search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Linux 5.1.15
[linux/fpc-iii.git] / drivers / scsi / scsi_debug.c
blob2740a90501a09e8341b809b5dffef42bde5f8c02
1 /*
2 * vvvvvvvvvvvvvvvvvvvvvvv Original vvvvvvvvvvvvvvvvvvvvvvvvvvvvvvv
3 * Copyright (C) 1992 Eric Youngdale
4 * Simulate a host adapter with 2 disks attached. Do a lot of checking
5 * to make sure that we are not getting blocks mixed up, and PANIC if
6 * anything out of the ordinary is seen.
7 * ^^^^^^^^^^^^^^^^^^^^^^^ Original ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
8 *
9 * Copyright (C) 2001 - 2018 Douglas Gilbert
10 *
11 * This program is free software; you can redistribute it and/or modify
12 * it under the terms of the GNU General Public License as published by
13 * the Free Software Foundation; either version 2, or (at your option)
14 * any later version.
15 *
16 * For documentation see http://sg.danny.cz/sg/sdebug26.html
17 *
18 */
19
20
21 #define pr_fmt(fmt) KBUILD_MODNAME ":%s: " fmt, __func__
22
23 #include <linux/module.h>
24
25 #include <linux/kernel.h>
26 #include <linux/errno.h>
27 #include <linux/jiffies.h>
28 #include <linux/slab.h>
29 #include <linux/types.h>
30 #include <linux/string.h>
31 #include <linux/genhd.h>
32 #include <linux/fs.h>
33 #include <linux/init.h>
34 #include <linux/proc_fs.h>
35 #include <linux/vmalloc.h>
36 #include <linux/moduleparam.h>
37 #include <linux/scatterlist.h>
38 #include <linux/blkdev.h>
39 #include <linux/crc-t10dif.h>
40 #include <linux/spinlock.h>
41 #include <linux/interrupt.h>
42 #include <linux/atomic.h>
43 #include <linux/hrtimer.h>
44 #include <linux/uuid.h>
45 #include <linux/t10-pi.h>
46
47 #include <net/checksum.h>
48
49 #include <asm/unaligned.h>
50
51 #include <scsi/scsi.h>
52 #include <scsi/scsi_cmnd.h>
53 #include <scsi/scsi_device.h>
54 #include <scsi/scsi_host.h>
55 #include <scsi/scsicam.h>
56 #include <scsi/scsi_eh.h>
57 #include <scsi/scsi_tcq.h>
58 #include <scsi/scsi_dbg.h>
59
60 #include "sd.h"
61 #include "scsi_logging.h"
62
63 /* make sure inq_product_rev string corresponds to this version */
64 #define SDEBUG_VERSION "0188" /* format to fit INQUIRY revision field */
65 static const char *sdebug_version_date = "20190125";
66
67 #define MY_NAME "scsi_debug"
68
69 /* Additional Sense Code (ASC) */
70 #define NO_ADDITIONAL_SENSE 0x0
71 #define LOGICAL_UNIT_NOT_READY 0x4
72 #define LOGICAL_UNIT_COMMUNICATION_FAILURE 0x8
73 #define UNRECOVERED_READ_ERR 0x11
74 #define PARAMETER_LIST_LENGTH_ERR 0x1a
75 #define INVALID_OPCODE 0x20
76 #define LBA_OUT_OF_RANGE 0x21
77 #define INVALID_FIELD_IN_CDB 0x24
78 #define INVALID_FIELD_IN_PARAM_LIST 0x26
79 #define WRITE_PROTECTED 0x27
80 #define UA_RESET_ASC 0x29
81 #define UA_CHANGED_ASC 0x2a
82 #define TARGET_CHANGED_ASC 0x3f
83 #define LUNS_CHANGED_ASCQ 0x0e
84 #define INSUFF_RES_ASC 0x55
85 #define INSUFF_RES_ASCQ 0x3
86 #define POWER_ON_RESET_ASCQ 0x0
87 #define BUS_RESET_ASCQ 0x2 /* scsi bus reset occurred */
88 #define MODE_CHANGED_ASCQ 0x1 /* mode parameters changed */
89 #define CAPACITY_CHANGED_ASCQ 0x9
90 #define SAVING_PARAMS_UNSUP 0x39
91 #define TRANSPORT_PROBLEM 0x4b
92 #define THRESHOLD_EXCEEDED 0x5d
93 #define LOW_POWER_COND_ON 0x5e
94 #define MISCOMPARE_VERIFY_ASC 0x1d
95 #define MICROCODE_CHANGED_ASCQ 0x1 /* with TARGET_CHANGED_ASC */
96 #define MICROCODE_CHANGED_WO_RESET_ASCQ 0x16
97 #define WRITE_ERROR_ASC 0xc
98
99 /* Additional Sense Code Qualifier (ASCQ) */
100 #define ACK_NAK_TO 0x3
101
102 /* Default values for driver parameters */
103 #define DEF_NUM_HOST 1
104 #define DEF_NUM_TGTS 1
105 #define DEF_MAX_LUNS 1
106 /* With these defaults, this driver will make 1 host with 1 target
107 * (id 0) containing 1 logical unit (lun 0). That is 1 device.
108 */
109 #define DEF_ATO 1
110 #define DEF_CDB_LEN 10
111 #define DEF_JDELAY 1 /* if > 0 unit is a jiffy */
112 #define DEF_DEV_SIZE_MB 8
113 #define DEF_DIF 0
114 #define DEF_DIX 0
115 #define DEF_D_SENSE 0
116 #define DEF_EVERY_NTH 0
117 #define DEF_FAKE_RW 0
118 #define DEF_GUARD 0
119 #define DEF_HOST_LOCK 0
120 #define DEF_LBPU 0
121 #define DEF_LBPWS 0
122 #define DEF_LBPWS10 0
123 #define DEF_LBPRZ 1
124 #define DEF_LOWEST_ALIGNED 0
125 #define DEF_NDELAY 0 /* if > 0 unit is a nanosecond */
126 #define DEF_NO_LUN_0 0
127 #define DEF_NUM_PARTS 0
128 #define DEF_OPTS 0
129 #define DEF_OPT_BLKS 1024
130 #define DEF_PHYSBLK_EXP 0
131 #define DEF_OPT_XFERLEN_EXP 0
132 #define DEF_PTYPE TYPE_DISK
133 #define DEF_REMOVABLE false
134 #define DEF_SCSI_LEVEL 7 /* INQUIRY, byte2 [6->SPC-4; 7->SPC-5] */
135 #define DEF_SECTOR_SIZE 512
136 #define DEF_UNMAP_ALIGNMENT 0
137 #define DEF_UNMAP_GRANULARITY 1
138 #define DEF_UNMAP_MAX_BLOCKS 0xFFFFFFFF
139 #define DEF_UNMAP_MAX_DESC 256
140 #define DEF_VIRTUAL_GB 0
141 #define DEF_VPD_USE_HOSTNO 1
142 #define DEF_WRITESAME_LENGTH 0xFFFF
143 #define DEF_STRICT 0
144 #define DEF_STATISTICS false
145 #define DEF_SUBMIT_QUEUES 1
146 #define DEF_UUID_CTL 0
147 #define JDELAY_OVERRIDDEN -9999
148
149 #define SDEBUG_LUN_0_VAL 0
150
151 /* bit mask values for sdebug_opts */
152 #define SDEBUG_OPT_NOISE 1
153 #define SDEBUG_OPT_MEDIUM_ERR 2
154 #define SDEBUG_OPT_TIMEOUT 4
155 #define SDEBUG_OPT_RECOVERED_ERR 8
156 #define SDEBUG_OPT_TRANSPORT_ERR 16
157 #define SDEBUG_OPT_DIF_ERR 32
158 #define SDEBUG_OPT_DIX_ERR 64
159 #define SDEBUG_OPT_MAC_TIMEOUT 128
160 #define SDEBUG_OPT_SHORT_TRANSFER 0x100
161 #define SDEBUG_OPT_Q_NOISE 0x200
162 #define SDEBUG_OPT_ALL_TSF 0x400
163 #define SDEBUG_OPT_RARE_TSF 0x800
164 #define SDEBUG_OPT_N_WCE 0x1000
165 #define SDEBUG_OPT_RESET_NOISE 0x2000
166 #define SDEBUG_OPT_NO_CDB_NOISE 0x4000
167 #define SDEBUG_OPT_HOST_BUSY 0x8000
168 #define SDEBUG_OPT_CMD_ABORT 0x10000
169 #define SDEBUG_OPT_ALL_NOISE (SDEBUG_OPT_NOISE | SDEBUG_OPT_Q_NOISE | \
170 SDEBUG_OPT_RESET_NOISE)
171 #define SDEBUG_OPT_ALL_INJECTING (SDEBUG_OPT_RECOVERED_ERR | \
172 SDEBUG_OPT_TRANSPORT_ERR | \
173 SDEBUG_OPT_DIF_ERR | SDEBUG_OPT_DIX_ERR | \
174 SDEBUG_OPT_SHORT_TRANSFER | \
175 SDEBUG_OPT_HOST_BUSY | \
176 SDEBUG_OPT_CMD_ABORT)
177 /* When "every_nth" > 0 then modulo "every_nth" commands:
178 * - a missing response is simulated if SDEBUG_OPT_TIMEOUT is set
179 * - a RECOVERED_ERROR is simulated on successful read and write
180 * commands if SDEBUG_OPT_RECOVERED_ERR is set.
181 * - a TRANSPORT_ERROR is simulated on successful read and write
182 * commands if SDEBUG_OPT_TRANSPORT_ERR is set.
183 * - similarly for DIF_ERR, DIX_ERR, SHORT_TRANSFER, HOST_BUSY and
184 * CMD_ABORT
185 *
186 * When "every_nth" < 0 then after "- every_nth" commands the selected
187 * error will be injected. The error will be injected on every subsequent
188 * command until some other action occurs; for example, the user writing
189 * a new value (other than -1 or 1) to every_nth:
190 * echo 0 > /sys/bus/pseudo/drivers/scsi_debug/every_nth
191 */
192
193 /* As indicated in SAM-5 and SPC-4 Unit Attentions (UAs) are returned in
194 * priority order. In the subset implemented here lower numbers have higher
195 * priority. The UA numbers should be a sequence starting from 0 with
196 * SDEBUG_NUM_UAS being 1 higher than the highest numbered UA. */
197 #define SDEBUG_UA_POR 0 /* Power on, reset, or bus device reset */
198 #define SDEBUG_UA_BUS_RESET 1
199 #define SDEBUG_UA_MODE_CHANGED 2
200 #define SDEBUG_UA_CAPACITY_CHANGED 3
201 #define SDEBUG_UA_LUNS_CHANGED 4
202 #define SDEBUG_UA_MICROCODE_CHANGED 5 /* simulate firmware change */
203 #define SDEBUG_UA_MICROCODE_CHANGED_WO_RESET 6
204 #define SDEBUG_NUM_UAS 7
205
206 /* when 1==SDEBUG_OPT_MEDIUM_ERR, a medium error is simulated at this
207 * sector on read commands: */
208 #define OPT_MEDIUM_ERR_ADDR 0x1234 /* that's sector 4660 in decimal */
209 #define OPT_MEDIUM_ERR_NUM 10 /* number of consecutive medium errs */
210
211 /* If REPORT LUNS has luns >= 256 it can choose "flat space" (value 1)
212 * or "peripheral device" addressing (value 0) */
213 #define SAM2_LUN_ADDRESS_METHOD 0
214
215 /* SDEBUG_CANQUEUE is the maximum number of commands that can be queued
216 * (for response) per submit queue at one time. Can be reduced by max_queue
217 * option. Command responses are not queued when jdelay=0 and ndelay=0. The
218 * per-device DEF_CMD_PER_LUN can be changed via sysfs:
219 * /sys/class/scsi_device/<h:c:t:l>/device/queue_depth
220 * but cannot exceed SDEBUG_CANQUEUE .
221 */
222 #define SDEBUG_CANQUEUE_WORDS 3 /* a WORD is bits in a long */
223 #define SDEBUG_CANQUEUE (SDEBUG_CANQUEUE_WORDS * BITS_PER_LONG)
224 #define DEF_CMD_PER_LUN 255
225
226 #define F_D_IN 1
227 #define F_D_OUT 2
228 #define F_D_OUT_MAYBE 4 /* WRITE SAME, NDOB bit */
229 #define F_D_UNKN 8
230 #define F_RL_WLUN_OK 0x10
231 #define F_SKIP_UA 0x20
232 #define F_DELAY_OVERR 0x40
233 #define F_SA_LOW 0x80 /* cdb byte 1, bits 4 to 0 */
234 #define F_SA_HIGH 0x100 /* as used by variable length cdbs */
235 #define F_INV_OP 0x200
236 #define F_FAKE_RW 0x400
237 #define F_M_ACCESS 0x800 /* media access */
238 #define F_SSU_DELAY 0x1000
239 #define F_SYNC_DELAY 0x2000
240
241 #define FF_RESPOND (F_RL_WLUN_OK | F_SKIP_UA | F_DELAY_OVERR)
242 #define FF_MEDIA_IO (F_M_ACCESS | F_FAKE_RW)
243 #define FF_SA (F_SA_HIGH | F_SA_LOW)
244 #define F_LONG_DELAY (F_SSU_DELAY | F_SYNC_DELAY)
245
246 #define SDEBUG_MAX_PARTS 4
247
248 #define SDEBUG_MAX_CMD_LEN 32
249
250
251 struct sdebug_dev_info {
252 struct list_head dev_list;
253 unsigned int channel;
254 unsigned int target;
255 u64 lun;
256 uuid_t lu_name;
257 struct sdebug_host_info *sdbg_host;
258 unsigned long uas_bm[1];
259 atomic_t num_in_q;
260 atomic_t stopped;
261 bool used;
262 };
263
264 struct sdebug_host_info {
265 struct list_head host_list;
266 struct Scsi_Host *shost;
267 struct device dev;
268 struct list_head dev_info_list;
269 };
270
271 #define to_sdebug_host(d) \
272 container_of(d, struct sdebug_host_info, dev)
273
274 enum sdeb_defer_type {SDEB_DEFER_NONE = 0, SDEB_DEFER_HRT = 1,
275 SDEB_DEFER_WQ = 2};
276
277 struct sdebug_defer {
278 struct hrtimer hrt;
279 struct execute_work ew;
280 int sqa_idx; /* index of sdebug_queue array */
281 int qc_idx; /* index of sdebug_queued_cmd array within sqa_idx */
282 int issuing_cpu;
283 bool init_hrt;
284 bool init_wq;
285 bool aborted; /* true when blk_abort_request() already called */
286 enum sdeb_defer_type defer_t;
287 };
288
289 struct sdebug_queued_cmd {
290 /* corresponding bit set in in_use_bm[] in owning struct sdebug_queue
291 * instance indicates this slot is in use.
292 */
293 struct sdebug_defer *sd_dp;
294 struct scsi_cmnd *a_cmnd;
295 unsigned int inj_recovered:1;
296 unsigned int inj_transport:1;
297 unsigned int inj_dif:1;
298 unsigned int inj_dix:1;
299 unsigned int inj_short:1;
300 unsigned int inj_host_busy:1;
301 unsigned int inj_cmd_abort:1;
302 };
303
304 struct sdebug_queue {
305 struct sdebug_queued_cmd qc_arr[SDEBUG_CANQUEUE];
306 unsigned long in_use_bm[SDEBUG_CANQUEUE_WORDS];
307 spinlock_t qc_lock;
308 atomic_t blocked; /* to temporarily stop more being queued */
309 };
310
311 static atomic_t sdebug_cmnd_count; /* number of incoming commands */
312 static atomic_t sdebug_completions; /* count of deferred completions */
313 static atomic_t sdebug_miss_cpus; /* submission + completion cpus differ */
314 static atomic_t sdebug_a_tsf; /* 'almost task set full' counter */
315
316 struct opcode_info_t {
317 u8 num_attached; /* 0 if this is it (i.e. a leaf); use 0xff */
318 /* for terminating element */
319 u8 opcode; /* if num_attached > 0, preferred */
320 u16 sa; /* service action */
321 u32 flags; /* OR-ed set of SDEB_F_* */
322 int (*pfp)(struct scsi_cmnd *, struct sdebug_dev_info *);
323 const struct opcode_info_t *arrp; /* num_attached elements or NULL */
324 u8 len_mask[16]; /* len_mask[0]-->cdb_len, then mask for cdb */
325 /* 1 to min(cdb_len, 15); ignore cdb[15...] */
326 };
327
328 /* SCSI opcodes (first byte of cdb) of interest mapped onto these indexes */
329 enum sdeb_opcode_index {
330 SDEB_I_INVALID_OPCODE = 0,
331 SDEB_I_INQUIRY = 1,
332 SDEB_I_REPORT_LUNS = 2,
333 SDEB_I_REQUEST_SENSE = 3,
334 SDEB_I_TEST_UNIT_READY = 4,
335 SDEB_I_MODE_SENSE = 5, /* 6, 10 */
336 SDEB_I_MODE_SELECT = 6, /* 6, 10 */
337 SDEB_I_LOG_SENSE = 7,
338 SDEB_I_READ_CAPACITY = 8, /* 10; 16 is in SA_IN(16) */
339 SDEB_I_READ = 9, /* 6, 10, 12, 16 */
340 SDEB_I_WRITE = 10, /* 6, 10, 12, 16 */
341 SDEB_I_START_STOP = 11,
342 SDEB_I_SERV_ACT_IN_16 = 12, /* add ...SERV_ACT_IN_12 if needed */
343 SDEB_I_SERV_ACT_OUT_16 = 13, /* add ...SERV_ACT_OUT_12 if needed */
344 SDEB_I_MAINT_IN = 14,
345 SDEB_I_MAINT_OUT = 15,
346 SDEB_I_VERIFY = 16, /* 10 only */
347 SDEB_I_VARIABLE_LEN = 17, /* READ(32), WRITE(32), WR_SCAT(32) */
348 SDEB_I_RESERVE = 18, /* 6, 10 */
349 SDEB_I_RELEASE = 19, /* 6, 10 */
350 SDEB_I_ALLOW_REMOVAL = 20, /* PREVENT ALLOW MEDIUM REMOVAL */
351 SDEB_I_REZERO_UNIT = 21, /* REWIND in SSC */
352 SDEB_I_ATA_PT = 22, /* 12, 16 */
353 SDEB_I_SEND_DIAG = 23,
354 SDEB_I_UNMAP = 24,
355 SDEB_I_WRITE_BUFFER = 25,
356 SDEB_I_WRITE_SAME = 26, /* 10, 16 */
357 SDEB_I_SYNC_CACHE = 27, /* 10, 16 */
358 SDEB_I_COMP_WRITE = 28,
359 SDEB_I_LAST_ELEMENT = 29, /* keep this last (previous + 1) */
360 };
361
362
363 static const unsigned char opcode_ind_arr[256] = {
364 /* 0x0; 0x0->0x1f: 6 byte cdbs */
365 SDEB_I_TEST_UNIT_READY, SDEB_I_REZERO_UNIT, 0, SDEB_I_REQUEST_SENSE,
366 0, 0, 0, 0,
367 SDEB_I_READ, 0, SDEB_I_WRITE, 0, 0, 0, 0, 0,
368 0, 0, SDEB_I_INQUIRY, 0, 0, SDEB_I_MODE_SELECT, SDEB_I_RESERVE,
369 SDEB_I_RELEASE,
370 0, 0, SDEB_I_MODE_SENSE, SDEB_I_START_STOP, 0, SDEB_I_SEND_DIAG,
371 SDEB_I_ALLOW_REMOVAL, 0,
372 /* 0x20; 0x20->0x3f: 10 byte cdbs */
373 0, 0, 0, 0, 0, SDEB_I_READ_CAPACITY, 0, 0,
374 SDEB_I_READ, 0, SDEB_I_WRITE, 0, 0, 0, 0, SDEB_I_VERIFY,
375 0, 0, 0, 0, 0, SDEB_I_SYNC_CACHE, 0, 0,
376 0, 0, 0, SDEB_I_WRITE_BUFFER, 0, 0, 0, 0,
377 /* 0x40; 0x40->0x5f: 10 byte cdbs */
378 0, SDEB_I_WRITE_SAME, SDEB_I_UNMAP, 0, 0, 0, 0, 0,
379 0, 0, 0, 0, 0, SDEB_I_LOG_SENSE, 0, 0,
380 0, 0, 0, 0, 0, SDEB_I_MODE_SELECT, SDEB_I_RESERVE,
381 SDEB_I_RELEASE,
382 0, 0, SDEB_I_MODE_SENSE, 0, 0, 0, 0, 0,
383 /* 0x60; 0x60->0x7d are reserved, 0x7e is "extended cdb" */
384 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
385 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
386 0, SDEB_I_VARIABLE_LEN,
387 /* 0x80; 0x80->0x9f: 16 byte cdbs */
388 0, 0, 0, 0, 0, SDEB_I_ATA_PT, 0, 0,
389 SDEB_I_READ, SDEB_I_COMP_WRITE, SDEB_I_WRITE, 0, 0, 0, 0, 0,
390 0, SDEB_I_SYNC_CACHE, 0, SDEB_I_WRITE_SAME, 0, 0, 0, 0,
391 0, 0, 0, 0, 0, 0, SDEB_I_SERV_ACT_IN_16, SDEB_I_SERV_ACT_OUT_16,
392 /* 0xa0; 0xa0->0xbf: 12 byte cdbs */
393 SDEB_I_REPORT_LUNS, SDEB_I_ATA_PT, 0, SDEB_I_MAINT_IN,
394 SDEB_I_MAINT_OUT, 0, 0, 0,
395 SDEB_I_READ, 0 /* SDEB_I_SERV_ACT_OUT_12 */, SDEB_I_WRITE,
396 0 /* SDEB_I_SERV_ACT_IN_12 */, 0, 0, 0, 0,
397 0, 0, 0, 0, 0, 0, 0, 0,
398 0, 0, 0, 0, 0, 0, 0, 0,
399 /* 0xc0; 0xc0->0xff: vendor specific */
400 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
401 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
402 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
403 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
404 };
405
406 /*
407 * The following "response" functions return the SCSI mid-level's 4 byte
408 * tuple-in-an-int. To handle commands with an IMMED bit, for a faster
409 * command completion, they can mask their return value with
410 * SDEG_RES_IMMED_MASK .
411 */
412 #define SDEG_RES_IMMED_MASK 0x40000000
413
414 static int resp_inquiry(struct scsi_cmnd *, struct sdebug_dev_info *);
415 static int resp_report_luns(struct scsi_cmnd *, struct sdebug_dev_info *);
416 static int resp_requests(struct scsi_cmnd *, struct sdebug_dev_info *);
417 static int resp_mode_sense(struct scsi_cmnd *, struct sdebug_dev_info *);
418 static int resp_mode_select(struct scsi_cmnd *, struct sdebug_dev_info *);
419 static int resp_log_sense(struct scsi_cmnd *, struct sdebug_dev_info *);
420 static int resp_readcap(struct scsi_cmnd *, struct sdebug_dev_info *);
421 static int resp_read_dt0(struct scsi_cmnd *, struct sdebug_dev_info *);
422 static int resp_write_dt0(struct scsi_cmnd *, struct sdebug_dev_info *);
423 static int resp_write_scat(struct scsi_cmnd *, struct sdebug_dev_info *);
424 static int resp_start_stop(struct scsi_cmnd *, struct sdebug_dev_info *);
425 static int resp_readcap16(struct scsi_cmnd *, struct sdebug_dev_info *);
426 static int resp_get_lba_status(struct scsi_cmnd *, struct sdebug_dev_info *);
427 static int resp_report_tgtpgs(struct scsi_cmnd *, struct sdebug_dev_info *);
428 static int resp_unmap(struct scsi_cmnd *, struct sdebug_dev_info *);
429 static int resp_rsup_opcodes(struct scsi_cmnd *, struct sdebug_dev_info *);
430 static int resp_rsup_tmfs(struct scsi_cmnd *, struct sdebug_dev_info *);
431 static int resp_write_same_10(struct scsi_cmnd *, struct sdebug_dev_info *);
432 static int resp_write_same_16(struct scsi_cmnd *, struct sdebug_dev_info *);
433 static int resp_comp_write(struct scsi_cmnd *, struct sdebug_dev_info *);
434 static int resp_write_buffer(struct scsi_cmnd *, struct sdebug_dev_info *);
435 static int resp_sync_cache(struct scsi_cmnd *, struct sdebug_dev_info *);
436
437 /*
438 * The following are overflow arrays for cdbs that "hit" the same index in
439 * the opcode_info_arr array. The most time sensitive (or commonly used) cdb
440 * should be placed in opcode_info_arr[], the others should be placed here.
