1 // SPDX-License-Identifier: GPL-2.0-or-later
2 /*
3 * vvvvvvvvvvvvvvvvvvvvvvv Original vvvvvvvvvvvvvvvvvvvvvvvvvvvvvvv
4 * Copyright (C) 1992 Eric Youngdale
5 * Simulate a host adapter with 2 disks attached. Do a lot of checking
6 * to make sure that we are not getting blocks mixed up, and PANIC if
7 * anything out of the ordinary is seen.
8 * ^^^^^^^^^^^^^^^^^^^^^^^ Original ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
9 *
10 * Copyright (C) 2001 - 2021 Douglas Gilbert
11 *
12 * For documentation see http://sg.danny.cz/sg/scsi_debug.html
13 */
14
15
16 #define pr_fmt(fmt) KBUILD_MODNAME ":%s: " fmt, __func__
17
18 #include <linux/module.h>
19 #include <linux/align.h>
20 #include <linux/kernel.h>
21 #include <linux/errno.h>
22 #include <linux/jiffies.h>
23 #include <linux/slab.h>
24 #include <linux/types.h>
25 #include <linux/string.h>
26 #include <linux/fs.h>
27 #include <linux/init.h>
28 #include <linux/proc_fs.h>
29 #include <linux/vmalloc.h>
30 #include <linux/moduleparam.h>
31 #include <linux/scatterlist.h>
32 #include <linux/blkdev.h>
33 #include <linux/crc-t10dif.h>
34 #include <linux/spinlock.h>
35 #include <linux/interrupt.h>
36 #include <linux/atomic.h>
37 #include <linux/hrtimer.h>
38 #include <linux/uuid.h>
39 #include <linux/t10-pi.h>
40 #include <linux/msdos_partition.h>
41 #include <linux/random.h>
42 #include <linux/xarray.h>
43 #include <linux/prefetch.h>
44
45 #include <net/checksum.h>
46
47 #include <asm/unaligned.h>
48
49 #include <scsi/scsi.h>
50 #include <scsi/scsi_cmnd.h>
51 #include <scsi/scsi_device.h>
52 #include <scsi/scsi_host.h>
53 #include <scsi/scsicam.h>
54 #include <scsi/scsi_eh.h>
55 #include <scsi/scsi_tcq.h>
56 #include <scsi/scsi_dbg.h>
57
58 #include "sd.h"
59 #include "scsi_logging.h"
60
61 /* make sure inq_product_rev string corresponds to this version */
62 #define SDEBUG_VERSION "0191" /* format to fit INQUIRY revision field */
63 static const char *sdebug_version_date = "20210520";
64
65 #define MY_NAME "scsi_debug"
66
67 /* Additional Sense Code (ASC) */
68 #define NO_ADDITIONAL_SENSE 0x0
69 #define LOGICAL_UNIT_NOT_READY 0x4
70 #define LOGICAL_UNIT_COMMUNICATION_FAILURE 0x8
71 #define UNRECOVERED_READ_ERR 0x11
72 #define PARAMETER_LIST_LENGTH_ERR 0x1a
73 #define INVALID_OPCODE 0x20
74 #define LBA_OUT_OF_RANGE 0x21
75 #define INVALID_FIELD_IN_CDB 0x24
76 #define INVALID_FIELD_IN_PARAM_LIST 0x26
77 #define WRITE_PROTECTED 0x27
78 #define UA_RESET_ASC 0x29
79 #define UA_CHANGED_ASC 0x2a
80 #define TARGET_CHANGED_ASC 0x3f
81 #define LUNS_CHANGED_ASCQ 0x0e
82 #define INSUFF_RES_ASC 0x55
83 #define INSUFF_RES_ASCQ 0x3
84 #define POWER_ON_RESET_ASCQ 0x0
85 #define POWER_ON_OCCURRED_ASCQ 0x1
86 #define BUS_RESET_ASCQ 0x2 /* scsi bus reset occurred */
87 #define MODE_CHANGED_ASCQ 0x1 /* mode parameters changed */
88 #define CAPACITY_CHANGED_ASCQ 0x9
89 #define SAVING_PARAMS_UNSUP 0x39
90 #define TRANSPORT_PROBLEM 0x4b
91 #define THRESHOLD_EXCEEDED 0x5d
92 #define LOW_POWER_COND_ON 0x5e
93 #define MISCOMPARE_VERIFY_ASC 0x1d
94 #define MICROCODE_CHANGED_ASCQ 0x1 /* with TARGET_CHANGED_ASC */
95 #define MICROCODE_CHANGED_WO_RESET_ASCQ 0x16
96 #define WRITE_ERROR_ASC 0xc
97 #define UNALIGNED_WRITE_ASCQ 0x4
98 #define WRITE_BOUNDARY_ASCQ 0x5
99 #define READ_INVDATA_ASCQ 0x6
100 #define READ_BOUNDARY_ASCQ 0x7
101 #define ATTEMPT_ACCESS_GAP 0x9
102 #define INSUFF_ZONE_ASCQ 0xe
103
104 /* Additional Sense Code Qualifier (ASCQ) */
105 #define ACK_NAK_TO 0x3
106
107 /* Default values for driver parameters */
108 #define DEF_NUM_HOST 1
109 #define DEF_NUM_TGTS 1
110 #define DEF_MAX_LUNS 1
111 /* With these defaults, this driver will make 1 host with 1 target
112 * (id 0) containing 1 logical unit (lun 0). That is 1 device.
113 */
114 #define DEF_ATO 1
115 #define DEF_CDB_LEN 10
116 #define DEF_JDELAY 1 /* if > 0 unit is a jiffy */
117 #define DEF_DEV_SIZE_PRE_INIT 0
118 #define DEF_DEV_SIZE_MB 8
119 #define DEF_ZBC_DEV_SIZE_MB 128
120 #define DEF_DIF 0
121 #define DEF_DIX 0
122 #define DEF_PER_HOST_STORE false
123 #define DEF_D_SENSE 0
124 #define DEF_EVERY_NTH 0
125 #define DEF_FAKE_RW 0
126 #define DEF_GUARD 0
127 #define DEF_HOST_LOCK 0
128 #define DEF_LBPU 0
129 #define DEF_LBPWS 0
130 #define DEF_LBPWS10 0
131 #define DEF_LBPRZ 1
132 #define DEF_LOWEST_ALIGNED 0
133 #define DEF_NDELAY 0 /* if > 0 unit is a nanosecond */
134 #define DEF_NO_LUN_0 0
135 #define DEF_NUM_PARTS 0
136 #define DEF_OPTS 0
137 #define DEF_OPT_BLKS 1024
138 #define DEF_PHYSBLK_EXP 0
139 #define DEF_OPT_XFERLEN_EXP 0
140 #define DEF_PTYPE TYPE_DISK
141 #define DEF_RANDOM false
142 #define DEF_REMOVABLE false
143 #define DEF_SCSI_LEVEL 7 /* INQUIRY, byte2 [6->SPC-4; 7->SPC-5] */
144 #define DEF_SECTOR_SIZE 512
145 #define DEF_UNMAP_ALIGNMENT 0
146 #define DEF_UNMAP_GRANULARITY 1
147 #define DEF_UNMAP_MAX_BLOCKS 0xFFFFFFFF
148 #define DEF_UNMAP_MAX_DESC 256
149 #define DEF_VIRTUAL_GB 0
150 #define DEF_VPD_USE_HOSTNO 1
151 #define DEF_WRITESAME_LENGTH 0xFFFF
152 #define DEF_STRICT 0
153 #define DEF_STATISTICS false
154 #define DEF_SUBMIT_QUEUES 1
155 #define DEF_TUR_MS_TO_READY 0
156 #define DEF_UUID_CTL 0
157 #define JDELAY_OVERRIDDEN -9999
158
159 /* Default parameters for ZBC drives */
160 #define DEF_ZBC_ZONE_SIZE_MB 128
161 #define DEF_ZBC_MAX_OPEN_ZONES 8
162 #define DEF_ZBC_NR_CONV_ZONES 1
163
164 #define SDEBUG_LUN_0_VAL 0
165
166 /* bit mask values for sdebug_opts */
167 #define SDEBUG_OPT_NOISE 1
168 #define SDEBUG_OPT_MEDIUM_ERR 2
169 #define SDEBUG_OPT_TIMEOUT 4
170 #define SDEBUG_OPT_RECOVERED_ERR 8
171 #define SDEBUG_OPT_TRANSPORT_ERR 16
172 #define SDEBUG_OPT_DIF_ERR 32
173 #define SDEBUG_OPT_DIX_ERR 64
174 #define SDEBUG_OPT_MAC_TIMEOUT 128
175 #define SDEBUG_OPT_SHORT_TRANSFER 0x100
176 #define SDEBUG_OPT_Q_NOISE 0x200
177 #define SDEBUG_OPT_ALL_TSF 0x400 /* ignore */
178 #define SDEBUG_OPT_RARE_TSF 0x800
179 #define SDEBUG_OPT_N_WCE 0x1000
180 #define SDEBUG_OPT_RESET_NOISE 0x2000
181 #define SDEBUG_OPT_NO_CDB_NOISE 0x4000
182 #define SDEBUG_OPT_HOST_BUSY 0x8000
183 #define SDEBUG_OPT_CMD_ABORT 0x10000
184 #define SDEBUG_OPT_ALL_NOISE (SDEBUG_OPT_NOISE | SDEBUG_OPT_Q_NOISE | \
185 SDEBUG_OPT_RESET_NOISE)
186 #define SDEBUG_OPT_ALL_INJECTING (SDEBUG_OPT_RECOVERED_ERR | \
187 SDEBUG_OPT_TRANSPORT_ERR | \
188 SDEBUG_OPT_DIF_ERR | SDEBUG_OPT_DIX_ERR | \
189 SDEBUG_OPT_SHORT_TRANSFER | \
190 SDEBUG_OPT_HOST_BUSY | \
191 SDEBUG_OPT_CMD_ABORT)
192 #define SDEBUG_OPT_RECOV_DIF_DIX (SDEBUG_OPT_RECOVERED_ERR | \
193 SDEBUG_OPT_DIF_ERR | SDEBUG_OPT_DIX_ERR)
194
195 /* As indicated in SAM-5 and SPC-4 Unit Attentions (UAs) are returned in
196 * priority order. In the subset implemented here lower numbers have higher
197 * priority. The UA numbers should be a sequence starting from 0 with
198 * SDEBUG_NUM_UAS being 1 higher than the highest numbered UA. */
199 #define SDEBUG_UA_POR 0 /* Power on, reset, or bus device reset */
200 #define SDEBUG_UA_POOCCUR 1 /* Power on occurred */
201 #define SDEBUG_UA_BUS_RESET 2
202 #define SDEBUG_UA_MODE_CHANGED 3
203 #define SDEBUG_UA_CAPACITY_CHANGED 4
204 #define SDEBUG_UA_LUNS_CHANGED 5
205 #define SDEBUG_UA_MICROCODE_CHANGED 6 /* simulate firmware change */
206 #define SDEBUG_UA_MICROCODE_CHANGED_WO_RESET 7
207 #define SDEBUG_NUM_UAS 8
208
209 /* when 1==SDEBUG_OPT_MEDIUM_ERR, a medium error is simulated at this
210 * sector on read commands: */
211 #define OPT_MEDIUM_ERR_ADDR 0x1234 /* that's sector 4660 in decimal */
212 #define OPT_MEDIUM_ERR_NUM 10 /* number of consecutive medium errs */
213
214 /* SDEBUG_CANQUEUE is the maximum number of commands that can be queued
215 * (for response) per submit queue at one time. Can be reduced by max_queue
216 * option. Command responses are not queued when jdelay=0 and ndelay=0. The
217 * per-device DEF_CMD_PER_LUN can be changed via sysfs:
218 * /sys/class/scsi_device/<h:c:t:l>/device/queue_depth
219 * but cannot exceed SDEBUG_CANQUEUE .
220 */
221 #define SDEBUG_CANQUEUE_WORDS 3 /* a WORD is bits in a long */
222 #define SDEBUG_CANQUEUE (SDEBUG_CANQUEUE_WORDS * BITS_PER_LONG)
223 #define DEF_CMD_PER_LUN SDEBUG_CANQUEUE
224
225 /* UA - Unit Attention; SA - Service Action; SSU - Start Stop Unit */
226 #define F_D_IN 1 /* Data-in command (e.g. READ) */
227 #define F_D_OUT 2 /* Data-out command (e.g. WRITE) */
228 #define F_D_OUT_MAYBE 4 /* WRITE SAME, NDOB bit */
229 #define F_D_UNKN 8
230 #define F_RL_WLUN_OK 0x10 /* allowed with REPORT LUNS W-LUN */
231 #define F_SKIP_UA 0x20 /* bypass UAs (e.g. INQUIRY command) */
232 #define F_DELAY_OVERR 0x40 /* for commands like INQUIRY */
233 #define F_SA_LOW 0x80 /* SA is in cdb byte 1, bits 4 to 0 */
234 #define F_SA_HIGH 0x100 /* SA is in cdb bytes 8 and 9 */
235 #define F_INV_OP 0x200 /* invalid opcode (not supported) */
236 #define F_FAKE_RW 0x400 /* bypass resp_*() when fake_rw set */
237 #define F_M_ACCESS 0x800 /* media access, reacts to SSU state */
238 #define F_SSU_DELAY 0x1000 /* SSU command delay (long-ish) */
239 #define F_SYNC_DELAY 0x2000 /* SYNCHRONIZE CACHE delay */
240
241 /* Useful combinations of the above flags */
242 #define FF_RESPOND (F_RL_WLUN_OK | F_SKIP_UA | F_DELAY_OVERR)
243 #define FF_MEDIA_IO (F_M_ACCESS | F_FAKE_RW)
244 #define FF_SA (F_SA_HIGH | F_SA_LOW)
245 #define F_LONG_DELAY (F_SSU_DELAY | F_SYNC_DELAY)
246
247 #define SDEBUG_MAX_PARTS 4
248
249 #define SDEBUG_MAX_CMD_LEN 32
250
251 #define SDEB_XA_NOT_IN_USE XA_MARK_1
252
253 /* Zone types (zbcr05 table 25) */
254 enum sdebug_z_type {
255 ZBC_ZTYPE_CNV = 0x1,
256 ZBC_ZTYPE_SWR = 0x2,
257 ZBC_ZTYPE_SWP = 0x3,
258 /* ZBC_ZTYPE_SOBR = 0x4, */
259 ZBC_ZTYPE_GAP = 0x5,
260 };
261
262 /* enumeration names taken from table 26, zbcr05 */
263 enum sdebug_z_cond {
264 ZBC_NOT_WRITE_POINTER = 0x0,
265 ZC1_EMPTY = 0x1,
266 ZC2_IMPLICIT_OPEN = 0x2,
267 ZC3_EXPLICIT_OPEN = 0x3,
268 ZC4_CLOSED = 0x4,
269 ZC6_READ_ONLY = 0xd,
270 ZC5_FULL = 0xe,
271 ZC7_OFFLINE = 0xf,
272 };
273
274 struct sdeb_zone_state { /* ZBC: per zone state */
275 enum sdebug_z_type z_type;
276 enum sdebug_z_cond z_cond;
277 bool z_non_seq_resource;
278 unsigned int z_size;
279 sector_t z_start;
280 sector_t z_wp;
281 };
282
283 struct sdebug_dev_info {
284 struct list_head dev_list;
285 unsigned int channel;
286 unsigned int target;
287 u64 lun;
288 uuid_t lu_name;
289 struct sdebug_host_info *sdbg_host;
290 unsigned long uas_bm[1];
291 atomic_t num_in_q;
292 atomic_t stopped; /* 1: by SSU, 2: device start */
293 bool used;
294
295 /* For ZBC devices */
296 enum blk_zoned_model zmodel;
297 unsigned int zcap;
298 unsigned int zsize;
299 unsigned int zsize_shift;
300 unsigned int nr_zones;
301 unsigned int nr_conv_zones;
302 unsigned int nr_seq_zones;
303 unsigned int nr_imp_open;
304 unsigned int nr_exp_open;
305 unsigned int nr_closed;
306 unsigned int max_open;
307 ktime_t create_ts; /* time since bootup that this device was created */
308 struct sdeb_zone_state *zstate;
309 };
310
311 struct sdebug_host_info {
312 struct list_head host_list;
313 int si_idx; /* sdeb_store_info (per host) xarray index */
314 struct Scsi_Host *shost;
315 struct device dev;
316 struct list_head dev_info_list;
317 };
318
319 /* There is an xarray of pointers to this struct's objects, one per host */
320 struct sdeb_store_info {
321 rwlock_t macc_lck; /* for atomic media access on this store */
322 u8 *storep; /* user data storage (ram) */
323 struct t10_pi_tuple *dif_storep; /* protection info */
324 void *map_storep; /* provisioning map */
325 };
326
327 #define to_sdebug_host(d) \
328 container_of(d, struct sdebug_host_info, dev)
329
330 enum sdeb_defer_type {SDEB_DEFER_NONE = 0, SDEB_DEFER_HRT = 1,
331 SDEB_DEFER_WQ = 2, SDEB_DEFER_POLL = 3};
332
333 struct sdebug_defer {
334 struct hrtimer hrt;
335 struct execute_work ew;
336 ktime_t cmpl_ts;/* time since boot to complete this cmd */
337 int sqa_idx; /* index of sdebug_queue array */
338 int qc_idx; /* index of sdebug_queued_cmd array within sqa_idx */
339 int hc_idx; /* hostwide tag index */
340 int issuing_cpu;
341 bool init_hrt;
342 bool init_wq;
343 bool init_poll;
344 bool aborted; /* true when blk_abort_request() already called */
345 enum sdeb_defer_type defer_t;
346 };
347
348 struct sdebug_queued_cmd {
349 /* corresponding bit set in in_use_bm[] in owning struct sdebug_queue
350 * instance indicates this slot is in use.
351 */
352 struct sdebug_defer *sd_dp;
353 struct scsi_cmnd *a_cmnd;
354 };
355
356 struct sdebug_queue {
357 struct sdebug_queued_cmd qc_arr[SDEBUG_CANQUEUE];
358 unsigned long in_use_bm[SDEBUG_CANQUEUE_WORDS];
359 spinlock_t qc_lock;
360 atomic_t blocked; /* to temporarily stop more being queued */
361 };
362
363 static atomic_t sdebug_cmnd_count; /* number of incoming commands */
364 static atomic_t sdebug_completions; /* count of deferred completions */
365 static atomic_t sdebug_miss_cpus; /* submission + completion cpus differ */
366 static atomic_t sdebug_a_tsf; /* 'almost task set full' counter */
367 static atomic_t sdeb_inject_pending;
368 static atomic_t sdeb_mq_poll_count; /* bumped when mq_poll returns > 0 */
369
370 struct opcode_info_t {
371 u8 num_attached; /* 0 if this is it (i.e. a leaf); use 0xff */
372 /* for terminating element */
373 u8 opcode; /* if num_attached > 0, preferred */
374 u16 sa; /* service action */
375 u32 flags; /* OR-ed set of SDEB_F_* */
376 int (*pfp)(struct scsi_cmnd *, struct sdebug_dev_info *);
377 const struct opcode_info_t *arrp; /* num_attached elements or NULL */
378 u8 len_mask[16]; /* len_mask[0]-->cdb_len, then mask for cdb */
379 /* 1 to min(cdb_len, 15); ignore cdb[15...] */
380 };
381
382 /* SCSI opcodes (first byte of cdb) of interest mapped onto these indexes */
383 enum sdeb_opcode_index {
384 SDEB_I_INVALID_OPCODE = 0,
385 SDEB_I_INQUIRY = 1,
386 SDEB_I_REPORT_LUNS = 2,
387 SDEB_I_REQUEST_SENSE = 3,
388 SDEB_I_TEST_UNIT_READY = 4,
389 SDEB_I_MODE_SENSE = 5, /* 6, 10 */
390 SDEB_I_MODE_SELECT = 6, /* 6, 10 */
391 SDEB_I_LOG_SENSE = 7,
392 SDEB_I_READ_CAPACITY = 8, /* 10; 16 is in SA_IN(16) */
393 SDEB_I_READ = 9, /* 6, 10, 12, 16 */
394 SDEB_I_WRITE = 10, /* 6, 10, 12, 16 */
395 SDEB_I_START_STOP = 11,
396 SDEB_I_SERV_ACT_IN_16 = 12, /* add ...SERV_ACT_IN_12 if needed */
397 SDEB_I_SERV_ACT_OUT_16 = 13, /* add ...SERV_ACT_OUT_12 if needed */
398 SDEB_I_MAINT_IN = 14,
399 SDEB_I_MAINT_OUT = 15,
400 SDEB_I_VERIFY = 16, /* VERIFY(10), VERIFY(16) */
401 SDEB_I_VARIABLE_LEN = 17, /* READ(32), WRITE(32), WR_SCAT(32) */
402 SDEB_I_RESERVE = 18, /* 6, 10 */
403 SDEB_I_RELEASE = 19, /* 6, 10 */
404 SDEB_I_ALLOW_REMOVAL = 20, /* PREVENT ALLOW MEDIUM REMOVAL */
405 SDEB_I_REZERO_UNIT = 21, /* REWIND in SSC */
406 SDEB_I_ATA_PT = 22, /* 12, 16 */
407 SDEB_I_SEND_DIAG = 23,
408 SDEB_I_UNMAP = 24,
409 SDEB_I_WRITE_BUFFER = 25,
410 SDEB_I_WRITE_SAME = 26, /* 10, 16 */
411 SDEB_I_SYNC_CACHE = 27, /* 10, 16 */
412 SDEB_I_COMP_WRITE = 28,
413 SDEB_I_PRE_FETCH = 29, /* 10, 16 */
414 SDEB_I_ZONE_OUT = 30, /* 0x94+SA; includes no data xfer */
415 SDEB_I_ZONE_IN = 31, /* 0x95+SA; all have data-in */
416 SDEB_I_LAST_ELEM_P1 = 32, /* keep this last (previous + 1) */
417 };
418
419
420 static const unsigned char opcode_ind_arr[256] = {
421 /* 0x0; 0x0->0x1f: 6 byte cdbs */
422 SDEB_I_TEST_UNIT_READY, SDEB_I_REZERO_UNIT, 0, SDEB_I_REQUEST_SENSE,
423 0, 0, 0, 0,
424 SDEB_I_READ, 0, SDEB_I_WRITE, 0, 0, 0, 0, 0,
425 0, 0, SDEB_I_INQUIRY, 0, 0, SDEB_I_MODE_SELECT, SDEB_I_RESERVE,
426 SDEB_I_RELEASE,
427 0, 0, SDEB_I_MODE_SENSE, SDEB_I_START_STOP, 0, SDEB_I_SEND_DIAG,
428 SDEB_I_ALLOW_REMOVAL, 0,
429 /* 0x20; 0x20->0x3f: 10 byte cdbs */
430 0, 0, 0, 0, 0, SDEB_I_READ_CAPACITY, 0, 0,
431 SDEB_I_READ, 0, SDEB_I_WRITE, 0, 0, 0, 0, SDEB_I_VERIFY,
432 0, 0, 0, 0, SDEB_I_PRE_FETCH, SDEB_I_SYNC_CACHE, 0, 0,
433 0, 0, 0, SDEB_I_WRITE_BUFFER, 0, 0, 0, 0,
434 /* 0x40; 0x40->0x5f: 10 byte cdbs */
435 0, SDEB_I_WRITE_SAME, SDEB_I_UNMAP, 0, 0, 0, 0, 0,
436 0, 0, 0, 0, 0, SDEB_I_LOG_SENSE, 0, 0,
437 0, 0, 0, 0, 0, SDEB_I_MODE_SELECT, SDEB_I_RESERVE,
438 SDEB_I_RELEASE,
439 0, 0, SDEB_I_MODE_SENSE, 0, 0, 0, 0, 0,
440 /* 0x60; 0x60->0x7d are reserved, 0x7e is "extended cdb" */
441 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
442 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
443 0, SDEB_I_VARIABLE_LEN,
444 /* 0x80; 0x80->0x9f: 16 byte cdbs */
445 0, 0, 0, 0, 0, SDEB_I_ATA_PT, 0, 0,
446 SDEB_I_READ, SDEB_I_COMP_WRITE, SDEB_I_WRITE, 0,
447 0, 0, 0, SDEB_I_VERIFY,
448 SDEB_I_PRE_FETCH, SDEB_I_SYNC_CACHE, 0, SDEB_I_WRITE_SAME,
449 SDEB_I_ZONE_OUT, SDEB_I_ZONE_IN, 0, 0,
450 0, 0, 0, 0, 0, 0, SDEB_I_SERV_ACT_IN_16, SDEB_I_SERV_ACT_OUT_16,
451 /* 0xa0; 0xa0->0xbf: 12 byte cdbs */
452 SDEB_I_REPORT_LUNS, SDEB_I_ATA_PT, 0, SDEB_I_MAINT_IN,
453 SDEB_I_MAINT_OUT, 0, 0, 0,
454 SDEB_I_READ, 0 /* SDEB_I_SERV_ACT_OUT_12 */, SDEB_I_WRITE,
455 0 /* SDEB_I_SERV_ACT_IN_12 */, 0, 0, 0, 0,
456 0, 0, 0, 0, 0, 0, 0, 0,
457 0, 0, 0, 0, 0, 0, 0, 0,
458 /* 0xc0; 0xc0->0xff: vendor specific */
459 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
460 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
461 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
462 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
463 };
464
465 /*
466 * The following "response" functions return the SCSI mid-level's 4 byte
467 * tuple-in-an-int. To handle commands with an IMMED bit, for a faster
468 * command completion, they can mask their return value with
469 * SDEG_RES_IMMED_MASK .
470 */
471 #define SDEG_RES_IMMED_MASK 0x40000000
472
473 static int resp_inquiry(struct scsi_cmnd *, struct sdebug_dev_info *);
474 static int resp_report_luns(struct scsi_cmnd *, struct sdebug_dev_info *);
475 static int resp_requests(struct scsi_cmnd *, struct sdebug_dev_info *);
476 static int resp_mode_sense(struct scsi_cmnd *, struct sdebug_dev_info *);
477 static int resp_mode_select(struct scsi_cmnd *, struct sdebug_dev_info *);
478 static int resp_log_sense(struct scsi_cmnd *, struct sdebug_dev_info *);
479 static int resp_readcap(struct scsi_cmnd *, struct sdebug_dev_info *);
480 static int resp_read_dt0(struct scsi_cmnd *, struct sdebug_dev_info *);
481 static int resp_write_dt0(struct scsi_cmnd *, struct sdebug_dev_info *);
482 static int resp_write_scat(struct scsi_cmnd *, struct sdebug_dev_info *);
483 static int resp_start_stop(struct scsi_cmnd *, struct sdebug_dev_info *);
484 static int resp_readcap16(struct scsi_cmnd *, struct sdebug_dev_info *);
485 static int resp_get_lba_status(struct scsi_cmnd *, struct sdebug_dev_info *);
486 static int resp_report_tgtpgs(struct scsi_cmnd *, struct sdebug_dev_info *);
487 static int resp_unmap(struct scsi_cmnd *, struct sdebug_dev_info *);
488 static int resp_rsup_opcodes(struct scsi_cmnd *, struct sdebug_dev_info *);
489 static int resp_rsup_tmfs(struct scsi_cmnd *, struct sdebug_dev_info *);
490 static int resp_verify(struct scsi_cmnd *, struct sdebug_dev_info *);
491 static int resp_write_same_10(struct scsi_cmnd *, struct sdebug_dev_info *);
492 static int resp_write_same_16(struct scsi_cmnd *, struct sdebug_dev_info *);
493 static int resp_comp_write(struct scsi_cmnd *, struct sdebug_dev_info *);
494 static int resp_write_buffer(struct scsi_cmnd *, struct sdebug_dev_info *);
495 static int resp_sync_cache(struct scsi_cmnd *, struct sdebug_dev_info *);
496 static int resp_pre_fetch(struct scsi_cmnd *, struct sdebug_dev_info *);
497 static int resp_report_zones(struct scsi_cmnd *, struct sdebug_dev_info *);
498 static int resp_open_zone(struct scsi_cmnd *, struct sdebug_dev_info *);
499 static int resp_close_zone(struct scsi_cmnd *, struct sdebug_dev_info *);
500 static int resp_finish_zone(struct scsi_cmnd *, struct sdebug_dev_info *);
501 static int resp_rwp_zone(struct scsi_cmnd *, struct sdebug_dev_info *);
502
503 static int sdebug_do_add_host(bool mk_new_store);
504 static int sdebug_add_host_helper(int per_host_idx);
505 static void sdebug_do_remove_host(bool the_end);
506 static int sdebug_add_store(void);
507 static void sdebug_erase_store(int idx, struct sdeb_store_info *sip);
508 static void sdebug_erase_all_stores(bool apart_from_first);
509
510 /*
511 * The following are overflow arrays for cdbs that "hit" the same index in
512 * the opcode_info_arr array. The most time sensitive (or commonly used) cdb
513 * should be placed in opcode_info_arr[], the others should be placed here.
514 */
515 static const struct opcode_info_t msense_iarr[] = {
516 {0, 0x1a, 0, F_D_IN, NULL, NULL,
517 {6, 0xe8, 0xff, 0xff, 0xff, 0xc7, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} },
518 };
519
520 static const struct opcode_info_t mselect_iarr[] = {
521 {0, 0x15, 0, F_D_OUT, NULL, NULL,
522 {6, 0xf1, 0, 0, 0xff, 0xc7, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} },
523 };
524
525 static const struct opcode_info_t read_iarr[] = {
526 {0, 0x28, 0, F_D_IN | FF_MEDIA_IO, resp_read_dt0, NULL,/* READ(10) */
527 {10, 0xff, 0xff, 0xff, 0xff, 0xff, 0x3f, 0xff, 0xff, 0xc7, 0, 0,
528 0, 0, 0, 0} },
529 {0, 0x8, 0, F_D_IN | FF_MEDIA_IO, resp_read_dt0, NULL, /* READ(6) */
530 {6, 0xff, 0xff, 0xff, 0xff, 0xc7, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} },
531 {0, 0xa8, 0, F_D_IN | FF_MEDIA_IO, resp_read_dt0, NULL,/* READ(12) */
532 {12, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xbf,
533 0xc7, 0, 0, 0, 0} },
534 };
535
536 static const struct opcode_info_t write_iarr[] = {
537 {0, 0x2a, 0, F_D_OUT | FF_MEDIA_IO, resp_write_dt0, /* WRITE(10) */
538 NULL, {10, 0xfb, 0xff, 0xff, 0xff, 0xff, 0x3f, 0xff, 0xff, 0xc7,
539 0, 0, 0, 0, 0, 0} },
540 {0, 0xa, 0, F_D_OUT | FF_MEDIA_IO, resp_write_dt0, /* WRITE(6) */
541 NULL, {6, 0xff, 0xff, 0xff, 0xff, 0xc7, 0, 0, 0, 0, 0, 0, 0,
542 0, 0, 0} },
543 {0, 0xaa, 0, F_D_OUT | FF_MEDIA_IO, resp_write_dt0, /* WRITE(12) */
544 NULL, {12, 0xfb, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
545 0xbf, 0xc7, 0, 0, 0, 0} },
546 };
547
548 static const struct opcode_info_t verify_iarr[] = {
549 {0, 0x2f, 0, F_D_OUT_MAYBE | FF_MEDIA_IO, resp_verify,/* VERIFY(10) */
550 NULL, {10, 0xf7, 0xff, 0xff, 0xff, 0xff, 0xbf, 0xff, 0xff, 0xc7,
551 0, 0, 0, 0, 0, 0} },
552 };
553
554 static const struct opcode_info_t sa_in_16_iarr[] = {
555 {0, 0x9e, 0x12, F_SA_LOW | F_D_IN, resp_get_lba_status, NULL,
556 {16, 0x12, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
557 0xff, 0xff, 0xff, 0, 0xc7} }, /* GET LBA STATUS(16) */
558 };
559
560 static const struct opcode_info_t vl_iarr[] = { /* VARIABLE LENGTH */
561 {0, 0x7f, 0xb, F_SA_HIGH | F_D_OUT | FF_MEDIA_IO, resp_write_dt0,
562 NULL, {32, 0xc7, 0, 0, 0, 0, 0x3f, 0x18, 0x0, 0xb, 0xfa,
563 0, 0xff, 0xff, 0xff, 0xff} }, /* WRITE(32) */
564 {0, 0x7f, 0x11, F_SA_HIGH | F_D_OUT | FF_MEDIA_IO, resp_write_scat,
565 NULL, {32, 0xc7, 0, 0, 0, 0, 0x3f, 0x18, 0x0, 0x11, 0xf8,
566 0, 0xff, 0xff, 0x0, 0x0} }, /* WRITE SCATTERED(32) */
567 };
568
569 static const struct opcode_info_t maint_in_iarr[] = { /* MAINT IN */
570 {0, 0xa3, 0xc, F_SA_LOW | F_D_IN, resp_rsup_opcodes, NULL,
571 {12, 0xc, 0x87, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0,
572 0xc7, 0, 0, 0, 0} }, /* REPORT SUPPORTED OPERATION CODES */
573 {0, 0xa3, 0xd, F_SA_LOW | F_D_IN, resp_rsup_tmfs, NULL,
574 {12, 0xd, 0x80, 0, 0, 0, 0xff, 0xff, 0xff, 0xff, 0, 0xc7, 0, 0,
575 0, 0} }, /* REPORTED SUPPORTED TASK MANAGEMENT FUNCTIONS */
576 };
577
578 static const struct opcode_info_t write_same_iarr[] = {
579 {0, 0x93, 0, F_D_OUT_MAYBE | FF_MEDIA_IO, resp_write_same_16, NULL,
580 {16, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
581 0xff, 0xff, 0xff, 0x3f, 0xc7} }, /* WRITE SAME(16) */
582 };
583
584 static const struct opcode_info_t reserve_iarr[] = {
585 {0, 0x16, 0, F_D_OUT, NULL, NULL, /* RESERVE(6) */
586 {6, 0x1f, 0xff, 0xff, 0xff, 0xc7, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} },
587 };
588
589 static const struct opcode_info_t release_iarr[] = {
590 {0, 0x17, 0, F_D_OUT, NULL, NULL, /* RELEASE(6) */
591 {6, 0x1f, 0xff, 0, 0, 0xc7, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} },
592 };
593
594 static const struct opcode_info_t sync_cache_iarr[] = {
595 {0, 0x91, 0, F_SYNC_DELAY | F_M_ACCESS, resp_sync_cache, NULL,
596 {16, 0x6, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
597 0xff, 0xff, 0xff, 0xff, 0x3f, 0xc7} }, /* SYNC_CACHE (16) */
598 };
599
600 static const struct opcode_info_t pre_fetch_iarr[] = {
601 {0, 0x90, 0, F_SYNC_DELAY | FF_MEDIA_IO, resp_pre_fetch, NULL,
602 {16, 0x2, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
603 0xff, 0xff, 0xff, 0xff, 0x3f, 0xc7} }, /* PRE-FETCH (16) */
604 };
605
606 static const struct opcode_info_t zone_out_iarr[] = { /* ZONE OUT(16) */
607 {0, 0x94, 0x1, F_SA_LOW | F_M_ACCESS, resp_close_zone, NULL,
608 {16, 0x1, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
609 0xff, 0, 0, 0xff, 0xff, 0x1, 0xc7} }, /* CLOSE ZONE */
610 {0, 0x94, 0x2, F_SA_LOW | F_M_ACCESS, resp_finish_zone, NULL,
611 {16, 0x2, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
612 0xff, 0, 0, 0xff, 0xff, 0x1, 0xc7} }, /* FINISH ZONE */
613 {0, 0x94, 0x4, F_SA_LOW | F_M_ACCESS, resp_rwp_zone, NULL,
614 {16, 0x4, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
615 0xff, 0, 0, 0xff, 0xff, 0x1, 0xc7} }, /* RESET WRITE POINTER */
616 };
617
618 static const struct opcode_info_t zone_in_iarr[] = { /* ZONE IN(16) */
619 {0, 0x95, 0x6, F_SA_LOW | F_D_IN | F_M_ACCESS, NULL, NULL,
620 {16, 0x6, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
621 0xff, 0xff, 0xff, 0xff, 0x3f, 0xc7} }, /* REPORT ZONES */
622 };
623
624
625 /* This array is accessed via SDEB_I_* values. Make sure all are mapped,
626 * plus the terminating elements for logic that scans this table such as
627 * REPORT SUPPORTED OPERATION CODES. */
628 static const struct opcode_info_t opcode_info_arr[SDEB_I_LAST_ELEM_P1 + 1] = {
629 /* 0 */
630 {0, 0, 0, F_INV_OP | FF_RESPOND, NULL, NULL, /* unknown opcodes */
631 {0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} },
632 {0, 0x12, 0, FF_RESPOND | F_D_IN, resp_inquiry, NULL, /* INQUIRY */
633 {6, 0xe3, 0xff, 0xff, 0xff, 0xc7, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} },
634 {0, 0xa0, 0, FF_RESPOND | F_D_IN, resp_report_luns, NULL,
635 {12, 0xe3, 0xff, 0, 0, 0, 0xff, 0xff, 0xff, 0xff, 0, 0xc7, 0, 0,
636 0, 0} }, /* REPORT LUNS */
637 {0, 0x3, 0, FF_RESPOND | F_D_IN, resp_requests, NULL,
638 {6, 0xe1, 0, 0, 0xff, 0xc7, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} },
639 {0, 0x0, 0, F_M_ACCESS | F_RL_WLUN_OK, NULL, NULL,/* TEST UNIT READY */
640 {6, 0, 0, 0, 0, 0xc7, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} },
641 /* 5 */
642 {ARRAY_SIZE(msense_iarr), 0x5a, 0, F_D_IN, /* MODE SENSE(10) */
643 resp_mode_sense, msense_iarr, {10, 0xf8, 0xff, 0xff, 0, 0, 0,
644 0xff, 0xff, 0xc7, 0, 0, 0, 0, 0, 0} },
645 {ARRAY_SIZE(mselect_iarr), 0x55, 0, F_D_OUT, /* MODE SELECT(10) */
646 resp_mode_select, mselect_iarr, {10, 0xf1, 0, 0, 0, 0, 0, 0xff,
647 0xff, 0xc7, 0, 0, 0, 0, 0, 0} },
648 {0, 0x4d, 0, F_D_IN, resp_log_sense, NULL, /* LOG SENSE */
649 {10, 0xe3, 0xff, 0xff, 0, 0xff, 0xff, 0xff, 0xff, 0xc7, 0, 0, 0,
650 0, 0, 0} },
651 {0, 0x25, 0, F_D_IN, resp_readcap, NULL, /* READ CAPACITY(10) */
652 {10, 0xe1, 0xff, 0xff, 0xff, 0xff, 0, 0, 0x1, 0xc7, 0, 0, 0, 0,
653 0, 0} },
654 {ARRAY_SIZE(read_iarr), 0x88, 0, F_D_IN | FF_MEDIA_IO, /* READ(16) */
655 resp_read_dt0, read_iarr, {16, 0xfe, 0xff, 0xff, 0xff, 0xff,
656 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xc7} },
657 /* 10 */
658 {ARRAY_SIZE(write_iarr), 0x8a, 0, F_D_OUT | FF_MEDIA_IO,
659 resp_write_dt0, write_iarr, /* WRITE(16) */
660 {16, 0xfa, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
661 0xff, 0xff, 0xff, 0xff, 0xff, 0xc7} },
662 {0, 0x1b, 0, F_SSU_DELAY, resp_start_stop, NULL,/* START STOP UNIT */
663 {6, 0x1, 0, 0xf, 0xf7, 0xc7, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} },
664 {ARRAY_SIZE(sa_in_16_iarr), 0x9e, 0x10, F_SA_LOW | F_D_IN,
665 resp_readcap16, sa_in_16_iarr, /* SA_IN(16), READ CAPACITY(16) */
666 {16, 0x10, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
667 0xff, 0xff, 0xff, 0xff, 0x1, 0xc7} },
668 {0, 0x9f, 0x12, F_SA_LOW | F_D_OUT | FF_MEDIA_IO, resp_write_scat,
669 NULL, {16, 0x12, 0xf9, 0x0, 0xff, 0xff, 0, 0, 0xff, 0xff, 0xff,
670 0xff, 0xff, 0xff, 0xff, 0xc7} }, /* SA_OUT(16), WRITE SCAT(16) */
671 {ARRAY_SIZE(maint_in_iarr), 0xa3, 0xa, F_SA_LOW | F_D_IN,
672 resp_report_tgtpgs, /* MAINT IN, REPORT TARGET PORT GROUPS */
673 maint_in_iarr, {12, 0xea, 0, 0, 0, 0, 0xff, 0xff, 0xff,
674 0xff, 0, 0xc7, 0, 0, 0, 0} },
675 /* 15 */
676 {0, 0, 0, F_INV_OP | FF_RESPOND, NULL, NULL, /* MAINT OUT */
677 {0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} },
678 {ARRAY_SIZE(verify_iarr), 0x8f, 0,
679 F_D_OUT_MAYBE | FF_MEDIA_IO, resp_verify, /* VERIFY(16) */
680 verify_iarr, {16, 0xf6, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
681 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0x3f, 0xc7} },
682 {ARRAY_SIZE(vl_iarr), 0x7f, 0x9, F_SA_HIGH | F_D_IN | FF_MEDIA_IO,
683 resp_read_dt0, vl_iarr, /* VARIABLE LENGTH, READ(32) */
684 {32, 0xc7, 0, 0, 0, 0, 0x3f, 0x18, 0x0, 0x9, 0xfe, 0, 0xff, 0xff,
685 0xff, 0xff} },
686 {ARRAY_SIZE(reserve_iarr), 0x56, 0, F_D_OUT,
687 NULL, reserve_iarr, /* RESERVE(10) <no response function> */
688 {10, 0xff, 0xff, 0xff, 0, 0, 0, 0xff, 0xff, 0xc7, 0, 0, 0, 0, 0,
689 0} },
690 {ARRAY_SIZE(release_iarr), 0x57, 0, F_D_OUT,
691 NULL, release_iarr, /* RELEASE(10) <no response function> */
692 {10, 0x13, 0xff, 0xff, 0, 0, 0, 0xff, 0xff, 0xc7, 0, 0, 0, 0, 0,
693 0} },
694 /* 20 */
695 {0, 0x1e, 0, 0, NULL, NULL, /* ALLOW REMOVAL */
696 {6, 0, 0, 0, 0x3, 0xc7, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} },
697 {0, 0x1, 0, 0, resp_start_stop, NULL, /* REWIND ?? */
698 {6, 0x1, 0, 0, 0, 0xc7, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} },
699 {0, 0, 0, F_INV_OP | FF_RESPOND, NULL, NULL, /* ATA_PT */
700 {0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} },
701 {0, 0x1d, F_D_OUT, 0, NULL, NULL, /* SEND DIAGNOSTIC */
702 {6, 0xf7, 0, 0xff, 0xff, 0xc7, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} },
703 {0, 0x42, 0, F_D_OUT | FF_MEDIA_IO, resp_unmap, NULL, /* UNMAP */
704 {10, 0x1, 0, 0, 0, 0, 0x3f, 0xff, 0xff, 0xc7, 0, 0, 0, 0, 0, 0} },
705 /* 25 */
706 {0, 0x3b, 0, F_D_OUT_MAYBE, resp_write_buffer, NULL,
707 {10, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xc7, 0, 0,
708 0, 0, 0, 0} }, /* WRITE_BUFFER */
709 {ARRAY_SIZE(write_same_iarr), 0x41, 0, F_D_OUT_MAYBE | FF_MEDIA_IO,
710 resp_write_same_10, write_same_iarr, /* WRITE SAME(10) */
711 {10, 0xff, 0xff, 0xff, 0xff, 0xff, 0x3f, 0xff, 0xff, 0xc7, 0,
712 0, 0, 0, 0, 0} },
713 {ARRAY_SIZE(sync_cache_iarr), 0x35, 0, F_SYNC_DELAY | F_M_ACCESS,
714 resp_sync_cache, sync_cache_iarr,
715 {10, 0x7, 0xff, 0xff, 0xff, 0xff, 0x3f, 0xff, 0xff, 0xc7, 0, 0,
716 0, 0, 0, 0} }, /* SYNC_CACHE (10) */
717 {0, 0x89, 0, F_D_OUT | FF_MEDIA_IO, resp_comp_write, NULL,
718 {16, 0xf8, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0, 0,
719 0, 0xff, 0x3f, 0xc7} }, /* COMPARE AND WRITE */
720 {ARRAY_SIZE(pre_fetch_iarr), 0x34, 0, F_SYNC_DELAY | FF_MEDIA_IO,
721 resp_pre_fetch, pre_fetch_iarr,
722 {10, 0x2, 0xff, 0xff, 0xff, 0xff, 0x3f, 0xff, 0xff, 0xc7, 0, 0,
723 0, 0, 0, 0} }, /* PRE-FETCH (10) */
724
725 /* 30 */
726 {ARRAY_SIZE(zone_out_iarr), 0x94, 0x3, F_SA_LOW | F_M_ACCESS,
727 resp_open_zone, zone_out_iarr, /* ZONE_OUT(16), OPEN ZONE) */
728 {16, 0x3 /* SA */, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
729 0xff, 0xff, 0x0, 0x0, 0xff, 0xff, 0x1, 0xc7} },
730 {ARRAY_SIZE(zone_in_iarr), 0x95, 0x0, F_SA_LOW | F_M_ACCESS,
731 resp_report_zones, zone_in_iarr, /* ZONE_IN(16), REPORT ZONES) */
732 {16, 0x0 /* SA */, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
733 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xbf, 0xc7} },
734 /* sentinel */
735 {0xff, 0, 0, 0, NULL, NULL, /* terminating element */
736 {0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} },
737 };
738
739 static int sdebug_num_hosts;
740 static int sdebug_add_host = DEF_NUM_HOST; /* in sysfs this is relative */
741 static int sdebug_ato = DEF_ATO;
742 static int sdebug_cdb_len = DEF_CDB_LEN;
743 static int sdebug_jdelay = DEF_JDELAY; /* if > 0 then unit is jiffies */
744 static int sdebug_dev_size_mb = DEF_DEV_SIZE_PRE_INIT;
745 static int sdebug_dif = DEF_DIF;
746 static int sdebug_dix = DEF_DIX;
747 static int sdebug_dsense = DEF_D_SENSE;
748 static int sdebug_every_nth = DEF_EVERY_NTH;
749 static int sdebug_fake_rw = DEF_FAKE_RW;
750 static unsigned int sdebug_guard = DEF_GUARD;
751 static int sdebug_host_max_queue; /* per host */
752 static int sdebug_lowest_aligned = DEF_LOWEST_ALIGNED;
753 static int sdebug_max_luns = DEF_MAX_LUNS;
754 static int sdebug_max_queue = SDEBUG_CANQUEUE; /* per submit queue */
755 static unsigned int sdebug_medium_error_start = OPT_MEDIUM_ERR_ADDR;
756 static int sdebug_medium_error_count = OPT_MEDIUM_ERR_NUM;
757 static atomic_t retired_max_queue; /* if > 0 then was prior max_queue */
758 static int sdebug_ndelay = DEF_NDELAY; /* if > 0 then unit is nanoseconds */
759 static int sdebug_no_lun_0 = DEF_NO_LUN_0;
760 static int sdebug_no_uld;
761 static int sdebug_num_parts = DEF_NUM_PARTS;
762 static int sdebug_num_tgts = DEF_NUM_TGTS; /* targets per host */
763 static int sdebug_opt_blks = DEF_OPT_BLKS;
764 static int sdebug_opts = DEF_OPTS;
765 static int sdebug_physblk_exp = DEF_PHYSBLK_EXP;
766 static int sdebug_opt_xferlen_exp = DEF_OPT_XFERLEN_EXP;
767 static int sdebug_ptype = DEF_PTYPE; /* SCSI peripheral device type */
768 static int sdebug_scsi_level = DEF_SCSI_LEVEL;
769 static int sdebug_sector_size = DEF_SECTOR_SIZE;
770 static int sdeb_tur_ms_to_ready = DEF_TUR_MS_TO_READY;
771 static int sdebug_virtual_gb = DEF_VIRTUAL_GB;
772 static int sdebug_vpd_use_hostno = DEF_VPD_USE_HOSTNO;
773 static unsigned int sdebug_lbpu = DEF_LBPU;
774 static unsigned int sdebug_lbpws = DEF_LBPWS;
775 static unsigned int sdebug_lbpws10 = DEF_LBPWS10;
776 static unsigned int sdebug_lbprz = DEF_LBPRZ;
777 static unsigned int sdebug_unmap_alignment = DEF_UNMAP_ALIGNMENT;
778 static unsigned int sdebug_unmap_granularity = DEF_UNMAP_GRANULARITY;
779 static unsigned int sdebug_unmap_max_blocks = DEF_UNMAP_MAX_BLOCKS;
780 static unsigned int sdebug_unmap_max_desc = DEF_UNMAP_MAX_DESC;
781 static unsigned int sdebug_write_same_length = DEF_WRITESAME_LENGTH;
782 static int sdebug_uuid_ctl = DEF_UUID_CTL;
783 static bool sdebug_random = DEF_RANDOM;
784 static bool sdebug_per_host_store = DEF_PER_HOST_STORE;
785 static bool sdebug_removable = DEF_REMOVABLE;
786 static bool sdebug_clustering;
787 static bool sdebug_host_lock = DEF_HOST_LOCK;
788 static bool sdebug_strict = DEF_STRICT;
789 static bool sdebug_any_injecting_opt;
790 static bool sdebug_no_rwlock;
791 static bool sdebug_verbose;
792 static bool have_dif_prot;
793 static bool write_since_sync;
794 static bool sdebug_statistics = DEF_STATISTICS;
795 static bool sdebug_wp;
796 /* Following enum: 0: no zbc, def; 1: host aware; 2: host managed */
797 static enum blk_zoned_model sdeb_zbc_model = BLK_ZONED_NONE;
798 static char *sdeb_zbc_model_s;
799
800 enum sam_lun_addr_method {SAM_LUN_AM_PERIPHERAL = 0x0,
801 SAM_LUN_AM_FLAT = 0x1,
802 SAM_LUN_AM_LOGICAL_UNIT = 0x2,
803 SAM_LUN_AM_EXTENDED = 0x3};
804 static enum sam_lun_addr_method sdebug_lun_am = SAM_LUN_AM_PERIPHERAL;
805 static int sdebug_lun_am_i = (int)SAM_LUN_AM_PERIPHERAL;
806
807 static unsigned int sdebug_store_sectors;
808 static sector_t sdebug_capacity; /* in sectors */
809
810 /* old BIOS stuff, kernel may get rid of them but some mode sense pages
811 may still need them */
812 static int sdebug_heads; /* heads per disk */
813 static int sdebug_cylinders_per; /* cylinders per surface */
814 static int sdebug_sectors_per; /* sectors per cylinder */
815
816 static LIST_HEAD(sdebug_host_list);
817 static DEFINE_SPINLOCK(sdebug_host_list_lock);
818
819 static struct xarray per_store_arr;
820 static struct xarray *per_store_ap = &per_store_arr;
821 static int sdeb_first_idx = -1; /* invalid index ==> none created */
822 static int sdeb_most_recent_idx = -1;
823 static DEFINE_RWLOCK(sdeb_fake_rw_lck); /* need a RW lock when fake_rw=1 */
824
825 static unsigned long map_size;
826 static int num_aborts;
827 static int num_dev_resets;
828 static int num_target_resets;
829 static int num_bus_resets;
830 static int num_host_resets;
831 static int dix_writes;
832 static int dix_reads;
833 static int dif_errors;
834
835 /* ZBC global data */
836 static bool sdeb_zbc_in_use; /* true for host-aware and host-managed disks */
837 static int sdeb_zbc_zone_cap_mb;
838 static int sdeb_zbc_zone_size_mb;
839 static int sdeb_zbc_max_open = DEF_ZBC_MAX_OPEN_ZONES;
840 static int sdeb_zbc_nr_conv = DEF_ZBC_NR_CONV_ZONES;
841
842 static int submit_queues = DEF_SUBMIT_QUEUES; /* > 1 for multi-queue (mq) */
843 static int poll_queues; /* iouring iopoll interface.*/
844 static struct sdebug_queue *sdebug_q_arr; /* ptr to array of submit queues */
845
846 static DEFINE_RWLOCK(atomic_rw);
847 static DEFINE_RWLOCK(atomic_rw2);
848
849 static rwlock_t *ramdisk_lck_a[2];
850
851 static char sdebug_proc_name[] = MY_NAME;
852 static const char *my_name = MY_NAME;
853
854 static struct bus_type pseudo_lld_bus;
855
856 static struct device_driver sdebug_driverfs_driver = {
857 .name = sdebug_proc_name,
858 .bus = &pseudo_lld_bus,
859 };
860
861 static const int check_condition_result =
862 SAM_STAT_CHECK_CONDITION;
863
864 static const int illegal_condition_result =
865 (DID_ABORT << 16) | SAM_STAT_CHECK_CONDITION;
866
867 static const int device_qfull_result =
868 (DID_ABORT << 16) | SAM_STAT_TASK_SET_FULL;
869
870 static const int condition_met_result = SAM_STAT_CONDITION_MET;
871
872
873 /* Only do the extra work involved in logical block provisioning if one or
874 * more of the lbpu, lbpws or lbpws10 parameters are given and we are doing
875 * real reads and writes (i.e. not skipping them for speed).
