projects / deliverable / linux.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
target: remove struct se_task
[deliverable/linux.git] / drivers / target / target_core_transport.c
1 /*******************************************************************************
2 * Filename: target_core_transport.c
3 *
4 * This file contains the Generic Target Engine Core.
5 *
6 * Copyright (c) 2002, 2003, 2004, 2005 PyX Technologies, Inc.
7 * Copyright (c) 2005, 2006, 2007 SBE, Inc.
8 * Copyright (c) 2007-2010 Rising Tide Systems
9 * Copyright (c) 2008-2010 Linux-iSCSI.org
10 *
11 * Nicholas A. Bellinger <nab@kernel.org>
12 *
13 * This program is free software; you can redistribute it and/or modify
14 * it under the terms of the GNU General Public License as published by
15 * the Free Software Foundation; either version 2 of the License, or
16 * (at your option) any later version.
17 *
18 * This program is distributed in the hope that it will be useful,
19 * but WITHOUT ANY WARRANTY; without even the implied warranty of
20 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
21 * GNU General Public License for more details.
22 *
23 * You should have received a copy of the GNU General Public License
24 * along with this program; if not, write to the Free Software
25 * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
26 *
27 ******************************************************************************/
28
29 #include <linux/net.h>
30 #include <linux/delay.h>
31 #include <linux/string.h>
32 #include <linux/timer.h>
33 #include <linux/slab.h>
34 #include <linux/blkdev.h>
35 #include <linux/spinlock.h>
36 #include <linux/kthread.h>
37 #include <linux/in.h>
38 #include <linux/cdrom.h>
39 #include <linux/module.h>
40 #include <linux/ratelimit.h>
41 #include <asm/unaligned.h>
42 #include <net/sock.h>
43 #include <net/tcp.h>
44 #include <scsi/scsi.h>
45 #include <scsi/scsi_cmnd.h>
46 #include <scsi/scsi_tcq.h>
47
48 #include <target/target_core_base.h>
49 #include <target/target_core_backend.h>
50 #include <target/target_core_fabric.h>
51 #include <target/target_core_configfs.h>
52
53 #include "target_core_internal.h"
54 #include "target_core_alua.h"
55 #include "target_core_pr.h"
56 #include "target_core_ua.h"
57
58 static int sub_api_initialized;
59
60 static struct workqueue_struct *target_completion_wq;
61 static struct kmem_cache *se_sess_cache;
62 struct kmem_cache *se_ua_cache;
63 struct kmem_cache *t10_pr_reg_cache;
64 struct kmem_cache *t10_alua_lu_gp_cache;
65 struct kmem_cache *t10_alua_lu_gp_mem_cache;
66 struct kmem_cache *t10_alua_tg_pt_gp_cache;
67 struct kmem_cache *t10_alua_tg_pt_gp_mem_cache;
68
69 static int transport_generic_write_pending(struct se_cmd *);
70 static int transport_processing_thread(void *param);
71 static int __transport_execute_tasks(struct se_device *dev, struct se_cmd *);
72 static void transport_complete_task_attr(struct se_cmd *cmd);
73 static void transport_handle_queue_full(struct se_cmd *cmd,
74 struct se_device *dev);
75 static int transport_generic_get_mem(struct se_cmd *cmd);
76 static void transport_put_cmd(struct se_cmd *cmd);
77 static void transport_remove_cmd_from_queue(struct se_cmd *cmd);
78 static int transport_set_sense_codes(struct se_cmd *cmd, u8 asc, u8 ascq);
79 static void target_complete_ok_work(struct work_struct *work);
80
81 int init_se_kmem_caches(void)
82 {
83 se_sess_cache = kmem_cache_create("se_sess_cache",
84 sizeof(struct se_session), __alignof__(struct se_session),
85 0, NULL);
86 if (!se_sess_cache) {
87 pr_err("kmem_cache_create() for struct se_session"
88 " failed\n");
89 goto out;
90 }
91 se_ua_cache = kmem_cache_create("se_ua_cache",
92 sizeof(struct se_ua), __alignof__(struct se_ua),
93 0, NULL);
94 if (!se_ua_cache) {
95 pr_err("kmem_cache_create() for struct se_ua failed\n");
96 goto out_free_sess_cache;
97 }
98 t10_pr_reg_cache = kmem_cache_create("t10_pr_reg_cache",
99 sizeof(struct t10_pr_registration),
100 __alignof__(struct t10_pr_registration), 0, NULL);
101 if (!t10_pr_reg_cache) {
102 pr_err("kmem_cache_create() for struct t10_pr_registration"
103 " failed\n");
104 goto out_free_ua_cache;
105 }
106 t10_alua_lu_gp_cache = kmem_cache_create("t10_alua_lu_gp_cache",
107 sizeof(struct t10_alua_lu_gp), __alignof__(struct t10_alua_lu_gp),
108 0, NULL);
109 if (!t10_alua_lu_gp_cache) {
110 pr_err("kmem_cache_create() for t10_alua_lu_gp_cache"
111 " failed\n");
112 goto out_free_pr_reg_cache;
113 }
114 t10_alua_lu_gp_mem_cache = kmem_cache_create("t10_alua_lu_gp_mem_cache",
115 sizeof(struct t10_alua_lu_gp_member),
116 __alignof__(struct t10_alua_lu_gp_member), 0, NULL);
117 if (!t10_alua_lu_gp_mem_cache) {
118 pr_err("kmem_cache_create() for t10_alua_lu_gp_mem_"
119 "cache failed\n");
120 goto out_free_lu_gp_cache;
121 }
122 t10_alua_tg_pt_gp_cache = kmem_cache_create("t10_alua_tg_pt_gp_cache",
123 sizeof(struct t10_alua_tg_pt_gp),
124 __alignof__(struct t10_alua_tg_pt_gp), 0, NULL);
125 if (!t10_alua_tg_pt_gp_cache) {
126 pr_err("kmem_cache_create() for t10_alua_tg_pt_gp_"
127 "cache failed\n");
128 goto out_free_lu_gp_mem_cache;
129 }
130 t10_alua_tg_pt_gp_mem_cache = kmem_cache_create(
131 "t10_alua_tg_pt_gp_mem_cache",
132 sizeof(struct t10_alua_tg_pt_gp_member),
133 __alignof__(struct t10_alua_tg_pt_gp_member),
134 0, NULL);
135 if (!t10_alua_tg_pt_gp_mem_cache) {
136 pr_err("kmem_cache_create() for t10_alua_tg_pt_gp_"
137 "mem_t failed\n");
138 goto out_free_tg_pt_gp_cache;
139 }
140
141 target_completion_wq = alloc_workqueue("target_completion",
142 WQ_MEM_RECLAIM, 0);
143 if (!target_completion_wq)
144 goto out_free_tg_pt_gp_mem_cache;
145
146 return 0;
147
148 out_free_tg_pt_gp_mem_cache:
149 kmem_cache_destroy(t10_alua_tg_pt_gp_mem_cache);
150 out_free_tg_pt_gp_cache:
151 kmem_cache_destroy(t10_alua_tg_pt_gp_cache);
152 out_free_lu_gp_mem_cache:
153 kmem_cache_destroy(t10_alua_lu_gp_mem_cache);
154 out_free_lu_gp_cache:
155 kmem_cache_destroy(t10_alua_lu_gp_cache);
156 out_free_pr_reg_cache:
157 kmem_cache_destroy(t10_pr_reg_cache);
158 out_free_ua_cache:
159 kmem_cache_destroy(se_ua_cache);
160 out_free_sess_cache:
161 kmem_cache_destroy(se_sess_cache);
162 out:
163 return -ENOMEM;
164 }
165
166 void release_se_kmem_caches(void)
167 {
168 destroy_workqueue(target_completion_wq);
169 kmem_cache_destroy(se_sess_cache);
170 kmem_cache_destroy(se_ua_cache);
171 kmem_cache_destroy(t10_pr_reg_cache);
172 kmem_cache_destroy(t10_alua_lu_gp_cache);
173 kmem_cache_destroy(t10_alua_lu_gp_mem_cache);
174 kmem_cache_destroy(t10_alua_tg_pt_gp_cache);
175 kmem_cache_destroy(t10_alua_tg_pt_gp_mem_cache);
176 }
177
178 /* This code ensures unique mib indexes are handed out. */
179 static DEFINE_SPINLOCK(scsi_mib_index_lock);
180 static u32 scsi_mib_index[SCSI_INDEX_TYPE_MAX];
181
182 /*
183 * Allocate a new row index for the entry type specified
184 */
185 u32 scsi_get_new_index(scsi_index_t type)
186 {
187 u32 new_index;
188
189 BUG_ON((type < 0) || (type >= SCSI_INDEX_TYPE_MAX));
190
191 spin_lock(&scsi_mib_index_lock);
192 new_index = ++scsi_mib_index[type];
193 spin_unlock(&scsi_mib_index_lock);
194
195 return new_index;
196 }
197
198 static void transport_init_queue_obj(struct se_queue_obj *qobj)
199 {
200 atomic_set(&qobj->queue_cnt, 0);
201 INIT_LIST_HEAD(&qobj->qobj_list);
202 init_waitqueue_head(&qobj->thread_wq);
203 spin_lock_init(&qobj->cmd_queue_lock);
204 }
205
206 void transport_subsystem_check_init(void)
207 {
208 int ret;
209
210 if (sub_api_initialized)
211 return;
212
213 ret = request_module("target_core_iblock");
214 if (ret != 0)
215 pr_err("Unable to load target_core_iblock\n");
216
217 ret = request_module("target_core_file");
218 if (ret != 0)
219 pr_err("Unable to load target_core_file\n");
220
221 ret = request_module("target_core_pscsi");
222 if (ret != 0)
223 pr_err("Unable to load target_core_pscsi\n");
224
225 ret = request_module("target_core_stgt");
226 if (ret != 0)
227 pr_err("Unable to load target_core_stgt\n");
228
229 sub_api_initialized = 1;
230 return;
231 }
232
233 struct se_session *transport_init_session(void)
234 {
235 struct se_session *se_sess;
236
237 se_sess = kmem_cache_zalloc(se_sess_cache, GFP_KERNEL);
238 if (!se_sess) {
239 pr_err("Unable to allocate struct se_session from"
240 " se_sess_cache\n");
241 return ERR_PTR(-ENOMEM);
242 }
243 INIT_LIST_HEAD(&se_sess->sess_list);
244 INIT_LIST_HEAD(&se_sess->sess_acl_list);
245 INIT_LIST_HEAD(&se_sess->sess_cmd_list);
246 INIT_LIST_HEAD(&se_sess->sess_wait_list);
247 spin_lock_init(&se_sess->sess_cmd_lock);
248 kref_init(&se_sess->sess_kref);
249
250 return se_sess;
251 }
252 EXPORT_SYMBOL(transport_init_session);
253
254 /*
255 * Called with spin_lock_irqsave(&struct se_portal_group->session_lock called.
256 */
257 void __transport_register_session(
258 struct se_portal_group *se_tpg,
259 struct se_node_acl *se_nacl,
260 struct se_session *se_sess,
261 void *fabric_sess_ptr)
262 {
263 unsigned char buf[PR_REG_ISID_LEN];
264
265 se_sess->se_tpg = se_tpg;
266 se_sess->fabric_sess_ptr = fabric_sess_ptr;
267 /*
268 * Used by struct se_node_acl's under ConfigFS to locate active se_session-t
269 *
270 * Only set for struct se_session's that will actually be moving I/O.
271 * eg: *NOT* discovery sessions.
272 */
273 if (se_nacl) {
274 /*
275 * If the fabric module supports an ISID based TransportID,
276 * save this value in binary from the fabric I_T Nexus now.
277 */
278 if (se_tpg->se_tpg_tfo->sess_get_initiator_sid != NULL) {
279 memset(&buf[0], 0, PR_REG_ISID_LEN);
280 se_tpg->se_tpg_tfo->sess_get_initiator_sid(se_sess,
281 &buf[0], PR_REG_ISID_LEN);
282 se_sess->sess_bin_isid = get_unaligned_be64(&buf[0]);
283 }
284 kref_get(&se_nacl->acl_kref);
285
286 spin_lock_irq(&se_nacl->nacl_sess_lock);
287 /*
288 * The se_nacl->nacl_sess pointer will be set to the
289 * last active I_T Nexus for each struct se_node_acl.
290 */
291 se_nacl->nacl_sess = se_sess;
292
293 list_add_tail(&se_sess->sess_acl_list,
294 &se_nacl->acl_sess_list);
295 spin_unlock_irq(&se_nacl->nacl_sess_lock);
296 }
297 list_add_tail(&se_sess->sess_list, &se_tpg->tpg_sess_list);
298
299 pr_debug("TARGET_CORE[%s]: Registered fabric_sess_ptr: %p\n",
300 se_tpg->se_tpg_tfo->get_fabric_name(), se_sess->fabric_sess_ptr);
301 }
302 EXPORT_SYMBOL(__transport_register_session);
303
304 void transport_register_session(
305 struct se_portal_group *se_tpg,
306 struct se_node_acl *se_nacl,
307 struct se_session *se_sess,
308 void *fabric_sess_ptr)
309 {
310 unsigned long flags;
311
312 spin_lock_irqsave(&se_tpg->session_lock, flags);
313 __transport_register_session(se_tpg, se_nacl, se_sess, fabric_sess_ptr);
314 spin_unlock_irqrestore(&se_tpg->session_lock, flags);
315 }
316 EXPORT_SYMBOL(transport_register_session);
317
318 static void target_release_session(struct kref *kref)
319 {
320 struct se_session *se_sess = container_of(kref,
321 struct se_session, sess_kref);
322 struct se_portal_group *se_tpg = se_sess->se_tpg;
323
324 se_tpg->se_tpg_tfo->close_session(se_sess);
325 }
326
327 void target_get_session(struct se_session *se_sess)
328 {
329 kref_get(&se_sess->sess_kref);
330 }
331 EXPORT_SYMBOL(target_get_session);
332
333 int target_put_session(struct se_session *se_sess)
334 {
335 return kref_put(&se_sess->sess_kref, target_release_session);
336 }
337 EXPORT_SYMBOL(target_put_session);
338
339 static void target_complete_nacl(struct kref *kref)
340 {
341 struct se_node_acl *nacl = container_of(kref,
342 struct se_node_acl, acl_kref);
343
344 complete(&nacl->acl_free_comp);
345 }
346
347 void target_put_nacl(struct se_node_acl *nacl)
348 {
349 kref_put(&nacl->acl_kref, target_complete_nacl);
350 }
351
352 void transport_deregister_session_configfs(struct se_session *se_sess)
353 {
354 struct se_node_acl *se_nacl;
355 unsigned long flags;
356 /*
357 * Used by struct se_node_acl's under ConfigFS to locate active struct se_session
358 */
359 se_nacl = se_sess->se_node_acl;
360 if (se_nacl) {
361 spin_lock_irqsave(&se_nacl->nacl_sess_lock, flags);
362 if (se_nacl->acl_stop == 0)
363 list_del(&se_sess->sess_acl_list);
364 /*
365 * If the session list is empty, then clear the pointer.
366 * Otherwise, set the struct se_session pointer from the tail
367 * element of the per struct se_node_acl active session list.
368 */
369 if (list_empty(&se_nacl->acl_sess_list))
370 se_nacl->nacl_sess = NULL;
371 else {
372 se_nacl->nacl_sess = container_of(
373 se_nacl->acl_sess_list.prev,
374 struct se_session, sess_acl_list);
375 }
376 spin_unlock_irqrestore(&se_nacl->nacl_sess_lock, flags);
377 }
378 }
379 EXPORT_SYMBOL(transport_deregister_session_configfs);
380
381 void transport_free_session(struct se_session *se_sess)
382 {
383 kmem_cache_free(se_sess_cache, se_sess);
384 }
385 EXPORT_SYMBOL(transport_free_session);
386
387 void transport_deregister_session(struct se_session *se_sess)
388 {
389 struct se_portal_group *se_tpg = se_sess->se_tpg;
390 struct target_core_fabric_ops *se_tfo;
391 struct se_node_acl *se_nacl;
392 unsigned long flags;
393 bool comp_nacl = true;
394
395 if (!se_tpg) {
396 transport_free_session(se_sess);
397 return;
398 }
399 se_tfo = se_tpg->se_tpg_tfo;
400
401 spin_lock_irqsave(&se_tpg->session_lock, flags);
402 list_del(&se_sess->sess_list);
403 se_sess->se_tpg = NULL;
404 se_sess->fabric_sess_ptr = NULL;
405 spin_unlock_irqrestore(&se_tpg->session_lock, flags);
406
407 /*
408 * Determine if we need to do extra work for this initiator node's
409 * struct se_node_acl if it had been previously dynamically generated.
410 */
411 se_nacl = se_sess->se_node_acl;
412
413 spin_lock_irqsave(&se_tpg->acl_node_lock, flags);
414 if (se_nacl && se_nacl->dynamic_node_acl) {
415 if (!se_tfo->tpg_check_demo_mode_cache(se_tpg)) {
416 list_del(&se_nacl->acl_list);
417 se_tpg->num_node_acls--;
418 spin_unlock_irqrestore(&se_tpg->acl_node_lock, flags);
419 core_tpg_wait_for_nacl_pr_ref(se_nacl);
420 core_free_device_list_for_node(se_nacl, se_tpg);
421 se_tfo->tpg_release_fabric_acl(se_tpg, se_nacl);
422
423 comp_nacl = false;
424 spin_lock_irqsave(&se_tpg->acl_node_lock, flags);
425 }
426 }
427 spin_unlock_irqrestore(&se_tpg->acl_node_lock, flags);
428
429 pr_debug("TARGET_CORE[%s]: Deregistered fabric_sess\n",
430 se_tpg->se_tpg_tfo->get_fabric_name());
431 /*
432 * If last kref is dropping now for an explict NodeACL, awake sleeping
433 * ->acl_free_comp caller to wakeup configfs se_node_acl->acl_group
434 * removal context.
435 */
436 if (se_nacl && comp_nacl == true)
437 target_put_nacl(se_nacl);
438
439 transport_free_session(se_sess);
440 }
441 EXPORT_SYMBOL(transport_deregister_session);
442
443 /*
444 * Called with cmd->t_state_lock held.
445 */
446 static void target_remove_from_state_list(struct se_cmd *cmd)
447 {
448 struct se_device *dev = cmd->se_dev;
449 unsigned long flags;
450
451 if (!dev)
452 return;
453
454 if (cmd->transport_state & CMD_T_BUSY)
455 return;
456
457 spin_lock_irqsave(&dev->execute_task_lock, flags);
458 if (cmd->state_active) {
459 list_del(&cmd->state_list);
460 atomic_dec(&cmd->t_task_cdbs_ex_left);
461 cmd->state_active = false;
462 }
463 spin_unlock_irqrestore(&dev->execute_task_lock, flags);
464 }
465
466 /* transport_cmd_check_stop():
467 *
468 * 'transport_off = 1' determines if CMD_T_ACTIVE should be cleared.
469 * 'transport_off = 2' determines if task_dev_state should be removed.
470 *
471 * A non-zero u8 t_state sets cmd->t_state.
472 * Returns 1 when command is stopped, else 0.
473 */
474 static int transport_cmd_check_stop(
475 struct se_cmd *cmd,
476 int transport_off,
477 u8 t_state)
478 {
479 unsigned long flags;
480
481 spin_lock_irqsave(&cmd->t_state_lock, flags);
482 /*
483 * Determine if IOCTL context caller in requesting the stopping of this
484 * command for LUN shutdown purposes.
485 */
486 if (cmd->transport_state & CMD_T_LUN_STOP) {
487 pr_debug("%s:%d CMD_T_LUN_STOP for ITT: 0x%08x\n",
488 __func__, __LINE__, cmd->se_tfo->get_task_tag(cmd));
489
490 cmd->transport_state &= ~CMD_T_ACTIVE;
491 if (transport_off == 2)
492 target_remove_from_state_list(cmd);
493 spin_unlock_irqrestore(&cmd->t_state_lock, flags);
494
495 complete(&cmd->transport_lun_stop_comp);
496 return 1;
497 }
498 /*
499 * Determine if frontend context caller is requesting the stopping of
500 * this command for frontend exceptions.
501 */
502 if (cmd->transport_state & CMD_T_STOP) {
503 pr_debug("%s:%d CMD_T_STOP for ITT: 0x%08x\n",
504 __func__, __LINE__,
505 cmd->se_tfo->get_task_tag(cmd));
506
507 if (transport_off == 2)
508 target_remove_from_state_list(cmd);
509
510 /*
511 * Clear struct se_cmd->se_lun before the transport_off == 2 handoff
512 * to FE.
513 */
514 if (transport_off == 2)
515 cmd->se_lun = NULL;
516 spin_unlock_irqrestore(&cmd->t_state_lock, flags);
517
518 complete(&cmd->t_transport_stop_comp);
519 return 1;
520 }
521 if (transport_off) {
522 cmd->transport_state &= ~CMD_T_ACTIVE;
523 if (transport_off == 2) {
524 target_remove_from_state_list(cmd);
525 /*
526 * Clear struct se_cmd->se_lun before the transport_off == 2
527 * handoff to fabric module.
528 */
529 cmd->se_lun = NULL;
530 /*
531 * Some fabric modules like tcm_loop can release
532 * their internally allocated I/O reference now and
533 * struct se_cmd now.
534 *
535 * Fabric modules are expected to return '1' here if the
536 * se_cmd being passed is released at this point,
537 * or zero if not being released.