441 */
442 static const struct opcode_info_t msense_iarr[] = {
443 {0, 0x1a, 0, F_D_IN, NULL, NULL,
444 {6, 0xe8, 0xff, 0xff, 0xff, 0xc7, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} },
445 };
446
447 static const struct opcode_info_t mselect_iarr[] = {
448 {0, 0x15, 0, F_D_OUT, NULL, NULL,
449 {6, 0xf1, 0, 0, 0xff, 0xc7, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} },
450 };
451
452 static const struct opcode_info_t read_iarr[] = {
453 {0, 0x28, 0, F_D_IN | FF_MEDIA_IO, resp_read_dt0, NULL,/* READ(10) */
454 {10, 0xff, 0xff, 0xff, 0xff, 0xff, 0x3f, 0xff, 0xff, 0xc7, 0, 0,
455 0, 0, 0, 0} },
456 {0, 0x8, 0, F_D_IN | FF_MEDIA_IO, resp_read_dt0, NULL, /* READ(6) */
457 {6, 0xff, 0xff, 0xff, 0xff, 0xc7, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} },
458 {0, 0xa8, 0, F_D_IN | FF_MEDIA_IO, resp_read_dt0, NULL,/* READ(12) */
459 {12, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xbf,
460 0xc7, 0, 0, 0, 0} },
461 };
462
463 static const struct opcode_info_t write_iarr[] = {
464 {0, 0x2a, 0, F_D_OUT | FF_MEDIA_IO, resp_write_dt0, /* WRITE(10) */
465 NULL, {10, 0xfb, 0xff, 0xff, 0xff, 0xff, 0x3f, 0xff, 0xff, 0xc7,
466 0, 0, 0, 0, 0, 0} },
467 {0, 0xa, 0, F_D_OUT | FF_MEDIA_IO, resp_write_dt0, /* WRITE(6) */
468 NULL, {6, 0xff, 0xff, 0xff, 0xff, 0xc7, 0, 0, 0, 0, 0, 0, 0,
469 0, 0, 0} },
470 {0, 0xaa, 0, F_D_OUT | FF_MEDIA_IO, resp_write_dt0, /* WRITE(12) */
471 NULL, {12, 0xfb, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
472 0xbf, 0xc7, 0, 0, 0, 0} },
473 };
474
475 static const struct opcode_info_t sa_in_16_iarr[] = {
476 {0, 0x9e, 0x12, F_SA_LOW | F_D_IN, resp_get_lba_status, NULL,
477 {16, 0x12, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
478 0xff, 0xff, 0xff, 0, 0xc7} }, /* GET LBA STATUS(16) */
479 };
480
481 static const struct opcode_info_t vl_iarr[] = { /* VARIABLE LENGTH */
482 {0, 0x7f, 0xb, F_SA_HIGH | F_D_OUT | FF_MEDIA_IO, resp_write_dt0,
483 NULL, {32, 0xc7, 0, 0, 0, 0, 0x3f, 0x18, 0x0, 0xb, 0xfa,
484 0, 0xff, 0xff, 0xff, 0xff} }, /* WRITE(32) */
485 {0, 0x7f, 0x11, F_SA_HIGH | F_D_OUT | FF_MEDIA_IO, resp_write_scat,
486 NULL, {32, 0xc7, 0, 0, 0, 0, 0x3f, 0x18, 0x0, 0x11, 0xf8,
487 0, 0xff, 0xff, 0x0, 0x0} }, /* WRITE SCATTERED(32) */
488 };
489
490 static const struct opcode_info_t maint_in_iarr[] = { /* MAINT IN */
491 {0, 0xa3, 0xc, F_SA_LOW | F_D_IN, resp_rsup_opcodes, NULL,
492 {12, 0xc, 0x87, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0,
493 0xc7, 0, 0, 0, 0} }, /* REPORT SUPPORTED OPERATION CODES */
494 {0, 0xa3, 0xd, F_SA_LOW | F_D_IN, resp_rsup_tmfs, NULL,
495 {12, 0xd, 0x80, 0, 0, 0, 0xff, 0xff, 0xff, 0xff, 0, 0xc7, 0, 0,
496 0, 0} }, /* REPORTED SUPPORTED TASK MANAGEMENT FUNCTIONS */
497 };
498
499 static const struct opcode_info_t write_same_iarr[] = {
500 {0, 0x93, 0, F_D_OUT_MAYBE | FF_MEDIA_IO, resp_write_same_16, NULL,
501 {16, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
502 0xff, 0xff, 0xff, 0x3f, 0xc7} }, /* WRITE SAME(16) */
503 };
504
505 static const struct opcode_info_t reserve_iarr[] = {
506 {0, 0x16, 0, F_D_OUT, NULL, NULL, /* RESERVE(6) */
507 {6, 0x1f, 0xff, 0xff, 0xff, 0xc7, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} },
508 };
509
510 static const struct opcode_info_t release_iarr[] = {
511 {0, 0x17, 0, F_D_OUT, NULL, NULL, /* RELEASE(6) */
512 {6, 0x1f, 0xff, 0, 0, 0xc7, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} },
513 };
514
515 static const struct opcode_info_t sync_cache_iarr[] = {
516 {0, 0x91, 0, F_SYNC_DELAY | F_M_ACCESS, resp_sync_cache, NULL,
517 {16, 0x6, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
518 0xff, 0xff, 0xff, 0xff, 0x3f, 0xc7} }, /* SYNC_CACHE (16) */
519 };
520
521
522 /* This array is accessed via SDEB_I_* values. Make sure all are mapped,
523 * plus the terminating elements for logic that scans this table such as
524 * REPORT SUPPORTED OPERATION CODES. */
525 static const struct opcode_info_t opcode_info_arr[SDEB_I_LAST_ELEMENT + 1] = {
526 /* 0 */
527 {0, 0, 0, F_INV_OP | FF_RESPOND, NULL, NULL, /* unknown opcodes */
528 {0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} },
529 {0, 0x12, 0, FF_RESPOND | F_D_IN, resp_inquiry, NULL, /* INQUIRY */
530 {6, 0xe3, 0xff, 0xff, 0xff, 0xc7, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} },
531 {0, 0xa0, 0, FF_RESPOND | F_D_IN, resp_report_luns, NULL,
532 {12, 0xe3, 0xff, 0, 0, 0, 0xff, 0xff, 0xff, 0xff, 0, 0xc7, 0, 0,
533 0, 0} }, /* REPORT LUNS */
534 {0, 0x3, 0, FF_RESPOND | F_D_IN, resp_requests, NULL,
535 {6, 0xe1, 0, 0, 0xff, 0xc7, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} },
536 {0, 0x0, 0, F_M_ACCESS | F_RL_WLUN_OK, NULL, NULL,/* TEST UNIT READY */
537 {6, 0, 0, 0, 0, 0xc7, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} },
538 /* 5 */
539 {ARRAY_SIZE(msense_iarr), 0x5a, 0, F_D_IN, /* MODE SENSE(10) */
540 resp_mode_sense, msense_iarr, {10, 0xf8, 0xff, 0xff, 0, 0, 0,
541 0xff, 0xff, 0xc7, 0, 0, 0, 0, 0, 0} },
542 {ARRAY_SIZE(mselect_iarr), 0x55, 0, F_D_OUT, /* MODE SELECT(10) */
543 resp_mode_select, mselect_iarr, {10, 0xf1, 0, 0, 0, 0, 0, 0xff,
544 0xff, 0xc7, 0, 0, 0, 0, 0, 0} },
545 {0, 0x4d, 0, F_D_IN, resp_log_sense, NULL, /* LOG SENSE */
546 {10, 0xe3, 0xff, 0xff, 0, 0xff, 0xff, 0xff, 0xff, 0xc7, 0, 0, 0,
547 0, 0, 0} },
548 {0, 0x25, 0, F_D_IN, resp_readcap, NULL, /* READ CAPACITY(10) */
549 {10, 0xe1, 0xff, 0xff, 0xff, 0xff, 0, 0, 0x1, 0xc7, 0, 0, 0, 0,
550 0, 0} },
551 {ARRAY_SIZE(read_iarr), 0x88, 0, F_D_IN | FF_MEDIA_IO, /* READ(16) */
552 resp_read_dt0, read_iarr, {16, 0xfe, 0xff, 0xff, 0xff, 0xff,
553 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xc7} },
554 /* 10 */
555 {ARRAY_SIZE(write_iarr), 0x8a, 0, F_D_OUT | FF_MEDIA_IO,
556 resp_write_dt0, write_iarr, /* WRITE(16) */
557 {16, 0xfa, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
558 0xff, 0xff, 0xff, 0xff, 0xff, 0xc7} },
559 {0, 0x1b, 0, F_SSU_DELAY, resp_start_stop, NULL,/* START STOP UNIT */
560 {6, 0x1, 0, 0xf, 0xf7, 0xc7, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} },
561 {ARRAY_SIZE(sa_in_16_iarr), 0x9e, 0x10, F_SA_LOW | F_D_IN,
562 resp_readcap16, sa_in_16_iarr, /* SA_IN(16), READ CAPACITY(16) */
563 {16, 0x10, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
564 0xff, 0xff, 0xff, 0xff, 0x1, 0xc7} },
565 {0, 0x9f, 0x12, F_SA_LOW | F_D_OUT | FF_MEDIA_IO, resp_write_scat,
566 NULL, {16, 0x12, 0xf9, 0x0, 0xff, 0xff, 0, 0, 0xff, 0xff, 0xff,
567 0xff, 0xff, 0xff, 0xff, 0xc7} }, /* SA_OUT(16), WRITE SCAT(16) */
568 {ARRAY_SIZE(maint_in_iarr), 0xa3, 0xa, F_SA_LOW | F_D_IN,
569 resp_report_tgtpgs, /* MAINT IN, REPORT TARGET PORT GROUPS */
570 maint_in_iarr, {12, 0xea, 0, 0, 0, 0, 0xff, 0xff, 0xff,
571 0xff, 0, 0xc7, 0, 0, 0, 0} },
572 /* 15 */
573 {0, 0, 0, F_INV_OP | FF_RESPOND, NULL, NULL, /* MAINT OUT */
574 {0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} },
575 {0, 0x2f, 0, F_D_OUT_MAYBE | FF_MEDIA_IO, NULL, NULL, /* VERIFY(10) */
576 {10, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xc7,
577 0, 0, 0, 0, 0, 0} },
578 {ARRAY_SIZE(vl_iarr), 0x7f, 0x9, F_SA_HIGH | F_D_IN | FF_MEDIA_IO,
579 resp_read_dt0, vl_iarr, /* VARIABLE LENGTH, READ(32) */
580 {32, 0xc7, 0, 0, 0, 0, 0x3f, 0x18, 0x0, 0x9, 0xfe, 0, 0xff, 0xff,
581 0xff, 0xff} },
582 {ARRAY_SIZE(reserve_iarr), 0x56, 0, F_D_OUT,
583 NULL, reserve_iarr, /* RESERVE(10) <no response function> */
584 {10, 0xff, 0xff, 0xff, 0, 0, 0, 0xff, 0xff, 0xc7, 0, 0, 0, 0, 0,
585 0} },
586 {ARRAY_SIZE(release_iarr), 0x57, 0, F_D_OUT,
587 NULL, release_iarr, /* RELEASE(10) <no response function> */
588 {10, 0x13, 0xff, 0xff, 0, 0, 0, 0xff, 0xff, 0xc7, 0, 0, 0, 0, 0,
589 0} },
590 /* 20 */
591 {0, 0x1e, 0, 0, NULL, NULL, /* ALLOW REMOVAL */
592 {6, 0, 0, 0, 0x3, 0xc7, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} },
593 {0, 0x1, 0, 0, resp_start_stop, NULL, /* REWIND ?? */
594 {6, 0x1, 0, 0, 0, 0xc7, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} },
595 {0, 0, 0, F_INV_OP | FF_RESPOND, NULL, NULL, /* ATA_PT */
596 {0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} },
597 {0, 0x1d, F_D_OUT, 0, NULL, NULL, /* SEND DIAGNOSTIC */
598 {6, 0xf7, 0, 0xff, 0xff, 0xc7, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} },
599 {0, 0x42, 0, F_D_OUT | FF_MEDIA_IO, resp_unmap, NULL, /* UNMAP */
600 {10, 0x1, 0, 0, 0, 0, 0x3f, 0xff, 0xff, 0xc7, 0, 0, 0, 0, 0, 0} },
601 /* 25 */
602 {0, 0x3b, 0, F_D_OUT_MAYBE, resp_write_buffer, NULL,
603 {10, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xc7, 0, 0,
604 0, 0, 0, 0} }, /* WRITE_BUFFER */
605 {ARRAY_SIZE(write_same_iarr), 0x41, 0, F_D_OUT_MAYBE | FF_MEDIA_IO,
606 resp_write_same_10, write_same_iarr, /* WRITE SAME(10) */
607 {10, 0xff, 0xff, 0xff, 0xff, 0xff, 0x3f, 0xff, 0xff, 0xc7, 0,
608 0, 0, 0, 0, 0} },
609 {ARRAY_SIZE(sync_cache_iarr), 0x35, 0, F_SYNC_DELAY | F_M_ACCESS,
610 resp_sync_cache, sync_cache_iarr,
611 {10, 0x7, 0xff, 0xff, 0xff, 0xff, 0x3f, 0xff, 0xff, 0xc7, 0, 0,
612 0, 0, 0, 0} }, /* SYNC_CACHE (10) */
613 {0, 0x89, 0, F_D_OUT | FF_MEDIA_IO, resp_comp_write, NULL,
614 {16, 0xf8, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0, 0,
615 0, 0xff, 0x3f, 0xc7} }, /* COMPARE AND WRITE */
616
617 /* 29 */
618 {0xff, 0, 0, 0, NULL, NULL, /* terminating element */
619 {0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} },
620 };
621
622 static int sdebug_add_host = DEF_NUM_HOST;
623 static int sdebug_ato = DEF_ATO;
624 static int sdebug_cdb_len = DEF_CDB_LEN;
625 static int sdebug_jdelay = DEF_JDELAY; /* if > 0 then unit is jiffies */
626 static int sdebug_dev_size_mb = DEF_DEV_SIZE_MB;
627 static int sdebug_dif = DEF_DIF;
628 static int sdebug_dix = DEF_DIX;
629 static int sdebug_dsense = DEF_D_SENSE;
630 static int sdebug_every_nth = DEF_EVERY_NTH;
631 static int sdebug_fake_rw = DEF_FAKE_RW;
632 static unsigned int sdebug_guard = DEF_GUARD;
633 static int sdebug_lowest_aligned = DEF_LOWEST_ALIGNED;
634 static int sdebug_max_luns = DEF_MAX_LUNS;
635 static int sdebug_max_queue = SDEBUG_CANQUEUE; /* per submit queue */
636 static unsigned int sdebug_medium_error_start = OPT_MEDIUM_ERR_ADDR;
637 static int sdebug_medium_error_count = OPT_MEDIUM_ERR_NUM;
638 static atomic_t retired_max_queue; /* if > 0 then was prior max_queue */
639 static int sdebug_ndelay = DEF_NDELAY; /* if > 0 then unit is nanoseconds */
640 static int sdebug_no_lun_0 = DEF_NO_LUN_0;
641 static int sdebug_no_uld;
642 static int sdebug_num_parts = DEF_NUM_PARTS;
643 static int sdebug_num_tgts = DEF_NUM_TGTS; /* targets per host */
644 static int sdebug_opt_blks = DEF_OPT_BLKS;
645 static int sdebug_opts = DEF_OPTS;
646 static int sdebug_physblk_exp = DEF_PHYSBLK_EXP;
647 static int sdebug_opt_xferlen_exp = DEF_OPT_XFERLEN_EXP;
648 static int sdebug_ptype = DEF_PTYPE; /* SCSI peripheral device type */
649 static int sdebug_scsi_level = DEF_SCSI_LEVEL;
650 static int sdebug_sector_size = DEF_SECTOR_SIZE;
651 static int sdebug_virtual_gb = DEF_VIRTUAL_GB;
652 static int sdebug_vpd_use_hostno = DEF_VPD_USE_HOSTNO;
653 static unsigned int sdebug_lbpu = DEF_LBPU;
654 static unsigned int sdebug_lbpws = DEF_LBPWS;
655 static unsigned int sdebug_lbpws10 = DEF_LBPWS10;
656 static unsigned int sdebug_lbprz = DEF_LBPRZ;
657 static unsigned int sdebug_unmap_alignment = DEF_UNMAP_ALIGNMENT;
658 static unsigned int sdebug_unmap_granularity = DEF_UNMAP_GRANULARITY;
659 static unsigned int sdebug_unmap_max_blocks = DEF_UNMAP_MAX_BLOCKS;
660 static unsigned int sdebug_unmap_max_desc = DEF_UNMAP_MAX_DESC;
661 static unsigned int sdebug_write_same_length = DEF_WRITESAME_LENGTH;
662 static int sdebug_uuid_ctl = DEF_UUID_CTL;
663 static bool sdebug_removable = DEF_REMOVABLE;
664 static bool sdebug_clustering;
665 static bool sdebug_host_lock = DEF_HOST_LOCK;
666 static bool sdebug_strict = DEF_STRICT;
667 static bool sdebug_any_injecting_opt;
668 static bool sdebug_verbose;
669 static bool have_dif_prot;
670 static bool write_since_sync;
671 static bool sdebug_statistics = DEF_STATISTICS;
672 static bool sdebug_wp;
673
674 static unsigned int sdebug_store_sectors;
675 static sector_t sdebug_capacity; /* in sectors */
676
677 /* old BIOS stuff, kernel may get rid of them but some mode sense pages
678 may still need them */
679 static int sdebug_heads; /* heads per disk */
680 static int sdebug_cylinders_per; /* cylinders per surface */
681 static int sdebug_sectors_per; /* sectors per cylinder */
682
683 static LIST_HEAD(sdebug_host_list);
684 static DEFINE_SPINLOCK(sdebug_host_list_lock);
685
686 static unsigned char *fake_storep; /* ramdisk storage */
687 static struct t10_pi_tuple *dif_storep; /* protection info */
688 static void *map_storep; /* provisioning map */
689
690 static unsigned long map_size;
691 static int num_aborts;
692 static int num_dev_resets;
693 static int num_target_resets;
694 static int num_bus_resets;
695 static int num_host_resets;
696 static int dix_writes;
697 static int dix_reads;
698 static int dif_errors;
699
700 static int submit_queues = DEF_SUBMIT_QUEUES; /* > 1 for multi-queue (mq) */
701 static struct sdebug_queue *sdebug_q_arr; /* ptr to array of submit queues */
702
703 static DEFINE_RWLOCK(atomic_rw);
704
705 static char sdebug_proc_name[] = MY_NAME;
706 static const char *my_name = MY_NAME;
707
708 static struct bus_type pseudo_lld_bus;
709
710 static struct device_driver sdebug_driverfs_driver = {
711 .name = sdebug_proc_name,
712 .bus = &pseudo_lld_bus,
713 };
714
715 static const int check_condition_result =
716 (DRIVER_SENSE << 24) | SAM_STAT_CHECK_CONDITION;
717
718 static const int illegal_condition_result =
719 (DRIVER_SENSE << 24) | (DID_ABORT << 16) | SAM_STAT_CHECK_CONDITION;
720
721 static const int device_qfull_result =
722 (DID_OK << 16) | (COMMAND_COMPLETE << 8) | SAM_STAT_TASK_SET_FULL;
723
724
725 /* Only do the extra work involved in logical block provisioning if one or
726 * more of the lbpu, lbpws or lbpws10 parameters are given and we are doing
727 * real reads and writes (i.e. not skipping them for speed).
728 */
729 static inline bool scsi_debug_lbp(void)
730 {
731 return 0 == sdebug_fake_rw &&
732 (sdebug_lbpu || sdebug_lbpws || sdebug_lbpws10);
733 }
734
735 static void *lba2fake_store(unsigned long long lba)
736 {
737 lba = do_div(lba, sdebug_store_sectors);
738
739 return fake_storep + lba * sdebug_sector_size;
740 }
741
742 static struct t10_pi_tuple *dif_store(sector_t sector)
743 {
744 sector = sector_div(sector, sdebug_store_sectors);
745
746 return dif_storep + sector;
747 }
748
749 static void sdebug_max_tgts_luns(void)
750 {
751 struct sdebug_host_info *sdbg_host;
752 struct Scsi_Host *hpnt;
753
754 spin_lock(&sdebug_host_list_lock);
755 list_for_each_entry(sdbg_host, &sdebug_host_list, host_list) {
756 hpnt = sdbg_host->shost;
757 if ((hpnt->this_id >= 0) &&
758 (sdebug_num_tgts > hpnt->this_id))
759 hpnt->max_id = sdebug_num_tgts + 1;
760 else
761 hpnt->max_id = sdebug_num_tgts;
762 /* sdebug_max_luns; */
763 hpnt->max_lun = SCSI_W_LUN_REPORT_LUNS + 1;
764 }
765 spin_unlock(&sdebug_host_list_lock);
766 }
767
768 enum sdeb_cmd_data {SDEB_IN_DATA = 0, SDEB_IN_CDB = 1};
769
770 /* Set in_bit to -1 to indicate no bit position of invalid field */
771 static void mk_sense_invalid_fld(struct scsi_cmnd *scp,
772 enum sdeb_cmd_data c_d,
773 int in_byte, int in_bit)
774 {
775 unsigned char *sbuff;
776 u8 sks[4];
777 int sl, asc;
778
779 sbuff = scp->sense_buffer;
780 if (!sbuff) {
781 sdev_printk(KERN_ERR, scp->device,
782 "%s: sense_buffer is NULL\n", __func__);
783 return;
784 }
785 asc = c_d ? INVALID_FIELD_IN_CDB : INVALID_FIELD_IN_PARAM_LIST;
786 memset(sbuff, 0, SCSI_SENSE_BUFFERSIZE);
787 scsi_build_sense_buffer(sdebug_dsense, sbuff, ILLEGAL_REQUEST, asc, 0);
788 memset(sks, 0, sizeof(sks));
789 sks[0] = 0x80;
790 if (c_d)
791 sks[0] |= 0x40;
792 if (in_bit >= 0) {
793 sks[0] |= 0x8;
794 sks[0] |= 0x7 & in_bit;
795 }
796 put_unaligned_be16(in_byte, sks + 1);
797 if (sdebug_dsense) {
798 sl = sbuff[7] + 8;
799 sbuff[7] = sl;
800 sbuff[sl] = 0x2;
801 sbuff[sl + 1] = 0x6;
802 memcpy(sbuff + sl + 4, sks, 3);
803 } else
804 memcpy(sbuff + 15, sks, 3);
805 if (sdebug_verbose)
806 sdev_printk(KERN_INFO, scp->device, "%s: [sense_key,asc,ascq"
807 "]: [0x5,0x%x,0x0] %c byte=%d, bit=%d\n",
808 my_name, asc, c_d ? 'C' : 'D', in_byte, in_bit);
809 }
810
811 static void mk_sense_buffer(struct scsi_cmnd *scp, int key, int asc, int asq)
812 {
813 unsigned char *sbuff;
814
815 sbuff = scp->sense_buffer;
816 if (!sbuff) {
817 sdev_printk(KERN_ERR, scp->device,
818 "%s: sense_buffer is NULL\n", __func__);
819 return;
820 }
821 memset(sbuff, 0, SCSI_SENSE_BUFFERSIZE);
822
823 scsi_build_sense_buffer(sdebug_dsense, sbuff, key, asc, asq);
824
825 if (sdebug_verbose)
826 sdev_printk(KERN_INFO, scp->device,
827 "%s: [sense_key,asc,ascq]: [0x%x,0x%x,0x%x]\n",
828 my_name, key, asc, asq);
829 }
830
831 static void mk_sense_invalid_opcode(struct scsi_cmnd *scp)
832 {
833 mk_sense_buffer(scp, ILLEGAL_REQUEST, INVALID_OPCODE, 0);
834 }
835
836 static int scsi_debug_ioctl(struct scsi_device *dev, unsigned int cmd,
837 void __user *arg)
838 {
839 if (sdebug_verbose) {
840 if (0x1261 == cmd)
841 sdev_printk(KERN_INFO, dev,
842 "%s: BLKFLSBUF [0x1261]\n", __func__);
843 else if (0x5331 == cmd)
844 sdev_printk(KERN_INFO, dev,
845 "%s: CDROM_GET_CAPABILITY [0x5331]\n",
846 __func__);
847 else
848 sdev_printk(KERN_INFO, dev, "%s: cmd=0x%x\n",
849 __func__, cmd);
850 }
851 return -EINVAL;
852 /* return -ENOTTY; // correct return but upsets fdisk */
853 }
854
855 static void config_cdb_len(struct scsi_device *sdev)
856 {
857 switch (sdebug_cdb_len) {
858 case 6: /* suggest 6 byte READ, WRITE and MODE SENSE/SELECT */
859 sdev->use_10_for_rw = false;
860 sdev->use_16_for_rw = false;
861 sdev->use_10_for_ms = false;
862 break;
863 case 10: /* suggest 10 byte RWs and 6 byte MODE SENSE/SELECT */
864 sdev->use_10_for_rw = true;
865 sdev->use_16_for_rw = false;
866 sdev->use_10_for_ms = false;
867 break;
868 case 12: /* suggest 10 byte RWs and 10 byte MODE SENSE/SELECT */
869 sdev->use_10_for_rw = true;
870 sdev->use_16_for_rw = false;
871 sdev->use_10_for_ms = true;
872 break;
873 case 16:
874 sdev->use_10_for_rw = false;
875 sdev->use_16_for_rw = true;
876 sdev->use_10_for_ms = true;
877 break;
878 case 32: /* No knobs to suggest this so same as 16 for now */
879 sdev->use_10_for_rw = false;
880 sdev->use_16_for_rw = true;
881 sdev->use_10_for_ms = true;
882 break;
883 default:
884 pr_warn("unexpected cdb_len=%d, force to 10\n",
885 sdebug_cdb_len);
886 sdev->use_10_for_rw = true;
887 sdev->use_16_for_rw = false;
888 sdev->use_10_for_ms = false;
889 sdebug_cdb_len = 10;
890 break;
891 }
892 }
893
894 static void all_config_cdb_len(void)
895 {
896 struct sdebug_host_info *sdbg_host;
897 struct Scsi_Host *shost;
898 struct scsi_device *sdev;
899
900 spin_lock(&sdebug_host_list_lock);
901 list_for_each_entry(sdbg_host, &sdebug_host_list, host_list) {
902 shost = sdbg_host->shost;
903 shost_for_each_device(sdev, shost) {
904 config_cdb_len(sdev);
905 }
906 }
907 spin_unlock(&sdebug_host_list_lock);
908 }
909
910 static void clear_luns_changed_on_target(struct sdebug_dev_info *devip)
911 {
912 struct sdebug_host_info *sdhp;
913 struct sdebug_dev_info *dp;
914
915 spin_lock(&sdebug_host_list_lock);
916 list_for_each_entry(sdhp, &sdebug_host_list, host_list) {
917 list_for_each_entry(dp, &sdhp->dev_info_list, dev_list) {
918 if ((devip->sdbg_host == dp->sdbg_host) &&
919 (devip->target == dp->target))
920 clear_bit(SDEBUG_UA_LUNS_CHANGED, dp->uas_bm);
921 }
922 }
923 spin_unlock(&sdebug_host_list_lock);
924 }
925
926 static int make_ua(struct scsi_cmnd *scp, struct sdebug_dev_info *devip)
927 {
928 int k;
929
930 k = find_first_bit(devip->uas_bm, SDEBUG_NUM_UAS);
931 if (k != SDEBUG_NUM_UAS) {
932 const char *cp = NULL;
933
934 switch (k) {
935 case SDEBUG_UA_POR:
936 mk_sense_buffer(scp, UNIT_ATTENTION, UA_RESET_ASC,
937 POWER_ON_RESET_ASCQ);
938 if (sdebug_verbose)
939 cp = "power on reset";
940 break;
941 case SDEBUG_UA_BUS_RESET:
942 mk_sense_buffer(scp, UNIT_ATTENTION, UA_RESET_ASC,
943 BUS_RESET_ASCQ);
944 if (sdebug_verbose)
945 cp = "bus reset";
946 break;
947 case SDEBUG_UA_MODE_CHANGED:
948 mk_sense_buffer(scp, UNIT_ATTENTION, UA_CHANGED_ASC,
949 MODE_CHANGED_ASCQ);
950 if (sdebug_verbose)
951 cp = "mode parameters changed";
952 break;
953 case SDEBUG_UA_CAPACITY_CHANGED:
954 mk_sense_buffer(scp, UNIT_ATTENTION, UA_CHANGED_ASC,
955 CAPACITY_CHANGED_ASCQ);
956 if (sdebug_verbose)
957 cp = "capacity data changed";
958 break;
959 case SDEBUG_UA_MICROCODE_CHANGED:
960 mk_sense_buffer(scp, UNIT_ATTENTION,
961 TARGET_CHANGED_ASC,
962 MICROCODE_CHANGED_ASCQ);
963 if (sdebug_verbose)
964 cp = "microcode has been changed";
965 break;
966 case SDEBUG_UA_MICROCODE_CHANGED_WO_RESET:
967 mk_sense_buffer(scp, UNIT_ATTENTION,
968 TARGET_CHANGED_ASC,
969 MICROCODE_CHANGED_WO_RESET_ASCQ);
970 if (sdebug_verbose)
971 cp = "microcode has been changed without reset";
972 break;
973 case SDEBUG_UA_LUNS_CHANGED:
974 /*
975 * SPC-3 behavior is to report a UNIT ATTENTION with
976 * ASC/ASCQ REPORTED LUNS DATA HAS CHANGED on every LUN
977 * on the target, until a REPORT LUNS command is
978 * received. SPC-4 behavior is to report it only once.
979 * NOTE: sdebug_scsi_level does not use the same
980 * values as struct scsi_device->scsi_level.
981 */
982 if (sdebug_scsi_level >= 6) /* SPC-4 and above */
983 clear_luns_changed_on_target(devip);
984 mk_sense_buffer(scp, UNIT_ATTENTION,
985 TARGET_CHANGED_ASC,
986 LUNS_CHANGED_ASCQ);
987 if (sdebug_verbose)
988 cp = "reported luns data has changed";
989 break;
990 default:
991 pr_warn("unexpected unit attention code=%d\n", k);
992 if (sdebug_verbose)
993 cp = "unknown";
994 break;
995 }
996 clear_bit(k, devip->uas_bm);
997 if (sdebug_verbose)
998 sdev_printk(KERN_INFO, scp->device,
999 "%s reports: Unit attention: %s\n",
1000 my_name, cp);
1001 return check_condition_result;
1002 }
1003 return 0;
1004 }
1005
1006 /* Build SCSI "data-in" buffer. Returns 0 if ok else (DID_ERROR << 16). */
1007 static int fill_from_dev_buffer(struct scsi_cmnd *scp, unsigned char *arr,
1008 int arr_len)
1009 {
1010 int act_len;
1011 struct scsi_data_buffer *sdb = &scp->sdb;
1012
1013 if (!sdb->length)
1014 return 0;
1015 if (scp->sc_data_direction != DMA_FROM_DEVICE)
1016 return DID_ERROR << 16;
1017
1018 act_len = sg_copy_from_buffer(sdb->table.sgl, sdb->table.nents,
1019 arr, arr_len);
1020 scsi_set_resid(scp, scsi_bufflen(scp) - act_len);
1021
1022 return 0;
1023 }
1024
1025 /* Partial build of SCSI "data-in" buffer. Returns 0 if ok else
1026 * (DID_ERROR << 16). Can write to offset in data-in buffer. If multiple
1027 * calls, not required to write in ascending offset order. Assumes resid
1028 * set to scsi_bufflen() prior to any calls.
1029 */
1030 static int p_fill_from_dev_buffer(struct scsi_cmnd *scp, const void *arr,
1031 int arr_len, unsigned int off_dst)
1032 {
1033 int act_len, n;
1034 struct scsi_data_buffer *sdb = &scp->sdb;
1035 off_t skip = off_dst;
1036
1037 if (sdb->length <= off_dst)
1038 return 0;
1039 if (scp->sc_data_direction != DMA_FROM_DEVICE)
1040 return DID_ERROR << 16;
1041
1042 act_len = sg_pcopy_from_buffer(sdb->table.sgl, sdb->table.nents,
1043 arr, arr_len, skip);
1044 pr_debug("%s: off_dst=%u, scsi_bufflen=%u, act_len=%u, resid=%d\n",
1045 __func__, off_dst, scsi_bufflen(scp), act_len,
1046 scsi_get_resid(scp));
1047 n = (int)scsi_bufflen(scp) - ((int)off_dst + act_len);
1048 scsi_set_resid(scp, min(scsi_get_resid(scp), n));
1049 return 0;
1050 }
1051
1052 /* Fetches from SCSI "data-out" buffer. Returns number of bytes fetched into
1053 * 'arr' or -1 if error.
