projects / deliverable / linux.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
target: fix list walking in transport_free_dev_tasks
[deliverable/linux.git] / drivers / target / target_core_transport.c
1 /*******************************************************************************
2 * Filename: target_core_transport.c
3 *
4 * This file contains the Generic Target Engine Core.
5 *
6 * Copyright (c) 2002, 2003, 2004, 2005 PyX Technologies, Inc.
7 * Copyright (c) 2005, 2006, 2007 SBE, Inc.
8 * Copyright (c) 2007-2010 Rising Tide Systems
9 * Copyright (c) 2008-2010 Linux-iSCSI.org
10 *
11 * Nicholas A. Bellinger <nab@kernel.org>
12 *
13 * This program is free software; you can redistribute it and/or modify
14 * it under the terms of the GNU General Public License as published by
15 * the Free Software Foundation; either version 2 of the License, or
16 * (at your option) any later version.
17 *
18 * This program is distributed in the hope that it will be useful,
19 * but WITHOUT ANY WARRANTY; without even the implied warranty of
20 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
21 * GNU General Public License for more details.
22 *
23 * You should have received a copy of the GNU General Public License
24 * along with this program; if not, write to the Free Software
25 * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
26 *
27 ******************************************************************************/
28
29 #include <linux/net.h>
30 #include <linux/delay.h>
31 #include <linux/string.h>
32 #include <linux/timer.h>
33 #include <linux/slab.h>
34 #include <linux/blkdev.h>
35 #include <linux/spinlock.h>
36 #include <linux/kthread.h>
37 #include <linux/in.h>
38 #include <linux/cdrom.h>
39 #include <asm/unaligned.h>
40 #include <net/sock.h>
41 #include <net/tcp.h>
42 #include <scsi/scsi.h>
43 #include <scsi/scsi_cmnd.h>
44 #include <scsi/scsi_tcq.h>
45
46 #include <target/target_core_base.h>
47 #include <target/target_core_device.h>
48 #include <target/target_core_tmr.h>
49 #include <target/target_core_tpg.h>
50 #include <target/target_core_transport.h>
51 #include <target/target_core_fabric_ops.h>
52 #include <target/target_core_configfs.h>
53
54 #include "target_core_alua.h"
55 #include "target_core_hba.h"
56 #include "target_core_pr.h"
57 #include "target_core_ua.h"
58
59 static int sub_api_initialized;
60
61 static struct kmem_cache *se_cmd_cache;
62 static struct kmem_cache *se_sess_cache;
63 struct kmem_cache *se_tmr_req_cache;
64 struct kmem_cache *se_ua_cache;
65 struct kmem_cache *t10_pr_reg_cache;
66 struct kmem_cache *t10_alua_lu_gp_cache;
67 struct kmem_cache *t10_alua_lu_gp_mem_cache;
68 struct kmem_cache *t10_alua_tg_pt_gp_cache;
69 struct kmem_cache *t10_alua_tg_pt_gp_mem_cache;
70
71 static int transport_generic_write_pending(struct se_cmd *);
72 static int transport_processing_thread(void *param);
73 static int __transport_execute_tasks(struct se_device *dev);
74 static void transport_complete_task_attr(struct se_cmd *cmd);
75 static void transport_handle_queue_full(struct se_cmd *cmd,
76 struct se_device *dev);
77 static void transport_direct_request_timeout(struct se_cmd *cmd);
78 static void transport_free_dev_tasks(struct se_cmd *cmd);
79 static u32 transport_allocate_tasks(struct se_cmd *cmd,
80 unsigned long long starting_lba,
81 enum dma_data_direction data_direction,
82 struct scatterlist *sgl, unsigned int nents);
83 static int transport_generic_get_mem(struct se_cmd *cmd);
84 static void transport_put_cmd(struct se_cmd *cmd);
85 static void transport_remove_cmd_from_queue(struct se_cmd *cmd);
86 static int transport_set_sense_codes(struct se_cmd *cmd, u8 asc, u8 ascq);
87 static void transport_stop_all_task_timers(struct se_cmd *cmd);
88
89 int init_se_kmem_caches(void)
90 {
91 se_cmd_cache = kmem_cache_create("se_cmd_cache",
92 sizeof(struct se_cmd), __alignof__(struct se_cmd), 0, NULL);
93 if (!se_cmd_cache) {
94 pr_err("kmem_cache_create for struct se_cmd failed\n");
95 goto out;
96 }
97 se_tmr_req_cache = kmem_cache_create("se_tmr_cache",
98 sizeof(struct se_tmr_req), __alignof__(struct se_tmr_req),
99 0, NULL);
100 if (!se_tmr_req_cache) {
101 pr_err("kmem_cache_create() for struct se_tmr_req"
102 " failed\n");
103 goto out;
104 }
105 se_sess_cache = kmem_cache_create("se_sess_cache",
106 sizeof(struct se_session), __alignof__(struct se_session),
107 0, NULL);
108 if (!se_sess_cache) {
109 pr_err("kmem_cache_create() for struct se_session"
110 " failed\n");
111 goto out;
112 }
113 se_ua_cache = kmem_cache_create("se_ua_cache",
114 sizeof(struct se_ua), __alignof__(struct se_ua),
115 0, NULL);
116 if (!se_ua_cache) {
117 pr_err("kmem_cache_create() for struct se_ua failed\n");
118 goto out;
119 }
120 t10_pr_reg_cache = kmem_cache_create("t10_pr_reg_cache",
121 sizeof(struct t10_pr_registration),
122 __alignof__(struct t10_pr_registration), 0, NULL);
123 if (!t10_pr_reg_cache) {
124 pr_err("kmem_cache_create() for struct t10_pr_registration"
125 " failed\n");
126 goto out;
127 }
128 t10_alua_lu_gp_cache = kmem_cache_create("t10_alua_lu_gp_cache",
129 sizeof(struct t10_alua_lu_gp), __alignof__(struct t10_alua_lu_gp),
130 0, NULL);
131 if (!t10_alua_lu_gp_cache) {
132 pr_err("kmem_cache_create() for t10_alua_lu_gp_cache"
133 " failed\n");
134 goto out;
135 }
136 t10_alua_lu_gp_mem_cache = kmem_cache_create("t10_alua_lu_gp_mem_cache",
137 sizeof(struct t10_alua_lu_gp_member),
138 __alignof__(struct t10_alua_lu_gp_member), 0, NULL);
139 if (!t10_alua_lu_gp_mem_cache) {
140 pr_err("kmem_cache_create() for t10_alua_lu_gp_mem_"
141 "cache failed\n");
142 goto out;
143 }
144 t10_alua_tg_pt_gp_cache = kmem_cache_create("t10_alua_tg_pt_gp_cache",
145 sizeof(struct t10_alua_tg_pt_gp),
146 __alignof__(struct t10_alua_tg_pt_gp), 0, NULL);
147 if (!t10_alua_tg_pt_gp_cache) {
148 pr_err("kmem_cache_create() for t10_alua_tg_pt_gp_"
149 "cache failed\n");
150 goto out;
151 }
152 t10_alua_tg_pt_gp_mem_cache = kmem_cache_create(
153 "t10_alua_tg_pt_gp_mem_cache",
154 sizeof(struct t10_alua_tg_pt_gp_member),
155 __alignof__(struct t10_alua_tg_pt_gp_member),
156 0, NULL);
157 if (!t10_alua_tg_pt_gp_mem_cache) {
158 pr_err("kmem_cache_create() for t10_alua_tg_pt_gp_"
159 "mem_t failed\n");
160 goto out;
161 }
162
163 return 0;
164 out:
165 if (se_cmd_cache)
166 kmem_cache_destroy(se_cmd_cache);
167 if (se_tmr_req_cache)
168 kmem_cache_destroy(se_tmr_req_cache);
169 if (se_sess_cache)
170 kmem_cache_destroy(se_sess_cache);
171 if (se_ua_cache)
172 kmem_cache_destroy(se_ua_cache);
173 if (t10_pr_reg_cache)
174 kmem_cache_destroy(t10_pr_reg_cache);
175 if (t10_alua_lu_gp_cache)
176 kmem_cache_destroy(t10_alua_lu_gp_cache);
177 if (t10_alua_lu_gp_mem_cache)
178 kmem_cache_destroy(t10_alua_lu_gp_mem_cache);
179 if (t10_alua_tg_pt_gp_cache)
180 kmem_cache_destroy(t10_alua_tg_pt_gp_cache);
181 if (t10_alua_tg_pt_gp_mem_cache)
182 kmem_cache_destroy(t10_alua_tg_pt_gp_mem_cache);
183 return -ENOMEM;
184 }
185
186 void release_se_kmem_caches(void)
187 {
188 kmem_cache_destroy(se_cmd_cache);
189 kmem_cache_destroy(se_tmr_req_cache);
190 kmem_cache_destroy(se_sess_cache);
191 kmem_cache_destroy(se_ua_cache);
192 kmem_cache_destroy(t10_pr_reg_cache);
193 kmem_cache_destroy(t10_alua_lu_gp_cache);
194 kmem_cache_destroy(t10_alua_lu_gp_mem_cache);
195 kmem_cache_destroy(t10_alua_tg_pt_gp_cache);
196 kmem_cache_destroy(t10_alua_tg_pt_gp_mem_cache);
197 }
198
199 /* This code ensures unique mib indexes are handed out. */
200 static DEFINE_SPINLOCK(scsi_mib_index_lock);
201 static u32 scsi_mib_index[SCSI_INDEX_TYPE_MAX];
202
203 /*
204 * Allocate a new row index for the entry type specified
205 */
206 u32 scsi_get_new_index(scsi_index_t type)
207 {
208 u32 new_index;
209
210 BUG_ON((type < 0) || (type >= SCSI_INDEX_TYPE_MAX));
211
212 spin_lock(&scsi_mib_index_lock);
213 new_index = ++scsi_mib_index[type];
214 spin_unlock(&scsi_mib_index_lock);
215
216 return new_index;
217 }
218
219 void transport_init_queue_obj(struct se_queue_obj *qobj)
220 {
221 atomic_set(&qobj->queue_cnt, 0);
222 INIT_LIST_HEAD(&qobj->qobj_list);
223 init_waitqueue_head(&qobj->thread_wq);
224 spin_lock_init(&qobj->cmd_queue_lock);
225 }
226 EXPORT_SYMBOL(transport_init_queue_obj);
227
228 static int transport_subsystem_reqmods(void)
229 {
230 int ret;
231
232 ret = request_module("target_core_iblock");
233 if (ret != 0)
234 pr_err("Unable to load target_core_iblock\n");
235
236 ret = request_module("target_core_file");
237 if (ret != 0)
238 pr_err("Unable to load target_core_file\n");
239
240 ret = request_module("target_core_pscsi");
241 if (ret != 0)
242 pr_err("Unable to load target_core_pscsi\n");
243
244 ret = request_module("target_core_stgt");
245 if (ret != 0)
246 pr_err("Unable to load target_core_stgt\n");
247
248 return 0;
249 }
250
251 int transport_subsystem_check_init(void)
252 {
253 int ret;
254
255 if (sub_api_initialized)
256 return 0;
257 /*
258 * Request the loading of known TCM subsystem plugins..
259 */
260 ret = transport_subsystem_reqmods();
261 if (ret < 0)
262 return ret;
263
264 sub_api_initialized = 1;
265 return 0;
266 }
267
268 struct se_session *transport_init_session(void)
269 {
270 struct se_session *se_sess;
271
272 se_sess = kmem_cache_zalloc(se_sess_cache, GFP_KERNEL);
273 if (!se_sess) {
274 pr_err("Unable to allocate struct se_session from"
275 " se_sess_cache\n");
276 return ERR_PTR(-ENOMEM);
277 }
278 INIT_LIST_HEAD(&se_sess->sess_list);
279 INIT_LIST_HEAD(&se_sess->sess_acl_list);
280
281 return se_sess;
282 }
283 EXPORT_SYMBOL(transport_init_session);
284
285 /*
286 * Called with spin_lock_bh(&struct se_portal_group->session_lock called.
287 */
288 void __transport_register_session(
289 struct se_portal_group *se_tpg,
290 struct se_node_acl *se_nacl,
291 struct se_session *se_sess,
292 void *fabric_sess_ptr)
293 {
294 unsigned char buf[PR_REG_ISID_LEN];
295
296 se_sess->se_tpg = se_tpg;
297 se_sess->fabric_sess_ptr = fabric_sess_ptr;
298 /*
299 * Used by struct se_node_acl's under ConfigFS to locate active se_session-t
300 *
301 * Only set for struct se_session's that will actually be moving I/O.
302 * eg: *NOT* discovery sessions.
303 */
304 if (se_nacl) {
305 /*
306 * If the fabric module supports an ISID based TransportID,
307 * save this value in binary from the fabric I_T Nexus now.
308 */
309 if (se_tpg->se_tpg_tfo->sess_get_initiator_sid != NULL) {
310 memset(&buf[0], 0, PR_REG_ISID_LEN);
311 se_tpg->se_tpg_tfo->sess_get_initiator_sid(se_sess,
312 &buf[0], PR_REG_ISID_LEN);
313 se_sess->sess_bin_isid = get_unaligned_be64(&buf[0]);
314 }
315 spin_lock_irq(&se_nacl->nacl_sess_lock);
316 /*
317 * The se_nacl->nacl_sess pointer will be set to the
318 * last active I_T Nexus for each struct se_node_acl.
319 */
320 se_nacl->nacl_sess = se_sess;
321
322 list_add_tail(&se_sess->sess_acl_list,
323 &se_nacl->acl_sess_list);
324 spin_unlock_irq(&se_nacl->nacl_sess_lock);
325 }
326 list_add_tail(&se_sess->sess_list, &se_tpg->tpg_sess_list);
327
328 pr_debug("TARGET_CORE[%s]: Registered fabric_sess_ptr: %p\n",
329 se_tpg->se_tpg_tfo->get_fabric_name(), se_sess->fabric_sess_ptr);
330 }
331 EXPORT_SYMBOL(__transport_register_session);
332
333 void transport_register_session(
334 struct se_portal_group *se_tpg,
335 struct se_node_acl *se_nacl,
336 struct se_session *se_sess,
337 void *fabric_sess_ptr)
338 {
339 spin_lock_bh(&se_tpg->session_lock);
340 __transport_register_session(se_tpg, se_nacl, se_sess, fabric_sess_ptr);
341 spin_unlock_bh(&se_tpg->session_lock);
342 }
343 EXPORT_SYMBOL(transport_register_session);
344
345 void transport_deregister_session_configfs(struct se_session *se_sess)
346 {
347 struct se_node_acl *se_nacl;
348 unsigned long flags;
349 /*
350 * Used by struct se_node_acl's under ConfigFS to locate active struct se_session
351 */
352 se_nacl = se_sess->se_node_acl;
353 if (se_nacl) {
354 spin_lock_irqsave(&se_nacl->nacl_sess_lock, flags);
355 list_del(&se_sess->sess_acl_list);
356 /*
357 * If the session list is empty, then clear the pointer.
358 * Otherwise, set the struct se_session pointer from the tail
359 * element of the per struct se_node_acl active session list.
360 */
361 if (list_empty(&se_nacl->acl_sess_list))
362 se_nacl->nacl_sess = NULL;
363 else {
364 se_nacl->nacl_sess = container_of(
365 se_nacl->acl_sess_list.prev,
366 struct se_session, sess_acl_list);
367 }
368 spin_unlock_irqrestore(&se_nacl->nacl_sess_lock, flags);
369 }
370 }
371 EXPORT_SYMBOL(transport_deregister_session_configfs);
372
373 void transport_free_session(struct se_session *se_sess)
374 {
375 kmem_cache_free(se_sess_cache, se_sess);
376 }
377 EXPORT_SYMBOL(transport_free_session);
378
379 void transport_deregister_session(struct se_session *se_sess)
380 {
381 struct se_portal_group *se_tpg = se_sess->se_tpg;
382 struct se_node_acl *se_nacl;
383 unsigned long flags;
384
385 if (!se_tpg) {
386 transport_free_session(se_sess);
387 return;
388 }
389
390 spin_lock_irqsave(&se_tpg->session_lock, flags);
391 list_del(&se_sess->sess_list);
392 se_sess->se_tpg = NULL;
393 se_sess->fabric_sess_ptr = NULL;
394 spin_unlock_irqrestore(&se_tpg->session_lock, flags);
395
396 /*
397 * Determine if we need to do extra work for this initiator node's
398 * struct se_node_acl if it had been previously dynamically generated.
399 */
400 se_nacl = se_sess->se_node_acl;
401 if (se_nacl) {
402 spin_lock_irqsave(&se_tpg->acl_node_lock, flags);
403 if (se_nacl->dynamic_node_acl) {
404 if (!se_tpg->se_tpg_tfo->tpg_check_demo_mode_cache(
405 se_tpg)) {
406 list_del(&se_nacl->acl_list);
407 se_tpg->num_node_acls--;
408 spin_unlock_irqrestore(&se_tpg->acl_node_lock, flags);
409
410 core_tpg_wait_for_nacl_pr_ref(se_nacl);
411 core_free_device_list_for_node(se_nacl, se_tpg);
412 se_tpg->se_tpg_tfo->tpg_release_fabric_acl(se_tpg,
413 se_nacl);
414 spin_lock_irqsave(&se_tpg->acl_node_lock, flags);
415 }
416 }
417 spin_unlock_irqrestore(&se_tpg->acl_node_lock, flags);
418 }
419
420 transport_free_session(se_sess);
421
422 pr_debug("TARGET_CORE[%s]: Deregistered fabric_sess\n",
423 se_tpg->se_tpg_tfo->get_fabric_name());
424 }
425 EXPORT_SYMBOL(transport_deregister_session);
426
427 /*
428 * Called with cmd->t_state_lock held.
429 */
430 static void transport_all_task_dev_remove_state(struct se_cmd *cmd)
431 {
432 struct se_device *dev = cmd->se_dev;
433 struct se_task *task;
434 unsigned long flags;
435
436 if (!dev)
437 return;
438
439 list_for_each_entry(task, &cmd->t_task_list, t_list) {
440 if (task->task_flags & TF_ACTIVE)
441 continue;
442
443 if (!atomic_read(&task->task_state_active))
444 continue;
445
446 spin_lock_irqsave(&dev->execute_task_lock, flags);
447 list_del(&task->t_state_list);
448 pr_debug("Removed ITT: 0x%08x dev: %p task[%p]\n",
449 cmd->se_tfo->get_task_tag(cmd), dev, task);
450 spin_unlock_irqrestore(&dev->execute_task_lock, flags);
451
452 atomic_set(&task->task_state_active, 0);
453 atomic_dec(&cmd->t_task_cdbs_ex_left);
454 }
455 }
456
457 /* transport_cmd_check_stop():
458 *
459 * 'transport_off = 1' determines if t_transport_active should be cleared.
460 * 'transport_off = 2' determines if task_dev_state should be removed.
461 *
462 * A non-zero u8 t_state sets cmd->t_state.
463 * Returns 1 when command is stopped, else 0.
464 */
465 static int transport_cmd_check_stop(
466 struct se_cmd *cmd,
467 int transport_off,
468 u8 t_state)
469 {
470 unsigned long flags;
471
472 spin_lock_irqsave(&cmd->t_state_lock, flags);
473 /*
474 * Determine if IOCTL context caller in requesting the stopping of this
475 * command for LUN shutdown purposes.
476 */
477 if (atomic_read(&cmd->transport_lun_stop)) {
478 pr_debug("%s:%d atomic_read(&cmd->transport_lun_stop)"
479 " == TRUE for ITT: 0x%08x\n", __func__, __LINE__,
480 cmd->se_tfo->get_task_tag(cmd));
481
482 cmd->deferred_t_state = cmd->t_state;
483 cmd->t_state = TRANSPORT_DEFERRED_CMD;
484 atomic_set(&cmd->t_transport_active, 0);
485 if (transport_off == 2)
486 transport_all_task_dev_remove_state(cmd);
487 spin_unlock_irqrestore(&cmd->t_state_lock, flags);
488
489 complete(&cmd->transport_lun_stop_comp);
490 return 1;
491 }
492 /*
493 * Determine if frontend context caller is requesting the stopping of
494 * this command for frontend exceptions.
495 */
496 if (atomic_read(&cmd->t_transport_stop)) {
497 pr_debug("%s:%d atomic_read(&cmd->t_transport_stop) =="
498 " TRUE for ITT: 0x%08x\n", __func__, __LINE__,
499 cmd->se_tfo->get_task_tag(cmd));
500
501 cmd->deferred_t_state = cmd->t_state;
502 cmd->t_state = TRANSPORT_DEFERRED_CMD;
503 if (transport_off == 2)
504 transport_all_task_dev_remove_state(cmd);
505
506 /*
507 * Clear struct se_cmd->se_lun before the transport_off == 2 handoff
508 * to FE.
509 */
510 if (transport_off == 2)
511 cmd->se_lun = NULL;
512 spin_unlock_irqrestore(&cmd->t_state_lock, flags);
513
514 complete(&cmd->t_transport_stop_comp);
515 return 1;
516 }
517 if (transport_off) {
518 atomic_set(&cmd->t_transport_active, 0);
519 if (transport_off == 2) {
520 transport_all_task_dev_remove_state(cmd);
521 /*
522 * Clear struct se_cmd->se_lun before the transport_off == 2
523 * handoff to fabric module.
524 */
525 cmd->se_lun = NULL;
526 /*
527 * Some fabric modules like tcm_loop can release
528 * their internally allocated I/O reference now and
529 * struct se_cmd now.
530 */
531 if (cmd->se_tfo->check_stop_free != NULL) {
532 spin_unlock_irqrestore(
533 &cmd->t_state_lock, flags);
534
535 cmd->se_tfo->check_stop_free(cmd);
536 return 1;
537 }
538 }
539 spin_unlock_irqrestore(&cmd->t_state_lock, flags);
540
541 return 0;
542 } else if (t_state)
543 cmd->t_state = t_state;
544 spin_unlock_irqrestore(&cmd->t_state_lock, flags);
545
546 return 0;
547 }
548
549 static int transport_cmd_check_stop_to_fabric(struct se_cmd *cmd)
550 {
551 return transport_cmd_check_stop(cmd, 2, 0);
552 }
553
554 static void transport_lun_remove_cmd(struct se_cmd *cmd)
555 {
556 struct se_lun *lun = cmd->se_lun;
557 unsigned long flags;
558
559 if (!lun)
560 return;
561
562 spin_lock_irqsave(&cmd->t_state_lock, flags);
563 if (!atomic_read(&cmd->transport_dev_active)) {
564 spin_unlock_irqrestore(&cmd->t_state_lock, flags);
565 goto check_lun;
566 }
567 atomic_set(&cmd->transport_dev_active, 0);
568 transport_all_task_dev_remove_state(cmd);
569 spin_unlock_irqrestore(&cmd->t_state_lock, flags);
570
571
572 check_lun:
573 spin_lock_irqsave(&lun->lun_cmd_lock, flags);
574 if (atomic_read(&cmd->transport_lun_active)) {
575 list_del(&cmd->se_lun_node);
576 atomic_set(&cmd->transport_lun_active, 0);
577 #if 0
578 pr_debug("Removed ITT: 0x%08x from LUN LIST[%d]\n"
579 cmd->se_tfo->get_task_tag(cmd), lun->unpacked_lun);
580 #endif
581 }
582 spin_unlock_irqrestore(&lun->lun_cmd_lock, flags);
583 }
584
585 void transport_cmd_finish_abort(struct se_cmd *cmd, int remove)
586 {
587 if (!cmd->se_tmr_req)
588 transport_lun_remove_cmd(cmd);
589
590 if (transport_cmd_check_stop_to_fabric(cmd))
591 return;
592 if (remove) {
593 transport_remove_cmd_from_queue(cmd);
594 transport_put_cmd(cmd);
595 }
596 }
597
598 static void transport_add_cmd_to_queue(struct se_cmd *cmd, int t_state,
599 bool at_head)
600 {
601 struct se_device *dev = cmd->se_dev;
602 struct se_queue_obj *qobj = &dev->dev_queue_obj;
603 unsigned long flags;
604
605 if (t_state) {
606 spin_lock_irqsave(&cmd->t_state_lock, flags);
607 cmd->t_state = t_state;
608 atomic_set(&cmd->t_transport_active, 1);
609 spin_unlock_irqrestore(&cmd->t_state_lock, flags);
610 }
611
612 spin_lock_irqsave(&qobj->cmd_queue_lock, flags);
613
614 /* If the cmd is already on the list, remove it before we add it */
615 if (!list_empty(&cmd->se_queue_node))
616 list_del(&cmd->se_queue_node);
617 else
618 atomic_inc(&qobj->queue_cnt);
619
620 if (at_head)
621 list_add(&cmd->se_queue_node, &qobj->qobj_list);
622 else
623 list_add_tail(&cmd->se_queue_node, &qobj->qobj_list);
624 atomic_set(&cmd->t_transport_queue_active, 1);
625 spin_unlock_irqrestore(&qobj->cmd_queue_lock, flags);
626
627 wake_up_interruptible(&qobj->thread_wq);
628 }
629
630 static struct se_cmd *
631 transport_get_cmd_from_queue(struct se_queue_obj *qobj)
632 {
633 struct se_cmd *cmd;
634 unsigned long flags;
635
636 spin_lock_irqsave(&qobj->cmd_queue_lock, flags);
637 if (list_empty(&qobj->qobj_list)) {
638 spin_unlock_irqrestore(&qobj->cmd_queue_lock, flags);
639 return NULL;
640 }
641 cmd = list_first_entry(&qobj->qobj_list, struct se_cmd, se_queue_node);
642
643 atomic_set(&cmd->t_transport_queue_active, 0);
644
645 list_del_init(&cmd->se_queue_node);
646 atomic_dec(&qobj->queue_cnt);
647 spin_unlock_irqrestore(&qobj->cmd_queue_lock, flags);
648
649 return cmd;
650 }
651
652 static void transport_remove_cmd_from_queue(struct se_cmd *cmd)
653 {
654 struct se_queue_obj *qobj = &cmd->se_dev->dev_queue_obj;
655 unsigned long flags;
656
657 spin_lock_irqsave(&qobj->cmd_queue_lock, flags);
658 if (!atomic_read(&cmd->t_transport_queue_active)) {
659 spin_unlock_irqrestore(&qobj->cmd_queue_lock, flags);
660 return;
661 }
662 atomic_set(&cmd->t_transport_queue_active, 0);
663 atomic_dec(&qobj->queue_cnt);
664 list_del_init(&cmd->se_queue_node);
665 spin_unlock_irqrestore(&qobj->cmd_queue_lock, flags);
666
667 if (atomic_read(&cmd->t_transport_queue_active)) {
668 pr_err("ITT: 0x%08x t_transport_queue_active: %d\n",
669 cmd->se_tfo->get_task_tag(cmd),
670 atomic_read(&cmd->t_transport_queue_active));
671 }
672 }
673
674 /*
675 * Completion function used by TCM subsystem plugins (such as FILEIO)
676 * for queueing up response from struct se_subsystem_api->do_task()
677 */
678 void transport_complete_sync_cache(struct se_cmd *cmd, int good)
679 {
680 struct se_task *task = list_entry(cmd->t_task_list.next,
681 struct se_task, t_list);
682
683 if (good) {
684 cmd->scsi_status = SAM_STAT_GOOD;
685 task->task_scsi_status = GOOD;
686 } else {
687 task->task_scsi_status = SAM_STAT_CHECK_CONDITION;
688 task->task_error_status = PYX_TRANSPORT_ILLEGAL_REQUEST;
689 task->task_se_cmd->transport_error_status =
690 PYX_TRANSPORT_ILLEGAL_REQUEST;
691 }
692
693 transport_complete_task(task, good);
694 }
695 EXPORT_SYMBOL(transport_complete_sync_cache);
696
697 /* transport_complete_task():
698 *
699 * Called from interrupt and non interrupt context depending
700 * on the transport plugin.