876 */
scsi_debug_lbp(void)877 static inline bool scsi_debug_lbp(void)
878 {
879 return 0 == sdebug_fake_rw &&
880 (sdebug_lbpu || sdebug_lbpws || sdebug_lbpws10);
881 }
882
lba2fake_store(struct sdeb_store_info * sip,unsigned long long lba)883 static void *lba2fake_store(struct sdeb_store_info *sip,
884 unsigned long long lba)
885 {
886 struct sdeb_store_info *lsip = sip;
887
888 lba = do_div(lba, sdebug_store_sectors);
889 if (!sip || !sip->storep) {
890 WARN_ON_ONCE(true);
891 lsip = xa_load(per_store_ap, 0); /* should never be NULL */
892 }
893 return lsip->storep + lba * sdebug_sector_size;
894 }
895
dif_store(struct sdeb_store_info * sip,sector_t sector)896 static struct t10_pi_tuple *dif_store(struct sdeb_store_info *sip,
897 sector_t sector)
898 {
899 sector = sector_div(sector, sdebug_store_sectors);
900
901 return sip->dif_storep + sector;
902 }
903
sdebug_max_tgts_luns(void)904 static void sdebug_max_tgts_luns(void)
905 {
906 struct sdebug_host_info *sdbg_host;
907 struct Scsi_Host *hpnt;
908
909 spin_lock(&sdebug_host_list_lock);
910 list_for_each_entry(sdbg_host, &sdebug_host_list, host_list) {
911 hpnt = sdbg_host->shost;
912 if ((hpnt->this_id >= 0) &&
913 (sdebug_num_tgts > hpnt->this_id))
914 hpnt->max_id = sdebug_num_tgts + 1;
915 else
916 hpnt->max_id = sdebug_num_tgts;
917 /* sdebug_max_luns; */
918 hpnt->max_lun = SCSI_W_LUN_REPORT_LUNS + 1;
919 }
920 spin_unlock(&sdebug_host_list_lock);
921 }
922
923 enum sdeb_cmd_data {SDEB_IN_DATA = 0, SDEB_IN_CDB = 1};
924
925 /* Set in_bit to -1 to indicate no bit position of invalid field */
mk_sense_invalid_fld(struct scsi_cmnd * scp,enum sdeb_cmd_data c_d,int in_byte,int in_bit)926 static void mk_sense_invalid_fld(struct scsi_cmnd *scp,
927 enum sdeb_cmd_data c_d,
928 int in_byte, int in_bit)
929 {
930 unsigned char *sbuff;
931 u8 sks[4];
932 int sl, asc;
933
934 sbuff = scp->sense_buffer;
935 if (!sbuff) {
936 sdev_printk(KERN_ERR, scp->device,
937 "%s: sense_buffer is NULL\n", __func__);
938 return;
939 }
940 asc = c_d ? INVALID_FIELD_IN_CDB : INVALID_FIELD_IN_PARAM_LIST;
941 memset(sbuff, 0, SCSI_SENSE_BUFFERSIZE);
942 scsi_build_sense(scp, sdebug_dsense, ILLEGAL_REQUEST, asc, 0);
943 memset(sks, 0, sizeof(sks));
944 sks[0] = 0x80;
945 if (c_d)
946 sks[0] |= 0x40;
947 if (in_bit >= 0) {
948 sks[0] |= 0x8;
949 sks[0] |= 0x7 & in_bit;
950 }
951 put_unaligned_be16(in_byte, sks + 1);
952 if (sdebug_dsense) {
953 sl = sbuff[7] + 8;
954 sbuff[7] = sl;
955 sbuff[sl] = 0x2;
956 sbuff[sl + 1] = 0x6;
957 memcpy(sbuff + sl + 4, sks, 3);
958 } else
959 memcpy(sbuff + 15, sks, 3);
960 if (sdebug_verbose)
961 sdev_printk(KERN_INFO, scp->device, "%s: [sense_key,asc,ascq"
962 "]: [0x5,0x%x,0x0] %c byte=%d, bit=%d\n",
963 my_name, asc, c_d ? 'C' : 'D', in_byte, in_bit);
964 }
965
mk_sense_buffer(struct scsi_cmnd * scp,int key,int asc,int asq)966 static void mk_sense_buffer(struct scsi_cmnd *scp, int key, int asc, int asq)
967 {
968 if (!scp->sense_buffer) {
969 sdev_printk(KERN_ERR, scp->device,
970 "%s: sense_buffer is NULL\n", __func__);
971 return;
972 }
973 memset(scp->sense_buffer, 0, SCSI_SENSE_BUFFERSIZE);
974
975 scsi_build_sense(scp, sdebug_dsense, key, asc, asq);
976
977 if (sdebug_verbose)
978 sdev_printk(KERN_INFO, scp->device,
979 "%s: [sense_key,asc,ascq]: [0x%x,0x%x,0x%x]\n",
980 my_name, key, asc, asq);
981 }
982
mk_sense_invalid_opcode(struct scsi_cmnd * scp)983 static void mk_sense_invalid_opcode(struct scsi_cmnd *scp)
984 {
985 mk_sense_buffer(scp, ILLEGAL_REQUEST, INVALID_OPCODE, 0);
986 }
987
scsi_debug_ioctl(struct scsi_device * dev,unsigned int cmd,void __user * arg)988 static int scsi_debug_ioctl(struct scsi_device *dev, unsigned int cmd,
989 void __user *arg)
990 {
991 if (sdebug_verbose) {
992 if (0x1261 == cmd)
993 sdev_printk(KERN_INFO, dev,
994 "%s: BLKFLSBUF [0x1261]\n", __func__);
995 else if (0x5331 == cmd)
996 sdev_printk(KERN_INFO, dev,
997 "%s: CDROM_GET_CAPABILITY [0x5331]\n",
998 __func__);
999 else
1000 sdev_printk(KERN_INFO, dev, "%s: cmd=0x%x\n",
1001 __func__, cmd);
1002 }
1003 return -EINVAL;
1004 /* return -ENOTTY; // correct return but upsets fdisk */
1005 }
1006
config_cdb_len(struct scsi_device * sdev)1007 static void config_cdb_len(struct scsi_device *sdev)
1008 {
1009 switch (sdebug_cdb_len) {
1010 case 6: /* suggest 6 byte READ, WRITE and MODE SENSE/SELECT */
1011 sdev->use_10_for_rw = false;
1012 sdev->use_16_for_rw = false;
1013 sdev->use_10_for_ms = false;
1014 break;
1015 case 10: /* suggest 10 byte RWs and 6 byte MODE SENSE/SELECT */
1016 sdev->use_10_for_rw = true;
1017 sdev->use_16_for_rw = false;
1018 sdev->use_10_for_ms = false;
1019 break;
1020 case 12: /* suggest 10 byte RWs and 10 byte MODE SENSE/SELECT */
1021 sdev->use_10_for_rw = true;
1022 sdev->use_16_for_rw = false;
1023 sdev->use_10_for_ms = true;
1024 break;
1025 case 16:
1026 sdev->use_10_for_rw = false;
1027 sdev->use_16_for_rw = true;
1028 sdev->use_10_for_ms = true;
1029 break;
1030 case 32: /* No knobs to suggest this so same as 16 for now */
1031 sdev->use_10_for_rw = false;
1032 sdev->use_16_for_rw = true;
1033 sdev->use_10_for_ms = true;
1034 break;
1035 default:
1036 pr_warn("unexpected cdb_len=%d, force to 10\n",
1037 sdebug_cdb_len);
1038 sdev->use_10_for_rw = true;
1039 sdev->use_16_for_rw = false;
1040 sdev->use_10_for_ms = false;
1041 sdebug_cdb_len = 10;
1042 break;
1043 }
1044 }
1045
all_config_cdb_len(void)1046 static void all_config_cdb_len(void)
1047 {
1048 struct sdebug_host_info *sdbg_host;
1049 struct Scsi_Host *shost;
1050 struct scsi_device *sdev;
1051
1052 spin_lock(&sdebug_host_list_lock);
1053 list_for_each_entry(sdbg_host, &sdebug_host_list, host_list) {
1054 shost = sdbg_host->shost;
1055 shost_for_each_device(sdev, shost) {
1056 config_cdb_len(sdev);
1057 }
1058 }
1059 spin_unlock(&sdebug_host_list_lock);
1060 }
1061
clear_luns_changed_on_target(struct sdebug_dev_info * devip)1062 static void clear_luns_changed_on_target(struct sdebug_dev_info *devip)
1063 {
1064 struct sdebug_host_info *sdhp;
1065 struct sdebug_dev_info *dp;
1066
1067 spin_lock(&sdebug_host_list_lock);
1068 list_for_each_entry(sdhp, &sdebug_host_list, host_list) {
1069 list_for_each_entry(dp, &sdhp->dev_info_list, dev_list) {
1070 if ((devip->sdbg_host == dp->sdbg_host) &&
1071 (devip->target == dp->target))
1072 clear_bit(SDEBUG_UA_LUNS_CHANGED, dp->uas_bm);
1073 }
1074 }
1075 spin_unlock(&sdebug_host_list_lock);
1076 }
1077
make_ua(struct scsi_cmnd * scp,struct sdebug_dev_info * devip)1078 static int make_ua(struct scsi_cmnd *scp, struct sdebug_dev_info *devip)
1079 {
1080 int k;
1081
1082 k = find_first_bit(devip->uas_bm, SDEBUG_NUM_UAS);
1083 if (k != SDEBUG_NUM_UAS) {
1084 const char *cp = NULL;
1085
1086 switch (k) {
1087 case SDEBUG_UA_POR:
1088 mk_sense_buffer(scp, UNIT_ATTENTION, UA_RESET_ASC,
1089 POWER_ON_RESET_ASCQ);
1090 if (sdebug_verbose)
1091 cp = "power on reset";
1092 break;
1093 case SDEBUG_UA_POOCCUR:
1094 mk_sense_buffer(scp, UNIT_ATTENTION, UA_RESET_ASC,
1095 POWER_ON_OCCURRED_ASCQ);
1096 if (sdebug_verbose)
1097 cp = "power on occurred";
1098 break;
1099 case SDEBUG_UA_BUS_RESET:
1100 mk_sense_buffer(scp, UNIT_ATTENTION, UA_RESET_ASC,
1101 BUS_RESET_ASCQ);
1102 if (sdebug_verbose)
1103 cp = "bus reset";
1104 break;
1105 case SDEBUG_UA_MODE_CHANGED:
1106 mk_sense_buffer(scp, UNIT_ATTENTION, UA_CHANGED_ASC,
1107 MODE_CHANGED_ASCQ);
1108 if (sdebug_verbose)
1109 cp = "mode parameters changed";
1110 break;
1111 case SDEBUG_UA_CAPACITY_CHANGED:
1112 mk_sense_buffer(scp, UNIT_ATTENTION, UA_CHANGED_ASC,
1113 CAPACITY_CHANGED_ASCQ);
1114 if (sdebug_verbose)
1115 cp = "capacity data changed";
1116 break;
1117 case SDEBUG_UA_MICROCODE_CHANGED:
1118 mk_sense_buffer(scp, UNIT_ATTENTION,
1119 TARGET_CHANGED_ASC,
1120 MICROCODE_CHANGED_ASCQ);
1121 if (sdebug_verbose)
1122 cp = "microcode has been changed";
1123 break;
1124 case SDEBUG_UA_MICROCODE_CHANGED_WO_RESET:
1125 mk_sense_buffer(scp, UNIT_ATTENTION,
1126 TARGET_CHANGED_ASC,
1127 MICROCODE_CHANGED_WO_RESET_ASCQ);
1128 if (sdebug_verbose)
1129 cp = "microcode has been changed without reset";
1130 break;
1131 case SDEBUG_UA_LUNS_CHANGED:
1132 /*
1133 * SPC-3 behavior is to report a UNIT ATTENTION with
1134 * ASC/ASCQ REPORTED LUNS DATA HAS CHANGED on every LUN
1135 * on the target, until a REPORT LUNS command is
1136 * received. SPC-4 behavior is to report it only once.
1137 * NOTE: sdebug_scsi_level does not use the same
1138 * values as struct scsi_device->scsi_level.
1139 */
1140 if (sdebug_scsi_level >= 6) /* SPC-4 and above */
1141 clear_luns_changed_on_target(devip);
1142 mk_sense_buffer(scp, UNIT_ATTENTION,
1143 TARGET_CHANGED_ASC,
1144 LUNS_CHANGED_ASCQ);
1145 if (sdebug_verbose)
1146 cp = "reported luns data has changed";
1147 break;
1148 default:
1149 pr_warn("unexpected unit attention code=%d\n", k);
1150 if (sdebug_verbose)
1151 cp = "unknown";
1152 break;
1153 }
1154 clear_bit(k, devip->uas_bm);
1155 if (sdebug_verbose)
1156 sdev_printk(KERN_INFO, scp->device,
1157 "%s reports: Unit attention: %s\n",
1158 my_name, cp);
1159 return check_condition_result;
1160 }
1161 return 0;
1162 }
1163
1164 /* Build SCSI "data-in" buffer. Returns 0 if ok else (DID_ERROR << 16). */
fill_from_dev_buffer(struct scsi_cmnd * scp,unsigned char * arr,int arr_len)1165 static int fill_from_dev_buffer(struct scsi_cmnd *scp, unsigned char *arr,
1166 int arr_len)
1167 {
1168 int act_len;
1169 struct scsi_data_buffer *sdb = &scp->sdb;
1170
1171 if (!sdb->length)
1172 return 0;
1173 if (scp->sc_data_direction != DMA_FROM_DEVICE)
1174 return DID_ERROR << 16;
1175
1176 act_len = sg_copy_from_buffer(sdb->table.sgl, sdb->table.nents,
1177 arr, arr_len);
1178 scsi_set_resid(scp, scsi_bufflen(scp) - act_len);
1179
1180 return 0;
1181 }
1182
1183 /* Partial build of SCSI "data-in" buffer. Returns 0 if ok else
1184 * (DID_ERROR << 16). Can write to offset in data-in buffer. If multiple
1185 * calls, not required to write in ascending offset order. Assumes resid
1186 * set to scsi_bufflen() prior to any calls.
1187 */
p_fill_from_dev_buffer(struct scsi_cmnd * scp,const void * arr,int arr_len,unsigned int off_dst)1188 static int p_fill_from_dev_buffer(struct scsi_cmnd *scp, const void *arr,
1189 int arr_len, unsigned int off_dst)
1190 {
1191 unsigned int act_len, n;
1192 struct scsi_data_buffer *sdb = &scp->sdb;
1193 off_t skip = off_dst;
1194
1195 if (sdb->length <= off_dst)
1196 return 0;
1197 if (scp->sc_data_direction != DMA_FROM_DEVICE)
1198 return DID_ERROR << 16;
1199
1200 act_len = sg_pcopy_from_buffer(sdb->table.sgl, sdb->table.nents,
1201 arr, arr_len, skip);
1202 pr_debug("%s: off_dst=%u, scsi_bufflen=%u, act_len=%u, resid=%d\n",
1203 __func__, off_dst, scsi_bufflen(scp), act_len,
1204 scsi_get_resid(scp));
1205 n = scsi_bufflen(scp) - (off_dst + act_len);
1206 scsi_set_resid(scp, min_t(u32, scsi_get_resid(scp), n));
1207 return 0;
1208 }
1209
1210 /* Fetches from SCSI "data-out" buffer. Returns number of bytes fetched into
1211 * 'arr' or -1 if error.
1212 */
fetch_to_dev_buffer(struct scsi_cmnd * scp,unsigned char * arr,int arr_len)1213 static int fetch_to_dev_buffer(struct scsi_cmnd *scp, unsigned char *arr,
1214 int arr_len)
1215 {
1216 if (!scsi_bufflen(scp))
1217 return 0;
1218 if (scp->sc_data_direction != DMA_TO_DEVICE)
1219 return -1;
1220
1221 return scsi_sg_copy_to_buffer(scp, arr, arr_len);
1222 }
1223
1224
1225 static char sdebug_inq_vendor_id[9] = "Linux ";
1226 static char sdebug_inq_product_id[17] = "scsi_debug ";
1227 static char sdebug_inq_product_rev[5] = SDEBUG_VERSION;
1228 /* Use some locally assigned NAAs for SAS addresses. */
1229 static const u64 naa3_comp_a = 0x3222222000000000ULL;
1230 static const u64 naa3_comp_b = 0x3333333000000000ULL;
1231 static const u64 naa3_comp_c = 0x3111111000000000ULL;
1232
1233 /* Device identification VPD page. Returns number of bytes placed in arr */
inquiry_vpd_83(unsigned char * arr,int port_group_id,int target_dev_id,int dev_id_num,const char * dev_id_str,int dev_id_str_len,const uuid_t * lu_name)1234 static int inquiry_vpd_83(unsigned char *arr, int port_group_id,
1235 int target_dev_id, int dev_id_num,
1236 const char *dev_id_str, int dev_id_str_len,
1237 const uuid_t *lu_name)
1238 {
1239 int num, port_a;
1240 char b[32];
1241
1242 port_a = target_dev_id + 1;
1243 /* T10 vendor identifier field format (faked) */
1244 arr[0] = 0x2; /* ASCII */
1245 arr[1] = 0x1;
1246 arr[2] = 0x0;
1247 memcpy(&arr[4], sdebug_inq_vendor_id, 8);
1248 memcpy(&arr[12], sdebug_inq_product_id, 16);
1249 memcpy(&arr[28], dev_id_str, dev_id_str_len);
1250 num = 8 + 16 + dev_id_str_len;
1251 arr[3] = num;
1252 num += 4;
1253 if (dev_id_num >= 0) {
1254 if (sdebug_uuid_ctl) {
1255 /* Locally assigned UUID */
1256 arr[num++] = 0x1; /* binary (not necessarily sas) */
1257 arr[num++] = 0xa; /* PIV=0, lu, naa */
1258 arr[num++] = 0x0;
1259 arr[num++] = 0x12;
1260 arr[num++] = 0x10; /* uuid type=1, locally assigned */
1261 arr[num++] = 0x0;
1262 memcpy(arr + num, lu_name, 16);
1263 num += 16;
1264 } else {
1265 /* NAA-3, Logical unit identifier (binary) */
1266 arr[num++] = 0x1; /* binary (not necessarily sas) */
1267 arr[num++] = 0x3; /* PIV=0, lu, naa */
1268 arr[num++] = 0x0;
1269 arr[num++] = 0x8;
1270 put_unaligned_be64(naa3_comp_b + dev_id_num, arr + num);
1271 num += 8;
1272 }
1273 /* Target relative port number */
1274 arr[num++] = 0x61; /* proto=sas, binary */
1275 arr[num++] = 0x94; /* PIV=1, target port, rel port */
1276 arr[num++] = 0x0; /* reserved */
1277 arr[num++] = 0x4; /* length */
1278 arr[num++] = 0x0; /* reserved */
1279 arr[num++] = 0x0; /* reserved */
1280 arr[num++] = 0x0;
1281 arr[num++] = 0x1; /* relative port A */
1282 }
1283 /* NAA-3, Target port identifier */
1284 arr[num++] = 0x61; /* proto=sas, binary */
1285 arr[num++] = 0x93; /* piv=1, target port, naa */
1286 arr[num++] = 0x0;
1287 arr[num++] = 0x8;
1288 put_unaligned_be64(naa3_comp_a + port_a, arr + num);
1289 num += 8;
1290 /* NAA-3, Target port group identifier */
1291 arr[num++] = 0x61; /* proto=sas, binary */
1292 arr[num++] = 0x95; /* piv=1, target port group id */
1293 arr[num++] = 0x0;
1294 arr[num++] = 0x4;
1295 arr[num++] = 0;
1296 arr[num++] = 0;
1297 put_unaligned_be16(port_group_id, arr + num);
1298 num += 2;
1299 /* NAA-3, Target device identifier */
1300 arr[num++] = 0x61; /* proto=sas, binary */
1301 arr[num++] = 0xa3; /* piv=1, target device, naa */
1302 arr[num++] = 0x0;
1303 arr[num++] = 0x8;
1304 put_unaligned_be64(naa3_comp_a + target_dev_id, arr + num);
1305 num += 8;
1306 /* SCSI name string: Target device identifier */
1307 arr[num++] = 0x63; /* proto=sas, UTF-8 */
1308 arr[num++] = 0xa8; /* piv=1, target device, SCSI name string */
1309 arr[num++] = 0x0;
1310 arr[num++] = 24;
1311 memcpy(arr + num, "naa.32222220", 12);
1312 num += 12;
1313 snprintf(b, sizeof(b), "%08X", target_dev_id);
1314 memcpy(arr + num, b, 8);
1315 num += 8;
1316 memset(arr + num, 0, 4);
1317 num += 4;
1318 return num;
1319 }
1320
1321 static unsigned char vpd84_data[] = {
1322 /* from 4th byte */ 0x22,0x22,0x22,0x0,0xbb,0x0,
1323 0x22,0x22,0x22,0x0,0xbb,0x1,
1324 0x22,0x22,0x22,0x0,0xbb,0x2,
1325 };
1326
1327 /* Software interface identification VPD page */
inquiry_vpd_84(unsigned char * arr)1328 static int inquiry_vpd_84(unsigned char *arr)
1329 {
1330 memcpy(arr, vpd84_data, sizeof(vpd84_data));
1331 return sizeof(vpd84_data);
1332 }
1333
1334 /* Management network addresses VPD page */
inquiry_vpd_85(unsigned char * arr)1335 static int inquiry_vpd_85(unsigned char *arr)
1336 {
1337 int num = 0;
1338 const char *na1 = "https://www.kernel.org/config";
1339 const char *na2 = "http://www.kernel.org/log";
1340 int plen, olen;
1341
1342 arr[num++] = 0x1; /* lu, storage config */
1343 arr[num++] = 0x0; /* reserved */
1344 arr[num++] = 0x0;
1345 olen = strlen(na1);
1346 plen = olen + 1;
1347 if (plen % 4)
1348 plen = ((plen / 4) + 1) * 4;
1349 arr[num++] = plen; /* length, null termianted, padded */
1350 memcpy(arr + num, na1, olen);
1351 memset(arr + num + olen, 0, plen - olen);
1352 num += plen;
1353
1354 arr[num++] = 0x4; /* lu, logging */
1355 arr[num++] = 0x0; /* reserved */
1356 arr[num++] = 0x0;
1357 olen = strlen(na2);
1358 plen = olen + 1;
1359 if (plen % 4)
1360 plen = ((plen / 4) + 1) * 4;
1361 arr[num++] = plen; /* length, null terminated, padded */
1362 memcpy(arr + num, na2, olen);
1363 memset(arr + num + olen, 0, plen - olen);
1364 num += plen;
1365
1366 return num;
1367 }
1368
1369 /* SCSI ports VPD page */
inquiry_vpd_88(unsigned char * arr,int target_dev_id)1370 static int inquiry_vpd_88(unsigned char *arr, int target_dev_id)
1371 {
1372 int num = 0;
1373 int port_a, port_b;
1374
1375 port_a = target_dev_id + 1;
1376 port_b = port_a + 1;
1377 arr[num++] = 0x0; /* reserved */
1378 arr[num++] = 0x0; /* reserved */
1379 arr[num++] = 0x0;
1380 arr[num++] = 0x1; /* relative port 1 (primary) */
1381 memset(arr + num, 0, 6);
1382 num += 6;
1383 arr[num++] = 0x0;
1384 arr[num++] = 12; /* length tp descriptor */
1385 /* naa-5 target port identifier (A) */
1386 arr[num++] = 0x61; /* proto=sas, binary */
1387 arr[num++] = 0x93; /* PIV=1, target port, NAA */
1388 arr[num++] = 0x0; /* reserved */
1389 arr[num++] = 0x8; /* length */
1390 put_unaligned_be64(naa3_comp_a + port_a, arr + num);
1391 num += 8;
1392 arr[num++] = 0x0; /* reserved */
1393 arr[num++] = 0x0; /* reserved */
1394 arr[num++] = 0x0;
1395 arr[num++] = 0x2; /* relative port 2 (secondary) */
1396 memset(arr + num, 0, 6);
1397 num += 6;
1398 arr[num++] = 0x0;
1399 arr[num++] = 12; /* length tp descriptor */
1400 /* naa-5 target port identifier (B) */
1401 arr[num++] = 0x61; /* proto=sas, binary */
1402 arr[num++] = 0x93; /* PIV=1, target port, NAA */
1403 arr[num++] = 0x0; /* reserved */
1404 arr[num++] = 0x8; /* length */
1405 put_unaligned_be64(naa3_comp_a + port_b, arr + num);
1406 num += 8;
1407
1408 return num;
1409 }
1410
1411
1412 static unsigned char vpd89_data[] = {
1413 /* from 4th byte */ 0,0,0,0,
1414 'l','i','n','u','x',' ',' ',' ',
1415 'S','A','T',' ','s','c','s','i','_','d','e','b','u','g',' ',' ',
1416 '1','2','3','4',
1417 0x34,0,0,0,1,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,
1418 0xec,0,0,0,
1419 0x5a,0xc,0xff,0x3f,0x37,0xc8,0x10,0,0,0,0,0,0x3f,0,0,0,
1420 0,0,0,0,0x58,0x58,0x58,0x58,0x58,0x58,0x58,0x58,0x20,0x20,0x20,0x20,
1421 0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,0,0,0,0x40,0x4,0,0x2e,0x33,
1422 0x38,0x31,0x20,0x20,0x20,0x20,0x54,0x53,0x38,0x33,0x30,0x30,0x33,0x31,
1423 0x53,0x41,
1424 0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,
1425 0x20,0x20,
1426 0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,
1427 0x10,0x80,
1428 0,0,0,0x2f,0,0,0,0x2,0,0x2,0x7,0,0xff,0xff,0x1,0,
1429 0x3f,0,0xc1,0xff,0x3e,0,0x10,0x1,0xb0,0xf8,0x50,0x9,0,0,0x7,0,
1430 0x3,0,0x78,0,0x78,0,0xf0,0,0x78,0,0,0,0,0,0,0,
1431 0,0,0,0,0,0,0,0,0x2,0,0,0,0,0,0,0,
1432 0x7e,0,0x1b,0,0x6b,0x34,0x1,0x7d,0x3,0x40,0x69,0x34,0x1,0x3c,0x3,0x40,
1433 0x7f,0x40,0,0,0,0,0xfe,0xfe,0,0,0,0,0,0xfe,0,0,
1434 0,0,0,0,0,0,0,0,0xb0,0xf8,0x50,0x9,0,0,0,0,
1435 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
1436 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
1437 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
1438 0x1,0,0xb0,0xf8,0x50,0x9,0xb0,0xf8,0x50,0x9,0x20,0x20,0x2,0,0xb6,0x42,
1439 0,0x80,0x8a,0,0x6,0x3c,0xa,0x3c,0xff,0xff,0xc6,0x7,0,0x1,0,0x8,
1440 0xf0,0xf,0,0x10,0x2,0,0x30,0,0,0,0,0,0,0,0x6,0xfe,
1441 0,0,0x2,0,0x50,0,0x8a,0,0x4f,0x95,0,0,0x21,0,0xb,0,
1442 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
1443 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
1444 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
1445 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
1446 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
1447 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
1448 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
1449 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
1450 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
1451 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
1452 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
1453 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0xa5,0x51,
1454 };
1455
1456 /* ATA Information VPD page */
inquiry_vpd_89(unsigned char * arr)1457 static int inquiry_vpd_89(unsigned char *arr)
1458 {
1459 memcpy(arr, vpd89_data, sizeof(vpd89_data));
1460 return sizeof(vpd89_data);
1461 }
1462
1463
1464 static unsigned char vpdb0_data[] = {
1465 /* from 4th byte */ 0,0,0,4, 0,0,0x4,0, 0,0,0,64,
1466 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
1467 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
1468 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
1469 };
1470
1471 /* Block limits VPD page (SBC-3) */
inquiry_vpd_b0(unsigned char * arr)1472 static int inquiry_vpd_b0(unsigned char *arr)
1473 {
1474 unsigned int gran;
1475
1476 memcpy(arr, vpdb0_data, sizeof(vpdb0_data));
1477
1478 /* Optimal transfer length granularity */
1479 if (sdebug_opt_xferlen_exp != 0 &&
1480 sdebug_physblk_exp < sdebug_opt_xferlen_exp)
1481 gran = 1 << sdebug_opt_xferlen_exp;
1482 else
1483 gran = 1 << sdebug_physblk_exp;
1484 put_unaligned_be16(gran, arr + 2);
1485
1486 /* Maximum Transfer Length */
1487 if (sdebug_store_sectors > 0x400)
1488 put_unaligned_be32(sdebug_store_sectors, arr + 4);
1489
1490 /* Optimal Transfer Length */
1491 put_unaligned_be32(sdebug_opt_blks, &arr[8]);
1492
1493 if (sdebug_lbpu) {
1494 /* Maximum Unmap LBA Count */
1495 put_unaligned_be32(sdebug_unmap_max_blocks, &arr[16]);
1496
1497 /* Maximum Unmap Block Descriptor Count */
1498 put_unaligned_be32(sdebug_unmap_max_desc, &arr[20]);
1499 }
1500
1501 /* Unmap Granularity Alignment */
1502 if (sdebug_unmap_alignment) {
1503 put_unaligned_be32(sdebug_unmap_alignment, &arr[28]);
1504 arr[28] |= 0x80; /* UGAVALID */
1505 }
1506
1507 /* Optimal Unmap Granularity */
1508 put_unaligned_be32(sdebug_unmap_granularity, &arr[24]);
1509
1510 /* Maximum WRITE SAME Length */
1511 put_unaligned_be64(sdebug_write_same_length, &arr[32]);
1512
1513 return 0x3c; /* Mandatory page length for Logical Block Provisioning */
1514
1515 return sizeof(vpdb0_data);
1516 }
1517
1518 /* Block device characteristics VPD page (SBC-3) */
inquiry_vpd_b1(struct sdebug_dev_info * devip,unsigned char * arr)1519 static int inquiry_vpd_b1(struct sdebug_dev_info *devip, unsigned char *arr)
1520 {
1521 memset(arr, 0, 0x3c);
1522 arr[0] = 0;
1523 arr[1] = 1; /* non rotating medium (e.g. solid state) */
1524 arr[2] = 0;
1525 arr[3] = 5; /* less than 1.8" */
1526 if (devip->zmodel == BLK_ZONED_HA)
1527 arr[4] = 1 << 4; /* zoned field = 01b */
1528
1529 return 0x3c;
1530 }
1531
1532 /* Logical block provisioning VPD page (SBC-4) */
inquiry_vpd_b2(unsigned char * arr)1533 static int inquiry_vpd_b2(unsigned char *arr)
1534 {
1535 memset(arr, 0, 0x4);
1536 arr[0] = 0; /* threshold exponent */
1537 if (sdebug_lbpu)
1538 arr[1] = 1 << 7;
1539 if (sdebug_lbpws)
1540 arr[1] |= 1 << 6;
1541 if (sdebug_lbpws10)
1542 arr[1] |= 1 << 5;
1543 if (sdebug_lbprz && scsi_debug_lbp())
1544 arr[1] |= (sdebug_lbprz & 0x7) << 2; /* sbc4r07 and later */
1545 /* anc_sup=0; dp=0 (no provisioning group descriptor) */
1546 /* minimum_percentage=0; provisioning_type=0 (unknown) */
1547 /* threshold_percentage=0 */
1548 return 0x4;
1549 }
1550
1551 /* Zoned block device characteristics VPD page (ZBC mandatory) */
inquiry_vpd_b6(struct sdebug_dev_info * devip,unsigned char * arr)1552 static int inquiry_vpd_b6(struct sdebug_dev_info *devip, unsigned char *arr)
1553 {
1554 memset(arr, 0, 0x3c);
1555 arr[0] = 0x1; /* set URSWRZ (unrestricted read in seq. wr req zone) */
1556 /*
1557 * Set Optimal number of open sequential write preferred zones and
1558 * Optimal number of non-sequentially written sequential write
1559 * preferred zones fields to 'not reported' (0xffffffff). Leave other
1560 * fields set to zero, apart from Max. number of open swrz_s field.
