba < end) {
3373 unsigned long index = lba_to_map_index(lba);
3374
3375 if (index < map_size)
3376 set_bit(index, sip->map_storep);
3377
3378 lba = map_index_to_lba(index + 1);
3379 }
3380}
3381
3382static void unmap_region(struct sdeb_store_info *sip, sector_t lba,
3383 unsigned int len)
3384{
3385 sector_t end = lba + len;
3386 u8 *fsp = sip->storep;
3387
3388 while (lba < end) {
3389 unsigned long index = lba_to_map_index(lba);
3390
3391 if (lba == map_index_to_lba(index) &&
3392 lba + sdebug_unmap_granularity <= end &&
3393 index < map_size) {
3394 clear_bit(index, sip->map_storep);
3395 if (sdebug_lbprz) { /* for LBPRZ=2 return 0xff_s */
3396 memset(fsp + lba * sdebug_sector_size,
3397 (sdebug_lbprz & 1) ? 0 : 0xff,
3398 sdebug_sector_size *
3399 sdebug_unmap_granularity);
3400 }
3401 if (sip->dif_storep) {
3402 memset(sip->dif_storep + lba, 0xff,
3403 sizeof(*sip->dif_storep) *
3404 sdebug_unmap_granularity);
3405 }
3406 }
3407 lba = map_index_to_lba(index + 1);
3408 }
3409}
3410
3411static int resp_write_dt0(struct scsi_cmnd *scp, struct sdebug_dev_info *devip)
3412{
3413 bool check_prot;
3414 u32 num;
3415 u32 ei_lba;
3416 int ret;
3417 u64 lba;
3418 struct sdeb_store_info *sip = devip2sip(devip, true);
3419 rwlock_t *macc_lckp = &sip->macc_lck;
3420 u8 *cmd = scp->cmnd;
3421
3422 switch (cmd[0]) {
3423 case WRITE_16:
3424 ei_lba = 0;
3425 lba = get_unaligned_be64(cmd + 2);
3426 num = get_unaligned_be32(cmd + 10);
3427 check_prot = true;
3428 break;
3429 case WRITE_10:
3430 ei_lba = 0;
3431 lba = get_unaligned_be32(cmd + 2);
3432 num = get_unaligned_be16(cmd + 7);
3433 check_prot = true;
3434 break;
3435 case WRITE_6:
3436 ei_lba = 0;
3437 lba = (u32)cmd[3] | (u32)cmd[2] << 8 |
3438 (u32)(cmd[1] & 0x1f) << 16;
3439 num = (0 == cmd[4]) ? 256 : cmd[4];
3440 check_prot = true;
3441 break;
3442 case WRITE_12:
3443 ei_lba = 0;
3444 lba = get_unaligned_be32(cmd + 2);
3445 num = get_unaligned_be32(cmd + 6);
3446 check_prot = true;
3447 break;
3448 case 0x53: /* XDWRITEREAD(10) */
3449 ei_lba = 0;
3450 lba = get_unaligned_be32(cmd + 2);
3451 num = get_unaligned_be16(cmd + 7);
3452 check_prot = false;
3453 break;
3454 default: /* assume WRITE(32) */
3455 lba = get_unaligned_be64(cmd + 12);
3456 ei_lba = get_unaligned_be32(cmd + 20);
3457 num = get_unaligned_be32(cmd + 28);
3458 check_prot = false;
3459 break;
3460 }
3461 if (unlikely(have_dif_prot && check_prot)) {
3462 if (sdebug_dif == T10_PI_TYPE2_PROTECTION &&
3463 (cmd[1] & 0xe0)) {
3464 mk_sense_invalid_opcode(scp);
3465 return check_condition_result;
3466 }
3467 if ((sdebug_dif == T10_PI_TYPE1_PROTECTION ||
3468 sdebug_dif == T10_PI_TYPE3_PROTECTION) &&
3469 (cmd[1] & 0xe0) == 0)
3470 sdev_printk(KERN_ERR, scp->device, "Unprotected WR "
3471 "to DIF device\n");
3472 }
3473
3474 write_lock(macc_lckp);
3475 ret = check_device_access_params(scp, lba, num, true);
3476 if (ret) {
3477 write_unlock(macc_lckp);
3478 return ret;
3479 }
3480
3481 /* DIX + T10 DIF */
3482 if (unlikely(sdebug_dix && scsi_prot_sg_count(scp))) {
3483 int prot_ret = prot_verify_write(scp, lba, num, ei_lba);
3484
3485 if (prot_ret) {
3486 write_unlock(macc_lckp);
3487 mk_sense_buffer(scp, ILLEGAL_REQUEST, 0x10, prot_ret);
3488 return illegal_condition_result;
3489 }
3490 }
3491
3492 ret = do_device_access(sip, scp, 0, lba, num, true);
3493 if (unlikely(scsi_debug_lbp()))
3494 map_region(sip, lba, num);
3495 /* If ZBC zone then bump its write pointer */
3496 if (sdebug_dev_is_zoned(devip))
3497 zbc_inc_wp(devip, lba, num);
3498 write_unlock(macc_lckp);
3499 if (unlikely(-1 == ret))
3500 return DID_ERROR << 16;
3501 else if (unlikely(sdebug_verbose &&
3502 (ret < (num * sdebug_sector_size))))
3503 sdev_printk(KERN_INFO, scp->device,
3504 "%s: write: cdb indicated=%u, IO sent=%d bytes\n",
3505 my_name, num * sdebug_sector_size, ret);
3506
3507 if (unlikely((sdebug_opts & SDEBUG_OPT_RECOV_DIF_DIX) &&
3508 atomic_read(&sdeb_inject_pending))) {
3509 if (sdebug_opts & SDEBUG_OPT_RECOVERED_ERR) {
3510 mk_sense_buffer(scp, RECOVERED_ERROR, THRESHOLD_EXCEEDED, 0);
3511 atomic_set(&sdeb_inject_pending, 0);
3512 return check_condition_result;
3513 } else if (sdebug_opts & SDEBUG_OPT_DIF_ERR) {
3514 /* Logical block guard check failed */
3515 mk_sense_buffer(scp, ABORTED_COMMAND, 0x10, 1);
3516 atomic_set(&sdeb_inject_pending, 0);
3517 return illegal_condition_result;
3518 } else if (sdebug_opts & SDEBUG_OPT_DIX_ERR) {
3519 mk_sense_buffer(scp, ILLEGAL_REQUEST, 0x10, 1);
3520 atomic_set(&sdeb_inject_pending, 0);
3521 return illegal_condition_result;
3522 }
3523 }
3524 return 0;
3525}
3526
3527/*
3528 * T10 has only specified WRITE SCATTERED(16) and WRITE SCATTERED(32).
3529 * No READ GATHERED yet (requires bidi or long cdb holding gather list).
3530 */
3531static int resp_write_scat(struct scsi_cmnd *scp,
3532 struct sdebug_dev_info *devip)
3533{
3534 u8 *cmd = scp->cmnd;
3535 u8 *lrdp = NULL;
3536 u8 *up;
3537 struct sdeb_store_info *sip = devip2sip(devip, true);
3538 rwlock_t *macc_lckp = &sip->macc_lck;
3539 u8 wrprotect;
3540 u16 lbdof, num_lrd, k;
3541 u32 num, num_by, bt_len, lbdof_blen, sg_off, cum_lb;
3542 u32 lb_size = sdebug_sector_size;
3543 u32 ei_lba;
3544 u64 lba;
3545 int ret, res;
3546 bool is_16;
3547 static const u32 lrd_size = 32; /* + parameter list header size */
3548
3549 if (cmd[0] == VARIABLE_LENGTH_CMD) {
3550 is_16 = false;
3551 wrprotect = (cmd[10] >> 5) & 0x7;
3552 lbdof = get_unaligned_be16(cmd + 12);
3553 num_lrd = get_unaligned_be16(cmd + 16);
3554 bt_len = get_unaligned_be32(cmd + 28);
3555 } else { /* that leaves WRITE SCATTERED(16) */
3556 is_16 = true;
3557 wrprotect = (cmd[2] >> 5) & 0x7;
3558 lbdof = get_unaligned_be16(cmd + 4);
3559 num_lrd = get_unaligned_be16(cmd + 8);
3560 bt_len = get_unaligned_be32(cmd + 10);
3561 if (unlikely(have_dif_prot)) {
3562 if (sdebug_dif == T10_PI_TYPE2_PROTECTION &&
3563 wrprotect) {
3564 mk_sense_invalid_opcode(scp);
3565 return illegal_condition_result;
3566 }
3567 if ((sdebug_dif == T10_PI_TYPE1_PROTECTION ||
3568 sdebug_dif == T10_PI_TYPE3_PROTECTION) &&
3569 wrprotect == 0)
3570 sdev_printk(KERN_ERR, scp->device,
3571 "Unprotected WR to DIF device\n");
3572 }
3573 }
3574 if ((num_lrd == 0) || (bt_len == 0))
3575 return 0; /* T10 says these do-nothings are not errors */
3576 if (lbdof == 0) {
3577 if (sdebug_verbose)
3578 sdev_printk(KERN_INFO, scp->device,
3579 "%s: %s: LB Data Offset field bad\n",
3580 my_name, __func__);
3581 mk_sense_buffer(scp, ILLEGAL_REQUEST, INVALID_FIELD_IN_CDB, 0);
3582 return illegal_condition_result;
3583 }
3584 lbdof_blen = lbdof * lb_size;
3585 if ((lrd_size + (num_lrd * lrd_size)) > lbdof_blen) {
3586 if (sdebug_verbose)
3587 sdev_printk(KERN_INFO, scp->device,
3588 "%s: %s: LBA range descriptors don't fit\n",
3589 my_name, __func__);
3590 mk_sense_buffer(scp, ILLEGAL_REQUEST, INVALID_FIELD_IN_CDB, 0);
3591 return illegal_condition_result;
3592 }
3593 lrdp = kzalloc(lbdof_blen, GFP_ATOMIC);
3594 if (lrdp == NULL)
3595 return SCSI_MLQUEUE_HOST_BUSY;
3596 if (sdebug_verbose)
3597 sdev_printk(KERN_INFO, scp->device,
3598 "%s: %s: Fetch header+scatter_list, lbdof_blen=%u\n",
3599 my_name, __func__, lbdof_blen);
3600 res = fetch_to_dev_buffer(scp, lrdp, lbdof_blen);
3601 if (res == -1) {
3602 ret = DID_ERROR << 16;
3603 goto err_out;
3604 }
3605
3606 write_lock(macc_lckp);
3607 sg_off = lbdof_blen;
3608 /* Spec says Buffer xfer Length field in number of LBs in dout */
3609 cum_lb = 0;
3610 for (k = 0, up = lrdp + lrd_size; k < num_lrd; ++k, up += lrd_size) {
3611 lba = get_unaligned_be64(up + 0);
3612 num = get_unaligned_be32(up + 8);
3613 if (sdebug_verbose)
3614 sdev_printk(KERN_INFO, scp->device,
3615 "%s: %s: k=%d LBA=0x%llx num=%u sg_off=%u\n",
3616 my_name, __func__, k, lba, num, sg_off);
3617 if (num == 0)
3618 continue;
3619 ret = check_device_access_params(scp, lba, num, true);
3620 if (ret)
3621 goto err_out_unlock;
3622 num_by = num * lb_size;
3623 ei_lba = is_16 ? 0 : get_unaligned_be32(up + 12);
3624
3625 if ((cum_lb + num) > bt_len) {
3626 if (sdebug_verbose)
3627 sdev_printk(KERN_INFO, scp->device,
3628 "%s: %s: sum of blocks > data provided\n",
3629 my_name, __func__);
3630 mk_sense_buffer(scp, ILLEGAL_REQUEST, WRITE_ERROR_ASC,
3631 0);
3632 ret = illegal_condition_result;
3633 goto err_out_unlock;
3634 }
3635
3636 /* DIX + T10 DIF */
3637 if (unlikely(sdebug_dix && scsi_prot_sg_count(scp))) {
3638 int prot_ret = prot_verify_write(scp, lba, num,
3639 ei_lba);
3640
3641 if (prot_ret) {
3642 mk_sense_buffer(scp, ILLEGAL_REQUEST, 0x10,
3643 prot_ret);
3644 ret = illegal_condition_result;
3645 goto err_out_unlock;
3646 }
3647 }
3648
3649 ret = do_device_access(sip, scp, sg_off, lba, num, true);
3650 /* If ZBC zone then bump its write pointer */
3651 if (sdebug_dev_is_zoned(devip))
3652 zbc_inc_wp(devip, lba, num);
3653 if (unlikely(scsi_debug_lbp()))
3654 map_region(sip, lba, num);
3655 if (unlikely(-1 == ret)) {
3656 ret = DID_ERROR << 16;
3657 goto err_out_unlock;
3658 } else if (unlikely(sdebug_verbose && (ret < num_by)))
3659 sdev_printk(KERN_INFO, scp->device,
3660 "%s: write: cdb indicated=%u, IO sent=%d bytes\n",
3661 my_name, num_by, ret);
3662
3663 if (unlikely((sdebug_opts & SDEBUG_OPT_RECOV_DIF_DIX) &&
3664 atomic_read(&sdeb_inject_pending))) {
3665 if (sdebug_opts & SDEBUG_OPT_RECOVERED_ERR) {
3666 mk_sense_buffer(scp, RECOVERED_ERROR, THRESHOLD_EXCEEDED, 0);
3667 atomic_set(&sdeb_inject_pending, 0);
3668 ret = check_condition_result;
3669 goto err_out_unlock;
3670 } else if (sdebug_opts & SDEBUG_OPT_DIF_ERR) {
3671 /* Logical block guard check failed */
3672 mk_sense_buffer(scp, ABORTED_COMMAND, 0x10, 1);
3673 atomic_set(&sdeb_inject_pending, 0);
3674 ret = illegal_condition_result;
3675 goto err_out_unlock;
3676 } else if (sdebug_opts & SDEBUG_OPT_DIX_ERR) {
3677 mk_sense_buffer(scp, ILLEGAL_REQUEST, 0x10, 1);
3678 atomic_set(&sdeb_inject_pending, 0);
3679 ret = illegal_condition_result;
3680 goto err_out_unlock;
3681 }
3682 }
3683 sg_off += num_by;
3684 cum_lb += num;
3685 }
3686 ret = 0;
3687err_out_unlock:
3688 write_unlock(macc_lckp);
3689err_out:
3690 kfree(lrdp);
3691 return ret;
3692}
3693
3694static int resp_write_same(struct scsi_cmnd *scp, u64 lba, u32 num,
3695 u32 ei_lba, bool unmap, bool ndob)
3696{
3697 struct scsi_device *sdp = scp->device;
3698 struct sdebug_dev_info *devip = (struct sdebug_dev_info *)sdp->hostdata;
3699 unsigned long long i;
3700 u64 block, lbaa;
3701 u32 lb_size = sdebug_sector_size;
3702 int ret;
3703 struct sdeb_store_info *sip = devip2sip((struct sdebug_dev_info *)
3704 scp->device->hostdata, true);
3705 rwlock_t *macc_lckp = &sip->macc_lck;
3706 u8 *fs1p;
3707 u8 *fsp;
3708
3709 write_lock(macc_lckp);
3710
3711 ret = check_device_access_params(scp, lba, num, true);
3712 if (ret) {
3713 write_unlock(macc_lckp);
3714 return ret;
3715 }
3716
3717 if (unmap && scsi_debug_lbp()) {
3718 unmap_region(sip, lba, num);
3719 goto out;
3720 }
3721 lbaa = lba;
3722 block = do_div(lbaa, sdebug_store_sectors);
3723 /* if ndob then zero 1 logical block, else fetch 1 logical block */
3724 fsp = sip->storep;
3725 fs1p = fsp + (block * lb_size);
3726 if (ndob) {
3727 memset(fs1p, 0, lb_size);
3728 ret = 0;
3729 } else
3730 ret = fetch_to_dev_buffer(scp, fs1p, lb_size);
3731
3732 if (-1 == ret) {
3733 write_unlock(&sip->macc_lck);
3734 return DID_ERROR << 16;
3735 } else if (sdebug_verbose && !ndob && (ret < lb_size))
3736 sdev_printk(KERN_INFO, scp->device,
3737 "%s: %s: lb size=%u, IO sent=%d bytes\n",
3738 my_name, "write same", lb_size, ret);
3739
3740 /* Copy first sector to remaining blocks */
3741 for (i = 1 ; i < num ; i++) {
3742 lbaa = lba + i;
3743 block = do_div(lbaa, sdebug_store_sectors);
3744 memmove(fsp + (block * lb_size), fs1p, lb_size);
3745 }
3746 if (scsi_debug_lbp())
3747 map_region(sip, lba, num);
3748 /* If ZBC zone then bump its write pointer */
3749 if (sdebug_dev_is_zoned(devip))
3750 zbc_inc_wp(devip, lba, num);
3751out:
3752 write_unlock(macc_lckp);
3753
3754 return 0;
3755}
3756
3757static int resp_write_same_10(struct scsi_cmnd *scp,
3758 struct sdebug_dev_info *devip)
3759{
3760 u8 *cmd = scp->cmnd;
3761 u32 lba;
3762 u16 num;
3763 u32 ei_lba = 0;
3764 bool unmap = false;
3765
3766 if (cmd[1] & 0x8) {
3767 if (sdebug_lbpws10 == 0) {
3768 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 1, 3);
3769 return check_condition_result;
3770 } else
3771 unmap = true;
3772 }
3773 lba = get_unaligned_be32(cmd + 2);
3774 num = get_unaligned_be16(cmd + 7);
3775 if (num > sdebug_write_same_length) {
3776 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 7, -1);
3777 return check_condition_result;
3778 }
3779 return resp_write_same(scp, lba, num, ei_lba, unmap, false);
3780}
3781
3782static int resp_write_same_16(struct scsi_cmnd *scp,
3783 struct sdebug_dev_info *devip)
3784{
3785 u8 *cmd = scp->cmnd;
3786 u64 lba;
3787 u32 num;
3788 u32 ei_lba = 0;
3789 bool unmap = false;
3790 bool ndob = false;
3791
3792 if (cmd[1] & 0x8) { /* UNMAP */
3793 if (sdebug_lbpws == 0) {
3794 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 1, 3);
3795 return check_condition_result;
3796 } else
3797 unmap = true;
3798 }
3799 if (cmd[1] & 0x1) /* NDOB (no data-out buffer, assumes zeroes) */
3800 ndob = true;
3801 lba = get_unaligned_be64(cmd + 2);
3802 num = get_unaligned_be32(cmd + 10);
3803 if (num > sdebug_write_same_length) {
3804 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 10, -1);
3805 return check_condition_result;
3806 }
3807 return resp_write_same(scp, lba, num, ei_lba, unmap, ndob);
3808}
3809
3810/* Note the mode field is in the same position as the (lower) service action
3811 * field. For the Report supported operation codes command, SPC-4 suggests
3812 * each mode of this command should be reported separately; for future. */
3813static int resp_write_buffer(struct scsi_cmnd *scp,
3814 struct sdebug_dev_info *devip)
3815{
3816 u8 *cmd = scp->cmnd;
3817 struct scsi_device *sdp = scp->device;
3818 struct sdebug_dev_info *dp;
3819 u8 mode;
3820
3821 mode = cmd[1] & 0x1f;
3822 switch (mode) {
3823 case 0x4: /* download microcode (MC) and activate (ACT) */
3824 /* set UAs on this device only */
3825 set_bit(SDEBUG_UA_BUS_RESET, devip->uas_bm);
3826 set_bit(SDEBUG_UA_MICROCODE_CHANGED, devip->uas_bm);
3827 break;
3828 case 0x5: /* download MC, save and ACT */
3829 set_bit(SDEBUG_UA_MICROCODE_CHANGED_WO_RESET, devip->uas_bm);
3830 break;
3831 case 0x6: /* download MC with offsets and ACT */
3832 /* set UAs on most devices (LUs) in this target */
3833 list_for_each_entry(dp,
3834 &devip->sdbg_host->dev_info_list,
3835 dev_list)
3836 if (dp->target == sdp->id) {
3837 set_bit(SDEBUG_UA_BUS_RESET, dp->uas_bm);
3838 if (devip != dp)
3839 set_bit(SDEBUG_UA_MICROCODE_CHANGED,
3840 dp->uas_bm);
3841 }
3842 break;
3843 case 0x7: /* download MC with offsets, save, and ACT */
3844 /* set UA on all devices (LUs) in this target */
3845 list_for_each_entry(dp,
3846 &devip->sdbg_host->dev_info_list,
3847 dev_list)
3848 if (dp->target == sdp->id)
3849 set_bit(SDEBUG_UA_MICROCODE_CHANGED_WO_RESET,
3850 dp->uas_bm);
3851 break;
3852 default:
3853 /* do nothing for this command for other mode values */
3854 break;
3855 }
3856 return 0;
3857}
3858
3859static int resp_comp_write(struct scsi_cmnd *scp,
3860 struct sdebug_dev_info *devip)
3861{
3862 u8 *cmd = scp->cmnd;
3863 u8 *arr;
3864 struct sdeb_store_info *sip = devip2sip(devip, true);
3865 rwlock_t *macc_lckp = &sip->macc_lck;
3866 u64 lba;
3867 u32 dnum;
3868 u32 lb_size = sdebug_sector_size;
3869 u8 num;
3870 int ret;
3871 int retval = 0;
3872
3873 lba = get_unaligned_be64(cmd + 2);
3874 num = cmd[13]; /* 1 to a maximum of 255 logical blocks */
3875 if (0 == num)
3876 return 0; /* degenerate case, not an error */
3877 if (sdebug_dif == T10_PI_TYPE2_PROTECTION &&
3878 (cmd[1] & 0xe0)) {
3879 mk_sense_invalid_opcode(scp);
3880 return check_condition_result;
3881 }
3882 if ((sdebug_dif == T10_PI_TYPE1_PROTECTION ||
3883 sdebug_dif == T10_PI_TYPE3_PROTECTION) &&
3884 (cmd[1] & 0xe0) == 0)
3885 sdev_printk(KERN_ERR, scp->device, "Unprotected WR "
3886 "to DIF device\n");
3887 ret = check_device_access_params(scp, lba, num, false);
3888 if (ret)
3889 return ret;
3890 dnum = 2 * num;
3891 arr = kcalloc(lb_size, dnum, GFP_ATOMIC);
3892 if (NULL == arr) {
3893 mk_sense_buffer(scp, ILLEGAL_REQUEST, INSUFF_RES_ASC,
3894 INSUFF_RES_ASCQ);
3895 return check_condition_result;
3896 }
3897
3898 write_lock(macc_lckp);
3899
3900 ret = do_dout_fetch(scp, dnum, arr);
3901 if (ret == -1) {
3902 retval = DID_ERROR << 16;
3903 goto cleanup;
3904 } else if (sdebug_verbose && (ret < (dnum * lb_size)))
3905 sdev_printk(KERN_INFO, scp->device, "%s: compare_write: cdb "
3906 "indicated=%u, IO sent=%d bytes\n", my_name,
3907 dnum * lb_size, ret);
3908 if (!comp_write_worker(sip, lba, num, arr, false)) {
3909 mk_sense_buffer(scp, MISCOMPARE, MISCOMPARE_VERIFY_ASC, 0);
3910 retval = check_condition_result;
3911 goto cleanup;
3912 }
3913 if (scsi_debug_lbp())
3914 map_region(sip, lba, num);
3915cleanup:
3916 write_unlock(macc_lckp);
3917 kfree(arr);
3918 return retval;
3919}
3920
3921struct unmap_block_desc {
3922 __be64 lba;
3923 __be32 blocks;
3924 __be32 __reserved;
3925};
3926
3927static int resp_unmap(struct scsi_cmnd *scp, struct sdebug_dev_info *devip)
3928{
3929 unsigned char *buf;
3930 struct unmap_block_desc *desc;
3931 struct sdeb_store_info *sip = devip2sip(devip, true);
3932 rwlock_t *macc_lckp = &sip->macc_lck;
3933 unsigned int i, payload_len, descriptors;
3934 int ret;
3935
3936 if (!scsi_debug_lbp())
3937 return 0; /* fib and say its done */
3938 payload_len = get_unaligned_be16(scp->cmnd + 7);
3939 BUG_ON(scsi_bufflen(scp) != payload_len);
3940
3941 descriptors = (payload_len - 8) / 16;
3942 if (descriptors > sdebug_unmap_max_desc) {
3943 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 7, -1);
3944 return check_condition_result;
3945 }
3946
3947 buf = kzalloc(scsi_bufflen(scp), GFP_ATOMIC);
3948 if (!buf) {
3949 mk_sense_buffer(scp, ILLEGAL_REQUEST, INSUFF_RES_ASC,
3950 INSUFF_RES_ASCQ);
3951 return check_condition_result;
3952 }
3953
3954 scsi_sg_copy_to_buffer(scp, buf, scsi_bufflen(scp));
3955
3956 BUG_ON(get_unaligned_be16(&buf[0]) != payload_len - 2);
3957 BUG_ON(get_unaligned_be16(&buf[2]) != descriptors * 16);
3958
3959 desc = (void *)&buf[8];
3960
3961 write_lock(macc_lckp);
3962
3963 for (i = 0 ; i < descriptors ; i++) {
3964 unsigned long long lba = get_unaligned_be64(&desc[i].lba);
3965 unsigned int num = get_unaligned_be32(&desc[i].blocks);
3966
3967 ret = check_device_access_params(scp, lba, num, true);
3968 if (ret)
3969 goto out;
3970
3971 unmap_region(sip, lba, num);
3972 }
3973
3974 ret = 0;
3975
3976out:
3977 write_unlock(macc_lckp);
3978 kfree(buf);
3979
3980 return ret;
3981}
3982
3983#define SDEBUG_GET_LBA_STATUS_LEN 32
3984
3985static int resp_get_lba_status(struct scsi_cmnd *scp,
3986 struct sdebug_dev_info *devip)
3987{
3988 u8 *cmd = scp->cmnd;
3989 u64 lba;
3990 u32 alloc_len, mapped, num;
3991 int ret;
3992 u8 arr[SDEBUG_GET_LBA_STATUS_LEN];
3993
3994 lba = get_unaligned_be64(cmd + 2);
3995 alloc_len = get_unaligned_be32(cmd + 10);
3996
3997 if (alloc_len < 24)
3998 return 0;
3999
4000 ret = check_device_access_params(scp, lba, 1, false);
4001 if (ret)
4002 return ret;
4003
4004 if (scsi_debug_lbp()) {
4005 struct sdeb_store_info *sip = devip2sip(devip, true);
4006
4007 mapped = map_state(sip, lba, &num);
4008 } else {
4009 mapped = 1;
4010 /* following just in case virtual_gb changed */
4011 sdebug_capacity = get_sdebug_capacity();
4012 if (sdebug_capacity - lba <= 0xffffffff)
4013 num = sdebug_capacity - lba;
4014 else
4015 num = 0xffffffff;
4016 }
4017
4018 memset(arr, 0, SDEBUG_GET_LBA_STATUS_LEN);
4019 put_unaligned_be32(20, arr); /* Parameter Data Length */
4020 put_unaligned_be64(lba, arr + 8); /* LBA */
4021 put_unaligned_be32(num, arr + 16); /* Number of blocks */
4022 arr[20] = !mapped; /* prov_stat=0: mapped; 1: dealloc */
4023
4024 return fill_from_dev_buffer(scp, arr, SDEBUG_GET_LBA_STATUS_LEN);
4025}
4026
4027static int resp_sync_cache(struct scsi_cmnd *scp,
4028 struct sdebug_dev_info *devip)
4029{
4030 int res = 0;
4031 u64 lba;
4032 u32 num_blocks;
4033 u8 *cmd = scp->cmnd;
4034
4035 if (cmd[0] == SYNCHRONIZE_CACHE) { /* 10 byte cdb */
4036 lba = get_unaligned_be32(cmd + 2);
4037 num_blocks = get_unaligned_be16(cmd + 7);
4038 } else { /* SYNCHRONIZE_CACHE(16) */
4039 lba = get_unaligned_be64(cmd + 2);
4040 num_blocks = get_unaligned_be32(cmd + 10);
4041 }
4042 if (lba + num_blocks > sdebug_capacity) {
4043 mk_sense_buffer(scp, ILLEGAL_REQUEST, LBA_OUT_OF_RANGE, 0);
4044 return check_condition_result;
4045 }
4046 if (!write_since_sync || (cmd[1] & 0x2))
4047 res = SDEG_RES_IMMED_MASK;
4048 else /* delay if write_since_sync and IMMED clear */
4049 write_since_sync = false;
4050 return res;
4051}
4052
4053/*
4054 * Assuming the LBA+num_blocks is not out-of-range, this function will return
4055 * CONDITION MET if the specified blocks will/have fitted in the cache, and
4056 * a GOOD status otherwise. Model a disk with a big cache and yield
4057 * CONDITION MET. Actually tries to bring range in main memory into the
4058 * cache associated with the CPU(s).
4059 */
4060static int resp_pre_fetch(struct scsi_cmnd *scp,
4061 struct sdebug_dev_info *devip)
4062{
4063 int res = 0;
4064 u64 lba;
4065 u64 block, rest = 0;
4066 u32 nblks;
4067 u8 *cmd = scp->cmnd;
4068 struct sdeb_store_info *sip = devip2sip(devip, true);
4069 rwlock_t *macc_lckp = &sip->macc_lck;
4070 u8 *fsp = sip->storep;
4071
4072 if (cmd[0] == PRE_FETCH) { /* 10 byte cdb */
4073 lba = get_unaligned_be32(cmd + 2);
4074 nblks = get_unaligned_be16(cmd + 7);
4075 } else { /* PRE-FETCH(16) */
4076 lba = get_unaligned_be64(cmd + 2);
4077 nblks = get_unaligned_be32(cmd + 10);
4078 }
4079 if (lba + nblks > sdebug_capacity) {
4080 mk_sense_buffer(scp, ILLEGAL_REQUEST, LBA_OUT_OF_RANGE, 0);
4081 return check_condition_result;
4082 }
4083 if (!fsp)
4084 goto fini;
4085 /* PRE-FETCH spec says nothing about LBP or PI so skip them */
4086 block = do_div(lba, sdebug_store_sectors);
4087 if (block + nblks > sdebug_store_sectors)
4088 rest = block + nblks - sdebug_store_sectors;
4089
4090 /* Try to bring the PRE-FETCH range into CPU's cache */
4091 read_lock(macc_lckp);
4092 prefetch_range(fsp + (sdebug_sector_size * block),
4093 (nblks - rest) * sdebug_sector_size);
4094 if (rest)
4095 prefetch_range(fsp, rest * sdebug_sector_size);
4096 read_unlock(macc_lckp);
4097fini:
4098 if (cmd[1] & 0x2)
4099 res = SDEG_RES_IMMED_MASK;
4100 return res | condition_met_result;
4101}
4102
4103#define RL_BUCKET_ELEMS 8
4104
4105/* Even though each pseudo target has a REPORT LUNS "well known logical unit"
4106 * (W-LUN), the normal Linux scanning logic does not associate it with a
4107 * device (e.g. /dev/sg7). The following magic will make that association:
4108 * "cd /sys/class/scsi_host/host<n> ; echo '- - 49409' > scan"
4109 * where <n> is a host number. If there are multiple targets in a host then
4110 * the above will associate a W-LUN to each target. To only get a W-LUN
4111 * for target 2, then use "echo '- 2 49409' > scan" .
4112 */
4113static int resp_report_luns(struct scsi_cmnd *scp,
4114 struct sdebug_dev_info *devip)
4115{
4116 unsigned char *cmd = scp->cmnd;
4117 unsigned int alloc_len;
4118 unsigned char select_report;
4119 u64 lun;
4120 struct scsi_lun *lun_p;
4121 u8 arr[RL_BUCKET_ELEMS * sizeof(struct scsi_lun)];
4122 unsigned int lun_cnt; /* normal LUN count (max: 256) */
4123 unsigned int wlun_cnt; /* report luns W-LUN count */
4124 unsigned int tlun_cnt; /* total LUN count */
4125 unsigned int rlen; /* response length (in bytes) */
4126 int k, j, n, res;
4127 unsigned int off_rsp = 0;
4128 const int sz_lun = sizeof(struct scsi_lun);
4129
4130 clear_luns_changed_on_target(devip);
4131
4132 select_report = cmd[2];
4133 alloc_len = get_unaligned_be32(cmd + 6);
4134
4135 if (alloc_len < 4) {
4136 pr_err("alloc len too small %d\n", alloc_len);
4137 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 6, -1);
4138 return check_condition_result;
4139 }
4140
4141 switch (select_report) {
4142 case 0: /* all LUNs apart from W-LUNs */
4143 lun_cnt = sdebug_max_luns;
4144 wlun_cnt = 0;
4145 break;
4146 case 1: /* only W-LUNs */
4147 lun_cnt = 0;
4148 wlun_cnt = 1;
4149 break;
4150 case 2: /* all LUNs */
4151 lun_cnt = sdebug_max_luns;
4152 wlun_cnt = 1;
4153 break;
4154 case 0x10: /* only administrative LUs */
4155 case 0x11: /* see SPC-5 */
4156 case 0x12: /* only subsiduary LUs owned by referenced LU */
4157 default:
4158 pr_debug("select report invalid %d\n", select_report);
4159 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 2, -1);
4160 return check_condition_result;
4161 }
4162
4163 if (sdebug_no_lun_0 && (lun_cnt > 0))
4164 --lun_cnt;
4165
4166 tlun_cnt = lun_cnt + wlun_cnt;
4167 rlen = tlun_cnt * sz_lun; /* excluding 8 byte header */
4168 scsi_set_resid(scp, scsi_bufflen(scp));
4169 pr_debug("select_report %d luns = %d wluns = %d no_lun0 %d\n",
4170 select_report, lun_cnt, wlun_cnt, sdebug_no_lun_0);
4171
4172 /* loops rely on sizeof response header same as sizeof lun (both 8) */
4173 lun = sdebug_no_lun_0 ? 1 : 0;
4174 for (k = 0, j = 0, res = 0; true; ++k, j = 0) {
4175 memset(arr, 0, sizeof(arr));
4176 lun_p = (struct scsi_lun *)&arr[0];
4177 if (k == 0) {
4178 put_unaligned_be32(rlen, &arr[0]);
4179 ++lun_p;
4180 j = 1;
4181 }
4182 for ( ; j < RL_BUCKET_ELEMS; ++j, ++lun_p) {
4183 if ((k * RL_BUCKET_ELEMS) + j > lun_cnt)
4184 break;
4185 int_to_scsilun(lun++, lun_p);
4186 if (lun > 1 && sdebug_lun_am == SAM_LUN_AM_FLAT)
4187 lun_p->scsi_lun[0] |= 0x40;
4188 }
4189 if (j < RL_BUCKET_ELEMS)
4190 break;
4191 n = j * sz_lun;
4192 res = p_fill_from_dev_buffer(scp, arr, n, off_rsp);
4193 if (res)
4194 return res;
4195 off_rsp += n;
4196 }
4197 if (wlun_cnt) {
4198 int_to_scsilun(SCSI_W_LUN_REPORT_LUNS, lun_p);
4199 ++j;
4200 }
4201 if (j > 0)
4202 res = p_fill_from_dev_buffer(scp, arr, j * sz_lun, off_rsp);
4203 return res;
4204}
4205
4206static int resp_verify(struct scsi_cmnd *scp, struct sdebug_dev_info *devip)
4207{
4208 bool is_bytchk3 = false;
4209 u8 bytchk;
4210 int ret, j;
4211 u32 vnum, a_num, off;
4212 const u32 lb_size = sdebug_sector_size;
4213 u64 lba;
4214 u8 *arr;
4215 u8 *cmd = scp->cmnd;
4216 struct sdeb_store_info *sip = devip2sip(devip, true);
4217 rwlock_t *macc_lckp = &sip->macc_lck;
4218
4219 bytchk = (cmd[1] >> 1) & 0x3;
4220 if (bytchk == 0) {
4221 return 0; /* always claim internal verify okay */
4222 } else if (bytchk == 2) {
4223 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 2, 2);
4224 return check_condition_result;
4225 } else if (bytchk == 3) {
4226 is_bytchk3 = true; /* 1 block sent, compared repeatedly */
4227 }
4228 switch (cmd[0]) {
4229 case VERIFY_16:
4230 lba = get_unaligned_be64(cmd + 2);
4231 vnum = get_unaligned_be32(cmd + 10);
4232 break;
4233 case VERIFY: /* is VERIFY(10) */
4234 lba = get_unaligned_be32(cmd + 2);
4235 vnum = get_unaligned_be16(cmd + 7);
4236 break;
4237 default:
4238 mk_sense_invalid_opcode(scp);
4239 return check_condition_result;
4240 }
4241 a_num = is_bytchk3 ? 1 : vnum;
4242 /* Treat following check like one for read (i.e. no write) access */
4243 ret = check_device_access_params(scp, lba, a_num, false);
4244 if (ret)
4245 return ret;
4246
4247 arr = kcalloc(lb_size, vnum, GFP_ATOMIC);
4248 if (!arr) {
4249 mk_sense_buffer(scp, ILLEGAL_REQUEST, INSUFF_RES_ASC,
4250 INSUFF_RES_ASCQ);
4251 return check_condition_result;
4252 }
4253 /* Not changing store, so only need read access */
4254 read_lock(macc_lckp);
4255
4256 ret = do_dout_fetch(scp, a_num, arr);
4257 if (ret == -1) {
4258 ret = DID_ERROR << 16;
4259 goto cleanup;
4260 } else if (sdebug_verbose && (ret < (a_num * lb_size))) {
4261 sdev_printk(KERN_INFO, scp->device,
4262 "%s: %s: cdb indicated=%u, IO sent=%d bytes\n",
4263 my_name, __func__, a_num * lb_size, ret);
4264 }
4265 if (is_bytchk3) {
4266 for (j = 1, off = lb_size; j < vnum; ++j, off += lb_size)
4267 memcpy(arr + off, arr, lb_size);
4268 }
4269 ret = 0;
4270 if (!comp_write_worker(sip, lba, vnum, arr, true)) {
4271 mk_sense_buffer(scp, MISCOMPARE, MISCOMPARE_VERIFY_ASC, 0);
4272 ret = check_condition_result;
4273 goto cleanup;
4274 }
4275cleanup:
4276 read_unlock(macc_lckp);
4277 kfree(arr);
4278 return ret;
4279}
4280
4281#define RZONES_DESC_HD 64
4282
4283/* Report zones depending on start LBA nad reporting options */
4284static int resp_report_zones(struct scsi_cmnd *scp,
4285 struct sdebug_dev_info *devip)
4286{
4287 unsigned int i, max_zones, rep_max_zones, nrz = 0;
4288 int ret = 0;
4289 u32 alloc_len, rep_opts, rep_len;
4290 bool partial;
4291 u64 lba, zs_lba;
4292 u8 *arr = NULL, *desc;
4293 u8 *cmd = scp->cmnd;
4294 struct sdeb_zone_state *zsp;
4295 struct sdeb_store_info *sip = devip2sip(devip, false);
4296 rwlock_t *macc_lckp = sip ? &sip->macc_lck : &sdeb_fake_rw_lck;
4297
4298 if (!sdebug_dev_is_zoned(devip)) {
4299 mk_sense_invalid_opcode(scp);
4300 return check_condition_result;
4301 }
4302 zs_lba = get_unaligned_be64(cmd + 2);
4303 alloc_len = get_unaligned_be32(cmd + 10);
4304 rep_opts = cmd[14] & 0x3f;
4305 partial = cmd[14] & 0x80;
4306
4307 if (zs_lba >= sdebug_capacity) {
4308 mk_sense_buffer(scp, ILLEGAL_REQUEST, LBA_OUT_OF_RANGE, 0);
4309 return check_condition_result;
4310 }
4311
4312 max_zones = devip->nr_zones - (zs_lba >> devip->zsize_shift);
4313 rep_max_zones = min((alloc_len - 64) >> ilog2(RZONES_DESC_HD),
4314 max_zones);
4315
4316 arr = kcalloc(RZONES_DESC_HD, alloc_len, GFP_ATOMIC);
4317 if (!arr) {
4318 mk_sense_buffer(scp, ILLEGAL_REQUEST, INSUFF_RES_ASC,
4319 INSUFF_RES_ASCQ);
4320 return check_condition_result;
4321 }
4322
4323 read_lock(macc_lckp);
4324
4325 desc = arr + 64;
4326 for (i = 0; i < max_zones; i++) {
4327 lba = zs_lba + devip->zsize * i;
4328 if (lba > sdebug_capacity)
4329 break;
4330 zsp = zbc_zone(devip, lba);
4331 switch (rep_opts) {
4332 case 0x00:
4333 /* All zones */
4334 break;
4335 case 0x01:
4336 /* Empty zones */
4337 if (zsp->z_cond != ZC1_EMPTY)
4338 continue;
4339 break;
4340 case 0x02:
4341 /* Implicit open zones */
4342 if (zsp->z_cond != ZC2_IMPLICIT_OPEN)
4343 continue;
4344 break;
4345 case 0x03:
4346 /* Explicit open zones */
4347 if (zsp->z_cond != ZC3_EXPLICIT_OPEN)
4348 continue;
4349 break;
4350 case 0x04:
4351 /* Closed zones */
4352 if (zsp->z_cond != ZC4_CLOSED)
4353 continue;
4354 break;
4355 case 0x05:
4356 /* Full zones */
4357 if (zsp->z_cond != ZC5_FULL)
4358 continue;
4359 break;
4360 case 0x06:
4361 case 0x07:
4362 case 0x10:
4363 /*
4364 * Read-only, offline, reset WP recommended are
4365 * not emulated: no zones to report;
4366 */
4367 continue;
4368 case 0x11:
4369 /* non-seq-resource set */
4370 if (!zsp->z_non_seq_resource)
4371 continue;
4372 break;
4373 case 0x3f:
4374 /* Not write pointer (conventional) zones */
4375 if (!zbc_zone_is_conv(zsp))
4376 continue;
4377 break;
4378 default:
4379 mk_sense_buffer(scp, ILLEGAL_REQUEST,
4380 INVALID_FIELD_IN_CDB, 0);
4381 ret = check_condition_result;
4382 goto fini;
4383 }
4384
4385 if (nrz < rep_max_zones) {
4386 /* Fill zone descriptor */
4387 desc[0] = zsp->z_type;
4388 desc[1] = zsp->z_cond << 4;
4389 if (zsp->z_non_seq_resource)
4390 desc[1] |= 1 << 1;
4391 put_unaligned_be64((u64)zsp->z_size, desc + 8);
4392 put_unaligned_be64((u64)zsp->z_start, desc + 16);
4393 put_unaligned_be64((u64)zsp->z_wp, desc + 24);
4394 desc += 64;
4395 }
4396
4397 if (partial && nrz >= rep_max_zones)
4398 break;
4399
4400 nrz++;
4401 }
4402
4403 /* Report header */
4404 put_unaligned_be32(nrz * RZONES_DESC_HD, arr + 0);
4405 put_unaligned_be64(sdebug_capacity - 1, arr + 8);
4406
4407 rep_len = (unsigned long)desc - (unsigned long)arr;
4408 ret = fill_from_dev_buffer(scp, arr, min_t(int, alloc_len, rep_len));
4409
4410fini:
4411 read_unlock(macc_lckp);
4412 kfree(arr);
4413 return ret;
4414}
4415
4416/* Logic transplanted from tcmu-runner, file_zbc.c */
4417static void zbc_open_all(struct sdebug_dev_info *devip)
4418{
4419 struct sdeb_zone_state *zsp = &devip->zstate[0];
4420 unsigned int i;
4421
4422 for (i = 0; i < devip->nr_zones; i++, zsp++) {
4423 if (zsp->z_cond == ZC4_CLOSED)
4424 zbc_open_zone(devip, &devip->zstate[i], true);
4425 }
4426}
4427
4428static int resp_open_zone(struct scsi_cmnd *scp, struct sdebug_dev_info *devip)
4429{
4430 int res = 0;
4431 u64 z_id;
4432 enum sdebug_z_cond zc;
4433 u8 *cmd = scp->cmnd;
4434 struct sdeb_zone_state *zsp;
4435 bool all = cmd[14] & 0x01;
4436 struct sdeb_store_info *sip = devip2sip(devip, false);
4437 rwlock_t *macc_lckp = sip ? &sip->macc_lck : &sdeb_fake_rw_lck;
4438
4439 if (!sdebug_dev_is_zoned(devip)) {
4440 mk_sense_invalid_opcode(scp);
4441 return check_condition_result;
4442 }
4443
4444 write_lock(macc_lckp);
4445
4446 if (all) {
4447 /* Check if all closed zones can be open */
4448 if (devip->max_open &&
4449 devip->nr_exp_open + devip->nr_closed > devip->max_open) {
4450 mk_sense_buffer(scp, DATA_PROTECT, INSUFF_RES_ASC,
4451 INSUFF_ZONE_ASCQ);
4452 res = check_condition_result;
4453 goto fini;
4454 }
4455 /* Open all closed zones */
4456 zbc_open_all(devip);
4457 goto fini;
4458 }
4459
4460 /* Open the specified zone */
4461 z_id = get_unaligned_be64(cmd + 2);
4462 if (z_id >= sdebug_capacity) {
4463 mk_sense_buffer(scp, ILLEGAL_REQUEST, LBA_OUT_OF_RANGE, 0);
4464 res = check_condition_result;
4465 goto fini;
4466 }
4467
4468 zsp = zbc_zone(devip, z_id);
4469 if (z_id != zsp->z_start) {
4470 mk_sense_buffer(scp, ILLEGAL_REQUEST, INVALID_FIELD_IN_CDB, 0);
4471 res = check_condition_result;
4472 goto fini;
4473 }
4474 if (zbc_zone_is_conv(zsp)) {
4475 mk_sense_buffer(scp, ILLEGAL_REQUEST, INVALID_FIELD_IN_CDB, 0);
4476 res = check_condition_result;
4477 goto fini;
4478 }
4479
4480 zc = zsp->z_cond;
4481 if (zc == ZC3_EXPLICIT_OPEN || zc == ZC5_FULL)
4482 goto fini;
4483
4484 if (devip->max_open && devip->nr_exp_open >= devip->max_open) {
4485 mk_sense_buffer(scp, DATA_PROTECT, INSUFF_RES_ASC,
4486 INSUFF_ZONE_ASCQ);
4487 res = check_condition_result;
4488 goto fini;
4489 }
4490
4491 zbc_open_zone(devip, zsp, true);
4492fini:
4493 write_unlock(macc_lckp);
4494 return res;
4495}
4496
4497static void zbc_close_all(struct sdebug_dev_info *devip)
4498{
4499 unsigned int i;
4500
4501 for (i = 0; i < devip->nr_zones; i++)
4502 zbc_close_zone(devip, &devip->zstate[i]);
4503}
4504
4505static int resp_close_zone(struct scsi_cmnd *scp,
4506 struct sdebug_dev_info *devip)
4507{
4508 int res = 0;
4509 u64 z_id;
4510 u8 *cmd = scp->cmnd;
4511 struct sdeb_zone_state *zsp;
4512 bool all = cmd[14] & 0x01;
4513 struct sdeb_store_info *sip = devip2sip(devip, false);
4514 rwlock_t *macc_lckp = sip ? &sip->macc_lck : &sdeb_fake_rw_lck;
4515
4516 if (!sdebug_dev_is_zoned(devip)) {
4517 mk_sense_invalid_opcode(scp);
4518 return check_condition_result;
4519 }
4520
4521 write_lock(macc_lckp);
4522
4523 if (all) {
4524 zbc_close_all(devip);
4525 goto fini;
4526 }
4527
4528 /* Close specified zone */
4529 z_id = get_unaligned_be64(cmd + 2);
4530 if (z_id >= sdebug_capacity) {
4531 mk_sense_buffer(scp, ILLEGAL_REQUEST, LBA_OUT_OF_RANGE, 0);
4532 res = check_condition_result;
4533 goto fini;
4534 }
4535
4536 zsp = zbc_zone(devip, z_id);
4537 if (z_id != zsp->z_start) {
4538 mk_sense_buffer(scp, ILLEGAL_REQUEST, INVALID_FIELD_IN_CDB, 0);
4539 res = check_condition_result;
4540 goto fini;
4541 }
4542 if (zbc_zone_is_conv(zsp)) {
4543 mk_sense_buffer(scp, ILLEGAL_REQUEST, INVALID_FIELD_IN_CDB, 0);
4544 res = check_condition_result;
4545 goto fini;
4546 }
4547
4548 zbc_close_zone(devip, zsp);
4549fini:
4550 write_unlock(macc_lckp);
4551 return res;
4552}
4553
4554static void zbc_finish_zone(struct sdebug_dev_info *devip,
4555 struct sdeb_zone_state *zsp, bool empty)
4556{
4557 enum sdebug_z_cond zc = zsp->z_cond;
4558
4559 if (zc == ZC4_CLOSED || zc == ZC2_IMPLICIT_OPEN ||
4560 zc == ZC3_EXPLICIT_OPEN || (empty && zc == ZC1_EMPTY)) {
4561 if (zc == ZC2_IMPLICIT_OPEN || zc == ZC3_EXPLICIT_OPEN)
4562 zbc_close_zone(devip, zsp);
4563 if (zsp->z_cond == ZC4_CLOSED)
4564 devip->nr_closed--;
4565 zsp->z_wp = zsp->z_start + zsp->z_size;
4566 zsp->z_cond = ZC5_FULL;
4567 }
4568}
4569
4570static void zbc_finish_all(struct sdebug_dev_info *devip)
4571{
4572 unsigned int i;
4573
4574 for (i = 0; i < devip->nr_zones; i++)
4575 zbc_finish_zone(devip, &devip->zstate[i], false);
4576}
4577
4578static int resp_finish_zone(struct scsi_cmnd *scp,
4579 struct sdebug_dev_info *devip)
4580{
4581 struct sdeb_zone_state *zsp;
4582 int res = 0;
4583 u64 z_id;
4584 u8 *cmd = scp->cmnd;
4585 bool all = cmd[14] & 0x01;
4586 struct sdeb_store_info *sip = devip2sip(devip, false);
4587 rwlock_t *macc_lckp = sip ? &sip->macc_lck : &sdeb_fake_rw_lck;
4588
4589 if (!sdebug_dev_is_zoned(devip)) {
4590 mk_sense_invalid_opcode(scp);
4591 return check_condition_result;
4592 }
4593
4594 write_lock(macc_lckp);
4595
4596 if (all) {
4597 zbc_finish_all(devip);
4598 goto fini;
4599 }
4600
4601 /* Finish the specified zone */
4602 z_id = get_unaligned_be64(cmd + 2);
4603 if (z_id >= sdebug_capacity) {
4604 mk_sense_buffer(scp, ILLEGAL_REQUEST, LBA_OUT_OF_RANGE, 0);
4605 res = check_condition_result;
4606 goto fini;
4607 }
4608
4609 zsp = zbc_zone(devip, z_id);
4610 if (z_id != zsp->z_start) {
4611 mk_sense_buffer(scp, ILLEGAL_REQUEST, INVALID_FIELD_IN_CDB, 0);
4612 res = check_condition_result;
4613 goto fini;
4614 }
4615 if (zbc_zone_is_conv(zsp)) {
4616 mk_sense_buffer(scp, ILLEGAL_REQUEST, INVALID_FIELD_IN_CDB, 0);
4617 res = check_condition_result;
4618 goto fini;
4619 }
4620
4621 zbc_finish_zone(devip, zsp, true);
4622fini:
4623 write_unlock(macc_lckp);
4624 return res;
4625}
4626
4627static void zbc_rwp_zone(struct sdebug_dev_info *devip,
4628 struct sdeb_zone_state *zsp)
4629{
4630 enum sdebug_z_cond zc;
4631
4632 if (zbc_zone_is_conv(zsp))
4633 return;
4634
4635 zc = zsp->z_cond;
4636 if (zc == ZC2_IMPLICIT_OPEN || zc == ZC3_EXPLICIT_OPEN)
4637 zbc_close_zone(devip, zsp);
4638
4639 if (zsp->z_cond == ZC4_CLOSED)
4640 devip->nr_closed--;
4641
4642 zsp->z_non_seq_resource = false;
4643 zsp->z_wp = zsp->z_start;
4644 zsp->z_cond = ZC1_EMPTY;
4645}
4646
4647static void zbc_rwp_all(struct sdebug_dev_info *devip)
4648{
4649 unsigned int i;
4650
4651 for (i = 0; i < devip->nr_zones; i++)
4652 zbc_rwp_zone(devip, &devip->zstate[i]);
4653}
4654
4655static int resp_rwp_zone(struct scsi_cmnd *scp, struct sdebug_dev_info *devip)
4656{
4657 struct sdeb_zone_state *zsp;
4658 int res = 0;
4659 u64 z_id;
4660 u8 *cmd = scp->cmnd;
4661 bool all = cmd[14] & 0x01;
4662 struct sdeb_store_info *sip = devip2sip(devip, false);
4663 rwlock_t *macc_lckp = sip ? &sip->macc_lck : &sdeb_fake_rw_lck;
4664
4665 if (!sdebug_dev_is_zoned(devip)) {
4666 mk_sense_invalid_opcode(scp);
4667 return check_condition_result;
4668 }
4669
4670 write_lock(macc_lckp);
4671
4672 if (all) {
4673 zbc_rwp_all(devip);
4674 goto fini;
4675 }
4676
4677 z_id = get_unaligned_be64(cmd + 2);
4678 if (z_id >= sdebug_capacity) {
4679 mk_sense_buffer(scp, ILLEGAL_REQUEST, LBA_OUT_OF_RANGE, 0);
4680 res = check_condition_result;
4681 goto fini;
4682 }
4683
4684 zsp = zbc_zone(devip, z_id);
4685 if (z_id != zsp->z_start) {
4686 mk_sense_buffer(scp, ILLEGAL_REQUEST, INVALID_FIELD_IN_CDB, 0);
4687 res = check_condition_result;
4688 goto fini;
4689 }
4690 if (zbc_zone_is_conv(zsp)) {
4691 mk_sense_buffer(scp, ILLEGAL_REQUEST, INVALID_FIELD_IN_CDB, 0);
4692 res = check_condition_result;
4693 goto fini;
4694 }
4695
4696 zbc_rwp_zone(devip, zsp);
4697fini:
4698 write_unlock(macc_lckp);
4699 return res;
4700}
4701
4702static struct sdebug_queue *get_queue(struct scsi_cmnd *cmnd)
4703{
4704 u16 hwq;
4705 u32 tag = blk_mq_unique_tag(cmnd->request);
4706
4707 hwq = blk_mq_unique_tag_to_hwq(tag);
4708
4709 pr_debug("tag=%#x, hwq=%d\n", tag, hwq);
4710 if (WARN_ON_ONCE(hwq >= submit_queues))
4711 hwq = 0;
4712
4713 return sdebug_q_arr + hwq;
4714}
4715
4716static u32 get_tag(struct scsi_cmnd *cmnd)
4717{
4718 return blk_mq_unique_tag(cmnd->request);
4719}
4720
4721/* Queued (deferred) command completions converge here. */
4722static void sdebug_q_cmd_complete(struct sdebug_defer *sd_dp)
4723{
4724 bool aborted = sd_dp->aborted;
4725 int qc_idx;
4726 int retiring = 0;
4727 unsigned long iflags;
4728 struct sdebug_queue *sqp;
4729 struct sdebug_queued_cmd *sqcp;
4730 struct scsi_cmnd *scp;
4731 struct sdebug_dev_info *devip;
4732
4733 if (unlikely(aborted))
4734 sd_dp->aborted = false;
4735 qc_idx = sd_dp->qc_idx;
4736 sqp = sdebug_q_arr + sd_dp->sqa_idx;
4737 if (sdebug_statistics) {
4738 atomic_inc(&sdebug_completions);
4739 if (raw_smp_processor_id() != sd_dp->issuing_cpu)
4740 atomic_inc(&sdebug_miss_cpus);
4741 }
4742 if (unlikely((qc_idx < 0) || (qc_idx >= SDEBUG_CANQUEUE))) {
4743 pr_err("wild qc_idx=%d\n", qc_idx);
4744 return;
4745 }
4746 spin_lock_irqsave(&sqp->qc_lock, iflags);
4747 sd_dp->defer_t = SDEB_DEFER_NONE;
4748 sqcp = &sqp->qc_arr[qc_idx];
4749 scp = sqcp->a_cmnd;
4750 if (unlikely(scp == NULL)) {
4751 spin_unlock_irqrestore(&sqp->qc_lock, iflags);
4752 pr_err("scp is NULL, sqa_idx=%d, qc_idx=%d, hc_idx=%d\n",
4753 sd_dp->sqa_idx, qc_idx, sd_dp->hc_idx);
4754 return;
4755 }
4756 devip = (struct sdebug_dev_info *)scp->device->hostdata;
4757 if (likely(devip))
4758 atomic_dec(&devip->num_in_q);
4759 else
4760 pr_err("devip=NULL\n");
4761 if (unlikely(atomic_read(&retired_max_queue) > 0))
4762 retiring = 1;
4763
4764 sqcp->a_cmnd = NULL;
4765 if (unlikely(!test_and_clear_bit(qc_idx, sqp->in_use_bm))) {
4766 spin_unlock_irqrestore(&sqp->qc_lock, iflags);
4767 pr_err("Unexpected completion\n");
4768 return;
4769 }
4770
4771 if (unlikely(retiring)) { /* user has reduced max_queue */
4772 int k, retval;
4773
4774 retval = atomic_read(&retired_max_queue);
4775 if (qc_idx >= retval) {
4776 spin_unlock_irqrestore(&sqp->qc_lock, iflags);
4777 pr_err("index %d too large\n", retval);
4778 return;
4779 }
4780 k = find_last_bit(sqp->in_use_bm, retval);
4781 if ((k < sdebug_max_queue) || (k == retval))
4782 atomic_set(&retired_max_queue, 0);
4783 else
4784 atomic_set(&retired_max_queue, k + 1);
4785 }
4786 spin_unlock_irqrestore(&sqp->qc_lock, iflags);
4787 if (unlikely(aborted)) {
4788 if (sdebug_verbose)
4789 pr_info("bypassing scsi_done() due to aborted cmd\n");
4790 return;
4791 }
4792 scp->scsi_done(scp); /* callback to mid level */
4793}
4794
4795/* When high resolution timer goes off this function is called. */
4796static enum hrtimer_restart sdebug_q_cmd_hrt_complete(struct hrtimer *timer)
4797{
4798 struct sdebug_defer *sd_dp = container_of(timer, struct sdebug_defer,
4799 hrt);
4800 sdebug_q_cmd_complete(sd_dp);
4801 return HRTIMER_NORESTART;
4802}
4803
4804/* When work queue schedules work, it calls this function. */
4805static void sdebug_q_cmd_wq_complete(struct work_struct *work)
4806{
4807 struct sdebug_defer *sd_dp = container_of(work, struct sdebug_defer,
4808 ew.work);
4809 sdebug_q_cmd_complete(sd_dp);
4810}
4811
4812static bool got_shared_uuid;
4813static uuid_t shared_uuid;
4814
4815static int sdebug_device_create_zones(struct sdebug_dev_info *devip)
4816{
4817 struct sdeb_zone_state *zsp;
4818 sector_t capacity = get_sdebug_capacity();
4819 sector_t zstart = 0;
4820 unsigned int i;
4821
4822 /*
4823 * Set the zone size: if sdeb_zbc_zone_size_mb is not set, figure out
4824 * a zone size allowing for at least 4 zones on the device. Otherwise,
4825 * use the specified zone size checking that at least 2 zones can be
4826 * created for the device.
4827 */
4828 if (!sdeb_zbc_zone_size_mb) {
4829 devip->zsize = (DEF_ZBC_ZONE_SIZE_MB * SZ_1M)
4830 >> ilog2(sdebug_sector_size);
4831 while (capacity < devip->zsize << 2 && devip->zsize >= 2)
4832 devip->zsize >>= 1;
4833 if (devip->zsize < 2) {
4834 pr_err("Device capacity too small\n");
4835 return -EINVAL;
4836 }
4837 } else {
4838 if (!is_power_of_2(sdeb_zbc_zone_size_mb)) {
4839 pr_err("Zone size is not a power of 2\n");
4840 return -EINVAL;
4841 }
4842 devip->zsize = (sdeb_zbc_zone_size_mb * SZ_1M)
4843 >> ilog2(sdebug_sector_size);
4844 if (devip->zsize >= capacity) {
4845 pr_err("Zone size too large for device capacity\n");
4846 return -EINVAL;
4847 }
4848 }
4849
4850 devip->zsize_shift = ilog2(devip->zsize);
4851 devip->nr_zones = (capacity + devip->zsize - 1) >> devip->zsize_shift;
4852
4853 if (sdeb_zbc_nr_conv >= devip->nr_zones) {
4854 pr_err("Number of conventional zones too large\n");
4855 return -EINVAL;
4856 }
4857 devip->nr_conv_zones = sdeb_zbc_nr_conv;
4858
4859 if (devip->zmodel == BLK_ZONED_HM) {
4860 /* zbc_max_open_zones can be 0, meaning "not reported" */
4861 if (sdeb_zbc_max_open >= devip->nr_zones - 1)
4862 devip->max_open = (devip->nr_zones - 1) / 2;
4863 else
4864 devip->max_open = sdeb_zbc_max_open;
4865 }
4866
4867 devip->zstate = kcalloc(devip->nr_zones,
4868 sizeof(struct sdeb_zone_state), GFP_KERNEL);
4869 if (!devip->zstate)
4870 return -ENOMEM;
4871
4872 for (i = 0; i < devip->nr_zones; i++) {
4873 zsp = &devip->zstate[i];
4874
4875 zsp->z_start = zstart;
4876
4877 if (i < devip->nr_conv_zones) {
4878 zsp->z_type = ZBC_ZONE_TYPE_CNV;
4879 zsp->z_cond = ZBC_NOT_WRITE_POINTER;
4880 zsp->z_wp = (sector_t)-1;
4881 } else {
4882 if (devip->zmodel == BLK_ZONED_HM)
4883 zsp->z_type = ZBC_ZONE_TYPE_SWR;
4884 else
4885 zsp->z_type = ZBC_ZONE_TYPE_SWP;
4886 zsp->z_cond = ZC1_EMPTY;
4887 zsp->z_wp = zsp->z_start;
4888 }
4889
4890 if (zsp->z_start + devip->zsize < capacity)
4891 zsp->z_size = devip->zsize;
4892 else
4893 zsp->z_size = capacity - zsp->z_start;
4894
4895 zstart += zsp->z_size;
4896 }
4897
4898 return 0;
4899}
4900
4901static struct sdebug_dev_info *sdebug_device_create(
4902 struct sdebug_host_info *sdbg_host, gfp_t flags)
4903{
4904 struct sdebug_dev_info *devip;
4905
4906 devip = kzalloc(sizeof(*devip), flags);
4907 if (devip) {
4908 if (sdebug_uuid_ctl == 1)
4909 uuid_gen(&devip->lu_name);
4910 else if (sdebug_uuid_ctl == 2) {
4911 if (got_shared_uuid)
4912 devip->lu_name = shared_uuid;
4913 else {
4914 uuid_gen(&shared_uuid);
4915 got_shared_uuid = true;
4916 devip->lu_name = shared_uuid;
4917 }
4918 }
4919 devip->sdbg_host = sdbg_host;
4920 if (sdeb_zbc_in_use) {
4921 devip->zmodel = sdeb_zbc_model;
4922 if (sdebug_device_create_zones(devip)) {
4923 kfree(devip);
4924 return NULL;
4925 }
4926 } else {
4927 devip->zmodel = BLK_ZONED_NONE;
4928 }
4929 devip->sdbg_host = sdbg_host;
4930 devip->create_ts = ktime_get_boottime();
4931 atomic_set(&devip->stopped, (sdeb_tur_ms_to_ready > 0 ? 2 : 0));
4932 list_add_tail(&devip->dev_list, &sdbg_host->dev_info_list);
4933 }
4934 return devip;
4935}
4936
4937static struct sdebug_dev_info *find_build_dev_info(struct scsi_device *sdev)
4938{
4939 struct sdebug_host_info *sdbg_host;
4940 struct sdebug_dev_info *open_devip = NULL;
4941 struct sdebug_dev_info *devip;
4942
4943 sdbg_host = *(struct sdebug_host_info **)shost_priv(sdev->host);
4944 if (!sdbg_host) {
4945 pr_err("Host info NULL\n");
4946 return NULL;
4947 }
4948
4949 list_for_each_entry(devip, &sdbg_host->dev_info_list, dev_list) {
4950 if ((devip->used) && (devip->channel == sdev->channel) &&
4951 (devip->target == sdev->id) &&
4952 (devip->lun == sdev->lun))
4953 return devip;
4954 else {
4955 if ((!devip->used) && (!open_devip))
4956 open_devip = devip;
4957 }
4958 }
4959 if (!open_devip) { /* try and make a new one */
4960 open_devip = sdebug_device_create(sdbg_host, GFP_ATOMIC);
4961 if (!open_devip) {
4962 pr_err("out of memory at line %d\n", __LINE__);
4963 return NULL;
4964 }
4965 }
4966
4967 open_devip->channel = sdev->channel;
4968 open_devip->target = sdev->id;
4969 open_devip->lun = sdev->lun;
4970 open_devip->sdbg_host = sdbg_host;
4971 atomic_set(&open_devip->num_in_q, 0);
4972 set_bit(SDEBUG_UA_POR, open_devip->uas_bm);
4973 open_devip->used = true;
4974 return open_devip;
4975}
4976
4977static int scsi_debug_slave_alloc(struct scsi_device *sdp)
4978{
4979 if (sdebug_verbose)
4980 pr_info("slave_alloc <%u %u %u %llu>\n",
4981 sdp->host->host_no, sdp->channel, sdp->id, sdp->lun);
4982 return 0;
4983}
4984
4985static int scsi_debug_slave_configure(struct scsi_device *sdp)
4986{
4987 struct sdebug_dev_info *devip =
4988 (struct sdebug_dev_info *)sdp->hostdata;
4989
4990 if (sdebug_verbose)
4991 pr_info("slave_configure <%u %u %u %llu>\n",
4992 sdp->host->host_no, sdp->channel, sdp->id, sdp->lun);
4993 if (sdp->host->max_cmd_len != SDEBUG_MAX_CMD_LEN)
4994 sdp->host->max_cmd_len = SDEBUG_MAX_CMD_LEN;
4995 if (devip == NULL) {
4996 devip = find_build_dev_info(sdp);
4997 if (devip == NULL)
4998 return 1; /* no resources, will be marked offline */
4999 }
5000 sdp->hostdata = devip;
5001 if (sdebug_no_uld)
5002 sdp->no_uld_attach = 1;
5003 config_cdb_len(sdp);
5004 return 0;
5005}
5006
5007static void scsi_debug_slave_destroy(struct scsi_device *sdp)
5008{
5009 struct sdebug_dev_info *devip =
5010 (struct sdebug_dev_info *)sdp->hostdata;
5011
5012 if (sdebug_verbose)
5013 pr_info("slave_destroy <%u %u %u %llu>\n",
5014 sdp->host->host_no, sdp->channel, sdp->id, sdp->lun);
5015 if (devip) {
5016 /* make this slot available for re-use */
5017 devip->used = false;
5018 sdp->hostdata = NULL;
5019 }
5020}
5021
5022static void stop_qc_helper(struct sdebug_defer *sd_dp,
5023 enum sdeb_defer_type defer_t)
5024{
5025 if (!sd_dp)
5026 return;
5027 if (defer_t == SDEB_DEFER_HRT)
5028 hrtimer_cancel(&sd_dp->hrt);
5029 else if (defer_t == SDEB_DEFER_WQ)
5030 cancel_work_sync(&sd_dp->ew.work);
5031}
5032
5033/* If @cmnd found deletes its timer or work queue and returns true; else
5034 returns false */
5035static bool stop_queued_cmnd(struct scsi_cmnd *cmnd)
5036{
5037 unsigned long iflags;
5038 int j, k, qmax, r_qmax;
5039 enum sdeb_defer_type l_defer_t;
5040 struct sdebug_queue *sqp;
5041 struct sdebug_queued_cmd *sqcp;
5042 struct sdebug_dev_info *devip;
5043 struct sdebug_defer *sd_dp;
5044
5045 for (j = 0, sqp = sdebug_q_arr; j < submit_queues; ++j, ++sqp) {
5046 spin_lock_irqsave(&sqp->qc_lock, iflags);
5047 qmax = sdebug_max_queue;
5048 r_qmax = atomic_read(&retired_max_queue);
5049 if (r_qmax > qmax)
5050 qmax = r_qmax;
5051 for (k = 0; k < qmax; ++k) {
5052 if (test_bit(k, sqp->in_use_bm)) {
5053 sqcp = &sqp->qc_arr[k];
5054 if (cmnd != sqcp->a_cmnd)
5055 continue;
5056 /* found */
5057 devip = (struct sdebug_dev_info *)
5058 cmnd->device->hostdata;
5059 if (devip)
5060 atomic_dec(&devip->num_in_q);
5061 sqcp->a_cmnd = NULL;
5062 sd_dp = sqcp->sd_dp;
5063 if (sd_dp) {
5064 l_defer_t = sd_dp->defer_t;
5065 sd_dp->defer_t = SDEB_DEFER_NONE;
5066 } else
5067 l_defer_t = SDEB_DEFER_NONE;
5068 spin_unlock_irqrestore(&sqp->qc_lock, iflags);
5069 stop_qc_helper(sd_dp, l_defer_t);
5070 clear_bit(k, sqp->in_use_bm);
5071 return true;
5072 }
5073 }
5074 spin_unlock_irqrestore(&sqp->qc_lock, iflags);
5075 }
5076 return false;
5077}
5078
5079/* Deletes (stops) timers or work queues of all queued commands */
5080static void stop_all_queued(void)
5081{
5082 unsigned long iflags;
5083 int j, k;
5084 enum sdeb_defer_type l_defer_t;
5085 struct sdebug_queue *sqp;
5086 struct sdebug_queued_cmd *sqcp;
5087 struct sdebug_dev_info *devip;
5088 struct sdebug_defer *sd_dp;
5089
5090 for (j = 0, sqp = sdebug_q_arr; j < submit_queues; ++j, ++sqp) {
5091 spin_lock_irqsave(&sqp->qc_lock, iflags);
5092 for (k = 0; k < SDEBUG_CANQUEUE; ++k) {
5093 if (test_bit(k, sqp->in_use_bm)) {
5094 sqcp = &sqp->qc_arr[k];
5095 if (sqcp->a_cmnd == NULL)
5096 continue;
5097 devip = (struct sdebug_dev_info *)
5098 sqcp->a_cmnd->device->hostdata;
5099 if (devip)
5100 atomic_dec(&devip->num_in_q);
5101 sqcp->a_cmnd = NULL;
5102 sd_dp = sqcp->sd_dp;
5103 if (sd_dp) {
5104 l_defer_t = sd_dp->defer_t;
5105 sd_dp->defer_t = SDEB_DEFER_NONE;
5106 } else
5107 l_defer_t = SDEB_DEFER_NONE;
5108 spin_unlock_irqrestore(&sqp->qc_lock, iflags);
5109 stop_qc_helper(sd_dp, l_defer_t);
5110 clear_bit(k, sqp->in_use_bm);
5111 spin_lock_irqsave(&sqp->qc_lock, iflags);
5112 }
5113 }
5114 spin_unlock_irqrestore(&sqp->qc_lock, iflags);
5115 }
5116}
5117
5118/* Free queued command memory on heap */
5119static void free_all_queued(void)
5120{
5121 int j, k;
5122 struct sdebug_queue *sqp;
5123 struct sdebug_queued_cmd *sqcp;
5124
5125 for (j = 0, sqp = sdebug_q_arr; j < submit_queues; ++j, ++sqp) {
5126 for (k = 0; k < SDEBUG_CANQUEUE; ++k) {
5127 sqcp = &sqp->qc_arr[k];
5128 kfree(sqcp->sd_dp);
5129 sqcp->sd_dp = NULL;
5130 }
5131 }
5132}
5133
5134static int scsi_debug_abort(struct scsi_cmnd *SCpnt)
5135{
5136 bool ok;
5137
5138 ++num_aborts;
5139 if (SCpnt) {
5140 ok = stop_queued_cmnd(SCpnt);
5141 if (SCpnt->device && (SDEBUG_OPT_ALL_NOISE & sdebug_opts))
5142 sdev_printk(KERN_INFO, SCpnt->device,
5143 "%s: command%s found\n", __func__,
5144 ok ? "" : " not");
5145 }
5146 return SUCCESS;
5147}
5148
5149static int scsi_debug_device_reset(struct scsi_cmnd *SCpnt)
5150{
5151 ++num_dev_resets;
5152 if (SCpnt && SCpnt->device) {
5153 struct scsi_device *sdp = SCpnt->device;
5154 struct sdebug_dev_info *devip =
5155 (struct sdebug_dev_info *)sdp->hostdata;
5156
5157 if (SDEBUG_OPT_ALL_NOISE & sdebug_opts)
5158 sdev_printk(KERN_INFO, sdp, "%s\n", __func__);
5159 if (devip)
5160 set_bit(SDEBUG_UA_POR, devip->uas_bm);
5161 }
5162 return SUCCESS;
5163}
5164
5165static int scsi_debug_target_reset(struct scsi_cmnd *SCpnt)
5166{
5167 struct sdebug_host_info *sdbg_host;
5168 struct sdebug_dev_info *devip;
5169 struct scsi_device *sdp;
5170 struct Scsi_Host *hp;
5171 int k = 0;
5172
5173 ++num_target_resets;
5174 if (!SCpnt)
5175 goto lie;
5176 sdp = SCpnt->device;
5177 if (!sdp)
5178 goto lie;
5179 if (SDEBUG_OPT_ALL_NOISE & sdebug_opts)
5180 sdev_printk(KERN_INFO, sdp, "%s\n", __func__);
5181 hp = sdp->host;
5182 if (!hp)
5183 goto lie;
5184 sdbg_host = *(struct sdebug_host_info **)shost_priv(hp);
5185 if (sdbg_host) {
5186 list_for_each_entry(devip,
5187 &sdbg_host->dev_info_list,
5188 dev_list)
5189 if (devip->target == sdp->id) {
5190 set_bit(SDEBUG_UA_BUS_RESET, devip->uas_bm);
5191 ++k;
5192 }
5193 }
5194 if (SDEBUG_OPT_RESET_NOISE & sdebug_opts)
5195 sdev_printk(KERN_INFO, sdp,
5196 "%s: %d device(s) found in target\n", __func__, k);
5197lie:
5198 return SUCCESS;
5199}
5200
5201static int scsi_debug_bus_reset(struct scsi_cmnd *SCpnt)
5202{
5203 struct sdebug_host_info *sdbg_host;
5204 struct sdebug_dev_info *devip;
5205 struct scsi_device *sdp;
5206 struct Scsi_Host *hp;
5207 int k = 0;
5208
5209 ++num_bus_resets;
5210 if (!(SCpnt && SCpnt->device))
5211 goto lie;
5212 sdp = SCpnt->device;
5213 if (SDEBUG_OPT_ALL_NOISE & sdebug_opts)
5214 sdev_printk(KERN_INFO, sdp, "%s\n", __func__);
5215 hp = sdp->host;
5216 if (hp) {
5217 sdbg_host = *(struct sdebug_host_info **)shost_priv(hp);
5218 if (sdbg_host) {
5219 list_for_each_entry(devip,
5220 &sdbg_host->dev_info_list,
5221 dev_list) {
5222 set_bit(SDEBUG_UA_BUS_RESET, devip->uas_bm);
5223 ++k;
5224 }
5225 }
5226 }
5227 if (SDEBUG_OPT_RESET_NOISE & sdebug_opts)
5228 sdev_printk(KERN_INFO, sdp,
5229 "%s: %d device(s) found in host\n", __func__, k);
5230lie:
5231 return SUCCESS;
5232}
5233
5234static int scsi_debug_host_reset(struct scsi_cmnd *SCpnt)
5235{
5236 struct sdebug_host_info *sdbg_host;
5237 struct sdebug_dev_info *devip;
5238 int k = 0;
5239
5240 ++num_host_resets;
5241 if ((SCpnt->device) && (SDEBUG_OPT_ALL_NOISE & sdebug_opts))
5242 sdev_printk(KERN_INFO, SCpnt->device, "%s\n", __func__);
5243 spin_lock(&sdebug_host_list_lock);
5244 list_for_each_entry(sdbg_host, &sdebug_host_list, host_list) {
5245 list_for_each_entry(devip, &sdbg_host->dev_info_list,
5246 dev_list) {
5247 set_bit(SDEBUG_UA_BUS_RESET, devip->uas_bm);
5248 ++k;
5249 }
5250 }
5251 spin_unlock(&sdebug_host_list_lock);
5252 stop_all_queued();
5253 if (SDEBUG_OPT_RESET_NOISE & sdebug_opts)
5254 sdev_printk(KERN_INFO, SCpnt->device,
5255 "%s: %d device(s) found\n", __func__, k);
5256 return SUCCESS;
5257}
5258
5259static void sdebug_build_parts(unsigned char *ramp, unsigned long store_size)
5260{
5261 struct msdos_partition *pp;
5262 int starts[SDEBUG_MAX_PARTS + 2], max_part_secs;
5263 int sectors_per_part, num_sectors, k;
5264 int heads_by_sects, start_sec, end_sec;
5265
5266 /* assume partition table already zeroed */
5267 if ((sdebug_num_parts < 1) || (store_size < 1048576))
5268 return;
5269 if (sdebug_num_parts > SDEBUG_MAX_PARTS) {
5270 sdebug_num_parts = SDEBUG_MAX_PARTS;
5271 pr_warn("reducing partitions to %d\n", SDEBUG_MAX_PARTS);
5272 }
5273 num_sectors = (int)get_sdebug_capacity();
5274 sectors_per_part = (num_sectors - sdebug_sectors_per)
5275 / sdebug_num_parts;
5276 heads_by_sects = sdebug_heads * sdebug_sectors_per;
5277 starts[0] = sdebug_sectors_per;
5278 max_part_secs = sectors_per_part;
5279 for (k = 1; k < sdebug_num_parts; ++k) {
5280 starts[k] = ((k * sectors_per_part) / heads_by_sects)
5281 * heads_by_sects;
5282 if (starts[k] - starts[k - 1] < max_part_secs)
5283 max_part_secs = starts[k] - starts[k - 1];
5284 }
5285 starts[sdebug_num_parts] = num_sectors;
5286 starts[sdebug_num_parts + 1] = 0;
5287
5288 ramp[510] = 0x55; /* magic partition markings */
5289 ramp[511] = 0xAA;
5290 pp = (struct msdos_partition *)(ramp + 0x1be);
5291 for (k = 0; starts[k + 1]; ++k, ++pp) {
5292 start_sec = starts[k];
5293 end_sec = starts[k] + max_part_secs - 1;
5294 pp->boot_ind = 0;
5295
5296 pp->cyl = start_sec / heads_by_sects;
5297 pp->head = (start_sec - (pp->cyl * heads_by_sects))
5298 / sdebug_sectors_per;
5299 pp->sector = (start_sec % sdebug_sectors_per) + 1;
5300
5301 pp->end_cyl = end_sec / heads_by_sects;
5302 pp->end_head = (end_sec - (pp->end_cyl * heads_by_sects))
5303 / sdebug_sectors_per;
5304 pp->end_sector = (end_sec % sdebug_sectors_per) + 1;
5305
5306 pp->start_sect = cpu_to_le32(start_sec);
5307 pp->nr_sects = cpu_to_le32(end_sec - start_sec + 1);
5308 pp->sys_ind = 0x83; /* plain Linux partition */
5309 }
5310}
5311
5312static void block_unblock_all_queues(bool block)
5313{
5314 int j;
5315 struct sdebug_queue *sqp;
5316
5317 for (j = 0, sqp = sdebug_q_arr; j < submit_queues; ++j, ++sqp)
5318 atomic_set(&sqp->blocked, (int)block);
5319}
5320
5321/* Adjust (by rounding down) the sdebug_cmnd_count so abs(every_nth)-1
5322 * commands will be processed normally before triggers occur.