701 */
702 void transport_complete_task(struct se_task *task, int success)
703 {
704 struct se_cmd *cmd = task->task_se_cmd;
705 struct se_device *dev = cmd->se_dev;
706 int t_state;
707 unsigned long flags;
708 #if 0
709 pr_debug("task: %p CDB: 0x%02x obj_ptr: %p\n", task,
710 cmd->t_task_cdb[0], dev);
711 #endif
712 if (dev)
713 atomic_inc(&dev->depth_left);
714
715 spin_lock_irqsave(&cmd->t_state_lock, flags);
716 task->task_flags &= ~TF_ACTIVE;
717
718 /*
719 * See if any sense data exists, if so set the TASK_SENSE flag.
720 * Also check for any other post completion work that needs to be
721 * done by the plugins.
722 */
723 if (dev && dev->transport->transport_complete) {
724 if (dev->transport->transport_complete(task) != 0) {
725 cmd->se_cmd_flags |= SCF_TRANSPORT_TASK_SENSE;
726 task->task_sense = 1;
727 success = 1;
728 }
729 }
730
731 /*
732 * See if we are waiting for outstanding struct se_task
733 * to complete for an exception condition
734 */
735 if (task->task_flags & TF_REQUEST_STOP) {
736 /*
737 * Decrement cmd->t_se_count if this task had
738 * previously thrown its timeout exception handler.
739 */
740 if (task->task_flags & TF_TIMEOUT) {
741 atomic_dec(&cmd->t_se_count);
742 task->task_flags &= ~TF_TIMEOUT;
743 }
744 spin_unlock_irqrestore(&cmd->t_state_lock, flags);
745
746 complete(&task->task_stop_comp);
747 return;
748 }
749 /*
750 * If the task's timeout handler has fired, use the t_task_cdbs_timeout
751 * left counter to determine when the struct se_cmd is ready to be queued to
752 * the processing thread.
753 */
754 if (task->task_flags & TF_TIMEOUT) {
755 if (!atomic_dec_and_test(
756 &cmd->t_task_cdbs_timeout_left)) {
757 spin_unlock_irqrestore(&cmd->t_state_lock,
758 flags);
759 return;
760 }
761 t_state = TRANSPORT_COMPLETE_TIMEOUT;
762 spin_unlock_irqrestore(&cmd->t_state_lock, flags);
763
764 transport_add_cmd_to_queue(cmd, t_state, false);
765 return;
766 }
767 atomic_dec(&cmd->t_task_cdbs_timeout_left);
768
769 /*
770 * Decrement the outstanding t_task_cdbs_left count. The last
771 * struct se_task from struct se_cmd will complete itself into the
772 * device queue depending upon int success.
773 */
774 if (!atomic_dec_and_test(&cmd->t_task_cdbs_left)) {
775 if (!success)
776 cmd->t_tasks_failed = 1;
777
778 spin_unlock_irqrestore(&cmd->t_state_lock, flags);
779 return;
780 }
781
782 if (!success || cmd->t_tasks_failed) {
783 t_state = TRANSPORT_COMPLETE_FAILURE;
784 if (!task->task_error_status) {
785 task->task_error_status =
786 PYX_TRANSPORT_UNKNOWN_SAM_OPCODE;
787 cmd->transport_error_status =
788 PYX_TRANSPORT_UNKNOWN_SAM_OPCODE;
789 }
790 } else {
791 atomic_set(&cmd->t_transport_complete, 1);
792 t_state = TRANSPORT_COMPLETE_OK;
793 }
794 spin_unlock_irqrestore(&cmd->t_state_lock, flags);
795
796 transport_add_cmd_to_queue(cmd, t_state, false);
797 }
798 EXPORT_SYMBOL(transport_complete_task);
799
800 /*
801 * Called by transport_add_tasks_from_cmd() once a struct se_cmd's
802 * struct se_task list are ready to be added to the active execution list
803 * struct se_device
804
805 * Called with se_dev_t->execute_task_lock called.
806 */
807 static inline int transport_add_task_check_sam_attr(
808 struct se_task *task,
809 struct se_task *task_prev,
810 struct se_device *dev)
811 {
812 /*
813 * No SAM Task attribute emulation enabled, add to tail of
814 * execution queue
815 */
816 if (dev->dev_task_attr_type != SAM_TASK_ATTR_EMULATED) {
817 list_add_tail(&task->t_execute_list, &dev->execute_task_list);
818 return 0;
819 }
820 /*
821 * HEAD_OF_QUEUE attribute for received CDB, which means
822 * the first task that is associated with a struct se_cmd goes to
823 * head of the struct se_device->execute_task_list, and task_prev
824 * after that for each subsequent task
825 */
826 if (task->task_se_cmd->sam_task_attr == MSG_HEAD_TAG) {
827 list_add(&task->t_execute_list,
828 (task_prev != NULL) ?
829 &task_prev->t_execute_list :
830 &dev->execute_task_list);
831
832 pr_debug("Set HEAD_OF_QUEUE for task CDB: 0x%02x"
833 " in execution queue\n",
834 task->task_se_cmd->t_task_cdb[0]);
835 return 1;
836 }
837 /*
838 * For ORDERED, SIMPLE or UNTAGGED attribute tasks once they have been
839 * transitioned from Dermant -> Active state, and are added to the end
840 * of the struct se_device->execute_task_list
841 */
842 list_add_tail(&task->t_execute_list, &dev->execute_task_list);
843 return 0;
844 }
845
846 /* __transport_add_task_to_execute_queue():
847 *
848 * Called with se_dev_t->execute_task_lock called.
849 */
850 static void __transport_add_task_to_execute_queue(
851 struct se_task *task,
852 struct se_task *task_prev,
853 struct se_device *dev)
854 {
855 int head_of_queue;
856
857 head_of_queue = transport_add_task_check_sam_attr(task, task_prev, dev);
858 atomic_inc(&dev->execute_tasks);
859
860 if (atomic_read(&task->task_state_active))
861 return;
862 /*
863 * Determine if this task needs to go to HEAD_OF_QUEUE for the
864 * state list as well. Running with SAM Task Attribute emulation
865 * will always return head_of_queue == 0 here
866 */
867 if (head_of_queue)
868 list_add(&task->t_state_list, (task_prev) ?
869 &task_prev->t_state_list :
870 &dev->state_task_list);
871 else
872 list_add_tail(&task->t_state_list, &dev->state_task_list);
873
874 atomic_set(&task->task_state_active, 1);
875
876 pr_debug("Added ITT: 0x%08x task[%p] to dev: %p\n",
877 task->task_se_cmd->se_tfo->get_task_tag(task->task_se_cmd),
878 task, dev);
879 }
880
881 static void transport_add_tasks_to_state_queue(struct se_cmd *cmd)
882 {
883 struct se_device *dev = cmd->se_dev;
884 struct se_task *task;
885 unsigned long flags;
886
887 spin_lock_irqsave(&cmd->t_state_lock, flags);
888 list_for_each_entry(task, &cmd->t_task_list, t_list) {
889 if (atomic_read(&task->task_state_active))
890 continue;
891
892 spin_lock(&dev->execute_task_lock);
893 list_add_tail(&task->t_state_list, &dev->state_task_list);
894 atomic_set(&task->task_state_active, 1);
895
896 pr_debug("Added ITT: 0x%08x task[%p] to dev: %p\n",
897 task->task_se_cmd->se_tfo->get_task_tag(
898 task->task_se_cmd), task, dev);
899
900 spin_unlock(&dev->execute_task_lock);
901 }
902 spin_unlock_irqrestore(&cmd->t_state_lock, flags);
903 }
904
905 static void transport_add_tasks_from_cmd(struct se_cmd *cmd)
906 {
907 struct se_device *dev = cmd->se_dev;
908 struct se_task *task, *task_prev = NULL;
909 unsigned long flags;
910
911 spin_lock_irqsave(&dev->execute_task_lock, flags);
912 list_for_each_entry(task, &cmd->t_task_list, t_list) {
913 if (!list_empty(&task->t_execute_list))
914 continue;
915 /*
916 * __transport_add_task_to_execute_queue() handles the
917 * SAM Task Attribute emulation if enabled
918 */
919 __transport_add_task_to_execute_queue(task, task_prev, dev);
920 task_prev = task;
921 }
922 spin_unlock_irqrestore(&dev->execute_task_lock, flags);
923 }
924
925 void __transport_remove_task_from_execute_queue(struct se_task *task,
926 struct se_device *dev)
927 {
928 list_del_init(&task->t_execute_list);
929 atomic_dec(&dev->execute_tasks);
930 }
931
932 void transport_remove_task_from_execute_queue(
933 struct se_task *task,
934 struct se_device *dev)
935 {
936 unsigned long flags;
937
938 if (WARN_ON(list_empty(&task->t_execute_list)))
939 return;
940
941 spin_lock_irqsave(&dev->execute_task_lock, flags);
942 __transport_remove_task_from_execute_queue(task, dev);
943 spin_unlock_irqrestore(&dev->execute_task_lock, flags);
944 }
945
946 /*
947 * Handle QUEUE_FULL / -EAGAIN status
948 */
949
950 static void target_qf_do_work(struct work_struct *work)
951 {
952 struct se_device *dev = container_of(work, struct se_device,
953 qf_work_queue);
954 LIST_HEAD(qf_cmd_list);
955 struct se_cmd *cmd, *cmd_tmp;
956
957 spin_lock_irq(&dev->qf_cmd_lock);
958 list_splice_init(&dev->qf_cmd_list, &qf_cmd_list);
959 spin_unlock_irq(&dev->qf_cmd_lock);
960
961 list_for_each_entry_safe(cmd, cmd_tmp, &qf_cmd_list, se_qf_node) {
962 list_del(&cmd->se_qf_node);
963 atomic_dec(&dev->dev_qf_count);
964 smp_mb__after_atomic_dec();
965
966 pr_debug("Processing %s cmd: %p QUEUE_FULL in work queue"
967 " context: %s\n", cmd->se_tfo->get_fabric_name(), cmd,
968 (cmd->t_state == TRANSPORT_COMPLETE_QF_OK) ? "COMPLETE_OK" :
969 (cmd->t_state == TRANSPORT_COMPLETE_QF_WP) ? "WRITE_PENDING"
970 : "UNKNOWN");
971
972 transport_add_cmd_to_queue(cmd, cmd->t_state, true);
973 }
974 }
975
976 unsigned char *transport_dump_cmd_direction(struct se_cmd *cmd)
977 {
978 switch (cmd->data_direction) {
979 case DMA_NONE:
980 return "NONE";
981 case DMA_FROM_DEVICE:
982 return "READ";
983 case DMA_TO_DEVICE:
984 return "WRITE";
985 case DMA_BIDIRECTIONAL:
986 return "BIDI";
987 default:
988 break;
989 }
990
991 return "UNKNOWN";
992 }
993
994 void transport_dump_dev_state(
995 struct se_device *dev,
996 char *b,
997 int *bl)
998 {
999 *bl += sprintf(b + *bl, "Status: ");
1000 switch (dev->dev_status) {
1001 case TRANSPORT_DEVICE_ACTIVATED:
1002 *bl += sprintf(b + *bl, "ACTIVATED");
1003 break;
1004 case TRANSPORT_DEVICE_DEACTIVATED:
1005 *bl += sprintf(b + *bl, "DEACTIVATED");
1006 break;
1007 case TRANSPORT_DEVICE_SHUTDOWN:
1008 *bl += sprintf(b + *bl, "SHUTDOWN");
1009 break;
1010 case TRANSPORT_DEVICE_OFFLINE_ACTIVATED:
1011 case TRANSPORT_DEVICE_OFFLINE_DEACTIVATED:
1012 *bl += sprintf(b + *bl, "OFFLINE");
1013 break;
1014 default:
1015 *bl += sprintf(b + *bl, "UNKNOWN=%d", dev->dev_status);
1016 break;
1017 }
1018
1019 *bl += sprintf(b + *bl, " Execute/Left/Max Queue Depth: %d/%d/%d",
1020 atomic_read(&dev->execute_tasks), atomic_read(&dev->depth_left),
1021 dev->queue_depth);
1022 *bl += sprintf(b + *bl, " SectorSize: %u MaxSectors: %u\n",
1023 dev->se_sub_dev->se_dev_attrib.block_size, dev->se_sub_dev->se_dev_attrib.max_sectors);
1024 *bl += sprintf(b + *bl, " ");
1025 }
1026
1027 void transport_dump_vpd_proto_id(
1028 struct t10_vpd *vpd,
1029 unsigned char *p_buf,
1030 int p_buf_len)
1031 {
1032 unsigned char buf[VPD_TMP_BUF_SIZE];
1033 int len;
1034
1035 memset(buf, 0, VPD_TMP_BUF_SIZE);
1036 len = sprintf(buf, "T10 VPD Protocol Identifier: ");
1037
1038 switch (vpd->protocol_identifier) {
1039 case 0x00:
1040 sprintf(buf+len, "Fibre Channel\n");
1041 break;
1042 case 0x10:
1043 sprintf(buf+len, "Parallel SCSI\n");
1044 break;
1045 case 0x20:
1046 sprintf(buf+len, "SSA\n");
1047 break;
1048 case 0x30:
1049 sprintf(buf+len, "IEEE 1394\n");
1050 break;
1051 case 0x40:
1052 sprintf(buf+len, "SCSI Remote Direct Memory Access"
1053 " Protocol\n");
1054 break;
1055 case 0x50:
1056 sprintf(buf+len, "Internet SCSI (iSCSI)\n");
1057 break;
1058 case 0x60:
1059 sprintf(buf+len, "SAS Serial SCSI Protocol\n");
1060 break;
1061 case 0x70:
1062 sprintf(buf+len, "Automation/Drive Interface Transport"
1063 " Protocol\n");
1064 break;
1065 case 0x80:
1066 sprintf(buf+len, "AT Attachment Interface ATA/ATAPI\n");
1067 break;
1068 default:
1069 sprintf(buf+len, "Unknown 0x%02x\n",
1070 vpd->protocol_identifier);
1071 break;
1072 }
1073
1074 if (p_buf)
1075 strncpy(p_buf, buf, p_buf_len);
1076 else
1077 pr_debug("%s", buf);
1078 }
1079
1080 void
1081 transport_set_vpd_proto_id(struct t10_vpd *vpd, unsigned char *page_83)
1082 {
1083 /*
1084 * Check if the Protocol Identifier Valid (PIV) bit is set..
1085 *
1086 * from spc3r23.pdf section 7.5.1
1087 */
1088 if (page_83[1] & 0x80) {
1089 vpd->protocol_identifier = (page_83[0] & 0xf0);
1090 vpd->protocol_identifier_set = 1;
1091 transport_dump_vpd_proto_id(vpd, NULL, 0);
1092 }
1093 }
1094 EXPORT_SYMBOL(transport_set_vpd_proto_id);
1095
1096 int transport_dump_vpd_assoc(
1097 struct t10_vpd *vpd,
1098 unsigned char *p_buf,
1099 int p_buf_len)
1100 {
1101 unsigned char buf[VPD_TMP_BUF_SIZE];
1102 int ret = 0;
1103 int len;
1104
1105 memset(buf, 0, VPD_TMP_BUF_SIZE);
1106 len = sprintf(buf, "T10 VPD Identifier Association: ");
1107
1108 switch (vpd->association) {
1109 case 0x00:
1110 sprintf(buf+len, "addressed logical unit\n");
1111 break;
1112 case 0x10:
1113 sprintf(buf+len, "target port\n");
1114 break;
1115 case 0x20:
1116 sprintf(buf+len, "SCSI target device\n");
1117 break;
1118 default:
1119 sprintf(buf+len, "Unknown 0x%02x\n", vpd->association);
1120 ret = -EINVAL;
1121 break;
1122 }
1123
1124 if (p_buf)
1125 strncpy(p_buf, buf, p_buf_len);
1126 else
1127 pr_debug("%s", buf);
1128
1129 return ret;
1130 }
1131
1132 int transport_set_vpd_assoc(struct t10_vpd *vpd, unsigned char *page_83)
1133 {
1134 /*
1135 * The VPD identification association..
1136 *
1137 * from spc3r23.pdf Section 7.6.3.1 Table 297
1138 */
1139 vpd->association = (page_83[1] & 0x30);
1140 return transport_dump_vpd_assoc(vpd, NULL, 0);
1141 }
1142 EXPORT_SYMBOL(transport_set_vpd_assoc);
1143
1144 int transport_dump_vpd_ident_type(
1145 struct t10_vpd *vpd,
1146 unsigned char *p_buf,
1147 int p_buf_len)
1148 {
1149 unsigned char buf[VPD_TMP_BUF_SIZE];
1150 int ret = 0;
1151 int len;
1152
1153 memset(buf, 0, VPD_TMP_BUF_SIZE);
1154 len = sprintf(buf, "T10 VPD Identifier Type: ");
1155
1156 switch (vpd->device_identifier_type) {
1157 case 0x00:
1158 sprintf(buf+len, "Vendor specific\n");
1159 break;
1160 case 0x01:
1161 sprintf(buf+len, "T10 Vendor ID based\n");
1162 break;
1163 case 0x02:
1164 sprintf(buf+len, "EUI-64 based\n");
1165 break;
1166 case 0x03:
1167 sprintf(buf+len, "NAA\n");
1168 break;
1169 case 0x04:
1170 sprintf(buf+len, "Relative target port identifier\n");
1171 break;
1172 case 0x08:
1173 sprintf(buf+len, "SCSI name string\n");
1174 break;
1175 default:
1176 sprintf(buf+len, "Unsupported: 0x%02x\n",
1177 vpd->device_identifier_type);
1178 ret = -EINVAL;
1179 break;
1180 }
1181
1182 if (p_buf) {
1183 if (p_buf_len < strlen(buf)+1)
1184 return -EINVAL;
1185 strncpy(p_buf, buf, p_buf_len);
1186 } else {
1187 pr_debug("%s", buf);
1188 }
1189
1190 return ret;
1191 }
1192
1193 int transport_set_vpd_ident_type(struct t10_vpd *vpd, unsigned char *page_83)
1194 {
1195 /*
1196 * The VPD identifier type..
1197 *
1198 * from spc3r23.pdf Section 7.6.3.1 Table 298
1199 */
1200 vpd->device_identifier_type = (page_83[1] & 0x0f);
1201 return transport_dump_vpd_ident_type(vpd, NULL, 0);
1202 }
1203 EXPORT_SYMBOL(transport_set_vpd_ident_type);
1204
1205 int transport_dump_vpd_ident(
1206 struct t10_vpd *vpd,
1207 unsigned char *p_buf,
1208 int p_buf_len)
1209 {
1210 unsigned char buf[VPD_TMP_BUF_SIZE];
1211 int ret = 0;
1212
1213 memset(buf, 0, VPD_TMP_BUF_SIZE);
1214
1215 switch (vpd->device_identifier_code_set) {
1216 case 0x01: /* Binary */
1217 sprintf(buf, "T10 VPD Binary Device Identifier: %s\n",
1218 &vpd->device_identifier[0]);
1219 break;
1220 case 0x02: /* ASCII */
1221 sprintf(buf, "T10 VPD ASCII Device Identifier: %s\n",
1222 &vpd->device_identifier[0]);
1223 break;
1224 case 0x03: /* UTF-8 */
1225 sprintf(buf, "T10 VPD UTF-8 Device Identifier: %s\n",
1226 &vpd->device_identifier[0]);
1227 break;
1228 default:
1229 sprintf(buf, "T10 VPD Device Identifier encoding unsupported:"
1230 " 0x%02x", vpd->device_identifier_code_set);
1231 ret = -EINVAL;
1232 break;
1233 }
1234
1235 if (p_buf)
1236 strncpy(p_buf, buf, p_buf_len);
1237 else
1238 pr_debug("%s", buf);
1239
1240 return ret;
1241 }
1242
1243 int
1244 transport_set_vpd_ident(struct t10_vpd *vpd, unsigned char *page_83)
1245 {
1246 static const char hex_str[] = "0123456789abcdef";
1247 int j = 0, i = 4; /* offset to start of the identifer */
1248
1249 /*
1250 * The VPD Code Set (encoding)
1251 *
1252 * from spc3r23.pdf Section 7.6.3.1 Table 296
1253 */
1254 vpd->device_identifier_code_set = (page_83[0] & 0x0f);
1255 switch (vpd->device_identifier_code_set) {
1256 case 0x01: /* Binary */
1257 vpd->device_identifier[j++] =
1258 hex_str[vpd->device_identifier_type];
1259 while (i < (4 + page_83[3])) {
1260 vpd->device_identifier[j++] =
1261 hex_str[(page_83[i] & 0xf0) >> 4];
1262 vpd->device_identifier[j++] =
1263 hex_str[page_83[i] & 0x0f];
1264 i++;
1265 }
1266 break;
1267 case 0x02: /* ASCII */
1268 case 0x03: /* UTF-8 */
1269 while (i < (4 + page_83[3]))
1270 vpd->device_identifier[j++] = page_83[i++];
1271 break;
1272 default:
1273 break;
1274 }
1275
1276 return transport_dump_vpd_ident(vpd, NULL, 0);
1277 }
1278 EXPORT_SYMBOL(transport_set_vpd_ident);
1279
1280 static void core_setup_task_attr_emulation(struct se_device *dev)
1281 {
1282 /*
1283 * If this device is from Target_Core_Mod/pSCSI, disable the
1284 * SAM Task Attribute emulation.
1285 *
1286 * This is currently not available in upsream Linux/SCSI Target
1287 * mode code, and is assumed to be disabled while using TCM/pSCSI.