1054 */
1055 static int fetch_to_dev_buffer(struct scsi_cmnd *scp, unsigned char *arr,
1056 int arr_len)
1057 {
1058 if (!scsi_bufflen(scp))
1059 return 0;
1060 if (scp->sc_data_direction != DMA_TO_DEVICE)
1061 return -1;
1062
1063 return scsi_sg_copy_to_buffer(scp, arr, arr_len);
1064 }
1065
1066
1067 static char sdebug_inq_vendor_id[9] = "Linux ";
1068 static char sdebug_inq_product_id[17] = "scsi_debug ";
1069 static char sdebug_inq_product_rev[5] = SDEBUG_VERSION;
1070 /* Use some locally assigned NAAs for SAS addresses. */
1071 static const u64 naa3_comp_a = 0x3222222000000000ULL;
1072 static const u64 naa3_comp_b = 0x3333333000000000ULL;
1073 static const u64 naa3_comp_c = 0x3111111000000000ULL;
1074
1075 /* Device identification VPD page. Returns number of bytes placed in arr */
1076 static int inquiry_vpd_83(unsigned char *arr, int port_group_id,
1077 int target_dev_id, int dev_id_num,
1078 const char *dev_id_str, int dev_id_str_len,
1079 const uuid_t *lu_name)
1080 {
1081 int num, port_a;
1082 char b[32];
1083
1084 port_a = target_dev_id + 1;
1085 /* T10 vendor identifier field format (faked) */
1086 arr[0] = 0x2; /* ASCII */
1087 arr[1] = 0x1;
1088 arr[2] = 0x0;
1089 memcpy(&arr[4], sdebug_inq_vendor_id, 8);
1090 memcpy(&arr[12], sdebug_inq_product_id, 16);
1091 memcpy(&arr[28], dev_id_str, dev_id_str_len);
1092 num = 8 + 16 + dev_id_str_len;
1093 arr[3] = num;
1094 num += 4;
1095 if (dev_id_num >= 0) {
1096 if (sdebug_uuid_ctl) {
1097 /* Locally assigned UUID */
1098 arr[num++] = 0x1; /* binary (not necessarily sas) */
1099 arr[num++] = 0xa; /* PIV=0, lu, naa */
1100 arr[num++] = 0x0;
1101 arr[num++] = 0x12;
1102 arr[num++] = 0x10; /* uuid type=1, locally assigned */
1103 arr[num++] = 0x0;
1104 memcpy(arr + num, lu_name, 16);
1105 num += 16;
1106 } else {
1107 /* NAA-3, Logical unit identifier (binary) */
1108 arr[num++] = 0x1; /* binary (not necessarily sas) */
1109 arr[num++] = 0x3; /* PIV=0, lu, naa */
1110 arr[num++] = 0x0;
1111 arr[num++] = 0x8;
1112 put_unaligned_be64(naa3_comp_b + dev_id_num, arr + num);
1113 num += 8;
1114 }
1115 /* Target relative port number */
1116 arr[num++] = 0x61; /* proto=sas, binary */
1117 arr[num++] = 0x94; /* PIV=1, target port, rel port */
1118 arr[num++] = 0x0; /* reserved */
1119 arr[num++] = 0x4; /* length */
1120 arr[num++] = 0x0; /* reserved */
1121 arr[num++] = 0x0; /* reserved */
1122 arr[num++] = 0x0;
1123 arr[num++] = 0x1; /* relative port A */
1124 }
1125 /* NAA-3, Target port identifier */
1126 arr[num++] = 0x61; /* proto=sas, binary */
1127 arr[num++] = 0x93; /* piv=1, target port, naa */
1128 arr[num++] = 0x0;
1129 arr[num++] = 0x8;
1130 put_unaligned_be64(naa3_comp_a + port_a, arr + num);
1131 num += 8;
1132 /* NAA-3, Target port group identifier */
1133 arr[num++] = 0x61; /* proto=sas, binary */
1134 arr[num++] = 0x95; /* piv=1, target port group id */
1135 arr[num++] = 0x0;
1136 arr[num++] = 0x4;
1137 arr[num++] = 0;
1138 arr[num++] = 0;
1139 put_unaligned_be16(port_group_id, arr + num);
1140 num += 2;
1141 /* NAA-3, Target device identifier */
1142 arr[num++] = 0x61; /* proto=sas, binary */
1143 arr[num++] = 0xa3; /* piv=1, target device, naa */
1144 arr[num++] = 0x0;
1145 arr[num++] = 0x8;
1146 put_unaligned_be64(naa3_comp_a + target_dev_id, arr + num);
1147 num += 8;
1148 /* SCSI name string: Target device identifier */
1149 arr[num++] = 0x63; /* proto=sas, UTF-8 */
1150 arr[num++] = 0xa8; /* piv=1, target device, SCSI name string */
1151 arr[num++] = 0x0;
1152 arr[num++] = 24;
1153 memcpy(arr + num, "naa.32222220", 12);
1154 num += 12;
1155 snprintf(b, sizeof(b), "%08X", target_dev_id);
1156 memcpy(arr + num, b, 8);
1157 num += 8;
1158 memset(arr + num, 0, 4);
1159 num += 4;
1160 return num;
1161 }
1162
1163 static unsigned char vpd84_data[] = {
1164 /* from 4th byte */ 0x22,0x22,0x22,0x0,0xbb,0x0,
1165 0x22,0x22,0x22,0x0,0xbb,0x1,
1166 0x22,0x22,0x22,0x0,0xbb,0x2,
1167 };
1168
1169 /* Software interface identification VPD page */
1170 static int inquiry_vpd_84(unsigned char *arr)
1171 {
1172 memcpy(arr, vpd84_data, sizeof(vpd84_data));
1173 return sizeof(vpd84_data);
1174 }
1175
1176 /* Management network addresses VPD page */
1177 static int inquiry_vpd_85(unsigned char *arr)
1178 {
1179 int num = 0;
1180 const char *na1 = "https://www.kernel.org/config";
1181 const char *na2 = "http://www.kernel.org/log";
1182 int plen, olen;
1183
1184 arr[num++] = 0x1; /* lu, storage config */
1185 arr[num++] = 0x0; /* reserved */
1186 arr[num++] = 0x0;
1187 olen = strlen(na1);
1188 plen = olen + 1;
1189 if (plen % 4)
1190 plen = ((plen / 4) + 1) * 4;
1191 arr[num++] = plen; /* length, null termianted, padded */
1192 memcpy(arr + num, na1, olen);
1193 memset(arr + num + olen, 0, plen - olen);
1194 num += plen;
1195
1196 arr[num++] = 0x4; /* lu, logging */
1197 arr[num++] = 0x0; /* reserved */
1198 arr[num++] = 0x0;
1199 olen = strlen(na2);
1200 plen = olen + 1;
1201 if (plen % 4)
1202 plen = ((plen / 4) + 1) * 4;
1203 arr[num++] = plen; /* length, null terminated, padded */
1204 memcpy(arr + num, na2, olen);
1205 memset(arr + num + olen, 0, plen - olen);
1206 num += plen;
1207
1208 return num;
1209 }
1210
1211 /* SCSI ports VPD page */
1212 static int inquiry_vpd_88(unsigned char *arr, int target_dev_id)
1213 {
1214 int num = 0;
1215 int port_a, port_b;
1216
1217 port_a = target_dev_id + 1;
1218 port_b = port_a + 1;
1219 arr[num++] = 0x0; /* reserved */
1220 arr[num++] = 0x0; /* reserved */
1221 arr[num++] = 0x0;
1222 arr[num++] = 0x1; /* relative port 1 (primary) */
1223 memset(arr + num, 0, 6);
1224 num += 6;
1225 arr[num++] = 0x0;
1226 arr[num++] = 12; /* length tp descriptor */
1227 /* naa-5 target port identifier (A) */
1228 arr[num++] = 0x61; /* proto=sas, binary */
1229 arr[num++] = 0x93; /* PIV=1, target port, NAA */
1230 arr[num++] = 0x0; /* reserved */
1231 arr[num++] = 0x8; /* length */
1232 put_unaligned_be64(naa3_comp_a + port_a, arr + num);
1233 num += 8;
1234 arr[num++] = 0x0; /* reserved */
1235 arr[num++] = 0x0; /* reserved */
1236 arr[num++] = 0x0;
1237 arr[num++] = 0x2; /* relative port 2 (secondary) */
1238 memset(arr + num, 0, 6);
1239 num += 6;
1240 arr[num++] = 0x0;
1241 arr[num++] = 12; /* length tp descriptor */
1242 /* naa-5 target port identifier (B) */
1243 arr[num++] = 0x61; /* proto=sas, binary */
1244 arr[num++] = 0x93; /* PIV=1, target port, NAA */
1245 arr[num++] = 0x0; /* reserved */
1246 arr[num++] = 0x8; /* length */
1247 put_unaligned_be64(naa3_comp_a + port_b, arr + num);
1248 num += 8;
1249
1250 return num;
1251 }
1252
1253
1254 static unsigned char vpd89_data[] = {
1255 /* from 4th byte */ 0,0,0,0,
1256 'l','i','n','u','x',' ',' ',' ',
1257 'S','A','T',' ','s','c','s','i','_','d','e','b','u','g',' ',' ',
1258 '1','2','3','4',
1259 0x34,0,0,0,1,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,
1260 0xec,0,0,0,
1261 0x5a,0xc,0xff,0x3f,0x37,0xc8,0x10,0,0,0,0,0,0x3f,0,0,0,
1262 0,0,0,0,0x58,0x58,0x58,0x58,0x58,0x58,0x58,0x58,0x20,0x20,0x20,0x20,
1263 0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,0,0,0,0x40,0x4,0,0x2e,0x33,
1264 0x38,0x31,0x20,0x20,0x20,0x20,0x54,0x53,0x38,0x33,0x30,0x30,0x33,0x31,
1265 0x53,0x41,
1266 0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,
1267 0x20,0x20,
1268 0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,
1269 0x10,0x80,
1270 0,0,0,0x2f,0,0,0,0x2,0,0x2,0x7,0,0xff,0xff,0x1,0,
1271 0x3f,0,0xc1,0xff,0x3e,0,0x10,0x1,0xb0,0xf8,0x50,0x9,0,0,0x7,0,
1272 0x3,0,0x78,0,0x78,0,0xf0,0,0x78,0,0,0,0,0,0,0,
1273 0,0,0,0,0,0,0,0,0x2,0,0,0,0,0,0,0,
1274 0x7e,0,0x1b,0,0x6b,0x34,0x1,0x7d,0x3,0x40,0x69,0x34,0x1,0x3c,0x3,0x40,
1275 0x7f,0x40,0,0,0,0,0xfe,0xfe,0,0,0,0,0,0xfe,0,0,
1276 0,0,0,0,0,0,0,0,0xb0,0xf8,0x50,0x9,0,0,0,0,
1277 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
1278 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
1279 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
1280 0x1,0,0xb0,0xf8,0x50,0x9,0xb0,0xf8,0x50,0x9,0x20,0x20,0x2,0,0xb6,0x42,
1281 0,0x80,0x8a,0,0x6,0x3c,0xa,0x3c,0xff,0xff,0xc6,0x7,0,0x1,0,0x8,
1282 0xf0,0xf,0,0x10,0x2,0,0x30,0,0,0,0,0,0,0,0x6,0xfe,
1283 0,0,0x2,0,0x50,0,0x8a,0,0x4f,0x95,0,0,0x21,0,0xb,0,
1284 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
1285 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
1286 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
1287 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
1288 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
1289 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
1290 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
1291 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
1292 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
1293 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
1294 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
1295 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0xa5,0x51,
1296 };
1297
1298 /* ATA Information VPD page */
1299 static int inquiry_vpd_89(unsigned char *arr)
1300 {
1301 memcpy(arr, vpd89_data, sizeof(vpd89_data));
1302 return sizeof(vpd89_data);
1303 }
1304
1305
1306 static unsigned char vpdb0_data[] = {
1307 /* from 4th byte */ 0,0,0,4, 0,0,0x4,0, 0,0,0,64,
1308 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
1309 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
1310 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
1311 };
1312
1313 /* Block limits VPD page (SBC-3) */
1314 static int inquiry_vpd_b0(unsigned char *arr)
1315 {
1316 unsigned int gran;
1317
1318 memcpy(arr, vpdb0_data, sizeof(vpdb0_data));
1319
1320 /* Optimal transfer length granularity */
1321 if (sdebug_opt_xferlen_exp != 0 &&
1322 sdebug_physblk_exp < sdebug_opt_xferlen_exp)
1323 gran = 1 << sdebug_opt_xferlen_exp;
1324 else
1325 gran = 1 << sdebug_physblk_exp;
1326 put_unaligned_be16(gran, arr + 2);
1327
1328 /* Maximum Transfer Length */
1329 if (sdebug_store_sectors > 0x400)
1330 put_unaligned_be32(sdebug_store_sectors, arr + 4);
1331
1332 /* Optimal Transfer Length */
1333 put_unaligned_be32(sdebug_opt_blks, &arr[8]);
1334
1335 if (sdebug_lbpu) {
1336 /* Maximum Unmap LBA Count */
1337 put_unaligned_be32(sdebug_unmap_max_blocks, &arr[16]);
1338
1339 /* Maximum Unmap Block Descriptor Count */
1340 put_unaligned_be32(sdebug_unmap_max_desc, &arr[20]);
1341 }
1342
1343 /* Unmap Granularity Alignment */
1344 if (sdebug_unmap_alignment) {
1345 put_unaligned_be32(sdebug_unmap_alignment, &arr[28]);
1346 arr[28] |= 0x80; /* UGAVALID */
1347 }
1348
1349 /* Optimal Unmap Granularity */
1350 put_unaligned_be32(sdebug_unmap_granularity, &arr[24]);
1351
1352 /* Maximum WRITE SAME Length */
1353 put_unaligned_be64(sdebug_write_same_length, &arr[32]);
1354
1355 return 0x3c; /* Mandatory page length for Logical Block Provisioning */
1356
1357 return sizeof(vpdb0_data);
1358 }
1359
1360 /* Block device characteristics VPD page (SBC-3) */
1361 static int inquiry_vpd_b1(unsigned char *arr)
1362 {
1363 memset(arr, 0, 0x3c);
1364 arr[0] = 0;
1365 arr[1] = 1; /* non rotating medium (e.g. solid state) */
1366 arr[2] = 0;
1367 arr[3] = 5; /* less than 1.8" */
1368
1369 return 0x3c;
1370 }
1371
1372 /* Logical block provisioning VPD page (SBC-4) */
1373 static int inquiry_vpd_b2(unsigned char *arr)
1374 {
1375 memset(arr, 0, 0x4);
1376 arr[0] = 0; /* threshold exponent */
1377 if (sdebug_lbpu)
1378 arr[1] = 1 << 7;
1379 if (sdebug_lbpws)
1380 arr[1] |= 1 << 6;
1381 if (sdebug_lbpws10)
1382 arr[1] |= 1 << 5;
1383 if (sdebug_lbprz && scsi_debug_lbp())
1384 arr[1] |= (sdebug_lbprz & 0x7) << 2; /* sbc4r07 and later */
1385 /* anc_sup=0; dp=0 (no provisioning group descriptor) */
1386 /* minimum_percentage=0; provisioning_type=0 (unknown) */
1387 /* threshold_percentage=0 */
1388 return 0x4;
1389 }
1390
1391 #define SDEBUG_LONG_INQ_SZ 96
1392 #define SDEBUG_MAX_INQ_ARR_SZ 584
1393
1394 static int resp_inquiry(struct scsi_cmnd *scp, struct sdebug_dev_info *devip)
1395 {
1396 unsigned char pq_pdt;
1397 unsigned char *arr;
1398 unsigned char *cmd = scp->cmnd;
1399 int alloc_len, n, ret;
1400 bool have_wlun, is_disk;
1401
1402 alloc_len = get_unaligned_be16(cmd + 3);
1403 arr = kzalloc(SDEBUG_MAX_INQ_ARR_SZ, GFP_ATOMIC);
1404 if (! arr)
1405 return DID_REQUEUE << 16;
1406 is_disk = (sdebug_ptype == TYPE_DISK);
1407 have_wlun = scsi_is_wlun(scp->device->lun);
1408 if (have_wlun)
1409 pq_pdt = TYPE_WLUN; /* present, wlun */
1410 else if (sdebug_no_lun_0 && (devip->lun == SDEBUG_LUN_0_VAL))
1411 pq_pdt = 0x7f; /* not present, PQ=3, PDT=0x1f */
1412 else
1413 pq_pdt = (sdebug_ptype & 0x1f);
1414 arr[0] = pq_pdt;
1415 if (0x2 & cmd[1]) { /* CMDDT bit set */
1416 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 1, 1);
1417 kfree(arr);
1418 return check_condition_result;
1419 } else if (0x1 & cmd[1]) { /* EVPD bit set */
1420 int lu_id_num, port_group_id, target_dev_id, len;
1421 char lu_id_str[6];
1422 int host_no = devip->sdbg_host->shost->host_no;
1423
1424 port_group_id = (((host_no + 1) & 0x7f) << 8) +
1425 (devip->channel & 0x7f);
1426 if (sdebug_vpd_use_hostno == 0)
1427 host_no = 0;
1428 lu_id_num = have_wlun ? -1 : (((host_no + 1) * 2000) +
1429 (devip->target * 1000) + devip->lun);
1430 target_dev_id = ((host_no + 1) * 2000) +
1431 (devip->target * 1000) - 3;
1432 len = scnprintf(lu_id_str, 6, "%d", lu_id_num);
1433 if (0 == cmd[2]) { /* supported vital product data pages */
1434 arr[1] = cmd[2]; /*sanity */
1435 n = 4;
1436 arr[n++] = 0x0; /* this page */
1437 arr[n++] = 0x80; /* unit serial number */
1438 arr[n++] = 0x83; /* device identification */
1439 arr[n++] = 0x84; /* software interface ident. */
1440 arr[n++] = 0x85; /* management network addresses */
1441 arr[n++] = 0x86; /* extended inquiry */
1442 arr[n++] = 0x87; /* mode page policy */
1443 arr[n++] = 0x88; /* SCSI ports */
1444 if (is_disk) { /* SBC only */
1445 arr[n++] = 0x89; /* ATA information */
1446 arr[n++] = 0xb0; /* Block limits */
1447 arr[n++] = 0xb1; /* Block characteristics */
1448 arr[n++] = 0xb2; /* Logical Block Prov */
1449 }
1450 arr[3] = n - 4; /* number of supported VPD pages */
1451 } else if (0x80 == cmd[2]) { /* unit serial number */
1452 arr[1] = cmd[2]; /*sanity */
1453 arr[3] = len;
1454 memcpy(&arr[4], lu_id_str, len);
1455 } else if (0x83 == cmd[2]) { /* device identification */
1456 arr[1] = cmd[2]; /*sanity */
1457 arr[3] = inquiry_vpd_83(&arr[4], port_group_id,
1458 target_dev_id, lu_id_num,
1459 lu_id_str, len,
1460 &devip->lu_name);
1461 } else if (0x84 == cmd[2]) { /* Software interface ident. */
1462 arr[1] = cmd[2]; /*sanity */
1463 arr[3] = inquiry_vpd_84(&arr[4]);
1464 } else if (0x85 == cmd[2]) { /* Management network addresses */
1465 arr[1] = cmd[2]; /*sanity */
1466 arr[3] = inquiry_vpd_85(&arr[4]);
1467 } else if (0x86 == cmd[2]) { /* extended inquiry */
1468 arr[1] = cmd[2]; /*sanity */
1469 arr[3] = 0x3c; /* number of following entries */
1470 if (sdebug_dif == T10_PI_TYPE3_PROTECTION)
1471 arr[4] = 0x4; /* SPT: GRD_CHK:1 */
1472 else if (have_dif_prot)
1473 arr[4] = 0x5; /* SPT: GRD_CHK:1, REF_CHK:1 */
1474 else
1475 arr[4] = 0x0; /* no protection stuff */
1476 arr[5] = 0x7; /* head of q, ordered + simple q's */
1477 } else if (0x87 == cmd[2]) { /* mode page policy */
1478 arr[1] = cmd[2]; /*sanity */
1479 arr[3] = 0x8; /* number of following entries */
1480 arr[4] = 0x2; /* disconnect-reconnect mp */
1481 arr[6] = 0x80; /* mlus, shared */
1482 arr[8] = 0x18; /* protocol specific lu */
1483 arr[10] = 0x82; /* mlus, per initiator port */
1484 } else if (0x88 == cmd[2]) { /* SCSI Ports */
1485 arr[1] = cmd[2]; /*sanity */
1486 arr[3] = inquiry_vpd_88(&arr[4], target_dev_id);
1487 } else if (is_disk && 0x89 == cmd[2]) { /* ATA information */
1488 arr[1] = cmd[2]; /*sanity */
1489 n = inquiry_vpd_89(&arr[4]);
1490 put_unaligned_be16(n, arr + 2);
1491 } else if (is_disk && 0xb0 == cmd[2]) { /* Block limits */
1492 arr[1] = cmd[2]; /*sanity */
1493 arr[3] = inquiry_vpd_b0(&arr[4]);
1494 } else if (is_disk && 0xb1 == cmd[2]) { /* Block char. */
1495 arr[1] = cmd[2]; /*sanity */
1496 arr[3] = inquiry_vpd_b1(&arr[4]);
1497 } else if (is_disk && 0xb2 == cmd[2]) { /* LB Prov. */
1498 arr[1] = cmd[2]; /*sanity */
1499 arr[3] = inquiry_vpd_b2(&arr[4]);
1500 } else {
1501 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 2, -1);
1502 kfree(arr);
1503 return check_condition_result;
1504 }
1505 len = min(get_unaligned_be16(arr + 2) + 4, alloc_len);
1506 ret = fill_from_dev_buffer(scp, arr,
1507 min(len, SDEBUG_MAX_INQ_ARR_SZ));
1508 kfree(arr);
1509 return ret;
1510 }
1511 /* drops through here for a standard inquiry */
1512 arr[1] = sdebug_removable ? 0x80 : 0; /* Removable disk */
1513 arr[2] = sdebug_scsi_level;
1514 arr[3] = 2; /* response_data_format==2 */
1515 arr[4] = SDEBUG_LONG_INQ_SZ - 5;
1516 arr[5] = (int)have_dif_prot; /* PROTECT bit */
1517 if (sdebug_vpd_use_hostno == 0)
1518 arr[5] |= 0x10; /* claim: implicit TPGS */
1519 arr[6] = 0x10; /* claim: MultiP */
1520 /* arr[6] |= 0x40; ... claim: EncServ (enclosure services) */
1521 arr[7] = 0xa; /* claim: LINKED + CMDQUE */
1522 memcpy(&arr[8], sdebug_inq_vendor_id, 8);
1523 memcpy(&arr[16], sdebug_inq_product_id, 16);
1524 memcpy(&arr[32], sdebug_inq_product_rev, 4);
1525 /* Use Vendor Specific area to place driver date in ASCII hex */
1526 memcpy(&arr[36], sdebug_version_date, 8);
1527 /* version descriptors (2 bytes each) follow */
1528 put_unaligned_be16(0xc0, arr + 58); /* SAM-6 no version claimed */
1529 put_unaligned_be16(0x5c0, arr + 60); /* SPC-5 no version claimed */
1530 n = 62;
1531 if (is_disk) { /* SBC-4 no version claimed */
1532 put_unaligned_be16(0x600, arr + n);
1533 n += 2;
1534 } else if (sdebug_ptype == TYPE_TAPE) { /* SSC-4 rev 3 */
1535 put_unaligned_be16(0x525, arr + n);
1536 n += 2;
1537 }
1538 put_unaligned_be16(0x2100, arr + n); /* SPL-4 no version claimed */
1539 ret = fill_from_dev_buffer(scp, arr,
1540 min(alloc_len, SDEBUG_LONG_INQ_SZ));
1541 kfree(arr);
1542 return ret;
1543 }
1544
1545 static unsigned char iec_m_pg[] = {0x1c, 0xa, 0x08, 0, 0, 0, 0, 0,
1546 0, 0, 0x0, 0x0};
1547
1548 static int resp_requests(struct scsi_cmnd *scp,
1549 struct sdebug_dev_info *devip)
1550 {
1551 unsigned char *sbuff;
1552 unsigned char *cmd = scp->cmnd;
1553 unsigned char arr[SCSI_SENSE_BUFFERSIZE];
1554 bool dsense;
1555 int len = 18;
1556
1557 memset(arr, 0, sizeof(arr));
1558 dsense = !!(cmd[1] & 1);
1559 sbuff = scp->sense_buffer;
1560 if ((iec_m_pg[2] & 0x4) && (6 == (iec_m_pg[3] & 0xf))) {
1561 if (dsense) {
1562 arr[0] = 0x72;
1563 arr[1] = 0x0; /* NO_SENSE in sense_key */
1564 arr[2] = THRESHOLD_EXCEEDED;
1565 arr[3] = 0xff; /* TEST set and MRIE==6 */
1566 len = 8;
1567 } else {
1568 arr[0] = 0x70;
1569 arr[2] = 0x0; /* NO_SENSE in sense_key */
1570 arr[7] = 0xa; /* 18 byte sense buffer */
1571 arr[12] = THRESHOLD_EXCEEDED;
1572 arr[13] = 0xff; /* TEST set and MRIE==6 */
1573 }
1574 } else {
1575 memcpy(arr, sbuff, SCSI_SENSE_BUFFERSIZE);
1576 if (arr[0] >= 0x70 && dsense == sdebug_dsense)
1577 ; /* have sense and formats match */
1578 else if (arr[0] <= 0x70) {
1579 if (dsense) {
1580 memset(arr, 0, 8);
1581 arr[0] = 0x72;
1582 len = 8;
1583 } else {
1584 memset(arr, 0, 18);
1585 arr[0] = 0x70;
1586 arr[7] = 0xa;
1587 }
1588 } else if (dsense) {
1589 memset(arr, 0, 8);
1590 arr[0] = 0x72;
1591 arr[1] = sbuff[2]; /* sense key */
1592 arr[2] = sbuff[12]; /* asc */
1593 arr[3] = sbuff[13]; /* ascq */
1594 len = 8;
1595 } else {
1596 memset(arr, 0, 18);
1597 arr[0] = 0x70;
1598 arr[2] = sbuff[1];
1599 arr[7] = 0xa;
1600 arr[12] = sbuff[1];
1601 arr[13] = sbuff[3];
1602 }
1603
1604 }
1605 mk_sense_buffer(scp, 0, NO_ADDITIONAL_SENSE, 0);
1606 return fill_from_dev_buffer(scp, arr, len);
1607 }
1608
1609 static int resp_start_stop(struct scsi_cmnd *scp,
1610 struct sdebug_dev_info *devip)
1611 {
1612 unsigned char *cmd = scp->cmnd;
1613 int power_cond, stop;
1614 bool changing;
1615
1616 power_cond = (cmd[4] & 0xf0) >> 4;
1617 if (power_cond) {
1618 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 4, 7);
1619 return check_condition_result;
1620 }
1621 stop = !(cmd[4] & 1);
1622 changing = atomic_read(&devip->stopped) == !stop;
1623 atomic_xchg(&devip->stopped, stop);
1624 if (!changing || cmd[1] & 0x1) /* state unchanged or IMMED set */
1625 return SDEG_RES_IMMED_MASK;
1626 else
1627 return 0;
1628 }
1629
1630 static sector_t get_sdebug_capacity(void)
1631 {
1632 static const unsigned int gibibyte = 1073741824;
1633
1634 if (sdebug_virtual_gb > 0)
1635 return (sector_t)sdebug_virtual_gb *
1636 (gibibyte / sdebug_sector_size);
1637 else
1638 return sdebug_store_sectors;
1639 }
1640
1641 #define SDEBUG_READCAP_ARR_SZ 8
1642 static int resp_readcap(struct scsi_cmnd *scp,
1643 struct sdebug_dev_info *devip)
1644 {
1645 unsigned char arr[SDEBUG_READCAP_ARR_SZ];
1646 unsigned int capac;
1647
1648 /* following just in case virtual_gb changed */
1649 sdebug_capacity = get_sdebug_capacity();
1650 memset(arr, 0, SDEBUG_READCAP_ARR_SZ);
1651 if (sdebug_capacity < 0xffffffff) {
1652 capac = (unsigned int)sdebug_capacity - 1;
1653 put_unaligned_be32(capac, arr + 0);
1654 } else
1655 put_unaligned_be32(0xffffffff, arr + 0);
1656 put_unaligned_be16(sdebug_sector_size, arr + 6);
1657 return fill_from_dev_buffer(scp, arr, SDEBUG_READCAP_ARR_SZ);
1658 }
1659
1660 #define SDEBUG_READCAP16_ARR_SZ 32
1661 static int resp_readcap16(struct scsi_cmnd *scp,
1662 struct sdebug_dev_info *devip)
1663 {
1664 unsigned char *cmd = scp->cmnd;
1665 unsigned char arr[SDEBUG_READCAP16_ARR_SZ];
1666 int alloc_len;
1667
1668 alloc_len = get_unaligned_be32(cmd + 10);
1669 /* following just in case virtual_gb changed */
1670 sdebug_capacity = get_sdebug_capacity();
1671 memset(arr, 0, SDEBUG_READCAP16_ARR_SZ);
1672 put_unaligned_be64((u64)(sdebug_capacity - 1), arr + 0);
1673 put_unaligned_be32(sdebug_sector_size, arr + 8);
1674 arr[13] = sdebug_physblk_exp & 0xf;
1675 arr[14] = (sdebug_lowest_aligned >> 8) & 0x3f;
1676
1677 if (scsi_debug_lbp()) {
1678 arr[14] |= 0x80; /* LBPME */
1679 /* from sbc4r07, this LBPRZ field is 1 bit, but the LBPRZ in
1680 * the LB Provisioning VPD page is 3 bits. Note that lbprz=2
1681 * in the wider field maps to 0 in this field.
1682 */
1683 if (sdebug_lbprz & 1) /* precisely what the draft requires */
1684 arr[14] |= 0x40;
1685 }
1686
1687 arr[15] = sdebug_lowest_aligned & 0xff;
1688
1689 if (have_dif_prot) {
1690 arr[12] = (sdebug_dif - 1) << 1; /* P_TYPE */
1691 arr[12] |= 1; /* PROT_EN */
1692 }
1693
1694 return fill_from_dev_buffer(scp, arr,
1695 min(alloc_len, SDEBUG_READCAP16_ARR_SZ));
1696 }
1697
1698 #define SDEBUG_MAX_TGTPGS_ARR_SZ 1412
1699
1700 static int resp_report_tgtpgs(struct scsi_cmnd *scp,
1701 struct sdebug_dev_info *devip)
1702 {
1703 unsigned char *cmd = scp->cmnd;
1704 unsigned char *arr;
1705 int host_no = devip->sdbg_host->shost->host_no;
1706 int n, ret, alen, rlen;
1707 int port_group_a, port_group_b, port_a, port_b;
1708
1709 alen = get_unaligned_be32(cmd + 6);
1710 arr = kzalloc(SDEBUG_MAX_TGTPGS_ARR_SZ, GFP_ATOMIC);
1711 if (! arr)
1712 return DID_REQUEUE << 16;
1713 /*
1714 * EVPD page 0x88 states we have two ports, one
1715 * real and a fake port with no device connected.
1716 * So we create two port groups with one port each
1717 * and set the group with port B to unavailable.
1718 */
1719 port_a = 0x1; /* relative port A */
1720 port_b = 0x2; /* relative port B */
1721 port_group_a = (((host_no + 1) & 0x7f) << 8) +
1722 (devip->channel & 0x7f);
1723 port_group_b = (((host_no + 1) & 0x7f) << 8) +
1724 (devip->channel & 0x7f) + 0x80;
1725
1726 /*
1727 * The asymmetric access state is cycled according to the host_id.
1728 */
1729 n = 4;
1730 if (sdebug_vpd_use_hostno == 0) {
1731 arr[n++] = host_no % 3; /* Asymm access state */
1732 arr[n++] = 0x0F; /* claim: all states are supported */
1733 } else {
1734 arr[n++] = 0x0; /* Active/Optimized path */
1735 arr[n++] = 0x01; /* only support active/optimized paths */
1736 }
1737 put_unaligned_be16(port_group_a, arr + n);
1738 n += 2;
1739 arr[n++] = 0; /* Reserved */
1740 arr[n++] = 0; /* Status code */
1741 arr[n++] = 0; /* Vendor unique */
1742 arr[n++] = 0x1; /* One port per group */
1743 arr[n++] = 0; /* Reserved */
1744 arr[n++] = 0; /* Reserved */
1745 put_unaligned_be16(port_a, arr + n);
1746 n += 2;
1747 arr[n++] = 3; /* Port unavailable */
1748 arr[n++] = 0x08; /* claim: only unavailalbe paths are supported */
1749 put_unaligned_be16(port_group_b, arr + n);
1750 n += 2;
1751 arr[n++] = 0; /* Reserved */
1752 arr[n++] = 0; /* Status code */
1753 arr[n++] = 0; /* Vendor unique */
1754 arr[n++] = 0x1; /* One port per group */
1755 arr[n++] = 0; /* Reserved */
1756 arr[n++] = 0; /* Reserved */
1757 put_unaligned_be16(port_b, arr + n);
1758 n += 2;
1759
1760 rlen = n - 4;
1761 put_unaligned_be32(rlen, arr + 0);
1762
1763 /*
1764 * Return the smallest value of either
1765 * - The allocated length
1766 * - The constructed command length
1767 * - The maximum array size
1768 */
1769 rlen = min(alen,n);
1770 ret = fill_from_dev_buffer(scp, arr,
1771 min(rlen, SDEBUG_MAX_TGTPGS_ARR_SZ));
1772 kfree(arr);
1773 return ret;
1774 }
1775
1776 static int resp_rsup_opcodes(struct scsi_cmnd *scp,
1777 struct sdebug_dev_info *devip)
1778 {
1779 bool rctd;
1780 u8 reporting_opts, req_opcode, sdeb_i, supp;
1781 u16 req_sa, u;
1782 u32 alloc_len, a_len;
1783 int k, offset, len, errsts, count, bump, na;
1784 const struct opcode_info_t *oip;
1785 const struct opcode_info_t *r_oip;
1786 u8 *arr;
1787 u8 *cmd = scp->cmnd;
1788
1789 rctd = !!(cmd[2] & 0x80);
1790 reporting_opts = cmd[2] & 0x7;
1791 req_opcode = cmd[3];
1792 req_sa = get_unaligned_be16(cmd + 4);
1793 alloc_len = get_unaligned_be32(cmd + 6);
1794 if (alloc_len < 4 || alloc_len > 0xffff) {
1795 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 6, -1);
1796 return check_condition_result;
1797 }
1798 if (alloc_len > 8192)
1799 a_len = 8192;
1800 else
1801 a_len = alloc_len;
1802 arr = kzalloc((a_len < 256) ? 320 : a_len + 64, GFP_ATOMIC);
1803 if (NULL == arr) {
1804 mk_sense_buffer(scp, ILLEGAL_REQUEST, INSUFF_RES_ASC,
1805 INSUFF_RES_ASCQ);
1806 return check_condition_result;
1807 }
1808 switch (reporting_opts) {
1809 case 0: /* all commands */
1810 /* count number of commands */
1811 for (count = 0, oip = opcode_info_arr;
1812 oip->num_attached != 0xff; ++oip) {
1813 if (F_INV_OP & oip->flags)
1814 continue;
1815 count += (oip->num_attached + 1);
1816 }
1817 bump = rctd ? 20 : 8;
1818 put_unaligned_be32(count * bump, arr);
1819 for (offset = 4, oip = opcode_info_arr;
1820 oip->num_attached != 0xff && offset < a_len; ++oip) {
1821 if (F_INV_OP & oip->flags)
1822 continue;
1823 na = oip->num_attached;
1824 arr[offset] = oip->opcode;
1825 put_unaligned_be16(oip->sa, arr + offset + 2);
1826 if (rctd)
1827 arr[offset + 5] |= 0x2;
1828 if (FF_SA & oip->flags)
1829 arr[offset + 5] |= 0x1;
1830 put_unaligned_be16(oip->len_mask[0], arr + offset + 6);
1831 if (rctd)
1832 put_unaligned_be16(0xa, arr + offset + 8);
1833 r_oip = oip;
1834 for (k = 0, oip = oip->arrp; k < na; ++k, ++oip) {
1835 if (F_INV_OP & oip->flags)
1836 continue;
1837 offset += bump;
1838 arr[offset] = oip->opcode;
1839 put_unaligned_be16(oip->sa, arr + offset + 2);
1840 if (rctd)
1841 arr[offset + 5] |= 0x2;
1842 if (FF_SA & oip->flags)
1843 arr[offset + 5] |= 0x1;
1844 put_unaligned_be16(oip->len_mask[0],
1845 arr + offset + 6);
1846 if (rctd)
1847 put_unaligned_be16(0xa,
1848 arr + offset + 8);
1849 }
1850 oip = r_oip;
1851 offset += bump;
1852 }
1853 break;
1854 case 1: /* one command: opcode only */
1855 case 2: /* one command: opcode plus service action */
1856 case 3: /* one command: if sa==0 then opcode only else opcode+sa */
1857 sdeb_i = opcode_ind_arr[req_opcode];
1858 oip = &opcode_info_arr[sdeb_i];
1859 if (F_INV_OP & oip->flags) {
1860 supp = 1;
1861 offset = 4;
1862 } else {
1863 if (1 == reporting_opts) {
1864 if (FF_SA & oip->flags) {
1865 mk_sense_invalid_fld(scp, SDEB_IN_CDB,
1866 2, 2);
1867 kfree(arr);
1868 return check_condition_result;
1869 }
1870 req_sa = 0;
1871 } else if (2 == reporting_opts &&
1872 0 == (FF_SA & oip->flags)) {
1873 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 4, -1);
1874 kfree(arr); /* point at requested sa */
1875 return check_condition_result;
1876 }
1877 if (0 == (FF_SA & oip->flags) &&
1878 req_opcode == oip->opcode)
1879 supp = 3;
1880 else if (0 == (FF_SA & oip->flags)) {
1881 na = oip->num_attached;
1882 for (k = 0, oip = oip->arrp; k < na;
1883 ++k, ++oip) {
1884 if (req_opcode == oip->opcode)
1885 break;
1886 }
1887 supp = (k >= na) ? 1 : 3;
1888 } else if (req_sa != oip->sa) {
1889 na = oip->num_attached;
1890 for (k = 0, oip = oip->arrp; k < na;
1891 ++k, ++oip) {
1892 if (req_sa == oip->sa)
1893 break;
1894 }
1895 supp = (k >= na) ? 1 : 3;
1896 } else
1897 supp = 3;
1898 if (3 == supp) {
1899 u = oip->len_mask[0];
1900 put_unaligned_be16(u, arr + 2);
1901 arr[4] = oip->opcode;
1902 for (k = 1; k < u; ++k)
1903 arr[4 + k] = (k < 16) ?