538 */
539 if (cmd->se_tfo->check_stop_free != NULL) {
540 spin_unlock_irqrestore(
541 &cmd->t_state_lock, flags);
542
543 return cmd->se_tfo->check_stop_free(cmd);
544 }
545 }
546 spin_unlock_irqrestore(&cmd->t_state_lock, flags);
547
548 return 0;
549 } else if (t_state)
550 cmd->t_state = t_state;
551 spin_unlock_irqrestore(&cmd->t_state_lock, flags);
552
553 return 0;
554 }
555
556 static int transport_cmd_check_stop_to_fabric(struct se_cmd *cmd)
557 {
558 return transport_cmd_check_stop(cmd, 2, 0);
559 }
560
561 static void transport_lun_remove_cmd(struct se_cmd *cmd)
562 {
563 struct se_lun *lun = cmd->se_lun;
564 unsigned long flags;
565
566 if (!lun)
567 return;
568
569 spin_lock_irqsave(&cmd->t_state_lock, flags);
570 if (cmd->transport_state & CMD_T_DEV_ACTIVE) {
571 cmd->transport_state &= ~CMD_T_DEV_ACTIVE;
572 target_remove_from_state_list(cmd);
573 }
574 spin_unlock_irqrestore(&cmd->t_state_lock, flags);
575
576 spin_lock_irqsave(&lun->lun_cmd_lock, flags);
577 if (!list_empty(&cmd->se_lun_node))
578 list_del_init(&cmd->se_lun_node);
579 spin_unlock_irqrestore(&lun->lun_cmd_lock, flags);
580 }
581
582 void transport_cmd_finish_abort(struct se_cmd *cmd, int remove)
583 {
584 if (!(cmd->se_cmd_flags & SCF_SCSI_TMR_CDB))
585 transport_lun_remove_cmd(cmd);
586
587 if (transport_cmd_check_stop_to_fabric(cmd))
588 return;
589 if (remove) {
590 transport_remove_cmd_from_queue(cmd);
591 transport_put_cmd(cmd);
592 }
593 }
594
595 static void transport_add_cmd_to_queue(struct se_cmd *cmd, int t_state,
596 bool at_head)
597 {
598 struct se_device *dev = cmd->se_dev;
599 struct se_queue_obj *qobj = &dev->dev_queue_obj;
600 unsigned long flags;
601
602 if (t_state) {
603 spin_lock_irqsave(&cmd->t_state_lock, flags);
604 cmd->t_state = t_state;
605 cmd->transport_state |= CMD_T_ACTIVE;
606 spin_unlock_irqrestore(&cmd->t_state_lock, flags);
607 }
608
609 spin_lock_irqsave(&qobj->cmd_queue_lock, flags);
610
611 /* If the cmd is already on the list, remove it before we add it */
612 if (!list_empty(&cmd->se_queue_node))
613 list_del(&cmd->se_queue_node);
614 else
615 atomic_inc(&qobj->queue_cnt);
616
617 if (at_head)
618 list_add(&cmd->se_queue_node, &qobj->qobj_list);
619 else
620 list_add_tail(&cmd->se_queue_node, &qobj->qobj_list);
621 cmd->transport_state |= CMD_T_QUEUED;
622 spin_unlock_irqrestore(&qobj->cmd_queue_lock, flags);
623
624 wake_up_interruptible(&qobj->thread_wq);
625 }
626
627 static struct se_cmd *
628 transport_get_cmd_from_queue(struct se_queue_obj *qobj)
629 {
630 struct se_cmd *cmd;
631 unsigned long flags;
632
633 spin_lock_irqsave(&qobj->cmd_queue_lock, flags);
634 if (list_empty(&qobj->qobj_list)) {
635 spin_unlock_irqrestore(&qobj->cmd_queue_lock, flags);
636 return NULL;
637 }
638 cmd = list_first_entry(&qobj->qobj_list, struct se_cmd, se_queue_node);
639
640 cmd->transport_state &= ~CMD_T_QUEUED;
641 list_del_init(&cmd->se_queue_node);
642 atomic_dec(&qobj->queue_cnt);
643 spin_unlock_irqrestore(&qobj->cmd_queue_lock, flags);
644
645 return cmd;
646 }
647
648 static void transport_remove_cmd_from_queue(struct se_cmd *cmd)
649 {
650 struct se_queue_obj *qobj = &cmd->se_dev->dev_queue_obj;
651 unsigned long flags;
652
653 spin_lock_irqsave(&qobj->cmd_queue_lock, flags);
654 if (!(cmd->transport_state & CMD_T_QUEUED)) {
655 spin_unlock_irqrestore(&qobj->cmd_queue_lock, flags);
656 return;
657 }
658 cmd->transport_state &= ~CMD_T_QUEUED;
659 atomic_dec(&qobj->queue_cnt);
660 list_del_init(&cmd->se_queue_node);
661 spin_unlock_irqrestore(&qobj->cmd_queue_lock, flags);
662 }
663
664 static void target_complete_failure_work(struct work_struct *work)
665 {
666 struct se_cmd *cmd = container_of(work, struct se_cmd, work);
667
668 transport_generic_request_failure(cmd);
669 }
670
671 void target_complete_cmd(struct se_cmd *cmd, u8 scsi_status)
672 {
673 struct se_device *dev = cmd->se_dev;
674 int success = scsi_status == GOOD;
675 unsigned long flags;
676
677 cmd->scsi_status = scsi_status;
678
679
680 spin_lock_irqsave(&cmd->t_state_lock, flags);
681 cmd->transport_state &= ~CMD_T_BUSY;
682
683 if (dev && dev->transport->transport_complete) {
684 if (dev->transport->transport_complete(cmd,
685 cmd->t_data_sg) != 0) {
686 cmd->se_cmd_flags |= SCF_TRANSPORT_TASK_SENSE;
687 success = 1;
688 }
689 }
690
691 /*
692 * See if we are waiting to complete for an exception condition.
693 */
694 if (cmd->transport_state & CMD_T_REQUEST_STOP) {
695 spin_unlock_irqrestore(&cmd->t_state_lock, flags);
696 complete(&cmd->task_stop_comp);
697 return;
698 }
699
700 if (!success)
701 cmd->transport_state |= CMD_T_FAILED;
702
703 if (!atomic_dec_and_test(&cmd->t_task_cdbs_left)) {
704 spin_unlock_irqrestore(&cmd->t_state_lock, flags);
705 return;
706 }
707
708 /*
709 * Check for case where an explict ABORT_TASK has been received
710 * and transport_wait_for_tasks() will be waiting for completion..
711 */
712 if (cmd->transport_state & CMD_T_ABORTED &&
713 cmd->transport_state & CMD_T_STOP) {
714 spin_unlock_irqrestore(&cmd->t_state_lock, flags);
715 complete(&cmd->t_transport_stop_comp);
716 return;
717 } else if (cmd->transport_state & CMD_T_FAILED) {
718 cmd->scsi_sense_reason = TCM_LOGICAL_UNIT_COMMUNICATION_FAILURE;
719 INIT_WORK(&cmd->work, target_complete_failure_work);
720 } else {
721 INIT_WORK(&cmd->work, target_complete_ok_work);
722 }
723
724 cmd->t_state = TRANSPORT_COMPLETE;
725 cmd->transport_state |= (CMD_T_COMPLETE | CMD_T_ACTIVE);
726 spin_unlock_irqrestore(&cmd->t_state_lock, flags);
727
728 queue_work(target_completion_wq, &cmd->work);
729 }
730 EXPORT_SYMBOL(target_complete_cmd);
731
732 static void target_add_to_state_list(struct se_cmd *cmd)
733 {
734 struct se_device *dev = cmd->se_dev;
735 unsigned long flags;
736
737 spin_lock_irqsave(&dev->execute_task_lock, flags);
738 if (!cmd->state_active) {
739 list_add_tail(&cmd->state_list, &dev->state_list);
740 cmd->state_active = true;
741 }
742 spin_unlock_irqrestore(&dev->execute_task_lock, flags);
743 }
744
745 static void __target_add_to_execute_list(struct se_cmd *cmd)
746 {
747 struct se_device *dev = cmd->se_dev;
748 bool head_of_queue = false;
749
750 if (!list_empty(&cmd->execute_list))
751 return;
752
753 if (dev->dev_task_attr_type == SAM_TASK_ATTR_EMULATED &&
754 cmd->sam_task_attr == MSG_HEAD_TAG)
755 head_of_queue = true;
756
757 if (head_of_queue)
758 list_add(&cmd->execute_list, &dev->execute_list);
759 else
760 list_add_tail(&cmd->execute_list, &dev->execute_list);
761
762 atomic_inc(&dev->execute_tasks);
763
764 if (cmd->state_active)
765 return;
766
767 if (head_of_queue)
768 list_add(&cmd->state_list, &dev->state_list);
769 else
770 list_add_tail(&cmd->state_list, &dev->state_list);
771
772 cmd->state_active = true;
773 }
774
775 static void target_add_to_execute_list(struct se_cmd *cmd)
776 {
777 unsigned long flags;
778 struct se_device *dev = cmd->se_dev;
779
780 spin_lock_irqsave(&dev->execute_task_lock, flags);
781 __target_add_to_execute_list(cmd);
782 spin_unlock_irqrestore(&dev->execute_task_lock, flags);
783 }
784
785 void __target_remove_from_execute_list(struct se_cmd *cmd)
786 {
787 list_del_init(&cmd->execute_list);
788 atomic_dec(&cmd->se_dev->execute_tasks);
789 }
790
791 static void target_remove_from_execute_list(struct se_cmd *cmd)
792 {
793 struct se_device *dev = cmd->se_dev;
794 unsigned long flags;
795
796 if (WARN_ON(list_empty(&cmd->execute_list)))
797 return;
798
799 spin_lock_irqsave(&dev->execute_task_lock, flags);
800 __target_remove_from_execute_list(cmd);
801 spin_unlock_irqrestore(&dev->execute_task_lock, flags);
802 }
803
804 /*
805 * Handle QUEUE_FULL / -EAGAIN and -ENOMEM status
806 */
807
808 static void target_qf_do_work(struct work_struct *work)
809 {
810 struct se_device *dev = container_of(work, struct se_device,
811 qf_work_queue);
812 LIST_HEAD(qf_cmd_list);
813 struct se_cmd *cmd, *cmd_tmp;
814
815 spin_lock_irq(&dev->qf_cmd_lock);
816 list_splice_init(&dev->qf_cmd_list, &qf_cmd_list);
817 spin_unlock_irq(&dev->qf_cmd_lock);
818
819 list_for_each_entry_safe(cmd, cmd_tmp, &qf_cmd_list, se_qf_node) {
820 list_del(&cmd->se_qf_node);
821 atomic_dec(&dev->dev_qf_count);
822 smp_mb__after_atomic_dec();
823
824 pr_debug("Processing %s cmd: %p QUEUE_FULL in work queue"
825 " context: %s\n", cmd->se_tfo->get_fabric_name(), cmd,
826 (cmd->t_state == TRANSPORT_COMPLETE_QF_OK) ? "COMPLETE_OK" :
827 (cmd->t_state == TRANSPORT_COMPLETE_QF_WP) ? "WRITE_PENDING"
828 : "UNKNOWN");
829
830 transport_add_cmd_to_queue(cmd, cmd->t_state, true);
831 }
832 }
833
834 unsigned char *transport_dump_cmd_direction(struct se_cmd *cmd)
835 {
836 switch (cmd->data_direction) {
837 case DMA_NONE:
838 return "NONE";
839 case DMA_FROM_DEVICE:
840 return "READ";
841 case DMA_TO_DEVICE:
842 return "WRITE";
843 case DMA_BIDIRECTIONAL:
844 return "BIDI";
845 default:
846 break;
847 }
848
849 return "UNKNOWN";
850 }
851
852 void transport_dump_dev_state(
853 struct se_device *dev,
854 char *b,
855 int *bl)
856 {
857 *bl += sprintf(b + *bl, "Status: ");
858 switch (dev->dev_status) {
859 case TRANSPORT_DEVICE_ACTIVATED:
860 *bl += sprintf(b + *bl, "ACTIVATED");
861 break;
862 case TRANSPORT_DEVICE_DEACTIVATED:
863 *bl += sprintf(b + *bl, "DEACTIVATED");
864 break;
865 case TRANSPORT_DEVICE_SHUTDOWN:
866 *bl += sprintf(b + *bl, "SHUTDOWN");
867 break;
868 case TRANSPORT_DEVICE_OFFLINE_ACTIVATED:
869 case TRANSPORT_DEVICE_OFFLINE_DEACTIVATED:
870 *bl += sprintf(b + *bl, "OFFLINE");
871 break;
872 default:
873 *bl += sprintf(b + *bl, "UNKNOWN=%d", dev->dev_status);
874 break;
875 }
876
877 *bl += sprintf(b + *bl, " Execute/Max Queue Depth: %d/%d",
878 atomic_read(&dev->execute_tasks), dev->queue_depth);
879 *bl += sprintf(b + *bl, " SectorSize: %u MaxSectors: %u\n",
880 dev->se_sub_dev->se_dev_attrib.block_size, dev->se_sub_dev->se_dev_attrib.max_sectors);
881 *bl += sprintf(b + *bl, " ");
882 }
883
884 void transport_dump_vpd_proto_id(
885 struct t10_vpd *vpd,
886 unsigned char *p_buf,
887 int p_buf_len)
888 {
889 unsigned char buf[VPD_TMP_BUF_SIZE];
890 int len;
891
892 memset(buf, 0, VPD_TMP_BUF_SIZE);
893 len = sprintf(buf, "T10 VPD Protocol Identifier: ");
894
895 switch (vpd->protocol_identifier) {
896 case 0x00:
897 sprintf(buf+len, "Fibre Channel\n");
898 break;
899 case 0x10:
900 sprintf(buf+len, "Parallel SCSI\n");
901 break;
902 case 0x20:
903 sprintf(buf+len, "SSA\n");
904 break;
905 case 0x30:
906 sprintf(buf+len, "IEEE 1394\n");
907 break;
908 case 0x40:
909 sprintf(buf+len, "SCSI Remote Direct Memory Access"
910 " Protocol\n");
911 break;
912 case 0x50:
913 sprintf(buf+len, "Internet SCSI (iSCSI)\n");
914 break;
915 case 0x60:
916 sprintf(buf+len, "SAS Serial SCSI Protocol\n");
917 break;
918 case 0x70:
919 sprintf(buf+len, "Automation/Drive Interface Transport"
920 " Protocol\n");
921 break;
922 case 0x80:
923 sprintf(buf+len, "AT Attachment Interface ATA/ATAPI\n");
924 break;
925 default:
926 sprintf(buf+len, "Unknown 0x%02x\n",
927 vpd->protocol_identifier);
928 break;
929 }
930
931 if (p_buf)
932 strncpy(p_buf, buf, p_buf_len);
933 else
934 pr_debug("%s", buf);
935 }
936
937 void
938 transport_set_vpd_proto_id(struct t10_vpd *vpd, unsigned char *page_83)
939 {
940 /*
941 * Check if the Protocol Identifier Valid (PIV) bit is set..
942 *
943 * from spc3r23.pdf section 7.5.1
944 */
945 if (page_83[1] & 0x80) {
946 vpd->protocol_identifier = (page_83[0] & 0xf0);
947 vpd->protocol_identifier_set = 1;
948 transport_dump_vpd_proto_id(vpd, NULL, 0);
949 }
950 }
951 EXPORT_SYMBOL(transport_set_vpd_proto_id);
952
953 int transport_dump_vpd_assoc(
954 struct t10_vpd *vpd,
955 unsigned char *p_buf,
956 int p_buf_len)
957 {
958 unsigned char buf[VPD_TMP_BUF_SIZE];
959 int ret = 0;
960 int len;
961
962 memset(buf, 0, VPD_TMP_BUF_SIZE);
963 len = sprintf(buf, "T10 VPD Identifier Association: ");
964
965 switch (vpd->association) {
966 case 0x00:
967 sprintf(buf+len, "addressed logical unit\n");
968 break;
969 case 0x10:
970 sprintf(buf+len, "target port\n");
971 break;
972 case 0x20:
973 sprintf(buf+len, "SCSI target device\n");
974 break;
975 default:
976 sprintf(buf+len, "Unknown 0x%02x\n", vpd->association);
977 ret = -EINVAL;
978 break;
979 }
980
981 if (p_buf)
982 strncpy(p_buf, buf, p_buf_len);
983 else
984 pr_debug("%s", buf);
985
986 return ret;
987 }
988
989 int transport_set_vpd_assoc(struct t10_vpd *vpd, unsigned char *page_83)
990 {
991 /*
992 * The VPD identification association..
993 *
994 * from spc3r23.pdf Section 7.6.3.1 Table 297
995 */
996 vpd->association = (page_83[1] & 0x30);
997 return transport_dump_vpd_assoc(vpd, NULL, 0);
998 }
999 EXPORT_SYMBOL(transport_set_vpd_assoc);
1000
1001 int transport_dump_vpd_ident_type(
1002 struct t10_vpd *vpd,
1003 unsigned char *p_buf,
1004 int p_buf_len)
1005 {
1006 unsigned char buf[VPD_TMP_BUF_SIZE];
1007 int ret = 0;
1008 int len;
1009
1010 memset(buf, 0, VPD_TMP_BUF_SIZE);
1011 len = sprintf(buf, "T10 VPD Identifier Type: ");
1012
1013 switch (vpd->device_identifier_type) {
1014 case 0x00:
1015 sprintf(buf+len, "Vendor specific\n");
1016 break;
1017 case 0x01:
1018 sprintf(buf+len, "T10 Vendor ID based\n");
1019 break;
1020 case 0x02:
1021 sprintf(buf+len, "EUI-64 based\n");
1022 break;
1023 case 0x03:
1024 sprintf(buf+len, "NAA\n");
1025 break;
1026 case 0x04:
1027 sprintf(buf+len, "Relative target port identifier\n");
1028 break;
1029 case 0x08:
1030 sprintf(buf+len, "SCSI name string\n");
1031 break;
1032 default:
1033 sprintf(buf+len, "Unsupported: 0x%02x\n",
1034 vpd->device_identifier_type);
1035 ret = -EINVAL;
1036 break;
1037 }
1038
1039 if (p_buf) {
1040 if (p_buf_len < strlen(buf)+1)
1041 return -EINVAL;
1042 strncpy(p_buf, buf, p_buf_len);
1043 } else {
1044 pr_debug("%s", buf);
1045 }
1046
1047 return ret;
1048 }
1049
1050 int transport_set_vpd_ident_type(struct t10_vpd *vpd, unsigned char *page_83)
1051 {
1052 /*
1053 * The VPD identifier type..
1054 *
1055 * from spc3r23.pdf Section 7.6.3.1 Table 298
1056 */
1057 vpd->device_identifier_type = (page_83[1] & 0x0f);
1058 return transport_dump_vpd_ident_type(vpd, NULL, 0);
1059 }
1060 EXPORT_SYMBOL(transport_set_vpd_ident_type);
1061
1062 int transport_dump_vpd_ident(
1063 struct t10_vpd *vpd,
1064 unsigned char *p_buf,
1065 int p_buf_len)
1066 {
1067 unsigned char buf[VPD_TMP_BUF_SIZE];
1068 int ret = 0;
1069
1070 memset(buf, 0, VPD_TMP_BUF_SIZE);
1071
1072 switch (vpd->device_identifier_code_set) {
1073 case 0x01: /* Binary */
1074 sprintf(buf, "T10 VPD Binary Device Identifier: %s\n",
1075 &vpd->device_identifier[0]);
1076 break;
1077 case 0x02: /* ASCII */
1078 sprintf(buf, "T10 VPD ASCII Device Identifier: %s\n",
1079 &vpd->device_identifier[0]);
1080 break;
1081 case 0x03: /* UTF-8 */
1082 sprintf(buf, "T10 VPD UTF-8 Device Identifier: %s\n",
1083 &vpd->device_identifier[0]);
1084 break;
1085 default:
1086 sprintf(buf, "T10 VPD Device Identifier encoding unsupported:"
1087 " 0x%02x", vpd->device_identifier_code_set);
1088 ret = -EINVAL;
1089 break;
1090 }
1091
1092 if (p_buf)
1093 strncpy(p_buf, buf, p_buf_len);
1094 else
1095 pr_debug("%s", buf);
1096
1097 return ret;
1098 }
1099
1100 int
1101 transport_set_vpd_ident(struct t10_vpd *vpd, unsigned char *page_83)
1102 {
1103 static const char hex_str[] = "0123456789abcdef";
1104 int j = 0, i = 4; /* offset to start of the identifer */
1105
1106 /*
1107 * The VPD Code Set (encoding)
1108 *
1109 * from spc3r23.pdf Section 7.6.3.1 Table 296
1110 */
1111 vpd->device_identifier_code_set = (page_83[0] & 0x0f);
1112 switch (vpd->device_identifier_code_set) {
1113 case 0x01: /* Binary */
1114 vpd->device_identifier[j++] =
1115 hex_str[vpd->device_identifier_type];
1116 while (i < (4 + page_83[3])) {
1117 vpd->device_identifier[j++] =
1118 hex_str[(page_83[i] & 0xf0) >> 4];
1119 vpd->device_identifier[j++] =
1120 hex_str[page_83[i] & 0x0f];
1121 i++;
1122 }
1123 break;
1124 case 0x02: /* ASCII */
1125 case 0x03: /* UTF-8 */
1126 while (i < (4 + page_83[3]))
1127 vpd->device_identifier[j++] = page_83[i++];
1128 break;
1129 default:
1130 break;
1131 }
1132
1133 return transport_dump_vpd_ident(vpd, NULL, 0);
1134 }
1135 EXPORT_SYMBOL(transport_set_vpd_ident);
1136
1137 static void core_setup_task_attr_emulation(struct se_device *dev)
1138 {
1139 /*
1140 * If this device is from Target_Core_Mod/pSCSI, disable the
1141 * SAM Task Attribute emulation.
1142 *
1143 * This is currently not available in upsream Linux/SCSI Target
1144 * mode code, and is assumed to be disabled while using TCM/pSCSI.