1288 */
1289 if (dev->transport->transport_type == TRANSPORT_PLUGIN_PHBA_PDEV) {
1290 dev->dev_task_attr_type = SAM_TASK_ATTR_PASSTHROUGH;
1291 return;
1292 }
1293
1294 dev->dev_task_attr_type = SAM_TASK_ATTR_EMULATED;
1295 pr_debug("%s: Using SAM_TASK_ATTR_EMULATED for SPC: 0x%02x"
1296 " device\n", dev->transport->name,
1297 dev->transport->get_device_rev(dev));
1298 }
1299
1300 static void scsi_dump_inquiry(struct se_device *dev)
1301 {
1302 struct t10_wwn *wwn = &dev->se_sub_dev->t10_wwn;
1303 int i, device_type;
1304 /*
1305 * Print Linux/SCSI style INQUIRY formatting to the kernel ring buffer
1306 */
1307 pr_debug(" Vendor: ");
1308 for (i = 0; i < 8; i++)
1309 if (wwn->vendor[i] >= 0x20)
1310 pr_debug("%c", wwn->vendor[i]);
1311 else
1312 pr_debug(" ");
1313
1314 pr_debug(" Model: ");
1315 for (i = 0; i < 16; i++)
1316 if (wwn->model[i] >= 0x20)
1317 pr_debug("%c", wwn->model[i]);
1318 else
1319 pr_debug(" ");
1320
1321 pr_debug(" Revision: ");
1322 for (i = 0; i < 4; i++)
1323 if (wwn->revision[i] >= 0x20)
1324 pr_debug("%c", wwn->revision[i]);
1325 else
1326 pr_debug(" ");
1327
1328 pr_debug("\n");
1329
1330 device_type = dev->transport->get_device_type(dev);
1331 pr_debug(" Type: %s ", scsi_device_type(device_type));
1332 pr_debug(" ANSI SCSI revision: %02x\n",
1333 dev->transport->get_device_rev(dev));
1334 }
1335
1336 struct se_device *transport_add_device_to_core_hba(
1337 struct se_hba *hba,
1338 struct se_subsystem_api *transport,
1339 struct se_subsystem_dev *se_dev,
1340 u32 device_flags,
1341 void *transport_dev,
1342 struct se_dev_limits *dev_limits,
1343 const char *inquiry_prod,
1344 const char *inquiry_rev)
1345 {
1346 int force_pt;
1347 struct se_device *dev;
1348
1349 dev = kzalloc(sizeof(struct se_device), GFP_KERNEL);
1350 if (!dev) {
1351 pr_err("Unable to allocate memory for se_dev_t\n");
1352 return NULL;
1353 }
1354
1355 transport_init_queue_obj(&dev->dev_queue_obj);
1356 dev->dev_flags = device_flags;
1357 dev->dev_status |= TRANSPORT_DEVICE_DEACTIVATED;
1358 dev->dev_ptr = transport_dev;
1359 dev->se_hba = hba;
1360 dev->se_sub_dev = se_dev;
1361 dev->transport = transport;
1362 atomic_set(&dev->active_cmds, 0);
1363 INIT_LIST_HEAD(&dev->dev_list);
1364 INIT_LIST_HEAD(&dev->dev_sep_list);
1365 INIT_LIST_HEAD(&dev->dev_tmr_list);
1366 INIT_LIST_HEAD(&dev->execute_task_list);
1367 INIT_LIST_HEAD(&dev->delayed_cmd_list);
1368 INIT_LIST_HEAD(&dev->ordered_cmd_list);
1369 INIT_LIST_HEAD(&dev->state_task_list);
1370 INIT_LIST_HEAD(&dev->qf_cmd_list);
1371 spin_lock_init(&dev->execute_task_lock);
1372 spin_lock_init(&dev->delayed_cmd_lock);
1373 spin_lock_init(&dev->ordered_cmd_lock);
1374 spin_lock_init(&dev->state_task_lock);
1375 spin_lock_init(&dev->dev_alua_lock);
1376 spin_lock_init(&dev->dev_reservation_lock);
1377 spin_lock_init(&dev->dev_status_lock);
1378 spin_lock_init(&dev->dev_status_thr_lock);
1379 spin_lock_init(&dev->se_port_lock);
1380 spin_lock_init(&dev->se_tmr_lock);
1381 spin_lock_init(&dev->qf_cmd_lock);
1382
1383 dev->queue_depth = dev_limits->queue_depth;
1384 atomic_set(&dev->depth_left, dev->queue_depth);
1385 atomic_set(&dev->dev_ordered_id, 0);
1386
1387 se_dev_set_default_attribs(dev, dev_limits);
1388
1389 dev->dev_index = scsi_get_new_index(SCSI_DEVICE_INDEX);
1390 dev->creation_time = get_jiffies_64();
1391 spin_lock_init(&dev->stats_lock);
1392
1393 spin_lock(&hba->device_lock);
1394 list_add_tail(&dev->dev_list, &hba->hba_dev_list);
1395 hba->dev_count++;
1396 spin_unlock(&hba->device_lock);
1397 /*
1398 * Setup the SAM Task Attribute emulation for struct se_device
1399 */
1400 core_setup_task_attr_emulation(dev);
1401 /*
1402 * Force PR and ALUA passthrough emulation with internal object use.
1403 */
1404 force_pt = (hba->hba_flags & HBA_FLAGS_INTERNAL_USE);
1405 /*
1406 * Setup the Reservations infrastructure for struct se_device
1407 */
1408 core_setup_reservations(dev, force_pt);
1409 /*
1410 * Setup the Asymmetric Logical Unit Assignment for struct se_device
1411 */
1412 if (core_setup_alua(dev, force_pt) < 0)
1413 goto out;
1414
1415 /*
1416 * Startup the struct se_device processing thread
1417 */
1418 dev->process_thread = kthread_run(transport_processing_thread, dev,
1419 "LIO_%s", dev->transport->name);
1420 if (IS_ERR(dev->process_thread)) {
1421 pr_err("Unable to create kthread: LIO_%s\n",
1422 dev->transport->name);
1423 goto out;
1424 }
1425 /*
1426 * Setup work_queue for QUEUE_FULL
1427 */
1428 INIT_WORK(&dev->qf_work_queue, target_qf_do_work);
1429 /*
1430 * Preload the initial INQUIRY const values if we are doing
1431 * anything virtual (IBLOCK, FILEIO, RAMDISK), but not for TCM/pSCSI
1432 * passthrough because this is being provided by the backend LLD.
1433 * This is required so that transport_get_inquiry() copies these
1434 * originals once back into DEV_T10_WWN(dev) for the virtual device
1435 * setup.
1436 */
1437 if (dev->transport->transport_type != TRANSPORT_PLUGIN_PHBA_PDEV) {
1438 if (!inquiry_prod || !inquiry_rev) {
1439 pr_err("All non TCM/pSCSI plugins require"
1440 " INQUIRY consts\n");
1441 goto out;
1442 }
1443
1444 strncpy(&dev->se_sub_dev->t10_wwn.vendor[0], "LIO-ORG", 8);
1445 strncpy(&dev->se_sub_dev->t10_wwn.model[0], inquiry_prod, 16);
1446 strncpy(&dev->se_sub_dev->t10_wwn.revision[0], inquiry_rev, 4);
1447 }
1448 scsi_dump_inquiry(dev);
1449
1450 return dev;
1451 out:
1452 kthread_stop(dev->process_thread);
1453
1454 spin_lock(&hba->device_lock);
1455 list_del(&dev->dev_list);
1456 hba->dev_count--;
1457 spin_unlock(&hba->device_lock);
1458
1459 se_release_vpd_for_dev(dev);
1460
1461 kfree(dev);
1462
1463 return NULL;
1464 }
1465 EXPORT_SYMBOL(transport_add_device_to_core_hba);
1466
1467 /* transport_generic_prepare_cdb():
1468 *
1469 * Since the Initiator sees iSCSI devices as LUNs, the SCSI CDB will
1470 * contain the iSCSI LUN in bits 7-5 of byte 1 as per SAM-2.
1471 * The point of this is since we are mapping iSCSI LUNs to
1472 * SCSI Target IDs having a non-zero LUN in the CDB will throw the
1473 * devices and HBAs for a loop.
1474 */
1475 static inline void transport_generic_prepare_cdb(
1476 unsigned char *cdb)
1477 {
1478 switch (cdb[0]) {
1479 case READ_10: /* SBC - RDProtect */
1480 case READ_12: /* SBC - RDProtect */
1481 case READ_16: /* SBC - RDProtect */
1482 case SEND_DIAGNOSTIC: /* SPC - SELF-TEST Code */
1483 case VERIFY: /* SBC - VRProtect */
1484 case VERIFY_16: /* SBC - VRProtect */
1485 case WRITE_VERIFY: /* SBC - VRProtect */
1486 case WRITE_VERIFY_12: /* SBC - VRProtect */
1487 break;
1488 default:
1489 cdb[1] &= 0x1f; /* clear logical unit number */
1490 break;
1491 }
1492 }
1493
1494 static struct se_task *
1495 transport_generic_get_task(struct se_cmd *cmd,
1496 enum dma_data_direction data_direction)
1497 {
1498 struct se_task *task;
1499 struct se_device *dev = cmd->se_dev;
1500
1501 task = dev->transport->alloc_task(cmd->t_task_cdb);
1502 if (!task) {
1503 pr_err("Unable to allocate struct se_task\n");
1504 return NULL;
1505 }
1506
1507 INIT_LIST_HEAD(&task->t_list);
1508 INIT_LIST_HEAD(&task->t_execute_list);
1509 INIT_LIST_HEAD(&task->t_state_list);
1510 init_completion(&task->task_stop_comp);
1511 task->task_se_cmd = cmd;
1512 task->task_data_direction = data_direction;
1513
1514 return task;
1515 }
1516
1517 static int transport_generic_cmd_sequencer(struct se_cmd *, unsigned char *);
1518
1519 /*
1520 * Used by fabric modules containing a local struct se_cmd within their
1521 * fabric dependent per I/O descriptor.
1522 */
1523 void transport_init_se_cmd(
1524 struct se_cmd *cmd,
1525 struct target_core_fabric_ops *tfo,
1526 struct se_session *se_sess,
1527 u32 data_length,
1528 int data_direction,
1529 int task_attr,
1530 unsigned char *sense_buffer)
1531 {
1532 INIT_LIST_HEAD(&cmd->se_lun_node);
1533 INIT_LIST_HEAD(&cmd->se_delayed_node);
1534 INIT_LIST_HEAD(&cmd->se_ordered_node);
1535 INIT_LIST_HEAD(&cmd->se_qf_node);
1536 INIT_LIST_HEAD(&cmd->se_queue_node);
1537
1538 INIT_LIST_HEAD(&cmd->t_task_list);
1539 init_completion(&cmd->transport_lun_fe_stop_comp);
1540 init_completion(&cmd->transport_lun_stop_comp);
1541 init_completion(&cmd->t_transport_stop_comp);
1542 spin_lock_init(&cmd->t_state_lock);
1543 atomic_set(&cmd->transport_dev_active, 1);
1544
1545 cmd->se_tfo = tfo;
1546 cmd->se_sess = se_sess;
1547 cmd->data_length = data_length;
1548 cmd->data_direction = data_direction;
1549 cmd->sam_task_attr = task_attr;
1550 cmd->sense_buffer = sense_buffer;
1551 }
1552 EXPORT_SYMBOL(transport_init_se_cmd);
1553
1554 static int transport_check_alloc_task_attr(struct se_cmd *cmd)
1555 {
1556 /*
1557 * Check if SAM Task Attribute emulation is enabled for this
1558 * struct se_device storage object
1559 */
1560 if (cmd->se_dev->dev_task_attr_type != SAM_TASK_ATTR_EMULATED)
1561 return 0;
1562
1563 if (cmd->sam_task_attr == MSG_ACA_TAG) {
1564 pr_debug("SAM Task Attribute ACA"
1565 " emulation is not supported\n");
1566 return -EINVAL;
1567 }
1568 /*
1569 * Used to determine when ORDERED commands should go from
1570 * Dormant to Active status.
1571 */
1572 cmd->se_ordered_id = atomic_inc_return(&cmd->se_dev->dev_ordered_id);
1573 smp_mb__after_atomic_inc();
1574 pr_debug("Allocated se_ordered_id: %u for Task Attr: 0x%02x on %s\n",
1575 cmd->se_ordered_id, cmd->sam_task_attr,
1576 cmd->se_dev->transport->name);
1577 return 0;
1578 }
1579
1580 /* transport_generic_allocate_tasks():
1581 *
1582 * Called from fabric RX Thread.
1583 */
1584 int transport_generic_allocate_tasks(
1585 struct se_cmd *cmd,
1586 unsigned char *cdb)
1587 {
1588 int ret;
1589
1590 transport_generic_prepare_cdb(cdb);
1591 /*
1592 * Ensure that the received CDB is less than the max (252 + 8) bytes
1593 * for VARIABLE_LENGTH_CMD
1594 */
1595 if (scsi_command_size(cdb) > SCSI_MAX_VARLEN_CDB_SIZE) {
1596 pr_err("Received SCSI CDB with command_size: %d that"
1597 " exceeds SCSI_MAX_VARLEN_CDB_SIZE: %d\n",
1598 scsi_command_size(cdb), SCSI_MAX_VARLEN_CDB_SIZE);
1599 return -EINVAL;
1600 }
1601 /*
1602 * If the received CDB is larger than TCM_MAX_COMMAND_SIZE,
1603 * allocate the additional extended CDB buffer now.. Otherwise
1604 * setup the pointer from __t_task_cdb to t_task_cdb.
1605 */
1606 if (scsi_command_size(cdb) > sizeof(cmd->__t_task_cdb)) {
1607 cmd->t_task_cdb = kzalloc(scsi_command_size(cdb),
1608 GFP_KERNEL);
1609 if (!cmd->t_task_cdb) {
1610 pr_err("Unable to allocate cmd->t_task_cdb"
1611 " %u > sizeof(cmd->__t_task_cdb): %lu ops\n",
1612 scsi_command_size(cdb),
1613 (unsigned long)sizeof(cmd->__t_task_cdb));
1614 return -ENOMEM;
1615 }
1616 } else
1617 cmd->t_task_cdb = &cmd->__t_task_cdb[0];
1618 /*
1619 * Copy the original CDB into cmd->
1620 */
1621 memcpy(cmd->t_task_cdb, cdb, scsi_command_size(cdb));
1622 /*
1623 * Setup the received CDB based on SCSI defined opcodes and
1624 * perform unit attention, persistent reservations and ALUA
1625 * checks for virtual device backends. The cmd->t_task_cdb
1626 * pointer is expected to be setup before we reach this point.
1627 */
1628 ret = transport_generic_cmd_sequencer(cmd, cdb);
1629 if (ret < 0)
1630 return ret;
1631 /*
1632 * Check for SAM Task Attribute Emulation
1633 */
1634 if (transport_check_alloc_task_attr(cmd) < 0) {
1635 cmd->se_cmd_flags |= SCF_SCSI_CDB_EXCEPTION;
1636 cmd->scsi_sense_reason = TCM_INVALID_CDB_FIELD;
1637 return -EINVAL;
1638 }
1639 spin_lock(&cmd->se_lun->lun_sep_lock);
1640 if (cmd->se_lun->lun_sep)
1641 cmd->se_lun->lun_sep->sep_stats.cmd_pdus++;
1642 spin_unlock(&cmd->se_lun->lun_sep_lock);
1643 return 0;
1644 }
1645 EXPORT_SYMBOL(transport_generic_allocate_tasks);
1646
1647 static void transport_generic_request_failure(struct se_cmd *,
1648 struct se_device *, int, int);
1649 /*
1650 * Used by fabric module frontends to queue tasks directly.
1651 * Many only be used from process context only
1652 */
1653 int transport_handle_cdb_direct(
1654 struct se_cmd *cmd)
1655 {
1656 int ret;
1657
1658 if (!cmd->se_lun) {
1659 dump_stack();
1660 pr_err("cmd->se_lun is NULL\n");
1661 return -EINVAL;
1662 }
1663 if (in_interrupt()) {
1664 dump_stack();
1665 pr_err("transport_generic_handle_cdb cannot be called"
1666 " from interrupt context\n");
1667 return -EINVAL;
1668 }
1669 /*
1670 * Set TRANSPORT_NEW_CMD state and cmd->t_transport_active=1 following
1671 * transport_generic_handle_cdb*() -> transport_add_cmd_to_queue()
1672 * in existing usage to ensure that outstanding descriptors are handled
1673 * correctly during shutdown via transport_wait_for_tasks()
1674 *
1675 * Also, we don't take cmd->t_state_lock here as we only expect
1676 * this to be called for initial descriptor submission.
1677 */
1678 cmd->t_state = TRANSPORT_NEW_CMD;
1679 atomic_set(&cmd->t_transport_active, 1);
1680 /*
1681 * transport_generic_new_cmd() is already handling QUEUE_FULL,
1682 * so follow TRANSPORT_NEW_CMD processing thread context usage
1683 * and call transport_generic_request_failure() if necessary..
1684 */
1685 ret = transport_generic_new_cmd(cmd);
1686 if (ret == -EAGAIN)
1687 return 0;
1688 else if (ret < 0) {
1689 cmd->transport_error_status = ret;
1690 transport_generic_request_failure(cmd, NULL, 0,
1691 (cmd->data_direction != DMA_TO_DEVICE));
1692 }
1693 return 0;
1694 }
1695 EXPORT_SYMBOL(transport_handle_cdb_direct);
1696
1697 /*
1698 * Used by fabric module frontends defining a TFO->new_cmd_map() caller
1699 * to queue up a newly setup se_cmd w/ TRANSPORT_NEW_CMD_MAP in order to
1700 * complete setup in TCM process context w/ TFO->new_cmd_map().
1701 */
1702 int transport_generic_handle_cdb_map(
1703 struct se_cmd *cmd)
1704 {
1705 if (!cmd->se_lun) {
1706 dump_stack();
1707 pr_err("cmd->se_lun is NULL\n");
1708 return -EINVAL;
1709 }
1710
1711 transport_add_cmd_to_queue(cmd, TRANSPORT_NEW_CMD_MAP, false);
1712 return 0;
1713 }
1714 EXPORT_SYMBOL(transport_generic_handle_cdb_map);
1715
1716 /* transport_generic_handle_data():
1717 *
1718 *
1719 */
1720 int transport_generic_handle_data(
1721 struct se_cmd *cmd)
1722 {
1723 /*
1724 * For the software fabric case, then we assume the nexus is being
1725 * failed/shutdown when signals are pending from the kthread context
1726 * caller, so we return a failure. For the HW target mode case running
1727 * in interrupt code, the signal_pending() check is skipped.
1728 */
1729 if (!in_interrupt() && signal_pending(current))
1730 return -EPERM;
1731 /*
1732 * If the received CDB has aleady been ABORTED by the generic
1733 * target engine, we now call transport_check_aborted_status()
1734 * to queue any delated TASK_ABORTED status for the received CDB to the
1735 * fabric module as we are expecting no further incoming DATA OUT
1736 * sequences at this point.
1737 */
1738 if (transport_check_aborted_status(cmd, 1) != 0)
1739 return 0;
1740
1741 transport_add_cmd_to_queue(cmd, TRANSPORT_PROCESS_WRITE, false);
1742 return 0;
1743 }
1744 EXPORT_SYMBOL(transport_generic_handle_data);
1745
1746 /* transport_generic_handle_tmr():
1747 *
1748 *
1749 */
1750 int transport_generic_handle_tmr(
1751 struct se_cmd *cmd)
1752 {
1753 transport_add_cmd_to_queue(cmd, TRANSPORT_PROCESS_TMR, false);
1754 return 0;
1755 }
1756 EXPORT_SYMBOL(transport_generic_handle_tmr);
1757
1758 void transport_generic_free_cmd_intr(
1759 struct se_cmd *cmd)
1760 {
1761 transport_add_cmd_to_queue(cmd, TRANSPORT_FREE_CMD_INTR, false);
1762 }
1763 EXPORT_SYMBOL(transport_generic_free_cmd_intr);
1764
1765 static int transport_stop_tasks_for_cmd(struct se_cmd *cmd)
1766 {
1767 struct se_task *task, *task_tmp;
1768 unsigned long flags;
1769 int ret = 0;
1770
1771 pr_debug("ITT[0x%08x] - Stopping tasks\n",
1772 cmd->se_tfo->get_task_tag(cmd));
1773
1774 /*
1775 * No tasks remain in the execution queue
1776 */
1777 spin_lock_irqsave(&cmd->t_state_lock, flags);
1778 list_for_each_entry_safe(task, task_tmp,
1779 &cmd->t_task_list, t_list) {
1780 pr_debug("Processing task %p\n", task);
1781 /*
1782 * If the struct se_task has not been sent and is not active,
1783 * remove the struct se_task from the execution queue.
1784 */
1785 if (!(task->task_flags & (TF_ACTIVE | TF_SENT))) {
1786 spin_unlock_irqrestore(&cmd->t_state_lock,
1787 flags);
1788 transport_remove_task_from_execute_queue(task,
1789 cmd->se_dev);
1790
1791 pr_debug("Task %p removed from execute queue\n", task);
1792 spin_lock_irqsave(&cmd->t_state_lock, flags);
1793 continue;
1794 }
1795
1796 /*
1797 * If the struct se_task is active, sleep until it is returned
1798 * from the plugin.
1799 */
1800 if (task->task_flags & TF_ACTIVE) {
1801 task->task_flags |= TF_REQUEST_STOP;
1802 spin_unlock_irqrestore(&cmd->t_state_lock,
1803 flags);
1804
1805 pr_debug("Task %p waiting to complete\n", task);
1806 wait_for_completion(&task->task_stop_comp);
1807 pr_debug("Task %p stopped successfully\n", task);
1808
1809 spin_lock_irqsave(&cmd->t_state_lock, flags);
1810 atomic_dec(&cmd->t_task_cdbs_left);
1811 task->task_flags &= ~(TF_ACTIVE | TF_REQUEST_STOP);
1812 } else {
1813 pr_debug("Task %p - did nothing\n", task);
1814 ret++;
1815 }
1816
1817 __transport_stop_task_timer(task, &flags);
1818 }
1819 spin_unlock_irqrestore(&cmd->t_state_lock, flags);
1820
1821 return ret;
1822 }
1823
1824 /*
1825 * Handle SAM-esque emulation for generic transport request failures.
1826 */
1827 static void transport_generic_request_failure(
1828 struct se_cmd *cmd,
1829 struct se_device *dev,
1830 int complete,
1831 int sc)
1832 {
1833 int ret = 0;
1834
1835 pr_debug("-----[ Storage Engine Exception for cmd: %p ITT: 0x%08x"
1836 " CDB: 0x%02x\n", cmd, cmd->se_tfo->get_task_tag(cmd),
1837 cmd->t_task_cdb[0]);
1838 pr_debug("-----[ i_state: %d t_state/def_t_state:"
1839 " %d/%d transport_error_status: %d\n",
1840 cmd->se_tfo->get_cmd_state(cmd),
1841 cmd->t_state, cmd->deferred_t_state,
1842 cmd->transport_error_status);
1843 pr_debug("-----[ t_tasks: %d t_task_cdbs_left: %d"
1844 " t_task_cdbs_sent: %d t_task_cdbs_ex_left: %d --"
1845 " t_transport_active: %d t_transport_stop: %d"
1846 " t_transport_sent: %d\n", cmd->t_task_list_num,
1847 atomic_read(&cmd->t_task_cdbs_left),
1848 atomic_read(&cmd->t_task_cdbs_sent),
1849 atomic_read(&cmd->t_task_cdbs_ex_left),
1850 atomic_read(&cmd->t_transport_active),
1851 atomic_read(&cmd->t_transport_stop),
1852 atomic_read(&cmd->t_transport_sent));
1853
1854 transport_stop_all_task_timers(cmd);
1855
1856 if (dev)
1857 atomic_inc(&dev->depth_left);
1858 /*
1859 * For SAM Task Attribute emulation for failed struct se_cmd
1860 */
1861 if (cmd->se_dev->dev_task_attr_type == SAM_TASK_ATTR_EMULATED)
1862 transport_complete_task_attr(cmd);
1863
1864 if (complete) {
1865 transport_direct_request_timeout(cmd);
1866 cmd->transport_error_status = PYX_TRANSPORT_LU_COMM_FAILURE;
1867 }
1868
1869 switch (cmd->transport_error_status) {
1870 case PYX_TRANSPORT_UNKNOWN_SAM_OPCODE:
1871 cmd->scsi_sense_reason = TCM_UNSUPPORTED_SCSI_OPCODE;
1872 break;
1873 case PYX_TRANSPORT_REQ_TOO_MANY_SECTORS:
1874 cmd->scsi_sense_reason = TCM_SECTOR_COUNT_TOO_MANY;
1875 break;
1876 case PYX_TRANSPORT_INVALID_CDB_FIELD:
1877 cmd->scsi_sense_reason = TCM_INVALID_CDB_FIELD;
1878 break;
1879 case PYX_TRANSPORT_INVALID_PARAMETER_LIST:
1880 cmd->scsi_sense_reason = TCM_INVALID_PARAMETER_LIST;
1881 break;
1882 case PYX_TRANSPORT_OUT_OF_MEMORY_RESOURCES:
1883 if (!sc)
1884 transport_new_cmd_failure(cmd);
1885 /*
1886 * Currently for PYX_TRANSPORT_OUT_OF_MEMORY_RESOURCES,
1887 * we force this session to fall back to session
1888 * recovery.
1889 */
1890 cmd->se_tfo->fall_back_to_erl0(cmd->se_sess);
1891 cmd->se_tfo->stop_session(cmd->se_sess, 0, 0);
1892
1893 goto check_stop;
1894 case PYX_TRANSPORT_LU_COMM_FAILURE:
1895 case PYX_TRANSPORT_ILLEGAL_REQUEST:
1896 cmd->scsi_sense_reason = TCM_LOGICAL_UNIT_COMMUNICATION_FAILURE;
1897 break;
1898 case PYX_TRANSPORT_UNKNOWN_MODE_PAGE:
1899 cmd->scsi_sense_reason = TCM_UNKNOWN_MODE_PAGE;
1900 break;
1901 case PYX_TRANSPORT_WRITE_PROTECTED:
1902 cmd->scsi_sense_reason = TCM_WRITE_PROTECTED;
1903 break;
1904 case PYX_TRANSPORT_RESERVATION_CONFLICT:
1905 /*
1906 * No SENSE Data payload for this case, set SCSI Status
1907 * and queue the response to $FABRIC_MOD.