1904 oip->len_mask[k] : 0xff;
1905 offset = 4 + u;
1906 } else
1907 offset = 4;
1908 }
1909 arr[1] = (rctd ? 0x80 : 0) | supp;
1910 if (rctd) {
1911 put_unaligned_be16(0xa, arr + offset);
1912 offset += 12;
1913 }
1914 break;
1915 default:
1916 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 2, 2);
1917 kfree(arr);
1918 return check_condition_result;
1919 }
1920 offset = (offset < a_len) ? offset : a_len;
1921 len = (offset < alloc_len) ? offset : alloc_len;
1922 errsts = fill_from_dev_buffer(scp, arr, len);
1923 kfree(arr);
1924 return errsts;
1925 }
1926
1927 static int resp_rsup_tmfs(struct scsi_cmnd *scp,
1928 struct sdebug_dev_info *devip)
1929 {
1930 bool repd;
1931 u32 alloc_len, len;
1932 u8 arr[16];
1933 u8 *cmd = scp->cmnd;
1934
1935 memset(arr, 0, sizeof(arr));
1936 repd = !!(cmd[2] & 0x80);
1937 alloc_len = get_unaligned_be32(cmd + 6);
1938 if (alloc_len < 4) {
1939 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 6, -1);
1940 return check_condition_result;
1941 }
1942 arr[0] = 0xc8; /* ATS | ATSS | LURS */
1943 arr[1] = 0x1; /* ITNRS */
1944 if (repd) {
1945 arr[3] = 0xc;
1946 len = 16;
1947 } else
1948 len = 4;
1949
1950 len = (len < alloc_len) ? len : alloc_len;
1951 return fill_from_dev_buffer(scp, arr, len);
1952 }
1953
1954 /* <<Following mode page info copied from ST318451LW>> */
1955
1956 static int resp_err_recov_pg(unsigned char *p, int pcontrol, int target)
1957 { /* Read-Write Error Recovery page for mode_sense */
1958 unsigned char err_recov_pg[] = {0x1, 0xa, 0xc0, 11, 240, 0, 0, 0,
1959 5, 0, 0xff, 0xff};
1960
1961 memcpy(p, err_recov_pg, sizeof(err_recov_pg));
1962 if (1 == pcontrol)
1963 memset(p + 2, 0, sizeof(err_recov_pg) - 2);
1964 return sizeof(err_recov_pg);
1965 }
1966
1967 static int resp_disconnect_pg(unsigned char *p, int pcontrol, int target)
1968 { /* Disconnect-Reconnect page for mode_sense */
1969 unsigned char disconnect_pg[] = {0x2, 0xe, 128, 128, 0, 10, 0, 0,
1970 0, 0, 0, 0, 0, 0, 0, 0};
1971
1972 memcpy(p, disconnect_pg, sizeof(disconnect_pg));
1973 if (1 == pcontrol)
1974 memset(p + 2, 0, sizeof(disconnect_pg) - 2);
1975 return sizeof(disconnect_pg);
1976 }
1977
1978 static int resp_format_pg(unsigned char *p, int pcontrol, int target)
1979 { /* Format device page for mode_sense */
1980 unsigned char format_pg[] = {0x3, 0x16, 0, 0, 0, 0, 0, 0,
1981 0, 0, 0, 0, 0, 0, 0, 0,
1982 0, 0, 0, 0, 0x40, 0, 0, 0};
1983
1984 memcpy(p, format_pg, sizeof(format_pg));
1985 put_unaligned_be16(sdebug_sectors_per, p + 10);
1986 put_unaligned_be16(sdebug_sector_size, p + 12);
1987 if (sdebug_removable)
1988 p[20] |= 0x20; /* should agree with INQUIRY */
1989 if (1 == pcontrol)
1990 memset(p + 2, 0, sizeof(format_pg) - 2);
1991 return sizeof(format_pg);
1992 }
1993
1994 static unsigned char caching_pg[] = {0x8, 18, 0x14, 0, 0xff, 0xff, 0, 0,
1995 0xff, 0xff, 0xff, 0xff, 0x80, 0x14, 0, 0,
1996 0, 0, 0, 0};
1997
1998 static int resp_caching_pg(unsigned char *p, int pcontrol, int target)
1999 { /* Caching page for mode_sense */
2000 unsigned char ch_caching_pg[] = {/* 0x8, 18, */ 0x4, 0, 0, 0, 0, 0,
2001 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0};
2002 unsigned char d_caching_pg[] = {0x8, 18, 0x14, 0, 0xff, 0xff, 0, 0,
2003 0xff, 0xff, 0xff, 0xff, 0x80, 0x14, 0, 0, 0, 0, 0, 0};
2004
2005 if (SDEBUG_OPT_N_WCE & sdebug_opts)
2006 caching_pg[2] &= ~0x4; /* set WCE=0 (default WCE=1) */
2007 memcpy(p, caching_pg, sizeof(caching_pg));
2008 if (1 == pcontrol)
2009 memcpy(p + 2, ch_caching_pg, sizeof(ch_caching_pg));
2010 else if (2 == pcontrol)
2011 memcpy(p, d_caching_pg, sizeof(d_caching_pg));
2012 return sizeof(caching_pg);
2013 }
2014
2015 static unsigned char ctrl_m_pg[] = {0xa, 10, 2, 0, 0, 0, 0, 0,
2016 0, 0, 0x2, 0x4b};
2017
2018 static int resp_ctrl_m_pg(unsigned char *p, int pcontrol, int target)
2019 { /* Control mode page for mode_sense */
2020 unsigned char ch_ctrl_m_pg[] = {/* 0xa, 10, */ 0x6, 0, 0, 0, 0, 0,
2021 0, 0, 0, 0};
2022 unsigned char d_ctrl_m_pg[] = {0xa, 10, 2, 0, 0, 0, 0, 0,
2023 0, 0, 0x2, 0x4b};
2024
2025 if (sdebug_dsense)
2026 ctrl_m_pg[2] |= 0x4;
2027 else
2028 ctrl_m_pg[2] &= ~0x4;
2029
2030 if (sdebug_ato)
2031 ctrl_m_pg[5] |= 0x80; /* ATO=1 */
2032
2033 memcpy(p, ctrl_m_pg, sizeof(ctrl_m_pg));
2034 if (1 == pcontrol)
2035 memcpy(p + 2, ch_ctrl_m_pg, sizeof(ch_ctrl_m_pg));
2036 else if (2 == pcontrol)
2037 memcpy(p, d_ctrl_m_pg, sizeof(d_ctrl_m_pg));
2038 return sizeof(ctrl_m_pg);
2039 }
2040
2041
2042 static int resp_iec_m_pg(unsigned char *p, int pcontrol, int target)
2043 { /* Informational Exceptions control mode page for mode_sense */
2044 unsigned char ch_iec_m_pg[] = {/* 0x1c, 0xa, */ 0x4, 0xf, 0, 0, 0, 0,
2045 0, 0, 0x0, 0x0};
2046 unsigned char d_iec_m_pg[] = {0x1c, 0xa, 0x08, 0, 0, 0, 0, 0,
2047 0, 0, 0x0, 0x0};
2048
2049 memcpy(p, iec_m_pg, sizeof(iec_m_pg));
2050 if (1 == pcontrol)
2051 memcpy(p + 2, ch_iec_m_pg, sizeof(ch_iec_m_pg));
2052 else if (2 == pcontrol)
2053 memcpy(p, d_iec_m_pg, sizeof(d_iec_m_pg));
2054 return sizeof(iec_m_pg);
2055 }
2056
2057 static int resp_sas_sf_m_pg(unsigned char *p, int pcontrol, int target)
2058 { /* SAS SSP mode page - short format for mode_sense */
2059 unsigned char sas_sf_m_pg[] = {0x19, 0x6,
2060 0x6, 0x0, 0x7, 0xd0, 0x0, 0x0};
2061
2062 memcpy(p, sas_sf_m_pg, sizeof(sas_sf_m_pg));
2063 if (1 == pcontrol)
2064 memset(p + 2, 0, sizeof(sas_sf_m_pg) - 2);
2065 return sizeof(sas_sf_m_pg);
2066 }
2067
2068
2069 static int resp_sas_pcd_m_spg(unsigned char *p, int pcontrol, int target,
2070 int target_dev_id)
2071 { /* SAS phy control and discover mode page for mode_sense */
2072 unsigned char sas_pcd_m_pg[] = {0x59, 0x1, 0, 0x64, 0, 0x6, 0, 2,
2073 0, 0, 0, 0, 0x10, 0x9, 0x8, 0x0,
2074 0, 0, 0, 0, 0, 0, 0, 0, /* insert SAS addr */
2075 0, 0, 0, 0, 0, 0, 0, 0, /* insert SAS addr */
2076 0x2, 0, 0, 0, 0, 0, 0, 0,
2077 0x88, 0x99, 0, 0, 0, 0, 0, 0,
2078 0, 0, 0, 0, 0, 0, 0, 0,
2079 0, 1, 0, 0, 0x10, 0x9, 0x8, 0x0,
2080 0, 0, 0, 0, 0, 0, 0, 0, /* insert SAS addr */
2081 0, 0, 0, 0, 0, 0, 0, 0, /* insert SAS addr */
2082 0x3, 0, 0, 0, 0, 0, 0, 0,
2083 0x88, 0x99, 0, 0, 0, 0, 0, 0,
2084 0, 0, 0, 0, 0, 0, 0, 0,
2085 };
2086 int port_a, port_b;
2087
2088 put_unaligned_be64(naa3_comp_a, sas_pcd_m_pg + 16);
2089 put_unaligned_be64(naa3_comp_c + 1, sas_pcd_m_pg + 24);
2090 put_unaligned_be64(naa3_comp_a, sas_pcd_m_pg + 64);
2091 put_unaligned_be64(naa3_comp_c + 1, sas_pcd_m_pg + 72);
2092 port_a = target_dev_id + 1;
2093 port_b = port_a + 1;
2094 memcpy(p, sas_pcd_m_pg, sizeof(sas_pcd_m_pg));
2095 put_unaligned_be32(port_a, p + 20);
2096 put_unaligned_be32(port_b, p + 48 + 20);
2097 if (1 == pcontrol)
2098 memset(p + 4, 0, sizeof(sas_pcd_m_pg) - 4);
2099 return sizeof(sas_pcd_m_pg);
2100 }
2101
2102 static int resp_sas_sha_m_spg(unsigned char *p, int pcontrol)
2103 { /* SAS SSP shared protocol specific port mode subpage */
2104 unsigned char sas_sha_m_pg[] = {0x59, 0x2, 0, 0xc, 0, 0x6, 0x10, 0,
2105 0, 0, 0, 0, 0, 0, 0, 0,
2106 };
2107
2108 memcpy(p, sas_sha_m_pg, sizeof(sas_sha_m_pg));
2109 if (1 == pcontrol)
2110 memset(p + 4, 0, sizeof(sas_sha_m_pg) - 4);
2111 return sizeof(sas_sha_m_pg);
2112 }
2113
2114 #define SDEBUG_MAX_MSENSE_SZ 256
2115
2116 static int resp_mode_sense(struct scsi_cmnd *scp,
2117 struct sdebug_dev_info *devip)
2118 {
2119 int pcontrol, pcode, subpcode, bd_len;
2120 unsigned char dev_spec;
2121 int alloc_len, offset, len, target_dev_id;
2122 int target = scp->device->id;
2123 unsigned char *ap;
2124 unsigned char arr[SDEBUG_MAX_MSENSE_SZ];
2125 unsigned char *cmd = scp->cmnd;
2126 bool dbd, llbaa, msense_6, is_disk, bad_pcode;
2127
2128 dbd = !!(cmd[1] & 0x8); /* disable block descriptors */
2129 pcontrol = (cmd[2] & 0xc0) >> 6;
2130 pcode = cmd[2] & 0x3f;
2131 subpcode = cmd[3];
2132 msense_6 = (MODE_SENSE == cmd[0]);
2133 llbaa = msense_6 ? false : !!(cmd[1] & 0x10);
2134 is_disk = (sdebug_ptype == TYPE_DISK);
2135 if (is_disk && !dbd)
2136 bd_len = llbaa ? 16 : 8;
2137 else
2138 bd_len = 0;
2139 alloc_len = msense_6 ? cmd[4] : get_unaligned_be16(cmd + 7);
2140 memset(arr, 0, SDEBUG_MAX_MSENSE_SZ);
2141 if (0x3 == pcontrol) { /* Saving values not supported */
2142 mk_sense_buffer(scp, ILLEGAL_REQUEST, SAVING_PARAMS_UNSUP, 0);
2143 return check_condition_result;
2144 }
2145 target_dev_id = ((devip->sdbg_host->shost->host_no + 1) * 2000) +
2146 (devip->target * 1000) - 3;
2147 /* for disks set DPOFUA bit and clear write protect (WP) bit */
2148 if (is_disk) {
2149 dev_spec = 0x10; /* =0x90 if WP=1 implies read-only */
2150 if (sdebug_wp)
2151 dev_spec |= 0x80;
2152 } else
2153 dev_spec = 0x0;
2154 if (msense_6) {
2155 arr[2] = dev_spec;
2156 arr[3] = bd_len;
2157 offset = 4;
2158 } else {
2159 arr[3] = dev_spec;
2160 if (16 == bd_len)
2161 arr[4] = 0x1; /* set LONGLBA bit */
2162 arr[7] = bd_len; /* assume 255 or less */
2163 offset = 8;
2164 }
2165 ap = arr + offset;
2166 if ((bd_len > 0) && (!sdebug_capacity))
2167 sdebug_capacity = get_sdebug_capacity();
2168
2169 if (8 == bd_len) {
2170 if (sdebug_capacity > 0xfffffffe)
2171 put_unaligned_be32(0xffffffff, ap + 0);
2172 else
2173 put_unaligned_be32(sdebug_capacity, ap + 0);
2174 put_unaligned_be16(sdebug_sector_size, ap + 6);
2175 offset += bd_len;
2176 ap = arr + offset;
2177 } else if (16 == bd_len) {
2178 put_unaligned_be64((u64)sdebug_capacity, ap + 0);
2179 put_unaligned_be32(sdebug_sector_size, ap + 12);
2180 offset += bd_len;
2181 ap = arr + offset;
2182 }
2183
2184 if ((subpcode > 0x0) && (subpcode < 0xff) && (0x19 != pcode)) {
2185 /* TODO: Control Extension page */
2186 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 3, -1);
2187 return check_condition_result;
2188 }
2189 bad_pcode = false;
2190
2191 switch (pcode) {
2192 case 0x1: /* Read-Write error recovery page, direct access */
2193 len = resp_err_recov_pg(ap, pcontrol, target);
2194 offset += len;
2195 break;
2196 case 0x2: /* Disconnect-Reconnect page, all devices */
2197 len = resp_disconnect_pg(ap, pcontrol, target);
2198 offset += len;
2199 break;
2200 case 0x3: /* Format device page, direct access */
2201 if (is_disk) {
2202 len = resp_format_pg(ap, pcontrol, target);
2203 offset += len;
2204 } else
2205 bad_pcode = true;
2206 break;
2207 case 0x8: /* Caching page, direct access */
2208 if (is_disk) {
2209 len = resp_caching_pg(ap, pcontrol, target);
2210 offset += len;
2211 } else
2212 bad_pcode = true;
2213 break;
2214 case 0xa: /* Control Mode page, all devices */
2215 len = resp_ctrl_m_pg(ap, pcontrol, target);
2216 offset += len;
2217 break;
2218 case 0x19: /* if spc==1 then sas phy, control+discover */
2219 if ((subpcode > 0x2) && (subpcode < 0xff)) {
2220 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 3, -1);
2221 return check_condition_result;
2222 }
2223 len = 0;
2224 if ((0x0 == subpcode) || (0xff == subpcode))
2225 len += resp_sas_sf_m_pg(ap + len, pcontrol, target);
2226 if ((0x1 == subpcode) || (0xff == subpcode))
2227 len += resp_sas_pcd_m_spg(ap + len, pcontrol, target,
2228 target_dev_id);
2229 if ((0x2 == subpcode) || (0xff == subpcode))
2230 len += resp_sas_sha_m_spg(ap + len, pcontrol);
2231 offset += len;
2232 break;
2233 case 0x1c: /* Informational Exceptions Mode page, all devices */
2234 len = resp_iec_m_pg(ap, pcontrol, target);
2235 offset += len;
2236 break;
2237 case 0x3f: /* Read all Mode pages */
2238 if ((0 == subpcode) || (0xff == subpcode)) {
2239 len = resp_err_recov_pg(ap, pcontrol, target);
2240 len += resp_disconnect_pg(ap + len, pcontrol, target);
2241 if (is_disk) {
2242 len += resp_format_pg(ap + len, pcontrol,
2243 target);
2244 len += resp_caching_pg(ap + len, pcontrol,
2245 target);
2246 }
2247 len += resp_ctrl_m_pg(ap + len, pcontrol, target);
2248 len += resp_sas_sf_m_pg(ap + len, pcontrol, target);
2249 if (0xff == subpcode) {
2250 len += resp_sas_pcd_m_spg(ap + len, pcontrol,
2251 target, target_dev_id);
2252 len += resp_sas_sha_m_spg(ap + len, pcontrol);
2253 }
2254 len += resp_iec_m_pg(ap + len, pcontrol, target);
2255 offset += len;
2256 } else {
2257 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 3, -1);
2258 return check_condition_result;
2259 }
2260 break;
2261 default:
2262 bad_pcode = true;
2263 break;
2264 }
2265 if (bad_pcode) {
2266 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 2, 5);
2267 return check_condition_result;
2268 }
2269 if (msense_6)
2270 arr[0] = offset - 1;
2271 else
2272 put_unaligned_be16((offset - 2), arr + 0);
2273 return fill_from_dev_buffer(scp, arr, min(alloc_len, offset));
2274 }
2275
2276 #define SDEBUG_MAX_MSELECT_SZ 512
2277
2278 static int resp_mode_select(struct scsi_cmnd *scp,
2279 struct sdebug_dev_info *devip)
2280 {
2281 int pf, sp, ps, md_len, bd_len, off, spf, pg_len;
2282 int param_len, res, mpage;
2283 unsigned char arr[SDEBUG_MAX_MSELECT_SZ];
2284 unsigned char *cmd = scp->cmnd;
2285 int mselect6 = (MODE_SELECT == cmd[0]);
2286
2287 memset(arr, 0, sizeof(arr));
2288 pf = cmd[1] & 0x10;
2289 sp = cmd[1] & 0x1;
2290 param_len = mselect6 ? cmd[4] : get_unaligned_be16(cmd + 7);
2291 if ((0 == pf) || sp || (param_len > SDEBUG_MAX_MSELECT_SZ)) {
2292 mk_sense_invalid_fld(scp, SDEB_IN_CDB, mselect6 ? 4 : 7, -1);
2293 return check_condition_result;
2294 }
2295 res = fetch_to_dev_buffer(scp, arr, param_len);
2296 if (-1 == res)
2297 return DID_ERROR << 16;
2298 else if (sdebug_verbose && (res < param_len))
2299 sdev_printk(KERN_INFO, scp->device,
2300 "%s: cdb indicated=%d, IO sent=%d bytes\n",
2301 __func__, param_len, res);
2302 md_len = mselect6 ? (arr[0] + 1) : (get_unaligned_be16(arr + 0) + 2);
2303 bd_len = mselect6 ? arr[3] : get_unaligned_be16(arr + 6);
2304 if (md_len > 2) {
2305 mk_sense_invalid_fld(scp, SDEB_IN_DATA, 0, -1);
2306 return check_condition_result;
2307 }
2308 off = bd_len + (mselect6 ? 4 : 8);
2309 mpage = arr[off] & 0x3f;
2310 ps = !!(arr[off] & 0x80);
2311 if (ps) {
2312 mk_sense_invalid_fld(scp, SDEB_IN_DATA, off, 7);
2313 return check_condition_result;
2314 }
2315 spf = !!(arr[off] & 0x40);
2316 pg_len = spf ? (get_unaligned_be16(arr + off + 2) + 4) :
2317 (arr[off + 1] + 2);
2318 if ((pg_len + off) > param_len) {
2319 mk_sense_buffer(scp, ILLEGAL_REQUEST,
2320 PARAMETER_LIST_LENGTH_ERR, 0);
2321 return check_condition_result;
2322 }
2323 switch (mpage) {
2324 case 0x8: /* Caching Mode page */
2325 if (caching_pg[1] == arr[off + 1]) {
2326 memcpy(caching_pg + 2, arr + off + 2,
2327 sizeof(caching_pg) - 2);
2328 goto set_mode_changed_ua;
2329 }
2330 break;
2331 case 0xa: /* Control Mode page */
2332 if (ctrl_m_pg[1] == arr[off + 1]) {
2333 memcpy(ctrl_m_pg + 2, arr + off + 2,
2334 sizeof(ctrl_m_pg) - 2);
2335 if (ctrl_m_pg[4] & 0x8)
2336 sdebug_wp = true;
2337 else
2338 sdebug_wp = false;
2339 sdebug_dsense = !!(ctrl_m_pg[2] & 0x4);
2340 goto set_mode_changed_ua;
2341 }
2342 break;
2343 case 0x1c: /* Informational Exceptions Mode page */
2344 if (iec_m_pg[1] == arr[off + 1]) {
2345 memcpy(iec_m_pg + 2, arr + off + 2,
2346 sizeof(iec_m_pg) - 2);
2347 goto set_mode_changed_ua;
2348 }
2349 break;
2350 default:
2351 break;
2352 }
2353 mk_sense_invalid_fld(scp, SDEB_IN_DATA, off, 5);
2354 return check_condition_result;
2355 set_mode_changed_ua:
2356 set_bit(SDEBUG_UA_MODE_CHANGED, devip->uas_bm);
2357 return 0;
2358 }
2359
2360 static int resp_temp_l_pg(unsigned char *arr)
2361 {
2362 unsigned char temp_l_pg[] = {0x0, 0x0, 0x3, 0x2, 0x0, 38,
2363 0x0, 0x1, 0x3, 0x2, 0x0, 65,
2364 };
2365
2366 memcpy(arr, temp_l_pg, sizeof(temp_l_pg));
2367 return sizeof(temp_l_pg);
2368 }
2369
2370 static int resp_ie_l_pg(unsigned char *arr)
2371 {
2372 unsigned char ie_l_pg[] = {0x0, 0x0, 0x3, 0x3, 0x0, 0x0, 38,
2373 };
2374
2375 memcpy(arr, ie_l_pg, sizeof(ie_l_pg));
2376 if (iec_m_pg[2] & 0x4) { /* TEST bit set */
2377 arr[4] = THRESHOLD_EXCEEDED;
2378 arr[5] = 0xff;
2379 }
2380 return sizeof(ie_l_pg);
2381 }
2382
2383 #define SDEBUG_MAX_LSENSE_SZ 512
2384
2385 static int resp_log_sense(struct scsi_cmnd *scp,
2386 struct sdebug_dev_info *devip)
2387 {
2388 int ppc, sp, pcode, subpcode, alloc_len, len, n;
2389 unsigned char arr[SDEBUG_MAX_LSENSE_SZ];
2390 unsigned char *cmd = scp->cmnd;
2391
2392 memset(arr, 0, sizeof(arr));
2393 ppc = cmd[1] & 0x2;
2394 sp = cmd[1] & 0x1;
2395 if (ppc || sp) {
2396 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 1, ppc ? 1 : 0);
2397 return check_condition_result;
2398 }
2399 pcode = cmd[2] & 0x3f;
2400 subpcode = cmd[3] & 0xff;
2401 alloc_len = get_unaligned_be16(cmd + 7);
2402 arr[0] = pcode;
2403 if (0 == subpcode) {
2404 switch (pcode) {
2405 case 0x0: /* Supported log pages log page */
2406 n = 4;
2407 arr[n++] = 0x0; /* this page */
2408 arr[n++] = 0xd; /* Temperature */
2409 arr[n++] = 0x2f; /* Informational exceptions */
2410 arr[3] = n - 4;
2411 break;
2412 case 0xd: /* Temperature log page */
2413 arr[3] = resp_temp_l_pg(arr + 4);
2414 break;
2415 case 0x2f: /* Informational exceptions log page */
2416 arr[3] = resp_ie_l_pg(arr + 4);
2417 break;
2418 default:
2419 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 2, 5);
2420 return check_condition_result;
2421 }
2422 } else if (0xff == subpcode) {
2423 arr[0] |= 0x40;
2424 arr[1] = subpcode;
2425 switch (pcode) {
2426 case 0x0: /* Supported log pages and subpages log page */
2427 n = 4;
2428 arr[n++] = 0x0;
2429 arr[n++] = 0x0; /* 0,0 page */
2430 arr[n++] = 0x0;
2431 arr[n++] = 0xff; /* this page */
2432 arr[n++] = 0xd;
2433 arr[n++] = 0x0; /* Temperature */
2434 arr[n++] = 0x2f;
2435 arr[n++] = 0x0; /* Informational exceptions */
2436 arr[3] = n - 4;
2437 break;
2438 case 0xd: /* Temperature subpages */
2439 n = 4;
2440 arr[n++] = 0xd;
2441 arr[n++] = 0x0; /* Temperature */
2442 arr[3] = n - 4;
2443 break;
2444 case 0x2f: /* Informational exceptions subpages */
2445 n = 4;
2446 arr[n++] = 0x2f;
2447 arr[n++] = 0x0; /* Informational exceptions */
2448 arr[3] = n - 4;
2449 break;
2450 default:
2451 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 2, 5);
2452 return check_condition_result;
2453 }
2454 } else {
2455 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 3, -1);
2456 return check_condition_result;
2457 }
2458 len = min(get_unaligned_be16(arr + 2) + 4, alloc_len);
2459 return fill_from_dev_buffer(scp, arr,
2460 min(len, SDEBUG_MAX_INQ_ARR_SZ));
2461 }
2462
2463 static inline int check_device_access_params(struct scsi_cmnd *scp,
2464 unsigned long long lba, unsigned int num, bool write)
2465 {
2466 if (lba + num > sdebug_capacity) {
2467 mk_sense_buffer(scp, ILLEGAL_REQUEST, LBA_OUT_OF_RANGE, 0);
2468 return check_condition_result;
2469 }
2470 /* transfer length excessive (tie in to block limits VPD page) */
2471 if (num > sdebug_store_sectors) {
2472 /* needs work to find which cdb byte 'num' comes from */
2473 mk_sense_buffer(scp, ILLEGAL_REQUEST, INVALID_FIELD_IN_CDB, 0);
2474 return check_condition_result;
2475 }
2476 if (write && unlikely(sdebug_wp)) {
2477 mk_sense_buffer(scp, DATA_PROTECT, WRITE_PROTECTED, 0x2);
2478 return check_condition_result;
2479 }
2480 return 0;
2481 }
2482
2483 /* Returns number of bytes copied or -1 if error. */
2484 static int do_device_access(struct scsi_cmnd *scmd, u32 sg_skip, u64 lba,
2485 u32 num, bool do_write)
2486 {
2487 int ret;
2488 u64 block, rest = 0;
2489 struct scsi_data_buffer *sdb = &scmd->sdb;
2490 enum dma_data_direction dir;
2491
2492 if (do_write) {
2493 dir = DMA_TO_DEVICE;
2494 write_since_sync = true;
2495 } else {
2496 dir = DMA_FROM_DEVICE;
2497 }
2498
2499 if (!sdb->length)
2500 return 0;
2501 if (scmd->sc_data_direction != dir)
2502 return -1;
2503
2504 block = do_div(lba, sdebug_store_sectors);
2505 if (block + num > sdebug_store_sectors)
2506 rest = block + num - sdebug_store_sectors;
2507
2508 ret = sg_copy_buffer(sdb->table.sgl, sdb->table.nents,
2509 fake_storep + (block * sdebug_sector_size),
2510 (num - rest) * sdebug_sector_size, sg_skip, do_write);
2511 if (ret != (num - rest) * sdebug_sector_size)
2512 return ret;
2513
2514 if (rest) {
2515 ret += sg_copy_buffer(sdb->table.sgl, sdb->table.nents,
2516 fake_storep, rest * sdebug_sector_size,
2517 sg_skip + ((num - rest) * sdebug_sector_size),
2518 do_write);
2519 }
2520
2521 return ret;
2522 }
2523
2524 /* If lba2fake_store(lba,num) compares equal to arr(num), then copy top half of
2525 * arr into lba2fake_store(lba,num) and return true. If comparison fails then
2526 * return false. */
2527 static bool comp_write_worker(u64 lba, u32 num, const u8 *arr)
2528 {
2529 bool res;
2530 u64 block, rest = 0;
2531 u32 store_blks = sdebug_store_sectors;
2532 u32 lb_size = sdebug_sector_size;
2533
2534 block = do_div(lba, store_blks);
2535 if (block + num > store_blks)
2536 rest = block + num - store_blks;
2537
2538 res = !memcmp(fake_storep + (block * lb_size), arr,
2539 (num - rest) * lb_size);
2540 if (!res)
2541 return res;
2542 if (rest)
2543 res = memcmp(fake_storep, arr + ((num - rest) * lb_size),
2544 rest * lb_size);
2545 if (!res)
2546 return res;
2547 arr += num * lb_size;
2548 memcpy(fake_storep + (block * lb_size), arr, (num - rest) * lb_size);
2549 if (rest)
2550 memcpy(fake_storep, arr + ((num - rest) * lb_size),
2551 rest * lb_size);
2552 return res;
2553 }
2554
2555 static __be16 dif_compute_csum(const void *buf, int len)
2556 {
2557 __be16 csum;
2558
2559 if (sdebug_guard)
2560 csum = (__force __be16)ip_compute_csum(buf, len);
2561 else
2562 csum = cpu_to_be16(crc_t10dif(buf, len));
2563
2564 return csum;
2565 }
2566
2567 static int dif_verify(struct t10_pi_tuple *sdt, const void *data,
2568 sector_t sector, u32 ei_lba)
2569 {
2570 __be16 csum = dif_compute_csum(data, sdebug_sector_size);
2571
2572 if (sdt->guard_tag != csum) {
2573 pr_err("GUARD check failed on sector %lu rcvd 0x%04x, data 0x%04x\n",
2574 (unsigned long)sector,
2575 be16_to_cpu(sdt->guard_tag),
2576 be16_to_cpu(csum));
2577 return 0x01;
2578 }
2579 if (sdebug_dif == T10_PI_TYPE1_PROTECTION &&
2580 be32_to_cpu(sdt->ref_tag) != (sector & 0xffffffff)) {
2581 pr_err("REF check failed on sector %lu\n",
2582 (unsigned long)sector);
2583 return 0x03;
2584 }
2585 if (sdebug_dif == T10_PI_TYPE2_PROTECTION &&
2586 be32_to_cpu(sdt->ref_tag) != ei_lba) {
2587 pr_err("REF check failed on sector %lu\n",
2588 (unsigned long)sector);
2589 return 0x03;
2590 }
2591 return 0;
2592 }
2593
2594 static void dif_copy_prot(struct scsi_cmnd *SCpnt, sector_t sector,
2595 unsigned int sectors, bool read)
2596 {
2597 size_t resid;
2598 void *paddr;
2599 const void *dif_store_end = dif_storep + sdebug_store_sectors;
2600 struct sg_mapping_iter miter;
2601
2602 /* Bytes of protection data to copy into sgl */
2603 resid = sectors * sizeof(*dif_storep);
2604
2605 sg_miter_start(&miter, scsi_prot_sglist(SCpnt),
2606 scsi_prot_sg_count(SCpnt), SG_MITER_ATOMIC |
2607 (read ? SG_MITER_TO_SG : SG_MITER_FROM_SG));
2608
2609 while (sg_miter_next(&miter) && resid > 0) {
2610 size_t len = min(miter.length, resid);
2611 void *start = dif_store(sector);
2612 size_t rest = 0;
2613
2614 if (dif_store_end < start + len)
2615 rest = start + len - dif_store_end;
2616
2617 paddr = miter.addr;
2618
2619 if (read)
2620 memcpy(paddr, start, len - rest);
2621 else
2622 memcpy(start, paddr, len - rest);
2623
2624 if (rest) {
2625 if (read)
2626 memcpy(paddr + len - rest, dif_storep, rest);
2627 else
2628 memcpy(dif_storep, paddr + len - rest, rest);
2629 }
2630
2631 sector += len / sizeof(*dif_storep);
2632 resid -= len;
2633 }
2634 sg_miter_stop(&miter);
2635 }
2636
2637 static int prot_verify_read(struct scsi_cmnd *SCpnt, sector_t start_sec,
2638 unsigned int sectors, u32 ei_lba)
2639 {
2640 unsigned int i;
2641 struct t10_pi_tuple *sdt;
2642 sector_t sector;
2643
2644 for (i = 0; i < sectors; i++, ei_lba++) {
2645 int ret;
2646
2647 sector = start_sec + i;
2648 sdt = dif_store(sector);
2649
2650 if (sdt->app_tag == cpu_to_be16(0xffff))
2651 continue;
2652
2653 ret = dif_verify(sdt, lba2fake_store(sector), sector, ei_lba);
2654 if (ret) {
2655 dif_errors++;
2656 return ret;
2657 }
2658 }
2659
2660 dif_copy_prot(SCpnt, start_sec, sectors, true);
2661 dix_reads++;
2662
2663 return 0;
2664 }
2665
2666 static int resp_read_dt0(struct scsi_cmnd *scp, struct sdebug_dev_info *devip)
2667 {
2668 u8 *cmd = scp->cmnd;
2669 struct sdebug_queued_cmd *sqcp;
2670 u64 lba;
2671 u32 num;
2672 u32 ei_lba;
2673 unsigned long iflags;
2674 int ret;
2675 bool check_prot;
2676
2677 switch (cmd[0]) {
2678 case READ_16:
2679 ei_lba = 0;
2680 lba = get_unaligned_be64(cmd + 2);
2681 num = get_unaligned_be32(cmd + 10);
2682 check_prot = true;
2683 break;
2684 case READ_10:
2685 ei_lba = 0;
2686 lba = get_unaligned_be32(cmd + 2);
2687 num = get_unaligned_be16(cmd + 7);
2688 check_prot = true;
2689 break;
2690 case READ_6:
2691 ei_lba = 0;
2692 lba = (u32)cmd[3] | (u32)cmd[2] << 8 |
2693 (u32)(cmd[1] & 0x1f) << 16;
2694 num = (0 == cmd[4]) ? 256 : cmd[4];
2695 check_prot = true;
2696 break;
2697 case READ_12:
2698 ei_lba = 0;
2699 lba = get_unaligned_be32(cmd + 2);
2700 num = get_unaligned_be32(cmd + 6);
2701 check_prot = true;
2702 break;
2703 case XDWRITEREAD_10:
2704 ei_lba = 0;
2705 lba = get_unaligned_be32(cmd + 2);
2706 num = get_unaligned_be16(cmd + 7);
2707 check_prot = false;
2708 break;
2709 default: /* assume READ(32) */
2710 lba = get_unaligned_be64(cmd + 12);
2711 ei_lba = get_unaligned_be32(cmd + 20);
2712 num = get_unaligned_be32(cmd + 28);
2713 check_prot = false;
2714 break;
2715 }
2716 if (unlikely(have_dif_prot && check_prot)) {
2717 if (sdebug_dif == T10_PI_TYPE2_PROTECTION &&
2718 (cmd[1] & 0xe0)) {
2719 mk_sense_invalid_opcode(scp);
2720 return check_condition_result;
2721 }
2722 if ((sdebug_dif == T10_PI_TYPE1_PROTECTION ||
2723 sdebug_dif == T10_PI_TYPE3_PROTECTION) &&
2724 (cmd[1] & 0xe0) == 0)
2725 sdev_printk(KERN_ERR, scp->device, "Unprotected RD "
2726 "to DIF device\n");
2727 }
2728 if (unlikely(sdebug_any_injecting_opt)) {
2729 sqcp = (struct sdebug_queued_cmd *)scp->host_scribble;
2730
2731 if (sqcp) {
2732 if (sqcp->inj_short)
2733 num /= 2;
2734 }
2735 } else
2736 sqcp = NULL;
2737
2738 ret = check_device_access_params(scp, lba, num, false);