1145 */
1146 if (dev->transport->transport_type == TRANSPORT_PLUGIN_PHBA_PDEV) {
1147 dev->dev_task_attr_type = SAM_TASK_ATTR_PASSTHROUGH;
1148 return;
1149 }
1150
1151 dev->dev_task_attr_type = SAM_TASK_ATTR_EMULATED;
1152 pr_debug("%s: Using SAM_TASK_ATTR_EMULATED for SPC: 0x%02x"
1153 " device\n", dev->transport->name,
1154 dev->transport->get_device_rev(dev));
1155 }
1156
1157 static void scsi_dump_inquiry(struct se_device *dev)
1158 {
1159 struct t10_wwn *wwn = &dev->se_sub_dev->t10_wwn;
1160 char buf[17];
1161 int i, device_type;
1162 /*
1163 * Print Linux/SCSI style INQUIRY formatting to the kernel ring buffer
1164 */
1165 for (i = 0; i < 8; i++)
1166 if (wwn->vendor[i] >= 0x20)
1167 buf[i] = wwn->vendor[i];
1168 else
1169 buf[i] = ' ';
1170 buf[i] = '\0';
1171 pr_debug(" Vendor: %s\n", buf);
1172
1173 for (i = 0; i < 16; i++)
1174 if (wwn->model[i] >= 0x20)
1175 buf[i] = wwn->model[i];
1176 else
1177 buf[i] = ' ';
1178 buf[i] = '\0';
1179 pr_debug(" Model: %s\n", buf);
1180
1181 for (i = 0; i < 4; i++)
1182 if (wwn->revision[i] >= 0x20)
1183 buf[i] = wwn->revision[i];
1184 else
1185 buf[i] = ' ';
1186 buf[i] = '\0';
1187 pr_debug(" Revision: %s\n", buf);
1188
1189 device_type = dev->transport->get_device_type(dev);
1190 pr_debug(" Type: %s ", scsi_device_type(device_type));
1191 pr_debug(" ANSI SCSI revision: %02x\n",
1192 dev->transport->get_device_rev(dev));
1193 }
1194
1195 struct se_device *transport_add_device_to_core_hba(
1196 struct se_hba *hba,
1197 struct se_subsystem_api *transport,
1198 struct se_subsystem_dev *se_dev,
1199 u32 device_flags,
1200 void *transport_dev,
1201 struct se_dev_limits *dev_limits,
1202 const char *inquiry_prod,
1203 const char *inquiry_rev)
1204 {
1205 int force_pt;
1206 struct se_device *dev;
1207
1208 dev = kzalloc(sizeof(struct se_device), GFP_KERNEL);
1209 if (!dev) {
1210 pr_err("Unable to allocate memory for se_dev_t\n");
1211 return NULL;
1212 }
1213
1214 transport_init_queue_obj(&dev->dev_queue_obj);
1215 dev->dev_flags = device_flags;
1216 dev->dev_status |= TRANSPORT_DEVICE_DEACTIVATED;
1217 dev->dev_ptr = transport_dev;
1218 dev->se_hba = hba;
1219 dev->se_sub_dev = se_dev;
1220 dev->transport = transport;
1221 INIT_LIST_HEAD(&dev->dev_list);
1222 INIT_LIST_HEAD(&dev->dev_sep_list);
1223 INIT_LIST_HEAD(&dev->dev_tmr_list);
1224 INIT_LIST_HEAD(&dev->execute_list);
1225 INIT_LIST_HEAD(&dev->delayed_cmd_list);
1226 INIT_LIST_HEAD(&dev->state_list);
1227 INIT_LIST_HEAD(&dev->qf_cmd_list);
1228 spin_lock_init(&dev->execute_task_lock);
1229 spin_lock_init(&dev->delayed_cmd_lock);
1230 spin_lock_init(&dev->dev_reservation_lock);
1231 spin_lock_init(&dev->dev_status_lock);
1232 spin_lock_init(&dev->se_port_lock);
1233 spin_lock_init(&dev->se_tmr_lock);
1234 spin_lock_init(&dev->qf_cmd_lock);
1235 atomic_set(&dev->dev_ordered_id, 0);
1236
1237 se_dev_set_default_attribs(dev, dev_limits);
1238
1239 dev->dev_index = scsi_get_new_index(SCSI_DEVICE_INDEX);
1240 dev->creation_time = get_jiffies_64();
1241 spin_lock_init(&dev->stats_lock);
1242
1243 spin_lock(&hba->device_lock);
1244 list_add_tail(&dev->dev_list, &hba->hba_dev_list);
1245 hba->dev_count++;
1246 spin_unlock(&hba->device_lock);
1247 /*
1248 * Setup the SAM Task Attribute emulation for struct se_device
1249 */
1250 core_setup_task_attr_emulation(dev);
1251 /*
1252 * Force PR and ALUA passthrough emulation with internal object use.
1253 */
1254 force_pt = (hba->hba_flags & HBA_FLAGS_INTERNAL_USE);
1255 /*
1256 * Setup the Reservations infrastructure for struct se_device
1257 */
1258 core_setup_reservations(dev, force_pt);
1259 /*
1260 * Setup the Asymmetric Logical Unit Assignment for struct se_device
1261 */
1262 if (core_setup_alua(dev, force_pt) < 0)
1263 goto out;
1264
1265 /*
1266 * Startup the struct se_device processing thread
1267 */
1268 dev->process_thread = kthread_run(transport_processing_thread, dev,
1269 "LIO_%s", dev->transport->name);
1270 if (IS_ERR(dev->process_thread)) {
1271 pr_err("Unable to create kthread: LIO_%s\n",
1272 dev->transport->name);
1273 goto out;
1274 }
1275 /*
1276 * Setup work_queue for QUEUE_FULL
1277 */
1278 INIT_WORK(&dev->qf_work_queue, target_qf_do_work);
1279 /*
1280 * Preload the initial INQUIRY const values if we are doing
1281 * anything virtual (IBLOCK, FILEIO, RAMDISK), but not for TCM/pSCSI
1282 * passthrough because this is being provided by the backend LLD.
1283 * This is required so that transport_get_inquiry() copies these
1284 * originals once back into DEV_T10_WWN(dev) for the virtual device
1285 * setup.
1286 */
1287 if (dev->transport->transport_type != TRANSPORT_PLUGIN_PHBA_PDEV) {
1288 if (!inquiry_prod || !inquiry_rev) {
1289 pr_err("All non TCM/pSCSI plugins require"
1290 " INQUIRY consts\n");
1291 goto out;
1292 }
1293
1294 strncpy(&dev->se_sub_dev->t10_wwn.vendor[0], "LIO-ORG", 8);
1295 strncpy(&dev->se_sub_dev->t10_wwn.model[0], inquiry_prod, 16);
1296 strncpy(&dev->se_sub_dev->t10_wwn.revision[0], inquiry_rev, 4);
1297 }
1298 scsi_dump_inquiry(dev);
1299
1300 return dev;
1301 out:
1302 kthread_stop(dev->process_thread);
1303
1304 spin_lock(&hba->device_lock);
1305 list_del(&dev->dev_list);
1306 hba->dev_count--;
1307 spin_unlock(&hba->device_lock);
1308
1309 se_release_vpd_for_dev(dev);
1310
1311 kfree(dev);
1312
1313 return NULL;
1314 }
1315 EXPORT_SYMBOL(transport_add_device_to_core_hba);
1316
1317 /* transport_generic_prepare_cdb():
1318 *
1319 * Since the Initiator sees iSCSI devices as LUNs, the SCSI CDB will
1320 * contain the iSCSI LUN in bits 7-5 of byte 1 as per SAM-2.
1321 * The point of this is since we are mapping iSCSI LUNs to
1322 * SCSI Target IDs having a non-zero LUN in the CDB will throw the
1323 * devices and HBAs for a loop.
1324 */
1325 static inline void transport_generic_prepare_cdb(
1326 unsigned char *cdb)
1327 {
1328 switch (cdb[0]) {
1329 case READ_10: /* SBC - RDProtect */
1330 case READ_12: /* SBC - RDProtect */
1331 case READ_16: /* SBC - RDProtect */
1332 case SEND_DIAGNOSTIC: /* SPC - SELF-TEST Code */
1333 case VERIFY: /* SBC - VRProtect */
1334 case VERIFY_16: /* SBC - VRProtect */
1335 case WRITE_VERIFY: /* SBC - VRProtect */
1336 case WRITE_VERIFY_12: /* SBC - VRProtect */
1337 break;
1338 default:
1339 cdb[1] &= 0x1f; /* clear logical unit number */
1340 break;
1341 }
1342 }
1343
1344 static int transport_generic_cmd_sequencer(struct se_cmd *, unsigned char *);
1345
1346 /*
1347 * Used by fabric modules containing a local struct se_cmd within their
1348 * fabric dependent per I/O descriptor.
1349 */
1350 void transport_init_se_cmd(
1351 struct se_cmd *cmd,
1352 struct target_core_fabric_ops *tfo,
1353 struct se_session *se_sess,
1354 u32 data_length,
1355 int data_direction,
1356 int task_attr,
1357 unsigned char *sense_buffer)
1358 {
1359 INIT_LIST_HEAD(&cmd->se_lun_node);
1360 INIT_LIST_HEAD(&cmd->se_delayed_node);
1361 INIT_LIST_HEAD(&cmd->se_qf_node);
1362 INIT_LIST_HEAD(&cmd->se_queue_node);
1363 INIT_LIST_HEAD(&cmd->se_cmd_list);
1364 INIT_LIST_HEAD(&cmd->execute_list);
1365 INIT_LIST_HEAD(&cmd->state_list);
1366 init_completion(&cmd->transport_lun_fe_stop_comp);
1367 init_completion(&cmd->transport_lun_stop_comp);
1368 init_completion(&cmd->t_transport_stop_comp);
1369 init_completion(&cmd->cmd_wait_comp);
1370 init_completion(&cmd->task_stop_comp);
1371 spin_lock_init(&cmd->t_state_lock);
1372 cmd->transport_state = CMD_T_DEV_ACTIVE;
1373
1374 cmd->se_tfo = tfo;
1375 cmd->se_sess = se_sess;
1376 cmd->data_length = data_length;
1377 cmd->data_direction = data_direction;
1378 cmd->sam_task_attr = task_attr;
1379 cmd->sense_buffer = sense_buffer;
1380
1381 cmd->state_active = false;
1382 }
1383 EXPORT_SYMBOL(transport_init_se_cmd);
1384
1385 static int transport_check_alloc_task_attr(struct se_cmd *cmd)
1386 {
1387 /*
1388 * Check if SAM Task Attribute emulation is enabled for this
1389 * struct se_device storage object
1390 */
1391 if (cmd->se_dev->dev_task_attr_type != SAM_TASK_ATTR_EMULATED)
1392 return 0;
1393
1394 if (cmd->sam_task_attr == MSG_ACA_TAG) {
1395 pr_debug("SAM Task Attribute ACA"
1396 " emulation is not supported\n");
1397 return -EINVAL;
1398 }
1399 /*
1400 * Used to determine when ORDERED commands should go from
1401 * Dormant to Active status.
1402 */
1403 cmd->se_ordered_id = atomic_inc_return(&cmd->se_dev->dev_ordered_id);
1404 smp_mb__after_atomic_inc();
1405 pr_debug("Allocated se_ordered_id: %u for Task Attr: 0x%02x on %s\n",
1406 cmd->se_ordered_id, cmd->sam_task_attr,
1407 cmd->se_dev->transport->name);
1408 return 0;
1409 }
1410
1411 /* target_setup_cmd_from_cdb():
1412 *
1413 * Called from fabric RX Thread.
1414 */
1415 int target_setup_cmd_from_cdb(
1416 struct se_cmd *cmd,
1417 unsigned char *cdb)
1418 {
1419 int ret;
1420
1421 transport_generic_prepare_cdb(cdb);
1422 /*
1423 * Ensure that the received CDB is less than the max (252 + 8) bytes
1424 * for VARIABLE_LENGTH_CMD
1425 */
1426 if (scsi_command_size(cdb) > SCSI_MAX_VARLEN_CDB_SIZE) {
1427 pr_err("Received SCSI CDB with command_size: %d that"
1428 " exceeds SCSI_MAX_VARLEN_CDB_SIZE: %d\n",
1429 scsi_command_size(cdb), SCSI_MAX_VARLEN_CDB_SIZE);
1430 cmd->se_cmd_flags |= SCF_SCSI_CDB_EXCEPTION;
1431 cmd->scsi_sense_reason = TCM_INVALID_CDB_FIELD;
1432 return -EINVAL;
1433 }
1434 /*
1435 * If the received CDB is larger than TCM_MAX_COMMAND_SIZE,
1436 * allocate the additional extended CDB buffer now.. Otherwise
1437 * setup the pointer from __t_task_cdb to t_task_cdb.
1438 */
1439 if (scsi_command_size(cdb) > sizeof(cmd->__t_task_cdb)) {
1440 cmd->t_task_cdb = kzalloc(scsi_command_size(cdb),
1441 GFP_KERNEL);
1442 if (!cmd->t_task_cdb) {
1443 pr_err("Unable to allocate cmd->t_task_cdb"
1444 " %u > sizeof(cmd->__t_task_cdb): %lu ops\n",
1445 scsi_command_size(cdb),
1446 (unsigned long)sizeof(cmd->__t_task_cdb));
1447 cmd->se_cmd_flags |= SCF_SCSI_CDB_EXCEPTION;
1448 cmd->scsi_sense_reason =
1449 TCM_LOGICAL_UNIT_COMMUNICATION_FAILURE;
1450 return -ENOMEM;
1451 }
1452 } else
1453 cmd->t_task_cdb = &cmd->__t_task_cdb[0];
1454 /*
1455 * Copy the original CDB into cmd->
1456 */
1457 memcpy(cmd->t_task_cdb, cdb, scsi_command_size(cdb));
1458 /*
1459 * Setup the received CDB based on SCSI defined opcodes and
1460 * perform unit attention, persistent reservations and ALUA
1461 * checks for virtual device backends. The cmd->t_task_cdb
1462 * pointer is expected to be setup before we reach this point.
1463 */
1464 ret = transport_generic_cmd_sequencer(cmd, cdb);
1465 if (ret < 0)
1466 return ret;
1467 /*
1468 * Check for SAM Task Attribute Emulation
1469 */
1470 if (transport_check_alloc_task_attr(cmd) < 0) {
1471 cmd->se_cmd_flags |= SCF_SCSI_CDB_EXCEPTION;
1472 cmd->scsi_sense_reason = TCM_INVALID_CDB_FIELD;
1473 return -EINVAL;
1474 }
1475 spin_lock(&cmd->se_lun->lun_sep_lock);
1476 if (cmd->se_lun->lun_sep)
1477 cmd->se_lun->lun_sep->sep_stats.cmd_pdus++;
1478 spin_unlock(&cmd->se_lun->lun_sep_lock);
1479 return 0;
1480 }
1481 EXPORT_SYMBOL(target_setup_cmd_from_cdb);
1482
1483 /*
1484 * Used by fabric module frontends to queue tasks directly.
1485 * Many only be used from process context only
1486 */
1487 int transport_handle_cdb_direct(
1488 struct se_cmd *cmd)
1489 {
1490 int ret;
1491
1492 if (!cmd->se_lun) {
1493 dump_stack();
1494 pr_err("cmd->se_lun is NULL\n");
1495 return -EINVAL;
1496 }
1497 if (in_interrupt()) {
1498 dump_stack();
1499 pr_err("transport_generic_handle_cdb cannot be called"
1500 " from interrupt context\n");
1501 return -EINVAL;
1502 }
1503 /*
1504 * Set TRANSPORT_NEW_CMD state and CMD_T_ACTIVE following
1505 * transport_generic_handle_cdb*() -> transport_add_cmd_to_queue()
1506 * in existing usage to ensure that outstanding descriptors are handled
1507 * correctly during shutdown via transport_wait_for_tasks()
1508 *
1509 * Also, we don't take cmd->t_state_lock here as we only expect
1510 * this to be called for initial descriptor submission.
1511 */
1512 cmd->t_state = TRANSPORT_NEW_CMD;
1513 cmd->transport_state |= CMD_T_ACTIVE;
1514
1515 /*
1516 * transport_generic_new_cmd() is already handling QUEUE_FULL,
1517 * so follow TRANSPORT_NEW_CMD processing thread context usage
1518 * and call transport_generic_request_failure() if necessary..
1519 */
1520 ret = transport_generic_new_cmd(cmd);
1521 if (ret < 0)
1522 transport_generic_request_failure(cmd);
1523
1524 return 0;
1525 }
1526 EXPORT_SYMBOL(transport_handle_cdb_direct);
1527
1528 /**
1529 * target_submit_cmd - lookup unpacked lun and submit uninitialized se_cmd
1530 *
1531 * @se_cmd: command descriptor to submit
1532 * @se_sess: associated se_sess for endpoint
1533 * @cdb: pointer to SCSI CDB
1534 * @sense: pointer to SCSI sense buffer
1535 * @unpacked_lun: unpacked LUN to reference for struct se_lun
1536 * @data_length: fabric expected data transfer length
1537 * @task_addr: SAM task attribute
1538 * @data_dir: DMA data direction
1539 * @flags: flags for command submission from target_sc_flags_tables
1540 *
1541 * This may only be called from process context, and also currently
1542 * assumes internal allocation of fabric payload buffer by target-core.
1543 **/
1544 void target_submit_cmd(struct se_cmd *se_cmd, struct se_session *se_sess,
1545 unsigned char *cdb, unsigned char *sense, u32 unpacked_lun,
1546 u32 data_length, int task_attr, int data_dir, int flags)
1547 {
1548 struct se_portal_group *se_tpg;
1549 int rc;
1550
1551 se_tpg = se_sess->se_tpg;
1552 BUG_ON(!se_tpg);
1553 BUG_ON(se_cmd->se_tfo || se_cmd->se_sess);
1554 BUG_ON(in_interrupt());
1555 /*
1556 * Initialize se_cmd for target operation. From this point
1557 * exceptions are handled by sending exception status via
1558 * target_core_fabric_ops->queue_status() callback
1559 */
1560 transport_init_se_cmd(se_cmd, se_tpg->se_tpg_tfo, se_sess,
1561 data_length, data_dir, task_attr, sense);
1562 if (flags & TARGET_SCF_UNKNOWN_SIZE)
1563 se_cmd->unknown_data_length = 1;
1564 /*
1565 * Obtain struct se_cmd->cmd_kref reference and add new cmd to
1566 * se_sess->sess_cmd_list. A second kref_get here is necessary
1567 * for fabrics using TARGET_SCF_ACK_KREF that expect a second
1568 * kref_put() to happen during fabric packet acknowledgement.
1569 */
1570 target_get_sess_cmd(se_sess, se_cmd, (flags & TARGET_SCF_ACK_KREF));
1571 /*
1572 * Signal bidirectional data payloads to target-core
1573 */
1574 if (flags & TARGET_SCF_BIDI_OP)
1575 se_cmd->se_cmd_flags |= SCF_BIDI;
1576 /*
1577 * Locate se_lun pointer and attach it to struct se_cmd
1578 */
1579 if (transport_lookup_cmd_lun(se_cmd, unpacked_lun) < 0) {
1580 transport_send_check_condition_and_sense(se_cmd,
1581 se_cmd->scsi_sense_reason, 0);
1582 target_put_sess_cmd(se_sess, se_cmd);
1583 return;
1584 }
1585 /*
1586 * Sanitize CDBs via transport_generic_cmd_sequencer() and
1587 * allocate the necessary tasks to complete the received CDB+data
1588 */
1589 rc = target_setup_cmd_from_cdb(se_cmd, cdb);
1590 if (rc != 0) {
1591 transport_generic_request_failure(se_cmd);
1592 return;
1593 }
1594
1595 /*
1596 * Check if we need to delay processing because of ALUA
1597 * Active/NonOptimized primary access state..
1598 */
1599 core_alua_check_nonop_delay(se_cmd);
1600
1601 /*
1602 * Dispatch se_cmd descriptor to se_lun->lun_se_dev backend
1603 * for immediate execution of READs, otherwise wait for
1604 * transport_generic_handle_data() to be called for WRITEs
1605 * when fabric has filled the incoming buffer.
1606 */
1607 transport_handle_cdb_direct(se_cmd);
1608 return;
1609 }
1610 EXPORT_SYMBOL(target_submit_cmd);
1611
1612 static void target_complete_tmr_failure(struct work_struct *work)
1613 {
1614 struct se_cmd *se_cmd = container_of(work, struct se_cmd, work);
1615
1616 se_cmd->se_tmr_req->response = TMR_LUN_DOES_NOT_EXIST;
1617 se_cmd->se_tfo->queue_tm_rsp(se_cmd);
1618 transport_generic_free_cmd(se_cmd, 0);
1619 }
1620
1621 /**
1622 * target_submit_tmr - lookup unpacked lun and submit uninitialized se_cmd
1623 * for TMR CDBs
1624 *
1625 * @se_cmd: command descriptor to submit
1626 * @se_sess: associated se_sess for endpoint
1627 * @sense: pointer to SCSI sense buffer
1628 * @unpacked_lun: unpacked LUN to reference for struct se_lun
1629 * @fabric_context: fabric context for TMR req
1630 * @tm_type: Type of TM request
1631 * @gfp: gfp type for caller
1632 * @tag: referenced task tag for TMR_ABORT_TASK
1633 * @flags: submit cmd flags
1634 *
1635 * Callable from all contexts.