1561 */
1562 put_unaligned_be32(0xffffffff, &arr[4]);
1563 put_unaligned_be32(0xffffffff, &arr[8]);
1564 if (sdeb_zbc_model == BLK_ZONED_HM && devip->max_open)
1565 put_unaligned_be32(devip->max_open, &arr[12]);
1566 else
1567 put_unaligned_be32(0xffffffff, &arr[12]);
1568 if (devip->zcap < devip->zsize) {
1569 arr[19] = ZBC_CONSTANT_ZONE_START_OFFSET;
1570 put_unaligned_be64(devip->zsize, &arr[20]);
1571 } else {
1572 arr[19] = 0;
1573 }
1574 return 0x3c;
1575 }
1576
1577 #define SDEBUG_LONG_INQ_SZ 96
1578 #define SDEBUG_MAX_INQ_ARR_SZ 584
1579
resp_inquiry(struct scsi_cmnd * scp,struct sdebug_dev_info * devip)1580 static int resp_inquiry(struct scsi_cmnd *scp, struct sdebug_dev_info *devip)
1581 {
1582 unsigned char pq_pdt;
1583 unsigned char *arr;
1584 unsigned char *cmd = scp->cmnd;
1585 u32 alloc_len, n;
1586 int ret;
1587 bool have_wlun, is_disk, is_zbc, is_disk_zbc;
1588
1589 alloc_len = get_unaligned_be16(cmd + 3);
1590 arr = kzalloc(SDEBUG_MAX_INQ_ARR_SZ, GFP_ATOMIC);
1591 if (! arr)
1592 return DID_REQUEUE << 16;
1593 is_disk = (sdebug_ptype == TYPE_DISK);
1594 is_zbc = (devip->zmodel != BLK_ZONED_NONE);
1595 is_disk_zbc = (is_disk || is_zbc);
1596 have_wlun = scsi_is_wlun(scp->device->lun);
1597 if (have_wlun)
1598 pq_pdt = TYPE_WLUN; /* present, wlun */
1599 else if (sdebug_no_lun_0 && (devip->lun == SDEBUG_LUN_0_VAL))
1600 pq_pdt = 0x7f; /* not present, PQ=3, PDT=0x1f */
1601 else
1602 pq_pdt = (sdebug_ptype & 0x1f);
1603 arr[0] = pq_pdt;
1604 if (0x2 & cmd[1]) { /* CMDDT bit set */
1605 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 1, 1);
1606 kfree(arr);
1607 return check_condition_result;
1608 } else if (0x1 & cmd[1]) { /* EVPD bit set */
1609 int lu_id_num, port_group_id, target_dev_id;
1610 u32 len;
1611 char lu_id_str[6];
1612 int host_no = devip->sdbg_host->shost->host_no;
1613
1614 port_group_id = (((host_no + 1) & 0x7f) << 8) +
1615 (devip->channel & 0x7f);
1616 if (sdebug_vpd_use_hostno == 0)
1617 host_no = 0;
1618 lu_id_num = have_wlun ? -1 : (((host_no + 1) * 2000) +
1619 (devip->target * 1000) + devip->lun);
1620 target_dev_id = ((host_no + 1) * 2000) +
1621 (devip->target * 1000) - 3;
1622 len = scnprintf(lu_id_str, 6, "%d", lu_id_num);
1623 if (0 == cmd[2]) { /* supported vital product data pages */
1624 arr[1] = cmd[2]; /*sanity */
1625 n = 4;
1626 arr[n++] = 0x0; /* this page */
1627 arr[n++] = 0x80; /* unit serial number */
1628 arr[n++] = 0x83; /* device identification */
1629 arr[n++] = 0x84; /* software interface ident. */
1630 arr[n++] = 0x85; /* management network addresses */
1631 arr[n++] = 0x86; /* extended inquiry */
1632 arr[n++] = 0x87; /* mode page policy */
1633 arr[n++] = 0x88; /* SCSI ports */
1634 if (is_disk_zbc) { /* SBC or ZBC */
1635 arr[n++] = 0x89; /* ATA information */
1636 arr[n++] = 0xb0; /* Block limits */
1637 arr[n++] = 0xb1; /* Block characteristics */
1638 if (is_disk)
1639 arr[n++] = 0xb2; /* LB Provisioning */
1640 if (is_zbc)
1641 arr[n++] = 0xb6; /* ZB dev. char. */
1642 }
1643 arr[3] = n - 4; /* number of supported VPD pages */
1644 } else if (0x80 == cmd[2]) { /* unit serial number */
1645 arr[1] = cmd[2]; /*sanity */
1646 arr[3] = len;
1647 memcpy(&arr[4], lu_id_str, len);
1648 } else if (0x83 == cmd[2]) { /* device identification */
1649 arr[1] = cmd[2]; /*sanity */
1650 arr[3] = inquiry_vpd_83(&arr[4], port_group_id,
1651 target_dev_id, lu_id_num,
1652 lu_id_str, len,
1653 &devip->lu_name);
1654 } else if (0x84 == cmd[2]) { /* Software interface ident. */
1655 arr[1] = cmd[2]; /*sanity */
1656 arr[3] = inquiry_vpd_84(&arr[4]);
1657 } else if (0x85 == cmd[2]) { /* Management network addresses */
1658 arr[1] = cmd[2]; /*sanity */
1659 arr[3] = inquiry_vpd_85(&arr[4]);
1660 } else if (0x86 == cmd[2]) { /* extended inquiry */
1661 arr[1] = cmd[2]; /*sanity */
1662 arr[3] = 0x3c; /* number of following entries */
1663 if (sdebug_dif == T10_PI_TYPE3_PROTECTION)
1664 arr[4] = 0x4; /* SPT: GRD_CHK:1 */
1665 else if (have_dif_prot)
1666 arr[4] = 0x5; /* SPT: GRD_CHK:1, REF_CHK:1 */
1667 else
1668 arr[4] = 0x0; /* no protection stuff */
1669 arr[5] = 0x7; /* head of q, ordered + simple q's */
1670 } else if (0x87 == cmd[2]) { /* mode page policy */
1671 arr[1] = cmd[2]; /*sanity */
1672 arr[3] = 0x8; /* number of following entries */
1673 arr[4] = 0x2; /* disconnect-reconnect mp */
1674 arr[6] = 0x80; /* mlus, shared */
1675 arr[8] = 0x18; /* protocol specific lu */
1676 arr[10] = 0x82; /* mlus, per initiator port */
1677 } else if (0x88 == cmd[2]) { /* SCSI Ports */
1678 arr[1] = cmd[2]; /*sanity */
1679 arr[3] = inquiry_vpd_88(&arr[4], target_dev_id);
1680 } else if (is_disk_zbc && 0x89 == cmd[2]) { /* ATA info */
1681 arr[1] = cmd[2]; /*sanity */
1682 n = inquiry_vpd_89(&arr[4]);
1683 put_unaligned_be16(n, arr + 2);
1684 } else if (is_disk_zbc && 0xb0 == cmd[2]) { /* Block limits */
1685 arr[1] = cmd[2]; /*sanity */
1686 arr[3] = inquiry_vpd_b0(&arr[4]);
1687 } else if (is_disk_zbc && 0xb1 == cmd[2]) { /* Block char. */
1688 arr[1] = cmd[2]; /*sanity */
1689 arr[3] = inquiry_vpd_b1(devip, &arr[4]);
1690 } else if (is_disk && 0xb2 == cmd[2]) { /* LB Prov. */
1691 arr[1] = cmd[2]; /*sanity */
1692 arr[3] = inquiry_vpd_b2(&arr[4]);
1693 } else if (is_zbc && cmd[2] == 0xb6) { /* ZB dev. charact. */
1694 arr[1] = cmd[2]; /*sanity */
1695 arr[3] = inquiry_vpd_b6(devip, &arr[4]);
1696 } else {
1697 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 2, -1);
1698 kfree(arr);
1699 return check_condition_result;
1700 }
1701 len = min_t(u32, get_unaligned_be16(arr + 2) + 4, alloc_len);
1702 ret = fill_from_dev_buffer(scp, arr,
1703 min_t(u32, len, SDEBUG_MAX_INQ_ARR_SZ));
1704 kfree(arr);
1705 return ret;
1706 }
1707 /* drops through here for a standard inquiry */
1708 arr[1] = sdebug_removable ? 0x80 : 0; /* Removable disk */
1709 arr[2] = sdebug_scsi_level;
1710 arr[3] = 2; /* response_data_format==2 */
1711 arr[4] = SDEBUG_LONG_INQ_SZ - 5;
1712 arr[5] = (int)have_dif_prot; /* PROTECT bit */
1713 if (sdebug_vpd_use_hostno == 0)
1714 arr[5] |= 0x10; /* claim: implicit TPGS */
1715 arr[6] = 0x10; /* claim: MultiP */
1716 /* arr[6] |= 0x40; ... claim: EncServ (enclosure services) */
1717 arr[7] = 0xa; /* claim: LINKED + CMDQUE */
1718 memcpy(&arr[8], sdebug_inq_vendor_id, 8);
1719 memcpy(&arr[16], sdebug_inq_product_id, 16);
1720 memcpy(&arr[32], sdebug_inq_product_rev, 4);
1721 /* Use Vendor Specific area to place driver date in ASCII hex */
1722 memcpy(&arr[36], sdebug_version_date, 8);
1723 /* version descriptors (2 bytes each) follow */
1724 put_unaligned_be16(0xc0, arr + 58); /* SAM-6 no version claimed */
1725 put_unaligned_be16(0x5c0, arr + 60); /* SPC-5 no version claimed */
1726 n = 62;
1727 if (is_disk) { /* SBC-4 no version claimed */
1728 put_unaligned_be16(0x600, arr + n);
1729 n += 2;
1730 } else if (sdebug_ptype == TYPE_TAPE) { /* SSC-4 rev 3 */
1731 put_unaligned_be16(0x525, arr + n);
1732 n += 2;
1733 } else if (is_zbc) { /* ZBC BSR INCITS 536 revision 05 */
1734 put_unaligned_be16(0x624, arr + n);
1735 n += 2;
1736 }
1737 put_unaligned_be16(0x2100, arr + n); /* SPL-4 no version claimed */
1738 ret = fill_from_dev_buffer(scp, arr,
1739 min_t(u32, alloc_len, SDEBUG_LONG_INQ_SZ));
1740 kfree(arr);
1741 return ret;
1742 }
1743
1744 /* See resp_iec_m_pg() for how this data is manipulated */
1745 static unsigned char iec_m_pg[] = {0x1c, 0xa, 0x08, 0, 0, 0, 0, 0,
1746 0, 0, 0x0, 0x0};
1747
resp_requests(struct scsi_cmnd * scp,struct sdebug_dev_info * devip)1748 static int resp_requests(struct scsi_cmnd *scp,
1749 struct sdebug_dev_info *devip)
1750 {
1751 unsigned char *cmd = scp->cmnd;
1752 unsigned char arr[SCSI_SENSE_BUFFERSIZE]; /* assume >= 18 bytes */
1753 bool dsense = !!(cmd[1] & 1);
1754 u32 alloc_len = cmd[4];
1755 u32 len = 18;
1756 int stopped_state = atomic_read(&devip->stopped);
1757
1758 memset(arr, 0, sizeof(arr));
1759 if (stopped_state > 0) { /* some "pollable" data [spc6r02: 5.12.2] */
1760 if (dsense) {
1761 arr[0] = 0x72;
1762 arr[1] = NOT_READY;
1763 arr[2] = LOGICAL_UNIT_NOT_READY;
1764 arr[3] = (stopped_state == 2) ? 0x1 : 0x2;
1765 len = 8;
1766 } else {
1767 arr[0] = 0x70;
1768 arr[2] = NOT_READY; /* NO_SENSE in sense_key */
1769 arr[7] = 0xa; /* 18 byte sense buffer */
1770 arr[12] = LOGICAL_UNIT_NOT_READY;
1771 arr[13] = (stopped_state == 2) ? 0x1 : 0x2;
1772 }
1773 } else if ((iec_m_pg[2] & 0x4) && (6 == (iec_m_pg[3] & 0xf))) {
1774 /* Information exceptions control mode page: TEST=1, MRIE=6 */
1775 if (dsense) {
1776 arr[0] = 0x72;
1777 arr[1] = 0x0; /* NO_SENSE in sense_key */
1778 arr[2] = THRESHOLD_EXCEEDED;
1779 arr[3] = 0xff; /* Failure prediction(false) */
1780 len = 8;
1781 } else {
1782 arr[0] = 0x70;
1783 arr[2] = 0x0; /* NO_SENSE in sense_key */
1784 arr[7] = 0xa; /* 18 byte sense buffer */
1785 arr[12] = THRESHOLD_EXCEEDED;
1786 arr[13] = 0xff; /* Failure prediction(false) */
1787 }
1788 } else { /* nothing to report */
1789 if (dsense) {
1790 len = 8;
1791 memset(arr, 0, len);
1792 arr[0] = 0x72;
1793 } else {
1794 memset(arr, 0, len);
1795 arr[0] = 0x70;
1796 arr[7] = 0xa;
1797 }
1798 }
1799 return fill_from_dev_buffer(scp, arr, min_t(u32, len, alloc_len));
1800 }
1801
resp_start_stop(struct scsi_cmnd * scp,struct sdebug_dev_info * devip)1802 static int resp_start_stop(struct scsi_cmnd *scp, struct sdebug_dev_info *devip)
1803 {
1804 unsigned char *cmd = scp->cmnd;
1805 int power_cond, want_stop, stopped_state;
1806 bool changing;
1807
1808 power_cond = (cmd[4] & 0xf0) >> 4;
1809 if (power_cond) {
1810 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 4, 7);
1811 return check_condition_result;
1812 }
1813 want_stop = !(cmd[4] & 1);
1814 stopped_state = atomic_read(&devip->stopped);
1815 if (stopped_state == 2) {
1816 ktime_t now_ts = ktime_get_boottime();
1817
1818 if (ktime_to_ns(now_ts) > ktime_to_ns(devip->create_ts)) {
1819 u64 diff_ns = ktime_to_ns(ktime_sub(now_ts, devip->create_ts));
1820
1821 if (diff_ns >= ((u64)sdeb_tur_ms_to_ready * 1000000)) {
1822 /* tur_ms_to_ready timer extinguished */
1823 atomic_set(&devip->stopped, 0);
1824 stopped_state = 0;
1825 }
1826 }
1827 if (stopped_state == 2) {
1828 if (want_stop) {
1829 stopped_state = 1; /* dummy up success */
1830 } else { /* Disallow tur_ms_to_ready delay to be overridden */
1831 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 4, 0 /* START bit */);
1832 return check_condition_result;
1833 }
1834 }
1835 }
1836 changing = (stopped_state != want_stop);
1837 if (changing)
1838 atomic_xchg(&devip->stopped, want_stop);
1839 if (!changing || (cmd[1] & 0x1)) /* state unchanged or IMMED bit set in cdb */
1840 return SDEG_RES_IMMED_MASK;
1841 else
1842 return 0;
1843 }
1844
get_sdebug_capacity(void)1845 static sector_t get_sdebug_capacity(void)
1846 {
1847 static const unsigned int gibibyte = 1073741824;
1848
1849 if (sdebug_virtual_gb > 0)
1850 return (sector_t)sdebug_virtual_gb *
1851 (gibibyte / sdebug_sector_size);
1852 else
1853 return sdebug_store_sectors;
1854 }
1855
1856 #define SDEBUG_READCAP_ARR_SZ 8
resp_readcap(struct scsi_cmnd * scp,struct sdebug_dev_info * devip)1857 static int resp_readcap(struct scsi_cmnd *scp,
1858 struct sdebug_dev_info *devip)
1859 {
1860 unsigned char arr[SDEBUG_READCAP_ARR_SZ];
1861 unsigned int capac;
1862
1863 /* following just in case virtual_gb changed */
1864 sdebug_capacity = get_sdebug_capacity();
1865 memset(arr, 0, SDEBUG_READCAP_ARR_SZ);
1866 if (sdebug_capacity < 0xffffffff) {
1867 capac = (unsigned int)sdebug_capacity - 1;
1868 put_unaligned_be32(capac, arr + 0);
1869 } else
1870 put_unaligned_be32(0xffffffff, arr + 0);
1871 put_unaligned_be16(sdebug_sector_size, arr + 6);
1872 return fill_from_dev_buffer(scp, arr, SDEBUG_READCAP_ARR_SZ);
1873 }
1874
1875 #define SDEBUG_READCAP16_ARR_SZ 32
resp_readcap16(struct scsi_cmnd * scp,struct sdebug_dev_info * devip)1876 static int resp_readcap16(struct scsi_cmnd *scp,
1877 struct sdebug_dev_info *devip)
1878 {
1879 unsigned char *cmd = scp->cmnd;
1880 unsigned char arr[SDEBUG_READCAP16_ARR_SZ];
1881 u32 alloc_len;
1882
1883 alloc_len = get_unaligned_be32(cmd + 10);
1884 /* following just in case virtual_gb changed */
1885 sdebug_capacity = get_sdebug_capacity();
1886 memset(arr, 0, SDEBUG_READCAP16_ARR_SZ);
1887 put_unaligned_be64((u64)(sdebug_capacity - 1), arr + 0);
1888 put_unaligned_be32(sdebug_sector_size, arr + 8);
1889 arr[13] = sdebug_physblk_exp & 0xf;
1890 arr[14] = (sdebug_lowest_aligned >> 8) & 0x3f;
1891
1892 if (scsi_debug_lbp()) {
1893 arr[14] |= 0x80; /* LBPME */
1894 /* from sbc4r07, this LBPRZ field is 1 bit, but the LBPRZ in
1895 * the LB Provisioning VPD page is 3 bits. Note that lbprz=2
1896 * in the wider field maps to 0 in this field.
1897 */
1898 if (sdebug_lbprz & 1) /* precisely what the draft requires */
1899 arr[14] |= 0x40;
1900 }
1901
1902 arr[15] = sdebug_lowest_aligned & 0xff;
1903
1904 if (have_dif_prot) {
1905 arr[12] = (sdebug_dif - 1) << 1; /* P_TYPE */
1906 arr[12] |= 1; /* PROT_EN */
1907 }
1908
1909 return fill_from_dev_buffer(scp, arr,
1910 min_t(u32, alloc_len, SDEBUG_READCAP16_ARR_SZ));
1911 }
1912
1913 #define SDEBUG_MAX_TGTPGS_ARR_SZ 1412
1914
resp_report_tgtpgs(struct scsi_cmnd * scp,struct sdebug_dev_info * devip)1915 static int resp_report_tgtpgs(struct scsi_cmnd *scp,
1916 struct sdebug_dev_info *devip)
1917 {
1918 unsigned char *cmd = scp->cmnd;
1919 unsigned char *arr;
1920 int host_no = devip->sdbg_host->shost->host_no;
1921 int port_group_a, port_group_b, port_a, port_b;
1922 u32 alen, n, rlen;
1923 int ret;
1924
1925 alen = get_unaligned_be32(cmd + 6);
1926 arr = kzalloc(SDEBUG_MAX_TGTPGS_ARR_SZ, GFP_ATOMIC);
1927 if (! arr)
1928 return DID_REQUEUE << 16;
1929 /*
1930 * EVPD page 0x88 states we have two ports, one
1931 * real and a fake port with no device connected.
1932 * So we create two port groups with one port each
1933 * and set the group with port B to unavailable.
1934 */
1935 port_a = 0x1; /* relative port A */
1936 port_b = 0x2; /* relative port B */
1937 port_group_a = (((host_no + 1) & 0x7f) << 8) +
1938 (devip->channel & 0x7f);
1939 port_group_b = (((host_no + 1) & 0x7f) << 8) +
1940 (devip->channel & 0x7f) + 0x80;
1941
1942 /*
1943 * The asymmetric access state is cycled according to the host_id.
1944 */
1945 n = 4;
1946 if (sdebug_vpd_use_hostno == 0) {
1947 arr[n++] = host_no % 3; /* Asymm access state */
1948 arr[n++] = 0x0F; /* claim: all states are supported */
1949 } else {
1950 arr[n++] = 0x0; /* Active/Optimized path */
1951 arr[n++] = 0x01; /* only support active/optimized paths */
1952 }
1953 put_unaligned_be16(port_group_a, arr + n);
1954 n += 2;
1955 arr[n++] = 0; /* Reserved */
1956 arr[n++] = 0; /* Status code */
1957 arr[n++] = 0; /* Vendor unique */
1958 arr[n++] = 0x1; /* One port per group */
1959 arr[n++] = 0; /* Reserved */
1960 arr[n++] = 0; /* Reserved */
1961 put_unaligned_be16(port_a, arr + n);
1962 n += 2;
1963 arr[n++] = 3; /* Port unavailable */
1964 arr[n++] = 0x08; /* claim: only unavailalbe paths are supported */
1965 put_unaligned_be16(port_group_b, arr + n);
1966 n += 2;
1967 arr[n++] = 0; /* Reserved */
1968 arr[n++] = 0; /* Status code */
1969 arr[n++] = 0; /* Vendor unique */
1970 arr[n++] = 0x1; /* One port per group */
1971 arr[n++] = 0; /* Reserved */
1972 arr[n++] = 0; /* Reserved */
1973 put_unaligned_be16(port_b, arr + n);
1974 n += 2;
1975
1976 rlen = n - 4;
1977 put_unaligned_be32(rlen, arr + 0);
1978
1979 /*
1980 * Return the smallest value of either
1981 * - The allocated length
1982 * - The constructed command length
1983 * - The maximum array size
1984 */
1985 rlen = min(alen, n);
1986 ret = fill_from_dev_buffer(scp, arr,
1987 min_t(u32, rlen, SDEBUG_MAX_TGTPGS_ARR_SZ));
1988 kfree(arr);
1989 return ret;
1990 }
1991
resp_rsup_opcodes(struct scsi_cmnd * scp,struct sdebug_dev_info * devip)1992 static int resp_rsup_opcodes(struct scsi_cmnd *scp,
1993 struct sdebug_dev_info *devip)
1994 {
1995 bool rctd;
1996 u8 reporting_opts, req_opcode, sdeb_i, supp;
1997 u16 req_sa, u;
1998 u32 alloc_len, a_len;
1999 int k, offset, len, errsts, count, bump, na;
2000 const struct opcode_info_t *oip;
2001 const struct opcode_info_t *r_oip;
2002 u8 *arr;
2003 u8 *cmd = scp->cmnd;
2004
2005 rctd = !!(cmd[2] & 0x80);
2006 reporting_opts = cmd[2] & 0x7;
2007 req_opcode = cmd[3];
2008 req_sa = get_unaligned_be16(cmd + 4);
2009 alloc_len = get_unaligned_be32(cmd + 6);
2010 if (alloc_len < 4 || alloc_len > 0xffff) {
2011 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 6, -1);
2012 return check_condition_result;
2013 }
2014 if (alloc_len > 8192)
2015 a_len = 8192;
2016 else
2017 a_len = alloc_len;
2018 arr = kzalloc((a_len < 256) ? 320 : a_len + 64, GFP_ATOMIC);
2019 if (NULL == arr) {
2020 mk_sense_buffer(scp, ILLEGAL_REQUEST, INSUFF_RES_ASC,
2021 INSUFF_RES_ASCQ);
2022 return check_condition_result;
2023 }
2024 switch (reporting_opts) {
2025 case 0: /* all commands */
2026 /* count number of commands */
2027 for (count = 0, oip = opcode_info_arr;
2028 oip->num_attached != 0xff; ++oip) {
2029 if (F_INV_OP & oip->flags)
2030 continue;
2031 count += (oip->num_attached + 1);
2032 }
2033 bump = rctd ? 20 : 8;
2034 put_unaligned_be32(count * bump, arr);
2035 for (offset = 4, oip = opcode_info_arr;
2036 oip->num_attached != 0xff && offset < a_len; ++oip) {
2037 if (F_INV_OP & oip->flags)
2038 continue;
2039 na = oip->num_attached;
2040 arr[offset] = oip->opcode;
2041 put_unaligned_be16(oip->sa, arr + offset + 2);
2042 if (rctd)
2043 arr[offset + 5] |= 0x2;
2044 if (FF_SA & oip->flags)
2045 arr[offset + 5] |= 0x1;
2046 put_unaligned_be16(oip->len_mask[0], arr + offset + 6);
2047 if (rctd)
2048 put_unaligned_be16(0xa, arr + offset + 8);
2049 r_oip = oip;
2050 for (k = 0, oip = oip->arrp; k < na; ++k, ++oip) {
2051 if (F_INV_OP & oip->flags)
2052 continue;
2053 offset += bump;
2054 arr[offset] = oip->opcode;
2055 put_unaligned_be16(oip->sa, arr + offset + 2);
2056 if (rctd)
2057 arr[offset + 5] |= 0x2;
2058 if (FF_SA & oip->flags)
2059 arr[offset + 5] |= 0x1;
2060 put_unaligned_be16(oip->len_mask[0],
2061 arr + offset + 6);
2062 if (rctd)
2063 put_unaligned_be16(0xa,
2064 arr + offset + 8);
2065 }
2066 oip = r_oip;
2067 offset += bump;
2068 }
2069 break;
2070 case 1: /* one command: opcode only */
2071 case 2: /* one command: opcode plus service action */
2072 case 3: /* one command: if sa==0 then opcode only else opcode+sa */
2073 sdeb_i = opcode_ind_arr[req_opcode];
2074 oip = &opcode_info_arr[sdeb_i];
2075 if (F_INV_OP & oip->flags) {
2076 supp = 1;
2077 offset = 4;
2078 } else {
2079 if (1 == reporting_opts) {
2080 if (FF_SA & oip->flags) {
2081 mk_sense_invalid_fld(scp, SDEB_IN_CDB,
2082 2, 2);
2083 kfree(arr);
2084 return check_condition_result;
2085 }
2086 req_sa = 0;
2087 } else if (2 == reporting_opts &&
2088 0 == (FF_SA & oip->flags)) {
2089 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 4, -1);
2090 kfree(arr); /* point at requested sa */
2091 return check_condition_result;
2092 }
2093 if (0 == (FF_SA & oip->flags) &&
2094 req_opcode == oip->opcode)
2095 supp = 3;
2096 else if (0 == (FF_SA & oip->flags)) {
2097 na = oip->num_attached;
2098 for (k = 0, oip = oip->arrp; k < na;
2099 ++k, ++oip) {
2100 if (req_opcode == oip->opcode)
2101 break;
2102 }
2103 supp = (k >= na) ? 1 : 3;
2104 } else if (req_sa != oip->sa) {
2105 na = oip->num_attached;
2106 for (k = 0, oip = oip->arrp; k < na;
2107 ++k, ++oip) {
2108 if (req_sa == oip->sa)
2109 break;
2110 }
2111 supp = (k >= na) ? 1 : 3;
2112 } else
2113 supp = 3;
2114 if (3 == supp) {
2115 u = oip->len_mask[0];
2116 put_unaligned_be16(u, arr + 2);
2117 arr[4] = oip->opcode;
2118 for (k = 1; k < u; ++k)
2119 arr[4 + k] = (k < 16) ?
2120 oip->len_mask[k] : 0xff;
2121 offset = 4 + u;
2122 } else
2123 offset = 4;
2124 }
2125 arr[1] = (rctd ? 0x80 : 0) | supp;
2126 if (rctd) {
2127 put_unaligned_be16(0xa, arr + offset);
2128 offset += 12;
2129 }
2130 break;
2131 default:
2132 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 2, 2);
2133 kfree(arr);
2134 return check_condition_result;
2135 }
2136 offset = (offset < a_len) ? offset : a_len;
2137 len = (offset < alloc_len) ? offset : alloc_len;
2138 errsts = fill_from_dev_buffer(scp, arr, len);
2139 kfree(arr);
2140 return errsts;
2141 }
2142
resp_rsup_tmfs(struct scsi_cmnd * scp,struct sdebug_dev_info * devip)2143 static int resp_rsup_tmfs(struct scsi_cmnd *scp,
2144 struct sdebug_dev_info *devip)
2145 {
2146 bool repd;
2147 u32 alloc_len, len;
2148 u8 arr[16];
2149 u8 *cmd = scp->cmnd;
2150
2151 memset(arr, 0, sizeof(arr));
2152 repd = !!(cmd[2] & 0x80);
2153 alloc_len = get_unaligned_be32(cmd + 6);
2154 if (alloc_len < 4) {
2155 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 6, -1);
2156 return check_condition_result;
2157 }
2158 arr[0] = 0xc8; /* ATS | ATSS | LURS */
2159 arr[1] = 0x1; /* ITNRS */
2160 if (repd) {
2161 arr[3] = 0xc;
2162 len = 16;
2163 } else
2164 len = 4;
2165
2166 len = (len < alloc_len) ? len : alloc_len;
2167 return fill_from_dev_buffer(scp, arr, len);
2168 }
2169
2170 /* <<Following mode page info copied from ST318451LW>> */
2171
resp_err_recov_pg(unsigned char * p,int pcontrol,int target)2172 static int resp_err_recov_pg(unsigned char *p, int pcontrol, int target)
2173 { /* Read-Write Error Recovery page for mode_sense */
2174 unsigned char err_recov_pg[] = {0x1, 0xa, 0xc0, 11, 240, 0, 0, 0,
2175 5, 0, 0xff, 0xff};
2176
2177 memcpy(p, err_recov_pg, sizeof(err_recov_pg));
2178 if (1 == pcontrol)
2179 memset(p + 2, 0, sizeof(err_recov_pg) - 2);
2180 return sizeof(err_recov_pg);
2181 }
2182
resp_disconnect_pg(unsigned char * p,int pcontrol,int target)2183 static int resp_disconnect_pg(unsigned char *p, int pcontrol, int target)
2184 { /* Disconnect-Reconnect page for mode_sense */
2185 unsigned char disconnect_pg[] = {0x2, 0xe, 128, 128, 0, 10, 0, 0,
2186 0, 0, 0, 0, 0, 0, 0, 0};
2187
2188 memcpy(p, disconnect_pg, sizeof(disconnect_pg));
2189 if (1 == pcontrol)
2190 memset(p + 2, 0, sizeof(disconnect_pg) - 2);
2191 return sizeof(disconnect_pg);
2192 }
2193
resp_format_pg(unsigned char * p,int pcontrol,int target)2194 static int resp_format_pg(unsigned char *p, int pcontrol, int target)
2195 { /* Format device page for mode_sense */
2196 unsigned char format_pg[] = {0x3, 0x16, 0, 0, 0, 0, 0, 0,
2197 0, 0, 0, 0, 0, 0, 0, 0,
2198 0, 0, 0, 0, 0x40, 0, 0, 0};
2199
2200 memcpy(p, format_pg, sizeof(format_pg));
2201 put_unaligned_be16(sdebug_sectors_per, p + 10);
2202 put_unaligned_be16(sdebug_sector_size, p + 12);
2203 if (sdebug_removable)
2204 p[20] |= 0x20; /* should agree with INQUIRY */
2205 if (1 == pcontrol)
2206 memset(p + 2, 0, sizeof(format_pg) - 2);
2207 return sizeof(format_pg);
2208 }
2209
2210 static unsigned char caching_pg[] = {0x8, 18, 0x14, 0, 0xff, 0xff, 0, 0,
2211 0xff, 0xff, 0xff, 0xff, 0x80, 0x14, 0, 0,
2212 0, 0, 0, 0};
2213
resp_caching_pg(unsigned char * p,int pcontrol,int target)2214 static int resp_caching_pg(unsigned char *p, int pcontrol, int target)
2215 { /* Caching page for mode_sense */
2216 unsigned char ch_caching_pg[] = {/* 0x8, 18, */ 0x4, 0, 0, 0, 0, 0,
2217 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0};
2218 unsigned char d_caching_pg[] = {0x8, 18, 0x14, 0, 0xff, 0xff, 0, 0,
2219 0xff, 0xff, 0xff, 0xff, 0x80, 0x14, 0, 0, 0, 0, 0, 0};
2220
2221 if (SDEBUG_OPT_N_WCE & sdebug_opts)
2222 caching_pg[2] &= ~0x4; /* set WCE=0 (default WCE=1) */
2223 memcpy(p, caching_pg, sizeof(caching_pg));
2224 if (1 == pcontrol)
2225 memcpy(p + 2, ch_caching_pg, sizeof(ch_caching_pg));
2226 else if (2 == pcontrol)
2227 memcpy(p, d_caching_pg, sizeof(d_caching_pg));
2228 return sizeof(caching_pg);
2229 }
2230
2231 static unsigned char ctrl_m_pg[] = {0xa, 10, 2, 0, 0, 0, 0, 0,
2232 0, 0, 0x2, 0x4b};
2233
resp_ctrl_m_pg(unsigned char * p,int pcontrol,int target)2234 static int resp_ctrl_m_pg(unsigned char *p, int pcontrol, int target)
2235 { /* Control mode page for mode_sense */
2236 unsigned char ch_ctrl_m_pg[] = {/* 0xa, 10, */ 0x6, 0, 0, 0, 0, 0,
2237 0, 0, 0, 0};
2238 unsigned char d_ctrl_m_pg[] = {0xa, 10, 2, 0, 0, 0, 0, 0,
2239 0, 0, 0x2, 0x4b};
2240
2241 if (sdebug_dsense)
2242 ctrl_m_pg[2] |= 0x4;
2243 else
2244 ctrl_m_pg[2] &= ~0x4;
2245
2246 if (sdebug_ato)
2247 ctrl_m_pg[5] |= 0x80; /* ATO=1 */
2248
2249 memcpy(p, ctrl_m_pg, sizeof(ctrl_m_pg));
2250 if (1 == pcontrol)
2251 memcpy(p + 2, ch_ctrl_m_pg, sizeof(ch_ctrl_m_pg));
2252 else if (2 == pcontrol)
2253 memcpy(p, d_ctrl_m_pg, sizeof(d_ctrl_m_pg));
2254 return sizeof(ctrl_m_pg);
2255 }
2256
2257
resp_iec_m_pg(unsigned char * p,int pcontrol,int target)2258 static int resp_iec_m_pg(unsigned char *p, int pcontrol, int target)
2259 { /* Informational Exceptions control mode page for mode_sense */
2260 unsigned char ch_iec_m_pg[] = {/* 0x1c, 0xa, */ 0x4, 0xf, 0, 0, 0, 0,
2261 0, 0, 0x0, 0x0};
2262 unsigned char d_iec_m_pg[] = {0x1c, 0xa, 0x08, 0, 0, 0, 0, 0,
2263 0, 0, 0x0, 0x0};
2264
2265 memcpy(p, iec_m_pg, sizeof(iec_m_pg));
2266 if (1 == pcontrol)
2267 memcpy(p + 2, ch_iec_m_pg, sizeof(ch_iec_m_pg));
2268 else if (2 == pcontrol)
2269 memcpy(p, d_iec_m_pg, sizeof(d_iec_m_pg));
2270 return sizeof(iec_m_pg);
2271 }
2272
resp_sas_sf_m_pg(unsigned char * p,int pcontrol,int target)2273 static int resp_sas_sf_m_pg(unsigned char *p, int pcontrol, int target)
2274 { /* SAS SSP mode page - short format for mode_sense */
2275 unsigned char sas_sf_m_pg[] = {0x19, 0x6,
2276 0x6, 0x0, 0x7, 0xd0, 0x0, 0x0};
2277
2278 memcpy(p, sas_sf_m_pg, sizeof(sas_sf_m_pg));
2279 if (1 == pcontrol)
2280 memset(p + 2, 0, sizeof(sas_sf_m_pg) - 2);
2281 return sizeof(sas_sf_m_pg);
2282 }
2283
2284
resp_sas_pcd_m_spg(unsigned char * p,int pcontrol,int target,int target_dev_id)2285 static int resp_sas_pcd_m_spg(unsigned char *p, int pcontrol, int target,
2286 int target_dev_id)
2287 { /* SAS phy control and discover mode page for mode_sense */
2288 unsigned char sas_pcd_m_pg[] = {0x59, 0x1, 0, 0x64, 0, 0x6, 0, 2,
2289 0, 0, 0, 0, 0x10, 0x9, 0x8, 0x0,
2290 0, 0, 0, 0, 0, 0, 0, 0, /* insert SAS addr */
2291 0, 0, 0, 0, 0, 0, 0, 0, /* insert SAS addr */
2292 0x2, 0, 0, 0, 0, 0, 0, 0,
2293 0x88, 0x99, 0, 0, 0, 0, 0, 0,
2294 0, 0, 0, 0, 0, 0, 0, 0,
2295 0, 1, 0, 0, 0x10, 0x9, 0x8, 0x0,
2296 0, 0, 0, 0, 0, 0, 0, 0, /* insert SAS addr */
2297 0, 0, 0, 0, 0, 0, 0, 0, /* insert SAS addr */
2298 0x3, 0, 0, 0, 0, 0, 0, 0,
2299 0x88, 0x99, 0, 0, 0, 0, 0, 0,
2300 0, 0, 0, 0, 0, 0, 0, 0,
2301 };
2302 int port_a, port_b;
2303
2304 put_unaligned_be64(naa3_comp_a, sas_pcd_m_pg + 16);
2305 put_unaligned_be64(naa3_comp_c + 1, sas_pcd_m_pg + 24);
2306 put_unaligned_be64(naa3_comp_a, sas_pcd_m_pg + 64);
2307 put_unaligned_be64(naa3_comp_c + 1, sas_pcd_m_pg + 72);
2308 port_a = target_dev_id + 1;
2309 port_b = port_a + 1;
2310 memcpy(p, sas_pcd_m_pg, sizeof(sas_pcd_m_pg));
2311 put_unaligned_be32(port_a, p + 20);
2312 put_unaligned_be32(port_b, p + 48 + 20);
2313 if (1 == pcontrol)
2314 memset(p + 4, 0, sizeof(sas_pcd_m_pg) - 4);
2315 return sizeof(sas_pcd_m_pg);
2316 }
2317
resp_sas_sha_m_spg(unsigned char * p,int pcontrol)2318 static int resp_sas_sha_m_spg(unsigned char *p, int pcontrol)
2319 { /* SAS SSP shared protocol specific port mode subpage */
2320 unsigned char sas_sha_m_pg[] = {0x59, 0x2, 0, 0xc, 0, 0x6, 0x10, 0,
2321 0, 0, 0, 0, 0, 0, 0, 0,
2322 };
2323
2324 memcpy(p, sas_sha_m_pg, sizeof(sas_sha_m_pg));
2325 if (1 == pcontrol)
2326 memset(p + 4, 0, sizeof(sas_sha_m_pg) - 4);
2327 return sizeof(sas_sha_m_pg);
2328 }
2329
2330 #define SDEBUG_MAX_MSENSE_SZ 256
2331
resp_mode_sense(struct scsi_cmnd * scp,struct sdebug_dev_info * devip)2332 static int resp_mode_sense(struct scsi_cmnd *scp,
2333 struct sdebug_dev_info *devip)
2334 {
2335 int pcontrol, pcode, subpcode, bd_len;
2336 unsigned char dev_spec;
2337 u32 alloc_len, offset, len;
2338 int target_dev_id;
2339 int target = scp->device->id;
2340 unsigned char *ap;
2341 unsigned char arr[SDEBUG_MAX_MSENSE_SZ];
2342 unsigned char *cmd = scp->cmnd;
2343 bool dbd, llbaa, msense_6, is_disk, is_zbc, bad_pcode;
2344
2345 dbd = !!(cmd[1] & 0x8); /* disable block descriptors */
2346 pcontrol = (cmd[2] & 0xc0) >> 6;
2347 pcode = cmd[2] & 0x3f;
2348 subpcode = cmd[3];
2349 msense_6 = (MODE_SENSE == cmd[0]);
2350 llbaa = msense_6 ? false : !!(cmd[1] & 0x10);
2351 is_disk = (sdebug_ptype == TYPE_DISK);
2352 is_zbc = (devip->zmodel != BLK_ZONED_NONE);
2353 if ((is_disk || is_zbc) && !dbd)
2354 bd_len = llbaa ? 16 : 8;
2355 else
2356 bd_len = 0;
2357 alloc_len = msense_6 ? cmd[4] : get_unaligned_be16(cmd + 7);
2358 memset(arr, 0, SDEBUG_MAX_MSENSE_SZ);
2359 if (0x3 == pcontrol) { /* Saving values not supported */
2360 mk_sense_buffer(scp, ILLEGAL_REQUEST, SAVING_PARAMS_UNSUP, 0);
2361 return check_condition_result;
2362 }
2363 target_dev_id = ((devip->sdbg_host->shost->host_no + 1) * 2000) +
2364 (devip->target * 1000) - 3;
2365 /* for disks+zbc set DPOFUA bit and clear write protect (WP) bit */
2366 if (is_disk || is_zbc) {
2367 dev_spec = 0x10; /* =0x90 if WP=1 implies read-only */
2368 if (sdebug_wp)
2369 dev_spec |= 0x80;
2370 } else
2371 dev_spec = 0x0;
2372 if (msense_6) {
2373 arr[2] = dev_spec;
2374 arr[3] = bd_len;
2375 offset = 4;
2376 } else {
2377 arr[3] = dev_spec;
2378 if (16 == bd_len)
2379 arr[4] = 0x1; /* set LONGLBA bit */
2380 arr[7] = bd_len; /* assume 255 or less */
2381 offset = 8;
2382 }
2383 ap = arr + offset;
2384 if ((bd_len > 0) && (!sdebug_capacity))
2385 sdebug_capacity = get_sdebug_capacity();
2386
2387 if (8 == bd_len) {
2388 if (sdebug_capacity > 0xfffffffe)
2389 put_unaligned_be32(0xffffffff, ap + 0);
2390 else
2391 put_unaligned_be32(sdebug_capacity, ap + 0);
2392 put_unaligned_be16(sdebug_sector_size, ap + 6);
2393 offset += bd_len;
2394 ap = arr + offset;
2395 } else if (16 == bd_len) {
2396 put_unaligned_be64((u64)sdebug_capacity, ap + 0);
2397 put_unaligned_be32(sdebug_sector_size, ap + 12);
2398 offset += bd_len;
2399 ap = arr + offset;
2400 }
2401
2402 if ((subpcode > 0x0) && (subpcode < 0xff) && (0x19 != pcode)) {
2403 /* TODO: Control Extension page */
2404 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 3, -1);
2405 return check_condition_result;
2406 }
2407 bad_pcode = false;
2408
2409 switch (pcode) {
2410 case 0x1: /* Read-Write error recovery page, direct access */
2411 len = resp_err_recov_pg(ap, pcontrol, target);
2412 offset += len;
2413 break;
2414 case 0x2: /* Disconnect-Reconnect page, all devices */
2415 len = resp_disconnect_pg(ap, pcontrol, target);
2416 offset += len;
2417 break;
2418 case 0x3: /* Format device page, direct access */
2419 if (is_disk) {
2420 len = resp_format_pg(ap, pcontrol, target);
2421 offset += len;
2422 } else
2423 bad_pcode = true;
2424 break;
2425 case 0x8: /* Caching page, direct access */
2426 if (is_disk || is_zbc) {
2427 len = resp_caching_pg(ap, pcontrol, target);
2428 offset += len;
2429 } else
2430 bad_pcode = true;
2431 break;
2432 case 0xa: /* Control Mode page, all devices */
2433 len = resp_ctrl_m_pg(ap, pcontrol, target);
2434 offset += len;
2435 break;
2436 case 0x19: /* if spc==1 then sas phy, control+discover */
2437 if ((subpcode > 0x2) && (subpcode < 0xff)) {
2438 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 3, -1);
2439 return check_condition_result;
2440 }
2441 len = 0;
2442 if ((0x0 == subpcode) || (0xff == subpcode))
2443 len += resp_sas_sf_m_pg(ap + len, pcontrol, target);
2444 if ((0x1 == subpcode) || (0xff == subpcode))
2445 len += resp_sas_pcd_m_spg(ap + len, pcontrol, target,
2446 target_dev_id);
2447 if ((0x2 == subpcode) || (0xff == subpcode))
2448 len += resp_sas_sha_m_spg(ap + len, pcontrol);
2449 offset += len;
2450 break;
2451 case 0x1c: /* Informational Exceptions Mode page, all devices */
2452 len = resp_iec_m_pg(ap, pcontrol, target);
2453 offset += len;
2454 break;
2455 case 0x3f: /* Read all Mode pages */
2456 if ((0 == subpcode) || (0xff == subpcode)) {
2457 len = resp_err_recov_pg(ap, pcontrol, target);
2458 len += resp_disconnect_pg(ap + len, pcontrol, target);
2459 if (is_disk) {
2460 len += resp_format_pg(ap + len, pcontrol,
2461 target);
2462 len += resp_caching_pg(ap + len, pcontrol,
2463 target);
2464 } else if (is_zbc) {
2465 len += resp_caching_pg(ap + len, pcontrol,
2466 target);
2467 }
2468 len += resp_ctrl_m_pg(ap + len, pcontrol, target);
2469 len += resp_sas_sf_m_pg(ap + len, pcontrol, target);
2470 if (0xff == subpcode) {
2471 len += resp_sas_pcd_m_spg(ap + len, pcontrol,
2472 target, target_dev_id);
2473 len += resp_sas_sha_m_spg(ap + len, pcontrol);
2474 }
2475 len += resp_iec_m_pg(ap + len, pcontrol, target);
2476 offset += len;
2477 } else {
2478 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 3, -1);
2479 return check_condition_result;
2480 }
2481 break;
2482 default:
2483 bad_pcode = true;
2484 break;
2485 }
2486 if (bad_pcode) {
2487 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 2, 5);
2488 return check_condition_result;
2489 }
2490 if (msense_6)
2491 arr[0] = offset - 1;
2492 else
2493 put_unaligned_be16((offset - 2), arr + 0);
2494 return fill_from_dev_buffer(scp, arr, min_t(u32, alloc_len, offset));
2495 }
2496
2497 #define SDEBUG_MAX_MSELECT_SZ 512
2498
resp_mode_select(struct scsi_cmnd * scp,struct sdebug_dev_info * devip)2499 static int resp_mode_select(struct scsi_cmnd *scp,
2500 struct sdebug_dev_info *devip)
2501 {
2502 int pf, sp, ps, md_len, bd_len, off, spf, pg_len;
2503 int param_len, res, mpage;
2504 unsigned char arr[SDEBUG_MAX_MSELECT_SZ];
2505 unsigned char *cmd = scp->cmnd;
2506 int mselect6 = (MODE_SELECT == cmd[0]);
2507
2508 memset(arr, 0, sizeof(arr));
2509 pf = cmd[1] & 0x10;
2510 sp = cmd[1] & 0x1;
2511 param_len = mselect6 ? cmd[4] : get_unaligned_be16(cmd + 7);
2512 if ((0 == pf) || sp || (param_len > SDEBUG_MAX_MSELECT_SZ)) {
2513 mk_sense_invalid_fld(scp, SDEB_IN_CDB, mselect6 ? 4 : 7, -1);
2514 return check_condition_result;
2515 }
2516 res = fetch_to_dev_buffer(scp, arr, param_len);
2517 if (-1 == res)
2518 return DID_ERROR << 16;
2519 else if (sdebug_verbose && (res < param_len))
2520 sdev_printk(KERN_INFO, scp->device,
2521 "%s: cdb indicated=%d, IO sent=%d bytes\n",
2522 __func__, param_len, res);
2523 md_len = mselect6 ? (arr[0] + 1) : (get_unaligned_be16(arr + 0) + 2);
2524 bd_len = mselect6 ? arr[3] : get_unaligned_be16(arr + 6);
2525 off = bd_len + (mselect6 ? 4 : 8);
2526 if (md_len > 2 || off >= res) {
2527 mk_sense_invalid_fld(scp, SDEB_IN_DATA, 0, -1);
2528 return check_condition_result;
2529 }
2530 mpage = arr[off] & 0x3f;
2531 ps = !!(arr[off] & 0x80);
2532 if (ps) {
2533 mk_sense_invalid_fld(scp, SDEB_IN_DATA, off, 7);
2534 return check_condition_result;
2535 }
2536 spf = !!(arr[off] & 0x40);
2537 pg_len = spf ? (get_unaligned_be16(arr + off + 2) + 4) :
2538 (arr[off + 1] + 2);
2539 if ((pg_len + off) > param_len) {
2540 mk_sense_buffer(scp, ILLEGAL_REQUEST,
2541 PARAMETER_LIST_LENGTH_ERR, 0);
2542 return check_condition_result;
2543 }
2544 switch (mpage) {
2545 case 0x8: /* Caching Mode page */
2546 if (caching_pg[1] == arr[off + 1]) {
2547 memcpy(caching_pg + 2, arr + off + 2,
2548 sizeof(caching_pg) - 2);
2549 goto set_mode_changed_ua;
2550 }
2551 break;
2552 case 0xa: /* Control Mode page */
2553 if (ctrl_m_pg[1] == arr[off + 1]) {
2554 memcpy(ctrl_m_pg + 2, arr + off + 2,
2555 sizeof(ctrl_m_pg) - 2);
2556 if (ctrl_m_pg[4] & 0x8)
2557 sdebug_wp = true;
2558 else
2559 sdebug_wp = false;
2560 sdebug_dsense = !!(ctrl_m_pg[2] & 0x4);
2561 goto set_mode_changed_ua;
2562 }
2563 break;
2564 case 0x1c: /* Informational Exceptions Mode page */
2565 if (iec_m_pg[1] == arr[off + 1]) {
2566 memcpy(iec_m_pg + 2, arr + off + 2,
2567 sizeof(iec_m_pg) - 2);
2568 goto set_mode_changed_ua;
2569 }
2570 break;
2571 default:
2572 break;
2573 }
2574 mk_sense_invalid_fld(scp, SDEB_IN_DATA, off, 5);
2575 return check_condition_result;
2576 set_mode_changed_ua:
2577 set_bit(SDEBUG_UA_MODE_CHANGED, devip->uas_bm);
2578 return 0;
2579 }
2580
resp_temp_l_pg(unsigned char * arr)2581 static int resp_temp_l_pg(unsigned char *arr)
2582 {
2583 unsigned char temp_l_pg[] = {0x0, 0x0, 0x3, 0x2, 0x0, 38,
2584 0x0, 0x1, 0x3, 0x2, 0x0, 65,
2585 };
2586
2587 memcpy(arr, temp_l_pg, sizeof(temp_l_pg));
2588 return sizeof(temp_l_pg);
2589 }
2590
resp_ie_l_pg(unsigned char * arr)2591 static int resp_ie_l_pg(unsigned char *arr)
2592 {
2593 unsigned char ie_l_pg[] = {0x0, 0x0, 0x3, 0x3, 0x0, 0x0, 38,
2594 };
2595
2596 memcpy(arr, ie_l_pg, sizeof(ie_l_pg));
2597 if (iec_m_pg[2] & 0x4) { /* TEST bit set */
2598 arr[4] = THRESHOLD_EXCEEDED;
2599 arr[5] = 0xff;
2600 }
2601 return sizeof(ie_l_pg);
2602 }
2603
resp_env_rep_l_spg(unsigned char * arr)2604 static int resp_env_rep_l_spg(unsigned char *arr)
2605 {
2606 unsigned char env_rep_l_spg[] = {0x0, 0x0, 0x23, 0x8,
2607 0x0, 40, 72, 0xff, 45, 18, 0, 0,
2608 0x1, 0x0, 0x23, 0x8,
2609 0x0, 55, 72, 35, 55, 45, 0, 0,
2610 };
2611
2612 memcpy(arr, env_rep_l_spg, sizeof(env_rep_l_spg));
2613 return sizeof(env_rep_l_spg);
2614 }
2615
2616 #define SDEBUG_MAX_LSENSE_SZ 512
2617
resp_log_sense(struct scsi_cmnd * scp,struct sdebug_dev_info * devip)2618 static int resp_log_sense(struct scsi_cmnd *scp,
2619 struct sdebug_dev_info *devip)
2620 {
2621 int ppc, sp, pcode, subpcode;
2622 u32 alloc_len, len, n;
2623 unsigned char arr[SDEBUG_MAX_LSENSE_SZ];
2624 unsigned char *cmd = scp->cmnd;
2625
2626 memset(arr, 0, sizeof(arr));
2627 ppc = cmd[1] & 0x2;
2628 sp = cmd[1] & 0x1;
2629 if (ppc || sp) {
2630 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 1, ppc ? 1 : 0);
2631 return check_condition_result;
2632 }
2633 pcode = cmd[2] & 0x3f;
2634 subpcode = cmd[3] & 0xff;
2635 alloc_len = get_unaligned_be16(cmd + 7);
2636 arr[0] = pcode;
2637 if (0 == subpcode) {
2638 switch (pcode) {
2639 case 0x0: /* Supported log pages log page */
2640 n = 4;
2641 arr[n++] = 0x0; /* this page */
2642 arr[n++] = 0xd; /* Temperature */
2643 arr[n++] = 0x2f; /* Informational exceptions */
2644 arr[3] = n - 4;
2645 break;
2646 case 0xd: /* Temperature log page */
2647 arr[3] = resp_temp_l_pg(arr + 4);
2648 break;
2649 case 0x2f: /* Informational exceptions log page */
2650 arr[3] = resp_ie_l_pg(arr + 4);
2651 break;
2652 default:
2653 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 2, 5);
2654 return check_condition_result;
2655 }
2656 } else if (0xff == subpcode) {
2657 arr[0] |= 0x40;
2658 arr[1] = subpcode;
2659 switch (pcode) {
2660 case 0x0: /* Supported log pages and subpages log page */
2661 n = 4;
2662 arr[n++] = 0x0;
2663 arr[n++] = 0x0; /* 0,0 page */
2664 arr[n++] = 0x0;
2665 arr[n++] = 0xff; /* this page */
2666 arr[n++] = 0xd;
2667 arr[n++] = 0x0; /* Temperature */
2668 arr[n++] = 0xd;
2669 arr[n++] = 0x1; /* Environment reporting */
2670 arr[n++] = 0xd;
2671 arr[n++] = 0xff; /* all 0xd subpages */
2672 arr[n++] = 0x2f;
2673 arr[n++] = 0x0; /* Informational exceptions */
2674 arr[n++] = 0x2f;
2675 arr[n++] = 0xff; /* all 0x2f subpages */
2676 arr[3] = n - 4;
2677 break;
2678 case 0xd: /* Temperature subpages */
2679 n = 4;
2680 arr[n++] = 0xd;
2681 arr[n++] = 0x0; /* Temperature */
2682 arr[n++] = 0xd;
2683 arr[n++] = 0x1; /* Environment reporting */
2684 arr[n++] = 0xd;
2685 arr[n++] = 0xff; /* these subpages */
2686 arr[3] = n - 4;
2687 break;
2688 case 0x2f: /* Informational exceptions subpages */
2689 n = 4;
2690 arr[n++] = 0x2f;
2691 arr[n++] = 0x0; /* Informational exceptions */
2692 arr[n++] = 0x2f;
2693 arr[n++] = 0xff; /* these subpages */
2694 arr[3] = n - 4;
2695 break;
2696 default:
2697 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 2, 5);
2698 return check_condition_result;
2699 }
2700 } else if (subpcode > 0) {
2701 arr[0] |= 0x40;
2702 arr[1] = subpcode;
2703 if (pcode == 0xd && subpcode == 1)
2704 arr[3] = resp_env_rep_l_spg(arr + 4);
2705 else {
2706 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 2, 5);
2707 return check_condition_result;
2708 }
2709 } else {
2710 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 3, -1);
2711 return check_condition_result;
2712 }
2713 len = min_t(u32, get_unaligned_be16(arr + 2) + 4, alloc_len);
2714 return fill_from_dev_buffer(scp, arr,
2715 min_t(u32, len, SDEBUG_MAX_INQ_ARR_SZ));
2716 }
2717
sdebug_dev_is_zoned(struct sdebug_dev_info * devip)2718 static inline bool sdebug_dev_is_zoned(struct sdebug_dev_info *devip)
2719 {
2720 return devip->nr_zones != 0;
2721 }
2722
zbc_zone(struct sdebug_dev_info * devip,unsigned long long lba)2723 static struct sdeb_zone_state *zbc_zone(struct sdebug_dev_info *devip,
2724 unsigned long long lba)
2725 {
2726 u32 zno = lba >> devip->zsize_shift;
2727 struct sdeb_zone_state *zsp;
2728
2729 if (devip->zcap == devip->zsize || zno < devip->nr_conv_zones)
2730 return &devip->zstate[zno];
2731
2732 /*
2733 * If the zone capacity is less than the zone size, adjust for gap
2734 * zones.