2739 if (ret)
2740 return ret;
2741 if (unlikely((SDEBUG_OPT_MEDIUM_ERR & sdebug_opts) &&
2742 (lba <= (sdebug_medium_error_start + sdebug_medium_error_count - 1)) &&
2743 ((lba + num) > sdebug_medium_error_start))) {
2744 /* claim unrecoverable read error */
2745 mk_sense_buffer(scp, MEDIUM_ERROR, UNRECOVERED_READ_ERR, 0);
2746 /* set info field and valid bit for fixed descriptor */
2747 if (0x70 == (scp->sense_buffer[0] & 0x7f)) {
2748 scp->sense_buffer[0] |= 0x80; /* Valid bit */
2749 ret = (lba < OPT_MEDIUM_ERR_ADDR)
2750 ? OPT_MEDIUM_ERR_ADDR : (int)lba;
2751 put_unaligned_be32(ret, scp->sense_buffer + 3);
2752 }
2753 scsi_set_resid(scp, scsi_bufflen(scp));
2754 return check_condition_result;
2755 }
2756
2757 read_lock_irqsave(&atomic_rw, iflags);
2758
2759 /* DIX + T10 DIF */
2760 if (unlikely(sdebug_dix && scsi_prot_sg_count(scp))) {
2761 int prot_ret = prot_verify_read(scp, lba, num, ei_lba);
2762
2763 if (prot_ret) {
2764 read_unlock_irqrestore(&atomic_rw, iflags);
2765 mk_sense_buffer(scp, ABORTED_COMMAND, 0x10, prot_ret);
2766 return illegal_condition_result;
2767 }
2768 }
2769
2770 ret = do_device_access(scp, 0, lba, num, false);
2771 read_unlock_irqrestore(&atomic_rw, iflags);
2772 if (unlikely(ret == -1))
2773 return DID_ERROR << 16;
2774
2775 scsi_set_resid(scp, scsi_bufflen(scp) - ret);
2776
2777 if (unlikely(sqcp)) {
2778 if (sqcp->inj_recovered) {
2779 mk_sense_buffer(scp, RECOVERED_ERROR,
2780 THRESHOLD_EXCEEDED, 0);
2781 return check_condition_result;
2782 } else if (sqcp->inj_transport) {
2783 mk_sense_buffer(scp, ABORTED_COMMAND,
2784 TRANSPORT_PROBLEM, ACK_NAK_TO);
2785 return check_condition_result;
2786 } else if (sqcp->inj_dif) {
2787 /* Logical block guard check failed */
2788 mk_sense_buffer(scp, ABORTED_COMMAND, 0x10, 1);
2789 return illegal_condition_result;
2790 } else if (sqcp->inj_dix) {
2791 mk_sense_buffer(scp, ILLEGAL_REQUEST, 0x10, 1);
2792 return illegal_condition_result;
2793 }
2794 }
2795 return 0;
2796 }
2797
2798 static void dump_sector(unsigned char *buf, int len)
2799 {
2800 int i, j, n;
2801
2802 pr_err(">>> Sector Dump <<<\n");
2803 for (i = 0 ; i < len ; i += 16) {
2804 char b[128];
2805
2806 for (j = 0, n = 0; j < 16; j++) {
2807 unsigned char c = buf[i+j];
2808
2809 if (c >= 0x20 && c < 0x7e)
2810 n += scnprintf(b + n, sizeof(b) - n,
2811 " %c ", buf[i+j]);
2812 else
2813 n += scnprintf(b + n, sizeof(b) - n,
2814 "%02x ", buf[i+j]);
2815 }
2816 pr_err("%04d: %s\n", i, b);
2817 }
2818 }
2819
2820 static int prot_verify_write(struct scsi_cmnd *SCpnt, sector_t start_sec,
2821 unsigned int sectors, u32 ei_lba)
2822 {
2823 int ret;
2824 struct t10_pi_tuple *sdt;
2825 void *daddr;
2826 sector_t sector = start_sec;
2827 int ppage_offset;
2828 int dpage_offset;
2829 struct sg_mapping_iter diter;
2830 struct sg_mapping_iter piter;
2831
2832 BUG_ON(scsi_sg_count(SCpnt) == 0);
2833 BUG_ON(scsi_prot_sg_count(SCpnt) == 0);
2834
2835 sg_miter_start(&piter, scsi_prot_sglist(SCpnt),
2836 scsi_prot_sg_count(SCpnt),
2837 SG_MITER_ATOMIC | SG_MITER_FROM_SG);
2838 sg_miter_start(&diter, scsi_sglist(SCpnt), scsi_sg_count(SCpnt),
2839 SG_MITER_ATOMIC | SG_MITER_FROM_SG);
2840
2841 /* For each protection page */
2842 while (sg_miter_next(&piter)) {
2843 dpage_offset = 0;
2844 if (WARN_ON(!sg_miter_next(&diter))) {
2845 ret = 0x01;
2846 goto out;
2847 }
2848
2849 for (ppage_offset = 0; ppage_offset < piter.length;
2850 ppage_offset += sizeof(struct t10_pi_tuple)) {
2851 /* If we're at the end of the current
2852 * data page advance to the next one
2853 */
2854 if (dpage_offset >= diter.length) {
2855 if (WARN_ON(!sg_miter_next(&diter))) {
2856 ret = 0x01;
2857 goto out;
2858 }
2859 dpage_offset = 0;
2860 }
2861
2862 sdt = piter.addr + ppage_offset;
2863 daddr = diter.addr + dpage_offset;
2864
2865 ret = dif_verify(sdt, daddr, sector, ei_lba);
2866 if (ret) {
2867 dump_sector(daddr, sdebug_sector_size);
2868 goto out;
2869 }
2870
2871 sector++;
2872 ei_lba++;
2873 dpage_offset += sdebug_sector_size;
2874 }
2875 diter.consumed = dpage_offset;
2876 sg_miter_stop(&diter);
2877 }
2878 sg_miter_stop(&piter);
2879
2880 dif_copy_prot(SCpnt, start_sec, sectors, false);
2881 dix_writes++;
2882
2883 return 0;
2884
2885 out:
2886 dif_errors++;
2887 sg_miter_stop(&diter);
2888 sg_miter_stop(&piter);
2889 return ret;
2890 }
2891
2892 static unsigned long lba_to_map_index(sector_t lba)
2893 {
2894 if (sdebug_unmap_alignment)
2895 lba += sdebug_unmap_granularity - sdebug_unmap_alignment;
2896 sector_div(lba, sdebug_unmap_granularity);
2897 return lba;
2898 }
2899
2900 static sector_t map_index_to_lba(unsigned long index)
2901 {
2902 sector_t lba = index * sdebug_unmap_granularity;
2903
2904 if (sdebug_unmap_alignment)
2905 lba -= sdebug_unmap_granularity - sdebug_unmap_alignment;
2906 return lba;
2907 }
2908
2909 static unsigned int map_state(sector_t lba, unsigned int *num)
2910 {
2911 sector_t end;
2912 unsigned int mapped;
2913 unsigned long index;
2914 unsigned long next;
2915
2916 index = lba_to_map_index(lba);
2917 mapped = test_bit(index, map_storep);
2918
2919 if (mapped)
2920 next = find_next_zero_bit(map_storep, map_size, index);
2921 else
2922 next = find_next_bit(map_storep, map_size, index);
2923
2924 end = min_t(sector_t, sdebug_store_sectors, map_index_to_lba(next));
2925 *num = end - lba;
2926 return mapped;
2927 }
2928
2929 static void map_region(sector_t lba, unsigned int len)
2930 {
2931 sector_t end = lba + len;
2932
2933 while (lba < end) {
2934 unsigned long index = lba_to_map_index(lba);
2935
2936 if (index < map_size)
2937 set_bit(index, map_storep);
2938
2939 lba = map_index_to_lba(index + 1);
2940 }
2941 }
2942
2943 static void unmap_region(sector_t lba, unsigned int len)
2944 {
2945 sector_t end = lba + len;
2946
2947 while (lba < end) {
2948 unsigned long index = lba_to_map_index(lba);
2949
2950 if (lba == map_index_to_lba(index) &&
2951 lba + sdebug_unmap_granularity <= end &&
2952 index < map_size) {
2953 clear_bit(index, map_storep);
2954 if (sdebug_lbprz) { /* for LBPRZ=2 return 0xff_s */
2955 memset(fake_storep +
2956 lba * sdebug_sector_size,
2957 (sdebug_lbprz & 1) ? 0 : 0xff,
2958 sdebug_sector_size *
2959 sdebug_unmap_granularity);
2960 }
2961 if (dif_storep) {
2962 memset(dif_storep + lba, 0xff,
2963 sizeof(*dif_storep) *
2964 sdebug_unmap_granularity);
2965 }
2966 }
2967 lba = map_index_to_lba(index + 1);
2968 }
2969 }
2970
2971 static int resp_write_dt0(struct scsi_cmnd *scp, struct sdebug_dev_info *devip)
2972 {
2973 u8 *cmd = scp->cmnd;
2974 u64 lba;
2975 u32 num;
2976 u32 ei_lba;
2977 unsigned long iflags;
2978 int ret;
2979 bool check_prot;
2980
2981 switch (cmd[0]) {
2982 case WRITE_16:
2983 ei_lba = 0;
2984 lba = get_unaligned_be64(cmd + 2);
2985 num = get_unaligned_be32(cmd + 10);
2986 check_prot = true;
2987 break;
2988 case WRITE_10:
2989 ei_lba = 0;
2990 lba = get_unaligned_be32(cmd + 2);
2991 num = get_unaligned_be16(cmd + 7);
2992 check_prot = true;
2993 break;
2994 case WRITE_6:
2995 ei_lba = 0;
2996 lba = (u32)cmd[3] | (u32)cmd[2] << 8 |
2997 (u32)(cmd[1] & 0x1f) << 16;
2998 num = (0 == cmd[4]) ? 256 : cmd[4];
2999 check_prot = true;
3000 break;
3001 case WRITE_12:
3002 ei_lba = 0;
3003 lba = get_unaligned_be32(cmd + 2);
3004 num = get_unaligned_be32(cmd + 6);
3005 check_prot = true;
3006 break;
3007 case 0x53: /* XDWRITEREAD(10) */
3008 ei_lba = 0;
3009 lba = get_unaligned_be32(cmd + 2);
3010 num = get_unaligned_be16(cmd + 7);
3011 check_prot = false;
3012 break;
3013 default: /* assume WRITE(32) */
3014 lba = get_unaligned_be64(cmd + 12);
3015 ei_lba = get_unaligned_be32(cmd + 20);
3016 num = get_unaligned_be32(cmd + 28);
3017 check_prot = false;
3018 break;
3019 }
3020 if (unlikely(have_dif_prot && check_prot)) {
3021 if (sdebug_dif == T10_PI_TYPE2_PROTECTION &&
3022 (cmd[1] & 0xe0)) {
3023 mk_sense_invalid_opcode(scp);
3024 return check_condition_result;
3025 }
3026 if ((sdebug_dif == T10_PI_TYPE1_PROTECTION ||
3027 sdebug_dif == T10_PI_TYPE3_PROTECTION) &&
3028 (cmd[1] & 0xe0) == 0)
3029 sdev_printk(KERN_ERR, scp->device, "Unprotected WR "
3030 "to DIF device\n");
3031 }
3032 ret = check_device_access_params(scp, lba, num, true);
3033 if (ret)
3034 return ret;
3035 write_lock_irqsave(&atomic_rw, iflags);
3036
3037 /* DIX + T10 DIF */
3038 if (unlikely(sdebug_dix && scsi_prot_sg_count(scp))) {
3039 int prot_ret = prot_verify_write(scp, lba, num, ei_lba);
3040
3041 if (prot_ret) {
3042 write_unlock_irqrestore(&atomic_rw, iflags);
3043 mk_sense_buffer(scp, ILLEGAL_REQUEST, 0x10, prot_ret);
3044 return illegal_condition_result;
3045 }
3046 }
3047
3048 ret = do_device_access(scp, 0, lba, num, true);
3049 if (unlikely(scsi_debug_lbp()))
3050 map_region(lba, num);
3051 write_unlock_irqrestore(&atomic_rw, iflags);
3052 if (unlikely(-1 == ret))
3053 return DID_ERROR << 16;
3054 else if (unlikely(sdebug_verbose &&
3055 (ret < (num * sdebug_sector_size))))
3056 sdev_printk(KERN_INFO, scp->device,
3057 "%s: write: cdb indicated=%u, IO sent=%d bytes\n",
3058 my_name, num * sdebug_sector_size, ret);
3059
3060 if (unlikely(sdebug_any_injecting_opt)) {
3061 struct sdebug_queued_cmd *sqcp =
3062 (struct sdebug_queued_cmd *)scp->host_scribble;
3063
3064 if (sqcp) {
3065 if (sqcp->inj_recovered) {
3066 mk_sense_buffer(scp, RECOVERED_ERROR,
3067 THRESHOLD_EXCEEDED, 0);
3068 return check_condition_result;
3069 } else if (sqcp->inj_dif) {
3070 /* Logical block guard check failed */
3071 mk_sense_buffer(scp, ABORTED_COMMAND, 0x10, 1);
3072 return illegal_condition_result;
3073 } else if (sqcp->inj_dix) {
3074 mk_sense_buffer(scp, ILLEGAL_REQUEST, 0x10, 1);
3075 return illegal_condition_result;
3076 }
3077 }
3078 }
3079 return 0;
3080 }
3081
3082 /*
3083 * T10 has only specified WRITE SCATTERED(16) and WRITE SCATTERED(32).
3084 * No READ GATHERED yet (requires bidi or long cdb holding gather list).
3085 */
3086 static int resp_write_scat(struct scsi_cmnd *scp,
3087 struct sdebug_dev_info *devip)
3088 {
3089 u8 *cmd = scp->cmnd;
3090 u8 *lrdp = NULL;
3091 u8 *up;
3092 u8 wrprotect;
3093 u16 lbdof, num_lrd, k;
3094 u32 num, num_by, bt_len, lbdof_blen, sg_off, cum_lb;
3095 u32 lb_size = sdebug_sector_size;
3096 u32 ei_lba;
3097 u64 lba;
3098 unsigned long iflags;
3099 int ret, res;
3100 bool is_16;
3101 static const u32 lrd_size = 32; /* + parameter list header size */
3102
3103 if (cmd[0] == VARIABLE_LENGTH_CMD) {
3104 is_16 = false;
3105 wrprotect = (cmd[10] >> 5) & 0x7;
3106 lbdof = get_unaligned_be16(cmd + 12);
3107 num_lrd = get_unaligned_be16(cmd + 16);
3108 bt_len = get_unaligned_be32(cmd + 28);
3109 } else { /* that leaves WRITE SCATTERED(16) */
3110 is_16 = true;
3111 wrprotect = (cmd[2] >> 5) & 0x7;
3112 lbdof = get_unaligned_be16(cmd + 4);
3113 num_lrd = get_unaligned_be16(cmd + 8);
3114 bt_len = get_unaligned_be32(cmd + 10);
3115 if (unlikely(have_dif_prot)) {
3116 if (sdebug_dif == T10_PI_TYPE2_PROTECTION &&
3117 wrprotect) {
3118 mk_sense_invalid_opcode(scp);
3119 return illegal_condition_result;
3120 }
3121 if ((sdebug_dif == T10_PI_TYPE1_PROTECTION ||
3122 sdebug_dif == T10_PI_TYPE3_PROTECTION) &&
3123 wrprotect == 0)
3124 sdev_printk(KERN_ERR, scp->device,
3125 "Unprotected WR to DIF device\n");
3126 }
3127 }
3128 if ((num_lrd == 0) || (bt_len == 0))
3129 return 0; /* T10 says these do-nothings are not errors */
3130 if (lbdof == 0) {
3131 if (sdebug_verbose)
3132 sdev_printk(KERN_INFO, scp->device,
3133 "%s: %s: LB Data Offset field bad\n",
3134 my_name, __func__);
3135 mk_sense_buffer(scp, ILLEGAL_REQUEST, INVALID_FIELD_IN_CDB, 0);
3136 return illegal_condition_result;
3137 }
3138 lbdof_blen = lbdof * lb_size;
3139 if ((lrd_size + (num_lrd * lrd_size)) > lbdof_blen) {
3140 if (sdebug_verbose)
3141 sdev_printk(KERN_INFO, scp->device,
3142 "%s: %s: LBA range descriptors don't fit\n",
3143 my_name, __func__);
3144 mk_sense_buffer(scp, ILLEGAL_REQUEST, INVALID_FIELD_IN_CDB, 0);
3145 return illegal_condition_result;
3146 }
3147 lrdp = kzalloc(lbdof_blen, GFP_ATOMIC);
3148 if (lrdp == NULL)
3149 return SCSI_MLQUEUE_HOST_BUSY;
3150 if (sdebug_verbose)
3151 sdev_printk(KERN_INFO, scp->device,
3152 "%s: %s: Fetch header+scatter_list, lbdof_blen=%u\n",
3153 my_name, __func__, lbdof_blen);
3154 res = fetch_to_dev_buffer(scp, lrdp, lbdof_blen);
3155 if (res == -1) {
3156 ret = DID_ERROR << 16;
3157 goto err_out;
3158 }
3159
3160 write_lock_irqsave(&atomic_rw, iflags);
3161 sg_off = lbdof_blen;
3162 /* Spec says Buffer xfer Length field in number of LBs in dout */
3163 cum_lb = 0;
3164 for (k = 0, up = lrdp + lrd_size; k < num_lrd; ++k, up += lrd_size) {
3165 lba = get_unaligned_be64(up + 0);
3166 num = get_unaligned_be32(up + 8);
3167 if (sdebug_verbose)
3168 sdev_printk(KERN_INFO, scp->device,
3169 "%s: %s: k=%d LBA=0x%llx num=%u sg_off=%u\n",
3170 my_name, __func__, k, lba, num, sg_off);
3171 if (num == 0)
3172 continue;
3173 ret = check_device_access_params(scp, lba, num, true);
3174 if (ret)
3175 goto err_out_unlock;
3176 num_by = num * lb_size;
3177 ei_lba = is_16 ? 0 : get_unaligned_be32(up + 12);
3178
3179 if ((cum_lb + num) > bt_len) {
3180 if (sdebug_verbose)
3181 sdev_printk(KERN_INFO, scp->device,
3182 "%s: %s: sum of blocks > data provided\n",
3183 my_name, __func__);
3184 mk_sense_buffer(scp, ILLEGAL_REQUEST, WRITE_ERROR_ASC,
3185 0);
3186 ret = illegal_condition_result;
3187 goto err_out_unlock;
3188 }
3189
3190 /* DIX + T10 DIF */
3191 if (unlikely(sdebug_dix && scsi_prot_sg_count(scp))) {
3192 int prot_ret = prot_verify_write(scp, lba, num,
3193 ei_lba);
3194
3195 if (prot_ret) {
3196 mk_sense_buffer(scp, ILLEGAL_REQUEST, 0x10,
3197 prot_ret);
3198 ret = illegal_condition_result;
3199 goto err_out_unlock;
3200 }
3201 }
3202
3203 ret = do_device_access(scp, sg_off, lba, num, true);
3204 if (unlikely(scsi_debug_lbp()))
3205 map_region(lba, num);
3206 if (unlikely(-1 == ret)) {
3207 ret = DID_ERROR << 16;
3208 goto err_out_unlock;
3209 } else if (unlikely(sdebug_verbose && (ret < num_by)))
3210 sdev_printk(KERN_INFO, scp->device,
3211 "%s: write: cdb indicated=%u, IO sent=%d bytes\n",
3212 my_name, num_by, ret);
3213
3214 if (unlikely(sdebug_any_injecting_opt)) {
3215 struct sdebug_queued_cmd *sqcp =
3216 (struct sdebug_queued_cmd *)scp->host_scribble;
3217
3218 if (sqcp) {
3219 if (sqcp->inj_recovered) {
3220 mk_sense_buffer(scp, RECOVERED_ERROR,
3221 THRESHOLD_EXCEEDED, 0);
3222 ret = illegal_condition_result;
3223 goto err_out_unlock;
3224 } else if (sqcp->inj_dif) {
3225 /* Logical block guard check failed */
3226 mk_sense_buffer(scp, ABORTED_COMMAND,
3227 0x10, 1);
3228 ret = illegal_condition_result;
3229 goto err_out_unlock;
3230 } else if (sqcp->inj_dix) {
3231 mk_sense_buffer(scp, ILLEGAL_REQUEST,
3232 0x10, 1);
3233 ret = illegal_condition_result;
3234 goto err_out_unlock;
3235 }
3236 }
3237 }
3238 sg_off += num_by;
3239 cum_lb += num;
3240 }
3241 ret = 0;
3242 err_out_unlock:
3243 write_unlock_irqrestore(&atomic_rw, iflags);
3244 err_out:
3245 kfree(lrdp);
3246 return ret;
3247 }
3248
3249 static int resp_write_same(struct scsi_cmnd *scp, u64 lba, u32 num,
3250 u32 ei_lba, bool unmap, bool ndob)
3251 {
3252 int ret;
3253 unsigned long iflags;
3254 unsigned long long i;
3255 u32 lb_size = sdebug_sector_size;
3256 u64 block, lbaa;
3257 u8 *fs1p;
3258
3259 ret = check_device_access_params(scp, lba, num, true);
3260 if (ret)
3261 return ret;
3262
3263 write_lock_irqsave(&atomic_rw, iflags);
3264
3265 if (unmap && scsi_debug_lbp()) {
3266 unmap_region(lba, num);
3267 goto out;
3268 }
3269 lbaa = lba;
3270 block = do_div(lbaa, sdebug_store_sectors);
3271 /* if ndob then zero 1 logical block, else fetch 1 logical block */
3272 fs1p = fake_storep + (block * lb_size);
3273 if (ndob) {
3274 memset(fs1p, 0, lb_size);
3275 ret = 0;
3276 } else
3277 ret = fetch_to_dev_buffer(scp, fs1p, lb_size);
3278
3279 if (-1 == ret) {
3280 write_unlock_irqrestore(&atomic_rw, iflags);
3281 return DID_ERROR << 16;
3282 } else if (sdebug_verbose && !ndob && (ret < lb_size))
3283 sdev_printk(KERN_INFO, scp->device,
3284 "%s: %s: lb size=%u, IO sent=%d bytes\n",
3285 my_name, "write same", lb_size, ret);
3286
3287 /* Copy first sector to remaining blocks */
3288 for (i = 1 ; i < num ; i++) {
3289 lbaa = lba + i;
3290 block = do_div(lbaa, sdebug_store_sectors);
3291 memmove(fake_storep + (block * lb_size), fs1p, lb_size);
3292 }
3293 if (scsi_debug_lbp())
3294 map_region(lba, num);
3295 out:
3296 write_unlock_irqrestore(&atomic_rw, iflags);
3297
3298 return 0;
3299 }
3300
3301 static int resp_write_same_10(struct scsi_cmnd *scp,
3302 struct sdebug_dev_info *devip)
3303 {
3304 u8 *cmd = scp->cmnd;
3305 u32 lba;
3306 u16 num;
3307 u32 ei_lba = 0;
3308 bool unmap = false;
3309
3310 if (cmd[1] & 0x8) {
3311 if (sdebug_lbpws10 == 0) {
3312 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 1, 3);
3313 return check_condition_result;
3314 } else
3315 unmap = true;
3316 }
3317 lba = get_unaligned_be32(cmd + 2);
3318 num = get_unaligned_be16(cmd + 7);
3319 if (num > sdebug_write_same_length) {
3320 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 7, -1);
3321 return check_condition_result;
3322 }
3323 return resp_write_same(scp, lba, num, ei_lba, unmap, false);
3324 }
3325
3326 static int resp_write_same_16(struct scsi_cmnd *scp,
3327 struct sdebug_dev_info *devip)
3328 {
3329 u8 *cmd = scp->cmnd;
3330 u64 lba;
3331 u32 num;
3332 u32 ei_lba = 0;
3333 bool unmap = false;
3334 bool ndob = false;
3335
3336 if (cmd[1] & 0x8) { /* UNMAP */
3337 if (sdebug_lbpws == 0) {
3338 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 1, 3);
3339 return check_condition_result;
3340 } else
3341 unmap = true;
3342 }
3343 if (cmd[1] & 0x1) /* NDOB (no data-out buffer, assumes zeroes) */
3344 ndob = true;
3345 lba = get_unaligned_be64(cmd + 2);
3346 num = get_unaligned_be32(cmd + 10);
3347 if (num > sdebug_write_same_length) {
3348 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 10, -1);
3349 return check_condition_result;
3350 }
3351 return resp_write_same(scp, lba, num, ei_lba, unmap, ndob);
3352 }
3353
3354 /* Note the mode field is in the same position as the (lower) service action
3355 * field. For the Report supported operation codes command, SPC-4 suggests
3356 * each mode of this command should be reported separately; for future. */
3357 static int resp_write_buffer(struct scsi_cmnd *scp,
3358 struct sdebug_dev_info *devip)
3359 {
3360 u8 *cmd = scp->cmnd;
3361 struct scsi_device *sdp = scp->device;
3362 struct sdebug_dev_info *dp;
3363 u8 mode;
3364
3365 mode = cmd[1] & 0x1f;
3366 switch (mode) {
3367 case 0x4: /* download microcode (MC) and activate (ACT) */
3368 /* set UAs on this device only */
3369 set_bit(SDEBUG_UA_BUS_RESET, devip->uas_bm);
3370 set_bit(SDEBUG_UA_MICROCODE_CHANGED, devip->uas_bm);
3371 break;
3372 case 0x5: /* download MC, save and ACT */
3373 set_bit(SDEBUG_UA_MICROCODE_CHANGED_WO_RESET, devip->uas_bm);
3374 break;
3375 case 0x6: /* download MC with offsets and ACT */
3376 /* set UAs on most devices (LUs) in this target */
3377 list_for_each_entry(dp,
3378 &devip->sdbg_host->dev_info_list,
3379 dev_list)
3380 if (dp->target == sdp->id) {
3381 set_bit(SDEBUG_UA_BUS_RESET, dp->uas_bm);
3382 if (devip != dp)
3383 set_bit(SDEBUG_UA_MICROCODE_CHANGED,
3384 dp->uas_bm);
3385 }
3386 break;
3387 case 0x7: /* download MC with offsets, save, and ACT */
3388 /* set UA on all devices (LUs) in this target */
3389 list_for_each_entry(dp,
3390 &devip->sdbg_host->dev_info_list,
3391 dev_list)
3392 if (dp->target == sdp->id)
3393 set_bit(SDEBUG_UA_MICROCODE_CHANGED_WO_RESET,
3394 dp->uas_bm);
3395 break;
3396 default:
3397 /* do nothing for this command for other mode values */
3398 break;
3399 }
3400 return 0;
3401 }
3402
3403 static int resp_comp_write(struct scsi_cmnd *scp,
3404 struct sdebug_dev_info *devip)
3405 {
3406 u8 *cmd = scp->cmnd;
3407 u8 *arr;
3408 u8 *fake_storep_hold;
3409 u64 lba;
3410 u32 dnum;
3411 u32 lb_size = sdebug_sector_size;
3412 u8 num;
3413 unsigned long iflags;
3414 int ret;
3415 int retval = 0;
3416
3417 lba = get_unaligned_be64(cmd + 2);
3418 num = cmd[13]; /* 1 to a maximum of 255 logical blocks */
3419 if (0 == num)
3420 return 0; /* degenerate case, not an error */
3421 if (sdebug_dif == T10_PI_TYPE2_PROTECTION &&
3422 (cmd[1] & 0xe0)) {
3423 mk_sense_invalid_opcode(scp);
3424 return check_condition_result;
3425 }
3426 if ((sdebug_dif == T10_PI_TYPE1_PROTECTION ||
3427 sdebug_dif == T10_PI_TYPE3_PROTECTION) &&
3428 (cmd[1] & 0xe0) == 0)
3429 sdev_printk(KERN_ERR, scp->device, "Unprotected WR "
3430 "to DIF device\n");
3431 ret = check_device_access_params(scp, lba, num, false);
3432 if (ret)
3433 return ret;
3434 dnum = 2 * num;
3435 arr = kcalloc(lb_size, dnum, GFP_ATOMIC);
3436 if (NULL == arr) {
3437 mk_sense_buffer(scp, ILLEGAL_REQUEST, INSUFF_RES_ASC,
3438 INSUFF_RES_ASCQ);
3439 return check_condition_result;
3440 }
3441
3442 write_lock_irqsave(&atomic_rw, iflags);
3443
3444 /* trick do_device_access() to fetch both compare and write buffers
3445 * from data-in into arr. Safe (atomic) since write_lock held. */
3446 fake_storep_hold = fake_storep;
3447 fake_storep = arr;
3448 ret = do_device_access(scp, 0, 0, dnum, true);
3449 fake_storep = fake_storep_hold;
3450 if (ret == -1) {
3451 retval = DID_ERROR << 16;
3452 goto cleanup;
3453 } else if (sdebug_verbose && (ret < (dnum * lb_size)))
3454 sdev_printk(KERN_INFO, scp->device, "%s: compare_write: cdb "
3455 "indicated=%u, IO sent=%d bytes\n", my_name,
3456 dnum * lb_size, ret);
3457 if (!comp_write_worker(lba, num, arr)) {
3458 mk_sense_buffer(scp, MISCOMPARE, MISCOMPARE_VERIFY_ASC, 0);
3459 retval = check_condition_result;
3460 goto cleanup;
3461 }
3462 if (scsi_debug_lbp())
3463 map_region(lba, num);
3464 cleanup:
3465 write_unlock_irqrestore(&atomic_rw, iflags);
3466 kfree(arr);
3467 return retval;
3468 }
3469
3470 struct unmap_block_desc {
3471 __be64 lba;
3472 __be32 blocks;
3473 __be32 __reserved;
3474 };
3475
3476 static int resp_unmap(struct scsi_cmnd *scp, struct sdebug_dev_info *devip)
3477 {
3478 unsigned char *buf;
3479 struct unmap_block_desc *desc;
3480 unsigned int i, payload_len, descriptors;
3481 int ret;
3482 unsigned long iflags;
3483
3484
3485 if (!scsi_debug_lbp())
3486 return 0; /* fib and say its done */
3487 payload_len = get_unaligned_be16(scp->cmnd + 7);
3488 BUG_ON(scsi_bufflen(scp) != payload_len);
3489
3490 descriptors = (payload_len - 8) / 16;
3491 if (descriptors > sdebug_unmap_max_desc) {
3492 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 7, -1);
3493 return check_condition_result;
3494 }
3495
3496 buf = kzalloc(scsi_bufflen(scp), GFP_ATOMIC);
3497 if (!buf) {
3498 mk_sense_buffer(scp, ILLEGAL_REQUEST, INSUFF_RES_ASC,
3499 INSUFF_RES_ASCQ);
3500 return check_condition_result;
3501 }
3502
3503 scsi_sg_copy_to_buffer(scp, buf, scsi_bufflen(scp));
3504
3505 BUG_ON(get_unaligned_be16(&buf[0]) != payload_len - 2);
3506 BUG_ON(get_unaligned_be16(&buf[2]) != descriptors * 16);
3507
3508 desc = (void *)&buf[8];
3509
3510 write_lock_irqsave(&atomic_rw, iflags);
3511
3512 for (i = 0 ; i < descriptors ; i++) {
3513 unsigned long long lba = get_unaligned_be64(&desc[i].lba);
3514 unsigned int num = get_unaligned_be32(&desc[i].blocks);
3515
3516 ret = check_device_access_params(scp, lba, num, true);
3517 if (ret)
3518 goto out;
3519
3520 unmap_region(lba, num);
3521 }
3522
3523 ret = 0;
3524
3525 out:
3526 write_unlock_irqrestore(&atomic_rw, iflags);
3527 kfree(buf);
3528
3529 return ret;
3530 }
3531
3532 #define SDEBUG_GET_LBA_STATUS_LEN 32
3533
3534 static int resp_get_lba_status(struct scsi_cmnd *scp,
3535 struct sdebug_dev_info *devip)
3536 {
3537 u8 *cmd = scp->cmnd;
3538 u64 lba;
3539 u32 alloc_len, mapped, num;
3540 u8 arr[SDEBUG_GET_LBA_STATUS_LEN];
3541 int ret;
3542
3543 lba = get_unaligned_be64(cmd + 2);
3544 alloc_len = get_unaligned_be32(cmd + 10);
3545
3546 if (alloc_len < 24)
3547 return 0;
3548
3549 ret = check_device_access_params(scp, lba, 1, false);
3550 if (ret)
3551 return ret;
3552
3553 if (scsi_debug_lbp())
3554 mapped = map_state(lba, &num);
3555 else {
3556 mapped = 1;
3557 /* following just in case virtual_gb changed */
3558 sdebug_capacity = get_sdebug_capacity();
3559 if (sdebug_capacity - lba <= 0xffffffff)
3560 num = sdebug_capacity - lba;
3561 else
3562 num = 0xffffffff;
3563 }
3564
3565 memset(arr, 0, SDEBUG_GET_LBA_STATUS_LEN);
3566 put_unaligned_be32(20, arr); /* Parameter Data Length */
3567 put_unaligned_be64(lba, arr + 8); /* LBA */
3568 put_unaligned_be32(num, arr + 16); /* Number of blocks */
3569 arr[20] = !mapped; /* prov_stat=0: mapped; 1: dealloc */
3570
3571 return fill_from_dev_buffer(scp, arr, SDEBUG_GET_LBA_STATUS_LEN);
3572 }
3573
3574 static int resp_sync_cache(struct scsi_cmnd *scp,
3575 struct sdebug_dev_info *devip)
3576 {
3577 int res = 0;
3578 u64 lba;
3579 u32 num_blocks;
3580 u8 *cmd = scp->cmnd;
3581
3582 if (cmd[0] == SYNCHRONIZE_CACHE) { /* 10 byte cdb */
3583 lba = get_unaligned_be32(cmd + 2);
3584 num_blocks = get_unaligned_be16(cmd + 7);
3585 } else { /* SYNCHRONIZE_CACHE(16) */
3586 lba = get_unaligned_be64(cmd + 2);
3587 num_blocks = get_unaligned_be32(cmd + 10);
3588 }
3589 if (lba + num_blocks > sdebug_capacity) {
3590 mk_sense_buffer(scp, ILLEGAL_REQUEST, LBA_OUT_OF_RANGE, 0);
3591 return check_condition_result;
3592 }
3593 if (!write_since_sync || cmd[1] & 0x2)
3594 res = SDEG_RES_IMMED_MASK;
3595 else /* delay if write_since_sync and IMMED clear */
3596 write_since_sync = false;
3597 return res;
3598 }
3599
3600 #define RL_BUCKET_ELEMS 8
3601
3602 /* Even though each pseudo target has a REPORT LUNS "well known logical unit"
3603 * (W-LUN), the normal Linux scanning logic does not associate it with a
3604 * device (e.g. /dev/sg7). The following magic will make that association:
3605 * "cd /sys/class/scsi_host/host<n> ; echo '- - 49409' > scan"
3606 * where <n> is a host number. If there are multiple targets in a host then
3607 * the above will associate a W-LUN to each target. To only get a W-LUN
3608 * for target 2, then use "echo '- 2 49409' > scan" .