1636 **/
1637
1638 int target_submit_tmr(struct se_cmd *se_cmd, struct se_session *se_sess,
1639 unsigned char *sense, u32 unpacked_lun,
1640 void *fabric_tmr_ptr, unsigned char tm_type,
1641 gfp_t gfp, unsigned int tag, int flags)
1642 {
1643 struct se_portal_group *se_tpg;
1644 int ret;
1645
1646 se_tpg = se_sess->se_tpg;
1647 BUG_ON(!se_tpg);
1648
1649 transport_init_se_cmd(se_cmd, se_tpg->se_tpg_tfo, se_sess,
1650 0, DMA_NONE, MSG_SIMPLE_TAG, sense);
1651 /*
1652 * FIXME: Currently expect caller to handle se_cmd->se_tmr_req
1653 * allocation failure.
1654 */
1655 ret = core_tmr_alloc_req(se_cmd, fabric_tmr_ptr, tm_type, gfp);
1656 if (ret < 0)
1657 return -ENOMEM;
1658
1659 if (tm_type == TMR_ABORT_TASK)
1660 se_cmd->se_tmr_req->ref_task_tag = tag;
1661
1662 /* See target_submit_cmd for commentary */
1663 target_get_sess_cmd(se_sess, se_cmd, (flags & TARGET_SCF_ACK_KREF));
1664
1665 ret = transport_lookup_tmr_lun(se_cmd, unpacked_lun);
1666 if (ret) {
1667 /*
1668 * For callback during failure handling, push this work off
1669 * to process context with TMR_LUN_DOES_NOT_EXIST status.
1670 */
1671 INIT_WORK(&se_cmd->work, target_complete_tmr_failure);
1672 schedule_work(&se_cmd->work);
1673 return 0;
1674 }
1675 transport_generic_handle_tmr(se_cmd);
1676 return 0;
1677 }
1678 EXPORT_SYMBOL(target_submit_tmr);
1679
1680 /*
1681 * Used by fabric module frontends defining a TFO->new_cmd_map() caller
1682 * to queue up a newly setup se_cmd w/ TRANSPORT_NEW_CMD_MAP in order to
1683 * complete setup in TCM process context w/ TFO->new_cmd_map().
1684 */
1685 int transport_generic_handle_cdb_map(
1686 struct se_cmd *cmd)
1687 {
1688 if (!cmd->se_lun) {
1689 dump_stack();
1690 pr_err("cmd->se_lun is NULL\n");
1691 return -EINVAL;
1692 }
1693
1694 transport_add_cmd_to_queue(cmd, TRANSPORT_NEW_CMD_MAP, false);
1695 return 0;
1696 }
1697 EXPORT_SYMBOL(transport_generic_handle_cdb_map);
1698
1699 /* transport_generic_handle_data():
1700 *
1701 *
1702 */
1703 int transport_generic_handle_data(
1704 struct se_cmd *cmd)
1705 {
1706 /*
1707 * For the software fabric case, then we assume the nexus is being
1708 * failed/shutdown when signals are pending from the kthread context
1709 * caller, so we return a failure. For the HW target mode case running
1710 * in interrupt code, the signal_pending() check is skipped.
1711 */
1712 if (!in_interrupt() && signal_pending(current))
1713 return -EPERM;
1714 /*
1715 * If the received CDB has aleady been ABORTED by the generic
1716 * target engine, we now call transport_check_aborted_status()
1717 * to queue any delated TASK_ABORTED status for the received CDB to the
1718 * fabric module as we are expecting no further incoming DATA OUT
1719 * sequences at this point.
1720 */
1721 if (transport_check_aborted_status(cmd, 1) != 0)
1722 return 0;
1723
1724 transport_add_cmd_to_queue(cmd, TRANSPORT_PROCESS_WRITE, false);
1725 return 0;
1726 }
1727 EXPORT_SYMBOL(transport_generic_handle_data);
1728
1729 /* transport_generic_handle_tmr():
1730 *
1731 *
1732 */
1733 int transport_generic_handle_tmr(
1734 struct se_cmd *cmd)
1735 {
1736 transport_add_cmd_to_queue(cmd, TRANSPORT_PROCESS_TMR, false);
1737 return 0;
1738 }
1739 EXPORT_SYMBOL(transport_generic_handle_tmr);
1740
1741 /*
1742 * If the cmd is active, request it to be stopped and sleep until it
1743 * has completed.
1744 */
1745 bool target_stop_cmd(struct se_cmd *cmd, unsigned long *flags)
1746 {
1747 bool was_active = false;
1748
1749 if (cmd->transport_state & CMD_T_BUSY) {
1750 cmd->transport_state |= CMD_T_REQUEST_STOP;
1751 spin_unlock_irqrestore(&cmd->t_state_lock, *flags);
1752
1753 pr_debug("cmd %p waiting to complete\n", cmd);
1754 wait_for_completion(&cmd->task_stop_comp);
1755 pr_debug("cmd %p stopped successfully\n", cmd);
1756
1757 spin_lock_irqsave(&cmd->t_state_lock, *flags);
1758 atomic_dec(&cmd->t_task_cdbs_left);
1759 cmd->transport_state &= ~CMD_T_REQUEST_STOP;
1760 cmd->transport_state &= ~CMD_T_BUSY;
1761 was_active = true;
1762 }
1763
1764 return was_active;
1765 }
1766
1767 /*
1768 * Handle SAM-esque emulation for generic transport request failures.
1769 */
1770 void transport_generic_request_failure(struct se_cmd *cmd)
1771 {
1772 int ret = 0;
1773
1774 pr_debug("-----[ Storage Engine Exception for cmd: %p ITT: 0x%08x"
1775 " CDB: 0x%02x\n", cmd, cmd->se_tfo->get_task_tag(cmd),
1776 cmd->t_task_cdb[0]);
1777 pr_debug("-----[ i_state: %d t_state: %d scsi_sense_reason: %d\n",
1778 cmd->se_tfo->get_cmd_state(cmd),
1779 cmd->t_state, cmd->scsi_sense_reason);
1780 pr_debug("-----[ t_task_cdbs_left: %d"
1781 " t_task_cdbs_ex_left: %d --"
1782 " CMD_T_ACTIVE: %d CMD_T_STOP: %d CMD_T_SENT: %d\n",
1783 atomic_read(&cmd->t_task_cdbs_left),
1784 atomic_read(&cmd->t_task_cdbs_ex_left),
1785 (cmd->transport_state & CMD_T_ACTIVE) != 0,
1786 (cmd->transport_state & CMD_T_STOP) != 0,
1787 (cmd->transport_state & CMD_T_SENT) != 0);
1788
1789 /*
1790 * For SAM Task Attribute emulation for failed struct se_cmd
1791 */
1792 if (cmd->se_dev->dev_task_attr_type == SAM_TASK_ATTR_EMULATED)
1793 transport_complete_task_attr(cmd);
1794
1795 switch (cmd->scsi_sense_reason) {
1796 case TCM_NON_EXISTENT_LUN:
1797 case TCM_UNSUPPORTED_SCSI_OPCODE:
1798 case TCM_INVALID_CDB_FIELD:
1799 case TCM_INVALID_PARAMETER_LIST:
1800 case TCM_LOGICAL_UNIT_COMMUNICATION_FAILURE:
1801 case TCM_UNKNOWN_MODE_PAGE:
1802 case TCM_WRITE_PROTECTED:
1803 case TCM_CHECK_CONDITION_ABORT_CMD:
1804 case TCM_CHECK_CONDITION_UNIT_ATTENTION:
1805 case TCM_CHECK_CONDITION_NOT_READY:
1806 break;
1807 case TCM_RESERVATION_CONFLICT:
1808 /*
1809 * No SENSE Data payload for this case, set SCSI Status
1810 * and queue the response to $FABRIC_MOD.
1811 *
1812 * Uses linux/include/scsi/scsi.h SAM status codes defs
1813 */
1814 cmd->scsi_status = SAM_STAT_RESERVATION_CONFLICT;
1815 /*
1816 * For UA Interlock Code 11b, a RESERVATION CONFLICT will
1817 * establish a UNIT ATTENTION with PREVIOUS RESERVATION
1818 * CONFLICT STATUS.
1819 *
1820 * See spc4r17, section 7.4.6 Control Mode Page, Table 349
1821 */
1822 if (cmd->se_sess &&
1823 cmd->se_dev->se_sub_dev->se_dev_attrib.emulate_ua_intlck_ctrl == 2)
1824 core_scsi3_ua_allocate(cmd->se_sess->se_node_acl,
1825 cmd->orig_fe_lun, 0x2C,
1826 ASCQ_2CH_PREVIOUS_RESERVATION_CONFLICT_STATUS);
1827
1828 ret = cmd->se_tfo->queue_status(cmd);
1829 if (ret == -EAGAIN || ret == -ENOMEM)
1830 goto queue_full;
1831 goto check_stop;
1832 default:
1833 pr_err("Unknown transport error for CDB 0x%02x: %d\n",
1834 cmd->t_task_cdb[0], cmd->scsi_sense_reason);
1835 cmd->scsi_sense_reason = TCM_UNSUPPORTED_SCSI_OPCODE;
1836 break;
1837 }
1838 /*
1839 * If a fabric does not define a cmd->se_tfo->new_cmd_map caller,
1840 * make the call to transport_send_check_condition_and_sense()
1841 * directly. Otherwise expect the fabric to make the call to
1842 * transport_send_check_condition_and_sense() after handling
1843 * possible unsoliticied write data payloads.
1844 */
1845 ret = transport_send_check_condition_and_sense(cmd,
1846 cmd->scsi_sense_reason, 0);
1847 if (ret == -EAGAIN || ret == -ENOMEM)
1848 goto queue_full;
1849
1850 check_stop:
1851 transport_lun_remove_cmd(cmd);
1852 if (!transport_cmd_check_stop_to_fabric(cmd))
1853 ;
1854 return;
1855
1856 queue_full:
1857 cmd->t_state = TRANSPORT_COMPLETE_QF_OK;
1858 transport_handle_queue_full(cmd, cmd->se_dev);
1859 }
1860 EXPORT_SYMBOL(transport_generic_request_failure);
1861
1862 static inline u32 transport_lba_21(unsigned char *cdb)
1863 {
1864 return ((cdb[1] & 0x1f) << 16) | (cdb[2] << 8) | cdb[3];
1865 }
1866
1867 static inline u32 transport_lba_32(unsigned char *cdb)
1868 {
1869 return (cdb[2] << 24) | (cdb[3] << 16) | (cdb[4] << 8) | cdb[5];
1870 }
1871
1872 static inline unsigned long long transport_lba_64(unsigned char *cdb)
1873 {
1874 unsigned int __v1, __v2;
1875
1876 __v1 = (cdb[2] << 24) | (cdb[3] << 16) | (cdb[4] << 8) | cdb[5];
1877 __v2 = (cdb[6] << 24) | (cdb[7] << 16) | (cdb[8] << 8) | cdb[9];
1878
1879 return ((unsigned long long)__v2) | (unsigned long long)__v1 << 32;
1880 }
1881
1882 /*
1883 * For VARIABLE_LENGTH_CDB w/ 32 byte extended CDBs
1884 */
1885 static inline unsigned long long transport_lba_64_ext(unsigned char *cdb)
1886 {
1887 unsigned int __v1, __v2;
1888
1889 __v1 = (cdb[12] << 24) | (cdb[13] << 16) | (cdb[14] << 8) | cdb[15];
1890 __v2 = (cdb[16] << 24) | (cdb[17] << 16) | (cdb[18] << 8) | cdb[19];
1891
1892 return ((unsigned long long)__v2) | (unsigned long long)__v1 << 32;
1893 }
1894
1895 static void transport_set_supported_SAM_opcode(struct se_cmd *se_cmd)
1896 {
1897 unsigned long flags;
1898
1899 spin_lock_irqsave(&se_cmd->t_state_lock, flags);
1900 se_cmd->se_cmd_flags |= SCF_SUPPORTED_SAM_OPCODE;
1901 spin_unlock_irqrestore(&se_cmd->t_state_lock, flags);
1902 }
1903
1904 /*
1905 * Called from Fabric Module context from transport_execute_tasks()
1906 *
1907 * The return of this function determins if the tasks from struct se_cmd
1908 * get added to the execution queue in transport_execute_tasks(),
1909 * or are added to the delayed or ordered lists here.
1910 */
1911 static inline int transport_execute_task_attr(struct se_cmd *cmd)
1912 {
1913 if (cmd->se_dev->dev_task_attr_type != SAM_TASK_ATTR_EMULATED)
1914 return 1;
1915 /*
1916 * Check for the existence of HEAD_OF_QUEUE, and if true return 1
1917 * to allow the passed struct se_cmd list of tasks to the front of the list.
1918 */
1919 if (cmd->sam_task_attr == MSG_HEAD_TAG) {
1920 pr_debug("Added HEAD_OF_QUEUE for CDB:"
1921 " 0x%02x, se_ordered_id: %u\n",
1922 cmd->t_task_cdb[0],
1923 cmd->se_ordered_id);
1924 return 1;
1925 } else if (cmd->sam_task_attr == MSG_ORDERED_TAG) {
1926 atomic_inc(&cmd->se_dev->dev_ordered_sync);
1927 smp_mb__after_atomic_inc();
1928
1929 pr_debug("Added ORDERED for CDB: 0x%02x to ordered"
1930 " list, se_ordered_id: %u\n",
1931 cmd->t_task_cdb[0],
1932 cmd->se_ordered_id);
1933 /*
1934 * Add ORDERED command to tail of execution queue if
1935 * no other older commands exist that need to be
1936 * completed first.
1937 */
1938 if (!atomic_read(&cmd->se_dev->simple_cmds))
1939 return 1;
1940 } else {
1941 /*
1942 * For SIMPLE and UNTAGGED Task Attribute commands
1943 */
1944 atomic_inc(&cmd->se_dev->simple_cmds);
1945 smp_mb__after_atomic_inc();
1946 }
1947 /*
1948 * Otherwise if one or more outstanding ORDERED task attribute exist,
1949 * add the dormant task(s) built for the passed struct se_cmd to the
1950 * execution queue and become in Active state for this struct se_device.
1951 */
1952 if (atomic_read(&cmd->se_dev->dev_ordered_sync) != 0) {
1953 /*
1954 * Otherwise, add cmd w/ tasks to delayed cmd queue that
1955 * will be drained upon completion of HEAD_OF_QUEUE task.
1956 */
1957 spin_lock(&cmd->se_dev->delayed_cmd_lock);
1958 cmd->se_cmd_flags |= SCF_DELAYED_CMD_FROM_SAM_ATTR;
1959 list_add_tail(&cmd->se_delayed_node,
1960 &cmd->se_dev->delayed_cmd_list);
1961 spin_unlock(&cmd->se_dev->delayed_cmd_lock);
1962
1963 pr_debug("Added CDB: 0x%02x Task Attr: 0x%02x to"
1964 " delayed CMD list, se_ordered_id: %u\n",
1965 cmd->t_task_cdb[0], cmd->sam_task_attr,
1966 cmd->se_ordered_id);
1967 /*
1968 * Return zero to let transport_execute_tasks() know
1969 * not to add the delayed tasks to the execution list.
1970 */
1971 return 0;
1972 }
1973 /*
1974 * Otherwise, no ORDERED task attributes exist..
1975 */
1976 return 1;
1977 }
1978
1979 /*
1980 * Called from fabric module context in transport_generic_new_cmd() and
1981 * transport_generic_process_write()
1982 */
1983 static int transport_execute_tasks(struct se_cmd *cmd)
1984 {
1985 int add_tasks;
1986 struct se_device *se_dev = cmd->se_dev;
1987 /*
1988 * Call transport_cmd_check_stop() to see if a fabric exception
1989 * has occurred that prevents execution.
1990 */
1991 if (!transport_cmd_check_stop(cmd, 0, TRANSPORT_PROCESSING)) {
1992 /*
1993 * Check for SAM Task Attribute emulation and HEAD_OF_QUEUE
1994 * attribute for the tasks of the received struct se_cmd CDB
1995 */
1996 add_tasks = transport_execute_task_attr(cmd);
1997 if (!add_tasks)
1998 goto execute_tasks;
1999
2000 __transport_execute_tasks(se_dev, cmd);
2001 return 0;
2002 }
2003
2004 execute_tasks:
2005 __transport_execute_tasks(se_dev, NULL);
2006 return 0;
2007 }
2008
2009 static int __transport_execute_tasks(struct se_device *dev, struct se_cmd *new_cmd)
2010 {
2011 int error;
2012 struct se_cmd *cmd = NULL;
2013 unsigned long flags;
2014
2015 check_depth:
2016 spin_lock_irq(&dev->execute_task_lock);
2017 if (new_cmd != NULL)
2018 __target_add_to_execute_list(new_cmd);
2019
2020 if (list_empty(&dev->execute_list)) {
2021 spin_unlock_irq(&dev->execute_task_lock);
2022 return 0;
2023 }
2024 cmd = list_first_entry(&dev->execute_list, struct se_cmd, execute_list);
2025 __target_remove_from_execute_list(cmd);
2026 spin_unlock_irq(&dev->execute_task_lock);
2027
2028 spin_lock_irqsave(&cmd->t_state_lock, flags);
2029 cmd->transport_state |= CMD_T_BUSY;
2030 cmd->transport_state |= CMD_T_SENT;
2031
2032 spin_unlock_irqrestore(&cmd->t_state_lock, flags);
2033
2034 if (cmd->execute_cmd)
2035 error = cmd->execute_cmd(cmd);
2036 else {
2037 error = dev->transport->execute_cmd(cmd, cmd->t_data_sg,
2038 cmd->t_data_nents, cmd->data_direction);
2039 }
2040
2041 if (error != 0) {
2042 spin_lock_irqsave(&cmd->t_state_lock, flags);
2043 cmd->transport_state &= ~CMD_T_BUSY;
2044 cmd->transport_state &= ~CMD_T_SENT;
2045 spin_unlock_irqrestore(&cmd->t_state_lock, flags);
2046
2047 transport_generic_request_failure(cmd);
2048 }
2049
2050 new_cmd = NULL;
2051 goto check_depth;
2052
2053 return 0;
2054 }
2055
2056 static inline u32 transport_get_sectors_6(
2057 unsigned char *cdb,
2058 struct se_cmd *cmd,
2059 int *ret)
2060 {
2061 struct se_device *dev = cmd->se_dev;
2062
2063 /*
2064 * Assume TYPE_DISK for non struct se_device objects.
2065 * Use 8-bit sector value.
2066 */
2067 if (!dev)
2068 goto type_disk;
2069
2070 /*
2071 * Use 24-bit allocation length for TYPE_TAPE.
2072 */
2073 if (dev->transport->get_device_type(dev) == TYPE_TAPE)
2074 return (u32)(cdb[2] << 16) + (cdb[3] << 8) + cdb[4];
2075
2076 /*
2077 * Everything else assume TYPE_DISK Sector CDB location.
2078 * Use 8-bit sector value. SBC-3 says:
2079 *
2080 * A TRANSFER LENGTH field set to zero specifies that 256
2081 * logical blocks shall be written. Any other value
2082 * specifies the number of logical blocks that shall be
2083 * written.
2084 */
2085 type_disk:
2086 return cdb[4] ? : 256;
2087 }
2088
2089 static inline u32 transport_get_sectors_10(
2090 unsigned char *cdb,
2091 struct se_cmd *cmd,
2092 int *ret)
2093 {
2094 struct se_device *dev = cmd->se_dev;
2095
2096 /*
2097 * Assume TYPE_DISK for non struct se_device objects.
2098 * Use 16-bit sector value.
2099 */
2100 if (!dev)
2101 goto type_disk;
2102
2103 /*
2104 * XXX_10 is not defined in SSC, throw an exception
2105 */
2106 if (dev->transport->get_device_type(dev) == TYPE_TAPE) {
2107 *ret = -EINVAL;
2108 return 0;
2109 }
2110
2111 /*
2112 * Everything else assume TYPE_DISK Sector CDB location.
2113 * Use 16-bit sector value.
2114 */
2115 type_disk:
2116 return (u32)(cdb[7] << 8) + cdb[8];
2117 }
2118
2119 static inline u32 transport_get_sectors_12(
2120 unsigned char *cdb,
2121 struct se_cmd *cmd,
2122 int *ret)
2123 {
2124 struct se_device *dev = cmd->se_dev;
2125
2126 /*
2127 * Assume TYPE_DISK for non struct se_device objects.
2128 * Use 32-bit sector value.
2129 */
2130 if (!dev)
2131 goto type_disk;
2132
2133 /*
2134 * XXX_12 is not defined in SSC, throw an exception
2135 */
2136 if (dev->transport->get_device_type(dev) == TYPE_TAPE) {
2137 *ret = -EINVAL;
2138 return 0;
2139 }
2140
2141 /*
2142 * Everything else assume TYPE_DISK Sector CDB location.
2143 * Use 32-bit sector value.
2144 */
2145 type_disk:
2146 return (u32)(cdb[6] << 24) + (cdb[7] << 16) + (cdb[8] << 8) + cdb[9];
2147 }
2148
2149 static inline u32 transport_get_sectors_16(
2150 unsigned char *cdb,
2151 struct se_cmd *cmd,
2152 int *ret)
2153 {
2154 struct se_device *dev = cmd->se_dev;
2155
2156 /*
2157 * Assume TYPE_DISK for non struct se_device objects.
2158 * Use 32-bit sector value.
2159 */
2160 if (!dev)
2161 goto type_disk;
2162
2163 /*
2164 * Use 24-bit allocation length for TYPE_TAPE.
2165 */
2166 if (dev->transport->get_device_type(dev) == TYPE_TAPE)
2167 return (u32)(cdb[12] << 16) + (cdb[13] << 8) + cdb[14];
2168
2169 type_disk:
2170 return (u32)(cdb[10] << 24) + (cdb[11] << 16) +
2171 (cdb[12] << 8) + cdb[13];
2172 }
2173
2174 /*
2175 * Used for VARIABLE_LENGTH_CDB WRITE_32 and READ_32 variants
2176 */
2177 static inline u32 transport_get_sectors_32(
2178 unsigned char *cdb,
2179 struct se_cmd *cmd,
2180 int *ret)
2181 {
2182 /*
2183 * Assume TYPE_DISK for non struct se_device objects.