2735 */
2736 zno = 2 * zno - devip->nr_conv_zones;
2737 WARN_ONCE(zno >= devip->nr_zones, "%u > %u\n", zno, devip->nr_zones);
2738 zsp = &devip->zstate[zno];
2739 if (lba >= zsp->z_start + zsp->z_size)
2740 zsp++;
2741 WARN_ON_ONCE(lba >= zsp->z_start + zsp->z_size);
2742 return zsp;
2743 }
2744
zbc_zone_is_conv(struct sdeb_zone_state * zsp)2745 static inline bool zbc_zone_is_conv(struct sdeb_zone_state *zsp)
2746 {
2747 return zsp->z_type == ZBC_ZTYPE_CNV;
2748 }
2749
zbc_zone_is_gap(struct sdeb_zone_state * zsp)2750 static inline bool zbc_zone_is_gap(struct sdeb_zone_state *zsp)
2751 {
2752 return zsp->z_type == ZBC_ZTYPE_GAP;
2753 }
2754
zbc_zone_is_seq(struct sdeb_zone_state * zsp)2755 static inline bool zbc_zone_is_seq(struct sdeb_zone_state *zsp)
2756 {
2757 return !zbc_zone_is_conv(zsp) && !zbc_zone_is_gap(zsp);
2758 }
2759
zbc_close_zone(struct sdebug_dev_info * devip,struct sdeb_zone_state * zsp)2760 static void zbc_close_zone(struct sdebug_dev_info *devip,
2761 struct sdeb_zone_state *zsp)
2762 {
2763 enum sdebug_z_cond zc;
2764
2765 if (!zbc_zone_is_seq(zsp))
2766 return;
2767
2768 zc = zsp->z_cond;
2769 if (!(zc == ZC2_IMPLICIT_OPEN || zc == ZC3_EXPLICIT_OPEN))
2770 return;
2771
2772 if (zc == ZC2_IMPLICIT_OPEN)
2773 devip->nr_imp_open--;
2774 else
2775 devip->nr_exp_open--;
2776
2777 if (zsp->z_wp == zsp->z_start) {
2778 zsp->z_cond = ZC1_EMPTY;
2779 } else {
2780 zsp->z_cond = ZC4_CLOSED;
2781 devip->nr_closed++;
2782 }
2783 }
2784
zbc_close_imp_open_zone(struct sdebug_dev_info * devip)2785 static void zbc_close_imp_open_zone(struct sdebug_dev_info *devip)
2786 {
2787 struct sdeb_zone_state *zsp = &devip->zstate[0];
2788 unsigned int i;
2789
2790 for (i = 0; i < devip->nr_zones; i++, zsp++) {
2791 if (zsp->z_cond == ZC2_IMPLICIT_OPEN) {
2792 zbc_close_zone(devip, zsp);
2793 return;
2794 }
2795 }
2796 }
2797
zbc_open_zone(struct sdebug_dev_info * devip,struct sdeb_zone_state * zsp,bool explicit)2798 static void zbc_open_zone(struct sdebug_dev_info *devip,
2799 struct sdeb_zone_state *zsp, bool explicit)
2800 {
2801 enum sdebug_z_cond zc;
2802
2803 if (!zbc_zone_is_seq(zsp))
2804 return;
2805
2806 zc = zsp->z_cond;
2807 if ((explicit && zc == ZC3_EXPLICIT_OPEN) ||
2808 (!explicit && zc == ZC2_IMPLICIT_OPEN))
2809 return;
2810
2811 /* Close an implicit open zone if necessary */
2812 if (explicit && zsp->z_cond == ZC2_IMPLICIT_OPEN)
2813 zbc_close_zone(devip, zsp);
2814 else if (devip->max_open &&
2815 devip->nr_imp_open + devip->nr_exp_open >= devip->max_open)
2816 zbc_close_imp_open_zone(devip);
2817
2818 if (zsp->z_cond == ZC4_CLOSED)
2819 devip->nr_closed--;
2820 if (explicit) {
2821 zsp->z_cond = ZC3_EXPLICIT_OPEN;
2822 devip->nr_exp_open++;
2823 } else {
2824 zsp->z_cond = ZC2_IMPLICIT_OPEN;
2825 devip->nr_imp_open++;
2826 }
2827 }
2828
zbc_set_zone_full(struct sdebug_dev_info * devip,struct sdeb_zone_state * zsp)2829 static inline void zbc_set_zone_full(struct sdebug_dev_info *devip,
2830 struct sdeb_zone_state *zsp)
2831 {
2832 switch (zsp->z_cond) {
2833 case ZC2_IMPLICIT_OPEN:
2834 devip->nr_imp_open--;
2835 break;
2836 case ZC3_EXPLICIT_OPEN:
2837 devip->nr_exp_open--;
2838 break;
2839 default:
2840 WARN_ONCE(true, "Invalid zone %llu condition %x\n",
2841 zsp->z_start, zsp->z_cond);
2842 break;
2843 }
2844 zsp->z_cond = ZC5_FULL;
2845 }
2846
zbc_inc_wp(struct sdebug_dev_info * devip,unsigned long long lba,unsigned int num)2847 static void zbc_inc_wp(struct sdebug_dev_info *devip,
2848 unsigned long long lba, unsigned int num)
2849 {
2850 struct sdeb_zone_state *zsp = zbc_zone(devip, lba);
2851 unsigned long long n, end, zend = zsp->z_start + zsp->z_size;
2852
2853 if (!zbc_zone_is_seq(zsp))
2854 return;
2855
2856 if (zsp->z_type == ZBC_ZTYPE_SWR) {
2857 zsp->z_wp += num;
2858 if (zsp->z_wp >= zend)
2859 zbc_set_zone_full(devip, zsp);
2860 return;
2861 }
2862
2863 while (num) {
2864 if (lba != zsp->z_wp)
2865 zsp->z_non_seq_resource = true;
2866
2867 end = lba + num;
2868 if (end >= zend) {
2869 n = zend - lba;
2870 zsp->z_wp = zend;
2871 } else if (end > zsp->z_wp) {
2872 n = num;
2873 zsp->z_wp = end;
2874 } else {
2875 n = num;
2876 }
2877 if (zsp->z_wp >= zend)
2878 zbc_set_zone_full(devip, zsp);
2879
2880 num -= n;
2881 lba += n;
2882 if (num) {
2883 zsp++;
2884 zend = zsp->z_start + zsp->z_size;
2885 }
2886 }
2887 }
2888
check_zbc_access_params(struct scsi_cmnd * scp,unsigned long long lba,unsigned int num,bool write)2889 static int check_zbc_access_params(struct scsi_cmnd *scp,
2890 unsigned long long lba, unsigned int num, bool write)
2891 {
2892 struct scsi_device *sdp = scp->device;
2893 struct sdebug_dev_info *devip = (struct sdebug_dev_info *)sdp->hostdata;
2894 struct sdeb_zone_state *zsp = zbc_zone(devip, lba);
2895 struct sdeb_zone_state *zsp_end = zbc_zone(devip, lba + num - 1);
2896
2897 if (!write) {
2898 if (devip->zmodel == BLK_ZONED_HA)
2899 return 0;
2900 /* For host-managed, reads cannot cross zone types boundaries */
2901 if (zsp->z_type != zsp_end->z_type) {
2902 mk_sense_buffer(scp, ILLEGAL_REQUEST,
2903 LBA_OUT_OF_RANGE,
2904 READ_INVDATA_ASCQ);
2905 return check_condition_result;
2906 }
2907 return 0;
2908 }
2909
2910 /* Writing into a gap zone is not allowed */
2911 if (zbc_zone_is_gap(zsp)) {
2912 mk_sense_buffer(scp, ILLEGAL_REQUEST, LBA_OUT_OF_RANGE,
2913 ATTEMPT_ACCESS_GAP);
2914 return check_condition_result;
2915 }
2916
2917 /* No restrictions for writes within conventional zones */
2918 if (zbc_zone_is_conv(zsp)) {
2919 if (!zbc_zone_is_conv(zsp_end)) {
2920 mk_sense_buffer(scp, ILLEGAL_REQUEST,
2921 LBA_OUT_OF_RANGE,
2922 WRITE_BOUNDARY_ASCQ);
2923 return check_condition_result;
2924 }
2925 return 0;
2926 }
2927
2928 if (zsp->z_type == ZBC_ZTYPE_SWR) {
2929 /* Writes cannot cross sequential zone boundaries */
2930 if (zsp_end != zsp) {
2931 mk_sense_buffer(scp, ILLEGAL_REQUEST,
2932 LBA_OUT_OF_RANGE,
2933 WRITE_BOUNDARY_ASCQ);
2934 return check_condition_result;
2935 }
2936 /* Cannot write full zones */
2937 if (zsp->z_cond == ZC5_FULL) {
2938 mk_sense_buffer(scp, ILLEGAL_REQUEST,
2939 INVALID_FIELD_IN_CDB, 0);
2940 return check_condition_result;
2941 }
2942 /* Writes must be aligned to the zone WP */
2943 if (lba != zsp->z_wp) {
2944 mk_sense_buffer(scp, ILLEGAL_REQUEST,
2945 LBA_OUT_OF_RANGE,
2946 UNALIGNED_WRITE_ASCQ);
2947 return check_condition_result;
2948 }
2949 }
2950
2951 /* Handle implicit open of closed and empty zones */
2952 if (zsp->z_cond == ZC1_EMPTY || zsp->z_cond == ZC4_CLOSED) {
2953 if (devip->max_open &&
2954 devip->nr_exp_open >= devip->max_open) {
2955 mk_sense_buffer(scp, DATA_PROTECT,
2956 INSUFF_RES_ASC,
2957 INSUFF_ZONE_ASCQ);
2958 return check_condition_result;
2959 }
2960 zbc_open_zone(devip, zsp, false);
2961 }
2962
2963 return 0;
2964 }
2965
check_device_access_params(struct scsi_cmnd * scp,unsigned long long lba,unsigned int num,bool write)2966 static inline int check_device_access_params
2967 (struct scsi_cmnd *scp, unsigned long long lba,
2968 unsigned int num, bool write)
2969 {
2970 struct scsi_device *sdp = scp->device;
2971 struct sdebug_dev_info *devip = (struct sdebug_dev_info *)sdp->hostdata;
2972
2973 if (lba + num > sdebug_capacity) {
2974 mk_sense_buffer(scp, ILLEGAL_REQUEST, LBA_OUT_OF_RANGE, 0);
2975 return check_condition_result;
2976 }
2977 /* transfer length excessive (tie in to block limits VPD page) */
2978 if (num > sdebug_store_sectors) {
2979 /* needs work to find which cdb byte 'num' comes from */
2980 mk_sense_buffer(scp, ILLEGAL_REQUEST, INVALID_FIELD_IN_CDB, 0);
2981 return check_condition_result;
2982 }
2983 if (write && unlikely(sdebug_wp)) {
2984 mk_sense_buffer(scp, DATA_PROTECT, WRITE_PROTECTED, 0x2);
2985 return check_condition_result;
2986 }
2987 if (sdebug_dev_is_zoned(devip))
2988 return check_zbc_access_params(scp, lba, num, write);
2989
2990 return 0;
2991 }
2992
2993 /*
2994 * Note: if BUG_ON() fires it usually indicates a problem with the parser
2995 * tables. Perhaps a missing F_FAKE_RW or FF_MEDIA_IO flag. Response functions
2996 * that access any of the "stores" in struct sdeb_store_info should call this
2997 * function with bug_if_fake_rw set to true.
2998 */
devip2sip(struct sdebug_dev_info * devip,bool bug_if_fake_rw)2999 static inline struct sdeb_store_info *devip2sip(struct sdebug_dev_info *devip,
3000 bool bug_if_fake_rw)
3001 {
3002 if (sdebug_fake_rw) {
3003 BUG_ON(bug_if_fake_rw); /* See note above */
3004 return NULL;
3005 }
3006 return xa_load(per_store_ap, devip->sdbg_host->si_idx);
3007 }
3008
3009 /* Returns number of bytes copied or -1 if error. */
do_device_access(struct sdeb_store_info * sip,struct scsi_cmnd * scp,u32 sg_skip,u64 lba,u32 num,bool do_write)3010 static int do_device_access(struct sdeb_store_info *sip, struct scsi_cmnd *scp,
3011 u32 sg_skip, u64 lba, u32 num, bool do_write)
3012 {
3013 int ret;
3014 u64 block, rest = 0;
3015 enum dma_data_direction dir;
3016 struct scsi_data_buffer *sdb = &scp->sdb;
3017 u8 *fsp;
3018
3019 if (do_write) {
3020 dir = DMA_TO_DEVICE;
3021 write_since_sync = true;
3022 } else {
3023 dir = DMA_FROM_DEVICE;
3024 }
3025
3026 if (!sdb->length || !sip)
3027 return 0;
3028 if (scp->sc_data_direction != dir)
3029 return -1;
3030 fsp = sip->storep;
3031
3032 block = do_div(lba, sdebug_store_sectors);
3033 if (block + num > sdebug_store_sectors)
3034 rest = block + num - sdebug_store_sectors;
3035
3036 ret = sg_copy_buffer(sdb->table.sgl, sdb->table.nents,
3037 fsp + (block * sdebug_sector_size),
3038 (num - rest) * sdebug_sector_size, sg_skip, do_write);
3039 if (ret != (num - rest) * sdebug_sector_size)
3040 return ret;
3041
3042 if (rest) {
3043 ret += sg_copy_buffer(sdb->table.sgl, sdb->table.nents,
3044 fsp, rest * sdebug_sector_size,
3045 sg_skip + ((num - rest) * sdebug_sector_size),
3046 do_write);
3047 }
3048
3049 return ret;
3050 }
3051
3052 /* Returns number of bytes copied or -1 if error. */
do_dout_fetch(struct scsi_cmnd * scp,u32 num,u8 * doutp)3053 static int do_dout_fetch(struct scsi_cmnd *scp, u32 num, u8 *doutp)
3054 {
3055 struct scsi_data_buffer *sdb = &scp->sdb;
3056
3057 if (!sdb->length)
3058 return 0;
3059 if (scp->sc_data_direction != DMA_TO_DEVICE)
3060 return -1;
3061 return sg_copy_buffer(sdb->table.sgl, sdb->table.nents, doutp,
3062 num * sdebug_sector_size, 0, true);
3063 }
3064
3065 /* If sip->storep+lba compares equal to arr(num), then copy top half of
3066 * arr into sip->storep+lba and return true. If comparison fails then
3067 * return false. */
comp_write_worker(struct sdeb_store_info * sip,u64 lba,u32 num,const u8 * arr,bool compare_only)3068 static bool comp_write_worker(struct sdeb_store_info *sip, u64 lba, u32 num,
3069 const u8 *arr, bool compare_only)
3070 {
3071 bool res;
3072 u64 block, rest = 0;
3073 u32 store_blks = sdebug_store_sectors;
3074 u32 lb_size = sdebug_sector_size;
3075 u8 *fsp = sip->storep;
3076
3077 block = do_div(lba, store_blks);
3078 if (block + num > store_blks)
3079 rest = block + num - store_blks;
3080
3081 res = !memcmp(fsp + (block * lb_size), arr, (num - rest) * lb_size);
3082 if (!res)
3083 return res;
3084 if (rest)
3085 res = memcmp(fsp, arr + ((num - rest) * lb_size),
3086 rest * lb_size);
3087 if (!res)
3088 return res;
3089 if (compare_only)
3090 return true;
3091 arr += num * lb_size;
3092 memcpy(fsp + (block * lb_size), arr, (num - rest) * lb_size);
3093 if (rest)
3094 memcpy(fsp, arr + ((num - rest) * lb_size), rest * lb_size);
3095 return res;
3096 }
3097
dif_compute_csum(const void * buf,int len)3098 static __be16 dif_compute_csum(const void *buf, int len)
3099 {
3100 __be16 csum;
3101
3102 if (sdebug_guard)
3103 csum = (__force __be16)ip_compute_csum(buf, len);
3104 else
3105 csum = cpu_to_be16(crc_t10dif(buf, len));
3106
3107 return csum;
3108 }
3109
dif_verify(struct t10_pi_tuple * sdt,const void * data,sector_t sector,u32 ei_lba)3110 static int dif_verify(struct t10_pi_tuple *sdt, const void *data,
3111 sector_t sector, u32 ei_lba)
3112 {
3113 __be16 csum = dif_compute_csum(data, sdebug_sector_size);
3114
3115 if (sdt->guard_tag != csum) {
3116 pr_err("GUARD check failed on sector %lu rcvd 0x%04x, data 0x%04x\n",
3117 (unsigned long)sector,
3118 be16_to_cpu(sdt->guard_tag),
3119 be16_to_cpu(csum));
3120 return 0x01;
3121 }
3122 if (sdebug_dif == T10_PI_TYPE1_PROTECTION &&
3123 be32_to_cpu(sdt->ref_tag) != (sector & 0xffffffff)) {
3124 pr_err("REF check failed on sector %lu\n",
3125 (unsigned long)sector);
3126 return 0x03;
3127 }
3128 if (sdebug_dif == T10_PI_TYPE2_PROTECTION &&
3129 be32_to_cpu(sdt->ref_tag) != ei_lba) {
3130 pr_err("REF check failed on sector %lu\n",
3131 (unsigned long)sector);
3132 return 0x03;
3133 }
3134 return 0;
3135 }
3136
dif_copy_prot(struct scsi_cmnd * scp,sector_t sector,unsigned int sectors,bool read)3137 static void dif_copy_prot(struct scsi_cmnd *scp, sector_t sector,
3138 unsigned int sectors, bool read)
3139 {
3140 size_t resid;
3141 void *paddr;
3142 struct sdeb_store_info *sip = devip2sip((struct sdebug_dev_info *)
3143 scp->device->hostdata, true);
3144 struct t10_pi_tuple *dif_storep = sip->dif_storep;
3145 const void *dif_store_end = dif_storep + sdebug_store_sectors;
3146 struct sg_mapping_iter miter;
3147
3148 /* Bytes of protection data to copy into sgl */
3149 resid = sectors * sizeof(*dif_storep);
3150
3151 sg_miter_start(&miter, scsi_prot_sglist(scp),
3152 scsi_prot_sg_count(scp), SG_MITER_ATOMIC |
3153 (read ? SG_MITER_TO_SG : SG_MITER_FROM_SG));
3154
3155 while (sg_miter_next(&miter) && resid > 0) {
3156 size_t len = min_t(size_t, miter.length, resid);
3157 void *start = dif_store(sip, sector);
3158 size_t rest = 0;
3159
3160 if (dif_store_end < start + len)
3161 rest = start + len - dif_store_end;
3162
3163 paddr = miter.addr;
3164
3165 if (read)
3166 memcpy(paddr, start, len - rest);
3167 else
3168 memcpy(start, paddr, len - rest);
3169
3170 if (rest) {
3171 if (read)
3172 memcpy(paddr + len - rest, dif_storep, rest);
3173 else
3174 memcpy(dif_storep, paddr + len - rest, rest);
3175 }
3176
3177 sector += len / sizeof(*dif_storep);
3178 resid -= len;
3179 }
3180 sg_miter_stop(&miter);
3181 }
3182
prot_verify_read(struct scsi_cmnd * scp,sector_t start_sec,unsigned int sectors,u32 ei_lba)3183 static int prot_verify_read(struct scsi_cmnd *scp, sector_t start_sec,
3184 unsigned int sectors, u32 ei_lba)
3185 {
3186 int ret = 0;
3187 unsigned int i;
3188 sector_t sector;
3189 struct sdeb_store_info *sip = devip2sip((struct sdebug_dev_info *)
3190 scp->device->hostdata, true);
3191 struct t10_pi_tuple *sdt;
3192
3193 for (i = 0; i < sectors; i++, ei_lba++) {
3194 sector = start_sec + i;
3195 sdt = dif_store(sip, sector);
3196
3197 if (sdt->app_tag == cpu_to_be16(0xffff))
3198 continue;
3199
3200 /*
3201 * Because scsi_debug acts as both initiator and
3202 * target we proceed to verify the PI even if
3203 * RDPROTECT=3. This is done so the "initiator" knows
3204 * which type of error to return. Otherwise we would
3205 * have to iterate over the PI twice.
3206 */
3207 if (scp->cmnd[1] >> 5) { /* RDPROTECT */
3208 ret = dif_verify(sdt, lba2fake_store(sip, sector),
3209 sector, ei_lba);
3210 if (ret) {
3211 dif_errors++;
3212 break;
3213 }
3214 }
3215 }
3216
3217 dif_copy_prot(scp, start_sec, sectors, true);
3218 dix_reads++;
3219
3220 return ret;
3221 }
3222
3223 static inline void
sdeb_read_lock(struct sdeb_store_info * sip)3224 sdeb_read_lock(struct sdeb_store_info *sip)
3225 {
3226 if (sdebug_no_rwlock) {
3227 if (sip)
3228 __acquire(&sip->macc_lck);
3229 else
3230 __acquire(&sdeb_fake_rw_lck);
3231 } else {
3232 if (sip)
3233 read_lock(&sip->macc_lck);
3234 else
3235 read_lock(&sdeb_fake_rw_lck);
3236 }
3237 }
3238
3239 static inline void
sdeb_read_unlock(struct sdeb_store_info * sip)3240 sdeb_read_unlock(struct sdeb_store_info *sip)
3241 {
3242 if (sdebug_no_rwlock) {
3243 if (sip)
3244 __release(&sip->macc_lck);
3245 else
3246 __release(&sdeb_fake_rw_lck);
3247 } else {
3248 if (sip)
3249 read_unlock(&sip->macc_lck);
3250 else
3251 read_unlock(&sdeb_fake_rw_lck);
3252 }
3253 }
3254
3255 static inline void
sdeb_write_lock(struct sdeb_store_info * sip)3256 sdeb_write_lock(struct sdeb_store_info *sip)
3257 {
3258 if (sdebug_no_rwlock) {
3259 if (sip)
3260 __acquire(&sip->macc_lck);
3261 else
3262 __acquire(&sdeb_fake_rw_lck);
3263 } else {
3264 if (sip)
3265 write_lock(&sip->macc_lck);
3266 else
3267 write_lock(&sdeb_fake_rw_lck);
3268 }
3269 }
3270
3271 static inline void
sdeb_write_unlock(struct sdeb_store_info * sip)3272 sdeb_write_unlock(struct sdeb_store_info *sip)
3273 {
3274 if (sdebug_no_rwlock) {
3275 if (sip)
3276 __release(&sip->macc_lck);
3277 else
3278 __release(&sdeb_fake_rw_lck);
3279 } else {
3280 if (sip)
3281 write_unlock(&sip->macc_lck);
3282 else
3283 write_unlock(&sdeb_fake_rw_lck);
3284 }
3285 }
3286
resp_read_dt0(struct scsi_cmnd * scp,struct sdebug_dev_info * devip)3287 static int resp_read_dt0(struct scsi_cmnd *scp, struct sdebug_dev_info *devip)
3288 {
3289 bool check_prot;
3290 u32 num;
3291 u32 ei_lba;
3292 int ret;
3293 u64 lba;
3294 struct sdeb_store_info *sip = devip2sip(devip, true);
3295 u8 *cmd = scp->cmnd;
3296
3297 switch (cmd[0]) {
3298 case READ_16:
3299 ei_lba = 0;
3300 lba = get_unaligned_be64(cmd + 2);
3301 num = get_unaligned_be32(cmd + 10);
3302 check_prot = true;
3303 break;
3304 case READ_10:
3305 ei_lba = 0;
3306 lba = get_unaligned_be32(cmd + 2);
3307 num = get_unaligned_be16(cmd + 7);
3308 check_prot = true;
3309 break;
3310 case READ_6:
3311 ei_lba = 0;
3312 lba = (u32)cmd[3] | (u32)cmd[2] << 8 |
3313 (u32)(cmd[1] & 0x1f) << 16;
3314 num = (0 == cmd[4]) ? 256 : cmd[4];
3315 check_prot = true;
3316 break;
3317 case READ_12:
3318 ei_lba = 0;
3319 lba = get_unaligned_be32(cmd + 2);
3320 num = get_unaligned_be32(cmd + 6);
3321 check_prot = true;
3322 break;
3323 case XDWRITEREAD_10:
3324 ei_lba = 0;
3325 lba = get_unaligned_be32(cmd + 2);
3326 num = get_unaligned_be16(cmd + 7);
3327 check_prot = false;
3328 break;
3329 default: /* assume READ(32) */
3330 lba = get_unaligned_be64(cmd + 12);
3331 ei_lba = get_unaligned_be32(cmd + 20);
3332 num = get_unaligned_be32(cmd + 28);
3333 check_prot = false;
3334 break;
3335 }
3336 if (unlikely(have_dif_prot && check_prot)) {
3337 if (sdebug_dif == T10_PI_TYPE2_PROTECTION &&
3338 (cmd[1] & 0xe0)) {
3339 mk_sense_invalid_opcode(scp);
3340 return check_condition_result;
3341 }
3342 if ((sdebug_dif == T10_PI_TYPE1_PROTECTION ||
3343 sdebug_dif == T10_PI_TYPE3_PROTECTION) &&
3344 (cmd[1] & 0xe0) == 0)
3345 sdev_printk(KERN_ERR, scp->device, "Unprotected RD "
3346 "to DIF device\n");
3347 }
3348 if (unlikely((sdebug_opts & SDEBUG_OPT_SHORT_TRANSFER) &&
3349 atomic_read(&sdeb_inject_pending))) {
3350 num /= 2;
3351 atomic_set(&sdeb_inject_pending, 0);
3352 }
3353
3354 ret = check_device_access_params(scp, lba, num, false);
3355 if (ret)
3356 return ret;
3357 if (unlikely((SDEBUG_OPT_MEDIUM_ERR & sdebug_opts) &&
3358 (lba <= (sdebug_medium_error_start + sdebug_medium_error_count - 1)) &&
3359 ((lba + num) > sdebug_medium_error_start))) {
3360 /* claim unrecoverable read error */
3361 mk_sense_buffer(scp, MEDIUM_ERROR, UNRECOVERED_READ_ERR, 0);
3362 /* set info field and valid bit for fixed descriptor */
3363 if (0x70 == (scp->sense_buffer[0] & 0x7f)) {
3364 scp->sense_buffer[0] |= 0x80; /* Valid bit */
3365 ret = (lba < OPT_MEDIUM_ERR_ADDR)
3366 ? OPT_MEDIUM_ERR_ADDR : (int)lba;
3367 put_unaligned_be32(ret, scp->sense_buffer + 3);
3368 }
3369 scsi_set_resid(scp, scsi_bufflen(scp));
3370 return check_condition_result;
3371 }
3372
3373 sdeb_read_lock(sip);
3374
3375 /* DIX + T10 DIF */
3376 if (unlikely(sdebug_dix && scsi_prot_sg_count(scp))) {
3377 switch (prot_verify_read(scp, lba, num, ei_lba)) {
3378 case 1: /* Guard tag error */
3379 if (cmd[1] >> 5 != 3) { /* RDPROTECT != 3 */
3380 sdeb_read_unlock(sip);
3381 mk_sense_buffer(scp, ABORTED_COMMAND, 0x10, 1);
3382 return check_condition_result;
3383 } else if (scp->prot_flags & SCSI_PROT_GUARD_CHECK) {
3384 sdeb_read_unlock(sip);
3385 mk_sense_buffer(scp, ILLEGAL_REQUEST, 0x10, 1);
3386 return illegal_condition_result;
3387 }
3388 break;
3389 case 3: /* Reference tag error */
3390 if (cmd[1] >> 5 != 3) { /* RDPROTECT != 3 */
3391 sdeb_read_unlock(sip);
3392 mk_sense_buffer(scp, ABORTED_COMMAND, 0x10, 3);
3393 return check_condition_result;
3394 } else if (scp->prot_flags & SCSI_PROT_REF_CHECK) {
3395 sdeb_read_unlock(sip);
3396 mk_sense_buffer(scp, ILLEGAL_REQUEST, 0x10, 3);
3397 return illegal_condition_result;
3398 }
3399 break;
3400 }
3401 }
3402
3403 ret = do_device_access(sip, scp, 0, lba, num, false);
3404 sdeb_read_unlock(sip);
3405 if (unlikely(ret == -1))
3406 return DID_ERROR << 16;
3407
3408 scsi_set_resid(scp, scsi_bufflen(scp) - ret);
3409
3410 if (unlikely((sdebug_opts & SDEBUG_OPT_RECOV_DIF_DIX) &&
3411 atomic_read(&sdeb_inject_pending))) {
3412 if (sdebug_opts & SDEBUG_OPT_RECOVERED_ERR) {
3413 mk_sense_buffer(scp, RECOVERED_ERROR, THRESHOLD_EXCEEDED, 0);
3414 atomic_set(&sdeb_inject_pending, 0);
3415 return check_condition_result;
3416 } else if (sdebug_opts & SDEBUG_OPT_DIF_ERR) {
3417 /* Logical block guard check failed */
3418 mk_sense_buffer(scp, ABORTED_COMMAND, 0x10, 1);
3419 atomic_set(&sdeb_inject_pending, 0);
3420 return illegal_condition_result;
3421 } else if (SDEBUG_OPT_DIX_ERR & sdebug_opts) {
3422 mk_sense_buffer(scp, ILLEGAL_REQUEST, 0x10, 1);
3423 atomic_set(&sdeb_inject_pending, 0);
3424 return illegal_condition_result;
3425 }
3426 }
3427 return 0;
3428 }
3429
prot_verify_write(struct scsi_cmnd * SCpnt,sector_t start_sec,unsigned int sectors,u32 ei_lba)3430 static int prot_verify_write(struct scsi_cmnd *SCpnt, sector_t start_sec,
3431 unsigned int sectors, u32 ei_lba)
3432 {
3433 int ret;
3434 struct t10_pi_tuple *sdt;
3435 void *daddr;
3436 sector_t sector = start_sec;
3437 int ppage_offset;
3438 int dpage_offset;
3439 struct sg_mapping_iter diter;
3440 struct sg_mapping_iter piter;
3441
3442 BUG_ON(scsi_sg_count(SCpnt) == 0);
3443 BUG_ON(scsi_prot_sg_count(SCpnt) == 0);
3444
3445 sg_miter_start(&piter, scsi_prot_sglist(SCpnt),
3446 scsi_prot_sg_count(SCpnt),
3447 SG_MITER_ATOMIC | SG_MITER_FROM_SG);
3448 sg_miter_start(&diter, scsi_sglist(SCpnt), scsi_sg_count(SCpnt),
3449 SG_MITER_ATOMIC | SG_MITER_FROM_SG);
3450
3451 /* For each protection page */
3452 while (sg_miter_next(&piter)) {
3453 dpage_offset = 0;
3454 if (WARN_ON(!sg_miter_next(&diter))) {
3455 ret = 0x01;
3456 goto out;
3457 }
3458
3459 for (ppage_offset = 0; ppage_offset < piter.length;
3460 ppage_offset += sizeof(struct t10_pi_tuple)) {
3461 /* If we're at the end of the current
3462 * data page advance to the next one
3463 */
3464 if (dpage_offset >= diter.length) {
3465 if (WARN_ON(!sg_miter_next(&diter))) {
3466 ret = 0x01;
3467 goto out;
3468 }
3469 dpage_offset = 0;
3470 }
3471
3472 sdt = piter.addr + ppage_offset;
3473 daddr = diter.addr + dpage_offset;
3474
3475 if (SCpnt->cmnd[1] >> 5 != 3) { /* WRPROTECT */
3476 ret = dif_verify(sdt, daddr, sector, ei_lba);
3477 if (ret)
3478 goto out;
3479 }
3480
3481 sector++;
3482 ei_lba++;
3483 dpage_offset += sdebug_sector_size;
3484 }
3485 diter.consumed = dpage_offset;
3486 sg_miter_stop(&diter);
3487 }
3488 sg_miter_stop(&piter);
3489
3490 dif_copy_prot(SCpnt, start_sec, sectors, false);
3491 dix_writes++;
3492
3493 return 0;
3494
3495 out:
3496 dif_errors++;
3497 sg_miter_stop(&diter);
3498 sg_miter_stop(&piter);
3499 return ret;
3500 }
3501
lba_to_map_index(sector_t lba)3502 static unsigned long lba_to_map_index(sector_t lba)
3503 {
3504 if (sdebug_unmap_alignment)
3505 lba += sdebug_unmap_granularity - sdebug_unmap_alignment;
3506 sector_div(lba, sdebug_unmap_granularity);
3507 return lba;
3508 }
3509
map_index_to_lba(unsigned long index)3510 static sector_t map_index_to_lba(unsigned long index)
3511 {
3512 sector_t lba = index * sdebug_unmap_granularity;
3513
3514 if (sdebug_unmap_alignment)
3515 lba -= sdebug_unmap_granularity - sdebug_unmap_alignment;
3516 return lba;
3517 }
3518
map_state(struct sdeb_store_info * sip,sector_t lba,unsigned int * num)3519 static unsigned int map_state(struct sdeb_store_info *sip, sector_t lba,
3520 unsigned int *num)
3521 {
3522 sector_t end;
3523 unsigned int mapped;
3524 unsigned long index;
3525 unsigned long next;
3526
3527 index = lba_to_map_index(lba);
3528 mapped = test_bit(index, sip->map_storep);
3529
3530 if (mapped)
3531 next = find_next_zero_bit(sip->map_storep, map_size, index);
3532 else
3533 next = find_next_bit(sip->map_storep, map_size, index);
3534
3535 end = min_t(sector_t, sdebug_store_sectors, map_index_to_lba(next));
3536 *num = end - lba;
3537 return mapped;
3538 }
3539
map_region(struct sdeb_store_info * sip,sector_t lba,unsigned int len)3540 static void map_region(struct sdeb_store_info *sip, sector_t lba,
3541 unsigned int len)
3542 {
3543 sector_t end = lba + len;
3544
3545 while (lba < end) {
3546 unsigned long index = lba_to_map_index(lba);
3547
3548 if (index < map_size)
3549 set_bit(index, sip->map_storep);
3550
3551 lba = map_index_to_lba(index + 1);
3552 }
3553 }
3554
unmap_region(struct sdeb_store_info * sip,sector_t lba,unsigned int len)3555 static void unmap_region(struct sdeb_store_info *sip, sector_t lba,
3556 unsigned int len)
3557 {
3558 sector_t end = lba + len;
3559 u8 *fsp = sip->storep;
3560
3561 while (lba < end) {
3562 unsigned long index = lba_to_map_index(lba);
3563
3564 if (lba == map_index_to_lba(index) &&
3565 lba + sdebug_unmap_granularity <= end &&
3566 index < map_size) {
3567 clear_bit(index, sip->map_storep);
3568 if (sdebug_lbprz) { /* for LBPRZ=2 return 0xff_s */
3569 memset(fsp + lba * sdebug_sector_size,
3570 (sdebug_lbprz & 1) ? 0 : 0xff,
3571 sdebug_sector_size *
3572 sdebug_unmap_granularity);
3573 }
3574 if (sip->dif_storep) {
3575 memset(sip->dif_storep + lba, 0xff,
3576 sizeof(*sip->dif_storep) *
3577 sdebug_unmap_granularity);
3578 }
3579 }
3580 lba = map_index_to_lba(index + 1);
3581 }
3582 }
3583
resp_write_dt0(struct scsi_cmnd * scp,struct sdebug_dev_info * devip)3584 static int resp_write_dt0(struct scsi_cmnd *scp, struct sdebug_dev_info *devip)
3585 {
3586 bool check_prot;
3587 u32 num;
3588 u32 ei_lba;
3589 int ret;
3590 u64 lba;
3591 struct sdeb_store_info *sip = devip2sip(devip, true);
3592 u8 *cmd = scp->cmnd;
3593
3594 switch (cmd[0]) {
3595 case WRITE_16:
3596 ei_lba = 0;
3597 lba = get_unaligned_be64(cmd + 2);
3598 num = get_unaligned_be32(cmd + 10);
3599 check_prot = true;
3600 break;
3601 case WRITE_10:
3602 ei_lba = 0;
3603 lba = get_unaligned_be32(cmd + 2);
3604 num = get_unaligned_be16(cmd + 7);
3605 check_prot = true;
3606 break;
3607 case WRITE_6:
3608 ei_lba = 0;
3609 lba = (u32)cmd[3] | (u32)cmd[2] << 8 |
3610 (u32)(cmd[1] & 0x1f) << 16;
3611 num = (0 == cmd[4]) ? 256 : cmd[4];
3612 check_prot = true;
3613 break;
3614 case WRITE_12:
3615 ei_lba = 0;
3616 lba = get_unaligned_be32(cmd + 2);
3617 num = get_unaligned_be32(cmd + 6);
3618 check_prot = true;
3619 break;
3620 case 0x53: /* XDWRITEREAD(10) */
3621 ei_lba = 0;
3622 lba = get_unaligned_be32(cmd + 2);
3623 num = get_unaligned_be16(cmd + 7);
3624 check_prot = false;
3625 break;
3626 default: /* assume WRITE(32) */
3627 lba = get_unaligned_be64(cmd + 12);
3628 ei_lba = get_unaligned_be32(cmd + 20);
3629 num = get_unaligned_be32(cmd + 28);
3630 check_prot = false;
3631 break;
3632 }
3633 if (unlikely(have_dif_prot && check_prot)) {
3634 if (sdebug_dif == T10_PI_TYPE2_PROTECTION &&
3635 (cmd[1] & 0xe0)) {
3636 mk_sense_invalid_opcode(scp);
3637 return check_condition_result;
3638 }
3639 if ((sdebug_dif == T10_PI_TYPE1_PROTECTION ||
3640 sdebug_dif == T10_PI_TYPE3_PROTECTION) &&
3641 (cmd[1] & 0xe0) == 0)
3642 sdev_printk(KERN_ERR, scp->device, "Unprotected WR "
3643 "to DIF device\n");
3644 }
3645
3646 sdeb_write_lock(sip);
3647 ret = check_device_access_params(scp, lba, num, true);
3648 if (ret) {
3649 sdeb_write_unlock(sip);
3650 return ret;
3651 }
3652
3653 /* DIX + T10 DIF */
3654 if (unlikely(sdebug_dix && scsi_prot_sg_count(scp))) {
3655 switch (prot_verify_write(scp, lba, num, ei_lba)) {
3656 case 1: /* Guard tag error */
3657 if (scp->prot_flags & SCSI_PROT_GUARD_CHECK) {
3658 sdeb_write_unlock(sip);
3659 mk_sense_buffer(scp, ILLEGAL_REQUEST, 0x10, 1);
3660 return illegal_condition_result;
3661 } else if (scp->cmnd[1] >> 5 != 3) { /* WRPROTECT != 3 */
3662 sdeb_write_unlock(sip);
3663 mk_sense_buffer(scp, ABORTED_COMMAND, 0x10, 1);
3664 return check_condition_result;
3665 }
3666 break;
3667 case 3: /* Reference tag error */
3668 if (scp->prot_flags & SCSI_PROT_REF_CHECK) {
3669 sdeb_write_unlock(sip);
3670 mk_sense_buffer(scp, ILLEGAL_REQUEST, 0x10, 3);
3671 return illegal_condition_result;
3672 } else if (scp->cmnd[1] >> 5 != 3) { /* WRPROTECT != 3 */
3673 sdeb_write_unlock(sip);
3674 mk_sense_buffer(scp, ABORTED_COMMAND, 0x10, 3);
3675 return check_condition_result;
3676 }
3677 break;
3678 }
3679 }
3680
3681 ret = do_device_access(sip, scp, 0, lba, num, true);
3682 if (unlikely(scsi_debug_lbp()))
3683 map_region(sip, lba, num);
3684 /* If ZBC zone then bump its write pointer */
3685 if (sdebug_dev_is_zoned(devip))
3686 zbc_inc_wp(devip, lba, num);
3687 sdeb_write_unlock(sip);
3688 if (unlikely(-1 == ret))
3689 return DID_ERROR << 16;
3690 else if (unlikely(sdebug_verbose &&
3691 (ret < (num * sdebug_sector_size))))
3692 sdev_printk(KERN_INFO, scp->device,
3693 "%s: write: cdb indicated=%u, IO sent=%d bytes\n",
3694 my_name, num * sdebug_sector_size, ret);
3695
3696 if (unlikely((sdebug_opts & SDEBUG_OPT_RECOV_DIF_DIX) &&
3697 atomic_read(&sdeb_inject_pending))) {
3698 if (sdebug_opts & SDEBUG_OPT_RECOVERED_ERR) {
3699 mk_sense_buffer(scp, RECOVERED_ERROR, THRESHOLD_EXCEEDED, 0);
3700 atomic_set(&sdeb_inject_pending, 0);
3701 return check_condition_result;
3702 } else if (sdebug_opts & SDEBUG_OPT_DIF_ERR) {
3703 /* Logical block guard check failed */
3704 mk_sense_buffer(scp, ABORTED_COMMAND, 0x10, 1);
3705 atomic_set(&sdeb_inject_pending, 0);
3706 return illegal_condition_result;
3707 } else if (sdebug_opts & SDEBUG_OPT_DIX_ERR) {
3708 mk_sense_buffer(scp, ILLEGAL_REQUEST, 0x10, 1);
3709 atomic_set(&sdeb_inject_pending, 0);
3710 return illegal_condition_result;
3711 }
3712 }
3713 return 0;
3714 }
3715
3716 /*
3717 * T10 has only specified WRITE SCATTERED(16) and WRITE SCATTERED(32).
3718 * No READ GATHERED yet (requires bidi or long cdb holding gather list).