5323 */
5324static void tweak_cmnd_count(void)
5325{
5326 int count, modulo;
5327
5328 modulo = abs(sdebug_every_nth);
5329 if (modulo < 2)
5330 return;
5331 block_unblock_all_queues(true);
5332 count = atomic_read(&sdebug_cmnd_count);
5333 atomic_set(&sdebug_cmnd_count, (count / modulo) * modulo);
5334 block_unblock_all_queues(false);
5335}
5336
5337static void clear_queue_stats(void)
5338{
5339 atomic_set(&sdebug_cmnd_count, 0);
5340 atomic_set(&sdebug_completions, 0);
5341 atomic_set(&sdebug_miss_cpus, 0);
5342 atomic_set(&sdebug_a_tsf, 0);
5343}
5344
5345static bool inject_on_this_cmd(void)
5346{
5347 if (sdebug_every_nth == 0)
5348 return false;
5349 return (atomic_read(&sdebug_cmnd_count) % abs(sdebug_every_nth)) == 0;
5350}
5351
5352#define INCLUSIVE_TIMING_MAX_NS 1000000 /* 1 millisecond */
5353
5354/* Complete the processing of the thread that queued a SCSI command to this
5355 * driver. It either completes the command by calling cmnd_done() or
5356 * schedules a hr timer or work queue then returns 0. Returns
5357 * SCSI_MLQUEUE_HOST_BUSY if temporarily out of resources.
5358 */
5359static int schedule_resp(struct scsi_cmnd *cmnd, struct sdebug_dev_info *devip,
5360 int scsi_result,
5361 int (*pfp)(struct scsi_cmnd *,
5362 struct sdebug_dev_info *),
5363 int delta_jiff, int ndelay)
5364{
5365 bool new_sd_dp;
5366 bool inject = false;
5367 bool hipri = (cmnd->request->cmd_flags & REQ_HIPRI);
5368 int k, num_in_q, qdepth;
5369 unsigned long iflags;
5370 u64 ns_from_boot = 0;
5371 struct sdebug_queue *sqp;
5372 struct sdebug_queued_cmd *sqcp;
5373 struct scsi_device *sdp;
5374 struct sdebug_defer *sd_dp;
5375
5376 if (unlikely(devip == NULL)) {
5377 if (scsi_result == 0)
5378 scsi_result = DID_NO_CONNECT << 16;
5379 goto respond_in_thread;
5380 }
5381 sdp = cmnd->device;
5382
5383 if (delta_jiff == 0)
5384 goto respond_in_thread;
5385
5386 sqp = get_queue(cmnd);
5387 spin_lock_irqsave(&sqp->qc_lock, iflags);
5388 if (unlikely(atomic_read(&sqp->blocked))) {
5389 spin_unlock_irqrestore(&sqp->qc_lock, iflags);
5390 return SCSI_MLQUEUE_HOST_BUSY;
5391 }
5392 num_in_q = atomic_read(&devip->num_in_q);
5393 qdepth = cmnd->device->queue_depth;
5394 if (unlikely((qdepth > 0) && (num_in_q >= qdepth))) {
5395 if (scsi_result) {
5396 spin_unlock_irqrestore(&sqp->qc_lock, iflags);
5397 goto respond_in_thread;
5398 } else
5399 scsi_result = device_qfull_result;
5400 } else if (unlikely(sdebug_every_nth &&
5401 (SDEBUG_OPT_RARE_TSF & sdebug_opts) &&
5402 (scsi_result == 0))) {
5403 if ((num_in_q == (qdepth - 1)) &&
5404 (atomic_inc_return(&sdebug_a_tsf) >=
5405 abs(sdebug_every_nth))) {
5406 atomic_set(&sdebug_a_tsf, 0);
5407 inject = true;
5408 scsi_result = device_qfull_result;
5409 }
5410 }
5411
5412 k = find_first_zero_bit(sqp->in_use_bm, sdebug_max_queue);
5413 if (unlikely(k >= sdebug_max_queue)) {
5414 spin_unlock_irqrestore(&sqp->qc_lock, iflags);
5415 if (scsi_result)
5416 goto respond_in_thread;
5417 else if (SDEBUG_OPT_ALL_TSF & sdebug_opts)
5418 scsi_result = device_qfull_result;
5419 if (SDEBUG_OPT_Q_NOISE & sdebug_opts)
5420 sdev_printk(KERN_INFO, sdp,
5421 "%s: max_queue=%d exceeded, %s\n",
5422 __func__, sdebug_max_queue,
5423 (scsi_result ? "status: TASK SET FULL" :
5424 "report: host busy"));
5425 if (scsi_result)
5426 goto respond_in_thread;
5427 else
5428 return SCSI_MLQUEUE_HOST_BUSY;
5429 }
5430 set_bit(k, sqp->in_use_bm);
5431 atomic_inc(&devip->num_in_q);
5432 sqcp = &sqp->qc_arr[k];
5433 sqcp->a_cmnd = cmnd;
5434 cmnd->host_scribble = (unsigned char *)sqcp;
5435 sd_dp = sqcp->sd_dp;
5436 spin_unlock_irqrestore(&sqp->qc_lock, iflags);
5437
5438 if (!sd_dp) {
5439 sd_dp = kzalloc(sizeof(*sd_dp), GFP_ATOMIC);
5440 if (!sd_dp) {
5441 atomic_dec(&devip->num_in_q);
5442 clear_bit(k, sqp->in_use_bm);
5443 return SCSI_MLQUEUE_HOST_BUSY;
5444 }
5445 new_sd_dp = true;
5446 } else {
5447 new_sd_dp = false;
5448 }
5449
5450 /* Set the hostwide tag */
5451 if (sdebug_host_max_queue)
5452 sd_dp->hc_idx = get_tag(cmnd);
5453
5454 if (hipri)
5455 ns_from_boot = ktime_get_boottime_ns();
5456
5457 /* one of the resp_*() response functions is called here */
5458 cmnd->result = pfp ? pfp(cmnd, devip) : 0;
5459 if (cmnd->result & SDEG_RES_IMMED_MASK) {
5460 cmnd->result &= ~SDEG_RES_IMMED_MASK;
5461 delta_jiff = ndelay = 0;
5462 }
5463 if (cmnd->result == 0 && scsi_result != 0)
5464 cmnd->result = scsi_result;
5465 if (cmnd->result == 0 && unlikely(sdebug_opts & SDEBUG_OPT_TRANSPORT_ERR)) {
5466 if (atomic_read(&sdeb_inject_pending)) {
5467 mk_sense_buffer(cmnd, ABORTED_COMMAND, TRANSPORT_PROBLEM, ACK_NAK_TO);
5468 atomic_set(&sdeb_inject_pending, 0);
5469 cmnd->result = check_condition_result;
5470 }
5471 }
5472
5473 if (unlikely(sdebug_verbose && cmnd->result))
5474 sdev_printk(KERN_INFO, sdp, "%s: non-zero result=0x%x\n",
5475 __func__, cmnd->result);
5476
5477 if (delta_jiff > 0 || ndelay > 0) {
5478 ktime_t kt;
5479
5480 if (delta_jiff > 0) {
5481 u64 ns = jiffies_to_nsecs(delta_jiff);
5482
5483 if (sdebug_random && ns < U32_MAX) {
5484 ns = prandom_u32_max((u32)ns);
5485 } else if (sdebug_random) {
5486 ns >>= 12; /* scale to 4 usec precision */
5487 if (ns < U32_MAX) /* over 4 hours max */
5488 ns = prandom_u32_max((u32)ns);
5489 ns <<= 12;
5490 }
5491 kt = ns_to_ktime(ns);
5492 } else { /* ndelay has a 4.2 second max */
5493 kt = sdebug_random ? prandom_u32_max((u32)ndelay) :
5494 (u32)ndelay;
5495 if (ndelay < INCLUSIVE_TIMING_MAX_NS) {
5496 u64 d = ktime_get_boottime_ns() - ns_from_boot;
5497
5498 if (kt <= d) { /* elapsed duration >= kt */
5499 spin_lock_irqsave(&sqp->qc_lock, iflags);
5500 sqcp->a_cmnd = NULL;
5501 atomic_dec(&devip->num_in_q);
5502 clear_bit(k, sqp->in_use_bm);
5503 spin_unlock_irqrestore(&sqp->qc_lock, iflags);
5504 if (new_sd_dp)
5505 kfree(sd_dp);
5506 /* call scsi_done() from this thread */
5507 cmnd->scsi_done(cmnd);
5508 return 0;
5509 }
5510 /* otherwise reduce kt by elapsed time */
5511 kt -= d;
5512 }
5513 }
5514 if (hipri) {
5515 sd_dp->cmpl_ts = ktime_add(ns_to_ktime(ns_from_boot), kt);
5516 spin_lock_irqsave(&sqp->qc_lock, iflags);
5517 if (!sd_dp->init_poll) {
5518 sd_dp->init_poll = true;
5519 sqcp->sd_dp = sd_dp;
5520 sd_dp->sqa_idx = sqp - sdebug_q_arr;
5521 sd_dp->qc_idx = k;
5522 }
5523 sd_dp->defer_t = SDEB_DEFER_POLL;
5524 spin_unlock_irqrestore(&sqp->qc_lock, iflags);
5525 } else {
5526 if (!sd_dp->init_hrt) {
5527 sd_dp->init_hrt = true;
5528 sqcp->sd_dp = sd_dp;
5529 hrtimer_init(&sd_dp->hrt, CLOCK_MONOTONIC,
5530 HRTIMER_MODE_REL_PINNED);
5531 sd_dp->hrt.function = sdebug_q_cmd_hrt_complete;
5532 sd_dp->sqa_idx = sqp - sdebug_q_arr;
5533 sd_dp->qc_idx = k;
5534 }
5535 sd_dp->defer_t = SDEB_DEFER_HRT;
5536 /* schedule the invocation of scsi_done() for a later time */
5537 hrtimer_start(&sd_dp->hrt, kt, HRTIMER_MODE_REL_PINNED);
5538 }
5539 if (sdebug_statistics)
5540 sd_dp->issuing_cpu = raw_smp_processor_id();
5541 } else { /* jdelay < 0, use work queue */
5542 if (unlikely((sdebug_opts & SDEBUG_OPT_CMD_ABORT) &&
5543 atomic_read(&sdeb_inject_pending)))
5544 sd_dp->aborted = true;
5545 if (hipri) {
5546 sd_dp->cmpl_ts = ns_to_ktime(ns_from_boot);
5547 spin_lock_irqsave(&sqp->qc_lock, iflags);
5548 if (!sd_dp->init_poll) {
5549 sd_dp->init_poll = true;
5550 sqcp->sd_dp = sd_dp;
5551 sd_dp->sqa_idx = sqp - sdebug_q_arr;
5552 sd_dp->qc_idx = k;
5553 }
5554 sd_dp->defer_t = SDEB_DEFER_POLL;
5555 spin_unlock_irqrestore(&sqp->qc_lock, iflags);
5556 } else {
5557 if (!sd_dp->init_wq) {
5558 sd_dp->init_wq = true;
5559 sqcp->sd_dp = sd_dp;
5560 sd_dp->sqa_idx = sqp - sdebug_q_arr;
5561 sd_dp->qc_idx = k;
5562 INIT_WORK(&sd_dp->ew.work, sdebug_q_cmd_wq_complete);
5563 }
5564 sd_dp->defer_t = SDEB_DEFER_WQ;
5565 schedule_work(&sd_dp->ew.work);
5566 }
5567 if (sdebug_statistics)
5568 sd_dp->issuing_cpu = raw_smp_processor_id();
5569 if (unlikely(sd_dp->aborted)) {
5570 sdev_printk(KERN_INFO, sdp, "abort request tag %d\n", cmnd->request->tag);
5571 blk_abort_request(cmnd->request);
5572 atomic_set(&sdeb_inject_pending, 0);
5573 sd_dp->aborted = false;
5574 }
5575 }
5576 if (unlikely((SDEBUG_OPT_Q_NOISE & sdebug_opts) && scsi_result == device_qfull_result))
5577 sdev_printk(KERN_INFO, sdp, "%s: num_in_q=%d +1, %s%s\n", __func__,
5578 num_in_q, (inject ? "<inject> " : ""), "status: TASK SET FULL");
5579 return 0;
5580
5581respond_in_thread: /* call back to mid-layer using invocation thread */
5582 cmnd->result = pfp != NULL ? pfp(cmnd, devip) : 0;
5583 cmnd->result &= ~SDEG_RES_IMMED_MASK;
5584 if (cmnd->result == 0 && scsi_result != 0)
5585 cmnd->result = scsi_result;
5586 cmnd->scsi_done(cmnd);
5587 return 0;
5588}
5589
5590/* Note: The following macros create attribute files in the
5591 /sys/module/scsi_debug/parameters directory. Unfortunately this
5592 driver is unaware of a change and cannot trigger auxiliary actions
5593 as it can when the corresponding attribute in the
5594 /sys/bus/pseudo/drivers/scsi_debug directory is changed.
5595 */
5596module_param_named(add_host, sdebug_add_host, int, S_IRUGO | S_IWUSR);
5597module_param_named(ato, sdebug_ato, int, S_IRUGO);
5598module_param_named(cdb_len, sdebug_cdb_len, int, 0644);
5599module_param_named(clustering, sdebug_clustering, bool, S_IRUGO | S_IWUSR);
5600module_param_named(delay, sdebug_jdelay, int, S_IRUGO | S_IWUSR);
5601module_param_named(dev_size_mb, sdebug_dev_size_mb, int, S_IRUGO);
5602module_param_named(dif, sdebug_dif, int, S_IRUGO);
5603module_param_named(dix, sdebug_dix, int, S_IRUGO);
5604module_param_named(dsense, sdebug_dsense, int, S_IRUGO | S_IWUSR);
5605module_param_named(every_nth, sdebug_every_nth, int, S_IRUGO | S_IWUSR);
5606module_param_named(fake_rw, sdebug_fake_rw, int, S_IRUGO | S_IWUSR);
5607module_param_named(guard, sdebug_guard, uint, S_IRUGO);
5608module_param_named(host_lock, sdebug_host_lock, bool, S_IRUGO | S_IWUSR);
5609module_param_named(host_max_queue, sdebug_host_max_queue, int, S_IRUGO);
5610module_param_string(inq_product, sdebug_inq_product_id,
5611 sizeof(sdebug_inq_product_id), S_IRUGO | S_IWUSR);
5612module_param_string(inq_rev, sdebug_inq_product_rev,
5613 sizeof(sdebug_inq_product_rev), S_IRUGO | S_IWUSR);
5614module_param_string(inq_vendor, sdebug_inq_vendor_id,
5615 sizeof(sdebug_inq_vendor_id), S_IRUGO | S_IWUSR);
5616module_param_named(lbprz, sdebug_lbprz, int, S_IRUGO);
5617module_param_named(lbpu, sdebug_lbpu, int, S_IRUGO);
5618module_param_named(lbpws, sdebug_lbpws, int, S_IRUGO);
5619module_param_named(lbpws10, sdebug_lbpws10, int, S_IRUGO);
5620module_param_named(lowest_aligned, sdebug_lowest_aligned, int, S_IRUGO);
5621module_param_named(lun_format, sdebug_lun_am_i, int, S_IRUGO | S_IWUSR);
5622module_param_named(max_luns, sdebug_max_luns, int, S_IRUGO | S_IWUSR);
5623module_param_named(max_queue, sdebug_max_queue, int, S_IRUGO | S_IWUSR);
5624module_param_named(medium_error_count, sdebug_medium_error_count, int,
5625 S_IRUGO | S_IWUSR);
5626module_param_named(medium_error_start, sdebug_medium_error_start, int,
5627 S_IRUGO | S_IWUSR);
5628module_param_named(ndelay, sdebug_ndelay, int, S_IRUGO | S_IWUSR);
5629module_param_named(no_lun_0, sdebug_no_lun_0, int, S_IRUGO | S_IWUSR);
5630module_param_named(no_uld, sdebug_no_uld, int, S_IRUGO);
5631module_param_named(num_parts, sdebug_num_parts, int, S_IRUGO);
5632module_param_named(num_tgts, sdebug_num_tgts, int, S_IRUGO | S_IWUSR);
5633module_param_named(opt_blks, sdebug_opt_blks, int, S_IRUGO);
5634module_param_named(opt_xferlen_exp, sdebug_opt_xferlen_exp, int, S_IRUGO);
5635module_param_named(opts, sdebug_opts, int, S_IRUGO | S_IWUSR);
5636module_param_named(per_host_store, sdebug_per_host_store, bool,
5637 S_IRUGO | S_IWUSR);
5638module_param_named(physblk_exp, sdebug_physblk_exp, int, S_IRUGO);
5639module_param_named(ptype, sdebug_ptype, int, S_IRUGO | S_IWUSR);
5640module_param_named(random, sdebug_random, bool, S_IRUGO | S_IWUSR);
5641module_param_named(removable, sdebug_removable, bool, S_IRUGO | S_IWUSR);
5642module_param_named(scsi_level, sdebug_scsi_level, int, S_IRUGO);
5643module_param_named(sector_size, sdebug_sector_size, int, S_IRUGO);
5644module_param_named(statistics, sdebug_statistics, bool, S_IRUGO | S_IWUSR);
5645module_param_named(strict, sdebug_strict, bool, S_IRUGO | S_IWUSR);
5646module_param_named(submit_queues, submit_queues, int, S_IRUGO);
5647module_param_named(poll_queues, poll_queues, int, S_IRUGO);
5648module_param_named(tur_ms_to_ready, sdeb_tur_ms_to_ready, int, S_IRUGO);
5649module_param_named(unmap_alignment, sdebug_unmap_alignment, int, S_IRUGO);
5650module_param_named(unmap_granularity, sdebug_unmap_granularity, int, S_IRUGO);
5651module_param_named(unmap_max_blocks, sdebug_unmap_max_blocks, int, S_IRUGO);
5652module_param_named(unmap_max_desc, sdebug_unmap_max_desc, int, S_IRUGO);
5653module_param_named(uuid_ctl, sdebug_uuid_ctl, int, S_IRUGO);
5654module_param_named(virtual_gb, sdebug_virtual_gb, int, S_IRUGO | S_IWUSR);
5655module_param_named(vpd_use_hostno, sdebug_vpd_use_hostno, int,
5656 S_IRUGO | S_IWUSR);
5657module_param_named(wp, sdebug_wp, bool, S_IRUGO | S_IWUSR);
5658module_param_named(write_same_length, sdebug_write_same_length, int,
5659 S_IRUGO | S_IWUSR);
5660module_param_named(zbc, sdeb_zbc_model_s, charp, S_IRUGO);
5661module_param_named(zone_max_open, sdeb_zbc_max_open, int, S_IRUGO);
5662module_param_named(zone_nr_conv, sdeb_zbc_nr_conv, int, S_IRUGO);
5663module_param_named(zone_size_mb, sdeb_zbc_zone_size_mb, int, S_IRUGO);
5664
5665MODULE_AUTHOR("Eric Youngdale + Douglas Gilbert");
5666MODULE_DESCRIPTION("SCSI debug adapter driver");
5667MODULE_LICENSE("GPL");
5668MODULE_VERSION(SDEBUG_VERSION);
5669
5670MODULE_PARM_DESC(add_host, "add n hosts, in sysfs if negative remove host(s) (def=1)");
5671MODULE_PARM_DESC(ato, "application tag ownership: 0=disk 1=host (def=1)");
5672MODULE_PARM_DESC(cdb_len, "suggest CDB lengths to drivers (def=10)");
5673MODULE_PARM_DESC(clustering, "when set enables larger transfers (def=0)");
5674MODULE_PARM_DESC(delay, "response delay (def=1 jiffy); 0:imm, -1,-2:tiny");
5675MODULE_PARM_DESC(dev_size_mb, "size in MiB of ram shared by devs(def=8)");
5676MODULE_PARM_DESC(dif, "data integrity field type: 0-3 (def=0)");
5677MODULE_PARM_DESC(dix, "data integrity extensions mask (def=0)");
5678MODULE_PARM_DESC(dsense, "use descriptor sense format(def=0 -> fixed)");
5679MODULE_PARM_DESC(every_nth, "timeout every nth command(def=0)");
5680MODULE_PARM_DESC(fake_rw, "fake reads/writes instead of copying (def=0)");
5681MODULE_PARM_DESC(guard, "protection checksum: 0=crc, 1=ip (def=0)");
5682MODULE_PARM_DESC(host_lock, "host_lock is ignored (def=0)");
5683MODULE_PARM_DESC(host_max_queue,
5684 "host max # of queued cmds (0 to max(def) [max_queue fixed equal for !0])");
5685MODULE_PARM_DESC(inq_product, "SCSI INQUIRY product string (def=\"scsi_debug\")");
5686MODULE_PARM_DESC(inq_rev, "SCSI INQUIRY revision string (def=\""
5687 SDEBUG_VERSION "\")");
5688MODULE_PARM_DESC(inq_vendor, "SCSI INQUIRY vendor string (def=\"Linux\")");
5689MODULE_PARM_DESC(lbprz,
5690 "on read unmapped LBs return 0 when 1 (def), return 0xff when 2");
5691MODULE_PARM_DESC(lbpu, "enable LBP, support UNMAP command (def=0)");
5692MODULE_PARM_DESC(lbpws, "enable LBP, support WRITE SAME(16) with UNMAP bit (def=0)");
5693MODULE_PARM_DESC(lbpws10, "enable LBP, support WRITE SAME(10) with UNMAP bit (def=0)");
5694MODULE_PARM_DESC(lowest_aligned, "lowest aligned lba (def=0)");
5695MODULE_PARM_DESC(lun_format, "LUN format: 0->peripheral (def); 1 --> flat address method");
5696MODULE_PARM_DESC(max_luns, "number of LUNs per target to simulate(def=1)");
5697MODULE_PARM_DESC(max_queue, "max number of queued commands (1 to max(def))");
5698MODULE_PARM_DESC(medium_error_count, "count of sectors to return follow on MEDIUM error");
5699MODULE_PARM_DESC(medium_error_start, "starting sector number to return MEDIUM error");
5700MODULE_PARM_DESC(ndelay, "response delay in nanoseconds (def=0 -> ignore)");
5701MODULE_PARM_DESC(no_lun_0, "no LU number 0 (def=0 -> have lun 0)");
5702MODULE_PARM_DESC(no_uld, "stop ULD (e.g. sd driver) attaching (def=0))");
5703MODULE_PARM_DESC(num_parts, "number of partitions(def=0)");
5704MODULE_PARM_DESC(num_tgts, "number of targets per host to simulate(def=1)");
5705MODULE_PARM_DESC(opt_blks, "optimal transfer length in blocks (def=1024)");
5706MODULE_PARM_DESC(opt_xferlen_exp, "optimal transfer length granularity exponent (def=physblk_exp)");
5707MODULE_PARM_DESC(opts, "1->noise, 2->medium_err, 4->timeout, 8->recovered_err... (def=0)");
5708MODULE_PARM_DESC(per_host_store, "If set, next positive add_host will get new store (def=0)");
5709MODULE_PARM_DESC(physblk_exp, "physical block exponent (def=0)");
5710MODULE_PARM_DESC(poll_queues, "support for iouring iopoll queues (1 to max(submit_queues - 1))");
5711MODULE_PARM_DESC(ptype, "SCSI peripheral type(def=0[disk])");
5712MODULE_PARM_DESC(random, "If set, uniformly randomize command duration between 0 and delay_in_ns");
5713MODULE_PARM_DESC(removable, "claim to have removable media (def=0)");
5714MODULE_PARM_DESC(scsi_level, "SCSI level to simulate(def=7[SPC-5])");
5715MODULE_PARM_DESC(sector_size, "logical block size in bytes (def=512)");
5716MODULE_PARM_DESC(statistics, "collect statistics on commands, queues (def=0)");
5717MODULE_PARM_DESC(strict, "stricter checks: reserved field in cdb (def=0)");
5718MODULE_PARM_DESC(submit_queues, "support for block multi-queue (def=1)");
5719MODULE_PARM_DESC(tur_ms_to_ready, "TEST UNIT READY millisecs before initial good status (def=0)");
5720MODULE_PARM_DESC(unmap_alignment, "lowest aligned thin provisioning lba (def=0)");
5721MODULE_PARM_DESC(unmap_granularity, "thin provisioning granularity in blocks (def=1)");
5722MODULE_PARM_DESC(unmap_max_blocks, "max # of blocks can be unmapped in one cmd (def=0xffffffff)");
5723MODULE_PARM_DESC(unmap_max_desc, "max # of ranges that can be unmapped in one cmd (def=256)");
5724MODULE_PARM_DESC(uuid_ctl,
5725 "1->use uuid for lu name, 0->don't, 2->all use same (def=0)");
5726MODULE_PARM_DESC(virtual_gb, "virtual gigabyte (GiB) size (def=0 -> use dev_size_mb)");
5727MODULE_PARM_DESC(vpd_use_hostno, "0 -> dev ids ignore hostno (def=1 -> unique dev ids)");
5728MODULE_PARM_DESC(wp, "Write Protect (def=0)");
5729MODULE_PARM_DESC(write_same_length, "Maximum blocks per WRITE SAME cmd (def=0xffff)");
5730MODULE_PARM_DESC(zbc, "'none' [0]; 'aware' [1]; 'managed' [2] (def=0). Can have 'host-' prefix");
5731MODULE_PARM_DESC(zone_max_open, "Maximum number of open zones; [0] for no limit (def=auto)");
5732MODULE_PARM_DESC(zone_nr_conv, "Number of conventional zones (def=1)");
5733MODULE_PARM_DESC(zone_size_mb, "Zone size in MiB (def=auto)");
5734
5735#define SDEBUG_INFO_LEN 256
5736static char sdebug_info[SDEBUG_INFO_LEN];
5737
5738static const char *scsi_debug_info(struct Scsi_Host *shp)
5739{
5740 int k;
5741
5742 k = scnprintf(sdebug_info, SDEBUG_INFO_LEN, "%s: version %s [%s]\n",
5743 my_name, SDEBUG_VERSION, sdebug_version_date);
5744 if (k >= (SDEBUG_INFO_LEN - 1))
5745 return sdebug_info;
5746 scnprintf(sdebug_info + k, SDEBUG_INFO_LEN - k,
5747 " dev_size_mb=%d, opts=0x%x, submit_queues=%d, %s=%d",
5748 sdebug_dev_size_mb, sdebug_opts, submit_queues,
5749 "statistics", (int)sdebug_statistics);
5750 return sdebug_info;
5751}
5752
5753/* 'echo <val> > /proc/scsi/scsi_debug/<host_id>' writes to opts */
5754static int scsi_debug_write_info(struct Scsi_Host *host, char *buffer,
5755 int length)
5756{
5757 char arr[16];
5758 int opts;
5759 int minLen = length > 15 ? 15 : length;
5760
5761 if (!capable(CAP_SYS_ADMIN) || !capable(CAP_SYS_RAWIO))
5762 return -EACCES;
5763 memcpy(arr, buffer, minLen);
5764 arr[minLen] = '\0';
5765 if (1 != sscanf(arr, "%d", &opts))
5766 return -EINVAL;
5767 sdebug_opts = opts;
5768 sdebug_verbose = !!(SDEBUG_OPT_NOISE & opts);
5769 sdebug_any_injecting_opt = !!(SDEBUG_OPT_ALL_INJECTING & opts);
5770 if (sdebug_every_nth != 0)
5771 tweak_cmnd_count();
5772 return length;
5773}
5774
5775/* Output seen with 'cat /proc/scsi/scsi_debug/<host_id>'. It will be the
5776 * same for each scsi_debug host (if more than one). Some of the counters
5777 * output are not atomics so might be inaccurate in a busy system. */
5778static int scsi_debug_show_info(struct seq_file *m, struct Scsi_Host *host)
5779{
5780 int f, j, l;
5781 struct sdebug_queue *sqp;
5782 struct sdebug_host_info *sdhp;
5783
5784 seq_printf(m, "scsi_debug adapter driver, version %s [%s]\n",
5785 SDEBUG_VERSION, sdebug_version_date);
5786 seq_printf(m, "num_tgts=%d, %ssize=%d MB, opts=0x%x, every_nth=%d\n",
5787 sdebug_num_tgts, "shared (ram) ", sdebug_dev_size_mb,
5788 sdebug_opts, sdebug_every_nth);
5789 seq_printf(m, "delay=%d, ndelay=%d, max_luns=%d, sector_size=%d %s\n",
5790 sdebug_jdelay, sdebug_ndelay, sdebug_max_luns,
5791 sdebug_sector_size, "bytes");
5792 seq_printf(m, "cylinders=%d, heads=%d, sectors=%d, command aborts=%d\n",
5793 sdebug_cylinders_per, sdebug_heads, sdebug_sectors_per,
5794 num_aborts);
5795 seq_printf(m, "RESETs: device=%d, target=%d, bus=%d, host=%d\n",
5796 num_dev_resets, num_target_resets, num_bus_resets,
5797 num_host_resets);
5798 seq_printf(m, "dix_reads=%d, dix_writes=%d, dif_errors=%d\n",
5799 dix_reads, dix_writes, dif_errors);
5800 seq_printf(m, "usec_in_jiffy=%lu, statistics=%d\n", TICK_NSEC / 1000,
5801 sdebug_statistics);
5802 seq_printf(m, "cmnd_count=%d, completions=%d, %s=%d, a_tsf=%d, mq_polls=%d\n",
5803 atomic_read(&sdebug_cmnd_count),
5804 atomic_read(&sdebug_completions),
5805 "miss_cpus", atomic_read(&sdebug_miss_cpus),
5806 atomic_read(&sdebug_a_tsf),
5807 atomic_read(&sdeb_mq_poll_count));
5808
5809 seq_printf(m, "submit_queues=%d\n", submit_queues);
5810 for (j = 0, sqp = sdebug_q_arr; j < submit_queues; ++j, ++sqp) {
5811 seq_printf(m, " queue %d:\n", j);
5812 f = find_first_bit(sqp->in_use_bm, sdebug_max_queue);
5813 if (f != sdebug_max_queue) {
5814 l = find_last_bit(sqp->in_use_bm, sdebug_max_queue);
5815 seq_printf(m, " in_use_bm BUSY: %s: %d,%d\n",
5816 "first,last bits", f, l);
5817 }
5818 }
5819
5820 seq_printf(m, "this host_no=%d\n", host->host_no);
5821 if (!xa_empty(per_store_ap)) {
5822 bool niu;
5823 int idx;
5824 unsigned long l_idx;
5825 struct sdeb_store_info *sip;
5826
5827 seq_puts(m, "\nhost list:\n");
5828 j = 0;
5829 list_for_each_entry(sdhp, &sdebug_host_list, host_list) {
5830 idx = sdhp->si_idx;
5831 seq_printf(m, " %d: host_no=%d, si_idx=%d\n", j,
5832 sdhp->shost->host_no, idx);
5833 ++j;
5834 }
5835 seq_printf(m, "\nper_store array [most_recent_idx=%d]:\n",
5836 sdeb_most_recent_idx);
5837 j = 0;
5838 xa_for_each(per_store_ap, l_idx, sip) {
5839 niu = xa_get_mark(per_store_ap, l_idx,
5840 SDEB_XA_NOT_IN_USE);
5841 idx = (int)l_idx;
5842 seq_printf(m, " %d: idx=%d%s\n", j, idx,
5843 (niu ? " not_in_use" : ""));
5844 ++j;
5845 }
5846 }
5847 return 0;
5848}
5849
5850static ssize_t delay_show(struct device_driver *ddp, char *buf)
5851{
5852 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_jdelay);
5853}
5854/* Returns -EBUSY if jdelay is being changed and commands are queued. The unit
5855 * of delay is jiffies.
5856 */
5857static ssize_t delay_store(struct device_driver *ddp, const char *buf,
5858 size_t count)
5859{
5860 int jdelay, res;
5861
5862 if (count > 0 && sscanf(buf, "%d", &jdelay) == 1) {
5863 res = count;
5864 if (sdebug_jdelay != jdelay) {
5865 int j, k;
5866 struct sdebug_queue *sqp;
5867
5868 block_unblock_all_queues(true);
5869 for (j = 0, sqp = sdebug_q_arr; j < submit_queues;
5870 ++j, ++sqp) {
5871 k = find_first_bit(sqp->in_use_bm,
5872 sdebug_max_queue);
5873 if (k != sdebug_max_queue) {
5874 res = -EBUSY; /* queued commands */
5875 break;
5876 }
5877 }
5878 if (res > 0) {
5879 sdebug_jdelay = jdelay;
5880 sdebug_ndelay = 0;
5881 }
5882 block_unblock_all_queues(false);
5883 }
5884 return res;
5885 }
5886 return -EINVAL;
5887}
5888static DRIVER_ATTR_RW(delay);
5889
5890static ssize_t ndelay_show(struct device_driver *ddp, char *buf)
5891{
5892 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_ndelay);
5893}
5894/* Returns -EBUSY if ndelay is being changed and commands are queued */
5895/* If > 0 and accepted then sdebug_jdelay is set to JDELAY_OVERRIDDEN */
5896static ssize_t ndelay_store(struct device_driver *ddp, const char *buf,
5897 size_t count)
5898{
5899 int ndelay, res;
5900
5901 if ((count > 0) && (1 == sscanf(buf, "%d", &ndelay)) &&
5902 (ndelay >= 0) && (ndelay < (1000 * 1000 * 1000))) {
5903 res = count;
5904 if (sdebug_ndelay != ndelay) {
5905 int j, k;
5906 struct sdebug_queue *sqp;
5907
5908 block_unblock_all_queues(true);
5909 for (j = 0, sqp = sdebug_q_arr; j < submit_queues;
5910 ++j, ++sqp) {
5911 k = find_first_bit(sqp->in_use_bm,
5912 sdebug_max_queue);
5913 if (k != sdebug_max_queue) {
5914 res = -EBUSY; /* queued commands */
5915 break;
5916 }
5917 }
5918 if (res > 0) {
5919 sdebug_ndelay = ndelay;
5920 sdebug_jdelay = ndelay ? JDELAY_OVERRIDDEN
5921 : DEF_JDELAY;
5922 }
5923 block_unblock_all_queues(false);
5924 }
5925 return res;
5926 }
5927 return -EINVAL;
5928}
5929static DRIVER_ATTR_RW(ndelay);
5930
5931static ssize_t opts_show(struct device_driver *ddp, char *buf)
5932{
5933 return scnprintf(buf, PAGE_SIZE, "0x%x\n", sdebug_opts);
5934}
5935
5936static ssize_t opts_store(struct device_driver *ddp, const char *buf,
5937 size_t count)
5938{
5939 int opts;
5940 char work[20];
5941
5942 if (sscanf(buf, "%10s", work) == 1) {
5943 if (strncasecmp(work, "0x", 2) == 0) {
5944 if (kstrtoint(work + 2, 16, &opts) == 0)
5945 goto opts_done;
5946 } else {
5947 if (kstrtoint(work, 10, &opts) == 0)
5948 goto opts_done;
5949 }
5950 }
5951 return -EINVAL;
5952opts_done:
5953 sdebug_opts = opts;
5954 sdebug_verbose = !!(SDEBUG_OPT_NOISE & opts);
5955 sdebug_any_injecting_opt = !!(SDEBUG_OPT_ALL_INJECTING & opts);
5956 tweak_cmnd_count();
5957 return count;
5958}
5959static DRIVER_ATTR_RW(opts);
5960
5961static ssize_t ptype_show(struct device_driver *ddp, char *buf)
5962{
5963 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_ptype);
5964}
5965static ssize_t ptype_store(struct device_driver *ddp, const char *buf,
5966 size_t count)
5967{
5968 int n;
5969
5970 /* Cannot change from or to TYPE_ZBC with sysfs */
5971 if (sdebug_ptype == TYPE_ZBC)
5972 return -EINVAL;
5973
5974 if ((count > 0) && (1 == sscanf(buf, "%d", &n)) && (n >= 0)) {
5975 if (n == TYPE_ZBC)
5976 return -EINVAL;
5977 sdebug_ptype = n;
5978 return count;
5979 }
5980 return -EINVAL;
5981}
5982static DRIVER_ATTR_RW(ptype);
5983
5984static ssize_t dsense_show(struct device_driver *ddp, char *buf)
5985{
5986 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_dsense);
5987}
5988static ssize_t dsense_store(struct device_driver *ddp, const char *buf,
5989 size_t count)
5990{
5991 int n;
5992
5993 if ((count > 0) && (1 == sscanf(buf, "%d", &n)) && (n >= 0)) {
5994 sdebug_dsense = n;
5995 return count;
5996 }
5997 return -EINVAL;
5998}
5999static DRIVER_ATTR_RW(dsense);
6000
6001static ssize_t fake_rw_show(struct device_driver *ddp, char *buf)
6002{
6003 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_fake_rw);
6004}
6005static ssize_t fake_rw_store(struct device_driver *ddp, const char *buf,
6006 size_t count)
6007{
6008 int n, idx;
6009
6010 if ((count > 0) && (1 == sscanf(buf, "%d", &n)) && (n >= 0)) {
6011 bool want_store = (n == 0);
6012 struct sdebug_host_info *sdhp;
6013
6014 n = (n > 0);
6015 sdebug_fake_rw = (sdebug_fake_rw > 0);
6016 if (sdebug_fake_rw == n)
6017 return count; /* not transitioning so do nothing */
6018
6019 if (want_store) { /* 1 --> 0 transition, set up store */
6020 if (sdeb_first_idx < 0) {
6021 idx = sdebug_add_store();
6022 if (idx < 0)
6023 return idx;
6024 } else {
6025 idx = sdeb_first_idx;
6026 xa_clear_mark(per_store_ap, idx,
6027 SDEB_XA_NOT_IN_USE);
6028 }
6029 /* make all hosts use same store */
6030 list_for_each_entry(sdhp, &sdebug_host_list,
6031 host_list) {
6032 if (sdhp->si_idx != idx) {
6033 xa_set_mark(per_store_ap, sdhp->si_idx,
6034 SDEB_XA_NOT_IN_USE);
6035 sdhp->si_idx = idx;
6036 }
6037 }
6038 sdeb_most_recent_idx = idx;
6039 } else { /* 0 --> 1 transition is trigger for shrink */
6040 sdebug_erase_all_stores(true /* apart from first */);
6041 }
6042 sdebug_fake_rw = n;
6043 return count;
6044 }
6045 return -EINVAL;
6046}
6047static DRIVER_ATTR_RW(fake_rw);
6048
6049static ssize_t no_lun_0_show(struct device_driver *ddp, char *buf)
6050{
6051 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_no_lun_0);
6052}
6053static ssize_t no_lun_0_store(struct device_driver *ddp, const char *buf,
6054 size_t count)
6055{
6056 int n;
6057
6058 if ((count > 0) && (1 == sscanf(buf, "%d", &n)) && (n >= 0)) {
6059 sdebug_no_lun_0 = n;
6060 return count;
6061 }
6062 return -EINVAL;
6063}
6064static DRIVER_ATTR_RW(no_lun_0);
6065
6066static ssize_t num_tgts_show(struct device_driver *ddp, char *buf)
6067{
6068 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_num_tgts);
6069}
6070static ssize_t num_tgts_store(struct device_driver *ddp, const char *buf,
6071 size_t count)
6072{
6073 int n;
6074
6075 if ((count > 0) && (1 == sscanf(buf, "%d", &n)) && (n >= 0)) {
6076 sdebug_num_tgts = n;
6077 sdebug_max_tgts_luns();
6078 return count;
6079 }
6080 return -EINVAL;
6081}
6082static DRIVER_ATTR_RW(num_tgts);
6083
6084static ssize_t dev_size_mb_show(struct device_driver *ddp, char *buf)
6085{
6086 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_dev_size_mb);
6087}
6088static DRIVER_ATTR_RO(dev_size_mb);
6089
6090static ssize_t per_host_store_show(struct device_driver *ddp, char *buf)
6091{
6092 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_per_host_store);
6093}
6094
6095static ssize_t per_host_store_store(struct device_driver *ddp, const char *buf,
6096 size_t count)
6097{
6098 bool v;
6099
6100 if (kstrtobool(buf, &v))
6101 return -EINVAL;
6102
6103 sdebug_per_host_store = v;
6104 return count;
6105}
6106static DRIVER_ATTR_RW(per_host_store);
6107
6108static ssize_t num_parts_show(struct device_driver *ddp, char *buf)
6109{
6110 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_num_parts);
6111}
6112static DRIVER_ATTR_RO(num_parts);
6113
6114static ssize_t every_nth_show(struct device_driver *ddp, char *buf)
6115{
6116 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_every_nth);
6117}
6118static ssize_t every_nth_store(struct device_driver *ddp, const char *buf,
6119 size_t count)
6120{
6121 int nth;
6122 char work[20];
6123
6124 if (sscanf(buf, "%10s", work) == 1) {
6125 if (strncasecmp(work, "0x", 2) == 0) {
6126 if (kstrtoint(work + 2, 16, &nth) == 0)
6127 goto every_nth_done;
6128 } else {
6129 if (kstrtoint(work, 10, &nth) == 0)
6130 goto every_nth_done;
6131 }
6132 }
6133 return -EINVAL;
6134
6135every_nth_done:
6136 sdebug_every_nth = nth;
6137 if (nth && !sdebug_statistics) {
6138 pr_info("every_nth needs statistics=1, set it\n");
6139 sdebug_statistics = true;
6140 }
6141 tweak_cmnd_count();
6142 return count;
6143}
6144static DRIVER_ATTR_RW(every_nth);
6145
6146static ssize_t lun_format_show(struct device_driver *ddp, char *buf)
6147{
6148 return scnprintf(buf, PAGE_SIZE, "%d\n", (int)sdebug_lun_am);
6149}
6150static ssize_t lun_format_store(struct device_driver *ddp, const char *buf,
6151 size_t count)
6152{
6153 int n;
6154 bool changed;
6155
6156 if (kstrtoint(buf, 0, &n))
6157 return -EINVAL;
6158 if (n >= 0) {
6159 if (n > (int)SAM_LUN_AM_FLAT) {
6160 pr_warn("only LUN address methods 0 and 1 are supported\n");
6161 return -EINVAL;
6162 }
6163 changed = ((int)sdebug_lun_am != n);
6164 sdebug_lun_am = n;
6165 if (changed && sdebug_scsi_level >= 5) { /* >= SPC-3 */
6166 struct sdebug_host_info *sdhp;
6167 struct sdebug_dev_info *dp;
6168
6169 spin_lock(&sdebug_host_list_lock);
6170 list_for_each_entry(sdhp, &sdebug_host_list, host_list) {
6171 list_for_each_entry(dp, &sdhp->dev_info_list, dev_list) {
6172 set_bit(SDEBUG_UA_LUNS_CHANGED, dp->uas_bm);
6173 }
6174 }
6175 spin_unlock(&sdebug_host_list_lock);
6176 }
6177 return count;
6178 }
6179 return -EINVAL;
6180}
6181static DRIVER_ATTR_RW(lun_format);
6182
6183static ssize_t max_luns_show(struct device_driver *ddp, char *buf)
6184{
6185 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_max_luns);
6186}
6187static ssize_t max_luns_store(struct device_driver *ddp, const char *buf,
6188 size_t count)
6189{
6190 int n;
6191 bool changed;
6192
6193 if ((count > 0) && (1 == sscanf(buf, "%d", &n)) && (n >= 0)) {
6194 if (n > 256) {
6195 pr_warn("max_luns can be no more than 256\n");
6196 return -EINVAL;
6197 }
6198 changed = (sdebug_max_luns != n);
6199 sdebug_max_luns = n;
6200 sdebug_max_tgts_luns();
6201 if (changed && (sdebug_scsi_level >= 5)) { /* >= SPC-3 */
6202 struct sdebug_host_info *sdhp;
6203 struct sdebug_dev_info *dp;
6204
6205 spin_lock(&sdebug_host_list_lock);
6206 list_for_each_entry(sdhp, &sdebug_host_list,
6207 host_list) {
6208 list_for_each_entry(dp, &sdhp->dev_info_list,
6209 dev_list) {
6210 set_bit(SDEBUG_UA_LUNS_CHANGED,
6211 dp->uas_bm);
6212 }
6213 }
6214 spin_unlock(&sdebug_host_list_lock);
6215 }
6216 return count;
6217 }
6218 return -EINVAL;
6219}
6220static DRIVER_ATTR_RW(max_luns);
6221
6222static ssize_t max_queue_show(struct device_driver *ddp, char *buf)
6223{
6224 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_max_queue);
6225}
6226/* N.B. max_queue can be changed while there are queued commands. In flight
6227 * commands beyond the new max_queue will be completed. */
6228static ssize_t max_queue_store(struct device_driver *ddp, const char *buf,
6229 size_t count)
6230{
6231 int j, n, k, a;
6232 struct sdebug_queue *sqp;
6233
6234 if ((count > 0) && (1 == sscanf(buf, "%d", &n)) && (n > 0) &&
6235 (n <= SDEBUG_CANQUEUE) &&
6236 (sdebug_host_max_queue == 0)) {
6237 block_unblock_all_queues(true);
6238 k = 0;
6239 for (j = 0, sqp = sdebug_q_arr; j < submit_queues;
6240 ++j, ++sqp) {
6241 a = find_last_bit(sqp->in_use_bm, SDEBUG_CANQUEUE);
6242 if (a > k)
6243 k = a;
6244 }
6245 sdebug_max_queue = n;
6246 if (k == SDEBUG_CANQUEUE)
6247 atomic_set(&retired_max_queue, 0);
6248 else if (k >= n)
6249 atomic_set(&retired_max_queue, k + 1);
6250 else
6251 atomic_set(&retired_max_queue, 0);
6252 block_unblock_all_queues(false);
6253 return count;
6254 }
6255 return -EINVAL;
6256}
6257static DRIVER_ATTR_RW(max_queue);
6258
6259static ssize_t host_max_queue_show(struct device_driver *ddp, char *buf)
6260{
6261 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_host_max_queue);
6262}
6263
6264/*
6265 * Since this is used for .can_queue, and we get the hc_idx tag from the bitmap
6266 * in range [0, sdebug_host_max_queue), we can't change it.
6267 */
6268static DRIVER_ATTR_RO(host_max_queue);
6269
6270static ssize_t no_uld_show(struct device_driver *ddp, char *buf)
6271{
6272 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_no_uld);
6273}
6274static DRIVER_ATTR_RO(no_uld);
6275
6276static ssize_t scsi_level_show(struct device_driver *ddp, char *buf)
6277{
6278 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_scsi_level);
6279}
6280static DRIVER_ATTR_RO(scsi_level);
6281
6282static ssize_t virtual_gb_show(struct device_driver *ddp, char *buf)
6283{
6284 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_virtual_gb);
6285}
6286static ssize_t virtual_gb_store(struct device_driver *ddp, const char *buf,
6287 size_t count)
6288{
6289 int n;
6290 bool changed;
6291
6292 /* Ignore capacity change for ZBC drives for now */
6293 if (sdeb_zbc_in_use)
6294 return -ENOTSUPP;
6295
6296 if ((count > 0) && (1 == sscanf(buf, "%d", &n)) && (n >= 0)) {
6297 changed = (sdebug_virtual_gb != n);
6298 sdebug_virtual_gb = n;
6299 sdebug_capacity = get_sdebug_capacity();
6300 if (changed) {
6301 struct sdebug_host_info *sdhp;
6302 struct sdebug_dev_info *dp;
6303
6304 spin_lock(&sdebug_host_list_lock);
6305 list_for_each_entry(sdhp, &sdebug_host_list,
6306 host_list) {
6307 list_for_each_entry(dp, &sdhp->dev_info_list,
6308 dev_list) {
6309 set_bit(SDEBUG_UA_CAPACITY_CHANGED,
6310 dp->uas_bm);
6311 }
6312 }
6313 spin_unlock(&sdebug_host_list_lock);
6314 }
6315 return count;
6316 }
6317 return -EINVAL;
6318}
6319static DRIVER_ATTR_RW(virtual_gb);
6320
6321static ssize_t add_host_show(struct device_driver *ddp, char *buf)
6322{
6323 /* absolute number of hosts currently active is what is shown */
6324 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_num_hosts);
6325}
6326
6327static ssize_t add_host_store(struct device_driver *ddp, const char *buf,
6328 size_t count)
6329{
6330 bool found;
6331 unsigned long idx;
6332 struct sdeb_store_info *sip;
6333 bool want_phs = (sdebug_fake_rw == 0) && sdebug_per_host_store;
6334 int delta_hosts;
6335
6336 if (sscanf(buf, "%d", &delta_hosts) != 1)
6337 return -EINVAL;
6338 if (delta_hosts > 0) {
6339 do {
6340 found = false;
6341 if (want_phs) {
6342 xa_for_each_marked(per_store_ap, idx, sip,
6343 SDEB_XA_NOT_IN_USE) {
6344 sdeb_most_recent_idx = (int)idx;
6345 found = true;
6346 break;
6347 }
6348 if (found) /* re-use case */
6349 sdebug_add_host_helper((int)idx);
6350 else
6351 sdebug_do_add_host(true);
6352 } else {
6353 sdebug_do_add_host(false);
6354 }
6355 } while (--delta_hosts);
6356 } else if (delta_hosts < 0) {
6357 do {
6358 sdebug_do_remove_host(false);
6359 } while (++delta_hosts);
6360 }
6361 return count;
6362}
6363static DRIVER_ATTR_RW(add_host);
6364
6365static ssize_t vpd_use_hostno_show(struct device_driver *ddp, char *buf)
6366{
6367 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_vpd_use_hostno);
6368}
6369static ssize_t vpd_use_hostno_store(struct device_driver *ddp, const char *buf,
6370 size_t count)
6371{
6372 int n;
6373
6374 if ((count > 0) && (1 == sscanf(buf, "%d", &n)) && (n >= 0)) {
6375 sdebug_vpd_use_hostno = n;
6376 return count;
6377 }
6378 return -EINVAL;
6379}
6380static DRIVER_ATTR_RW(vpd_use_hostno);
6381
6382static ssize_t statistics_show(struct device_driver *ddp, char *buf)
6383{
6384 return scnprintf(buf, PAGE_SIZE, "%d\n", (int)sdebug_statistics);
6385}
6386static ssize_t statistics_store(struct device_driver *ddp, const char *buf,
6387 size_t count)
6388{
6389 int n;
6390
6391 if ((count > 0) && (sscanf(buf, "%d", &n) == 1) && (n >= 0)) {
6392 if (n > 0)
6393 sdebug_statistics = true;
6394 else {
6395 clear_queue_stats();
6396 sdebug_statistics = false;
6397 }
6398 return count;
6399 }
6400 return -EINVAL;
6401}
6402static DRIVER_ATTR_RW(statistics);
6403
6404static ssize_t sector_size_show(struct device_driver *ddp, char *buf)
6405{
6406 return scnprintf(buf, PAGE_SIZE, "%u\n", sdebug_sector_size);
6407}
6408static DRIVER_ATTR_RO(sector_size);
6409
6410static ssize_t submit_queues_show(struct device_driver *ddp, char *buf)
6411{
6412 return scnprintf(buf, PAGE_SIZE, "%d\n", submit_queues);
6413}
6414static DRIVER_ATTR_RO(submit_queues);
6415
6416static ssize_t dix_show(struct device_driver *ddp, char *buf)
6417{
6418 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_dix);
6419}
6420static DRIVER_ATTR_RO(dix);
6421
6422static ssize_t dif_show(struct device_driver *ddp, char *buf)
6423{
6424 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_dif);
6425}
6426static DRIVER_ATTR_RO(dif);
6427
6428static ssize_t guard_show(struct device_driver *ddp, char *buf)
6429{
6430 return scnprintf(buf, PAGE_SIZE, "%u\n", sdebug_guard);
6431}
6432static DRIVER_ATTR_RO(guard);
6433
6434static ssize_t ato_show(struct device_driver *ddp, char *buf)
6435{
6436 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_ato);
6437}
6438static DRIVER_ATTR_RO(ato);
6439
6440static ssize_t map_show(struct device_driver *ddp, char *buf)
6441{
6442 ssize_t count = 0;
6443
6444 if (!scsi_debug_lbp())
6445 return scnprintf(buf, PAGE_SIZE, "0-%u\n",
6446 sdebug_store_sectors);
6447
6448 if (sdebug_fake_rw == 0 && !xa_empty(per_store_ap)) {
6449 struct sdeb_store_info *sip = xa_load(per_store_ap, 0);
6450
6451 if (sip)
6452 count = scnprintf(buf, PAGE_SIZE - 1, "%*pbl",
6453 (int)map_size, sip->map_storep);
6454 }
6455 buf[count++] = '\n';
6456 buf[count] = '\0';
6457
6458 return count;
6459}
6460static DRIVER_ATTR_RO(map);
6461
6462static ssize_t random_show(struct device_driver *ddp, char *buf)
6463{
6464 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_random);
6465}
6466
6467static ssize_t random_store(struct device_driver *ddp, const char *buf,
6468 size_t count)
6469{
6470 bool v;
6471
6472 if (kstrtobool(buf, &v))
6473 return -EINVAL;
6474
6475 sdebug_random = v;
6476 return count;
6477}
6478static DRIVER_ATTR_RW(random);
6479
6480static ssize_t removable_show(struct device_driver *ddp, char *buf)
6481{
6482 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_removable ? 1 : 0);
6483}
6484static ssize_t removable_store(struct device_driver *ddp, const char *buf,
6485 size_t count)
6486{
6487 int n;
6488
6489 if ((count > 0) && (1 == sscanf(buf, "%d", &n)) && (n >= 0)) {
6490 sdebug_removable = (n > 0);
6491 return count;
6492 }
6493 return -EINVAL;
6494}
6495static DRIVER_ATTR_RW(removable);
6496
6497static ssize_t host_lock_show(struct device_driver *ddp, char *buf)
6498{
6499 return scnprintf(buf, PAGE_SIZE, "%d\n", !!sdebug_host_lock);
6500}
6501/* N.B. sdebug_host_lock does nothing, kept for backward compatibility */
6502static ssize_t host_lock_store(struct device_driver *ddp, const char *buf,
6503 size_t count)
6504{
6505 int n;
6506
6507 if ((count > 0) && (1 == sscanf(buf, "%d", &n)) && (n >= 0)) {
6508 sdebug_host_lock = (n > 0);
6509 return count;
6510 }
6511 return -EINVAL;
6512}
6513static DRIVER_ATTR_RW(host_lock);
6514
6515static ssize_t strict_show(struct device_driver *ddp, char *buf)
6516{
6517 return scnprintf(buf, PAGE_SIZE, "%d\n", !!sdebug_strict);
6518}
6519static ssize_t strict_store(struct device_driver *ddp, const char *buf,
6520 size_t count)
6521{
6522 int n;
6523
6524 if ((count > 0) && (1 == sscanf(buf, "%d", &n)) && (n >= 0)) {
6525 sdebug_strict = (n > 0);
6526 return count;
6527 }
6528 return -EINVAL;
6529}
6530static DRIVER_ATTR_RW(strict);
6531
6532static ssize_t uuid_ctl_show(struct device_driver *ddp, char *buf)
6533{
6534 return scnprintf(buf, PAGE_SIZE, "%d\n", !!sdebug_uuid_ctl);
6535}
6536static DRIVER_ATTR_RO(uuid_ctl);
6537
6538static ssize_t cdb_len_show(struct device_driver *ddp, char *buf)
6539{
6540 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_cdb_len);
6541}
6542static ssize_t cdb_len_store(struct device_driver *ddp, const char *buf,
6543 size_t count)
6544{
6545 int ret, n;
6546
6547 ret = kstrtoint(buf, 0, &n);
6548 if (ret)
6549 return ret;
6550 sdebug_cdb_len = n;
6551 all_config_cdb_len();
6552 return count;
6553}
6554static DRIVER_ATTR_RW(cdb_len);
6555
6556static const char * const zbc_model_strs_a[] = {
6557 [BLK_ZONED_NONE] = "none",
6558 [BLK_ZONED_HA] = "host-aware",
6559 [BLK_ZONED_HM] = "host-managed",
6560};
6561
6562static const char * const zbc_model_strs_b[] = {
6563 [BLK_ZONED_NONE] = "no",
6564 [BLK_ZONED_HA] = "aware",
6565 [BLK_ZONED_HM] = "managed",
6566};
6567
6568static const char * const zbc_model_strs_c[] = {
6569 [BLK_ZONED_NONE] = "0",
6570 [BLK_ZONED_HA] = "1",
6571 [BLK_ZONED_HM] = "2",
6572};
6573
6574static int sdeb_zbc_model_str(const char *cp)
6575{
6576 int res = sysfs_match_string(zbc_model_strs_a, cp);
6577
6578 if (res < 0) {
6579 res = sysfs_match_string(zbc_model_strs_b, cp);
6580 if (res < 0) {
6581 res = sysfs_match_string(zbc_model_strs_c, cp);
6582 if (res < 0)
6583 return -EINVAL;
6584 }
6585 }
6586 return res;
6587}
6588
6589static ssize_t zbc_show(struct device_driver *ddp, char *buf)
6590{
6591 return scnprintf(buf, PAGE_SIZE, "%s\n",
6592 zbc_model_strs_a[sdeb_zbc_model]);
6593}
6594static DRIVER_ATTR_RO(zbc);
6595
6596static ssize_t tur_ms_to_ready_show(struct device_driver *ddp, char *buf)
6597{
6598 return scnprintf(buf, PAGE_SIZE, "%d\n", sdeb_tur_ms_to_ready);
6599}
6600static DRIVER_ATTR_RO(tur_ms_to_ready);
6601
6602/* Note: The following array creates attribute files in the
6603 /sys/bus/pseudo/drivers/scsi_debug directory. The advantage of these
6604 files (over those found in the /sys/module/scsi_debug/parameters
6605 directory) is that auxiliary actions can be triggered when an attribute
6606 is changed. For example see: add_host_store() above.
6607 */
6608
6609static struct attribute *sdebug_drv_attrs[] = {
6610 &driver_attr_delay.attr,
6611 &driver_attr_opts.attr,
6612 &driver_attr_ptype.attr,
6613 &driver_attr_dsense.attr,
6614 &driver_attr_fake_rw.attr,
6615 &driver_attr_host_max_queue.attr,
6616 &driver_attr_no_lun_0.attr,
6617 &driver_attr_num_tgts.attr,
6618 &driver_attr_dev_size_mb.attr,
6619 &driver_attr_num_parts.attr,
6620 &driver_attr_every_nth.attr,
6621 &driver_attr_lun_format.attr,
6622 &driver_attr_max_luns.attr,
6623 &driver_attr_max_queue.attr,
6624 &driver_attr_no_uld.attr,
6625 &driver_attr_scsi_level.attr,
6626 &driver_attr_virtual_gb.attr,
6627 &driver_attr_add_host.attr,
6628 &driver_attr_per_host_store.attr,
6629 &driver_attr_vpd_use_hostno.attr,
6630 &driver_attr_sector_size.attr,
6631 &driver_attr_statistics.attr,
6632 &driver_attr_submit_queues.attr,
6633 &driver_attr_dix.attr,
6634 &driver_attr_dif.attr,
6635 &driver_attr_guard.attr,
6636 &driver_attr_ato.attr,
6637 &driver_attr_map.attr,
6638 &driver_attr_random.attr,
6639 &driver_attr_removable.attr,
6640 &driver_attr_host_lock.attr,
6641 &driver_attr_ndelay.attr,
6642 &driver_attr_strict.attr,
6643 &driver_attr_uuid_ctl.attr,
6644 &driver_attr_cdb_len.attr,
6645 &driver_attr_tur_ms_to_ready.attr,
6646 &driver_attr_zbc.attr,
6647 NULL,
6648};
6649ATTRIBUTE_GROUPS(sdebug_drv);
6650
6651static struct device *pseudo_primary;
6652
6653static int __init scsi_debug_init(void)
6654{
6655 bool want_store = (sdebug_fake_rw == 0);
6656 unsigned long sz;
6657 int k, ret, hosts_to_add;
6658 int idx = -1;
6659
6660 ramdisk_lck_a[0] = &atomic_rw;
6661 ramdisk_lck_a[1] = &atomic_rw2;
6662 atomic_set(&retired_max_queue, 0);
6663
6664 if (sdebug_ndelay >= 1000 * 1000 * 1000) {
6665 pr_warn("ndelay must be less than 1 second, ignored\n");
6666 sdebug_ndelay = 0;
6667 } else if (sdebug_ndelay > 0)
6668 sdebug_jdelay = JDELAY_OVERRIDDEN;
6669
6670 switch (sdebug_sector_size) {
6671 case 512:
6672 case 1024:
6673 case 2048:
6674 case 4096:
6675 break;
6676 default:
6677 pr_err("invalid sector_size %d\n", sdebug_sector_size);
6678 return -EINVAL;
6679 }
6680
6681 switch (sdebug_dif) {
6682 case T10_PI_TYPE0_PROTECTION:
6683 break;
6684 case T10_PI_TYPE1_PROTECTION:
6685 case T10_PI_TYPE2_PROTECTION:
6686 case T10_PI_TYPE3_PROTECTION:
6687 have_dif_prot = true;
6688 break;
6689
6690 default:
6691 pr_err("dif must be 0, 1, 2 or 3\n");
6692 return -EINVAL;
6693 }
6694
6695 if (sdebug_num_tgts < 0) {
6696 pr_err("num_tgts must be >= 0\n");
6697 return -EINVAL;
6698 }
6699
6700 if (sdebug_guard > 1) {
6701 pr_err("guard must be 0 or 1\n");
6702 return -EINVAL;
6703 }
6704
6705 if (sdebug_ato > 1) {
6706 pr_err("ato must be 0 or 1\n");
6707 return -EINVAL;
6708 }
6709
6710 if (sdebug_physblk_exp > 15) {
6711 pr_err("invalid physblk_exp %u\n", sdebug_physblk_exp);
6712 return -EINVAL;
6713 }
6714
6715 sdebug_lun_am = sdebug_lun_am_i;
6716 if (sdebug_lun_am > SAM_LUN_AM_FLAT) {
6717 pr_warn("Invalid LUN format %u, using default\n", (int)sdebug_lun_am);
6718 sdebug_lun_am = SAM_LUN_AM_PERIPHERAL;
6719 }
6720
6721 if (sdebug_max_luns > 256) {
6722 if (sdebug_max_luns > 16384) {
6723 pr_warn("max_luns can be no more than 16384, use default\n");
6724 sdebug_max_luns = DEF_MAX_LUNS;
6725 }
6726 sdebug_lun_am = SAM_LUN_AM_FLAT;
6727 }
6728
6729 if (sdebug_lowest_aligned > 0x3fff) {
6730 pr_err("lowest_aligned too big: %u\n", sdebug_lowest_aligned);
6731 return -EINVAL;
6732 }
6733
6734 if (submit_queues < 1) {
6735 pr_err("submit_queues must be 1 or more\n");
6736 return -EINVAL;
6737 }
6738
6739 if ((sdebug_max_queue > SDEBUG_CANQUEUE) || (sdebug_max_queue < 1)) {
6740 pr_err("max_queue must be in range [1, %d]\n", SDEBUG_CANQUEUE);
6741 return -EINVAL;
6742 }
6743
6744 if ((sdebug_host_max_queue > SDEBUG_CANQUEUE) ||
6745 (sdebug_host_max_queue < 0)) {
6746 pr_err("host_max_queue must be in range [0 %d]\n",
6747 SDEBUG_CANQUEUE);
6748 return -EINVAL;
6749 }
6750
6751 if (sdebug_host_max_queue &&
6752 (sdebug_max_queue != sdebug_host_max_queue)) {
6753 sdebug_max_queue = sdebug_host_max_queue;
6754 pr_warn("fixing max submit queue depth to host max queue depth, %d\n",
6755 sdebug_max_queue);
6756 }
6757
6758 sdebug_q_arr = kcalloc(submit_queues, sizeof(struct sdebug_queue),
6759 GFP_KERNEL);
6760 if (sdebug_q_arr == NULL)
6761 return -ENOMEM;
6762 for (k = 0; k < submit_queues; ++k)
6763 spin_lock_init(&sdebug_q_arr[k].qc_lock);
6764
6765 /*
6766 * check for host managed zoned block device specified with
6767 * ptype=0x14 or zbc=XXX.