1908 *
1909 * Uses linux/include/scsi/scsi.h SAM status codes defs
1910 */
1911 cmd->scsi_status = SAM_STAT_RESERVATION_CONFLICT;
1912 /*
1913 * For UA Interlock Code 11b, a RESERVATION CONFLICT will
1914 * establish a UNIT ATTENTION with PREVIOUS RESERVATION
1915 * CONFLICT STATUS.
1916 *
1917 * See spc4r17, section 7.4.6 Control Mode Page, Table 349
1918 */
1919 if (cmd->se_sess &&
1920 cmd->se_dev->se_sub_dev->se_dev_attrib.emulate_ua_intlck_ctrl == 2)
1921 core_scsi3_ua_allocate(cmd->se_sess->se_node_acl,
1922 cmd->orig_fe_lun, 0x2C,
1923 ASCQ_2CH_PREVIOUS_RESERVATION_CONFLICT_STATUS);
1924
1925 ret = cmd->se_tfo->queue_status(cmd);
1926 if (ret == -EAGAIN)
1927 goto queue_full;
1928 goto check_stop;
1929 case PYX_TRANSPORT_USE_SENSE_REASON:
1930 /*
1931 * struct se_cmd->scsi_sense_reason already set
1932 */
1933 break;
1934 default:
1935 pr_err("Unknown transport error for CDB 0x%02x: %d\n",
1936 cmd->t_task_cdb[0],
1937 cmd->transport_error_status);
1938 cmd->scsi_sense_reason = TCM_UNSUPPORTED_SCSI_OPCODE;
1939 break;
1940 }
1941 /*
1942 * If a fabric does not define a cmd->se_tfo->new_cmd_map caller,
1943 * make the call to transport_send_check_condition_and_sense()
1944 * directly. Otherwise expect the fabric to make the call to
1945 * transport_send_check_condition_and_sense() after handling
1946 * possible unsoliticied write data payloads.
1947 */
1948 if (!sc && !cmd->se_tfo->new_cmd_map)
1949 transport_new_cmd_failure(cmd);
1950 else {
1951 ret = transport_send_check_condition_and_sense(cmd,
1952 cmd->scsi_sense_reason, 0);
1953 if (ret == -EAGAIN)
1954 goto queue_full;
1955 }
1956
1957 check_stop:
1958 transport_lun_remove_cmd(cmd);
1959 if (!transport_cmd_check_stop_to_fabric(cmd))
1960 ;
1961 return;
1962
1963 queue_full:
1964 cmd->t_state = TRANSPORT_COMPLETE_QF_OK;
1965 transport_handle_queue_full(cmd, cmd->se_dev);
1966 }
1967
1968 static void transport_direct_request_timeout(struct se_cmd *cmd)
1969 {
1970 unsigned long flags;
1971
1972 spin_lock_irqsave(&cmd->t_state_lock, flags);
1973 if (!atomic_read(&cmd->t_transport_timeout)) {
1974 spin_unlock_irqrestore(&cmd->t_state_lock, flags);
1975 return;
1976 }
1977 if (atomic_read(&cmd->t_task_cdbs_timeout_left)) {
1978 spin_unlock_irqrestore(&cmd->t_state_lock, flags);
1979 return;
1980 }
1981
1982 atomic_sub(atomic_read(&cmd->t_transport_timeout),
1983 &cmd->t_se_count);
1984 spin_unlock_irqrestore(&cmd->t_state_lock, flags);
1985 }
1986
1987 static void transport_generic_request_timeout(struct se_cmd *cmd)
1988 {
1989 unsigned long flags;
1990
1991 /*
1992 * Reset cmd->t_se_count to allow transport_put_cmd()
1993 * to allow last call to free memory resources.
1994 */
1995 spin_lock_irqsave(&cmd->t_state_lock, flags);
1996 if (atomic_read(&cmd->t_transport_timeout) > 1) {
1997 int tmp = (atomic_read(&cmd->t_transport_timeout) - 1);
1998
1999 atomic_sub(tmp, &cmd->t_se_count);
2000 }
2001 spin_unlock_irqrestore(&cmd->t_state_lock, flags);
2002
2003 transport_put_cmd(cmd);
2004 }
2005
2006 static inline u32 transport_lba_21(unsigned char *cdb)
2007 {
2008 return ((cdb[1] & 0x1f) << 16) | (cdb[2] << 8) | cdb[3];
2009 }
2010
2011 static inline u32 transport_lba_32(unsigned char *cdb)
2012 {
2013 return (cdb[2] << 24) | (cdb[3] << 16) | (cdb[4] << 8) | cdb[5];
2014 }
2015
2016 static inline unsigned long long transport_lba_64(unsigned char *cdb)
2017 {
2018 unsigned int __v1, __v2;
2019
2020 __v1 = (cdb[2] << 24) | (cdb[3] << 16) | (cdb[4] << 8) | cdb[5];
2021 __v2 = (cdb[6] << 24) | (cdb[7] << 16) | (cdb[8] << 8) | cdb[9];
2022
2023 return ((unsigned long long)__v2) | (unsigned long long)__v1 << 32;
2024 }
2025
2026 /*
2027 * For VARIABLE_LENGTH_CDB w/ 32 byte extended CDBs
2028 */
2029 static inline unsigned long long transport_lba_64_ext(unsigned char *cdb)
2030 {
2031 unsigned int __v1, __v2;
2032
2033 __v1 = (cdb[12] << 24) | (cdb[13] << 16) | (cdb[14] << 8) | cdb[15];
2034 __v2 = (cdb[16] << 24) | (cdb[17] << 16) | (cdb[18] << 8) | cdb[19];
2035
2036 return ((unsigned long long)__v2) | (unsigned long long)__v1 << 32;
2037 }
2038
2039 static void transport_set_supported_SAM_opcode(struct se_cmd *se_cmd)
2040 {
2041 unsigned long flags;
2042
2043 spin_lock_irqsave(&se_cmd->t_state_lock, flags);
2044 se_cmd->se_cmd_flags |= SCF_SUPPORTED_SAM_OPCODE;
2045 spin_unlock_irqrestore(&se_cmd->t_state_lock, flags);
2046 }
2047
2048 /*
2049 * Called from interrupt context.
2050 */
2051 static void transport_task_timeout_handler(unsigned long data)
2052 {
2053 struct se_task *task = (struct se_task *)data;
2054 struct se_cmd *cmd = task->task_se_cmd;
2055 unsigned long flags;
2056
2057 pr_debug("transport task timeout fired! task: %p cmd: %p\n", task, cmd);
2058
2059 spin_lock_irqsave(&cmd->t_state_lock, flags);
2060 if (task->task_flags & TF_TIMER_STOP) {
2061 spin_unlock_irqrestore(&cmd->t_state_lock, flags);
2062 return;
2063 }
2064 task->task_flags &= ~TF_TIMER_RUNNING;
2065
2066 /*
2067 * Determine if transport_complete_task() has already been called.
2068 */
2069 if (!(task->task_flags & TF_ACTIVE)) {
2070 pr_debug("transport task: %p cmd: %p timeout !TF_ACTIVE\n",
2071 task, cmd);
2072 spin_unlock_irqrestore(&cmd->t_state_lock, flags);
2073 return;
2074 }
2075
2076 atomic_inc(&cmd->t_se_count);
2077 atomic_inc(&cmd->t_transport_timeout);
2078 cmd->t_tasks_failed = 1;
2079
2080 task->task_flags |= TF_TIMEOUT;
2081 task->task_error_status = PYX_TRANSPORT_TASK_TIMEOUT;
2082 task->task_scsi_status = 1;
2083
2084 if (task->task_flags & TF_REQUEST_STOP) {
2085 pr_debug("transport task: %p cmd: %p timeout TF_REQUEST_STOP"
2086 " == 1\n", task, cmd);
2087 spin_unlock_irqrestore(&cmd->t_state_lock, flags);
2088 complete(&task->task_stop_comp);
2089 return;
2090 }
2091
2092 if (!atomic_dec_and_test(&cmd->t_task_cdbs_left)) {
2093 pr_debug("transport task: %p cmd: %p timeout non zero"
2094 " t_task_cdbs_left\n", task, cmd);
2095 spin_unlock_irqrestore(&cmd->t_state_lock, flags);
2096 return;
2097 }
2098 pr_debug("transport task: %p cmd: %p timeout ZERO t_task_cdbs_left\n",
2099 task, cmd);
2100
2101 cmd->t_state = TRANSPORT_COMPLETE_FAILURE;
2102 spin_unlock_irqrestore(&cmd->t_state_lock, flags);
2103
2104 transport_add_cmd_to_queue(cmd, TRANSPORT_COMPLETE_FAILURE, false);
2105 }
2106
2107 /*
2108 * Called with cmd->t_state_lock held.
2109 */
2110 static void transport_start_task_timer(struct se_task *task)
2111 {
2112 struct se_device *dev = task->task_se_cmd->se_dev;
2113 int timeout;
2114
2115 if (task->task_flags & TF_TIMER_RUNNING)
2116 return;
2117 /*
2118 * If the task_timeout is disabled, exit now.
2119 */
2120 timeout = dev->se_sub_dev->se_dev_attrib.task_timeout;
2121 if (!timeout)
2122 return;
2123
2124 init_timer(&task->task_timer);
2125 task->task_timer.expires = (get_jiffies_64() + timeout * HZ);
2126 task->task_timer.data = (unsigned long) task;
2127 task->task_timer.function = transport_task_timeout_handler;
2128
2129 task->task_flags |= TF_TIMER_RUNNING;
2130 add_timer(&task->task_timer);
2131 #if 0
2132 pr_debug("Starting task timer for cmd: %p task: %p seconds:"
2133 " %d\n", task->task_se_cmd, task, timeout);
2134 #endif
2135 }
2136
2137 /*
2138 * Called with spin_lock_irq(&cmd->t_state_lock) held.
2139 */
2140 void __transport_stop_task_timer(struct se_task *task, unsigned long *flags)
2141 {
2142 struct se_cmd *cmd = task->task_se_cmd;
2143
2144 if (!(task->task_flags & TF_TIMER_RUNNING))
2145 return;
2146
2147 task->task_flags |= TF_TIMER_STOP;
2148 spin_unlock_irqrestore(&cmd->t_state_lock, *flags);
2149
2150 del_timer_sync(&task->task_timer);
2151
2152 spin_lock_irqsave(&cmd->t_state_lock, *flags);
2153 task->task_flags &= ~TF_TIMER_RUNNING;
2154 task->task_flags &= ~TF_TIMER_STOP;
2155 }
2156
2157 static void transport_stop_all_task_timers(struct se_cmd *cmd)
2158 {
2159 struct se_task *task = NULL, *task_tmp;
2160 unsigned long flags;
2161
2162 spin_lock_irqsave(&cmd->t_state_lock, flags);
2163 list_for_each_entry_safe(task, task_tmp,
2164 &cmd->t_task_list, t_list)
2165 __transport_stop_task_timer(task, &flags);
2166 spin_unlock_irqrestore(&cmd->t_state_lock, flags);
2167 }
2168
2169 static inline int transport_tcq_window_closed(struct se_device *dev)
2170 {
2171 if (dev->dev_tcq_window_closed++ <
2172 PYX_TRANSPORT_WINDOW_CLOSED_THRESHOLD) {
2173 msleep(PYX_TRANSPORT_WINDOW_CLOSED_WAIT_SHORT);
2174 } else
2175 msleep(PYX_TRANSPORT_WINDOW_CLOSED_WAIT_LONG);
2176
2177 wake_up_interruptible(&dev->dev_queue_obj.thread_wq);
2178 return 0;
2179 }
2180
2181 /*
2182 * Called from Fabric Module context from transport_execute_tasks()
2183 *
2184 * The return of this function determins if the tasks from struct se_cmd
2185 * get added to the execution queue in transport_execute_tasks(),
2186 * or are added to the delayed or ordered lists here.
2187 */
2188 static inline int transport_execute_task_attr(struct se_cmd *cmd)
2189 {
2190 if (cmd->se_dev->dev_task_attr_type != SAM_TASK_ATTR_EMULATED)
2191 return 1;
2192 /*
2193 * Check for the existence of HEAD_OF_QUEUE, and if true return 1
2194 * to allow the passed struct se_cmd list of tasks to the front of the list.
2195 */
2196 if (cmd->sam_task_attr == MSG_HEAD_TAG) {
2197 atomic_inc(&cmd->se_dev->dev_hoq_count);
2198 smp_mb__after_atomic_inc();
2199 pr_debug("Added HEAD_OF_QUEUE for CDB:"
2200 " 0x%02x, se_ordered_id: %u\n",
2201 cmd->t_task_cdb[0],
2202 cmd->se_ordered_id);
2203 return 1;
2204 } else if (cmd->sam_task_attr == MSG_ORDERED_TAG) {
2205 spin_lock(&cmd->se_dev->ordered_cmd_lock);
2206 list_add_tail(&cmd->se_ordered_node,
2207 &cmd->se_dev->ordered_cmd_list);
2208 spin_unlock(&cmd->se_dev->ordered_cmd_lock);
2209
2210 atomic_inc(&cmd->se_dev->dev_ordered_sync);
2211 smp_mb__after_atomic_inc();
2212
2213 pr_debug("Added ORDERED for CDB: 0x%02x to ordered"
2214 " list, se_ordered_id: %u\n",
2215 cmd->t_task_cdb[0],
2216 cmd->se_ordered_id);
2217 /*
2218 * Add ORDERED command to tail of execution queue if
2219 * no other older commands exist that need to be
2220 * completed first.
2221 */
2222 if (!atomic_read(&cmd->se_dev->simple_cmds))
2223 return 1;
2224 } else {
2225 /*
2226 * For SIMPLE and UNTAGGED Task Attribute commands
2227 */
2228 atomic_inc(&cmd->se_dev->simple_cmds);
2229 smp_mb__after_atomic_inc();
2230 }
2231 /*
2232 * Otherwise if one or more outstanding ORDERED task attribute exist,
2233 * add the dormant task(s) built for the passed struct se_cmd to the
2234 * execution queue and become in Active state for this struct se_device.
2235 */
2236 if (atomic_read(&cmd->se_dev->dev_ordered_sync) != 0) {
2237 /*
2238 * Otherwise, add cmd w/ tasks to delayed cmd queue that
2239 * will be drained upon completion of HEAD_OF_QUEUE task.
2240 */
2241 spin_lock(&cmd->se_dev->delayed_cmd_lock);
2242 cmd->se_cmd_flags |= SCF_DELAYED_CMD_FROM_SAM_ATTR;
2243 list_add_tail(&cmd->se_delayed_node,
2244 &cmd->se_dev->delayed_cmd_list);
2245 spin_unlock(&cmd->se_dev->delayed_cmd_lock);
2246
2247 pr_debug("Added CDB: 0x%02x Task Attr: 0x%02x to"
2248 " delayed CMD list, se_ordered_id: %u\n",
2249 cmd->t_task_cdb[0], cmd->sam_task_attr,
2250 cmd->se_ordered_id);
2251 /*
2252 * Return zero to let transport_execute_tasks() know
2253 * not to add the delayed tasks to the execution list.
2254 */
2255 return 0;
2256 }
2257 /*
2258 * Otherwise, no ORDERED task attributes exist..
2259 */
2260 return 1;
2261 }
2262
2263 /*
2264 * Called from fabric module context in transport_generic_new_cmd() and
2265 * transport_generic_process_write()
2266 */
2267 static int transport_execute_tasks(struct se_cmd *cmd)
2268 {
2269 int add_tasks;
2270
2271 if (se_dev_check_online(cmd->se_orig_obj_ptr) != 0) {
2272 cmd->transport_error_status = PYX_TRANSPORT_LU_COMM_FAILURE;
2273 transport_generic_request_failure(cmd, NULL, 0, 1);
2274 return 0;
2275 }
2276
2277 /*
2278 * Call transport_cmd_check_stop() to see if a fabric exception
2279 * has occurred that prevents execution.
2280 */
2281 if (!transport_cmd_check_stop(cmd, 0, TRANSPORT_PROCESSING)) {
2282 /*
2283 * Check for SAM Task Attribute emulation and HEAD_OF_QUEUE
2284 * attribute for the tasks of the received struct se_cmd CDB
2285 */
2286 add_tasks = transport_execute_task_attr(cmd);
2287 if (!add_tasks)
2288 goto execute_tasks;
2289 /*
2290 * This calls transport_add_tasks_from_cmd() to handle
2291 * HEAD_OF_QUEUE ordering for SAM Task Attribute emulation
2292 * (if enabled) in __transport_add_task_to_execute_queue() and
2293 * transport_add_task_check_sam_attr().
2294 */
2295 transport_add_tasks_from_cmd(cmd);
2296 }
2297 /*
2298 * Kick the execution queue for the cmd associated struct se_device
2299 * storage object.
2300 */
2301 execute_tasks:
2302 __transport_execute_tasks(cmd->se_dev);
2303 return 0;
2304 }
2305
2306 /*
2307 * Called to check struct se_device tcq depth window, and once open pull struct se_task
2308 * from struct se_device->execute_task_list and
2309 *
2310 * Called from transport_processing_thread()
2311 */
2312 static int __transport_execute_tasks(struct se_device *dev)
2313 {
2314 int error;
2315 struct se_cmd *cmd = NULL;
2316 struct se_task *task = NULL;
2317 unsigned long flags;
2318
2319 /*
2320 * Check if there is enough room in the device and HBA queue to send
2321 * struct se_tasks to the selected transport.
2322 */
2323 check_depth:
2324 if (!atomic_read(&dev->depth_left))
2325 return transport_tcq_window_closed(dev);
2326
2327 dev->dev_tcq_window_closed = 0;
2328
2329 spin_lock_irq(&dev->execute_task_lock);
2330 if (list_empty(&dev->execute_task_list)) {
2331 spin_unlock_irq(&dev->execute_task_lock);
2332 return 0;
2333 }
2334 task = list_first_entry(&dev->execute_task_list,
2335 struct se_task, t_execute_list);
2336 __transport_remove_task_from_execute_queue(task, dev);
2337 spin_unlock_irq(&dev->execute_task_lock);
2338
2339 atomic_dec(&dev->depth_left);
2340
2341 cmd = task->task_se_cmd;
2342
2343 spin_lock_irqsave(&cmd->t_state_lock, flags);
2344 task->task_flags |= (TF_ACTIVE | TF_SENT);
2345 atomic_inc(&cmd->t_task_cdbs_sent);
2346
2347 if (atomic_read(&cmd->t_task_cdbs_sent) ==
2348 cmd->t_task_list_num)
2349 atomic_set(&cmd->transport_sent, 1);
2350
2351 transport_start_task_timer(task);
2352 spin_unlock_irqrestore(&cmd->t_state_lock, flags);
2353 /*
2354 * The struct se_cmd->transport_emulate_cdb() function pointer is used
2355 * to grab REPORT_LUNS and other CDBs we want to handle before they hit the
2356 * struct se_subsystem_api->do_task() caller below.
2357 */
2358 if (cmd->transport_emulate_cdb) {
2359 error = cmd->transport_emulate_cdb(cmd);
2360 if (error != 0) {
2361 cmd->transport_error_status = error;
2362 spin_lock_irqsave(&cmd->t_state_lock, flags);
2363 task->task_flags &= ~TF_ACTIVE;
2364 spin_unlock_irqrestore(&cmd->t_state_lock, flags);
2365 atomic_set(&cmd->transport_sent, 0);
2366 transport_stop_tasks_for_cmd(cmd);
2367 transport_generic_request_failure(cmd, dev, 0, 1);
2368 goto check_depth;
2369 }
2370 /*
2371 * Handle the successful completion for transport_emulate_cdb()
2372 * for synchronous operation, following SCF_EMULATE_CDB_ASYNC
2373 * Otherwise the caller is expected to complete the task with
2374 * proper status.
2375 */
2376 if (!(cmd->se_cmd_flags & SCF_EMULATE_CDB_ASYNC)) {
2377 cmd->scsi_status = SAM_STAT_GOOD;
2378 task->task_scsi_status = GOOD;
2379 transport_complete_task(task, 1);
2380 }
2381 } else {
2382 /*
2383 * Currently for all virtual TCM plugins including IBLOCK, FILEIO and
2384 * RAMDISK we use the internal transport_emulate_control_cdb() logic
2385 * with struct se_subsystem_api callers for the primary SPC-3 TYPE_DISK
2386 * LUN emulation code.
2387 *
2388 * For TCM/pSCSI and all other SCF_SCSI_DATA_SG_IO_CDB I/O tasks we
2389 * call ->do_task() directly and let the underlying TCM subsystem plugin
2390 * code handle the CDB emulation.
2391 */
2392 if ((dev->transport->transport_type != TRANSPORT_PLUGIN_PHBA_PDEV) &&
2393 (!(task->task_se_cmd->se_cmd_flags & SCF_SCSI_DATA_SG_IO_CDB)))
2394 error = transport_emulate_control_cdb(task);
2395 else
2396 error = dev->transport->do_task(task);
2397
2398 if (error != 0) {
2399 cmd->transport_error_status = error;
2400 spin_lock_irqsave(&cmd->t_state_lock, flags);
2401 task->task_flags &= ~TF_ACTIVE;
2402 spin_unlock_irqrestore(&cmd->t_state_lock, flags);
2403 atomic_set(&cmd->transport_sent, 0);
2404 transport_stop_tasks_for_cmd(cmd);
2405 transport_generic_request_failure(cmd, dev, 0, 1);
2406 }
2407 }
2408
2409 goto check_depth;
2410
2411 return 0;
2412 }
2413
2414 void transport_new_cmd_failure(struct se_cmd *se_cmd)
2415 {
2416 unsigned long flags;
2417 /*
2418 * Any unsolicited data will get dumped for failed command inside of
2419 * the fabric plugin
2420 */
2421 spin_lock_irqsave(&se_cmd->t_state_lock, flags);
2422 se_cmd->se_cmd_flags |= SCF_SE_CMD_FAILED;
2423 se_cmd->se_cmd_flags |= SCF_SCSI_CDB_EXCEPTION;
2424 spin_unlock_irqrestore(&se_cmd->t_state_lock, flags);
2425 }
2426
2427 static inline u32 transport_get_sectors_6(
2428 unsigned char *cdb,
2429 struct se_cmd *cmd,
2430 int *ret)
2431 {
2432 struct se_device *dev = cmd->se_dev;
2433
2434 /*
2435 * Assume TYPE_DISK for non struct se_device objects.
2436 * Use 8-bit sector value.
2437 */
2438 if (!dev)
2439 goto type_disk;
2440
2441 /*
2442 * Use 24-bit allocation length for TYPE_TAPE.
2443 */
2444 if (dev->transport->get_device_type(dev) == TYPE_TAPE)
2445 return (u32)(cdb[2] << 16) + (cdb[3] << 8) + cdb[4];
2446
2447 /*
2448 * Everything else assume TYPE_DISK Sector CDB location.
2449 * Use 8-bit sector value.
2450 */
2451 type_disk:
2452 return (u32)cdb[4];
2453 }
2454
2455 static inline u32 transport_get_sectors_10(
2456 unsigned char *cdb,
2457 struct se_cmd *cmd,
2458 int *ret)
2459 {
2460 struct se_device *dev = cmd->se_dev;
2461
2462 /*
2463 * Assume TYPE_DISK for non struct se_device objects.
2464 * Use 16-bit sector value.
2465 */
2466 if (!dev)
2467 goto type_disk;
2468
2469 /*
2470 * XXX_10 is not defined in SSC, throw an exception
2471 */
2472 if (dev->transport->get_device_type(dev) == TYPE_TAPE) {
2473 *ret = -EINVAL;
2474 return 0;
2475 }
2476
2477 /*
2478 * Everything else assume TYPE_DISK Sector CDB location.
2479 * Use 16-bit sector value.
2480 */
2481 type_disk:
2482 return (u32)(cdb[7] << 8) + cdb[8];
2483 }
2484
2485 static inline u32 transport_get_sectors_12(
2486 unsigned char *cdb,
2487 struct se_cmd *cmd,
2488 int *ret)
2489 {
2490 struct se_device *dev = cmd->se_dev;
2491
2492 /*
2493 * Assume TYPE_DISK for non struct se_device objects.
2494 * Use 32-bit sector value.
2495 */
2496 if (!dev)
2497 goto type_disk;
2498
2499 /*
2500 * XXX_12 is not defined in SSC, throw an exception
2501 */
2502 if (dev->transport->get_device_type(dev) == TYPE_TAPE) {
2503 *ret = -EINVAL;
2504 return 0;
2505 }
2506
2507 /*
2508 * Everything else assume TYPE_DISK Sector CDB location.
2509 * Use 32-bit sector value.
2510 */
2511 type_disk:
2512 return (u32)(cdb[6] << 24) + (cdb[7] << 16) + (cdb[8] << 8) + cdb[9];
2513 }
2514
2515 static inline u32 transport_get_sectors_16(
2516 unsigned char *cdb,
2517 struct se_cmd *cmd,
2518 int *ret)
2519 {
2520 struct se_device *dev = cmd->se_dev;
2521
2522 /*
2523 * Assume TYPE_DISK for non struct se_device objects.
2524 * Use 32-bit sector value.
2525 */
2526 if (!dev)
2527 goto type_disk;
2528
2529 /*
2530 * Use 24-bit allocation length for TYPE_TAPE.