2184 * Use 32-bit sector value.
2185 */
2186 return (u32)(cdb[28] << 24) + (cdb[29] << 16) +
2187 (cdb[30] << 8) + cdb[31];
2188
2189 }
2190
2191 static inline u32 transport_get_size(
2192 u32 sectors,
2193 unsigned char *cdb,
2194 struct se_cmd *cmd)
2195 {
2196 struct se_device *dev = cmd->se_dev;
2197
2198 if (dev->transport->get_device_type(dev) == TYPE_TAPE) {
2199 if (cdb[1] & 1) { /* sectors */
2200 return dev->se_sub_dev->se_dev_attrib.block_size * sectors;
2201 } else /* bytes */
2202 return sectors;
2203 }
2204
2205 pr_debug("Returning block_size: %u, sectors: %u == %u for"
2206 " %s object\n", dev->se_sub_dev->se_dev_attrib.block_size,
2207 sectors, dev->se_sub_dev->se_dev_attrib.block_size * sectors,
2208 dev->transport->name);
2209
2210 return dev->se_sub_dev->se_dev_attrib.block_size * sectors;
2211 }
2212
2213 static void transport_xor_callback(struct se_cmd *cmd)
2214 {
2215 unsigned char *buf, *addr;
2216 struct scatterlist *sg;
2217 unsigned int offset;
2218 int i;
2219 int count;
2220 /*
2221 * From sbc3r22.pdf section 5.48 XDWRITEREAD (10) command
2222 *
2223 * 1) read the specified logical block(s);
2224 * 2) transfer logical blocks from the data-out buffer;
2225 * 3) XOR the logical blocks transferred from the data-out buffer with
2226 * the logical blocks read, storing the resulting XOR data in a buffer;
2227 * 4) if the DISABLE WRITE bit is set to zero, then write the logical
2228 * blocks transferred from the data-out buffer; and
2229 * 5) transfer the resulting XOR data to the data-in buffer.
2230 */
2231 buf = kmalloc(cmd->data_length, GFP_KERNEL);
2232 if (!buf) {
2233 pr_err("Unable to allocate xor_callback buf\n");
2234 return;
2235 }
2236 /*
2237 * Copy the scatterlist WRITE buffer located at cmd->t_data_sg
2238 * into the locally allocated *buf
2239 */
2240 sg_copy_to_buffer(cmd->t_data_sg,
2241 cmd->t_data_nents,
2242 buf,
2243 cmd->data_length);
2244
2245 /*
2246 * Now perform the XOR against the BIDI read memory located at
2247 * cmd->t_mem_bidi_list
2248 */
2249
2250 offset = 0;
2251 for_each_sg(cmd->t_bidi_data_sg, sg, cmd->t_bidi_data_nents, count) {
2252 addr = kmap_atomic(sg_page(sg));
2253 if (!addr)
2254 goto out;
2255
2256 for (i = 0; i < sg->length; i++)
2257 *(addr + sg->offset + i) ^= *(buf + offset + i);
2258
2259 offset += sg->length;
2260 kunmap_atomic(addr);
2261 }
2262
2263 out:
2264 kfree(buf);
2265 }
2266
2267 /*
2268 * Used to obtain Sense Data from underlying Linux/SCSI struct scsi_cmnd
2269 */
2270 static int transport_get_sense_data(struct se_cmd *cmd)
2271 {
2272 unsigned char *buffer = cmd->sense_buffer, *sense_buffer = NULL;
2273 struct se_device *dev = cmd->se_dev;
2274 unsigned long flags;
2275 u32 offset = 0;
2276
2277 WARN_ON(!cmd->se_lun);
2278
2279 if (!dev)
2280 return 0;
2281
2282 spin_lock_irqsave(&cmd->t_state_lock, flags);
2283 if (cmd->se_cmd_flags & SCF_SENT_CHECK_CONDITION) {
2284 spin_unlock_irqrestore(&cmd->t_state_lock, flags);
2285 return 0;
2286 }
2287
2288 if (!(cmd->se_cmd_flags & SCF_TRANSPORT_TASK_SENSE))
2289 goto out;
2290
2291 if (!dev->transport->get_sense_buffer) {
2292 pr_err("dev->transport->get_sense_buffer is NULL\n");
2293 goto out;
2294 }
2295
2296 sense_buffer = dev->transport->get_sense_buffer(cmd);
2297 if (!sense_buffer) {
2298 pr_err("ITT 0x%08x cmd %p: Unable to locate"
2299 " sense buffer for task with sense\n",
2300 cmd->se_tfo->get_task_tag(cmd), cmd);
2301 goto out;
2302 }
2303
2304 spin_unlock_irqrestore(&cmd->t_state_lock, flags);
2305
2306 offset = cmd->se_tfo->set_fabric_sense_len(cmd, TRANSPORT_SENSE_BUFFER);
2307
2308 memcpy(&buffer[offset], sense_buffer, TRANSPORT_SENSE_BUFFER);
2309
2310 /* Automatically padded */
2311 cmd->scsi_sense_length = TRANSPORT_SENSE_BUFFER + offset;
2312
2313 pr_debug("HBA_[%u]_PLUG[%s]: Set SAM STATUS: 0x%02x and sense\n",
2314 dev->se_hba->hba_id, dev->transport->name, cmd->scsi_status);
2315 return 0;
2316
2317 out:
2318 spin_unlock_irqrestore(&cmd->t_state_lock, flags);
2319 return -1;
2320 }
2321
2322 static inline long long transport_dev_end_lba(struct se_device *dev)
2323 {
2324 return dev->transport->get_blocks(dev) + 1;
2325 }
2326
2327 static int transport_cmd_get_valid_sectors(struct se_cmd *cmd)
2328 {
2329 struct se_device *dev = cmd->se_dev;
2330 u32 sectors;
2331
2332 if (dev->transport->get_device_type(dev) != TYPE_DISK)
2333 return 0;
2334
2335 sectors = (cmd->data_length / dev->se_sub_dev->se_dev_attrib.block_size);
2336
2337 if ((cmd->t_task_lba + sectors) > transport_dev_end_lba(dev)) {
2338 pr_err("LBA: %llu Sectors: %u exceeds"
2339 " transport_dev_end_lba(): %llu\n",
2340 cmd->t_task_lba, sectors,
2341 transport_dev_end_lba(dev));
2342 return -EINVAL;
2343 }
2344
2345 return 0;
2346 }
2347
2348 static int target_check_write_same_discard(unsigned char *flags, struct se_device *dev)
2349 {
2350 /*
2351 * Determine if the received WRITE_SAME is used to for direct
2352 * passthrough into Linux/SCSI with struct request via TCM/pSCSI
2353 * or we are signaling the use of internal WRITE_SAME + UNMAP=1
2354 * emulation for -> Linux/BLOCK disbard with TCM/IBLOCK code.
2355 */
2356 int passthrough = (dev->transport->transport_type ==
2357 TRANSPORT_PLUGIN_PHBA_PDEV);
2358
2359 if (!passthrough) {
2360 if ((flags[0] & 0x04) || (flags[0] & 0x02)) {
2361 pr_err("WRITE_SAME PBDATA and LBDATA"
2362 " bits not supported for Block Discard"
2363 " Emulation\n");
2364 return -ENOSYS;
2365 }
2366 /*
2367 * Currently for the emulated case we only accept
2368 * tpws with the UNMAP=1 bit set.
2369 */
2370 if (!(flags[0] & 0x08)) {
2371 pr_err("WRITE_SAME w/o UNMAP bit not"
2372 " supported for Block Discard Emulation\n");
2373 return -ENOSYS;
2374 }
2375 }
2376
2377 return 0;
2378 }
2379
2380 /* transport_generic_cmd_sequencer():
2381 *
2382 * Generic Command Sequencer that should work for most DAS transport
2383 * drivers.
2384 *
2385 * Called from target_setup_cmd_from_cdb() in the $FABRIC_MOD
2386 * RX Thread.
2387 *
2388 * FIXME: Need to support other SCSI OPCODES where as well.
2389 */
2390 static int transport_generic_cmd_sequencer(
2391 struct se_cmd *cmd,
2392 unsigned char *cdb)
2393 {
2394 struct se_device *dev = cmd->se_dev;
2395 struct se_subsystem_dev *su_dev = dev->se_sub_dev;
2396 int ret = 0, sector_ret = 0, passthrough;
2397 u32 sectors = 0, size = 0, pr_reg_type = 0;
2398 u16 service_action;
2399 u8 alua_ascq = 0;
2400 /*
2401 * Check for an existing UNIT ATTENTION condition
2402 */
2403 if (core_scsi3_ua_check(cmd, cdb) < 0) {
2404 cmd->se_cmd_flags |= SCF_SCSI_CDB_EXCEPTION;
2405 cmd->scsi_sense_reason = TCM_CHECK_CONDITION_UNIT_ATTENTION;
2406 return -EINVAL;
2407 }
2408 /*
2409 * Check status of Asymmetric Logical Unit Assignment port
2410 */
2411 ret = su_dev->t10_alua.alua_state_check(cmd, cdb, &alua_ascq);
2412 if (ret != 0) {
2413 /*
2414 * Set SCSI additional sense code (ASC) to 'LUN Not Accessible';
2415 * The ALUA additional sense code qualifier (ASCQ) is determined
2416 * by the ALUA primary or secondary access state..
2417 */
2418 if (ret > 0) {
2419 pr_debug("[%s]: ALUA TG Port not available,"
2420 " SenseKey: NOT_READY, ASC/ASCQ: 0x04/0x%02x\n",
2421 cmd->se_tfo->get_fabric_name(), alua_ascq);
2422
2423 transport_set_sense_codes(cmd, 0x04, alua_ascq);
2424 cmd->se_cmd_flags |= SCF_SCSI_CDB_EXCEPTION;
2425 cmd->scsi_sense_reason = TCM_CHECK_CONDITION_NOT_READY;
2426 return -EINVAL;
2427 }
2428 goto out_invalid_cdb_field;
2429 }
2430 /*
2431 * Check status for SPC-3 Persistent Reservations
2432 */
2433 if (su_dev->t10_pr.pr_ops.t10_reservation_check(cmd, &pr_reg_type) != 0) {
2434 if (su_dev->t10_pr.pr_ops.t10_seq_non_holder(
2435 cmd, cdb, pr_reg_type) != 0) {
2436 cmd->se_cmd_flags |= SCF_SCSI_CDB_EXCEPTION;
2437 cmd->se_cmd_flags |= SCF_SCSI_RESERVATION_CONFLICT;
2438 cmd->scsi_status = SAM_STAT_RESERVATION_CONFLICT;
2439 cmd->scsi_sense_reason = TCM_RESERVATION_CONFLICT;
2440 return -EBUSY;
2441 }
2442 /*
2443 * This means the CDB is allowed for the SCSI Initiator port
2444 * when said port is *NOT* holding the legacy SPC-2 or
2445 * SPC-3 Persistent Reservation.
2446 */
2447 }
2448
2449 /*
2450 * If we operate in passthrough mode we skip most CDB emulation and
2451 * instead hand the commands down to the physical SCSI device.
2452 */
2453 passthrough =
2454 (dev->transport->transport_type == TRANSPORT_PLUGIN_PHBA_PDEV);
2455
2456 switch (cdb[0]) {
2457 case READ_6:
2458 sectors = transport_get_sectors_6(cdb, cmd, &sector_ret);
2459 if (sector_ret)
2460 goto out_unsupported_cdb;
2461 size = transport_get_size(sectors, cdb, cmd);
2462 cmd->t_task_lba = transport_lba_21(cdb);
2463 cmd->se_cmd_flags |= SCF_SCSI_DATA_SG_IO_CDB;
2464 break;
2465 case READ_10:
2466 sectors = transport_get_sectors_10(cdb, cmd, &sector_ret);
2467 if (sector_ret)
2468 goto out_unsupported_cdb;
2469 size = transport_get_size(sectors, cdb, cmd);
2470 cmd->t_task_lba = transport_lba_32(cdb);
2471 cmd->se_cmd_flags |= SCF_SCSI_DATA_SG_IO_CDB;
2472 break;
2473 case READ_12:
2474 sectors = transport_get_sectors_12(cdb, cmd, &sector_ret);
2475 if (sector_ret)
2476 goto out_unsupported_cdb;
2477 size = transport_get_size(sectors, cdb, cmd);
2478 cmd->t_task_lba = transport_lba_32(cdb);
2479 cmd->se_cmd_flags |= SCF_SCSI_DATA_SG_IO_CDB;
2480 break;
2481 case READ_16:
2482 sectors = transport_get_sectors_16(cdb, cmd, &sector_ret);
2483 if (sector_ret)
2484 goto out_unsupported_cdb;
2485 size = transport_get_size(sectors, cdb, cmd);
2486 cmd->t_task_lba = transport_lba_64(cdb);
2487 cmd->se_cmd_flags |= SCF_SCSI_DATA_SG_IO_CDB;
2488 break;
2489 case WRITE_6:
2490 sectors = transport_get_sectors_6(cdb, cmd, &sector_ret);
2491 if (sector_ret)
2492 goto out_unsupported_cdb;
2493 size = transport_get_size(sectors, cdb, cmd);
2494 cmd->t_task_lba = transport_lba_21(cdb);
2495 cmd->se_cmd_flags |= SCF_SCSI_DATA_SG_IO_CDB;
2496 break;
2497 case WRITE_10:
2498 sectors = transport_get_sectors_10(cdb, cmd, &sector_ret);
2499 if (sector_ret)
2500 goto out_unsupported_cdb;
2501 size = transport_get_size(sectors, cdb, cmd);
2502 cmd->t_task_lba = transport_lba_32(cdb);
2503 if (cdb[1] & 0x8)
2504 cmd->se_cmd_flags |= SCF_FUA;
2505 cmd->se_cmd_flags |= SCF_SCSI_DATA_SG_IO_CDB;
2506 break;
2507 case WRITE_12:
2508 sectors = transport_get_sectors_12(cdb, cmd, &sector_ret);
2509 if (sector_ret)
2510 goto out_unsupported_cdb;
2511 size = transport_get_size(sectors, cdb, cmd);
2512 cmd->t_task_lba = transport_lba_32(cdb);
2513 if (cdb[1] & 0x8)
2514 cmd->se_cmd_flags |= SCF_FUA;
2515 cmd->se_cmd_flags |= SCF_SCSI_DATA_SG_IO_CDB;
2516 break;
2517 case WRITE_16:
2518 sectors = transport_get_sectors_16(cdb, cmd, &sector_ret);
2519 if (sector_ret)
2520 goto out_unsupported_cdb;
2521 size = transport_get_size(sectors, cdb, cmd);
2522 cmd->t_task_lba = transport_lba_64(cdb);
2523 if (cdb[1] & 0x8)
2524 cmd->se_cmd_flags |= SCF_FUA;
2525 cmd->se_cmd_flags |= SCF_SCSI_DATA_SG_IO_CDB;
2526 break;
2527 case XDWRITEREAD_10:
2528 if ((cmd->data_direction != DMA_TO_DEVICE) ||
2529 !(cmd->se_cmd_flags & SCF_BIDI))
2530 goto out_invalid_cdb_field;
2531 sectors = transport_get_sectors_10(cdb, cmd, &sector_ret);
2532 if (sector_ret)
2533 goto out_unsupported_cdb;
2534 size = transport_get_size(sectors, cdb, cmd);
2535 cmd->t_task_lba = transport_lba_32(cdb);
2536 cmd->se_cmd_flags |= SCF_SCSI_DATA_SG_IO_CDB;
2537
2538 /*
2539 * Do now allow BIDI commands for passthrough mode.
2540 */
2541 if (passthrough)
2542 goto out_unsupported_cdb;
2543
2544 /*
2545 * Setup BIDI XOR callback to be run after I/O completion.
2546 */
2547 cmd->transport_complete_callback = &transport_xor_callback;
2548 if (cdb[1] & 0x8)
2549 cmd->se_cmd_flags |= SCF_FUA;
2550 break;
2551 case VARIABLE_LENGTH_CMD:
2552 service_action = get_unaligned_be16(&cdb[8]);
2553 switch (service_action) {
2554 case XDWRITEREAD_32:
2555 sectors = transport_get_sectors_32(cdb, cmd, &sector_ret);
2556 if (sector_ret)
2557 goto out_unsupported_cdb;
2558 size = transport_get_size(sectors, cdb, cmd);
2559 /*
2560 * Use WRITE_32 and READ_32 opcodes for the emulated
2561 * XDWRITE_READ_32 logic.
2562 */
2563 cmd->t_task_lba = transport_lba_64_ext(cdb);
2564 cmd->se_cmd_flags |= SCF_SCSI_DATA_SG_IO_CDB;
2565
2566 /*
2567 * Do now allow BIDI commands for passthrough mode.
2568 */
2569 if (passthrough)
2570 goto out_unsupported_cdb;
2571
2572 /*
2573 * Setup BIDI XOR callback to be run during after I/O
2574 * completion.
2575 */
2576 cmd->transport_complete_callback = &transport_xor_callback;
2577 if (cdb[1] & 0x8)
2578 cmd->se_cmd_flags |= SCF_FUA;
2579 break;
2580 case WRITE_SAME_32:
2581 sectors = transport_get_sectors_32(cdb, cmd, &sector_ret);
2582 if (sector_ret)
2583 goto out_unsupported_cdb;
2584
2585 if (sectors)
2586 size = transport_get_size(1, cdb, cmd);
2587 else {
2588 pr_err("WSNZ=1, WRITE_SAME w/sectors=0 not"
2589 " supported\n");
2590 goto out_invalid_cdb_field;
2591 }
2592
2593 cmd->t_task_lba = get_unaligned_be64(&cdb[12]);
2594 cmd->se_cmd_flags |= SCF_SCSI_CONTROL_SG_IO_CDB;
2595
2596 if (target_check_write_same_discard(&cdb[10], dev) < 0)
2597 goto out_unsupported_cdb;
2598 if (!passthrough)
2599 cmd->execute_cmd = target_emulate_write_same;
2600 break;
2601 default:
2602 pr_err("VARIABLE_LENGTH_CMD service action"
2603 " 0x%04x not supported\n", service_action);
2604 goto out_unsupported_cdb;
2605 }
2606 break;
2607 case MAINTENANCE_IN:
2608 if (dev->transport->get_device_type(dev) != TYPE_ROM) {
2609 /* MAINTENANCE_IN from SCC-2 */
2610 /*
2611 * Check for emulated MI_REPORT_TARGET_PGS.
2612 */
2613 if (cdb[1] == MI_REPORT_TARGET_PGS &&
2614 su_dev->t10_alua.alua_type == SPC3_ALUA_EMULATED) {
2615 cmd->execute_cmd =
2616 target_emulate_report_target_port_groups;
2617 }
2618 size = (cdb[6] << 24) | (cdb[7] << 16) |
2619 (cdb[8] << 8) | cdb[9];
2620 } else {
2621 /* GPCMD_SEND_KEY from multi media commands */
2622 size = (cdb[8] << 8) + cdb[9];
2623 }
2624 cmd->se_cmd_flags |= SCF_SCSI_CONTROL_SG_IO_CDB;
2625 break;
2626 case MODE_SELECT:
2627 size = cdb[4];
2628 cmd->se_cmd_flags |= SCF_SCSI_CONTROL_SG_IO_CDB;
2629 break;
2630 case MODE_SELECT_10:
2631 size = (cdb[7] << 8) + cdb[8];
2632 cmd->se_cmd_flags |= SCF_SCSI_CONTROL_SG_IO_CDB;
2633 break;
2634 case MODE_SENSE:
2635 size = cdb[4];
2636 cmd->se_cmd_flags |= SCF_SCSI_CONTROL_SG_IO_CDB;
2637 if (!passthrough)
2638 cmd->execute_cmd = target_emulate_modesense;
2639 break;
2640 case MODE_SENSE_10:
2641 size = (cdb[7] << 8) + cdb[8];
2642 cmd->se_cmd_flags |= SCF_SCSI_CONTROL_SG_IO_CDB;
2643 if (!passthrough)
2644 cmd->execute_cmd = target_emulate_modesense;
2645 break;
2646 case GPCMD_READ_BUFFER_CAPACITY:
2647 case GPCMD_SEND_OPC:
2648 case LOG_SELECT:
2649 case LOG_SENSE:
2650 size = (cdb[7] << 8) + cdb[8];
2651 cmd->se_cmd_flags |= SCF_SCSI_CONTROL_SG_IO_CDB;
2652 break;
2653 case READ_BLOCK_LIMITS:
2654 size = READ_BLOCK_LEN;
2655 cmd->se_cmd_flags |= SCF_SCSI_CONTROL_SG_IO_CDB;
2656 break;
2657 case GPCMD_GET_CONFIGURATION:
2658 case GPCMD_READ_FORMAT_CAPACITIES:
2659 case GPCMD_READ_DISC_INFO:
2660 case GPCMD_READ_TRACK_RZONE_INFO:
2661 size = (cdb[7] << 8) + cdb[8];
2662 cmd->se_cmd_flags |= SCF_SCSI_CONTROL_SG_IO_CDB;
2663 break;
2664 case PERSISTENT_RESERVE_IN:
2665 if (su_dev->t10_pr.res_type == SPC3_PERSISTENT_RESERVATIONS)
2666 cmd->execute_cmd = target_scsi3_emulate_pr_in;
2667 size = (cdb[7] << 8) + cdb[8];
2668 cmd->se_cmd_flags |= SCF_SCSI_CONTROL_SG_IO_CDB;
2669 break;
2670 case PERSISTENT_RESERVE_OUT:
2671 if (su_dev->t10_pr.res_type == SPC3_PERSISTENT_RESERVATIONS)
2672 cmd->execute_cmd = target_scsi3_emulate_pr_out;
2673 size = (cdb[7] << 8) + cdb[8];
2674 cmd->se_cmd_flags |= SCF_SCSI_CONTROL_SG_IO_CDB;
2675 break;
2676 case GPCMD_MECHANISM_STATUS:
2677 case GPCMD_READ_DVD_STRUCTURE:
2678 size = (cdb[8] << 8) + cdb[9];
2679 cmd->se_cmd_flags |= SCF_SCSI_CONTROL_SG_IO_CDB;
2680 break;
2681 case READ_POSITION:
2682 size = READ_POSITION_LEN;
2683 cmd->se_cmd_flags |= SCF_SCSI_CONTROL_SG_IO_CDB;
2684 break;
2685 case MAINTENANCE_OUT:
2686 if (dev->transport->get_device_type(dev) != TYPE_ROM) {
2687 /* MAINTENANCE_OUT from SCC-2
2688 *
2689 * Check for emulated MO_SET_TARGET_PGS.