3719 */
resp_write_scat(struct scsi_cmnd * scp,struct sdebug_dev_info * devip)3720 static int resp_write_scat(struct scsi_cmnd *scp,
3721 struct sdebug_dev_info *devip)
3722 {
3723 u8 *cmd = scp->cmnd;
3724 u8 *lrdp = NULL;
3725 u8 *up;
3726 struct sdeb_store_info *sip = devip2sip(devip, true);
3727 u8 wrprotect;
3728 u16 lbdof, num_lrd, k;
3729 u32 num, num_by, bt_len, lbdof_blen, sg_off, cum_lb;
3730 u32 lb_size = sdebug_sector_size;
3731 u32 ei_lba;
3732 u64 lba;
3733 int ret, res;
3734 bool is_16;
3735 static const u32 lrd_size = 32; /* + parameter list header size */
3736
3737 if (cmd[0] == VARIABLE_LENGTH_CMD) {
3738 is_16 = false;
3739 wrprotect = (cmd[10] >> 5) & 0x7;
3740 lbdof = get_unaligned_be16(cmd + 12);
3741 num_lrd = get_unaligned_be16(cmd + 16);
3742 bt_len = get_unaligned_be32(cmd + 28);
3743 } else { /* that leaves WRITE SCATTERED(16) */
3744 is_16 = true;
3745 wrprotect = (cmd[2] >> 5) & 0x7;
3746 lbdof = get_unaligned_be16(cmd + 4);
3747 num_lrd = get_unaligned_be16(cmd + 8);
3748 bt_len = get_unaligned_be32(cmd + 10);
3749 if (unlikely(have_dif_prot)) {
3750 if (sdebug_dif == T10_PI_TYPE2_PROTECTION &&
3751 wrprotect) {
3752 mk_sense_invalid_opcode(scp);
3753 return illegal_condition_result;
3754 }
3755 if ((sdebug_dif == T10_PI_TYPE1_PROTECTION ||
3756 sdebug_dif == T10_PI_TYPE3_PROTECTION) &&
3757 wrprotect == 0)
3758 sdev_printk(KERN_ERR, scp->device,
3759 "Unprotected WR to DIF device\n");
3760 }
3761 }
3762 if ((num_lrd == 0) || (bt_len == 0))
3763 return 0; /* T10 says these do-nothings are not errors */
3764 if (lbdof == 0) {
3765 if (sdebug_verbose)
3766 sdev_printk(KERN_INFO, scp->device,
3767 "%s: %s: LB Data Offset field bad\n",
3768 my_name, __func__);
3769 mk_sense_buffer(scp, ILLEGAL_REQUEST, INVALID_FIELD_IN_CDB, 0);
3770 return illegal_condition_result;
3771 }
3772 lbdof_blen = lbdof * lb_size;
3773 if ((lrd_size + (num_lrd * lrd_size)) > lbdof_blen) {
3774 if (sdebug_verbose)
3775 sdev_printk(KERN_INFO, scp->device,
3776 "%s: %s: LBA range descriptors don't fit\n",
3777 my_name, __func__);
3778 mk_sense_buffer(scp, ILLEGAL_REQUEST, INVALID_FIELD_IN_CDB, 0);
3779 return illegal_condition_result;
3780 }
3781 lrdp = kzalloc(lbdof_blen, GFP_ATOMIC);
3782 if (lrdp == NULL)
3783 return SCSI_MLQUEUE_HOST_BUSY;
3784 if (sdebug_verbose)
3785 sdev_printk(KERN_INFO, scp->device,
3786 "%s: %s: Fetch header+scatter_list, lbdof_blen=%u\n",
3787 my_name, __func__, lbdof_blen);
3788 res = fetch_to_dev_buffer(scp, lrdp, lbdof_blen);
3789 if (res == -1) {
3790 ret = DID_ERROR << 16;
3791 goto err_out;
3792 }
3793
3794 sdeb_write_lock(sip);
3795 sg_off = lbdof_blen;
3796 /* Spec says Buffer xfer Length field in number of LBs in dout */
3797 cum_lb = 0;
3798 for (k = 0, up = lrdp + lrd_size; k < num_lrd; ++k, up += lrd_size) {
3799 lba = get_unaligned_be64(up + 0);
3800 num = get_unaligned_be32(up + 8);
3801 if (sdebug_verbose)
3802 sdev_printk(KERN_INFO, scp->device,
3803 "%s: %s: k=%d LBA=0x%llx num=%u sg_off=%u\n",
3804 my_name, __func__, k, lba, num, sg_off);
3805 if (num == 0)
3806 continue;
3807 ret = check_device_access_params(scp, lba, num, true);
3808 if (ret)
3809 goto err_out_unlock;
3810 num_by = num * lb_size;
3811 ei_lba = is_16 ? 0 : get_unaligned_be32(up + 12);
3812
3813 if ((cum_lb + num) > bt_len) {
3814 if (sdebug_verbose)
3815 sdev_printk(KERN_INFO, scp->device,
3816 "%s: %s: sum of blocks > data provided\n",
3817 my_name, __func__);
3818 mk_sense_buffer(scp, ILLEGAL_REQUEST, WRITE_ERROR_ASC,
3819 0);
3820 ret = illegal_condition_result;
3821 goto err_out_unlock;
3822 }
3823
3824 /* DIX + T10 DIF */
3825 if (unlikely(sdebug_dix && scsi_prot_sg_count(scp))) {
3826 int prot_ret = prot_verify_write(scp, lba, num,
3827 ei_lba);
3828
3829 if (prot_ret) {
3830 mk_sense_buffer(scp, ILLEGAL_REQUEST, 0x10,
3831 prot_ret);
3832 ret = illegal_condition_result;
3833 goto err_out_unlock;
3834 }
3835 }
3836
3837 ret = do_device_access(sip, scp, sg_off, lba, num, true);
3838 /* If ZBC zone then bump its write pointer */
3839 if (sdebug_dev_is_zoned(devip))
3840 zbc_inc_wp(devip, lba, num);
3841 if (unlikely(scsi_debug_lbp()))
3842 map_region(sip, lba, num);
3843 if (unlikely(-1 == ret)) {
3844 ret = DID_ERROR << 16;
3845 goto err_out_unlock;
3846 } else if (unlikely(sdebug_verbose && (ret < num_by)))
3847 sdev_printk(KERN_INFO, scp->device,
3848 "%s: write: cdb indicated=%u, IO sent=%d bytes\n",
3849 my_name, num_by, ret);
3850
3851 if (unlikely((sdebug_opts & SDEBUG_OPT_RECOV_DIF_DIX) &&
3852 atomic_read(&sdeb_inject_pending))) {
3853 if (sdebug_opts & SDEBUG_OPT_RECOVERED_ERR) {
3854 mk_sense_buffer(scp, RECOVERED_ERROR, THRESHOLD_EXCEEDED, 0);
3855 atomic_set(&sdeb_inject_pending, 0);
3856 ret = check_condition_result;
3857 goto err_out_unlock;
3858 } else if (sdebug_opts & SDEBUG_OPT_DIF_ERR) {
3859 /* Logical block guard check failed */
3860 mk_sense_buffer(scp, ABORTED_COMMAND, 0x10, 1);
3861 atomic_set(&sdeb_inject_pending, 0);
3862 ret = illegal_condition_result;
3863 goto err_out_unlock;
3864 } else if (sdebug_opts & SDEBUG_OPT_DIX_ERR) {
3865 mk_sense_buffer(scp, ILLEGAL_REQUEST, 0x10, 1);
3866 atomic_set(&sdeb_inject_pending, 0);
3867 ret = illegal_condition_result;
3868 goto err_out_unlock;
3869 }
3870 }
3871 sg_off += num_by;
3872 cum_lb += num;
3873 }
3874 ret = 0;
3875 err_out_unlock:
3876 sdeb_write_unlock(sip);
3877 err_out:
3878 kfree(lrdp);
3879 return ret;
3880 }
3881
resp_write_same(struct scsi_cmnd * scp,u64 lba,u32 num,u32 ei_lba,bool unmap,bool ndob)3882 static int resp_write_same(struct scsi_cmnd *scp, u64 lba, u32 num,
3883 u32 ei_lba, bool unmap, bool ndob)
3884 {
3885 struct scsi_device *sdp = scp->device;
3886 struct sdebug_dev_info *devip = (struct sdebug_dev_info *)sdp->hostdata;
3887 unsigned long long i;
3888 u64 block, lbaa;
3889 u32 lb_size = sdebug_sector_size;
3890 int ret;
3891 struct sdeb_store_info *sip = devip2sip((struct sdebug_dev_info *)
3892 scp->device->hostdata, true);
3893 u8 *fs1p;
3894 u8 *fsp;
3895
3896 sdeb_write_lock(sip);
3897
3898 ret = check_device_access_params(scp, lba, num, true);
3899 if (ret) {
3900 sdeb_write_unlock(sip);
3901 return ret;
3902 }
3903
3904 if (unmap && scsi_debug_lbp()) {
3905 unmap_region(sip, lba, num);
3906 goto out;
3907 }
3908 lbaa = lba;
3909 block = do_div(lbaa, sdebug_store_sectors);
3910 /* if ndob then zero 1 logical block, else fetch 1 logical block */
3911 fsp = sip->storep;
3912 fs1p = fsp + (block * lb_size);
3913 if (ndob) {
3914 memset(fs1p, 0, lb_size);
3915 ret = 0;
3916 } else
3917 ret = fetch_to_dev_buffer(scp, fs1p, lb_size);
3918
3919 if (-1 == ret) {
3920 sdeb_write_unlock(sip);
3921 return DID_ERROR << 16;
3922 } else if (sdebug_verbose && !ndob && (ret < lb_size))
3923 sdev_printk(KERN_INFO, scp->device,
3924 "%s: %s: lb size=%u, IO sent=%d bytes\n",
3925 my_name, "write same", lb_size, ret);
3926
3927 /* Copy first sector to remaining blocks */
3928 for (i = 1 ; i < num ; i++) {
3929 lbaa = lba + i;
3930 block = do_div(lbaa, sdebug_store_sectors);
3931 memmove(fsp + (block * lb_size), fs1p, lb_size);
3932 }
3933 if (scsi_debug_lbp())
3934 map_region(sip, lba, num);
3935 /* If ZBC zone then bump its write pointer */
3936 if (sdebug_dev_is_zoned(devip))
3937 zbc_inc_wp(devip, lba, num);
3938 out:
3939 sdeb_write_unlock(sip);
3940
3941 return 0;
3942 }
3943
resp_write_same_10(struct scsi_cmnd * scp,struct sdebug_dev_info * devip)3944 static int resp_write_same_10(struct scsi_cmnd *scp,
3945 struct sdebug_dev_info *devip)
3946 {
3947 u8 *cmd = scp->cmnd;
3948 u32 lba;
3949 u16 num;
3950 u32 ei_lba = 0;
3951 bool unmap = false;
3952
3953 if (cmd[1] & 0x8) {
3954 if (sdebug_lbpws10 == 0) {
3955 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 1, 3);
3956 return check_condition_result;
3957 } else
3958 unmap = true;
3959 }
3960 lba = get_unaligned_be32(cmd + 2);
3961 num = get_unaligned_be16(cmd + 7);
3962 if (num > sdebug_write_same_length) {
3963 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 7, -1);
3964 return check_condition_result;
3965 }
3966 return resp_write_same(scp, lba, num, ei_lba, unmap, false);
3967 }
3968
resp_write_same_16(struct scsi_cmnd * scp,struct sdebug_dev_info * devip)3969 static int resp_write_same_16(struct scsi_cmnd *scp,
3970 struct sdebug_dev_info *devip)
3971 {
3972 u8 *cmd = scp->cmnd;
3973 u64 lba;
3974 u32 num;
3975 u32 ei_lba = 0;
3976 bool unmap = false;
3977 bool ndob = false;
3978
3979 if (cmd[1] & 0x8) { /* UNMAP */
3980 if (sdebug_lbpws == 0) {
3981 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 1, 3);
3982 return check_condition_result;
3983 } else
3984 unmap = true;
3985 }
3986 if (cmd[1] & 0x1) /* NDOB (no data-out buffer, assumes zeroes) */
3987 ndob = true;
3988 lba = get_unaligned_be64(cmd + 2);
3989 num = get_unaligned_be32(cmd + 10);
3990 if (num > sdebug_write_same_length) {
3991 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 10, -1);
3992 return check_condition_result;
3993 }
3994 return resp_write_same(scp, lba, num, ei_lba, unmap, ndob);
3995 }
3996
3997 /* Note the mode field is in the same position as the (lower) service action
3998 * field. For the Report supported operation codes command, SPC-4 suggests
3999 * each mode of this command should be reported separately; for future. */
resp_write_buffer(struct scsi_cmnd * scp,struct sdebug_dev_info * devip)4000 static int resp_write_buffer(struct scsi_cmnd *scp,
4001 struct sdebug_dev_info *devip)
4002 {
4003 u8 *cmd = scp->cmnd;
4004 struct scsi_device *sdp = scp->device;
4005 struct sdebug_dev_info *dp;
4006 u8 mode;
4007
4008 mode = cmd[1] & 0x1f;
4009 switch (mode) {
4010 case 0x4: /* download microcode (MC) and activate (ACT) */
4011 /* set UAs on this device only */
4012 set_bit(SDEBUG_UA_BUS_RESET, devip->uas_bm);
4013 set_bit(SDEBUG_UA_MICROCODE_CHANGED, devip->uas_bm);
4014 break;
4015 case 0x5: /* download MC, save and ACT */
4016 set_bit(SDEBUG_UA_MICROCODE_CHANGED_WO_RESET, devip->uas_bm);
4017 break;
4018 case 0x6: /* download MC with offsets and ACT */
4019 /* set UAs on most devices (LUs) in this target */
4020 list_for_each_entry(dp,
4021 &devip->sdbg_host->dev_info_list,
4022 dev_list)
4023 if (dp->target == sdp->id) {
4024 set_bit(SDEBUG_UA_BUS_RESET, dp->uas_bm);
4025 if (devip != dp)
4026 set_bit(SDEBUG_UA_MICROCODE_CHANGED,
4027 dp->uas_bm);
4028 }
4029 break;
4030 case 0x7: /* download MC with offsets, save, and ACT */
4031 /* set UA on all devices (LUs) in this target */
4032 list_for_each_entry(dp,
4033 &devip->sdbg_host->dev_info_list,
4034 dev_list)
4035 if (dp->target == sdp->id)
4036 set_bit(SDEBUG_UA_MICROCODE_CHANGED_WO_RESET,
4037 dp->uas_bm);
4038 break;
4039 default:
4040 /* do nothing for this command for other mode values */
4041 break;
4042 }
4043 return 0;
4044 }
4045
resp_comp_write(struct scsi_cmnd * scp,struct sdebug_dev_info * devip)4046 static int resp_comp_write(struct scsi_cmnd *scp,
4047 struct sdebug_dev_info *devip)
4048 {
4049 u8 *cmd = scp->cmnd;
4050 u8 *arr;
4051 struct sdeb_store_info *sip = devip2sip(devip, true);
4052 u64 lba;
4053 u32 dnum;
4054 u32 lb_size = sdebug_sector_size;
4055 u8 num;
4056 int ret;
4057 int retval = 0;
4058
4059 lba = get_unaligned_be64(cmd + 2);
4060 num = cmd[13]; /* 1 to a maximum of 255 logical blocks */
4061 if (0 == num)
4062 return 0; /* degenerate case, not an error */
4063 if (sdebug_dif == T10_PI_TYPE2_PROTECTION &&
4064 (cmd[1] & 0xe0)) {
4065 mk_sense_invalid_opcode(scp);
4066 return check_condition_result;
4067 }
4068 if ((sdebug_dif == T10_PI_TYPE1_PROTECTION ||
4069 sdebug_dif == T10_PI_TYPE3_PROTECTION) &&
4070 (cmd[1] & 0xe0) == 0)
4071 sdev_printk(KERN_ERR, scp->device, "Unprotected WR "
4072 "to DIF device\n");
4073 ret = check_device_access_params(scp, lba, num, false);
4074 if (ret)
4075 return ret;
4076 dnum = 2 * num;
4077 arr = kcalloc(lb_size, dnum, GFP_ATOMIC);
4078 if (NULL == arr) {
4079 mk_sense_buffer(scp, ILLEGAL_REQUEST, INSUFF_RES_ASC,
4080 INSUFF_RES_ASCQ);
4081 return check_condition_result;
4082 }
4083
4084 sdeb_write_lock(sip);
4085
4086 ret = do_dout_fetch(scp, dnum, arr);
4087 if (ret == -1) {
4088 retval = DID_ERROR << 16;
4089 goto cleanup;
4090 } else if (sdebug_verbose && (ret < (dnum * lb_size)))
4091 sdev_printk(KERN_INFO, scp->device, "%s: compare_write: cdb "
4092 "indicated=%u, IO sent=%d bytes\n", my_name,
4093 dnum * lb_size, ret);
4094 if (!comp_write_worker(sip, lba, num, arr, false)) {
4095 mk_sense_buffer(scp, MISCOMPARE, MISCOMPARE_VERIFY_ASC, 0);
4096 retval = check_condition_result;
4097 goto cleanup;
4098 }
4099 if (scsi_debug_lbp())
4100 map_region(sip, lba, num);
4101 cleanup:
4102 sdeb_write_unlock(sip);
4103 kfree(arr);
4104 return retval;
4105 }
4106
4107 struct unmap_block_desc {
4108 __be64 lba;
4109 __be32 blocks;
4110 __be32 __reserved;
4111 };
4112
resp_unmap(struct scsi_cmnd * scp,struct sdebug_dev_info * devip)4113 static int resp_unmap(struct scsi_cmnd *scp, struct sdebug_dev_info *devip)
4114 {
4115 unsigned char *buf;
4116 struct unmap_block_desc *desc;
4117 struct sdeb_store_info *sip = devip2sip(devip, true);
4118 unsigned int i, payload_len, descriptors;
4119 int ret;
4120
4121 if (!scsi_debug_lbp())
4122 return 0; /* fib and say its done */
4123 payload_len = get_unaligned_be16(scp->cmnd + 7);
4124 BUG_ON(scsi_bufflen(scp) != payload_len);
4125
4126 descriptors = (payload_len - 8) / 16;
4127 if (descriptors > sdebug_unmap_max_desc) {
4128 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 7, -1);
4129 return check_condition_result;
4130 }
4131
4132 buf = kzalloc(scsi_bufflen(scp), GFP_ATOMIC);
4133 if (!buf) {
4134 mk_sense_buffer(scp, ILLEGAL_REQUEST, INSUFF_RES_ASC,
4135 INSUFF_RES_ASCQ);
4136 return check_condition_result;
4137 }
4138
4139 scsi_sg_copy_to_buffer(scp, buf, scsi_bufflen(scp));
4140
4141 BUG_ON(get_unaligned_be16(&buf[0]) != payload_len - 2);
4142 BUG_ON(get_unaligned_be16(&buf[2]) != descriptors * 16);
4143
4144 desc = (void *)&buf[8];
4145
4146 sdeb_write_lock(sip);
4147
4148 for (i = 0 ; i < descriptors ; i++) {
4149 unsigned long long lba = get_unaligned_be64(&desc[i].lba);
4150 unsigned int num = get_unaligned_be32(&desc[i].blocks);
4151
4152 ret = check_device_access_params(scp, lba, num, true);
4153 if (ret)
4154 goto out;
4155
4156 unmap_region(sip, lba, num);
4157 }
4158
4159 ret = 0;
4160
4161 out:
4162 sdeb_write_unlock(sip);
4163 kfree(buf);
4164
4165 return ret;
4166 }
4167
4168 #define SDEBUG_GET_LBA_STATUS_LEN 32
4169
resp_get_lba_status(struct scsi_cmnd * scp,struct sdebug_dev_info * devip)4170 static int resp_get_lba_status(struct scsi_cmnd *scp,
4171 struct sdebug_dev_info *devip)
4172 {
4173 u8 *cmd = scp->cmnd;
4174 u64 lba;
4175 u32 alloc_len, mapped, num;
4176 int ret;
4177 u8 arr[SDEBUG_GET_LBA_STATUS_LEN];
4178
4179 lba = get_unaligned_be64(cmd + 2);
4180 alloc_len = get_unaligned_be32(cmd + 10);
4181
4182 if (alloc_len < 24)
4183 return 0;
4184
4185 ret = check_device_access_params(scp, lba, 1, false);
4186 if (ret)
4187 return ret;
4188
4189 if (scsi_debug_lbp()) {
4190 struct sdeb_store_info *sip = devip2sip(devip, true);
4191
4192 mapped = map_state(sip, lba, &num);
4193 } else {
4194 mapped = 1;
4195 /* following just in case virtual_gb changed */
4196 sdebug_capacity = get_sdebug_capacity();
4197 if (sdebug_capacity - lba <= 0xffffffff)
4198 num = sdebug_capacity - lba;
4199 else
4200 num = 0xffffffff;
4201 }
4202
4203 memset(arr, 0, SDEBUG_GET_LBA_STATUS_LEN);
4204 put_unaligned_be32(20, arr); /* Parameter Data Length */
4205 put_unaligned_be64(lba, arr + 8); /* LBA */
4206 put_unaligned_be32(num, arr + 16); /* Number of blocks */
4207 arr[20] = !mapped; /* prov_stat=0: mapped; 1: dealloc */
4208
4209 return fill_from_dev_buffer(scp, arr, SDEBUG_GET_LBA_STATUS_LEN);
4210 }
4211
resp_sync_cache(struct scsi_cmnd * scp,struct sdebug_dev_info * devip)4212 static int resp_sync_cache(struct scsi_cmnd *scp,
4213 struct sdebug_dev_info *devip)
4214 {
4215 int res = 0;
4216 u64 lba;
4217 u32 num_blocks;
4218 u8 *cmd = scp->cmnd;
4219
4220 if (cmd[0] == SYNCHRONIZE_CACHE) { /* 10 byte cdb */
4221 lba = get_unaligned_be32(cmd + 2);
4222 num_blocks = get_unaligned_be16(cmd + 7);
4223 } else { /* SYNCHRONIZE_CACHE(16) */
4224 lba = get_unaligned_be64(cmd + 2);
4225 num_blocks = get_unaligned_be32(cmd + 10);
4226 }
4227 if (lba + num_blocks > sdebug_capacity) {
4228 mk_sense_buffer(scp, ILLEGAL_REQUEST, LBA_OUT_OF_RANGE, 0);
4229 return check_condition_result;
4230 }
4231 if (!write_since_sync || (cmd[1] & 0x2))
4232 res = SDEG_RES_IMMED_MASK;
4233 else /* delay if write_since_sync and IMMED clear */
4234 write_since_sync = false;
4235 return res;
4236 }
4237
4238 /*
4239 * Assuming the LBA+num_blocks is not out-of-range, this function will return
4240 * CONDITION MET if the specified blocks will/have fitted in the cache, and
4241 * a GOOD status otherwise. Model a disk with a big cache and yield
4242 * CONDITION MET. Actually tries to bring range in main memory into the
4243 * cache associated with the CPU(s).
4244 */
resp_pre_fetch(struct scsi_cmnd * scp,struct sdebug_dev_info * devip)4245 static int resp_pre_fetch(struct scsi_cmnd *scp,
4246 struct sdebug_dev_info *devip)
4247 {
4248 int res = 0;
4249 u64 lba;
4250 u64 block, rest = 0;
4251 u32 nblks;
4252 u8 *cmd = scp->cmnd;
4253 struct sdeb_store_info *sip = devip2sip(devip, true);
4254 u8 *fsp = sip->storep;
4255
4256 if (cmd[0] == PRE_FETCH) { /* 10 byte cdb */
4257 lba = get_unaligned_be32(cmd + 2);
4258 nblks = get_unaligned_be16(cmd + 7);
4259 } else { /* PRE-FETCH(16) */
4260 lba = get_unaligned_be64(cmd + 2);
4261 nblks = get_unaligned_be32(cmd + 10);
4262 }
4263 if (lba + nblks > sdebug_capacity) {
4264 mk_sense_buffer(scp, ILLEGAL_REQUEST, LBA_OUT_OF_RANGE, 0);
4265 return check_condition_result;
4266 }
4267 if (!fsp)
4268 goto fini;
4269 /* PRE-FETCH spec says nothing about LBP or PI so skip them */
4270 block = do_div(lba, sdebug_store_sectors);
4271 if (block + nblks > sdebug_store_sectors)
4272 rest = block + nblks - sdebug_store_sectors;
4273
4274 /* Try to bring the PRE-FETCH range into CPU's cache */
4275 sdeb_read_lock(sip);
4276 prefetch_range(fsp + (sdebug_sector_size * block),
4277 (nblks - rest) * sdebug_sector_size);
4278 if (rest)
4279 prefetch_range(fsp, rest * sdebug_sector_size);
4280 sdeb_read_unlock(sip);
4281 fini:
4282 if (cmd[1] & 0x2)
4283 res = SDEG_RES_IMMED_MASK;
4284 return res | condition_met_result;
4285 }
4286
4287 #define RL_BUCKET_ELEMS 8
4288
4289 /* Even though each pseudo target has a REPORT LUNS "well known logical unit"
4290 * (W-LUN), the normal Linux scanning logic does not associate it with a
4291 * device (e.g. /dev/sg7). The following magic will make that association:
4292 * "cd /sys/class/scsi_host/host<n> ; echo '- - 49409' > scan"
4293 * where <n> is a host number. If there are multiple targets in a host then
4294 * the above will associate a W-LUN to each target. To only get a W-LUN
4295 * for target 2, then use "echo '- 2 49409' > scan" .
4296 */
resp_report_luns(struct scsi_cmnd * scp,struct sdebug_dev_info * devip)4297 static int resp_report_luns(struct scsi_cmnd *scp,
4298 struct sdebug_dev_info *devip)
4299 {
4300 unsigned char *cmd = scp->cmnd;
4301 unsigned int alloc_len;
4302 unsigned char select_report;
4303 u64 lun;
4304 struct scsi_lun *lun_p;
4305 u8 arr[RL_BUCKET_ELEMS * sizeof(struct scsi_lun)];
4306 unsigned int lun_cnt; /* normal LUN count (max: 256) */
4307 unsigned int wlun_cnt; /* report luns W-LUN count */
4308 unsigned int tlun_cnt; /* total LUN count */
4309 unsigned int rlen; /* response length (in bytes) */
4310 int k, j, n, res;
4311 unsigned int off_rsp = 0;
4312 const int sz_lun = sizeof(struct scsi_lun);
4313
4314 clear_luns_changed_on_target(devip);
4315
4316 select_report = cmd[2];
4317 alloc_len = get_unaligned_be32(cmd + 6);
4318
4319 if (alloc_len < 4) {
4320 pr_err("alloc len too small %d\n", alloc_len);
4321 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 6, -1);
4322 return check_condition_result;
4323 }
4324
4325 switch (select_report) {
4326 case 0: /* all LUNs apart from W-LUNs */
4327 lun_cnt = sdebug_max_luns;
4328 wlun_cnt = 0;
4329 break;
4330 case 1: /* only W-LUNs */
4331 lun_cnt = 0;
4332 wlun_cnt = 1;
4333 break;
4334 case 2: /* all LUNs */
4335 lun_cnt = sdebug_max_luns;
4336 wlun_cnt = 1;
4337 break;
4338 case 0x10: /* only administrative LUs */
4339 case 0x11: /* see SPC-5 */
4340 case 0x12: /* only subsiduary LUs owned by referenced LU */
4341 default:
4342 pr_debug("select report invalid %d\n", select_report);
4343 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 2, -1);
4344 return check_condition_result;
4345 }
4346
4347 if (sdebug_no_lun_0 && (lun_cnt > 0))
4348 --lun_cnt;
4349
4350 tlun_cnt = lun_cnt + wlun_cnt;
4351 rlen = tlun_cnt * sz_lun; /* excluding 8 byte header */
4352 scsi_set_resid(scp, scsi_bufflen(scp));
4353 pr_debug("select_report %d luns = %d wluns = %d no_lun0 %d\n",
4354 select_report, lun_cnt, wlun_cnt, sdebug_no_lun_0);
4355
4356 /* loops rely on sizeof response header same as sizeof lun (both 8) */
4357 lun = sdebug_no_lun_0 ? 1 : 0;
4358 for (k = 0, j = 0, res = 0; true; ++k, j = 0) {
4359 memset(arr, 0, sizeof(arr));
4360 lun_p = (struct scsi_lun *)&arr[0];
4361 if (k == 0) {
4362 put_unaligned_be32(rlen, &arr[0]);
4363 ++lun_p;
4364 j = 1;
4365 }
4366 for ( ; j < RL_BUCKET_ELEMS; ++j, ++lun_p) {
4367 if ((k * RL_BUCKET_ELEMS) + j > lun_cnt)
4368 break;
4369 int_to_scsilun(lun++, lun_p);
4370 if (lun > 1 && sdebug_lun_am == SAM_LUN_AM_FLAT)
4371 lun_p->scsi_lun[0] |= 0x40;
4372 }
4373 if (j < RL_BUCKET_ELEMS)
4374 break;
4375 n = j * sz_lun;
4376 res = p_fill_from_dev_buffer(scp, arr, n, off_rsp);
4377 if (res)
4378 return res;
4379 off_rsp += n;
4380 }
4381 if (wlun_cnt) {
4382 int_to_scsilun(SCSI_W_LUN_REPORT_LUNS, lun_p);
4383 ++j;
4384 }
4385 if (j > 0)
4386 res = p_fill_from_dev_buffer(scp, arr, j * sz_lun, off_rsp);
4387 return res;
4388 }
4389
resp_verify(struct scsi_cmnd * scp,struct sdebug_dev_info * devip)4390 static int resp_verify(struct scsi_cmnd *scp, struct sdebug_dev_info *devip)
4391 {
4392 bool is_bytchk3 = false;
4393 u8 bytchk;
4394 int ret, j;
4395 u32 vnum, a_num, off;
4396 const u32 lb_size = sdebug_sector_size;
4397 u64 lba;
4398 u8 *arr;
4399 u8 *cmd = scp->cmnd;
4400 struct sdeb_store_info *sip = devip2sip(devip, true);
4401
4402 bytchk = (cmd[1] >> 1) & 0x3;
4403 if (bytchk == 0) {
4404 return 0; /* always claim internal verify okay */
4405 } else if (bytchk == 2) {
4406 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 2, 2);
4407 return check_condition_result;
4408 } else if (bytchk == 3) {
4409 is_bytchk3 = true; /* 1 block sent, compared repeatedly */
4410 }
4411 switch (cmd[0]) {
4412 case VERIFY_16:
4413 lba = get_unaligned_be64(cmd + 2);
4414 vnum = get_unaligned_be32(cmd + 10);
4415 break;
4416 case VERIFY: /* is VERIFY(10) */
4417 lba = get_unaligned_be32(cmd + 2);
4418 vnum = get_unaligned_be16(cmd + 7);
4419 break;
4420 default:
4421 mk_sense_invalid_opcode(scp);
4422 return check_condition_result;
4423 }
4424 if (vnum == 0)
4425 return 0; /* not an error */
4426 a_num = is_bytchk3 ? 1 : vnum;
4427 /* Treat following check like one for read (i.e. no write) access */
4428 ret = check_device_access_params(scp, lba, a_num, false);
4429 if (ret)
4430 return ret;
4431
4432 arr = kcalloc(lb_size, vnum, GFP_ATOMIC);
4433 if (!arr) {
4434 mk_sense_buffer(scp, ILLEGAL_REQUEST, INSUFF_RES_ASC,
4435 INSUFF_RES_ASCQ);
4436 return check_condition_result;
4437 }
4438 /* Not changing store, so only need read access */
4439 sdeb_read_lock(sip);
4440
4441 ret = do_dout_fetch(scp, a_num, arr);
4442 if (ret == -1) {
4443 ret = DID_ERROR << 16;
4444 goto cleanup;
4445 } else if (sdebug_verbose && (ret < (a_num * lb_size))) {
4446 sdev_printk(KERN_INFO, scp->device,
4447 "%s: %s: cdb indicated=%u, IO sent=%d bytes\n",
4448 my_name, __func__, a_num * lb_size, ret);
4449 }
4450 if (is_bytchk3) {
4451 for (j = 1, off = lb_size; j < vnum; ++j, off += lb_size)
4452 memcpy(arr + off, arr, lb_size);
4453 }
4454 ret = 0;
4455 if (!comp_write_worker(sip, lba, vnum, arr, true)) {
4456 mk_sense_buffer(scp, MISCOMPARE, MISCOMPARE_VERIFY_ASC, 0);
4457 ret = check_condition_result;
4458 goto cleanup;
4459 }
4460 cleanup:
4461 sdeb_read_unlock(sip);
4462 kfree(arr);
4463 return ret;
4464 }
4465
4466 #define RZONES_DESC_HD 64
4467
4468 /* Report zones depending on start LBA and reporting options */
resp_report_zones(struct scsi_cmnd * scp,struct sdebug_dev_info * devip)4469 static int resp_report_zones(struct scsi_cmnd *scp,
4470 struct sdebug_dev_info *devip)
4471 {
4472 unsigned int rep_max_zones, nrz = 0;
4473 int ret = 0;
4474 u32 alloc_len, rep_opts, rep_len;
4475 bool partial;
4476 u64 lba, zs_lba;
4477 u8 *arr = NULL, *desc;
4478 u8 *cmd = scp->cmnd;
4479 struct sdeb_zone_state *zsp = NULL;
4480 struct sdeb_store_info *sip = devip2sip(devip, false);
4481
4482 if (!sdebug_dev_is_zoned(devip)) {
4483 mk_sense_invalid_opcode(scp);
4484 return check_condition_result;
4485 }
4486 zs_lba = get_unaligned_be64(cmd + 2);
4487 alloc_len = get_unaligned_be32(cmd + 10);
4488 if (alloc_len == 0)
4489 return 0; /* not an error */
4490 rep_opts = cmd[14] & 0x3f;
4491 partial = cmd[14] & 0x80;
4492
4493 if (zs_lba >= sdebug_capacity) {
4494 mk_sense_buffer(scp, ILLEGAL_REQUEST, LBA_OUT_OF_RANGE, 0);
4495 return check_condition_result;
4496 }
4497
4498 rep_max_zones = (alloc_len - 64) >> ilog2(RZONES_DESC_HD);
4499
4500 arr = kzalloc(alloc_len, GFP_ATOMIC);
4501 if (!arr) {
4502 mk_sense_buffer(scp, ILLEGAL_REQUEST, INSUFF_RES_ASC,
4503 INSUFF_RES_ASCQ);
4504 return check_condition_result;
4505 }
4506
4507 sdeb_read_lock(sip);
4508
4509 desc = arr + 64;
4510 for (lba = zs_lba; lba < sdebug_capacity;
4511 lba = zsp->z_start + zsp->z_size) {
4512 if (WARN_ONCE(zbc_zone(devip, lba) == zsp, "lba = %llu\n", lba))
4513 break;
4514 zsp = zbc_zone(devip, lba);
4515 switch (rep_opts) {
4516 case 0x00:
4517 /* All zones */
4518 break;
4519 case 0x01:
4520 /* Empty zones */
4521 if (zsp->z_cond != ZC1_EMPTY)
4522 continue;
4523 break;
4524 case 0x02:
4525 /* Implicit open zones */
4526 if (zsp->z_cond != ZC2_IMPLICIT_OPEN)
4527 continue;
4528 break;
4529 case 0x03:
4530 /* Explicit open zones */
4531 if (zsp->z_cond != ZC3_EXPLICIT_OPEN)
4532 continue;
4533 break;
4534 case 0x04:
4535 /* Closed zones */
4536 if (zsp->z_cond != ZC4_CLOSED)
4537 continue;
4538 break;
4539 case 0x05:
4540 /* Full zones */
4541 if (zsp->z_cond != ZC5_FULL)
4542 continue;
4543 break;
4544 case 0x06:
4545 case 0x07:
4546 case 0x10:
4547 /*
4548 * Read-only, offline, reset WP recommended are
4549 * not emulated: no zones to report;
4550 */
4551 continue;
4552 case 0x11:
4553 /* non-seq-resource set */
4554 if (!zsp->z_non_seq_resource)
4555 continue;
4556 break;
4557 case 0x3e:
4558 /* All zones except gap zones. */
4559 if (zbc_zone_is_gap(zsp))
4560 continue;
4561 break;
4562 case 0x3f:
4563 /* Not write pointer (conventional) zones */
4564 if (zbc_zone_is_seq(zsp))
4565 continue;
4566 break;
4567 default:
4568 mk_sense_buffer(scp, ILLEGAL_REQUEST,
4569 INVALID_FIELD_IN_CDB, 0);
4570 ret = check_condition_result;
4571 goto fini;
4572 }
4573
4574 if (nrz < rep_max_zones) {
4575 /* Fill zone descriptor */
4576 desc[0] = zsp->z_type;
4577 desc[1] = zsp->z_cond << 4;
4578 if (zsp->z_non_seq_resource)
4579 desc[1] |= 1 << 1;
4580 put_unaligned_be64((u64)zsp->z_size, desc + 8);
4581 put_unaligned_be64((u64)zsp->z_start, desc + 16);
4582 put_unaligned_be64((u64)zsp->z_wp, desc + 24);
4583 desc += 64;
4584 }
4585
4586 if (partial && nrz >= rep_max_zones)
4587 break;
4588
4589 nrz++;
4590 }
4591
4592 /* Report header */
4593 /* Zone list length. */
4594 put_unaligned_be32(nrz * RZONES_DESC_HD, arr + 0);
4595 /* Maximum LBA */
4596 put_unaligned_be64(sdebug_capacity - 1, arr + 8);
4597 /* Zone starting LBA granularity. */
4598 if (devip->zcap < devip->zsize)
4599 put_unaligned_be64(devip->zsize, arr + 16);
4600
4601 rep_len = (unsigned long)desc - (unsigned long)arr;
4602 ret = fill_from_dev_buffer(scp, arr, min_t(u32, alloc_len, rep_len));
4603
4604 fini:
4605 sdeb_read_unlock(sip);
4606 kfree(arr);
4607 return ret;
4608 }
4609
4610 /* Logic transplanted from tcmu-runner, file_zbc.c */
zbc_open_all(struct sdebug_dev_info * devip)4611 static void zbc_open_all(struct sdebug_dev_info *devip)
4612 {
4613 struct sdeb_zone_state *zsp = &devip->zstate[0];
4614 unsigned int i;
4615
4616 for (i = 0; i < devip->nr_zones; i++, zsp++) {
4617 if (zsp->z_cond == ZC4_CLOSED)
4618 zbc_open_zone(devip, &devip->zstate[i], true);
4619 }
4620 }
4621
resp_open_zone(struct scsi_cmnd * scp,struct sdebug_dev_info * devip)4622 static int resp_open_zone(struct scsi_cmnd *scp, struct sdebug_dev_info *devip)
4623 {
4624 int res = 0;
4625 u64 z_id;
4626 enum sdebug_z_cond zc;
4627 u8 *cmd = scp->cmnd;
4628 struct sdeb_zone_state *zsp;
4629 bool all = cmd[14] & 0x01;
4630 struct sdeb_store_info *sip = devip2sip(devip, false);
4631
4632 if (!sdebug_dev_is_zoned(devip)) {
4633 mk_sense_invalid_opcode(scp);
4634 return check_condition_result;
4635 }
4636
4637 sdeb_write_lock(sip);
4638
4639 if (all) {
4640 /* Check if all closed zones can be open */
4641 if (devip->max_open &&
4642 devip->nr_exp_open + devip->nr_closed > devip->max_open) {
4643 mk_sense_buffer(scp, DATA_PROTECT, INSUFF_RES_ASC,
4644 INSUFF_ZONE_ASCQ);
4645 res = check_condition_result;
4646 goto fini;
4647 }
4648 /* Open all closed zones */
4649 zbc_open_all(devip);
4650 goto fini;
4651 }
4652
4653 /* Open the specified zone */
4654 z_id = get_unaligned_be64(cmd + 2);
4655 if (z_id >= sdebug_capacity) {
4656 mk_sense_buffer(scp, ILLEGAL_REQUEST, LBA_OUT_OF_RANGE, 0);
4657 res = check_condition_result;
4658 goto fini;
4659 }
4660
4661 zsp = zbc_zone(devip, z_id);
4662 if (z_id != zsp->z_start) {
4663 mk_sense_buffer(scp, ILLEGAL_REQUEST, INVALID_FIELD_IN_CDB, 0);
4664 res = check_condition_result;
4665 goto fini;
4666 }
4667 if (zbc_zone_is_conv(zsp)) {
4668 mk_sense_buffer(scp, ILLEGAL_REQUEST, INVALID_FIELD_IN_CDB, 0);
4669 res = check_condition_result;
4670 goto fini;
4671 }
4672
4673 zc = zsp->z_cond;
4674 if (zc == ZC3_EXPLICIT_OPEN || zc == ZC5_FULL)
4675 goto fini;
4676
4677 if (devip->max_open && devip->nr_exp_open >= devip->max_open) {
4678 mk_sense_buffer(scp, DATA_PROTECT, INSUFF_RES_ASC,
4679 INSUFF_ZONE_ASCQ);
4680 res = check_condition_result;
4681 goto fini;
4682 }
4683
4684 zbc_open_zone(devip, zsp, true);
4685 fini:
4686 sdeb_write_unlock(sip);
4687 return res;
4688 }
4689
zbc_close_all(struct sdebug_dev_info * devip)4690 static void zbc_close_all(struct sdebug_dev_info *devip)
4691 {
4692 unsigned int i;
4693
4694 for (i = 0; i < devip->nr_zones; i++)
4695 zbc_close_zone(devip, &devip->zstate[i]);
4696 }
4697
resp_close_zone(struct scsi_cmnd * scp,struct sdebug_dev_info * devip)4698 static int resp_close_zone(struct scsi_cmnd *scp,
4699 struct sdebug_dev_info *devip)
4700 {
4701 int res = 0;
4702 u64 z_id;
4703 u8 *cmd = scp->cmnd;
4704 struct sdeb_zone_state *zsp;
4705 bool all = cmd[14] & 0x01;
4706 struct sdeb_store_info *sip = devip2sip(devip, false);
4707
4708 if (!sdebug_dev_is_zoned(devip)) {
4709 mk_sense_invalid_opcode(scp);
4710 return check_condition_result;
4711 }
4712
4713 sdeb_write_lock(sip);
4714
4715 if (all) {
4716 zbc_close_all(devip);
4717 goto fini;
4718 }
4719
4720 /* Close specified zone */
4721 z_id = get_unaligned_be64(cmd + 2);
4722 if (z_id >= sdebug_capacity) {
4723 mk_sense_buffer(scp, ILLEGAL_REQUEST, LBA_OUT_OF_RANGE, 0);
4724 res = check_condition_result;
4725 goto fini;
4726 }
4727
4728 zsp = zbc_zone(devip, z_id);
4729 if (z_id != zsp->z_start) {
4730 mk_sense_buffer(scp, ILLEGAL_REQUEST, INVALID_FIELD_IN_CDB, 0);
4731 res = check_condition_result;
4732 goto fini;
4733 }
4734 if (zbc_zone_is_conv(zsp)) {
4735 mk_sense_buffer(scp, ILLEGAL_REQUEST, INVALID_FIELD_IN_CDB, 0);
4736 res = check_condition_result;
4737 goto fini;
4738 }
4739
4740 zbc_close_zone(devip, zsp);
4741 fini:
4742 sdeb_write_unlock(sip);
4743 return res;
4744 }
4745
zbc_finish_zone(struct sdebug_dev_info * devip,struct sdeb_zone_state * zsp,bool empty)4746 static void zbc_finish_zone(struct sdebug_dev_info *devip,
4747 struct sdeb_zone_state *zsp, bool empty)
4748 {
4749 enum sdebug_z_cond zc = zsp->z_cond;
4750
4751 if (zc == ZC4_CLOSED || zc == ZC2_IMPLICIT_OPEN ||
4752 zc == ZC3_EXPLICIT_OPEN || (empty && zc == ZC1_EMPTY)) {
4753 if (zc == ZC2_IMPLICIT_OPEN || zc == ZC3_EXPLICIT_OPEN)
4754 zbc_close_zone(devip, zsp);
4755 if (zsp->z_cond == ZC4_CLOSED)
4756 devip->nr_closed--;
4757 zsp->z_wp = zsp->z_start + zsp->z_size;
4758 zsp->z_cond = ZC5_FULL;
4759 }
4760 }
4761
zbc_finish_all(struct sdebug_dev_info * devip)4762 static void zbc_finish_all(struct sdebug_dev_info *devip)
4763 {
4764 unsigned int i;
4765
4766 for (i = 0; i < devip->nr_zones; i++)
4767 zbc_finish_zone(devip, &devip->zstate[i], false);
4768 }
4769
resp_finish_zone(struct scsi_cmnd * scp,struct sdebug_dev_info * devip)4770 static int resp_finish_zone(struct scsi_cmnd *scp,
4771 struct sdebug_dev_info *devip)
4772 {
4773 struct sdeb_zone_state *zsp;
4774 int res = 0;
4775 u64 z_id;
4776 u8 *cmd = scp->cmnd;
4777 bool all = cmd[14] & 0x01;
4778 struct sdeb_store_info *sip = devip2sip(devip, false);
4779
4780 if (!sdebug_dev_is_zoned(devip)) {
4781 mk_sense_invalid_opcode(scp);
4782 return check_condition_result;
4783 }
4784
4785 sdeb_write_lock(sip);
4786
4787 if (all) {
4788 zbc_finish_all(devip);
4789 goto fini;
4790 }
4791
4792 /* Finish the specified zone */
4793 z_id = get_unaligned_be64(cmd + 2);
4794 if (z_id >= sdebug_capacity) {
4795 mk_sense_buffer(scp, ILLEGAL_REQUEST, LBA_OUT_OF_RANGE, 0);
4796 res = check_condition_result;
4797 goto fini;
4798 }
4799
4800 zsp = zbc_zone(devip, z_id);
4801 if (z_id != zsp->z_start) {
4802 mk_sense_buffer(scp, ILLEGAL_REQUEST, INVALID_FIELD_IN_CDB, 0);
4803 res = check_condition_result;
4804 goto fini;
4805 }
4806 if (zbc_zone_is_conv(zsp)) {
4807 mk_sense_buffer(scp, ILLEGAL_REQUEST, INVALID_FIELD_IN_CDB, 0);
4808 res = check_condition_result;
4809 goto fini;
4810 }
4811
4812 zbc_finish_zone(devip, zsp, true);
4813 fini:
4814 sdeb_write_unlock(sip);
4815 return res;
4816 }
4817
zbc_rwp_zone(struct sdebug_dev_info * devip,struct sdeb_zone_state * zsp)4818 static void zbc_rwp_zone(struct sdebug_dev_info *devip,
4819 struct sdeb_zone_state *zsp)
4820 {
4821 enum sdebug_z_cond zc;
4822 struct sdeb_store_info *sip = devip2sip(devip, false);
4823
4824 if (!zbc_zone_is_seq(zsp))
4825 return;
4826
4827 zc = zsp->z_cond;
4828 if (zc == ZC2_IMPLICIT_OPEN || zc == ZC3_EXPLICIT_OPEN)
4829 zbc_close_zone(devip, zsp);
4830
4831 if (zsp->z_cond == ZC4_CLOSED)
4832 devip->nr_closed--;
4833
4834 if (zsp->z_wp > zsp->z_start)
4835 memset(sip->storep + zsp->z_start * sdebug_sector_size, 0,
4836 (zsp->z_wp - zsp->z_start) * sdebug_sector_size);
4837
4838 zsp->z_non_seq_resource = false;
4839 zsp->z_wp = zsp->z_start;
4840 zsp->z_cond = ZC1_EMPTY;
4841 }
4842
zbc_rwp_all(struct sdebug_dev_info * devip)4843 static void zbc_rwp_all(struct sdebug_dev_info *devip)
4844 {
4845 unsigned int i;
4846
4847 for (i = 0; i < devip->nr_zones; i++)
4848 zbc_rwp_zone(devip, &devip->zstate[i]);
4849 }
4850
resp_rwp_zone(struct scsi_cmnd * scp,struct sdebug_dev_info * devip)4851 static int resp_rwp_zone(struct scsi_cmnd *scp, struct sdebug_dev_info *devip)
4852 {
4853 struct sdeb_zone_state *zsp;
4854 int res = 0;
4855 u64 z_id;
4856 u8 *cmd = scp->cmnd;
4857 bool all = cmd[14] & 0x01;
4858 struct sdeb_store_info *sip = devip2sip(devip, false);
4859
4860 if (!sdebug_dev_is_zoned(devip)) {
4861 mk_sense_invalid_opcode(scp);
4862 return check_condition_result;
4863 }
4864
4865 sdeb_write_lock(sip);
4866
4867 if (all) {
4868 zbc_rwp_all(devip);
4869 goto fini;
4870 }
4871
4872 z_id = get_unaligned_be64(cmd + 2);
4873 if (z_id >= sdebug_capacity) {
4874 mk_sense_buffer(scp, ILLEGAL_REQUEST, LBA_OUT_OF_RANGE, 0);
4875 res = check_condition_result;
4876 goto fini;
4877 }
4878
4879 zsp = zbc_zone(devip, z_id);
4880 if (z_id != zsp->z_start) {
4881 mk_sense_buffer(scp, ILLEGAL_REQUEST, INVALID_FIELD_IN_CDB, 0);
4882 res = check_condition_result;
4883 goto fini;
4884 }
4885 if (zbc_zone_is_conv(zsp)) {
4886 mk_sense_buffer(scp, ILLEGAL_REQUEST, INVALID_FIELD_IN_CDB, 0);
4887 res = check_condition_result;
4888 goto fini;
4889 }
4890
4891 zbc_rwp_zone(devip, zsp);
4892 fini:
4893 sdeb_write_unlock(sip);
4894 return res;
4895 }
4896
get_queue(struct scsi_cmnd * cmnd)4897 static struct sdebug_queue *get_queue(struct scsi_cmnd *cmnd)
4898 {
4899 u16 hwq;
4900 u32 tag = blk_mq_unique_tag(scsi_cmd_to_rq(cmnd));
4901
4902 hwq = blk_mq_unique_tag_to_hwq(tag);
4903
4904 pr_debug("tag=%#x, hwq=%d\n", tag, hwq);
4905 if (WARN_ON_ONCE(hwq >= submit_queues))
4906 hwq = 0;
4907
4908 return sdebug_q_arr + hwq;
4909 }
4910
get_tag(struct scsi_cmnd * cmnd)4911 static u32 get_tag(struct scsi_cmnd *cmnd)
4912 {
4913 return blk_mq_unique_tag(scsi_cmd_to_rq(cmnd));
4914 }
4915
4916 /* Queued (deferred) command completions converge here. */
sdebug_q_cmd_complete(struct sdebug_defer * sd_dp)4917 static void sdebug_q_cmd_complete(struct sdebug_defer *sd_dp)
4918 {
4919 bool aborted = sd_dp->aborted;
4920 int qc_idx;
4921 int retiring = 0;
4922 unsigned long iflags;
4923 struct sdebug_queue *sqp;
4924 struct sdebug_queued_cmd *sqcp;
4925 struct scsi_cmnd *scp;
4926 struct sdebug_dev_info *devip;
4927
4928 if (unlikely(aborted))
4929 sd_dp->aborted = false;
4930 qc_idx = sd_dp->qc_idx;
4931 sqp = sdebug_q_arr + sd_dp->sqa_idx;
4932 if (sdebug_statistics) {
4933 atomic_inc(&sdebug_completions);
4934 if (raw_smp_processor_id() != sd_dp->issuing_cpu)
4935 atomic_inc(&sdebug_miss_cpus);
4936 }
4937 if (unlikely((qc_idx < 0) || (qc_idx >= SDEBUG_CANQUEUE))) {
4938 pr_err("wild qc_idx=%d\n", qc_idx);
4939 return;
4940 }
4941 spin_lock_irqsave(&sqp->qc_lock, iflags);
4942 WRITE_ONCE(sd_dp->defer_t, SDEB_DEFER_NONE);
4943 sqcp = &sqp->qc_arr[qc_idx];
4944 scp = sqcp->a_cmnd;
4945 if (unlikely(scp == NULL)) {
4946 spin_unlock_irqrestore(&sqp->qc_lock, iflags);
4947 pr_err("scp is NULL, sqa_idx=%d, qc_idx=%d, hc_idx=%d\n",
4948 sd_dp->sqa_idx, qc_idx, sd_dp->hc_idx);
4949 return;
4950 }
4951 devip = (struct sdebug_dev_info *)scp->device->hostdata;
4952 if (likely(devip))
4953 atomic_dec(&devip->num_in_q);
4954 else
4955 pr_err("devip=NULL\n");
4956 if (unlikely(atomic_read(&retired_max_queue) > 0))
4957 retiring = 1;
4958
4959 sqcp->a_cmnd = NULL;
4960 if (unlikely(!test_and_clear_bit(qc_idx, sqp->in_use_bm))) {
4961 spin_unlock_irqrestore(&sqp->qc_lock, iflags);
4962 pr_err("Unexpected completion\n");
4963 return;
4964 }
4965
4966 if (unlikely(retiring)) { /* user has reduced max_queue */
4967 int k, retval;
4968
4969 retval = atomic_read(&retired_max_queue);
4970 if (qc_idx >= retval) {
4971 spin_unlock_irqrestore(&sqp->qc_lock, iflags);
4972 pr_err("index %d too large\n", retval);
4973 return;
4974 }
4975 k = find_last_bit(sqp->in_use_bm, retval);
4976 if ((k < sdebug_max_queue) || (k == retval))
4977 atomic_set(&retired_max_queue, 0);
4978 else
4979 atomic_set(&retired_max_queue, k + 1);
4980 }
4981 spin_unlock_irqrestore(&sqp->qc_lock, iflags);
4982 if (unlikely(aborted)) {
4983 if (sdebug_verbose)
4984 pr_info("bypassing scsi_done() due to aborted cmd\n");
4985 return;
4986 }
4987 scsi_done(scp); /* callback to mid level */
4988 }
4989
4990 /* When high resolution timer goes off this function is called. */
sdebug_q_cmd_hrt_complete(struct hrtimer * timer)4991 static enum hrtimer_restart sdebug_q_cmd_hrt_complete(struct hrtimer *timer)
4992 {
4993 struct sdebug_defer *sd_dp = container_of(timer, struct sdebug_defer,
4994 hrt);
4995 sdebug_q_cmd_complete(sd_dp);
4996 return HRTIMER_NORESTART;
4997 }
4998
4999 /* When work queue schedules work, it calls this function. */
sdebug_q_cmd_wq_complete(struct work_struct * work)5000 static void sdebug_q_cmd_wq_complete(struct work_struct *work)
5001 {
5002 struct sdebug_defer *sd_dp = container_of(work, struct sdebug_defer,
5003 ew.work);
5004 sdebug_q_cmd_complete(sd_dp);
5005 }
5006
5007 static bool got_shared_uuid;
5008 static uuid_t shared_uuid;
5009
sdebug_device_create_zones(struct sdebug_dev_info * devip)5010 static int sdebug_device_create_zones(struct sdebug_dev_info *devip)
5011 {
5012 struct sdeb_zone_state *zsp;
5013 sector_t capacity = get_sdebug_capacity();
5014 sector_t conv_capacity;
5015 sector_t zstart = 0;
5016 unsigned int i;
5017
5018 /*
5019 * Set the zone size: if sdeb_zbc_zone_size_mb is not set, figure out
5020 * a zone size allowing for at least 4 zones on the device. Otherwise,
5021 * use the specified zone size checking that at least 2 zones can be
5022 * created for the device.