2531 */
2532 if (dev->transport->get_device_type(dev) == TYPE_TAPE)
2533 return (u32)(cdb[12] << 16) + (cdb[13] << 8) + cdb[14];
2534
2535 type_disk:
2536 return (u32)(cdb[10] << 24) + (cdb[11] << 16) +
2537 (cdb[12] << 8) + cdb[13];
2538 }
2539
2540 /*
2541 * Used for VARIABLE_LENGTH_CDB WRITE_32 and READ_32 variants
2542 */
2543 static inline u32 transport_get_sectors_32(
2544 unsigned char *cdb,
2545 struct se_cmd *cmd,
2546 int *ret)
2547 {
2548 /*
2549 * Assume TYPE_DISK for non struct se_device objects.
2550 * Use 32-bit sector value.
2551 */
2552 return (u32)(cdb[28] << 24) + (cdb[29] << 16) +
2553 (cdb[30] << 8) + cdb[31];
2554
2555 }
2556
2557 static inline u32 transport_get_size(
2558 u32 sectors,
2559 unsigned char *cdb,
2560 struct se_cmd *cmd)
2561 {
2562 struct se_device *dev = cmd->se_dev;
2563
2564 if (dev->transport->get_device_type(dev) == TYPE_TAPE) {
2565 if (cdb[1] & 1) { /* sectors */
2566 return dev->se_sub_dev->se_dev_attrib.block_size * sectors;
2567 } else /* bytes */
2568 return sectors;
2569 }
2570 #if 0
2571 pr_debug("Returning block_size: %u, sectors: %u == %u for"
2572 " %s object\n", dev->se_sub_dev->se_dev_attrib.block_size, sectors,
2573 dev->se_sub_dev->se_dev_attrib.block_size * sectors,
2574 dev->transport->name);
2575 #endif
2576 return dev->se_sub_dev->se_dev_attrib.block_size * sectors;
2577 }
2578
2579 static void transport_xor_callback(struct se_cmd *cmd)
2580 {
2581 unsigned char *buf, *addr;
2582 struct scatterlist *sg;
2583 unsigned int offset;
2584 int i;
2585 int count;
2586 /*
2587 * From sbc3r22.pdf section 5.48 XDWRITEREAD (10) command
2588 *
2589 * 1) read the specified logical block(s);
2590 * 2) transfer logical blocks from the data-out buffer;
2591 * 3) XOR the logical blocks transferred from the data-out buffer with
2592 * the logical blocks read, storing the resulting XOR data in a buffer;
2593 * 4) if the DISABLE WRITE bit is set to zero, then write the logical
2594 * blocks transferred from the data-out buffer; and
2595 * 5) transfer the resulting XOR data to the data-in buffer.
2596 */
2597 buf = kmalloc(cmd->data_length, GFP_KERNEL);
2598 if (!buf) {
2599 pr_err("Unable to allocate xor_callback buf\n");
2600 return;
2601 }
2602 /*
2603 * Copy the scatterlist WRITE buffer located at cmd->t_data_sg
2604 * into the locally allocated *buf
2605 */
2606 sg_copy_to_buffer(cmd->t_data_sg,
2607 cmd->t_data_nents,
2608 buf,
2609 cmd->data_length);
2610
2611 /*
2612 * Now perform the XOR against the BIDI read memory located at
2613 * cmd->t_mem_bidi_list
2614 */
2615
2616 offset = 0;
2617 for_each_sg(cmd->t_bidi_data_sg, sg, cmd->t_bidi_data_nents, count) {
2618 addr = kmap_atomic(sg_page(sg), KM_USER0);
2619 if (!addr)
2620 goto out;
2621
2622 for (i = 0; i < sg->length; i++)
2623 *(addr + sg->offset + i) ^= *(buf + offset + i);
2624
2625 offset += sg->length;
2626 kunmap_atomic(addr, KM_USER0);
2627 }
2628
2629 out:
2630 kfree(buf);
2631 }
2632
2633 /*
2634 * Used to obtain Sense Data from underlying Linux/SCSI struct scsi_cmnd
2635 */
2636 static int transport_get_sense_data(struct se_cmd *cmd)
2637 {
2638 unsigned char *buffer = cmd->sense_buffer, *sense_buffer = NULL;
2639 struct se_device *dev = cmd->se_dev;
2640 struct se_task *task = NULL, *task_tmp;
2641 unsigned long flags;
2642 u32 offset = 0;
2643
2644 WARN_ON(!cmd->se_lun);
2645
2646 if (!dev)
2647 return 0;
2648
2649 spin_lock_irqsave(&cmd->t_state_lock, flags);
2650 if (cmd->se_cmd_flags & SCF_SENT_CHECK_CONDITION) {
2651 spin_unlock_irqrestore(&cmd->t_state_lock, flags);
2652 return 0;
2653 }
2654
2655 list_for_each_entry_safe(task, task_tmp,
2656 &cmd->t_task_list, t_list) {
2657 if (!task->task_sense)
2658 continue;
2659
2660 if (!dev->transport->get_sense_buffer) {
2661 pr_err("dev->transport->get_sense_buffer"
2662 " is NULL\n");
2663 continue;
2664 }
2665
2666 sense_buffer = dev->transport->get_sense_buffer(task);
2667 if (!sense_buffer) {
2668 pr_err("ITT[0x%08x]_TASK[%p]: Unable to locate"
2669 " sense buffer for task with sense\n",
2670 cmd->se_tfo->get_task_tag(cmd), task);
2671 continue;
2672 }
2673 spin_unlock_irqrestore(&cmd->t_state_lock, flags);
2674
2675 offset = cmd->se_tfo->set_fabric_sense_len(cmd,
2676 TRANSPORT_SENSE_BUFFER);
2677
2678 memcpy(&buffer[offset], sense_buffer,
2679 TRANSPORT_SENSE_BUFFER);
2680 cmd->scsi_status = task->task_scsi_status;
2681 /* Automatically padded */
2682 cmd->scsi_sense_length =
2683 (TRANSPORT_SENSE_BUFFER + offset);
2684
2685 pr_debug("HBA_[%u]_PLUG[%s]: Set SAM STATUS: 0x%02x"
2686 " and sense\n",
2687 dev->se_hba->hba_id, dev->transport->name,
2688 cmd->scsi_status);
2689 return 0;
2690 }
2691 spin_unlock_irqrestore(&cmd->t_state_lock, flags);
2692
2693 return -1;
2694 }
2695
2696 static int
2697 transport_handle_reservation_conflict(struct se_cmd *cmd)
2698 {
2699 cmd->se_cmd_flags |= SCF_SCSI_CDB_EXCEPTION;
2700 cmd->se_cmd_flags |= SCF_SCSI_RESERVATION_CONFLICT;
2701 cmd->scsi_status = SAM_STAT_RESERVATION_CONFLICT;
2702 /*
2703 * For UA Interlock Code 11b, a RESERVATION CONFLICT will
2704 * establish a UNIT ATTENTION with PREVIOUS RESERVATION
2705 * CONFLICT STATUS.
2706 *
2707 * See spc4r17, section 7.4.6 Control Mode Page, Table 349
2708 */
2709 if (cmd->se_sess &&
2710 cmd->se_dev->se_sub_dev->se_dev_attrib.emulate_ua_intlck_ctrl == 2)
2711 core_scsi3_ua_allocate(cmd->se_sess->se_node_acl,
2712 cmd->orig_fe_lun, 0x2C,
2713 ASCQ_2CH_PREVIOUS_RESERVATION_CONFLICT_STATUS);
2714 return -EINVAL;
2715 }
2716
2717 static inline long long transport_dev_end_lba(struct se_device *dev)
2718 {
2719 return dev->transport->get_blocks(dev) + 1;
2720 }
2721
2722 static int transport_cmd_get_valid_sectors(struct se_cmd *cmd)
2723 {
2724 struct se_device *dev = cmd->se_dev;
2725 u32 sectors;
2726
2727 if (dev->transport->get_device_type(dev) != TYPE_DISK)
2728 return 0;
2729
2730 sectors = (cmd->data_length / dev->se_sub_dev->se_dev_attrib.block_size);
2731
2732 if ((cmd->t_task_lba + sectors) > transport_dev_end_lba(dev)) {
2733 pr_err("LBA: %llu Sectors: %u exceeds"
2734 " transport_dev_end_lba(): %llu\n",
2735 cmd->t_task_lba, sectors,
2736 transport_dev_end_lba(dev));
2737 return -EINVAL;
2738 }
2739
2740 return 0;
2741 }
2742
2743 static int target_check_write_same_discard(unsigned char *flags, struct se_device *dev)
2744 {
2745 /*
2746 * Determine if the received WRITE_SAME is used to for direct
2747 * passthrough into Linux/SCSI with struct request via TCM/pSCSI
2748 * or we are signaling the use of internal WRITE_SAME + UNMAP=1
2749 * emulation for -> Linux/BLOCK disbard with TCM/IBLOCK code.
2750 */
2751 int passthrough = (dev->transport->transport_type ==
2752 TRANSPORT_PLUGIN_PHBA_PDEV);
2753
2754 if (!passthrough) {
2755 if ((flags[0] & 0x04) || (flags[0] & 0x02)) {
2756 pr_err("WRITE_SAME PBDATA and LBDATA"
2757 " bits not supported for Block Discard"
2758 " Emulation\n");
2759 return -ENOSYS;
2760 }
2761 /*
2762 * Currently for the emulated case we only accept
2763 * tpws with the UNMAP=1 bit set.
2764 */
2765 if (!(flags[0] & 0x08)) {
2766 pr_err("WRITE_SAME w/o UNMAP bit not"
2767 " supported for Block Discard Emulation\n");
2768 return -ENOSYS;
2769 }
2770 }
2771
2772 return 0;
2773 }
2774
2775 /* transport_generic_cmd_sequencer():
2776 *
2777 * Generic Command Sequencer that should work for most DAS transport
2778 * drivers.
2779 *
2780 * Called from transport_generic_allocate_tasks() in the $FABRIC_MOD
2781 * RX Thread.
2782 *
2783 * FIXME: Need to support other SCSI OPCODES where as well.
2784 */
2785 static int transport_generic_cmd_sequencer(
2786 struct se_cmd *cmd,
2787 unsigned char *cdb)
2788 {
2789 struct se_device *dev = cmd->se_dev;
2790 struct se_subsystem_dev *su_dev = dev->se_sub_dev;
2791 int ret = 0, sector_ret = 0, passthrough;
2792 u32 sectors = 0, size = 0, pr_reg_type = 0;
2793 u16 service_action;
2794 u8 alua_ascq = 0;
2795 /*
2796 * Check for an existing UNIT ATTENTION condition
2797 */
2798 if (core_scsi3_ua_check(cmd, cdb) < 0) {
2799 cmd->se_cmd_flags |= SCF_SCSI_CDB_EXCEPTION;
2800 cmd->scsi_sense_reason = TCM_CHECK_CONDITION_UNIT_ATTENTION;
2801 return -EINVAL;
2802 }
2803 /*
2804 * Check status of Asymmetric Logical Unit Assignment port
2805 */
2806 ret = su_dev->t10_alua.alua_state_check(cmd, cdb, &alua_ascq);
2807 if (ret != 0) {
2808 /*
2809 * Set SCSI additional sense code (ASC) to 'LUN Not Accessible';
2810 * The ALUA additional sense code qualifier (ASCQ) is determined
2811 * by the ALUA primary or secondary access state..
2812 */
2813 if (ret > 0) {
2814 #if 0
2815 pr_debug("[%s]: ALUA TG Port not available,"
2816 " SenseKey: NOT_READY, ASC/ASCQ: 0x04/0x%02x\n",
2817 cmd->se_tfo->get_fabric_name(), alua_ascq);
2818 #endif
2819 transport_set_sense_codes(cmd, 0x04, alua_ascq);
2820 cmd->se_cmd_flags |= SCF_SCSI_CDB_EXCEPTION;
2821 cmd->scsi_sense_reason = TCM_CHECK_CONDITION_NOT_READY;
2822 return -EINVAL;
2823 }
2824 goto out_invalid_cdb_field;
2825 }
2826 /*
2827 * Check status for SPC-3 Persistent Reservations
2828 */
2829 if (su_dev->t10_pr.pr_ops.t10_reservation_check(cmd, &pr_reg_type) != 0) {
2830 if (su_dev->t10_pr.pr_ops.t10_seq_non_holder(
2831 cmd, cdb, pr_reg_type) != 0)
2832 return transport_handle_reservation_conflict(cmd);
2833 /*
2834 * This means the CDB is allowed for the SCSI Initiator port
2835 * when said port is *NOT* holding the legacy SPC-2 or
2836 * SPC-3 Persistent Reservation.
2837 */
2838 }
2839
2840 switch (cdb[0]) {
2841 case READ_6:
2842 sectors = transport_get_sectors_6(cdb, cmd, &sector_ret);
2843 if (sector_ret)
2844 goto out_unsupported_cdb;
2845 size = transport_get_size(sectors, cdb, cmd);
2846 cmd->t_task_lba = transport_lba_21(cdb);
2847 cmd->se_cmd_flags |= SCF_SCSI_DATA_SG_IO_CDB;
2848 break;
2849 case READ_10:
2850 sectors = transport_get_sectors_10(cdb, cmd, &sector_ret);
2851 if (sector_ret)
2852 goto out_unsupported_cdb;
2853 size = transport_get_size(sectors, cdb, cmd);
2854 cmd->t_task_lba = transport_lba_32(cdb);
2855 cmd->se_cmd_flags |= SCF_SCSI_DATA_SG_IO_CDB;
2856 break;
2857 case READ_12:
2858 sectors = transport_get_sectors_12(cdb, cmd, &sector_ret);
2859 if (sector_ret)
2860 goto out_unsupported_cdb;
2861 size = transport_get_size(sectors, cdb, cmd);
2862 cmd->t_task_lba = transport_lba_32(cdb);
2863 cmd->se_cmd_flags |= SCF_SCSI_DATA_SG_IO_CDB;
2864 break;
2865 case READ_16:
2866 sectors = transport_get_sectors_16(cdb, cmd, &sector_ret);
2867 if (sector_ret)
2868 goto out_unsupported_cdb;
2869 size = transport_get_size(sectors, cdb, cmd);
2870 cmd->t_task_lba = transport_lba_64(cdb);
2871 cmd->se_cmd_flags |= SCF_SCSI_DATA_SG_IO_CDB;
2872 break;
2873 case WRITE_6:
2874 sectors = transport_get_sectors_6(cdb, cmd, &sector_ret);
2875 if (sector_ret)
2876 goto out_unsupported_cdb;
2877 size = transport_get_size(sectors, cdb, cmd);
2878 cmd->t_task_lba = transport_lba_21(cdb);
2879 cmd->se_cmd_flags |= SCF_SCSI_DATA_SG_IO_CDB;
2880 break;
2881 case WRITE_10:
2882 sectors = transport_get_sectors_10(cdb, cmd, &sector_ret);
2883 if (sector_ret)
2884 goto out_unsupported_cdb;
2885 size = transport_get_size(sectors, cdb, cmd);
2886 cmd->t_task_lba = transport_lba_32(cdb);
2887 cmd->t_tasks_fua = (cdb[1] & 0x8);
2888 cmd->se_cmd_flags |= SCF_SCSI_DATA_SG_IO_CDB;
2889 break;
2890 case WRITE_12:
2891 sectors = transport_get_sectors_12(cdb, cmd, &sector_ret);
2892 if (sector_ret)
2893 goto out_unsupported_cdb;
2894 size = transport_get_size(sectors, cdb, cmd);
2895 cmd->t_task_lba = transport_lba_32(cdb);
2896 cmd->t_tasks_fua = (cdb[1] & 0x8);
2897 cmd->se_cmd_flags |= SCF_SCSI_DATA_SG_IO_CDB;
2898 break;
2899 case WRITE_16:
2900 sectors = transport_get_sectors_16(cdb, cmd, &sector_ret);
2901 if (sector_ret)
2902 goto out_unsupported_cdb;
2903 size = transport_get_size(sectors, cdb, cmd);
2904 cmd->t_task_lba = transport_lba_64(cdb);
2905 cmd->t_tasks_fua = (cdb[1] & 0x8);
2906 cmd->se_cmd_flags |= SCF_SCSI_DATA_SG_IO_CDB;
2907 break;
2908 case XDWRITEREAD_10:
2909 if ((cmd->data_direction != DMA_TO_DEVICE) ||
2910 !(cmd->t_tasks_bidi))
2911 goto out_invalid_cdb_field;
2912 sectors = transport_get_sectors_10(cdb, cmd, &sector_ret);
2913 if (sector_ret)
2914 goto out_unsupported_cdb;
2915 size = transport_get_size(sectors, cdb, cmd);
2916 cmd->t_task_lba = transport_lba_32(cdb);
2917 cmd->se_cmd_flags |= SCF_SCSI_DATA_SG_IO_CDB;
2918 passthrough = (dev->transport->transport_type ==
2919 TRANSPORT_PLUGIN_PHBA_PDEV);
2920 /*
2921 * Skip the remaining assignments for TCM/PSCSI passthrough
2922 */
2923 if (passthrough)
2924 break;
2925 /*
2926 * Setup BIDI XOR callback to be run during transport_generic_complete_ok()
2927 */
2928 cmd->transport_complete_callback = &transport_xor_callback;
2929 cmd->t_tasks_fua = (cdb[1] & 0x8);
2930 break;
2931 case VARIABLE_LENGTH_CMD:
2932 service_action = get_unaligned_be16(&cdb[8]);
2933 /*
2934 * Determine if this is TCM/PSCSI device and we should disable
2935 * internal emulation for this CDB.
2936 */
2937 passthrough = (dev->transport->transport_type ==
2938 TRANSPORT_PLUGIN_PHBA_PDEV);
2939
2940 switch (service_action) {
2941 case XDWRITEREAD_32:
2942 sectors = transport_get_sectors_32(cdb, cmd, &sector_ret);
2943 if (sector_ret)
2944 goto out_unsupported_cdb;
2945 size = transport_get_size(sectors, cdb, cmd);
2946 /*
2947 * Use WRITE_32 and READ_32 opcodes for the emulated
2948 * XDWRITE_READ_32 logic.
2949 */
2950 cmd->t_task_lba = transport_lba_64_ext(cdb);
2951 cmd->se_cmd_flags |= SCF_SCSI_DATA_SG_IO_CDB;
2952
2953 /*
2954 * Skip the remaining assignments for TCM/PSCSI passthrough
2955 */
2956 if (passthrough)
2957 break;
2958
2959 /*
2960 * Setup BIDI XOR callback to be run during
2961 * transport_generic_complete_ok()
2962 */
2963 cmd->transport_complete_callback = &transport_xor_callback;
2964 cmd->t_tasks_fua = (cdb[10] & 0x8);
2965 break;
2966 case WRITE_SAME_32:
2967 sectors = transport_get_sectors_32(cdb, cmd, &sector_ret);
2968 if (sector_ret)
2969 goto out_unsupported_cdb;
2970
2971 if (sectors)
2972 size = transport_get_size(1, cdb, cmd);
2973 else {
2974 pr_err("WSNZ=1, WRITE_SAME w/sectors=0 not"
2975 " supported\n");
2976 goto out_invalid_cdb_field;
2977 }
2978
2979 cmd->t_task_lba = get_unaligned_be64(&cdb[12]);
2980 cmd->se_cmd_flags |= SCF_SCSI_CONTROL_SG_IO_CDB;
2981
2982 if (target_check_write_same_discard(&cdb[10], dev) < 0)
2983 goto out_invalid_cdb_field;
2984
2985 break;
2986 default:
2987 pr_err("VARIABLE_LENGTH_CMD service action"
2988 " 0x%04x not supported\n", service_action);
2989 goto out_unsupported_cdb;
2990 }
2991 break;
2992 case MAINTENANCE_IN:
2993 if (dev->transport->get_device_type(dev) != TYPE_ROM) {
2994 /* MAINTENANCE_IN from SCC-2 */
2995 /*
2996 * Check for emulated MI_REPORT_TARGET_PGS.
2997 */
2998 if (cdb[1] == MI_REPORT_TARGET_PGS) {
2999 cmd->transport_emulate_cdb =
3000 (su_dev->t10_alua.alua_type ==
3001 SPC3_ALUA_EMULATED) ?
3002 core_emulate_report_target_port_groups :
3003 NULL;
3004 }
3005 size = (cdb[6] << 24) | (cdb[7] << 16) |
3006 (cdb[8] << 8) | cdb[9];
3007 } else {
3008 /* GPCMD_SEND_KEY from multi media commands */
3009 size = (cdb[8] << 8) + cdb[9];
3010 }
3011 cmd->se_cmd_flags |= SCF_SCSI_CONTROL_SG_IO_CDB;
3012 break;
3013 case MODE_SELECT:
3014 size = cdb[4];
3015 cmd->se_cmd_flags |= SCF_SCSI_CONTROL_SG_IO_CDB;
3016 break;
3017 case MODE_SELECT_10:
3018 size = (cdb[7] << 8) + cdb[8];
3019 cmd->se_cmd_flags |= SCF_SCSI_CONTROL_SG_IO_CDB;
3020 break;
3021 case MODE_SENSE:
3022 size = cdb[4];
3023 cmd->se_cmd_flags |= SCF_SCSI_CONTROL_SG_IO_CDB;
3024 break;
3025 case MODE_SENSE_10:
3026 case GPCMD_READ_BUFFER_CAPACITY:
3027 case GPCMD_SEND_OPC:
3028 case LOG_SELECT:
3029 case LOG_SENSE:
3030 size = (cdb[7] << 8) + cdb[8];
3031 cmd->se_cmd_flags |= SCF_SCSI_CONTROL_SG_IO_CDB;
3032 break;
3033 case READ_BLOCK_LIMITS:
3034 size = READ_BLOCK_LEN;
3035 cmd->se_cmd_flags |= SCF_SCSI_CONTROL_SG_IO_CDB;
3036 break;
3037 case GPCMD_GET_CONFIGURATION:
3038 case GPCMD_READ_FORMAT_CAPACITIES:
3039 case GPCMD_READ_DISC_INFO:
3040 case GPCMD_READ_TRACK_RZONE_INFO:
3041 size = (cdb[7] << 8) + cdb[8];
3042 cmd->se_cmd_flags |= SCF_SCSI_CONTROL_SG_IO_CDB;
3043 break;
3044 case PERSISTENT_RESERVE_IN:
3045 case PERSISTENT_RESERVE_OUT:
3046 cmd->transport_emulate_cdb =
3047 (su_dev->t10_pr.res_type ==
3048 SPC3_PERSISTENT_RESERVATIONS) ?
3049 core_scsi3_emulate_pr : NULL;
3050 size = (cdb[7] << 8) + cdb[8];
3051 cmd->se_cmd_flags |= SCF_SCSI_CONTROL_SG_IO_CDB;
3052 break;
3053 case GPCMD_MECHANISM_STATUS:
3054 case GPCMD_READ_DVD_STRUCTURE:
3055 size = (cdb[8] << 8) + cdb[9];
3056 cmd->se_cmd_flags |= SCF_SCSI_CONTROL_SG_IO_CDB;
3057 break;
3058 case READ_POSITION:
3059 size = READ_POSITION_LEN;
3060 cmd->se_cmd_flags |= SCF_SCSI_CONTROL_SG_IO_CDB;
3061 break;
3062 case MAINTENANCE_OUT:
3063 if (dev->transport->get_device_type(dev) != TYPE_ROM) {
3064 /* MAINTENANCE_OUT from SCC-2
3065 *
3066 * Check for emulated MO_SET_TARGET_PGS.
3067 */
3068 if (cdb[1] == MO_SET_TARGET_PGS) {
3069 cmd->transport_emulate_cdb =
3070 (su_dev->t10_alua.alua_type ==
3071 SPC3_ALUA_EMULATED) ?
3072 core_emulate_set_target_port_groups :
3073 NULL;
3074 }
3075
3076 size = (cdb[6] << 24) | (cdb[7] << 16) |
3077 (cdb[8] << 8) | cdb[9];
3078 } else {
3079 /* GPCMD_REPORT_KEY from multi media commands */
3080 size = (cdb[8] << 8) + cdb[9];
3081 }
3082 cmd->se_cmd_flags |= SCF_SCSI_CONTROL_SG_IO_CDB;
3083 break;
3084 case INQUIRY:
3085 size = (cdb[3] << 8) + cdb[4];
3086 /*
3087 * Do implict HEAD_OF_QUEUE processing for INQUIRY.