6768 */
6769 if (sdebug_ptype == TYPE_ZBC) {
6770 sdeb_zbc_model = BLK_ZONED_HM;
6771 } else if (sdeb_zbc_model_s && *sdeb_zbc_model_s) {
6772 k = sdeb_zbc_model_str(sdeb_zbc_model_s);
6773 if (k < 0) {
6774 ret = k;
6775 goto free_q_arr;
6776 }
6777 sdeb_zbc_model = k;
6778 switch (sdeb_zbc_model) {
6779 case BLK_ZONED_NONE:
6780 case BLK_ZONED_HA:
6781 sdebug_ptype = TYPE_DISK;
6782 break;
6783 case BLK_ZONED_HM:
6784 sdebug_ptype = TYPE_ZBC;
6785 break;
6786 default:
6787 pr_err("Invalid ZBC model\n");
6788 ret = -EINVAL;
6789 goto free_q_arr;
6790 }
6791 }
6792 if (sdeb_zbc_model != BLK_ZONED_NONE) {
6793 sdeb_zbc_in_use = true;
6794 if (sdebug_dev_size_mb == DEF_DEV_SIZE_PRE_INIT)
6795 sdebug_dev_size_mb = DEF_ZBC_DEV_SIZE_MB;
6796 }
6797
6798 if (sdebug_dev_size_mb == DEF_DEV_SIZE_PRE_INIT)
6799 sdebug_dev_size_mb = DEF_DEV_SIZE_MB;
6800 if (sdebug_dev_size_mb < 1)
6801 sdebug_dev_size_mb = 1; /* force minimum 1 MB ramdisk */
6802 sz = (unsigned long)sdebug_dev_size_mb * 1048576;
6803 sdebug_store_sectors = sz / sdebug_sector_size;
6804 sdebug_capacity = get_sdebug_capacity();
6805
6806 /* play around with geometry, don't waste too much on track 0 */
6807 sdebug_heads = 8;
6808 sdebug_sectors_per = 32;
6809 if (sdebug_dev_size_mb >= 256)
6810 sdebug_heads = 64;
6811 else if (sdebug_dev_size_mb >= 16)
6812 sdebug_heads = 32;
6813 sdebug_cylinders_per = (unsigned long)sdebug_capacity /
6814 (sdebug_sectors_per * sdebug_heads);
6815 if (sdebug_cylinders_per >= 1024) {
6816 /* other LLDs do this; implies >= 1GB ram disk ... */
6817 sdebug_heads = 255;
6818 sdebug_sectors_per = 63;
6819 sdebug_cylinders_per = (unsigned long)sdebug_capacity /
6820 (sdebug_sectors_per * sdebug_heads);
6821 }
6822 if (scsi_debug_lbp()) {
6823 sdebug_unmap_max_blocks =
6824 clamp(sdebug_unmap_max_blocks, 0U, 0xffffffffU);
6825
6826 sdebug_unmap_max_desc =
6827 clamp(sdebug_unmap_max_desc, 0U, 256U);
6828
6829 sdebug_unmap_granularity =
6830 clamp(sdebug_unmap_granularity, 1U, 0xffffffffU);
6831
6832 if (sdebug_unmap_alignment &&
6833 sdebug_unmap_granularity <=
6834 sdebug_unmap_alignment) {
6835 pr_err("ERR: unmap_granularity <= unmap_alignment\n");
6836 ret = -EINVAL;
6837 goto free_q_arr;
6838 }
6839 }
6840 xa_init_flags(per_store_ap, XA_FLAGS_ALLOC | XA_FLAGS_LOCK_IRQ);
6841 if (want_store) {
6842 idx = sdebug_add_store();
6843 if (idx < 0) {
6844 ret = idx;
6845 goto free_q_arr;
6846 }
6847 }
6848
6849 pseudo_primary = root_device_register("pseudo_0");
6850 if (IS_ERR(pseudo_primary)) {
6851 pr_warn("root_device_register() error\n");
6852 ret = PTR_ERR(pseudo_primary);
6853 goto free_vm;
6854 }
6855 ret = bus_register(&pseudo_lld_bus);
6856 if (ret < 0) {
6857 pr_warn("bus_register error: %d\n", ret);
6858 goto dev_unreg;
6859 }
6860 ret = driver_register(&sdebug_driverfs_driver);
6861 if (ret < 0) {
6862 pr_warn("driver_register error: %d\n", ret);
6863 goto bus_unreg;
6864 }
6865
6866 hosts_to_add = sdebug_add_host;
6867 sdebug_add_host = 0;
6868
6869 for (k = 0; k < hosts_to_add; k++) {
6870 if (want_store && k == 0) {
6871 ret = sdebug_add_host_helper(idx);
6872 if (ret < 0) {
6873 pr_err("add_host_helper k=%d, error=%d\n",
6874 k, -ret);
6875 break;
6876 }
6877 } else {
6878 ret = sdebug_do_add_host(want_store &&
6879 sdebug_per_host_store);
6880 if (ret < 0) {
6881 pr_err("add_host k=%d error=%d\n", k, -ret);
6882 break;
6883 }
6884 }
6885 }
6886 if (sdebug_verbose)
6887 pr_info("built %d host(s)\n", sdebug_num_hosts);
6888
6889 return 0;
6890
6891bus_unreg:
6892 bus_unregister(&pseudo_lld_bus);
6893dev_unreg:
6894 root_device_unregister(pseudo_primary);
6895free_vm:
6896 sdebug_erase_store(idx, NULL);
6897free_q_arr:
6898 kfree(sdebug_q_arr);
6899 return ret;
6900}
6901
6902static void __exit scsi_debug_exit(void)
6903{
6904 int k = sdebug_num_hosts;
6905
6906 stop_all_queued();
6907 for (; k; k--)
6908 sdebug_do_remove_host(true);
6909 free_all_queued();
6910 driver_unregister(&sdebug_driverfs_driver);
6911 bus_unregister(&pseudo_lld_bus);
6912 root_device_unregister(pseudo_primary);
6913
6914 sdebug_erase_all_stores(false);
6915 xa_destroy(per_store_ap);
6916 kfree(sdebug_q_arr);
6917}
6918
6919device_initcall(scsi_debug_init);
6920module_exit(scsi_debug_exit);
6921
6922static void sdebug_release_adapter(struct device *dev)
6923{
6924 struct sdebug_host_info *sdbg_host;
6925
6926 sdbg_host = to_sdebug_host(dev);
6927 kfree(sdbg_host);
6928}
6929
6930/* idx must be valid, if sip is NULL then it will be obtained using idx */
6931static void sdebug_erase_store(int idx, struct sdeb_store_info *sip)
6932{
6933 if (idx < 0)
6934 return;
6935 if (!sip) {
6936 if (xa_empty(per_store_ap))
6937 return;
6938 sip = xa_load(per_store_ap, idx);
6939 if (!sip)
6940 return;
6941 }
6942 vfree(sip->map_storep);
6943 vfree(sip->dif_storep);
6944 vfree(sip->storep);
6945 xa_erase(per_store_ap, idx);
6946 kfree(sip);
6947}
6948
6949/* Assume apart_from_first==false only in shutdown case. */
6950static void sdebug_erase_all_stores(bool apart_from_first)
6951{
6952 unsigned long idx;
6953 struct sdeb_store_info *sip = NULL;
6954
6955 xa_for_each(per_store_ap, idx, sip) {
6956 if (apart_from_first)
6957 apart_from_first = false;
6958 else
6959 sdebug_erase_store(idx, sip);
6960 }
6961 if (apart_from_first)
6962 sdeb_most_recent_idx = sdeb_first_idx;
6963}
6964
6965/*
6966 * Returns store xarray new element index (idx) if >=0 else negated errno.
6967 * Limit the number of stores to 65536.
6968 */
6969static int sdebug_add_store(void)
6970{
6971 int res;
6972 u32 n_idx;
6973 unsigned long iflags;
6974 unsigned long sz = (unsigned long)sdebug_dev_size_mb * 1048576;
6975 struct sdeb_store_info *sip = NULL;
6976 struct xa_limit xal = { .max = 1 << 16, .min = 0 };
6977
6978 sip = kzalloc(sizeof(*sip), GFP_KERNEL);
6979 if (!sip)
6980 return -ENOMEM;
6981
6982 xa_lock_irqsave(per_store_ap, iflags);
6983 res = __xa_alloc(per_store_ap, &n_idx, sip, xal, GFP_ATOMIC);
6984 if (unlikely(res < 0)) {
6985 xa_unlock_irqrestore(per_store_ap, iflags);
6986 kfree(sip);
6987 pr_warn("%s: xa_alloc() errno=%d\n", __func__, -res);
6988 return res;
6989 }
6990 sdeb_most_recent_idx = n_idx;
6991 if (sdeb_first_idx < 0)
6992 sdeb_first_idx = n_idx;
6993 xa_unlock_irqrestore(per_store_ap, iflags);
6994
6995 res = -ENOMEM;
6996 sip->storep = vzalloc(sz);
6997 if (!sip->storep) {
6998 pr_err("user data oom\n");
6999 goto err;
7000 }
7001 if (sdebug_num_parts > 0)
7002 sdebug_build_parts(sip->storep, sz);
7003
7004 /* DIF/DIX: what T10 calls Protection Information (PI) */
7005 if (sdebug_dix) {
7006 int dif_size;
7007
7008 dif_size = sdebug_store_sectors * sizeof(struct t10_pi_tuple);
7009 sip->dif_storep = vmalloc(dif_size);
7010
7011 pr_info("dif_storep %u bytes @ %pK\n", dif_size,
7012 sip->dif_storep);
7013
7014 if (!sip->dif_storep) {
7015 pr_err("DIX oom\n");
7016 goto err;
7017 }
7018 memset(sip->dif_storep, 0xff, dif_size);
7019 }
7020 /* Logical Block Provisioning */
7021 if (scsi_debug_lbp()) {
7022 map_size = lba_to_map_index(sdebug_store_sectors - 1) + 1;
7023 sip->map_storep = vmalloc(array_size(sizeof(long),
7024 BITS_TO_LONGS(map_size)));
7025
7026 pr_info("%lu provisioning blocks\n", map_size);
7027
7028 if (!sip->map_storep) {
7029 pr_err("LBP map oom\n");
7030 goto err;
7031 }
7032
7033 bitmap_zero(sip->map_storep, map_size);
7034
7035 /* Map first 1KB for partition table */
7036 if (sdebug_num_parts)
7037 map_region(sip, 0, 2);
7038 }
7039
7040 rwlock_init(&sip->macc_lck);
7041 return (int)n_idx;
7042err:
7043 sdebug_erase_store((int)n_idx, sip);
7044 pr_warn("%s: failed, errno=%d\n", __func__, -res);
7045 return res;
7046}
7047
7048static int sdebug_add_host_helper(int per_host_idx)
7049{
7050 int k, devs_per_host, idx;
7051 int error = -ENOMEM;
7052 struct sdebug_host_info *sdbg_host;
7053 struct sdebug_dev_info *sdbg_devinfo, *tmp;
7054
7055 sdbg_host = kzalloc(sizeof(*sdbg_host), GFP_KERNEL);
7056 if (!sdbg_host)
7057 return -ENOMEM;
7058 idx = (per_host_idx < 0) ? sdeb_first_idx : per_host_idx;
7059 if (xa_get_mark(per_store_ap, idx, SDEB_XA_NOT_IN_USE))
7060 xa_clear_mark(per_store_ap, idx, SDEB_XA_NOT_IN_USE);
7061 sdbg_host->si_idx = idx;
7062
7063 INIT_LIST_HEAD(&sdbg_host->dev_info_list);
7064
7065 devs_per_host = sdebug_num_tgts * sdebug_max_luns;
7066 for (k = 0; k < devs_per_host; k++) {
7067 sdbg_devinfo = sdebug_device_create(sdbg_host, GFP_KERNEL);
7068 if (!sdbg_devinfo)
7069 goto clean;
7070 }
7071
7072 spin_lock(&sdebug_host_list_lock);
7073 list_add_tail(&sdbg_host->host_list, &sdebug_host_list);
7074 spin_unlock(&sdebug_host_list_lock);
7075
7076 sdbg_host->dev.bus = &pseudo_lld_bus;
7077 sdbg_host->dev.parent = pseudo_primary;
7078 sdbg_host->dev.release = &sdebug_release_adapter;
7079 dev_set_name(&sdbg_host->dev, "adapter%d", sdebug_num_hosts);
7080
7081 error = device_register(&sdbg_host->dev);
7082 if (error)
7083 goto clean;
7084
7085 ++sdebug_num_hosts;
7086 return 0;
7087
7088clean:
7089 list_for_each_entry_safe(sdbg_devinfo, tmp, &sdbg_host->dev_info_list,
7090 dev_list) {
7091 list_del(&sdbg_devinfo->dev_list);
7092 kfree(sdbg_devinfo->zstate);
7093 kfree(sdbg_devinfo);
7094 }
7095 kfree(sdbg_host);
7096 pr_warn("%s: failed, errno=%d\n", __func__, -error);
7097 return error;
7098}
7099
7100static int sdebug_do_add_host(bool mk_new_store)
7101{
7102 int ph_idx = sdeb_most_recent_idx;
7103
7104 if (mk_new_store) {
7105 ph_idx = sdebug_add_store();
7106 if (ph_idx < 0)
7107 return ph_idx;
7108 }
7109 return sdebug_add_host_helper(ph_idx);
7110}
7111
7112static void sdebug_do_remove_host(bool the_end)
7113{
7114 int idx = -1;
7115 struct sdebug_host_info *sdbg_host = NULL;
7116 struct sdebug_host_info *sdbg_host2;
7117
7118 spin_lock(&sdebug_host_list_lock);
7119 if (!list_empty(&sdebug_host_list)) {
7120 sdbg_host = list_entry(sdebug_host_list.prev,
7121 struct sdebug_host_info, host_list);
7122 idx = sdbg_host->si_idx;
7123 }
7124 if (!the_end && idx >= 0) {
7125 bool unique = true;
7126
7127 list_for_each_entry(sdbg_host2, &sdebug_host_list, host_list) {
7128 if (sdbg_host2 == sdbg_host)
7129 continue;
7130 if (idx == sdbg_host2->si_idx) {
7131 unique = false;
7132 break;
7133 }
7134 }
7135 if (unique) {
7136 xa_set_mark(per_store_ap, idx, SDEB_XA_NOT_IN_USE);
7137 if (idx == sdeb_most_recent_idx)
7138 --sdeb_most_recent_idx;
7139 }
7140 }
7141 if (sdbg_host)
7142 list_del(&sdbg_host->host_list);
7143 spin_unlock(&sdebug_host_list_lock);
7144
7145 if (!sdbg_host)
7146 return;
7147
7148 device_unregister(&sdbg_host->dev);
7149 --sdebug_num_hosts;
7150}
7151
7152static int sdebug_change_qdepth(struct scsi_device *sdev, int qdepth)
7153{
7154 int num_in_q = 0;
7155 struct sdebug_dev_info *devip;
7156
7157 block_unblock_all_queues(true);
7158 devip = (struct sdebug_dev_info *)sdev->hostdata;
7159 if (NULL == devip) {
7160 block_unblock_all_queues(false);
7161 return -ENODEV;
7162 }
7163 num_in_q = atomic_read(&devip->num_in_q);
7164
7165 if (qdepth > SDEBUG_CANQUEUE) {
7166 qdepth = SDEBUG_CANQUEUE;
7167 pr_warn("%s: requested qdepth [%d] exceeds canqueue [%d], trim\n", __func__,
7168 qdepth, SDEBUG_CANQUEUE);
7169 }
7170 if (qdepth < 1)
7171 qdepth = 1;
7172 if (qdepth != sdev->queue_depth)
7173 scsi_change_queue_depth(sdev, qdepth);
7174
7175 if (SDEBUG_OPT_Q_NOISE & sdebug_opts) {
7176 sdev_printk(KERN_INFO, sdev, "%s: qdepth=%d, num_in_q=%d\n",
7177 __func__, qdepth, num_in_q);
7178 }
7179 block_unblock_all_queues(false);
7180 return sdev->queue_depth;
7181}
7182
7183static bool fake_timeout(struct scsi_cmnd *scp)
7184{
7185 if (0 == (atomic_read(&sdebug_cmnd_count) % abs(sdebug_every_nth))) {
7186 if (sdebug_every_nth < -1)
7187 sdebug_every_nth = -1;
7188 if (SDEBUG_OPT_TIMEOUT & sdebug_opts)
7189 return true; /* ignore command causing timeout */
7190 else if (SDEBUG_OPT_MAC_TIMEOUT & sdebug_opts &&
7191 scsi_medium_access_command(scp))
7192 return true; /* time out reads and writes */
7193 }
7194 return false;
7195}
7196
7197/* Response to TUR or media access command when device stopped */
7198static int resp_not_ready(struct scsi_cmnd *scp, struct sdebug_dev_info *devip)
7199{
7200 int stopped_state;
7201 u64 diff_ns = 0;
7202 ktime_t now_ts = ktime_get_boottime();
7203 struct scsi_device *sdp = scp->device;
7204
7205 stopped_state = atomic_read(&devip->stopped);
7206 if (stopped_state == 2) {
7207 if (ktime_to_ns(now_ts) > ktime_to_ns(devip->create_ts)) {
7208 diff_ns = ktime_to_ns(ktime_sub(now_ts, devip->create_ts));
7209 if (diff_ns >= ((u64)sdeb_tur_ms_to_ready * 1000000)) {
7210 /* tur_ms_to_ready timer extinguished */
7211 atomic_set(&devip->stopped, 0);
7212 return 0;
7213 }
7214 }
7215 mk_sense_buffer(scp, NOT_READY, LOGICAL_UNIT_NOT_READY, 0x1);
7216 if (sdebug_verbose)
7217 sdev_printk(KERN_INFO, sdp,
7218 "%s: Not ready: in process of becoming ready\n", my_name);
7219 if (scp->cmnd[0] == TEST_UNIT_READY) {
7220 u64 tur_nanosecs_to_ready = (u64)sdeb_tur_ms_to_ready * 1000000;
7221
7222 if (diff_ns <= tur_nanosecs_to_ready)
7223 diff_ns = tur_nanosecs_to_ready - diff_ns;
7224 else
7225 diff_ns = tur_nanosecs_to_ready;
7226 /* As per 20-061r2 approved for spc6 by T10 on 20200716 */
7227 do_div(diff_ns, 1000000); /* diff_ns becomes milliseconds */
7228 scsi_set_sense_information(scp->sense_buffer, SCSI_SENSE_BUFFERSIZE,
7229 diff_ns);
7230 return check_condition_result;
7231 }
7232 }
7233 mk_sense_buffer(scp, NOT_READY, LOGICAL_UNIT_NOT_READY, 0x2);
7234 if (sdebug_verbose)
7235 sdev_printk(KERN_INFO, sdp, "%s: Not ready: initializing command required\n",
7236 my_name);
7237 return check_condition_result;
7238}
7239
7240static int sdebug_map_queues(struct Scsi_Host *shost)
7241{
7242 int i, qoff;
7243
7244 if (shost->nr_hw_queues == 1)
7245 return 0;
7246
7247 for (i = 0, qoff = 0; i < HCTX_MAX_TYPES; i++) {
7248 struct blk_mq_queue_map *map = &shost->tag_set.map[i];
7249
7250 map->nr_queues = 0;
7251
7252 if (i == HCTX_TYPE_DEFAULT)
7253 map->nr_queues = submit_queues - poll_queues;
7254 else if (i == HCTX_TYPE_POLL)
7255 map->nr_queues = poll_queues;
7256
7257 if (!map->nr_queues) {
7258 BUG_ON(i == HCTX_TYPE_DEFAULT);
7259 continue;
7260 }
7261
7262 map->queue_offset = qoff;
7263 blk_mq_map_queues(map);
7264
7265 qoff += map->nr_queues;
7266 }
7267
7268 return 0;
7269
7270}
7271
7272static int sdebug_blk_mq_poll(struct Scsi_Host *shost, unsigned int queue_num)
7273{
7274 bool first;
7275 bool retiring = false;
7276 int num_entries = 0;
7277 unsigned int qc_idx = 0;
7278 unsigned long iflags;
7279 ktime_t kt_from_boot = ktime_get_boottime();
7280 struct sdebug_queue *sqp;
7281 struct sdebug_queued_cmd *sqcp;
7282 struct scsi_cmnd *scp;
7283 struct sdebug_dev_info *devip;
7284 struct sdebug_defer *sd_dp;
7285
7286 sqp = sdebug_q_arr + queue_num;
7287 spin_lock_irqsave(&sqp->qc_lock, iflags);
7288
7289 for (first = true; first || qc_idx + 1 < sdebug_max_queue; ) {
7290 if (first) {
7291 qc_idx = find_first_bit(sqp->in_use_bm, sdebug_max_queue);
7292 first = false;
7293 } else {
7294 qc_idx = find_next_bit(sqp->in_use_bm, sdebug_max_queue, qc_idx + 1);
7295 }
7296 if (unlikely(qc_idx >= sdebug_max_queue))
7297 break;
7298
7299 sqcp = &sqp->qc_arr[qc_idx];
7300 sd_dp = sqcp->sd_dp;
7301 if (unlikely(!sd_dp))
7302 continue;
7303 scp = sqcp->a_cmnd;
7304 if (unlikely(scp == NULL)) {
7305 pr_err("scp is NULL, queue_num=%d, qc_idx=%u from %s\n",
7306 queue_num, qc_idx, __func__);
7307 break;
7308 }
7309 if (sd_dp->defer_t == SDEB_DEFER_POLL) {
7310 if (kt_from_boot < sd_dp->cmpl_ts)
7311 continue;
7312
7313 } else /* ignoring non REQ_HIPRI requests */
7314 continue;
7315 devip = (struct sdebug_dev_info *)scp->device->hostdata;
7316 if (likely(devip))
7317 atomic_dec(&devip->num_in_q);
7318 else
7319 pr_err("devip=NULL from %s\n", __func__);
7320 if (unlikely(atomic_read(&retired_max_queue) > 0))
7321 retiring = true;
7322
7323 sqcp->a_cmnd = NULL;
7324 if (unlikely(!test_and_clear_bit(qc_idx, sqp->in_use_bm))) {
7325 pr_err("Unexpected completion sqp %p queue_num=%d qc_idx=%u from %s\n",
7326 sqp, queue_num, qc_idx, __func__);
7327 break;
7328 }
7329 if (unlikely(retiring)) { /* user has reduced max_queue */
7330 int k, retval;
7331
7332 retval = atomic_read(&retired_max_queue);
7333 if (qc_idx >= retval) {
7334 pr_err("index %d too large\n", retval);
7335 break;
7336 }
7337 k = find_last_bit(sqp->in_use_bm, retval);
7338 if ((k < sdebug_max_queue) || (k == retval))
7339 atomic_set(&retired_max_queue, 0);
7340 else
7341 atomic_set(&retired_max_queue, k + 1);
7342 }
7343 sd_dp->defer_t = SDEB_DEFER_NONE;
7344 spin_unlock_irqrestore(&sqp->qc_lock, iflags);
7345 scp->scsi_done(scp); /* callback to mid level */
7346 spin_lock_irqsave(&sqp->qc_lock, iflags);
7347 num_entries++;
7348 }
7349 spin_unlock_irqrestore(&sqp->qc_lock, iflags);
7350 if (num_entries > 0)
7351 atomic_add(num_entries, &sdeb_mq_poll_count);
7352 return num_entries;
7353}
7354
7355static int scsi_debug_queuecommand(struct Scsi_Host *shost,
7356 struct scsi_cmnd *scp)
7357{
7358 u8 sdeb_i;
7359 struct scsi_device *sdp = scp->device;
7360 const struct opcode_info_t *oip;
7361 const struct opcode_info_t *r_oip;
7362 struct sdebug_dev_info *devip;
7363 u8 *cmd = scp->cmnd;
7364 int (*r_pfp)(struct scsi_cmnd *, struct sdebug_dev_info *);
7365 int (*pfp)(struct scsi_cmnd *, struct sdebug_dev_info *) = NULL;
7366 int k, na;
7367 int errsts = 0;
7368 u64 lun_index = sdp->lun & 0x3FFF;
7369 u32 flags;
7370 u16 sa;
7371 u8 opcode = cmd[0];
7372 bool has_wlun_rl;
7373 bool inject_now;
7374
7375 scsi_set_resid(scp, 0);
7376 if (sdebug_statistics) {
7377 atomic_inc(&sdebug_cmnd_count);
7378 inject_now = inject_on_this_cmd();
7379 } else {
7380 inject_now = false;
7381 }
7382 if (unlikely(sdebug_verbose &&
7383 !(SDEBUG_OPT_NO_CDB_NOISE & sdebug_opts))) {
7384 char b[120];
7385 int n, len, sb;
7386
7387 len = scp->cmd_len;
7388 sb = (int)sizeof(b);
7389 if (len > 32)
7390 strcpy(b, "too long, over 32 bytes");
7391 else {
7392 for (k = 0, n = 0; k < len && n < sb; ++k)
7393 n += scnprintf(b + n, sb - n, "%02x ",
7394 (u32)cmd[k]);
7395 }
7396 sdev_printk(KERN_INFO, sdp, "%s: tag=%#x, cmd %s\n", my_name,
7397 blk_mq_unique_tag(scp->request), b);
7398 }
7399 if (unlikely(inject_now && (sdebug_opts & SDEBUG_OPT_HOST_BUSY)))
7400 return SCSI_MLQUEUE_HOST_BUSY;
7401 has_wlun_rl = (sdp->lun == SCSI_W_LUN_REPORT_LUNS);
7402 if (unlikely(lun_index >= sdebug_max_luns && !has_wlun_rl))
7403 goto err_out;
7404
7405 sdeb_i = opcode_ind_arr[opcode]; /* fully mapped */
7406 oip = &opcode_info_arr[sdeb_i]; /* safe if table consistent */
7407 devip = (struct sdebug_dev_info *)sdp->hostdata;
7408 if (unlikely(!devip)) {
7409 devip = find_build_dev_info(sdp);
7410 if (NULL == devip)
7411 goto err_out;
7412 }
7413 if (unlikely(inject_now && !atomic_read(&sdeb_inject_pending)))
7414 atomic_set(&sdeb_inject_pending, 1);
7415
7416 na = oip->num_attached;
7417 r_pfp = oip->pfp;
7418 if (na) { /* multiple commands with this opcode */
7419 r_oip = oip;
7420 if (FF_SA & r_oip->flags) {
7421 if (F_SA_LOW & oip->flags)
7422 sa = 0x1f & cmd[1];
7423 else
7424 sa = get_unaligned_be16(cmd + 8);
7425 for (k = 0; k <= na; oip = r_oip->arrp + k++) {
7426 if (opcode == oip->opcode && sa == oip->sa)
7427 break;
7428 }
7429 } else { /* since no service action only check opcode */
7430 for (k = 0; k <= na; oip = r_oip->arrp + k++) {
7431 if (opcode == oip->opcode)
7432 break;
7433 }
7434 }
7435 if (k > na) {
7436 if (F_SA_LOW & r_oip->flags)
7437 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 1, 4);
7438 else if (F_SA_HIGH & r_oip->flags)
7439 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 8, 7);
7440 else
7441 mk_sense_invalid_opcode(scp);
7442 goto check_cond;
7443 }
7444 } /* else (when na==0) we assume the oip is a match */
7445 flags = oip->flags;
7446 if (unlikely(F_INV_OP & flags)) {
7447 mk_sense_invalid_opcode(scp);
7448 goto check_cond;
7449 }
7450 if (unlikely(has_wlun_rl && !(F_RL_WLUN_OK & flags))) {
7451 if (sdebug_verbose)
7452 sdev_printk(KERN_INFO, sdp, "%s: Opcode 0x%x not%s\n",
7453 my_name, opcode, " supported for wlun");
7454 mk_sense_invalid_opcode(scp);
7455 goto check_cond;
7456 }
7457 if (unlikely(sdebug_strict)) { /* check cdb against mask */
7458 u8 rem;
7459 int j;
7460
7461 for (k = 1; k < oip->len_mask[0] && k < 16; ++k) {
7462 rem = ~oip->len_mask[k] & cmd[k];
7463 if (rem) {
7464 for (j = 7; j >= 0; --j, rem <<= 1) {
7465 if (0x80 & rem)
7466 break;
7467 }
7468 mk_sense_invalid_fld(scp, SDEB_IN_CDB, k, j);
7469 goto check_cond;
7470 }
7471 }
7472 }
7473 if (unlikely(!(F_SKIP_UA & flags) &&
7474 find_first_bit(devip->uas_bm,
7475 SDEBUG_NUM_UAS) != SDEBUG_NUM_UAS)) {
7476 errsts = make_ua(scp, devip);
7477 if (errsts)
7478 goto check_cond;
7479 }
7480 if (unlikely(((F_M_ACCESS & flags) || scp->cmnd[0] == TEST_UNIT_READY) &&
7481 atomic_read(&devip->stopped))) {
7482 errsts = resp_not_ready(scp, devip);
7483 if (errsts)
7484 goto fini;
7485 }
7486 if (sdebug_fake_rw && (F_FAKE_RW & flags))
7487 goto fini;
7488 if (unlikely(sdebug_every_nth)) {
7489 if (fake_timeout(scp))
7490 return 0; /* ignore command: make trouble */
7491 }
7492 if (likely(oip->pfp))
7493 pfp = oip->pfp; /* calls a resp_* function */
7494 else
7495 pfp = r_pfp; /* if leaf function ptr NULL, try the root's */
7496
7497fini:
7498 if (F_DELAY_OVERR & flags) /* cmds like INQUIRY respond asap */
7499 return schedule_resp(scp, devip, errsts, pfp, 0, 0);
7500 else if ((flags & F_LONG_DELAY) && (sdebug_jdelay > 0 ||
7501 sdebug_ndelay > 10000)) {
7502 /*
7503 * Skip long delays if ndelay <= 10 microseconds. Otherwise
7504 * for Start Stop Unit (SSU) want at least 1 second delay and
7505 * if sdebug_jdelay>1 want a long delay of that many seconds.
7506 * For Synchronize Cache want 1/20 of SSU's delay.
7507 */
7508 int jdelay = (sdebug_jdelay < 2) ? 1 : sdebug_jdelay;
7509 int denom = (flags & F_SYNC_DELAY) ? 20 : 1;
7510
7511 jdelay = mult_frac(USER_HZ * jdelay, HZ, denom * USER_HZ);
7512 return schedule_resp(scp, devip, errsts, pfp, jdelay, 0);
7513 } else
7514 return schedule_resp(scp, devip, errsts, pfp, sdebug_jdelay,
7515 sdebug_ndelay);
7516check_cond:
7517 return schedule_resp(scp, devip, check_condition_result, NULL, 0, 0);
7518err_out:
7519 return schedule_resp(scp, NULL, DID_NO_CONNECT << 16, NULL, 0, 0);
7520}
7521
7522static struct scsi_host_template sdebug_driver_template = {
7523 .show_info = scsi_debug_show_info,
7524 .write_info = scsi_debug_write_info,
7525 .proc_name = sdebug_proc_name,
7526 .name = "SCSI DEBUG",
7527 .info = scsi_debug_info,
7528 .slave_alloc = scsi_debug_slave_alloc,
7529 .slave_configure = scsi_debug_slave_configure,
7530 .slave_destroy = scsi_debug_slave_destroy,
7531 .ioctl = scsi_debug_ioctl,
7532 .queuecommand = scsi_debug_queuecommand,
7533 .change_queue_depth = sdebug_change_qdepth,
7534 .map_queues = sdebug_map_queues,
7535 .mq_poll = sdebug_blk_mq_poll,
7536 .eh_abort_handler = scsi_debug_abort,
7537 .eh_device_reset_handler = scsi_debug_device_reset,
7538 .eh_target_reset_handler = scsi_debug_target_reset,
7539 .eh_bus_reset_handler = scsi_debug_bus_reset,
7540 .eh_host_reset_handler = scsi_debug_host_reset,
7541 .can_queue = SDEBUG_CANQUEUE,
7542 .this_id = 7,
7543 .sg_tablesize = SG_MAX_SEGMENTS,
7544 .cmd_per_lun = DEF_CMD_PER_LUN,
7545 .max_sectors = -1U,
7546 .max_segment_size = -1U,
7547 .module = THIS_MODULE,
7548 .track_queue_depth = 1,
7549};
7550
7551static int sdebug_driver_probe(struct device *dev)
7552{
7553 int error = 0;
7554 struct sdebug_host_info *sdbg_host;
7555 struct Scsi_Host *hpnt;
7556 int hprot;
7557
7558 sdbg_host = to_sdebug_host(dev);
7559
7560 sdebug_driver_template.can_queue = sdebug_max_queue;
7561 sdebug_driver_template.cmd_per_lun = sdebug_max_queue;
7562 if (!sdebug_clustering)
7563 sdebug_driver_template.dma_boundary = PAGE_SIZE - 1;
7564
7565 hpnt = scsi_host_alloc(&sdebug_driver_template, sizeof(sdbg_host));
7566 if (NULL == hpnt) {
7567 pr_err("scsi_host_alloc failed\n");
7568 error = -ENODEV;
7569 return error;
7570 }
7571 if (submit_queues > nr_cpu_ids) {
7572 pr_warn("%s: trim submit_queues (was %d) to nr_cpu_ids=%u\n",
7573 my_name, submit_queues, nr_cpu_ids);
7574 submit_queues = nr_cpu_ids;
7575 }
7576 /*
7577 * Decide whether to tell scsi subsystem that we want mq. The
7578 * following should give the same answer for each host.
7579 */
7580 hpnt->nr_hw_queues = submit_queues;
7581 if (sdebug_host_max_queue)
7582 hpnt->host_tagset = 1;
7583
7584 /* poll queues are possible for nr_hw_queues > 1 */
7585 if (hpnt->nr_hw_queues == 1 || (poll_queues < 1)) {
7586 pr_warn("%s: trim poll_queues to 0. poll_q/nr_hw = (%d/%d)\n",
7587 my_name, poll_queues, hpnt->nr_hw_queues);
7588 poll_queues = 0;
7589 }
7590
7591 /*
7592 * Poll queues don't need interrupts, but we need at least one I/O queue
7593 * left over for non-polled I/O.
7594 * If condition not met, trim poll_queues to 1 (just for simplicity).
7595 */
7596 if (poll_queues >= submit_queues) {
7597 if (submit_queues < 3)
7598 pr_warn("%s: trim poll_queues to 1\n", my_name);
7599 else
7600 pr_warn("%s: trim poll_queues to 1. Perhaps try poll_queues=%d\n",
7601 my_name, submit_queues - 1);
7602 poll_queues = 1;
7603 }
7604 if (poll_queues)
7605 hpnt->nr_maps = 3;
7606
7607 sdbg_host->shost = hpnt;
7608 *((struct sdebug_host_info **)hpnt->hostdata) = sdbg_host;
7609 if ((hpnt->this_id >= 0) && (sdebug_num_tgts > hpnt->this_id))
7610 hpnt->max_id = sdebug_num_tgts + 1;
7611 else
7612 hpnt->max_id = sdebug_num_tgts;
7613 /* = sdebug_max_luns; */
7614 hpnt->max_lun = SCSI_W_LUN_REPORT_LUNS + 1;
7615
7616 hprot = 0;
7617
7618 switch (sdebug_dif) {
7619
7620 case T10_PI_TYPE1_PROTECTION:
7621 hprot = SHOST_DIF_TYPE1_PROTECTION;
7622 if (sdebug_dix)
7623 hprot |= SHOST_DIX_TYPE1_PROTECTION;
7624 break;
7625
7626 case T10_PI_TYPE2_PROTECTION:
7627 hprot = SHOST_DIF_TYPE2_PROTECTION;
7628 if (sdebug_dix)
7629 hprot |= SHOST_DIX_TYPE2_PROTECTION;
7630 break;
7631
7632 case T10_PI_TYPE3_PROTECTION:
7633 hprot = SHOST_DIF_TYPE3_PROTECTION;
7634 if (sdebug_dix)
7635 hprot |= SHOST_DIX_TYPE3_PROTECTION;
7636 break;
7637
7638 default:
7639 if (sdebug_dix)
7640 hprot |= SHOST_DIX_TYPE0_PROTECTION;
7641 break;
7642 }
7643
7644 scsi_host_set_prot(hpnt, hprot);
7645
7646 if (have_dif_prot || sdebug_dix)
7647 pr_info("host protection%s%s%s%s%s%s%s\n",
7648 (hprot & SHOST_DIF_TYPE1_PROTECTION) ? " DIF1" : "",
7649 (hprot & SHOST_DIF_TYPE2_PROTECTION) ? " DIF2" : "",
7650 (hprot & SHOST_DIF_TYPE3_PROTECTION) ? " DIF3" : "",
7651 (hprot & SHOST_DIX_TYPE0_PROTECTION) ? " DIX0" : "",
7652 (hprot & SHOST_DIX_TYPE1_PROTECTION) ? " DIX1" : "",
7653 (hprot & SHOST_DIX_TYPE2_PROTECTION) ? " DIX2" : "",
7654 (hprot & SHOST_DIX_TYPE3_PROTECTION) ? " DIX3" : "");
7655
7656 if (sdebug_guard == 1)
7657 scsi_host_set_guard(hpnt, SHOST_DIX_GUARD_IP);
7658 else
7659 scsi_host_set_guard(hpnt, SHOST_DIX_GUARD_CRC);
7660
7661 sdebug_verbose = !!(SDEBUG_OPT_NOISE & sdebug_opts);
7662 sdebug_any_injecting_opt = !!(SDEBUG_OPT_ALL_INJECTING & sdebug_opts);
7663 if (sdebug_every_nth) /* need stats counters for every_nth */
7664 sdebug_statistics = true;
7665 error = scsi_add_host(hpnt, &sdbg_host->dev);
7666 if (error) {
7667 pr_err("scsi_add_host failed\n");
7668 error = -ENODEV;
7669 scsi_host_put(hpnt);
7670 } else {
7671 scsi_scan_host(hpnt);
7672 }
7673
7674 return error;
7675}
7676
7677static int sdebug_driver_remove(struct device *dev)
7678{
7679 struct sdebug_host_info *sdbg_host;
7680 struct sdebug_dev_info *sdbg_devinfo, *tmp;
7681
7682 sdbg_host = to_sdebug_host(dev);
7683
7684 scsi_remove_host(sdbg_host->shost);
7685
7686 list_for_each_entry_safe(sdbg_devinfo, tmp, &sdbg_host->dev_info_list,
7687 dev_list) {
7688 list_del(&sdbg_devinfo->dev_list);
7689 kfree(sdbg_devinfo->zstate);
7690 kfree(sdbg_devinfo);
7691 }
7692
7693 scsi_host_put(sdbg_host->shost);
7694 return 0;
7695}
7696
7697static int pseudo_lld_bus_match(struct device *dev,
7698 struct device_driver *dev_driver)
7699{
7700 return 1;
7701}
7702
7703static struct bus_type pseudo_lld_bus = {
7704 .name = "pseudo",
7705 .match = pseudo_lld_bus_match,
7706 .probe = sdebug_driver_probe,
7707 .remove = sdebug_driver_remove,
7708 .drv_groups = sdebug_drv_groups,
7709};
1// SPDX-License-Identifier: GPL-2.0-or-later
2/*
3 * vvvvvvvvvvvvvvvvvvvvvvv Original vvvvvvvvvvvvvvvvvvvvvvvvvvvvvvv
4 * Copyright (C) 1992 Eric Youngdale
5 * Simulate a host adapter with 2 disks attached. Do a lot of checking
6 * to make sure that we are not getting blocks mixed up, and PANIC if
7 * anything out of the ordinary is seen.
8 * ^^^^^^^^^^^^^^^^^^^^^^^ Original ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
9 *
10 * Copyright (C) 2001 - 2021 Douglas Gilbert
11 *
12 * For documentation see http://sg.danny.cz/sg/scsi_debug.html
13 */
14
15
16#define pr_fmt(fmt) KBUILD_MODNAME ":%s: " fmt, __func__
17
18#include <linux/module.h>
19#include <linux/align.h>
20#include <linux/kernel.h>
21#include <linux/errno.h>
22#include <linux/jiffies.h>
23#include <linux/slab.h>
24#include <linux/types.h>
25#include <linux/string.h>
26#include <linux/fs.h>
27#include <linux/init.h>
28#include <linux/proc_fs.h>
29#include <linux/vmalloc.h>
30#include <linux/moduleparam.h>
31#include <linux/scatterlist.h>
32#include <linux/blkdev.h>
33#include <linux/crc-t10dif.h>
34#include <linux/spinlock.h>
35#include <linux/interrupt.h>
36#include <linux/atomic.h>
37#include <linux/hrtimer.h>
38#include <linux/uuid.h>
39#include <linux/t10-pi.h>
40#include <linux/msdos_partition.h>
41#include <linux/random.h>
42#include <linux/xarray.h>
43#include <linux/prefetch.h>
44#include <linux/debugfs.h>
45#include <linux/async.h>
46#include <linux/cleanup.h>
47
48#include <net/checksum.h>
49
50#include <linux/unaligned.h>
51
52#include <scsi/scsi.h>
53#include <scsi/scsi_cmnd.h>
54#include <scsi/scsi_device.h>
55#include <scsi/scsi_host.h>
56#include <scsi/scsicam.h>
57#include <scsi/scsi_eh.h>
58#include <scsi/scsi_tcq.h>
59#include <scsi/scsi_dbg.h>
60
61#include "sd.h"
62#include "scsi_logging.h"
63
64/* make sure inq_product_rev string corresponds to this version */
65#define SDEBUG_VERSION "0191" /* format to fit INQUIRY revision field */
66static const char *sdebug_version_date = "20210520";
67
68#define MY_NAME "scsi_debug"
69
70/* Additional Sense Code (ASC) */
71#define NO_ADDITIONAL_SENSE 0x0
72#define OVERLAP_ATOMIC_COMMAND_ASC 0x0
73#define OVERLAP_ATOMIC_COMMAND_ASCQ 0x23
74#define LOGICAL_UNIT_NOT_READY 0x4
75#define LOGICAL_UNIT_COMMUNICATION_FAILURE 0x8
76#define UNRECOVERED_READ_ERR 0x11
77#define PARAMETER_LIST_LENGTH_ERR 0x1a
78#define INVALID_OPCODE 0x20
79#define LBA_OUT_OF_RANGE 0x21
80#define INVALID_FIELD_IN_CDB 0x24
81#define INVALID_FIELD_IN_PARAM_LIST 0x26
82#define WRITE_PROTECTED 0x27
83#define UA_RESET_ASC 0x29
84#define UA_CHANGED_ASC 0x2a
85#define TARGET_CHANGED_ASC 0x3f
86#define LUNS_CHANGED_ASCQ 0x0e
87#define INSUFF_RES_ASC 0x55
88#define INSUFF_RES_ASCQ 0x3
89#define POWER_ON_RESET_ASCQ 0x0
90#define POWER_ON_OCCURRED_ASCQ 0x1
91#define BUS_RESET_ASCQ 0x2 /* scsi bus reset occurred */
92#define MODE_CHANGED_ASCQ 0x1 /* mode parameters changed */
93#define CAPACITY_CHANGED_ASCQ 0x9
94#define SAVING_PARAMS_UNSUP 0x39
95#define TRANSPORT_PROBLEM 0x4b
96#define THRESHOLD_EXCEEDED 0x5d
97#define LOW_POWER_COND_ON 0x5e
98#define MISCOMPARE_VERIFY_ASC 0x1d
99#define MICROCODE_CHANGED_ASCQ 0x1 /* with TARGET_CHANGED_ASC */
100#define MICROCODE_CHANGED_WO_RESET_ASCQ 0x16
101#define WRITE_ERROR_ASC 0xc
102#define UNALIGNED_WRITE_ASCQ 0x4
103#define WRITE_BOUNDARY_ASCQ 0x5
104#define READ_INVDATA_ASCQ 0x6
105#define READ_BOUNDARY_ASCQ 0x7
106#define ATTEMPT_ACCESS_GAP 0x9
107#define INSUFF_ZONE_ASCQ 0xe
108/* see drivers/scsi/sense_codes.h */
109
110/* Additional Sense Code Qualifier (ASCQ) */
111#define ACK_NAK_TO 0x3
112
113/* Default values for driver parameters */
114#define DEF_NUM_HOST 1
115#define DEF_NUM_TGTS 1
116#define DEF_MAX_LUNS 1
117/* With these defaults, this driver will make 1 host with 1 target
118 * (id 0) containing 1 logical unit (lun 0). That is 1 device.
119 */
120#define DEF_ATO 1
121#define DEF_CDB_LEN 10
122#define DEF_JDELAY 1 /* if > 0 unit is a jiffy */
123#define DEF_DEV_SIZE_PRE_INIT 0
124#define DEF_DEV_SIZE_MB 8
125#define DEF_ZBC_DEV_SIZE_MB 128
126#define DEF_DIF 0
127#define DEF_DIX 0
128#define DEF_PER_HOST_STORE false
129#define DEF_D_SENSE 0
130#define DEF_EVERY_NTH 0
131#define DEF_FAKE_RW 0
132#define DEF_GUARD 0
133#define DEF_HOST_LOCK 0
134#define DEF_LBPU 0
135#define DEF_LBPWS 0
136#define DEF_LBPWS10 0
137#define DEF_LBPRZ 1
138#define DEF_LOWEST_ALIGNED 0
139#define DEF_NDELAY 0 /* if > 0 unit is a nanosecond */
140#define DEF_NO_LUN_0 0
141#define DEF_NUM_PARTS 0
142#define DEF_OPTS 0
143#define DEF_OPT_BLKS 1024
144#define DEF_PHYSBLK_EXP 0
145#define DEF_OPT_XFERLEN_EXP 0
146#define DEF_PTYPE TYPE_DISK
147#define DEF_RANDOM false
148#define DEF_REMOVABLE false
149#define DEF_SCSI_LEVEL 7 /* INQUIRY, byte2 [6->SPC-4; 7->SPC-5] */
150#define DEF_SECTOR_SIZE 512
151#define DEF_UNMAP_ALIGNMENT 0
152#define DEF_UNMAP_GRANULARITY 1
153#define DEF_UNMAP_MAX_BLOCKS 0xFFFFFFFF
154#define DEF_UNMAP_MAX_DESC 256
155#define DEF_VIRTUAL_GB 0
156#define DEF_VPD_USE_HOSTNO 1
157#define DEF_WRITESAME_LENGTH 0xFFFF
158#define DEF_ATOMIC_WR 0
159#define DEF_ATOMIC_WR_MAX_LENGTH 8192
160#define DEF_ATOMIC_WR_ALIGN 2
161#define DEF_ATOMIC_WR_GRAN 2
162#define DEF_ATOMIC_WR_MAX_LENGTH_BNDRY (DEF_ATOMIC_WR_MAX_LENGTH)
163#define DEF_ATOMIC_WR_MAX_BNDRY 128
164#define DEF_STRICT 0
165#define DEF_STATISTICS false
166#define DEF_SUBMIT_QUEUES 1
167#define DEF_TUR_MS_TO_READY 0
168#define DEF_UUID_CTL 0
169#define JDELAY_OVERRIDDEN -9999
170
171/* Default parameters for ZBC drives */
172#define DEF_ZBC_ZONE_SIZE_MB 128
173#define DEF_ZBC_MAX_OPEN_ZONES 8
174#define DEF_ZBC_NR_CONV_ZONES 1
175
176#define SDEBUG_LUN_0_VAL 0
177
178/* bit mask values for sdebug_opts */
179#define SDEBUG_OPT_NOISE 1
180#define SDEBUG_OPT_MEDIUM_ERR 2
181#define SDEBUG_OPT_TIMEOUT 4
182#define SDEBUG_OPT_RECOVERED_ERR 8
183#define SDEBUG_OPT_TRANSPORT_ERR 16
184#define SDEBUG_OPT_DIF_ERR 32
185#define SDEBUG_OPT_DIX_ERR 64
186#define SDEBUG_OPT_MAC_TIMEOUT 128
187#define SDEBUG_OPT_SHORT_TRANSFER 0x100
188#define SDEBUG_OPT_Q_NOISE 0x200
189#define SDEBUG_OPT_ALL_TSF 0x400 /* ignore */
190#define SDEBUG_OPT_RARE_TSF 0x800
191#define SDEBUG_OPT_N_WCE 0x1000
192#define SDEBUG_OPT_RESET_NOISE 0x2000
193#define SDEBUG_OPT_NO_CDB_NOISE 0x4000
194#define SDEBUG_OPT_HOST_BUSY 0x8000
195#define SDEBUG_OPT_CMD_ABORT 0x10000
196#define SDEBUG_OPT_ALL_NOISE (SDEBUG_OPT_NOISE | SDEBUG_OPT_Q_NOISE | \
197 SDEBUG_OPT_RESET_NOISE)
198#define SDEBUG_OPT_ALL_INJECTING (SDEBUG_OPT_RECOVERED_ERR | \
199 SDEBUG_OPT_TRANSPORT_ERR | \
200 SDEBUG_OPT_DIF_ERR | SDEBUG_OPT_DIX_ERR | \
201 SDEBUG_OPT_SHORT_TRANSFER | \
202 SDEBUG_OPT_HOST_BUSY | \
203 SDEBUG_OPT_CMD_ABORT)
204#define SDEBUG_OPT_RECOV_DIF_DIX (SDEBUG_OPT_RECOVERED_ERR | \
205 SDEBUG_OPT_DIF_ERR | SDEBUG_OPT_DIX_ERR)
206
207/* As indicated in SAM-5 and SPC-4 Unit Attentions (UAs) are returned in
208 * priority order. In the subset implemented here lower numbers have higher
209 * priority. The UA numbers should be a sequence starting from 0 with
210 * SDEBUG_NUM_UAS being 1 higher than the highest numbered UA. */
211#define SDEBUG_UA_POR 0 /* Power on, reset, or bus device reset */
212#define SDEBUG_UA_POOCCUR 1 /* Power on occurred */
213#define SDEBUG_UA_BUS_RESET 2
214#define SDEBUG_UA_MODE_CHANGED 3
215#define SDEBUG_UA_CAPACITY_CHANGED 4
216#define SDEBUG_UA_LUNS_CHANGED 5
217#define SDEBUG_UA_MICROCODE_CHANGED 6 /* simulate firmware change */
218#define SDEBUG_UA_MICROCODE_CHANGED_WO_RESET 7
219#define SDEBUG_NUM_UAS 8
220
221/* when 1==SDEBUG_OPT_MEDIUM_ERR, a medium error is simulated at this
222 * sector on read commands: */
223#define OPT_MEDIUM_ERR_ADDR 0x1234 /* that's sector 4660 in decimal */
224#define OPT_MEDIUM_ERR_NUM 10 /* number of consecutive medium errs */
225
226/* SDEBUG_CANQUEUE is the maximum number of commands that can be queued
227 * (for response) per submit queue at one time. Can be reduced by max_queue
228 * option. Command responses are not queued when jdelay=0 and ndelay=0. The
229 * per-device DEF_CMD_PER_LUN can be changed via sysfs:
230 * /sys/class/scsi_device/<h:c:t:l>/device/queue_depth
231 * but cannot exceed SDEBUG_CANQUEUE .
232 */
233#define SDEBUG_CANQUEUE_WORDS 3 /* a WORD is bits in a long */
234#define SDEBUG_CANQUEUE (SDEBUG_CANQUEUE_WORDS * BITS_PER_LONG)
235#define DEF_CMD_PER_LUN SDEBUG_CANQUEUE
236
237/* UA - Unit Attention; SA - Service Action; SSU - Start Stop Unit */
238#define F_D_IN 1 /* Data-in command (e.g. READ) */
239#define F_D_OUT 2 /* Data-out command (e.g. WRITE) */
240#define F_D_OUT_MAYBE 4 /* WRITE SAME, NDOB bit */
241#define F_D_UNKN 8
242#define F_RL_WLUN_OK 0x10 /* allowed with REPORT LUNS W-LUN */
243#define F_SKIP_UA 0x20 /* bypass UAs (e.g. INQUIRY command) */
244#define F_DELAY_OVERR 0x40 /* for commands like INQUIRY */
245#define F_SA_LOW 0x80 /* SA is in cdb byte 1, bits 4 to 0 */
246#define F_SA_HIGH 0x100 /* SA is in cdb bytes 8 and 9 */
247#define F_INV_OP 0x200 /* invalid opcode (not supported) */
248#define F_FAKE_RW 0x400 /* bypass resp_*() when fake_rw set */
249#define F_M_ACCESS 0x800 /* media access, reacts to SSU state */
250#define F_SSU_DELAY 0x1000 /* SSU command delay (long-ish) */
251#define F_SYNC_DELAY 0x2000 /* SYNCHRONIZE CACHE delay */
252
253/* Useful combinations of the above flags */
254#define FF_RESPOND (F_RL_WLUN_OK | F_SKIP_UA | F_DELAY_OVERR)
255#define FF_MEDIA_IO (F_M_ACCESS | F_FAKE_RW)
256#define FF_SA (F_SA_HIGH | F_SA_LOW)
257#define F_LONG_DELAY (F_SSU_DELAY | F_SYNC_DELAY)
258
259#define SDEBUG_MAX_PARTS 4
260
261#define SDEBUG_MAX_CMD_LEN 32
262
263#define SDEB_XA_NOT_IN_USE XA_MARK_1
264
265static struct kmem_cache *queued_cmd_cache;
266
267#define TO_QUEUED_CMD(scmd) ((void *)(scmd)->host_scribble)
268#define ASSIGN_QUEUED_CMD(scmnd, qc) { (scmnd)->host_scribble = (void *) qc; }
269
270/* Zone types (zbcr05 table 25) */
271enum sdebug_z_type {
272 ZBC_ZTYPE_CNV = 0x1,
273 ZBC_ZTYPE_SWR = 0x2,
274 ZBC_ZTYPE_SWP = 0x3,
275 /* ZBC_ZTYPE_SOBR = 0x4, */
276 ZBC_ZTYPE_GAP = 0x5,
277};
278
279/* enumeration names taken from table 26, zbcr05 */
280enum sdebug_z_cond {
281 ZBC_NOT_WRITE_POINTER = 0x0,
282 ZC1_EMPTY = 0x1,
283 ZC2_IMPLICIT_OPEN = 0x2,
284 ZC3_EXPLICIT_OPEN = 0x3,
285 ZC4_CLOSED = 0x4,
286 ZC6_READ_ONLY = 0xd,
287 ZC5_FULL = 0xe,
288 ZC7_OFFLINE = 0xf,
289};
290
291struct sdeb_zone_state { /* ZBC: per zone state */
292 enum sdebug_z_type z_type;
293 enum sdebug_z_cond z_cond;
294 bool z_non_seq_resource;
295 unsigned int z_size;
296 sector_t z_start;
297 sector_t z_wp;
298};
299
300enum sdebug_err_type {
301 ERR_TMOUT_CMD = 0, /* make specific scsi command timeout */
302 ERR_FAIL_QUEUE_CMD = 1, /* make specific scsi command's */
303 /* queuecmd return failed */
304 ERR_FAIL_CMD = 2, /* make specific scsi command's */
305 /* queuecmd return succeed but */
306 /* with errors set in scsi_cmnd */
307 ERR_ABORT_CMD_FAILED = 3, /* control return FAILED from */
308 /* scsi_debug_abort() */
309 ERR_LUN_RESET_FAILED = 4, /* control return FAILED from */
310 /* scsi_debug_device_reseLUN_RESET_FAILEDt() */
311};
312
313struct sdebug_err_inject {
314 int type;
315 struct list_head list;
316 int cnt;
317 unsigned char cmd;
318 struct rcu_head rcu;
319
320 union {
321 /*
322 * For ERR_FAIL_QUEUE_CMD
323 */
324 int queuecmd_ret;
325
326 /*
327 * For ERR_FAIL_CMD
328 */
329 struct {
330 unsigned char host_byte;
331 unsigned char driver_byte;
332 unsigned char status_byte;
333 unsigned char sense_key;
334 unsigned char asc;
335 unsigned char asq;
336 };
337 };
338};
339
340struct sdebug_dev_info {
341 struct list_head dev_list;
342 unsigned int channel;
343 unsigned int target;
344 u64 lun;
345 uuid_t lu_name;
346 struct sdebug_host_info *sdbg_host;
347 unsigned long uas_bm[1];
348 atomic_t stopped; /* 1: by SSU, 2: device start */
349 bool used;
350
351 /* For ZBC devices */
352 bool zoned;
353 unsigned int zcap;
354 unsigned int zsize;
355 unsigned int zsize_shift;
356 unsigned int nr_zones;
357 unsigned int nr_conv_zones;
358 unsigned int nr_seq_zones;
359 unsigned int nr_imp_open;
360 unsigned int nr_exp_open;
361 unsigned int nr_closed;
362 unsigned int max_open;
363 ktime_t create_ts; /* time since bootup that this device was created */
364 struct sdeb_zone_state *zstate;
365
366 struct dentry *debugfs_entry;
367 struct spinlock list_lock;
368 struct list_head inject_err_list;
369};
370
371struct sdebug_target_info {
372 bool reset_fail;
373 struct dentry *debugfs_entry;
374};
375
376struct sdebug_host_info {
377 struct list_head host_list;
378 int si_idx; /* sdeb_store_info (per host) xarray index */
379 struct Scsi_Host *shost;
380 struct device dev;
381 struct list_head dev_info_list;
382};
383
384/* There is an xarray of pointers to this struct's objects, one per host */
385struct sdeb_store_info {
386 rwlock_t macc_data_lck; /* for media data access on this store */
387 rwlock_t macc_meta_lck; /* for atomic media meta access on this store */
388 rwlock_t macc_sector_lck; /* per-sector media data access on this store */
389 u8 *storep; /* user data storage (ram) */
390 struct t10_pi_tuple *dif_storep; /* protection info */
391 void *map_storep; /* provisioning map */
392};
393
394#define dev_to_sdebug_host(d) \
395 container_of(d, struct sdebug_host_info, dev)
396
397#define shost_to_sdebug_host(shost) \
398 dev_to_sdebug_host(shost->dma_dev)
399
400enum sdeb_defer_type {SDEB_DEFER_NONE = 0, SDEB_DEFER_HRT = 1,
401 SDEB_DEFER_WQ = 2, SDEB_DEFER_POLL = 3};
402
403struct sdebug_defer {
404 struct hrtimer hrt;
405 struct execute_work ew;
406 ktime_t cmpl_ts;/* time since boot to complete this cmd */
407 int issuing_cpu;
408 bool aborted; /* true when blk_abort_request() already called */
409 enum sdeb_defer_type defer_t;
410};
411
412struct sdebug_device_access_info {
413 bool atomic_write;
414 u64 lba;
415 u32 num;
416 struct scsi_cmnd *self;
417};
418
419struct sdebug_queued_cmd {
420 /* corresponding bit set in in_use_bm[] in owning struct sdebug_queue
421 * instance indicates this slot is in use.
422 */
423 struct sdebug_defer sd_dp;
424 struct scsi_cmnd *scmd;
425 struct sdebug_device_access_info *i;
426};
427
428struct sdebug_scsi_cmd {
429 spinlock_t lock;
430};
431
432static atomic_t sdebug_cmnd_count; /* number of incoming commands */
433static atomic_t sdebug_completions; /* count of deferred completions */
434static atomic_t sdebug_miss_cpus; /* submission + completion cpus differ */
435static atomic_t sdebug_a_tsf; /* 'almost task set full' counter */
436static atomic_t sdeb_inject_pending;
437static atomic_t sdeb_mq_poll_count; /* bumped when mq_poll returns > 0 */
438
439struct opcode_info_t {
440 u8 num_attached; /* 0 if this is it (i.e. a leaf); use 0xff */
441 /* for terminating element */
442 u8 opcode; /* if num_attached > 0, preferred */
443 u16 sa; /* service action */
444 u32 flags; /* OR-ed set of SDEB_F_* */
445 int (*pfp)(struct scsi_cmnd *, struct sdebug_dev_info *);
446 const struct opcode_info_t *arrp; /* num_attached elements or NULL */
447 u8 len_mask[16]; /* len_mask[0]-->cdb_len, then mask for cdb */
448 /* 1 to min(cdb_len, 15); ignore cdb[15...] */
449};
450
451/* SCSI opcodes (first byte of cdb) of interest mapped onto these indexes */
452enum sdeb_opcode_index {
453 SDEB_I_INVALID_OPCODE = 0,
454 SDEB_I_INQUIRY = 1,
455 SDEB_I_REPORT_LUNS = 2,
456 SDEB_I_REQUEST_SENSE = 3,
457 SDEB_I_TEST_UNIT_READY = 4,
458 SDEB_I_MODE_SENSE = 5, /* 6, 10 */
459 SDEB_I_MODE_SELECT = 6, /* 6, 10 */
460 SDEB_I_LOG_SENSE = 7,
461 SDEB_I_READ_CAPACITY = 8, /* 10; 16 is in SA_IN(16) */
462 SDEB_I_READ = 9, /* 6, 10, 12, 16 */
463 SDEB_I_WRITE = 10, /* 6, 10, 12, 16 */
464 SDEB_I_START_STOP = 11,
465 SDEB_I_SERV_ACT_IN_16 = 12, /* add ...SERV_ACT_IN_12 if needed */
466 SDEB_I_SERV_ACT_OUT_16 = 13, /* add ...SERV_ACT_OUT_12 if needed */
467 SDEB_I_MAINT_IN = 14,
468 SDEB_I_MAINT_OUT = 15,
469 SDEB_I_VERIFY = 16, /* VERIFY(10), VERIFY(16) */
470 SDEB_I_VARIABLE_LEN = 17, /* READ(32), WRITE(32), WR_SCAT(32) */
471 SDEB_I_RESERVE = 18, /* 6, 10 */
472 SDEB_I_RELEASE = 19, /* 6, 10 */
473 SDEB_I_ALLOW_REMOVAL = 20, /* PREVENT ALLOW MEDIUM REMOVAL */
474 SDEB_I_REZERO_UNIT = 21, /* REWIND in SSC */
475 SDEB_I_ATA_PT = 22, /* 12, 16 */
476 SDEB_I_SEND_DIAG = 23,
477 SDEB_I_UNMAP = 24,
478 SDEB_I_WRITE_BUFFER = 25,
479 SDEB_I_WRITE_SAME = 26, /* 10, 16 */
480 SDEB_I_SYNC_CACHE = 27, /* 10, 16 */
481 SDEB_I_COMP_WRITE = 28,
482 SDEB_I_PRE_FETCH = 29, /* 10, 16 */
483 SDEB_I_ZONE_OUT = 30, /* 0x94+SA; includes no data xfer */
484 SDEB_I_ZONE_IN = 31, /* 0x95+SA; all have data-in */
485 SDEB_I_ATOMIC_WRITE_16 = 32,
486 SDEB_I_LAST_ELEM_P1 = 33, /* keep this last (previous + 1) */
487};
488
489
490static const unsigned char opcode_ind_arr[256] = {
491/* 0x0; 0x0->0x1f: 6 byte cdbs */
492 SDEB_I_TEST_UNIT_READY, SDEB_I_REZERO_UNIT, 0, SDEB_I_REQUEST_SENSE,
493 0, 0, 0, 0,
494 SDEB_I_READ, 0, SDEB_I_WRITE, 0, 0, 0, 0, 0,
495 0, 0, SDEB_I_INQUIRY, 0, 0, SDEB_I_MODE_SELECT, SDEB_I_RESERVE,
496 SDEB_I_RELEASE,
497 0, 0, SDEB_I_MODE_SENSE, SDEB_I_START_STOP, 0, SDEB_I_SEND_DIAG,
498 SDEB_I_ALLOW_REMOVAL, 0,
499/* 0x20; 0x20->0x3f: 10 byte cdbs */
500 0, 0, 0, 0, 0, SDEB_I_READ_CAPACITY, 0, 0,
501 SDEB_I_READ, 0, SDEB_I_WRITE, 0, 0, 0, 0, SDEB_I_VERIFY,
502 0, 0, 0, 0, SDEB_I_PRE_FETCH, SDEB_I_SYNC_CACHE, 0, 0,
503 0, 0, 0, SDEB_I_WRITE_BUFFER, 0, 0, 0, 0,
504/* 0x40; 0x40->0x5f: 10 byte cdbs */
505 0, SDEB_I_WRITE_SAME, SDEB_I_UNMAP, 0, 0, 0, 0, 0,
506 0, 0, 0, 0, 0, SDEB_I_LOG_SENSE, 0, 0,
507 0, 0, 0, 0, 0, SDEB_I_MODE_SELECT, SDEB_I_RESERVE,
508 SDEB_I_RELEASE,
509 0, 0, SDEB_I_MODE_SENSE, 0, 0, 0, 0, 0,
510/* 0x60; 0x60->0x7d are reserved, 0x7e is "extended cdb" */
511 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
512 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
513 0, SDEB_I_VARIABLE_LEN,
514/* 0x80; 0x80->0x9f: 16 byte cdbs */
515 0, 0, 0, 0, 0, SDEB_I_ATA_PT, 0, 0,
516 SDEB_I_READ, SDEB_I_COMP_WRITE, SDEB_I_WRITE, 0,
517 0, 0, 0, SDEB_I_VERIFY,
518 SDEB_I_PRE_FETCH, SDEB_I_SYNC_CACHE, 0, SDEB_I_WRITE_SAME,
519 SDEB_I_ZONE_OUT, SDEB_I_ZONE_IN, 0, 0,
520 0, 0, 0, 0,
521 SDEB_I_ATOMIC_WRITE_16, 0, SDEB_I_SERV_ACT_IN_16, SDEB_I_SERV_ACT_OUT_16,
522/* 0xa0; 0xa0->0xbf: 12 byte cdbs */
523 SDEB_I_REPORT_LUNS, SDEB_I_ATA_PT, 0, SDEB_I_MAINT_IN,
524 SDEB_I_MAINT_OUT, 0, 0, 0,
525 SDEB_I_READ, 0 /* SDEB_I_SERV_ACT_OUT_12 */, SDEB_I_WRITE,
526 0 /* SDEB_I_SERV_ACT_IN_12 */, 0, 0, 0, 0,
527 0, 0, 0, 0, 0, 0, 0, 0,
528 0, 0, 0, 0, 0, 0, 0, 0,
529/* 0xc0; 0xc0->0xff: vendor specific */
530 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
531 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
532 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
533 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
534};
535
536/*
537 * The following "response" functions return the SCSI mid-level's 4 byte
538 * tuple-in-an-int. To handle commands with an IMMED bit, for a faster
539 * command completion, they can mask their return value with
540 * SDEG_RES_IMMED_MASK .
541 */
542#define SDEG_RES_IMMED_MASK 0x40000000
543
544static int resp_inquiry(struct scsi_cmnd *, struct sdebug_dev_info *);
545static int resp_report_luns(struct scsi_cmnd *, struct sdebug_dev_info *);
546static int resp_requests(struct scsi_cmnd *, struct sdebug_dev_info *);
547static int resp_mode_sense(struct scsi_cmnd *, struct sdebug_dev_info *);
548static int resp_mode_select(struct scsi_cmnd *, struct sdebug_dev_info *);
549static int resp_log_sense(struct scsi_cmnd *, struct sdebug_dev_info *);
550static int resp_readcap(struct scsi_cmnd *, struct sdebug_dev_info *);
551static int resp_read_dt0(struct scsi_cmnd *, struct sdebug_dev_info *);
552static int resp_write_dt0(struct scsi_cmnd *, struct sdebug_dev_info *);
553static int resp_write_scat(struct scsi_cmnd *, struct sdebug_dev_info *);
554static int resp_start_stop(struct scsi_cmnd *, struct sdebug_dev_info *);
555static int resp_readcap16(struct scsi_cmnd *, struct sdebug_dev_info *);
556static int resp_get_lba_status(struct scsi_cmnd *, struct sdebug_dev_info *);
557static int resp_get_stream_status(struct scsi_cmnd *scp,
558 struct sdebug_dev_info *devip);
559static int resp_report_tgtpgs(struct scsi_cmnd *, struct sdebug_dev_info *);
560static int resp_unmap(struct scsi_cmnd *, struct sdebug_dev_info *);
561static int resp_rsup_opcodes(struct scsi_cmnd *, struct sdebug_dev_info *);
562static int resp_rsup_tmfs(struct scsi_cmnd *, struct sdebug_dev_info *);
563static int resp_verify(struct scsi_cmnd *, struct sdebug_dev_info *);
564static int resp_write_same_10(struct scsi_cmnd *, struct sdebug_dev_info *);
565static int resp_write_same_16(struct scsi_cmnd *, struct sdebug_dev_info *);
566static int resp_comp_write(struct scsi_cmnd *, struct sdebug_dev_info *);
567static int resp_write_buffer(struct scsi_cmnd *, struct sdebug_dev_info *);
568static int resp_sync_cache(struct scsi_cmnd *, struct sdebug_dev_info *);
569static int resp_pre_fetch(struct scsi_cmnd *, struct sdebug_dev_info *);
570static int resp_report_zones(struct scsi_cmnd *, struct sdebug_dev_info *);
571static int resp_atomic_write(struct scsi_cmnd *, struct sdebug_dev_info *);
572static int resp_open_zone(struct scsi_cmnd *, struct sdebug_dev_info *);
573static int resp_close_zone(struct scsi_cmnd *, struct sdebug_dev_info *);
574static int resp_finish_zone(struct scsi_cmnd *, struct sdebug_dev_info *);
575static int resp_rwp_zone(struct scsi_cmnd *, struct sdebug_dev_info *);
576
577static int sdebug_do_add_host(bool mk_new_store);
578static int sdebug_add_host_helper(int per_host_idx);
579static void sdebug_do_remove_host(bool the_end);
580static int sdebug_add_store(void);
581static void sdebug_erase_store(int idx, struct sdeb_store_info *sip);
582static void sdebug_erase_all_stores(bool apart_from_first);
583
584static void sdebug_free_queued_cmd(struct sdebug_queued_cmd *sqcp);
585
586/*
587 * The following are overflow arrays for cdbs that "hit" the same index in
588 * the opcode_info_arr array. The most time sensitive (or commonly used) cdb
589 * should be placed in opcode_info_arr[], the others should be placed here.