2690 */
2691 if (cdb[1] == MO_SET_TARGET_PGS &&
2692 su_dev->t10_alua.alua_type == SPC3_ALUA_EMULATED) {
2693 cmd->execute_cmd =
2694 target_emulate_set_target_port_groups;
2695 }
2696
2697 size = (cdb[6] << 24) | (cdb[7] << 16) |
2698 (cdb[8] << 8) | cdb[9];
2699 } else {
2700 /* GPCMD_REPORT_KEY from multi media commands */
2701 size = (cdb[8] << 8) + cdb[9];
2702 }
2703 cmd->se_cmd_flags |= SCF_SCSI_CONTROL_SG_IO_CDB;
2704 break;
2705 case INQUIRY:
2706 size = (cdb[3] << 8) + cdb[4];
2707 /*
2708 * Do implict HEAD_OF_QUEUE processing for INQUIRY.
2709 * See spc4r17 section 5.3
2710 */
2711 if (cmd->se_dev->dev_task_attr_type == SAM_TASK_ATTR_EMULATED)
2712 cmd->sam_task_attr = MSG_HEAD_TAG;
2713 cmd->se_cmd_flags |= SCF_SCSI_CONTROL_SG_IO_CDB;
2714 if (!passthrough)
2715 cmd->execute_cmd = target_emulate_inquiry;
2716 break;
2717 case READ_BUFFER:
2718 size = (cdb[6] << 16) + (cdb[7] << 8) + cdb[8];
2719 cmd->se_cmd_flags |= SCF_SCSI_CONTROL_SG_IO_CDB;
2720 break;
2721 case READ_CAPACITY:
2722 size = READ_CAP_LEN;
2723 cmd->se_cmd_flags |= SCF_SCSI_CONTROL_SG_IO_CDB;
2724 if (!passthrough)
2725 cmd->execute_cmd = target_emulate_readcapacity;
2726 break;
2727 case READ_MEDIA_SERIAL_NUMBER:
2728 case SECURITY_PROTOCOL_IN:
2729 case SECURITY_PROTOCOL_OUT:
2730 size = (cdb[6] << 24) | (cdb[7] << 16) | (cdb[8] << 8) | cdb[9];
2731 cmd->se_cmd_flags |= SCF_SCSI_CONTROL_SG_IO_CDB;
2732 break;
2733 case SERVICE_ACTION_IN:
2734 switch (cmd->t_task_cdb[1] & 0x1f) {
2735 case SAI_READ_CAPACITY_16:
2736 if (!passthrough)
2737 cmd->execute_cmd =
2738 target_emulate_readcapacity_16;
2739 break;
2740 default:
2741 if (passthrough)
2742 break;
2743
2744 pr_err("Unsupported SA: 0x%02x\n",
2745 cmd->t_task_cdb[1] & 0x1f);
2746 goto out_invalid_cdb_field;
2747 }
2748 /*FALLTHROUGH*/
2749 case ACCESS_CONTROL_IN:
2750 case ACCESS_CONTROL_OUT:
2751 case EXTENDED_COPY:
2752 case READ_ATTRIBUTE:
2753 case RECEIVE_COPY_RESULTS:
2754 case WRITE_ATTRIBUTE:
2755 size = (cdb[10] << 24) | (cdb[11] << 16) |
2756 (cdb[12] << 8) | cdb[13];
2757 cmd->se_cmd_flags |= SCF_SCSI_CONTROL_SG_IO_CDB;
2758 break;
2759 case RECEIVE_DIAGNOSTIC:
2760 case SEND_DIAGNOSTIC:
2761 size = (cdb[3] << 8) | cdb[4];
2762 cmd->se_cmd_flags |= SCF_SCSI_CONTROL_SG_IO_CDB;
2763 break;
2764 /* #warning FIXME: Figure out correct GPCMD_READ_CD blocksize. */
2765 #if 0
2766 case GPCMD_READ_CD:
2767 sectors = (cdb[6] << 16) + (cdb[7] << 8) + cdb[8];
2768 size = (2336 * sectors);
2769 cmd->se_cmd_flags |= SCF_SCSI_CONTROL_SG_IO_CDB;
2770 break;
2771 #endif
2772 case READ_TOC:
2773 size = cdb[8];
2774 cmd->se_cmd_flags |= SCF_SCSI_CONTROL_SG_IO_CDB;
2775 break;
2776 case REQUEST_SENSE:
2777 size = cdb[4];
2778 cmd->se_cmd_flags |= SCF_SCSI_CONTROL_SG_IO_CDB;
2779 if (!passthrough)
2780 cmd->execute_cmd = target_emulate_request_sense;
2781 break;
2782 case READ_ELEMENT_STATUS:
2783 size = 65536 * cdb[7] + 256 * cdb[8] + cdb[9];
2784 cmd->se_cmd_flags |= SCF_SCSI_CONTROL_SG_IO_CDB;
2785 break;
2786 case WRITE_BUFFER:
2787 size = (cdb[6] << 16) + (cdb[7] << 8) + cdb[8];
2788 cmd->se_cmd_flags |= SCF_SCSI_CONTROL_SG_IO_CDB;
2789 break;
2790 case RESERVE:
2791 case RESERVE_10:
2792 /*
2793 * The SPC-2 RESERVE does not contain a size in the SCSI CDB.
2794 * Assume the passthrough or $FABRIC_MOD will tell us about it.
2795 */
2796 if (cdb[0] == RESERVE_10)
2797 size = (cdb[7] << 8) | cdb[8];
2798 else
2799 size = cmd->data_length;
2800
2801 /*
2802 * Setup the legacy emulated handler for SPC-2 and
2803 * >= SPC-3 compatible reservation handling (CRH=1)
2804 * Otherwise, we assume the underlying SCSI logic is
2805 * is running in SPC_PASSTHROUGH, and wants reservations
2806 * emulation disabled.
2807 */
2808 if (su_dev->t10_pr.res_type != SPC_PASSTHROUGH)
2809 cmd->execute_cmd = target_scsi2_reservation_reserve;
2810 cmd->se_cmd_flags |= SCF_SCSI_NON_DATA_CDB;
2811 break;
2812 case RELEASE:
2813 case RELEASE_10:
2814 /*
2815 * The SPC-2 RELEASE does not contain a size in the SCSI CDB.
2816 * Assume the passthrough or $FABRIC_MOD will tell us about it.
2817 */
2818 if (cdb[0] == RELEASE_10)
2819 size = (cdb[7] << 8) | cdb[8];
2820 else
2821 size = cmd->data_length;
2822
2823 if (su_dev->t10_pr.res_type != SPC_PASSTHROUGH)
2824 cmd->execute_cmd = target_scsi2_reservation_release;
2825 cmd->se_cmd_flags |= SCF_SCSI_NON_DATA_CDB;
2826 break;
2827 case SYNCHRONIZE_CACHE:
2828 case SYNCHRONIZE_CACHE_16:
2829 /*
2830 * Extract LBA and range to be flushed for emulated SYNCHRONIZE_CACHE
2831 */
2832 if (cdb[0] == SYNCHRONIZE_CACHE) {
2833 sectors = transport_get_sectors_10(cdb, cmd, &sector_ret);
2834 cmd->t_task_lba = transport_lba_32(cdb);
2835 } else {
2836 sectors = transport_get_sectors_16(cdb, cmd, &sector_ret);
2837 cmd->t_task_lba = transport_lba_64(cdb);
2838 }
2839 if (sector_ret)
2840 goto out_unsupported_cdb;
2841
2842 size = transport_get_size(sectors, cdb, cmd);
2843 cmd->se_cmd_flags |= SCF_SCSI_NON_DATA_CDB;
2844
2845 if (passthrough)
2846 break;
2847
2848 /*
2849 * Check to ensure that LBA + Range does not exceed past end of
2850 * device for IBLOCK and FILEIO ->do_sync_cache() backend calls
2851 */
2852 if ((cmd->t_task_lba != 0) || (sectors != 0)) {
2853 if (transport_cmd_get_valid_sectors(cmd) < 0)
2854 goto out_invalid_cdb_field;
2855 }
2856 cmd->execute_cmd = target_emulate_synchronize_cache;
2857 break;
2858 case UNMAP:
2859 size = get_unaligned_be16(&cdb[7]);
2860 cmd->se_cmd_flags |= SCF_SCSI_CONTROL_SG_IO_CDB;
2861 if (!passthrough)
2862 cmd->execute_cmd = target_emulate_unmap;
2863 break;
2864 case WRITE_SAME_16:
2865 sectors = transport_get_sectors_16(cdb, cmd, &sector_ret);
2866 if (sector_ret)
2867 goto out_unsupported_cdb;
2868
2869 if (sectors)
2870 size = transport_get_size(1, cdb, cmd);
2871 else {
2872 pr_err("WSNZ=1, WRITE_SAME w/sectors=0 not supported\n");
2873 goto out_invalid_cdb_field;
2874 }
2875
2876 cmd->t_task_lba = get_unaligned_be64(&cdb[2]);
2877 cmd->se_cmd_flags |= SCF_SCSI_CONTROL_SG_IO_CDB;
2878
2879 if (target_check_write_same_discard(&cdb[1], dev) < 0)
2880 goto out_unsupported_cdb;
2881 if (!passthrough)
2882 cmd->execute_cmd = target_emulate_write_same;
2883 break;
2884 case WRITE_SAME:
2885 sectors = transport_get_sectors_10(cdb, cmd, &sector_ret);
2886 if (sector_ret)
2887 goto out_unsupported_cdb;
2888
2889 if (sectors)
2890 size = transport_get_size(1, cdb, cmd);
2891 else {
2892 pr_err("WSNZ=1, WRITE_SAME w/sectors=0 not supported\n");
2893 goto out_invalid_cdb_field;
2894 }
2895
2896 cmd->t_task_lba = get_unaligned_be32(&cdb[2]);
2897 cmd->se_cmd_flags |= SCF_SCSI_CONTROL_SG_IO_CDB;
2898 /*
2899 * Follow sbcr26 with WRITE_SAME (10) and check for the existence
2900 * of byte 1 bit 3 UNMAP instead of original reserved field
2901 */
2902 if (target_check_write_same_discard(&cdb[1], dev) < 0)
2903 goto out_unsupported_cdb;
2904 if (!passthrough)
2905 cmd->execute_cmd = target_emulate_write_same;
2906 break;
2907 case ALLOW_MEDIUM_REMOVAL:
2908 case ERASE:
2909 case REZERO_UNIT:
2910 case SEEK_10:
2911 case SPACE:
2912 case START_STOP:
2913 case TEST_UNIT_READY:
2914 case VERIFY:
2915 case WRITE_FILEMARKS:
2916 cmd->se_cmd_flags |= SCF_SCSI_NON_DATA_CDB;
2917 if (!passthrough)
2918 cmd->execute_cmd = target_emulate_noop;
2919 break;
2920 case GPCMD_CLOSE_TRACK:
2921 case INITIALIZE_ELEMENT_STATUS:
2922 case GPCMD_LOAD_UNLOAD:
2923 case GPCMD_SET_SPEED:
2924 case MOVE_MEDIUM:
2925 cmd->se_cmd_flags |= SCF_SCSI_NON_DATA_CDB;
2926 break;
2927 case REPORT_LUNS:
2928 cmd->execute_cmd = target_report_luns;
2929 size = (cdb[6] << 24) | (cdb[7] << 16) | (cdb[8] << 8) | cdb[9];
2930 /*
2931 * Do implict HEAD_OF_QUEUE processing for REPORT_LUNS
2932 * See spc4r17 section 5.3
2933 */
2934 if (cmd->se_dev->dev_task_attr_type == SAM_TASK_ATTR_EMULATED)
2935 cmd->sam_task_attr = MSG_HEAD_TAG;
2936 cmd->se_cmd_flags |= SCF_SCSI_CONTROL_SG_IO_CDB;
2937 break;
2938 case GET_EVENT_STATUS_NOTIFICATION:
2939 size = (cdb[7] << 8) | cdb[8];
2940 cmd->se_cmd_flags |= SCF_SCSI_CONTROL_SG_IO_CDB;
2941 break;
2942 default:
2943 pr_warn("TARGET_CORE[%s]: Unsupported SCSI Opcode"
2944 " 0x%02x, sending CHECK_CONDITION.\n",
2945 cmd->se_tfo->get_fabric_name(), cdb[0]);
2946 goto out_unsupported_cdb;
2947 }
2948
2949 if (cmd->unknown_data_length)
2950 cmd->data_length = size;
2951
2952 if (size != cmd->data_length) {
2953 pr_warn("TARGET_CORE[%s]: Expected Transfer Length:"
2954 " %u does not match SCSI CDB Length: %u for SAM Opcode:"
2955 " 0x%02x\n", cmd->se_tfo->get_fabric_name(),
2956 cmd->data_length, size, cdb[0]);
2957
2958 cmd->cmd_spdtl = size;
2959
2960 if (cmd->data_direction == DMA_TO_DEVICE) {
2961 pr_err("Rejecting underflow/overflow"
2962 " WRITE data\n");
2963 goto out_invalid_cdb_field;
2964 }
2965 /*
2966 * Reject READ_* or WRITE_* with overflow/underflow for
2967 * type SCF_SCSI_DATA_SG_IO_CDB.
2968 */
2969 if (!ret && (dev->se_sub_dev->se_dev_attrib.block_size != 512)) {
2970 pr_err("Failing OVERFLOW/UNDERFLOW for LBA op"
2971 " CDB on non 512-byte sector setup subsystem"
2972 " plugin: %s\n", dev->transport->name);
2973 /* Returns CHECK_CONDITION + INVALID_CDB_FIELD */
2974 goto out_invalid_cdb_field;
2975 }
2976
2977 if (size > cmd->data_length) {
2978 cmd->se_cmd_flags |= SCF_OVERFLOW_BIT;
2979 cmd->residual_count = (size - cmd->data_length);
2980 } else {
2981 cmd->se_cmd_flags |= SCF_UNDERFLOW_BIT;
2982 cmd->residual_count = (cmd->data_length - size);
2983 }
2984 cmd->data_length = size;
2985 }
2986
2987 if (cmd->se_cmd_flags & SCF_SCSI_DATA_SG_IO_CDB &&
2988 (sectors > dev->se_sub_dev->se_dev_attrib.fabric_max_sectors ||
2989 sectors > dev->se_sub_dev->se_dev_attrib.max_sectors)) {
2990 printk_ratelimited(KERN_ERR "SCSI OP %02xh with too big sectors %u\n",
2991 cdb[0], sectors);
2992 goto out_invalid_cdb_field;
2993 }
2994
2995 /* reject any command that we don't have a handler for */
2996 if (!(passthrough || cmd->execute_cmd ||
2997 (cmd->se_cmd_flags & SCF_SCSI_DATA_SG_IO_CDB)))
2998 goto out_unsupported_cdb;
2999
3000 transport_set_supported_SAM_opcode(cmd);
3001 return ret;
3002
3003 out_unsupported_cdb:
3004 cmd->se_cmd_flags |= SCF_SCSI_CDB_EXCEPTION;
3005 cmd->scsi_sense_reason = TCM_UNSUPPORTED_SCSI_OPCODE;
3006 return -EINVAL;
3007 out_invalid_cdb_field:
3008 cmd->se_cmd_flags |= SCF_SCSI_CDB_EXCEPTION;
3009 cmd->scsi_sense_reason = TCM_INVALID_CDB_FIELD;
3010 return -EINVAL;
3011 }
3012
3013 /*
3014 * Called from I/O completion to determine which dormant/delayed
3015 * and ordered cmds need to have their tasks added to the execution queue.
3016 */
3017 static void transport_complete_task_attr(struct se_cmd *cmd)
3018 {
3019 struct se_device *dev = cmd->se_dev;
3020 struct se_cmd *cmd_p, *cmd_tmp;
3021 int new_active_tasks = 0;
3022
3023 if (cmd->sam_task_attr == MSG_SIMPLE_TAG) {
3024 atomic_dec(&dev->simple_cmds);
3025 smp_mb__after_atomic_dec();
3026 dev->dev_cur_ordered_id++;
3027 pr_debug("Incremented dev->dev_cur_ordered_id: %u for"
3028 " SIMPLE: %u\n", dev->dev_cur_ordered_id,
3029 cmd->se_ordered_id);
3030 } else if (cmd->sam_task_attr == MSG_HEAD_TAG) {
3031 dev->dev_cur_ordered_id++;
3032 pr_debug("Incremented dev_cur_ordered_id: %u for"
3033 " HEAD_OF_QUEUE: %u\n", dev->dev_cur_ordered_id,
3034 cmd->se_ordered_id);
3035 } else if (cmd->sam_task_attr == MSG_ORDERED_TAG) {
3036 atomic_dec(&dev->dev_ordered_sync);
3037 smp_mb__after_atomic_dec();
3038
3039 dev->dev_cur_ordered_id++;
3040 pr_debug("Incremented dev_cur_ordered_id: %u for ORDERED:"
3041 " %u\n", dev->dev_cur_ordered_id, cmd->se_ordered_id);
3042 }
3043 /*
3044 * Process all commands up to the last received
3045 * ORDERED task attribute which requires another blocking
3046 * boundary
3047 */
3048 spin_lock(&dev->delayed_cmd_lock);
3049 list_for_each_entry_safe(cmd_p, cmd_tmp,
3050 &dev->delayed_cmd_list, se_delayed_node) {
3051
3052 list_del(&cmd_p->se_delayed_node);
3053 spin_unlock(&dev->delayed_cmd_lock);
3054
3055 pr_debug("Calling add_tasks() for"
3056 " cmd_p: 0x%02x Task Attr: 0x%02x"
3057 " Dormant -> Active, se_ordered_id: %u\n",
3058 cmd_p->t_task_cdb[0],
3059 cmd_p->sam_task_attr, cmd_p->se_ordered_id);
3060
3061 target_add_to_execute_list(cmd_p);
3062 new_active_tasks++;
3063
3064 spin_lock(&dev->delayed_cmd_lock);
3065 if (cmd_p->sam_task_attr == MSG_ORDERED_TAG)
3066 break;
3067 }
3068 spin_unlock(&dev->delayed_cmd_lock);
3069 /*
3070 * If new tasks have become active, wake up the transport thread
3071 * to do the processing of the Active tasks.
3072 */
3073 if (new_active_tasks != 0)
3074 wake_up_interruptible(&dev->dev_queue_obj.thread_wq);
3075 }
3076
3077 static void transport_complete_qf(struct se_cmd *cmd)
3078 {
3079 int ret = 0;
3080
3081 if (cmd->se_dev->dev_task_attr_type == SAM_TASK_ATTR_EMULATED)
3082 transport_complete_task_attr(cmd);
3083
3084 if (cmd->se_cmd_flags & SCF_TRANSPORT_TASK_SENSE) {
3085 ret = cmd->se_tfo->queue_status(cmd);
3086 if (ret)
3087 goto out;
3088 }
3089
3090 switch (cmd->data_direction) {
3091 case DMA_FROM_DEVICE:
3092 ret = cmd->se_tfo->queue_data_in(cmd);
3093 break;
3094 case DMA_TO_DEVICE:
3095 if (cmd->t_bidi_data_sg) {
3096 ret = cmd->se_tfo->queue_data_in(cmd);
3097 if (ret < 0)
3098 break;
3099 }
3100 /* Fall through for DMA_TO_DEVICE */
3101 case DMA_NONE:
3102 ret = cmd->se_tfo->queue_status(cmd);
3103 break;
3104 default:
3105 break;
3106 }
3107
3108 out:
3109 if (ret < 0) {
3110 transport_handle_queue_full(cmd, cmd->se_dev);
3111 return;
3112 }
3113 transport_lun_remove_cmd(cmd);
3114 transport_cmd_check_stop_to_fabric(cmd);
3115 }
3116
3117 static void transport_handle_queue_full(
3118 struct se_cmd *cmd,
3119 struct se_device *dev)
3120 {
3121 spin_lock_irq(&dev->qf_cmd_lock);
3122 list_add_tail(&cmd->se_qf_node, &cmd->se_dev->qf_cmd_list);
3123 atomic_inc(&dev->dev_qf_count);
3124 smp_mb__after_atomic_inc();
3125 spin_unlock_irq(&cmd->se_dev->qf_cmd_lock);
3126
3127 schedule_work(&cmd->se_dev->qf_work_queue);
3128 }
3129
3130 static void target_complete_ok_work(struct work_struct *work)
3131 {
3132 struct se_cmd *cmd = container_of(work, struct se_cmd, work);
3133 int reason = 0, ret;
3134
3135 /*
3136 * Check if we need to move delayed/dormant tasks from cmds on the
3137 * delayed execution list after a HEAD_OF_QUEUE or ORDERED Task
3138 * Attribute.