3088 * See spc4r17 section 5.3
3089 */
3090 if (cmd->se_dev->dev_task_attr_type == SAM_TASK_ATTR_EMULATED)
3091 cmd->sam_task_attr = MSG_HEAD_TAG;
3092 cmd->se_cmd_flags |= SCF_SCSI_CONTROL_SG_IO_CDB;
3093 break;
3094 case READ_BUFFER:
3095 size = (cdb[6] << 16) + (cdb[7] << 8) + cdb[8];
3096 cmd->se_cmd_flags |= SCF_SCSI_CONTROL_SG_IO_CDB;
3097 break;
3098 case READ_CAPACITY:
3099 size = READ_CAP_LEN;
3100 cmd->se_cmd_flags |= SCF_SCSI_CONTROL_SG_IO_CDB;
3101 break;
3102 case READ_MEDIA_SERIAL_NUMBER:
3103 case SECURITY_PROTOCOL_IN:
3104 case SECURITY_PROTOCOL_OUT:
3105 size = (cdb[6] << 24) | (cdb[7] << 16) | (cdb[8] << 8) | cdb[9];
3106 cmd->se_cmd_flags |= SCF_SCSI_CONTROL_SG_IO_CDB;
3107 break;
3108 case SERVICE_ACTION_IN:
3109 case ACCESS_CONTROL_IN:
3110 case ACCESS_CONTROL_OUT:
3111 case EXTENDED_COPY:
3112 case READ_ATTRIBUTE:
3113 case RECEIVE_COPY_RESULTS:
3114 case WRITE_ATTRIBUTE:
3115 size = (cdb[10] << 24) | (cdb[11] << 16) |
3116 (cdb[12] << 8) | cdb[13];
3117 cmd->se_cmd_flags |= SCF_SCSI_CONTROL_SG_IO_CDB;
3118 break;
3119 case RECEIVE_DIAGNOSTIC:
3120 case SEND_DIAGNOSTIC:
3121 size = (cdb[3] << 8) | cdb[4];
3122 cmd->se_cmd_flags |= SCF_SCSI_CONTROL_SG_IO_CDB;
3123 break;
3124 /* #warning FIXME: Figure out correct GPCMD_READ_CD blocksize. */
3125 #if 0
3126 case GPCMD_READ_CD:
3127 sectors = (cdb[6] << 16) + (cdb[7] << 8) + cdb[8];
3128 size = (2336 * sectors);
3129 cmd->se_cmd_flags |= SCF_SCSI_CONTROL_SG_IO_CDB;
3130 break;
3131 #endif
3132 case READ_TOC:
3133 size = cdb[8];
3134 cmd->se_cmd_flags |= SCF_SCSI_CONTROL_SG_IO_CDB;
3135 break;
3136 case REQUEST_SENSE:
3137 size = cdb[4];
3138 cmd->se_cmd_flags |= SCF_SCSI_CONTROL_SG_IO_CDB;
3139 break;
3140 case READ_ELEMENT_STATUS:
3141 size = 65536 * cdb[7] + 256 * cdb[8] + cdb[9];
3142 cmd->se_cmd_flags |= SCF_SCSI_CONTROL_SG_IO_CDB;
3143 break;
3144 case WRITE_BUFFER:
3145 size = (cdb[6] << 16) + (cdb[7] << 8) + cdb[8];
3146 cmd->se_cmd_flags |= SCF_SCSI_CONTROL_SG_IO_CDB;
3147 break;
3148 case RESERVE:
3149 case RESERVE_10:
3150 /*
3151 * The SPC-2 RESERVE does not contain a size in the SCSI CDB.
3152 * Assume the passthrough or $FABRIC_MOD will tell us about it.
3153 */
3154 if (cdb[0] == RESERVE_10)
3155 size = (cdb[7] << 8) | cdb[8];
3156 else
3157 size = cmd->data_length;
3158
3159 /*
3160 * Setup the legacy emulated handler for SPC-2 and
3161 * >= SPC-3 compatible reservation handling (CRH=1)
3162 * Otherwise, we assume the underlying SCSI logic is
3163 * is running in SPC_PASSTHROUGH, and wants reservations
3164 * emulation disabled.
3165 */
3166 cmd->transport_emulate_cdb =
3167 (su_dev->t10_pr.res_type !=
3168 SPC_PASSTHROUGH) ?
3169 core_scsi2_emulate_crh : NULL;
3170 cmd->se_cmd_flags |= SCF_SCSI_NON_DATA_CDB;
3171 break;
3172 case RELEASE:
3173 case RELEASE_10:
3174 /*
3175 * The SPC-2 RELEASE does not contain a size in the SCSI CDB.
3176 * Assume the passthrough or $FABRIC_MOD will tell us about it.
3177 */
3178 if (cdb[0] == RELEASE_10)
3179 size = (cdb[7] << 8) | cdb[8];
3180 else
3181 size = cmd->data_length;
3182
3183 cmd->transport_emulate_cdb =
3184 (su_dev->t10_pr.res_type !=
3185 SPC_PASSTHROUGH) ?
3186 core_scsi2_emulate_crh : NULL;
3187 cmd->se_cmd_flags |= SCF_SCSI_NON_DATA_CDB;
3188 break;
3189 case SYNCHRONIZE_CACHE:
3190 case 0x91: /* SYNCHRONIZE_CACHE_16: */
3191 /*
3192 * Extract LBA and range to be flushed for emulated SYNCHRONIZE_CACHE
3193 */
3194 if (cdb[0] == SYNCHRONIZE_CACHE) {
3195 sectors = transport_get_sectors_10(cdb, cmd, &sector_ret);
3196 cmd->t_task_lba = transport_lba_32(cdb);
3197 } else {
3198 sectors = transport_get_sectors_16(cdb, cmd, &sector_ret);
3199 cmd->t_task_lba = transport_lba_64(cdb);
3200 }
3201 if (sector_ret)
3202 goto out_unsupported_cdb;
3203
3204 size = transport_get_size(sectors, cdb, cmd);
3205 cmd->se_cmd_flags |= SCF_SCSI_NON_DATA_CDB;
3206
3207 /*
3208 * For TCM/pSCSI passthrough, skip cmd->transport_emulate_cdb()
3209 */
3210 if (dev->transport->transport_type == TRANSPORT_PLUGIN_PHBA_PDEV)
3211 break;
3212 /*
3213 * Set SCF_EMULATE_CDB_ASYNC to ensure asynchronous operation
3214 * for SYNCHRONIZE_CACHE* Immed=1 case in __transport_execute_tasks()
3215 */
3216 cmd->se_cmd_flags |= SCF_EMULATE_CDB_ASYNC;
3217 /*
3218 * Check to ensure that LBA + Range does not exceed past end of
3219 * device for IBLOCK and FILEIO ->do_sync_cache() backend calls
3220 */
3221 if ((cmd->t_task_lba != 0) || (sectors != 0)) {
3222 if (transport_cmd_get_valid_sectors(cmd) < 0)
3223 goto out_invalid_cdb_field;
3224 }
3225 break;
3226 case UNMAP:
3227 size = get_unaligned_be16(&cdb[7]);
3228 cmd->se_cmd_flags |= SCF_SCSI_CONTROL_SG_IO_CDB;
3229 break;
3230 case WRITE_SAME_16:
3231 sectors = transport_get_sectors_16(cdb, cmd, &sector_ret);
3232 if (sector_ret)
3233 goto out_unsupported_cdb;
3234
3235 if (sectors)
3236 size = transport_get_size(1, cdb, cmd);
3237 else {
3238 pr_err("WSNZ=1, WRITE_SAME w/sectors=0 not supported\n");
3239 goto out_invalid_cdb_field;
3240 }
3241
3242 cmd->t_task_lba = get_unaligned_be64(&cdb[2]);
3243 cmd->se_cmd_flags |= SCF_SCSI_CONTROL_SG_IO_CDB;
3244
3245 if (target_check_write_same_discard(&cdb[1], dev) < 0)
3246 goto out_invalid_cdb_field;
3247 break;
3248 case WRITE_SAME:
3249 sectors = transport_get_sectors_10(cdb, cmd, &sector_ret);
3250 if (sector_ret)
3251 goto out_unsupported_cdb;
3252
3253 if (sectors)
3254 size = transport_get_size(1, cdb, cmd);
3255 else {
3256 pr_err("WSNZ=1, WRITE_SAME w/sectors=0 not supported\n");
3257 goto out_invalid_cdb_field;
3258 }
3259
3260 cmd->t_task_lba = get_unaligned_be32(&cdb[2]);
3261 cmd->se_cmd_flags |= SCF_SCSI_CONTROL_SG_IO_CDB;
3262 /*
3263 * Follow sbcr26 with WRITE_SAME (10) and check for the existence
3264 * of byte 1 bit 3 UNMAP instead of original reserved field
3265 */
3266 if (target_check_write_same_discard(&cdb[1], dev) < 0)
3267 goto out_invalid_cdb_field;
3268 break;
3269 case ALLOW_MEDIUM_REMOVAL:
3270 case GPCMD_CLOSE_TRACK:
3271 case ERASE:
3272 case INITIALIZE_ELEMENT_STATUS:
3273 case GPCMD_LOAD_UNLOAD:
3274 case REZERO_UNIT:
3275 case SEEK_10:
3276 case GPCMD_SET_SPEED:
3277 case SPACE:
3278 case START_STOP:
3279 case TEST_UNIT_READY:
3280 case VERIFY:
3281 case WRITE_FILEMARKS:
3282 case MOVE_MEDIUM:
3283 cmd->se_cmd_flags |= SCF_SCSI_NON_DATA_CDB;
3284 break;
3285 case REPORT_LUNS:
3286 cmd->transport_emulate_cdb =
3287 transport_core_report_lun_response;
3288 size = (cdb[6] << 24) | (cdb[7] << 16) | (cdb[8] << 8) | cdb[9];
3289 /*
3290 * Do implict HEAD_OF_QUEUE processing for REPORT_LUNS
3291 * See spc4r17 section 5.3
3292 */
3293 if (cmd->se_dev->dev_task_attr_type == SAM_TASK_ATTR_EMULATED)
3294 cmd->sam_task_attr = MSG_HEAD_TAG;
3295 cmd->se_cmd_flags |= SCF_SCSI_CONTROL_SG_IO_CDB;
3296 break;
3297 default:
3298 pr_warn("TARGET_CORE[%s]: Unsupported SCSI Opcode"
3299 " 0x%02x, sending CHECK_CONDITION.\n",
3300 cmd->se_tfo->get_fabric_name(), cdb[0]);
3301 goto out_unsupported_cdb;
3302 }
3303
3304 if (size != cmd->data_length) {
3305 pr_warn("TARGET_CORE[%s]: Expected Transfer Length:"
3306 " %u does not match SCSI CDB Length: %u for SAM Opcode:"
3307 " 0x%02x\n", cmd->se_tfo->get_fabric_name(),
3308 cmd->data_length, size, cdb[0]);
3309
3310 cmd->cmd_spdtl = size;
3311
3312 if (cmd->data_direction == DMA_TO_DEVICE) {
3313 pr_err("Rejecting underflow/overflow"
3314 " WRITE data\n");
3315 goto out_invalid_cdb_field;
3316 }
3317 /*
3318 * Reject READ_* or WRITE_* with overflow/underflow for
3319 * type SCF_SCSI_DATA_SG_IO_CDB.
3320 */
3321 if (!ret && (dev->se_sub_dev->se_dev_attrib.block_size != 512)) {
3322 pr_err("Failing OVERFLOW/UNDERFLOW for LBA op"
3323 " CDB on non 512-byte sector setup subsystem"
3324 " plugin: %s\n", dev->transport->name);
3325 /* Returns CHECK_CONDITION + INVALID_CDB_FIELD */
3326 goto out_invalid_cdb_field;
3327 }
3328
3329 if (size > cmd->data_length) {
3330 cmd->se_cmd_flags |= SCF_OVERFLOW_BIT;
3331 cmd->residual_count = (size - cmd->data_length);
3332 } else {
3333 cmd->se_cmd_flags |= SCF_UNDERFLOW_BIT;
3334 cmd->residual_count = (cmd->data_length - size);
3335 }
3336 cmd->data_length = size;
3337 }
3338
3339 /* Let's limit control cdbs to a page, for simplicity's sake. */
3340 if ((cmd->se_cmd_flags & SCF_SCSI_CONTROL_SG_IO_CDB) &&
3341 size > PAGE_SIZE)
3342 goto out_invalid_cdb_field;
3343
3344 transport_set_supported_SAM_opcode(cmd);
3345 return ret;
3346
3347 out_unsupported_cdb:
3348 cmd->se_cmd_flags |= SCF_SCSI_CDB_EXCEPTION;
3349 cmd->scsi_sense_reason = TCM_UNSUPPORTED_SCSI_OPCODE;
3350 return -EINVAL;
3351 out_invalid_cdb_field:
3352 cmd->se_cmd_flags |= SCF_SCSI_CDB_EXCEPTION;
3353 cmd->scsi_sense_reason = TCM_INVALID_CDB_FIELD;
3354 return -EINVAL;
3355 }
3356
3357 /*
3358 * Called from transport_generic_complete_ok() and
3359 * transport_generic_request_failure() to determine which dormant/delayed
3360 * and ordered cmds need to have their tasks added to the execution queue.
3361 */
3362 static void transport_complete_task_attr(struct se_cmd *cmd)
3363 {
3364 struct se_device *dev = cmd->se_dev;
3365 struct se_cmd *cmd_p, *cmd_tmp;
3366 int new_active_tasks = 0;
3367
3368 if (cmd->sam_task_attr == MSG_SIMPLE_TAG) {
3369 atomic_dec(&dev->simple_cmds);
3370 smp_mb__after_atomic_dec();
3371 dev->dev_cur_ordered_id++;
3372 pr_debug("Incremented dev->dev_cur_ordered_id: %u for"
3373 " SIMPLE: %u\n", dev->dev_cur_ordered_id,
3374 cmd->se_ordered_id);
3375 } else if (cmd->sam_task_attr == MSG_HEAD_TAG) {
3376 atomic_dec(&dev->dev_hoq_count);
3377 smp_mb__after_atomic_dec();
3378 dev->dev_cur_ordered_id++;
3379 pr_debug("Incremented dev_cur_ordered_id: %u for"
3380 " HEAD_OF_QUEUE: %u\n", dev->dev_cur_ordered_id,
3381 cmd->se_ordered_id);
3382 } else if (cmd->sam_task_attr == MSG_ORDERED_TAG) {
3383 spin_lock(&dev->ordered_cmd_lock);
3384 list_del(&cmd->se_ordered_node);
3385 atomic_dec(&dev->dev_ordered_sync);
3386 smp_mb__after_atomic_dec();
3387 spin_unlock(&dev->ordered_cmd_lock);
3388
3389 dev->dev_cur_ordered_id++;
3390 pr_debug("Incremented dev_cur_ordered_id: %u for ORDERED:"
3391 " %u\n", dev->dev_cur_ordered_id, cmd->se_ordered_id);
3392 }
3393 /*
3394 * Process all commands up to the last received
3395 * ORDERED task attribute which requires another blocking
3396 * boundary
3397 */
3398 spin_lock(&dev->delayed_cmd_lock);
3399 list_for_each_entry_safe(cmd_p, cmd_tmp,
3400 &dev->delayed_cmd_list, se_delayed_node) {
3401
3402 list_del(&cmd_p->se_delayed_node);
3403 spin_unlock(&dev->delayed_cmd_lock);
3404
3405 pr_debug("Calling add_tasks() for"
3406 " cmd_p: 0x%02x Task Attr: 0x%02x"
3407 " Dormant -> Active, se_ordered_id: %u\n",
3408 cmd_p->t_task_cdb[0],
3409 cmd_p->sam_task_attr, cmd_p->se_ordered_id);
3410
3411 transport_add_tasks_from_cmd(cmd_p);
3412 new_active_tasks++;
3413
3414 spin_lock(&dev->delayed_cmd_lock);
3415 if (cmd_p->sam_task_attr == MSG_ORDERED_TAG)
3416 break;
3417 }
3418 spin_unlock(&dev->delayed_cmd_lock);
3419 /*
3420 * If new tasks have become active, wake up the transport thread
3421 * to do the processing of the Active tasks.
3422 */
3423 if (new_active_tasks != 0)
3424 wake_up_interruptible(&dev->dev_queue_obj.thread_wq);
3425 }
3426
3427 static void transport_complete_qf(struct se_cmd *cmd)
3428 {
3429 int ret = 0;
3430
3431 transport_stop_all_task_timers(cmd);
3432 if (cmd->se_dev->dev_task_attr_type == SAM_TASK_ATTR_EMULATED)
3433 transport_complete_task_attr(cmd);
3434
3435 if (cmd->se_cmd_flags & SCF_TRANSPORT_TASK_SENSE) {
3436 ret = cmd->se_tfo->queue_status(cmd);
3437 if (ret)
3438 goto out;
3439 }
3440
3441 switch (cmd->data_direction) {
3442 case DMA_FROM_DEVICE:
3443 ret = cmd->se_tfo->queue_data_in(cmd);
3444 break;
3445 case DMA_TO_DEVICE:
3446 if (cmd->t_bidi_data_sg) {
3447 ret = cmd->se_tfo->queue_data_in(cmd);
3448 if (ret < 0)
3449 break;
3450 }
3451 /* Fall through for DMA_TO_DEVICE */
3452 case DMA_NONE:
3453 ret = cmd->se_tfo->queue_status(cmd);
3454 break;
3455 default:
3456 break;
3457 }
3458
3459 out:
3460 if (ret < 0) {
3461 transport_handle_queue_full(cmd, cmd->se_dev);
3462 return;
3463 }
3464 transport_lun_remove_cmd(cmd);
3465 transport_cmd_check_stop_to_fabric(cmd);
3466 }
3467
3468 static void transport_handle_queue_full(
3469 struct se_cmd *cmd,
3470 struct se_device *dev)
3471 {
3472 spin_lock_irq(&dev->qf_cmd_lock);
3473 list_add_tail(&cmd->se_qf_node, &cmd->se_dev->qf_cmd_list);
3474 atomic_inc(&dev->dev_qf_count);
3475 smp_mb__after_atomic_inc();
3476 spin_unlock_irq(&cmd->se_dev->qf_cmd_lock);
3477
3478 schedule_work(&cmd->se_dev->qf_work_queue);
3479 }
3480
3481 static void transport_generic_complete_ok(struct se_cmd *cmd)
3482 {
3483 int reason = 0, ret;
3484 /*
3485 * Check if we need to move delayed/dormant tasks from cmds on the
3486 * delayed execution list after a HEAD_OF_QUEUE or ORDERED Task
3487 * Attribute.
3488 */
3489 if (cmd->se_dev->dev_task_attr_type == SAM_TASK_ATTR_EMULATED)
3490 transport_complete_task_attr(cmd);
3491 /*
3492 * Check to schedule QUEUE_FULL work, or execute an existing
3493 * cmd->transport_qf_callback()
3494 */
3495 if (atomic_read(&cmd->se_dev->dev_qf_count) != 0)
3496 schedule_work(&cmd->se_dev->qf_work_queue);
3497
3498 /*
3499 * Check if we need to retrieve a sense buffer from
3500 * the struct se_cmd in question.
3501 */
3502 if (cmd->se_cmd_flags & SCF_TRANSPORT_TASK_SENSE) {
3503 if (transport_get_sense_data(cmd) < 0)
3504 reason = TCM_NON_EXISTENT_LUN;
3505
3506 /*
3507 * Only set when an struct se_task->task_scsi_status returned
3508 * a non GOOD status.
3509 */
3510 if (cmd->scsi_status) {
3511 ret = transport_send_check_condition_and_sense(
3512 cmd, reason, 1);
3513 if (ret == -EAGAIN)
3514 goto queue_full;
3515
3516 transport_lun_remove_cmd(cmd);
3517 transport_cmd_check_stop_to_fabric(cmd);
3518 return;
3519 }
3520 }
3521 /*
3522 * Check for a callback, used by amongst other things
3523 * XDWRITE_READ_10 emulation.
3524 */
3525 if (cmd->transport_complete_callback)
3526 cmd->transport_complete_callback(cmd);
3527
3528 switch (cmd->data_direction) {
3529 case DMA_FROM_DEVICE:
3530 spin_lock(&cmd->se_lun->lun_sep_lock);
3531 if (cmd->se_lun->lun_sep) {
3532 cmd->se_lun->lun_sep->sep_stats.tx_data_octets +=
3533 cmd->data_length;
3534 }
3535 spin_unlock(&cmd->se_lun->lun_sep_lock);
3536
3537 ret = cmd->se_tfo->queue_data_in(cmd);
3538 if (ret == -EAGAIN)
3539 goto queue_full;
3540 break;
3541 case DMA_TO_DEVICE:
3542 spin_lock(&cmd->se_lun->lun_sep_lock);
3543 if (cmd->se_lun->lun_sep) {
3544 cmd->se_lun->lun_sep->sep_stats.rx_data_octets +=
3545 cmd->data_length;
3546 }
3547 spin_unlock(&cmd->se_lun->lun_sep_lock);
3548 /*
3549 * Check if we need to send READ payload for BIDI-COMMAND
3550 */
3551 if (cmd->t_bidi_data_sg) {
3552 spin_lock(&cmd->se_lun->lun_sep_lock);
3553 if (cmd->se_lun->lun_sep) {
3554 cmd->se_lun->lun_sep->sep_stats.tx_data_octets +=
3555 cmd->data_length;
3556 }
3557 spin_unlock(&cmd->se_lun->lun_sep_lock);
3558 ret = cmd->se_tfo->queue_data_in(cmd);
3559 if (ret == -EAGAIN)
3560 goto queue_full;
3561 break;
3562 }
3563 /* Fall through for DMA_TO_DEVICE */
3564 case DMA_NONE:
3565 ret = cmd->se_tfo->queue_status(cmd);
3566 if (ret == -EAGAIN)
3567 goto queue_full;
3568 break;
3569 default:
3570 break;
3571 }
3572
3573 transport_lun_remove_cmd(cmd);
3574 transport_cmd_check_stop_to_fabric(cmd);
3575 return;
3576
3577 queue_full:
3578 pr_debug("Handling complete_ok QUEUE_FULL: se_cmd: %p,"
3579 " data_direction: %d\n", cmd, cmd->data_direction);
3580 cmd->t_state = TRANSPORT_COMPLETE_QF_OK;
3581 transport_handle_queue_full(cmd, cmd->se_dev);
3582 }
3583
3584 static void transport_free_dev_tasks(struct se_cmd *cmd)
3585 {
3586 struct se_task *task, *task_tmp;
3587 unsigned long flags;
3588 LIST_HEAD(dispose_list);
3589
3590 spin_lock_irqsave(&cmd->t_state_lock, flags);
3591 list_for_each_entry_safe(task, task_tmp,
3592 &cmd->t_task_list, t_list) {
3593 if (!(task->task_flags & TF_ACTIVE))
3594 list_move_tail(&task->t_list, &dispose_list);
3595 }
3596 spin_unlock_irqrestore(&cmd->t_state_lock, flags);
3597
3598 while (!list_empty(&dispose_list)) {
3599 task = list_first_entry(&dispose_list, struct se_task, t_list);
3600
3601 kfree(task->task_sg_bidi);
3602 kfree(task->task_sg);
3603
3604 list_del(&task->t_list);
3605
3606 cmd->se_dev->transport->free_task(task);
3607 }
3608 }
3609
3610 static inline void transport_free_sgl(struct scatterlist *sgl, int nents)
3611 {
3612 struct scatterlist *sg;
3613 int count;
3614
3615 for_each_sg(sgl, sg, nents, count)
3616 __free_page(sg_page(sg));
3617
3618 kfree(sgl);
3619 }
3620
3621 static inline void transport_free_pages(struct se_cmd *cmd)
3622 {
3623 if (cmd->se_cmd_flags & SCF_PASSTHROUGH_SG_TO_MEM_NOALLOC)
3624 return;
3625
3626 transport_free_sgl(cmd->t_data_sg, cmd->t_data_nents);
3627 cmd->t_data_sg = NULL;
3628 cmd->t_data_nents = 0;
3629
3630 transport_free_sgl(cmd->t_bidi_data_sg, cmd->t_bidi_data_nents);
3631 cmd->t_bidi_data_sg = NULL;
3632 cmd->t_bidi_data_nents = 0;
3633 }
3634
3635 /**
3636 * transport_put_cmd - release a reference to a command
3637 * @cmd: command to release
3638 *
3639 * This routine releases our reference to the command and frees it if possible.
3640 */
3641 static void transport_put_cmd(struct se_cmd *cmd)
3642 {
3643 unsigned long flags;
3644 int free_tasks = 0;
3645
3646 spin_lock_irqsave(&cmd->t_state_lock, flags);
3647 if (atomic_read(&cmd->t_fe_count)) {
3648 if (!atomic_dec_and_test(&cmd->t_fe_count))
3649 goto out_busy;
3650 }
3651
3652 if (atomic_read(&cmd->t_se_count)) {
3653 if (!atomic_dec_and_test(&cmd->t_se_count))
3654 goto out_busy;
3655 }
3656
3657 if (atomic_read(&cmd->transport_dev_active)) {
3658 atomic_set(&cmd->transport_dev_active, 0);
3659 transport_all_task_dev_remove_state(cmd);
3660 free_tasks = 1;
3661 }
3662 spin_unlock_irqrestore(&cmd->t_state_lock, flags);
3663
3664 if (free_tasks != 0)
3665 transport_free_dev_tasks(cmd);
3666
3667 transport_free_pages(cmd);
3668 transport_release_cmd(cmd);
3669 return;
3670 out_busy:
3671 spin_unlock_irqrestore(&cmd->t_state_lock, flags);
3672 }
3673
3674 /*
3675 * transport_generic_map_mem_to_cmd - Use fabric-alloced pages instead of
3676 * allocating in the core.
3677 * @cmd: Associated se_cmd descriptor
3678 * @mem: SGL style memory for TCM WRITE / READ
3679 * @sg_mem_num: Number of SGL elements
3680 * @mem_bidi_in: SGL style memory for TCM BIDI READ
3681 * @sg_mem_bidi_num: Number of BIDI READ SGL elements
3682 *
3683 * Return: nonzero return cmd was rejected for -ENOMEM or inproper usage
3684 * of parameters.