590 */
591static const struct opcode_info_t msense_iarr[] = {
592 {0, 0x1a, 0, F_D_IN, NULL, NULL,
593 {6, 0xe8, 0xff, 0xff, 0xff, 0xc7, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} },
594};
595
596static const struct opcode_info_t mselect_iarr[] = {
597 {0, 0x15, 0, F_D_OUT, NULL, NULL,
598 {6, 0xf1, 0, 0, 0xff, 0xc7, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} },
599};
600
601static const struct opcode_info_t read_iarr[] = {
602 {0, 0x28, 0, F_D_IN | FF_MEDIA_IO, resp_read_dt0, NULL,/* READ(10) */
603 {10, 0xff, 0xff, 0xff, 0xff, 0xff, 0x3f, 0xff, 0xff, 0xc7, 0, 0,
604 0, 0, 0, 0} },
605 {0, 0x8, 0, F_D_IN | FF_MEDIA_IO, resp_read_dt0, NULL, /* READ(6) */
606 {6, 0xff, 0xff, 0xff, 0xff, 0xc7, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} },
607 {0, 0xa8, 0, F_D_IN | FF_MEDIA_IO, resp_read_dt0, NULL,/* READ(12) */
608 {12, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xbf,
609 0xc7, 0, 0, 0, 0} },
610};
611
612static const struct opcode_info_t write_iarr[] = {
613 {0, 0x2a, 0, F_D_OUT | FF_MEDIA_IO, resp_write_dt0, /* WRITE(10) */
614 NULL, {10, 0xfb, 0xff, 0xff, 0xff, 0xff, 0x3f, 0xff, 0xff, 0xc7,
615 0, 0, 0, 0, 0, 0} },
616 {0, 0xa, 0, F_D_OUT | FF_MEDIA_IO, resp_write_dt0, /* WRITE(6) */
617 NULL, {6, 0xff, 0xff, 0xff, 0xff, 0xc7, 0, 0, 0, 0, 0, 0, 0,
618 0, 0, 0} },
619 {0, 0xaa, 0, F_D_OUT | FF_MEDIA_IO, resp_write_dt0, /* WRITE(12) */
620 NULL, {12, 0xfb, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
621 0xbf, 0xc7, 0, 0, 0, 0} },
622};
623
624static const struct opcode_info_t verify_iarr[] = {
625 {0, 0x2f, 0, F_D_OUT_MAYBE | FF_MEDIA_IO, resp_verify,/* VERIFY(10) */
626 NULL, {10, 0xf7, 0xff, 0xff, 0xff, 0xff, 0xbf, 0xff, 0xff, 0xc7,
627 0, 0, 0, 0, 0, 0} },
628};
629
630static const struct opcode_info_t sa_in_16_iarr[] = {
631 {0, 0x9e, 0x12, F_SA_LOW | F_D_IN, resp_get_lba_status, NULL,
632 {16, 0x12, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
633 0xff, 0xff, 0xff, 0, 0xc7} }, /* GET LBA STATUS(16) */
634 {0, 0x9e, 0x16, F_SA_LOW | F_D_IN, resp_get_stream_status, NULL,
635 {16, 0x16, 0, 0, 0xff, 0xff, 0, 0, 0, 0, 0xff, 0xff, 0xff, 0xff,
636 0, 0} }, /* GET STREAM STATUS */
637};
638
639static const struct opcode_info_t vl_iarr[] = { /* VARIABLE LENGTH */
640 {0, 0x7f, 0xb, F_SA_HIGH | F_D_OUT | FF_MEDIA_IO, resp_write_dt0,
641 NULL, {32, 0xc7, 0, 0, 0, 0, 0x3f, 0x18, 0x0, 0xb, 0xfa,
642 0, 0xff, 0xff, 0xff, 0xff} }, /* WRITE(32) */
643 {0, 0x7f, 0x11, F_SA_HIGH | F_D_OUT | FF_MEDIA_IO, resp_write_scat,
644 NULL, {32, 0xc7, 0, 0, 0, 0, 0x3f, 0x18, 0x0, 0x11, 0xf8,
645 0, 0xff, 0xff, 0x0, 0x0} }, /* WRITE SCATTERED(32) */
646};
647
648static const struct opcode_info_t maint_in_iarr[] = { /* MAINT IN */
649 {0, 0xa3, 0xc, F_SA_LOW | F_D_IN, resp_rsup_opcodes, NULL,
650 {12, 0xc, 0x87, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0,
651 0xc7, 0, 0, 0, 0} }, /* REPORT SUPPORTED OPERATION CODES */
652 {0, 0xa3, 0xd, F_SA_LOW | F_D_IN, resp_rsup_tmfs, NULL,
653 {12, 0xd, 0x80, 0, 0, 0, 0xff, 0xff, 0xff, 0xff, 0, 0xc7, 0, 0,
654 0, 0} }, /* REPORTED SUPPORTED TASK MANAGEMENT FUNCTIONS */
655};
656
657static const struct opcode_info_t write_same_iarr[] = {
658 {0, 0x93, 0, F_D_OUT_MAYBE | FF_MEDIA_IO, resp_write_same_16, NULL,
659 {16, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
660 0xff, 0xff, 0xff, 0x3f, 0xc7} }, /* WRITE SAME(16) */
661};
662
663static const struct opcode_info_t reserve_iarr[] = {
664 {0, 0x16, 0, F_D_OUT, NULL, NULL, /* RESERVE(6) */
665 {6, 0x1f, 0xff, 0xff, 0xff, 0xc7, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} },
666};
667
668static const struct opcode_info_t release_iarr[] = {
669 {0, 0x17, 0, F_D_OUT, NULL, NULL, /* RELEASE(6) */
670 {6, 0x1f, 0xff, 0, 0, 0xc7, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} },
671};
672
673static const struct opcode_info_t sync_cache_iarr[] = {
674 {0, 0x91, 0, F_SYNC_DELAY | F_M_ACCESS, resp_sync_cache, NULL,
675 {16, 0x6, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
676 0xff, 0xff, 0xff, 0xff, 0x3f, 0xc7} }, /* SYNC_CACHE (16) */
677};
678
679static const struct opcode_info_t pre_fetch_iarr[] = {
680 {0, 0x90, 0, F_SYNC_DELAY | FF_MEDIA_IO, resp_pre_fetch, NULL,
681 {16, 0x2, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
682 0xff, 0xff, 0xff, 0xff, 0x3f, 0xc7} }, /* PRE-FETCH (16) */
683};
684
685static const struct opcode_info_t zone_out_iarr[] = { /* ZONE OUT(16) */
686 {0, 0x94, 0x1, F_SA_LOW | F_M_ACCESS, resp_close_zone, NULL,
687 {16, 0x1, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
688 0xff, 0, 0, 0xff, 0xff, 0x1, 0xc7} }, /* CLOSE ZONE */
689 {0, 0x94, 0x2, F_SA_LOW | F_M_ACCESS, resp_finish_zone, NULL,
690 {16, 0x2, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
691 0xff, 0, 0, 0xff, 0xff, 0x1, 0xc7} }, /* FINISH ZONE */
692 {0, 0x94, 0x4, F_SA_LOW | F_M_ACCESS, resp_rwp_zone, NULL,
693 {16, 0x4, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
694 0xff, 0, 0, 0xff, 0xff, 0x1, 0xc7} }, /* RESET WRITE POINTER */
695};
696
697static const struct opcode_info_t zone_in_iarr[] = { /* ZONE IN(16) */
698 {0, 0x95, 0x6, F_SA_LOW | F_D_IN | F_M_ACCESS, NULL, NULL,
699 {16, 0x6, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
700 0xff, 0xff, 0xff, 0xff, 0x3f, 0xc7} }, /* REPORT ZONES */
701};
702
703
704/* This array is accessed via SDEB_I_* values. Make sure all are mapped,
705 * plus the terminating elements for logic that scans this table such as
706 * REPORT SUPPORTED OPERATION CODES. */
707static const struct opcode_info_t opcode_info_arr[SDEB_I_LAST_ELEM_P1 + 1] = {
708/* 0 */
709 {0, 0, 0, F_INV_OP | FF_RESPOND, NULL, NULL, /* unknown opcodes */
710 {0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} },
711 {0, 0x12, 0, FF_RESPOND | F_D_IN, resp_inquiry, NULL, /* INQUIRY */
712 {6, 0xe3, 0xff, 0xff, 0xff, 0xc7, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} },
713 {0, 0xa0, 0, FF_RESPOND | F_D_IN, resp_report_luns, NULL,
714 {12, 0xe3, 0xff, 0, 0, 0, 0xff, 0xff, 0xff, 0xff, 0, 0xc7, 0, 0,
715 0, 0} }, /* REPORT LUNS */
716 {0, 0x3, 0, FF_RESPOND | F_D_IN, resp_requests, NULL,
717 {6, 0xe1, 0, 0, 0xff, 0xc7, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} },
718 {0, 0x0, 0, F_M_ACCESS | F_RL_WLUN_OK, NULL, NULL,/* TEST UNIT READY */
719 {6, 0, 0, 0, 0, 0xc7, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} },
720/* 5 */
721 {ARRAY_SIZE(msense_iarr), 0x5a, 0, F_D_IN, /* MODE SENSE(10) */
722 resp_mode_sense, msense_iarr, {10, 0xf8, 0xff, 0xff, 0, 0, 0,
723 0xff, 0xff, 0xc7, 0, 0, 0, 0, 0, 0} },
724 {ARRAY_SIZE(mselect_iarr), 0x55, 0, F_D_OUT, /* MODE SELECT(10) */
725 resp_mode_select, mselect_iarr, {10, 0xf1, 0, 0, 0, 0, 0, 0xff,
726 0xff, 0xc7, 0, 0, 0, 0, 0, 0} },
727 {0, 0x4d, 0, F_D_IN, resp_log_sense, NULL, /* LOG SENSE */
728 {10, 0xe3, 0xff, 0xff, 0, 0xff, 0xff, 0xff, 0xff, 0xc7, 0, 0, 0,
729 0, 0, 0} },
730 {0, 0x25, 0, F_D_IN, resp_readcap, NULL, /* READ CAPACITY(10) */
731 {10, 0xe1, 0xff, 0xff, 0xff, 0xff, 0, 0, 0x1, 0xc7, 0, 0, 0, 0,
732 0, 0} },
733 {ARRAY_SIZE(read_iarr), 0x88, 0, F_D_IN | FF_MEDIA_IO, /* READ(16) */
734 resp_read_dt0, read_iarr, {16, 0xfe, 0xff, 0xff, 0xff, 0xff,
735 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xc7} },
736/* 10 */
737 {ARRAY_SIZE(write_iarr), 0x8a, 0, F_D_OUT | FF_MEDIA_IO,
738 resp_write_dt0, write_iarr, /* WRITE(16) */
739 {16, 0xfa, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
740 0xff, 0xff, 0xff, 0xff, 0xff, 0xc7} },
741 {0, 0x1b, 0, F_SSU_DELAY, resp_start_stop, NULL,/* START STOP UNIT */
742 {6, 0x1, 0, 0xf, 0xf7, 0xc7, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} },
743 {ARRAY_SIZE(sa_in_16_iarr), 0x9e, 0x10, F_SA_LOW | F_D_IN,
744 resp_readcap16, sa_in_16_iarr, /* SA_IN(16), READ CAPACITY(16) */
745 {16, 0x10, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
746 0xff, 0xff, 0xff, 0xff, 0x1, 0xc7} },
747 {0, 0x9f, 0x12, F_SA_LOW | F_D_OUT | FF_MEDIA_IO, resp_write_scat,
748 NULL, {16, 0x12, 0xf9, 0x0, 0xff, 0xff, 0, 0, 0xff, 0xff, 0xff,
749 0xff, 0xff, 0xff, 0xff, 0xc7} }, /* SA_OUT(16), WRITE SCAT(16) */
750 {ARRAY_SIZE(maint_in_iarr), 0xa3, 0xa, F_SA_LOW | F_D_IN,
751 resp_report_tgtpgs, /* MAINT IN, REPORT TARGET PORT GROUPS */
752 maint_in_iarr, {12, 0xea, 0, 0, 0, 0, 0xff, 0xff, 0xff,
753 0xff, 0, 0xc7, 0, 0, 0, 0} },
754/* 15 */
755 {0, 0, 0, F_INV_OP | FF_RESPOND, NULL, NULL, /* MAINT OUT */
756 {0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} },
757 {ARRAY_SIZE(verify_iarr), 0x8f, 0,
758 F_D_OUT_MAYBE | FF_MEDIA_IO, resp_verify, /* VERIFY(16) */
759 verify_iarr, {16, 0xf6, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
760 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0x3f, 0xc7} },
761 {ARRAY_SIZE(vl_iarr), 0x7f, 0x9, F_SA_HIGH | F_D_IN | FF_MEDIA_IO,
762 resp_read_dt0, vl_iarr, /* VARIABLE LENGTH, READ(32) */
763 {32, 0xc7, 0, 0, 0, 0, 0x3f, 0x18, 0x0, 0x9, 0xfe, 0, 0xff, 0xff,
764 0xff, 0xff} },
765 {ARRAY_SIZE(reserve_iarr), 0x56, 0, F_D_OUT,
766 NULL, reserve_iarr, /* RESERVE(10) <no response function> */
767 {10, 0xff, 0xff, 0xff, 0, 0, 0, 0xff, 0xff, 0xc7, 0, 0, 0, 0, 0,
768 0} },
769 {ARRAY_SIZE(release_iarr), 0x57, 0, F_D_OUT,
770 NULL, release_iarr, /* RELEASE(10) <no response function> */
771 {10, 0x13, 0xff, 0xff, 0, 0, 0, 0xff, 0xff, 0xc7, 0, 0, 0, 0, 0,
772 0} },
773/* 20 */
774 {0, 0x1e, 0, 0, NULL, NULL, /* ALLOW REMOVAL */
775 {6, 0, 0, 0, 0x3, 0xc7, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} },
776 {0, 0x1, 0, 0, resp_start_stop, NULL, /* REWIND ?? */
777 {6, 0x1, 0, 0, 0, 0xc7, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} },
778 {0, 0, 0, F_INV_OP | FF_RESPOND, NULL, NULL, /* ATA_PT */
779 {0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} },
780 {0, 0x1d, F_D_OUT, 0, NULL, NULL, /* SEND DIAGNOSTIC */
781 {6, 0xf7, 0, 0xff, 0xff, 0xc7, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} },
782 {0, 0x42, 0, F_D_OUT | FF_MEDIA_IO, resp_unmap, NULL, /* UNMAP */
783 {10, 0x1, 0, 0, 0, 0, 0x3f, 0xff, 0xff, 0xc7, 0, 0, 0, 0, 0, 0} },
784/* 25 */
785 {0, 0x3b, 0, F_D_OUT_MAYBE, resp_write_buffer, NULL,
786 {10, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xc7, 0, 0,
787 0, 0, 0, 0} }, /* WRITE_BUFFER */
788 {ARRAY_SIZE(write_same_iarr), 0x41, 0, F_D_OUT_MAYBE | FF_MEDIA_IO,
789 resp_write_same_10, write_same_iarr, /* WRITE SAME(10) */
790 {10, 0xff, 0xff, 0xff, 0xff, 0xff, 0x3f, 0xff, 0xff, 0xc7, 0,
791 0, 0, 0, 0, 0} },
792 {ARRAY_SIZE(sync_cache_iarr), 0x35, 0, F_SYNC_DELAY | F_M_ACCESS,
793 resp_sync_cache, sync_cache_iarr,
794 {10, 0x7, 0xff, 0xff, 0xff, 0xff, 0x3f, 0xff, 0xff, 0xc7, 0, 0,
795 0, 0, 0, 0} }, /* SYNC_CACHE (10) */
796 {0, 0x89, 0, F_D_OUT | FF_MEDIA_IO, resp_comp_write, NULL,
797 {16, 0xf8, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0, 0,
798 0, 0xff, 0x3f, 0xc7} }, /* COMPARE AND WRITE */
799 {ARRAY_SIZE(pre_fetch_iarr), 0x34, 0, F_SYNC_DELAY | FF_MEDIA_IO,
800 resp_pre_fetch, pre_fetch_iarr,
801 {10, 0x2, 0xff, 0xff, 0xff, 0xff, 0x3f, 0xff, 0xff, 0xc7, 0, 0,
802 0, 0, 0, 0} }, /* PRE-FETCH (10) */
803
804/* 30 */
805 {ARRAY_SIZE(zone_out_iarr), 0x94, 0x3, F_SA_LOW | F_M_ACCESS,
806 resp_open_zone, zone_out_iarr, /* ZONE_OUT(16), OPEN ZONE) */
807 {16, 0x3 /* SA */, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
808 0xff, 0xff, 0x0, 0x0, 0xff, 0xff, 0x1, 0xc7} },
809 {ARRAY_SIZE(zone_in_iarr), 0x95, 0x0, F_SA_LOW | F_M_ACCESS,
810 resp_report_zones, zone_in_iarr, /* ZONE_IN(16), REPORT ZONES) */
811 {16, 0x0 /* SA */, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
812 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xbf, 0xc7} },
813/* 31 */
814 {0, 0x0, 0x0, F_D_OUT | FF_MEDIA_IO,
815 resp_atomic_write, NULL, /* ATOMIC WRITE 16 */
816 {16, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
817 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff} },
818/* sentinel */
819 {0xff, 0, 0, 0, NULL, NULL, /* terminating element */
820 {0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} },
821};
822
823static int sdebug_num_hosts;
824static int sdebug_add_host = DEF_NUM_HOST; /* in sysfs this is relative */
825static int sdebug_ato = DEF_ATO;
826static int sdebug_cdb_len = DEF_CDB_LEN;
827static int sdebug_jdelay = DEF_JDELAY; /* if > 0 then unit is jiffies */
828static int sdebug_dev_size_mb = DEF_DEV_SIZE_PRE_INIT;
829static int sdebug_dif = DEF_DIF;
830static int sdebug_dix = DEF_DIX;
831static int sdebug_dsense = DEF_D_SENSE;
832static int sdebug_every_nth = DEF_EVERY_NTH;
833static int sdebug_fake_rw = DEF_FAKE_RW;
834static unsigned int sdebug_guard = DEF_GUARD;
835static int sdebug_host_max_queue; /* per host */
836static int sdebug_lowest_aligned = DEF_LOWEST_ALIGNED;
837static int sdebug_max_luns = DEF_MAX_LUNS;
838static int sdebug_max_queue = SDEBUG_CANQUEUE; /* per submit queue */
839static unsigned int sdebug_medium_error_start = OPT_MEDIUM_ERR_ADDR;
840static int sdebug_medium_error_count = OPT_MEDIUM_ERR_NUM;
841static int sdebug_ndelay = DEF_NDELAY; /* if > 0 then unit is nanoseconds */
842static int sdebug_no_lun_0 = DEF_NO_LUN_0;
843static int sdebug_no_uld;
844static int sdebug_num_parts = DEF_NUM_PARTS;
845static int sdebug_num_tgts = DEF_NUM_TGTS; /* targets per host */
846static int sdebug_opt_blks = DEF_OPT_BLKS;
847static int sdebug_opts = DEF_OPTS;
848static int sdebug_physblk_exp = DEF_PHYSBLK_EXP;
849static int sdebug_opt_xferlen_exp = DEF_OPT_XFERLEN_EXP;
850static int sdebug_ptype = DEF_PTYPE; /* SCSI peripheral device type */
851static int sdebug_scsi_level = DEF_SCSI_LEVEL;
852static int sdebug_sector_size = DEF_SECTOR_SIZE;
853static int sdeb_tur_ms_to_ready = DEF_TUR_MS_TO_READY;
854static int sdebug_virtual_gb = DEF_VIRTUAL_GB;
855static int sdebug_vpd_use_hostno = DEF_VPD_USE_HOSTNO;
856static unsigned int sdebug_lbpu = DEF_LBPU;
857static unsigned int sdebug_lbpws = DEF_LBPWS;
858static unsigned int sdebug_lbpws10 = DEF_LBPWS10;
859static unsigned int sdebug_lbprz = DEF_LBPRZ;
860static unsigned int sdebug_unmap_alignment = DEF_UNMAP_ALIGNMENT;
861static unsigned int sdebug_unmap_granularity = DEF_UNMAP_GRANULARITY;
862static unsigned int sdebug_unmap_max_blocks = DEF_UNMAP_MAX_BLOCKS;
863static unsigned int sdebug_unmap_max_desc = DEF_UNMAP_MAX_DESC;
864static unsigned int sdebug_write_same_length = DEF_WRITESAME_LENGTH;
865static unsigned int sdebug_atomic_wr = DEF_ATOMIC_WR;
866static unsigned int sdebug_atomic_wr_max_length = DEF_ATOMIC_WR_MAX_LENGTH;
867static unsigned int sdebug_atomic_wr_align = DEF_ATOMIC_WR_ALIGN;
868static unsigned int sdebug_atomic_wr_gran = DEF_ATOMIC_WR_GRAN;
869static unsigned int sdebug_atomic_wr_max_length_bndry =
870 DEF_ATOMIC_WR_MAX_LENGTH_BNDRY;
871static unsigned int sdebug_atomic_wr_max_bndry = DEF_ATOMIC_WR_MAX_BNDRY;
872static int sdebug_uuid_ctl = DEF_UUID_CTL;
873static bool sdebug_random = DEF_RANDOM;
874static bool sdebug_per_host_store = DEF_PER_HOST_STORE;
875static bool sdebug_removable = DEF_REMOVABLE;
876static bool sdebug_clustering;
877static bool sdebug_host_lock = DEF_HOST_LOCK;
878static bool sdebug_strict = DEF_STRICT;
879static bool sdebug_any_injecting_opt;
880static bool sdebug_no_rwlock;
881static bool sdebug_verbose;
882static bool have_dif_prot;
883static bool write_since_sync;
884static bool sdebug_statistics = DEF_STATISTICS;
885static bool sdebug_wp;
886static bool sdebug_allow_restart;
887static enum {
888 BLK_ZONED_NONE = 0,
889 BLK_ZONED_HA = 1,
890 BLK_ZONED_HM = 2,
891} sdeb_zbc_model = BLK_ZONED_NONE;
892static char *sdeb_zbc_model_s;
893
894enum sam_lun_addr_method {SAM_LUN_AM_PERIPHERAL = 0x0,
895 SAM_LUN_AM_FLAT = 0x1,
896 SAM_LUN_AM_LOGICAL_UNIT = 0x2,
897 SAM_LUN_AM_EXTENDED = 0x3};
898static enum sam_lun_addr_method sdebug_lun_am = SAM_LUN_AM_PERIPHERAL;
899static int sdebug_lun_am_i = (int)SAM_LUN_AM_PERIPHERAL;
900
901static unsigned int sdebug_store_sectors;
902static sector_t sdebug_capacity; /* in sectors */
903
904/* old BIOS stuff, kernel may get rid of them but some mode sense pages
905 may still need them */
906static int sdebug_heads; /* heads per disk */
907static int sdebug_cylinders_per; /* cylinders per surface */
908static int sdebug_sectors_per; /* sectors per cylinder */
909
910static LIST_HEAD(sdebug_host_list);
911static DEFINE_MUTEX(sdebug_host_list_mutex);
912
913static struct xarray per_store_arr;
914static struct xarray *per_store_ap = &per_store_arr;
915static int sdeb_first_idx = -1; /* invalid index ==> none created */
916static int sdeb_most_recent_idx = -1;
917static DEFINE_RWLOCK(sdeb_fake_rw_lck); /* need a RW lock when fake_rw=1 */
918
919static unsigned long map_size;
920static int num_aborts;
921static int num_dev_resets;
922static int num_target_resets;
923static int num_bus_resets;
924static int num_host_resets;
925static int dix_writes;
926static int dix_reads;
927static int dif_errors;
928
929/* ZBC global data */
930static bool sdeb_zbc_in_use; /* true for host-aware and host-managed disks */
931static int sdeb_zbc_zone_cap_mb;
932static int sdeb_zbc_zone_size_mb;
933static int sdeb_zbc_max_open = DEF_ZBC_MAX_OPEN_ZONES;
934static int sdeb_zbc_nr_conv = DEF_ZBC_NR_CONV_ZONES;
935
936static int submit_queues = DEF_SUBMIT_QUEUES; /* > 1 for multi-queue (mq) */
937static int poll_queues; /* iouring iopoll interface.*/
938
939static atomic_long_t writes_by_group_number[64];
940
941static char sdebug_proc_name[] = MY_NAME;
942static const char *my_name = MY_NAME;
943
944static const struct bus_type pseudo_lld_bus;
945
946static struct device_driver sdebug_driverfs_driver = {
947 .name = sdebug_proc_name,
948 .bus = &pseudo_lld_bus,
949};
950
951static const int check_condition_result =
952 SAM_STAT_CHECK_CONDITION;
953
954static const int illegal_condition_result =
955 (DID_ABORT << 16) | SAM_STAT_CHECK_CONDITION;
956
957static const int device_qfull_result =
958 (DID_ABORT << 16) | SAM_STAT_TASK_SET_FULL;
959
960static const int condition_met_result = SAM_STAT_CONDITION_MET;
961
962static struct dentry *sdebug_debugfs_root;
963static ASYNC_DOMAIN_EXCLUSIVE(sdebug_async_domain);
964
965static void sdebug_err_free(struct rcu_head *head)
966{
967 struct sdebug_err_inject *inject =
968 container_of(head, typeof(*inject), rcu);
969
970 kfree(inject);
971}
972
973static void sdebug_err_add(struct scsi_device *sdev, struct sdebug_err_inject *new)
974{
975 struct sdebug_dev_info *devip = (struct sdebug_dev_info *)sdev->hostdata;
976 struct sdebug_err_inject *err;
977
978 spin_lock(&devip->list_lock);
979 list_for_each_entry_rcu(err, &devip->inject_err_list, list) {
980 if (err->type == new->type && err->cmd == new->cmd) {
981 list_del_rcu(&err->list);
982 call_rcu(&err->rcu, sdebug_err_free);
983 }
984 }
985
986 list_add_tail_rcu(&new->list, &devip->inject_err_list);
987 spin_unlock(&devip->list_lock);
988}
989
990static int sdebug_err_remove(struct scsi_device *sdev, const char *buf, size_t count)
991{
992 struct sdebug_dev_info *devip = (struct sdebug_dev_info *)sdev->hostdata;
993 struct sdebug_err_inject *err;
994 int type;
995 unsigned char cmd;
996
997 if (sscanf(buf, "- %d %hhx", &type, &cmd) != 2) {
998 kfree(buf);
999 return -EINVAL;
1000 }
1001
1002 spin_lock(&devip->list_lock);
1003 list_for_each_entry_rcu(err, &devip->inject_err_list, list) {
1004 if (err->type == type && err->cmd == cmd) {
1005 list_del_rcu(&err->list);
1006 call_rcu(&err->rcu, sdebug_err_free);
1007 spin_unlock(&devip->list_lock);
1008 kfree(buf);
1009 return count;
1010 }
1011 }
1012 spin_unlock(&devip->list_lock);
1013
1014 kfree(buf);
1015 return -EINVAL;
1016}
1017
1018static int sdebug_error_show(struct seq_file *m, void *p)
1019{
1020 struct scsi_device *sdev = (struct scsi_device *)m->private;
1021 struct sdebug_dev_info *devip = (struct sdebug_dev_info *)sdev->hostdata;
1022 struct sdebug_err_inject *err;
1023
1024 seq_puts(m, "Type\tCount\tCommand\n");
1025
1026 rcu_read_lock();
1027 list_for_each_entry_rcu(err, &devip->inject_err_list, list) {
1028 switch (err->type) {
1029 case ERR_TMOUT_CMD:
1030 case ERR_ABORT_CMD_FAILED:
1031 case ERR_LUN_RESET_FAILED:
1032 seq_printf(m, "%d\t%d\t0x%x\n", err->type, err->cnt,
1033 err->cmd);
1034 break;
1035
1036 case ERR_FAIL_QUEUE_CMD:
1037 seq_printf(m, "%d\t%d\t0x%x\t0x%x\n", err->type,
1038 err->cnt, err->cmd, err->queuecmd_ret);
1039 break;
1040
1041 case ERR_FAIL_CMD:
1042 seq_printf(m, "%d\t%d\t0x%x\t0x%x 0x%x 0x%x 0x%x 0x%x 0x%x\n",
1043 err->type, err->cnt, err->cmd,
1044 err->host_byte, err->driver_byte,
1045 err->status_byte, err->sense_key,
1046 err->asc, err->asq);
1047 break;
1048 }
1049 }
1050 rcu_read_unlock();
1051
1052 return 0;
1053}
1054
1055static int sdebug_error_open(struct inode *inode, struct file *file)
1056{
1057 return single_open(file, sdebug_error_show, inode->i_private);
1058}
1059
1060static ssize_t sdebug_error_write(struct file *file, const char __user *ubuf,
1061 size_t count, loff_t *ppos)
1062{
1063 char *buf;
1064 unsigned int inject_type;
1065 struct sdebug_err_inject *inject;
1066 struct scsi_device *sdev = (struct scsi_device *)file->f_inode->i_private;
1067
1068 buf = kzalloc(count + 1, GFP_KERNEL);
1069 if (!buf)
1070 return -ENOMEM;
1071
1072 if (copy_from_user(buf, ubuf, count)) {
1073 kfree(buf);
1074 return -EFAULT;
1075 }
1076
1077 if (buf[0] == '-')
1078 return sdebug_err_remove(sdev, buf, count);
1079
1080 if (sscanf(buf, "%d", &inject_type) != 1) {
1081 kfree(buf);
1082 return -EINVAL;
1083 }
1084
1085 inject = kzalloc(sizeof(struct sdebug_err_inject), GFP_KERNEL);
1086 if (!inject) {
1087 kfree(buf);
1088 return -ENOMEM;
1089 }
1090
1091 switch (inject_type) {
1092 case ERR_TMOUT_CMD:
1093 case ERR_ABORT_CMD_FAILED:
1094 case ERR_LUN_RESET_FAILED:
1095 if (sscanf(buf, "%d %d %hhx", &inject->type, &inject->cnt,
1096 &inject->cmd) != 3)
1097 goto out_error;
1098 break;
1099
1100 case ERR_FAIL_QUEUE_CMD:
1101 if (sscanf(buf, "%d %d %hhx %x", &inject->type, &inject->cnt,
1102 &inject->cmd, &inject->queuecmd_ret) != 4)
1103 goto out_error;
1104 break;
1105
1106 case ERR_FAIL_CMD:
1107 if (sscanf(buf, "%d %d %hhx %hhx %hhx %hhx %hhx %hhx %hhx",
1108 &inject->type, &inject->cnt, &inject->cmd,
1109 &inject->host_byte, &inject->driver_byte,
1110 &inject->status_byte, &inject->sense_key,
1111 &inject->asc, &inject->asq) != 9)
1112 goto out_error;
1113 break;
1114
1115 default:
1116 goto out_error;
1117 break;
1118 }
1119
1120 kfree(buf);
1121 sdebug_err_add(sdev, inject);
1122
1123 return count;
1124
1125out_error:
1126 kfree(buf);
1127 kfree(inject);
1128 return -EINVAL;
1129}
1130
1131static const struct file_operations sdebug_error_fops = {
1132 .open = sdebug_error_open,
1133 .read = seq_read,
1134 .write = sdebug_error_write,
1135 .release = single_release,
1136};
1137
1138static int sdebug_target_reset_fail_show(struct seq_file *m, void *p)
1139{
1140 struct scsi_target *starget = (struct scsi_target *)m->private;
1141 struct sdebug_target_info *targetip =
1142 (struct sdebug_target_info *)starget->hostdata;
1143
1144 if (targetip)
1145 seq_printf(m, "%c\n", targetip->reset_fail ? 'Y' : 'N');
1146
1147 return 0;
1148}
1149
1150static int sdebug_target_reset_fail_open(struct inode *inode, struct file *file)
1151{
1152 return single_open(file, sdebug_target_reset_fail_show, inode->i_private);
1153}
1154
1155static ssize_t sdebug_target_reset_fail_write(struct file *file,
1156 const char __user *ubuf, size_t count, loff_t *ppos)
1157{
1158 int ret;
1159 struct scsi_target *starget =
1160 (struct scsi_target *)file->f_inode->i_private;
1161 struct sdebug_target_info *targetip =
1162 (struct sdebug_target_info *)starget->hostdata;
1163
1164 if (targetip) {
1165 ret = kstrtobool_from_user(ubuf, count, &targetip->reset_fail);
1166 return ret < 0 ? ret : count;
1167 }
1168 return -ENODEV;
1169}
1170
1171static const struct file_operations sdebug_target_reset_fail_fops = {
1172 .open = sdebug_target_reset_fail_open,
1173 .read = seq_read,
1174 .write = sdebug_target_reset_fail_write,
1175 .release = single_release,
1176};
1177
1178static int sdebug_target_alloc(struct scsi_target *starget)
1179{
1180 struct sdebug_target_info *targetip;
1181
1182 targetip = kzalloc(sizeof(struct sdebug_target_info), GFP_KERNEL);
1183 if (!targetip)
1184 return -ENOMEM;
1185
1186 async_synchronize_full_domain(&sdebug_async_domain);
1187
1188 targetip->debugfs_entry = debugfs_create_dir(dev_name(&starget->dev),
1189 sdebug_debugfs_root);
1190
1191 debugfs_create_file("fail_reset", 0600, targetip->debugfs_entry, starget,
1192 &sdebug_target_reset_fail_fops);
1193
1194 starget->hostdata = targetip;
1195
1196 return 0;
1197}
1198
1199static void sdebug_tartget_cleanup_async(void *data, async_cookie_t cookie)
1200{
1201 struct sdebug_target_info *targetip = data;
1202
1203 debugfs_remove(targetip->debugfs_entry);
1204 kfree(targetip);
1205}
1206
1207static void sdebug_target_destroy(struct scsi_target *starget)
1208{
1209 struct sdebug_target_info *targetip;
1210
1211 targetip = (struct sdebug_target_info *)starget->hostdata;
1212 if (targetip) {
1213 starget->hostdata = NULL;
1214 async_schedule_domain(sdebug_tartget_cleanup_async, targetip,
1215 &sdebug_async_domain);
1216 }
1217}
1218
1219/* Only do the extra work involved in logical block provisioning if one or
1220 * more of the lbpu, lbpws or lbpws10 parameters are given and we are doing
1221 * real reads and writes (i.e. not skipping them for speed).
1222 */
1223static inline bool scsi_debug_lbp(void)
1224{
1225 return 0 == sdebug_fake_rw &&
1226 (sdebug_lbpu || sdebug_lbpws || sdebug_lbpws10);
1227}
1228
1229static inline bool scsi_debug_atomic_write(void)
1230{
1231 return sdebug_fake_rw == 0 && sdebug_atomic_wr;
1232}
1233
1234static void *lba2fake_store(struct sdeb_store_info *sip,
1235 unsigned long long lba)
1236{
1237 struct sdeb_store_info *lsip = sip;
1238
1239 lba = do_div(lba, sdebug_store_sectors);
1240 if (!sip || !sip->storep) {
1241 WARN_ON_ONCE(true);
1242 lsip = xa_load(per_store_ap, 0); /* should never be NULL */
1243 }
1244 return lsip->storep + lba * sdebug_sector_size;
1245}
1246
1247static struct t10_pi_tuple *dif_store(struct sdeb_store_info *sip,
1248 sector_t sector)
1249{
1250 sector = sector_div(sector, sdebug_store_sectors);
1251
1252 return sip->dif_storep + sector;
1253}
1254
1255static void sdebug_max_tgts_luns(void)
1256{
1257 struct sdebug_host_info *sdbg_host;
1258 struct Scsi_Host *hpnt;
1259
1260 mutex_lock(&sdebug_host_list_mutex);
1261 list_for_each_entry(sdbg_host, &sdebug_host_list, host_list) {
1262 hpnt = sdbg_host->shost;
1263 if ((hpnt->this_id >= 0) &&
1264 (sdebug_num_tgts > hpnt->this_id))
1265 hpnt->max_id = sdebug_num_tgts + 1;
1266 else
1267 hpnt->max_id = sdebug_num_tgts;
1268 /* sdebug_max_luns; */
1269 hpnt->max_lun = SCSI_W_LUN_REPORT_LUNS + 1;
1270 }
1271 mutex_unlock(&sdebug_host_list_mutex);
1272}
1273
1274enum sdeb_cmd_data {SDEB_IN_DATA = 0, SDEB_IN_CDB = 1};
1275
1276/* Set in_bit to -1 to indicate no bit position of invalid field */
1277static void mk_sense_invalid_fld(struct scsi_cmnd *scp,
1278 enum sdeb_cmd_data c_d,
1279 int in_byte, int in_bit)
1280{
1281 unsigned char *sbuff;
1282 u8 sks[4];
1283 int sl, asc;
1284
1285 sbuff = scp->sense_buffer;
1286 if (!sbuff) {
1287 sdev_printk(KERN_ERR, scp->device,
1288 "%s: sense_buffer is NULL\n", __func__);
1289 return;
1290 }
1291 asc = c_d ? INVALID_FIELD_IN_CDB : INVALID_FIELD_IN_PARAM_LIST;
1292 memset(sbuff, 0, SCSI_SENSE_BUFFERSIZE);
1293 scsi_build_sense(scp, sdebug_dsense, ILLEGAL_REQUEST, asc, 0);
1294 memset(sks, 0, sizeof(sks));
1295 sks[0] = 0x80;
1296 if (c_d)
1297 sks[0] |= 0x40;
1298 if (in_bit >= 0) {
1299 sks[0] |= 0x8;
1300 sks[0] |= 0x7 & in_bit;
1301 }
1302 put_unaligned_be16(in_byte, sks + 1);
1303 if (sdebug_dsense) {
1304 sl = sbuff[7] + 8;
1305 sbuff[7] = sl;
1306 sbuff[sl] = 0x2;
1307 sbuff[sl + 1] = 0x6;
1308 memcpy(sbuff + sl + 4, sks, 3);
1309 } else
1310 memcpy(sbuff + 15, sks, 3);
1311 if (sdebug_verbose)
1312 sdev_printk(KERN_INFO, scp->device, "%s: [sense_key,asc,ascq"
1313 "]: [0x5,0x%x,0x0] %c byte=%d, bit=%d\n",
1314 my_name, asc, c_d ? 'C' : 'D', in_byte, in_bit);
1315}
1316
1317static void mk_sense_buffer(struct scsi_cmnd *scp, int key, int asc, int asq)
1318{
1319 if (!scp->sense_buffer) {
1320 sdev_printk(KERN_ERR, scp->device,
1321 "%s: sense_buffer is NULL\n", __func__);
1322 return;
1323 }
1324 memset(scp->sense_buffer, 0, SCSI_SENSE_BUFFERSIZE);
1325
1326 scsi_build_sense(scp, sdebug_dsense, key, asc, asq);
1327
1328 if (sdebug_verbose)
1329 sdev_printk(KERN_INFO, scp->device,
1330 "%s: [sense_key,asc,ascq]: [0x%x,0x%x,0x%x]\n",
1331 my_name, key, asc, asq);
1332}
1333
1334static void mk_sense_invalid_opcode(struct scsi_cmnd *scp)
1335{
1336 mk_sense_buffer(scp, ILLEGAL_REQUEST, INVALID_OPCODE, 0);
1337}
1338
1339static int scsi_debug_ioctl(struct scsi_device *dev, unsigned int cmd,
1340 void __user *arg)
1341{
1342 if (sdebug_verbose) {
1343 if (0x1261 == cmd)
1344 sdev_printk(KERN_INFO, dev,
1345 "%s: BLKFLSBUF [0x1261]\n", __func__);
1346 else if (0x5331 == cmd)
1347 sdev_printk(KERN_INFO, dev,
1348 "%s: CDROM_GET_CAPABILITY [0x5331]\n",
1349 __func__);
1350 else
1351 sdev_printk(KERN_INFO, dev, "%s: cmd=0x%x\n",
1352 __func__, cmd);
1353 }
1354 return -EINVAL;
1355 /* return -ENOTTY; // correct return but upsets fdisk */
1356}
1357
1358static void config_cdb_len(struct scsi_device *sdev)
1359{
1360 switch (sdebug_cdb_len) {
1361 case 6: /* suggest 6 byte READ, WRITE and MODE SENSE/SELECT */
1362 sdev->use_10_for_rw = false;
1363 sdev->use_16_for_rw = false;
1364 sdev->use_10_for_ms = false;
1365 break;
1366 case 10: /* suggest 10 byte RWs and 6 byte MODE SENSE/SELECT */
1367 sdev->use_10_for_rw = true;
1368 sdev->use_16_for_rw = false;
1369 sdev->use_10_for_ms = false;
1370 break;
1371 case 12: /* suggest 10 byte RWs and 10 byte MODE SENSE/SELECT */
1372 sdev->use_10_for_rw = true;
1373 sdev->use_16_for_rw = false;
1374 sdev->use_10_for_ms = true;
1375 break;
1376 case 16:
1377 sdev->use_10_for_rw = false;
1378 sdev->use_16_for_rw = true;
1379 sdev->use_10_for_ms = true;
1380 break;
1381 case 32: /* No knobs to suggest this so same as 16 for now */
1382 sdev->use_10_for_rw = false;
1383 sdev->use_16_for_rw = true;
1384 sdev->use_10_for_ms = true;
1385 break;
1386 default:
1387 pr_warn("unexpected cdb_len=%d, force to 10\n",
1388 sdebug_cdb_len);
1389 sdev->use_10_for_rw = true;
1390 sdev->use_16_for_rw = false;
1391 sdev->use_10_for_ms = false;
1392 sdebug_cdb_len = 10;
1393 break;
1394 }
1395}
1396
1397static void all_config_cdb_len(void)
1398{
1399 struct sdebug_host_info *sdbg_host;
1400 struct Scsi_Host *shost;
1401 struct scsi_device *sdev;
1402
1403 mutex_lock(&sdebug_host_list_mutex);
1404 list_for_each_entry(sdbg_host, &sdebug_host_list, host_list) {
1405 shost = sdbg_host->shost;
1406 shost_for_each_device(sdev, shost) {
1407 config_cdb_len(sdev);
1408 }
1409 }
1410 mutex_unlock(&sdebug_host_list_mutex);
1411}
1412
1413static void clear_luns_changed_on_target(struct sdebug_dev_info *devip)
1414{
1415 struct sdebug_host_info *sdhp = devip->sdbg_host;
1416 struct sdebug_dev_info *dp;
1417
1418 list_for_each_entry(dp, &sdhp->dev_info_list, dev_list) {
1419 if ((devip->sdbg_host == dp->sdbg_host) &&
1420 (devip->target == dp->target)) {
1421 clear_bit(SDEBUG_UA_LUNS_CHANGED, dp->uas_bm);
1422 }
1423 }
1424}
1425
1426static int make_ua(struct scsi_cmnd *scp, struct sdebug_dev_info *devip)
1427{
1428 int k;
1429
1430 k = find_first_bit(devip->uas_bm, SDEBUG_NUM_UAS);
1431 if (k != SDEBUG_NUM_UAS) {
1432 const char *cp = NULL;
1433
1434 switch (k) {
1435 case SDEBUG_UA_POR:
1436 mk_sense_buffer(scp, UNIT_ATTENTION, UA_RESET_ASC,
1437 POWER_ON_RESET_ASCQ);
1438 if (sdebug_verbose)
1439 cp = "power on reset";
1440 break;
1441 case SDEBUG_UA_POOCCUR:
1442 mk_sense_buffer(scp, UNIT_ATTENTION, UA_RESET_ASC,
1443 POWER_ON_OCCURRED_ASCQ);
1444 if (sdebug_verbose)
1445 cp = "power on occurred";
1446 break;
1447 case SDEBUG_UA_BUS_RESET:
1448 mk_sense_buffer(scp, UNIT_ATTENTION, UA_RESET_ASC,
1449 BUS_RESET_ASCQ);
1450 if (sdebug_verbose)
1451 cp = "bus reset";
1452 break;
1453 case SDEBUG_UA_MODE_CHANGED:
1454 mk_sense_buffer(scp, UNIT_ATTENTION, UA_CHANGED_ASC,
1455 MODE_CHANGED_ASCQ);
1456 if (sdebug_verbose)
1457 cp = "mode parameters changed";
1458 break;
1459 case SDEBUG_UA_CAPACITY_CHANGED:
1460 mk_sense_buffer(scp, UNIT_ATTENTION, UA_CHANGED_ASC,
1461 CAPACITY_CHANGED_ASCQ);
1462 if (sdebug_verbose)
1463 cp = "capacity data changed";
1464 break;
1465 case SDEBUG_UA_MICROCODE_CHANGED:
1466 mk_sense_buffer(scp, UNIT_ATTENTION,
1467 TARGET_CHANGED_ASC,
1468 MICROCODE_CHANGED_ASCQ);
1469 if (sdebug_verbose)
1470 cp = "microcode has been changed";
1471 break;
1472 case SDEBUG_UA_MICROCODE_CHANGED_WO_RESET:
1473 mk_sense_buffer(scp, UNIT_ATTENTION,
1474 TARGET_CHANGED_ASC,
1475 MICROCODE_CHANGED_WO_RESET_ASCQ);
1476 if (sdebug_verbose)
1477 cp = "microcode has been changed without reset";
1478 break;
1479 case SDEBUG_UA_LUNS_CHANGED:
1480 /*
1481 * SPC-3 behavior is to report a UNIT ATTENTION with
1482 * ASC/ASCQ REPORTED LUNS DATA HAS CHANGED on every LUN
1483 * on the target, until a REPORT LUNS command is
1484 * received. SPC-4 behavior is to report it only once.
1485 * NOTE: sdebug_scsi_level does not use the same
1486 * values as struct scsi_device->scsi_level.
1487 */
1488 if (sdebug_scsi_level >= 6) /* SPC-4 and above */
1489 clear_luns_changed_on_target(devip);
1490 mk_sense_buffer(scp, UNIT_ATTENTION,
1491 TARGET_CHANGED_ASC,
1492 LUNS_CHANGED_ASCQ);
1493 if (sdebug_verbose)
1494 cp = "reported luns data has changed";
1495 break;
1496 default:
1497 pr_warn("unexpected unit attention code=%d\n", k);
1498 if (sdebug_verbose)
1499 cp = "unknown";
1500 break;
1501 }
1502 clear_bit(k, devip->uas_bm);
1503 if (sdebug_verbose)
1504 sdev_printk(KERN_INFO, scp->device,
1505 "%s reports: Unit attention: %s\n",
1506 my_name, cp);
1507 return check_condition_result;
1508 }
1509 return 0;
1510}
1511
1512/* Build SCSI "data-in" buffer. Returns 0 if ok else (DID_ERROR << 16). */
1513static int fill_from_dev_buffer(struct scsi_cmnd *scp, unsigned char *arr,
1514 int arr_len)
1515{
1516 int act_len;
1517 struct scsi_data_buffer *sdb = &scp->sdb;
1518
1519 if (!sdb->length)
1520 return 0;
1521 if (scp->sc_data_direction != DMA_FROM_DEVICE)
1522 return DID_ERROR << 16;
1523
1524 act_len = sg_copy_from_buffer(sdb->table.sgl, sdb->table.nents,
1525 arr, arr_len);
1526 scsi_set_resid(scp, scsi_bufflen(scp) - act_len);
1527
1528 return 0;
1529}
1530
1531/* Partial build of SCSI "data-in" buffer. Returns 0 if ok else
1532 * (DID_ERROR << 16). Can write to offset in data-in buffer. If multiple
1533 * calls, not required to write in ascending offset order. Assumes resid
1534 * set to scsi_bufflen() prior to any calls.
1535 */
1536static int p_fill_from_dev_buffer(struct scsi_cmnd *scp, const void *arr,
1537 int arr_len, unsigned int off_dst)
1538{
1539 unsigned int act_len, n;
1540 struct scsi_data_buffer *sdb = &scp->sdb;
1541 off_t skip = off_dst;
1542
1543 if (sdb->length <= off_dst)
1544 return 0;
1545 if (scp->sc_data_direction != DMA_FROM_DEVICE)
1546 return DID_ERROR << 16;
1547
1548 act_len = sg_pcopy_from_buffer(sdb->table.sgl, sdb->table.nents,
1549 arr, arr_len, skip);
1550 pr_debug("%s: off_dst=%u, scsi_bufflen=%u, act_len=%u, resid=%d\n",
1551 __func__, off_dst, scsi_bufflen(scp), act_len,
1552 scsi_get_resid(scp));
1553 n = scsi_bufflen(scp) - (off_dst + act_len);
1554 scsi_set_resid(scp, min_t(u32, scsi_get_resid(scp), n));
1555 return 0;
1556}
1557
1558/* Fetches from SCSI "data-out" buffer. Returns number of bytes fetched into
1559 * 'arr' or -1 if error.
1560 */
1561static int fetch_to_dev_buffer(struct scsi_cmnd *scp, unsigned char *arr,
1562 int arr_len)
1563{
1564 if (!scsi_bufflen(scp))
1565 return 0;
1566 if (scp->sc_data_direction != DMA_TO_DEVICE)
1567 return -1;
1568
1569 return scsi_sg_copy_to_buffer(scp, arr, arr_len);
1570}
1571
1572
1573static char sdebug_inq_vendor_id[9] = "Linux ";
1574static char sdebug_inq_product_id[17] = "scsi_debug ";
1575static char sdebug_inq_product_rev[5] = SDEBUG_VERSION;
1576/* Use some locally assigned NAAs for SAS addresses. */
1577static const u64 naa3_comp_a = 0x3222222000000000ULL;
1578static const u64 naa3_comp_b = 0x3333333000000000ULL;
1579static const u64 naa3_comp_c = 0x3111111000000000ULL;
1580
1581/* Device identification VPD page. Returns number of bytes placed in arr */
1582static int inquiry_vpd_83(unsigned char *arr, int port_group_id,
1583 int target_dev_id, int dev_id_num,
1584 const char *dev_id_str, int dev_id_str_len,
1585 const uuid_t *lu_name)
1586{
1587 int num, port_a;
1588 char b[32];
1589
1590 port_a = target_dev_id + 1;
1591 /* T10 vendor identifier field format (faked) */
1592 arr[0] = 0x2; /* ASCII */
1593 arr[1] = 0x1;
1594 arr[2] = 0x0;
1595 memcpy(&arr[4], sdebug_inq_vendor_id, 8);
1596 memcpy(&arr[12], sdebug_inq_product_id, 16);
1597 memcpy(&arr[28], dev_id_str, dev_id_str_len);
1598 num = 8 + 16 + dev_id_str_len;
1599 arr[3] = num;
1600 num += 4;
1601 if (dev_id_num >= 0) {
1602 if (sdebug_uuid_ctl) {
1603 /* Locally assigned UUID */
1604 arr[num++] = 0x1; /* binary (not necessarily sas) */
1605 arr[num++] = 0xa; /* PIV=0, lu, naa */
1606 arr[num++] = 0x0;
1607 arr[num++] = 0x12;
1608 arr[num++] = 0x10; /* uuid type=1, locally assigned */
1609 arr[num++] = 0x0;
1610 memcpy(arr + num, lu_name, 16);
1611 num += 16;
1612 } else {
1613 /* NAA-3, Logical unit identifier (binary) */
1614 arr[num++] = 0x1; /* binary (not necessarily sas) */
1615 arr[num++] = 0x3; /* PIV=0, lu, naa */
1616 arr[num++] = 0x0;
1617 arr[num++] = 0x8;
1618 put_unaligned_be64(naa3_comp_b + dev_id_num, arr + num);
1619 num += 8;
1620 }
1621 /* Target relative port number */
1622 arr[num++] = 0x61; /* proto=sas, binary */
1623 arr[num++] = 0x94; /* PIV=1, target port, rel port */
1624 arr[num++] = 0x0; /* reserved */
1625 arr[num++] = 0x4; /* length */
1626 arr[num++] = 0x0; /* reserved */
1627 arr[num++] = 0x0; /* reserved */
1628 arr[num++] = 0x0;
1629 arr[num++] = 0x1; /* relative port A */
1630 }
1631 /* NAA-3, Target port identifier */
1632 arr[num++] = 0x61; /* proto=sas, binary */
1633 arr[num++] = 0x93; /* piv=1, target port, naa */
1634 arr[num++] = 0x0;
1635 arr[num++] = 0x8;
1636 put_unaligned_be64(naa3_comp_a + port_a, arr + num);
1637 num += 8;
1638 /* NAA-3, Target port group identifier */
1639 arr[num++] = 0x61; /* proto=sas, binary */
1640 arr[num++] = 0x95; /* piv=1, target port group id */
1641 arr[num++] = 0x0;
1642 arr[num++] = 0x4;
1643 arr[num++] = 0;
1644 arr[num++] = 0;
1645 put_unaligned_be16(port_group_id, arr + num);
1646 num += 2;
1647 /* NAA-3, Target device identifier */
1648 arr[num++] = 0x61; /* proto=sas, binary */
1649 arr[num++] = 0xa3; /* piv=1, target device, naa */
1650 arr[num++] = 0x0;
1651 arr[num++] = 0x8;
1652 put_unaligned_be64(naa3_comp_a + target_dev_id, arr + num);
1653 num += 8;
1654 /* SCSI name string: Target device identifier */
1655 arr[num++] = 0x63; /* proto=sas, UTF-8 */
1656 arr[num++] = 0xa8; /* piv=1, target device, SCSI name string */
1657 arr[num++] = 0x0;
1658 arr[num++] = 24;
1659 memcpy(arr + num, "naa.32222220", 12);
1660 num += 12;
1661 snprintf(b, sizeof(b), "%08X", target_dev_id);
1662 memcpy(arr + num, b, 8);
1663 num += 8;
1664 memset(arr + num, 0, 4);
1665 num += 4;
1666 return num;
1667}
1668
1669static unsigned char vpd84_data[] = {
1670/* from 4th byte */ 0x22,0x22,0x22,0x0,0xbb,0x0,
1671 0x22,0x22,0x22,0x0,0xbb,0x1,
1672 0x22,0x22,0x22,0x0,0xbb,0x2,
1673};
1674
1675/* Software interface identification VPD page */
1676static int inquiry_vpd_84(unsigned char *arr)
1677{
1678 memcpy(arr, vpd84_data, sizeof(vpd84_data));
1679 return sizeof(vpd84_data);
1680}
1681
1682/* Management network addresses VPD page */
1683static int inquiry_vpd_85(unsigned char *arr)
1684{
1685 int num = 0;
1686 const char *na1 = "https://www.kernel.org/config";
1687 const char *na2 = "http://www.kernel.org/log";
1688 int plen, olen;
1689
1690 arr[num++] = 0x1; /* lu, storage config */
1691 arr[num++] = 0x0; /* reserved */
1692 arr[num++] = 0x0;
1693 olen = strlen(na1);
1694 plen = olen + 1;
1695 if (plen % 4)
1696 plen = ((plen / 4) + 1) * 4;
1697 arr[num++] = plen; /* length, null termianted, padded */
1698 memcpy(arr + num, na1, olen);
1699 memset(arr + num + olen, 0, plen - olen);
1700 num += plen;
1701
1702 arr[num++] = 0x4; /* lu, logging */
1703 arr[num++] = 0x0; /* reserved */
1704 arr[num++] = 0x0;
1705 olen = strlen(na2);
1706 plen = olen + 1;
1707 if (plen % 4)
1708 plen = ((plen / 4) + 1) * 4;
1709 arr[num++] = plen; /* length, null terminated, padded */
1710 memcpy(arr + num, na2, olen);
1711 memset(arr + num + olen, 0, plen - olen);
1712 num += plen;
1713
1714 return num;
1715}
1716
1717/* SCSI ports VPD page */
1718static int inquiry_vpd_88(unsigned char *arr, int target_dev_id)
1719{
1720 int num = 0;
1721 int port_a, port_b;
1722
1723 port_a = target_dev_id + 1;
1724 port_b = port_a + 1;
1725 arr[num++] = 0x0; /* reserved */
1726 arr[num++] = 0x0; /* reserved */
1727 arr[num++] = 0x0;
1728 arr[num++] = 0x1; /* relative port 1 (primary) */
1729 memset(arr + num, 0, 6);
1730 num += 6;
1731 arr[num++] = 0x0;
1732 arr[num++] = 12; /* length tp descriptor */
1733 /* naa-5 target port identifier (A) */
1734 arr[num++] = 0x61; /* proto=sas, binary */
1735 arr[num++] = 0x93; /* PIV=1, target port, NAA */
1736 arr[num++] = 0x0; /* reserved */
1737 arr[num++] = 0x8; /* length */
1738 put_unaligned_be64(naa3_comp_a + port_a, arr + num);
1739 num += 8;
1740 arr[num++] = 0x0; /* reserved */
1741 arr[num++] = 0x0; /* reserved */
1742 arr[num++] = 0x0;
1743 arr[num++] = 0x2; /* relative port 2 (secondary) */
1744 memset(arr + num, 0, 6);
1745 num += 6;
1746 arr[num++] = 0x0;
1747 arr[num++] = 12; /* length tp descriptor */
1748 /* naa-5 target port identifier (B) */
1749 arr[num++] = 0x61; /* proto=sas, binary */
1750 arr[num++] = 0x93; /* PIV=1, target port, NAA */
1751 arr[num++] = 0x0; /* reserved */
1752 arr[num++] = 0x8; /* length */
1753 put_unaligned_be64(naa3_comp_a + port_b, arr + num);
1754 num += 8;
1755
1756 return num;
1757}
1758
1759
1760static unsigned char vpd89_data[] = {
1761/* from 4th byte */ 0,0,0,0,
1762'l','i','n','u','x',' ',' ',' ',
1763'S','A','T',' ','s','c','s','i','_','d','e','b','u','g',' ',' ',
1764'1','2','3','4',
17650x34,0,0,0,1,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,
17660xec,0,0,0,
17670x5a,0xc,0xff,0x3f,0x37,0xc8,0x10,0,0,0,0,0,0x3f,0,0,0,
17680,0,0,0,0x58,0x58,0x58,0x58,0x58,0x58,0x58,0x58,0x20,0x20,0x20,0x20,
17690x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,0,0,0,0x40,0x4,0,0x2e,0x33,
17700x38,0x31,0x20,0x20,0x20,0x20,0x54,0x53,0x38,0x33,0x30,0x30,0x33,0x31,
17710x53,0x41,
17720x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,
17730x20,0x20,
17740x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,
17750x10,0x80,
17760,0,0,0x2f,0,0,0,0x2,0,0x2,0x7,0,0xff,0xff,0x1,0,
17770x3f,0,0xc1,0xff,0x3e,0,0x10,0x1,0xb0,0xf8,0x50,0x9,0,0,0x7,0,
17780x3,0,0x78,0,0x78,0,0xf0,0,0x78,0,0,0,0,0,0,0,
17790,0,0,0,0,0,0,0,0x2,0,0,0,0,0,0,0,
17800x7e,0,0x1b,0,0x6b,0x34,0x1,0x7d,0x3,0x40,0x69,0x34,0x1,0x3c,0x3,0x40,
17810x7f,0x40,0,0,0,0,0xfe,0xfe,0,0,0,0,0,0xfe,0,0,
17820,0,0,0,0,0,0,0,0xb0,0xf8,0x50,0x9,0,0,0,0,
17830,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
17840,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
17850,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
17860x1,0,0xb0,0xf8,0x50,0x9,0xb0,0xf8,0x50,0x9,0x20,0x20,0x2,0,0xb6,0x42,
17870,0x80,0x8a,0,0x6,0x3c,0xa,0x3c,0xff,0xff,0xc6,0x7,0,0x1,0,0x8,
17880xf0,0xf,0,0x10,0x2,0,0x30,0,0,0,0,0,0,0,0x6,0xfe,
17890,0,0x2,0,0x50,0,0x8a,0,0x4f,0x95,0,0,0x21,0,0xb,0,
17900,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
17910,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
17920,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
17930,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
17940,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
17950,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
17960,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
17970,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
17980,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
17990,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
18000,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
18010,0,0,0,0,0,0,0,0,0,0,0,0,0,0xa5,0x51,
1802};
1803
1804/* ATA Information VPD page */
1805static int inquiry_vpd_89(unsigned char *arr)
1806{
1807 memcpy(arr, vpd89_data, sizeof(vpd89_data));
1808 return sizeof(vpd89_data);
1809}
1810
1811
1812static unsigned char vpdb0_data[] = {
1813 /* from 4th byte */ 0,0,0,4, 0,0,0x4,0, 0,0,0,64,
1814 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
1815 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
1816 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
1817};
1818
1819/* Block limits VPD page (SBC-3) */
1820static int inquiry_vpd_b0(unsigned char *arr)
1821{
1822 unsigned int gran;
1823
1824 memcpy(arr, vpdb0_data, sizeof(vpdb0_data));
1825
1826 /* Optimal transfer length granularity */
1827 if (sdebug_opt_xferlen_exp != 0 &&
1828 sdebug_physblk_exp < sdebug_opt_xferlen_exp)
1829 gran = 1 << sdebug_opt_xferlen_exp;
1830 else
1831 gran = 1 << sdebug_physblk_exp;
1832 put_unaligned_be16(gran, arr + 2);
1833
1834 /* Maximum Transfer Length */
1835 if (sdebug_store_sectors > 0x400)
1836 put_unaligned_be32(sdebug_store_sectors, arr + 4);
1837
1838 /* Optimal Transfer Length */
1839 put_unaligned_be32(sdebug_opt_blks, &arr[8]);
1840
1841 if (sdebug_lbpu) {
1842 /* Maximum Unmap LBA Count */
1843 put_unaligned_be32(sdebug_unmap_max_blocks, &arr[16]);
1844
1845 /* Maximum Unmap Block Descriptor Count */
1846 put_unaligned_be32(sdebug_unmap_max_desc, &arr[20]);
1847 }
1848
1849 /* Unmap Granularity Alignment */
1850 if (sdebug_unmap_alignment) {
1851 put_unaligned_be32(sdebug_unmap_alignment, &arr[28]);
1852 arr[28] |= 0x80; /* UGAVALID */
1853 }
1854
1855 /* Optimal Unmap Granularity */
1856 put_unaligned_be32(sdebug_unmap_granularity, &arr[24]);
1857
1858 /* Maximum WRITE SAME Length */
1859 put_unaligned_be64(sdebug_write_same_length, &arr[32]);
1860
1861 if (sdebug_atomic_wr) {
1862 put_unaligned_be32(sdebug_atomic_wr_max_length, &arr[40]);
1863 put_unaligned_be32(sdebug_atomic_wr_align, &arr[44]);
1864 put_unaligned_be32(sdebug_atomic_wr_gran, &arr[48]);
1865 put_unaligned_be32(sdebug_atomic_wr_max_length_bndry, &arr[52]);
1866 put_unaligned_be32(sdebug_atomic_wr_max_bndry, &arr[56]);
1867 }
1868
1869 return 0x3c; /* Mandatory page length for Logical Block Provisioning */
1870}
1871
1872/* Block device characteristics VPD page (SBC-3) */
1873static int inquiry_vpd_b1(struct sdebug_dev_info *devip, unsigned char *arr)
1874{
1875 memset(arr, 0, 0x3c);
1876 arr[0] = 0;
1877 arr[1] = 1; /* non rotating medium (e.g. solid state) */
1878 arr[2] = 0;
1879 arr[3] = 5; /* less than 1.8" */
1880
1881 return 0x3c;
1882}
1883
1884/* Logical block provisioning VPD page (SBC-4) */
1885static int inquiry_vpd_b2(unsigned char *arr)
1886{
1887 memset(arr, 0, 0x4);
1888 arr[0] = 0; /* threshold exponent */
1889 if (sdebug_lbpu)
1890 arr[1] = 1 << 7;
1891 if (sdebug_lbpws)
1892 arr[1] |= 1 << 6;
1893 if (sdebug_lbpws10)
1894 arr[1] |= 1 << 5;
1895 if (sdebug_lbprz && scsi_debug_lbp())
1896 arr[1] |= (sdebug_lbprz & 0x7) << 2; /* sbc4r07 and later */
1897 /* anc_sup=0; dp=0 (no provisioning group descriptor) */
1898 /* minimum_percentage=0; provisioning_type=0 (unknown) */
1899 /* threshold_percentage=0 */
1900 return 0x4;
1901}
1902
1903/* Zoned block device characteristics VPD page (ZBC mandatory) */
1904static int inquiry_vpd_b6(struct sdebug_dev_info *devip, unsigned char *arr)
1905{
1906 memset(arr, 0, 0x3c);
1907 arr[0] = 0x1; /* set URSWRZ (unrestricted read in seq. wr req zone) */
1908 /*
1909 * Set Optimal number of open sequential write preferred zones and
1910 * Optimal number of non-sequentially written sequential write
1911 * preferred zones fields to 'not reported' (0xffffffff). Leave other
1912 * fields set to zero, apart from Max. number of open swrz_s field.
1913 */
1914 put_unaligned_be32(0xffffffff, &arr[4]);
1915 put_unaligned_be32(0xffffffff, &arr[8]);
1916 if (sdeb_zbc_model == BLK_ZONED_HM && devip->max_open)
1917 put_unaligned_be32(devip->max_open, &arr[12]);
1918 else
1919 put_unaligned_be32(0xffffffff, &arr[12]);
1920 if (devip->zcap < devip->zsize) {
1921 arr[19] = ZBC_CONSTANT_ZONE_START_OFFSET;
1922 put_unaligned_be64(devip->zsize, &arr[20]);
1923 } else {
1924 arr[19] = 0;
1925 }
1926 return 0x3c;
1927}
1928
1929#define SDEBUG_BLE_LEN_AFTER_B4 28 /* thus vpage 32 bytes long */
1930
1931enum { MAXIMUM_NUMBER_OF_STREAMS = 6, PERMANENT_STREAM_COUNT = 5 };
1932
1933/* Block limits extension VPD page (SBC-4) */
1934static int inquiry_vpd_b7(unsigned char *arrb4)
1935{
1936 memset(arrb4, 0, SDEBUG_BLE_LEN_AFTER_B4);
1937 arrb4[1] = 1; /* Reduced stream control support (RSCS) */
1938 put_unaligned_be16(MAXIMUM_NUMBER_OF_STREAMS, &arrb4[2]);
1939 return SDEBUG_BLE_LEN_AFTER_B4;
1940}
1941
1942#define SDEBUG_LONG_INQ_SZ 96
1943#define SDEBUG_MAX_INQ_ARR_SZ 584
1944
1945static int resp_inquiry(struct scsi_cmnd *scp, struct sdebug_dev_info *devip)
1946{
1947 unsigned char pq_pdt;
1948 unsigned char *arr;
1949 unsigned char *cmd = scp->cmnd;
1950 u32 alloc_len, n;
1951 int ret;
1952 bool have_wlun, is_disk, is_zbc, is_disk_zbc;
1953
1954 alloc_len = get_unaligned_be16(cmd + 3);
1955 arr = kzalloc(SDEBUG_MAX_INQ_ARR_SZ, GFP_ATOMIC);
1956 if (! arr)
1957 return DID_REQUEUE << 16;
1958 is_disk = (sdebug_ptype == TYPE_DISK);
1959 is_zbc = devip->zoned;
1960 is_disk_zbc = (is_disk || is_zbc);
1961 have_wlun = scsi_is_wlun(scp->device->lun);
1962 if (have_wlun)
1963 pq_pdt = TYPE_WLUN; /* present, wlun */
1964 else if (sdebug_no_lun_0 && (devip->lun == SDEBUG_LUN_0_VAL))
1965 pq_pdt = 0x7f; /* not present, PQ=3, PDT=0x1f */
1966 else
1967 pq_pdt = (sdebug_ptype & 0x1f);
1968 arr[0] = pq_pdt;
1969 if (0x2 & cmd[1]) { /* CMDDT bit set */
1970 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 1, 1);
1971 kfree(arr);
1972 return check_condition_result;
1973 } else if (0x1 & cmd[1]) { /* EVPD bit set */
1974 int lu_id_num, port_group_id, target_dev_id;
1975 u32 len;
1976 char lu_id_str[6];
1977 int host_no = devip->sdbg_host->shost->host_no;
1978
1979 arr[1] = cmd[2];
1980 port_group_id = (((host_no + 1) & 0x7f) << 8) +
1981 (devip->channel & 0x7f);
1982 if (sdebug_vpd_use_hostno == 0)
1983 host_no = 0;
1984 lu_id_num = have_wlun ? -1 : (((host_no + 1) * 2000) +
1985 (devip->target * 1000) + devip->lun);
1986 target_dev_id = ((host_no + 1) * 2000) +
1987 (devip->target * 1000) - 3;
1988 len = scnprintf(lu_id_str, 6, "%d", lu_id_num);
1989 if (0 == cmd[2]) { /* supported vital product data pages */
1990 n = 4;
1991 arr[n++] = 0x0; /* this page */
1992 arr[n++] = 0x80; /* unit serial number */
1993 arr[n++] = 0x83; /* device identification */
1994 arr[n++] = 0x84; /* software interface ident. */
1995 arr[n++] = 0x85; /* management network addresses */
1996 arr[n++] = 0x86; /* extended inquiry */
1997 arr[n++] = 0x87; /* mode page policy */
1998 arr[n++] = 0x88; /* SCSI ports */
1999 if (is_disk_zbc) { /* SBC or ZBC */
2000 arr[n++] = 0x89; /* ATA information */
2001 arr[n++] = 0xb0; /* Block limits */
2002 arr[n++] = 0xb1; /* Block characteristics */
2003 if (is_disk)
2004 arr[n++] = 0xb2; /* LB Provisioning */
2005 if (is_zbc)
2006 arr[n++] = 0xb6; /* ZB dev. char. */
2007 arr[n++] = 0xb7; /* Block limits extension */
2008 }
2009 arr[3] = n - 4; /* number of supported VPD pages */
2010 } else if (0x80 == cmd[2]) { /* unit serial number */
2011 arr[3] = len;
2012 memcpy(&arr[4], lu_id_str, len);
2013 } else if (0x83 == cmd[2]) { /* device identification */
2014 arr[3] = inquiry_vpd_83(&arr[4], port_group_id,
2015 target_dev_id, lu_id_num,
2016 lu_id_str, len,
2017 &devip->lu_name);
2018 } else if (0x84 == cmd[2]) { /* Software interface ident. */
2019 arr[3] = inquiry_vpd_84(&arr[4]);
2020 } else if (0x85 == cmd[2]) { /* Management network addresses */
2021 arr[3] = inquiry_vpd_85(&arr[4]);
2022 } else if (0x86 == cmd[2]) { /* extended inquiry */
2023 arr[3] = 0x3c; /* number of following entries */
2024 if (sdebug_dif == T10_PI_TYPE3_PROTECTION)
2025 arr[4] = 0x4; /* SPT: GRD_CHK:1 */
2026 else if (have_dif_prot)
2027 arr[4] = 0x5; /* SPT: GRD_CHK:1, REF_CHK:1 */
2028 else
2029 arr[4] = 0x0; /* no protection stuff */
2030 /*
2031 * GROUP_SUP=1; HEADSUP=1 (HEAD OF QUEUE); ORDSUP=1
2032 * (ORDERED queuing); SIMPSUP=1 (SIMPLE queuing).