5023 */
5024 if (!sdeb_zbc_zone_size_mb) {
5025 devip->zsize = (DEF_ZBC_ZONE_SIZE_MB * SZ_1M)
5026 >> ilog2(sdebug_sector_size);
5027 while (capacity < devip->zsize << 2 && devip->zsize >= 2)
5028 devip->zsize >>= 1;
5029 if (devip->zsize < 2) {
5030 pr_err("Device capacity too small\n");
5031 return -EINVAL;
5032 }
5033 } else {
5034 if (!is_power_of_2(sdeb_zbc_zone_size_mb)) {
5035 pr_err("Zone size is not a power of 2\n");
5036 return -EINVAL;
5037 }
5038 devip->zsize = (sdeb_zbc_zone_size_mb * SZ_1M)
5039 >> ilog2(sdebug_sector_size);
5040 if (devip->zsize >= capacity) {
5041 pr_err("Zone size too large for device capacity\n");
5042 return -EINVAL;
5043 }
5044 }
5045
5046 devip->zsize_shift = ilog2(devip->zsize);
5047 devip->nr_zones = (capacity + devip->zsize - 1) >> devip->zsize_shift;
5048
5049 if (sdeb_zbc_zone_cap_mb == 0) {
5050 devip->zcap = devip->zsize;
5051 } else {
5052 devip->zcap = (sdeb_zbc_zone_cap_mb * SZ_1M) >>
5053 ilog2(sdebug_sector_size);
5054 if (devip->zcap > devip->zsize) {
5055 pr_err("Zone capacity too large\n");
5056 return -EINVAL;
5057 }
5058 }
5059
5060 conv_capacity = (sector_t)sdeb_zbc_nr_conv << devip->zsize_shift;
5061 if (conv_capacity >= capacity) {
5062 pr_err("Number of conventional zones too large\n");
5063 return -EINVAL;
5064 }
5065 devip->nr_conv_zones = sdeb_zbc_nr_conv;
5066 devip->nr_seq_zones = ALIGN(capacity - conv_capacity, devip->zsize) >>
5067 devip->zsize_shift;
5068 devip->nr_zones = devip->nr_conv_zones + devip->nr_seq_zones;
5069
5070 /* Add gap zones if zone capacity is smaller than the zone size */
5071 if (devip->zcap < devip->zsize)
5072 devip->nr_zones += devip->nr_seq_zones;
5073
5074 if (devip->zmodel == BLK_ZONED_HM) {
5075 /* zbc_max_open_zones can be 0, meaning "not reported" */
5076 if (sdeb_zbc_max_open >= devip->nr_zones - 1)
5077 devip->max_open = (devip->nr_zones - 1) / 2;
5078 else
5079 devip->max_open = sdeb_zbc_max_open;
5080 }
5081
5082 devip->zstate = kcalloc(devip->nr_zones,
5083 sizeof(struct sdeb_zone_state), GFP_KERNEL);
5084 if (!devip->zstate)
5085 return -ENOMEM;
5086
5087 for (i = 0; i < devip->nr_zones; i++) {
5088 zsp = &devip->zstate[i];
5089
5090 zsp->z_start = zstart;
5091
5092 if (i < devip->nr_conv_zones) {
5093 zsp->z_type = ZBC_ZTYPE_CNV;
5094 zsp->z_cond = ZBC_NOT_WRITE_POINTER;
5095 zsp->z_wp = (sector_t)-1;
5096 zsp->z_size =
5097 min_t(u64, devip->zsize, capacity - zstart);
5098 } else if ((zstart & (devip->zsize - 1)) == 0) {
5099 if (devip->zmodel == BLK_ZONED_HM)
5100 zsp->z_type = ZBC_ZTYPE_SWR;
5101 else
5102 zsp->z_type = ZBC_ZTYPE_SWP;
5103 zsp->z_cond = ZC1_EMPTY;
5104 zsp->z_wp = zsp->z_start;
5105 zsp->z_size =
5106 min_t(u64, devip->zcap, capacity - zstart);
5107 } else {
5108 zsp->z_type = ZBC_ZTYPE_GAP;
5109 zsp->z_cond = ZBC_NOT_WRITE_POINTER;
5110 zsp->z_wp = (sector_t)-1;
5111 zsp->z_size = min_t(u64, devip->zsize - devip->zcap,
5112 capacity - zstart);
5113 }
5114
5115 WARN_ON_ONCE((int)zsp->z_size <= 0);
5116 zstart += zsp->z_size;
5117 }
5118
5119 return 0;
5120 }
5121
sdebug_device_create(struct sdebug_host_info * sdbg_host,gfp_t flags)5122 static struct sdebug_dev_info *sdebug_device_create(
5123 struct sdebug_host_info *sdbg_host, gfp_t flags)
5124 {
5125 struct sdebug_dev_info *devip;
5126
5127 devip = kzalloc(sizeof(*devip), flags);
5128 if (devip) {
5129 if (sdebug_uuid_ctl == 1)
5130 uuid_gen(&devip->lu_name);
5131 else if (sdebug_uuid_ctl == 2) {
5132 if (got_shared_uuid)
5133 devip->lu_name = shared_uuid;
5134 else {
5135 uuid_gen(&shared_uuid);
5136 got_shared_uuid = true;
5137 devip->lu_name = shared_uuid;
5138 }
5139 }
5140 devip->sdbg_host = sdbg_host;
5141 if (sdeb_zbc_in_use) {
5142 devip->zmodel = sdeb_zbc_model;
5143 if (sdebug_device_create_zones(devip)) {
5144 kfree(devip);
5145 return NULL;
5146 }
5147 } else {
5148 devip->zmodel = BLK_ZONED_NONE;
5149 }
5150 devip->sdbg_host = sdbg_host;
5151 devip->create_ts = ktime_get_boottime();
5152 atomic_set(&devip->stopped, (sdeb_tur_ms_to_ready > 0 ? 2 : 0));
5153 list_add_tail(&devip->dev_list, &sdbg_host->dev_info_list);
5154 }
5155 return devip;
5156 }
5157
find_build_dev_info(struct scsi_device * sdev)5158 static struct sdebug_dev_info *find_build_dev_info(struct scsi_device *sdev)
5159 {
5160 struct sdebug_host_info *sdbg_host;
5161 struct sdebug_dev_info *open_devip = NULL;
5162 struct sdebug_dev_info *devip;
5163
5164 sdbg_host = *(struct sdebug_host_info **)shost_priv(sdev->host);
5165 if (!sdbg_host) {
5166 pr_err("Host info NULL\n");
5167 return NULL;
5168 }
5169
5170 list_for_each_entry(devip, &sdbg_host->dev_info_list, dev_list) {
5171 if ((devip->used) && (devip->channel == sdev->channel) &&
5172 (devip->target == sdev->id) &&
5173 (devip->lun == sdev->lun))
5174 return devip;
5175 else {
5176 if ((!devip->used) && (!open_devip))
5177 open_devip = devip;
5178 }
5179 }
5180 if (!open_devip) { /* try and make a new one */
5181 open_devip = sdebug_device_create(sdbg_host, GFP_ATOMIC);
5182 if (!open_devip) {
5183 pr_err("out of memory at line %d\n", __LINE__);
5184 return NULL;
5185 }
5186 }
5187
5188 open_devip->channel = sdev->channel;
5189 open_devip->target = sdev->id;
5190 open_devip->lun = sdev->lun;
5191 open_devip->sdbg_host = sdbg_host;
5192 atomic_set(&open_devip->num_in_q, 0);
5193 set_bit(SDEBUG_UA_POOCCUR, open_devip->uas_bm);
5194 open_devip->used = true;
5195 return open_devip;
5196 }
5197
scsi_debug_slave_alloc(struct scsi_device * sdp)5198 static int scsi_debug_slave_alloc(struct scsi_device *sdp)
5199 {
5200 if (sdebug_verbose)
5201 pr_info("slave_alloc <%u %u %u %llu>\n",
5202 sdp->host->host_no, sdp->channel, sdp->id, sdp->lun);
5203 return 0;
5204 }
5205
scsi_debug_slave_configure(struct scsi_device * sdp)5206 static int scsi_debug_slave_configure(struct scsi_device *sdp)
5207 {
5208 struct sdebug_dev_info *devip =
5209 (struct sdebug_dev_info *)sdp->hostdata;
5210
5211 if (sdebug_verbose)
5212 pr_info("slave_configure <%u %u %u %llu>\n",
5213 sdp->host->host_no, sdp->channel, sdp->id, sdp->lun);
5214 if (sdp->host->max_cmd_len != SDEBUG_MAX_CMD_LEN)
5215 sdp->host->max_cmd_len = SDEBUG_MAX_CMD_LEN;
5216 if (devip == NULL) {
5217 devip = find_build_dev_info(sdp);
5218 if (devip == NULL)
5219 return 1; /* no resources, will be marked offline */
5220 }
5221 sdp->hostdata = devip;
5222 if (sdebug_no_uld)
5223 sdp->no_uld_attach = 1;
5224 config_cdb_len(sdp);
5225 return 0;
5226 }
5227
scsi_debug_slave_destroy(struct scsi_device * sdp)5228 static void scsi_debug_slave_destroy(struct scsi_device *sdp)
5229 {
5230 struct sdebug_dev_info *devip =
5231 (struct sdebug_dev_info *)sdp->hostdata;
5232
5233 if (sdebug_verbose)
5234 pr_info("slave_destroy <%u %u %u %llu>\n",
5235 sdp->host->host_no, sdp->channel, sdp->id, sdp->lun);
5236 if (devip) {
5237 /* make this slot available for re-use */
5238 devip->used = false;
5239 sdp->hostdata = NULL;
5240 }
5241 }
5242
stop_qc_helper(struct sdebug_defer * sd_dp,enum sdeb_defer_type defer_t)5243 static void stop_qc_helper(struct sdebug_defer *sd_dp,
5244 enum sdeb_defer_type defer_t)
5245 {
5246 if (!sd_dp)
5247 return;
5248 if (defer_t == SDEB_DEFER_HRT)
5249 hrtimer_cancel(&sd_dp->hrt);
5250 else if (defer_t == SDEB_DEFER_WQ)
5251 cancel_work_sync(&sd_dp->ew.work);
5252 }
5253
5254 /* If @cmnd found deletes its timer or work queue and returns true; else
5255 returns false */
stop_queued_cmnd(struct scsi_cmnd * cmnd)5256 static bool stop_queued_cmnd(struct scsi_cmnd *cmnd)
5257 {
5258 unsigned long iflags;
5259 int j, k, qmax, r_qmax;
5260 enum sdeb_defer_type l_defer_t;
5261 struct sdebug_queue *sqp;
5262 struct sdebug_queued_cmd *sqcp;
5263 struct sdebug_dev_info *devip;
5264 struct sdebug_defer *sd_dp;
5265
5266 for (j = 0, sqp = sdebug_q_arr; j < submit_queues; ++j, ++sqp) {
5267 spin_lock_irqsave(&sqp->qc_lock, iflags);
5268 qmax = sdebug_max_queue;
5269 r_qmax = atomic_read(&retired_max_queue);
5270 if (r_qmax > qmax)
5271 qmax = r_qmax;
5272 for (k = 0; k < qmax; ++k) {
5273 if (test_bit(k, sqp->in_use_bm)) {
5274 sqcp = &sqp->qc_arr[k];
5275 if (cmnd != sqcp->a_cmnd)
5276 continue;
5277 /* found */
5278 devip = (struct sdebug_dev_info *)
5279 cmnd->device->hostdata;
5280 if (devip)
5281 atomic_dec(&devip->num_in_q);
5282 sqcp->a_cmnd = NULL;
5283 sd_dp = sqcp->sd_dp;
5284 if (sd_dp) {
5285 l_defer_t = READ_ONCE(sd_dp->defer_t);
5286 WRITE_ONCE(sd_dp->defer_t, SDEB_DEFER_NONE);
5287 } else
5288 l_defer_t = SDEB_DEFER_NONE;
5289 spin_unlock_irqrestore(&sqp->qc_lock, iflags);
5290 stop_qc_helper(sd_dp, l_defer_t);
5291 clear_bit(k, sqp->in_use_bm);
5292 return true;
5293 }
5294 }
5295 spin_unlock_irqrestore(&sqp->qc_lock, iflags);
5296 }
5297 return false;
5298 }
5299
5300 /* Deletes (stops) timers or work queues of all queued commands */
stop_all_queued(void)5301 static void stop_all_queued(void)
5302 {
5303 unsigned long iflags;
5304 int j, k;
5305 enum sdeb_defer_type l_defer_t;
5306 struct sdebug_queue *sqp;
5307 struct sdebug_queued_cmd *sqcp;
5308 struct sdebug_dev_info *devip;
5309 struct sdebug_defer *sd_dp;
5310
5311 for (j = 0, sqp = sdebug_q_arr; j < submit_queues; ++j, ++sqp) {
5312 spin_lock_irqsave(&sqp->qc_lock, iflags);
5313 for (k = 0; k < SDEBUG_CANQUEUE; ++k) {
5314 if (test_bit(k, sqp->in_use_bm)) {
5315 sqcp = &sqp->qc_arr[k];
5316 if (sqcp->a_cmnd == NULL)
5317 continue;
5318 devip = (struct sdebug_dev_info *)
5319 sqcp->a_cmnd->device->hostdata;
5320 if (devip)
5321 atomic_dec(&devip->num_in_q);
5322 sqcp->a_cmnd = NULL;
5323 sd_dp = sqcp->sd_dp;
5324 if (sd_dp) {
5325 l_defer_t = READ_ONCE(sd_dp->defer_t);
5326 WRITE_ONCE(sd_dp->defer_t, SDEB_DEFER_NONE);
5327 } else
5328 l_defer_t = SDEB_DEFER_NONE;
5329 spin_unlock_irqrestore(&sqp->qc_lock, iflags);
5330 stop_qc_helper(sd_dp, l_defer_t);
5331 clear_bit(k, sqp->in_use_bm);
5332 spin_lock_irqsave(&sqp->qc_lock, iflags);
5333 }
5334 }
5335 spin_unlock_irqrestore(&sqp->qc_lock, iflags);
5336 }
5337 }
5338
5339 /* Free queued command memory on heap */
free_all_queued(void)5340 static void free_all_queued(void)
5341 {
5342 int j, k;
5343 struct sdebug_queue *sqp;
5344 struct sdebug_queued_cmd *sqcp;
5345
5346 for (j = 0, sqp = sdebug_q_arr; j < submit_queues; ++j, ++sqp) {
5347 for (k = 0; k < SDEBUG_CANQUEUE; ++k) {
5348 sqcp = &sqp->qc_arr[k];
5349 kfree(sqcp->sd_dp);
5350 sqcp->sd_dp = NULL;
5351 }
5352 }
5353 }
5354
scsi_debug_abort(struct scsi_cmnd * SCpnt)5355 static int scsi_debug_abort(struct scsi_cmnd *SCpnt)
5356 {
5357 bool ok;
5358
5359 ++num_aborts;
5360 if (SCpnt) {
5361 ok = stop_queued_cmnd(SCpnt);
5362 if (SCpnt->device && (SDEBUG_OPT_ALL_NOISE & sdebug_opts))
5363 sdev_printk(KERN_INFO, SCpnt->device,
5364 "%s: command%s found\n", __func__,
5365 ok ? "" : " not");
5366 }
5367 return SUCCESS;
5368 }
5369
scsi_debug_device_reset(struct scsi_cmnd * SCpnt)5370 static int scsi_debug_device_reset(struct scsi_cmnd *SCpnt)
5371 {
5372 ++num_dev_resets;
5373 if (SCpnt && SCpnt->device) {
5374 struct scsi_device *sdp = SCpnt->device;
5375 struct sdebug_dev_info *devip =
5376 (struct sdebug_dev_info *)sdp->hostdata;
5377
5378 if (SDEBUG_OPT_ALL_NOISE & sdebug_opts)
5379 sdev_printk(KERN_INFO, sdp, "%s\n", __func__);
5380 if (devip)
5381 set_bit(SDEBUG_UA_POR, devip->uas_bm);
5382 }
5383 return SUCCESS;
5384 }
5385
scsi_debug_target_reset(struct scsi_cmnd * SCpnt)5386 static int scsi_debug_target_reset(struct scsi_cmnd *SCpnt)
5387 {
5388 struct sdebug_host_info *sdbg_host;
5389 struct sdebug_dev_info *devip;
5390 struct scsi_device *sdp;
5391 struct Scsi_Host *hp;
5392 int k = 0;
5393
5394 ++num_target_resets;
5395 if (!SCpnt)
5396 goto lie;
5397 sdp = SCpnt->device;
5398 if (!sdp)
5399 goto lie;
5400 if (SDEBUG_OPT_ALL_NOISE & sdebug_opts)
5401 sdev_printk(KERN_INFO, sdp, "%s\n", __func__);
5402 hp = sdp->host;
5403 if (!hp)
5404 goto lie;
5405 sdbg_host = *(struct sdebug_host_info **)shost_priv(hp);
5406 if (sdbg_host) {
5407 list_for_each_entry(devip,
5408 &sdbg_host->dev_info_list,
5409 dev_list)
5410 if (devip->target == sdp->id) {
5411 set_bit(SDEBUG_UA_BUS_RESET, devip->uas_bm);
5412 ++k;
5413 }
5414 }
5415 if (SDEBUG_OPT_RESET_NOISE & sdebug_opts)
5416 sdev_printk(KERN_INFO, sdp,
5417 "%s: %d device(s) found in target\n", __func__, k);
5418 lie:
5419 return SUCCESS;
5420 }
5421
scsi_debug_bus_reset(struct scsi_cmnd * SCpnt)5422 static int scsi_debug_bus_reset(struct scsi_cmnd *SCpnt)
5423 {
5424 struct sdebug_host_info *sdbg_host;
5425 struct sdebug_dev_info *devip;
5426 struct scsi_device *sdp;
5427 struct Scsi_Host *hp;
5428 int k = 0;
5429
5430 ++num_bus_resets;
5431 if (!(SCpnt && SCpnt->device))
5432 goto lie;
5433 sdp = SCpnt->device;
5434 if (SDEBUG_OPT_ALL_NOISE & sdebug_opts)
5435 sdev_printk(KERN_INFO, sdp, "%s\n", __func__);
5436 hp = sdp->host;
5437 if (hp) {
5438 sdbg_host = *(struct sdebug_host_info **)shost_priv(hp);
5439 if (sdbg_host) {
5440 list_for_each_entry(devip,
5441 &sdbg_host->dev_info_list,
5442 dev_list) {
5443 set_bit(SDEBUG_UA_BUS_RESET, devip->uas_bm);
5444 ++k;
5445 }
5446 }
5447 }
5448 if (SDEBUG_OPT_RESET_NOISE & sdebug_opts)
5449 sdev_printk(KERN_INFO, sdp,
5450 "%s: %d device(s) found in host\n", __func__, k);
5451 lie:
5452 return SUCCESS;
5453 }
5454
scsi_debug_host_reset(struct scsi_cmnd * SCpnt)5455 static int scsi_debug_host_reset(struct scsi_cmnd *SCpnt)
5456 {
5457 struct sdebug_host_info *sdbg_host;
5458 struct sdebug_dev_info *devip;
5459 int k = 0;
5460
5461 ++num_host_resets;
5462 if ((SCpnt->device) && (SDEBUG_OPT_ALL_NOISE & sdebug_opts))
5463 sdev_printk(KERN_INFO, SCpnt->device, "%s\n", __func__);
5464 spin_lock(&sdebug_host_list_lock);
5465 list_for_each_entry(sdbg_host, &sdebug_host_list, host_list) {
5466 list_for_each_entry(devip, &sdbg_host->dev_info_list,
5467 dev_list) {
5468 set_bit(SDEBUG_UA_BUS_RESET, devip->uas_bm);
5469 ++k;
5470 }
5471 }
5472 spin_unlock(&sdebug_host_list_lock);
5473 stop_all_queued();
5474 if (SDEBUG_OPT_RESET_NOISE & sdebug_opts)
5475 sdev_printk(KERN_INFO, SCpnt->device,
5476 "%s: %d device(s) found\n", __func__, k);
5477 return SUCCESS;
5478 }
5479
sdebug_build_parts(unsigned char * ramp,unsigned long store_size)5480 static void sdebug_build_parts(unsigned char *ramp, unsigned long store_size)
5481 {
5482 struct msdos_partition *pp;
5483 int starts[SDEBUG_MAX_PARTS + 2], max_part_secs;
5484 int sectors_per_part, num_sectors, k;
5485 int heads_by_sects, start_sec, end_sec;
5486
5487 /* assume partition table already zeroed */
5488 if ((sdebug_num_parts < 1) || (store_size < 1048576))
5489 return;
5490 if (sdebug_num_parts > SDEBUG_MAX_PARTS) {
5491 sdebug_num_parts = SDEBUG_MAX_PARTS;
5492 pr_warn("reducing partitions to %d\n", SDEBUG_MAX_PARTS);
5493 }
5494 num_sectors = (int)get_sdebug_capacity();
5495 sectors_per_part = (num_sectors - sdebug_sectors_per)
5496 / sdebug_num_parts;
5497 heads_by_sects = sdebug_heads * sdebug_sectors_per;
5498 starts[0] = sdebug_sectors_per;
5499 max_part_secs = sectors_per_part;
5500 for (k = 1; k < sdebug_num_parts; ++k) {
5501 starts[k] = ((k * sectors_per_part) / heads_by_sects)
5502 * heads_by_sects;
5503 if (starts[k] - starts[k - 1] < max_part_secs)
5504 max_part_secs = starts[k] - starts[k - 1];
5505 }
5506 starts[sdebug_num_parts] = num_sectors;
5507 starts[sdebug_num_parts + 1] = 0;
5508
5509 ramp[510] = 0x55; /* magic partition markings */
5510 ramp[511] = 0xAA;
5511 pp = (struct msdos_partition *)(ramp + 0x1be);
5512 for (k = 0; starts[k + 1]; ++k, ++pp) {
5513 start_sec = starts[k];
5514 end_sec = starts[k] + max_part_secs - 1;
5515 pp->boot_ind = 0;
5516
5517 pp->cyl = start_sec / heads_by_sects;
5518 pp->head = (start_sec - (pp->cyl * heads_by_sects))
5519 / sdebug_sectors_per;
5520 pp->sector = (start_sec % sdebug_sectors_per) + 1;
5521
5522 pp->end_cyl = end_sec / heads_by_sects;
5523 pp->end_head = (end_sec - (pp->end_cyl * heads_by_sects))
5524 / sdebug_sectors_per;
5525 pp->end_sector = (end_sec % sdebug_sectors_per) + 1;
5526
5527 pp->start_sect = cpu_to_le32(start_sec);
5528 pp->nr_sects = cpu_to_le32(end_sec - start_sec + 1);
5529 pp->sys_ind = 0x83; /* plain Linux partition */
5530 }
5531 }
5532
block_unblock_all_queues(bool block)5533 static void block_unblock_all_queues(bool block)
5534 {
5535 int j;
5536 struct sdebug_queue *sqp;
5537
5538 for (j = 0, sqp = sdebug_q_arr; j < submit_queues; ++j, ++sqp)
5539 atomic_set(&sqp->blocked, (int)block);
5540 }
5541
5542 /* Adjust (by rounding down) the sdebug_cmnd_count so abs(every_nth)-1
5543 * commands will be processed normally before triggers occur.
5544 */
tweak_cmnd_count(void)5545 static void tweak_cmnd_count(void)
5546 {
5547 int count, modulo;
5548
5549 modulo = abs(sdebug_every_nth);
5550 if (modulo < 2)
5551 return;
5552 block_unblock_all_queues(true);
5553 count = atomic_read(&sdebug_cmnd_count);
5554 atomic_set(&sdebug_cmnd_count, (count / modulo) * modulo);
5555 block_unblock_all_queues(false);
5556 }
5557
clear_queue_stats(void)5558 static void clear_queue_stats(void)
5559 {
5560 atomic_set(&sdebug_cmnd_count, 0);
5561 atomic_set(&sdebug_completions, 0);
5562 atomic_set(&sdebug_miss_cpus, 0);
5563 atomic_set(&sdebug_a_tsf, 0);
5564 }
5565
inject_on_this_cmd(void)5566 static bool inject_on_this_cmd(void)
5567 {
5568 if (sdebug_every_nth == 0)
5569 return false;
5570 return (atomic_read(&sdebug_cmnd_count) % abs(sdebug_every_nth)) == 0;
5571 }
5572
5573 #define INCLUSIVE_TIMING_MAX_NS 1000000 /* 1 millisecond */
5574
5575 /* Complete the processing of the thread that queued a SCSI command to this
5576 * driver. It either completes the command by calling cmnd_done() or
5577 * schedules a hr timer or work queue then returns 0. Returns
5578 * SCSI_MLQUEUE_HOST_BUSY if temporarily out of resources.
5579 */
schedule_resp(struct scsi_cmnd * cmnd,struct sdebug_dev_info * devip,int scsi_result,int (* pfp)(struct scsi_cmnd *,struct sdebug_dev_info *),int delta_jiff,int ndelay)5580 static int schedule_resp(struct scsi_cmnd *cmnd, struct sdebug_dev_info *devip,
5581 int scsi_result,
5582 int (*pfp)(struct scsi_cmnd *,
5583 struct sdebug_dev_info *),
5584 int delta_jiff, int ndelay)
5585 {
5586 bool new_sd_dp;
5587 bool inject = false;
5588 bool polled = scsi_cmd_to_rq(cmnd)->cmd_flags & REQ_POLLED;
5589 int k, num_in_q, qdepth;
5590 unsigned long iflags;
5591 u64 ns_from_boot = 0;
5592 struct sdebug_queue *sqp;
5593 struct sdebug_queued_cmd *sqcp;
5594 struct scsi_device *sdp;
5595 struct sdebug_defer *sd_dp;
5596
5597 if (unlikely(devip == NULL)) {
5598 if (scsi_result == 0)
5599 scsi_result = DID_NO_CONNECT << 16;
5600 goto respond_in_thread;
5601 }
5602 sdp = cmnd->device;
5603
5604 if (delta_jiff == 0)
5605 goto respond_in_thread;
5606
5607 sqp = get_queue(cmnd);
5608 spin_lock_irqsave(&sqp->qc_lock, iflags);
5609 if (unlikely(atomic_read(&sqp->blocked))) {
5610 spin_unlock_irqrestore(&sqp->qc_lock, iflags);
5611 return SCSI_MLQUEUE_HOST_BUSY;
5612 }
5613 num_in_q = atomic_read(&devip->num_in_q);
5614 qdepth = cmnd->device->queue_depth;
5615 if (unlikely((qdepth > 0) && (num_in_q >= qdepth))) {
5616 if (scsi_result) {
5617 spin_unlock_irqrestore(&sqp->qc_lock, iflags);
5618 goto respond_in_thread;
5619 } else
5620 scsi_result = device_qfull_result;
5621 } else if (unlikely(sdebug_every_nth &&
5622 (SDEBUG_OPT_RARE_TSF & sdebug_opts) &&
5623 (scsi_result == 0))) {
5624 if ((num_in_q == (qdepth - 1)) &&
5625 (atomic_inc_return(&sdebug_a_tsf) >=
5626 abs(sdebug_every_nth))) {
5627 atomic_set(&sdebug_a_tsf, 0);
5628 inject = true;
5629 scsi_result = device_qfull_result;
5630 }
5631 }
5632
5633 k = find_first_zero_bit(sqp->in_use_bm, sdebug_max_queue);
5634 if (unlikely(k >= sdebug_max_queue)) {
5635 spin_unlock_irqrestore(&sqp->qc_lock, iflags);
5636 if (scsi_result)
5637 goto respond_in_thread;
5638 scsi_result = device_qfull_result;
5639 if (SDEBUG_OPT_Q_NOISE & sdebug_opts)
5640 sdev_printk(KERN_INFO, sdp, "%s: max_queue=%d exceeded: TASK SET FULL\n",
5641 __func__, sdebug_max_queue);
5642 goto respond_in_thread;
5643 }
5644 set_bit(k, sqp->in_use_bm);
5645 atomic_inc(&devip->num_in_q);
5646 sqcp = &sqp->qc_arr[k];
5647 sqcp->a_cmnd = cmnd;
5648 cmnd->host_scribble = (unsigned char *)sqcp;
5649 sd_dp = sqcp->sd_dp;
5650 spin_unlock_irqrestore(&sqp->qc_lock, iflags);
5651
5652 if (!sd_dp) {
5653 sd_dp = kzalloc(sizeof(*sd_dp), GFP_ATOMIC);
5654 if (!sd_dp) {
5655 atomic_dec(&devip->num_in_q);
5656 clear_bit(k, sqp->in_use_bm);
5657 return SCSI_MLQUEUE_HOST_BUSY;
5658 }
5659 new_sd_dp = true;
5660 } else {
5661 new_sd_dp = false;
5662 }
5663
5664 /* Set the hostwide tag */
5665 if (sdebug_host_max_queue)
5666 sd_dp->hc_idx = get_tag(cmnd);
5667
5668 if (polled)
5669 ns_from_boot = ktime_get_boottime_ns();
5670
5671 /* one of the resp_*() response functions is called here */
5672 cmnd->result = pfp ? pfp(cmnd, devip) : 0;
5673 if (cmnd->result & SDEG_RES_IMMED_MASK) {
5674 cmnd->result &= ~SDEG_RES_IMMED_MASK;
5675 delta_jiff = ndelay = 0;
5676 }
5677 if (cmnd->result == 0 && scsi_result != 0)
5678 cmnd->result = scsi_result;
5679 if (cmnd->result == 0 && unlikely(sdebug_opts & SDEBUG_OPT_TRANSPORT_ERR)) {
5680 if (atomic_read(&sdeb_inject_pending)) {
5681 mk_sense_buffer(cmnd, ABORTED_COMMAND, TRANSPORT_PROBLEM, ACK_NAK_TO);
5682 atomic_set(&sdeb_inject_pending, 0);
5683 cmnd->result = check_condition_result;
5684 }
5685 }
5686
5687 if (unlikely(sdebug_verbose && cmnd->result))
5688 sdev_printk(KERN_INFO, sdp, "%s: non-zero result=0x%x\n",
5689 __func__, cmnd->result);
5690
5691 if (delta_jiff > 0 || ndelay > 0) {
5692 ktime_t kt;
5693
5694 if (delta_jiff > 0) {
5695 u64 ns = jiffies_to_nsecs(delta_jiff);
5696
5697 if (sdebug_random && ns < U32_MAX) {
5698 ns = prandom_u32_max((u32)ns);
5699 } else if (sdebug_random) {
5700 ns >>= 12; /* scale to 4 usec precision */
5701 if (ns < U32_MAX) /* over 4 hours max */
5702 ns = prandom_u32_max((u32)ns);
5703 ns <<= 12;
5704 }
5705 kt = ns_to_ktime(ns);
5706 } else { /* ndelay has a 4.2 second max */
5707 kt = sdebug_random ? prandom_u32_max((u32)ndelay) :
5708 (u32)ndelay;
5709 if (ndelay < INCLUSIVE_TIMING_MAX_NS) {
5710 u64 d = ktime_get_boottime_ns() - ns_from_boot;
5711
5712 if (kt <= d) { /* elapsed duration >= kt */
5713 spin_lock_irqsave(&sqp->qc_lock, iflags);
5714 sqcp->a_cmnd = NULL;
5715 atomic_dec(&devip->num_in_q);
5716 clear_bit(k, sqp->in_use_bm);
5717 spin_unlock_irqrestore(&sqp->qc_lock, iflags);
5718 if (new_sd_dp)
5719 kfree(sd_dp);
5720 /* call scsi_done() from this thread */
5721 scsi_done(cmnd);
5722 return 0;
5723 }
5724 /* otherwise reduce kt by elapsed time */
5725 kt -= d;
5726 }
5727 }
5728 if (polled) {
5729 sd_dp->cmpl_ts = ktime_add(ns_to_ktime(ns_from_boot), kt);
5730 spin_lock_irqsave(&sqp->qc_lock, iflags);
5731 if (!sd_dp->init_poll) {
5732 sd_dp->init_poll = true;
5733 sqcp->sd_dp = sd_dp;
5734 sd_dp->sqa_idx = sqp - sdebug_q_arr;
5735 sd_dp->qc_idx = k;
5736 }
5737 WRITE_ONCE(sd_dp->defer_t, SDEB_DEFER_POLL);
5738 spin_unlock_irqrestore(&sqp->qc_lock, iflags);
5739 } else {
5740 if (!sd_dp->init_hrt) {
5741 sd_dp->init_hrt = true;
5742 sqcp->sd_dp = sd_dp;
5743 hrtimer_init(&sd_dp->hrt, CLOCK_MONOTONIC,
5744 HRTIMER_MODE_REL_PINNED);
5745 sd_dp->hrt.function = sdebug_q_cmd_hrt_complete;
5746 sd_dp->sqa_idx = sqp - sdebug_q_arr;
5747 sd_dp->qc_idx = k;
5748 }
5749 WRITE_ONCE(sd_dp->defer_t, SDEB_DEFER_HRT);
5750 /* schedule the invocation of scsi_done() for a later time */
5751 hrtimer_start(&sd_dp->hrt, kt, HRTIMER_MODE_REL_PINNED);
5752 }
5753 if (sdebug_statistics)
5754 sd_dp->issuing_cpu = raw_smp_processor_id();
5755 } else { /* jdelay < 0, use work queue */
5756 if (unlikely((sdebug_opts & SDEBUG_OPT_CMD_ABORT) &&
5757 atomic_read(&sdeb_inject_pending)))
5758 sd_dp->aborted = true;
5759 if (polled) {
5760 sd_dp->cmpl_ts = ns_to_ktime(ns_from_boot);
5761 spin_lock_irqsave(&sqp->qc_lock, iflags);
5762 if (!sd_dp->init_poll) {
5763 sd_dp->init_poll = true;
5764 sqcp->sd_dp = sd_dp;
5765 sd_dp->sqa_idx = sqp - sdebug_q_arr;
5766 sd_dp->qc_idx = k;
5767 }
5768 WRITE_ONCE(sd_dp->defer_t, SDEB_DEFER_POLL);
5769 spin_unlock_irqrestore(&sqp->qc_lock, iflags);
5770 } else {
5771 if (!sd_dp->init_wq) {
5772 sd_dp->init_wq = true;
5773 sqcp->sd_dp = sd_dp;
5774 sd_dp->sqa_idx = sqp - sdebug_q_arr;
5775 sd_dp->qc_idx = k;
5776 INIT_WORK(&sd_dp->ew.work, sdebug_q_cmd_wq_complete);
5777 }
5778 WRITE_ONCE(sd_dp->defer_t, SDEB_DEFER_WQ);
5779 schedule_work(&sd_dp->ew.work);
5780 }
5781 if (sdebug_statistics)
5782 sd_dp->issuing_cpu = raw_smp_processor_id();
5783 if (unlikely(sd_dp->aborted)) {
5784 sdev_printk(KERN_INFO, sdp, "abort request tag %d\n",
5785 scsi_cmd_to_rq(cmnd)->tag);
5786 blk_abort_request(scsi_cmd_to_rq(cmnd));
5787 atomic_set(&sdeb_inject_pending, 0);
5788 sd_dp->aborted = false;
5789 }
5790 }
5791 if (unlikely((SDEBUG_OPT_Q_NOISE & sdebug_opts) && scsi_result == device_qfull_result))
5792 sdev_printk(KERN_INFO, sdp, "%s: num_in_q=%d +1, %s%s\n", __func__,
5793 num_in_q, (inject ? "<inject> " : ""), "status: TASK SET FULL");
5794 return 0;
5795
5796 respond_in_thread: /* call back to mid-layer using invocation thread */
5797 cmnd->result = pfp != NULL ? pfp(cmnd, devip) : 0;
5798 cmnd->result &= ~SDEG_RES_IMMED_MASK;
5799 if (cmnd->result == 0 && scsi_result != 0)
5800 cmnd->result = scsi_result;
5801 scsi_done(cmnd);
5802 return 0;
5803 }
5804
5805 /* Note: The following macros create attribute files in the
5806 /sys/module/scsi_debug/parameters directory. Unfortunately this
5807 driver is unaware of a change and cannot trigger auxiliary actions
5808 as it can when the corresponding attribute in the
5809 /sys/bus/pseudo/drivers/scsi_debug directory is changed.