3609 */
3610 static int resp_report_luns(struct scsi_cmnd *scp,
3611 struct sdebug_dev_info *devip)
3612 {
3613 unsigned char *cmd = scp->cmnd;
3614 unsigned int alloc_len;
3615 unsigned char select_report;
3616 u64 lun;
3617 struct scsi_lun *lun_p;
3618 u8 arr[RL_BUCKET_ELEMS * sizeof(struct scsi_lun)];
3619 unsigned int lun_cnt; /* normal LUN count (max: 256) */
3620 unsigned int wlun_cnt; /* report luns W-LUN count */
3621 unsigned int tlun_cnt; /* total LUN count */
3622 unsigned int rlen; /* response length (in bytes) */
3623 int k, j, n, res;
3624 unsigned int off_rsp = 0;
3625 const int sz_lun = sizeof(struct scsi_lun);
3626
3627 clear_luns_changed_on_target(devip);
3628
3629 select_report = cmd[2];
3630 alloc_len = get_unaligned_be32(cmd + 6);
3631
3632 if (alloc_len < 4) {
3633 pr_err("alloc len too small %d\n", alloc_len);
3634 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 6, -1);
3635 return check_condition_result;
3636 }
3637
3638 switch (select_report) {
3639 case 0: /* all LUNs apart from W-LUNs */
3640 lun_cnt = sdebug_max_luns;
3641 wlun_cnt = 0;
3642 break;
3643 case 1: /* only W-LUNs */
3644 lun_cnt = 0;
3645 wlun_cnt = 1;
3646 break;
3647 case 2: /* all LUNs */
3648 lun_cnt = sdebug_max_luns;
3649 wlun_cnt = 1;
3650 break;
3651 case 0x10: /* only administrative LUs */
3652 case 0x11: /* see SPC-5 */
3653 case 0x12: /* only subsiduary LUs owned by referenced LU */
3654 default:
3655 pr_debug("select report invalid %d\n", select_report);
3656 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 2, -1);
3657 return check_condition_result;
3658 }
3659
3660 if (sdebug_no_lun_0 && (lun_cnt > 0))
3661 --lun_cnt;
3662
3663 tlun_cnt = lun_cnt + wlun_cnt;
3664 rlen = tlun_cnt * sz_lun; /* excluding 8 byte header */
3665 scsi_set_resid(scp, scsi_bufflen(scp));
3666 pr_debug("select_report %d luns = %d wluns = %d no_lun0 %d\n",
3667 select_report, lun_cnt, wlun_cnt, sdebug_no_lun_0);
3668
3669 /* loops rely on sizeof response header same as sizeof lun (both 8) */
3670 lun = sdebug_no_lun_0 ? 1 : 0;
3671 for (k = 0, j = 0, res = 0; true; ++k, j = 0) {
3672 memset(arr, 0, sizeof(arr));
3673 lun_p = (struct scsi_lun *)&arr[0];
3674 if (k == 0) {
3675 put_unaligned_be32(rlen, &arr[0]);
3676 ++lun_p;
3677 j = 1;
3678 }
3679 for ( ; j < RL_BUCKET_ELEMS; ++j, ++lun_p) {
3680 if ((k * RL_BUCKET_ELEMS) + j > lun_cnt)
3681 break;
3682 int_to_scsilun(lun++, lun_p);
3683 }
3684 if (j < RL_BUCKET_ELEMS)
3685 break;
3686 n = j * sz_lun;
3687 res = p_fill_from_dev_buffer(scp, arr, n, off_rsp);
3688 if (res)
3689 return res;
3690 off_rsp += n;
3691 }
3692 if (wlun_cnt) {
3693 int_to_scsilun(SCSI_W_LUN_REPORT_LUNS, lun_p);
3694 ++j;
3695 }
3696 if (j > 0)
3697 res = p_fill_from_dev_buffer(scp, arr, j * sz_lun, off_rsp);
3698 return res;
3699 }
3700
3701 static struct sdebug_queue *get_queue(struct scsi_cmnd *cmnd)
3702 {
3703 u32 tag = blk_mq_unique_tag(cmnd->request);
3704 u16 hwq = blk_mq_unique_tag_to_hwq(tag);
3705
3706 pr_debug("tag=%#x, hwq=%d\n", tag, hwq);
3707 if (WARN_ON_ONCE(hwq >= submit_queues))
3708 hwq = 0;
3709 return sdebug_q_arr + hwq;
3710 }
3711
3712 /* Queued (deferred) command completions converge here. */
3713 static void sdebug_q_cmd_complete(struct sdebug_defer *sd_dp)
3714 {
3715 bool aborted = sd_dp->aborted;
3716 int qc_idx;
3717 int retiring = 0;
3718 unsigned long iflags;
3719 struct sdebug_queue *sqp;
3720 struct sdebug_queued_cmd *sqcp;
3721 struct scsi_cmnd *scp;
3722 struct sdebug_dev_info *devip;
3723
3724 sd_dp->defer_t = SDEB_DEFER_NONE;
3725 if (unlikely(aborted))
3726 sd_dp->aborted = false;
3727 qc_idx = sd_dp->qc_idx;
3728 sqp = sdebug_q_arr + sd_dp->sqa_idx;
3729 if (sdebug_statistics) {
3730 atomic_inc(&sdebug_completions);
3731 if (raw_smp_processor_id() != sd_dp->issuing_cpu)
3732 atomic_inc(&sdebug_miss_cpus);
3733 }
3734 if (unlikely((qc_idx < 0) || (qc_idx >= SDEBUG_CANQUEUE))) {
3735 pr_err("wild qc_idx=%d\n", qc_idx);
3736 return;
3737 }
3738 spin_lock_irqsave(&sqp->qc_lock, iflags);
3739 sqcp = &sqp->qc_arr[qc_idx];
3740 scp = sqcp->a_cmnd;
3741 if (unlikely(scp == NULL)) {
3742 spin_unlock_irqrestore(&sqp->qc_lock, iflags);
3743 pr_err("scp is NULL, sqa_idx=%d, qc_idx=%d\n",
3744 sd_dp->sqa_idx, qc_idx);
3745 return;
3746 }
3747 devip = (struct sdebug_dev_info *)scp->device->hostdata;
3748 if (likely(devip))
3749 atomic_dec(&devip->num_in_q);
3750 else
3751 pr_err("devip=NULL\n");
3752 if (unlikely(atomic_read(&retired_max_queue) > 0))
3753 retiring = 1;
3754
3755 sqcp->a_cmnd = NULL;
3756 if (unlikely(!test_and_clear_bit(qc_idx, sqp->in_use_bm))) {
3757 spin_unlock_irqrestore(&sqp->qc_lock, iflags);
3758 pr_err("Unexpected completion\n");
3759 return;
3760 }
3761
3762 if (unlikely(retiring)) { /* user has reduced max_queue */
3763 int k, retval;
3764
3765 retval = atomic_read(&retired_max_queue);
3766 if (qc_idx >= retval) {
3767 spin_unlock_irqrestore(&sqp->qc_lock, iflags);
3768 pr_err("index %d too large\n", retval);
3769 return;
3770 }
3771 k = find_last_bit(sqp->in_use_bm, retval);
3772 if ((k < sdebug_max_queue) || (k == retval))
3773 atomic_set(&retired_max_queue, 0);
3774 else
3775 atomic_set(&retired_max_queue, k + 1);
3776 }
3777 spin_unlock_irqrestore(&sqp->qc_lock, iflags);
3778 if (unlikely(aborted)) {
3779 if (sdebug_verbose)
3780 pr_info("bypassing scsi_done() due to aborted cmd\n");
3781 return;
3782 }
3783 scp->scsi_done(scp); /* callback to mid level */
3784 }
3785
3786 /* When high resolution timer goes off this function is called. */
3787 static enum hrtimer_restart sdebug_q_cmd_hrt_complete(struct hrtimer *timer)
3788 {
3789 struct sdebug_defer *sd_dp = container_of(timer, struct sdebug_defer,
3790 hrt);
3791 sdebug_q_cmd_complete(sd_dp);
3792 return HRTIMER_NORESTART;
3793 }
3794
3795 /* When work queue schedules work, it calls this function. */
3796 static void sdebug_q_cmd_wq_complete(struct work_struct *work)
3797 {
3798 struct sdebug_defer *sd_dp = container_of(work, struct sdebug_defer,
3799 ew.work);
3800 sdebug_q_cmd_complete(sd_dp);
3801 }
3802
3803 static bool got_shared_uuid;
3804 static uuid_t shared_uuid;
3805
3806 static struct sdebug_dev_info *sdebug_device_create(
3807 struct sdebug_host_info *sdbg_host, gfp_t flags)
3808 {
3809 struct sdebug_dev_info *devip;
3810
3811 devip = kzalloc(sizeof(*devip), flags);
3812 if (devip) {
3813 if (sdebug_uuid_ctl == 1)
3814 uuid_gen(&devip->lu_name);
3815 else if (sdebug_uuid_ctl == 2) {
3816 if (got_shared_uuid)
3817 devip->lu_name = shared_uuid;
3818 else {
3819 uuid_gen(&shared_uuid);
3820 got_shared_uuid = true;
3821 devip->lu_name = shared_uuid;
3822 }
3823 }
3824 devip->sdbg_host = sdbg_host;
3825 list_add_tail(&devip->dev_list, &sdbg_host->dev_info_list);
3826 }
3827 return devip;
3828 }
3829
3830 static struct sdebug_dev_info *find_build_dev_info(struct scsi_device *sdev)
3831 {
3832 struct sdebug_host_info *sdbg_host;
3833 struct sdebug_dev_info *open_devip = NULL;
3834 struct sdebug_dev_info *devip;
3835
3836 sdbg_host = *(struct sdebug_host_info **)shost_priv(sdev->host);
3837 if (!sdbg_host) {
3838 pr_err("Host info NULL\n");
3839 return NULL;
3840 }
3841 list_for_each_entry(devip, &sdbg_host->dev_info_list, dev_list) {
3842 if ((devip->used) && (devip->channel == sdev->channel) &&
3843 (devip->target == sdev->id) &&
3844 (devip->lun == sdev->lun))
3845 return devip;
3846 else {
3847 if ((!devip->used) && (!open_devip))
3848 open_devip = devip;
3849 }
3850 }
3851 if (!open_devip) { /* try and make a new one */
3852 open_devip = sdebug_device_create(sdbg_host, GFP_ATOMIC);
3853 if (!open_devip) {
3854 pr_err("out of memory at line %d\n", __LINE__);
3855 return NULL;
3856 }
3857 }
3858
3859 open_devip->channel = sdev->channel;
3860 open_devip->target = sdev->id;
3861 open_devip->lun = sdev->lun;
3862 open_devip->sdbg_host = sdbg_host;
3863 atomic_set(&open_devip->num_in_q, 0);
3864 set_bit(SDEBUG_UA_POR, open_devip->uas_bm);
3865 open_devip->used = true;
3866 return open_devip;
3867 }
3868
3869 static int scsi_debug_slave_alloc(struct scsi_device *sdp)
3870 {
3871 if (sdebug_verbose)
3872 pr_info("slave_alloc <%u %u %u %llu>\n",
3873 sdp->host->host_no, sdp->channel, sdp->id, sdp->lun);
3874 return 0;
3875 }
3876
3877 static int scsi_debug_slave_configure(struct scsi_device *sdp)
3878 {
3879 struct sdebug_dev_info *devip =
3880 (struct sdebug_dev_info *)sdp->hostdata;
3881
3882 if (sdebug_verbose)
3883 pr_info("slave_configure <%u %u %u %llu>\n",
3884 sdp->host->host_no, sdp->channel, sdp->id, sdp->lun);
3885 if (sdp->host->max_cmd_len != SDEBUG_MAX_CMD_LEN)
3886 sdp->host->max_cmd_len = SDEBUG_MAX_CMD_LEN;
3887 if (devip == NULL) {
3888 devip = find_build_dev_info(sdp);
3889 if (devip == NULL)
3890 return 1; /* no resources, will be marked offline */
3891 }
3892 sdp->hostdata = devip;
3893 if (sdebug_no_uld)
3894 sdp->no_uld_attach = 1;
3895 config_cdb_len(sdp);
3896 return 0;
3897 }
3898
3899 static void scsi_debug_slave_destroy(struct scsi_device *sdp)
3900 {
3901 struct sdebug_dev_info *devip =
3902 (struct sdebug_dev_info *)sdp->hostdata;
3903
3904 if (sdebug_verbose)
3905 pr_info("slave_destroy <%u %u %u %llu>\n",
3906 sdp->host->host_no, sdp->channel, sdp->id, sdp->lun);
3907 if (devip) {
3908 /* make this slot available for re-use */
3909 devip->used = false;
3910 sdp->hostdata = NULL;
3911 }
3912 }
3913
3914 static void stop_qc_helper(struct sdebug_defer *sd_dp,
3915 enum sdeb_defer_type defer_t)
3916 {
3917 if (!sd_dp)
3918 return;
3919 if (defer_t == SDEB_DEFER_HRT)
3920 hrtimer_cancel(&sd_dp->hrt);
3921 else if (defer_t == SDEB_DEFER_WQ)
3922 cancel_work_sync(&sd_dp->ew.work);
3923 }
3924
3925 /* If @cmnd found deletes its timer or work queue and returns true; else
3926 returns false */
3927 static bool stop_queued_cmnd(struct scsi_cmnd *cmnd)
3928 {
3929 unsigned long iflags;
3930 int j, k, qmax, r_qmax;
3931 enum sdeb_defer_type l_defer_t;
3932 struct sdebug_queue *sqp;
3933 struct sdebug_queued_cmd *sqcp;
3934 struct sdebug_dev_info *devip;
3935 struct sdebug_defer *sd_dp;
3936
3937 for (j = 0, sqp = sdebug_q_arr; j < submit_queues; ++j, ++sqp) {
3938 spin_lock_irqsave(&sqp->qc_lock, iflags);
3939 qmax = sdebug_max_queue;
3940 r_qmax = atomic_read(&retired_max_queue);
3941 if (r_qmax > qmax)
3942 qmax = r_qmax;
3943 for (k = 0; k < qmax; ++k) {
3944 if (test_bit(k, sqp->in_use_bm)) {
3945 sqcp = &sqp->qc_arr[k];
3946 if (cmnd != sqcp->a_cmnd)
3947 continue;
3948 /* found */
3949 devip = (struct sdebug_dev_info *)
3950 cmnd->device->hostdata;
3951 if (devip)
3952 atomic_dec(&devip->num_in_q);
3953 sqcp->a_cmnd = NULL;
3954 sd_dp = sqcp->sd_dp;
3955 if (sd_dp) {
3956 l_defer_t = sd_dp->defer_t;
3957 sd_dp->defer_t = SDEB_DEFER_NONE;
3958 } else
3959 l_defer_t = SDEB_DEFER_NONE;
3960 spin_unlock_irqrestore(&sqp->qc_lock, iflags);
3961 stop_qc_helper(sd_dp, l_defer_t);
3962 clear_bit(k, sqp->in_use_bm);
3963 return true;
3964 }
3965 }
3966 spin_unlock_irqrestore(&sqp->qc_lock, iflags);
3967 }
3968 return false;
3969 }
3970
3971 /* Deletes (stops) timers or work queues of all queued commands */
3972 static void stop_all_queued(void)
3973 {
3974 unsigned long iflags;
3975 int j, k;
3976 enum sdeb_defer_type l_defer_t;
3977 struct sdebug_queue *sqp;
3978 struct sdebug_queued_cmd *sqcp;
3979 struct sdebug_dev_info *devip;
3980 struct sdebug_defer *sd_dp;
3981
3982 for (j = 0, sqp = sdebug_q_arr; j < submit_queues; ++j, ++sqp) {
3983 spin_lock_irqsave(&sqp->qc_lock, iflags);
3984 for (k = 0; k < SDEBUG_CANQUEUE; ++k) {
3985 if (test_bit(k, sqp->in_use_bm)) {
3986 sqcp = &sqp->qc_arr[k];
3987 if (sqcp->a_cmnd == NULL)
3988 continue;
3989 devip = (struct sdebug_dev_info *)
3990 sqcp->a_cmnd->device->hostdata;
3991 if (devip)
3992 atomic_dec(&devip->num_in_q);
3993 sqcp->a_cmnd = NULL;
3994 sd_dp = sqcp->sd_dp;
3995 if (sd_dp) {
3996 l_defer_t = sd_dp->defer_t;
3997 sd_dp->defer_t = SDEB_DEFER_NONE;
3998 } else
3999 l_defer_t = SDEB_DEFER_NONE;
4000 spin_unlock_irqrestore(&sqp->qc_lock, iflags);
4001 stop_qc_helper(sd_dp, l_defer_t);
4002 clear_bit(k, sqp->in_use_bm);
4003 spin_lock_irqsave(&sqp->qc_lock, iflags);
4004 }
4005 }
4006 spin_unlock_irqrestore(&sqp->qc_lock, iflags);
4007 }
4008 }
4009
4010 /* Free queued command memory on heap */
4011 static void free_all_queued(void)
4012 {
4013 int j, k;
4014 struct sdebug_queue *sqp;
4015 struct sdebug_queued_cmd *sqcp;
4016
4017 for (j = 0, sqp = sdebug_q_arr; j < submit_queues; ++j, ++sqp) {
4018 for (k = 0; k < SDEBUG_CANQUEUE; ++k) {
4019 sqcp = &sqp->qc_arr[k];
4020 kfree(sqcp->sd_dp);
4021 sqcp->sd_dp = NULL;
4022 }
4023 }
4024 }
4025
4026 static int scsi_debug_abort(struct scsi_cmnd *SCpnt)
4027 {
4028 bool ok;
4029
4030 ++num_aborts;
4031 if (SCpnt) {
4032 ok = stop_queued_cmnd(SCpnt);
4033 if (SCpnt->device && (SDEBUG_OPT_ALL_NOISE & sdebug_opts))
4034 sdev_printk(KERN_INFO, SCpnt->device,
4035 "%s: command%s found\n", __func__,
4036 ok ? "" : " not");
4037 }
4038 return SUCCESS;
4039 }
4040
4041 static int scsi_debug_device_reset(struct scsi_cmnd *SCpnt)
4042 {
4043 ++num_dev_resets;
4044 if (SCpnt && SCpnt->device) {
4045 struct scsi_device *sdp = SCpnt->device;
4046 struct sdebug_dev_info *devip =
4047 (struct sdebug_dev_info *)sdp->hostdata;
4048
4049 if (SDEBUG_OPT_ALL_NOISE & sdebug_opts)
4050 sdev_printk(KERN_INFO, sdp, "%s\n", __func__);
4051 if (devip)
4052 set_bit(SDEBUG_UA_POR, devip->uas_bm);
4053 }
4054 return SUCCESS;
4055 }
4056
4057 static int scsi_debug_target_reset(struct scsi_cmnd *SCpnt)
4058 {
4059 struct sdebug_host_info *sdbg_host;
4060 struct sdebug_dev_info *devip;
4061 struct scsi_device *sdp;
4062 struct Scsi_Host *hp;
4063 int k = 0;
4064
4065 ++num_target_resets;
4066 if (!SCpnt)
4067 goto lie;
4068 sdp = SCpnt->device;
4069 if (!sdp)
4070 goto lie;
4071 if (SDEBUG_OPT_ALL_NOISE & sdebug_opts)
4072 sdev_printk(KERN_INFO, sdp, "%s\n", __func__);
4073 hp = sdp->host;
4074 if (!hp)
4075 goto lie;
4076 sdbg_host = *(struct sdebug_host_info **)shost_priv(hp);
4077 if (sdbg_host) {
4078 list_for_each_entry(devip,
4079 &sdbg_host->dev_info_list,
4080 dev_list)
4081 if (devip->target == sdp->id) {
4082 set_bit(SDEBUG_UA_BUS_RESET, devip->uas_bm);
4083 ++k;
4084 }
4085 }
4086 if (SDEBUG_OPT_RESET_NOISE & sdebug_opts)
4087 sdev_printk(KERN_INFO, sdp,
4088 "%s: %d device(s) found in target\n", __func__, k);
4089 lie:
4090 return SUCCESS;
4091 }
4092
4093 static int scsi_debug_bus_reset(struct scsi_cmnd *SCpnt)
4094 {
4095 struct sdebug_host_info *sdbg_host;
4096 struct sdebug_dev_info *devip;
4097 struct scsi_device *sdp;
4098 struct Scsi_Host *hp;
4099 int k = 0;
4100
4101 ++num_bus_resets;
4102 if (!(SCpnt && SCpnt->device))
4103 goto lie;
4104 sdp = SCpnt->device;
4105 if (SDEBUG_OPT_ALL_NOISE & sdebug_opts)
4106 sdev_printk(KERN_INFO, sdp, "%s\n", __func__);
4107 hp = sdp->host;
4108 if (hp) {
4109 sdbg_host = *(struct sdebug_host_info **)shost_priv(hp);
4110 if (sdbg_host) {
4111 list_for_each_entry(devip,
4112 &sdbg_host->dev_info_list,
4113 dev_list) {
4114 set_bit(SDEBUG_UA_BUS_RESET, devip->uas_bm);
4115 ++k;
4116 }
4117 }
4118 }
4119 if (SDEBUG_OPT_RESET_NOISE & sdebug_opts)
4120 sdev_printk(KERN_INFO, sdp,
4121 "%s: %d device(s) found in host\n", __func__, k);
4122 lie:
4123 return SUCCESS;
4124 }
4125
4126 static int scsi_debug_host_reset(struct scsi_cmnd *SCpnt)
4127 {
4128 struct sdebug_host_info *sdbg_host;
4129 struct sdebug_dev_info *devip;
4130 int k = 0;
4131
4132 ++num_host_resets;
4133 if ((SCpnt->device) && (SDEBUG_OPT_ALL_NOISE & sdebug_opts))
4134 sdev_printk(KERN_INFO, SCpnt->device, "%s\n", __func__);
4135 spin_lock(&sdebug_host_list_lock);
4136 list_for_each_entry(sdbg_host, &sdebug_host_list, host_list) {
4137 list_for_each_entry(devip, &sdbg_host->dev_info_list,
4138 dev_list) {
4139 set_bit(SDEBUG_UA_BUS_RESET, devip->uas_bm);
4140 ++k;
4141 }
4142 }
4143 spin_unlock(&sdebug_host_list_lock);
4144 stop_all_queued();
4145 if (SDEBUG_OPT_RESET_NOISE & sdebug_opts)
4146 sdev_printk(KERN_INFO, SCpnt->device,
4147 "%s: %d device(s) found\n", __func__, k);
4148 return SUCCESS;
4149 }
4150
4151 static void __init sdebug_build_parts(unsigned char *ramp,
4152 unsigned long store_size)
4153 {
4154 struct partition *pp;
4155 int starts[SDEBUG_MAX_PARTS + 2];
4156 int sectors_per_part, num_sectors, k;
4157 int heads_by_sects, start_sec, end_sec;
4158
4159 /* assume partition table already zeroed */
4160 if ((sdebug_num_parts < 1) || (store_size < 1048576))
4161 return;
4162 if (sdebug_num_parts > SDEBUG_MAX_PARTS) {
4163 sdebug_num_parts = SDEBUG_MAX_PARTS;
4164 pr_warn("reducing partitions to %d\n", SDEBUG_MAX_PARTS);
4165 }
4166 num_sectors = (int)sdebug_store_sectors;
4167 sectors_per_part = (num_sectors - sdebug_sectors_per)
4168 / sdebug_num_parts;
4169 heads_by_sects = sdebug_heads * sdebug_sectors_per;
4170 starts[0] = sdebug_sectors_per;
4171 for (k = 1; k < sdebug_num_parts; ++k)
4172 starts[k] = ((k * sectors_per_part) / heads_by_sects)
4173 * heads_by_sects;
4174 starts[sdebug_num_parts] = num_sectors;
4175 starts[sdebug_num_parts + 1] = 0;
4176
4177 ramp[510] = 0x55; /* magic partition markings */
4178 ramp[511] = 0xAA;
4179 pp = (struct partition *)(ramp + 0x1be);
4180 for (k = 0; starts[k + 1]; ++k, ++pp) {
4181 start_sec = starts[k];
4182 end_sec = starts[k + 1] - 1;
4183 pp->boot_ind = 0;
4184
4185 pp->cyl = start_sec / heads_by_sects;
4186 pp->head = (start_sec - (pp->cyl * heads_by_sects))
4187 / sdebug_sectors_per;
4188 pp->sector = (start_sec % sdebug_sectors_per) + 1;
4189
4190 pp->end_cyl = end_sec / heads_by_sects;
4191 pp->end_head = (end_sec - (pp->end_cyl * heads_by_sects))
4192 / sdebug_sectors_per;
4193 pp->end_sector = (end_sec % sdebug_sectors_per) + 1;
4194
4195 pp->start_sect = cpu_to_le32(start_sec);
4196 pp->nr_sects = cpu_to_le32(end_sec - start_sec + 1);
4197 pp->sys_ind = 0x83; /* plain Linux partition */
4198 }
4199 }
4200
4201 static void block_unblock_all_queues(bool block)
4202 {
4203 int j;
4204 struct sdebug_queue *sqp;
4205
4206 for (j = 0, sqp = sdebug_q_arr; j < submit_queues; ++j, ++sqp)
4207 atomic_set(&sqp->blocked, (int)block);
4208 }
4209
4210 /* Adjust (by rounding down) the sdebug_cmnd_count so abs(every_nth)-1
4211 * commands will be processed normally before triggers occur.
4212 */
4213 static void tweak_cmnd_count(void)
4214 {
4215 int count, modulo;
4216
4217 modulo = abs(sdebug_every_nth);
4218 if (modulo < 2)
4219 return;
4220 block_unblock_all_queues(true);
4221 count = atomic_read(&sdebug_cmnd_count);
4222 atomic_set(&sdebug_cmnd_count, (count / modulo) * modulo);
4223 block_unblock_all_queues(false);
4224 }
4225
4226 static void clear_queue_stats(void)
4227 {
4228 atomic_set(&sdebug_cmnd_count, 0);
4229 atomic_set(&sdebug_completions, 0);
4230 atomic_set(&sdebug_miss_cpus, 0);
4231 atomic_set(&sdebug_a_tsf, 0);
4232 }
4233
4234 static void setup_inject(struct sdebug_queue *sqp,
4235 struct sdebug_queued_cmd *sqcp)
4236 {
4237 if ((atomic_read(&sdebug_cmnd_count) % abs(sdebug_every_nth)) > 0) {
4238 if (sdebug_every_nth > 0)
4239 sqcp->inj_recovered = sqcp->inj_transport
4240 = sqcp->inj_dif
4241 = sqcp->inj_dix = sqcp->inj_short
4242 = sqcp->inj_host_busy = sqcp->inj_cmd_abort = 0;
4243 return;
4244 }
4245 sqcp->inj_recovered = !!(SDEBUG_OPT_RECOVERED_ERR & sdebug_opts);
4246 sqcp->inj_transport = !!(SDEBUG_OPT_TRANSPORT_ERR & sdebug_opts);
4247 sqcp->inj_dif = !!(SDEBUG_OPT_DIF_ERR & sdebug_opts);
4248 sqcp->inj_dix = !!(SDEBUG_OPT_DIX_ERR & sdebug_opts);
4249 sqcp->inj_short = !!(SDEBUG_OPT_SHORT_TRANSFER & sdebug_opts);
4250 sqcp->inj_host_busy = !!(SDEBUG_OPT_HOST_BUSY & sdebug_opts);
4251 sqcp->inj_cmd_abort = !!(SDEBUG_OPT_CMD_ABORT & sdebug_opts);
4252 }
4253
4254 /* Complete the processing of the thread that queued a SCSI command to this
4255 * driver. It either completes the command by calling cmnd_done() or
4256 * schedules a hr timer or work queue then returns 0. Returns
4257 * SCSI_MLQUEUE_HOST_BUSY if temporarily out of resources.
4258 */
4259 static int schedule_resp(struct scsi_cmnd *cmnd, struct sdebug_dev_info *devip,
4260 int scsi_result,
4261 int (*pfp)(struct scsi_cmnd *,
4262 struct sdebug_dev_info *),
4263 int delta_jiff, int ndelay)
4264 {
4265 unsigned long iflags;
4266 int k, num_in_q, qdepth, inject;
4267 struct sdebug_queue *sqp;
4268 struct sdebug_queued_cmd *sqcp;
4269 struct scsi_device *sdp;
4270 struct sdebug_defer *sd_dp;
4271
4272 if (unlikely(devip == NULL)) {
4273 if (scsi_result == 0)
4274 scsi_result = DID_NO_CONNECT << 16;
4275 goto respond_in_thread;
4276 }
4277 sdp = cmnd->device;
4278
4279 if (delta_jiff == 0)
4280 goto respond_in_thread;
4281
4282 /* schedule the response at a later time if resources permit */
4283 sqp = get_queue(cmnd);
4284 spin_lock_irqsave(&sqp->qc_lock, iflags);
4285 if (unlikely(atomic_read(&sqp->blocked))) {
4286 spin_unlock_irqrestore(&sqp->qc_lock, iflags);
4287 return SCSI_MLQUEUE_HOST_BUSY;
4288 }
4289 num_in_q = atomic_read(&devip->num_in_q);
4290 qdepth = cmnd->device->queue_depth;
4291 inject = 0;
4292 if (unlikely((qdepth > 0) && (num_in_q >= qdepth))) {
4293 if (scsi_result) {
4294 spin_unlock_irqrestore(&sqp->qc_lock, iflags);
4295 goto respond_in_thread;
4296 } else
4297 scsi_result = device_qfull_result;
4298 } else if (unlikely(sdebug_every_nth &&
4299 (SDEBUG_OPT_RARE_TSF & sdebug_opts) &&
4300 (scsi_result == 0))) {
4301 if ((num_in_q == (qdepth - 1)) &&
4302 (atomic_inc_return(&sdebug_a_tsf) >=
4303 abs(sdebug_every_nth))) {
4304 atomic_set(&sdebug_a_tsf, 0);
4305 inject = 1;
4306 scsi_result = device_qfull_result;
4307 }
4308 }
4309
4310 k = find_first_zero_bit(sqp->in_use_bm, sdebug_max_queue);
4311 if (unlikely(k >= sdebug_max_queue)) {
4312 spin_unlock_irqrestore(&sqp->qc_lock, iflags);
4313 if (scsi_result)
4314 goto respond_in_thread;
4315 else if (SDEBUG_OPT_ALL_TSF & sdebug_opts)
4316 scsi_result = device_qfull_result;
4317 if (SDEBUG_OPT_Q_NOISE & sdebug_opts)
4318 sdev_printk(KERN_INFO, sdp,
4319 "%s: max_queue=%d exceeded, %s\n",
4320 __func__, sdebug_max_queue,
4321 (scsi_result ? "status: TASK SET FULL" :
4322 "report: host busy"));
4323 if (scsi_result)
4324 goto respond_in_thread;
4325 else
4326 return SCSI_MLQUEUE_HOST_BUSY;
4327 }
4328 __set_bit(k, sqp->in_use_bm);
4329 atomic_inc(&devip->num_in_q);
4330 sqcp = &sqp->qc_arr[k];
4331 sqcp->a_cmnd = cmnd;
4332 cmnd->host_scribble = (unsigned char *)sqcp;
4333 sd_dp = sqcp->sd_dp;
4334 spin_unlock_irqrestore(&sqp->qc_lock, iflags);
4335 if (unlikely(sdebug_every_nth && sdebug_any_injecting_opt))
4336 setup_inject(sqp, sqcp);
4337 if (sd_dp == NULL) {
4338 sd_dp = kzalloc(sizeof(*sd_dp), GFP_ATOMIC);
4339 if (sd_dp == NULL)
4340 return SCSI_MLQUEUE_HOST_BUSY;
4341 }
4342
4343 cmnd->result = pfp != NULL ? pfp(cmnd, devip) : 0;
4344 if (cmnd->result & SDEG_RES_IMMED_MASK) {
4345 /*
4346 * This is the F_DELAY_OVERR case. No delay.