2033 */
2034 arr[5] = 0x17;
2035 } else if (0x87 == cmd[2]) { /* mode page policy */
2036 arr[3] = 0x8; /* number of following entries */
2037 arr[4] = 0x2; /* disconnect-reconnect mp */
2038 arr[6] = 0x80; /* mlus, shared */
2039 arr[8] = 0x18; /* protocol specific lu */
2040 arr[10] = 0x82; /* mlus, per initiator port */
2041 } else if (0x88 == cmd[2]) { /* SCSI Ports */
2042 arr[3] = inquiry_vpd_88(&arr[4], target_dev_id);
2043 } else if (is_disk_zbc && 0x89 == cmd[2]) { /* ATA info */
2044 n = inquiry_vpd_89(&arr[4]);
2045 put_unaligned_be16(n, arr + 2);
2046 } else if (is_disk_zbc && 0xb0 == cmd[2]) { /* Block limits */
2047 arr[3] = inquiry_vpd_b0(&arr[4]);
2048 } else if (is_disk_zbc && 0xb1 == cmd[2]) { /* Block char. */
2049 arr[3] = inquiry_vpd_b1(devip, &arr[4]);
2050 } else if (is_disk && 0xb2 == cmd[2]) { /* LB Prov. */
2051 arr[3] = inquiry_vpd_b2(&arr[4]);
2052 } else if (is_zbc && cmd[2] == 0xb6) { /* ZB dev. charact. */
2053 arr[3] = inquiry_vpd_b6(devip, &arr[4]);
2054 } else if (cmd[2] == 0xb7) { /* block limits extension page */
2055 arr[3] = inquiry_vpd_b7(&arr[4]);
2056 } else {
2057 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 2, -1);
2058 kfree(arr);
2059 return check_condition_result;
2060 }
2061 len = min_t(u32, get_unaligned_be16(arr + 2) + 4, alloc_len);
2062 ret = fill_from_dev_buffer(scp, arr,
2063 min_t(u32, len, SDEBUG_MAX_INQ_ARR_SZ));
2064 kfree(arr);
2065 return ret;
2066 }
2067 /* drops through here for a standard inquiry */
2068 arr[1] = sdebug_removable ? 0x80 : 0; /* Removable disk */
2069 arr[2] = sdebug_scsi_level;
2070 arr[3] = 2; /* response_data_format==2 */
2071 arr[4] = SDEBUG_LONG_INQ_SZ - 5;
2072 arr[5] = (int)have_dif_prot; /* PROTECT bit */
2073 if (sdebug_vpd_use_hostno == 0)
2074 arr[5] |= 0x10; /* claim: implicit TPGS */
2075 arr[6] = 0x10; /* claim: MultiP */
2076 /* arr[6] |= 0x40; ... claim: EncServ (enclosure services) */
2077 arr[7] = 0xa; /* claim: LINKED + CMDQUE */
2078 memcpy(&arr[8], sdebug_inq_vendor_id, 8);
2079 memcpy(&arr[16], sdebug_inq_product_id, 16);
2080 memcpy(&arr[32], sdebug_inq_product_rev, 4);
2081 /* Use Vendor Specific area to place driver date in ASCII hex */
2082 memcpy(&arr[36], sdebug_version_date, 8);
2083 /* version descriptors (2 bytes each) follow */
2084 put_unaligned_be16(0xc0, arr + 58); /* SAM-6 no version claimed */
2085 put_unaligned_be16(0x5c0, arr + 60); /* SPC-5 no version claimed */
2086 n = 62;
2087 if (is_disk) { /* SBC-4 no version claimed */
2088 put_unaligned_be16(0x600, arr + n);
2089 n += 2;
2090 } else if (sdebug_ptype == TYPE_TAPE) { /* SSC-4 rev 3 */
2091 put_unaligned_be16(0x525, arr + n);
2092 n += 2;
2093 } else if (is_zbc) { /* ZBC BSR INCITS 536 revision 05 */
2094 put_unaligned_be16(0x624, arr + n);
2095 n += 2;
2096 }
2097 put_unaligned_be16(0x2100, arr + n); /* SPL-4 no version claimed */
2098 ret = fill_from_dev_buffer(scp, arr,
2099 min_t(u32, alloc_len, SDEBUG_LONG_INQ_SZ));
2100 kfree(arr);
2101 return ret;
2102}
2103
2104/* See resp_iec_m_pg() for how this data is manipulated */
2105static unsigned char iec_m_pg[] = {0x1c, 0xa, 0x08, 0, 0, 0, 0, 0,
2106 0, 0, 0x0, 0x0};
2107
2108static int resp_requests(struct scsi_cmnd *scp,
2109 struct sdebug_dev_info *devip)
2110{
2111 unsigned char *cmd = scp->cmnd;
2112 unsigned char arr[SCSI_SENSE_BUFFERSIZE]; /* assume >= 18 bytes */
2113 bool dsense = !!(cmd[1] & 1);
2114 u32 alloc_len = cmd[4];
2115 u32 len = 18;
2116 int stopped_state = atomic_read(&devip->stopped);
2117
2118 memset(arr, 0, sizeof(arr));
2119 if (stopped_state > 0) { /* some "pollable" data [spc6r02: 5.12.2] */
2120 if (dsense) {
2121 arr[0] = 0x72;
2122 arr[1] = NOT_READY;
2123 arr[2] = LOGICAL_UNIT_NOT_READY;
2124 arr[3] = (stopped_state == 2) ? 0x1 : 0x2;
2125 len = 8;
2126 } else {
2127 arr[0] = 0x70;
2128 arr[2] = NOT_READY; /* NO_SENSE in sense_key */
2129 arr[7] = 0xa; /* 18 byte sense buffer */
2130 arr[12] = LOGICAL_UNIT_NOT_READY;
2131 arr[13] = (stopped_state == 2) ? 0x1 : 0x2;
2132 }
2133 } else if ((iec_m_pg[2] & 0x4) && (6 == (iec_m_pg[3] & 0xf))) {
2134 /* Information exceptions control mode page: TEST=1, MRIE=6 */
2135 if (dsense) {
2136 arr[0] = 0x72;
2137 arr[1] = 0x0; /* NO_SENSE in sense_key */
2138 arr[2] = THRESHOLD_EXCEEDED;
2139 arr[3] = 0xff; /* Failure prediction(false) */
2140 len = 8;
2141 } else {
2142 arr[0] = 0x70;
2143 arr[2] = 0x0; /* NO_SENSE in sense_key */
2144 arr[7] = 0xa; /* 18 byte sense buffer */
2145 arr[12] = THRESHOLD_EXCEEDED;
2146 arr[13] = 0xff; /* Failure prediction(false) */
2147 }
2148 } else { /* nothing to report */
2149 if (dsense) {
2150 len = 8;
2151 memset(arr, 0, len);
2152 arr[0] = 0x72;
2153 } else {
2154 memset(arr, 0, len);
2155 arr[0] = 0x70;
2156 arr[7] = 0xa;
2157 }
2158 }
2159 return fill_from_dev_buffer(scp, arr, min_t(u32, len, alloc_len));
2160}
2161
2162static int resp_start_stop(struct scsi_cmnd *scp, struct sdebug_dev_info *devip)
2163{
2164 unsigned char *cmd = scp->cmnd;
2165 int power_cond, want_stop, stopped_state;
2166 bool changing;
2167
2168 power_cond = (cmd[4] & 0xf0) >> 4;
2169 if (power_cond) {
2170 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 4, 7);
2171 return check_condition_result;
2172 }
2173 want_stop = !(cmd[4] & 1);
2174 stopped_state = atomic_read(&devip->stopped);
2175 if (stopped_state == 2) {
2176 ktime_t now_ts = ktime_get_boottime();
2177
2178 if (ktime_to_ns(now_ts) > ktime_to_ns(devip->create_ts)) {
2179 u64 diff_ns = ktime_to_ns(ktime_sub(now_ts, devip->create_ts));
2180
2181 if (diff_ns >= ((u64)sdeb_tur_ms_to_ready * 1000000)) {
2182 /* tur_ms_to_ready timer extinguished */
2183 atomic_set(&devip->stopped, 0);
2184 stopped_state = 0;
2185 }
2186 }
2187 if (stopped_state == 2) {
2188 if (want_stop) {
2189 stopped_state = 1; /* dummy up success */
2190 } else { /* Disallow tur_ms_to_ready delay to be overridden */
2191 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 4, 0 /* START bit */);
2192 return check_condition_result;
2193 }
2194 }
2195 }
2196 changing = (stopped_state != want_stop);
2197 if (changing)
2198 atomic_xchg(&devip->stopped, want_stop);
2199 if (!changing || (cmd[1] & 0x1)) /* state unchanged or IMMED bit set in cdb */
2200 return SDEG_RES_IMMED_MASK;
2201 else
2202 return 0;
2203}
2204
2205static sector_t get_sdebug_capacity(void)
2206{
2207 static const unsigned int gibibyte = 1073741824;
2208
2209 if (sdebug_virtual_gb > 0)
2210 return (sector_t)sdebug_virtual_gb *
2211 (gibibyte / sdebug_sector_size);
2212 else
2213 return sdebug_store_sectors;
2214}
2215
2216#define SDEBUG_READCAP_ARR_SZ 8
2217static int resp_readcap(struct scsi_cmnd *scp,
2218 struct sdebug_dev_info *devip)
2219{
2220 unsigned char arr[SDEBUG_READCAP_ARR_SZ];
2221 unsigned int capac;
2222
2223 /* following just in case virtual_gb changed */
2224 sdebug_capacity = get_sdebug_capacity();
2225 memset(arr, 0, SDEBUG_READCAP_ARR_SZ);
2226 if (sdebug_capacity < 0xffffffff) {
2227 capac = (unsigned int)sdebug_capacity - 1;
2228 put_unaligned_be32(capac, arr + 0);
2229 } else
2230 put_unaligned_be32(0xffffffff, arr + 0);
2231 put_unaligned_be16(sdebug_sector_size, arr + 6);
2232 return fill_from_dev_buffer(scp, arr, SDEBUG_READCAP_ARR_SZ);
2233}
2234
2235#define SDEBUG_READCAP16_ARR_SZ 32
2236static int resp_readcap16(struct scsi_cmnd *scp,
2237 struct sdebug_dev_info *devip)
2238{
2239 unsigned char *cmd = scp->cmnd;
2240 unsigned char arr[SDEBUG_READCAP16_ARR_SZ];
2241 u32 alloc_len;
2242
2243 alloc_len = get_unaligned_be32(cmd + 10);
2244 /* following just in case virtual_gb changed */
2245 sdebug_capacity = get_sdebug_capacity();
2246 memset(arr, 0, SDEBUG_READCAP16_ARR_SZ);
2247 put_unaligned_be64((u64)(sdebug_capacity - 1), arr + 0);
2248 put_unaligned_be32(sdebug_sector_size, arr + 8);
2249 arr[13] = sdebug_physblk_exp & 0xf;
2250 arr[14] = (sdebug_lowest_aligned >> 8) & 0x3f;
2251
2252 if (scsi_debug_lbp()) {
2253 arr[14] |= 0x80; /* LBPME */
2254 /* from sbc4r07, this LBPRZ field is 1 bit, but the LBPRZ in
2255 * the LB Provisioning VPD page is 3 bits. Note that lbprz=2
2256 * in the wider field maps to 0 in this field.
2257 */
2258 if (sdebug_lbprz & 1) /* precisely what the draft requires */
2259 arr[14] |= 0x40;
2260 }
2261
2262 /*
2263 * Since the scsi_debug READ CAPACITY implementation always reports the
2264 * total disk capacity, set RC BASIS = 1 for host-managed ZBC devices.
2265 */
2266 if (devip->zoned)
2267 arr[12] |= 1 << 4;
2268
2269 arr[15] = sdebug_lowest_aligned & 0xff;
2270
2271 if (have_dif_prot) {
2272 arr[12] = (sdebug_dif - 1) << 1; /* P_TYPE */
2273 arr[12] |= 1; /* PROT_EN */
2274 }
2275
2276 return fill_from_dev_buffer(scp, arr,
2277 min_t(u32, alloc_len, SDEBUG_READCAP16_ARR_SZ));
2278}
2279
2280#define SDEBUG_MAX_TGTPGS_ARR_SZ 1412
2281
2282static int resp_report_tgtpgs(struct scsi_cmnd *scp,
2283 struct sdebug_dev_info *devip)
2284{
2285 unsigned char *cmd = scp->cmnd;
2286 unsigned char *arr;
2287 int host_no = devip->sdbg_host->shost->host_no;
2288 int port_group_a, port_group_b, port_a, port_b;
2289 u32 alen, n, rlen;
2290 int ret;
2291
2292 alen = get_unaligned_be32(cmd + 6);
2293 arr = kzalloc(SDEBUG_MAX_TGTPGS_ARR_SZ, GFP_ATOMIC);
2294 if (! arr)
2295 return DID_REQUEUE << 16;
2296 /*
2297 * EVPD page 0x88 states we have two ports, one
2298 * real and a fake port with no device connected.
2299 * So we create two port groups with one port each
2300 * and set the group with port B to unavailable.
2301 */
2302 port_a = 0x1; /* relative port A */
2303 port_b = 0x2; /* relative port B */
2304 port_group_a = (((host_no + 1) & 0x7f) << 8) +
2305 (devip->channel & 0x7f);
2306 port_group_b = (((host_no + 1) & 0x7f) << 8) +
2307 (devip->channel & 0x7f) + 0x80;
2308
2309 /*
2310 * The asymmetric access state is cycled according to the host_id.
2311 */
2312 n = 4;
2313 if (sdebug_vpd_use_hostno == 0) {
2314 arr[n++] = host_no % 3; /* Asymm access state */
2315 arr[n++] = 0x0F; /* claim: all states are supported */
2316 } else {
2317 arr[n++] = 0x0; /* Active/Optimized path */
2318 arr[n++] = 0x01; /* only support active/optimized paths */
2319 }
2320 put_unaligned_be16(port_group_a, arr + n);
2321 n += 2;
2322 arr[n++] = 0; /* Reserved */
2323 arr[n++] = 0; /* Status code */
2324 arr[n++] = 0; /* Vendor unique */
2325 arr[n++] = 0x1; /* One port per group */
2326 arr[n++] = 0; /* Reserved */
2327 arr[n++] = 0; /* Reserved */
2328 put_unaligned_be16(port_a, arr + n);
2329 n += 2;
2330 arr[n++] = 3; /* Port unavailable */
2331 arr[n++] = 0x08; /* claim: only unavailalbe paths are supported */
2332 put_unaligned_be16(port_group_b, arr + n);
2333 n += 2;
2334 arr[n++] = 0; /* Reserved */
2335 arr[n++] = 0; /* Status code */
2336 arr[n++] = 0; /* Vendor unique */
2337 arr[n++] = 0x1; /* One port per group */
2338 arr[n++] = 0; /* Reserved */
2339 arr[n++] = 0; /* Reserved */
2340 put_unaligned_be16(port_b, arr + n);
2341 n += 2;
2342
2343 rlen = n - 4;
2344 put_unaligned_be32(rlen, arr + 0);
2345
2346 /*
2347 * Return the smallest value of either
2348 * - The allocated length
2349 * - The constructed command length
2350 * - The maximum array size
2351 */
2352 rlen = min(alen, n);
2353 ret = fill_from_dev_buffer(scp, arr,
2354 min_t(u32, rlen, SDEBUG_MAX_TGTPGS_ARR_SZ));
2355 kfree(arr);
2356 return ret;
2357}
2358
2359static int resp_rsup_opcodes(struct scsi_cmnd *scp,
2360 struct sdebug_dev_info *devip)
2361{
2362 bool rctd;
2363 u8 reporting_opts, req_opcode, sdeb_i, supp;
2364 u16 req_sa, u;
2365 u32 alloc_len, a_len;
2366 int k, offset, len, errsts, count, bump, na;
2367 const struct opcode_info_t *oip;
2368 const struct opcode_info_t *r_oip;
2369 u8 *arr;
2370 u8 *cmd = scp->cmnd;
2371
2372 rctd = !!(cmd[2] & 0x80);
2373 reporting_opts = cmd[2] & 0x7;
2374 req_opcode = cmd[3];
2375 req_sa = get_unaligned_be16(cmd + 4);
2376 alloc_len = get_unaligned_be32(cmd + 6);
2377 if (alloc_len < 4 || alloc_len > 0xffff) {
2378 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 6, -1);
2379 return check_condition_result;
2380 }
2381 if (alloc_len > 8192)
2382 a_len = 8192;
2383 else
2384 a_len = alloc_len;
2385 arr = kzalloc((a_len < 256) ? 320 : a_len + 64, GFP_ATOMIC);
2386 if (NULL == arr) {
2387 mk_sense_buffer(scp, ILLEGAL_REQUEST, INSUFF_RES_ASC,
2388 INSUFF_RES_ASCQ);
2389 return check_condition_result;
2390 }
2391 switch (reporting_opts) {
2392 case 0: /* all commands */
2393 /* count number of commands */
2394 for (count = 0, oip = opcode_info_arr;
2395 oip->num_attached != 0xff; ++oip) {
2396 if (F_INV_OP & oip->flags)
2397 continue;
2398 count += (oip->num_attached + 1);
2399 }
2400 bump = rctd ? 20 : 8;
2401 put_unaligned_be32(count * bump, arr);
2402 for (offset = 4, oip = opcode_info_arr;
2403 oip->num_attached != 0xff && offset < a_len; ++oip) {
2404 if (F_INV_OP & oip->flags)
2405 continue;
2406 na = oip->num_attached;
2407 arr[offset] = oip->opcode;
2408 put_unaligned_be16(oip->sa, arr + offset + 2);
2409 if (rctd)
2410 arr[offset + 5] |= 0x2;
2411 if (FF_SA & oip->flags)
2412 arr[offset + 5] |= 0x1;
2413 put_unaligned_be16(oip->len_mask[0], arr + offset + 6);
2414 if (rctd)
2415 put_unaligned_be16(0xa, arr + offset + 8);
2416 r_oip = oip;
2417 for (k = 0, oip = oip->arrp; k < na; ++k, ++oip) {
2418 if (F_INV_OP & oip->flags)
2419 continue;
2420 offset += bump;
2421 arr[offset] = oip->opcode;
2422 put_unaligned_be16(oip->sa, arr + offset + 2);
2423 if (rctd)
2424 arr[offset + 5] |= 0x2;
2425 if (FF_SA & oip->flags)
2426 arr[offset + 5] |= 0x1;
2427 put_unaligned_be16(oip->len_mask[0],
2428 arr + offset + 6);
2429 if (rctd)
2430 put_unaligned_be16(0xa,
2431 arr + offset + 8);
2432 }
2433 oip = r_oip;
2434 offset += bump;
2435 }
2436 break;
2437 case 1: /* one command: opcode only */
2438 case 2: /* one command: opcode plus service action */
2439 case 3: /* one command: if sa==0 then opcode only else opcode+sa */
2440 sdeb_i = opcode_ind_arr[req_opcode];
2441 oip = &opcode_info_arr[sdeb_i];
2442 if (F_INV_OP & oip->flags) {
2443 supp = 1;
2444 offset = 4;
2445 } else {
2446 if (1 == reporting_opts) {
2447 if (FF_SA & oip->flags) {
2448 mk_sense_invalid_fld(scp, SDEB_IN_CDB,
2449 2, 2);
2450 kfree(arr);
2451 return check_condition_result;
2452 }
2453 req_sa = 0;
2454 } else if (2 == reporting_opts &&
2455 0 == (FF_SA & oip->flags)) {
2456 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 4, -1);
2457 kfree(arr); /* point at requested sa */
2458 return check_condition_result;
2459 }
2460 if (0 == (FF_SA & oip->flags) &&
2461 req_opcode == oip->opcode)
2462 supp = 3;
2463 else if (0 == (FF_SA & oip->flags)) {
2464 na = oip->num_attached;
2465 for (k = 0, oip = oip->arrp; k < na;
2466 ++k, ++oip) {
2467 if (req_opcode == oip->opcode)
2468 break;
2469 }
2470 supp = (k >= na) ? 1 : 3;
2471 } else if (req_sa != oip->sa) {
2472 na = oip->num_attached;
2473 for (k = 0, oip = oip->arrp; k < na;
2474 ++k, ++oip) {
2475 if (req_sa == oip->sa)
2476 break;
2477 }
2478 supp = (k >= na) ? 1 : 3;
2479 } else
2480 supp = 3;
2481 if (3 == supp) {
2482 u = oip->len_mask[0];
2483 put_unaligned_be16(u, arr + 2);
2484 arr[4] = oip->opcode;
2485 for (k = 1; k < u; ++k)
2486 arr[4 + k] = (k < 16) ?
2487 oip->len_mask[k] : 0xff;
2488 offset = 4 + u;
2489 } else
2490 offset = 4;
2491 }
2492 arr[1] = (rctd ? 0x80 : 0) | supp;
2493 if (rctd) {
2494 put_unaligned_be16(0xa, arr + offset);
2495 offset += 12;
2496 }
2497 break;
2498 default:
2499 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 2, 2);
2500 kfree(arr);
2501 return check_condition_result;
2502 }
2503 offset = (offset < a_len) ? offset : a_len;
2504 len = (offset < alloc_len) ? offset : alloc_len;
2505 errsts = fill_from_dev_buffer(scp, arr, len);
2506 kfree(arr);
2507 return errsts;
2508}
2509
2510static int resp_rsup_tmfs(struct scsi_cmnd *scp,
2511 struct sdebug_dev_info *devip)
2512{
2513 bool repd;
2514 u32 alloc_len, len;
2515 u8 arr[16];
2516 u8 *cmd = scp->cmnd;
2517
2518 memset(arr, 0, sizeof(arr));
2519 repd = !!(cmd[2] & 0x80);
2520 alloc_len = get_unaligned_be32(cmd + 6);
2521 if (alloc_len < 4) {
2522 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 6, -1);
2523 return check_condition_result;
2524 }
2525 arr[0] = 0xc8; /* ATS | ATSS | LURS */
2526 arr[1] = 0x1; /* ITNRS */
2527 if (repd) {
2528 arr[3] = 0xc;
2529 len = 16;
2530 } else
2531 len = 4;
2532
2533 len = (len < alloc_len) ? len : alloc_len;
2534 return fill_from_dev_buffer(scp, arr, len);
2535}
2536
2537/* <<Following mode page info copied from ST318451LW>> */
2538
2539static int resp_err_recov_pg(unsigned char *p, int pcontrol, int target)
2540{ /* Read-Write Error Recovery page for mode_sense */
2541 unsigned char err_recov_pg[] = {0x1, 0xa, 0xc0, 11, 240, 0, 0, 0,
2542 5, 0, 0xff, 0xff};
2543
2544 memcpy(p, err_recov_pg, sizeof(err_recov_pg));
2545 if (1 == pcontrol)
2546 memset(p + 2, 0, sizeof(err_recov_pg) - 2);
2547 return sizeof(err_recov_pg);
2548}
2549
2550static int resp_disconnect_pg(unsigned char *p, int pcontrol, int target)
2551{ /* Disconnect-Reconnect page for mode_sense */
2552 unsigned char disconnect_pg[] = {0x2, 0xe, 128, 128, 0, 10, 0, 0,
2553 0, 0, 0, 0, 0, 0, 0, 0};
2554
2555 memcpy(p, disconnect_pg, sizeof(disconnect_pg));
2556 if (1 == pcontrol)
2557 memset(p + 2, 0, sizeof(disconnect_pg) - 2);
2558 return sizeof(disconnect_pg);
2559}
2560
2561static int resp_format_pg(unsigned char *p, int pcontrol, int target)
2562{ /* Format device page for mode_sense */
2563 unsigned char format_pg[] = {0x3, 0x16, 0, 0, 0, 0, 0, 0,
2564 0, 0, 0, 0, 0, 0, 0, 0,
2565 0, 0, 0, 0, 0x40, 0, 0, 0};
2566
2567 memcpy(p, format_pg, sizeof(format_pg));
2568 put_unaligned_be16(sdebug_sectors_per, p + 10);
2569 put_unaligned_be16(sdebug_sector_size, p + 12);
2570 if (sdebug_removable)
2571 p[20] |= 0x20; /* should agree with INQUIRY */
2572 if (1 == pcontrol)
2573 memset(p + 2, 0, sizeof(format_pg) - 2);
2574 return sizeof(format_pg);
2575}
2576
2577static unsigned char caching_pg[] = {0x8, 18, 0x14, 0, 0xff, 0xff, 0, 0,
2578 0xff, 0xff, 0xff, 0xff, 0x80, 0x14, 0, 0,
2579 0, 0, 0, 0};
2580
2581static int resp_caching_pg(unsigned char *p, int pcontrol, int target)
2582{ /* Caching page for mode_sense */
2583 unsigned char ch_caching_pg[] = {/* 0x8, 18, */ 0x4, 0, 0, 0, 0, 0,
2584 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0};
2585 unsigned char d_caching_pg[] = {0x8, 18, 0x14, 0, 0xff, 0xff, 0, 0,
2586 0xff, 0xff, 0xff, 0xff, 0x80, 0x14, 0, 0, 0, 0, 0, 0};
2587
2588 if (SDEBUG_OPT_N_WCE & sdebug_opts)
2589 caching_pg[2] &= ~0x4; /* set WCE=0 (default WCE=1) */
2590 memcpy(p, caching_pg, sizeof(caching_pg));
2591 if (1 == pcontrol)
2592 memcpy(p + 2, ch_caching_pg, sizeof(ch_caching_pg));
2593 else if (2 == pcontrol)
2594 memcpy(p, d_caching_pg, sizeof(d_caching_pg));
2595 return sizeof(caching_pg);
2596}
2597
2598static unsigned char ctrl_m_pg[] = {0xa, 10, 2, 0, 0, 0, 0, 0,
2599 0, 0, 0x2, 0x4b};
2600
2601static int resp_ctrl_m_pg(unsigned char *p, int pcontrol, int target)
2602{ /* Control mode page for mode_sense */
2603 unsigned char ch_ctrl_m_pg[] = {/* 0xa, 10, */ 0x6, 0, 0, 0, 0, 0,
2604 0, 0, 0, 0};
2605 unsigned char d_ctrl_m_pg[] = {0xa, 10, 2, 0, 0, 0, 0, 0,
2606 0, 0, 0x2, 0x4b};
2607
2608 if (sdebug_dsense)
2609 ctrl_m_pg[2] |= 0x4;
2610 else
2611 ctrl_m_pg[2] &= ~0x4;
2612
2613 if (sdebug_ato)
2614 ctrl_m_pg[5] |= 0x80; /* ATO=1 */
2615
2616 memcpy(p, ctrl_m_pg, sizeof(ctrl_m_pg));
2617 if (1 == pcontrol)
2618 memcpy(p + 2, ch_ctrl_m_pg, sizeof(ch_ctrl_m_pg));
2619 else if (2 == pcontrol)
2620 memcpy(p, d_ctrl_m_pg, sizeof(d_ctrl_m_pg));
2621 return sizeof(ctrl_m_pg);
2622}
2623
2624/* IO Advice Hints Grouping mode page */
2625static int resp_grouping_m_pg(unsigned char *p, int pcontrol, int target)
2626{
2627 /* IO Advice Hints Grouping mode page */
2628 struct grouping_m_pg {
2629 u8 page_code; /* OR 0x40 when subpage_code > 0 */
2630 u8 subpage_code;
2631 __be16 page_length;
2632 u8 reserved[12];
2633 struct scsi_io_group_descriptor descr[MAXIMUM_NUMBER_OF_STREAMS];
2634 };
2635 static const struct grouping_m_pg gr_m_pg = {
2636 .page_code = 0xa | 0x40,
2637 .subpage_code = 5,
2638 .page_length = cpu_to_be16(sizeof(gr_m_pg) - 4),
2639 .descr = {
2640 { .st_enble = 1 },
2641 { .st_enble = 1 },
2642 { .st_enble = 1 },
2643 { .st_enble = 1 },
2644 { .st_enble = 1 },
2645 { .st_enble = 0 },
2646 }
2647 };
2648
2649 BUILD_BUG_ON(sizeof(struct grouping_m_pg) !=
2650 16 + MAXIMUM_NUMBER_OF_STREAMS * 16);
2651 memcpy(p, &gr_m_pg, sizeof(gr_m_pg));
2652 if (1 == pcontrol) {
2653 /* There are no changeable values so clear from byte 4 on. */
2654 memset(p + 4, 0, sizeof(gr_m_pg) - 4);
2655 }
2656 return sizeof(gr_m_pg);
2657}
2658
2659static int resp_iec_m_pg(unsigned char *p, int pcontrol, int target)
2660{ /* Informational Exceptions control mode page for mode_sense */
2661 unsigned char ch_iec_m_pg[] = {/* 0x1c, 0xa, */ 0x4, 0xf, 0, 0, 0, 0,
2662 0, 0, 0x0, 0x0};
2663 unsigned char d_iec_m_pg[] = {0x1c, 0xa, 0x08, 0, 0, 0, 0, 0,
2664 0, 0, 0x0, 0x0};
2665
2666 memcpy(p, iec_m_pg, sizeof(iec_m_pg));
2667 if (1 == pcontrol)
2668 memcpy(p + 2, ch_iec_m_pg, sizeof(ch_iec_m_pg));
2669 else if (2 == pcontrol)
2670 memcpy(p, d_iec_m_pg, sizeof(d_iec_m_pg));
2671 return sizeof(iec_m_pg);
2672}
2673
2674static int resp_sas_sf_m_pg(unsigned char *p, int pcontrol, int target)
2675{ /* SAS SSP mode page - short format for mode_sense */
2676 unsigned char sas_sf_m_pg[] = {0x19, 0x6,
2677 0x6, 0x0, 0x7, 0xd0, 0x0, 0x0};
2678
2679 memcpy(p, sas_sf_m_pg, sizeof(sas_sf_m_pg));
2680 if (1 == pcontrol)
2681 memset(p + 2, 0, sizeof(sas_sf_m_pg) - 2);
2682 return sizeof(sas_sf_m_pg);
2683}
2684
2685
2686static int resp_sas_pcd_m_spg(unsigned char *p, int pcontrol, int target,
2687 int target_dev_id)
2688{ /* SAS phy control and discover mode page for mode_sense */
2689 unsigned char sas_pcd_m_pg[] = {0x59, 0x1, 0, 0x64, 0, 0x6, 0, 2,
2690 0, 0, 0, 0, 0x10, 0x9, 0x8, 0x0,
2691 0, 0, 0, 0, 0, 0, 0, 0, /* insert SAS addr */
2692 0, 0, 0, 0, 0, 0, 0, 0, /* insert SAS addr */
2693 0x2, 0, 0, 0, 0, 0, 0, 0,
2694 0x88, 0x99, 0, 0, 0, 0, 0, 0,
2695 0, 0, 0, 0, 0, 0, 0, 0,
2696 0, 1, 0, 0, 0x10, 0x9, 0x8, 0x0,
2697 0, 0, 0, 0, 0, 0, 0, 0, /* insert SAS addr */
2698 0, 0, 0, 0, 0, 0, 0, 0, /* insert SAS addr */
2699 0x3, 0, 0, 0, 0, 0, 0, 0,
2700 0x88, 0x99, 0, 0, 0, 0, 0, 0,
2701 0, 0, 0, 0, 0, 0, 0, 0,
2702 };
2703 int port_a, port_b;
2704
2705 put_unaligned_be64(naa3_comp_a, sas_pcd_m_pg + 16);
2706 put_unaligned_be64(naa3_comp_c + 1, sas_pcd_m_pg + 24);
2707 put_unaligned_be64(naa3_comp_a, sas_pcd_m_pg + 64);
2708 put_unaligned_be64(naa3_comp_c + 1, sas_pcd_m_pg + 72);
2709 port_a = target_dev_id + 1;
2710 port_b = port_a + 1;
2711 memcpy(p, sas_pcd_m_pg, sizeof(sas_pcd_m_pg));
2712 put_unaligned_be32(port_a, p + 20);
2713 put_unaligned_be32(port_b, p + 48 + 20);
2714 if (1 == pcontrol)
2715 memset(p + 4, 0, sizeof(sas_pcd_m_pg) - 4);
2716 return sizeof(sas_pcd_m_pg);
2717}
2718
2719static int resp_sas_sha_m_spg(unsigned char *p, int pcontrol)
2720{ /* SAS SSP shared protocol specific port mode subpage */
2721 unsigned char sas_sha_m_pg[] = {0x59, 0x2, 0, 0xc, 0, 0x6, 0x10, 0,
2722 0, 0, 0, 0, 0, 0, 0, 0,
2723 };
2724
2725 memcpy(p, sas_sha_m_pg, sizeof(sas_sha_m_pg));
2726 if (1 == pcontrol)
2727 memset(p + 4, 0, sizeof(sas_sha_m_pg) - 4);
2728 return sizeof(sas_sha_m_pg);
2729}
2730
2731/* PAGE_SIZE is more than necessary but provides room for future expansion. */
2732#define SDEBUG_MAX_MSENSE_SZ PAGE_SIZE
2733
2734static int resp_mode_sense(struct scsi_cmnd *scp,
2735 struct sdebug_dev_info *devip)
2736{
2737 int pcontrol, pcode, subpcode, bd_len;
2738 unsigned char dev_spec;
2739 u32 alloc_len, offset, len;
2740 int target_dev_id;
2741 int target = scp->device->id;
2742 unsigned char *ap;
2743 unsigned char *arr __free(kfree);
2744 unsigned char *cmd = scp->cmnd;
2745 bool dbd, llbaa, msense_6, is_disk, is_zbc;
2746
2747 arr = kzalloc(SDEBUG_MAX_MSENSE_SZ, GFP_ATOMIC);
2748 if (!arr)
2749 return -ENOMEM;
2750 dbd = !!(cmd[1] & 0x8); /* disable block descriptors */
2751 pcontrol = (cmd[2] & 0xc0) >> 6;
2752 pcode = cmd[2] & 0x3f;
2753 subpcode = cmd[3];
2754 msense_6 = (MODE_SENSE == cmd[0]);
2755 llbaa = msense_6 ? false : !!(cmd[1] & 0x10);
2756 is_disk = (sdebug_ptype == TYPE_DISK);
2757 is_zbc = devip->zoned;
2758 if ((is_disk || is_zbc) && !dbd)
2759 bd_len = llbaa ? 16 : 8;
2760 else
2761 bd_len = 0;
2762 alloc_len = msense_6 ? cmd[4] : get_unaligned_be16(cmd + 7);
2763 if (0x3 == pcontrol) { /* Saving values not supported */
2764 mk_sense_buffer(scp, ILLEGAL_REQUEST, SAVING_PARAMS_UNSUP, 0);
2765 return check_condition_result;
2766 }
2767 target_dev_id = ((devip->sdbg_host->shost->host_no + 1) * 2000) +
2768 (devip->target * 1000) - 3;
2769 /* for disks+zbc set DPOFUA bit and clear write protect (WP) bit */
2770 if (is_disk || is_zbc) {
2771 dev_spec = 0x10; /* =0x90 if WP=1 implies read-only */
2772 if (sdebug_wp)
2773 dev_spec |= 0x80;
2774 } else
2775 dev_spec = 0x0;
2776 if (msense_6) {
2777 arr[2] = dev_spec;
2778 arr[3] = bd_len;
2779 offset = 4;
2780 } else {
2781 arr[3] = dev_spec;
2782 if (16 == bd_len)
2783 arr[4] = 0x1; /* set LONGLBA bit */
2784 arr[7] = bd_len; /* assume 255 or less */
2785 offset = 8;
2786 }
2787 ap = arr + offset;
2788 if ((bd_len > 0) && (!sdebug_capacity))
2789 sdebug_capacity = get_sdebug_capacity();
2790
2791 if (8 == bd_len) {
2792 if (sdebug_capacity > 0xfffffffe)
2793 put_unaligned_be32(0xffffffff, ap + 0);
2794 else
2795 put_unaligned_be32(sdebug_capacity, ap + 0);
2796 put_unaligned_be16(sdebug_sector_size, ap + 6);
2797 offset += bd_len;
2798 ap = arr + offset;
2799 } else if (16 == bd_len) {
2800 put_unaligned_be64((u64)sdebug_capacity, ap + 0);
2801 put_unaligned_be32(sdebug_sector_size, ap + 12);
2802 offset += bd_len;
2803 ap = arr + offset;
2804 }
2805
2806 /*
2807 * N.B. If len>0 before resp_*_pg() call, then form of that call should be:
2808 * len += resp_*_pg(ap + len, pcontrol, target);
2809 */
2810 switch (pcode) {
2811 case 0x1: /* Read-Write error recovery page, direct access */
2812 if (subpcode > 0x0 && subpcode < 0xff)
2813 goto bad_subpcode;
2814 len = resp_err_recov_pg(ap, pcontrol, target);
2815 offset += len;
2816 break;
2817 case 0x2: /* Disconnect-Reconnect page, all devices */
2818 if (subpcode > 0x0 && subpcode < 0xff)
2819 goto bad_subpcode;
2820 len = resp_disconnect_pg(ap, pcontrol, target);
2821 offset += len;
2822 break;
2823 case 0x3: /* Format device page, direct access */
2824 if (subpcode > 0x0 && subpcode < 0xff)
2825 goto bad_subpcode;
2826 if (is_disk) {
2827 len = resp_format_pg(ap, pcontrol, target);
2828 offset += len;
2829 } else {
2830 goto bad_pcode;
2831 }
2832 break;
2833 case 0x8: /* Caching page, direct access */
2834 if (subpcode > 0x0 && subpcode < 0xff)
2835 goto bad_subpcode;
2836 if (is_disk || is_zbc) {
2837 len = resp_caching_pg(ap, pcontrol, target);
2838 offset += len;
2839 } else {
2840 goto bad_pcode;
2841 }
2842 break;
2843 case 0xa: /* Control Mode page, all devices */
2844 switch (subpcode) {
2845 case 0:
2846 len = resp_ctrl_m_pg(ap, pcontrol, target);
2847 break;
2848 case 0x05:
2849 len = resp_grouping_m_pg(ap, pcontrol, target);
2850 break;
2851 case 0xff:
2852 len = resp_ctrl_m_pg(ap, pcontrol, target);
2853 len += resp_grouping_m_pg(ap + len, pcontrol, target);
2854 break;
2855 default:
2856 goto bad_subpcode;
2857 }
2858 offset += len;
2859 break;
2860 case 0x19: /* if spc==1 then sas phy, control+discover */
2861 if (subpcode > 0x2 && subpcode < 0xff)
2862 goto bad_subpcode;
2863 len = 0;
2864 if ((0x0 == subpcode) || (0xff == subpcode))
2865 len += resp_sas_sf_m_pg(ap + len, pcontrol, target);
2866 if ((0x1 == subpcode) || (0xff == subpcode))
2867 len += resp_sas_pcd_m_spg(ap + len, pcontrol, target,
2868 target_dev_id);
2869 if ((0x2 == subpcode) || (0xff == subpcode))
2870 len += resp_sas_sha_m_spg(ap + len, pcontrol);
2871 offset += len;
2872 break;
2873 case 0x1c: /* Informational Exceptions Mode page, all devices */
2874 if (subpcode > 0x0 && subpcode < 0xff)
2875 goto bad_subpcode;
2876 len = resp_iec_m_pg(ap, pcontrol, target);
2877 offset += len;
2878 break;
2879 case 0x3f: /* Read all Mode pages */
2880 if (subpcode > 0x0 && subpcode < 0xff)
2881 goto bad_subpcode;
2882 len = resp_err_recov_pg(ap, pcontrol, target);
2883 len += resp_disconnect_pg(ap + len, pcontrol, target);
2884 if (is_disk) {
2885 len += resp_format_pg(ap + len, pcontrol, target);
2886 len += resp_caching_pg(ap + len, pcontrol, target);
2887 } else if (is_zbc) {
2888 len += resp_caching_pg(ap + len, pcontrol, target);
2889 }
2890 len += resp_ctrl_m_pg(ap + len, pcontrol, target);
2891 if (0xff == subpcode)
2892 len += resp_grouping_m_pg(ap + len, pcontrol, target);
2893 len += resp_sas_sf_m_pg(ap + len, pcontrol, target);
2894 if (0xff == subpcode) {
2895 len += resp_sas_pcd_m_spg(ap + len, pcontrol, target,
2896 target_dev_id);
2897 len += resp_sas_sha_m_spg(ap + len, pcontrol);
2898 }
2899 len += resp_iec_m_pg(ap + len, pcontrol, target);
2900 offset += len;
2901 break;
2902 default:
2903 goto bad_pcode;
2904 }
2905 if (msense_6)
2906 arr[0] = offset - 1;
2907 else
2908 put_unaligned_be16((offset - 2), arr + 0);
2909 return fill_from_dev_buffer(scp, arr, min_t(u32, alloc_len, offset));
2910
2911bad_pcode:
2912 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 2, 5);
2913 return check_condition_result;
2914
2915bad_subpcode:
2916 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 3, -1);
2917 return check_condition_result;
2918}
2919
2920#define SDEBUG_MAX_MSELECT_SZ 512
2921
2922static int resp_mode_select(struct scsi_cmnd *scp,
2923 struct sdebug_dev_info *devip)
2924{
2925 int pf, sp, ps, md_len, bd_len, off, spf, pg_len;
2926 int param_len, res, mpage;
2927 unsigned char arr[SDEBUG_MAX_MSELECT_SZ];
2928 unsigned char *cmd = scp->cmnd;
2929 int mselect6 = (MODE_SELECT == cmd[0]);
2930
2931 memset(arr, 0, sizeof(arr));
2932 pf = cmd[1] & 0x10;
2933 sp = cmd[1] & 0x1;
2934 param_len = mselect6 ? cmd[4] : get_unaligned_be16(cmd + 7);
2935 if ((0 == pf) || sp || (param_len > SDEBUG_MAX_MSELECT_SZ)) {
2936 mk_sense_invalid_fld(scp, SDEB_IN_CDB, mselect6 ? 4 : 7, -1);
2937 return check_condition_result;
2938 }
2939 res = fetch_to_dev_buffer(scp, arr, param_len);
2940 if (-1 == res)
2941 return DID_ERROR << 16;
2942 else if (sdebug_verbose && (res < param_len))
2943 sdev_printk(KERN_INFO, scp->device,
2944 "%s: cdb indicated=%d, IO sent=%d bytes\n",
2945 __func__, param_len, res);
2946 md_len = mselect6 ? (arr[0] + 1) : (get_unaligned_be16(arr + 0) + 2);
2947 bd_len = mselect6 ? arr[3] : get_unaligned_be16(arr + 6);
2948 off = bd_len + (mselect6 ? 4 : 8);
2949 if (md_len > 2 || off >= res) {
2950 mk_sense_invalid_fld(scp, SDEB_IN_DATA, 0, -1);
2951 return check_condition_result;
2952 }
2953 mpage = arr[off] & 0x3f;
2954 ps = !!(arr[off] & 0x80);
2955 if (ps) {
2956 mk_sense_invalid_fld(scp, SDEB_IN_DATA, off, 7);
2957 return check_condition_result;
2958 }
2959 spf = !!(arr[off] & 0x40);
2960 pg_len = spf ? (get_unaligned_be16(arr + off + 2) + 4) :
2961 (arr[off + 1] + 2);
2962 if ((pg_len + off) > param_len) {
2963 mk_sense_buffer(scp, ILLEGAL_REQUEST,
2964 PARAMETER_LIST_LENGTH_ERR, 0);
2965 return check_condition_result;
2966 }
2967 switch (mpage) {
2968 case 0x8: /* Caching Mode page */
2969 if (caching_pg[1] == arr[off + 1]) {
2970 memcpy(caching_pg + 2, arr + off + 2,
2971 sizeof(caching_pg) - 2);
2972 goto set_mode_changed_ua;
2973 }
2974 break;
2975 case 0xa: /* Control Mode page */
2976 if (ctrl_m_pg[1] == arr[off + 1]) {
2977 memcpy(ctrl_m_pg + 2, arr + off + 2,
2978 sizeof(ctrl_m_pg) - 2);
2979 if (ctrl_m_pg[4] & 0x8)
2980 sdebug_wp = true;
2981 else
2982 sdebug_wp = false;
2983 sdebug_dsense = !!(ctrl_m_pg[2] & 0x4);
2984 goto set_mode_changed_ua;
2985 }
2986 break;
2987 case 0x1c: /* Informational Exceptions Mode page */
2988 if (iec_m_pg[1] == arr[off + 1]) {
2989 memcpy(iec_m_pg + 2, arr + off + 2,
2990 sizeof(iec_m_pg) - 2);
2991 goto set_mode_changed_ua;
2992 }
2993 break;
2994 default:
2995 break;
2996 }
2997 mk_sense_invalid_fld(scp, SDEB_IN_DATA, off, 5);
2998 return check_condition_result;
2999set_mode_changed_ua:
3000 set_bit(SDEBUG_UA_MODE_CHANGED, devip->uas_bm);
3001 return 0;
3002}
3003
3004static int resp_temp_l_pg(unsigned char *arr)
3005{
3006 unsigned char temp_l_pg[] = {0x0, 0x0, 0x3, 0x2, 0x0, 38,
3007 0x0, 0x1, 0x3, 0x2, 0x0, 65,
3008 };
3009
3010 memcpy(arr, temp_l_pg, sizeof(temp_l_pg));
3011 return sizeof(temp_l_pg);
3012}
3013
3014static int resp_ie_l_pg(unsigned char *arr)
3015{
3016 unsigned char ie_l_pg[] = {0x0, 0x0, 0x3, 0x3, 0x0, 0x0, 38,
3017 };
3018
3019 memcpy(arr, ie_l_pg, sizeof(ie_l_pg));
3020 if (iec_m_pg[2] & 0x4) { /* TEST bit set */
3021 arr[4] = THRESHOLD_EXCEEDED;
3022 arr[5] = 0xff;
3023 }
3024 return sizeof(ie_l_pg);
3025}
3026
3027static int resp_env_rep_l_spg(unsigned char *arr)
3028{
3029 unsigned char env_rep_l_spg[] = {0x0, 0x0, 0x23, 0x8,
3030 0x0, 40, 72, 0xff, 45, 18, 0, 0,
3031 0x1, 0x0, 0x23, 0x8,
3032 0x0, 55, 72, 35, 55, 45, 0, 0,
3033 };
3034
3035 memcpy(arr, env_rep_l_spg, sizeof(env_rep_l_spg));
3036 return sizeof(env_rep_l_spg);
3037}
3038
3039#define SDEBUG_MAX_LSENSE_SZ 512
3040
3041static int resp_log_sense(struct scsi_cmnd *scp,
3042 struct sdebug_dev_info *devip)
3043{
3044 int ppc, sp, pcode, subpcode;
3045 u32 alloc_len, len, n;
3046 unsigned char arr[SDEBUG_MAX_LSENSE_SZ];
3047 unsigned char *cmd = scp->cmnd;
3048
3049 memset(arr, 0, sizeof(arr));
3050 ppc = cmd[1] & 0x2;
3051 sp = cmd[1] & 0x1;
3052 if (ppc || sp) {
3053 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 1, ppc ? 1 : 0);
3054 return check_condition_result;
3055 }
3056 pcode = cmd[2] & 0x3f;
3057 subpcode = cmd[3] & 0xff;
3058 alloc_len = get_unaligned_be16(cmd + 7);
3059 arr[0] = pcode;
3060 if (0 == subpcode) {
3061 switch (pcode) {
3062 case 0x0: /* Supported log pages log page */
3063 n = 4;
3064 arr[n++] = 0x0; /* this page */
3065 arr[n++] = 0xd; /* Temperature */
3066 arr[n++] = 0x2f; /* Informational exceptions */
3067 arr[3] = n - 4;
3068 break;
3069 case 0xd: /* Temperature log page */
3070 arr[3] = resp_temp_l_pg(arr + 4);
3071 break;
3072 case 0x2f: /* Informational exceptions log page */
3073 arr[3] = resp_ie_l_pg(arr + 4);
3074 break;
3075 default:
3076 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 2, 5);
3077 return check_condition_result;
3078 }
3079 } else if (0xff == subpcode) {
3080 arr[0] |= 0x40;
3081 arr[1] = subpcode;
3082 switch (pcode) {
3083 case 0x0: /* Supported log pages and subpages log page */
3084 n = 4;
3085 arr[n++] = 0x0;
3086 arr[n++] = 0x0; /* 0,0 page */
3087 arr[n++] = 0x0;
3088 arr[n++] = 0xff; /* this page */
3089 arr[n++] = 0xd;
3090 arr[n++] = 0x0; /* Temperature */
3091 arr[n++] = 0xd;
3092 arr[n++] = 0x1; /* Environment reporting */
3093 arr[n++] = 0xd;
3094 arr[n++] = 0xff; /* all 0xd subpages */
3095 arr[n++] = 0x2f;
3096 arr[n++] = 0x0; /* Informational exceptions */
3097 arr[n++] = 0x2f;
3098 arr[n++] = 0xff; /* all 0x2f subpages */
3099 arr[3] = n - 4;
3100 break;
3101 case 0xd: /* Temperature subpages */
3102 n = 4;
3103 arr[n++] = 0xd;
3104 arr[n++] = 0x0; /* Temperature */
3105 arr[n++] = 0xd;
3106 arr[n++] = 0x1; /* Environment reporting */
3107 arr[n++] = 0xd;
3108 arr[n++] = 0xff; /* these subpages */
3109 arr[3] = n - 4;
3110 break;
3111 case 0x2f: /* Informational exceptions subpages */
3112 n = 4;
3113 arr[n++] = 0x2f;
3114 arr[n++] = 0x0; /* Informational exceptions */
3115 arr[n++] = 0x2f;
3116 arr[n++] = 0xff; /* these subpages */
3117 arr[3] = n - 4;
3118 break;
3119 default:
3120 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 2, 5);
3121 return check_condition_result;
3122 }
3123 } else if (subpcode > 0) {
3124 arr[0] |= 0x40;
3125 arr[1] = subpcode;
3126 if (pcode == 0xd && subpcode == 1)
3127 arr[3] = resp_env_rep_l_spg(arr + 4);
3128 else {
3129 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 2, 5);
3130 return check_condition_result;
3131 }
3132 } else {
3133 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 3, -1);
3134 return check_condition_result;
3135 }
3136 len = min_t(u32, get_unaligned_be16(arr + 2) + 4, alloc_len);
3137 return fill_from_dev_buffer(scp, arr,
3138 min_t(u32, len, SDEBUG_MAX_INQ_ARR_SZ));
3139}
3140
3141static inline bool sdebug_dev_is_zoned(struct sdebug_dev_info *devip)
3142{
3143 return devip->nr_zones != 0;
3144}
3145
3146static struct sdeb_zone_state *zbc_zone(struct sdebug_dev_info *devip,
3147 unsigned long long lba)
3148{
3149 u32 zno = lba >> devip->zsize_shift;
3150 struct sdeb_zone_state *zsp;
3151
3152 if (devip->zcap == devip->zsize || zno < devip->nr_conv_zones)
3153 return &devip->zstate[zno];
3154
3155 /*
3156 * If the zone capacity is less than the zone size, adjust for gap
3157 * zones.
3158 */
3159 zno = 2 * zno - devip->nr_conv_zones;
3160 WARN_ONCE(zno >= devip->nr_zones, "%u > %u\n", zno, devip->nr_zones);
3161 zsp = &devip->zstate[zno];
3162 if (lba >= zsp->z_start + zsp->z_size)
3163 zsp++;
3164 WARN_ON_ONCE(lba >= zsp->z_start + zsp->z_size);
3165 return zsp;
3166}
3167
3168static inline bool zbc_zone_is_conv(struct sdeb_zone_state *zsp)
3169{
3170 return zsp->z_type == ZBC_ZTYPE_CNV;
3171}
3172
3173static inline bool zbc_zone_is_gap(struct sdeb_zone_state *zsp)
3174{
3175 return zsp->z_type == ZBC_ZTYPE_GAP;
3176}
3177
3178static inline bool zbc_zone_is_seq(struct sdeb_zone_state *zsp)
3179{
3180 return !zbc_zone_is_conv(zsp) && !zbc_zone_is_gap(zsp);
3181}
3182
3183static void zbc_close_zone(struct sdebug_dev_info *devip,
3184 struct sdeb_zone_state *zsp)
3185{
3186 enum sdebug_z_cond zc;
3187
3188 if (!zbc_zone_is_seq(zsp))
3189 return;
3190
3191 zc = zsp->z_cond;
3192 if (!(zc == ZC2_IMPLICIT_OPEN || zc == ZC3_EXPLICIT_OPEN))
3193 return;
3194
3195 if (zc == ZC2_IMPLICIT_OPEN)
3196 devip->nr_imp_open--;
3197 else
3198 devip->nr_exp_open--;
3199
3200 if (zsp->z_wp == zsp->z_start) {
3201 zsp->z_cond = ZC1_EMPTY;
3202 } else {
3203 zsp->z_cond = ZC4_CLOSED;
3204 devip->nr_closed++;
3205 }
3206}
3207
3208static void zbc_close_imp_open_zone(struct sdebug_dev_info *devip)
3209{
3210 struct sdeb_zone_state *zsp = &devip->zstate[0];
3211 unsigned int i;
3212
3213 for (i = 0; i < devip->nr_zones; i++, zsp++) {
3214 if (zsp->z_cond == ZC2_IMPLICIT_OPEN) {
3215 zbc_close_zone(devip, zsp);
3216 return;
3217 }
3218 }
3219}
3220
3221static void zbc_open_zone(struct sdebug_dev_info *devip,
3222 struct sdeb_zone_state *zsp, bool explicit)
3223{
3224 enum sdebug_z_cond zc;
3225
3226 if (!zbc_zone_is_seq(zsp))
3227 return;
3228
3229 zc = zsp->z_cond;
3230 if ((explicit && zc == ZC3_EXPLICIT_OPEN) ||
3231 (!explicit && zc == ZC2_IMPLICIT_OPEN))
3232 return;
3233
3234 /* Close an implicit open zone if necessary */
3235 if (explicit && zsp->z_cond == ZC2_IMPLICIT_OPEN)
3236 zbc_close_zone(devip, zsp);
3237 else if (devip->max_open &&
3238 devip->nr_imp_open + devip->nr_exp_open >= devip->max_open)
3239 zbc_close_imp_open_zone(devip);
3240
3241 if (zsp->z_cond == ZC4_CLOSED)
3242 devip->nr_closed--;
3243 if (explicit) {
3244 zsp->z_cond = ZC3_EXPLICIT_OPEN;
3245 devip->nr_exp_open++;
3246 } else {
3247 zsp->z_cond = ZC2_IMPLICIT_OPEN;
3248 devip->nr_imp_open++;
3249 }
3250}
3251
3252static inline void zbc_set_zone_full(struct sdebug_dev_info *devip,
3253 struct sdeb_zone_state *zsp)
3254{
3255 switch (zsp->z_cond) {
3256 case ZC2_IMPLICIT_OPEN:
3257 devip->nr_imp_open--;
3258 break;
3259 case ZC3_EXPLICIT_OPEN:
3260 devip->nr_exp_open--;
3261 break;
3262 default:
3263 WARN_ONCE(true, "Invalid zone %llu condition %x\n",
3264 zsp->z_start, zsp->z_cond);
3265 break;
3266 }
3267 zsp->z_cond = ZC5_FULL;
3268}
3269
3270static void zbc_inc_wp(struct sdebug_dev_info *devip,
3271 unsigned long long lba, unsigned int num)
3272{
3273 struct sdeb_zone_state *zsp = zbc_zone(devip, lba);
3274 unsigned long long n, end, zend = zsp->z_start + zsp->z_size;
3275
3276 if (!zbc_zone_is_seq(zsp))
3277 return;
3278
3279 if (zsp->z_type == ZBC_ZTYPE_SWR) {
3280 zsp->z_wp += num;
3281 if (zsp->z_wp >= zend)
3282 zbc_set_zone_full(devip, zsp);
3283 return;
3284 }
3285
3286 while (num) {
3287 if (lba != zsp->z_wp)
3288 zsp->z_non_seq_resource = true;
3289
3290 end = lba + num;
3291 if (end >= zend) {
3292 n = zend - lba;
3293 zsp->z_wp = zend;
3294 } else if (end > zsp->z_wp) {
3295 n = num;
3296 zsp->z_wp = end;
3297 } else {
3298 n = num;
3299 }
3300 if (zsp->z_wp >= zend)
3301 zbc_set_zone_full(devip, zsp);
3302
3303 num -= n;
3304 lba += n;
3305 if (num) {
3306 zsp++;
3307 zend = zsp->z_start + zsp->z_size;
3308 }
3309 }
3310}
3311
3312static int check_zbc_access_params(struct scsi_cmnd *scp,
3313 unsigned long long lba, unsigned int num, bool write)
3314{
3315 struct scsi_device *sdp = scp->device;
3316 struct sdebug_dev_info *devip = (struct sdebug_dev_info *)sdp->hostdata;
3317 struct sdeb_zone_state *zsp = zbc_zone(devip, lba);
3318 struct sdeb_zone_state *zsp_end = zbc_zone(devip, lba + num - 1);
3319
3320 if (!write) {
3321 /* For host-managed, reads cannot cross zone types boundaries */
3322 if (zsp->z_type != zsp_end->z_type) {
3323 mk_sense_buffer(scp, ILLEGAL_REQUEST,
3324 LBA_OUT_OF_RANGE,
3325 READ_INVDATA_ASCQ);
3326 return check_condition_result;
3327 }
3328 return 0;
3329 }
3330
3331 /* Writing into a gap zone is not allowed */
3332 if (zbc_zone_is_gap(zsp)) {
3333 mk_sense_buffer(scp, ILLEGAL_REQUEST, LBA_OUT_OF_RANGE,
3334 ATTEMPT_ACCESS_GAP);
3335 return check_condition_result;
3336 }
3337
3338 /* No restrictions for writes within conventional zones */
3339 if (zbc_zone_is_conv(zsp)) {
3340 if (!zbc_zone_is_conv(zsp_end)) {
3341 mk_sense_buffer(scp, ILLEGAL_REQUEST,
3342 LBA_OUT_OF_RANGE,
3343 WRITE_BOUNDARY_ASCQ);
3344 return check_condition_result;
3345 }
3346 return 0;
3347 }
3348
3349 if (zsp->z_type == ZBC_ZTYPE_SWR) {
3350 /* Writes cannot cross sequential zone boundaries */
3351 if (zsp_end != zsp) {
3352 mk_sense_buffer(scp, ILLEGAL_REQUEST,
3353 LBA_OUT_OF_RANGE,
3354 WRITE_BOUNDARY_ASCQ);
3355 return check_condition_result;
3356 }
3357 /* Cannot write full zones */
3358 if (zsp->z_cond == ZC5_FULL) {
3359 mk_sense_buffer(scp, ILLEGAL_REQUEST,
3360 INVALID_FIELD_IN_CDB, 0);
3361 return check_condition_result;
3362 }
3363 /* Writes must be aligned to the zone WP */
3364 if (lba != zsp->z_wp) {
3365 mk_sense_buffer(scp, ILLEGAL_REQUEST,
3366 LBA_OUT_OF_RANGE,
3367 UNALIGNED_WRITE_ASCQ);
3368 return check_condition_result;
3369 }
3370 }
3371
3372 /* Handle implicit open of closed and empty zones */
3373 if (zsp->z_cond == ZC1_EMPTY || zsp->z_cond == ZC4_CLOSED) {
3374 if (devip->max_open &&
3375 devip->nr_exp_open >= devip->max_open) {
3376 mk_sense_buffer(scp, DATA_PROTECT,
3377 INSUFF_RES_ASC,
3378 INSUFF_ZONE_ASCQ);
3379 return check_condition_result;
3380 }
3381 zbc_open_zone(devip, zsp, false);
3382 }
3383
3384 return 0;
3385}
3386
3387static inline int check_device_access_params
3388 (struct scsi_cmnd *scp, unsigned long long lba,
3389 unsigned int num, bool write)
3390{
3391 struct scsi_device *sdp = scp->device;
3392 struct sdebug_dev_info *devip = (struct sdebug_dev_info *)sdp->hostdata;
3393
3394 if (lba + num > sdebug_capacity) {
3395 mk_sense_buffer(scp, ILLEGAL_REQUEST, LBA_OUT_OF_RANGE, 0);
3396 return check_condition_result;
3397 }
3398 /* transfer length excessive (tie in to block limits VPD page) */
3399 if (num > sdebug_store_sectors) {
3400 /* needs work to find which cdb byte 'num' comes from */
3401 mk_sense_buffer(scp, ILLEGAL_REQUEST, INVALID_FIELD_IN_CDB, 0);
3402 return check_condition_result;
3403 }
3404 if (write && unlikely(sdebug_wp)) {
3405 mk_sense_buffer(scp, DATA_PROTECT, WRITE_PROTECTED, 0x2);
3406 return check_condition_result;
3407 }
3408 if (sdebug_dev_is_zoned(devip))
3409 return check_zbc_access_params(scp, lba, num, write);
3410
3411 return 0;
3412}
3413
3414/*
3415 * Note: if BUG_ON() fires it usually indicates a problem with the parser
3416 * tables. Perhaps a missing F_FAKE_RW or FF_MEDIA_IO flag. Response functions
3417 * that access any of the "stores" in struct sdeb_store_info should call this
3418 * function with bug_if_fake_rw set to true.
3419 */
3420static inline struct sdeb_store_info *devip2sip(struct sdebug_dev_info *devip,
3421 bool bug_if_fake_rw)
3422{
3423 if (sdebug_fake_rw) {
3424 BUG_ON(bug_if_fake_rw); /* See note above */
3425 return NULL;
3426 }
3427 return xa_load(per_store_ap, devip->sdbg_host->si_idx);
3428}
3429
3430static inline void
3431sdeb_read_lock(rwlock_t *lock)
3432{
3433 if (sdebug_no_rwlock)
3434 __acquire(lock);
3435 else
3436 read_lock(lock);
3437}
3438
3439static inline void
3440sdeb_read_unlock(rwlock_t *lock)
3441{
3442 if (sdebug_no_rwlock)
3443 __release(lock);
3444 else
3445 read_unlock(lock);
3446}
3447
3448static inline void
3449sdeb_write_lock(rwlock_t *lock)
3450{
3451 if (sdebug_no_rwlock)
3452 __acquire(lock);
3453 else
3454 write_lock(lock);
3455}
3456
3457static inline void
3458sdeb_write_unlock(rwlock_t *lock)
3459{
3460 if (sdebug_no_rwlock)
3461 __release(lock);
3462 else
3463 write_unlock(lock);
3464}
3465
3466static inline void
3467sdeb_data_read_lock(struct sdeb_store_info *sip)
3468{
3469 BUG_ON(!sip);
3470
3471 sdeb_read_lock(&sip->macc_data_lck);
3472}
3473
3474static inline void
3475sdeb_data_read_unlock(struct sdeb_store_info *sip)
3476{
3477 BUG_ON(!sip);
3478
3479 sdeb_read_unlock(&sip->macc_data_lck);
3480}
3481
3482static inline void
3483sdeb_data_write_lock(struct sdeb_store_info *sip)
3484{
3485 BUG_ON(!sip);
3486
3487 sdeb_write_lock(&sip->macc_data_lck);
3488}
3489
3490static inline void
3491sdeb_data_write_unlock(struct sdeb_store_info *sip)
3492{
3493 BUG_ON(!sip);
3494
3495 sdeb_write_unlock(&sip->macc_data_lck);
3496}
3497
3498static inline void
3499sdeb_data_sector_read_lock(struct sdeb_store_info *sip)
3500{
3501 BUG_ON(!sip);
3502
3503 sdeb_read_lock(&sip->macc_sector_lck);
3504}
3505
3506static inline void
3507sdeb_data_sector_read_unlock(struct sdeb_store_info *sip)
3508{
3509 BUG_ON(!sip);
3510
3511 sdeb_read_unlock(&sip->macc_sector_lck);
3512}
3513
3514static inline void
3515sdeb_data_sector_write_lock(struct sdeb_store_info *sip)
3516{
3517 BUG_ON(!sip);
3518
3519 sdeb_write_lock(&sip->macc_sector_lck);
3520}
3521
3522static inline void
3523sdeb_data_sector_write_unlock(struct sdeb_store_info *sip)
3524{
3525 BUG_ON(!sip);
3526
3527 sdeb_write_unlock(&sip->macc_sector_lck);
3528}
3529
3530/*
3531 * Atomic locking:
3532 * We simplify the atomic model to allow only 1x atomic write and many non-
3533 * atomic reads or writes for all LBAs.
3534
3535 * A RW lock has a similar bahaviour:
3536 * Only 1x writer and many readers.
3537
3538 * So use a RW lock for per-device read and write locking:
3539 * An atomic access grabs the lock as a writer and non-atomic grabs the lock
3540 * as a reader.
3541 */
3542
3543static inline void
3544sdeb_data_lock(struct sdeb_store_info *sip, bool atomic)
3545{
3546 if (atomic)
3547 sdeb_data_write_lock(sip);
3548 else
3549 sdeb_data_read_lock(sip);
3550}
3551
3552static inline void
3553sdeb_data_unlock(struct sdeb_store_info *sip, bool atomic)
3554{
3555 if (atomic)
3556 sdeb_data_write_unlock(sip);
3557 else
3558 sdeb_data_read_unlock(sip);
3559}
3560
3561/* Allow many reads but only 1x write per sector */
3562static inline void
3563sdeb_data_sector_lock(struct sdeb_store_info *sip, bool do_write)
3564{
3565 if (do_write)
3566 sdeb_data_sector_write_lock(sip);
3567 else
3568 sdeb_data_sector_read_lock(sip);
3569}
3570
3571static inline void
3572sdeb_data_sector_unlock(struct sdeb_store_info *sip, bool do_write)
3573{
3574 if (do_write)
3575 sdeb_data_sector_write_unlock(sip);
3576 else
3577 sdeb_data_sector_read_unlock(sip);
3578}
3579
3580static inline void
3581sdeb_meta_read_lock(struct sdeb_store_info *sip)
3582{
3583 if (sdebug_no_rwlock) {
3584 if (sip)
3585 __acquire(&sip->macc_meta_lck);
3586 else
3587 __acquire(&sdeb_fake_rw_lck);
3588 } else {
3589 if (sip)
3590 read_lock(&sip->macc_meta_lck);
3591 else
3592 read_lock(&sdeb_fake_rw_lck);
3593 }
3594}
3595
3596static inline void
3597sdeb_meta_read_unlock(struct sdeb_store_info *sip)
3598{
3599 if (sdebug_no_rwlock) {
3600 if (sip)
3601 __release(&sip->macc_meta_lck);
3602 else
3603 __release(&sdeb_fake_rw_lck);
3604 } else {
3605 if (sip)
3606 read_unlock(&sip->macc_meta_lck);
3607 else
3608 read_unlock(&sdeb_fake_rw_lck);
3609 }
3610}
3611
3612static inline void
3613sdeb_meta_write_lock(struct sdeb_store_info *sip)
3614{
3615 if (sdebug_no_rwlock) {
3616 if (sip)
3617 __acquire(&sip->macc_meta_lck);
3618 else
3619 __acquire(&sdeb_fake_rw_lck);
3620 } else {
3621 if (sip)
3622 write_lock(&sip->macc_meta_lck);
3623 else
3624 write_lock(&sdeb_fake_rw_lck);
3625 }
3626}
3627
3628static inline void
3629sdeb_meta_write_unlock(struct sdeb_store_info *sip)
3630{
3631 if (sdebug_no_rwlock) {
3632 if (sip)
3633 __release(&sip->macc_meta_lck);
3634 else
3635 __release(&sdeb_fake_rw_lck);
3636 } else {
3637 if (sip)
3638 write_unlock(&sip->macc_meta_lck);
3639 else
3640 write_unlock(&sdeb_fake_rw_lck);
3641 }
3642}
3643
3644/* Returns number of bytes copied or -1 if error. */
3645static int do_device_access(struct sdeb_store_info *sip, struct scsi_cmnd *scp,
3646 u32 sg_skip, u64 lba, u32 num, u8 group_number,
3647 bool do_write, bool atomic)
3648{
3649 int ret;
3650 u64 block;
3651 enum dma_data_direction dir;
3652 struct scsi_data_buffer *sdb = &scp->sdb;
3653 u8 *fsp;
3654 int i, total = 0;
3655
3656 /*
3657 * Even though reads are inherently atomic (in this driver), we expect
3658 * the atomic flag only for writes.