5810 */
5811 module_param_named(add_host, sdebug_add_host, int, S_IRUGO | S_IWUSR);
5812 module_param_named(ato, sdebug_ato, int, S_IRUGO);
5813 module_param_named(cdb_len, sdebug_cdb_len, int, 0644);
5814 module_param_named(clustering, sdebug_clustering, bool, S_IRUGO | S_IWUSR);
5815 module_param_named(delay, sdebug_jdelay, int, S_IRUGO | S_IWUSR);
5816 module_param_named(dev_size_mb, sdebug_dev_size_mb, int, S_IRUGO);
5817 module_param_named(dif, sdebug_dif, int, S_IRUGO);
5818 module_param_named(dix, sdebug_dix, int, S_IRUGO);
5819 module_param_named(dsense, sdebug_dsense, int, S_IRUGO | S_IWUSR);
5820 module_param_named(every_nth, sdebug_every_nth, int, S_IRUGO | S_IWUSR);
5821 module_param_named(fake_rw, sdebug_fake_rw, int, S_IRUGO | S_IWUSR);
5822 module_param_named(guard, sdebug_guard, uint, S_IRUGO);
5823 module_param_named(host_lock, sdebug_host_lock, bool, S_IRUGO | S_IWUSR);
5824 module_param_named(host_max_queue, sdebug_host_max_queue, int, S_IRUGO);
5825 module_param_string(inq_product, sdebug_inq_product_id,
5826 sizeof(sdebug_inq_product_id), S_IRUGO | S_IWUSR);
5827 module_param_string(inq_rev, sdebug_inq_product_rev,
5828 sizeof(sdebug_inq_product_rev), S_IRUGO | S_IWUSR);
5829 module_param_string(inq_vendor, sdebug_inq_vendor_id,
5830 sizeof(sdebug_inq_vendor_id), S_IRUGO | S_IWUSR);
5831 module_param_named(lbprz, sdebug_lbprz, int, S_IRUGO);
5832 module_param_named(lbpu, sdebug_lbpu, int, S_IRUGO);
5833 module_param_named(lbpws, sdebug_lbpws, int, S_IRUGO);
5834 module_param_named(lbpws10, sdebug_lbpws10, int, S_IRUGO);
5835 module_param_named(lowest_aligned, sdebug_lowest_aligned, int, S_IRUGO);
5836 module_param_named(lun_format, sdebug_lun_am_i, int, S_IRUGO | S_IWUSR);
5837 module_param_named(max_luns, sdebug_max_luns, int, S_IRUGO | S_IWUSR);
5838 module_param_named(max_queue, sdebug_max_queue, int, S_IRUGO | S_IWUSR);
5839 module_param_named(medium_error_count, sdebug_medium_error_count, int,
5840 S_IRUGO | S_IWUSR);
5841 module_param_named(medium_error_start, sdebug_medium_error_start, int,
5842 S_IRUGO | S_IWUSR);
5843 module_param_named(ndelay, sdebug_ndelay, int, S_IRUGO | S_IWUSR);
5844 module_param_named(no_lun_0, sdebug_no_lun_0, int, S_IRUGO | S_IWUSR);
5845 module_param_named(no_rwlock, sdebug_no_rwlock, bool, S_IRUGO | S_IWUSR);
5846 module_param_named(no_uld, sdebug_no_uld, int, S_IRUGO);
5847 module_param_named(num_parts, sdebug_num_parts, int, S_IRUGO);
5848 module_param_named(num_tgts, sdebug_num_tgts, int, S_IRUGO | S_IWUSR);
5849 module_param_named(opt_blks, sdebug_opt_blks, int, S_IRUGO);
5850 module_param_named(opt_xferlen_exp, sdebug_opt_xferlen_exp, int, S_IRUGO);
5851 module_param_named(opts, sdebug_opts, int, S_IRUGO | S_IWUSR);
5852 module_param_named(per_host_store, sdebug_per_host_store, bool,
5853 S_IRUGO | S_IWUSR);
5854 module_param_named(physblk_exp, sdebug_physblk_exp, int, S_IRUGO);
5855 module_param_named(ptype, sdebug_ptype, int, S_IRUGO | S_IWUSR);
5856 module_param_named(random, sdebug_random, bool, S_IRUGO | S_IWUSR);
5857 module_param_named(removable, sdebug_removable, bool, S_IRUGO | S_IWUSR);
5858 module_param_named(scsi_level, sdebug_scsi_level, int, S_IRUGO);
5859 module_param_named(sector_size, sdebug_sector_size, int, S_IRUGO);
5860 module_param_named(statistics, sdebug_statistics, bool, S_IRUGO | S_IWUSR);
5861 module_param_named(strict, sdebug_strict, bool, S_IRUGO | S_IWUSR);
5862 module_param_named(submit_queues, submit_queues, int, S_IRUGO);
5863 module_param_named(poll_queues, poll_queues, int, S_IRUGO);
5864 module_param_named(tur_ms_to_ready, sdeb_tur_ms_to_ready, int, S_IRUGO);
5865 module_param_named(unmap_alignment, sdebug_unmap_alignment, int, S_IRUGO);
5866 module_param_named(unmap_granularity, sdebug_unmap_granularity, int, S_IRUGO);
5867 module_param_named(unmap_max_blocks, sdebug_unmap_max_blocks, int, S_IRUGO);
5868 module_param_named(unmap_max_desc, sdebug_unmap_max_desc, int, S_IRUGO);
5869 module_param_named(uuid_ctl, sdebug_uuid_ctl, int, S_IRUGO);
5870 module_param_named(virtual_gb, sdebug_virtual_gb, int, S_IRUGO | S_IWUSR);
5871 module_param_named(vpd_use_hostno, sdebug_vpd_use_hostno, int,
5872 S_IRUGO | S_IWUSR);
5873 module_param_named(wp, sdebug_wp, bool, S_IRUGO | S_IWUSR);
5874 module_param_named(write_same_length, sdebug_write_same_length, int,
5875 S_IRUGO | S_IWUSR);
5876 module_param_named(zbc, sdeb_zbc_model_s, charp, S_IRUGO);
5877 module_param_named(zone_cap_mb, sdeb_zbc_zone_cap_mb, int, S_IRUGO);
5878 module_param_named(zone_max_open, sdeb_zbc_max_open, int, S_IRUGO);
5879 module_param_named(zone_nr_conv, sdeb_zbc_nr_conv, int, S_IRUGO);
5880 module_param_named(zone_size_mb, sdeb_zbc_zone_size_mb, int, S_IRUGO);
5881
5882 MODULE_AUTHOR("Eric Youngdale + Douglas Gilbert");
5883 MODULE_DESCRIPTION("SCSI debug adapter driver");
5884 MODULE_LICENSE("GPL");
5885 MODULE_VERSION(SDEBUG_VERSION);
5886
5887 MODULE_PARM_DESC(add_host, "add n hosts, in sysfs if negative remove host(s) (def=1)");
5888 MODULE_PARM_DESC(ato, "application tag ownership: 0=disk 1=host (def=1)");
5889 MODULE_PARM_DESC(cdb_len, "suggest CDB lengths to drivers (def=10)");
5890 MODULE_PARM_DESC(clustering, "when set enables larger transfers (def=0)");
5891 MODULE_PARM_DESC(delay, "response delay (def=1 jiffy); 0:imm, -1,-2:tiny");
5892 MODULE_PARM_DESC(dev_size_mb, "size in MiB of ram shared by devs(def=8)");
5893 MODULE_PARM_DESC(dif, "data integrity field type: 0-3 (def=0)");
5894 MODULE_PARM_DESC(dix, "data integrity extensions mask (def=0)");
5895 MODULE_PARM_DESC(dsense, "use descriptor sense format(def=0 -> fixed)");
5896 MODULE_PARM_DESC(every_nth, "timeout every nth command(def=0)");
5897 MODULE_PARM_DESC(fake_rw, "fake reads/writes instead of copying (def=0)");
5898 MODULE_PARM_DESC(guard, "protection checksum: 0=crc, 1=ip (def=0)");
5899 MODULE_PARM_DESC(host_lock, "host_lock is ignored (def=0)");
5900 MODULE_PARM_DESC(host_max_queue,
5901 "host max # of queued cmds (0 to max(def) [max_queue fixed equal for !0])");
5902 MODULE_PARM_DESC(inq_product, "SCSI INQUIRY product string (def=\"scsi_debug\")");
5903 MODULE_PARM_DESC(inq_rev, "SCSI INQUIRY revision string (def=\""
5904 SDEBUG_VERSION "\")");
5905 MODULE_PARM_DESC(inq_vendor, "SCSI INQUIRY vendor string (def=\"Linux\")");
5906 MODULE_PARM_DESC(lbprz,
5907 "on read unmapped LBs return 0 when 1 (def), return 0xff when 2");
5908 MODULE_PARM_DESC(lbpu, "enable LBP, support UNMAP command (def=0)");
5909 MODULE_PARM_DESC(lbpws, "enable LBP, support WRITE SAME(16) with UNMAP bit (def=0)");
5910 MODULE_PARM_DESC(lbpws10, "enable LBP, support WRITE SAME(10) with UNMAP bit (def=0)");
5911 MODULE_PARM_DESC(lowest_aligned, "lowest aligned lba (def=0)");
5912 MODULE_PARM_DESC(lun_format, "LUN format: 0->peripheral (def); 1 --> flat address method");
5913 MODULE_PARM_DESC(max_luns, "number of LUNs per target to simulate(def=1)");
5914 MODULE_PARM_DESC(max_queue, "max number of queued commands (1 to max(def))");
5915 MODULE_PARM_DESC(medium_error_count, "count of sectors to return follow on MEDIUM error");
5916 MODULE_PARM_DESC(medium_error_start, "starting sector number to return MEDIUM error");
5917 MODULE_PARM_DESC(ndelay, "response delay in nanoseconds (def=0 -> ignore)");
5918 MODULE_PARM_DESC(no_lun_0, "no LU number 0 (def=0 -> have lun 0)");
5919 MODULE_PARM_DESC(no_rwlock, "don't protect user data reads+writes (def=0)");
5920 MODULE_PARM_DESC(no_uld, "stop ULD (e.g. sd driver) attaching (def=0))");
5921 MODULE_PARM_DESC(num_parts, "number of partitions(def=0)");
5922 MODULE_PARM_DESC(num_tgts, "number of targets per host to simulate(def=1)");
5923 MODULE_PARM_DESC(opt_blks, "optimal transfer length in blocks (def=1024)");
5924 MODULE_PARM_DESC(opt_xferlen_exp, "optimal transfer length granularity exponent (def=physblk_exp)");
5925 MODULE_PARM_DESC(opts, "1->noise, 2->medium_err, 4->timeout, 8->recovered_err... (def=0)");
5926 MODULE_PARM_DESC(per_host_store, "If set, next positive add_host will get new store (def=0)");
5927 MODULE_PARM_DESC(physblk_exp, "physical block exponent (def=0)");
5928 MODULE_PARM_DESC(poll_queues, "support for iouring iopoll queues (1 to max(submit_queues - 1))");
5929 MODULE_PARM_DESC(ptype, "SCSI peripheral type(def=0[disk])");
5930 MODULE_PARM_DESC(random, "If set, uniformly randomize command duration between 0 and delay_in_ns");
5931 MODULE_PARM_DESC(removable, "claim to have removable media (def=0)");
5932 MODULE_PARM_DESC(scsi_level, "SCSI level to simulate(def=7[SPC-5])");
5933 MODULE_PARM_DESC(sector_size, "logical block size in bytes (def=512)");
5934 MODULE_PARM_DESC(statistics, "collect statistics on commands, queues (def=0)");
5935 MODULE_PARM_DESC(strict, "stricter checks: reserved field in cdb (def=0)");
5936 MODULE_PARM_DESC(submit_queues, "support for block multi-queue (def=1)");
5937 MODULE_PARM_DESC(tur_ms_to_ready, "TEST UNIT READY millisecs before initial good status (def=0)");
5938 MODULE_PARM_DESC(unmap_alignment, "lowest aligned thin provisioning lba (def=0)");
5939 MODULE_PARM_DESC(unmap_granularity, "thin provisioning granularity in blocks (def=1)");
5940 MODULE_PARM_DESC(unmap_max_blocks, "max # of blocks can be unmapped in one cmd (def=0xffffffff)");
5941 MODULE_PARM_DESC(unmap_max_desc, "max # of ranges that can be unmapped in one cmd (def=256)");
5942 MODULE_PARM_DESC(uuid_ctl,
5943 "1->use uuid for lu name, 0->don't, 2->all use same (def=0)");
5944 MODULE_PARM_DESC(virtual_gb, "virtual gigabyte (GiB) size (def=0 -> use dev_size_mb)");
5945 MODULE_PARM_DESC(vpd_use_hostno, "0 -> dev ids ignore hostno (def=1 -> unique dev ids)");
5946 MODULE_PARM_DESC(wp, "Write Protect (def=0)");
5947 MODULE_PARM_DESC(write_same_length, "Maximum blocks per WRITE SAME cmd (def=0xffff)");
5948 MODULE_PARM_DESC(zbc, "'none' [0]; 'aware' [1]; 'managed' [2] (def=0). Can have 'host-' prefix");
5949 MODULE_PARM_DESC(zone_cap_mb, "Zone capacity in MiB (def=zone size)");
5950 MODULE_PARM_DESC(zone_max_open, "Maximum number of open zones; [0] for no limit (def=auto)");
5951 MODULE_PARM_DESC(zone_nr_conv, "Number of conventional zones (def=1)");
5952 MODULE_PARM_DESC(zone_size_mb, "Zone size in MiB (def=auto)");
5953
5954 #define SDEBUG_INFO_LEN 256
5955 static char sdebug_info[SDEBUG_INFO_LEN];
5956
scsi_debug_info(struct Scsi_Host * shp)5957 static const char *scsi_debug_info(struct Scsi_Host *shp)
5958 {
5959 int k;
5960
5961 k = scnprintf(sdebug_info, SDEBUG_INFO_LEN, "%s: version %s [%s]\n",
5962 my_name, SDEBUG_VERSION, sdebug_version_date);
5963 if (k >= (SDEBUG_INFO_LEN - 1))
5964 return sdebug_info;
5965 scnprintf(sdebug_info + k, SDEBUG_INFO_LEN - k,
5966 " dev_size_mb=%d, opts=0x%x, submit_queues=%d, %s=%d",
5967 sdebug_dev_size_mb, sdebug_opts, submit_queues,
5968 "statistics", (int)sdebug_statistics);
5969 return sdebug_info;
5970 }
5971
5972 /* 'echo <val> > /proc/scsi/scsi_debug/<host_id>' writes to opts */
scsi_debug_write_info(struct Scsi_Host * host,char * buffer,int length)5973 static int scsi_debug_write_info(struct Scsi_Host *host, char *buffer,
5974 int length)
5975 {
5976 char arr[16];
5977 int opts;
5978 int minLen = length > 15 ? 15 : length;
5979
5980 if (!capable(CAP_SYS_ADMIN) || !capable(CAP_SYS_RAWIO))
5981 return -EACCES;
5982 memcpy(arr, buffer, minLen);
5983 arr[minLen] = '\0';
5984 if (1 != sscanf(arr, "%d", &opts))
5985 return -EINVAL;
5986 sdebug_opts = opts;
5987 sdebug_verbose = !!(SDEBUG_OPT_NOISE & opts);
5988 sdebug_any_injecting_opt = !!(SDEBUG_OPT_ALL_INJECTING & opts);
5989 if (sdebug_every_nth != 0)
5990 tweak_cmnd_count();
5991 return length;
5992 }
5993
5994 /* Output seen with 'cat /proc/scsi/scsi_debug/<host_id>'. It will be the
5995 * same for each scsi_debug host (if more than one). Some of the counters
5996 * output are not atomics so might be inaccurate in a busy system. */
scsi_debug_show_info(struct seq_file * m,struct Scsi_Host * host)5997 static int scsi_debug_show_info(struct seq_file *m, struct Scsi_Host *host)
5998 {
5999 int f, j, l;
6000 struct sdebug_queue *sqp;
6001 struct sdebug_host_info *sdhp;
6002
6003 seq_printf(m, "scsi_debug adapter driver, version %s [%s]\n",
6004 SDEBUG_VERSION, sdebug_version_date);
6005 seq_printf(m, "num_tgts=%d, %ssize=%d MB, opts=0x%x, every_nth=%d\n",
6006 sdebug_num_tgts, "shared (ram) ", sdebug_dev_size_mb,
6007 sdebug_opts, sdebug_every_nth);
6008 seq_printf(m, "delay=%d, ndelay=%d, max_luns=%d, sector_size=%d %s\n",
6009 sdebug_jdelay, sdebug_ndelay, sdebug_max_luns,
6010 sdebug_sector_size, "bytes");
6011 seq_printf(m, "cylinders=%d, heads=%d, sectors=%d, command aborts=%d\n",
6012 sdebug_cylinders_per, sdebug_heads, sdebug_sectors_per,
6013 num_aborts);
6014 seq_printf(m, "RESETs: device=%d, target=%d, bus=%d, host=%d\n",
6015 num_dev_resets, num_target_resets, num_bus_resets,
6016 num_host_resets);
6017 seq_printf(m, "dix_reads=%d, dix_writes=%d, dif_errors=%d\n",
6018 dix_reads, dix_writes, dif_errors);
6019 seq_printf(m, "usec_in_jiffy=%lu, statistics=%d\n", TICK_NSEC / 1000,
6020 sdebug_statistics);
6021 seq_printf(m, "cmnd_count=%d, completions=%d, %s=%d, a_tsf=%d, mq_polls=%d\n",
6022 atomic_read(&sdebug_cmnd_count),
6023 atomic_read(&sdebug_completions),
6024 "miss_cpus", atomic_read(&sdebug_miss_cpus),
6025 atomic_read(&sdebug_a_tsf),
6026 atomic_read(&sdeb_mq_poll_count));
6027
6028 seq_printf(m, "submit_queues=%d\n", submit_queues);
6029 for (j = 0, sqp = sdebug_q_arr; j < submit_queues; ++j, ++sqp) {
6030 seq_printf(m, " queue %d:\n", j);
6031 f = find_first_bit(sqp->in_use_bm, sdebug_max_queue);
6032 if (f != sdebug_max_queue) {
6033 l = find_last_bit(sqp->in_use_bm, sdebug_max_queue);
6034 seq_printf(m, " in_use_bm BUSY: %s: %d,%d\n",
6035 "first,last bits", f, l);
6036 }
6037 }
6038
6039 seq_printf(m, "this host_no=%d\n", host->host_no);
6040 if (!xa_empty(per_store_ap)) {
6041 bool niu;
6042 int idx;
6043 unsigned long l_idx;
6044 struct sdeb_store_info *sip;
6045
6046 seq_puts(m, "\nhost list:\n");
6047 j = 0;
6048 list_for_each_entry(sdhp, &sdebug_host_list, host_list) {
6049 idx = sdhp->si_idx;
6050 seq_printf(m, " %d: host_no=%d, si_idx=%d\n", j,
6051 sdhp->shost->host_no, idx);
6052 ++j;
6053 }
6054 seq_printf(m, "\nper_store array [most_recent_idx=%d]:\n",
6055 sdeb_most_recent_idx);
6056 j = 0;
6057 xa_for_each(per_store_ap, l_idx, sip) {
6058 niu = xa_get_mark(per_store_ap, l_idx,
6059 SDEB_XA_NOT_IN_USE);
6060 idx = (int)l_idx;
6061 seq_printf(m, " %d: idx=%d%s\n", j, idx,
6062 (niu ? " not_in_use" : ""));
6063 ++j;
6064 }
6065 }
6066 return 0;
6067 }
6068
delay_show(struct device_driver * ddp,char * buf)6069 static ssize_t delay_show(struct device_driver *ddp, char *buf)
6070 {
6071 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_jdelay);
6072 }
6073 /* Returns -EBUSY if jdelay is being changed and commands are queued. The unit
6074 * of delay is jiffies.
6075 */
delay_store(struct device_driver * ddp,const char * buf,size_t count)6076 static ssize_t delay_store(struct device_driver *ddp, const char *buf,
6077 size_t count)
6078 {
6079 int jdelay, res;
6080
6081 if (count > 0 && sscanf(buf, "%d", &jdelay) == 1) {
6082 res = count;
6083 if (sdebug_jdelay != jdelay) {
6084 int j, k;
6085 struct sdebug_queue *sqp;
6086
6087 block_unblock_all_queues(true);
6088 for (j = 0, sqp = sdebug_q_arr; j < submit_queues;
6089 ++j, ++sqp) {
6090 k = find_first_bit(sqp->in_use_bm,
6091 sdebug_max_queue);
6092 if (k != sdebug_max_queue) {
6093 res = -EBUSY; /* queued commands */
6094 break;
6095 }
6096 }
6097 if (res > 0) {
6098 sdebug_jdelay = jdelay;
6099 sdebug_ndelay = 0;
6100 }
6101 block_unblock_all_queues(false);
6102 }
6103 return res;
6104 }
6105 return -EINVAL;
6106 }
6107 static DRIVER_ATTR_RW(delay);
6108
ndelay_show(struct device_driver * ddp,char * buf)6109 static ssize_t ndelay_show(struct device_driver *ddp, char *buf)
6110 {
6111 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_ndelay);
6112 }
6113 /* Returns -EBUSY if ndelay is being changed and commands are queued */
6114 /* If > 0 and accepted then sdebug_jdelay is set to JDELAY_OVERRIDDEN */
ndelay_store(struct device_driver * ddp,const char * buf,size_t count)6115 static ssize_t ndelay_store(struct device_driver *ddp, const char *buf,
6116 size_t count)
6117 {
6118 int ndelay, res;
6119
6120 if ((count > 0) && (1 == sscanf(buf, "%d", &ndelay)) &&
6121 (ndelay >= 0) && (ndelay < (1000 * 1000 * 1000))) {
6122 res = count;
6123 if (sdebug_ndelay != ndelay) {
6124 int j, k;
6125 struct sdebug_queue *sqp;
6126
6127 block_unblock_all_queues(true);
6128 for (j = 0, sqp = sdebug_q_arr; j < submit_queues;
6129 ++j, ++sqp) {
6130 k = find_first_bit(sqp->in_use_bm,
6131 sdebug_max_queue);
6132 if (k != sdebug_max_queue) {
6133 res = -EBUSY; /* queued commands */
6134 break;
6135 }
6136 }
6137 if (res > 0) {
6138 sdebug_ndelay = ndelay;
6139 sdebug_jdelay = ndelay ? JDELAY_OVERRIDDEN
6140 : DEF_JDELAY;
6141 }
6142 block_unblock_all_queues(false);
6143 }
6144 return res;
6145 }
6146 return -EINVAL;
6147 }
6148 static DRIVER_ATTR_RW(ndelay);
6149
opts_show(struct device_driver * ddp,char * buf)6150 static ssize_t opts_show(struct device_driver *ddp, char *buf)
6151 {
6152 return scnprintf(buf, PAGE_SIZE, "0x%x\n", sdebug_opts);
6153 }
6154
opts_store(struct device_driver * ddp,const char * buf,size_t count)6155 static ssize_t opts_store(struct device_driver *ddp, const char *buf,
6156 size_t count)
6157 {
6158 int opts;
6159 char work[20];
6160
6161 if (sscanf(buf, "%10s", work) == 1) {
6162 if (strncasecmp(work, "0x", 2) == 0) {
6163 if (kstrtoint(work + 2, 16, &opts) == 0)
6164 goto opts_done;
6165 } else {
6166 if (kstrtoint(work, 10, &opts) == 0)
6167 goto opts_done;
6168 }
6169 }
6170 return -EINVAL;
6171 opts_done:
6172 sdebug_opts = opts;
6173 sdebug_verbose = !!(SDEBUG_OPT_NOISE & opts);
6174 sdebug_any_injecting_opt = !!(SDEBUG_OPT_ALL_INJECTING & opts);
6175 tweak_cmnd_count();
6176 return count;
6177 }
6178 static DRIVER_ATTR_RW(opts);
6179
ptype_show(struct device_driver * ddp,char * buf)6180 static ssize_t ptype_show(struct device_driver *ddp, char *buf)
6181 {
6182 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_ptype);
6183 }
ptype_store(struct device_driver * ddp,const char * buf,size_t count)6184 static ssize_t ptype_store(struct device_driver *ddp, const char *buf,
6185 size_t count)
6186 {
6187 int n;
6188
6189 /* Cannot change from or to TYPE_ZBC with sysfs */
6190 if (sdebug_ptype == TYPE_ZBC)
6191 return -EINVAL;
6192
6193 if ((count > 0) && (1 == sscanf(buf, "%d", &n)) && (n >= 0)) {
6194 if (n == TYPE_ZBC)
6195 return -EINVAL;
6196 sdebug_ptype = n;
6197 return count;
6198 }
6199 return -EINVAL;
6200 }
6201 static DRIVER_ATTR_RW(ptype);
6202
dsense_show(struct device_driver * ddp,char * buf)6203 static ssize_t dsense_show(struct device_driver *ddp, char *buf)
6204 {
6205 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_dsense);
6206 }
dsense_store(struct device_driver * ddp,const char * buf,size_t count)6207 static ssize_t dsense_store(struct device_driver *ddp, const char *buf,
6208 size_t count)
6209 {
6210 int n;
6211
6212 if ((count > 0) && (1 == sscanf(buf, "%d", &n)) && (n >= 0)) {
6213 sdebug_dsense = n;
6214 return count;
6215 }
6216 return -EINVAL;
6217 }
6218 static DRIVER_ATTR_RW(dsense);
6219
fake_rw_show(struct device_driver * ddp,char * buf)6220 static ssize_t fake_rw_show(struct device_driver *ddp, char *buf)
6221 {
6222 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_fake_rw);
6223 }
fake_rw_store(struct device_driver * ddp,const char * buf,size_t count)6224 static ssize_t fake_rw_store(struct device_driver *ddp, const char *buf,
6225 size_t count)
6226 {
6227 int n, idx;
6228
6229 if ((count > 0) && (1 == sscanf(buf, "%d", &n)) && (n >= 0)) {
6230 bool want_store = (n == 0);
6231 struct sdebug_host_info *sdhp;
6232
6233 n = (n > 0);
6234 sdebug_fake_rw = (sdebug_fake_rw > 0);
6235 if (sdebug_fake_rw == n)
6236 return count; /* not transitioning so do nothing */
6237
6238 if (want_store) { /* 1 --> 0 transition, set up store */
6239 if (sdeb_first_idx < 0) {
6240 idx = sdebug_add_store();
6241 if (idx < 0)
6242 return idx;
6243 } else {
6244 idx = sdeb_first_idx;
6245 xa_clear_mark(per_store_ap, idx,
6246 SDEB_XA_NOT_IN_USE);
6247 }
6248 /* make all hosts use same store */
6249 list_for_each_entry(sdhp, &sdebug_host_list,
6250 host_list) {
6251 if (sdhp->si_idx != idx) {
6252 xa_set_mark(per_store_ap, sdhp->si_idx,
6253 SDEB_XA_NOT_IN_USE);
6254 sdhp->si_idx = idx;
6255 }
6256 }
6257 sdeb_most_recent_idx = idx;
6258 } else { /* 0 --> 1 transition is trigger for shrink */
6259 sdebug_erase_all_stores(true /* apart from first */);
6260 }
6261 sdebug_fake_rw = n;
6262 return count;
6263 }
6264 return -EINVAL;
6265 }
6266 static DRIVER_ATTR_RW(fake_rw);
6267
no_lun_0_show(struct device_driver * ddp,char * buf)6268 static ssize_t no_lun_0_show(struct device_driver *ddp, char *buf)
6269 {
6270 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_no_lun_0);
6271 }
no_lun_0_store(struct device_driver * ddp,const char * buf,size_t count)6272 static ssize_t no_lun_0_store(struct device_driver *ddp, const char *buf,
6273 size_t count)
6274 {
6275 int n;
6276
6277 if ((count > 0) && (1 == sscanf(buf, "%d", &n)) && (n >= 0)) {
6278 sdebug_no_lun_0 = n;
6279 return count;
6280 }
6281 return -EINVAL;
6282 }
6283 static DRIVER_ATTR_RW(no_lun_0);
6284
num_tgts_show(struct device_driver * ddp,char * buf)6285 static ssize_t num_tgts_show(struct device_driver *ddp, char *buf)
6286 {
6287 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_num_tgts);
6288 }
num_tgts_store(struct device_driver * ddp,const char * buf,size_t count)6289 static ssize_t num_tgts_store(struct device_driver *ddp, const char *buf,
6290 size_t count)
6291 {
6292 int n;
6293
6294 if ((count > 0) && (1 == sscanf(buf, "%d", &n)) && (n >= 0)) {
6295 sdebug_num_tgts = n;
6296 sdebug_max_tgts_luns();
6297 return count;
6298 }
6299 return -EINVAL;
6300 }
6301 static DRIVER_ATTR_RW(num_tgts);
6302
dev_size_mb_show(struct device_driver * ddp,char * buf)6303 static ssize_t dev_size_mb_show(struct device_driver *ddp, char *buf)
6304 {
6305 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_dev_size_mb);
6306 }
6307 static DRIVER_ATTR_RO(dev_size_mb);
6308
per_host_store_show(struct device_driver * ddp,char * buf)6309 static ssize_t per_host_store_show(struct device_driver *ddp, char *buf)
6310 {
6311 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_per_host_store);
6312 }
6313
per_host_store_store(struct device_driver * ddp,const char * buf,size_t count)6314 static ssize_t per_host_store_store(struct device_driver *ddp, const char *buf,
6315 size_t count)
6316 {
6317 bool v;
6318
6319 if (kstrtobool(buf, &v))
6320 return -EINVAL;
6321
6322 sdebug_per_host_store = v;
6323 return count;
6324 }
6325 static DRIVER_ATTR_RW(per_host_store);
6326
num_parts_show(struct device_driver * ddp,char * buf)6327 static ssize_t num_parts_show(struct device_driver *ddp, char *buf)
6328 {
6329 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_num_parts);
6330 }
6331 static DRIVER_ATTR_RO(num_parts);
6332
every_nth_show(struct device_driver * ddp,char * buf)6333 static ssize_t every_nth_show(struct device_driver *ddp, char *buf)
6334 {
6335 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_every_nth);
6336 }
every_nth_store(struct device_driver * ddp,const char * buf,size_t count)6337 static ssize_t every_nth_store(struct device_driver *ddp, const char *buf,
6338 size_t count)
6339 {
6340 int nth;
6341 char work[20];
6342
6343 if (sscanf(buf, "%10s", work) == 1) {
6344 if (strncasecmp(work, "0x", 2) == 0) {
6345 if (kstrtoint(work + 2, 16, &nth) == 0)
6346 goto every_nth_done;
6347 } else {
6348 if (kstrtoint(work, 10, &nth) == 0)
6349 goto every_nth_done;
6350 }
6351 }
6352 return -EINVAL;
6353
6354 every_nth_done:
6355 sdebug_every_nth = nth;
6356 if (nth && !sdebug_statistics) {
6357 pr_info("every_nth needs statistics=1, set it\n");
6358 sdebug_statistics = true;
6359 }
6360 tweak_cmnd_count();
6361 return count;
6362 }
6363 static DRIVER_ATTR_RW(every_nth);
6364
lun_format_show(struct device_driver * ddp,char * buf)6365 static ssize_t lun_format_show(struct device_driver *ddp, char *buf)
6366 {
6367 return scnprintf(buf, PAGE_SIZE, "%d\n", (int)sdebug_lun_am);
6368 }
lun_format_store(struct device_driver * ddp,const char * buf,size_t count)6369 static ssize_t lun_format_store(struct device_driver *ddp, const char *buf,
6370 size_t count)
6371 {
6372 int n;
6373 bool changed;
6374
6375 if (kstrtoint(buf, 0, &n))
6376 return -EINVAL;
6377 if (n >= 0) {
6378 if (n > (int)SAM_LUN_AM_FLAT) {
6379 pr_warn("only LUN address methods 0 and 1 are supported\n");
6380 return -EINVAL;
6381 }
6382 changed = ((int)sdebug_lun_am != n);
6383 sdebug_lun_am = n;
6384 if (changed && sdebug_scsi_level >= 5) { /* >= SPC-3 */
6385 struct sdebug_host_info *sdhp;
6386 struct sdebug_dev_info *dp;
6387
6388 spin_lock(&sdebug_host_list_lock);
6389 list_for_each_entry(sdhp, &sdebug_host_list, host_list) {
6390 list_for_each_entry(dp, &sdhp->dev_info_list, dev_list) {
6391 set_bit(SDEBUG_UA_LUNS_CHANGED, dp->uas_bm);
6392 }
6393 }
6394 spin_unlock(&sdebug_host_list_lock);
6395 }
6396 return count;
6397 }
6398 return -EINVAL;
6399 }
6400 static DRIVER_ATTR_RW(lun_format);
6401
max_luns_show(struct device_driver * ddp,char * buf)6402 static ssize_t max_luns_show(struct device_driver *ddp, char *buf)
6403 {
6404 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_max_luns);
6405 }
max_luns_store(struct device_driver * ddp,const char * buf,size_t count)6406 static ssize_t max_luns_store(struct device_driver *ddp, const char *buf,
6407 size_t count)
6408 {
6409 int n;
6410 bool changed;
6411
6412 if ((count > 0) && (1 == sscanf(buf, "%d", &n)) && (n >= 0)) {
6413 if (n > 256) {
6414 pr_warn("max_luns can be no more than 256\n");
6415 return -EINVAL;
6416 }
6417 changed = (sdebug_max_luns != n);
6418 sdebug_max_luns = n;
6419 sdebug_max_tgts_luns();
6420 if (changed && (sdebug_scsi_level >= 5)) { /* >= SPC-3 */
6421 struct sdebug_host_info *sdhp;
6422 struct sdebug_dev_info *dp;
6423
6424 spin_lock(&sdebug_host_list_lock);
6425 list_for_each_entry(sdhp, &sdebug_host_list,
6426 host_list) {
6427 list_for_each_entry(dp, &sdhp->dev_info_list,
6428 dev_list) {
6429 set_bit(SDEBUG_UA_LUNS_CHANGED,
6430 dp->uas_bm);
6431 }
6432 }
6433 spin_unlock(&sdebug_host_list_lock);
6434 }
6435 return count;
6436 }
6437 return -EINVAL;
6438 }
6439 static DRIVER_ATTR_RW(max_luns);
6440
max_queue_show(struct device_driver * ddp,char * buf)6441 static ssize_t max_queue_show(struct device_driver *ddp, char *buf)
6442 {
6443 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_max_queue);
6444 }
6445 /* N.B. max_queue can be changed while there are queued commands. In flight
6446 * commands beyond the new max_queue will be completed. */
max_queue_store(struct device_driver * ddp,const char * buf,size_t count)6447 static ssize_t max_queue_store(struct device_driver *ddp, const char *buf,
6448 size_t count)
6449 {
6450 int j, n, k, a;
6451 struct sdebug_queue *sqp;
6452
6453 if ((count > 0) && (1 == sscanf(buf, "%d", &n)) && (n > 0) &&
6454 (n <= SDEBUG_CANQUEUE) &&
6455 (sdebug_host_max_queue == 0)) {
6456 block_unblock_all_queues(true);
6457 k = 0;
6458 for (j = 0, sqp = sdebug_q_arr; j < submit_queues;
6459 ++j, ++sqp) {
6460 a = find_last_bit(sqp->in_use_bm, SDEBUG_CANQUEUE);
6461 if (a > k)
6462 k = a;
6463 }
6464 sdebug_max_queue = n;
6465 if (k == SDEBUG_CANQUEUE)
6466 atomic_set(&retired_max_queue, 0);
6467 else if (k >= n)
6468 atomic_set(&retired_max_queue, k + 1);
6469 else
6470 atomic_set(&retired_max_queue, 0);
6471 block_unblock_all_queues(false);
6472 return count;
6473 }
6474 return -EINVAL;
6475 }
6476 static DRIVER_ATTR_RW(max_queue);
6477
host_max_queue_show(struct device_driver * ddp,char * buf)6478 static ssize_t host_max_queue_show(struct device_driver *ddp, char *buf)
6479 {
6480 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_host_max_queue);
6481 }
6482
no_rwlock_show(struct device_driver * ddp,char * buf)6483 static ssize_t no_rwlock_show(struct device_driver *ddp, char *buf)
6484 {
6485 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_no_rwlock);
6486 }
6487
no_rwlock_store(struct device_driver * ddp,const char * buf,size_t count)6488 static ssize_t no_rwlock_store(struct device_driver *ddp, const char *buf, size_t count)
6489 {
6490 bool v;
6491
6492 if (kstrtobool(buf, &v))
6493 return -EINVAL;
6494
6495 sdebug_no_rwlock = v;
6496 return count;
6497 }
6498 static DRIVER_ATTR_RW(no_rwlock);
6499
6500 /*
6501 * Since this is used for .can_queue, and we get the hc_idx tag from the bitmap
6502 * in range [0, sdebug_host_max_queue), we can't change it.
6503 */
6504 static DRIVER_ATTR_RO(host_max_queue);
6505
no_uld_show(struct device_driver * ddp,char * buf)6506 static ssize_t no_uld_show(struct device_driver *ddp, char *buf)
6507 {
6508 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_no_uld);
6509 }
6510 static DRIVER_ATTR_RO(no_uld);
6511
scsi_level_show(struct device_driver * ddp,char * buf)6512 static ssize_t scsi_level_show(struct device_driver *ddp, char *buf)
6513 {
6514 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_scsi_level);
6515 }
6516 static DRIVER_ATTR_RO(scsi_level);
6517
virtual_gb_show(struct device_driver * ddp,char * buf)6518 static ssize_t virtual_gb_show(struct device_driver *ddp, char *buf)
6519 {
6520 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_virtual_gb);
6521 }
virtual_gb_store(struct device_driver * ddp,const char * buf,size_t count)6522 static ssize_t virtual_gb_store(struct device_driver *ddp, const char *buf,
6523 size_t count)
6524 {
6525 int n;
6526 bool changed;
6527
6528 /* Ignore capacity change for ZBC drives for now */
6529 if (sdeb_zbc_in_use)
6530 return -ENOTSUPP;
6531
6532 if ((count > 0) && (1 == sscanf(buf, "%d", &n)) && (n >= 0)) {
6533 changed = (sdebug_virtual_gb != n);
6534 sdebug_virtual_gb = n;
6535 sdebug_capacity = get_sdebug_capacity();
6536 if (changed) {
6537 struct sdebug_host_info *sdhp;
6538 struct sdebug_dev_info *dp;
6539
6540 spin_lock(&sdebug_host_list_lock);
6541 list_for_each_entry(sdhp, &sdebug_host_list,
6542 host_list) {
6543 list_for_each_entry(dp, &sdhp->dev_info_list,
6544 dev_list) {
6545 set_bit(SDEBUG_UA_CAPACITY_CHANGED,
6546 dp->uas_bm);
6547 }
6548 }
6549 spin_unlock(&sdebug_host_list_lock);
6550 }
6551 return count;
6552 }
6553 return -EINVAL;
6554 }
6555 static DRIVER_ATTR_RW(virtual_gb);
6556
add_host_show(struct device_driver * ddp,char * buf)6557 static ssize_t add_host_show(struct device_driver *ddp, char *buf)
6558 {
6559 /* absolute number of hosts currently active is what is shown */
6560 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_num_hosts);
6561 }
6562
add_host_store(struct device_driver * ddp,const char * buf,size_t count)6563 static ssize_t add_host_store(struct device_driver *ddp, const char *buf,
6564 size_t count)
6565 {
6566 bool found;
6567 unsigned long idx;
6568 struct sdeb_store_info *sip;
6569 bool want_phs = (sdebug_fake_rw == 0) && sdebug_per_host_store;
6570 int delta_hosts;
6571
6572 if (sscanf(buf, "%d", &delta_hosts) != 1)
6573 return -EINVAL;
6574 if (delta_hosts > 0) {
6575 do {
6576 found = false;
6577 if (want_phs) {
6578 xa_for_each_marked(per_store_ap, idx, sip,
6579 SDEB_XA_NOT_IN_USE) {
6580 sdeb_most_recent_idx = (int)idx;
6581 found = true;
6582 break;
6583 }
6584 if (found) /* re-use case */
6585 sdebug_add_host_helper((int)idx);
6586 else
6587 sdebug_do_add_host(true);
6588 } else {
6589 sdebug_do_add_host(false);
6590 }
6591 } while (--delta_hosts);
6592 } else if (delta_hosts < 0) {
6593 do {
6594 sdebug_do_remove_host(false);
6595 } while (++delta_hosts);
6596 }
6597 return count;
6598 }
6599 static DRIVER_ATTR_RW(add_host);
6600
vpd_use_hostno_show(struct device_driver * ddp,char * buf)6601 static ssize_t vpd_use_hostno_show(struct device_driver *ddp, char *buf)
6602 {
6603 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_vpd_use_hostno);
6604 }
vpd_use_hostno_store(struct device_driver * ddp,const char * buf,size_t count)6605 static ssize_t vpd_use_hostno_store(struct device_driver *ddp, const char *buf,
6606 size_t count)
6607 {
6608 int n;
6609
6610 if ((count > 0) && (1 == sscanf(buf, "%d", &n)) && (n >= 0)) {
6611 sdebug_vpd_use_hostno = n;
6612 return count;
6613 }
6614 return -EINVAL;
6615 }
6616 static DRIVER_ATTR_RW(vpd_use_hostno);
6617
statistics_show(struct device_driver * ddp,char * buf)6618 static ssize_t statistics_show(struct device_driver *ddp, char *buf)
6619 {
6620 return scnprintf(buf, PAGE_SIZE, "%d\n", (int)sdebug_statistics);
6621 }
statistics_store(struct device_driver * ddp,const char * buf,size_t count)6622 static ssize_t statistics_store(struct device_driver *ddp, const char *buf,
6623 size_t count)
6624 {
6625 int n;
6626
6627 if ((count > 0) && (sscanf(buf, "%d", &n) == 1) && (n >= 0)) {
6628 if (n > 0)
6629 sdebug_statistics = true;
6630 else {
6631 clear_queue_stats();
6632 sdebug_statistics = false;
6633 }
6634 return count;
6635 }
6636 return -EINVAL;
6637 }
6638 static DRIVER_ATTR_RW(statistics);
6639
sector_size_show(struct device_driver * ddp,char * buf)6640 static ssize_t sector_size_show(struct device_driver *ddp, char *buf)
6641 {
6642 return scnprintf(buf, PAGE_SIZE, "%u\n", sdebug_sector_size);
6643 }
6644 static DRIVER_ATTR_RO(sector_size);
6645
submit_queues_show(struct device_driver * ddp,char * buf)6646 static ssize_t submit_queues_show(struct device_driver *ddp, char *buf)
6647 {
6648 return scnprintf(buf, PAGE_SIZE, "%d\n", submit_queues);
6649 }
6650 static DRIVER_ATTR_RO(submit_queues);
6651
dix_show(struct device_driver * ddp,char * buf)6652 static ssize_t dix_show(struct device_driver *ddp, char *buf)
6653 {
6654 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_dix);
6655 }
6656 static DRIVER_ATTR_RO(dix);
6657
dif_show(struct device_driver * ddp,char * buf)6658 static ssize_t dif_show(struct device_driver *ddp, char *buf)
6659 {
6660 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_dif);
6661 }
6662 static DRIVER_ATTR_RO(dif);
6663
guard_show(struct device_driver * ddp,char * buf)6664 static ssize_t guard_show(struct device_driver *ddp, char *buf)
6665 {
6666 return scnprintf(buf, PAGE_SIZE, "%u\n", sdebug_guard);
6667 }
6668 static DRIVER_ATTR_RO(guard);
6669
ato_show(struct device_driver * ddp,char * buf)6670 static ssize_t ato_show(struct device_driver *ddp, char *buf)
6671 {
6672 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_ato);
6673 }
6674 static DRIVER_ATTR_RO(ato);
6675
map_show(struct device_driver * ddp,char * buf)6676 static ssize_t map_show(struct device_driver *ddp, char *buf)
6677 {
6678 ssize_t count = 0;
6679
6680 if (!scsi_debug_lbp())
6681 return scnprintf(buf, PAGE_SIZE, "0-%u\n",
6682 sdebug_store_sectors);
6683
6684 if (sdebug_fake_rw == 0 && !xa_empty(per_store_ap)) {
6685 struct sdeb_store_info *sip = xa_load(per_store_ap, 0);
6686
6687 if (sip)
6688 count = scnprintf(buf, PAGE_SIZE - 1, "%*pbl",
6689 (int)map_size, sip->map_storep);
6690 }
6691 buf[count++] = '\n';
6692 buf[count] = '\0';
6693
6694 return count;
6695 }
6696 static DRIVER_ATTR_RO(map);
6697
random_show(struct device_driver * ddp,char * buf)6698 static ssize_t random_show(struct device_driver *ddp, char *buf)
6699 {
6700 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_random);
6701 }
6702
random_store(struct device_driver * ddp,const char * buf,size_t count)6703 static ssize_t random_store(struct device_driver *ddp, const char *buf,
6704 size_t count)
6705 {
6706 bool v;
6707
6708 if (kstrtobool(buf, &v))
6709 return -EINVAL;
6710
6711 sdebug_random = v;
6712 return count;
6713 }
6714 static DRIVER_ATTR_RW(random);
6715
removable_show(struct device_driver * ddp,char * buf)6716 static ssize_t removable_show(struct device_driver *ddp, char *buf)
6717 {
6718 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_removable ? 1 : 0);
6719 }
removable_store(struct device_driver * ddp,const char * buf,size_t count)6720 static ssize_t removable_store(struct device_driver *ddp, const char *buf,
6721 size_t count)
6722 {
6723 int n;
6724
6725 if ((count > 0) && (1 == sscanf(buf, "%d", &n)) && (n >= 0)) {
6726 sdebug_removable = (n > 0);
6727 return count;
6728 }
6729 return -EINVAL;
6730 }
6731 static DRIVER_ATTR_RW(removable);
6732
host_lock_show(struct device_driver * ddp,char * buf)6733 static ssize_t host_lock_show(struct device_driver *ddp, char *buf)
6734 {
6735 return scnprintf(buf, PAGE_SIZE, "%d\n", !!sdebug_host_lock);
6736 }
6737 /* N.B. sdebug_host_lock does nothing, kept for backward compatibility */
host_lock_store(struct device_driver * ddp,const char * buf,size_t count)6738 static ssize_t host_lock_store(struct device_driver *ddp, const char *buf,
6739 size_t count)
6740 {
6741 int n;
6742
6743 if ((count > 0) && (1 == sscanf(buf, "%d", &n)) && (n >= 0)) {
6744 sdebug_host_lock = (n > 0);
6745 return count;
6746 }
6747 return -EINVAL;
6748 }
6749 static DRIVER_ATTR_RW(host_lock);
6750
strict_show(struct device_driver * ddp,char * buf)6751 static ssize_t strict_show(struct device_driver *ddp, char *buf)
6752 {
6753 return scnprintf(buf, PAGE_SIZE, "%d\n", !!sdebug_strict);
6754 }
strict_store(struct device_driver * ddp,const char * buf,size_t count)6755 static ssize_t strict_store(struct device_driver *ddp, const char *buf,
6756 size_t count)
6757 {
6758 int n;
6759
6760 if ((count > 0) && (1 == sscanf(buf, "%d", &n)) && (n >= 0)) {
6761 sdebug_strict = (n > 0);
6762 return count;
6763 }
6764 return -EINVAL;
6765 }
6766 static DRIVER_ATTR_RW(strict);
6767
uuid_ctl_show(struct device_driver * ddp,char * buf)6768 static ssize_t uuid_ctl_show(struct device_driver *ddp, char *buf)
6769 {
6770 return scnprintf(buf, PAGE_SIZE, "%d\n", !!sdebug_uuid_ctl);
6771 }
6772 static DRIVER_ATTR_RO(uuid_ctl);
6773
cdb_len_show(struct device_driver * ddp,char * buf)6774 static ssize_t cdb_len_show(struct device_driver *ddp, char *buf)
6775 {
6776 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_cdb_len);
6777 }
cdb_len_store(struct device_driver * ddp,const char * buf,size_t count)6778 static ssize_t cdb_len_store(struct device_driver *ddp, const char *buf,
6779 size_t count)
6780 {
6781 int ret, n;
6782
6783 ret = kstrtoint(buf, 0, &n);
6784 if (ret)
6785 return ret;
6786 sdebug_cdb_len = n;
6787 all_config_cdb_len();
6788 return count;
6789 }
6790 static DRIVER_ATTR_RW(cdb_len);
6791
6792 static const char * const zbc_model_strs_a[] = {
6793 [BLK_ZONED_NONE] = "none",
6794 [BLK_ZONED_HA] = "host-aware",
6795 [BLK_ZONED_HM] = "host-managed",
6796 };
6797
6798 static const char * const zbc_model_strs_b[] = {
6799 [BLK_ZONED_NONE] = "no",
6800 [BLK_ZONED_HA] = "aware",
6801 [BLK_ZONED_HM] = "managed",
6802 };
6803
6804 static const char * const zbc_model_strs_c[] = {
6805 [BLK_ZONED_NONE] = "0",
6806 [BLK_ZONED_HA] = "1",
6807 [BLK_ZONED_HM] = "2",
6808 };
6809
sdeb_zbc_model_str(const char * cp)6810 static int sdeb_zbc_model_str(const char *cp)
6811 {
6812 int res = sysfs_match_string(zbc_model_strs_a, cp);
6813
6814 if (res < 0) {
6815 res = sysfs_match_string(zbc_model_strs_b, cp);
6816 if (res < 0) {
6817 res = sysfs_match_string(zbc_model_strs_c, cp);
6818 if (res < 0)
6819 return -EINVAL;
6820 }
6821 }
6822 return res;
6823 }
6824
zbc_show(struct device_driver * ddp,char * buf)6825 static ssize_t zbc_show(struct device_driver *ddp, char *buf)
6826 {
6827 return scnprintf(buf, PAGE_SIZE, "%s\n",
6828 zbc_model_strs_a[sdeb_zbc_model]);
6829 }
6830 static DRIVER_ATTR_RO(zbc);
6831
tur_ms_to_ready_show(struct device_driver * ddp,char * buf)6832 static ssize_t tur_ms_to_ready_show(struct device_driver *ddp, char *buf)
6833 {
6834 return scnprintf(buf, PAGE_SIZE, "%d\n", sdeb_tur_ms_to_ready);
6835 }
6836 static DRIVER_ATTR_RO(tur_ms_to_ready);
6837
6838 /* Note: The following array creates attribute files in the
6839 /sys/bus/pseudo/drivers/scsi_debug directory. The advantage of these
6840 files (over those found in the /sys/module/scsi_debug/parameters
6841 directory) is that auxiliary actions can be triggered when an attribute
6842 is changed. For example see: add_host_store() above.