4347 */
4348 cmnd->result &= ~SDEG_RES_IMMED_MASK;
4349 delta_jiff = ndelay = 0;
4350 }
4351 if (cmnd->result == 0 && scsi_result != 0)
4352 cmnd->result = scsi_result;
4353
4354 if (unlikely(sdebug_verbose && cmnd->result))
4355 sdev_printk(KERN_INFO, sdp, "%s: non-zero result=0x%x\n",
4356 __func__, cmnd->result);
4357
4358 if (delta_jiff > 0 || ndelay > 0) {
4359 ktime_t kt;
4360
4361 if (delta_jiff > 0) {
4362 kt = ns_to_ktime((u64)delta_jiff * (NSEC_PER_SEC / HZ));
4363 } else
4364 kt = ndelay;
4365 if (!sd_dp->init_hrt) {
4366 sd_dp->init_hrt = true;
4367 sqcp->sd_dp = sd_dp;
4368 hrtimer_init(&sd_dp->hrt, CLOCK_MONOTONIC,
4369 HRTIMER_MODE_REL_PINNED);
4370 sd_dp->hrt.function = sdebug_q_cmd_hrt_complete;
4371 sd_dp->sqa_idx = sqp - sdebug_q_arr;
4372 sd_dp->qc_idx = k;
4373 }
4374 if (sdebug_statistics)
4375 sd_dp->issuing_cpu = raw_smp_processor_id();
4376 sd_dp->defer_t = SDEB_DEFER_HRT;
4377 hrtimer_start(&sd_dp->hrt, kt, HRTIMER_MODE_REL_PINNED);
4378 } else { /* jdelay < 0, use work queue */
4379 if (!sd_dp->init_wq) {
4380 sd_dp->init_wq = true;
4381 sqcp->sd_dp = sd_dp;
4382 sd_dp->sqa_idx = sqp - sdebug_q_arr;
4383 sd_dp->qc_idx = k;
4384 INIT_WORK(&sd_dp->ew.work, sdebug_q_cmd_wq_complete);
4385 }
4386 if (sdebug_statistics)
4387 sd_dp->issuing_cpu = raw_smp_processor_id();
4388 sd_dp->defer_t = SDEB_DEFER_WQ;
4389 if (unlikely(sqcp->inj_cmd_abort))
4390 sd_dp->aborted = true;
4391 schedule_work(&sd_dp->ew.work);
4392 if (unlikely(sqcp->inj_cmd_abort)) {
4393 sdev_printk(KERN_INFO, sdp, "abort request tag %d\n",
4394 cmnd->request->tag);
4395 blk_abort_request(cmnd->request);
4396 }
4397 }
4398 if (unlikely((SDEBUG_OPT_Q_NOISE & sdebug_opts) &&
4399 (scsi_result == device_qfull_result)))
4400 sdev_printk(KERN_INFO, sdp,
4401 "%s: num_in_q=%d +1, %s%s\n", __func__,
4402 num_in_q, (inject ? "<inject> " : ""),
4403 "status: TASK SET FULL");
4404 return 0;
4405
4406 respond_in_thread: /* call back to mid-layer using invocation thread */
4407 cmnd->result = pfp != NULL ? pfp(cmnd, devip) : 0;
4408 cmnd->result &= ~SDEG_RES_IMMED_MASK;
4409 if (cmnd->result == 0 && scsi_result != 0)
4410 cmnd->result = scsi_result;
4411 cmnd->scsi_done(cmnd);
4412 return 0;
4413 }
4414
4415 /* Note: The following macros create attribute files in the
4416 /sys/module/scsi_debug/parameters directory. Unfortunately this
4417 driver is unaware of a change and cannot trigger auxiliary actions
4418 as it can when the corresponding attribute in the
4419 /sys/bus/pseudo/drivers/scsi_debug directory is changed.
4420 */
4421 module_param_named(add_host, sdebug_add_host, int, S_IRUGO | S_IWUSR);
4422 module_param_named(ato, sdebug_ato, int, S_IRUGO);
4423 module_param_named(cdb_len, sdebug_cdb_len, int, 0644);
4424 module_param_named(clustering, sdebug_clustering, bool, S_IRUGO | S_IWUSR);
4425 module_param_named(delay, sdebug_jdelay, int, S_IRUGO | S_IWUSR);
4426 module_param_named(dev_size_mb, sdebug_dev_size_mb, int, S_IRUGO);
4427 module_param_named(dif, sdebug_dif, int, S_IRUGO);
4428 module_param_named(dix, sdebug_dix, int, S_IRUGO);
4429 module_param_named(dsense, sdebug_dsense, int, S_IRUGO | S_IWUSR);
4430 module_param_named(every_nth, sdebug_every_nth, int, S_IRUGO | S_IWUSR);
4431 module_param_named(fake_rw, sdebug_fake_rw, int, S_IRUGO | S_IWUSR);
4432 module_param_named(guard, sdebug_guard, uint, S_IRUGO);
4433 module_param_named(host_lock, sdebug_host_lock, bool, S_IRUGO | S_IWUSR);
4434 module_param_string(inq_vendor, sdebug_inq_vendor_id,
4435 sizeof(sdebug_inq_vendor_id), S_IRUGO|S_IWUSR);
4436 module_param_string(inq_product, sdebug_inq_product_id,
4437 sizeof(sdebug_inq_product_id), S_IRUGO|S_IWUSR);
4438 module_param_string(inq_rev, sdebug_inq_product_rev,
4439 sizeof(sdebug_inq_product_rev), S_IRUGO|S_IWUSR);
4440 module_param_named(lbpu, sdebug_lbpu, int, S_IRUGO);
4441 module_param_named(lbpws, sdebug_lbpws, int, S_IRUGO);
4442 module_param_named(lbpws10, sdebug_lbpws10, int, S_IRUGO);
4443 module_param_named(lbprz, sdebug_lbprz, int, S_IRUGO);
4444 module_param_named(lowest_aligned, sdebug_lowest_aligned, int, S_IRUGO);
4445 module_param_named(max_luns, sdebug_max_luns, int, S_IRUGO | S_IWUSR);
4446 module_param_named(max_queue, sdebug_max_queue, int, S_IRUGO | S_IWUSR);
4447 module_param_named(medium_error_start, sdebug_medium_error_start, int, S_IRUGO | S_IWUSR);
4448 module_param_named(medium_error_count, sdebug_medium_error_count, int, S_IRUGO | S_IWUSR);
4449 module_param_named(ndelay, sdebug_ndelay, int, S_IRUGO | S_IWUSR);
4450 module_param_named(no_lun_0, sdebug_no_lun_0, int, S_IRUGO | S_IWUSR);
4451 module_param_named(no_uld, sdebug_no_uld, int, S_IRUGO);
4452 module_param_named(num_parts, sdebug_num_parts, int, S_IRUGO);
4453 module_param_named(num_tgts, sdebug_num_tgts, int, S_IRUGO | S_IWUSR);
4454 module_param_named(opt_blks, sdebug_opt_blks, int, S_IRUGO);
4455 module_param_named(opts, sdebug_opts, int, S_IRUGO | S_IWUSR);
4456 module_param_named(physblk_exp, sdebug_physblk_exp, int, S_IRUGO);
4457 module_param_named(opt_xferlen_exp, sdebug_opt_xferlen_exp, int, S_IRUGO);
4458 module_param_named(ptype, sdebug_ptype, int, S_IRUGO | S_IWUSR);
4459 module_param_named(removable, sdebug_removable, bool, S_IRUGO | S_IWUSR);
4460 module_param_named(scsi_level, sdebug_scsi_level, int, S_IRUGO);
4461 module_param_named(sector_size, sdebug_sector_size, int, S_IRUGO);
4462 module_param_named(statistics, sdebug_statistics, bool, S_IRUGO | S_IWUSR);
4463 module_param_named(strict, sdebug_strict, bool, S_IRUGO | S_IWUSR);
4464 module_param_named(submit_queues, submit_queues, int, S_IRUGO);
4465 module_param_named(unmap_alignment, sdebug_unmap_alignment, int, S_IRUGO);
4466 module_param_named(unmap_granularity, sdebug_unmap_granularity, int, S_IRUGO);
4467 module_param_named(unmap_max_blocks, sdebug_unmap_max_blocks, int, S_IRUGO);
4468 module_param_named(unmap_max_desc, sdebug_unmap_max_desc, int, S_IRUGO);
4469 module_param_named(virtual_gb, sdebug_virtual_gb, int, S_IRUGO | S_IWUSR);
4470 module_param_named(uuid_ctl, sdebug_uuid_ctl, int, S_IRUGO);
4471 module_param_named(vpd_use_hostno, sdebug_vpd_use_hostno, int,
4472 S_IRUGO | S_IWUSR);
4473 module_param_named(wp, sdebug_wp, bool, S_IRUGO | S_IWUSR);
4474 module_param_named(write_same_length, sdebug_write_same_length, int,
4475 S_IRUGO | S_IWUSR);
4476
4477 MODULE_AUTHOR("Eric Youngdale + Douglas Gilbert");
4478 MODULE_DESCRIPTION("SCSI debug adapter driver");
4479 MODULE_LICENSE("GPL");
4480 MODULE_VERSION(SDEBUG_VERSION);
4481
4482 MODULE_PARM_DESC(add_host, "0..127 hosts allowed(def=1)");
4483 MODULE_PARM_DESC(ato, "application tag ownership: 0=disk 1=host (def=1)");
4484 MODULE_PARM_DESC(cdb_len, "suggest CDB lengths to drivers (def=10)");
4485 MODULE_PARM_DESC(clustering, "when set enables larger transfers (def=0)");
4486 MODULE_PARM_DESC(delay, "response delay (def=1 jiffy); 0:imm, -1,-2:tiny");
4487 MODULE_PARM_DESC(dev_size_mb, "size in MiB of ram shared by devs(def=8)");
4488 MODULE_PARM_DESC(dif, "data integrity field type: 0-3 (def=0)");
4489 MODULE_PARM_DESC(dix, "data integrity extensions mask (def=0)");
4490 MODULE_PARM_DESC(dsense, "use descriptor sense format(def=0 -> fixed)");
4491 MODULE_PARM_DESC(every_nth, "timeout every nth command(def=0)");
4492 MODULE_PARM_DESC(fake_rw, "fake reads/writes instead of copying (def=0)");
4493 MODULE_PARM_DESC(guard, "protection checksum: 0=crc, 1=ip (def=0)");
4494 MODULE_PARM_DESC(host_lock, "host_lock is ignored (def=0)");
4495 MODULE_PARM_DESC(inq_vendor, "SCSI INQUIRY vendor string (def=\"Linux\")");
4496 MODULE_PARM_DESC(inq_product, "SCSI INQUIRY product string (def=\"scsi_debug\")");
4497 MODULE_PARM_DESC(inq_rev, "SCSI INQUIRY revision string (def=\""
4498 SDEBUG_VERSION "\")");
4499 MODULE_PARM_DESC(lbpu, "enable LBP, support UNMAP command (def=0)");
4500 MODULE_PARM_DESC(lbpws, "enable LBP, support WRITE SAME(16) with UNMAP bit (def=0)");
4501 MODULE_PARM_DESC(lbpws10, "enable LBP, support WRITE SAME(10) with UNMAP bit (def=0)");
4502 MODULE_PARM_DESC(lbprz,
4503 "on read unmapped LBs return 0 when 1 (def), return 0xff when 2");
4504 MODULE_PARM_DESC(lowest_aligned, "lowest aligned lba (def=0)");
4505 MODULE_PARM_DESC(max_luns, "number of LUNs per target to simulate(def=1)");
4506 MODULE_PARM_DESC(max_queue, "max number of queued commands (1 to max(def))");
4507 MODULE_PARM_DESC(medium_error_start, "starting sector number to return MEDIUM error");
4508 MODULE_PARM_DESC(medium_error_count, "count of sectors to return follow on MEDIUM error");
4509 MODULE_PARM_DESC(ndelay, "response delay in nanoseconds (def=0 -> ignore)");
4510 MODULE_PARM_DESC(no_lun_0, "no LU number 0 (def=0 -> have lun 0)");
4511 MODULE_PARM_DESC(no_uld, "stop ULD (e.g. sd driver) attaching (def=0))");
4512 MODULE_PARM_DESC(num_parts, "number of partitions(def=0)");
4513 MODULE_PARM_DESC(num_tgts, "number of targets per host to simulate(def=1)");
4514 MODULE_PARM_DESC(opt_blks, "optimal transfer length in blocks (def=1024)");
4515 MODULE_PARM_DESC(opts, "1->noise, 2->medium_err, 4->timeout, 8->recovered_err... (def=0)");
4516 MODULE_PARM_DESC(physblk_exp, "physical block exponent (def=0)");
4517 MODULE_PARM_DESC(opt_xferlen_exp, "optimal transfer length granularity exponent (def=physblk_exp)");
4518 MODULE_PARM_DESC(ptype, "SCSI peripheral type(def=0[disk])");
4519 MODULE_PARM_DESC(removable, "claim to have removable media (def=0)");
4520 MODULE_PARM_DESC(scsi_level, "SCSI level to simulate(def=7[SPC-5])");
4521 MODULE_PARM_DESC(sector_size, "logical block size in bytes (def=512)");
4522 MODULE_PARM_DESC(statistics, "collect statistics on commands, queues (def=0)");
4523 MODULE_PARM_DESC(strict, "stricter checks: reserved field in cdb (def=0)");
4524 MODULE_PARM_DESC(submit_queues, "support for block multi-queue (def=1)");
4525 MODULE_PARM_DESC(unmap_alignment, "lowest aligned thin provisioning lba (def=0)");
4526 MODULE_PARM_DESC(unmap_granularity, "thin provisioning granularity in blocks (def=1)");
4527 MODULE_PARM_DESC(unmap_max_blocks, "max # of blocks can be unmapped in one cmd (def=0xffffffff)");
4528 MODULE_PARM_DESC(unmap_max_desc, "max # of ranges that can be unmapped in one cmd (def=256)");
4529 MODULE_PARM_DESC(uuid_ctl,
4530 "1->use uuid for lu name, 0->don't, 2->all use same (def=0)");
4531 MODULE_PARM_DESC(virtual_gb, "virtual gigabyte (GiB) size (def=0 -> use dev_size_mb)");
4532 MODULE_PARM_DESC(vpd_use_hostno, "0 -> dev ids ignore hostno (def=1 -> unique dev ids)");
4533 MODULE_PARM_DESC(wp, "Write Protect (def=0)");
4534 MODULE_PARM_DESC(write_same_length, "Maximum blocks per WRITE SAME cmd (def=0xffff)");
4535
4536 #define SDEBUG_INFO_LEN 256
4537 static char sdebug_info[SDEBUG_INFO_LEN];
4538
4539 static const char *scsi_debug_info(struct Scsi_Host *shp)
4540 {
4541 int k;
4542
4543 k = scnprintf(sdebug_info, SDEBUG_INFO_LEN, "%s: version %s [%s]\n",
4544 my_name, SDEBUG_VERSION, sdebug_version_date);
4545 if (k >= (SDEBUG_INFO_LEN - 1))
4546 return sdebug_info;
4547 scnprintf(sdebug_info + k, SDEBUG_INFO_LEN - k,
4548 " dev_size_mb=%d, opts=0x%x, submit_queues=%d, %s=%d",
4549 sdebug_dev_size_mb, sdebug_opts, submit_queues,
4550 "statistics", (int)sdebug_statistics);
4551 return sdebug_info;
4552 }
4553
4554 /* 'echo <val> > /proc/scsi/scsi_debug/<host_id>' writes to opts */
4555 static int scsi_debug_write_info(struct Scsi_Host *host, char *buffer,
4556 int length)
4557 {
4558 char arr[16];
4559 int opts;
4560 int minLen = length > 15 ? 15 : length;
4561
4562 if (!capable(CAP_SYS_ADMIN) || !capable(CAP_SYS_RAWIO))
4563 return -EACCES;
4564 memcpy(arr, buffer, minLen);
4565 arr[minLen] = '\0';
4566 if (1 != sscanf(arr, "%d", &opts))
4567 return -EINVAL;
4568 sdebug_opts = opts;
4569 sdebug_verbose = !!(SDEBUG_OPT_NOISE & opts);
4570 sdebug_any_injecting_opt = !!(SDEBUG_OPT_ALL_INJECTING & opts);
4571 if (sdebug_every_nth != 0)
4572 tweak_cmnd_count();
4573 return length;
4574 }
4575
4576 /* Output seen with 'cat /proc/scsi/scsi_debug/<host_id>'. It will be the
4577 * same for each scsi_debug host (if more than one). Some of the counters
4578 * output are not atomics so might be inaccurate in a busy system. */
4579 static int scsi_debug_show_info(struct seq_file *m, struct Scsi_Host *host)
4580 {
4581 int f, j, l;
4582 struct sdebug_queue *sqp;
4583
4584 seq_printf(m, "scsi_debug adapter driver, version %s [%s]\n",
4585 SDEBUG_VERSION, sdebug_version_date);
4586 seq_printf(m, "num_tgts=%d, %ssize=%d MB, opts=0x%x, every_nth=%d\n",
4587 sdebug_num_tgts, "shared (ram) ", sdebug_dev_size_mb,
4588 sdebug_opts, sdebug_every_nth);
4589 seq_printf(m, "delay=%d, ndelay=%d, max_luns=%d, sector_size=%d %s\n",
4590 sdebug_jdelay, sdebug_ndelay, sdebug_max_luns,
4591 sdebug_sector_size, "bytes");
4592 seq_printf(m, "cylinders=%d, heads=%d, sectors=%d, command aborts=%d\n",
4593 sdebug_cylinders_per, sdebug_heads, sdebug_sectors_per,
4594 num_aborts);
4595 seq_printf(m, "RESETs: device=%d, target=%d, bus=%d, host=%d\n",
4596 num_dev_resets, num_target_resets, num_bus_resets,
4597 num_host_resets);
4598 seq_printf(m, "dix_reads=%d, dix_writes=%d, dif_errors=%d\n",
4599 dix_reads, dix_writes, dif_errors);
4600 seq_printf(m, "usec_in_jiffy=%lu, statistics=%d\n", TICK_NSEC / 1000,
4601 sdebug_statistics);
4602 seq_printf(m, "cmnd_count=%d, completions=%d, %s=%d, a_tsf=%d\n",
4603 atomic_read(&sdebug_cmnd_count),
4604 atomic_read(&sdebug_completions),
4605 "miss_cpus", atomic_read(&sdebug_miss_cpus),
4606 atomic_read(&sdebug_a_tsf));
4607
4608 seq_printf(m, "submit_queues=%d\n", submit_queues);
4609 for (j = 0, sqp = sdebug_q_arr; j < submit_queues; ++j, ++sqp) {
4610 seq_printf(m, " queue %d:\n", j);
4611 f = find_first_bit(sqp->in_use_bm, sdebug_max_queue);
4612 if (f != sdebug_max_queue) {
4613 l = find_last_bit(sqp->in_use_bm, sdebug_max_queue);
4614 seq_printf(m, " in_use_bm BUSY: %s: %d,%d\n",
4615 "first,last bits", f, l);
4616 }
4617 }
4618 return 0;
4619 }
4620
4621 static ssize_t delay_show(struct device_driver *ddp, char *buf)
4622 {
4623 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_jdelay);
4624 }
4625 /* Returns -EBUSY if jdelay is being changed and commands are queued. The unit
4626 * of delay is jiffies.
4627 */
4628 static ssize_t delay_store(struct device_driver *ddp, const char *buf,
4629 size_t count)
4630 {
4631 int jdelay, res;
4632
4633 if (count > 0 && sscanf(buf, "%d", &jdelay) == 1) {
4634 res = count;
4635 if (sdebug_jdelay != jdelay) {
4636 int j, k;
4637 struct sdebug_queue *sqp;
4638
4639 block_unblock_all_queues(true);
4640 for (j = 0, sqp = sdebug_q_arr; j < submit_queues;
4641 ++j, ++sqp) {
4642 k = find_first_bit(sqp->in_use_bm,
4643 sdebug_max_queue);
4644 if (k != sdebug_max_queue) {
4645 res = -EBUSY; /* queued commands */
4646 break;
4647 }
4648 }
4649 if (res > 0) {
4650 sdebug_jdelay = jdelay;
4651 sdebug_ndelay = 0;
4652 }
4653 block_unblock_all_queues(false);
4654 }
4655 return res;
4656 }
4657 return -EINVAL;
4658 }
4659 static DRIVER_ATTR_RW(delay);
4660
4661 static ssize_t ndelay_show(struct device_driver *ddp, char *buf)
4662 {
4663 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_ndelay);
4664 }
4665 /* Returns -EBUSY if ndelay is being changed and commands are queued */
4666 /* If > 0 and accepted then sdebug_jdelay is set to JDELAY_OVERRIDDEN */
4667 static ssize_t ndelay_store(struct device_driver *ddp, const char *buf,
4668 size_t count)
4669 {
4670 int ndelay, res;
4671
4672 if ((count > 0) && (1 == sscanf(buf, "%d", &ndelay)) &&
4673 (ndelay >= 0) && (ndelay < (1000 * 1000 * 1000))) {
4674 res = count;
4675 if (sdebug_ndelay != ndelay) {
4676 int j, k;
4677 struct sdebug_queue *sqp;
4678
4679 block_unblock_all_queues(true);
4680 for (j = 0, sqp = sdebug_q_arr; j < submit_queues;
4681 ++j, ++sqp) {
4682 k = find_first_bit(sqp->in_use_bm,
4683 sdebug_max_queue);
4684 if (k != sdebug_max_queue) {
4685 res = -EBUSY; /* queued commands */
4686 break;
4687 }
4688 }
4689 if (res > 0) {
4690 sdebug_ndelay = ndelay;
4691 sdebug_jdelay = ndelay ? JDELAY_OVERRIDDEN
4692 : DEF_JDELAY;
4693 }
4694 block_unblock_all_queues(false);
4695 }
4696 return res;
4697 }
4698 return -EINVAL;
4699 }
4700 static DRIVER_ATTR_RW(ndelay);
4701
4702 static ssize_t opts_show(struct device_driver *ddp, char *buf)
4703 {
4704 return scnprintf(buf, PAGE_SIZE, "0x%x\n", sdebug_opts);
4705 }
4706
4707 static ssize_t opts_store(struct device_driver *ddp, const char *buf,
4708 size_t count)
4709 {
4710 int opts;
4711 char work[20];
4712
4713 if (sscanf(buf, "%10s", work) == 1) {
4714 if (strncasecmp(work, "0x", 2) == 0) {
4715 if (kstrtoint(work + 2, 16, &opts) == 0)
4716 goto opts_done;
4717 } else {
4718 if (kstrtoint(work, 10, &opts) == 0)
4719 goto opts_done;
4720 }
4721 }
4722 return -EINVAL;
4723 opts_done:
4724 sdebug_opts = opts;
4725 sdebug_verbose = !!(SDEBUG_OPT_NOISE & opts);
4726 sdebug_any_injecting_opt = !!(SDEBUG_OPT_ALL_INJECTING & opts);
4727 tweak_cmnd_count();
4728 return count;
4729 }
4730 static DRIVER_ATTR_RW(opts);
4731
4732 static ssize_t ptype_show(struct device_driver *ddp, char *buf)
4733 {
4734 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_ptype);
4735 }
4736 static ssize_t ptype_store(struct device_driver *ddp, const char *buf,
4737 size_t count)
4738 {
4739 int n;
4740
4741 if ((count > 0) && (1 == sscanf(buf, "%d", &n)) && (n >= 0)) {
4742 sdebug_ptype = n;
4743 return count;
4744 }
4745 return -EINVAL;
4746 }
4747 static DRIVER_ATTR_RW(ptype);
4748
4749 static ssize_t dsense_show(struct device_driver *ddp, char *buf)
4750 {
4751 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_dsense);
4752 }
4753 static ssize_t dsense_store(struct device_driver *ddp, const char *buf,
4754 size_t count)
4755 {
4756 int n;
4757
4758 if ((count > 0) && (1 == sscanf(buf, "%d", &n)) && (n >= 0)) {
4759 sdebug_dsense = n;
4760 return count;
4761 }
4762 return -EINVAL;
4763 }
4764 static DRIVER_ATTR_RW(dsense);
4765
4766 static ssize_t fake_rw_show(struct device_driver *ddp, char *buf)
4767 {
4768 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_fake_rw);
4769 }
4770 static ssize_t fake_rw_store(struct device_driver *ddp, const char *buf,
4771 size_t count)
4772 {
4773 int n;
4774
4775 if ((count > 0) && (1 == sscanf(buf, "%d", &n)) && (n >= 0)) {
4776 n = (n > 0);
4777 sdebug_fake_rw = (sdebug_fake_rw > 0);
4778 if (sdebug_fake_rw != n) {
4779 if ((0 == n) && (NULL == fake_storep)) {
4780 unsigned long sz =
4781 (unsigned long)sdebug_dev_size_mb *
4782 1048576;
4783
4784 fake_storep = vzalloc(sz);
4785 if (NULL == fake_storep) {
4786 pr_err("out of memory, 9\n");
4787 return -ENOMEM;
4788 }
4789 }
4790 sdebug_fake_rw = n;
4791 }
4792 return count;
4793 }
4794 return -EINVAL;
4795 }
4796 static DRIVER_ATTR_RW(fake_rw);
4797
4798 static ssize_t no_lun_0_show(struct device_driver *ddp, char *buf)
4799 {
4800 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_no_lun_0);
4801 }
4802 static ssize_t no_lun_0_store(struct device_driver *ddp, const char *buf,
4803 size_t count)
4804 {
4805 int n;
4806
4807 if ((count > 0) && (1 == sscanf(buf, "%d", &n)) && (n >= 0)) {
4808 sdebug_no_lun_0 = n;
4809 return count;
4810 }
4811 return -EINVAL;
4812 }
4813 static DRIVER_ATTR_RW(no_lun_0);
4814
4815 static ssize_t num_tgts_show(struct device_driver *ddp, char *buf)
4816 {
4817 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_num_tgts);
4818 }
4819 static ssize_t num_tgts_store(struct device_driver *ddp, const char *buf,
4820 size_t count)
4821 {
4822 int n;
4823
4824 if ((count > 0) && (1 == sscanf(buf, "%d", &n)) && (n >= 0)) {
4825 sdebug_num_tgts = n;
4826 sdebug_max_tgts_luns();
4827 return count;
4828 }
4829 return -EINVAL;
4830 }
4831 static DRIVER_ATTR_RW(num_tgts);
4832
4833 static ssize_t dev_size_mb_show(struct device_driver *ddp, char *buf)
4834 {
4835 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_dev_size_mb);
4836 }
4837 static DRIVER_ATTR_RO(dev_size_mb);
4838
4839 static ssize_t num_parts_show(struct device_driver *ddp, char *buf)
4840 {
4841 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_num_parts);
4842 }
4843 static DRIVER_ATTR_RO(num_parts);
4844
4845 static ssize_t every_nth_show(struct device_driver *ddp, char *buf)
4846 {
4847 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_every_nth);
4848 }
4849 static ssize_t every_nth_store(struct device_driver *ddp, const char *buf,
4850 size_t count)
4851 {
4852 int nth;
4853
4854 if ((count > 0) && (1 == sscanf(buf, "%d", &nth))) {
4855 sdebug_every_nth = nth;
4856 if (nth && !sdebug_statistics) {
4857 pr_info("every_nth needs statistics=1, set it\n");
4858 sdebug_statistics = true;
4859 }
4860 tweak_cmnd_count();
4861 return count;
4862 }
4863 return -EINVAL;
4864 }
4865 static DRIVER_ATTR_RW(every_nth);
4866
4867 static ssize_t max_luns_show(struct device_driver *ddp, char *buf)
4868 {
4869 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_max_luns);
4870 }
4871 static ssize_t max_luns_store(struct device_driver *ddp, const char *buf,
4872 size_t count)
4873 {
4874 int n;
4875 bool changed;
4876
4877 if ((count > 0) && (1 == sscanf(buf, "%d", &n)) && (n >= 0)) {
4878 if (n > 256) {
4879 pr_warn("max_luns can be no more than 256\n");
4880 return -EINVAL;
4881 }
4882 changed = (sdebug_max_luns != n);
4883 sdebug_max_luns = n;
4884 sdebug_max_tgts_luns();
4885 if (changed && (sdebug_scsi_level >= 5)) { /* >= SPC-3 */
4886 struct sdebug_host_info *sdhp;
4887 struct sdebug_dev_info *dp;
4888
4889 spin_lock(&sdebug_host_list_lock);
4890 list_for_each_entry(sdhp, &sdebug_host_list,
4891 host_list) {
4892 list_for_each_entry(dp, &sdhp->dev_info_list,
4893 dev_list) {
4894 set_bit(SDEBUG_UA_LUNS_CHANGED,
4895 dp->uas_bm);
4896 }
4897 }
4898 spin_unlock(&sdebug_host_list_lock);
4899 }
4900 return count;
4901 }
4902 return -EINVAL;
4903 }
4904 static DRIVER_ATTR_RW(max_luns);
4905
4906 static ssize_t max_queue_show(struct device_driver *ddp, char *buf)
4907 {
4908 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_max_queue);
4909 }
4910 /* N.B. max_queue can be changed while there are queued commands. In flight
4911 * commands beyond the new max_queue will be completed. */
4912 static ssize_t max_queue_store(struct device_driver *ddp, const char *buf,
4913 size_t count)
4914 {
4915 int j, n, k, a;
4916 struct sdebug_queue *sqp;
4917
4918 if ((count > 0) && (1 == sscanf(buf, "%d", &n)) && (n > 0) &&
4919 (n <= SDEBUG_CANQUEUE)) {
4920 block_unblock_all_queues(true);
4921 k = 0;
4922 for (j = 0, sqp = sdebug_q_arr; j < submit_queues;
4923 ++j, ++sqp) {
4924 a = find_last_bit(sqp->in_use_bm, SDEBUG_CANQUEUE);
4925 if (a > k)
4926 k = a;
4927 }
4928 sdebug_max_queue = n;
4929 if (k == SDEBUG_CANQUEUE)
4930 atomic_set(&retired_max_queue, 0);
4931 else if (k >= n)
4932 atomic_set(&retired_max_queue, k + 1);
4933 else
4934 atomic_set(&retired_max_queue, 0);
4935 block_unblock_all_queues(false);
4936 return count;
4937 }
4938 return -EINVAL;
4939 }
4940 static DRIVER_ATTR_RW(max_queue);
4941
4942 static ssize_t no_uld_show(struct device_driver *ddp, char *buf)
4943 {
4944 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_no_uld);
4945 }
4946 static DRIVER_ATTR_RO(no_uld);
4947
4948 static ssize_t scsi_level_show(struct device_driver *ddp, char *buf)
4949 {
4950 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_scsi_level);
4951 }
4952 static DRIVER_ATTR_RO(scsi_level);
4953
4954 static ssize_t virtual_gb_show(struct device_driver *ddp, char *buf)
4955 {
4956 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_virtual_gb);
4957 }
4958 static ssize_t virtual_gb_store(struct device_driver *ddp, const char *buf,
4959 size_t count)
4960 {
4961 int n;
4962 bool changed;
4963
4964 if ((count > 0) && (1 == sscanf(buf, "%d", &n)) && (n >= 0)) {
4965 changed = (sdebug_virtual_gb != n);
4966 sdebug_virtual_gb = n;
4967 sdebug_capacity = get_sdebug_capacity();
4968 if (changed) {
4969 struct sdebug_host_info *sdhp;
4970 struct sdebug_dev_info *dp;
4971
4972 spin_lock(&sdebug_host_list_lock);
4973 list_for_each_entry(sdhp, &sdebug_host_list,
4974 host_list) {
4975 list_for_each_entry(dp, &sdhp->dev_info_list,
4976 dev_list) {
4977 set_bit(SDEBUG_UA_CAPACITY_CHANGED,
4978 dp->uas_bm);
4979 }
4980 }
4981 spin_unlock(&sdebug_host_list_lock);
4982 }
4983 return count;
4984 }
4985 return -EINVAL;
4986 }
4987 static DRIVER_ATTR_RW(virtual_gb);
4988
4989 static ssize_t add_host_show(struct device_driver *ddp, char *buf)
4990 {
4991 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_add_host);
4992 }
4993
4994 static int sdebug_add_adapter(void);
4995 static void sdebug_remove_adapter(void);
4996
4997 static ssize_t add_host_store(struct device_driver *ddp, const char *buf,
4998 size_t count)
4999 {
5000 int delta_hosts;
5001
5002 if (sscanf(buf, "%d", &delta_hosts) != 1)
5003 return -EINVAL;
5004 if (delta_hosts > 0) {
5005 do {
5006 sdebug_add_adapter();
5007 } while (--delta_hosts);
5008 } else if (delta_hosts < 0) {
5009 do {
5010 sdebug_remove_adapter();
5011 } while (++delta_hosts);
5012 }
5013 return count;
5014 }
5015 static DRIVER_ATTR_RW(add_host);
5016
5017 static ssize_t vpd_use_hostno_show(struct device_driver *ddp, char *buf)
5018 {
5019 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_vpd_use_hostno);
5020 }
5021 static ssize_t vpd_use_hostno_store(struct device_driver *ddp, const char *buf,
5022 size_t count)
5023 {
5024 int n;
5025
5026 if ((count > 0) && (1 == sscanf(buf, "%d", &n)) && (n >= 0)) {
5027 sdebug_vpd_use_hostno = n;
5028 return count;
5029 }
5030 return -EINVAL;
5031 }
5032 static DRIVER_ATTR_RW(vpd_use_hostno);
5033
5034 static ssize_t statistics_show(struct device_driver *ddp, char *buf)
5035 {
5036 return scnprintf(buf, PAGE_SIZE, "%d\n", (int)sdebug_statistics);
5037 }
5038 static ssize_t statistics_store(struct device_driver *ddp, const char *buf,
5039 size_t count)
5040 {
5041 int n;
5042
5043 if ((count > 0) && (sscanf(buf, "%d", &n) == 1) && (n >= 0)) {
5044 if (n > 0)
5045 sdebug_statistics = true;
5046 else {
5047 clear_queue_stats();
5048 sdebug_statistics = false;
5049 }
5050 return count;
5051 }
5052 return -EINVAL;
5053 }
5054 static DRIVER_ATTR_RW(statistics);
5055
5056 static ssize_t sector_size_show(struct device_driver *ddp, char *buf)
5057 {
5058 return scnprintf(buf, PAGE_SIZE, "%u\n", sdebug_sector_size);
5059 }
5060 static DRIVER_ATTR_RO(sector_size);
5061
5062 static ssize_t submit_queues_show(struct device_driver *ddp, char *buf)
5063 {
5064 return scnprintf(buf, PAGE_SIZE, "%d\n", submit_queues);
5065 }
5066 static DRIVER_ATTR_RO(submit_queues);
5067
5068 static ssize_t dix_show(struct device_driver *ddp, char *buf)
5069 {
5070 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_dix);
5071 }
5072 static DRIVER_ATTR_RO(dix);
5073
5074 static ssize_t dif_show(struct device_driver *ddp, char *buf)
5075 {
5076 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_dif);
5077 }
5078 static DRIVER_ATTR_RO(dif);
5079
5080 static ssize_t guard_show(struct device_driver *ddp, char *buf)
5081 {
5082 return scnprintf(buf, PAGE_SIZE, "%u\n", sdebug_guard);
5083 }
5084 static DRIVER_ATTR_RO(guard);
5085
5086 static ssize_t ato_show(struct device_driver *ddp, char *buf)
5087 {
5088 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_ato);
5089 }
5090 static DRIVER_ATTR_RO(ato);
5091
5092 static ssize_t map_show(struct device_driver *ddp, char *buf)
5093 {
5094 ssize_t count;
5095
5096 if (!scsi_debug_lbp())
5097 return scnprintf(buf, PAGE_SIZE, "0-%u\n",
5098 sdebug_store_sectors);
5099
5100 count = scnprintf(buf, PAGE_SIZE - 1, "%*pbl",
5101 (int)map_size, map_storep);
5102 buf[count++] = '\n';
5103 buf[count] = '\0';
5104
5105 return count;
5106 }
5107 static DRIVER_ATTR_RO(map);
5108
5109 static ssize_t removable_show(struct device_driver *ddp, char *buf)
5110 {
5111 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_removable ? 1 : 0);
5112 }
5113 static ssize_t removable_store(struct device_driver *ddp, const char *buf,
5114 size_t count)
5115 {
5116 int n;
5117
5118 if ((count > 0) && (1 == sscanf(buf, "%d", &n)) && (n >= 0)) {
5119 sdebug_removable = (n > 0);
5120 return count;
5121 }
5122 return -EINVAL;
5123 }
5124 static DRIVER_ATTR_RW(removable);
5125
5126 static ssize_t host_lock_show(struct device_driver *ddp, char *buf)
5127 {
5128 return scnprintf(buf, PAGE_SIZE, "%d\n", !!sdebug_host_lock);
5129 }
5130 /* N.B. sdebug_host_lock does nothing, kept for backward compatibility */
5131 static ssize_t host_lock_store(struct device_driver *ddp, const char *buf,
5132 size_t count)
5133 {
5134 int n;
5135
5136 if ((count > 0) && (1 == sscanf(buf, "%d", &n)) && (n >= 0)) {
5137 sdebug_host_lock = (n > 0);
5138 return count;
5139 }
5140 return -EINVAL;
5141 }
5142 static DRIVER_ATTR_RW(host_lock);
5143
5144 static ssize_t strict_show(struct device_driver *ddp, char *buf)
5145 {
5146 return scnprintf(buf, PAGE_SIZE, "%d\n", !!sdebug_strict);
5147 }
5148 static ssize_t strict_store(struct device_driver *ddp, const char *buf,
5149 size_t count)
5150 {
5151 int n;
5152
5153 if ((count > 0) && (1 == sscanf(buf, "%d", &n)) && (n >= 0)) {
5154 sdebug_strict = (n > 0);
5155 return count;
5156 }
5157 return -EINVAL;
5158 }
5159 static DRIVER_ATTR_RW(strict);
5160
5161 static ssize_t uuid_ctl_show(struct device_driver *ddp, char *buf)
5162 {
5163 return scnprintf(buf, PAGE_SIZE, "%d\n", !!sdebug_uuid_ctl);
5164 }
5165 static DRIVER_ATTR_RO(uuid_ctl);
5166
5167 static ssize_t cdb_len_show(struct device_driver *ddp, char *buf)
5168 {
5169 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_cdb_len);
5170 }
5171 static ssize_t cdb_len_store(struct device_driver *ddp, const char *buf,
5172 size_t count)
5173 {
5174 int ret, n;
5175
5176 ret = kstrtoint(buf, 0, &n);
5177 if (ret)
5178 return ret;
5179 sdebug_cdb_len = n;
5180 all_config_cdb_len();
5181 return count;
5182 }
5183 static DRIVER_ATTR_RW(cdb_len);
5184
5185
5186 /* Note: The following array creates attribute files in the
5187 /sys/bus/pseudo/drivers/scsi_debug directory. The advantage of these
5188 files (over those found in the /sys/module/scsi_debug/parameters
5189 directory) is that auxiliary actions can be triggered when an attribute
5190 is changed. For example see: sdebug_add_host_store() above.