3139 */
3140 if (cmd->se_dev->dev_task_attr_type == SAM_TASK_ATTR_EMULATED)
3141 transport_complete_task_attr(cmd);
3142 /*
3143 * Check to schedule QUEUE_FULL work, or execute an existing
3144 * cmd->transport_qf_callback()
3145 */
3146 if (atomic_read(&cmd->se_dev->dev_qf_count) != 0)
3147 schedule_work(&cmd->se_dev->qf_work_queue);
3148
3149 /*
3150 * Check if we need to retrieve a sense buffer from
3151 * the struct se_cmd in question.
3152 */
3153 if (cmd->se_cmd_flags & SCF_TRANSPORT_TASK_SENSE) {
3154 if (transport_get_sense_data(cmd) < 0)
3155 reason = TCM_NON_EXISTENT_LUN;
3156
3157 if (cmd->scsi_status) {
3158 ret = transport_send_check_condition_and_sense(
3159 cmd, reason, 1);
3160 if (ret == -EAGAIN || ret == -ENOMEM)
3161 goto queue_full;
3162
3163 transport_lun_remove_cmd(cmd);
3164 transport_cmd_check_stop_to_fabric(cmd);
3165 return;
3166 }
3167 }
3168 /*
3169 * Check for a callback, used by amongst other things
3170 * XDWRITE_READ_10 emulation.
3171 */
3172 if (cmd->transport_complete_callback)
3173 cmd->transport_complete_callback(cmd);
3174
3175 switch (cmd->data_direction) {
3176 case DMA_FROM_DEVICE:
3177 spin_lock(&cmd->se_lun->lun_sep_lock);
3178 if (cmd->se_lun->lun_sep) {
3179 cmd->se_lun->lun_sep->sep_stats.tx_data_octets +=
3180 cmd->data_length;
3181 }
3182 spin_unlock(&cmd->se_lun->lun_sep_lock);
3183
3184 ret = cmd->se_tfo->queue_data_in(cmd);
3185 if (ret == -EAGAIN || ret == -ENOMEM)
3186 goto queue_full;
3187 break;
3188 case DMA_TO_DEVICE:
3189 spin_lock(&cmd->se_lun->lun_sep_lock);
3190 if (cmd->se_lun->lun_sep) {
3191 cmd->se_lun->lun_sep->sep_stats.rx_data_octets +=
3192 cmd->data_length;
3193 }
3194 spin_unlock(&cmd->se_lun->lun_sep_lock);
3195 /*
3196 * Check if we need to send READ payload for BIDI-COMMAND
3197 */
3198 if (cmd->t_bidi_data_sg) {
3199 spin_lock(&cmd->se_lun->lun_sep_lock);
3200 if (cmd->se_lun->lun_sep) {
3201 cmd->se_lun->lun_sep->sep_stats.tx_data_octets +=
3202 cmd->data_length;
3203 }
3204 spin_unlock(&cmd->se_lun->lun_sep_lock);
3205 ret = cmd->se_tfo->queue_data_in(cmd);
3206 if (ret == -EAGAIN || ret == -ENOMEM)
3207 goto queue_full;
3208 break;
3209 }
3210 /* Fall through for DMA_TO_DEVICE */
3211 case DMA_NONE:
3212 ret = cmd->se_tfo->queue_status(cmd);
3213 if (ret == -EAGAIN || ret == -ENOMEM)
3214 goto queue_full;
3215 break;
3216 default:
3217 break;
3218 }
3219
3220 transport_lun_remove_cmd(cmd);
3221 transport_cmd_check_stop_to_fabric(cmd);
3222 return;
3223
3224 queue_full:
3225 pr_debug("Handling complete_ok QUEUE_FULL: se_cmd: %p,"
3226 " data_direction: %d\n", cmd, cmd->data_direction);
3227 cmd->t_state = TRANSPORT_COMPLETE_QF_OK;
3228 transport_handle_queue_full(cmd, cmd->se_dev);
3229 }
3230
3231 static inline void transport_free_sgl(struct scatterlist *sgl, int nents)
3232 {
3233 struct scatterlist *sg;
3234 int count;
3235
3236 for_each_sg(sgl, sg, nents, count)
3237 __free_page(sg_page(sg));
3238
3239 kfree(sgl);
3240 }
3241
3242 static inline void transport_free_pages(struct se_cmd *cmd)
3243 {
3244 if (cmd->se_cmd_flags & SCF_PASSTHROUGH_SG_TO_MEM_NOALLOC)
3245 return;
3246
3247 transport_free_sgl(cmd->t_data_sg, cmd->t_data_nents);
3248 cmd->t_data_sg = NULL;
3249 cmd->t_data_nents = 0;
3250
3251 transport_free_sgl(cmd->t_bidi_data_sg, cmd->t_bidi_data_nents);
3252 cmd->t_bidi_data_sg = NULL;
3253 cmd->t_bidi_data_nents = 0;
3254 }
3255
3256 /**
3257 * transport_release_cmd - free a command
3258 * @cmd: command to free
3259 *
3260 * This routine unconditionally frees a command, and reference counting
3261 * or list removal must be done in the caller.
3262 */
3263 static void transport_release_cmd(struct se_cmd *cmd)
3264 {
3265 BUG_ON(!cmd->se_tfo);
3266
3267 if (cmd->se_cmd_flags & SCF_SCSI_TMR_CDB)
3268 core_tmr_release_req(cmd->se_tmr_req);
3269 if (cmd->t_task_cdb != cmd->__t_task_cdb)
3270 kfree(cmd->t_task_cdb);
3271 /*
3272 * If this cmd has been setup with target_get_sess_cmd(), drop
3273 * the kref and call ->release_cmd() in kref callback.
3274 */
3275 if (cmd->check_release != 0) {
3276 target_put_sess_cmd(cmd->se_sess, cmd);
3277 return;
3278 }
3279 cmd->se_tfo->release_cmd(cmd);
3280 }
3281
3282 /**
3283 * transport_put_cmd - release a reference to a command
3284 * @cmd: command to release
3285 *
3286 * This routine releases our reference to the command and frees it if possible.
3287 */
3288 static void transport_put_cmd(struct se_cmd *cmd)
3289 {
3290 unsigned long flags;
3291
3292 spin_lock_irqsave(&cmd->t_state_lock, flags);
3293 if (atomic_read(&cmd->t_fe_count)) {
3294 if (!atomic_dec_and_test(&cmd->t_fe_count))
3295 goto out_busy;
3296 }
3297
3298 if (atomic_read(&cmd->t_se_count)) {
3299 if (!atomic_dec_and_test(&cmd->t_se_count))
3300 goto out_busy;
3301 }
3302
3303 if (cmd->transport_state & CMD_T_DEV_ACTIVE) {
3304 cmd->transport_state &= ~CMD_T_DEV_ACTIVE;
3305 target_remove_from_state_list(cmd);
3306 }
3307 spin_unlock_irqrestore(&cmd->t_state_lock, flags);
3308
3309 transport_free_pages(cmd);
3310 transport_release_cmd(cmd);
3311 return;
3312 out_busy:
3313 spin_unlock_irqrestore(&cmd->t_state_lock, flags);
3314 }
3315
3316 /*
3317 * transport_generic_map_mem_to_cmd - Use fabric-alloced pages instead of
3318 * allocating in the core.
3319 * @cmd: Associated se_cmd descriptor
3320 * @mem: SGL style memory for TCM WRITE / READ
3321 * @sg_mem_num: Number of SGL elements
3322 * @mem_bidi_in: SGL style memory for TCM BIDI READ
3323 * @sg_mem_bidi_num: Number of BIDI READ SGL elements
3324 *
3325 * Return: nonzero return cmd was rejected for -ENOMEM or inproper usage
3326 * of parameters.
3327 */
3328 int transport_generic_map_mem_to_cmd(
3329 struct se_cmd *cmd,
3330 struct scatterlist *sgl,
3331 u32 sgl_count,
3332 struct scatterlist *sgl_bidi,
3333 u32 sgl_bidi_count)
3334 {
3335 if (!sgl || !sgl_count)
3336 return 0;
3337
3338 if ((cmd->se_cmd_flags & SCF_SCSI_DATA_SG_IO_CDB) ||
3339 (cmd->se_cmd_flags & SCF_SCSI_CONTROL_SG_IO_CDB)) {
3340 /*
3341 * Reject SCSI data overflow with map_mem_to_cmd() as incoming
3342 * scatterlists already have been set to follow what the fabric
3343 * passes for the original expected data transfer length.
3344 */
3345 if (cmd->se_cmd_flags & SCF_OVERFLOW_BIT) {
3346 pr_warn("Rejecting SCSI DATA overflow for fabric using"
3347 " SCF_PASSTHROUGH_SG_TO_MEM_NOALLOC\n");
3348 cmd->se_cmd_flags |= SCF_SCSI_CDB_EXCEPTION;
3349 cmd->scsi_sense_reason = TCM_INVALID_CDB_FIELD;
3350 return -EINVAL;
3351 }
3352
3353 cmd->t_data_sg = sgl;
3354 cmd->t_data_nents = sgl_count;
3355
3356 if (sgl_bidi && sgl_bidi_count) {
3357 cmd->t_bidi_data_sg = sgl_bidi;
3358 cmd->t_bidi_data_nents = sgl_bidi_count;
3359 }
3360 cmd->se_cmd_flags |= SCF_PASSTHROUGH_SG_TO_MEM_NOALLOC;
3361 }
3362
3363 return 0;
3364 }
3365 EXPORT_SYMBOL(transport_generic_map_mem_to_cmd);
3366
3367 void *transport_kmap_data_sg(struct se_cmd *cmd)
3368 {
3369 struct scatterlist *sg = cmd->t_data_sg;
3370 struct page **pages;
3371 int i;
3372
3373 BUG_ON(!sg);
3374 /*
3375 * We need to take into account a possible offset here for fabrics like
3376 * tcm_loop who may be using a contig buffer from the SCSI midlayer for
3377 * control CDBs passed as SGLs via transport_generic_map_mem_to_cmd()
3378 */
3379 if (!cmd->t_data_nents)
3380 return NULL;
3381 else if (cmd->t_data_nents == 1)
3382 return kmap(sg_page(sg)) + sg->offset;
3383
3384 /* >1 page. use vmap */
3385 pages = kmalloc(sizeof(*pages) * cmd->t_data_nents, GFP_KERNEL);
3386 if (!pages)
3387 return NULL;
3388
3389 /* convert sg[] to pages[] */
3390 for_each_sg(cmd->t_data_sg, sg, cmd->t_data_nents, i) {
3391 pages[i] = sg_page(sg);
3392 }
3393
3394 cmd->t_data_vmap = vmap(pages, cmd->t_data_nents, VM_MAP, PAGE_KERNEL);
3395 kfree(pages);
3396 if (!cmd->t_data_vmap)
3397 return NULL;
3398
3399 return cmd->t_data_vmap + cmd->t_data_sg[0].offset;
3400 }
3401 EXPORT_SYMBOL(transport_kmap_data_sg);
3402
3403 void transport_kunmap_data_sg(struct se_cmd *cmd)
3404 {
3405 if (!cmd->t_data_nents) {
3406 return;
3407 } else if (cmd->t_data_nents == 1) {
3408 kunmap(sg_page(cmd->t_data_sg));
3409 return;
3410 }
3411
3412 vunmap(cmd->t_data_vmap);
3413 cmd->t_data_vmap = NULL;
3414 }
3415 EXPORT_SYMBOL(transport_kunmap_data_sg);
3416
3417 static int
3418 transport_generic_get_mem(struct se_cmd *cmd)
3419 {
3420 u32 length = cmd->data_length;
3421 unsigned int nents;
3422 struct page *page;
3423 gfp_t zero_flag;
3424 int i = 0;
3425
3426 nents = DIV_ROUND_UP(length, PAGE_SIZE);
3427 cmd->t_data_sg = kmalloc(sizeof(struct scatterlist) * nents, GFP_KERNEL);
3428 if (!cmd->t_data_sg)
3429 return -ENOMEM;
3430
3431 cmd->t_data_nents = nents;
3432 sg_init_table(cmd->t_data_sg, nents);
3433
3434 zero_flag = cmd->se_cmd_flags & SCF_SCSI_DATA_SG_IO_CDB ? 0 : __GFP_ZERO;
3435
3436 while (length) {
3437 u32 page_len = min_t(u32, length, PAGE_SIZE);
3438 page = alloc_page(GFP_KERNEL | zero_flag);
3439 if (!page)
3440 goto out;
3441
3442 sg_set_page(&cmd->t_data_sg[i], page, page_len, 0);
3443 length -= page_len;
3444 i++;
3445 }
3446 return 0;
3447
3448 out:
3449 while (i >= 0) {
3450 __free_page(sg_page(&cmd->t_data_sg[i]));
3451 i--;
3452 }
3453 kfree(cmd->t_data_sg);
3454 cmd->t_data_sg = NULL;
3455 return -ENOMEM;
3456 }
3457
3458 /*
3459 * Allocate any required resources to execute the command. For writes we
3460 * might not have the payload yet, so notify the fabric via a call to
3461 * ->write_pending instead. Otherwise place it on the execution queue.
3462 */
3463 int transport_generic_new_cmd(struct se_cmd *cmd)
3464 {
3465 struct se_device *dev = cmd->se_dev;
3466 int ret = 0;
3467
3468 /*
3469 * Determine is the TCM fabric module has already allocated physical
3470 * memory, and is directly calling transport_generic_map_mem_to_cmd()
3471 * beforehand.
3472 */
3473 if (!(cmd->se_cmd_flags & SCF_PASSTHROUGH_SG_TO_MEM_NOALLOC) &&
3474 cmd->data_length) {
3475 ret = transport_generic_get_mem(cmd);
3476 if (ret < 0)
3477 goto out_fail;
3478 }
3479
3480 /* Workaround for handling zero-length control CDBs */
3481 if ((cmd->se_cmd_flags & SCF_SCSI_CONTROL_SG_IO_CDB) &&
3482 !cmd->data_length) {
3483 spin_lock_irq(&cmd->t_state_lock);
3484 cmd->t_state = TRANSPORT_COMPLETE;
3485 cmd->transport_state |= CMD_T_ACTIVE;
3486 spin_unlock_irq(&cmd->t_state_lock);
3487
3488 if (cmd->t_task_cdb[0] == REQUEST_SENSE) {
3489 u8 ua_asc = 0, ua_ascq = 0;
3490
3491 core_scsi3_ua_clear_for_request_sense(cmd,
3492 &ua_asc, &ua_ascq);
3493 }
3494
3495 INIT_WORK(&cmd->work, target_complete_ok_work);
3496 queue_work(target_completion_wq, &cmd->work);
3497 return 0;
3498 }
3499
3500 if (cmd->se_cmd_flags & SCF_SCSI_DATA_SG_IO_CDB) {
3501 struct se_dev_attrib *attr = &dev->se_sub_dev->se_dev_attrib;
3502
3503 if (transport_cmd_get_valid_sectors(cmd) < 0)
3504 return -EINVAL;
3505
3506 BUG_ON(cmd->data_length % attr->block_size);
3507 BUG_ON(DIV_ROUND_UP(cmd->data_length, attr->block_size) >
3508 attr->max_sectors);
3509 }
3510
3511 atomic_inc(&cmd->t_fe_count);
3512 atomic_inc(&cmd->t_se_count);
3513
3514 atomic_set(&cmd->t_task_cdbs_left, 1);
3515 atomic_set(&cmd->t_task_cdbs_ex_left, 1);
3516
3517 /*
3518 * For WRITEs, let the fabric know its buffer is ready.
3519 *
3520 * The command will be added to the execution queue after its write
3521 * data has arrived.
3522 */
3523 if (cmd->data_direction == DMA_TO_DEVICE) {
3524 target_add_to_state_list(cmd);
3525 return transport_generic_write_pending(cmd);
3526 }
3527 /*
3528 * Everything else but a WRITE, add the command to the execution queue.
3529 */
3530 transport_execute_tasks(cmd);
3531 return 0;
3532
3533 out_fail:
3534 cmd->se_cmd_flags |= SCF_SCSI_CDB_EXCEPTION;
3535 cmd->scsi_sense_reason = TCM_LOGICAL_UNIT_COMMUNICATION_FAILURE;
3536 return -EINVAL;
3537 }
3538 EXPORT_SYMBOL(transport_generic_new_cmd);
3539
3540 /* transport_generic_process_write():
3541 *
3542 *
3543 */
3544 void transport_generic_process_write(struct se_cmd *cmd)
3545 {
3546 transport_execute_tasks(cmd);
3547 }
3548 EXPORT_SYMBOL(transport_generic_process_write);
3549
3550 static void transport_write_pending_qf(struct se_cmd *cmd)
3551 {
3552 int ret;
3553
3554 ret = cmd->se_tfo->write_pending(cmd);
3555 if (ret == -EAGAIN || ret == -ENOMEM) {
3556 pr_debug("Handling write_pending QUEUE__FULL: se_cmd: %p\n",
3557 cmd);
3558 transport_handle_queue_full(cmd, cmd->se_dev);
3559 }
3560 }
3561
3562 static int transport_generic_write_pending(struct se_cmd *cmd)
3563 {
3564 unsigned long flags;
3565 int ret;
3566
3567 spin_lock_irqsave(&cmd->t_state_lock, flags);
3568 cmd->t_state = TRANSPORT_WRITE_PENDING;
3569 spin_unlock_irqrestore(&cmd->t_state_lock, flags);
3570
3571 /*
3572 * Clear the se_cmd for WRITE_PENDING status in order to set
3573 * CMD_T_ACTIVE so that transport_generic_handle_data can be called
3574 * from HW target mode interrupt code. This is safe to be called
3575 * with transport_off=1 before the cmd->se_tfo->write_pending
3576 * because the se_cmd->se_lun pointer is not being cleared.
3577 */
3578 transport_cmd_check_stop(cmd, 1, 0);
3579
3580 /*
3581 * Call the fabric write_pending function here to let the
3582 * frontend know that WRITE buffers are ready.
3583 */
3584 ret = cmd->se_tfo->write_pending(cmd);
3585 if (ret == -EAGAIN || ret == -ENOMEM)
3586 goto queue_full;
3587 else if (ret < 0)
3588 return ret;
3589
3590 return 1;
3591
3592 queue_full:
3593 pr_debug("Handling write_pending QUEUE__FULL: se_cmd: %p\n", cmd);
3594 cmd->t_state = TRANSPORT_COMPLETE_QF_WP;
3595 transport_handle_queue_full(cmd, cmd->se_dev);
3596 return 0;
3597 }
3598
3599 void transport_generic_free_cmd(struct se_cmd *cmd, int wait_for_tasks)
3600 {
3601 if (!(cmd->se_cmd_flags & SCF_SE_LUN_CMD)) {
3602 if (wait_for_tasks && (cmd->se_cmd_flags & SCF_SCSI_TMR_CDB))
3603 transport_wait_for_tasks(cmd);
3604
3605 transport_release_cmd(cmd);
3606 } else {
3607 if (wait_for_tasks)
3608 transport_wait_for_tasks(cmd);
3609
3610 core_dec_lacl_count(cmd->se_sess->se_node_acl, cmd);
3611
3612 if (cmd->se_lun)
3613 transport_lun_remove_cmd(cmd);
3614
3615 transport_put_cmd(cmd);
3616 }
3617 }
3618 EXPORT_SYMBOL(transport_generic_free_cmd);
3619
3620 /* target_get_sess_cmd - Add command to active ->sess_cmd_list
3621 * @se_sess: session to reference
3622 * @se_cmd: command descriptor to add
3623 * @ack_kref: Signal that fabric will perform an ack target_put_sess_cmd()
3624 */
3625 void target_get_sess_cmd(struct se_session *se_sess, struct se_cmd *se_cmd,
3626 bool ack_kref)
3627 {
3628 unsigned long flags;
3629
3630 kref_init(&se_cmd->cmd_kref);
3631 /*
3632 * Add a second kref if the fabric caller is expecting to handle
3633 * fabric acknowledgement that requires two target_put_sess_cmd()
3634 * invocations before se_cmd descriptor release.