3659 */
3660 if (!do_write && atomic)
3661 return -1;
3662
3663 if (do_write) {
3664 dir = DMA_TO_DEVICE;
3665 write_since_sync = true;
3666 } else {
3667 dir = DMA_FROM_DEVICE;
3668 }
3669
3670 if (!sdb->length || !sip)
3671 return 0;
3672 if (scp->sc_data_direction != dir)
3673 return -1;
3674
3675 if (do_write && group_number < ARRAY_SIZE(writes_by_group_number))
3676 atomic_long_inc(&writes_by_group_number[group_number]);
3677
3678 fsp = sip->storep;
3679
3680 block = do_div(lba, sdebug_store_sectors);
3681
3682 /* Only allow 1x atomic write or multiple non-atomic writes at any given time */
3683 sdeb_data_lock(sip, atomic);
3684 for (i = 0; i < num; i++) {
3685 /* We shouldn't need to lock for atomic writes, but do it anyway */
3686 sdeb_data_sector_lock(sip, do_write);
3687 ret = sg_copy_buffer(sdb->table.sgl, sdb->table.nents,
3688 fsp + (block * sdebug_sector_size),
3689 sdebug_sector_size, sg_skip, do_write);
3690 sdeb_data_sector_unlock(sip, do_write);
3691 total += ret;
3692 if (ret != sdebug_sector_size)
3693 break;
3694 sg_skip += sdebug_sector_size;
3695 if (++block >= sdebug_store_sectors)
3696 block = 0;
3697 }
3698 sdeb_data_unlock(sip, atomic);
3699
3700 return total;
3701}
3702
3703/* Returns number of bytes copied or -1 if error. */
3704static int do_dout_fetch(struct scsi_cmnd *scp, u32 num, u8 *doutp)
3705{
3706 struct scsi_data_buffer *sdb = &scp->sdb;
3707
3708 if (!sdb->length)
3709 return 0;
3710 if (scp->sc_data_direction != DMA_TO_DEVICE)
3711 return -1;
3712 return sg_copy_buffer(sdb->table.sgl, sdb->table.nents, doutp,
3713 num * sdebug_sector_size, 0, true);
3714}
3715
3716/* If sip->storep+lba compares equal to arr(num), then copy top half of
3717 * arr into sip->storep+lba and return true. If comparison fails then
3718 * return false. */
3719static bool comp_write_worker(struct sdeb_store_info *sip, u64 lba, u32 num,
3720 const u8 *arr, bool compare_only)
3721{
3722 bool res;
3723 u64 block, rest = 0;
3724 u32 store_blks = sdebug_store_sectors;
3725 u32 lb_size = sdebug_sector_size;
3726 u8 *fsp = sip->storep;
3727
3728 block = do_div(lba, store_blks);
3729 if (block + num > store_blks)
3730 rest = block + num - store_blks;
3731
3732 res = !memcmp(fsp + (block * lb_size), arr, (num - rest) * lb_size);
3733 if (!res)
3734 return res;
3735 if (rest)
3736 res = memcmp(fsp, arr + ((num - rest) * lb_size),
3737 rest * lb_size);
3738 if (!res)
3739 return res;
3740 if (compare_only)
3741 return true;
3742 arr += num * lb_size;
3743 memcpy(fsp + (block * lb_size), arr, (num - rest) * lb_size);
3744 if (rest)
3745 memcpy(fsp, arr + ((num - rest) * lb_size), rest * lb_size);
3746 return res;
3747}
3748
3749static __be16 dif_compute_csum(const void *buf, int len)
3750{
3751 __be16 csum;
3752
3753 if (sdebug_guard)
3754 csum = (__force __be16)ip_compute_csum(buf, len);
3755 else
3756 csum = cpu_to_be16(crc_t10dif(buf, len));
3757
3758 return csum;
3759}
3760
3761static int dif_verify(struct t10_pi_tuple *sdt, const void *data,
3762 sector_t sector, u32 ei_lba)
3763{
3764 __be16 csum = dif_compute_csum(data, sdebug_sector_size);
3765
3766 if (sdt->guard_tag != csum) {
3767 pr_err("GUARD check failed on sector %lu rcvd 0x%04x, data 0x%04x\n",
3768 (unsigned long)sector,
3769 be16_to_cpu(sdt->guard_tag),
3770 be16_to_cpu(csum));
3771 return 0x01;
3772 }
3773 if (sdebug_dif == T10_PI_TYPE1_PROTECTION &&
3774 be32_to_cpu(sdt->ref_tag) != (sector & 0xffffffff)) {
3775 pr_err("REF check failed on sector %lu\n",
3776 (unsigned long)sector);
3777 return 0x03;
3778 }
3779 if (sdebug_dif == T10_PI_TYPE2_PROTECTION &&
3780 be32_to_cpu(sdt->ref_tag) != ei_lba) {
3781 pr_err("REF check failed on sector %lu\n",
3782 (unsigned long)sector);
3783 return 0x03;
3784 }
3785 return 0;
3786}
3787
3788static void dif_copy_prot(struct scsi_cmnd *scp, sector_t sector,
3789 unsigned int sectors, bool read)
3790{
3791 size_t resid;
3792 void *paddr;
3793 struct sdeb_store_info *sip = devip2sip((struct sdebug_dev_info *)
3794 scp->device->hostdata, true);
3795 struct t10_pi_tuple *dif_storep = sip->dif_storep;
3796 const void *dif_store_end = dif_storep + sdebug_store_sectors;
3797 struct sg_mapping_iter miter;
3798
3799 /* Bytes of protection data to copy into sgl */
3800 resid = sectors * sizeof(*dif_storep);
3801
3802 sg_miter_start(&miter, scsi_prot_sglist(scp),
3803 scsi_prot_sg_count(scp), SG_MITER_ATOMIC |
3804 (read ? SG_MITER_TO_SG : SG_MITER_FROM_SG));
3805
3806 while (sg_miter_next(&miter) && resid > 0) {
3807 size_t len = min_t(size_t, miter.length, resid);
3808 void *start = dif_store(sip, sector);
3809 size_t rest = 0;
3810
3811 if (dif_store_end < start + len)
3812 rest = start + len - dif_store_end;
3813
3814 paddr = miter.addr;
3815
3816 if (read)
3817 memcpy(paddr, start, len - rest);
3818 else
3819 memcpy(start, paddr, len - rest);
3820
3821 if (rest) {
3822 if (read)
3823 memcpy(paddr + len - rest, dif_storep, rest);
3824 else
3825 memcpy(dif_storep, paddr + len - rest, rest);
3826 }
3827
3828 sector += len / sizeof(*dif_storep);
3829 resid -= len;
3830 }
3831 sg_miter_stop(&miter);
3832}
3833
3834static int prot_verify_read(struct scsi_cmnd *scp, sector_t start_sec,
3835 unsigned int sectors, u32 ei_lba)
3836{
3837 int ret = 0;
3838 unsigned int i;
3839 sector_t sector;
3840 struct sdeb_store_info *sip = devip2sip((struct sdebug_dev_info *)
3841 scp->device->hostdata, true);
3842 struct t10_pi_tuple *sdt;
3843
3844 for (i = 0; i < sectors; i++, ei_lba++) {
3845 sector = start_sec + i;
3846 sdt = dif_store(sip, sector);
3847
3848 if (sdt->app_tag == cpu_to_be16(0xffff))
3849 continue;
3850
3851 /*
3852 * Because scsi_debug acts as both initiator and
3853 * target we proceed to verify the PI even if
3854 * RDPROTECT=3. This is done so the "initiator" knows
3855 * which type of error to return. Otherwise we would
3856 * have to iterate over the PI twice.
3857 */
3858 if (scp->cmnd[1] >> 5) { /* RDPROTECT */
3859 ret = dif_verify(sdt, lba2fake_store(sip, sector),
3860 sector, ei_lba);
3861 if (ret) {
3862 dif_errors++;
3863 break;
3864 }
3865 }
3866 }
3867
3868 dif_copy_prot(scp, start_sec, sectors, true);
3869 dix_reads++;
3870
3871 return ret;
3872}
3873
3874static int resp_read_dt0(struct scsi_cmnd *scp, struct sdebug_dev_info *devip)
3875{
3876 bool check_prot;
3877 u32 num;
3878 u32 ei_lba;
3879 int ret;
3880 u64 lba;
3881 struct sdeb_store_info *sip = devip2sip(devip, true);
3882 u8 *cmd = scp->cmnd;
3883 bool meta_data_locked = false;
3884
3885 switch (cmd[0]) {
3886 case READ_16:
3887 ei_lba = 0;
3888 lba = get_unaligned_be64(cmd + 2);
3889 num = get_unaligned_be32(cmd + 10);
3890 check_prot = true;
3891 break;
3892 case READ_10:
3893 ei_lba = 0;
3894 lba = get_unaligned_be32(cmd + 2);
3895 num = get_unaligned_be16(cmd + 7);
3896 check_prot = true;
3897 break;
3898 case READ_6:
3899 ei_lba = 0;
3900 lba = (u32)cmd[3] | (u32)cmd[2] << 8 |
3901 (u32)(cmd[1] & 0x1f) << 16;
3902 num = (0 == cmd[4]) ? 256 : cmd[4];
3903 check_prot = true;
3904 break;
3905 case READ_12:
3906 ei_lba = 0;
3907 lba = get_unaligned_be32(cmd + 2);
3908 num = get_unaligned_be32(cmd + 6);
3909 check_prot = true;
3910 break;
3911 case XDWRITEREAD_10:
3912 ei_lba = 0;
3913 lba = get_unaligned_be32(cmd + 2);
3914 num = get_unaligned_be16(cmd + 7);
3915 check_prot = false;
3916 break;
3917 default: /* assume READ(32) */
3918 lba = get_unaligned_be64(cmd + 12);
3919 ei_lba = get_unaligned_be32(cmd + 20);
3920 num = get_unaligned_be32(cmd + 28);
3921 check_prot = false;
3922 break;
3923 }
3924 if (unlikely(have_dif_prot && check_prot)) {
3925 if (sdebug_dif == T10_PI_TYPE2_PROTECTION &&
3926 (cmd[1] & 0xe0)) {
3927 mk_sense_invalid_opcode(scp);
3928 return check_condition_result;
3929 }
3930 if ((sdebug_dif == T10_PI_TYPE1_PROTECTION ||
3931 sdebug_dif == T10_PI_TYPE3_PROTECTION) &&
3932 (cmd[1] & 0xe0) == 0)
3933 sdev_printk(KERN_ERR, scp->device, "Unprotected RD "
3934 "to DIF device\n");
3935 }
3936 if (unlikely((sdebug_opts & SDEBUG_OPT_SHORT_TRANSFER) &&
3937 atomic_read(&sdeb_inject_pending))) {
3938 num /= 2;
3939 atomic_set(&sdeb_inject_pending, 0);
3940 }
3941
3942 /*
3943 * When checking device access params, for reads we only check data
3944 * versus what is set at init time, so no need to lock.
3945 */
3946 ret = check_device_access_params(scp, lba, num, false);
3947 if (ret)
3948 return ret;
3949 if (unlikely((SDEBUG_OPT_MEDIUM_ERR & sdebug_opts) &&
3950 (lba <= (sdebug_medium_error_start + sdebug_medium_error_count - 1)) &&
3951 ((lba + num) > sdebug_medium_error_start))) {
3952 /* claim unrecoverable read error */
3953 mk_sense_buffer(scp, MEDIUM_ERROR, UNRECOVERED_READ_ERR, 0);
3954 /* set info field and valid bit for fixed descriptor */
3955 if (0x70 == (scp->sense_buffer[0] & 0x7f)) {
3956 scp->sense_buffer[0] |= 0x80; /* Valid bit */
3957 ret = (lba < OPT_MEDIUM_ERR_ADDR)
3958 ? OPT_MEDIUM_ERR_ADDR : (int)lba;
3959 put_unaligned_be32(ret, scp->sense_buffer + 3);
3960 }
3961 scsi_set_resid(scp, scsi_bufflen(scp));
3962 return check_condition_result;
3963 }
3964
3965 if (sdebug_dev_is_zoned(devip) ||
3966 (sdebug_dix && scsi_prot_sg_count(scp))) {
3967 sdeb_meta_read_lock(sip);
3968 meta_data_locked = true;
3969 }
3970
3971 /* DIX + T10 DIF */
3972 if (unlikely(sdebug_dix && scsi_prot_sg_count(scp))) {
3973 switch (prot_verify_read(scp, lba, num, ei_lba)) {
3974 case 1: /* Guard tag error */
3975 if (cmd[1] >> 5 != 3) { /* RDPROTECT != 3 */
3976 sdeb_meta_read_unlock(sip);
3977 mk_sense_buffer(scp, ABORTED_COMMAND, 0x10, 1);
3978 return check_condition_result;
3979 } else if (scp->prot_flags & SCSI_PROT_GUARD_CHECK) {
3980 sdeb_meta_read_unlock(sip);
3981 mk_sense_buffer(scp, ILLEGAL_REQUEST, 0x10, 1);
3982 return illegal_condition_result;
3983 }
3984 break;
3985 case 3: /* Reference tag error */
3986 if (cmd[1] >> 5 != 3) { /* RDPROTECT != 3 */
3987 sdeb_meta_read_unlock(sip);
3988 mk_sense_buffer(scp, ABORTED_COMMAND, 0x10, 3);
3989 return check_condition_result;
3990 } else if (scp->prot_flags & SCSI_PROT_REF_CHECK) {
3991 sdeb_meta_read_unlock(sip);
3992 mk_sense_buffer(scp, ILLEGAL_REQUEST, 0x10, 3);
3993 return illegal_condition_result;
3994 }
3995 break;
3996 }
3997 }
3998
3999 ret = do_device_access(sip, scp, 0, lba, num, 0, false, false);
4000 if (meta_data_locked)
4001 sdeb_meta_read_unlock(sip);
4002 if (unlikely(ret == -1))
4003 return DID_ERROR << 16;
4004
4005 scsi_set_resid(scp, scsi_bufflen(scp) - ret);
4006
4007 if (unlikely((sdebug_opts & SDEBUG_OPT_RECOV_DIF_DIX) &&
4008 atomic_read(&sdeb_inject_pending))) {
4009 if (sdebug_opts & SDEBUG_OPT_RECOVERED_ERR) {
4010 mk_sense_buffer(scp, RECOVERED_ERROR, THRESHOLD_EXCEEDED, 0);
4011 atomic_set(&sdeb_inject_pending, 0);
4012 return check_condition_result;
4013 } else if (sdebug_opts & SDEBUG_OPT_DIF_ERR) {
4014 /* Logical block guard check failed */
4015 mk_sense_buffer(scp, ABORTED_COMMAND, 0x10, 1);
4016 atomic_set(&sdeb_inject_pending, 0);
4017 return illegal_condition_result;
4018 } else if (SDEBUG_OPT_DIX_ERR & sdebug_opts) {
4019 mk_sense_buffer(scp, ILLEGAL_REQUEST, 0x10, 1);
4020 atomic_set(&sdeb_inject_pending, 0);
4021 return illegal_condition_result;
4022 }
4023 }
4024 return 0;
4025}
4026
4027static int prot_verify_write(struct scsi_cmnd *SCpnt, sector_t start_sec,
4028 unsigned int sectors, u32 ei_lba)
4029{
4030 int ret;
4031 struct t10_pi_tuple *sdt;
4032 void *daddr;
4033 sector_t sector = start_sec;
4034 int ppage_offset;
4035 int dpage_offset;
4036 struct sg_mapping_iter diter;
4037 struct sg_mapping_iter piter;
4038
4039 BUG_ON(scsi_sg_count(SCpnt) == 0);
4040 BUG_ON(scsi_prot_sg_count(SCpnt) == 0);
4041
4042 sg_miter_start(&piter, scsi_prot_sglist(SCpnt),
4043 scsi_prot_sg_count(SCpnt),
4044 SG_MITER_ATOMIC | SG_MITER_FROM_SG);
4045 sg_miter_start(&diter, scsi_sglist(SCpnt), scsi_sg_count(SCpnt),
4046 SG_MITER_ATOMIC | SG_MITER_FROM_SG);
4047
4048 /* For each protection page */
4049 while (sg_miter_next(&piter)) {
4050 dpage_offset = 0;
4051 if (WARN_ON(!sg_miter_next(&diter))) {
4052 ret = 0x01;
4053 goto out;
4054 }
4055
4056 for (ppage_offset = 0; ppage_offset < piter.length;
4057 ppage_offset += sizeof(struct t10_pi_tuple)) {
4058 /* If we're at the end of the current
4059 * data page advance to the next one
4060 */
4061 if (dpage_offset >= diter.length) {
4062 if (WARN_ON(!sg_miter_next(&diter))) {
4063 ret = 0x01;
4064 goto out;
4065 }
4066 dpage_offset = 0;
4067 }
4068
4069 sdt = piter.addr + ppage_offset;
4070 daddr = diter.addr + dpage_offset;
4071
4072 if (SCpnt->cmnd[1] >> 5 != 3) { /* WRPROTECT */
4073 ret = dif_verify(sdt, daddr, sector, ei_lba);
4074 if (ret)
4075 goto out;
4076 }
4077
4078 sector++;
4079 ei_lba++;
4080 dpage_offset += sdebug_sector_size;
4081 }
4082 diter.consumed = dpage_offset;
4083 sg_miter_stop(&diter);
4084 }
4085 sg_miter_stop(&piter);
4086
4087 dif_copy_prot(SCpnt, start_sec, sectors, false);
4088 dix_writes++;
4089
4090 return 0;
4091
4092out:
4093 dif_errors++;
4094 sg_miter_stop(&diter);
4095 sg_miter_stop(&piter);
4096 return ret;
4097}
4098
4099static unsigned long lba_to_map_index(sector_t lba)
4100{
4101 if (sdebug_unmap_alignment)
4102 lba += sdebug_unmap_granularity - sdebug_unmap_alignment;
4103 sector_div(lba, sdebug_unmap_granularity);
4104 return lba;
4105}
4106
4107static sector_t map_index_to_lba(unsigned long index)
4108{
4109 sector_t lba = index * sdebug_unmap_granularity;
4110
4111 if (sdebug_unmap_alignment)
4112 lba -= sdebug_unmap_granularity - sdebug_unmap_alignment;
4113 return lba;
4114}
4115
4116static unsigned int map_state(struct sdeb_store_info *sip, sector_t lba,
4117 unsigned int *num)
4118{
4119 sector_t end;
4120 unsigned int mapped;
4121 unsigned long index;
4122 unsigned long next;
4123
4124 index = lba_to_map_index(lba);
4125 mapped = test_bit(index, sip->map_storep);
4126
4127 if (mapped)
4128 next = find_next_zero_bit(sip->map_storep, map_size, index);
4129 else
4130 next = find_next_bit(sip->map_storep, map_size, index);
4131
4132 end = min_t(sector_t, sdebug_store_sectors, map_index_to_lba(next));
4133 *num = end - lba;
4134 return mapped;
4135}
4136
4137static void map_region(struct sdeb_store_info *sip, sector_t lba,
4138 unsigned int len)
4139{
4140 sector_t end = lba + len;
4141
4142 while (lba < end) {
4143 unsigned long index = lba_to_map_index(lba);
4144
4145 if (index < map_size)
4146 set_bit(index, sip->map_storep);
4147
4148 lba = map_index_to_lba(index + 1);
4149 }
4150}
4151
4152static void unmap_region(struct sdeb_store_info *sip, sector_t lba,
4153 unsigned int len)
4154{
4155 sector_t end = lba + len;
4156 u8 *fsp = sip->storep;
4157
4158 while (lba < end) {
4159 unsigned long index = lba_to_map_index(lba);
4160
4161 if (lba == map_index_to_lba(index) &&
4162 lba + sdebug_unmap_granularity <= end &&
4163 index < map_size) {
4164 clear_bit(index, sip->map_storep);
4165 if (sdebug_lbprz) { /* for LBPRZ=2 return 0xff_s */
4166 memset(fsp + lba * sdebug_sector_size,
4167 (sdebug_lbprz & 1) ? 0 : 0xff,
4168 sdebug_sector_size *
4169 sdebug_unmap_granularity);
4170 }
4171 if (sip->dif_storep) {
4172 memset(sip->dif_storep + lba, 0xff,
4173 sizeof(*sip->dif_storep) *
4174 sdebug_unmap_granularity);
4175 }
4176 }
4177 lba = map_index_to_lba(index + 1);
4178 }
4179}
4180
4181static int resp_write_dt0(struct scsi_cmnd *scp, struct sdebug_dev_info *devip)
4182{
4183 bool check_prot;
4184 u32 num;
4185 u8 group = 0;
4186 u32 ei_lba;
4187 int ret;
4188 u64 lba;
4189 struct sdeb_store_info *sip = devip2sip(devip, true);
4190 u8 *cmd = scp->cmnd;
4191 bool meta_data_locked = false;
4192
4193 switch (cmd[0]) {
4194 case WRITE_16:
4195 ei_lba = 0;
4196 lba = get_unaligned_be64(cmd + 2);
4197 num = get_unaligned_be32(cmd + 10);
4198 group = cmd[14] & 0x3f;
4199 check_prot = true;
4200 break;
4201 case WRITE_10:
4202 ei_lba = 0;
4203 lba = get_unaligned_be32(cmd + 2);
4204 group = cmd[6] & 0x3f;
4205 num = get_unaligned_be16(cmd + 7);
4206 check_prot = true;
4207 break;
4208 case WRITE_6:
4209 ei_lba = 0;
4210 lba = (u32)cmd[3] | (u32)cmd[2] << 8 |
4211 (u32)(cmd[1] & 0x1f) << 16;
4212 num = (0 == cmd[4]) ? 256 : cmd[4];
4213 check_prot = true;
4214 break;
4215 case WRITE_12:
4216 ei_lba = 0;
4217 lba = get_unaligned_be32(cmd + 2);
4218 num = get_unaligned_be32(cmd + 6);
4219 group = cmd[6] & 0x3f;
4220 check_prot = true;
4221 break;
4222 case 0x53: /* XDWRITEREAD(10) */
4223 ei_lba = 0;
4224 lba = get_unaligned_be32(cmd + 2);
4225 group = cmd[6] & 0x1f;
4226 num = get_unaligned_be16(cmd + 7);
4227 check_prot = false;
4228 break;
4229 default: /* assume WRITE(32) */
4230 group = cmd[6] & 0x3f;
4231 lba = get_unaligned_be64(cmd + 12);
4232 ei_lba = get_unaligned_be32(cmd + 20);
4233 num = get_unaligned_be32(cmd + 28);
4234 check_prot = false;
4235 break;
4236 }
4237 if (unlikely(have_dif_prot && check_prot)) {
4238 if (sdebug_dif == T10_PI_TYPE2_PROTECTION &&
4239 (cmd[1] & 0xe0)) {
4240 mk_sense_invalid_opcode(scp);
4241 return check_condition_result;
4242 }
4243 if ((sdebug_dif == T10_PI_TYPE1_PROTECTION ||
4244 sdebug_dif == T10_PI_TYPE3_PROTECTION) &&
4245 (cmd[1] & 0xe0) == 0)
4246 sdev_printk(KERN_ERR, scp->device, "Unprotected WR "
4247 "to DIF device\n");
4248 }
4249
4250 if (sdebug_dev_is_zoned(devip) ||
4251 (sdebug_dix && scsi_prot_sg_count(scp)) ||
4252 scsi_debug_lbp()) {
4253 sdeb_meta_write_lock(sip);
4254 meta_data_locked = true;
4255 }
4256
4257 ret = check_device_access_params(scp, lba, num, true);
4258 if (ret) {
4259 if (meta_data_locked)
4260 sdeb_meta_write_unlock(sip);
4261 return ret;
4262 }
4263
4264 /* DIX + T10 DIF */
4265 if (unlikely(sdebug_dix && scsi_prot_sg_count(scp))) {
4266 switch (prot_verify_write(scp, lba, num, ei_lba)) {
4267 case 1: /* Guard tag error */
4268 if (scp->prot_flags & SCSI_PROT_GUARD_CHECK) {
4269 sdeb_meta_write_unlock(sip);
4270 mk_sense_buffer(scp, ILLEGAL_REQUEST, 0x10, 1);
4271 return illegal_condition_result;
4272 } else if (scp->cmnd[1] >> 5 != 3) { /* WRPROTECT != 3 */
4273 sdeb_meta_write_unlock(sip);
4274 mk_sense_buffer(scp, ABORTED_COMMAND, 0x10, 1);
4275 return check_condition_result;
4276 }
4277 break;
4278 case 3: /* Reference tag error */
4279 if (scp->prot_flags & SCSI_PROT_REF_CHECK) {
4280 sdeb_meta_write_unlock(sip);
4281 mk_sense_buffer(scp, ILLEGAL_REQUEST, 0x10, 3);
4282 return illegal_condition_result;
4283 } else if (scp->cmnd[1] >> 5 != 3) { /* WRPROTECT != 3 */
4284 sdeb_meta_write_unlock(sip);
4285 mk_sense_buffer(scp, ABORTED_COMMAND, 0x10, 3);
4286 return check_condition_result;
4287 }
4288 break;
4289 }
4290 }
4291
4292 ret = do_device_access(sip, scp, 0, lba, num, group, true, false);
4293 if (unlikely(scsi_debug_lbp()))
4294 map_region(sip, lba, num);
4295
4296 /* If ZBC zone then bump its write pointer */
4297 if (sdebug_dev_is_zoned(devip))
4298 zbc_inc_wp(devip, lba, num);
4299 if (meta_data_locked)
4300 sdeb_meta_write_unlock(sip);
4301
4302 if (unlikely(-1 == ret))
4303 return DID_ERROR << 16;
4304 else if (unlikely(sdebug_verbose &&
4305 (ret < (num * sdebug_sector_size))))
4306 sdev_printk(KERN_INFO, scp->device,
4307 "%s: write: cdb indicated=%u, IO sent=%d bytes\n",
4308 my_name, num * sdebug_sector_size, ret);
4309
4310 if (unlikely((sdebug_opts & SDEBUG_OPT_RECOV_DIF_DIX) &&
4311 atomic_read(&sdeb_inject_pending))) {
4312 if (sdebug_opts & SDEBUG_OPT_RECOVERED_ERR) {
4313 mk_sense_buffer(scp, RECOVERED_ERROR, THRESHOLD_EXCEEDED, 0);
4314 atomic_set(&sdeb_inject_pending, 0);
4315 return check_condition_result;
4316 } else if (sdebug_opts & SDEBUG_OPT_DIF_ERR) {
4317 /* Logical block guard check failed */
4318 mk_sense_buffer(scp, ABORTED_COMMAND, 0x10, 1);
4319 atomic_set(&sdeb_inject_pending, 0);
4320 return illegal_condition_result;
4321 } else if (sdebug_opts & SDEBUG_OPT_DIX_ERR) {
4322 mk_sense_buffer(scp, ILLEGAL_REQUEST, 0x10, 1);
4323 atomic_set(&sdeb_inject_pending, 0);
4324 return illegal_condition_result;
4325 }
4326 }
4327 return 0;
4328}
4329
4330/*
4331 * T10 has only specified WRITE SCATTERED(16) and WRITE SCATTERED(32).
4332 * No READ GATHERED yet (requires bidi or long cdb holding gather list).
4333 */
4334static int resp_write_scat(struct scsi_cmnd *scp,
4335 struct sdebug_dev_info *devip)
4336{
4337 u8 *cmd = scp->cmnd;
4338 u8 *lrdp = NULL;
4339 u8 *up;
4340 struct sdeb_store_info *sip = devip2sip(devip, true);
4341 u8 wrprotect;
4342 u16 lbdof, num_lrd, k;
4343 u32 num, num_by, bt_len, lbdof_blen, sg_off, cum_lb;
4344 u32 lb_size = sdebug_sector_size;
4345 u32 ei_lba;
4346 u64 lba;
4347 u8 group;
4348 int ret, res;
4349 bool is_16;
4350 static const u32 lrd_size = 32; /* + parameter list header size */
4351
4352 if (cmd[0] == VARIABLE_LENGTH_CMD) {
4353 is_16 = false;
4354 group = cmd[6] & 0x3f;
4355 wrprotect = (cmd[10] >> 5) & 0x7;
4356 lbdof = get_unaligned_be16(cmd + 12);
4357 num_lrd = get_unaligned_be16(cmd + 16);
4358 bt_len = get_unaligned_be32(cmd + 28);
4359 } else { /* that leaves WRITE SCATTERED(16) */
4360 is_16 = true;
4361 wrprotect = (cmd[2] >> 5) & 0x7;
4362 lbdof = get_unaligned_be16(cmd + 4);
4363 num_lrd = get_unaligned_be16(cmd + 8);
4364 bt_len = get_unaligned_be32(cmd + 10);
4365 group = cmd[14] & 0x3f;
4366 if (unlikely(have_dif_prot)) {
4367 if (sdebug_dif == T10_PI_TYPE2_PROTECTION &&
4368 wrprotect) {
4369 mk_sense_invalid_opcode(scp);
4370 return illegal_condition_result;
4371 }
4372 if ((sdebug_dif == T10_PI_TYPE1_PROTECTION ||
4373 sdebug_dif == T10_PI_TYPE3_PROTECTION) &&
4374 wrprotect == 0)
4375 sdev_printk(KERN_ERR, scp->device,
4376 "Unprotected WR to DIF device\n");
4377 }
4378 }
4379 if ((num_lrd == 0) || (bt_len == 0))
4380 return 0; /* T10 says these do-nothings are not errors */
4381 if (lbdof == 0) {
4382 if (sdebug_verbose)
4383 sdev_printk(KERN_INFO, scp->device,
4384 "%s: %s: LB Data Offset field bad\n",
4385 my_name, __func__);
4386 mk_sense_buffer(scp, ILLEGAL_REQUEST, INVALID_FIELD_IN_CDB, 0);
4387 return illegal_condition_result;
4388 }
4389 lbdof_blen = lbdof * lb_size;
4390 if ((lrd_size + (num_lrd * lrd_size)) > lbdof_blen) {
4391 if (sdebug_verbose)
4392 sdev_printk(KERN_INFO, scp->device,
4393 "%s: %s: LBA range descriptors don't fit\n",
4394 my_name, __func__);
4395 mk_sense_buffer(scp, ILLEGAL_REQUEST, INVALID_FIELD_IN_CDB, 0);
4396 return illegal_condition_result;
4397 }
4398 lrdp = kzalloc(lbdof_blen, GFP_ATOMIC | __GFP_NOWARN);
4399 if (lrdp == NULL)
4400 return SCSI_MLQUEUE_HOST_BUSY;
4401 if (sdebug_verbose)
4402 sdev_printk(KERN_INFO, scp->device,
4403 "%s: %s: Fetch header+scatter_list, lbdof_blen=%u\n",
4404 my_name, __func__, lbdof_blen);
4405 res = fetch_to_dev_buffer(scp, lrdp, lbdof_blen);
4406 if (res == -1) {
4407 ret = DID_ERROR << 16;
4408 goto err_out;
4409 }
4410
4411 /* Just keep it simple and always lock for now */
4412 sdeb_meta_write_lock(sip);
4413 sg_off = lbdof_blen;
4414 /* Spec says Buffer xfer Length field in number of LBs in dout */
4415 cum_lb = 0;
4416 for (k = 0, up = lrdp + lrd_size; k < num_lrd; ++k, up += lrd_size) {
4417 lba = get_unaligned_be64(up + 0);
4418 num = get_unaligned_be32(up + 8);
4419 if (sdebug_verbose)
4420 sdev_printk(KERN_INFO, scp->device,
4421 "%s: %s: k=%d LBA=0x%llx num=%u sg_off=%u\n",
4422 my_name, __func__, k, lba, num, sg_off);
4423 if (num == 0)
4424 continue;
4425 ret = check_device_access_params(scp, lba, num, true);
4426 if (ret)
4427 goto err_out_unlock;
4428 num_by = num * lb_size;
4429 ei_lba = is_16 ? 0 : get_unaligned_be32(up + 12);
4430
4431 if ((cum_lb + num) > bt_len) {
4432 if (sdebug_verbose)
4433 sdev_printk(KERN_INFO, scp->device,
4434 "%s: %s: sum of blocks > data provided\n",
4435 my_name, __func__);
4436 mk_sense_buffer(scp, ILLEGAL_REQUEST, WRITE_ERROR_ASC,
4437 0);
4438 ret = illegal_condition_result;
4439 goto err_out_unlock;
4440 }
4441
4442 /* DIX + T10 DIF */
4443 if (unlikely(sdebug_dix && scsi_prot_sg_count(scp))) {
4444 int prot_ret = prot_verify_write(scp, lba, num,
4445 ei_lba);
4446
4447 if (prot_ret) {
4448 mk_sense_buffer(scp, ILLEGAL_REQUEST, 0x10,
4449 prot_ret);
4450 ret = illegal_condition_result;
4451 goto err_out_unlock;
4452 }
4453 }
4454
4455 /*
4456 * Write ranges atomically to keep as close to pre-atomic
4457 * writes behaviour as possible.
4458 */
4459 ret = do_device_access(sip, scp, sg_off, lba, num, group, true, true);
4460 /* If ZBC zone then bump its write pointer */
4461 if (sdebug_dev_is_zoned(devip))
4462 zbc_inc_wp(devip, lba, num);
4463 if (unlikely(scsi_debug_lbp()))
4464 map_region(sip, lba, num);
4465 if (unlikely(-1 == ret)) {
4466 ret = DID_ERROR << 16;
4467 goto err_out_unlock;
4468 } else if (unlikely(sdebug_verbose && (ret < num_by)))
4469 sdev_printk(KERN_INFO, scp->device,
4470 "%s: write: cdb indicated=%u, IO sent=%d bytes\n",
4471 my_name, num_by, ret);
4472
4473 if (unlikely((sdebug_opts & SDEBUG_OPT_RECOV_DIF_DIX) &&
4474 atomic_read(&sdeb_inject_pending))) {
4475 if (sdebug_opts & SDEBUG_OPT_RECOVERED_ERR) {
4476 mk_sense_buffer(scp, RECOVERED_ERROR, THRESHOLD_EXCEEDED, 0);
4477 atomic_set(&sdeb_inject_pending, 0);
4478 ret = check_condition_result;
4479 goto err_out_unlock;
4480 } else if (sdebug_opts & SDEBUG_OPT_DIF_ERR) {
4481 /* Logical block guard check failed */
4482 mk_sense_buffer(scp, ABORTED_COMMAND, 0x10, 1);
4483 atomic_set(&sdeb_inject_pending, 0);
4484 ret = illegal_condition_result;
4485 goto err_out_unlock;
4486 } else if (sdebug_opts & SDEBUG_OPT_DIX_ERR) {
4487 mk_sense_buffer(scp, ILLEGAL_REQUEST, 0x10, 1);
4488 atomic_set(&sdeb_inject_pending, 0);
4489 ret = illegal_condition_result;
4490 goto err_out_unlock;
4491 }
4492 }
4493 sg_off += num_by;
4494 cum_lb += num;
4495 }
4496 ret = 0;
4497err_out_unlock:
4498 sdeb_meta_write_unlock(sip);
4499err_out:
4500 kfree(lrdp);
4501 return ret;
4502}
4503
4504static int resp_write_same(struct scsi_cmnd *scp, u64 lba, u32 num,
4505 u32 ei_lba, bool unmap, bool ndob)
4506{
4507 struct scsi_device *sdp = scp->device;
4508 struct sdebug_dev_info *devip = (struct sdebug_dev_info *)sdp->hostdata;
4509 unsigned long long i;
4510 u64 block, lbaa;
4511 u32 lb_size = sdebug_sector_size;
4512 int ret;
4513 struct sdeb_store_info *sip = devip2sip((struct sdebug_dev_info *)
4514 scp->device->hostdata, true);
4515 u8 *fs1p;
4516 u8 *fsp;
4517 bool meta_data_locked = false;
4518
4519 if (sdebug_dev_is_zoned(devip) || scsi_debug_lbp()) {
4520 sdeb_meta_write_lock(sip);
4521 meta_data_locked = true;
4522 }
4523
4524 ret = check_device_access_params(scp, lba, num, true);
4525 if (ret)
4526 goto out;
4527
4528 if (unmap && scsi_debug_lbp()) {
4529 unmap_region(sip, lba, num);
4530 goto out;
4531 }
4532 lbaa = lba;
4533 block = do_div(lbaa, sdebug_store_sectors);
4534 /* if ndob then zero 1 logical block, else fetch 1 logical block */
4535 fsp = sip->storep;
4536 fs1p = fsp + (block * lb_size);
4537 sdeb_data_write_lock(sip);
4538 if (ndob) {
4539 memset(fs1p, 0, lb_size);
4540 ret = 0;
4541 } else
4542 ret = fetch_to_dev_buffer(scp, fs1p, lb_size);
4543
4544 if (-1 == ret) {
4545 ret = DID_ERROR << 16;
4546 goto out;
4547 } else if (sdebug_verbose && !ndob && (ret < lb_size))
4548 sdev_printk(KERN_INFO, scp->device,
4549 "%s: %s: lb size=%u, IO sent=%d bytes\n",
4550 my_name, "write same", lb_size, ret);
4551
4552 /* Copy first sector to remaining blocks */
4553 for (i = 1 ; i < num ; i++) {
4554 lbaa = lba + i;
4555 block = do_div(lbaa, sdebug_store_sectors);
4556 memmove(fsp + (block * lb_size), fs1p, lb_size);
4557 }
4558 if (scsi_debug_lbp())
4559 map_region(sip, lba, num);
4560 /* If ZBC zone then bump its write pointer */
4561 if (sdebug_dev_is_zoned(devip))
4562 zbc_inc_wp(devip, lba, num);
4563 sdeb_data_write_unlock(sip);
4564 ret = 0;
4565out:
4566 if (meta_data_locked)
4567 sdeb_meta_write_unlock(sip);
4568 return ret;
4569}
4570
4571static int resp_write_same_10(struct scsi_cmnd *scp,
4572 struct sdebug_dev_info *devip)
4573{
4574 u8 *cmd = scp->cmnd;
4575 u32 lba;
4576 u16 num;
4577 u32 ei_lba = 0;
4578 bool unmap = false;
4579
4580 if (cmd[1] & 0x8) {
4581 if (sdebug_lbpws10 == 0) {
4582 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 1, 3);
4583 return check_condition_result;
4584 } else
4585 unmap = true;
4586 }
4587 lba = get_unaligned_be32(cmd + 2);
4588 num = get_unaligned_be16(cmd + 7);
4589 if (num > sdebug_write_same_length) {
4590 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 7, -1);
4591 return check_condition_result;
4592 }
4593 return resp_write_same(scp, lba, num, ei_lba, unmap, false);
4594}
4595
4596static int resp_write_same_16(struct scsi_cmnd *scp,
4597 struct sdebug_dev_info *devip)
4598{
4599 u8 *cmd = scp->cmnd;
4600 u64 lba;
4601 u32 num;
4602 u32 ei_lba = 0;
4603 bool unmap = false;
4604 bool ndob = false;
4605
4606 if (cmd[1] & 0x8) { /* UNMAP */
4607 if (sdebug_lbpws == 0) {
4608 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 1, 3);
4609 return check_condition_result;
4610 } else
4611 unmap = true;
4612 }
4613 if (cmd[1] & 0x1) /* NDOB (no data-out buffer, assumes zeroes) */
4614 ndob = true;
4615 lba = get_unaligned_be64(cmd + 2);
4616 num = get_unaligned_be32(cmd + 10);
4617 if (num > sdebug_write_same_length) {
4618 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 10, -1);
4619 return check_condition_result;
4620 }
4621 return resp_write_same(scp, lba, num, ei_lba, unmap, ndob);
4622}
4623
4624/* Note the mode field is in the same position as the (lower) service action
4625 * field. For the Report supported operation codes command, SPC-4 suggests
4626 * each mode of this command should be reported separately; for future. */
4627static int resp_write_buffer(struct scsi_cmnd *scp,
4628 struct sdebug_dev_info *devip)
4629{
4630 u8 *cmd = scp->cmnd;
4631 struct scsi_device *sdp = scp->device;
4632 struct sdebug_dev_info *dp;
4633 u8 mode;
4634
4635 mode = cmd[1] & 0x1f;
4636 switch (mode) {
4637 case 0x4: /* download microcode (MC) and activate (ACT) */
4638 /* set UAs on this device only */
4639 set_bit(SDEBUG_UA_BUS_RESET, devip->uas_bm);
4640 set_bit(SDEBUG_UA_MICROCODE_CHANGED, devip->uas_bm);
4641 break;
4642 case 0x5: /* download MC, save and ACT */
4643 set_bit(SDEBUG_UA_MICROCODE_CHANGED_WO_RESET, devip->uas_bm);
4644 break;
4645 case 0x6: /* download MC with offsets and ACT */
4646 /* set UAs on most devices (LUs) in this target */
4647 list_for_each_entry(dp,
4648 &devip->sdbg_host->dev_info_list,
4649 dev_list)
4650 if (dp->target == sdp->id) {
4651 set_bit(SDEBUG_UA_BUS_RESET, dp->uas_bm);
4652 if (devip != dp)
4653 set_bit(SDEBUG_UA_MICROCODE_CHANGED,
4654 dp->uas_bm);
4655 }
4656 break;
4657 case 0x7: /* download MC with offsets, save, and ACT */
4658 /* set UA on all devices (LUs) in this target */
4659 list_for_each_entry(dp,
4660 &devip->sdbg_host->dev_info_list,
4661 dev_list)
4662 if (dp->target == sdp->id)
4663 set_bit(SDEBUG_UA_MICROCODE_CHANGED_WO_RESET,
4664 dp->uas_bm);
4665 break;
4666 default:
4667 /* do nothing for this command for other mode values */
4668 break;
4669 }
4670 return 0;
4671}
4672
4673static int resp_comp_write(struct scsi_cmnd *scp,
4674 struct sdebug_dev_info *devip)
4675{
4676 u8 *cmd = scp->cmnd;
4677 u8 *arr;
4678 struct sdeb_store_info *sip = devip2sip(devip, true);
4679 u64 lba;
4680 u32 dnum;
4681 u32 lb_size = sdebug_sector_size;
4682 u8 num;
4683 int ret;
4684 int retval = 0;
4685
4686 lba = get_unaligned_be64(cmd + 2);
4687 num = cmd[13]; /* 1 to a maximum of 255 logical blocks */
4688 if (0 == num)
4689 return 0; /* degenerate case, not an error */
4690 if (sdebug_dif == T10_PI_TYPE2_PROTECTION &&
4691 (cmd[1] & 0xe0)) {
4692 mk_sense_invalid_opcode(scp);
4693 return check_condition_result;
4694 }
4695 if ((sdebug_dif == T10_PI_TYPE1_PROTECTION ||
4696 sdebug_dif == T10_PI_TYPE3_PROTECTION) &&
4697 (cmd[1] & 0xe0) == 0)
4698 sdev_printk(KERN_ERR, scp->device, "Unprotected WR "
4699 "to DIF device\n");
4700 ret = check_device_access_params(scp, lba, num, false);
4701 if (ret)
4702 return ret;
4703 dnum = 2 * num;
4704 arr = kcalloc(lb_size, dnum, GFP_ATOMIC);
4705 if (NULL == arr) {
4706 mk_sense_buffer(scp, ILLEGAL_REQUEST, INSUFF_RES_ASC,
4707 INSUFF_RES_ASCQ);
4708 return check_condition_result;
4709 }
4710
4711 ret = do_dout_fetch(scp, dnum, arr);
4712 if (ret == -1) {
4713 retval = DID_ERROR << 16;
4714 goto cleanup_free;
4715 } else if (sdebug_verbose && (ret < (dnum * lb_size)))
4716 sdev_printk(KERN_INFO, scp->device, "%s: compare_write: cdb "
4717 "indicated=%u, IO sent=%d bytes\n", my_name,
4718 dnum * lb_size, ret);
4719
4720 sdeb_data_write_lock(sip);
4721 sdeb_meta_write_lock(sip);
4722 if (!comp_write_worker(sip, lba, num, arr, false)) {
4723 mk_sense_buffer(scp, MISCOMPARE, MISCOMPARE_VERIFY_ASC, 0);
4724 retval = check_condition_result;
4725 goto cleanup_unlock;
4726 }
4727
4728 /* Cover sip->map_storep (which map_region()) sets with data lock */
4729 if (scsi_debug_lbp())
4730 map_region(sip, lba, num);
4731cleanup_unlock:
4732 sdeb_meta_write_unlock(sip);
4733 sdeb_data_write_unlock(sip);
4734cleanup_free:
4735 kfree(arr);
4736 return retval;
4737}
4738
4739struct unmap_block_desc {
4740 __be64 lba;
4741 __be32 blocks;
4742 __be32 __reserved;
4743};
4744
4745static int resp_unmap(struct scsi_cmnd *scp, struct sdebug_dev_info *devip)
4746{
4747 unsigned char *buf;
4748 struct unmap_block_desc *desc;
4749 struct sdeb_store_info *sip = devip2sip(devip, true);
4750 unsigned int i, payload_len, descriptors;
4751 int ret;
4752
4753 if (!scsi_debug_lbp())
4754 return 0; /* fib and say its done */
4755 payload_len = get_unaligned_be16(scp->cmnd + 7);
4756 BUG_ON(scsi_bufflen(scp) != payload_len);
4757
4758 descriptors = (payload_len - 8) / 16;
4759 if (descriptors > sdebug_unmap_max_desc) {
4760 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 7, -1);
4761 return check_condition_result;
4762 }
4763
4764 buf = kzalloc(scsi_bufflen(scp), GFP_ATOMIC);
4765 if (!buf) {
4766 mk_sense_buffer(scp, ILLEGAL_REQUEST, INSUFF_RES_ASC,
4767 INSUFF_RES_ASCQ);
4768 return check_condition_result;
4769 }
4770
4771 scsi_sg_copy_to_buffer(scp, buf, scsi_bufflen(scp));
4772
4773 BUG_ON(get_unaligned_be16(&buf[0]) != payload_len - 2);
4774 BUG_ON(get_unaligned_be16(&buf[2]) != descriptors * 16);
4775
4776 desc = (void *)&buf[8];
4777
4778 sdeb_meta_write_lock(sip);
4779
4780 for (i = 0 ; i < descriptors ; i++) {
4781 unsigned long long lba = get_unaligned_be64(&desc[i].lba);
4782 unsigned int num = get_unaligned_be32(&desc[i].blocks);
4783
4784 ret = check_device_access_params(scp, lba, num, true);
4785 if (ret)
4786 goto out;
4787
4788 unmap_region(sip, lba, num);
4789 }
4790
4791 ret = 0;
4792
4793out:
4794 sdeb_meta_write_unlock(sip);
4795 kfree(buf);
4796
4797 return ret;
4798}
4799
4800#define SDEBUG_GET_LBA_STATUS_LEN 32
4801
4802static int resp_get_lba_status(struct scsi_cmnd *scp,
4803 struct sdebug_dev_info *devip)
4804{
4805 u8 *cmd = scp->cmnd;
4806 u64 lba;
4807 u32 alloc_len, mapped, num;
4808 int ret;
4809 u8 arr[SDEBUG_GET_LBA_STATUS_LEN];
4810
4811 lba = get_unaligned_be64(cmd + 2);
4812 alloc_len = get_unaligned_be32(cmd + 10);
4813
4814 if (alloc_len < 24)
4815 return 0;
4816
4817 ret = check_device_access_params(scp, lba, 1, false);
4818 if (ret)
4819 return ret;
4820
4821 if (scsi_debug_lbp()) {
4822 struct sdeb_store_info *sip = devip2sip(devip, true);
4823
4824 mapped = map_state(sip, lba, &num);
4825 } else {
4826 mapped = 1;
4827 /* following just in case virtual_gb changed */
4828 sdebug_capacity = get_sdebug_capacity();
4829 if (sdebug_capacity - lba <= 0xffffffff)
4830 num = sdebug_capacity - lba;
4831 else
4832 num = 0xffffffff;
4833 }
4834
4835 memset(arr, 0, SDEBUG_GET_LBA_STATUS_LEN);
4836 put_unaligned_be32(20, arr); /* Parameter Data Length */
4837 put_unaligned_be64(lba, arr + 8); /* LBA */
4838 put_unaligned_be32(num, arr + 16); /* Number of blocks */
4839 arr[20] = !mapped; /* prov_stat=0: mapped; 1: dealloc */
4840
4841 return fill_from_dev_buffer(scp, arr, SDEBUG_GET_LBA_STATUS_LEN);
4842}
4843
4844static int resp_get_stream_status(struct scsi_cmnd *scp,
4845 struct sdebug_dev_info *devip)
4846{
4847 u16 starting_stream_id, stream_id;
4848 const u8 *cmd = scp->cmnd;
4849 u32 alloc_len, offset;
4850 u8 arr[256] = {};
4851 struct scsi_stream_status_header *h = (void *)arr;
4852
4853 starting_stream_id = get_unaligned_be16(cmd + 4);
4854 alloc_len = get_unaligned_be32(cmd + 10);
4855
4856 if (alloc_len < 8) {
4857 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 10, -1);
4858 return check_condition_result;
4859 }
4860
4861 if (starting_stream_id >= MAXIMUM_NUMBER_OF_STREAMS) {
4862 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 4, -1);
4863 return check_condition_result;
4864 }
4865
4866 /*
4867 * The GET STREAM STATUS command only reports status information
4868 * about open streams. Treat the non-permanent stream as open.
4869 */
4870 put_unaligned_be16(MAXIMUM_NUMBER_OF_STREAMS,
4871 &h->number_of_open_streams);
4872
4873 for (offset = 8, stream_id = starting_stream_id;
4874 offset + 8 <= min_t(u32, alloc_len, sizeof(arr)) &&
4875 stream_id < MAXIMUM_NUMBER_OF_STREAMS;
4876 offset += 8, stream_id++) {
4877 struct scsi_stream_status *stream_status = (void *)arr + offset;
4878
4879 stream_status->perm = stream_id < PERMANENT_STREAM_COUNT;
4880 put_unaligned_be16(stream_id,
4881 &stream_status->stream_identifier);
4882 stream_status->rel_lifetime = stream_id + 1;
4883 }
4884 put_unaligned_be32(offset - 8, &h->len); /* PARAMETER DATA LENGTH */
4885
4886 return fill_from_dev_buffer(scp, arr, min(offset, alloc_len));
4887}
4888
4889static int resp_sync_cache(struct scsi_cmnd *scp,
4890 struct sdebug_dev_info *devip)
4891{
4892 int res = 0;
4893 u64 lba;
4894 u32 num_blocks;
4895 u8 *cmd = scp->cmnd;
4896
4897 if (cmd[0] == SYNCHRONIZE_CACHE) { /* 10 byte cdb */
4898 lba = get_unaligned_be32(cmd + 2);
4899 num_blocks = get_unaligned_be16(cmd + 7);
4900 } else { /* SYNCHRONIZE_CACHE(16) */
4901 lba = get_unaligned_be64(cmd + 2);
4902 num_blocks = get_unaligned_be32(cmd + 10);
4903 }
4904 if (lba + num_blocks > sdebug_capacity) {
4905 mk_sense_buffer(scp, ILLEGAL_REQUEST, LBA_OUT_OF_RANGE, 0);
4906 return check_condition_result;
4907 }
4908 if (!write_since_sync || (cmd[1] & 0x2))
4909 res = SDEG_RES_IMMED_MASK;
4910 else /* delay if write_since_sync and IMMED clear */
4911 write_since_sync = false;
4912 return res;
4913}
4914
4915/*
4916 * Assuming the LBA+num_blocks is not out-of-range, this function will return
4917 * CONDITION MET if the specified blocks will/have fitted in the cache, and
4918 * a GOOD status otherwise. Model a disk with a big cache and yield
4919 * CONDITION MET. Actually tries to bring range in main memory into the
4920 * cache associated with the CPU(s).
4921 */
4922static int resp_pre_fetch(struct scsi_cmnd *scp,
4923 struct sdebug_dev_info *devip)
4924{
4925 int res = 0;
4926 u64 lba;
4927 u64 block, rest = 0;
4928 u32 nblks;
4929 u8 *cmd = scp->cmnd;
4930 struct sdeb_store_info *sip = devip2sip(devip, true);
4931 u8 *fsp = sip->storep;
4932
4933 if (cmd[0] == PRE_FETCH) { /* 10 byte cdb */
4934 lba = get_unaligned_be32(cmd + 2);
4935 nblks = get_unaligned_be16(cmd + 7);
4936 } else { /* PRE-FETCH(16) */
4937 lba = get_unaligned_be64(cmd + 2);
4938 nblks = get_unaligned_be32(cmd + 10);
4939 }
4940 if (lba + nblks > sdebug_capacity) {
4941 mk_sense_buffer(scp, ILLEGAL_REQUEST, LBA_OUT_OF_RANGE, 0);
4942 return check_condition_result;
4943 }
4944 if (!fsp)
4945 goto fini;
4946 /* PRE-FETCH spec says nothing about LBP or PI so skip them */
4947 block = do_div(lba, sdebug_store_sectors);
4948 if (block + nblks > sdebug_store_sectors)
4949 rest = block + nblks - sdebug_store_sectors;
4950
4951 /* Try to bring the PRE-FETCH range into CPU's cache */
4952 sdeb_data_read_lock(sip);
4953 prefetch_range(fsp + (sdebug_sector_size * block),
4954 (nblks - rest) * sdebug_sector_size);
4955 if (rest)
4956 prefetch_range(fsp, rest * sdebug_sector_size);
4957
4958 sdeb_data_read_unlock(sip);
4959fini:
4960 if (cmd[1] & 0x2)
4961 res = SDEG_RES_IMMED_MASK;
4962 return res | condition_met_result;
4963}
4964
4965#define RL_BUCKET_ELEMS 8
4966
4967/* Even though each pseudo target has a REPORT LUNS "well known logical unit"
4968 * (W-LUN), the normal Linux scanning logic does not associate it with a
4969 * device (e.g. /dev/sg7). The following magic will make that association:
4970 * "cd /sys/class/scsi_host/host<n> ; echo '- - 49409' > scan"
4971 * where <n> is a host number. If there are multiple targets in a host then
4972 * the above will associate a W-LUN to each target. To only get a W-LUN
4973 * for target 2, then use "echo '- 2 49409' > scan" .
4974 */
4975static int resp_report_luns(struct scsi_cmnd *scp,
4976 struct sdebug_dev_info *devip)
4977{
4978 unsigned char *cmd = scp->cmnd;
4979 unsigned int alloc_len;
4980 unsigned char select_report;
4981 u64 lun;
4982 struct scsi_lun *lun_p;
4983 u8 arr[RL_BUCKET_ELEMS * sizeof(struct scsi_lun)];
4984 unsigned int lun_cnt; /* normal LUN count (max: 256) */
4985 unsigned int wlun_cnt; /* report luns W-LUN count */
4986 unsigned int tlun_cnt; /* total LUN count */
4987 unsigned int rlen; /* response length (in bytes) */
4988 int k, j, n, res;
4989 unsigned int off_rsp = 0;
4990 const int sz_lun = sizeof(struct scsi_lun);
4991
4992 clear_luns_changed_on_target(devip);
4993
4994 select_report = cmd[2];
4995 alloc_len = get_unaligned_be32(cmd + 6);
4996
4997 if (alloc_len < 4) {
4998 pr_err("alloc len too small %d\n", alloc_len);
4999 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 6, -1);
5000 return check_condition_result;
5001 }
5002
5003 switch (select_report) {
5004 case 0: /* all LUNs apart from W-LUNs */
5005 lun_cnt = sdebug_max_luns;
5006 wlun_cnt = 0;
5007 break;
5008 case 1: /* only W-LUNs */
5009 lun_cnt = 0;
5010 wlun_cnt = 1;
5011 break;
5012 case 2: /* all LUNs */
5013 lun_cnt = sdebug_max_luns;
5014 wlun_cnt = 1;
5015 break;
5016 case 0x10: /* only administrative LUs */
5017 case 0x11: /* see SPC-5 */
5018 case 0x12: /* only subsiduary LUs owned by referenced LU */
5019 default:
5020 pr_debug("select report invalid %d\n", select_report);
5021 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 2, -1);
5022 return check_condition_result;
5023 }
5024
5025 if (sdebug_no_lun_0 && (lun_cnt > 0))
5026 --lun_cnt;
5027
5028 tlun_cnt = lun_cnt + wlun_cnt;
5029 rlen = tlun_cnt * sz_lun; /* excluding 8 byte header */
5030 scsi_set_resid(scp, scsi_bufflen(scp));
5031 pr_debug("select_report %d luns = %d wluns = %d no_lun0 %d\n",
5032 select_report, lun_cnt, wlun_cnt, sdebug_no_lun_0);
5033
5034 /* loops rely on sizeof response header same as sizeof lun (both 8) */
5035 lun = sdebug_no_lun_0 ? 1 : 0;
5036 for (k = 0, j = 0, res = 0; true; ++k, j = 0) {
5037 memset(arr, 0, sizeof(arr));
5038 lun_p = (struct scsi_lun *)&arr[0];
5039 if (k == 0) {
5040 put_unaligned_be32(rlen, &arr[0]);
5041 ++lun_p;
5042 j = 1;
5043 }
5044 for ( ; j < RL_BUCKET_ELEMS; ++j, ++lun_p) {
5045 if ((k * RL_BUCKET_ELEMS) + j > lun_cnt)
5046 break;
5047 int_to_scsilun(lun++, lun_p);
5048 if (lun > 1 && sdebug_lun_am == SAM_LUN_AM_FLAT)
5049 lun_p->scsi_lun[0] |= 0x40;
5050 }
5051 if (j < RL_BUCKET_ELEMS)
5052 break;
5053 n = j * sz_lun;
5054 res = p_fill_from_dev_buffer(scp, arr, n, off_rsp);
5055 if (res)
5056 return res;
5057 off_rsp += n;
5058 }
5059 if (wlun_cnt) {
5060 int_to_scsilun(SCSI_W_LUN_REPORT_LUNS, lun_p);
5061 ++j;
5062 }
5063 if (j > 0)
5064 res = p_fill_from_dev_buffer(scp, arr, j * sz_lun, off_rsp);
5065 return res;
5066}
5067
5068static int resp_verify(struct scsi_cmnd *scp, struct sdebug_dev_info *devip)
5069{
5070 bool is_bytchk3 = false;
5071 u8 bytchk;
5072 int ret, j;
5073 u32 vnum, a_num, off;
5074 const u32 lb_size = sdebug_sector_size;
5075 u64 lba;
5076 u8 *arr;
5077 u8 *cmd = scp->cmnd;
5078 struct sdeb_store_info *sip = devip2sip(devip, true);
5079
5080 bytchk = (cmd[1] >> 1) & 0x3;
5081 if (bytchk == 0) {
5082 return 0; /* always claim internal verify okay */
5083 } else if (bytchk == 2) {
5084 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 2, 2);
5085 return check_condition_result;
5086 } else if (bytchk == 3) {
5087 is_bytchk3 = true; /* 1 block sent, compared repeatedly */
5088 }
5089 switch (cmd[0]) {
5090 case VERIFY_16:
5091 lba = get_unaligned_be64(cmd + 2);
5092 vnum = get_unaligned_be32(cmd + 10);
5093 break;
5094 case VERIFY: /* is VERIFY(10) */
5095 lba = get_unaligned_be32(cmd + 2);
5096 vnum = get_unaligned_be16(cmd + 7);
5097 break;
5098 default:
5099 mk_sense_invalid_opcode(scp);
5100 return check_condition_result;
5101 }
5102 if (vnum == 0)
5103 return 0; /* not an error */
5104 a_num = is_bytchk3 ? 1 : vnum;
5105 /* Treat following check like one for read (i.e. no write) access */
5106 ret = check_device_access_params(scp, lba, a_num, false);
5107 if (ret)
5108 return ret;
5109
5110 arr = kcalloc(lb_size, vnum, GFP_ATOMIC | __GFP_NOWARN);
5111 if (!arr) {
5112 mk_sense_buffer(scp, ILLEGAL_REQUEST, INSUFF_RES_ASC,
5113 INSUFF_RES_ASCQ);
5114 return check_condition_result;
5115 }
5116 /* Not changing store, so only need read access */
5117 sdeb_data_read_lock(sip);
5118
5119 ret = do_dout_fetch(scp, a_num, arr);
5120 if (ret == -1) {
5121 ret = DID_ERROR << 16;
5122 goto cleanup;
5123 } else if (sdebug_verbose && (ret < (a_num * lb_size))) {
5124 sdev_printk(KERN_INFO, scp->device,
5125 "%s: %s: cdb indicated=%u, IO sent=%d bytes\n",
5126 my_name, __func__, a_num * lb_size, ret);
5127 }
5128 if (is_bytchk3) {
5129 for (j = 1, off = lb_size; j < vnum; ++j, off += lb_size)
5130 memcpy(arr + off, arr, lb_size);
5131 }
5132 ret = 0;
5133 if (!comp_write_worker(sip, lba, vnum, arr, true)) {
5134 mk_sense_buffer(scp, MISCOMPARE, MISCOMPARE_VERIFY_ASC, 0);
5135 ret = check_condition_result;
5136 goto cleanup;
5137 }
5138cleanup:
5139 sdeb_data_read_unlock(sip);
5140 kfree(arr);
5141 return ret;
5142}
5143
5144#define RZONES_DESC_HD 64
5145
5146/* Report zones depending on start LBA and reporting options */
5147static int resp_report_zones(struct scsi_cmnd *scp,
5148 struct sdebug_dev_info *devip)
5149{
5150 unsigned int rep_max_zones, nrz = 0;
5151 int ret = 0;
5152 u32 alloc_len, rep_opts, rep_len;
5153 bool partial;
5154 u64 lba, zs_lba;
5155 u8 *arr = NULL, *desc;
5156 u8 *cmd = scp->cmnd;
5157 struct sdeb_zone_state *zsp = NULL;
5158 struct sdeb_store_info *sip = devip2sip(devip, false);
5159
5160 if (!sdebug_dev_is_zoned(devip)) {
5161 mk_sense_invalid_opcode(scp);
5162 return check_condition_result;
5163 }
5164 zs_lba = get_unaligned_be64(cmd + 2);
5165 alloc_len = get_unaligned_be32(cmd + 10);
5166 if (alloc_len == 0)
5167 return 0; /* not an error */
5168 rep_opts = cmd[14] & 0x3f;
5169 partial = cmd[14] & 0x80;
5170
5171 if (zs_lba >= sdebug_capacity) {
5172 mk_sense_buffer(scp, ILLEGAL_REQUEST, LBA_OUT_OF_RANGE, 0);
5173 return check_condition_result;
5174 }
5175
5176 rep_max_zones = (alloc_len - 64) >> ilog2(RZONES_DESC_HD);
5177
5178 arr = kzalloc(alloc_len, GFP_ATOMIC | __GFP_NOWARN);
5179 if (!arr) {
5180 mk_sense_buffer(scp, ILLEGAL_REQUEST, INSUFF_RES_ASC,
5181 INSUFF_RES_ASCQ);
5182 return check_condition_result;
5183 }
5184
5185 sdeb_meta_read_lock(sip);
5186
5187 desc = arr + 64;
5188 for (lba = zs_lba; lba < sdebug_capacity;
5189 lba = zsp->z_start + zsp->z_size) {
5190 if (WARN_ONCE(zbc_zone(devip, lba) == zsp, "lba = %llu\n", lba))
5191 break;
5192 zsp = zbc_zone(devip, lba);
5193 switch (rep_opts) {
5194 case 0x00:
5195 /* All zones */
5196 break;
5197 case 0x01:
5198 /* Empty zones */
5199 if (zsp->z_cond != ZC1_EMPTY)
5200 continue;
5201 break;
5202 case 0x02:
5203 /* Implicit open zones */
5204 if (zsp->z_cond != ZC2_IMPLICIT_OPEN)
5205 continue;
5206 break;
5207 case 0x03:
5208 /* Explicit open zones */
5209 if (zsp->z_cond != ZC3_EXPLICIT_OPEN)
5210 continue;
5211 break;
5212 case 0x04:
5213 /* Closed zones */
5214 if (zsp->z_cond != ZC4_CLOSED)
5215 continue;
5216 break;
5217 case 0x05:
5218 /* Full zones */
5219 if (zsp->z_cond != ZC5_FULL)
5220 continue;
5221 break;
5222 case 0x06:
5223 case 0x07:
5224 case 0x10:
5225 /*
5226 * Read-only, offline, reset WP recommended are
5227 * not emulated: no zones to report;
5228 */
5229 continue;
5230 case 0x11:
5231 /* non-seq-resource set */
5232 if (!zsp->z_non_seq_resource)
5233 continue;
5234 break;
5235 case 0x3e:
5236 /* All zones except gap zones. */
5237 if (zbc_zone_is_gap(zsp))
5238 continue;
5239 break;
5240 case 0x3f:
5241 /* Not write pointer (conventional) zones */
5242 if (zbc_zone_is_seq(zsp))
5243 continue;
5244 break;
5245 default:
5246 mk_sense_buffer(scp, ILLEGAL_REQUEST,
5247 INVALID_FIELD_IN_CDB, 0);
5248 ret = check_condition_result;
5249 goto fini;
5250 }
5251
5252 if (nrz < rep_max_zones) {
5253 /* Fill zone descriptor */
5254 desc[0] = zsp->z_type;
5255 desc[1] = zsp->z_cond << 4;
5256 if (zsp->z_non_seq_resource)
5257 desc[1] |= 1 << 1;
5258 put_unaligned_be64((u64)zsp->z_size, desc + 8);
5259 put_unaligned_be64((u64)zsp->z_start, desc + 16);
5260 put_unaligned_be64((u64)zsp->z_wp, desc + 24);
5261 desc += 64;
5262 }
5263
5264 if (partial && nrz >= rep_max_zones)
5265 break;
5266
5267 nrz++;
5268 }
5269
5270 /* Report header */
5271 /* Zone list length. */
5272 put_unaligned_be32(nrz * RZONES_DESC_HD, arr + 0);
5273 /* Maximum LBA */
5274 put_unaligned_be64(sdebug_capacity - 1, arr + 8);
5275 /* Zone starting LBA granularity. */
5276 if (devip->zcap < devip->zsize)
5277 put_unaligned_be64(devip->zsize, arr + 16);
5278
5279 rep_len = (unsigned long)desc - (unsigned long)arr;
5280 ret = fill_from_dev_buffer(scp, arr, min_t(u32, alloc_len, rep_len));
5281
5282fini:
5283 sdeb_meta_read_unlock(sip);
5284 kfree(arr);
5285 return ret;
5286}
5287
5288static int resp_atomic_write(struct scsi_cmnd *scp,
5289 struct sdebug_dev_info *devip)
5290{
5291 struct sdeb_store_info *sip;
5292 u8 *cmd = scp->cmnd;
5293 u16 boundary, len;
5294 u64 lba, lba_tmp;
5295 int ret;
5296
5297 if (!scsi_debug_atomic_write()) {
5298 mk_sense_invalid_opcode(scp);
5299 return check_condition_result;
5300 }
5301
5302 sip = devip2sip(devip, true);
5303
5304 lba = get_unaligned_be64(cmd + 2);
5305 boundary = get_unaligned_be16(cmd + 10);
5306 len = get_unaligned_be16(cmd + 12);
5307
5308 lba_tmp = lba;
5309 if (sdebug_atomic_wr_align &&
5310 do_div(lba_tmp, sdebug_atomic_wr_align)) {
5311 /* Does not meet alignment requirement */
5312 mk_sense_buffer(scp, ILLEGAL_REQUEST, INVALID_FIELD_IN_CDB, 0);
5313 return check_condition_result;
5314 }
5315
5316 if (sdebug_atomic_wr_gran && len % sdebug_atomic_wr_gran) {
5317 /* Does not meet alignment requirement */
5318 mk_sense_buffer(scp, ILLEGAL_REQUEST, INVALID_FIELD_IN_CDB, 0);
5319 return check_condition_result;
5320 }
5321
5322 if (boundary > 0) {
5323 if (boundary > sdebug_atomic_wr_max_bndry) {
5324 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 12, -1);
5325 return check_condition_result;
5326 }
5327
5328 if (len > sdebug_atomic_wr_max_length_bndry) {
5329 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 12, -1);
5330 return check_condition_result;
5331 }
5332 } else {
5333 if (len > sdebug_atomic_wr_max_length) {
5334 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 12, -1);
5335 return check_condition_result;
5336 }
5337 }
5338
5339 ret = do_device_access(sip, scp, 0, lba, len, 0, true, true);
5340 if (unlikely(ret == -1))
5341 return DID_ERROR << 16;
5342 if (unlikely(ret != len * sdebug_sector_size))
5343 return DID_ERROR << 16;
5344 return 0;
5345}
5346
5347/* Logic transplanted from tcmu-runner, file_zbc.c */
5348static void zbc_open_all(struct sdebug_dev_info *devip)
5349{
5350 struct sdeb_zone_state *zsp = &devip->zstate[0];
5351 unsigned int i;
5352
5353 for (i = 0; i < devip->nr_zones; i++, zsp++) {
5354 if (zsp->z_cond == ZC4_CLOSED)
5355 zbc_open_zone(devip, &devip->zstate[i], true);
5356 }
5357}
5358
5359static int resp_open_zone(struct scsi_cmnd *scp, struct sdebug_dev_info *devip)
5360{
5361 int res = 0;
5362 u64 z_id;
5363 enum sdebug_z_cond zc;
5364 u8 *cmd = scp->cmnd;
5365 struct sdeb_zone_state *zsp;
5366 bool all = cmd[14] & 0x01;
5367 struct sdeb_store_info *sip = devip2sip(devip, false);
5368
5369 if (!sdebug_dev_is_zoned(devip)) {
5370 mk_sense_invalid_opcode(scp);
5371 return check_condition_result;
5372 }
5373 sdeb_meta_write_lock(sip);
5374
5375 if (all) {
5376 /* Check if all closed zones can be open */
5377 if (devip->max_open &&
5378 devip->nr_exp_open + devip->nr_closed > devip->max_open) {
5379 mk_sense_buffer(scp, DATA_PROTECT, INSUFF_RES_ASC,
5380 INSUFF_ZONE_ASCQ);
5381 res = check_condition_result;
5382 goto fini;
5383 }
5384 /* Open all closed zones */
5385 zbc_open_all(devip);
5386 goto fini;
5387 }
5388
5389 /* Open the specified zone */
5390 z_id = get_unaligned_be64(cmd + 2);
5391 if (z_id >= sdebug_capacity) {
5392 mk_sense_buffer(scp, ILLEGAL_REQUEST, LBA_OUT_OF_RANGE, 0);
5393 res = check_condition_result;
5394 goto fini;
5395 }
5396
5397 zsp = zbc_zone(devip, z_id);
5398 if (z_id != zsp->z_start) {
5399 mk_sense_buffer(scp, ILLEGAL_REQUEST, INVALID_FIELD_IN_CDB, 0);
5400 res = check_condition_result;
5401 goto fini;
5402 }
5403 if (zbc_zone_is_conv(zsp)) {
5404 mk_sense_buffer(scp, ILLEGAL_REQUEST, INVALID_FIELD_IN_CDB, 0);
5405 res = check_condition_result;
5406 goto fini;
5407 }
5408
5409 zc = zsp->z_cond;
5410 if (zc == ZC3_EXPLICIT_OPEN || zc == ZC5_FULL)
5411 goto fini;
5412
5413 if (devip->max_open && devip->nr_exp_open >= devip->max_open) {
5414 mk_sense_buffer(scp, DATA_PROTECT, INSUFF_RES_ASC,
5415 INSUFF_ZONE_ASCQ);
5416 res = check_condition_result;
5417 goto fini;
5418 }
5419
5420 zbc_open_zone(devip, zsp, true);
5421fini:
5422 sdeb_meta_write_unlock(sip);
5423 return res;
5424}
5425
5426static void zbc_close_all(struct sdebug_dev_info *devip)
5427{
5428 unsigned int i;
5429
5430 for (i = 0; i < devip->nr_zones; i++)
5431 zbc_close_zone(devip, &devip->zstate[i]);
5432}
5433
5434static int resp_close_zone(struct scsi_cmnd *scp,
5435 struct sdebug_dev_info *devip)
5436{
5437 int res = 0;
5438 u64 z_id;
5439 u8 *cmd = scp->cmnd;
5440 struct sdeb_zone_state *zsp;
5441 bool all = cmd[14] & 0x01;
5442 struct sdeb_store_info *sip = devip2sip(devip, false);
5443
5444 if (!sdebug_dev_is_zoned(devip)) {
5445 mk_sense_invalid_opcode(scp);
5446 return check_condition_result;
5447 }
5448
5449 sdeb_meta_write_lock(sip);
5450
5451 if (all) {
5452 zbc_close_all(devip);
5453 goto fini;
5454 }
5455
5456 /* Close specified zone */
5457 z_id = get_unaligned_be64(cmd + 2);
5458 if (z_id >= sdebug_capacity) {
5459 mk_sense_buffer(scp, ILLEGAL_REQUEST, LBA_OUT_OF_RANGE, 0);
5460 res = check_condition_result;
5461 goto fini;
5462 }
5463
5464 zsp = zbc_zone(devip, z_id);
5465 if (z_id != zsp->z_start) {
5466 mk_sense_buffer(scp, ILLEGAL_REQUEST, INVALID_FIELD_IN_CDB, 0);
5467 res = check_condition_result;
5468 goto fini;
5469 }
5470 if (zbc_zone_is_conv(zsp)) {
5471 mk_sense_buffer(scp, ILLEGAL_REQUEST, INVALID_FIELD_IN_CDB, 0);
5472 res = check_condition_result;
5473 goto fini;
5474 }
5475
5476 zbc_close_zone(devip, zsp);
5477fini:
5478 sdeb_meta_write_unlock(sip);
5479 return res;
5480}
5481
5482static void zbc_finish_zone(struct sdebug_dev_info *devip,
5483 struct sdeb_zone_state *zsp, bool empty)
5484{
5485 enum sdebug_z_cond zc = zsp->z_cond;
5486
5487 if (zc == ZC4_CLOSED || zc == ZC2_IMPLICIT_OPEN ||
5488 zc == ZC3_EXPLICIT_OPEN || (empty && zc == ZC1_EMPTY)) {
5489 if (zc == ZC2_IMPLICIT_OPEN || zc == ZC3_EXPLICIT_OPEN)
5490 zbc_close_zone(devip, zsp);
5491 if (zsp->z_cond == ZC4_CLOSED)
5492 devip->nr_closed--;
5493 zsp->z_wp = zsp->z_start + zsp->z_size;
5494 zsp->z_cond = ZC5_FULL;
5495 }
5496}
5497
5498static void zbc_finish_all(struct sdebug_dev_info *devip)
5499{
5500 unsigned int i;
5501
5502 for (i = 0; i < devip->nr_zones; i++)
5503 zbc_finish_zone(devip, &devip->zstate[i], false);
5504}
5505
5506static int resp_finish_zone(struct scsi_cmnd *scp,
5507 struct sdebug_dev_info *devip)
5508{
5509 struct sdeb_zone_state *zsp;
5510 int res = 0;
5511 u64 z_id;
5512 u8 *cmd = scp->cmnd;
5513 bool all = cmd[14] & 0x01;
5514 struct sdeb_store_info *sip = devip2sip(devip, false);
5515
5516 if (!sdebug_dev_is_zoned(devip)) {
5517 mk_sense_invalid_opcode(scp);
5518 return check_condition_result;
5519 }
5520
5521 sdeb_meta_write_lock(sip);
5522
5523 if (all) {
5524 zbc_finish_all(devip);
5525 goto fini;
5526 }
5527
5528 /* Finish the specified zone */
5529 z_id = get_unaligned_be64(cmd + 2);
5530 if (z_id >= sdebug_capacity) {
5531 mk_sense_buffer(scp, ILLEGAL_REQUEST, LBA_OUT_OF_RANGE, 0);
5532 res = check_condition_result;
5533 goto fini;
5534 }
5535
5536 zsp = zbc_zone(devip, z_id);
5537 if (z_id != zsp->z_start) {
5538 mk_sense_buffer(scp, ILLEGAL_REQUEST, INVALID_FIELD_IN_CDB, 0);
5539 res = check_condition_result;
5540 goto fini;
5541 }
5542 if (zbc_zone_is_conv(zsp)) {
5543 mk_sense_buffer(scp, ILLEGAL_REQUEST, INVALID_FIELD_IN_CDB, 0);
5544 res = check_condition_result;
5545 goto fini;
5546 }
5547
5548 zbc_finish_zone(devip, zsp, true);
5549fini:
5550 sdeb_meta_write_unlock(sip);
5551 return res;
5552}
5553
5554static void zbc_rwp_zone(struct sdebug_dev_info *devip,
5555 struct sdeb_zone_state *zsp)
5556{
5557 enum sdebug_z_cond zc;
5558 struct sdeb_store_info *sip = devip2sip(devip, false);
5559
5560 if (!zbc_zone_is_seq(zsp))
5561 return;
5562
5563 zc = zsp->z_cond;
5564 if (zc == ZC2_IMPLICIT_OPEN || zc == ZC3_EXPLICIT_OPEN)
5565 zbc_close_zone(devip, zsp);
5566
5567 if (zsp->z_cond == ZC4_CLOSED)
5568 devip->nr_closed--;
5569
5570 if (zsp->z_wp > zsp->z_start)
5571 memset(sip->storep + zsp->z_start * sdebug_sector_size, 0,
5572 (zsp->z_wp - zsp->z_start) * sdebug_sector_size);
5573
5574 zsp->z_non_seq_resource = false;
5575 zsp->z_wp = zsp->z_start;
5576 zsp->z_cond = ZC1_EMPTY;
5577}
5578
5579static void zbc_rwp_all(struct sdebug_dev_info *devip)
5580{
5581 unsigned int i;
5582
5583 for (i = 0; i < devip->nr_zones; i++)
5584 zbc_rwp_zone(devip, &devip->zstate[i]);
5585}
5586
5587static int resp_rwp_zone(struct scsi_cmnd *scp, struct sdebug_dev_info *devip)
5588{
5589 struct sdeb_zone_state *zsp;
5590 int res = 0;
5591 u64 z_id;
5592 u8 *cmd = scp->cmnd;
5593 bool all = cmd[14] & 0x01;
5594 struct sdeb_store_info *sip = devip2sip(devip, false);
5595
5596 if (!sdebug_dev_is_zoned(devip)) {
5597 mk_sense_invalid_opcode(scp);
5598 return check_condition_result;
5599 }
5600
5601 sdeb_meta_write_lock(sip);
5602
5603 if (all) {
5604 zbc_rwp_all(devip);
5605 goto fini;
5606 }
5607
5608 z_id = get_unaligned_be64(cmd + 2);
5609 if (z_id >= sdebug_capacity) {
5610 mk_sense_buffer(scp, ILLEGAL_REQUEST, LBA_OUT_OF_RANGE, 0);
5611 res = check_condition_result;
5612 goto fini;
5613 }
5614
5615 zsp = zbc_zone(devip, z_id);
5616 if (z_id != zsp->z_start) {
5617 mk_sense_buffer(scp, ILLEGAL_REQUEST, INVALID_FIELD_IN_CDB, 0);
5618 res = check_condition_result;
5619 goto fini;
5620 }
5621 if (zbc_zone_is_conv(zsp)) {
5622 mk_sense_buffer(scp, ILLEGAL_REQUEST, INVALID_FIELD_IN_CDB, 0);
5623 res = check_condition_result;
5624 goto fini;
5625 }
5626
5627 zbc_rwp_zone(devip, zsp);
5628fini:
5629 sdeb_meta_write_unlock(sip);
5630 return res;
5631}
5632
5633static u32 get_tag(struct scsi_cmnd *cmnd)
5634{
5635 return blk_mq_unique_tag(scsi_cmd_to_rq(cmnd));
5636}
5637
5638/* Queued (deferred) command completions converge here. */
5639static void sdebug_q_cmd_complete(struct sdebug_defer *sd_dp)
5640{
5641 struct sdebug_queued_cmd *sqcp = container_of(sd_dp, struct sdebug_queued_cmd, sd_dp);
5642 unsigned long flags;
5643 struct scsi_cmnd *scp = sqcp->scmd;
5644 struct sdebug_scsi_cmd *sdsc;
5645 bool aborted;
5646
5647 if (sdebug_statistics) {
5648 atomic_inc(&sdebug_completions);
5649 if (raw_smp_processor_id() != sd_dp->issuing_cpu)
5650 atomic_inc(&sdebug_miss_cpus);
5651 }
5652
5653 if (!scp) {
5654 pr_err("scmd=NULL\n");
5655 goto out;
5656 }
5657
5658 sdsc = scsi_cmd_priv(scp);
5659 spin_lock_irqsave(&sdsc->lock, flags);
5660 aborted = sd_dp->aborted;
5661 if (unlikely(aborted))
5662 sd_dp->aborted = false;
5663 ASSIGN_QUEUED_CMD(scp, NULL);
5664
5665 spin_unlock_irqrestore(&sdsc->lock, flags);
5666
5667 if (aborted) {
5668 pr_info("bypassing scsi_done() due to aborted cmd, kicking-off EH\n");
5669 blk_abort_request(scsi_cmd_to_rq(scp));
5670 goto out;
5671 }
5672
5673 scsi_done(scp); /* callback to mid level */
5674out:
5675 sdebug_free_queued_cmd(sqcp);
5676}
5677
5678/* When high resolution timer goes off this function is called. */
5679static enum hrtimer_restart sdebug_q_cmd_hrt_complete(struct hrtimer *timer)
5680{
5681 struct sdebug_defer *sd_dp = container_of(timer, struct sdebug_defer,
5682 hrt);
5683 sdebug_q_cmd_complete(sd_dp);
5684 return HRTIMER_NORESTART;
5685}
5686
5687/* When work queue schedules work, it calls this function. */
5688static void sdebug_q_cmd_wq_complete(struct work_struct *work)
5689{
5690 struct sdebug_defer *sd_dp = container_of(work, struct sdebug_defer,
5691 ew.work);
5692 sdebug_q_cmd_complete(sd_dp);
5693}
5694
5695static bool got_shared_uuid;
5696static uuid_t shared_uuid;
5697
5698static int sdebug_device_create_zones(struct sdebug_dev_info *devip)
5699{
5700 struct sdeb_zone_state *zsp;
5701 sector_t capacity = get_sdebug_capacity();
5702 sector_t conv_capacity;
5703 sector_t zstart = 0;
5704 unsigned int i;
5705
5706 /*
5707 * Set the zone size: if sdeb_zbc_zone_size_mb is not set, figure out
5708 * a zone size allowing for at least 4 zones on the device. Otherwise,
5709 * use the specified zone size checking that at least 2 zones can be
5710 * created for the device.