6843 */
6844
6845 static struct attribute *sdebug_drv_attrs[] = {
6846 &driver_attr_delay.attr,
6847 &driver_attr_opts.attr,
6848 &driver_attr_ptype.attr,
6849 &driver_attr_dsense.attr,
6850 &driver_attr_fake_rw.attr,
6851 &driver_attr_host_max_queue.attr,
6852 &driver_attr_no_lun_0.attr,
6853 &driver_attr_num_tgts.attr,
6854 &driver_attr_dev_size_mb.attr,
6855 &driver_attr_num_parts.attr,
6856 &driver_attr_every_nth.attr,
6857 &driver_attr_lun_format.attr,
6858 &driver_attr_max_luns.attr,
6859 &driver_attr_max_queue.attr,
6860 &driver_attr_no_rwlock.attr,
6861 &driver_attr_no_uld.attr,
6862 &driver_attr_scsi_level.attr,
6863 &driver_attr_virtual_gb.attr,
6864 &driver_attr_add_host.attr,
6865 &driver_attr_per_host_store.attr,
6866 &driver_attr_vpd_use_hostno.attr,
6867 &driver_attr_sector_size.attr,
6868 &driver_attr_statistics.attr,
6869 &driver_attr_submit_queues.attr,
6870 &driver_attr_dix.attr,
6871 &driver_attr_dif.attr,
6872 &driver_attr_guard.attr,
6873 &driver_attr_ato.attr,
6874 &driver_attr_map.attr,
6875 &driver_attr_random.attr,
6876 &driver_attr_removable.attr,
6877 &driver_attr_host_lock.attr,
6878 &driver_attr_ndelay.attr,
6879 &driver_attr_strict.attr,
6880 &driver_attr_uuid_ctl.attr,
6881 &driver_attr_cdb_len.attr,
6882 &driver_attr_tur_ms_to_ready.attr,
6883 &driver_attr_zbc.attr,
6884 NULL,
6885 };
6886 ATTRIBUTE_GROUPS(sdebug_drv);
6887
6888 static struct device *pseudo_primary;
6889
scsi_debug_init(void)6890 static int __init scsi_debug_init(void)
6891 {
6892 bool want_store = (sdebug_fake_rw == 0);
6893 unsigned long sz;
6894 int k, ret, hosts_to_add;
6895 int idx = -1;
6896
6897 ramdisk_lck_a[0] = &atomic_rw;
6898 ramdisk_lck_a[1] = &atomic_rw2;
6899 atomic_set(&retired_max_queue, 0);
6900
6901 if (sdebug_ndelay >= 1000 * 1000 * 1000) {
6902 pr_warn("ndelay must be less than 1 second, ignored\n");
6903 sdebug_ndelay = 0;
6904 } else if (sdebug_ndelay > 0)
6905 sdebug_jdelay = JDELAY_OVERRIDDEN;
6906
6907 switch (sdebug_sector_size) {
6908 case 512:
6909 case 1024:
6910 case 2048:
6911 case 4096:
6912 break;
6913 default:
6914 pr_err("invalid sector_size %d\n", sdebug_sector_size);
6915 return -EINVAL;
6916 }
6917
6918 switch (sdebug_dif) {
6919 case T10_PI_TYPE0_PROTECTION:
6920 break;
6921 case T10_PI_TYPE1_PROTECTION:
6922 case T10_PI_TYPE2_PROTECTION:
6923 case T10_PI_TYPE3_PROTECTION:
6924 have_dif_prot = true;
6925 break;
6926
6927 default:
6928 pr_err("dif must be 0, 1, 2 or 3\n");
6929 return -EINVAL;
6930 }
6931
6932 if (sdebug_num_tgts < 0) {
6933 pr_err("num_tgts must be >= 0\n");
6934 return -EINVAL;
6935 }
6936
6937 if (sdebug_guard > 1) {
6938 pr_err("guard must be 0 or 1\n");
6939 return -EINVAL;
6940 }
6941
6942 if (sdebug_ato > 1) {
6943 pr_err("ato must be 0 or 1\n");
6944 return -EINVAL;
6945 }
6946
6947 if (sdebug_physblk_exp > 15) {
6948 pr_err("invalid physblk_exp %u\n", sdebug_physblk_exp);
6949 return -EINVAL;
6950 }
6951
6952 sdebug_lun_am = sdebug_lun_am_i;
6953 if (sdebug_lun_am > SAM_LUN_AM_FLAT) {
6954 pr_warn("Invalid LUN format %u, using default\n", (int)sdebug_lun_am);
6955 sdebug_lun_am = SAM_LUN_AM_PERIPHERAL;
6956 }
6957
6958 if (sdebug_max_luns > 256) {
6959 if (sdebug_max_luns > 16384) {
6960 pr_warn("max_luns can be no more than 16384, use default\n");
6961 sdebug_max_luns = DEF_MAX_LUNS;
6962 }
6963 sdebug_lun_am = SAM_LUN_AM_FLAT;
6964 }
6965
6966 if (sdebug_lowest_aligned > 0x3fff) {
6967 pr_err("lowest_aligned too big: %u\n", sdebug_lowest_aligned);
6968 return -EINVAL;
6969 }
6970
6971 if (submit_queues < 1) {
6972 pr_err("submit_queues must be 1 or more\n");
6973 return -EINVAL;
6974 }
6975
6976 if ((sdebug_max_queue > SDEBUG_CANQUEUE) || (sdebug_max_queue < 1)) {
6977 pr_err("max_queue must be in range [1, %d]\n", SDEBUG_CANQUEUE);
6978 return -EINVAL;
6979 }
6980
6981 if ((sdebug_host_max_queue > SDEBUG_CANQUEUE) ||
6982 (sdebug_host_max_queue < 0)) {
6983 pr_err("host_max_queue must be in range [0 %d]\n",
6984 SDEBUG_CANQUEUE);
6985 return -EINVAL;
6986 }
6987
6988 if (sdebug_host_max_queue &&
6989 (sdebug_max_queue != sdebug_host_max_queue)) {
6990 sdebug_max_queue = sdebug_host_max_queue;
6991 pr_warn("fixing max submit queue depth to host max queue depth, %d\n",
6992 sdebug_max_queue);
6993 }
6994
6995 sdebug_q_arr = kcalloc(submit_queues, sizeof(struct sdebug_queue),
6996 GFP_KERNEL);
6997 if (sdebug_q_arr == NULL)
6998 return -ENOMEM;
6999 for (k = 0; k < submit_queues; ++k)
7000 spin_lock_init(&sdebug_q_arr[k].qc_lock);
7001
7002 /*
7003 * check for host managed zoned block device specified with
7004 * ptype=0x14 or zbc=XXX.
7005 */
7006 if (sdebug_ptype == TYPE_ZBC) {
7007 sdeb_zbc_model = BLK_ZONED_HM;
7008 } else if (sdeb_zbc_model_s && *sdeb_zbc_model_s) {
7009 k = sdeb_zbc_model_str(sdeb_zbc_model_s);
7010 if (k < 0) {
7011 ret = k;
7012 goto free_q_arr;
7013 }
7014 sdeb_zbc_model = k;
7015 switch (sdeb_zbc_model) {
7016 case BLK_ZONED_NONE:
7017 case BLK_ZONED_HA:
7018 sdebug_ptype = TYPE_DISK;
7019 break;
7020 case BLK_ZONED_HM:
7021 sdebug_ptype = TYPE_ZBC;
7022 break;
7023 default:
7024 pr_err("Invalid ZBC model\n");
7025 ret = -EINVAL;
7026 goto free_q_arr;
7027 }
7028 }
7029 if (sdeb_zbc_model != BLK_ZONED_NONE) {
7030 sdeb_zbc_in_use = true;
7031 if (sdebug_dev_size_mb == DEF_DEV_SIZE_PRE_INIT)
7032 sdebug_dev_size_mb = DEF_ZBC_DEV_SIZE_MB;
7033 }
7034
7035 if (sdebug_dev_size_mb == DEF_DEV_SIZE_PRE_INIT)
7036 sdebug_dev_size_mb = DEF_DEV_SIZE_MB;
7037 if (sdebug_dev_size_mb < 1)
7038 sdebug_dev_size_mb = 1; /* force minimum 1 MB ramdisk */
7039 sz = (unsigned long)sdebug_dev_size_mb * 1048576;
7040 sdebug_store_sectors = sz / sdebug_sector_size;
7041 sdebug_capacity = get_sdebug_capacity();
7042
7043 /* play around with geometry, don't waste too much on track 0 */
7044 sdebug_heads = 8;
7045 sdebug_sectors_per = 32;
7046 if (sdebug_dev_size_mb >= 256)
7047 sdebug_heads = 64;
7048 else if (sdebug_dev_size_mb >= 16)
7049 sdebug_heads = 32;
7050 sdebug_cylinders_per = (unsigned long)sdebug_capacity /
7051 (sdebug_sectors_per * sdebug_heads);
7052 if (sdebug_cylinders_per >= 1024) {
7053 /* other LLDs do this; implies >= 1GB ram disk ... */
7054 sdebug_heads = 255;
7055 sdebug_sectors_per = 63;
7056 sdebug_cylinders_per = (unsigned long)sdebug_capacity /
7057 (sdebug_sectors_per * sdebug_heads);
7058 }
7059 if (scsi_debug_lbp()) {
7060 sdebug_unmap_max_blocks =
7061 clamp(sdebug_unmap_max_blocks, 0U, 0xffffffffU);
7062
7063 sdebug_unmap_max_desc =
7064 clamp(sdebug_unmap_max_desc, 0U, 256U);
7065
7066 sdebug_unmap_granularity =
7067 clamp(sdebug_unmap_granularity, 1U, 0xffffffffU);
7068
7069 if (sdebug_unmap_alignment &&
7070 sdebug_unmap_granularity <=
7071 sdebug_unmap_alignment) {
7072 pr_err("ERR: unmap_granularity <= unmap_alignment\n");
7073 ret = -EINVAL;
7074 goto free_q_arr;
7075 }
7076 }
7077 xa_init_flags(per_store_ap, XA_FLAGS_ALLOC | XA_FLAGS_LOCK_IRQ);
7078 if (want_store) {
7079 idx = sdebug_add_store();
7080 if (idx < 0) {
7081 ret = idx;
7082 goto free_q_arr;
7083 }
7084 }
7085
7086 pseudo_primary = root_device_register("pseudo_0");
7087 if (IS_ERR(pseudo_primary)) {
7088 pr_warn("root_device_register() error\n");
7089 ret = PTR_ERR(pseudo_primary);
7090 goto free_vm;
7091 }
7092 ret = bus_register(&pseudo_lld_bus);
7093 if (ret < 0) {
7094 pr_warn("bus_register error: %d\n", ret);
7095 goto dev_unreg;
7096 }
7097 ret = driver_register(&sdebug_driverfs_driver);
7098 if (ret < 0) {
7099 pr_warn("driver_register error: %d\n", ret);
7100 goto bus_unreg;
7101 }
7102
7103 hosts_to_add = sdebug_add_host;
7104 sdebug_add_host = 0;
7105
7106 for (k = 0; k < hosts_to_add; k++) {
7107 if (want_store && k == 0) {
7108 ret = sdebug_add_host_helper(idx);
7109 if (ret < 0) {
7110 pr_err("add_host_helper k=%d, error=%d\n",
7111 k, -ret);
7112 break;
7113 }
7114 } else {
7115 ret = sdebug_do_add_host(want_store &&
7116 sdebug_per_host_store);
7117 if (ret < 0) {
7118 pr_err("add_host k=%d error=%d\n", k, -ret);
7119 break;
7120 }
7121 }
7122 }
7123 if (sdebug_verbose)
7124 pr_info("built %d host(s)\n", sdebug_num_hosts);
7125
7126 return 0;
7127
7128 bus_unreg:
7129 bus_unregister(&pseudo_lld_bus);
7130 dev_unreg:
7131 root_device_unregister(pseudo_primary);
7132 free_vm:
7133 sdebug_erase_store(idx, NULL);
7134 free_q_arr:
7135 kfree(sdebug_q_arr);
7136 return ret;
7137 }
7138
scsi_debug_exit(void)7139 static void __exit scsi_debug_exit(void)
7140 {
7141 int k = sdebug_num_hosts;
7142
7143 stop_all_queued();
7144 for (; k; k--)
7145 sdebug_do_remove_host(true);
7146 free_all_queued();
7147 driver_unregister(&sdebug_driverfs_driver);
7148 bus_unregister(&pseudo_lld_bus);
7149 root_device_unregister(pseudo_primary);
7150
7151 sdebug_erase_all_stores(false);
7152 xa_destroy(per_store_ap);
7153 kfree(sdebug_q_arr);
7154 }
7155
7156 device_initcall(scsi_debug_init);
7157 module_exit(scsi_debug_exit);
7158
sdebug_release_adapter(struct device * dev)7159 static void sdebug_release_adapter(struct device *dev)
7160 {
7161 struct sdebug_host_info *sdbg_host;
7162
7163 sdbg_host = to_sdebug_host(dev);
7164 kfree(sdbg_host);
7165 }
7166
7167 /* idx must be valid, if sip is NULL then it will be obtained using idx */
sdebug_erase_store(int idx,struct sdeb_store_info * sip)7168 static void sdebug_erase_store(int idx, struct sdeb_store_info *sip)
7169 {
7170 if (idx < 0)
7171 return;
7172 if (!sip) {
7173 if (xa_empty(per_store_ap))
7174 return;
7175 sip = xa_load(per_store_ap, idx);
7176 if (!sip)
7177 return;
7178 }
7179 vfree(sip->map_storep);
7180 vfree(sip->dif_storep);
7181 vfree(sip->storep);
7182 xa_erase(per_store_ap, idx);
7183 kfree(sip);
7184 }
7185
7186 /* Assume apart_from_first==false only in shutdown case. */
sdebug_erase_all_stores(bool apart_from_first)7187 static void sdebug_erase_all_stores(bool apart_from_first)
7188 {
7189 unsigned long idx;
7190 struct sdeb_store_info *sip = NULL;
7191
7192 xa_for_each(per_store_ap, idx, sip) {
7193 if (apart_from_first)
7194 apart_from_first = false;
7195 else
7196 sdebug_erase_store(idx, sip);
7197 }
7198 if (apart_from_first)
7199 sdeb_most_recent_idx = sdeb_first_idx;
7200 }
7201
7202 /*
7203 * Returns store xarray new element index (idx) if >=0 else negated errno.
7204 * Limit the number of stores to 65536.
7205 */
sdebug_add_store(void)7206 static int sdebug_add_store(void)
7207 {
7208 int res;
7209 u32 n_idx;
7210 unsigned long iflags;
7211 unsigned long sz = (unsigned long)sdebug_dev_size_mb * 1048576;
7212 struct sdeb_store_info *sip = NULL;
7213 struct xa_limit xal = { .max = 1 << 16, .min = 0 };
7214
7215 sip = kzalloc(sizeof(*sip), GFP_KERNEL);
7216 if (!sip)
7217 return -ENOMEM;
7218
7219 xa_lock_irqsave(per_store_ap, iflags);
7220 res = __xa_alloc(per_store_ap, &n_idx, sip, xal, GFP_ATOMIC);
7221 if (unlikely(res < 0)) {
7222 xa_unlock_irqrestore(per_store_ap, iflags);
7223 kfree(sip);
7224 pr_warn("%s: xa_alloc() errno=%d\n", __func__, -res);
7225 return res;
7226 }
7227 sdeb_most_recent_idx = n_idx;
7228 if (sdeb_first_idx < 0)
7229 sdeb_first_idx = n_idx;
7230 xa_unlock_irqrestore(per_store_ap, iflags);
7231
7232 res = -ENOMEM;
7233 sip->storep = vzalloc(sz);
7234 if (!sip->storep) {
7235 pr_err("user data oom\n");
7236 goto err;
7237 }
7238 if (sdebug_num_parts > 0)
7239 sdebug_build_parts(sip->storep, sz);
7240
7241 /* DIF/DIX: what T10 calls Protection Information (PI) */
7242 if (sdebug_dix) {
7243 int dif_size;
7244
7245 dif_size = sdebug_store_sectors * sizeof(struct t10_pi_tuple);
7246 sip->dif_storep = vmalloc(dif_size);
7247
7248 pr_info("dif_storep %u bytes @ %pK\n", dif_size,
7249 sip->dif_storep);
7250
7251 if (!sip->dif_storep) {
7252 pr_err("DIX oom\n");
7253 goto err;
7254 }
7255 memset(sip->dif_storep, 0xff, dif_size);
7256 }
7257 /* Logical Block Provisioning */
7258 if (scsi_debug_lbp()) {
7259 map_size = lba_to_map_index(sdebug_store_sectors - 1) + 1;
7260 sip->map_storep = vmalloc(array_size(sizeof(long),
7261 BITS_TO_LONGS(map_size)));
7262
7263 pr_info("%lu provisioning blocks\n", map_size);
7264
7265 if (!sip->map_storep) {
7266 pr_err("LBP map oom\n");
7267 goto err;
7268 }
7269
7270 bitmap_zero(sip->map_storep, map_size);
7271
7272 /* Map first 1KB for partition table */
7273 if (sdebug_num_parts)
7274 map_region(sip, 0, 2);
7275 }
7276
7277 rwlock_init(&sip->macc_lck);
7278 return (int)n_idx;
7279 err:
7280 sdebug_erase_store((int)n_idx, sip);
7281 pr_warn("%s: failed, errno=%d\n", __func__, -res);
7282 return res;
7283 }
7284
sdebug_add_host_helper(int per_host_idx)7285 static int sdebug_add_host_helper(int per_host_idx)
7286 {
7287 int k, devs_per_host, idx;
7288 int error = -ENOMEM;
7289 struct sdebug_host_info *sdbg_host;
7290 struct sdebug_dev_info *sdbg_devinfo, *tmp;
7291
7292 sdbg_host = kzalloc(sizeof(*sdbg_host), GFP_KERNEL);
7293 if (!sdbg_host)
7294 return -ENOMEM;
7295 idx = (per_host_idx < 0) ? sdeb_first_idx : per_host_idx;
7296 if (xa_get_mark(per_store_ap, idx, SDEB_XA_NOT_IN_USE))
7297 xa_clear_mark(per_store_ap, idx, SDEB_XA_NOT_IN_USE);
7298 sdbg_host->si_idx = idx;
7299
7300 INIT_LIST_HEAD(&sdbg_host->dev_info_list);
7301
7302 devs_per_host = sdebug_num_tgts * sdebug_max_luns;
7303 for (k = 0; k < devs_per_host; k++) {
7304 sdbg_devinfo = sdebug_device_create(sdbg_host, GFP_KERNEL);
7305 if (!sdbg_devinfo)
7306 goto clean;
7307 }
7308
7309 spin_lock(&sdebug_host_list_lock);
7310 list_add_tail(&sdbg_host->host_list, &sdebug_host_list);
7311 spin_unlock(&sdebug_host_list_lock);
7312
7313 sdbg_host->dev.bus = &pseudo_lld_bus;
7314 sdbg_host->dev.parent = pseudo_primary;
7315 sdbg_host->dev.release = &sdebug_release_adapter;
7316 dev_set_name(&sdbg_host->dev, "adapter%d", sdebug_num_hosts);
7317
7318 error = device_register(&sdbg_host->dev);
7319 if (error)
7320 goto clean;
7321
7322 ++sdebug_num_hosts;
7323 return 0;
7324
7325 clean:
7326 list_for_each_entry_safe(sdbg_devinfo, tmp, &sdbg_host->dev_info_list,
7327 dev_list) {
7328 list_del(&sdbg_devinfo->dev_list);
7329 kfree(sdbg_devinfo->zstate);
7330 kfree(sdbg_devinfo);
7331 }
7332 kfree(sdbg_host);
7333 pr_warn("%s: failed, errno=%d\n", __func__, -error);
7334 return error;
7335 }
7336
sdebug_do_add_host(bool mk_new_store)7337 static int sdebug_do_add_host(bool mk_new_store)
7338 {
7339 int ph_idx = sdeb_most_recent_idx;
7340
7341 if (mk_new_store) {
7342 ph_idx = sdebug_add_store();
7343 if (ph_idx < 0)
7344 return ph_idx;
7345 }
7346 return sdebug_add_host_helper(ph_idx);
7347 }
7348
sdebug_do_remove_host(bool the_end)7349 static void sdebug_do_remove_host(bool the_end)
7350 {
7351 int idx = -1;
7352 struct sdebug_host_info *sdbg_host = NULL;
7353 struct sdebug_host_info *sdbg_host2;
7354
7355 spin_lock(&sdebug_host_list_lock);
7356 if (!list_empty(&sdebug_host_list)) {
7357 sdbg_host = list_entry(sdebug_host_list.prev,
7358 struct sdebug_host_info, host_list);
7359 idx = sdbg_host->si_idx;
7360 }
7361 if (!the_end && idx >= 0) {
7362 bool unique = true;
7363
7364 list_for_each_entry(sdbg_host2, &sdebug_host_list, host_list) {
7365 if (sdbg_host2 == sdbg_host)
7366 continue;
7367 if (idx == sdbg_host2->si_idx) {
7368 unique = false;
7369 break;
7370 }
7371 }
7372 if (unique) {
7373 xa_set_mark(per_store_ap, idx, SDEB_XA_NOT_IN_USE);
7374 if (idx == sdeb_most_recent_idx)
7375 --sdeb_most_recent_idx;
7376 }
7377 }
7378 if (sdbg_host)
7379 list_del(&sdbg_host->host_list);
7380 spin_unlock(&sdebug_host_list_lock);
7381
7382 if (!sdbg_host)
7383 return;
7384
7385 device_unregister(&sdbg_host->dev);
7386 --sdebug_num_hosts;
7387 }
7388
sdebug_change_qdepth(struct scsi_device * sdev,int qdepth)7389 static int sdebug_change_qdepth(struct scsi_device *sdev, int qdepth)
7390 {
7391 int num_in_q = 0;
7392 struct sdebug_dev_info *devip;
7393
7394 block_unblock_all_queues(true);
7395 devip = (struct sdebug_dev_info *)sdev->hostdata;
7396 if (NULL == devip) {
7397 block_unblock_all_queues(false);
7398 return -ENODEV;
7399 }
7400 num_in_q = atomic_read(&devip->num_in_q);
7401
7402 if (qdepth > SDEBUG_CANQUEUE) {
7403 qdepth = SDEBUG_CANQUEUE;
7404 pr_warn("%s: requested qdepth [%d] exceeds canqueue [%d], trim\n", __func__,
7405 qdepth, SDEBUG_CANQUEUE);
7406 }
7407 if (qdepth < 1)
7408 qdepth = 1;
7409 if (qdepth != sdev->queue_depth)
7410 scsi_change_queue_depth(sdev, qdepth);
7411
7412 if (SDEBUG_OPT_Q_NOISE & sdebug_opts) {
7413 sdev_printk(KERN_INFO, sdev, "%s: qdepth=%d, num_in_q=%d\n",
7414 __func__, qdepth, num_in_q);
7415 }
7416 block_unblock_all_queues(false);
7417 return sdev->queue_depth;
7418 }
7419
fake_timeout(struct scsi_cmnd * scp)7420 static bool fake_timeout(struct scsi_cmnd *scp)
7421 {
7422 if (0 == (atomic_read(&sdebug_cmnd_count) % abs(sdebug_every_nth))) {
7423 if (sdebug_every_nth < -1)
7424 sdebug_every_nth = -1;
7425 if (SDEBUG_OPT_TIMEOUT & sdebug_opts)
7426 return true; /* ignore command causing timeout */
7427 else if (SDEBUG_OPT_MAC_TIMEOUT & sdebug_opts &&
7428 scsi_medium_access_command(scp))
7429 return true; /* time out reads and writes */
7430 }
7431 return false;
7432 }
7433
7434 /* Response to TUR or media access command when device stopped */
resp_not_ready(struct scsi_cmnd * scp,struct sdebug_dev_info * devip)7435 static int resp_not_ready(struct scsi_cmnd *scp, struct sdebug_dev_info *devip)
7436 {
7437 int stopped_state;
7438 u64 diff_ns = 0;
7439 ktime_t now_ts = ktime_get_boottime();
7440 struct scsi_device *sdp = scp->device;
7441
7442 stopped_state = atomic_read(&devip->stopped);
7443 if (stopped_state == 2) {
7444 if (ktime_to_ns(now_ts) > ktime_to_ns(devip->create_ts)) {
7445 diff_ns = ktime_to_ns(ktime_sub(now_ts, devip->create_ts));
7446 if (diff_ns >= ((u64)sdeb_tur_ms_to_ready * 1000000)) {
7447 /* tur_ms_to_ready timer extinguished */
7448 atomic_set(&devip->stopped, 0);
7449 return 0;
7450 }
7451 }
7452 mk_sense_buffer(scp, NOT_READY, LOGICAL_UNIT_NOT_READY, 0x1);
7453 if (sdebug_verbose)
7454 sdev_printk(KERN_INFO, sdp,
7455 "%s: Not ready: in process of becoming ready\n", my_name);
7456 if (scp->cmnd[0] == TEST_UNIT_READY) {
7457 u64 tur_nanosecs_to_ready = (u64)sdeb_tur_ms_to_ready * 1000000;
7458
7459 if (diff_ns <= tur_nanosecs_to_ready)
7460 diff_ns = tur_nanosecs_to_ready - diff_ns;
7461 else
7462 diff_ns = tur_nanosecs_to_ready;
7463 /* As per 20-061r2 approved for spc6 by T10 on 20200716 */
7464 do_div(diff_ns, 1000000); /* diff_ns becomes milliseconds */
7465 scsi_set_sense_information(scp->sense_buffer, SCSI_SENSE_BUFFERSIZE,
7466 diff_ns);
7467 return check_condition_result;
7468 }
7469 }
7470 mk_sense_buffer(scp, NOT_READY, LOGICAL_UNIT_NOT_READY, 0x2);
7471 if (sdebug_verbose)
7472 sdev_printk(KERN_INFO, sdp, "%s: Not ready: initializing command required\n",
7473 my_name);
7474 return check_condition_result;
7475 }
7476
sdebug_map_queues(struct Scsi_Host * shost)7477 static int sdebug_map_queues(struct Scsi_Host *shost)
7478 {
7479 int i, qoff;
7480
7481 if (shost->nr_hw_queues == 1)
7482 return 0;
7483
7484 for (i = 0, qoff = 0; i < HCTX_MAX_TYPES; i++) {
7485 struct blk_mq_queue_map *map = &shost->tag_set.map[i];
7486
7487 map->nr_queues = 0;
7488
7489 if (i == HCTX_TYPE_DEFAULT)
7490 map->nr_queues = submit_queues - poll_queues;
7491 else if (i == HCTX_TYPE_POLL)
7492 map->nr_queues = poll_queues;
7493
7494 if (!map->nr_queues) {
7495 BUG_ON(i == HCTX_TYPE_DEFAULT);
7496 continue;
7497 }
7498
7499 map->queue_offset = qoff;
7500 blk_mq_map_queues(map);
7501
7502 qoff += map->nr_queues;
7503 }
7504
7505 return 0;
7506
7507 }
7508
sdebug_blk_mq_poll(struct Scsi_Host * shost,unsigned int queue_num)7509 static int sdebug_blk_mq_poll(struct Scsi_Host *shost, unsigned int queue_num)
7510 {
7511 bool first;
7512 bool retiring = false;
7513 int num_entries = 0;
7514 unsigned int qc_idx = 0;
7515 unsigned long iflags;
7516 ktime_t kt_from_boot = ktime_get_boottime();
7517 struct sdebug_queue *sqp;
7518 struct sdebug_queued_cmd *sqcp;
7519 struct scsi_cmnd *scp;
7520 struct sdebug_dev_info *devip;
7521 struct sdebug_defer *sd_dp;
7522
7523 sqp = sdebug_q_arr + queue_num;
7524
7525 spin_lock_irqsave(&sqp->qc_lock, iflags);
7526
7527 qc_idx = find_first_bit(sqp->in_use_bm, sdebug_max_queue);
7528 if (qc_idx >= sdebug_max_queue)
7529 goto unlock;
7530
7531 for (first = true; first || qc_idx + 1 < sdebug_max_queue; ) {
7532 if (first) {
7533 first = false;
7534 if (!test_bit(qc_idx, sqp->in_use_bm))
7535 continue;
7536 } else {
7537 qc_idx = find_next_bit(sqp->in_use_bm, sdebug_max_queue, qc_idx + 1);
7538 }
7539 if (qc_idx >= sdebug_max_queue)
7540 break;
7541
7542 sqcp = &sqp->qc_arr[qc_idx];
7543 sd_dp = sqcp->sd_dp;
7544 if (unlikely(!sd_dp))
7545 continue;
7546 scp = sqcp->a_cmnd;
7547 if (unlikely(scp == NULL)) {
7548 pr_err("scp is NULL, queue_num=%d, qc_idx=%u from %s\n",
7549 queue_num, qc_idx, __func__);
7550 break;
7551 }
7552 if (READ_ONCE(sd_dp->defer_t) == SDEB_DEFER_POLL) {
7553 if (kt_from_boot < sd_dp->cmpl_ts)
7554 continue;
7555
7556 } else /* ignoring non REQ_POLLED requests */
7557 continue;
7558 devip = (struct sdebug_dev_info *)scp->device->hostdata;
7559 if (likely(devip))
7560 atomic_dec(&devip->num_in_q);
7561 else
7562 pr_err("devip=NULL from %s\n", __func__);
7563 if (unlikely(atomic_read(&retired_max_queue) > 0))
7564 retiring = true;
7565
7566 sqcp->a_cmnd = NULL;
7567 if (unlikely(!test_and_clear_bit(qc_idx, sqp->in_use_bm))) {
7568 pr_err("Unexpected completion sqp %p queue_num=%d qc_idx=%u from %s\n",
7569 sqp, queue_num, qc_idx, __func__);
7570 break;
7571 }
7572 if (unlikely(retiring)) { /* user has reduced max_queue */
7573 int k, retval;
7574
7575 retval = atomic_read(&retired_max_queue);
7576 if (qc_idx >= retval) {
7577 pr_err("index %d too large\n", retval);
7578 break;
7579 }
7580 k = find_last_bit(sqp->in_use_bm, retval);
7581 if ((k < sdebug_max_queue) || (k == retval))
7582 atomic_set(&retired_max_queue, 0);
7583 else
7584 atomic_set(&retired_max_queue, k + 1);
7585 }
7586 WRITE_ONCE(sd_dp->defer_t, SDEB_DEFER_NONE);
7587 spin_unlock_irqrestore(&sqp->qc_lock, iflags);
7588 scsi_done(scp); /* callback to mid level */
7589 num_entries++;
7590 spin_lock_irqsave(&sqp->qc_lock, iflags);
7591 if (find_first_bit(sqp->in_use_bm, sdebug_max_queue) >= sdebug_max_queue)
7592 break;
7593 }
7594
7595 unlock:
7596 spin_unlock_irqrestore(&sqp->qc_lock, iflags);
7597
7598 if (num_entries > 0)
7599 atomic_add(num_entries, &sdeb_mq_poll_count);
7600 return num_entries;
7601 }
7602
scsi_debug_queuecommand(struct Scsi_Host * shost,struct scsi_cmnd * scp)7603 static int scsi_debug_queuecommand(struct Scsi_Host *shost,
7604 struct scsi_cmnd *scp)
7605 {
7606 u8 sdeb_i;
7607 struct scsi_device *sdp = scp->device;
7608 const struct opcode_info_t *oip;
7609 const struct opcode_info_t *r_oip;
7610 struct sdebug_dev_info *devip;
7611 u8 *cmd = scp->cmnd;
7612 int (*r_pfp)(struct scsi_cmnd *, struct sdebug_dev_info *);
7613 int (*pfp)(struct scsi_cmnd *, struct sdebug_dev_info *) = NULL;
7614 int k, na;
7615 int errsts = 0;
7616 u64 lun_index = sdp->lun & 0x3FFF;
7617 u32 flags;
7618 u16 sa;
7619 u8 opcode = cmd[0];
7620 bool has_wlun_rl;
7621 bool inject_now;
7622
7623 scsi_set_resid(scp, 0);
7624 if (sdebug_statistics) {
7625 atomic_inc(&sdebug_cmnd_count);
7626 inject_now = inject_on_this_cmd();
7627 } else {
7628 inject_now = false;
7629 }
7630 if (unlikely(sdebug_verbose &&
7631 !(SDEBUG_OPT_NO_CDB_NOISE & sdebug_opts))) {
7632 char b[120];
7633 int n, len, sb;
7634
7635 len = scp->cmd_len;
7636 sb = (int)sizeof(b);
7637 if (len > 32)
7638 strcpy(b, "too long, over 32 bytes");
7639 else {
7640 for (k = 0, n = 0; k < len && n < sb; ++k)
7641 n += scnprintf(b + n, sb - n, "%02x ",
7642 (u32)cmd[k]);
7643 }
7644 sdev_printk(KERN_INFO, sdp, "%s: tag=%#x, cmd %s\n", my_name,
7645 blk_mq_unique_tag(scsi_cmd_to_rq(scp)), b);
7646 }
7647 if (unlikely(inject_now && (sdebug_opts & SDEBUG_OPT_HOST_BUSY)))
7648 return SCSI_MLQUEUE_HOST_BUSY;
7649 has_wlun_rl = (sdp->lun == SCSI_W_LUN_REPORT_LUNS);
7650 if (unlikely(lun_index >= sdebug_max_luns && !has_wlun_rl))
7651 goto err_out;
7652
7653 sdeb_i = opcode_ind_arr[opcode]; /* fully mapped */
7654 oip = &opcode_info_arr[sdeb_i]; /* safe if table consistent */
7655 devip = (struct sdebug_dev_info *)sdp->hostdata;
7656 if (unlikely(!devip)) {
7657 devip = find_build_dev_info(sdp);
7658 if (NULL == devip)
7659 goto err_out;
7660 }
7661 if (unlikely(inject_now && !atomic_read(&sdeb_inject_pending)))
7662 atomic_set(&sdeb_inject_pending, 1);
7663
7664 na = oip->num_attached;
7665 r_pfp = oip->pfp;
7666 if (na) { /* multiple commands with this opcode */
7667 r_oip = oip;
7668 if (FF_SA & r_oip->flags) {
7669 if (F_SA_LOW & oip->flags)
7670 sa = 0x1f & cmd[1];
7671 else
7672 sa = get_unaligned_be16(cmd + 8);
7673 for (k = 0; k <= na; oip = r_oip->arrp + k++) {
7674 if (opcode == oip->opcode && sa == oip->sa)
7675 break;
7676 }
7677 } else { /* since no service action only check opcode */
7678 for (k = 0; k <= na; oip = r_oip->arrp + k++) {
7679 if (opcode == oip->opcode)
7680 break;
7681 }
7682 }
7683 if (k > na) {
7684 if (F_SA_LOW & r_oip->flags)
7685 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 1, 4);
7686 else if (F_SA_HIGH & r_oip->flags)
7687 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 8, 7);
7688 else
7689 mk_sense_invalid_opcode(scp);
7690 goto check_cond;
7691 }
7692 } /* else (when na==0) we assume the oip is a match */
7693 flags = oip->flags;
7694 if (unlikely(F_INV_OP & flags)) {
7695 mk_sense_invalid_opcode(scp);
7696 goto check_cond;
7697 }
7698 if (unlikely(has_wlun_rl && !(F_RL_WLUN_OK & flags))) {
7699 if (sdebug_verbose)
7700 sdev_printk(KERN_INFO, sdp, "%s: Opcode 0x%x not%s\n",
7701 my_name, opcode, " supported for wlun");
7702 mk_sense_invalid_opcode(scp);
7703 goto check_cond;
7704 }
7705 if (unlikely(sdebug_strict)) { /* check cdb against mask */
7706 u8 rem;
7707 int j;
7708
7709 for (k = 1; k < oip->len_mask[0] && k < 16; ++k) {
7710 rem = ~oip->len_mask[k] & cmd[k];
7711 if (rem) {
7712 for (j = 7; j >= 0; --j, rem <<= 1) {
7713 if (0x80 & rem)
7714 break;
7715 }
7716 mk_sense_invalid_fld(scp, SDEB_IN_CDB, k, j);
7717 goto check_cond;
7718 }
7719 }
7720 }
7721 if (unlikely(!(F_SKIP_UA & flags) &&
7722 find_first_bit(devip->uas_bm,
7723 SDEBUG_NUM_UAS) != SDEBUG_NUM_UAS)) {
7724 errsts = make_ua(scp, devip);
7725 if (errsts)
7726 goto check_cond;
7727 }
7728 if (unlikely(((F_M_ACCESS & flags) || scp->cmnd[0] == TEST_UNIT_READY) &&
7729 atomic_read(&devip->stopped))) {
7730 errsts = resp_not_ready(scp, devip);
7731 if (errsts)
7732 goto fini;
7733 }
7734 if (sdebug_fake_rw && (F_FAKE_RW & flags))
7735 goto fini;
7736 if (unlikely(sdebug_every_nth)) {
7737 if (fake_timeout(scp))
7738 return 0; /* ignore command: make trouble */
7739 }
7740 if (likely(oip->pfp))
7741 pfp = oip->pfp; /* calls a resp_* function */
7742 else
7743 pfp = r_pfp; /* if leaf function ptr NULL, try the root's */
7744
7745 fini:
7746 if (F_DELAY_OVERR & flags) /* cmds like INQUIRY respond asap */
7747 return schedule_resp(scp, devip, errsts, pfp, 0, 0);
7748 else if ((flags & F_LONG_DELAY) && (sdebug_jdelay > 0 ||
7749 sdebug_ndelay > 10000)) {
7750 /*
7751 * Skip long delays if ndelay <= 10 microseconds. Otherwise
7752 * for Start Stop Unit (SSU) want at least 1 second delay and
7753 * if sdebug_jdelay>1 want a long delay of that many seconds.
7754 * For Synchronize Cache want 1/20 of SSU's delay.
7755 */
7756 int jdelay = (sdebug_jdelay < 2) ? 1 : sdebug_jdelay;
7757 int denom = (flags & F_SYNC_DELAY) ? 20 : 1;
7758
7759 jdelay = mult_frac(USER_HZ * jdelay, HZ, denom * USER_HZ);
7760 return schedule_resp(scp, devip, errsts, pfp, jdelay, 0);
7761 } else
7762 return schedule_resp(scp, devip, errsts, pfp, sdebug_jdelay,
7763 sdebug_ndelay);
7764 check_cond:
7765 return schedule_resp(scp, devip, check_condition_result, NULL, 0, 0);
7766 err_out:
7767 return schedule_resp(scp, NULL, DID_NO_CONNECT << 16, NULL, 0, 0);
7768 }
7769
7770 static struct scsi_host_template sdebug_driver_template = {
7771 .show_info = scsi_debug_show_info,
7772 .write_info = scsi_debug_write_info,
7773 .proc_name = sdebug_proc_name,
7774 .name = "SCSI DEBUG",
7775 .info = scsi_debug_info,
7776 .slave_alloc = scsi_debug_slave_alloc,
7777 .slave_configure = scsi_debug_slave_configure,
7778 .slave_destroy = scsi_debug_slave_destroy,
7779 .ioctl = scsi_debug_ioctl,
7780 .queuecommand = scsi_debug_queuecommand,
7781 .change_queue_depth = sdebug_change_qdepth,
7782 .map_queues = sdebug_map_queues,
7783 .mq_poll = sdebug_blk_mq_poll,
7784 .eh_abort_handler = scsi_debug_abort,
7785 .eh_device_reset_handler = scsi_debug_device_reset,
7786 .eh_target_reset_handler = scsi_debug_target_reset,
7787 .eh_bus_reset_handler = scsi_debug_bus_reset,
7788 .eh_host_reset_handler = scsi_debug_host_reset,
7789 .can_queue = SDEBUG_CANQUEUE,
7790 .this_id = 7,
7791 .sg_tablesize = SG_MAX_SEGMENTS,
7792 .cmd_per_lun = DEF_CMD_PER_LUN,
7793 .max_sectors = -1U,
7794 .max_segment_size = -1U,
7795 .module = THIS_MODULE,
7796 .track_queue_depth = 1,
7797 };
7798
sdebug_driver_probe(struct device * dev)7799 static int sdebug_driver_probe(struct device *dev)
7800 {
7801 int error = 0;
7802 struct sdebug_host_info *sdbg_host;
7803 struct Scsi_Host *hpnt;
7804 int hprot;
7805
7806 sdbg_host = to_sdebug_host(dev);
7807
7808 sdebug_driver_template.can_queue = sdebug_max_queue;
7809 sdebug_driver_template.cmd_per_lun = sdebug_max_queue;
7810 if (!sdebug_clustering)
7811 sdebug_driver_template.dma_boundary = PAGE_SIZE - 1;
7812
7813 hpnt = scsi_host_alloc(&sdebug_driver_template, sizeof(sdbg_host));
7814 if (NULL == hpnt) {
7815 pr_err("scsi_host_alloc failed\n");
7816 error = -ENODEV;
7817 return error;
7818 }
7819 if (submit_queues > nr_cpu_ids) {
7820 pr_warn("%s: trim submit_queues (was %d) to nr_cpu_ids=%u\n",
7821 my_name, submit_queues, nr_cpu_ids);
7822 submit_queues = nr_cpu_ids;
7823 }
7824 /*
7825 * Decide whether to tell scsi subsystem that we want mq. The
7826 * following should give the same answer for each host.
7827 */
7828 hpnt->nr_hw_queues = submit_queues;
7829 if (sdebug_host_max_queue)
7830 hpnt->host_tagset = 1;
7831
7832 /* poll queues are possible for nr_hw_queues > 1 */
7833 if (hpnt->nr_hw_queues == 1 || (poll_queues < 1)) {
7834 pr_warn("%s: trim poll_queues to 0. poll_q/nr_hw = (%d/%d)\n",
7835 my_name, poll_queues, hpnt->nr_hw_queues);
7836 poll_queues = 0;
7837 }
7838
7839 /*
7840 * Poll queues don't need interrupts, but we need at least one I/O queue
7841 * left over for non-polled I/O.
7842 * If condition not met, trim poll_queues to 1 (just for simplicity).
7843 */
7844 if (poll_queues >= submit_queues) {
7845 if (submit_queues < 3)
7846 pr_warn("%s: trim poll_queues to 1\n", my_name);
7847 else
7848 pr_warn("%s: trim poll_queues to 1. Perhaps try poll_queues=%d\n",
7849 my_name, submit_queues - 1);
7850 poll_queues = 1;
7851 }
7852 if (poll_queues)
7853 hpnt->nr_maps = 3;
7854
7855 sdbg_host->shost = hpnt;
7856 *((struct sdebug_host_info **)hpnt->hostdata) = sdbg_host;
7857 if ((hpnt->this_id >= 0) && (sdebug_num_tgts > hpnt->this_id))
7858 hpnt->max_id = sdebug_num_tgts + 1;
7859 else
7860 hpnt->max_id = sdebug_num_tgts;
7861 /* = sdebug_max_luns; */
7862 hpnt->max_lun = SCSI_W_LUN_REPORT_LUNS + 1;
7863
7864 hprot = 0;
7865
7866 switch (sdebug_dif) {
7867
7868 case T10_PI_TYPE1_PROTECTION:
7869 hprot = SHOST_DIF_TYPE1_PROTECTION;
7870 if (sdebug_dix)
7871 hprot |= SHOST_DIX_TYPE1_PROTECTION;
7872 break;
7873
7874 case T10_PI_TYPE2_PROTECTION:
7875 hprot = SHOST_DIF_TYPE2_PROTECTION;
7876 if (sdebug_dix)
7877 hprot |= SHOST_DIX_TYPE2_PROTECTION;
7878 break;
7879
7880 case T10_PI_TYPE3_PROTECTION:
7881 hprot = SHOST_DIF_TYPE3_PROTECTION;
7882 if (sdebug_dix)
7883 hprot |= SHOST_DIX_TYPE3_PROTECTION;
7884 break;
7885
7886 default:
7887 if (sdebug_dix)
7888 hprot |= SHOST_DIX_TYPE0_PROTECTION;
7889 break;
7890 }
7891
7892 scsi_host_set_prot(hpnt, hprot);
7893
7894 if (have_dif_prot || sdebug_dix)
7895 pr_info("host protection%s%s%s%s%s%s%s\n",
7896 (hprot & SHOST_DIF_TYPE1_PROTECTION) ? " DIF1" : "",
7897 (hprot & SHOST_DIF_TYPE2_PROTECTION) ? " DIF2" : "",
7898 (hprot & SHOST_DIF_TYPE3_PROTECTION) ? " DIF3" : "",
7899 (hprot & SHOST_DIX_TYPE0_PROTECTION) ? " DIX0" : "",
7900 (hprot & SHOST_DIX_TYPE1_PROTECTION) ? " DIX1" : "",
7901 (hprot & SHOST_DIX_TYPE2_PROTECTION) ? " DIX2" : "",
7902 (hprot & SHOST_DIX_TYPE3_PROTECTION) ? " DIX3" : "");
7903
7904 if (sdebug_guard == 1)
7905 scsi_host_set_guard(hpnt, SHOST_DIX_GUARD_IP);
7906 else
7907 scsi_host_set_guard(hpnt, SHOST_DIX_GUARD_CRC);
7908
7909 sdebug_verbose = !!(SDEBUG_OPT_NOISE & sdebug_opts);
7910 sdebug_any_injecting_opt = !!(SDEBUG_OPT_ALL_INJECTING & sdebug_opts);
7911 if (sdebug_every_nth) /* need stats counters for every_nth */
7912 sdebug_statistics = true;
7913 error = scsi_add_host(hpnt, &sdbg_host->dev);
7914 if (error) {
7915 pr_err("scsi_add_host failed\n");
7916 error = -ENODEV;
7917 scsi_host_put(hpnt);
7918 } else {
7919 scsi_scan_host(hpnt);
7920 }
7921
7922 return error;
7923 }
7924
sdebug_driver_remove(struct device * dev)7925 static void sdebug_driver_remove(struct device *dev)
7926 {
7927 struct sdebug_host_info *sdbg_host;
7928 struct sdebug_dev_info *sdbg_devinfo, *tmp;
7929
7930 sdbg_host = to_sdebug_host(dev);
7931
7932 scsi_remove_host(sdbg_host->shost);
7933
7934 list_for_each_entry_safe(sdbg_devinfo, tmp, &sdbg_host->dev_info_list,
7935 dev_list) {
7936 list_del(&sdbg_devinfo->dev_list);
7937 kfree(sdbg_devinfo->zstate);
7938 kfree(sdbg_devinfo);
7939 }
7940
7941 scsi_host_put(sdbg_host->shost);
7942 }
7943
pseudo_lld_bus_match(struct device * dev,struct device_driver * dev_driver)7944 static int pseudo_lld_bus_match(struct device *dev,
7945 struct device_driver *dev_driver)
7946 {
7947 return 1;
7948 }
7949
7950 static struct bus_type pseudo_lld_bus = {
7951 .name = "pseudo",
7952 .match = pseudo_lld_bus_match,
7953 .probe = sdebug_driver_probe,
7954 .remove = sdebug_driver_remove,
7955 .drv_groups = sdebug_drv_groups,
7956 };
7957