3685 */
3686 int transport_generic_map_mem_to_cmd(
3687 struct se_cmd *cmd,
3688 struct scatterlist *sgl,
3689 u32 sgl_count,
3690 struct scatterlist *sgl_bidi,
3691 u32 sgl_bidi_count)
3692 {
3693 if (!sgl || !sgl_count)
3694 return 0;
3695
3696 if ((cmd->se_cmd_flags & SCF_SCSI_DATA_SG_IO_CDB) ||
3697 (cmd->se_cmd_flags & SCF_SCSI_CONTROL_SG_IO_CDB)) {
3698
3699 cmd->t_data_sg = sgl;
3700 cmd->t_data_nents = sgl_count;
3701
3702 if (sgl_bidi && sgl_bidi_count) {
3703 cmd->t_bidi_data_sg = sgl_bidi;
3704 cmd->t_bidi_data_nents = sgl_bidi_count;
3705 }
3706 cmd->se_cmd_flags |= SCF_PASSTHROUGH_SG_TO_MEM_NOALLOC;
3707 }
3708
3709 return 0;
3710 }
3711 EXPORT_SYMBOL(transport_generic_map_mem_to_cmd);
3712
3713 static int transport_new_cmd_obj(struct se_cmd *cmd)
3714 {
3715 struct se_device *dev = cmd->se_dev;
3716 int set_counts = 1, rc, task_cdbs;
3717
3718 /*
3719 * Setup any BIDI READ tasks and memory from
3720 * cmd->t_mem_bidi_list so the READ struct se_tasks
3721 * are queued first for the non pSCSI passthrough case.
3722 */
3723 if (cmd->t_bidi_data_sg &&
3724 (dev->transport->transport_type != TRANSPORT_PLUGIN_PHBA_PDEV)) {
3725 rc = transport_allocate_tasks(cmd,
3726 cmd->t_task_lba,
3727 DMA_FROM_DEVICE,
3728 cmd->t_bidi_data_sg,
3729 cmd->t_bidi_data_nents);
3730 if (rc <= 0) {
3731 cmd->se_cmd_flags |= SCF_SCSI_CDB_EXCEPTION;
3732 cmd->scsi_sense_reason =
3733 TCM_LOGICAL_UNIT_COMMUNICATION_FAILURE;
3734 return -EINVAL;
3735 }
3736 atomic_inc(&cmd->t_fe_count);
3737 atomic_inc(&cmd->t_se_count);
3738 set_counts = 0;
3739 }
3740 /*
3741 * Setup the tasks and memory from cmd->t_mem_list
3742 * Note for BIDI transfers this will contain the WRITE payload
3743 */
3744 task_cdbs = transport_allocate_tasks(cmd,
3745 cmd->t_task_lba,
3746 cmd->data_direction,
3747 cmd->t_data_sg,
3748 cmd->t_data_nents);
3749 if (task_cdbs <= 0) {
3750 cmd->se_cmd_flags |= SCF_SCSI_CDB_EXCEPTION;
3751 cmd->scsi_sense_reason =
3752 TCM_LOGICAL_UNIT_COMMUNICATION_FAILURE;
3753 return -EINVAL;
3754 }
3755
3756 if (set_counts) {
3757 atomic_inc(&cmd->t_fe_count);
3758 atomic_inc(&cmd->t_se_count);
3759 }
3760
3761 cmd->t_task_list_num = task_cdbs;
3762
3763 atomic_set(&cmd->t_task_cdbs_left, task_cdbs);
3764 atomic_set(&cmd->t_task_cdbs_ex_left, task_cdbs);
3765 atomic_set(&cmd->t_task_cdbs_timeout_left, task_cdbs);
3766 return 0;
3767 }
3768
3769 void *transport_kmap_first_data_page(struct se_cmd *cmd)
3770 {
3771 struct scatterlist *sg = cmd->t_data_sg;
3772
3773 BUG_ON(!sg);
3774 /*
3775 * We need to take into account a possible offset here for fabrics like
3776 * tcm_loop who may be using a contig buffer from the SCSI midlayer for
3777 * control CDBs passed as SGLs via transport_generic_map_mem_to_cmd()
3778 */
3779 return kmap(sg_page(sg)) + sg->offset;
3780 }
3781 EXPORT_SYMBOL(transport_kmap_first_data_page);
3782
3783 void transport_kunmap_first_data_page(struct se_cmd *cmd)
3784 {
3785 kunmap(sg_page(cmd->t_data_sg));
3786 }
3787 EXPORT_SYMBOL(transport_kunmap_first_data_page);
3788
3789 static int
3790 transport_generic_get_mem(struct se_cmd *cmd)
3791 {
3792 u32 length = cmd->data_length;
3793 unsigned int nents;
3794 struct page *page;
3795 int i = 0;
3796
3797 nents = DIV_ROUND_UP(length, PAGE_SIZE);
3798 cmd->t_data_sg = kmalloc(sizeof(struct scatterlist) * nents, GFP_KERNEL);
3799 if (!cmd->t_data_sg)
3800 return -ENOMEM;
3801
3802 cmd->t_data_nents = nents;
3803 sg_init_table(cmd->t_data_sg, nents);
3804
3805 while (length) {
3806 u32 page_len = min_t(u32, length, PAGE_SIZE);
3807 page = alloc_page(GFP_KERNEL | __GFP_ZERO);
3808 if (!page)
3809 goto out;
3810
3811 sg_set_page(&cmd->t_data_sg[i], page, page_len, 0);
3812 length -= page_len;
3813 i++;
3814 }
3815 return 0;
3816
3817 out:
3818 while (i >= 0) {
3819 __free_page(sg_page(&cmd->t_data_sg[i]));
3820 i--;
3821 }
3822 kfree(cmd->t_data_sg);
3823 cmd->t_data_sg = NULL;
3824 return -ENOMEM;
3825 }
3826
3827 /* Reduce sectors if they are too long for the device */
3828 static inline sector_t transport_limit_task_sectors(
3829 struct se_device *dev,
3830 unsigned long long lba,
3831 sector_t sectors)
3832 {
3833 sectors = min_t(sector_t, sectors, dev->se_sub_dev->se_dev_attrib.max_sectors);
3834
3835 if (dev->transport->get_device_type(dev) == TYPE_DISK)
3836 if ((lba + sectors) > transport_dev_end_lba(dev))
3837 sectors = ((transport_dev_end_lba(dev) - lba) + 1);
3838
3839 return sectors;
3840 }
3841
3842
3843 /*
3844 * This function can be used by HW target mode drivers to create a linked
3845 * scatterlist from all contiguously allocated struct se_task->task_sg[].
3846 * This is intended to be called during the completion path by TCM Core
3847 * when struct target_core_fabric_ops->check_task_sg_chaining is enabled.
3848 */
3849 void transport_do_task_sg_chain(struct se_cmd *cmd)
3850 {
3851 struct scatterlist *sg_first = NULL;
3852 struct scatterlist *sg_prev = NULL;
3853 int sg_prev_nents = 0;
3854 struct scatterlist *sg;
3855 struct se_task *task;
3856 u32 chained_nents = 0;
3857 int i;
3858
3859 BUG_ON(!cmd->se_tfo->task_sg_chaining);
3860
3861 /*
3862 * Walk the struct se_task list and setup scatterlist chains
3863 * for each contiguously allocated struct se_task->task_sg[].
3864 */
3865 list_for_each_entry(task, &cmd->t_task_list, t_list) {
3866 if (!task->task_sg)
3867 continue;
3868
3869 if (!sg_first) {
3870 sg_first = task->task_sg;
3871 chained_nents = task->task_sg_nents;
3872 } else {
3873 sg_chain(sg_prev, sg_prev_nents, task->task_sg);
3874 chained_nents += task->task_sg_nents;
3875 }
3876 /*
3877 * For the padded tasks, use the extra SGL vector allocated
3878 * in transport_allocate_data_tasks() for the sg_prev_nents
3879 * offset into sg_chain() above.
3880 *
3881 * We do not need the padding for the last task (or a single
3882 * task), but in that case we will never use the sg_prev_nents
3883 * value below which would be incorrect.
3884 */
3885 sg_prev_nents = (task->task_sg_nents + 1);
3886 sg_prev = task->task_sg;
3887 }
3888 /*
3889 * Setup the starting pointer and total t_tasks_sg_linked_no including
3890 * padding SGs for linking and to mark the end.
3891 */
3892 cmd->t_tasks_sg_chained = sg_first;
3893 cmd->t_tasks_sg_chained_no = chained_nents;
3894
3895 pr_debug("Setup cmd: %p cmd->t_tasks_sg_chained: %p and"
3896 " t_tasks_sg_chained_no: %u\n", cmd, cmd->t_tasks_sg_chained,
3897 cmd->t_tasks_sg_chained_no);
3898
3899 for_each_sg(cmd->t_tasks_sg_chained, sg,
3900 cmd->t_tasks_sg_chained_no, i) {
3901
3902 pr_debug("SG[%d]: %p page: %p length: %d offset: %d\n",
3903 i, sg, sg_page(sg), sg->length, sg->offset);
3904 if (sg_is_chain(sg))
3905 pr_debug("SG: %p sg_is_chain=1\n", sg);
3906 if (sg_is_last(sg))
3907 pr_debug("SG: %p sg_is_last=1\n", sg);
3908 }
3909 }
3910 EXPORT_SYMBOL(transport_do_task_sg_chain);
3911
3912 /*
3913 * Break up cmd into chunks transport can handle
3914 */
3915 static int transport_allocate_data_tasks(
3916 struct se_cmd *cmd,
3917 unsigned long long lba,
3918 enum dma_data_direction data_direction,
3919 struct scatterlist *sgl,
3920 unsigned int sgl_nents)
3921 {
3922 struct se_task *task;
3923 struct se_device *dev = cmd->se_dev;
3924 unsigned long flags;
3925 int task_count, i;
3926 sector_t sectors, dev_max_sectors = dev->se_sub_dev->se_dev_attrib.max_sectors;
3927 u32 sector_size = dev->se_sub_dev->se_dev_attrib.block_size;
3928 struct scatterlist *sg;
3929 struct scatterlist *cmd_sg;
3930
3931 WARN_ON(cmd->data_length % sector_size);
3932 sectors = DIV_ROUND_UP(cmd->data_length, sector_size);
3933 task_count = DIV_ROUND_UP_SECTOR_T(sectors, dev_max_sectors);
3934
3935 cmd_sg = sgl;
3936 for (i = 0; i < task_count; i++) {
3937 unsigned int task_size, task_sg_nents_padded;
3938 int count;
3939
3940 task = transport_generic_get_task(cmd, data_direction);
3941 if (!task)
3942 return -ENOMEM;
3943
3944 task->task_lba = lba;
3945 task->task_sectors = min(sectors, dev_max_sectors);
3946 task->task_size = task->task_sectors * sector_size;
3947
3948 /*
3949 * This now assumes that passed sg_ents are in PAGE_SIZE chunks
3950 * in order to calculate the number per task SGL entries
3951 */
3952 task->task_sg_nents = DIV_ROUND_UP(task->task_size, PAGE_SIZE);
3953 /*
3954 * Check if the fabric module driver is requesting that all
3955 * struct se_task->task_sg[] be chained together.. If so,
3956 * then allocate an extra padding SG entry for linking and
3957 * marking the end of the chained SGL for every task except
3958 * the last one for (task_count > 1) operation, or skipping
3959 * the extra padding for the (task_count == 1) case.
3960 */
3961 if (cmd->se_tfo->task_sg_chaining && (i < (task_count - 1))) {
3962 task_sg_nents_padded = (task->task_sg_nents + 1);
3963 } else
3964 task_sg_nents_padded = task->task_sg_nents;
3965
3966 task->task_sg = kmalloc(sizeof(struct scatterlist) *
3967 task_sg_nents_padded, GFP_KERNEL);
3968 if (!task->task_sg) {
3969 cmd->se_dev->transport->free_task(task);
3970 return -ENOMEM;
3971 }
3972
3973 sg_init_table(task->task_sg, task_sg_nents_padded);
3974
3975 task_size = task->task_size;
3976
3977 /* Build new sgl, only up to task_size */
3978 for_each_sg(task->task_sg, sg, task->task_sg_nents, count) {
3979 if (cmd_sg->length > task_size)
3980 break;
3981
3982 *sg = *cmd_sg;
3983 task_size -= cmd_sg->length;
3984 cmd_sg = sg_next(cmd_sg);
3985 }
3986
3987 lba += task->task_sectors;
3988 sectors -= task->task_sectors;
3989
3990 spin_lock_irqsave(&cmd->t_state_lock, flags);
3991 list_add_tail(&task->t_list, &cmd->t_task_list);
3992 spin_unlock_irqrestore(&cmd->t_state_lock, flags);
3993 }
3994
3995 return task_count;
3996 }
3997
3998 static int
3999 transport_allocate_control_task(struct se_cmd *cmd)
4000 {
4001 struct se_task *task;
4002 unsigned long flags;
4003
4004 task = transport_generic_get_task(cmd, cmd->data_direction);
4005 if (!task)
4006 return -ENOMEM;
4007
4008 task->task_sg = kmalloc(sizeof(struct scatterlist) * cmd->t_data_nents,
4009 GFP_KERNEL);
4010 if (!task->task_sg) {
4011 cmd->se_dev->transport->free_task(task);
4012 return -ENOMEM;
4013 }
4014
4015 memcpy(task->task_sg, cmd->t_data_sg,
4016 sizeof(struct scatterlist) * cmd->t_data_nents);
4017 task->task_size = cmd->data_length;
4018 task->task_sg_nents = cmd->t_data_nents;
4019
4020 spin_lock_irqsave(&cmd->t_state_lock, flags);
4021 list_add_tail(&task->t_list, &cmd->t_task_list);
4022 spin_unlock_irqrestore(&cmd->t_state_lock, flags);
4023
4024 /* Success! Return number of tasks allocated */
4025 return 1;
4026 }
4027
4028 static u32 transport_allocate_tasks(
4029 struct se_cmd *cmd,
4030 unsigned long long lba,
4031 enum dma_data_direction data_direction,
4032 struct scatterlist *sgl,
4033 unsigned int sgl_nents)
4034 {
4035 if (cmd->se_cmd_flags & SCF_SCSI_DATA_SG_IO_CDB) {
4036 if (transport_cmd_get_valid_sectors(cmd) < 0)
4037 return -EINVAL;
4038
4039 return transport_allocate_data_tasks(cmd, lba, data_direction,
4040 sgl, sgl_nents);
4041 } else
4042 return transport_allocate_control_task(cmd);
4043
4044 }
4045
4046
4047 /* transport_generic_new_cmd(): Called from transport_processing_thread()
4048 *
4049 * Allocate storage transport resources from a set of values predefined
4050 * by transport_generic_cmd_sequencer() from the iSCSI Target RX process.
4051 * Any non zero return here is treated as an "out of resource' op here.
4052 */
4053 /*
4054 * Generate struct se_task(s) and/or their payloads for this CDB.
4055 */
4056 int transport_generic_new_cmd(struct se_cmd *cmd)
4057 {
4058 int ret = 0;
4059
4060 /*
4061 * Determine is the TCM fabric module has already allocated physical
4062 * memory, and is directly calling transport_generic_map_mem_to_cmd()
4063 * beforehand.
4064 */
4065 if (!(cmd->se_cmd_flags & SCF_PASSTHROUGH_SG_TO_MEM_NOALLOC) &&
4066 cmd->data_length) {
4067 ret = transport_generic_get_mem(cmd);
4068 if (ret < 0)
4069 return ret;
4070 }
4071 /*
4072 * Call transport_new_cmd_obj() to invoke transport_allocate_tasks() for
4073 * control or data CDB types, and perform the map to backend subsystem
4074 * code from SGL memory allocated here by transport_generic_get_mem(), or
4075 * via pre-existing SGL memory setup explictly by fabric module code with
4076 * transport_generic_map_mem_to_cmd().
4077 */
4078 ret = transport_new_cmd_obj(cmd);
4079 if (ret < 0)
4080 return ret;
4081 /*
4082 * For WRITEs, let the fabric know its buffer is ready..
4083 * This WRITE struct se_cmd (and all of its associated struct se_task's)
4084 * will be added to the struct se_device execution queue after its WRITE
4085 * data has arrived. (ie: It gets handled by the transport processing
4086 * thread a second time)
4087 */
4088 if (cmd->data_direction == DMA_TO_DEVICE) {
4089 transport_add_tasks_to_state_queue(cmd);
4090 return transport_generic_write_pending(cmd);
4091 }
4092 /*
4093 * Everything else but a WRITE, add the struct se_cmd's struct se_task's
4094 * to the execution queue.
4095 */
4096 transport_execute_tasks(cmd);
4097 return 0;
4098 }
4099 EXPORT_SYMBOL(transport_generic_new_cmd);
4100
4101 /* transport_generic_process_write():
4102 *
4103 *
4104 */
4105 void transport_generic_process_write(struct se_cmd *cmd)
4106 {
4107 transport_execute_tasks(cmd);
4108 }
4109 EXPORT_SYMBOL(transport_generic_process_write);
4110
4111 static void transport_write_pending_qf(struct se_cmd *cmd)
4112 {
4113 if (cmd->se_tfo->write_pending(cmd) == -EAGAIN) {
4114 pr_debug("Handling write_pending QUEUE__FULL: se_cmd: %p\n",
4115 cmd);
4116 transport_handle_queue_full(cmd, cmd->se_dev);
4117 }
4118 }
4119
4120 static int transport_generic_write_pending(struct se_cmd *cmd)
4121 {
4122 unsigned long flags;
4123 int ret;
4124
4125 spin_lock_irqsave(&cmd->t_state_lock, flags);
4126 cmd->t_state = TRANSPORT_WRITE_PENDING;
4127 spin_unlock_irqrestore(&cmd->t_state_lock, flags);
4128
4129 /*
4130 * Clear the se_cmd for WRITE_PENDING status in order to set
4131 * cmd->t_transport_active=0 so that transport_generic_handle_data
4132 * can be called from HW target mode interrupt code. This is safe
4133 * to be called with transport_off=1 before the cmd->se_tfo->write_pending
4134 * because the se_cmd->se_lun pointer is not being cleared.
4135 */
4136 transport_cmd_check_stop(cmd, 1, 0);
4137
4138 /*
4139 * Call the fabric write_pending function here to let the
4140 * frontend know that WRITE buffers are ready.
4141 */
4142 ret = cmd->se_tfo->write_pending(cmd);
4143 if (ret == -EAGAIN)
4144 goto queue_full;
4145 else if (ret < 0)
4146 return ret;
4147
4148 return PYX_TRANSPORT_WRITE_PENDING;
4149
4150 queue_full:
4151 pr_debug("Handling write_pending QUEUE__FULL: se_cmd: %p\n", cmd);
4152 cmd->t_state = TRANSPORT_COMPLETE_QF_WP;
4153 transport_handle_queue_full(cmd, cmd->se_dev);
4154 return ret;
4155 }
4156
4157 /**
4158 * transport_release_cmd - free a command
4159 * @cmd: command to free
4160 *
4161 * This routine unconditionally frees a command, and reference counting
4162 * or list removal must be done in the caller.
4163 */
4164 void transport_release_cmd(struct se_cmd *cmd)
4165 {
4166 BUG_ON(!cmd->se_tfo);
4167
4168 if (cmd->se_tmr_req)
4169 core_tmr_release_req(cmd->se_tmr_req);
4170 if (cmd->t_task_cdb != cmd->__t_task_cdb)
4171 kfree(cmd->t_task_cdb);
4172 cmd->se_tfo->release_cmd(cmd);
4173 }
4174 EXPORT_SYMBOL(transport_release_cmd);
4175
4176 void transport_generic_free_cmd(struct se_cmd *cmd, int wait_for_tasks)
4177 {
4178 if (!(cmd->se_cmd_flags & SCF_SE_LUN_CMD)) {
4179 if (wait_for_tasks && cmd->se_tmr_req)
4180 transport_wait_for_tasks(cmd);
4181
4182 transport_release_cmd(cmd);
4183 } else {
4184 if (wait_for_tasks)
4185 transport_wait_for_tasks(cmd);
4186
4187 core_dec_lacl_count(cmd->se_sess->se_node_acl, cmd);
4188
4189 if (cmd->se_lun)
4190 transport_lun_remove_cmd(cmd);
4191
4192 transport_free_dev_tasks(cmd);
4193
4194 transport_put_cmd(cmd);
4195 }
4196 }
4197 EXPORT_SYMBOL(transport_generic_free_cmd);
4198
4199 /* transport_lun_wait_for_tasks():
4200 *
4201 * Called from ConfigFS context to stop the passed struct se_cmd to allow
4202 * an struct se_lun to be successfully shutdown.
4203 */
4204 static int transport_lun_wait_for_tasks(struct se_cmd *cmd, struct se_lun *lun)
4205 {
4206 unsigned long flags;
4207 int ret;
4208 /*
4209 * If the frontend has already requested this struct se_cmd to
4210 * be stopped, we can safely ignore this struct se_cmd.
4211 */
4212 spin_lock_irqsave(&cmd->t_state_lock, flags);
4213 if (atomic_read(&cmd->t_transport_stop)) {
4214 atomic_set(&cmd->transport_lun_stop, 0);
4215 pr_debug("ConfigFS ITT[0x%08x] - t_transport_stop =="
4216 " TRUE, skipping\n", cmd->se_tfo->get_task_tag(cmd));
4217 spin_unlock_irqrestore(&cmd->t_state_lock, flags);
4218 transport_cmd_check_stop(cmd, 1, 0);
4219 return -EPERM;
4220 }
4221 atomic_set(&cmd->transport_lun_fe_stop, 1);
4222 spin_unlock_irqrestore(&cmd->t_state_lock, flags);
4223
4224 wake_up_interruptible(&cmd->se_dev->dev_queue_obj.thread_wq);
4225
4226 ret = transport_stop_tasks_for_cmd(cmd);
4227
4228 pr_debug("ConfigFS: cmd: %p t_tasks: %d stop tasks ret:"
4229 " %d\n", cmd, cmd->t_task_list_num, ret);
4230 if (!ret) {
4231 pr_debug("ConfigFS: ITT[0x%08x] - stopping cmd....\n",
4232 cmd->se_tfo->get_task_tag(cmd));
4233 wait_for_completion(&cmd->transport_lun_stop_comp);
4234 pr_debug("ConfigFS: ITT[0x%08x] - stopped cmd....\n",
4235 cmd->se_tfo->get_task_tag(cmd));
4236 }
4237 transport_remove_cmd_from_queue(cmd);
4238
4239 return 0;
4240 }
4241
4242 static void __transport_clear_lun_from_sessions(struct se_lun *lun)
4243 {
4244 struct se_cmd *cmd = NULL;
4245 unsigned long lun_flags, cmd_flags;
4246 /*
4247 * Do exception processing and return CHECK_CONDITION status to the
4248 * Initiator Port.
4249 */
4250 spin_lock_irqsave(&lun->lun_cmd_lock, lun_flags);
4251 while (!list_empty(&lun->lun_cmd_list)) {
4252 cmd = list_first_entry(&lun->lun_cmd_list,
4253 struct se_cmd, se_lun_node);
4254 list_del(&cmd->se_lun_node);
4255
4256 atomic_set(&cmd->transport_lun_active, 0);
4257 /*
4258 * This will notify iscsi_target_transport.c:
4259 * transport_cmd_check_stop() that a LUN shutdown is in
4260 * progress for the iscsi_cmd_t.
4261 */
4262 spin_lock(&cmd->t_state_lock);
4263 pr_debug("SE_LUN[%d] - Setting cmd->transport"
4264 "_lun_stop for ITT: 0x%08x\n",
4265 cmd->se_lun->unpacked_lun,
4266 cmd->se_tfo->get_task_tag(cmd));
4267 atomic_set(&cmd->transport_lun_stop, 1);
4268 spin_unlock(&cmd->t_state_lock);
4269
4270 spin_unlock_irqrestore(&lun->lun_cmd_lock, lun_flags);
4271
4272 if (!cmd->se_lun) {
4273 pr_err("ITT: 0x%08x, [i,t]_state: %u/%u\n",
4274 cmd->se_tfo->get_task_tag(cmd),
4275 cmd->se_tfo->get_cmd_state(cmd), cmd->t_state);
4276 BUG();
4277 }
4278 /*
4279 * If the Storage engine still owns the iscsi_cmd_t, determine
4280 * and/or stop its context.
4281 */
4282 pr_debug("SE_LUN[%d] - ITT: 0x%08x before transport"
4283 "_lun_wait_for_tasks()\n", cmd->se_lun->unpacked_lun,
4284 cmd->se_tfo->get_task_tag(cmd));
4285
4286 if (transport_lun_wait_for_tasks(cmd, cmd->se_lun) < 0) {
4287 spin_lock_irqsave(&lun->lun_cmd_lock, lun_flags);
4288 continue;
4289 }
4290
4291 pr_debug("SE_LUN[%d] - ITT: 0x%08x after transport_lun"
4292 "_wait_for_tasks(): SUCCESS\n",
4293 cmd->se_lun->unpacked_lun,
4294 cmd->se_tfo->get_task_tag(cmd));
4295
4296 spin_lock_irqsave(&cmd->t_state_lock, cmd_flags);
4297 if (!atomic_read(&cmd->transport_dev_active)) {
4298 spin_unlock_irqrestore(&cmd->t_state_lock, cmd_flags);
4299 goto check_cond;
4300 }
4301 atomic_set(&cmd->transport_dev_active, 0);
4302 transport_all_task_dev_remove_state(cmd);
4303 spin_unlock_irqrestore(&cmd->t_state_lock, cmd_flags);
4304
4305 transport_free_dev_tasks(cmd);
4306 /*
4307 * The Storage engine stopped this struct se_cmd before it was
4308 * send to the fabric frontend for delivery back to the
4309 * Initiator Node. Return this SCSI CDB back with an
4310 * CHECK_CONDITION status.