5711 */
5712 if (!sdeb_zbc_zone_size_mb) {
5713 devip->zsize = (DEF_ZBC_ZONE_SIZE_MB * SZ_1M)
5714 >> ilog2(sdebug_sector_size);
5715 while (capacity < devip->zsize << 2 && devip->zsize >= 2)
5716 devip->zsize >>= 1;
5717 if (devip->zsize < 2) {
5718 pr_err("Device capacity too small\n");
5719 return -EINVAL;
5720 }
5721 } else {
5722 if (!is_power_of_2(sdeb_zbc_zone_size_mb)) {
5723 pr_err("Zone size is not a power of 2\n");
5724 return -EINVAL;
5725 }
5726 devip->zsize = (sdeb_zbc_zone_size_mb * SZ_1M)
5727 >> ilog2(sdebug_sector_size);
5728 if (devip->zsize >= capacity) {
5729 pr_err("Zone size too large for device capacity\n");
5730 return -EINVAL;
5731 }
5732 }
5733
5734 devip->zsize_shift = ilog2(devip->zsize);
5735 devip->nr_zones = (capacity + devip->zsize - 1) >> devip->zsize_shift;
5736
5737 if (sdeb_zbc_zone_cap_mb == 0) {
5738 devip->zcap = devip->zsize;
5739 } else {
5740 devip->zcap = (sdeb_zbc_zone_cap_mb * SZ_1M) >>
5741 ilog2(sdebug_sector_size);
5742 if (devip->zcap > devip->zsize) {
5743 pr_err("Zone capacity too large\n");
5744 return -EINVAL;
5745 }
5746 }
5747
5748 conv_capacity = (sector_t)sdeb_zbc_nr_conv << devip->zsize_shift;
5749 if (conv_capacity >= capacity) {
5750 pr_err("Number of conventional zones too large\n");
5751 return -EINVAL;
5752 }
5753 devip->nr_conv_zones = sdeb_zbc_nr_conv;
5754 devip->nr_seq_zones = ALIGN(capacity - conv_capacity, devip->zsize) >>
5755 devip->zsize_shift;
5756 devip->nr_zones = devip->nr_conv_zones + devip->nr_seq_zones;
5757
5758 /* Add gap zones if zone capacity is smaller than the zone size */
5759 if (devip->zcap < devip->zsize)
5760 devip->nr_zones += devip->nr_seq_zones;
5761
5762 if (devip->zoned) {
5763 /* zbc_max_open_zones can be 0, meaning "not reported" */
5764 if (sdeb_zbc_max_open >= devip->nr_zones - 1)
5765 devip->max_open = (devip->nr_zones - 1) / 2;
5766 else
5767 devip->max_open = sdeb_zbc_max_open;
5768 }
5769
5770 devip->zstate = kcalloc(devip->nr_zones,
5771 sizeof(struct sdeb_zone_state), GFP_KERNEL);
5772 if (!devip->zstate)
5773 return -ENOMEM;
5774
5775 for (i = 0; i < devip->nr_zones; i++) {
5776 zsp = &devip->zstate[i];
5777
5778 zsp->z_start = zstart;
5779
5780 if (i < devip->nr_conv_zones) {
5781 zsp->z_type = ZBC_ZTYPE_CNV;
5782 zsp->z_cond = ZBC_NOT_WRITE_POINTER;
5783 zsp->z_wp = (sector_t)-1;
5784 zsp->z_size =
5785 min_t(u64, devip->zsize, capacity - zstart);
5786 } else if ((zstart & (devip->zsize - 1)) == 0) {
5787 if (devip->zoned)
5788 zsp->z_type = ZBC_ZTYPE_SWR;
5789 else
5790 zsp->z_type = ZBC_ZTYPE_SWP;
5791 zsp->z_cond = ZC1_EMPTY;
5792 zsp->z_wp = zsp->z_start;
5793 zsp->z_size =
5794 min_t(u64, devip->zcap, capacity - zstart);
5795 } else {
5796 zsp->z_type = ZBC_ZTYPE_GAP;
5797 zsp->z_cond = ZBC_NOT_WRITE_POINTER;
5798 zsp->z_wp = (sector_t)-1;
5799 zsp->z_size = min_t(u64, devip->zsize - devip->zcap,
5800 capacity - zstart);
5801 }
5802
5803 WARN_ON_ONCE((int)zsp->z_size <= 0);
5804 zstart += zsp->z_size;
5805 }
5806
5807 return 0;
5808}
5809
5810static struct sdebug_dev_info *sdebug_device_create(
5811 struct sdebug_host_info *sdbg_host, gfp_t flags)
5812{
5813 struct sdebug_dev_info *devip;
5814
5815 devip = kzalloc(sizeof(*devip), flags);
5816 if (devip) {
5817 if (sdebug_uuid_ctl == 1)
5818 uuid_gen(&devip->lu_name);
5819 else if (sdebug_uuid_ctl == 2) {
5820 if (got_shared_uuid)
5821 devip->lu_name = shared_uuid;
5822 else {
5823 uuid_gen(&shared_uuid);
5824 got_shared_uuid = true;
5825 devip->lu_name = shared_uuid;
5826 }
5827 }
5828 devip->sdbg_host = sdbg_host;
5829 if (sdeb_zbc_in_use) {
5830 devip->zoned = sdeb_zbc_model == BLK_ZONED_HM;
5831 if (sdebug_device_create_zones(devip)) {
5832 kfree(devip);
5833 return NULL;
5834 }
5835 } else {
5836 devip->zoned = false;
5837 }
5838 devip->create_ts = ktime_get_boottime();
5839 atomic_set(&devip->stopped, (sdeb_tur_ms_to_ready > 0 ? 2 : 0));
5840 spin_lock_init(&devip->list_lock);
5841 INIT_LIST_HEAD(&devip->inject_err_list);
5842 list_add_tail(&devip->dev_list, &sdbg_host->dev_info_list);
5843 }
5844 return devip;
5845}
5846
5847static struct sdebug_dev_info *find_build_dev_info(struct scsi_device *sdev)
5848{
5849 struct sdebug_host_info *sdbg_host;
5850 struct sdebug_dev_info *open_devip = NULL;
5851 struct sdebug_dev_info *devip;
5852
5853 sdbg_host = shost_to_sdebug_host(sdev->host);
5854
5855 list_for_each_entry(devip, &sdbg_host->dev_info_list, dev_list) {
5856 if ((devip->used) && (devip->channel == sdev->channel) &&
5857 (devip->target == sdev->id) &&
5858 (devip->lun == sdev->lun))
5859 return devip;
5860 else {
5861 if ((!devip->used) && (!open_devip))
5862 open_devip = devip;
5863 }
5864 }
5865 if (!open_devip) { /* try and make a new one */
5866 open_devip = sdebug_device_create(sdbg_host, GFP_ATOMIC);
5867 if (!open_devip) {
5868 pr_err("out of memory at line %d\n", __LINE__);
5869 return NULL;
5870 }
5871 }
5872
5873 open_devip->channel = sdev->channel;
5874 open_devip->target = sdev->id;
5875 open_devip->lun = sdev->lun;
5876 open_devip->sdbg_host = sdbg_host;
5877 set_bit(SDEBUG_UA_POOCCUR, open_devip->uas_bm);
5878 open_devip->used = true;
5879 return open_devip;
5880}
5881
5882static int scsi_debug_slave_alloc(struct scsi_device *sdp)
5883{
5884 if (sdebug_verbose)
5885 pr_info("slave_alloc <%u %u %u %llu>\n",
5886 sdp->host->host_no, sdp->channel, sdp->id, sdp->lun);
5887
5888 return 0;
5889}
5890
5891static int scsi_debug_slave_configure(struct scsi_device *sdp)
5892{
5893 struct sdebug_dev_info *devip =
5894 (struct sdebug_dev_info *)sdp->hostdata;
5895 struct dentry *dentry;
5896
5897 if (sdebug_verbose)
5898 pr_info("slave_configure <%u %u %u %llu>\n",
5899 sdp->host->host_no, sdp->channel, sdp->id, sdp->lun);
5900 if (sdp->host->max_cmd_len != SDEBUG_MAX_CMD_LEN)
5901 sdp->host->max_cmd_len = SDEBUG_MAX_CMD_LEN;
5902 if (devip == NULL) {
5903 devip = find_build_dev_info(sdp);
5904 if (devip == NULL)
5905 return 1; /* no resources, will be marked offline */
5906 }
5907 sdp->hostdata = devip;
5908 if (sdebug_no_uld)
5909 sdp->no_uld_attach = 1;
5910 config_cdb_len(sdp);
5911
5912 if (sdebug_allow_restart)
5913 sdp->allow_restart = 1;
5914
5915 devip->debugfs_entry = debugfs_create_dir(dev_name(&sdp->sdev_dev),
5916 sdebug_debugfs_root);
5917 if (IS_ERR_OR_NULL(devip->debugfs_entry))
5918 pr_info("%s: failed to create debugfs directory for device %s\n",
5919 __func__, dev_name(&sdp->sdev_gendev));
5920
5921 dentry = debugfs_create_file("error", 0600, devip->debugfs_entry, sdp,
5922 &sdebug_error_fops);
5923 if (IS_ERR_OR_NULL(dentry))
5924 pr_info("%s: failed to create error file for device %s\n",
5925 __func__, dev_name(&sdp->sdev_gendev));
5926
5927 return 0;
5928}
5929
5930static void scsi_debug_slave_destroy(struct scsi_device *sdp)
5931{
5932 struct sdebug_dev_info *devip =
5933 (struct sdebug_dev_info *)sdp->hostdata;
5934 struct sdebug_err_inject *err;
5935
5936 if (sdebug_verbose)
5937 pr_info("slave_destroy <%u %u %u %llu>\n",
5938 sdp->host->host_no, sdp->channel, sdp->id, sdp->lun);
5939
5940 if (!devip)
5941 return;
5942
5943 spin_lock(&devip->list_lock);
5944 list_for_each_entry_rcu(err, &devip->inject_err_list, list) {
5945 list_del_rcu(&err->list);
5946 call_rcu(&err->rcu, sdebug_err_free);
5947 }
5948 spin_unlock(&devip->list_lock);
5949
5950 debugfs_remove(devip->debugfs_entry);
5951
5952 /* make this slot available for re-use */
5953 devip->used = false;
5954 sdp->hostdata = NULL;
5955}
5956
5957/* Returns true if we require the queued memory to be freed by the caller. */
5958static bool stop_qc_helper(struct sdebug_defer *sd_dp,
5959 enum sdeb_defer_type defer_t)
5960{
5961 if (defer_t == SDEB_DEFER_HRT) {
5962 int res = hrtimer_try_to_cancel(&sd_dp->hrt);
5963
5964 switch (res) {
5965 case 0: /* Not active, it must have already run */
5966 case -1: /* -1 It's executing the CB */
5967 return false;
5968 case 1: /* Was active, we've now cancelled */
5969 default:
5970 return true;
5971 }
5972 } else if (defer_t == SDEB_DEFER_WQ) {
5973 /* Cancel if pending */
5974 if (cancel_work_sync(&sd_dp->ew.work))
5975 return true;
5976 /* Was not pending, so it must have run */
5977 return false;
5978 } else if (defer_t == SDEB_DEFER_POLL) {
5979 return true;
5980 }
5981
5982 return false;
5983}
5984
5985
5986static bool scsi_debug_stop_cmnd(struct scsi_cmnd *cmnd)
5987{
5988 enum sdeb_defer_type l_defer_t;
5989 struct sdebug_defer *sd_dp;
5990 struct sdebug_scsi_cmd *sdsc = scsi_cmd_priv(cmnd);
5991 struct sdebug_queued_cmd *sqcp = TO_QUEUED_CMD(cmnd);
5992
5993 lockdep_assert_held(&sdsc->lock);
5994
5995 if (!sqcp)
5996 return false;
5997 sd_dp = &sqcp->sd_dp;
5998 l_defer_t = READ_ONCE(sd_dp->defer_t);
5999 ASSIGN_QUEUED_CMD(cmnd, NULL);
6000
6001 if (stop_qc_helper(sd_dp, l_defer_t))
6002 sdebug_free_queued_cmd(sqcp);
6003
6004 return true;
6005}
6006
6007/*
6008 * Called from scsi_debug_abort() only, which is for timed-out cmd.
6009 */
6010static bool scsi_debug_abort_cmnd(struct scsi_cmnd *cmnd)
6011{
6012 struct sdebug_scsi_cmd *sdsc = scsi_cmd_priv(cmnd);
6013 unsigned long flags;
6014 bool res;
6015
6016 spin_lock_irqsave(&sdsc->lock, flags);
6017 res = scsi_debug_stop_cmnd(cmnd);
6018 spin_unlock_irqrestore(&sdsc->lock, flags);
6019
6020 return res;
6021}
6022
6023/*
6024 * All we can do is set the cmnd as internally aborted and wait for it to
6025 * finish. We cannot call scsi_done() as normal completion path may do that.
6026 */
6027static bool sdebug_stop_cmnd(struct request *rq, void *data)
6028{
6029 scsi_debug_abort_cmnd(blk_mq_rq_to_pdu(rq));
6030
6031 return true;
6032}
6033
6034/* Deletes (stops) timers or work queues of all queued commands */
6035static void stop_all_queued(void)
6036{
6037 struct sdebug_host_info *sdhp;
6038
6039 mutex_lock(&sdebug_host_list_mutex);
6040 list_for_each_entry(sdhp, &sdebug_host_list, host_list) {
6041 struct Scsi_Host *shost = sdhp->shost;
6042
6043 blk_mq_tagset_busy_iter(&shost->tag_set, sdebug_stop_cmnd, NULL);
6044 }
6045 mutex_unlock(&sdebug_host_list_mutex);
6046}
6047
6048static int sdebug_fail_abort(struct scsi_cmnd *cmnd)
6049{
6050 struct scsi_device *sdp = cmnd->device;
6051 struct sdebug_dev_info *devip = (struct sdebug_dev_info *)sdp->hostdata;
6052 struct sdebug_err_inject *err;
6053 unsigned char *cmd = cmnd->cmnd;
6054 int ret = 0;
6055
6056 if (devip == NULL)
6057 return 0;
6058
6059 rcu_read_lock();
6060 list_for_each_entry_rcu(err, &devip->inject_err_list, list) {
6061 if (err->type == ERR_ABORT_CMD_FAILED &&
6062 (err->cmd == cmd[0] || err->cmd == 0xff)) {
6063 ret = !!err->cnt;
6064 if (err->cnt < 0)
6065 err->cnt++;
6066
6067 rcu_read_unlock();
6068 return ret;
6069 }
6070 }
6071 rcu_read_unlock();
6072
6073 return 0;
6074}
6075
6076static int scsi_debug_abort(struct scsi_cmnd *SCpnt)
6077{
6078 bool ok = scsi_debug_abort_cmnd(SCpnt);
6079 u8 *cmd = SCpnt->cmnd;
6080 u8 opcode = cmd[0];
6081
6082 ++num_aborts;
6083
6084 if (SDEBUG_OPT_ALL_NOISE & sdebug_opts)
6085 sdev_printk(KERN_INFO, SCpnt->device,
6086 "%s: command%s found\n", __func__,
6087 ok ? "" : " not");
6088
6089 if (sdebug_fail_abort(SCpnt)) {
6090 scmd_printk(KERN_INFO, SCpnt, "fail abort command 0x%x\n",
6091 opcode);
6092 return FAILED;
6093 }
6094
6095 return SUCCESS;
6096}
6097
6098static bool scsi_debug_stop_all_queued_iter(struct request *rq, void *data)
6099{
6100 struct scsi_device *sdp = data;
6101 struct scsi_cmnd *scmd = blk_mq_rq_to_pdu(rq);
6102
6103 if (scmd->device == sdp)
6104 scsi_debug_abort_cmnd(scmd);
6105
6106 return true;
6107}
6108
6109/* Deletes (stops) timers or work queues of all queued commands per sdev */
6110static void scsi_debug_stop_all_queued(struct scsi_device *sdp)
6111{
6112 struct Scsi_Host *shost = sdp->host;
6113
6114 blk_mq_tagset_busy_iter(&shost->tag_set,
6115 scsi_debug_stop_all_queued_iter, sdp);
6116}
6117
6118static int sdebug_fail_lun_reset(struct scsi_cmnd *cmnd)
6119{
6120 struct scsi_device *sdp = cmnd->device;
6121 struct sdebug_dev_info *devip = (struct sdebug_dev_info *)sdp->hostdata;
6122 struct sdebug_err_inject *err;
6123 unsigned char *cmd = cmnd->cmnd;
6124 int ret = 0;
6125
6126 if (devip == NULL)
6127 return 0;
6128
6129 rcu_read_lock();
6130 list_for_each_entry_rcu(err, &devip->inject_err_list, list) {
6131 if (err->type == ERR_LUN_RESET_FAILED &&
6132 (err->cmd == cmd[0] || err->cmd == 0xff)) {
6133 ret = !!err->cnt;
6134 if (err->cnt < 0)
6135 err->cnt++;
6136
6137 rcu_read_unlock();
6138 return ret;
6139 }
6140 }
6141 rcu_read_unlock();
6142
6143 return 0;
6144}
6145
6146static int scsi_debug_device_reset(struct scsi_cmnd *SCpnt)
6147{
6148 struct scsi_device *sdp = SCpnt->device;
6149 struct sdebug_dev_info *devip = sdp->hostdata;
6150 u8 *cmd = SCpnt->cmnd;
6151 u8 opcode = cmd[0];
6152
6153 ++num_dev_resets;
6154
6155 if (SDEBUG_OPT_ALL_NOISE & sdebug_opts)
6156 sdev_printk(KERN_INFO, sdp, "%s\n", __func__);
6157
6158 scsi_debug_stop_all_queued(sdp);
6159 if (devip)
6160 set_bit(SDEBUG_UA_POR, devip->uas_bm);
6161
6162 if (sdebug_fail_lun_reset(SCpnt)) {
6163 scmd_printk(KERN_INFO, SCpnt, "fail lun reset 0x%x\n", opcode);
6164 return FAILED;
6165 }
6166
6167 return SUCCESS;
6168}
6169
6170static int sdebug_fail_target_reset(struct scsi_cmnd *cmnd)
6171{
6172 struct scsi_target *starget = scsi_target(cmnd->device);
6173 struct sdebug_target_info *targetip =
6174 (struct sdebug_target_info *)starget->hostdata;
6175
6176 if (targetip)
6177 return targetip->reset_fail;
6178
6179 return 0;
6180}
6181
6182static int scsi_debug_target_reset(struct scsi_cmnd *SCpnt)
6183{
6184 struct scsi_device *sdp = SCpnt->device;
6185 struct sdebug_host_info *sdbg_host = shost_to_sdebug_host(sdp->host);
6186 struct sdebug_dev_info *devip;
6187 u8 *cmd = SCpnt->cmnd;
6188 u8 opcode = cmd[0];
6189 int k = 0;
6190
6191 ++num_target_resets;
6192 if (SDEBUG_OPT_ALL_NOISE & sdebug_opts)
6193 sdev_printk(KERN_INFO, sdp, "%s\n", __func__);
6194
6195 list_for_each_entry(devip, &sdbg_host->dev_info_list, dev_list) {
6196 if (devip->target == sdp->id) {
6197 set_bit(SDEBUG_UA_BUS_RESET, devip->uas_bm);
6198 ++k;
6199 }
6200 }
6201
6202 if (SDEBUG_OPT_RESET_NOISE & sdebug_opts)
6203 sdev_printk(KERN_INFO, sdp,
6204 "%s: %d device(s) found in target\n", __func__, k);
6205
6206 if (sdebug_fail_target_reset(SCpnt)) {
6207 scmd_printk(KERN_INFO, SCpnt, "fail target reset 0x%x\n",
6208 opcode);
6209 return FAILED;
6210 }
6211
6212 return SUCCESS;
6213}
6214
6215static int scsi_debug_bus_reset(struct scsi_cmnd *SCpnt)
6216{
6217 struct scsi_device *sdp = SCpnt->device;
6218 struct sdebug_host_info *sdbg_host = shost_to_sdebug_host(sdp->host);
6219 struct sdebug_dev_info *devip;
6220 int k = 0;
6221
6222 ++num_bus_resets;
6223
6224 if (SDEBUG_OPT_ALL_NOISE & sdebug_opts)
6225 sdev_printk(KERN_INFO, sdp, "%s\n", __func__);
6226
6227 list_for_each_entry(devip, &sdbg_host->dev_info_list, dev_list) {
6228 set_bit(SDEBUG_UA_BUS_RESET, devip->uas_bm);
6229 ++k;
6230 }
6231
6232 if (SDEBUG_OPT_RESET_NOISE & sdebug_opts)
6233 sdev_printk(KERN_INFO, sdp,
6234 "%s: %d device(s) found in host\n", __func__, k);
6235 return SUCCESS;
6236}
6237
6238static int scsi_debug_host_reset(struct scsi_cmnd *SCpnt)
6239{
6240 struct sdebug_host_info *sdbg_host;
6241 struct sdebug_dev_info *devip;
6242 int k = 0;
6243
6244 ++num_host_resets;
6245 if (SDEBUG_OPT_ALL_NOISE & sdebug_opts)
6246 sdev_printk(KERN_INFO, SCpnt->device, "%s\n", __func__);
6247 mutex_lock(&sdebug_host_list_mutex);
6248 list_for_each_entry(sdbg_host, &sdebug_host_list, host_list) {
6249 list_for_each_entry(devip, &sdbg_host->dev_info_list,
6250 dev_list) {
6251 set_bit(SDEBUG_UA_BUS_RESET, devip->uas_bm);
6252 ++k;
6253 }
6254 }
6255 mutex_unlock(&sdebug_host_list_mutex);
6256 stop_all_queued();
6257 if (SDEBUG_OPT_RESET_NOISE & sdebug_opts)
6258 sdev_printk(KERN_INFO, SCpnt->device,
6259 "%s: %d device(s) found\n", __func__, k);
6260 return SUCCESS;
6261}
6262
6263static void sdebug_build_parts(unsigned char *ramp, unsigned long store_size)
6264{
6265 struct msdos_partition *pp;
6266 int starts[SDEBUG_MAX_PARTS + 2], max_part_secs;
6267 int sectors_per_part, num_sectors, k;
6268 int heads_by_sects, start_sec, end_sec;
6269
6270 /* assume partition table already zeroed */
6271 if ((sdebug_num_parts < 1) || (store_size < 1048576))
6272 return;
6273 if (sdebug_num_parts > SDEBUG_MAX_PARTS) {
6274 sdebug_num_parts = SDEBUG_MAX_PARTS;
6275 pr_warn("reducing partitions to %d\n", SDEBUG_MAX_PARTS);
6276 }
6277 num_sectors = (int)get_sdebug_capacity();
6278 sectors_per_part = (num_sectors - sdebug_sectors_per)
6279 / sdebug_num_parts;
6280 heads_by_sects = sdebug_heads * sdebug_sectors_per;
6281 starts[0] = sdebug_sectors_per;
6282 max_part_secs = sectors_per_part;
6283 for (k = 1; k < sdebug_num_parts; ++k) {
6284 starts[k] = ((k * sectors_per_part) / heads_by_sects)
6285 * heads_by_sects;
6286 if (starts[k] - starts[k - 1] < max_part_secs)
6287 max_part_secs = starts[k] - starts[k - 1];
6288 }
6289 starts[sdebug_num_parts] = num_sectors;
6290 starts[sdebug_num_parts + 1] = 0;
6291
6292 ramp[510] = 0x55; /* magic partition markings */
6293 ramp[511] = 0xAA;
6294 pp = (struct msdos_partition *)(ramp + 0x1be);
6295 for (k = 0; starts[k + 1]; ++k, ++pp) {
6296 start_sec = starts[k];
6297 end_sec = starts[k] + max_part_secs - 1;
6298 pp->boot_ind = 0;
6299
6300 pp->cyl = start_sec / heads_by_sects;
6301 pp->head = (start_sec - (pp->cyl * heads_by_sects))
6302 / sdebug_sectors_per;
6303 pp->sector = (start_sec % sdebug_sectors_per) + 1;
6304
6305 pp->end_cyl = end_sec / heads_by_sects;
6306 pp->end_head = (end_sec - (pp->end_cyl * heads_by_sects))
6307 / sdebug_sectors_per;
6308 pp->end_sector = (end_sec % sdebug_sectors_per) + 1;
6309
6310 pp->start_sect = cpu_to_le32(start_sec);
6311 pp->nr_sects = cpu_to_le32(end_sec - start_sec + 1);
6312 pp->sys_ind = 0x83; /* plain Linux partition */
6313 }
6314}
6315
6316static void block_unblock_all_queues(bool block)
6317{
6318 struct sdebug_host_info *sdhp;
6319
6320 lockdep_assert_held(&sdebug_host_list_mutex);
6321
6322 list_for_each_entry(sdhp, &sdebug_host_list, host_list) {
6323 struct Scsi_Host *shost = sdhp->shost;
6324
6325 if (block)
6326 scsi_block_requests(shost);
6327 else
6328 scsi_unblock_requests(shost);
6329 }
6330}
6331
6332/* Adjust (by rounding down) the sdebug_cmnd_count so abs(every_nth)-1
6333 * commands will be processed normally before triggers occur.
6334 */
6335static void tweak_cmnd_count(void)
6336{
6337 int count, modulo;
6338
6339 modulo = abs(sdebug_every_nth);
6340 if (modulo < 2)
6341 return;
6342
6343 mutex_lock(&sdebug_host_list_mutex);
6344 block_unblock_all_queues(true);
6345 count = atomic_read(&sdebug_cmnd_count);
6346 atomic_set(&sdebug_cmnd_count, (count / modulo) * modulo);
6347 block_unblock_all_queues(false);
6348 mutex_unlock(&sdebug_host_list_mutex);
6349}
6350
6351static void clear_queue_stats(void)
6352{
6353 atomic_set(&sdebug_cmnd_count, 0);
6354 atomic_set(&sdebug_completions, 0);
6355 atomic_set(&sdebug_miss_cpus, 0);
6356 atomic_set(&sdebug_a_tsf, 0);
6357}
6358
6359static bool inject_on_this_cmd(void)
6360{
6361 if (sdebug_every_nth == 0)
6362 return false;
6363 return (atomic_read(&sdebug_cmnd_count) % abs(sdebug_every_nth)) == 0;
6364}
6365
6366#define INCLUSIVE_TIMING_MAX_NS 1000000 /* 1 millisecond */
6367
6368
6369void sdebug_free_queued_cmd(struct sdebug_queued_cmd *sqcp)
6370{
6371 if (sqcp)
6372 kmem_cache_free(queued_cmd_cache, sqcp);
6373}
6374
6375static struct sdebug_queued_cmd *sdebug_alloc_queued_cmd(struct scsi_cmnd *scmd)
6376{
6377 struct sdebug_queued_cmd *sqcp;
6378 struct sdebug_defer *sd_dp;
6379
6380 sqcp = kmem_cache_zalloc(queued_cmd_cache, GFP_ATOMIC);
6381 if (!sqcp)
6382 return NULL;
6383
6384 sd_dp = &sqcp->sd_dp;
6385
6386 hrtimer_init(&sd_dp->hrt, CLOCK_MONOTONIC, HRTIMER_MODE_REL_PINNED);
6387 sd_dp->hrt.function = sdebug_q_cmd_hrt_complete;
6388 INIT_WORK(&sd_dp->ew.work, sdebug_q_cmd_wq_complete);
6389
6390 sqcp->scmd = scmd;
6391
6392 return sqcp;
6393}
6394
6395/* Complete the processing of the thread that queued a SCSI command to this
6396 * driver. It either completes the command by calling cmnd_done() or
6397 * schedules a hr timer or work queue then returns 0. Returns
6398 * SCSI_MLQUEUE_HOST_BUSY if temporarily out of resources.
6399 */
6400static int schedule_resp(struct scsi_cmnd *cmnd, struct sdebug_dev_info *devip,
6401 int scsi_result,
6402 int (*pfp)(struct scsi_cmnd *,
6403 struct sdebug_dev_info *),
6404 int delta_jiff, int ndelay)
6405{
6406 struct request *rq = scsi_cmd_to_rq(cmnd);
6407 bool polled = rq->cmd_flags & REQ_POLLED;
6408 struct sdebug_scsi_cmd *sdsc = scsi_cmd_priv(cmnd);
6409 unsigned long flags;
6410 u64 ns_from_boot = 0;
6411 struct sdebug_queued_cmd *sqcp;
6412 struct scsi_device *sdp;
6413 struct sdebug_defer *sd_dp;
6414
6415 if (unlikely(devip == NULL)) {
6416 if (scsi_result == 0)
6417 scsi_result = DID_NO_CONNECT << 16;
6418 goto respond_in_thread;
6419 }
6420 sdp = cmnd->device;
6421
6422 if (delta_jiff == 0)
6423 goto respond_in_thread;
6424
6425
6426 if (unlikely(sdebug_every_nth && (SDEBUG_OPT_RARE_TSF & sdebug_opts) &&
6427 (scsi_result == 0))) {
6428 int num_in_q = scsi_device_busy(sdp);
6429 int qdepth = cmnd->device->queue_depth;
6430
6431 if ((num_in_q == qdepth) &&
6432 (atomic_inc_return(&sdebug_a_tsf) >=
6433 abs(sdebug_every_nth))) {
6434 atomic_set(&sdebug_a_tsf, 0);
6435 scsi_result = device_qfull_result;
6436
6437 if (unlikely(SDEBUG_OPT_Q_NOISE & sdebug_opts))
6438 sdev_printk(KERN_INFO, sdp, "%s: num_in_q=%d +1, <inject> status: TASK SET FULL\n",
6439 __func__, num_in_q);
6440 }
6441 }
6442
6443 sqcp = sdebug_alloc_queued_cmd(cmnd);
6444 if (!sqcp) {
6445 pr_err("%s no alloc\n", __func__);
6446 return SCSI_MLQUEUE_HOST_BUSY;
6447 }
6448 sd_dp = &sqcp->sd_dp;
6449
6450 if (polled || (ndelay > 0 && ndelay < INCLUSIVE_TIMING_MAX_NS))
6451 ns_from_boot = ktime_get_boottime_ns();
6452
6453 /* one of the resp_*() response functions is called here */
6454 cmnd->result = pfp ? pfp(cmnd, devip) : 0;
6455 if (cmnd->result & SDEG_RES_IMMED_MASK) {
6456 cmnd->result &= ~SDEG_RES_IMMED_MASK;
6457 delta_jiff = ndelay = 0;
6458 }
6459 if (cmnd->result == 0 && scsi_result != 0)
6460 cmnd->result = scsi_result;
6461 if (cmnd->result == 0 && unlikely(sdebug_opts & SDEBUG_OPT_TRANSPORT_ERR)) {
6462 if (atomic_read(&sdeb_inject_pending)) {
6463 mk_sense_buffer(cmnd, ABORTED_COMMAND, TRANSPORT_PROBLEM, ACK_NAK_TO);
6464 atomic_set(&sdeb_inject_pending, 0);
6465 cmnd->result = check_condition_result;
6466 }
6467 }
6468
6469 if (unlikely(sdebug_verbose && cmnd->result))
6470 sdev_printk(KERN_INFO, sdp, "%s: non-zero result=0x%x\n",
6471 __func__, cmnd->result);
6472
6473 if (delta_jiff > 0 || ndelay > 0) {
6474 ktime_t kt;
6475
6476 if (delta_jiff > 0) {
6477 u64 ns = jiffies_to_nsecs(delta_jiff);
6478
6479 if (sdebug_random && ns < U32_MAX) {
6480 ns = get_random_u32_below((u32)ns);
6481 } else if (sdebug_random) {
6482 ns >>= 12; /* scale to 4 usec precision */
6483 if (ns < U32_MAX) /* over 4 hours max */
6484 ns = get_random_u32_below((u32)ns);
6485 ns <<= 12;
6486 }
6487 kt = ns_to_ktime(ns);
6488 } else { /* ndelay has a 4.2 second max */
6489 kt = sdebug_random ? get_random_u32_below((u32)ndelay) :
6490 (u32)ndelay;
6491 if (ndelay < INCLUSIVE_TIMING_MAX_NS) {
6492 u64 d = ktime_get_boottime_ns() - ns_from_boot;
6493
6494 if (kt <= d) { /* elapsed duration >= kt */
6495 /* call scsi_done() from this thread */
6496 sdebug_free_queued_cmd(sqcp);
6497 scsi_done(cmnd);
6498 return 0;
6499 }
6500 /* otherwise reduce kt by elapsed time */
6501 kt -= d;
6502 }
6503 }
6504 if (sdebug_statistics)
6505 sd_dp->issuing_cpu = raw_smp_processor_id();
6506 if (polled) {
6507 spin_lock_irqsave(&sdsc->lock, flags);
6508 sd_dp->cmpl_ts = ktime_add(ns_to_ktime(ns_from_boot), kt);
6509 ASSIGN_QUEUED_CMD(cmnd, sqcp);
6510 WRITE_ONCE(sd_dp->defer_t, SDEB_DEFER_POLL);
6511 spin_unlock_irqrestore(&sdsc->lock, flags);
6512 } else {
6513 /* schedule the invocation of scsi_done() for a later time */
6514 spin_lock_irqsave(&sdsc->lock, flags);
6515 ASSIGN_QUEUED_CMD(cmnd, sqcp);
6516 WRITE_ONCE(sd_dp->defer_t, SDEB_DEFER_HRT);
6517 hrtimer_start(&sd_dp->hrt, kt, HRTIMER_MODE_REL_PINNED);
6518 /*
6519 * The completion handler will try to grab sqcp->lock,
6520 * so there is no chance that the completion handler
6521 * will call scsi_done() until we release the lock
6522 * here (so ok to keep referencing sdsc).
6523 */
6524 spin_unlock_irqrestore(&sdsc->lock, flags);
6525 }
6526 } else { /* jdelay < 0, use work queue */
6527 if (unlikely((sdebug_opts & SDEBUG_OPT_CMD_ABORT) &&
6528 atomic_read(&sdeb_inject_pending))) {
6529 sd_dp->aborted = true;
6530 atomic_set(&sdeb_inject_pending, 0);
6531 sdev_printk(KERN_INFO, sdp, "abort request tag=%#x\n",
6532 blk_mq_unique_tag_to_tag(get_tag(cmnd)));
6533 }
6534
6535 if (sdebug_statistics)
6536 sd_dp->issuing_cpu = raw_smp_processor_id();
6537 if (polled) {
6538 spin_lock_irqsave(&sdsc->lock, flags);
6539 ASSIGN_QUEUED_CMD(cmnd, sqcp);
6540 sd_dp->cmpl_ts = ns_to_ktime(ns_from_boot);
6541 WRITE_ONCE(sd_dp->defer_t, SDEB_DEFER_POLL);
6542 spin_unlock_irqrestore(&sdsc->lock, flags);
6543 } else {
6544 spin_lock_irqsave(&sdsc->lock, flags);
6545 ASSIGN_QUEUED_CMD(cmnd, sqcp);
6546 WRITE_ONCE(sd_dp->defer_t, SDEB_DEFER_WQ);
6547 schedule_work(&sd_dp->ew.work);
6548 spin_unlock_irqrestore(&sdsc->lock, flags);
6549 }
6550 }
6551
6552 return 0;
6553
6554respond_in_thread: /* call back to mid-layer using invocation thread */
6555 cmnd->result = pfp != NULL ? pfp(cmnd, devip) : 0;
6556 cmnd->result &= ~SDEG_RES_IMMED_MASK;
6557 if (cmnd->result == 0 && scsi_result != 0)
6558 cmnd->result = scsi_result;
6559 scsi_done(cmnd);
6560 return 0;
6561}
6562
6563/* Note: The following macros create attribute files in the
6564 /sys/module/scsi_debug/parameters directory. Unfortunately this
6565 driver is unaware of a change and cannot trigger auxiliary actions
6566 as it can when the corresponding attribute in the
6567 /sys/bus/pseudo/drivers/scsi_debug directory is changed.
6568 */
6569module_param_named(add_host, sdebug_add_host, int, S_IRUGO | S_IWUSR);
6570module_param_named(ato, sdebug_ato, int, S_IRUGO);
6571module_param_named(cdb_len, sdebug_cdb_len, int, 0644);
6572module_param_named(clustering, sdebug_clustering, bool, S_IRUGO | S_IWUSR);
6573module_param_named(delay, sdebug_jdelay, int, S_IRUGO | S_IWUSR);
6574module_param_named(dev_size_mb, sdebug_dev_size_mb, int, S_IRUGO);
6575module_param_named(dif, sdebug_dif, int, S_IRUGO);
6576module_param_named(dix, sdebug_dix, int, S_IRUGO);
6577module_param_named(dsense, sdebug_dsense, int, S_IRUGO | S_IWUSR);
6578module_param_named(every_nth, sdebug_every_nth, int, S_IRUGO | S_IWUSR);
6579module_param_named(fake_rw, sdebug_fake_rw, int, S_IRUGO | S_IWUSR);
6580module_param_named(guard, sdebug_guard, uint, S_IRUGO);
6581module_param_named(host_lock, sdebug_host_lock, bool, S_IRUGO | S_IWUSR);
6582module_param_named(host_max_queue, sdebug_host_max_queue, int, S_IRUGO);
6583module_param_string(inq_product, sdebug_inq_product_id,
6584 sizeof(sdebug_inq_product_id), S_IRUGO | S_IWUSR);
6585module_param_string(inq_rev, sdebug_inq_product_rev,
6586 sizeof(sdebug_inq_product_rev), S_IRUGO | S_IWUSR);
6587module_param_string(inq_vendor, sdebug_inq_vendor_id,
6588 sizeof(sdebug_inq_vendor_id), S_IRUGO | S_IWUSR);
6589module_param_named(lbprz, sdebug_lbprz, int, S_IRUGO);
6590module_param_named(lbpu, sdebug_lbpu, int, S_IRUGO);
6591module_param_named(lbpws, sdebug_lbpws, int, S_IRUGO);
6592module_param_named(lbpws10, sdebug_lbpws10, int, S_IRUGO);
6593module_param_named(atomic_wr, sdebug_atomic_wr, int, S_IRUGO);
6594module_param_named(lowest_aligned, sdebug_lowest_aligned, int, S_IRUGO);
6595module_param_named(lun_format, sdebug_lun_am_i, int, S_IRUGO | S_IWUSR);
6596module_param_named(max_luns, sdebug_max_luns, int, S_IRUGO | S_IWUSR);
6597module_param_named(max_queue, sdebug_max_queue, int, S_IRUGO | S_IWUSR);
6598module_param_named(medium_error_count, sdebug_medium_error_count, int,
6599 S_IRUGO | S_IWUSR);
6600module_param_named(medium_error_start, sdebug_medium_error_start, int,
6601 S_IRUGO | S_IWUSR);
6602module_param_named(ndelay, sdebug_ndelay, int, S_IRUGO | S_IWUSR);
6603module_param_named(no_lun_0, sdebug_no_lun_0, int, S_IRUGO | S_IWUSR);
6604module_param_named(no_rwlock, sdebug_no_rwlock, bool, S_IRUGO | S_IWUSR);
6605module_param_named(no_uld, sdebug_no_uld, int, S_IRUGO);
6606module_param_named(num_parts, sdebug_num_parts, int, S_IRUGO);
6607module_param_named(num_tgts, sdebug_num_tgts, int, S_IRUGO | S_IWUSR);
6608module_param_named(opt_blks, sdebug_opt_blks, int, S_IRUGO);
6609module_param_named(opt_xferlen_exp, sdebug_opt_xferlen_exp, int, S_IRUGO);
6610module_param_named(opts, sdebug_opts, int, S_IRUGO | S_IWUSR);
6611module_param_named(per_host_store, sdebug_per_host_store, bool,
6612 S_IRUGO | S_IWUSR);
6613module_param_named(physblk_exp, sdebug_physblk_exp, int, S_IRUGO);
6614module_param_named(ptype, sdebug_ptype, int, S_IRUGO | S_IWUSR);
6615module_param_named(random, sdebug_random, bool, S_IRUGO | S_IWUSR);
6616module_param_named(removable, sdebug_removable, bool, S_IRUGO | S_IWUSR);
6617module_param_named(scsi_level, sdebug_scsi_level, int, S_IRUGO);
6618module_param_named(sector_size, sdebug_sector_size, int, S_IRUGO);
6619module_param_named(statistics, sdebug_statistics, bool, S_IRUGO | S_IWUSR);
6620module_param_named(strict, sdebug_strict, bool, S_IRUGO | S_IWUSR);
6621module_param_named(submit_queues, submit_queues, int, S_IRUGO);
6622module_param_named(poll_queues, poll_queues, int, S_IRUGO);
6623module_param_named(tur_ms_to_ready, sdeb_tur_ms_to_ready, int, S_IRUGO);
6624module_param_named(unmap_alignment, sdebug_unmap_alignment, int, S_IRUGO);
6625module_param_named(unmap_granularity, sdebug_unmap_granularity, int, S_IRUGO);
6626module_param_named(unmap_max_blocks, sdebug_unmap_max_blocks, int, S_IRUGO);
6627module_param_named(unmap_max_desc, sdebug_unmap_max_desc, int, S_IRUGO);
6628module_param_named(atomic_wr_max_length, sdebug_atomic_wr_max_length, int, S_IRUGO);
6629module_param_named(atomic_wr_align, sdebug_atomic_wr_align, int, S_IRUGO);
6630module_param_named(atomic_wr_gran, sdebug_atomic_wr_gran, int, S_IRUGO);
6631module_param_named(atomic_wr_max_length_bndry, sdebug_atomic_wr_max_length_bndry, int, S_IRUGO);
6632module_param_named(atomic_wr_max_bndry, sdebug_atomic_wr_max_bndry, int, S_IRUGO);
6633module_param_named(uuid_ctl, sdebug_uuid_ctl, int, S_IRUGO);
6634module_param_named(virtual_gb, sdebug_virtual_gb, int, S_IRUGO | S_IWUSR);
6635module_param_named(vpd_use_hostno, sdebug_vpd_use_hostno, int,
6636 S_IRUGO | S_IWUSR);
6637module_param_named(wp, sdebug_wp, bool, S_IRUGO | S_IWUSR);
6638module_param_named(write_same_length, sdebug_write_same_length, int,
6639 S_IRUGO | S_IWUSR);
6640module_param_named(zbc, sdeb_zbc_model_s, charp, S_IRUGO);
6641module_param_named(zone_cap_mb, sdeb_zbc_zone_cap_mb, int, S_IRUGO);
6642module_param_named(zone_max_open, sdeb_zbc_max_open, int, S_IRUGO);
6643module_param_named(zone_nr_conv, sdeb_zbc_nr_conv, int, S_IRUGO);
6644module_param_named(zone_size_mb, sdeb_zbc_zone_size_mb, int, S_IRUGO);
6645module_param_named(allow_restart, sdebug_allow_restart, bool, S_IRUGO | S_IWUSR);
6646
6647MODULE_AUTHOR("Eric Youngdale + Douglas Gilbert");
6648MODULE_DESCRIPTION("SCSI debug adapter driver");
6649MODULE_LICENSE("GPL");
6650MODULE_VERSION(SDEBUG_VERSION);
6651
6652MODULE_PARM_DESC(add_host, "add n hosts, in sysfs if negative remove host(s) (def=1)");
6653MODULE_PARM_DESC(ato, "application tag ownership: 0=disk 1=host (def=1)");
6654MODULE_PARM_DESC(cdb_len, "suggest CDB lengths to drivers (def=10)");
6655MODULE_PARM_DESC(clustering, "when set enables larger transfers (def=0)");
6656MODULE_PARM_DESC(delay, "response delay (def=1 jiffy); 0:imm, -1,-2:tiny");
6657MODULE_PARM_DESC(dev_size_mb, "size in MiB of ram shared by devs(def=8)");
6658MODULE_PARM_DESC(dif, "data integrity field type: 0-3 (def=0)");
6659MODULE_PARM_DESC(dix, "data integrity extensions mask (def=0)");
6660MODULE_PARM_DESC(dsense, "use descriptor sense format(def=0 -> fixed)");
6661MODULE_PARM_DESC(every_nth, "timeout every nth command(def=0)");
6662MODULE_PARM_DESC(fake_rw, "fake reads/writes instead of copying (def=0)");
6663MODULE_PARM_DESC(guard, "protection checksum: 0=crc, 1=ip (def=0)");
6664MODULE_PARM_DESC(host_lock, "host_lock is ignored (def=0)");
6665MODULE_PARM_DESC(host_max_queue,
6666 "host max # of queued cmds (0 to max(def) [max_queue fixed equal for !0])");
6667MODULE_PARM_DESC(inq_product, "SCSI INQUIRY product string (def=\"scsi_debug\")");
6668MODULE_PARM_DESC(inq_rev, "SCSI INQUIRY revision string (def=\""
6669 SDEBUG_VERSION "\")");
6670MODULE_PARM_DESC(inq_vendor, "SCSI INQUIRY vendor string (def=\"Linux\")");
6671MODULE_PARM_DESC(lbprz,
6672 "on read unmapped LBs return 0 when 1 (def), return 0xff when 2");
6673MODULE_PARM_DESC(lbpu, "enable LBP, support UNMAP command (def=0)");
6674MODULE_PARM_DESC(lbpws, "enable LBP, support WRITE SAME(16) with UNMAP bit (def=0)");
6675MODULE_PARM_DESC(lbpws10, "enable LBP, support WRITE SAME(10) with UNMAP bit (def=0)");
6676MODULE_PARM_DESC(atomic_write, "enable ATOMIC WRITE support, support WRITE ATOMIC(16) (def=0)");
6677MODULE_PARM_DESC(lowest_aligned, "lowest aligned lba (def=0)");
6678MODULE_PARM_DESC(lun_format, "LUN format: 0->peripheral (def); 1 --> flat address method");
6679MODULE_PARM_DESC(max_luns, "number of LUNs per target to simulate(def=1)");
6680MODULE_PARM_DESC(max_queue, "max number of queued commands (1 to max(def))");
6681MODULE_PARM_DESC(medium_error_count, "count of sectors to return follow on MEDIUM error");
6682MODULE_PARM_DESC(medium_error_start, "starting sector number to return MEDIUM error");
6683MODULE_PARM_DESC(ndelay, "response delay in nanoseconds (def=0 -> ignore)");
6684MODULE_PARM_DESC(no_lun_0, "no LU number 0 (def=0 -> have lun 0)");
6685MODULE_PARM_DESC(no_rwlock, "don't protect user data reads+writes (def=0)");
6686MODULE_PARM_DESC(no_uld, "stop ULD (e.g. sd driver) attaching (def=0))");
6687MODULE_PARM_DESC(num_parts, "number of partitions(def=0)");
6688MODULE_PARM_DESC(num_tgts, "number of targets per host to simulate(def=1)");
6689MODULE_PARM_DESC(opt_blks, "optimal transfer length in blocks (def=1024)");
6690MODULE_PARM_DESC(opt_xferlen_exp, "optimal transfer length granularity exponent (def=physblk_exp)");
6691MODULE_PARM_DESC(opts, "1->noise, 2->medium_err, 4->timeout, 8->recovered_err... (def=0)");
6692MODULE_PARM_DESC(per_host_store, "If set, next positive add_host will get new store (def=0)");
6693MODULE_PARM_DESC(physblk_exp, "physical block exponent (def=0)");
6694MODULE_PARM_DESC(poll_queues, "support for iouring iopoll queues (1 to max(submit_queues - 1))");
6695MODULE_PARM_DESC(ptype, "SCSI peripheral type(def=0[disk])");
6696MODULE_PARM_DESC(random, "If set, uniformly randomize command duration between 0 and delay_in_ns");
6697MODULE_PARM_DESC(removable, "claim to have removable media (def=0)");
6698MODULE_PARM_DESC(scsi_level, "SCSI level to simulate(def=7[SPC-5])");
6699MODULE_PARM_DESC(sector_size, "logical block size in bytes (def=512)");
6700MODULE_PARM_DESC(statistics, "collect statistics on commands, queues (def=0)");
6701MODULE_PARM_DESC(strict, "stricter checks: reserved field in cdb (def=0)");
6702MODULE_PARM_DESC(submit_queues, "support for block multi-queue (def=1)");
6703MODULE_PARM_DESC(tur_ms_to_ready, "TEST UNIT READY millisecs before initial good status (def=0)");
6704MODULE_PARM_DESC(unmap_alignment, "lowest aligned thin provisioning lba (def=0)");
6705MODULE_PARM_DESC(unmap_granularity, "thin provisioning granularity in blocks (def=1)");
6706MODULE_PARM_DESC(unmap_max_blocks, "max # of blocks can be unmapped in one cmd (def=0xffffffff)");
6707MODULE_PARM_DESC(unmap_max_desc, "max # of ranges that can be unmapped in one cmd (def=256)");
6708MODULE_PARM_DESC(atomic_wr_max_length, "max # of blocks can be atomically written in one cmd (def=8192)");
6709MODULE_PARM_DESC(atomic_wr_align, "minimum alignment of atomic write in blocks (def=2)");
6710MODULE_PARM_DESC(atomic_wr_gran, "minimum granularity of atomic write in blocks (def=2)");
6711MODULE_PARM_DESC(atomic_wr_max_length_bndry, "max # of blocks can be atomically written in one cmd with boundary set (def=8192)");
6712MODULE_PARM_DESC(atomic_wr_max_bndry, "max # boundaries per atomic write (def=128)");
6713MODULE_PARM_DESC(uuid_ctl,
6714 "1->use uuid for lu name, 0->don't, 2->all use same (def=0)");
6715MODULE_PARM_DESC(virtual_gb, "virtual gigabyte (GiB) size (def=0 -> use dev_size_mb)");
6716MODULE_PARM_DESC(vpd_use_hostno, "0 -> dev ids ignore hostno (def=1 -> unique dev ids)");
6717MODULE_PARM_DESC(wp, "Write Protect (def=0)");
6718MODULE_PARM_DESC(write_same_length, "Maximum blocks per WRITE SAME cmd (def=0xffff)");
6719MODULE_PARM_DESC(zbc, "'none' [0]; 'aware' [1]; 'managed' [2] (def=0). Can have 'host-' prefix");
6720MODULE_PARM_DESC(zone_cap_mb, "Zone capacity in MiB (def=zone size)");
6721MODULE_PARM_DESC(zone_max_open, "Maximum number of open zones; [0] for no limit (def=auto)");
6722MODULE_PARM_DESC(zone_nr_conv, "Number of conventional zones (def=1)");
6723MODULE_PARM_DESC(zone_size_mb, "Zone size in MiB (def=auto)");
6724MODULE_PARM_DESC(allow_restart, "Set scsi_device's allow_restart flag(def=0)");
6725
6726#define SDEBUG_INFO_LEN 256
6727static char sdebug_info[SDEBUG_INFO_LEN];
6728
6729static const char *scsi_debug_info(struct Scsi_Host *shp)
6730{
6731 int k;
6732
6733 k = scnprintf(sdebug_info, SDEBUG_INFO_LEN, "%s: version %s [%s]\n",
6734 my_name, SDEBUG_VERSION, sdebug_version_date);
6735 if (k >= (SDEBUG_INFO_LEN - 1))
6736 return sdebug_info;
6737 scnprintf(sdebug_info + k, SDEBUG_INFO_LEN - k,
6738 " dev_size_mb=%d, opts=0x%x, submit_queues=%d, %s=%d",
6739 sdebug_dev_size_mb, sdebug_opts, submit_queues,
6740 "statistics", (int)sdebug_statistics);
6741 return sdebug_info;
6742}
6743
6744/* 'echo <val> > /proc/scsi/scsi_debug/<host_id>' writes to opts */
6745static int scsi_debug_write_info(struct Scsi_Host *host, char *buffer,
6746 int length)
6747{
6748 char arr[16];
6749 int opts;
6750 int minLen = length > 15 ? 15 : length;
6751
6752 if (!capable(CAP_SYS_ADMIN) || !capable(CAP_SYS_RAWIO))
6753 return -EACCES;
6754 memcpy(arr, buffer, minLen);
6755 arr[minLen] = '\0';
6756 if (1 != sscanf(arr, "%d", &opts))
6757 return -EINVAL;
6758 sdebug_opts = opts;
6759 sdebug_verbose = !!(SDEBUG_OPT_NOISE & opts);
6760 sdebug_any_injecting_opt = !!(SDEBUG_OPT_ALL_INJECTING & opts);
6761 if (sdebug_every_nth != 0)
6762 tweak_cmnd_count();
6763 return length;
6764}
6765
6766struct sdebug_submit_queue_data {
6767 int *first;
6768 int *last;
6769 int queue_num;
6770};
6771
6772static bool sdebug_submit_queue_iter(struct request *rq, void *opaque)
6773{
6774 struct sdebug_submit_queue_data *data = opaque;
6775 u32 unique_tag = blk_mq_unique_tag(rq);
6776 u16 hwq = blk_mq_unique_tag_to_hwq(unique_tag);
6777 u16 tag = blk_mq_unique_tag_to_tag(unique_tag);
6778 int queue_num = data->queue_num;
6779
6780 if (hwq != queue_num)
6781 return true;
6782
6783 /* Rely on iter'ing in ascending tag order */
6784 if (*data->first == -1)
6785 *data->first = *data->last = tag;
6786 else
6787 *data->last = tag;
6788
6789 return true;
6790}
6791
6792/* Output seen with 'cat /proc/scsi/scsi_debug/<host_id>'. It will be the
6793 * same for each scsi_debug host (if more than one). Some of the counters
6794 * output are not atomics so might be inaccurate in a busy system. */
6795static int scsi_debug_show_info(struct seq_file *m, struct Scsi_Host *host)
6796{
6797 struct sdebug_host_info *sdhp;
6798 int j;
6799
6800 seq_printf(m, "scsi_debug adapter driver, version %s [%s]\n",
6801 SDEBUG_VERSION, sdebug_version_date);
6802 seq_printf(m, "num_tgts=%d, %ssize=%d MB, opts=0x%x, every_nth=%d\n",
6803 sdebug_num_tgts, "shared (ram) ", sdebug_dev_size_mb,
6804 sdebug_opts, sdebug_every_nth);
6805 seq_printf(m, "delay=%d, ndelay=%d, max_luns=%d, sector_size=%d %s\n",
6806 sdebug_jdelay, sdebug_ndelay, sdebug_max_luns,
6807 sdebug_sector_size, "bytes");
6808 seq_printf(m, "cylinders=%d, heads=%d, sectors=%d, command aborts=%d\n",
6809 sdebug_cylinders_per, sdebug_heads, sdebug_sectors_per,
6810 num_aborts);
6811 seq_printf(m, "RESETs: device=%d, target=%d, bus=%d, host=%d\n",
6812 num_dev_resets, num_target_resets, num_bus_resets,
6813 num_host_resets);
6814 seq_printf(m, "dix_reads=%d, dix_writes=%d, dif_errors=%d\n",
6815 dix_reads, dix_writes, dif_errors);
6816 seq_printf(m, "usec_in_jiffy=%lu, statistics=%d\n", TICK_NSEC / 1000,
6817 sdebug_statistics);
6818 seq_printf(m, "cmnd_count=%d, completions=%d, %s=%d, a_tsf=%d, mq_polls=%d\n",
6819 atomic_read(&sdebug_cmnd_count),
6820 atomic_read(&sdebug_completions),
6821 "miss_cpus", atomic_read(&sdebug_miss_cpus),
6822 atomic_read(&sdebug_a_tsf),
6823 atomic_read(&sdeb_mq_poll_count));
6824
6825 seq_printf(m, "submit_queues=%d\n", submit_queues);
6826 for (j = 0; j < submit_queues; ++j) {
6827 int f = -1, l = -1;
6828 struct sdebug_submit_queue_data data = {
6829 .queue_num = j,
6830 .first = &f,
6831 .last = &l,
6832 };
6833 seq_printf(m, " queue %d:\n", j);
6834 blk_mq_tagset_busy_iter(&host->tag_set, sdebug_submit_queue_iter,
6835 &data);
6836 if (f >= 0) {
6837 seq_printf(m, " in_use_bm BUSY: %s: %d,%d\n",
6838 "first,last bits", f, l);
6839 }
6840 }
6841
6842 seq_printf(m, "this host_no=%d\n", host->host_no);
6843 if (!xa_empty(per_store_ap)) {
6844 bool niu;
6845 int idx;
6846 unsigned long l_idx;
6847 struct sdeb_store_info *sip;
6848
6849 seq_puts(m, "\nhost list:\n");
6850 j = 0;
6851 list_for_each_entry(sdhp, &sdebug_host_list, host_list) {
6852 idx = sdhp->si_idx;
6853 seq_printf(m, " %d: host_no=%d, si_idx=%d\n", j,
6854 sdhp->shost->host_no, idx);
6855 ++j;
6856 }
6857 seq_printf(m, "\nper_store array [most_recent_idx=%d]:\n",
6858 sdeb_most_recent_idx);
6859 j = 0;
6860 xa_for_each(per_store_ap, l_idx, sip) {
6861 niu = xa_get_mark(per_store_ap, l_idx,
6862 SDEB_XA_NOT_IN_USE);
6863 idx = (int)l_idx;
6864 seq_printf(m, " %d: idx=%d%s\n", j, idx,
6865 (niu ? " not_in_use" : ""));
6866 ++j;
6867 }
6868 }
6869 return 0;
6870}
6871
6872static ssize_t delay_show(struct device_driver *ddp, char *buf)
6873{
6874 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_jdelay);
6875}
6876/* Returns -EBUSY if jdelay is being changed and commands are queued. The unit
6877 * of delay is jiffies.