5191 */
5192
5193 static struct attribute *sdebug_drv_attrs[] = {
5194 &driver_attr_delay.attr,
5195 &driver_attr_opts.attr,
5196 &driver_attr_ptype.attr,
5197 &driver_attr_dsense.attr,
5198 &driver_attr_fake_rw.attr,
5199 &driver_attr_no_lun_0.attr,
5200 &driver_attr_num_tgts.attr,
5201 &driver_attr_dev_size_mb.attr,
5202 &driver_attr_num_parts.attr,
5203 &driver_attr_every_nth.attr,
5204 &driver_attr_max_luns.attr,
5205 &driver_attr_max_queue.attr,
5206 &driver_attr_no_uld.attr,
5207 &driver_attr_scsi_level.attr,
5208 &driver_attr_virtual_gb.attr,
5209 &driver_attr_add_host.attr,
5210 &driver_attr_vpd_use_hostno.attr,
5211 &driver_attr_sector_size.attr,
5212 &driver_attr_statistics.attr,
5213 &driver_attr_submit_queues.attr,
5214 &driver_attr_dix.attr,
5215 &driver_attr_dif.attr,
5216 &driver_attr_guard.attr,
5217 &driver_attr_ato.attr,
5218 &driver_attr_map.attr,
5219 &driver_attr_removable.attr,
5220 &driver_attr_host_lock.attr,
5221 &driver_attr_ndelay.attr,
5222 &driver_attr_strict.attr,
5223 &driver_attr_uuid_ctl.attr,
5224 &driver_attr_cdb_len.attr,
5225 NULL,
5226 };
5227 ATTRIBUTE_GROUPS(sdebug_drv);
5228
5229 static struct device *pseudo_primary;
5230
5231 static int __init scsi_debug_init(void)
5232 {
5233 unsigned long sz;
5234 int host_to_add;
5235 int k;
5236 int ret;
5237
5238 atomic_set(&retired_max_queue, 0);
5239
5240 if (sdebug_ndelay >= 1000 * 1000 * 1000) {
5241 pr_warn("ndelay must be less than 1 second, ignored\n");
5242 sdebug_ndelay = 0;
5243 } else if (sdebug_ndelay > 0)
5244 sdebug_jdelay = JDELAY_OVERRIDDEN;
5245
5246 switch (sdebug_sector_size) {
5247 case 512:
5248 case 1024:
5249 case 2048:
5250 case 4096:
5251 break;
5252 default:
5253 pr_err("invalid sector_size %d\n", sdebug_sector_size);
5254 return -EINVAL;
5255 }
5256
5257 switch (sdebug_dif) {
5258 case T10_PI_TYPE0_PROTECTION:
5259 break;
5260 case T10_PI_TYPE1_PROTECTION:
5261 case T10_PI_TYPE2_PROTECTION:
5262 case T10_PI_TYPE3_PROTECTION:
5263 have_dif_prot = true;
5264 break;
5265
5266 default:
5267 pr_err("dif must be 0, 1, 2 or 3\n");
5268 return -EINVAL;
5269 }
5270
5271 if (sdebug_guard > 1) {
5272 pr_err("guard must be 0 or 1\n");
5273 return -EINVAL;
5274 }
5275
5276 if (sdebug_ato > 1) {
5277 pr_err("ato must be 0 or 1\n");
5278 return -EINVAL;
5279 }
5280
5281 if (sdebug_physblk_exp > 15) {
5282 pr_err("invalid physblk_exp %u\n", sdebug_physblk_exp);
5283 return -EINVAL;
5284 }
5285 if (sdebug_max_luns > 256) {
5286 pr_warn("max_luns can be no more than 256, use default\n");
5287 sdebug_max_luns = DEF_MAX_LUNS;
5288 }
5289
5290 if (sdebug_lowest_aligned > 0x3fff) {
5291 pr_err("lowest_aligned too big: %u\n", sdebug_lowest_aligned);
5292 return -EINVAL;
5293 }
5294
5295 if (submit_queues < 1) {
5296 pr_err("submit_queues must be 1 or more\n");
5297 return -EINVAL;
5298 }
5299 sdebug_q_arr = kcalloc(submit_queues, sizeof(struct sdebug_queue),
5300 GFP_KERNEL);
5301 if (sdebug_q_arr == NULL)
5302 return -ENOMEM;
5303 for (k = 0; k < submit_queues; ++k)
5304 spin_lock_init(&sdebug_q_arr[k].qc_lock);
5305
5306 if (sdebug_dev_size_mb < 1)
5307 sdebug_dev_size_mb = 1; /* force minimum 1 MB ramdisk */
5308 sz = (unsigned long)sdebug_dev_size_mb * 1048576;
5309 sdebug_store_sectors = sz / sdebug_sector_size;
5310 sdebug_capacity = get_sdebug_capacity();
5311
5312 /* play around with geometry, don't waste too much on track 0 */
5313 sdebug_heads = 8;
5314 sdebug_sectors_per = 32;
5315 if (sdebug_dev_size_mb >= 256)
5316 sdebug_heads = 64;
5317 else if (sdebug_dev_size_mb >= 16)
5318 sdebug_heads = 32;
5319 sdebug_cylinders_per = (unsigned long)sdebug_capacity /
5320 (sdebug_sectors_per * sdebug_heads);
5321 if (sdebug_cylinders_per >= 1024) {
5322 /* other LLDs do this; implies >= 1GB ram disk ... */
5323 sdebug_heads = 255;
5324 sdebug_sectors_per = 63;
5325 sdebug_cylinders_per = (unsigned long)sdebug_capacity /
5326 (sdebug_sectors_per * sdebug_heads);
5327 }
5328
5329 if (sdebug_fake_rw == 0) {
5330 fake_storep = vzalloc(sz);
5331 if (NULL == fake_storep) {
5332 pr_err("out of memory, 1\n");
5333 ret = -ENOMEM;
5334 goto free_q_arr;
5335 }
5336 if (sdebug_num_parts > 0)
5337 sdebug_build_parts(fake_storep, sz);
5338 }
5339
5340 if (sdebug_dix) {
5341 int dif_size;
5342
5343 dif_size = sdebug_store_sectors * sizeof(struct t10_pi_tuple);
5344 dif_storep = vmalloc(dif_size);
5345
5346 pr_err("dif_storep %u bytes @ %p\n", dif_size, dif_storep);
5347
5348 if (dif_storep == NULL) {
5349 pr_err("out of mem. (DIX)\n");
5350 ret = -ENOMEM;
5351 goto free_vm;
5352 }
5353
5354 memset(dif_storep, 0xff, dif_size);
5355 }
5356
5357 /* Logical Block Provisioning */
5358 if (scsi_debug_lbp()) {
5359 sdebug_unmap_max_blocks =
5360 clamp(sdebug_unmap_max_blocks, 0U, 0xffffffffU);
5361
5362 sdebug_unmap_max_desc =
5363 clamp(sdebug_unmap_max_desc, 0U, 256U);
5364
5365 sdebug_unmap_granularity =
5366 clamp(sdebug_unmap_granularity, 1U, 0xffffffffU);
5367
5368 if (sdebug_unmap_alignment &&
5369 sdebug_unmap_granularity <=
5370 sdebug_unmap_alignment) {
5371 pr_err("ERR: unmap_granularity <= unmap_alignment\n");
5372 ret = -EINVAL;
5373 goto free_vm;
5374 }
5375
5376 map_size = lba_to_map_index(sdebug_store_sectors - 1) + 1;
5377 map_storep = vmalloc(array_size(sizeof(long),
5378 BITS_TO_LONGS(map_size)));
5379
5380 pr_info("%lu provisioning blocks\n", map_size);
5381
5382 if (map_storep == NULL) {
5383 pr_err("out of mem. (MAP)\n");
5384 ret = -ENOMEM;
5385 goto free_vm;
5386 }
5387
5388 bitmap_zero(map_storep, map_size);
5389
5390 /* Map first 1KB for partition table */
5391 if (sdebug_num_parts)
5392 map_region(0, 2);
5393 }
5394
5395 pseudo_primary = root_device_register("pseudo_0");
5396 if (IS_ERR(pseudo_primary)) {
5397 pr_warn("root_device_register() error\n");
5398 ret = PTR_ERR(pseudo_primary);
5399 goto free_vm;
5400 }
5401 ret = bus_register(&pseudo_lld_bus);
5402 if (ret < 0) {
5403 pr_warn("bus_register error: %d\n", ret);
5404 goto dev_unreg;
5405 }
5406 ret = driver_register(&sdebug_driverfs_driver);
5407 if (ret < 0) {
5408 pr_warn("driver_register error: %d\n", ret);
5409 goto bus_unreg;
5410 }
5411
5412 host_to_add = sdebug_add_host;
5413 sdebug_add_host = 0;
5414
5415 for (k = 0; k < host_to_add; k++) {
5416 if (sdebug_add_adapter()) {
5417 pr_err("sdebug_add_adapter failed k=%d\n", k);
5418 break;
5419 }
5420 }
5421
5422 if (sdebug_verbose)
5423 pr_info("built %d host(s)\n", sdebug_add_host);
5424
5425 return 0;
5426
5427 bus_unreg:
5428 bus_unregister(&pseudo_lld_bus);
5429 dev_unreg:
5430 root_device_unregister(pseudo_primary);
5431 free_vm:
5432 vfree(map_storep);
5433 vfree(dif_storep);
5434 vfree(fake_storep);
5435 free_q_arr:
5436 kfree(sdebug_q_arr);
5437 return ret;
5438 }
5439
5440 static void __exit scsi_debug_exit(void)
5441 {
5442 int k = sdebug_add_host;
5443
5444 stop_all_queued();
5445 for (; k; k--)
5446 sdebug_remove_adapter();
5447 free_all_queued();
5448 driver_unregister(&sdebug_driverfs_driver);
5449 bus_unregister(&pseudo_lld_bus);
5450 root_device_unregister(pseudo_primary);
5451
5452 vfree(map_storep);
5453 vfree(dif_storep);
5454 vfree(fake_storep);
5455 kfree(sdebug_q_arr);
5456 }
5457
5458 device_initcall(scsi_debug_init);
5459 module_exit(scsi_debug_exit);
5460
5461 static void sdebug_release_adapter(struct device *dev)
5462 {
5463 struct sdebug_host_info *sdbg_host;
5464
5465 sdbg_host = to_sdebug_host(dev);
5466 kfree(sdbg_host);
5467 }
5468
5469 static int sdebug_add_adapter(void)
5470 {
5471 int k, devs_per_host;
5472 int error = 0;
5473 struct sdebug_host_info *sdbg_host;
5474 struct sdebug_dev_info *sdbg_devinfo, *tmp;
5475
5476 sdbg_host = kzalloc(sizeof(*sdbg_host), GFP_KERNEL);
5477 if (sdbg_host == NULL) {
5478 pr_err("out of memory at line %d\n", __LINE__);
5479 return -ENOMEM;
5480 }
5481
5482 INIT_LIST_HEAD(&sdbg_host->dev_info_list);
5483
5484 devs_per_host = sdebug_num_tgts * sdebug_max_luns;
5485 for (k = 0; k < devs_per_host; k++) {
5486 sdbg_devinfo = sdebug_device_create(sdbg_host, GFP_KERNEL);
5487 if (!sdbg_devinfo) {
5488 pr_err("out of memory at line %d\n", __LINE__);
5489 error = -ENOMEM;
5490 goto clean;
5491 }
5492 }
5493
5494 spin_lock(&sdebug_host_list_lock);
5495 list_add_tail(&sdbg_host->host_list, &sdebug_host_list);
5496 spin_unlock(&sdebug_host_list_lock);
5497
5498 sdbg_host->dev.bus = &pseudo_lld_bus;
5499 sdbg_host->dev.parent = pseudo_primary;
5500 sdbg_host->dev.release = &sdebug_release_adapter;
5501 dev_set_name(&sdbg_host->dev, "adapter%d", sdebug_add_host);
5502
5503 error = device_register(&sdbg_host->dev);
5504
5505 if (error)
5506 goto clean;
5507
5508 ++sdebug_add_host;
5509 return error;
5510
5511 clean:
5512 list_for_each_entry_safe(sdbg_devinfo, tmp, &sdbg_host->dev_info_list,
5513 dev_list) {
5514 list_del(&sdbg_devinfo->dev_list);
5515 kfree(sdbg_devinfo);
5516 }
5517
5518 kfree(sdbg_host);
5519 return error;
5520 }
5521
5522 static void sdebug_remove_adapter(void)
5523 {
5524 struct sdebug_host_info *sdbg_host = NULL;
5525
5526 spin_lock(&sdebug_host_list_lock);
5527 if (!list_empty(&sdebug_host_list)) {
5528 sdbg_host = list_entry(sdebug_host_list.prev,
5529 struct sdebug_host_info, host_list);
5530 list_del(&sdbg_host->host_list);
5531 }
5532 spin_unlock(&sdebug_host_list_lock);
5533
5534 if (!sdbg_host)
5535 return;
5536
5537 device_unregister(&sdbg_host->dev);
5538 --sdebug_add_host;
5539 }
5540
5541 static int sdebug_change_qdepth(struct scsi_device *sdev, int qdepth)
5542 {
5543 int num_in_q = 0;
5544 struct sdebug_dev_info *devip;
5545
5546 block_unblock_all_queues(true);
5547 devip = (struct sdebug_dev_info *)sdev->hostdata;
5548 if (NULL == devip) {
5549 block_unblock_all_queues(false);
5550 return -ENODEV;
5551 }
5552 num_in_q = atomic_read(&devip->num_in_q);
5553
5554 if (qdepth < 1)
5555 qdepth = 1;
5556 /* allow to exceed max host qc_arr elements for testing */
5557 if (qdepth > SDEBUG_CANQUEUE + 10)
5558 qdepth = SDEBUG_CANQUEUE + 10;
5559 scsi_change_queue_depth(sdev, qdepth);
5560
5561 if (SDEBUG_OPT_Q_NOISE & sdebug_opts) {
5562 sdev_printk(KERN_INFO, sdev, "%s: qdepth=%d, num_in_q=%d\n",
5563 __func__, qdepth, num_in_q);
5564 }
5565 block_unblock_all_queues(false);
5566 return sdev->queue_depth;
5567 }
5568
5569 static bool fake_timeout(struct scsi_cmnd *scp)
5570 {
5571 if (0 == (atomic_read(&sdebug_cmnd_count) % abs(sdebug_every_nth))) {
5572 if (sdebug_every_nth < -1)
5573 sdebug_every_nth = -1;
5574 if (SDEBUG_OPT_TIMEOUT & sdebug_opts)
5575 return true; /* ignore command causing timeout */
5576 else if (SDEBUG_OPT_MAC_TIMEOUT & sdebug_opts &&
5577 scsi_medium_access_command(scp))
5578 return true; /* time out reads and writes */
5579 }
5580 return false;
5581 }
5582
5583 static bool fake_host_busy(struct scsi_cmnd *scp)
5584 {
5585 return (sdebug_opts & SDEBUG_OPT_HOST_BUSY) &&
5586 (atomic_read(&sdebug_cmnd_count) % abs(sdebug_every_nth)) == 0;
5587 }
5588
5589 static int scsi_debug_queuecommand(struct Scsi_Host *shost,
5590 struct scsi_cmnd *scp)
5591 {
5592 u8 sdeb_i;
5593 struct scsi_device *sdp = scp->device;
5594 const struct opcode_info_t *oip;
5595 const struct opcode_info_t *r_oip;
5596 struct sdebug_dev_info *devip;
5597 u8 *cmd = scp->cmnd;
5598 int (*r_pfp)(struct scsi_cmnd *, struct sdebug_dev_info *);
5599 int (*pfp)(struct scsi_cmnd *, struct sdebug_dev_info *) = NULL;
5600 int k, na;
5601 int errsts = 0;
5602 u32 flags;
5603 u16 sa;
5604 u8 opcode = cmd[0];
5605 bool has_wlun_rl;
5606
5607 scsi_set_resid(scp, 0);
5608 if (sdebug_statistics)
5609 atomic_inc(&sdebug_cmnd_count);
5610 if (unlikely(sdebug_verbose &&
5611 !(SDEBUG_OPT_NO_CDB_NOISE & sdebug_opts))) {
5612 char b[120];
5613 int n, len, sb;
5614
5615 len = scp->cmd_len;
5616 sb = (int)sizeof(b);
5617 if (len > 32)
5618 strcpy(b, "too long, over 32 bytes");
5619 else {
5620 for (k = 0, n = 0; k < len && n < sb; ++k)
5621 n += scnprintf(b + n, sb - n, "%02x ",
5622 (u32)cmd[k]);
5623 }
5624 sdev_printk(KERN_INFO, sdp, "%s: tag=%#x, cmd %s\n", my_name,
5625 blk_mq_unique_tag(scp->request), b);
5626 }
5627 if (fake_host_busy(scp))
5628 return SCSI_MLQUEUE_HOST_BUSY;
5629 has_wlun_rl = (sdp->lun == SCSI_W_LUN_REPORT_LUNS);
5630 if (unlikely((sdp->lun >= sdebug_max_luns) && !has_wlun_rl))
5631 goto err_out;
5632
5633 sdeb_i = opcode_ind_arr[opcode]; /* fully mapped */
5634 oip = &opcode_info_arr[sdeb_i]; /* safe if table consistent */
5635 devip = (struct sdebug_dev_info *)sdp->hostdata;
5636 if (unlikely(!devip)) {
5637 devip = find_build_dev_info(sdp);
5638 if (NULL == devip)
5639 goto err_out;
5640 }
5641 na = oip->num_attached;
5642 r_pfp = oip->pfp;
5643 if (na) { /* multiple commands with this opcode */
5644 r_oip = oip;
5645 if (FF_SA & r_oip->flags) {
5646 if (F_SA_LOW & oip->flags)
5647 sa = 0x1f & cmd[1];
5648 else
5649 sa = get_unaligned_be16(cmd + 8);
5650 for (k = 0; k <= na; oip = r_oip->arrp + k++) {
5651 if (opcode == oip->opcode && sa == oip->sa)
5652 break;
5653 }
5654 } else { /* since no service action only check opcode */
5655 for (k = 0; k <= na; oip = r_oip->arrp + k++) {
5656 if (opcode == oip->opcode)
5657 break;
5658 }
5659 }
5660 if (k > na) {
5661 if (F_SA_LOW & r_oip->flags)
5662 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 1, 4);
5663 else if (F_SA_HIGH & r_oip->flags)
5664 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 8, 7);
5665 else
5666 mk_sense_invalid_opcode(scp);
5667 goto check_cond;
5668 }
5669 } /* else (when na==0) we assume the oip is a match */
5670 flags = oip->flags;
5671 if (unlikely(F_INV_OP & flags)) {
5672 mk_sense_invalid_opcode(scp);
5673 goto check_cond;
5674 }
5675 if (unlikely(has_wlun_rl && !(F_RL_WLUN_OK & flags))) {
5676 if (sdebug_verbose)
5677 sdev_printk(KERN_INFO, sdp, "%s: Opcode 0x%x not%s\n",
5678 my_name, opcode, " supported for wlun");
5679 mk_sense_invalid_opcode(scp);
5680 goto check_cond;
5681 }
5682 if (unlikely(sdebug_strict)) { /* check cdb against mask */
5683 u8 rem;
5684 int j;
5685
5686 for (k = 1; k < oip->len_mask[0] && k < 16; ++k) {
5687 rem = ~oip->len_mask[k] & cmd[k];
5688 if (rem) {
5689 for (j = 7; j >= 0; --j, rem <<= 1) {
5690 if (0x80 & rem)
5691 break;
5692 }
5693 mk_sense_invalid_fld(scp, SDEB_IN_CDB, k, j);
5694 goto check_cond;
5695 }
5696 }
5697 }
5698 if (unlikely(!(F_SKIP_UA & flags) &&
5699 find_first_bit(devip->uas_bm,
5700 SDEBUG_NUM_UAS) != SDEBUG_NUM_UAS)) {
5701 errsts = make_ua(scp, devip);
5702 if (errsts)
5703 goto check_cond;
5704 }
5705 if (unlikely((F_M_ACCESS & flags) && atomic_read(&devip->stopped))) {
5706 mk_sense_buffer(scp, NOT_READY, LOGICAL_UNIT_NOT_READY, 0x2);
5707 if (sdebug_verbose)
5708 sdev_printk(KERN_INFO, sdp, "%s reports: Not ready: "
5709 "%s\n", my_name, "initializing command "
5710 "required");
5711 errsts = check_condition_result;
5712 goto fini;
5713 }
5714 if (sdebug_fake_rw && (F_FAKE_RW & flags))
5715 goto fini;
5716 if (unlikely(sdebug_every_nth)) {
5717 if (fake_timeout(scp))
5718 return 0; /* ignore command: make trouble */
5719 }
5720 if (likely(oip->pfp))
5721 pfp = oip->pfp; /* calls a resp_* function */
5722 else
5723 pfp = r_pfp; /* if leaf function ptr NULL, try the root's */
5724
5725 fini:
5726 if (F_DELAY_OVERR & flags)
5727 return schedule_resp(scp, devip, errsts, pfp, 0, 0);
5728 else if ((flags & F_LONG_DELAY) && (sdebug_jdelay > 0 ||
5729 sdebug_ndelay > 10000)) {
5730 /*
5731 * Skip long delays if ndelay <= 10 microseconds. Otherwise
5732 * for Start Stop Unit (SSU) want at least 1 second delay and
5733 * if sdebug_jdelay>1 want a long delay of that many seconds.
5734 * For Synchronize Cache want 1/20 of SSU's delay.
5735 */
5736 int jdelay = (sdebug_jdelay < 2) ? 1 : sdebug_jdelay;
5737 int denom = (flags & F_SYNC_DELAY) ? 20 : 1;
5738
5739 jdelay = mult_frac(USER_HZ * jdelay, HZ, denom * USER_HZ);
5740 return schedule_resp(scp, devip, errsts, pfp, jdelay, 0);
5741 } else
5742 return schedule_resp(scp, devip, errsts, pfp, sdebug_jdelay,
5743 sdebug_ndelay);
5744 check_cond:
5745 return schedule_resp(scp, devip, check_condition_result, NULL, 0, 0);
5746 err_out:
5747 return schedule_resp(scp, NULL, DID_NO_CONNECT << 16, NULL, 0, 0);
5748 }
5749
5750 static struct scsi_host_template sdebug_driver_template = {
5751 .show_info = scsi_debug_show_info,
5752 .write_info = scsi_debug_write_info,
5753 .proc_name = sdebug_proc_name,
5754 .name = "SCSI DEBUG",
5755 .info = scsi_debug_info,
5756 .slave_alloc = scsi_debug_slave_alloc,
5757 .slave_configure = scsi_debug_slave_configure,
5758 .slave_destroy = scsi_debug_slave_destroy,
5759 .ioctl = scsi_debug_ioctl,
5760 .queuecommand = scsi_debug_queuecommand,
5761 .change_queue_depth = sdebug_change_qdepth,
5762 .eh_abort_handler = scsi_debug_abort,
5763 .eh_device_reset_handler = scsi_debug_device_reset,
5764 .eh_target_reset_handler = scsi_debug_target_reset,
5765 .eh_bus_reset_handler = scsi_debug_bus_reset,
5766 .eh_host_reset_handler = scsi_debug_host_reset,
5767 .can_queue = SDEBUG_CANQUEUE,
5768 .this_id = 7,
5769 .sg_tablesize = SG_MAX_SEGMENTS,
5770 .cmd_per_lun = DEF_CMD_PER_LUN,
5771 .max_sectors = -1U,
5772 .max_segment_size = -1U,
5773 .module = THIS_MODULE,
5774 .track_queue_depth = 1,
5775 };
5776
5777 static int sdebug_driver_probe(struct device *dev)
5778 {
5779 int error = 0;
5780 struct sdebug_host_info *sdbg_host;
5781 struct Scsi_Host *hpnt;
5782 int hprot;
5783
5784 sdbg_host = to_sdebug_host(dev);
5785
5786 sdebug_driver_template.can_queue = sdebug_max_queue;
5787 if (!sdebug_clustering)
5788 sdebug_driver_template.dma_boundary = PAGE_SIZE - 1;
5789
5790 hpnt = scsi_host_alloc(&sdebug_driver_template, sizeof(sdbg_host));
5791 if (NULL == hpnt) {
5792 pr_err("scsi_host_alloc failed\n");
5793 error = -ENODEV;
5794 return error;
5795 }
5796 if (submit_queues > nr_cpu_ids) {
5797 pr_warn("%s: trim submit_queues (was %d) to nr_cpu_ids=%u\n",
5798 my_name, submit_queues, nr_cpu_ids);
5799 submit_queues = nr_cpu_ids;
5800 }
5801 /* Decide whether to tell scsi subsystem that we want mq */
5802 /* Following should give the same answer for each host */
5803 hpnt->nr_hw_queues = submit_queues;
5804
5805 sdbg_host->shost = hpnt;
5806 *((struct sdebug_host_info **)hpnt->hostdata) = sdbg_host;
5807 if ((hpnt->this_id >= 0) && (sdebug_num_tgts > hpnt->this_id))
5808 hpnt->max_id = sdebug_num_tgts + 1;
5809 else
5810 hpnt->max_id = sdebug_num_tgts;
5811 /* = sdebug_max_luns; */
5812 hpnt->max_lun = SCSI_W_LUN_REPORT_LUNS + 1;
5813
5814 hprot = 0;
5815
5816 switch (sdebug_dif) {
5817
5818 case T10_PI_TYPE1_PROTECTION:
5819 hprot = SHOST_DIF_TYPE1_PROTECTION;
5820 if (sdebug_dix)
5821 hprot |= SHOST_DIX_TYPE1_PROTECTION;
5822 break;
5823
5824 case T10_PI_TYPE2_PROTECTION:
5825 hprot = SHOST_DIF_TYPE2_PROTECTION;
5826 if (sdebug_dix)
5827 hprot |= SHOST_DIX_TYPE2_PROTECTION;
5828 break;
5829
5830 case T10_PI_TYPE3_PROTECTION:
5831 hprot = SHOST_DIF_TYPE3_PROTECTION;
5832 if (sdebug_dix)
5833 hprot |= SHOST_DIX_TYPE3_PROTECTION;
5834 break;
5835
5836 default:
5837 if (sdebug_dix)
5838 hprot |= SHOST_DIX_TYPE0_PROTECTION;
5839 break;
5840 }
5841
5842 scsi_host_set_prot(hpnt, hprot);
5843
5844 if (have_dif_prot || sdebug_dix)
5845 pr_info("host protection%s%s%s%s%s%s%s\n",
5846 (hprot & SHOST_DIF_TYPE1_PROTECTION) ? " DIF1" : "",
5847 (hprot & SHOST_DIF_TYPE2_PROTECTION) ? " DIF2" : "",
5848 (hprot & SHOST_DIF_TYPE3_PROTECTION) ? " DIF3" : "",
5849 (hprot & SHOST_DIX_TYPE0_PROTECTION) ? " DIX0" : "",
5850 (hprot & SHOST_DIX_TYPE1_PROTECTION) ? " DIX1" : "",
5851 (hprot & SHOST_DIX_TYPE2_PROTECTION) ? " DIX2" : "",
5852 (hprot & SHOST_DIX_TYPE3_PROTECTION) ? " DIX3" : "");
5853
5854 if (sdebug_guard == 1)
5855 scsi_host_set_guard(hpnt, SHOST_DIX_GUARD_IP);
5856 else
5857 scsi_host_set_guard(hpnt, SHOST_DIX_GUARD_CRC);
5858
5859 sdebug_verbose = !!(SDEBUG_OPT_NOISE & sdebug_opts);
5860 sdebug_any_injecting_opt = !!(SDEBUG_OPT_ALL_INJECTING & sdebug_opts);
5861 if (sdebug_every_nth) /* need stats counters for every_nth */
5862 sdebug_statistics = true;
5863 error = scsi_add_host(hpnt, &sdbg_host->dev);
5864 if (error) {
5865 pr_err("scsi_add_host failed\n");
5866 error = -ENODEV;
5867 scsi_host_put(hpnt);
5868 } else
5869 scsi_scan_host(hpnt);
5870
5871 return error;
5872 }
5873
5874 static int sdebug_driver_remove(struct device *dev)
5875 {
5876 struct sdebug_host_info *sdbg_host;
5877 struct sdebug_dev_info *sdbg_devinfo, *tmp;
5878
5879 sdbg_host = to_sdebug_host(dev);
5880
5881 if (!sdbg_host) {
5882 pr_err("Unable to locate host info\n");
5883 return -ENODEV;
5884 }
5885
5886 scsi_remove_host(sdbg_host->shost);
5887
5888 list_for_each_entry_safe(sdbg_devinfo, tmp, &sdbg_host->dev_info_list,
5889 dev_list) {
5890 list_del(&sdbg_devinfo->dev_list);
5891 kfree(sdbg_devinfo);
5892 }
5893
5894 scsi_host_put(sdbg_host->shost);
5895 return 0;
5896 }
5897
5898 static int pseudo_lld_bus_match(struct device *dev,
5899 struct device_driver *dev_driver)
5900 {
5901 return 1;
5902 }
5903
5904 static struct bus_type pseudo_lld_bus = {
5905 .name = "pseudo",
5906 .match = pseudo_lld_bus_match,
5907 .probe = sdebug_driver_probe,
5908 .remove = sdebug_driver_remove,
5909 .drv_groups = sdebug_drv_groups,
5910 };
Linux with added FPC-III support