4311 */
4312 check_cond:
4313 transport_send_check_condition_and_sense(cmd,
4314 TCM_NON_EXISTENT_LUN, 0);
4315 /*
4316 * If the fabric frontend is waiting for this iscsi_cmd_t to
4317 * be released, notify the waiting thread now that LU has
4318 * finished accessing it.
4319 */
4320 spin_lock_irqsave(&cmd->t_state_lock, cmd_flags);
4321 if (atomic_read(&cmd->transport_lun_fe_stop)) {
4322 pr_debug("SE_LUN[%d] - Detected FE stop for"
4323 " struct se_cmd: %p ITT: 0x%08x\n",
4324 lun->unpacked_lun,
4325 cmd, cmd->se_tfo->get_task_tag(cmd));
4326
4327 spin_unlock_irqrestore(&cmd->t_state_lock,
4328 cmd_flags);
4329 transport_cmd_check_stop(cmd, 1, 0);
4330 complete(&cmd->transport_lun_fe_stop_comp);
4331 spin_lock_irqsave(&lun->lun_cmd_lock, lun_flags);
4332 continue;
4333 }
4334 pr_debug("SE_LUN[%d] - ITT: 0x%08x finished processing\n",
4335 lun->unpacked_lun, cmd->se_tfo->get_task_tag(cmd));
4336
4337 spin_unlock_irqrestore(&cmd->t_state_lock, cmd_flags);
4338 spin_lock_irqsave(&lun->lun_cmd_lock, lun_flags);
4339 }
4340 spin_unlock_irqrestore(&lun->lun_cmd_lock, lun_flags);
4341 }
4342
4343 static int transport_clear_lun_thread(void *p)
4344 {
4345 struct se_lun *lun = (struct se_lun *)p;
4346
4347 __transport_clear_lun_from_sessions(lun);
4348 complete(&lun->lun_shutdown_comp);
4349
4350 return 0;
4351 }
4352
4353 int transport_clear_lun_from_sessions(struct se_lun *lun)
4354 {
4355 struct task_struct *kt;
4356
4357 kt = kthread_run(transport_clear_lun_thread, lun,
4358 "tcm_cl_%u", lun->unpacked_lun);
4359 if (IS_ERR(kt)) {
4360 pr_err("Unable to start clear_lun thread\n");
4361 return PTR_ERR(kt);
4362 }
4363 wait_for_completion(&lun->lun_shutdown_comp);
4364
4365 return 0;
4366 }
4367
4368 /**
4369 * transport_wait_for_tasks - wait for completion to occur
4370 * @cmd: command to wait
4371 *
4372 * Called from frontend fabric context to wait for storage engine
4373 * to pause and/or release frontend generated struct se_cmd.
4374 */
4375 void transport_wait_for_tasks(struct se_cmd *cmd)
4376 {
4377 unsigned long flags;
4378
4379 spin_lock_irqsave(&cmd->t_state_lock, flags);
4380 if (!(cmd->se_cmd_flags & SCF_SE_LUN_CMD) && !(cmd->se_tmr_req)) {
4381 spin_unlock_irqrestore(&cmd->t_state_lock, flags);
4382 return;
4383 }
4384 /*
4385 * Only perform a possible wait_for_tasks if SCF_SUPPORTED_SAM_OPCODE
4386 * has been set in transport_set_supported_SAM_opcode().
4387 */
4388 if (!(cmd->se_cmd_flags & SCF_SUPPORTED_SAM_OPCODE) && !cmd->se_tmr_req) {
4389 spin_unlock_irqrestore(&cmd->t_state_lock, flags);
4390 return;
4391 }
4392 /*
4393 * If we are already stopped due to an external event (ie: LUN shutdown)
4394 * sleep until the connection can have the passed struct se_cmd back.
4395 * The cmd->transport_lun_stopped_sem will be upped by
4396 * transport_clear_lun_from_sessions() once the ConfigFS context caller
4397 * has completed its operation on the struct se_cmd.
4398 */
4399 if (atomic_read(&cmd->transport_lun_stop)) {
4400
4401 pr_debug("wait_for_tasks: Stopping"
4402 " wait_for_completion(&cmd->t_tasktransport_lun_fe"
4403 "_stop_comp); for ITT: 0x%08x\n",
4404 cmd->se_tfo->get_task_tag(cmd));
4405 /*
4406 * There is a special case for WRITES where a FE exception +
4407 * LUN shutdown means ConfigFS context is still sleeping on
4408 * transport_lun_stop_comp in transport_lun_wait_for_tasks().
4409 * We go ahead and up transport_lun_stop_comp just to be sure
4410 * here.
4411 */
4412 spin_unlock_irqrestore(&cmd->t_state_lock, flags);
4413 complete(&cmd->transport_lun_stop_comp);
4414 wait_for_completion(&cmd->transport_lun_fe_stop_comp);
4415 spin_lock_irqsave(&cmd->t_state_lock, flags);
4416
4417 transport_all_task_dev_remove_state(cmd);
4418 /*
4419 * At this point, the frontend who was the originator of this
4420 * struct se_cmd, now owns the structure and can be released through
4421 * normal means below.
4422 */
4423 pr_debug("wait_for_tasks: Stopped"
4424 " wait_for_completion(&cmd->t_tasktransport_lun_fe_"
4425 "stop_comp); for ITT: 0x%08x\n",
4426 cmd->se_tfo->get_task_tag(cmd));
4427
4428 atomic_set(&cmd->transport_lun_stop, 0);
4429 }
4430 if (!atomic_read(&cmd->t_transport_active) ||
4431 atomic_read(&cmd->t_transport_aborted)) {
4432 spin_unlock_irqrestore(&cmd->t_state_lock, flags);
4433 return;
4434 }
4435
4436 atomic_set(&cmd->t_transport_stop, 1);
4437
4438 pr_debug("wait_for_tasks: Stopping %p ITT: 0x%08x"
4439 " i_state: %d, t_state/def_t_state: %d/%d, t_transport_stop"
4440 " = TRUE\n", cmd, cmd->se_tfo->get_task_tag(cmd),
4441 cmd->se_tfo->get_cmd_state(cmd), cmd->t_state,
4442 cmd->deferred_t_state);
4443
4444 spin_unlock_irqrestore(&cmd->t_state_lock, flags);
4445
4446 wake_up_interruptible(&cmd->se_dev->dev_queue_obj.thread_wq);
4447
4448 wait_for_completion(&cmd->t_transport_stop_comp);
4449
4450 spin_lock_irqsave(&cmd->t_state_lock, flags);
4451 atomic_set(&cmd->t_transport_active, 0);
4452 atomic_set(&cmd->t_transport_stop, 0);
4453
4454 pr_debug("wait_for_tasks: Stopped wait_for_compltion("
4455 "&cmd->t_transport_stop_comp) for ITT: 0x%08x\n",
4456 cmd->se_tfo->get_task_tag(cmd));
4457
4458 spin_unlock_irqrestore(&cmd->t_state_lock, flags);
4459 }
4460 EXPORT_SYMBOL(transport_wait_for_tasks);
4461
4462 static int transport_get_sense_codes(
4463 struct se_cmd *cmd,
4464 u8 *asc,
4465 u8 *ascq)
4466 {
4467 *asc = cmd->scsi_asc;
4468 *ascq = cmd->scsi_ascq;
4469
4470 return 0;
4471 }
4472
4473 static int transport_set_sense_codes(
4474 struct se_cmd *cmd,
4475 u8 asc,
4476 u8 ascq)
4477 {
4478 cmd->scsi_asc = asc;
4479 cmd->scsi_ascq = ascq;
4480
4481 return 0;
4482 }
4483
4484 int transport_send_check_condition_and_sense(
4485 struct se_cmd *cmd,
4486 u8 reason,
4487 int from_transport)
4488 {
4489 unsigned char *buffer = cmd->sense_buffer;
4490 unsigned long flags;
4491 int offset;
4492 u8 asc = 0, ascq = 0;
4493
4494 spin_lock_irqsave(&cmd->t_state_lock, flags);
4495 if (cmd->se_cmd_flags & SCF_SENT_CHECK_CONDITION) {
4496 spin_unlock_irqrestore(&cmd->t_state_lock, flags);
4497 return 0;
4498 }
4499 cmd->se_cmd_flags |= SCF_SENT_CHECK_CONDITION;
4500 spin_unlock_irqrestore(&cmd->t_state_lock, flags);
4501
4502 if (!reason && from_transport)
4503 goto after_reason;
4504
4505 if (!from_transport)
4506 cmd->se_cmd_flags |= SCF_EMULATED_TASK_SENSE;
4507 /*
4508 * Data Segment and SenseLength of the fabric response PDU.
4509 *
4510 * TRANSPORT_SENSE_BUFFER is now set to SCSI_SENSE_BUFFERSIZE
4511 * from include/scsi/scsi_cmnd.h
4512 */
4513 offset = cmd->se_tfo->set_fabric_sense_len(cmd,
4514 TRANSPORT_SENSE_BUFFER);
4515 /*
4516 * Actual SENSE DATA, see SPC-3 7.23.2 SPC_SENSE_KEY_OFFSET uses
4517 * SENSE KEY values from include/scsi/scsi.h
4518 */
4519 switch (reason) {
4520 case TCM_NON_EXISTENT_LUN:
4521 /* CURRENT ERROR */
4522 buffer[offset] = 0x70;
4523 /* ILLEGAL REQUEST */
4524 buffer[offset+SPC_SENSE_KEY_OFFSET] = ILLEGAL_REQUEST;
4525 /* LOGICAL UNIT NOT SUPPORTED */
4526 buffer[offset+SPC_ASC_KEY_OFFSET] = 0x25;
4527 break;
4528 case TCM_UNSUPPORTED_SCSI_OPCODE:
4529 case TCM_SECTOR_COUNT_TOO_MANY:
4530 /* CURRENT ERROR */
4531 buffer[offset] = 0x70;
4532 /* ILLEGAL REQUEST */
4533 buffer[offset+SPC_SENSE_KEY_OFFSET] = ILLEGAL_REQUEST;
4534 /* INVALID COMMAND OPERATION CODE */
4535 buffer[offset+SPC_ASC_KEY_OFFSET] = 0x20;
4536 break;
4537 case TCM_UNKNOWN_MODE_PAGE:
4538 /* CURRENT ERROR */
4539 buffer[offset] = 0x70;
4540 /* ILLEGAL REQUEST */
4541 buffer[offset+SPC_SENSE_KEY_OFFSET] = ILLEGAL_REQUEST;
4542 /* INVALID FIELD IN CDB */
4543 buffer[offset+SPC_ASC_KEY_OFFSET] = 0x24;
4544 break;
4545 case TCM_CHECK_CONDITION_ABORT_CMD:
4546 /* CURRENT ERROR */
4547 buffer[offset] = 0x70;
4548 /* ABORTED COMMAND */
4549 buffer[offset+SPC_SENSE_KEY_OFFSET] = ABORTED_COMMAND;
4550 /* BUS DEVICE RESET FUNCTION OCCURRED */
4551 buffer[offset+SPC_ASC_KEY_OFFSET] = 0x29;
4552 buffer[offset+SPC_ASCQ_KEY_OFFSET] = 0x03;
4553 break;
4554 case TCM_INCORRECT_AMOUNT_OF_DATA:
4555 /* CURRENT ERROR */
4556 buffer[offset] = 0x70;
4557 /* ABORTED COMMAND */
4558 buffer[offset+SPC_SENSE_KEY_OFFSET] = ABORTED_COMMAND;
4559 /* WRITE ERROR */
4560 buffer[offset+SPC_ASC_KEY_OFFSET] = 0x0c;
4561 /* NOT ENOUGH UNSOLICITED DATA */
4562 buffer[offset+SPC_ASCQ_KEY_OFFSET] = 0x0d;
4563 break;
4564 case TCM_INVALID_CDB_FIELD:
4565 /* CURRENT ERROR */
4566 buffer[offset] = 0x70;
4567 /* ABORTED COMMAND */
4568 buffer[offset+SPC_SENSE_KEY_OFFSET] = ABORTED_COMMAND;
4569 /* INVALID FIELD IN CDB */
4570 buffer[offset+SPC_ASC_KEY_OFFSET] = 0x24;
4571 break;
4572 case TCM_INVALID_PARAMETER_LIST:
4573 /* CURRENT ERROR */
4574 buffer[offset] = 0x70;
4575 /* ABORTED COMMAND */
4576 buffer[offset+SPC_SENSE_KEY_OFFSET] = ABORTED_COMMAND;
4577 /* INVALID FIELD IN PARAMETER LIST */
4578 buffer[offset+SPC_ASC_KEY_OFFSET] = 0x26;
4579 break;
4580 case TCM_UNEXPECTED_UNSOLICITED_DATA:
4581 /* CURRENT ERROR */
4582 buffer[offset] = 0x70;
4583 /* ABORTED COMMAND */
4584 buffer[offset+SPC_SENSE_KEY_OFFSET] = ABORTED_COMMAND;
4585 /* WRITE ERROR */
4586 buffer[offset+SPC_ASC_KEY_OFFSET] = 0x0c;
4587 /* UNEXPECTED_UNSOLICITED_DATA */
4588 buffer[offset+SPC_ASCQ_KEY_OFFSET] = 0x0c;
4589 break;
4590 case TCM_SERVICE_CRC_ERROR:
4591 /* CURRENT ERROR */
4592 buffer[offset] = 0x70;
4593 /* ABORTED COMMAND */
4594 buffer[offset+SPC_SENSE_KEY_OFFSET] = ABORTED_COMMAND;
4595 /* PROTOCOL SERVICE CRC ERROR */
4596 buffer[offset+SPC_ASC_KEY_OFFSET] = 0x47;
4597 /* N/A */
4598 buffer[offset+SPC_ASCQ_KEY_OFFSET] = 0x05;
4599 break;
4600 case TCM_SNACK_REJECTED:
4601 /* CURRENT ERROR */
4602 buffer[offset] = 0x70;
4603 /* ABORTED COMMAND */
4604 buffer[offset+SPC_SENSE_KEY_OFFSET] = ABORTED_COMMAND;
4605 /* READ ERROR */
4606 buffer[offset+SPC_ASC_KEY_OFFSET] = 0x11;
4607 /* FAILED RETRANSMISSION REQUEST */
4608 buffer[offset+SPC_ASCQ_KEY_OFFSET] = 0x13;
4609 break;
4610 case TCM_WRITE_PROTECTED:
4611 /* CURRENT ERROR */
4612 buffer[offset] = 0x70;
4613 /* DATA PROTECT */
4614 buffer[offset+SPC_SENSE_KEY_OFFSET] = DATA_PROTECT;
4615 /* WRITE PROTECTED */
4616 buffer[offset+SPC_ASC_KEY_OFFSET] = 0x27;
4617 break;
4618 case TCM_CHECK_CONDITION_UNIT_ATTENTION:
4619 /* CURRENT ERROR */
4620 buffer[offset] = 0x70;
4621 /* UNIT ATTENTION */
4622 buffer[offset+SPC_SENSE_KEY_OFFSET] = UNIT_ATTENTION;
4623 core_scsi3_ua_for_check_condition(cmd, &asc, &ascq);
4624 buffer[offset+SPC_ASC_KEY_OFFSET] = asc;
4625 buffer[offset+SPC_ASCQ_KEY_OFFSET] = ascq;
4626 break;
4627 case TCM_CHECK_CONDITION_NOT_READY:
4628 /* CURRENT ERROR */
4629 buffer[offset] = 0x70;
4630 /* Not Ready */
4631 buffer[offset+SPC_SENSE_KEY_OFFSET] = NOT_READY;
4632 transport_get_sense_codes(cmd, &asc, &ascq);
4633 buffer[offset+SPC_ASC_KEY_OFFSET] = asc;
4634 buffer[offset+SPC_ASCQ_KEY_OFFSET] = ascq;
4635 break;
4636 case TCM_LOGICAL_UNIT_COMMUNICATION_FAILURE:
4637 default:
4638 /* CURRENT ERROR */
4639 buffer[offset] = 0x70;
4640 /* ILLEGAL REQUEST */
4641 buffer[offset+SPC_SENSE_KEY_OFFSET] = ILLEGAL_REQUEST;
4642 /* LOGICAL UNIT COMMUNICATION FAILURE */
4643 buffer[offset+SPC_ASC_KEY_OFFSET] = 0x80;
4644 break;
4645 }
4646 /*
4647 * This code uses linux/include/scsi/scsi.h SAM status codes!
4648 */
4649 cmd->scsi_status = SAM_STAT_CHECK_CONDITION;
4650 /*
4651 * Automatically padded, this value is encoded in the fabric's
4652 * data_length response PDU containing the SCSI defined sense data.
4653 */
4654 cmd->scsi_sense_length = TRANSPORT_SENSE_BUFFER + offset;
4655
4656 after_reason:
4657 return cmd->se_tfo->queue_status(cmd);
4658 }
4659 EXPORT_SYMBOL(transport_send_check_condition_and_sense);
4660
4661 int transport_check_aborted_status(struct se_cmd *cmd, int send_status)
4662 {
4663 int ret = 0;
4664
4665 if (atomic_read(&cmd->t_transport_aborted) != 0) {
4666 if (!send_status ||
4667 (cmd->se_cmd_flags & SCF_SENT_DELAYED_TAS))
4668 return 1;
4669 #if 0
4670 pr_debug("Sending delayed SAM_STAT_TASK_ABORTED"
4671 " status for CDB: 0x%02x ITT: 0x%08x\n",
4672 cmd->t_task_cdb[0],
4673 cmd->se_tfo->get_task_tag(cmd));
4674 #endif
4675 cmd->se_cmd_flags |= SCF_SENT_DELAYED_TAS;
4676 cmd->se_tfo->queue_status(cmd);
4677 ret = 1;
4678 }
4679 return ret;
4680 }
4681 EXPORT_SYMBOL(transport_check_aborted_status);
4682
4683 void transport_send_task_abort(struct se_cmd *cmd)
4684 {
4685 unsigned long flags;
4686
4687 spin_lock_irqsave(&cmd->t_state_lock, flags);
4688 if (cmd->se_cmd_flags & SCF_SENT_CHECK_CONDITION) {
4689 spin_unlock_irqrestore(&cmd->t_state_lock, flags);
4690 return;
4691 }
4692 spin_unlock_irqrestore(&cmd->t_state_lock, flags);
4693
4694 /*
4695 * If there are still expected incoming fabric WRITEs, we wait
4696 * until until they have completed before sending a TASK_ABORTED
4697 * response. This response with TASK_ABORTED status will be
4698 * queued back to fabric module by transport_check_aborted_status().
4699 */
4700 if (cmd->data_direction == DMA_TO_DEVICE) {
4701 if (cmd->se_tfo->write_pending_status(cmd) != 0) {
4702 atomic_inc(&cmd->t_transport_aborted);
4703 smp_mb__after_atomic_inc();
4704 cmd->scsi_status = SAM_STAT_TASK_ABORTED;
4705 transport_new_cmd_failure(cmd);
4706 return;
4707 }
4708 }
4709 cmd->scsi_status = SAM_STAT_TASK_ABORTED;
4710 #if 0
4711 pr_debug("Setting SAM_STAT_TASK_ABORTED status for CDB: 0x%02x,"
4712 " ITT: 0x%08x\n", cmd->t_task_cdb[0],
4713 cmd->se_tfo->get_task_tag(cmd));
4714 #endif
4715 cmd->se_tfo->queue_status(cmd);
4716 }
4717
4718 /* transport_generic_do_tmr():
4719 *
4720 *
4721 */
4722 int transport_generic_do_tmr(struct se_cmd *cmd)
4723 {
4724 struct se_device *dev = cmd->se_dev;
4725 struct se_tmr_req *tmr = cmd->se_tmr_req;
4726 int ret;
4727
4728 switch (tmr->function) {
4729 case TMR_ABORT_TASK:
4730 tmr->response = TMR_FUNCTION_REJECTED;
4731 break;
4732 case TMR_ABORT_TASK_SET:
4733 case TMR_CLEAR_ACA:
4734 case TMR_CLEAR_TASK_SET:
4735 tmr->response = TMR_TASK_MGMT_FUNCTION_NOT_SUPPORTED;
4736 break;
4737 case TMR_LUN_RESET:
4738 ret = core_tmr_lun_reset(dev, tmr, NULL, NULL);
4739 tmr->response = (!ret) ? TMR_FUNCTION_COMPLETE :
4740 TMR_FUNCTION_REJECTED;
4741 break;
4742 case TMR_TARGET_WARM_RESET:
4743 tmr->response = TMR_FUNCTION_REJECTED;
4744 break;
4745 case TMR_TARGET_COLD_RESET:
4746 tmr->response = TMR_FUNCTION_REJECTED;
4747 break;
4748 default:
4749 pr_err("Uknown TMR function: 0x%02x.\n",
4750 tmr->function);
4751 tmr->response = TMR_FUNCTION_REJECTED;
4752 break;
4753 }
4754
4755 cmd->t_state = TRANSPORT_ISTATE_PROCESSING;
4756 cmd->se_tfo->queue_tm_rsp(cmd);
4757
4758 transport_cmd_check_stop_to_fabric(cmd);
4759 return 0;
4760 }
4761
4762 /* transport_processing_thread():
4763 *
4764 *
4765 */
4766 static int transport_processing_thread(void *param)
4767 {
4768 int ret;
4769 struct se_cmd *cmd;
4770 struct se_device *dev = (struct se_device *) param;
4771
4772 set_user_nice(current, -20);
4773
4774 while (!kthread_should_stop()) {
4775 ret = wait_event_interruptible(dev->dev_queue_obj.thread_wq,
4776 atomic_read(&dev->dev_queue_obj.queue_cnt) ||
4777 kthread_should_stop());
4778 if (ret < 0)
4779 goto out;
4780
4781 get_cmd:
4782 __transport_execute_tasks(dev);
4783
4784 cmd = transport_get_cmd_from_queue(&dev->dev_queue_obj);
4785 if (!cmd)
4786 continue;
4787
4788 switch (cmd->t_state) {
4789 case TRANSPORT_NEW_CMD:
4790 BUG();
4791 break;
4792 case TRANSPORT_NEW_CMD_MAP:
4793 if (!cmd->se_tfo->new_cmd_map) {
4794 pr_err("cmd->se_tfo->new_cmd_map is"
4795 " NULL for TRANSPORT_NEW_CMD_MAP\n");
4796 BUG();
4797 }
4798 ret = cmd->se_tfo->new_cmd_map(cmd);
4799 if (ret < 0) {
4800 cmd->transport_error_status = ret;
4801 transport_generic_request_failure(cmd, NULL,
4802 0, (cmd->data_direction !=
4803 DMA_TO_DEVICE));
4804 break;
4805 }
4806 ret = transport_generic_new_cmd(cmd);
4807 if (ret == -EAGAIN)
4808 break;
4809 else if (ret < 0) {
4810 cmd->transport_error_status = ret;
4811 transport_generic_request_failure(cmd, NULL,
4812 0, (cmd->data_direction !=
4813 DMA_TO_DEVICE));
4814 }
4815 break;
4816 case TRANSPORT_PROCESS_WRITE:
4817 transport_generic_process_write(cmd);
4818 break;
4819 case TRANSPORT_COMPLETE_OK:
4820 transport_stop_all_task_timers(cmd);
4821 transport_generic_complete_ok(cmd);
4822 break;
4823 case TRANSPORT_REMOVE:
4824 transport_put_cmd(cmd);
4825 break;
4826 case TRANSPORT_FREE_CMD_INTR:
4827 transport_generic_free_cmd(cmd, 0);
4828 break;
4829 case TRANSPORT_PROCESS_TMR:
4830 transport_generic_do_tmr(cmd);
4831 break;
4832 case TRANSPORT_COMPLETE_FAILURE:
4833 transport_generic_request_failure(cmd, NULL, 1, 1);
4834 break;
4835 case TRANSPORT_COMPLETE_TIMEOUT:
4836 transport_stop_all_task_timers(cmd);
4837 transport_generic_request_timeout(cmd);
4838 break;
4839 case TRANSPORT_COMPLETE_QF_WP:
4840 transport_write_pending_qf(cmd);
4841 break;
4842 case TRANSPORT_COMPLETE_QF_OK:
4843 transport_complete_qf(cmd);
4844 break;
4845 default:
4846 pr_err("Unknown t_state: %d deferred_t_state:"
4847 " %d for ITT: 0x%08x i_state: %d on SE LUN:"
4848 " %u\n", cmd->t_state, cmd->deferred_t_state,
4849 cmd->se_tfo->get_task_tag(cmd),
4850 cmd->se_tfo->get_cmd_state(cmd),
4851 cmd->se_lun->unpacked_lun);
4852 BUG();
4853 }
4854
4855 goto get_cmd;
4856 }
4857
4858 out:
4859 WARN_ON(!list_empty(&dev->state_task_list));
4860 WARN_ON(!list_empty(&dev->dev_queue_obj.qobj_list));
4861 dev->process_thread = NULL;
4862 return 0;
4863 }
Linux kernel - Deliverables
This page took 0.134727 seconds and 5 git commands to generate.