6878 */
6879static ssize_t delay_store(struct device_driver *ddp, const char *buf,
6880 size_t count)
6881{
6882 int jdelay, res;
6883
6884 if (count > 0 && sscanf(buf, "%d", &jdelay) == 1) {
6885 res = count;
6886 if (sdebug_jdelay != jdelay) {
6887 struct sdebug_host_info *sdhp;
6888
6889 mutex_lock(&sdebug_host_list_mutex);
6890 block_unblock_all_queues(true);
6891
6892 list_for_each_entry(sdhp, &sdebug_host_list, host_list) {
6893 struct Scsi_Host *shost = sdhp->shost;
6894
6895 if (scsi_host_busy(shost)) {
6896 res = -EBUSY; /* queued commands */
6897 break;
6898 }
6899 }
6900 if (res > 0) {
6901 sdebug_jdelay = jdelay;
6902 sdebug_ndelay = 0;
6903 }
6904 block_unblock_all_queues(false);
6905 mutex_unlock(&sdebug_host_list_mutex);
6906 }
6907 return res;
6908 }
6909 return -EINVAL;
6910}
6911static DRIVER_ATTR_RW(delay);
6912
6913static ssize_t ndelay_show(struct device_driver *ddp, char *buf)
6914{
6915 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_ndelay);
6916}
6917/* Returns -EBUSY if ndelay is being changed and commands are queued */
6918/* If > 0 and accepted then sdebug_jdelay is set to JDELAY_OVERRIDDEN */
6919static ssize_t ndelay_store(struct device_driver *ddp, const char *buf,
6920 size_t count)
6921{
6922 int ndelay, res;
6923
6924 if ((count > 0) && (1 == sscanf(buf, "%d", &ndelay)) &&
6925 (ndelay >= 0) && (ndelay < (1000 * 1000 * 1000))) {
6926 res = count;
6927 if (sdebug_ndelay != ndelay) {
6928 struct sdebug_host_info *sdhp;
6929
6930 mutex_lock(&sdebug_host_list_mutex);
6931 block_unblock_all_queues(true);
6932
6933 list_for_each_entry(sdhp, &sdebug_host_list, host_list) {
6934 struct Scsi_Host *shost = sdhp->shost;
6935
6936 if (scsi_host_busy(shost)) {
6937 res = -EBUSY; /* queued commands */
6938 break;
6939 }
6940 }
6941
6942 if (res > 0) {
6943 sdebug_ndelay = ndelay;
6944 sdebug_jdelay = ndelay ? JDELAY_OVERRIDDEN
6945 : DEF_JDELAY;
6946 }
6947 block_unblock_all_queues(false);
6948 mutex_unlock(&sdebug_host_list_mutex);
6949 }
6950 return res;
6951 }
6952 return -EINVAL;
6953}
6954static DRIVER_ATTR_RW(ndelay);
6955
6956static ssize_t opts_show(struct device_driver *ddp, char *buf)
6957{
6958 return scnprintf(buf, PAGE_SIZE, "0x%x\n", sdebug_opts);
6959}
6960
6961static ssize_t opts_store(struct device_driver *ddp, const char *buf,
6962 size_t count)
6963{
6964 int opts;
6965 char work[20];
6966
6967 if (sscanf(buf, "%10s", work) == 1) {
6968 if (strncasecmp(work, "0x", 2) == 0) {
6969 if (kstrtoint(work + 2, 16, &opts) == 0)
6970 goto opts_done;
6971 } else {
6972 if (kstrtoint(work, 10, &opts) == 0)
6973 goto opts_done;
6974 }
6975 }
6976 return -EINVAL;
6977opts_done:
6978 sdebug_opts = opts;
6979 sdebug_verbose = !!(SDEBUG_OPT_NOISE & opts);
6980 sdebug_any_injecting_opt = !!(SDEBUG_OPT_ALL_INJECTING & opts);
6981 tweak_cmnd_count();
6982 return count;
6983}
6984static DRIVER_ATTR_RW(opts);
6985
6986static ssize_t ptype_show(struct device_driver *ddp, char *buf)
6987{
6988 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_ptype);
6989}
6990static ssize_t ptype_store(struct device_driver *ddp, const char *buf,
6991 size_t count)
6992{
6993 int n;
6994
6995 /* Cannot change from or to TYPE_ZBC with sysfs */
6996 if (sdebug_ptype == TYPE_ZBC)
6997 return -EINVAL;
6998
6999 if ((count > 0) && (1 == sscanf(buf, "%d", &n)) && (n >= 0)) {
7000 if (n == TYPE_ZBC)
7001 return -EINVAL;
7002 sdebug_ptype = n;
7003 return count;
7004 }
7005 return -EINVAL;
7006}
7007static DRIVER_ATTR_RW(ptype);
7008
7009static ssize_t dsense_show(struct device_driver *ddp, char *buf)
7010{
7011 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_dsense);
7012}
7013static ssize_t dsense_store(struct device_driver *ddp, const char *buf,
7014 size_t count)
7015{
7016 int n;
7017
7018 if ((count > 0) && (1 == sscanf(buf, "%d", &n)) && (n >= 0)) {
7019 sdebug_dsense = n;
7020 return count;
7021 }
7022 return -EINVAL;
7023}
7024static DRIVER_ATTR_RW(dsense);
7025
7026static ssize_t fake_rw_show(struct device_driver *ddp, char *buf)
7027{
7028 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_fake_rw);
7029}
7030static ssize_t fake_rw_store(struct device_driver *ddp, const char *buf,
7031 size_t count)
7032{
7033 int n, idx;
7034
7035 if ((count > 0) && (1 == sscanf(buf, "%d", &n)) && (n >= 0)) {
7036 bool want_store = (n == 0);
7037 struct sdebug_host_info *sdhp;
7038
7039 n = (n > 0);
7040 sdebug_fake_rw = (sdebug_fake_rw > 0);
7041 if (sdebug_fake_rw == n)
7042 return count; /* not transitioning so do nothing */
7043
7044 if (want_store) { /* 1 --> 0 transition, set up store */
7045 if (sdeb_first_idx < 0) {
7046 idx = sdebug_add_store();
7047 if (idx < 0)
7048 return idx;
7049 } else {
7050 idx = sdeb_first_idx;
7051 xa_clear_mark(per_store_ap, idx,
7052 SDEB_XA_NOT_IN_USE);
7053 }
7054 /* make all hosts use same store */
7055 list_for_each_entry(sdhp, &sdebug_host_list,
7056 host_list) {
7057 if (sdhp->si_idx != idx) {
7058 xa_set_mark(per_store_ap, sdhp->si_idx,
7059 SDEB_XA_NOT_IN_USE);
7060 sdhp->si_idx = idx;
7061 }
7062 }
7063 sdeb_most_recent_idx = idx;
7064 } else { /* 0 --> 1 transition is trigger for shrink */
7065 sdebug_erase_all_stores(true /* apart from first */);
7066 }
7067 sdebug_fake_rw = n;
7068 return count;
7069 }
7070 return -EINVAL;
7071}
7072static DRIVER_ATTR_RW(fake_rw);
7073
7074static ssize_t no_lun_0_show(struct device_driver *ddp, char *buf)
7075{
7076 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_no_lun_0);
7077}
7078static ssize_t no_lun_0_store(struct device_driver *ddp, const char *buf,
7079 size_t count)
7080{
7081 int n;
7082
7083 if ((count > 0) && (1 == sscanf(buf, "%d", &n)) && (n >= 0)) {
7084 sdebug_no_lun_0 = n;
7085 return count;
7086 }
7087 return -EINVAL;
7088}
7089static DRIVER_ATTR_RW(no_lun_0);
7090
7091static ssize_t num_tgts_show(struct device_driver *ddp, char *buf)
7092{
7093 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_num_tgts);
7094}
7095static ssize_t num_tgts_store(struct device_driver *ddp, const char *buf,
7096 size_t count)
7097{
7098 int n;
7099
7100 if ((count > 0) && (1 == sscanf(buf, "%d", &n)) && (n >= 0)) {
7101 sdebug_num_tgts = n;
7102 sdebug_max_tgts_luns();
7103 return count;
7104 }
7105 return -EINVAL;
7106}
7107static DRIVER_ATTR_RW(num_tgts);
7108
7109static ssize_t dev_size_mb_show(struct device_driver *ddp, char *buf)
7110{
7111 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_dev_size_mb);
7112}
7113static DRIVER_ATTR_RO(dev_size_mb);
7114
7115static ssize_t per_host_store_show(struct device_driver *ddp, char *buf)
7116{
7117 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_per_host_store);
7118}
7119
7120static ssize_t per_host_store_store(struct device_driver *ddp, const char *buf,
7121 size_t count)
7122{
7123 bool v;
7124
7125 if (kstrtobool(buf, &v))
7126 return -EINVAL;
7127
7128 sdebug_per_host_store = v;
7129 return count;
7130}
7131static DRIVER_ATTR_RW(per_host_store);
7132
7133static ssize_t num_parts_show(struct device_driver *ddp, char *buf)
7134{
7135 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_num_parts);
7136}
7137static DRIVER_ATTR_RO(num_parts);
7138
7139static ssize_t every_nth_show(struct device_driver *ddp, char *buf)
7140{
7141 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_every_nth);
7142}
7143static ssize_t every_nth_store(struct device_driver *ddp, const char *buf,
7144 size_t count)
7145{
7146 int nth;
7147 char work[20];
7148
7149 if (sscanf(buf, "%10s", work) == 1) {
7150 if (strncasecmp(work, "0x", 2) == 0) {
7151 if (kstrtoint(work + 2, 16, &nth) == 0)
7152 goto every_nth_done;
7153 } else {
7154 if (kstrtoint(work, 10, &nth) == 0)
7155 goto every_nth_done;
7156 }
7157 }
7158 return -EINVAL;
7159
7160every_nth_done:
7161 sdebug_every_nth = nth;
7162 if (nth && !sdebug_statistics) {
7163 pr_info("every_nth needs statistics=1, set it\n");
7164 sdebug_statistics = true;
7165 }
7166 tweak_cmnd_count();
7167 return count;
7168}
7169static DRIVER_ATTR_RW(every_nth);
7170
7171static ssize_t lun_format_show(struct device_driver *ddp, char *buf)
7172{
7173 return scnprintf(buf, PAGE_SIZE, "%d\n", (int)sdebug_lun_am);
7174}
7175static ssize_t lun_format_store(struct device_driver *ddp, const char *buf,
7176 size_t count)
7177{
7178 int n;
7179 bool changed;
7180
7181 if (kstrtoint(buf, 0, &n))
7182 return -EINVAL;
7183 if (n >= 0) {
7184 if (n > (int)SAM_LUN_AM_FLAT) {
7185 pr_warn("only LUN address methods 0 and 1 are supported\n");
7186 return -EINVAL;
7187 }
7188 changed = ((int)sdebug_lun_am != n);
7189 sdebug_lun_am = n;
7190 if (changed && sdebug_scsi_level >= 5) { /* >= SPC-3 */
7191 struct sdebug_host_info *sdhp;
7192 struct sdebug_dev_info *dp;
7193
7194 mutex_lock(&sdebug_host_list_mutex);
7195 list_for_each_entry(sdhp, &sdebug_host_list, host_list) {
7196 list_for_each_entry(dp, &sdhp->dev_info_list, dev_list) {
7197 set_bit(SDEBUG_UA_LUNS_CHANGED, dp->uas_bm);
7198 }
7199 }
7200 mutex_unlock(&sdebug_host_list_mutex);
7201 }
7202 return count;
7203 }
7204 return -EINVAL;
7205}
7206static DRIVER_ATTR_RW(lun_format);
7207
7208static ssize_t max_luns_show(struct device_driver *ddp, char *buf)
7209{
7210 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_max_luns);
7211}
7212static ssize_t max_luns_store(struct device_driver *ddp, const char *buf,
7213 size_t count)
7214{
7215 int n;
7216 bool changed;
7217
7218 if ((count > 0) && (1 == sscanf(buf, "%d", &n)) && (n >= 0)) {
7219 if (n > 256) {
7220 pr_warn("max_luns can be no more than 256\n");
7221 return -EINVAL;
7222 }
7223 changed = (sdebug_max_luns != n);
7224 sdebug_max_luns = n;
7225 sdebug_max_tgts_luns();
7226 if (changed && (sdebug_scsi_level >= 5)) { /* >= SPC-3 */
7227 struct sdebug_host_info *sdhp;
7228 struct sdebug_dev_info *dp;
7229
7230 mutex_lock(&sdebug_host_list_mutex);
7231 list_for_each_entry(sdhp, &sdebug_host_list,
7232 host_list) {
7233 list_for_each_entry(dp, &sdhp->dev_info_list,
7234 dev_list) {
7235 set_bit(SDEBUG_UA_LUNS_CHANGED,
7236 dp->uas_bm);
7237 }
7238 }
7239 mutex_unlock(&sdebug_host_list_mutex);
7240 }
7241 return count;
7242 }
7243 return -EINVAL;
7244}
7245static DRIVER_ATTR_RW(max_luns);
7246
7247static ssize_t max_queue_show(struct device_driver *ddp, char *buf)
7248{
7249 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_max_queue);
7250}
7251/* N.B. max_queue can be changed while there are queued commands. In flight
7252 * commands beyond the new max_queue will be completed. */
7253static ssize_t max_queue_store(struct device_driver *ddp, const char *buf,
7254 size_t count)
7255{
7256 int n;
7257
7258 if ((count > 0) && (1 == sscanf(buf, "%d", &n)) && (n > 0) &&
7259 (n <= SDEBUG_CANQUEUE) &&
7260 (sdebug_host_max_queue == 0)) {
7261 mutex_lock(&sdebug_host_list_mutex);
7262
7263 /* We may only change sdebug_max_queue when we have no shosts */
7264 if (list_empty(&sdebug_host_list))
7265 sdebug_max_queue = n;
7266 else
7267 count = -EBUSY;
7268 mutex_unlock(&sdebug_host_list_mutex);
7269 return count;
7270 }
7271 return -EINVAL;
7272}
7273static DRIVER_ATTR_RW(max_queue);
7274
7275static ssize_t host_max_queue_show(struct device_driver *ddp, char *buf)
7276{
7277 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_host_max_queue);
7278}
7279
7280static ssize_t no_rwlock_show(struct device_driver *ddp, char *buf)
7281{
7282 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_no_rwlock);
7283}
7284
7285static ssize_t no_rwlock_store(struct device_driver *ddp, const char *buf, size_t count)
7286{
7287 bool v;
7288
7289 if (kstrtobool(buf, &v))
7290 return -EINVAL;
7291
7292 sdebug_no_rwlock = v;
7293 return count;
7294}
7295static DRIVER_ATTR_RW(no_rwlock);
7296
7297/*
7298 * Since this is used for .can_queue, and we get the hc_idx tag from the bitmap
7299 * in range [0, sdebug_host_max_queue), we can't change it.
7300 */
7301static DRIVER_ATTR_RO(host_max_queue);
7302
7303static ssize_t no_uld_show(struct device_driver *ddp, char *buf)
7304{
7305 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_no_uld);
7306}
7307static DRIVER_ATTR_RO(no_uld);
7308
7309static ssize_t scsi_level_show(struct device_driver *ddp, char *buf)
7310{
7311 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_scsi_level);
7312}
7313static DRIVER_ATTR_RO(scsi_level);
7314
7315static ssize_t virtual_gb_show(struct device_driver *ddp, char *buf)
7316{
7317 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_virtual_gb);
7318}
7319static ssize_t virtual_gb_store(struct device_driver *ddp, const char *buf,
7320 size_t count)
7321{
7322 int n;
7323 bool changed;
7324
7325 /* Ignore capacity change for ZBC drives for now */
7326 if (sdeb_zbc_in_use)
7327 return -ENOTSUPP;
7328
7329 if ((count > 0) && (1 == sscanf(buf, "%d", &n)) && (n >= 0)) {
7330 changed = (sdebug_virtual_gb != n);
7331 sdebug_virtual_gb = n;
7332 sdebug_capacity = get_sdebug_capacity();
7333 if (changed) {
7334 struct sdebug_host_info *sdhp;
7335 struct sdebug_dev_info *dp;
7336
7337 mutex_lock(&sdebug_host_list_mutex);
7338 list_for_each_entry(sdhp, &sdebug_host_list,
7339 host_list) {
7340 list_for_each_entry(dp, &sdhp->dev_info_list,
7341 dev_list) {
7342 set_bit(SDEBUG_UA_CAPACITY_CHANGED,
7343 dp->uas_bm);
7344 }
7345 }
7346 mutex_unlock(&sdebug_host_list_mutex);
7347 }
7348 return count;
7349 }
7350 return -EINVAL;
7351}
7352static DRIVER_ATTR_RW(virtual_gb);
7353
7354static ssize_t add_host_show(struct device_driver *ddp, char *buf)
7355{
7356 /* absolute number of hosts currently active is what is shown */
7357 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_num_hosts);
7358}
7359
7360static ssize_t add_host_store(struct device_driver *ddp, const char *buf,
7361 size_t count)
7362{
7363 bool found;
7364 unsigned long idx;
7365 struct sdeb_store_info *sip;
7366 bool want_phs = (sdebug_fake_rw == 0) && sdebug_per_host_store;
7367 int delta_hosts;
7368
7369 if (sscanf(buf, "%d", &delta_hosts) != 1)
7370 return -EINVAL;
7371 if (delta_hosts > 0) {
7372 do {
7373 found = false;
7374 if (want_phs) {
7375 xa_for_each_marked(per_store_ap, idx, sip,
7376 SDEB_XA_NOT_IN_USE) {
7377 sdeb_most_recent_idx = (int)idx;
7378 found = true;
7379 break;
7380 }
7381 if (found) /* re-use case */
7382 sdebug_add_host_helper((int)idx);
7383 else
7384 sdebug_do_add_host(true);
7385 } else {
7386 sdebug_do_add_host(false);
7387 }
7388 } while (--delta_hosts);
7389 } else if (delta_hosts < 0) {
7390 do {
7391 sdebug_do_remove_host(false);
7392 } while (++delta_hosts);
7393 }
7394 return count;
7395}
7396static DRIVER_ATTR_RW(add_host);
7397
7398static ssize_t vpd_use_hostno_show(struct device_driver *ddp, char *buf)
7399{
7400 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_vpd_use_hostno);
7401}
7402static ssize_t vpd_use_hostno_store(struct device_driver *ddp, const char *buf,
7403 size_t count)
7404{
7405 int n;
7406
7407 if ((count > 0) && (1 == sscanf(buf, "%d", &n)) && (n >= 0)) {
7408 sdebug_vpd_use_hostno = n;
7409 return count;
7410 }
7411 return -EINVAL;
7412}
7413static DRIVER_ATTR_RW(vpd_use_hostno);
7414
7415static ssize_t statistics_show(struct device_driver *ddp, char *buf)
7416{
7417 return scnprintf(buf, PAGE_SIZE, "%d\n", (int)sdebug_statistics);
7418}
7419static ssize_t statistics_store(struct device_driver *ddp, const char *buf,
7420 size_t count)
7421{
7422 int n;
7423
7424 if ((count > 0) && (sscanf(buf, "%d", &n) == 1) && (n >= 0)) {
7425 if (n > 0)
7426 sdebug_statistics = true;
7427 else {
7428 clear_queue_stats();
7429 sdebug_statistics = false;
7430 }
7431 return count;
7432 }
7433 return -EINVAL;
7434}
7435static DRIVER_ATTR_RW(statistics);
7436
7437static ssize_t sector_size_show(struct device_driver *ddp, char *buf)
7438{
7439 return scnprintf(buf, PAGE_SIZE, "%u\n", sdebug_sector_size);
7440}
7441static DRIVER_ATTR_RO(sector_size);
7442
7443static ssize_t submit_queues_show(struct device_driver *ddp, char *buf)
7444{
7445 return scnprintf(buf, PAGE_SIZE, "%d\n", submit_queues);
7446}
7447static DRIVER_ATTR_RO(submit_queues);
7448
7449static ssize_t dix_show(struct device_driver *ddp, char *buf)
7450{
7451 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_dix);
7452}
7453static DRIVER_ATTR_RO(dix);
7454
7455static ssize_t dif_show(struct device_driver *ddp, char *buf)
7456{
7457 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_dif);
7458}
7459static DRIVER_ATTR_RO(dif);
7460
7461static ssize_t guard_show(struct device_driver *ddp, char *buf)
7462{
7463 return scnprintf(buf, PAGE_SIZE, "%u\n", sdebug_guard);
7464}
7465static DRIVER_ATTR_RO(guard);
7466
7467static ssize_t ato_show(struct device_driver *ddp, char *buf)
7468{
7469 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_ato);
7470}
7471static DRIVER_ATTR_RO(ato);
7472
7473static ssize_t map_show(struct device_driver *ddp, char *buf)
7474{
7475 ssize_t count = 0;
7476
7477 if (!scsi_debug_lbp())
7478 return scnprintf(buf, PAGE_SIZE, "0-%u\n",
7479 sdebug_store_sectors);
7480
7481 if (sdebug_fake_rw == 0 && !xa_empty(per_store_ap)) {
7482 struct sdeb_store_info *sip = xa_load(per_store_ap, 0);
7483
7484 if (sip)
7485 count = scnprintf(buf, PAGE_SIZE - 1, "%*pbl",
7486 (int)map_size, sip->map_storep);
7487 }
7488 buf[count++] = '\n';
7489 buf[count] = '\0';
7490
7491 return count;
7492}
7493static DRIVER_ATTR_RO(map);
7494
7495static ssize_t random_show(struct device_driver *ddp, char *buf)
7496{
7497 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_random);
7498}
7499
7500static ssize_t random_store(struct device_driver *ddp, const char *buf,
7501 size_t count)
7502{
7503 bool v;
7504
7505 if (kstrtobool(buf, &v))
7506 return -EINVAL;
7507
7508 sdebug_random = v;
7509 return count;
7510}
7511static DRIVER_ATTR_RW(random);
7512
7513static ssize_t removable_show(struct device_driver *ddp, char *buf)
7514{
7515 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_removable ? 1 : 0);
7516}
7517static ssize_t removable_store(struct device_driver *ddp, const char *buf,
7518 size_t count)
7519{
7520 int n;
7521
7522 if ((count > 0) && (1 == sscanf(buf, "%d", &n)) && (n >= 0)) {
7523 sdebug_removable = (n > 0);
7524 return count;
7525 }
7526 return -EINVAL;
7527}
7528static DRIVER_ATTR_RW(removable);
7529
7530static ssize_t host_lock_show(struct device_driver *ddp, char *buf)
7531{
7532 return scnprintf(buf, PAGE_SIZE, "%d\n", !!sdebug_host_lock);
7533}
7534/* N.B. sdebug_host_lock does nothing, kept for backward compatibility */
7535static ssize_t host_lock_store(struct device_driver *ddp, const char *buf,
7536 size_t count)
7537{
7538 int n;
7539
7540 if ((count > 0) && (1 == sscanf(buf, "%d", &n)) && (n >= 0)) {
7541 sdebug_host_lock = (n > 0);
7542 return count;
7543 }
7544 return -EINVAL;
7545}
7546static DRIVER_ATTR_RW(host_lock);
7547
7548static ssize_t strict_show(struct device_driver *ddp, char *buf)
7549{
7550 return scnprintf(buf, PAGE_SIZE, "%d\n", !!sdebug_strict);
7551}
7552static ssize_t strict_store(struct device_driver *ddp, const char *buf,
7553 size_t count)
7554{
7555 int n;
7556
7557 if ((count > 0) && (1 == sscanf(buf, "%d", &n)) && (n >= 0)) {
7558 sdebug_strict = (n > 0);
7559 return count;
7560 }
7561 return -EINVAL;
7562}
7563static DRIVER_ATTR_RW(strict);
7564
7565static ssize_t uuid_ctl_show(struct device_driver *ddp, char *buf)
7566{
7567 return scnprintf(buf, PAGE_SIZE, "%d\n", !!sdebug_uuid_ctl);
7568}
7569static DRIVER_ATTR_RO(uuid_ctl);
7570
7571static ssize_t cdb_len_show(struct device_driver *ddp, char *buf)
7572{
7573 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_cdb_len);
7574}
7575static ssize_t cdb_len_store(struct device_driver *ddp, const char *buf,
7576 size_t count)
7577{
7578 int ret, n;
7579
7580 ret = kstrtoint(buf, 0, &n);
7581 if (ret)
7582 return ret;
7583 sdebug_cdb_len = n;
7584 all_config_cdb_len();
7585 return count;
7586}
7587static DRIVER_ATTR_RW(cdb_len);
7588
7589static const char * const zbc_model_strs_a[] = {
7590 [BLK_ZONED_NONE] = "none",
7591 [BLK_ZONED_HA] = "host-aware",
7592 [BLK_ZONED_HM] = "host-managed",
7593};
7594
7595static const char * const zbc_model_strs_b[] = {
7596 [BLK_ZONED_NONE] = "no",
7597 [BLK_ZONED_HA] = "aware",
7598 [BLK_ZONED_HM] = "managed",
7599};
7600
7601static const char * const zbc_model_strs_c[] = {
7602 [BLK_ZONED_NONE] = "0",
7603 [BLK_ZONED_HA] = "1",
7604 [BLK_ZONED_HM] = "2",
7605};
7606
7607static int sdeb_zbc_model_str(const char *cp)
7608{
7609 int res = sysfs_match_string(zbc_model_strs_a, cp);
7610
7611 if (res < 0) {
7612 res = sysfs_match_string(zbc_model_strs_b, cp);
7613 if (res < 0) {
7614 res = sysfs_match_string(zbc_model_strs_c, cp);
7615 if (res < 0)
7616 return -EINVAL;
7617 }
7618 }
7619 return res;
7620}
7621
7622static ssize_t zbc_show(struct device_driver *ddp, char *buf)
7623{
7624 return scnprintf(buf, PAGE_SIZE, "%s\n",
7625 zbc_model_strs_a[sdeb_zbc_model]);
7626}
7627static DRIVER_ATTR_RO(zbc);
7628
7629static ssize_t tur_ms_to_ready_show(struct device_driver *ddp, char *buf)
7630{
7631 return scnprintf(buf, PAGE_SIZE, "%d\n", sdeb_tur_ms_to_ready);
7632}
7633static DRIVER_ATTR_RO(tur_ms_to_ready);
7634
7635static ssize_t group_number_stats_show(struct device_driver *ddp, char *buf)
7636{
7637 char *p = buf, *end = buf + PAGE_SIZE;
7638 int i;
7639
7640 for (i = 0; i < ARRAY_SIZE(writes_by_group_number); i++)
7641 p += scnprintf(p, end - p, "%d %ld\n", i,
7642 atomic_long_read(&writes_by_group_number[i]));
7643
7644 return p - buf;
7645}
7646
7647static ssize_t group_number_stats_store(struct device_driver *ddp,
7648 const char *buf, size_t count)
7649{
7650 int i;
7651
7652 for (i = 0; i < ARRAY_SIZE(writes_by_group_number); i++)
7653 atomic_long_set(&writes_by_group_number[i], 0);
7654
7655 return count;
7656}
7657static DRIVER_ATTR_RW(group_number_stats);
7658
7659/* Note: The following array creates attribute files in the
7660 /sys/bus/pseudo/drivers/scsi_debug directory. The advantage of these
7661 files (over those found in the /sys/module/scsi_debug/parameters
7662 directory) is that auxiliary actions can be triggered when an attribute
7663 is changed. For example see: add_host_store() above.
7664 */
7665
7666static struct attribute *sdebug_drv_attrs[] = {
7667 &driver_attr_delay.attr,
7668 &driver_attr_opts.attr,
7669 &driver_attr_ptype.attr,
7670 &driver_attr_dsense.attr,
7671 &driver_attr_fake_rw.attr,
7672 &driver_attr_host_max_queue.attr,
7673 &driver_attr_no_lun_0.attr,
7674 &driver_attr_num_tgts.attr,
7675 &driver_attr_dev_size_mb.attr,
7676 &driver_attr_num_parts.attr,
7677 &driver_attr_every_nth.attr,
7678 &driver_attr_lun_format.attr,
7679 &driver_attr_max_luns.attr,
7680 &driver_attr_max_queue.attr,
7681 &driver_attr_no_rwlock.attr,
7682 &driver_attr_no_uld.attr,
7683 &driver_attr_scsi_level.attr,
7684 &driver_attr_virtual_gb.attr,
7685 &driver_attr_add_host.attr,
7686 &driver_attr_per_host_store.attr,
7687 &driver_attr_vpd_use_hostno.attr,
7688 &driver_attr_sector_size.attr,
7689 &driver_attr_statistics.attr,
7690 &driver_attr_submit_queues.attr,
7691 &driver_attr_dix.attr,
7692 &driver_attr_dif.attr,
7693 &driver_attr_guard.attr,
7694 &driver_attr_ato.attr,
7695 &driver_attr_map.attr,
7696 &driver_attr_random.attr,
7697 &driver_attr_removable.attr,
7698 &driver_attr_host_lock.attr,
7699 &driver_attr_ndelay.attr,
7700 &driver_attr_strict.attr,
7701 &driver_attr_uuid_ctl.attr,
7702 &driver_attr_cdb_len.attr,
7703 &driver_attr_tur_ms_to_ready.attr,
7704 &driver_attr_zbc.attr,
7705 &driver_attr_group_number_stats.attr,
7706 NULL,
7707};
7708ATTRIBUTE_GROUPS(sdebug_drv);
7709
7710static struct device *pseudo_primary;
7711
7712static int __init scsi_debug_init(void)
7713{
7714 bool want_store = (sdebug_fake_rw == 0);
7715 unsigned long sz;
7716 int k, ret, hosts_to_add;
7717 int idx = -1;
7718
7719 if (sdebug_ndelay >= 1000 * 1000 * 1000) {
7720 pr_warn("ndelay must be less than 1 second, ignored\n");
7721 sdebug_ndelay = 0;
7722 } else if (sdebug_ndelay > 0)
7723 sdebug_jdelay = JDELAY_OVERRIDDEN;
7724
7725 switch (sdebug_sector_size) {
7726 case 512:
7727 case 1024:
7728 case 2048:
7729 case 4096:
7730 break;
7731 default:
7732 pr_err("invalid sector_size %d\n", sdebug_sector_size);
7733 return -EINVAL;
7734 }
7735
7736 switch (sdebug_dif) {
7737 case T10_PI_TYPE0_PROTECTION:
7738 break;
7739 case T10_PI_TYPE1_PROTECTION:
7740 case T10_PI_TYPE2_PROTECTION:
7741 case T10_PI_TYPE3_PROTECTION:
7742 have_dif_prot = true;
7743 break;
7744
7745 default:
7746 pr_err("dif must be 0, 1, 2 or 3\n");
7747 return -EINVAL;
7748 }
7749
7750 if (sdebug_num_tgts < 0) {
7751 pr_err("num_tgts must be >= 0\n");
7752 return -EINVAL;
7753 }
7754
7755 if (sdebug_guard > 1) {
7756 pr_err("guard must be 0 or 1\n");
7757 return -EINVAL;
7758 }
7759
7760 if (sdebug_ato > 1) {
7761 pr_err("ato must be 0 or 1\n");
7762 return -EINVAL;
7763 }
7764
7765 if (sdebug_physblk_exp > 15) {
7766 pr_err("invalid physblk_exp %u\n", sdebug_physblk_exp);
7767 return -EINVAL;
7768 }
7769
7770 sdebug_lun_am = sdebug_lun_am_i;
7771 if (sdebug_lun_am > SAM_LUN_AM_FLAT) {
7772 pr_warn("Invalid LUN format %u, using default\n", (int)sdebug_lun_am);
7773 sdebug_lun_am = SAM_LUN_AM_PERIPHERAL;
7774 }
7775
7776 if (sdebug_max_luns > 256) {
7777 if (sdebug_max_luns > 16384) {
7778 pr_warn("max_luns can be no more than 16384, use default\n");
7779 sdebug_max_luns = DEF_MAX_LUNS;
7780 }
7781 sdebug_lun_am = SAM_LUN_AM_FLAT;
7782 }
7783
7784 if (sdebug_lowest_aligned > 0x3fff) {
7785 pr_err("lowest_aligned too big: %u\n", sdebug_lowest_aligned);
7786 return -EINVAL;
7787 }
7788
7789 if (submit_queues < 1) {
7790 pr_err("submit_queues must be 1 or more\n");
7791 return -EINVAL;
7792 }
7793
7794 if ((sdebug_max_queue > SDEBUG_CANQUEUE) || (sdebug_max_queue < 1)) {
7795 pr_err("max_queue must be in range [1, %d]\n", SDEBUG_CANQUEUE);
7796 return -EINVAL;
7797 }
7798
7799 if ((sdebug_host_max_queue > SDEBUG_CANQUEUE) ||
7800 (sdebug_host_max_queue < 0)) {
7801 pr_err("host_max_queue must be in range [0 %d]\n",
7802 SDEBUG_CANQUEUE);
7803 return -EINVAL;
7804 }
7805
7806 if (sdebug_host_max_queue &&
7807 (sdebug_max_queue != sdebug_host_max_queue)) {
7808 sdebug_max_queue = sdebug_host_max_queue;
7809 pr_warn("fixing max submit queue depth to host max queue depth, %d\n",
7810 sdebug_max_queue);
7811 }
7812
7813 /*
7814 * check for host managed zoned block device specified with
7815 * ptype=0x14 or zbc=XXX.
7816 */
7817 if (sdebug_ptype == TYPE_ZBC) {
7818 sdeb_zbc_model = BLK_ZONED_HM;
7819 } else if (sdeb_zbc_model_s && *sdeb_zbc_model_s) {
7820 k = sdeb_zbc_model_str(sdeb_zbc_model_s);
7821 if (k < 0)
7822 return k;
7823 sdeb_zbc_model = k;
7824 switch (sdeb_zbc_model) {
7825 case BLK_ZONED_NONE:
7826 case BLK_ZONED_HA:
7827 sdebug_ptype = TYPE_DISK;
7828 break;
7829 case BLK_ZONED_HM:
7830 sdebug_ptype = TYPE_ZBC;
7831 break;
7832 default:
7833 pr_err("Invalid ZBC model\n");
7834 return -EINVAL;
7835 }
7836 }
7837 if (sdeb_zbc_model != BLK_ZONED_NONE) {
7838 sdeb_zbc_in_use = true;
7839 if (sdebug_dev_size_mb == DEF_DEV_SIZE_PRE_INIT)
7840 sdebug_dev_size_mb = DEF_ZBC_DEV_SIZE_MB;
7841 }
7842
7843 if (sdebug_dev_size_mb == DEF_DEV_SIZE_PRE_INIT)
7844 sdebug_dev_size_mb = DEF_DEV_SIZE_MB;
7845 if (sdebug_dev_size_mb < 1)
7846 sdebug_dev_size_mb = 1; /* force minimum 1 MB ramdisk */
7847 sz = (unsigned long)sdebug_dev_size_mb * 1048576;
7848 sdebug_store_sectors = sz / sdebug_sector_size;
7849 sdebug_capacity = get_sdebug_capacity();
7850
7851 /* play around with geometry, don't waste too much on track 0 */
7852 sdebug_heads = 8;
7853 sdebug_sectors_per = 32;
7854 if (sdebug_dev_size_mb >= 256)
7855 sdebug_heads = 64;
7856 else if (sdebug_dev_size_mb >= 16)
7857 sdebug_heads = 32;
7858 sdebug_cylinders_per = (unsigned long)sdebug_capacity /
7859 (sdebug_sectors_per * sdebug_heads);
7860 if (sdebug_cylinders_per >= 1024) {
7861 /* other LLDs do this; implies >= 1GB ram disk ... */
7862 sdebug_heads = 255;
7863 sdebug_sectors_per = 63;
7864 sdebug_cylinders_per = (unsigned long)sdebug_capacity /
7865 (sdebug_sectors_per * sdebug_heads);
7866 }
7867 if (scsi_debug_lbp()) {
7868 sdebug_unmap_max_blocks =
7869 clamp(sdebug_unmap_max_blocks, 0U, 0xffffffffU);
7870
7871 sdebug_unmap_max_desc =
7872 clamp(sdebug_unmap_max_desc, 0U, 256U);
7873
7874 sdebug_unmap_granularity =
7875 clamp(sdebug_unmap_granularity, 1U, 0xffffffffU);
7876
7877 if (sdebug_unmap_alignment &&
7878 sdebug_unmap_granularity <=
7879 sdebug_unmap_alignment) {
7880 pr_err("ERR: unmap_granularity <= unmap_alignment\n");
7881 return -EINVAL;
7882 }
7883 }
7884
7885 xa_init_flags(per_store_ap, XA_FLAGS_ALLOC | XA_FLAGS_LOCK_IRQ);
7886 if (want_store) {
7887 idx = sdebug_add_store();
7888 if (idx < 0)
7889 return idx;
7890 }
7891
7892 pseudo_primary = root_device_register("pseudo_0");
7893 if (IS_ERR(pseudo_primary)) {
7894 pr_warn("root_device_register() error\n");
7895 ret = PTR_ERR(pseudo_primary);
7896 goto free_vm;
7897 }
7898 ret = bus_register(&pseudo_lld_bus);
7899 if (ret < 0) {
7900 pr_warn("bus_register error: %d\n", ret);
7901 goto dev_unreg;
7902 }
7903 ret = driver_register(&sdebug_driverfs_driver);
7904 if (ret < 0) {
7905 pr_warn("driver_register error: %d\n", ret);
7906 goto bus_unreg;
7907 }
7908
7909 hosts_to_add = sdebug_add_host;
7910 sdebug_add_host = 0;
7911
7912 queued_cmd_cache = KMEM_CACHE(sdebug_queued_cmd, SLAB_HWCACHE_ALIGN);
7913 if (!queued_cmd_cache) {
7914 ret = -ENOMEM;
7915 goto driver_unreg;
7916 }
7917
7918 sdebug_debugfs_root = debugfs_create_dir("scsi_debug", NULL);
7919 if (IS_ERR_OR_NULL(sdebug_debugfs_root))
7920 pr_info("%s: failed to create initial debugfs directory\n", __func__);
7921
7922 for (k = 0; k < hosts_to_add; k++) {
7923 if (want_store && k == 0) {
7924 ret = sdebug_add_host_helper(idx);
7925 if (ret < 0) {
7926 pr_err("add_host_helper k=%d, error=%d\n",
7927 k, -ret);
7928 break;
7929 }
7930 } else {
7931 ret = sdebug_do_add_host(want_store &&
7932 sdebug_per_host_store);
7933 if (ret < 0) {
7934 pr_err("add_host k=%d error=%d\n", k, -ret);
7935 break;
7936 }
7937 }
7938 }
7939 if (sdebug_verbose)
7940 pr_info("built %d host(s)\n", sdebug_num_hosts);
7941
7942 return 0;
7943
7944driver_unreg:
7945 driver_unregister(&sdebug_driverfs_driver);
7946bus_unreg:
7947 bus_unregister(&pseudo_lld_bus);
7948dev_unreg:
7949 root_device_unregister(pseudo_primary);
7950free_vm:
7951 sdebug_erase_store(idx, NULL);
7952 return ret;
7953}
7954
7955static void __exit scsi_debug_exit(void)
7956{
7957 int k = sdebug_num_hosts;
7958
7959 for (; k; k--)
7960 sdebug_do_remove_host(true);
7961 kmem_cache_destroy(queued_cmd_cache);
7962 driver_unregister(&sdebug_driverfs_driver);
7963 bus_unregister(&pseudo_lld_bus);
7964 root_device_unregister(pseudo_primary);
7965
7966 sdebug_erase_all_stores(false);
7967 xa_destroy(per_store_ap);
7968 debugfs_remove(sdebug_debugfs_root);
7969}
7970
7971device_initcall(scsi_debug_init);
7972module_exit(scsi_debug_exit);
7973
7974static void sdebug_release_adapter(struct device *dev)
7975{
7976 struct sdebug_host_info *sdbg_host;
7977
7978 sdbg_host = dev_to_sdebug_host(dev);
7979 kfree(sdbg_host);
7980}
7981
7982/* idx must be valid, if sip is NULL then it will be obtained using idx */
7983static void sdebug_erase_store(int idx, struct sdeb_store_info *sip)
7984{
7985 if (idx < 0)
7986 return;
7987 if (!sip) {
7988 if (xa_empty(per_store_ap))
7989 return;
7990 sip = xa_load(per_store_ap, idx);
7991 if (!sip)
7992 return;
7993 }
7994 vfree(sip->map_storep);
7995 vfree(sip->dif_storep);
7996 vfree(sip->storep);
7997 xa_erase(per_store_ap, idx);
7998 kfree(sip);
7999}
8000
8001/* Assume apart_from_first==false only in shutdown case. */
8002static void sdebug_erase_all_stores(bool apart_from_first)
8003{
8004 unsigned long idx;
8005 struct sdeb_store_info *sip = NULL;
8006
8007 xa_for_each(per_store_ap, idx, sip) {
8008 if (apart_from_first)
8009 apart_from_first = false;
8010 else
8011 sdebug_erase_store(idx, sip);
8012 }
8013 if (apart_from_first)
8014 sdeb_most_recent_idx = sdeb_first_idx;
8015}
8016
8017/*
8018 * Returns store xarray new element index (idx) if >=0 else negated errno.
8019 * Limit the number of stores to 65536.
8020 */
8021static int sdebug_add_store(void)
8022{
8023 int res;
8024 u32 n_idx;
8025 unsigned long iflags;
8026 unsigned long sz = (unsigned long)sdebug_dev_size_mb * 1048576;
8027 struct sdeb_store_info *sip = NULL;
8028 struct xa_limit xal = { .max = 1 << 16, .min = 0 };
8029
8030 sip = kzalloc(sizeof(*sip), GFP_KERNEL);
8031 if (!sip)
8032 return -ENOMEM;
8033
8034 xa_lock_irqsave(per_store_ap, iflags);
8035 res = __xa_alloc(per_store_ap, &n_idx, sip, xal, GFP_ATOMIC);
8036 if (unlikely(res < 0)) {
8037 xa_unlock_irqrestore(per_store_ap, iflags);
8038 kfree(sip);
8039 pr_warn("%s: xa_alloc() errno=%d\n", __func__, -res);
8040 return res;
8041 }
8042 sdeb_most_recent_idx = n_idx;
8043 if (sdeb_first_idx < 0)
8044 sdeb_first_idx = n_idx;
8045 xa_unlock_irqrestore(per_store_ap, iflags);
8046
8047 res = -ENOMEM;
8048 sip->storep = vzalloc(sz);
8049 if (!sip->storep) {
8050 pr_err("user data oom\n");
8051 goto err;
8052 }
8053 if (sdebug_num_parts > 0)
8054 sdebug_build_parts(sip->storep, sz);
8055
8056 /* DIF/DIX: what T10 calls Protection Information (PI) */
8057 if (sdebug_dix) {
8058 int dif_size;
8059
8060 dif_size = sdebug_store_sectors * sizeof(struct t10_pi_tuple);
8061 sip->dif_storep = vmalloc(dif_size);
8062
8063 pr_info("dif_storep %u bytes @ %pK\n", dif_size,
8064 sip->dif_storep);
8065
8066 if (!sip->dif_storep) {
8067 pr_err("DIX oom\n");
8068 goto err;
8069 }
8070 memset(sip->dif_storep, 0xff, dif_size);
8071 }
8072 /* Logical Block Provisioning */
8073 if (scsi_debug_lbp()) {
8074 map_size = lba_to_map_index(sdebug_store_sectors - 1) + 1;
8075 sip->map_storep = vmalloc(array_size(sizeof(long),
8076 BITS_TO_LONGS(map_size)));
8077
8078 pr_info("%lu provisioning blocks\n", map_size);
8079
8080 if (!sip->map_storep) {
8081 pr_err("LBP map oom\n");
8082 goto err;
8083 }
8084
8085 bitmap_zero(sip->map_storep, map_size);
8086
8087 /* Map first 1KB for partition table */
8088 if (sdebug_num_parts)
8089 map_region(sip, 0, 2);
8090 }
8091
8092 rwlock_init(&sip->macc_data_lck);
8093 rwlock_init(&sip->macc_meta_lck);
8094 rwlock_init(&sip->macc_sector_lck);
8095 return (int)n_idx;
8096err:
8097 sdebug_erase_store((int)n_idx, sip);
8098 pr_warn("%s: failed, errno=%d\n", __func__, -res);
8099 return res;
8100}
8101
8102static int sdebug_add_host_helper(int per_host_idx)
8103{
8104 int k, devs_per_host, idx;
8105 int error = -ENOMEM;
8106 struct sdebug_host_info *sdbg_host;
8107 struct sdebug_dev_info *sdbg_devinfo, *tmp;
8108
8109 sdbg_host = kzalloc(sizeof(*sdbg_host), GFP_KERNEL);
8110 if (!sdbg_host)
8111 return -ENOMEM;
8112 idx = (per_host_idx < 0) ? sdeb_first_idx : per_host_idx;
8113 if (xa_get_mark(per_store_ap, idx, SDEB_XA_NOT_IN_USE))
8114 xa_clear_mark(per_store_ap, idx, SDEB_XA_NOT_IN_USE);
8115 sdbg_host->si_idx = idx;
8116
8117 INIT_LIST_HEAD(&sdbg_host->dev_info_list);
8118
8119 devs_per_host = sdebug_num_tgts * sdebug_max_luns;
8120 for (k = 0; k < devs_per_host; k++) {
8121 sdbg_devinfo = sdebug_device_create(sdbg_host, GFP_KERNEL);
8122 if (!sdbg_devinfo)
8123 goto clean;
8124 }
8125
8126 mutex_lock(&sdebug_host_list_mutex);
8127 list_add_tail(&sdbg_host->host_list, &sdebug_host_list);
8128 mutex_unlock(&sdebug_host_list_mutex);
8129
8130 sdbg_host->dev.bus = &pseudo_lld_bus;
8131 sdbg_host->dev.parent = pseudo_primary;
8132 sdbg_host->dev.release = &sdebug_release_adapter;
8133 dev_set_name(&sdbg_host->dev, "adapter%d", sdebug_num_hosts);
8134
8135 error = device_register(&sdbg_host->dev);
8136 if (error) {
8137 mutex_lock(&sdebug_host_list_mutex);
8138 list_del(&sdbg_host->host_list);
8139 mutex_unlock(&sdebug_host_list_mutex);
8140 goto clean;
8141 }
8142
8143 ++sdebug_num_hosts;
8144 return 0;
8145
8146clean:
8147 list_for_each_entry_safe(sdbg_devinfo, tmp, &sdbg_host->dev_info_list,
8148 dev_list) {
8149 list_del(&sdbg_devinfo->dev_list);
8150 kfree(sdbg_devinfo->zstate);
8151 kfree(sdbg_devinfo);
8152 }
8153 if (sdbg_host->dev.release)
8154 put_device(&sdbg_host->dev);
8155 else
8156 kfree(sdbg_host);
8157 pr_warn("%s: failed, errno=%d\n", __func__, -error);
8158 return error;
8159}
8160
8161static int sdebug_do_add_host(bool mk_new_store)
8162{
8163 int ph_idx = sdeb_most_recent_idx;
8164
8165 if (mk_new_store) {
8166 ph_idx = sdebug_add_store();
8167 if (ph_idx < 0)
8168 return ph_idx;
8169 }
8170 return sdebug_add_host_helper(ph_idx);
8171}
8172
8173static void sdebug_do_remove_host(bool the_end)
8174{
8175 int idx = -1;
8176 struct sdebug_host_info *sdbg_host = NULL;
8177 struct sdebug_host_info *sdbg_host2;
8178
8179 mutex_lock(&sdebug_host_list_mutex);
8180 if (!list_empty(&sdebug_host_list)) {
8181 sdbg_host = list_entry(sdebug_host_list.prev,
8182 struct sdebug_host_info, host_list);
8183 idx = sdbg_host->si_idx;
8184 }
8185 if (!the_end && idx >= 0) {
8186 bool unique = true;
8187
8188 list_for_each_entry(sdbg_host2, &sdebug_host_list, host_list) {
8189 if (sdbg_host2 == sdbg_host)
8190 continue;
8191 if (idx == sdbg_host2->si_idx) {
8192 unique = false;
8193 break;
8194 }
8195 }
8196 if (unique) {
8197 xa_set_mark(per_store_ap, idx, SDEB_XA_NOT_IN_USE);
8198 if (idx == sdeb_most_recent_idx)
8199 --sdeb_most_recent_idx;
8200 }
8201 }
8202 if (sdbg_host)
8203 list_del(&sdbg_host->host_list);
8204 mutex_unlock(&sdebug_host_list_mutex);
8205
8206 if (!sdbg_host)
8207 return;
8208
8209 device_unregister(&sdbg_host->dev);
8210 --sdebug_num_hosts;
8211}
8212
8213static int sdebug_change_qdepth(struct scsi_device *sdev, int qdepth)
8214{
8215 struct sdebug_dev_info *devip = sdev->hostdata;
8216
8217 if (!devip)
8218 return -ENODEV;
8219
8220 mutex_lock(&sdebug_host_list_mutex);
8221 block_unblock_all_queues(true);
8222
8223 if (qdepth > SDEBUG_CANQUEUE) {
8224 qdepth = SDEBUG_CANQUEUE;
8225 pr_warn("%s: requested qdepth [%d] exceeds canqueue [%d], trim\n", __func__,
8226 qdepth, SDEBUG_CANQUEUE);
8227 }
8228 if (qdepth < 1)
8229 qdepth = 1;
8230 if (qdepth != sdev->queue_depth)
8231 scsi_change_queue_depth(sdev, qdepth);
8232
8233 block_unblock_all_queues(false);
8234 mutex_unlock(&sdebug_host_list_mutex);
8235
8236 if (SDEBUG_OPT_Q_NOISE & sdebug_opts)
8237 sdev_printk(KERN_INFO, sdev, "%s: qdepth=%d\n", __func__, qdepth);
8238
8239 return sdev->queue_depth;
8240}
8241
8242static bool fake_timeout(struct scsi_cmnd *scp)
8243{
8244 if (0 == (atomic_read(&sdebug_cmnd_count) % abs(sdebug_every_nth))) {
8245 if (sdebug_every_nth < -1)
8246 sdebug_every_nth = -1;
8247 if (SDEBUG_OPT_TIMEOUT & sdebug_opts)
8248 return true; /* ignore command causing timeout */
8249 else if (SDEBUG_OPT_MAC_TIMEOUT & sdebug_opts &&
8250 scsi_medium_access_command(scp))
8251 return true; /* time out reads and writes */
8252 }
8253 return false;
8254}
8255
8256/* Response to TUR or media access command when device stopped */
8257static int resp_not_ready(struct scsi_cmnd *scp, struct sdebug_dev_info *devip)
8258{
8259 int stopped_state;
8260 u64 diff_ns = 0;
8261 ktime_t now_ts = ktime_get_boottime();
8262 struct scsi_device *sdp = scp->device;
8263
8264 stopped_state = atomic_read(&devip->stopped);
8265 if (stopped_state == 2) {
8266 if (ktime_to_ns(now_ts) > ktime_to_ns(devip->create_ts)) {
8267 diff_ns = ktime_to_ns(ktime_sub(now_ts, devip->create_ts));
8268 if (diff_ns >= ((u64)sdeb_tur_ms_to_ready * 1000000)) {
8269 /* tur_ms_to_ready timer extinguished */
8270 atomic_set(&devip->stopped, 0);
8271 return 0;
8272 }
8273 }
8274 mk_sense_buffer(scp, NOT_READY, LOGICAL_UNIT_NOT_READY, 0x1);
8275 if (sdebug_verbose)
8276 sdev_printk(KERN_INFO, sdp,
8277 "%s: Not ready: in process of becoming ready\n", my_name);
8278 if (scp->cmnd[0] == TEST_UNIT_READY) {
8279 u64 tur_nanosecs_to_ready = (u64)sdeb_tur_ms_to_ready * 1000000;
8280
8281 if (diff_ns <= tur_nanosecs_to_ready)
8282 diff_ns = tur_nanosecs_to_ready - diff_ns;
8283 else
8284 diff_ns = tur_nanosecs_to_ready;
8285 /* As per 20-061r2 approved for spc6 by T10 on 20200716 */
8286 do_div(diff_ns, 1000000); /* diff_ns becomes milliseconds */
8287 scsi_set_sense_information(scp->sense_buffer, SCSI_SENSE_BUFFERSIZE,
8288 diff_ns);
8289 return check_condition_result;
8290 }
8291 }
8292 mk_sense_buffer(scp, NOT_READY, LOGICAL_UNIT_NOT_READY, 0x2);
8293 if (sdebug_verbose)
8294 sdev_printk(KERN_INFO, sdp, "%s: Not ready: initializing command required\n",
8295 my_name);
8296 return check_condition_result;
8297}
8298
8299static void sdebug_map_queues(struct Scsi_Host *shost)
8300{
8301 int i, qoff;
8302
8303 if (shost->nr_hw_queues == 1)
8304 return;
8305
8306 for (i = 0, qoff = 0; i < HCTX_MAX_TYPES; i++) {
8307 struct blk_mq_queue_map *map = &shost->tag_set.map[i];
8308
8309 map->nr_queues = 0;
8310
8311 if (i == HCTX_TYPE_DEFAULT)
8312 map->nr_queues = submit_queues - poll_queues;
8313 else if (i == HCTX_TYPE_POLL)
8314 map->nr_queues = poll_queues;
8315
8316 if (!map->nr_queues) {
8317 BUG_ON(i == HCTX_TYPE_DEFAULT);
8318 continue;
8319 }
8320
8321 map->queue_offset = qoff;
8322 blk_mq_map_queues(map);
8323
8324 qoff += map->nr_queues;
8325 }
8326}
8327
8328struct sdebug_blk_mq_poll_data {
8329 unsigned int queue_num;
8330 int *num_entries;
8331};
8332
8333/*
8334 * We don't handle aborted commands here, but it does not seem possible to have
8335 * aborted polled commands from schedule_resp()
8336 */
8337static bool sdebug_blk_mq_poll_iter(struct request *rq, void *opaque)
8338{
8339 struct sdebug_blk_mq_poll_data *data = opaque;
8340 struct scsi_cmnd *cmd = blk_mq_rq_to_pdu(rq);
8341 struct sdebug_scsi_cmd *sdsc = scsi_cmd_priv(cmd);
8342 struct sdebug_defer *sd_dp;
8343 u32 unique_tag = blk_mq_unique_tag(rq);
8344 u16 hwq = blk_mq_unique_tag_to_hwq(unique_tag);
8345 struct sdebug_queued_cmd *sqcp;
8346 unsigned long flags;
8347 int queue_num = data->queue_num;
8348 ktime_t time;
8349
8350 /* We're only interested in one queue for this iteration */
8351 if (hwq != queue_num)
8352 return true;
8353
8354 /* Subsequent checks would fail if this failed, but check anyway */
8355 if (!test_bit(SCMD_STATE_INFLIGHT, &cmd->state))
8356 return true;
8357
8358 time = ktime_get_boottime();
8359
8360 spin_lock_irqsave(&sdsc->lock, flags);
8361 sqcp = TO_QUEUED_CMD(cmd);
8362 if (!sqcp) {
8363 spin_unlock_irqrestore(&sdsc->lock, flags);
8364 return true;
8365 }
8366
8367 sd_dp = &sqcp->sd_dp;
8368 if (READ_ONCE(sd_dp->defer_t) != SDEB_DEFER_POLL) {
8369 spin_unlock_irqrestore(&sdsc->lock, flags);
8370 return true;
8371 }
8372
8373 if (time < sd_dp->cmpl_ts) {
8374 spin_unlock_irqrestore(&sdsc->lock, flags);
8375 return true;
8376 }
8377
8378 ASSIGN_QUEUED_CMD(cmd, NULL);
8379 spin_unlock_irqrestore(&sdsc->lock, flags);
8380
8381 if (sdebug_statistics) {
8382 atomic_inc(&sdebug_completions);
8383 if (raw_smp_processor_id() != sd_dp->issuing_cpu)
8384 atomic_inc(&sdebug_miss_cpus);
8385 }
8386
8387 sdebug_free_queued_cmd(sqcp);
8388
8389 scsi_done(cmd); /* callback to mid level */
8390 (*data->num_entries)++;
8391 return true;
8392}
8393
8394static int sdebug_blk_mq_poll(struct Scsi_Host *shost, unsigned int queue_num)
8395{
8396 int num_entries = 0;
8397 struct sdebug_blk_mq_poll_data data = {
8398 .queue_num = queue_num,
8399 .num_entries = &num_entries,
8400 };
8401
8402 blk_mq_tagset_busy_iter(&shost->tag_set, sdebug_blk_mq_poll_iter,
8403 &data);
8404
8405 if (num_entries > 0)
8406 atomic_add(num_entries, &sdeb_mq_poll_count);
8407 return num_entries;
8408}
8409
8410static int sdebug_timeout_cmd(struct scsi_cmnd *cmnd)
8411{
8412 struct scsi_device *sdp = cmnd->device;
8413 struct sdebug_dev_info *devip = (struct sdebug_dev_info *)sdp->hostdata;
8414 struct sdebug_err_inject *err;
8415 unsigned char *cmd = cmnd->cmnd;
8416 int ret = 0;
8417
8418 if (devip == NULL)
8419 return 0;
8420
8421 rcu_read_lock();
8422 list_for_each_entry_rcu(err, &devip->inject_err_list, list) {
8423 if (err->type == ERR_TMOUT_CMD &&
8424 (err->cmd == cmd[0] || err->cmd == 0xff)) {
8425 ret = !!err->cnt;
8426 if (err->cnt < 0)
8427 err->cnt++;
8428
8429 rcu_read_unlock();
8430 return ret;
8431 }
8432 }
8433 rcu_read_unlock();
8434
8435 return 0;
8436}
8437
8438static int sdebug_fail_queue_cmd(struct scsi_cmnd *cmnd)
8439{
8440 struct scsi_device *sdp = cmnd->device;
8441 struct sdebug_dev_info *devip = (struct sdebug_dev_info *)sdp->hostdata;
8442 struct sdebug_err_inject *err;
8443 unsigned char *cmd = cmnd->cmnd;
8444 int ret = 0;
8445
8446 if (devip == NULL)
8447 return 0;
8448
8449 rcu_read_lock();
8450 list_for_each_entry_rcu(err, &devip->inject_err_list, list) {
8451 if (err->type == ERR_FAIL_QUEUE_CMD &&
8452 (err->cmd == cmd[0] || err->cmd == 0xff)) {
8453 ret = err->cnt ? err->queuecmd_ret : 0;
8454 if (err->cnt < 0)
8455 err->cnt++;
8456
8457 rcu_read_unlock();
8458 return ret;
8459 }
8460 }
8461 rcu_read_unlock();
8462
8463 return 0;
8464}
8465
8466static int sdebug_fail_cmd(struct scsi_cmnd *cmnd, int *retval,
8467 struct sdebug_err_inject *info)
8468{
8469 struct scsi_device *sdp = cmnd->device;
8470 struct sdebug_dev_info *devip = (struct sdebug_dev_info *)sdp->hostdata;
8471 struct sdebug_err_inject *err;
8472 unsigned char *cmd = cmnd->cmnd;
8473 int ret = 0;
8474 int result;
8475
8476 if (devip == NULL)
8477 return 0;
8478
8479 rcu_read_lock();
8480 list_for_each_entry_rcu(err, &devip->inject_err_list, list) {
8481 if (err->type == ERR_FAIL_CMD &&
8482 (err->cmd == cmd[0] || err->cmd == 0xff)) {
8483 if (!err->cnt) {
8484 rcu_read_unlock();
8485 return 0;
8486 }
8487
8488 ret = !!err->cnt;
8489 rcu_read_unlock();
8490 goto out_handle;
8491 }
8492 }
8493 rcu_read_unlock();
8494
8495 return 0;
8496
8497out_handle:
8498 if (err->cnt < 0)
8499 err->cnt++;
8500 mk_sense_buffer(cmnd, err->sense_key, err->asc, err->asq);
8501 result = err->status_byte | err->host_byte << 16 | err->driver_byte << 24;
8502 *info = *err;
8503 *retval = schedule_resp(cmnd, devip, result, NULL, 0, 0);
8504
8505 return ret;
8506}
8507
8508static int scsi_debug_queuecommand(struct Scsi_Host *shost,
8509 struct scsi_cmnd *scp)
8510{
8511 u8 sdeb_i;
8512 struct scsi_device *sdp = scp->device;
8513 const struct opcode_info_t *oip;
8514 const struct opcode_info_t *r_oip;
8515 struct sdebug_dev_info *devip;
8516 u8 *cmd = scp->cmnd;
8517 int (*r_pfp)(struct scsi_cmnd *, struct sdebug_dev_info *);
8518 int (*pfp)(struct scsi_cmnd *, struct sdebug_dev_info *) = NULL;
8519 int k, na;
8520 int errsts = 0;
8521 u64 lun_index = sdp->lun & 0x3FFF;
8522 u32 flags;
8523 u16 sa;
8524 u8 opcode = cmd[0];
8525 bool has_wlun_rl;
8526 bool inject_now;
8527 int ret = 0;
8528 struct sdebug_err_inject err;
8529
8530 scsi_set_resid(scp, 0);
8531 if (sdebug_statistics) {
8532 atomic_inc(&sdebug_cmnd_count);
8533 inject_now = inject_on_this_cmd();
8534 } else {
8535 inject_now = false;
8536 }
8537 if (unlikely(sdebug_verbose &&
8538 !(SDEBUG_OPT_NO_CDB_NOISE & sdebug_opts))) {
8539 char b[120];
8540 int n, len, sb;
8541
8542 len = scp->cmd_len;
8543 sb = (int)sizeof(b);
8544 if (len > 32)
8545 strcpy(b, "too long, over 32 bytes");
8546 else {
8547 for (k = 0, n = 0; k < len && n < sb; ++k)
8548 n += scnprintf(b + n, sb - n, "%02x ",
8549 (u32)cmd[k]);
8550 }
8551 sdev_printk(KERN_INFO, sdp, "%s: tag=%#x, cmd %s\n", my_name,
8552 blk_mq_unique_tag(scsi_cmd_to_rq(scp)), b);
8553 }
8554 if (unlikely(inject_now && (sdebug_opts & SDEBUG_OPT_HOST_BUSY)))
8555 return SCSI_MLQUEUE_HOST_BUSY;
8556 has_wlun_rl = (sdp->lun == SCSI_W_LUN_REPORT_LUNS);
8557 if (unlikely(lun_index >= sdebug_max_luns && !has_wlun_rl))
8558 goto err_out;
8559
8560 sdeb_i = opcode_ind_arr[opcode]; /* fully mapped */
8561 oip = &opcode_info_arr[sdeb_i]; /* safe if table consistent */
8562 devip = (struct sdebug_dev_info *)sdp->hostdata;
8563 if (unlikely(!devip)) {
8564 devip = find_build_dev_info(sdp);
8565 if (NULL == devip)
8566 goto err_out;
8567 }
8568
8569 if (sdebug_timeout_cmd(scp)) {
8570 scmd_printk(KERN_INFO, scp, "timeout command 0x%x\n", opcode);
8571 return 0;
8572 }
8573
8574 ret = sdebug_fail_queue_cmd(scp);
8575 if (ret) {
8576 scmd_printk(KERN_INFO, scp, "fail queue command 0x%x with 0x%x\n",
8577 opcode, ret);
8578 return ret;
8579 }
8580
8581 if (sdebug_fail_cmd(scp, &ret, &err)) {
8582 scmd_printk(KERN_INFO, scp,
8583 "fail command 0x%x with hostbyte=0x%x, "
8584 "driverbyte=0x%x, statusbyte=0x%x, "
8585 "sense_key=0x%x, asc=0x%x, asq=0x%x\n",
8586 opcode, err.host_byte, err.driver_byte,
8587 err.status_byte, err.sense_key, err.asc, err.asq);
8588 return ret;
8589 }
8590
8591 if (unlikely(inject_now && !atomic_read(&sdeb_inject_pending)))
8592 atomic_set(&sdeb_inject_pending, 1);
8593
8594 na = oip->num_attached;
8595 r_pfp = oip->pfp;
8596 if (na) { /* multiple commands with this opcode */
8597 r_oip = oip;
8598 if (FF_SA & r_oip->flags) {
8599 if (F_SA_LOW & oip->flags)
8600 sa = 0x1f & cmd[1];
8601 else
8602 sa = get_unaligned_be16(cmd + 8);
8603 for (k = 0; k <= na; oip = r_oip->arrp + k++) {
8604 if (opcode == oip->opcode && sa == oip->sa)
8605 break;
8606 }
8607 } else { /* since no service action only check opcode */
8608 for (k = 0; k <= na; oip = r_oip->arrp + k++) {
8609 if (opcode == oip->opcode)
8610 break;
8611 }
8612 }
8613 if (k > na) {
8614 if (F_SA_LOW & r_oip->flags)
8615 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 1, 4);
8616 else if (F_SA_HIGH & r_oip->flags)
8617 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 8, 7);
8618 else
8619 mk_sense_invalid_opcode(scp);
8620 goto check_cond;
8621 }
8622 } /* else (when na==0) we assume the oip is a match */
8623 flags = oip->flags;
8624 if (unlikely(F_INV_OP & flags)) {
8625 mk_sense_invalid_opcode(scp);
8626 goto check_cond;
8627 }
8628 if (unlikely(has_wlun_rl && !(F_RL_WLUN_OK & flags))) {
8629 if (sdebug_verbose)
8630 sdev_printk(KERN_INFO, sdp, "%s: Opcode 0x%x not%s\n",
8631 my_name, opcode, " supported for wlun");
8632 mk_sense_invalid_opcode(scp);
8633 goto check_cond;
8634 }
8635 if (unlikely(sdebug_strict)) { /* check cdb against mask */
8636 u8 rem;
8637 int j;
8638
8639 for (k = 1; k < oip->len_mask[0] && k < 16; ++k) {
8640 rem = ~oip->len_mask[k] & cmd[k];
8641 if (rem) {
8642 for (j = 7; j >= 0; --j, rem <<= 1) {
8643 if (0x80 & rem)
8644 break;
8645 }
8646 mk_sense_invalid_fld(scp, SDEB_IN_CDB, k, j);
8647 goto check_cond;
8648 }
8649 }
8650 }
8651 if (unlikely(!(F_SKIP_UA & flags) &&
8652 find_first_bit(devip->uas_bm,
8653 SDEBUG_NUM_UAS) != SDEBUG_NUM_UAS)) {
8654 errsts = make_ua(scp, devip);
8655 if (errsts)
8656 goto check_cond;
8657 }
8658 if (unlikely(((F_M_ACCESS & flags) || scp->cmnd[0] == TEST_UNIT_READY) &&
8659 atomic_read(&devip->stopped))) {
8660 errsts = resp_not_ready(scp, devip);
8661 if (errsts)
8662 goto fini;
8663 }
8664 if (sdebug_fake_rw && (F_FAKE_RW & flags))
8665 goto fini;
8666 if (unlikely(sdebug_every_nth)) {
8667 if (fake_timeout(scp))
8668 return 0; /* ignore command: make trouble */
8669 }
8670 if (likely(oip->pfp))
8671 pfp = oip->pfp; /* calls a resp_* function */
8672 else
8673 pfp = r_pfp; /* if leaf function ptr NULL, try the root's */
8674
8675fini:
8676 if (F_DELAY_OVERR & flags) /* cmds like INQUIRY respond asap */
8677 return schedule_resp(scp, devip, errsts, pfp, 0, 0);
8678 else if ((flags & F_LONG_DELAY) && (sdebug_jdelay > 0 ||
8679 sdebug_ndelay > 10000)) {
8680 /*
8681 * Skip long delays if ndelay <= 10 microseconds. Otherwise
8682 * for Start Stop Unit (SSU) want at least 1 second delay and
8683 * if sdebug_jdelay>1 want a long delay of that many seconds.
8684 * For Synchronize Cache want 1/20 of SSU's delay.
8685 */
8686 int jdelay = (sdebug_jdelay < 2) ? 1 : sdebug_jdelay;
8687 int denom = (flags & F_SYNC_DELAY) ? 20 : 1;
8688
8689 jdelay = mult_frac(USER_HZ * jdelay, HZ, denom * USER_HZ);
8690 return schedule_resp(scp, devip, errsts, pfp, jdelay, 0);
8691 } else
8692 return schedule_resp(scp, devip, errsts, pfp, sdebug_jdelay,
8693 sdebug_ndelay);
8694check_cond:
8695 return schedule_resp(scp, devip, check_condition_result, NULL, 0, 0);
8696err_out:
8697 return schedule_resp(scp, NULL, DID_NO_CONNECT << 16, NULL, 0, 0);
8698}
8699
8700static int sdebug_init_cmd_priv(struct Scsi_Host *shost, struct scsi_cmnd *cmd)
8701{
8702 struct sdebug_scsi_cmd *sdsc = scsi_cmd_priv(cmd);
8703
8704 spin_lock_init(&sdsc->lock);
8705
8706 return 0;
8707}
8708
8709static struct scsi_host_template sdebug_driver_template = {
8710 .show_info = scsi_debug_show_info,
8711 .write_info = scsi_debug_write_info,
8712 .proc_name = sdebug_proc_name,
8713 .name = "SCSI DEBUG",
8714 .info = scsi_debug_info,
8715 .slave_alloc = scsi_debug_slave_alloc,
8716 .slave_configure = scsi_debug_slave_configure,
8717 .slave_destroy = scsi_debug_slave_destroy,
8718 .ioctl = scsi_debug_ioctl,
8719 .queuecommand = scsi_debug_queuecommand,
8720 .change_queue_depth = sdebug_change_qdepth,
8721 .map_queues = sdebug_map_queues,
8722 .mq_poll = sdebug_blk_mq_poll,
8723 .eh_abort_handler = scsi_debug_abort,
8724 .eh_device_reset_handler = scsi_debug_device_reset,
8725 .eh_target_reset_handler = scsi_debug_target_reset,
8726 .eh_bus_reset_handler = scsi_debug_bus_reset,
8727 .eh_host_reset_handler = scsi_debug_host_reset,
8728 .can_queue = SDEBUG_CANQUEUE,
8729 .this_id = 7,
8730 .sg_tablesize = SG_MAX_SEGMENTS,
8731 .cmd_per_lun = DEF_CMD_PER_LUN,
8732 .max_sectors = -1U,
8733 .max_segment_size = -1U,
8734 .module = THIS_MODULE,
8735 .track_queue_depth = 1,
8736 .cmd_size = sizeof(struct sdebug_scsi_cmd),
8737 .init_cmd_priv = sdebug_init_cmd_priv,
8738 .target_alloc = sdebug_target_alloc,
8739 .target_destroy = sdebug_target_destroy,
8740};
8741
8742static int sdebug_driver_probe(struct device *dev)
8743{
8744 int error = 0;
8745 struct sdebug_host_info *sdbg_host;
8746 struct Scsi_Host *hpnt;
8747 int hprot;
8748
8749 sdbg_host = dev_to_sdebug_host(dev);
8750
8751 sdebug_driver_template.can_queue = sdebug_max_queue;
8752 sdebug_driver_template.cmd_per_lun = sdebug_max_queue;
8753 if (!sdebug_clustering)
8754 sdebug_driver_template.dma_boundary = PAGE_SIZE - 1;
8755
8756 hpnt = scsi_host_alloc(&sdebug_driver_template, 0);
8757 if (NULL == hpnt) {
8758 pr_err("scsi_host_alloc failed\n");
8759 error = -ENODEV;
8760 return error;
8761 }
8762 if (submit_queues > nr_cpu_ids) {
8763 pr_warn("%s: trim submit_queues (was %d) to nr_cpu_ids=%u\n",
8764 my_name, submit_queues, nr_cpu_ids);
8765 submit_queues = nr_cpu_ids;
8766 }
8767 /*
8768 * Decide whether to tell scsi subsystem that we want mq. The
8769 * following should give the same answer for each host.
8770 */
8771 hpnt->nr_hw_queues = submit_queues;
8772 if (sdebug_host_max_queue)
8773 hpnt->host_tagset = 1;
8774
8775 /* poll queues are possible for nr_hw_queues > 1 */
8776 if (hpnt->nr_hw_queues == 1 || (poll_queues < 1)) {
8777 pr_warn("%s: trim poll_queues to 0. poll_q/nr_hw = (%d/%d)\n",
8778 my_name, poll_queues, hpnt->nr_hw_queues);
8779 poll_queues = 0;
8780 }
8781
8782 /*
8783 * Poll queues don't need interrupts, but we need at least one I/O queue
8784 * left over for non-polled I/O.
8785 * If condition not met, trim poll_queues to 1 (just for simplicity).
8786 */
8787 if (poll_queues >= submit_queues) {
8788 if (submit_queues < 3)
8789 pr_warn("%s: trim poll_queues to 1\n", my_name);
8790 else
8791 pr_warn("%s: trim poll_queues to 1. Perhaps try poll_queues=%d\n",
8792 my_name, submit_queues - 1);
8793 poll_queues = 1;
8794 }
8795 if (poll_queues)
8796 hpnt->nr_maps = 3;
8797
8798 sdbg_host->shost = hpnt;
8799 if ((hpnt->this_id >= 0) && (sdebug_num_tgts > hpnt->this_id))
8800 hpnt->max_id = sdebug_num_tgts + 1;
8801 else
8802 hpnt->max_id = sdebug_num_tgts;
8803 /* = sdebug_max_luns; */
8804 hpnt->max_lun = SCSI_W_LUN_REPORT_LUNS + 1;
8805
8806 hprot = 0;
8807
8808 switch (sdebug_dif) {
8809
8810 case T10_PI_TYPE1_PROTECTION:
8811 hprot = SHOST_DIF_TYPE1_PROTECTION;
8812 if (sdebug_dix)
8813 hprot |= SHOST_DIX_TYPE1_PROTECTION;
8814 break;
8815
8816 case T10_PI_TYPE2_PROTECTION:
8817 hprot = SHOST_DIF_TYPE2_PROTECTION;
8818 if (sdebug_dix)
8819 hprot |= SHOST_DIX_TYPE2_PROTECTION;
8820 break;
8821
8822 case T10_PI_TYPE3_PROTECTION:
8823 hprot = SHOST_DIF_TYPE3_PROTECTION;
8824 if (sdebug_dix)
8825 hprot |= SHOST_DIX_TYPE3_PROTECTION;
8826 break;
8827
8828 default:
8829 if (sdebug_dix)
8830 hprot |= SHOST_DIX_TYPE0_PROTECTION;
8831 break;
8832 }
8833
8834 scsi_host_set_prot(hpnt, hprot);
8835
8836 if (have_dif_prot || sdebug_dix)
8837 pr_info("host protection%s%s%s%s%s%s%s\n",
8838 (hprot & SHOST_DIF_TYPE1_PROTECTION) ? " DIF1" : "",
8839 (hprot & SHOST_DIF_TYPE2_PROTECTION) ? " DIF2" : "",
8840 (hprot & SHOST_DIF_TYPE3_PROTECTION) ? " DIF3" : "",
8841 (hprot & SHOST_DIX_TYPE0_PROTECTION) ? " DIX0" : "",
8842 (hprot & SHOST_DIX_TYPE1_PROTECTION) ? " DIX1" : "",
8843 (hprot & SHOST_DIX_TYPE2_PROTECTION) ? " DIX2" : "",
8844 (hprot & SHOST_DIX_TYPE3_PROTECTION) ? " DIX3" : "");
8845
8846 if (sdebug_guard == 1)
8847 scsi_host_set_guard(hpnt, SHOST_DIX_GUARD_IP);
8848 else
8849 scsi_host_set_guard(hpnt, SHOST_DIX_GUARD_CRC);
8850
8851 sdebug_verbose = !!(SDEBUG_OPT_NOISE & sdebug_opts);
8852 sdebug_any_injecting_opt = !!(SDEBUG_OPT_ALL_INJECTING & sdebug_opts);
8853 if (sdebug_every_nth) /* need stats counters for every_nth */
8854 sdebug_statistics = true;
8855 error = scsi_add_host(hpnt, &sdbg_host->dev);
8856 if (error) {
8857 pr_err("scsi_add_host failed\n");
8858 error = -ENODEV;
8859 scsi_host_put(hpnt);
8860 } else {
8861 scsi_scan_host(hpnt);
8862 }
8863
8864 return error;
8865}
8866
8867static void sdebug_driver_remove(struct device *dev)
8868{
8869 struct sdebug_host_info *sdbg_host;
8870 struct sdebug_dev_info *sdbg_devinfo, *tmp;
8871
8872 sdbg_host = dev_to_sdebug_host(dev);
8873
8874 scsi_remove_host(sdbg_host->shost);
8875
8876 list_for_each_entry_safe(sdbg_devinfo, tmp, &sdbg_host->dev_info_list,
8877 dev_list) {
8878 list_del(&sdbg_devinfo->dev_list);
8879 kfree(sdbg_devinfo->zstate);
8880 kfree(sdbg_devinfo);
8881 }
8882
8883 scsi_host_put(sdbg_host->shost);
8884}
8885
8886static const struct bus_type pseudo_lld_bus = {
8887 .name = "pseudo",
8888 .probe = sdebug_driver_probe,
8889 .remove = sdebug_driver_remove,
8890 .drv_groups = sdebug_drv_groups,
8891};