3635 */
3636 if (ack_kref == true) {
3637 kref_get(&se_cmd->cmd_kref);
3638 se_cmd->se_cmd_flags |= SCF_ACK_KREF;
3639 }
3640
3641 spin_lock_irqsave(&se_sess->sess_cmd_lock, flags);
3642 list_add_tail(&se_cmd->se_cmd_list, &se_sess->sess_cmd_list);
3643 se_cmd->check_release = 1;
3644 spin_unlock_irqrestore(&se_sess->sess_cmd_lock, flags);
3645 }
3646 EXPORT_SYMBOL(target_get_sess_cmd);
3647
3648 static void target_release_cmd_kref(struct kref *kref)
3649 {
3650 struct se_cmd *se_cmd = container_of(kref, struct se_cmd, cmd_kref);
3651 struct se_session *se_sess = se_cmd->se_sess;
3652 unsigned long flags;
3653
3654 spin_lock_irqsave(&se_sess->sess_cmd_lock, flags);
3655 if (list_empty(&se_cmd->se_cmd_list)) {
3656 spin_unlock_irqrestore(&se_sess->sess_cmd_lock, flags);
3657 se_cmd->se_tfo->release_cmd(se_cmd);
3658 return;
3659 }
3660 if (se_sess->sess_tearing_down && se_cmd->cmd_wait_set) {
3661 spin_unlock_irqrestore(&se_sess->sess_cmd_lock, flags);
3662 complete(&se_cmd->cmd_wait_comp);
3663 return;
3664 }
3665 list_del(&se_cmd->se_cmd_list);
3666 spin_unlock_irqrestore(&se_sess->sess_cmd_lock, flags);
3667
3668 se_cmd->se_tfo->release_cmd(se_cmd);
3669 }
3670
3671 /* target_put_sess_cmd - Check for active I/O shutdown via kref_put
3672 * @se_sess: session to reference
3673 * @se_cmd: command descriptor to drop
3674 */
3675 int target_put_sess_cmd(struct se_session *se_sess, struct se_cmd *se_cmd)
3676 {
3677 return kref_put(&se_cmd->cmd_kref, target_release_cmd_kref);
3678 }
3679 EXPORT_SYMBOL(target_put_sess_cmd);
3680
3681 /* target_splice_sess_cmd_list - Split active cmds into sess_wait_list
3682 * @se_sess: session to split
3683 */
3684 void target_splice_sess_cmd_list(struct se_session *se_sess)
3685 {
3686 struct se_cmd *se_cmd;
3687 unsigned long flags;
3688
3689 WARN_ON(!list_empty(&se_sess->sess_wait_list));
3690 INIT_LIST_HEAD(&se_sess->sess_wait_list);
3691
3692 spin_lock_irqsave(&se_sess->sess_cmd_lock, flags);
3693 se_sess->sess_tearing_down = 1;
3694
3695 list_splice_init(&se_sess->sess_cmd_list, &se_sess->sess_wait_list);
3696
3697 list_for_each_entry(se_cmd, &se_sess->sess_wait_list, se_cmd_list)
3698 se_cmd->cmd_wait_set = 1;
3699
3700 spin_unlock_irqrestore(&se_sess->sess_cmd_lock, flags);
3701 }
3702 EXPORT_SYMBOL(target_splice_sess_cmd_list);
3703
3704 /* target_wait_for_sess_cmds - Wait for outstanding descriptors
3705 * @se_sess: session to wait for active I/O
3706 * @wait_for_tasks: Make extra transport_wait_for_tasks call
3707 */
3708 void target_wait_for_sess_cmds(
3709 struct se_session *se_sess,
3710 int wait_for_tasks)
3711 {
3712 struct se_cmd *se_cmd, *tmp_cmd;
3713 bool rc = false;
3714
3715 list_for_each_entry_safe(se_cmd, tmp_cmd,
3716 &se_sess->sess_wait_list, se_cmd_list) {
3717 list_del(&se_cmd->se_cmd_list);
3718
3719 pr_debug("Waiting for se_cmd: %p t_state: %d, fabric state:"
3720 " %d\n", se_cmd, se_cmd->t_state,
3721 se_cmd->se_tfo->get_cmd_state(se_cmd));
3722
3723 if (wait_for_tasks) {
3724 pr_debug("Calling transport_wait_for_tasks se_cmd: %p t_state: %d,"
3725 " fabric state: %d\n", se_cmd, se_cmd->t_state,
3726 se_cmd->se_tfo->get_cmd_state(se_cmd));
3727
3728 rc = transport_wait_for_tasks(se_cmd);
3729
3730 pr_debug("After transport_wait_for_tasks se_cmd: %p t_state: %d,"
3731 " fabric state: %d\n", se_cmd, se_cmd->t_state,
3732 se_cmd->se_tfo->get_cmd_state(se_cmd));
3733 }
3734
3735 if (!rc) {
3736 wait_for_completion(&se_cmd->cmd_wait_comp);
3737 pr_debug("After cmd_wait_comp: se_cmd: %p t_state: %d"
3738 " fabric state: %d\n", se_cmd, se_cmd->t_state,
3739 se_cmd->se_tfo->get_cmd_state(se_cmd));
3740 }
3741
3742 se_cmd->se_tfo->release_cmd(se_cmd);
3743 }
3744 }
3745 EXPORT_SYMBOL(target_wait_for_sess_cmds);
3746
3747 /* transport_lun_wait_for_tasks():
3748 *
3749 * Called from ConfigFS context to stop the passed struct se_cmd to allow
3750 * an struct se_lun to be successfully shutdown.
3751 */
3752 static int transport_lun_wait_for_tasks(struct se_cmd *cmd, struct se_lun *lun)
3753 {
3754 unsigned long flags;
3755 int ret = 0;
3756
3757 /*
3758 * If the frontend has already requested this struct se_cmd to
3759 * be stopped, we can safely ignore this struct se_cmd.
3760 */
3761 spin_lock_irqsave(&cmd->t_state_lock, flags);
3762 if (cmd->transport_state & CMD_T_STOP) {
3763 cmd->transport_state &= ~CMD_T_LUN_STOP;
3764
3765 pr_debug("ConfigFS ITT[0x%08x] - CMD_T_STOP, skipping\n",
3766 cmd->se_tfo->get_task_tag(cmd));
3767 spin_unlock_irqrestore(&cmd->t_state_lock, flags);
3768 transport_cmd_check_stop(cmd, 1, 0);
3769 return -EPERM;
3770 }
3771 cmd->transport_state |= CMD_T_LUN_FE_STOP;
3772 spin_unlock_irqrestore(&cmd->t_state_lock, flags);
3773
3774 wake_up_interruptible(&cmd->se_dev->dev_queue_obj.thread_wq);
3775
3776 // XXX: audit task_flags checks.
3777 spin_lock_irqsave(&cmd->t_state_lock, flags);
3778 if ((cmd->transport_state & CMD_T_BUSY) &&
3779 (cmd->transport_state & CMD_T_SENT)) {
3780 if (!target_stop_cmd(cmd, &flags))
3781 ret++;
3782 spin_lock_irqsave(&cmd->t_state_lock, flags);
3783 } else {
3784 spin_unlock_irqrestore(&cmd->t_state_lock,
3785 flags);
3786 target_remove_from_execute_list(cmd);
3787 }
3788
3789 pr_debug("ConfigFS: cmd: %p stop tasks ret:"
3790 " %d\n", cmd, ret);
3791 if (!ret) {
3792 pr_debug("ConfigFS: ITT[0x%08x] - stopping cmd....\n",
3793 cmd->se_tfo->get_task_tag(cmd));
3794 wait_for_completion(&cmd->transport_lun_stop_comp);
3795 pr_debug("ConfigFS: ITT[0x%08x] - stopped cmd....\n",
3796 cmd->se_tfo->get_task_tag(cmd));
3797 }
3798 transport_remove_cmd_from_queue(cmd);
3799
3800 return 0;
3801 }
3802
3803 static void __transport_clear_lun_from_sessions(struct se_lun *lun)
3804 {
3805 struct se_cmd *cmd = NULL;
3806 unsigned long lun_flags, cmd_flags;
3807 /*
3808 * Do exception processing and return CHECK_CONDITION status to the
3809 * Initiator Port.
3810 */
3811 spin_lock_irqsave(&lun->lun_cmd_lock, lun_flags);
3812 while (!list_empty(&lun->lun_cmd_list)) {
3813 cmd = list_first_entry(&lun->lun_cmd_list,
3814 struct se_cmd, se_lun_node);
3815 list_del_init(&cmd->se_lun_node);
3816
3817 /*
3818 * This will notify iscsi_target_transport.c:
3819 * transport_cmd_check_stop() that a LUN shutdown is in
3820 * progress for the iscsi_cmd_t.
3821 */
3822 spin_lock(&cmd->t_state_lock);
3823 pr_debug("SE_LUN[%d] - Setting cmd->transport"
3824 "_lun_stop for ITT: 0x%08x\n",
3825 cmd->se_lun->unpacked_lun,
3826 cmd->se_tfo->get_task_tag(cmd));
3827 cmd->transport_state |= CMD_T_LUN_STOP;
3828 spin_unlock(&cmd->t_state_lock);
3829
3830 spin_unlock_irqrestore(&lun->lun_cmd_lock, lun_flags);
3831
3832 if (!cmd->se_lun) {
3833 pr_err("ITT: 0x%08x, [i,t]_state: %u/%u\n",
3834 cmd->se_tfo->get_task_tag(cmd),
3835 cmd->se_tfo->get_cmd_state(cmd), cmd->t_state);
3836 BUG();
3837 }
3838 /*
3839 * If the Storage engine still owns the iscsi_cmd_t, determine
3840 * and/or stop its context.
3841 */
3842 pr_debug("SE_LUN[%d] - ITT: 0x%08x before transport"
3843 "_lun_wait_for_tasks()\n", cmd->se_lun->unpacked_lun,
3844 cmd->se_tfo->get_task_tag(cmd));
3845
3846 if (transport_lun_wait_for_tasks(cmd, cmd->se_lun) < 0) {
3847 spin_lock_irqsave(&lun->lun_cmd_lock, lun_flags);
3848 continue;
3849 }
3850
3851 pr_debug("SE_LUN[%d] - ITT: 0x%08x after transport_lun"
3852 "_wait_for_tasks(): SUCCESS\n",
3853 cmd->se_lun->unpacked_lun,
3854 cmd->se_tfo->get_task_tag(cmd));
3855
3856 spin_lock_irqsave(&cmd->t_state_lock, cmd_flags);
3857 if (!(cmd->transport_state & CMD_T_DEV_ACTIVE)) {
3858 spin_unlock_irqrestore(&cmd->t_state_lock, cmd_flags);
3859 goto check_cond;
3860 }
3861 cmd->transport_state &= ~CMD_T_DEV_ACTIVE;
3862 target_remove_from_state_list(cmd);
3863 spin_unlock_irqrestore(&cmd->t_state_lock, cmd_flags);
3864
3865 /*
3866 * The Storage engine stopped this struct se_cmd before it was
3867 * send to the fabric frontend for delivery back to the
3868 * Initiator Node. Return this SCSI CDB back with an
3869 * CHECK_CONDITION status.
3870 */
3871 check_cond:
3872 transport_send_check_condition_and_sense(cmd,
3873 TCM_NON_EXISTENT_LUN, 0);
3874 /*
3875 * If the fabric frontend is waiting for this iscsi_cmd_t to
3876 * be released, notify the waiting thread now that LU has
3877 * finished accessing it.
3878 */
3879 spin_lock_irqsave(&cmd->t_state_lock, cmd_flags);
3880 if (cmd->transport_state & CMD_T_LUN_FE_STOP) {
3881 pr_debug("SE_LUN[%d] - Detected FE stop for"
3882 " struct se_cmd: %p ITT: 0x%08x\n",
3883 lun->unpacked_lun,
3884 cmd, cmd->se_tfo->get_task_tag(cmd));
3885
3886 spin_unlock_irqrestore(&cmd->t_state_lock,
3887 cmd_flags);
3888 transport_cmd_check_stop(cmd, 1, 0);
3889 complete(&cmd->transport_lun_fe_stop_comp);
3890 spin_lock_irqsave(&lun->lun_cmd_lock, lun_flags);
3891 continue;
3892 }
3893 pr_debug("SE_LUN[%d] - ITT: 0x%08x finished processing\n",
3894 lun->unpacked_lun, cmd->se_tfo->get_task_tag(cmd));
3895
3896 spin_unlock_irqrestore(&cmd->t_state_lock, cmd_flags);
3897 spin_lock_irqsave(&lun->lun_cmd_lock, lun_flags);
3898 }
3899 spin_unlock_irqrestore(&lun->lun_cmd_lock, lun_flags);
3900 }
3901
3902 static int transport_clear_lun_thread(void *p)
3903 {
3904 struct se_lun *lun = p;
3905
3906 __transport_clear_lun_from_sessions(lun);
3907 complete(&lun->lun_shutdown_comp);
3908
3909 return 0;
3910 }
3911
3912 int transport_clear_lun_from_sessions(struct se_lun *lun)
3913 {
3914 struct task_struct *kt;
3915
3916 kt = kthread_run(transport_clear_lun_thread, lun,
3917 "tcm_cl_%u", lun->unpacked_lun);
3918 if (IS_ERR(kt)) {
3919 pr_err("Unable to start clear_lun thread\n");
3920 return PTR_ERR(kt);
3921 }
3922 wait_for_completion(&lun->lun_shutdown_comp);
3923
3924 return 0;
3925 }
3926
3927 /**
3928 * transport_wait_for_tasks - wait for completion to occur
3929 * @cmd: command to wait
3930 *
3931 * Called from frontend fabric context to wait for storage engine
3932 * to pause and/or release frontend generated struct se_cmd.
3933 */
3934 bool transport_wait_for_tasks(struct se_cmd *cmd)
3935 {
3936 unsigned long flags;
3937
3938 spin_lock_irqsave(&cmd->t_state_lock, flags);
3939 if (!(cmd->se_cmd_flags & SCF_SE_LUN_CMD) &&
3940 !(cmd->se_cmd_flags & SCF_SCSI_TMR_CDB)) {
3941 spin_unlock_irqrestore(&cmd->t_state_lock, flags);
3942 return false;
3943 }
3944 /*
3945 * Only perform a possible wait_for_tasks if SCF_SUPPORTED_SAM_OPCODE
3946 * has been set in transport_set_supported_SAM_opcode().
3947 */
3948 if (!(cmd->se_cmd_flags & SCF_SUPPORTED_SAM_OPCODE) &&
3949 !(cmd->se_cmd_flags & SCF_SCSI_TMR_CDB)) {
3950 spin_unlock_irqrestore(&cmd->t_state_lock, flags);
3951 return false;
3952 }
3953 /*
3954 * If we are already stopped due to an external event (ie: LUN shutdown)
3955 * sleep until the connection can have the passed struct se_cmd back.
3956 * The cmd->transport_lun_stopped_sem will be upped by
3957 * transport_clear_lun_from_sessions() once the ConfigFS context caller
3958 * has completed its operation on the struct se_cmd.
3959 */
3960 if (cmd->transport_state & CMD_T_LUN_STOP) {
3961 pr_debug("wait_for_tasks: Stopping"
3962 " wait_for_completion(&cmd->t_tasktransport_lun_fe"
3963 "_stop_comp); for ITT: 0x%08x\n",
3964 cmd->se_tfo->get_task_tag(cmd));
3965 /*
3966 * There is a special case for WRITES where a FE exception +
3967 * LUN shutdown means ConfigFS context is still sleeping on
3968 * transport_lun_stop_comp in transport_lun_wait_for_tasks().
3969 * We go ahead and up transport_lun_stop_comp just to be sure
3970 * here.
3971 */
3972 spin_unlock_irqrestore(&cmd->t_state_lock, flags);
3973 complete(&cmd->transport_lun_stop_comp);
3974 wait_for_completion(&cmd->transport_lun_fe_stop_comp);
3975 spin_lock_irqsave(&cmd->t_state_lock, flags);
3976
3977 target_remove_from_state_list(cmd);
3978 /*
3979 * At this point, the frontend who was the originator of this
3980 * struct se_cmd, now owns the structure and can be released through
3981 * normal means below.
3982 */
3983 pr_debug("wait_for_tasks: Stopped"
3984 " wait_for_completion(&cmd->t_tasktransport_lun_fe_"
3985 "stop_comp); for ITT: 0x%08x\n",
3986 cmd->se_tfo->get_task_tag(cmd));
3987
3988 cmd->transport_state &= ~CMD_T_LUN_STOP;
3989 }
3990
3991 if (!(cmd->transport_state & CMD_T_ACTIVE)) {
3992 spin_unlock_irqrestore(&cmd->t_state_lock, flags);
3993 return false;
3994 }
3995
3996 cmd->transport_state |= CMD_T_STOP;
3997
3998 pr_debug("wait_for_tasks: Stopping %p ITT: 0x%08x"
3999 " i_state: %d, t_state: %d, CMD_T_STOP\n",
4000 cmd, cmd->se_tfo->get_task_tag(cmd),
4001 cmd->se_tfo->get_cmd_state(cmd), cmd->t_state);
4002
4003 spin_unlock_irqrestore(&cmd->t_state_lock, flags);
4004
4005 wake_up_interruptible(&cmd->se_dev->dev_queue_obj.thread_wq);
4006
4007 wait_for_completion(&cmd->t_transport_stop_comp);
4008
4009 spin_lock_irqsave(&cmd->t_state_lock, flags);
4010 cmd->transport_state &= ~(CMD_T_ACTIVE | CMD_T_STOP);
4011
4012 pr_debug("wait_for_tasks: Stopped wait_for_compltion("
4013 "&cmd->t_transport_stop_comp) for ITT: 0x%08x\n",
4014 cmd->se_tfo->get_task_tag(cmd));
4015
4016 spin_unlock_irqrestore(&cmd->t_state_lock, flags);
4017
4018 return true;
4019 }
4020 EXPORT_SYMBOL(transport_wait_for_tasks);
4021
4022 static int transport_get_sense_codes(
4023 struct se_cmd *cmd,
4024 u8 *asc,
4025 u8 *ascq)
4026 {
4027 *asc = cmd->scsi_asc;
4028 *ascq = cmd->scsi_ascq;
4029
4030 return 0;
4031 }
4032
4033 static int transport_set_sense_codes(
4034 struct se_cmd *cmd,
4035 u8 asc,
4036 u8 ascq)
4037 {
4038 cmd->scsi_asc = asc;
4039 cmd->scsi_ascq = ascq;
4040
4041 return 0;
4042 }
4043
4044 int transport_send_check_condition_and_sense(
4045 struct se_cmd *cmd,
4046 u8 reason,
4047 int from_transport)
4048 {
4049 unsigned char *buffer = cmd->sense_buffer;
4050 unsigned long flags;
4051 int offset;
4052 u8 asc = 0, ascq = 0;
4053
4054 spin_lock_irqsave(&cmd->t_state_lock, flags);
4055 if (cmd->se_cmd_flags & SCF_SENT_CHECK_CONDITION) {
4056 spin_unlock_irqrestore(&cmd->t_state_lock, flags);
4057 return 0;
4058 }
4059 cmd->se_cmd_flags |= SCF_SENT_CHECK_CONDITION;
4060 spin_unlock_irqrestore(&cmd->t_state_lock, flags);
4061
4062 if (!reason && from_transport)
4063 goto after_reason;
4064
4065 if (!from_transport)
4066 cmd->se_cmd_flags |= SCF_EMULATED_TASK_SENSE;
4067 /*
4068 * Data Segment and SenseLength of the fabric response PDU.
4069 *
4070 * TRANSPORT_SENSE_BUFFER is now set to SCSI_SENSE_BUFFERSIZE
4071 * from include/scsi/scsi_cmnd.h
4072 */
4073 offset = cmd->se_tfo->set_fabric_sense_len(cmd,
4074 TRANSPORT_SENSE_BUFFER);
4075 /*
4076 * Actual SENSE DATA, see SPC-3 7.23.2 SPC_SENSE_KEY_OFFSET uses
4077 * SENSE KEY values from include/scsi/scsi.h
4078 */
4079 switch (reason) {
4080 case TCM_NON_EXISTENT_LUN:
4081 /* CURRENT ERROR */
4082 buffer[offset] = 0x70;
4083 buffer[offset+SPC_ADD_SENSE_LEN_OFFSET] = 10;
4084 /* ILLEGAL REQUEST */
4085 buffer[offset+SPC_SENSE_KEY_OFFSET] = ILLEGAL_REQUEST;
4086 /* LOGICAL UNIT NOT SUPPORTED */
4087 buffer[offset+SPC_ASC_KEY_OFFSET] = 0x25;
4088 break;
4089 case TCM_UNSUPPORTED_SCSI_OPCODE:
4090 case TCM_SECTOR_COUNT_TOO_MANY:
4091 /* CURRENT ERROR */
4092 buffer[offset] = 0x70;
4093 buffer[offset+SPC_ADD_SENSE_LEN_OFFSET] = 10;
4094 /* ILLEGAL REQUEST */
4095 buffer[offset+SPC_SENSE_KEY_OFFSET] = ILLEGAL_REQUEST;
4096 /* INVALID COMMAND OPERATION CODE */
4097 buffer[offset+SPC_ASC_KEY_OFFSET] = 0x20;
4098 break;
4099 case TCM_UNKNOWN_MODE_PAGE:
4100 /* CURRENT ERROR */
4101 buffer[offset] = 0x70;
4102 buffer[offset+SPC_ADD_SENSE_LEN_OFFSET] = 10;
4103 /* ILLEGAL REQUEST */
4104 buffer[offset+SPC_SENSE_KEY_OFFSET] = ILLEGAL_REQUEST;
4105 /* INVALID FIELD IN CDB */
4106 buffer[offset+SPC_ASC_KEY_OFFSET] = 0x24;
4107 break;
4108 case TCM_CHECK_CONDITION_ABORT_CMD:
4109 /* CURRENT ERROR */
4110 buffer[offset] = 0x70;
4111 buffer[offset+SPC_ADD_SENSE_LEN_OFFSET] = 10;
4112 /* ABORTED COMMAND */
4113 buffer[offset+SPC_SENSE_KEY_OFFSET] = ABORTED_COMMAND;
4114 /* BUS DEVICE RESET FUNCTION OCCURRED */
4115 buffer[offset+SPC_ASC_KEY_OFFSET] = 0x29;
4116 buffer[offset+SPC_ASCQ_KEY_OFFSET] = 0x03;
4117 break;
4118 case TCM_INCORRECT_AMOUNT_OF_DATA:
4119 /* CURRENT ERROR */
4120 buffer[offset] = 0x70;
4121 buffer[offset+SPC_ADD_SENSE_LEN_OFFSET] = 10;
4122 /* ABORTED COMMAND */
4123 buffer[offset+SPC_SENSE_KEY_OFFSET] = ABORTED_COMMAND;
4124 /* WRITE ERROR */
4125 buffer[offset+SPC_ASC_KEY_OFFSET] = 0x0c;
4126 /* NOT ENOUGH UNSOLICITED DATA */
4127 buffer[offset+SPC_ASCQ_KEY_OFFSET] = 0x0d;
4128 break;
4129 case TCM_INVALID_CDB_FIELD:
4130 /* CURRENT ERROR */
4131 buffer[offset] = 0x70;
4132 buffer[offset+SPC_ADD_SENSE_LEN_OFFSET] = 10;
4133 /* ILLEGAL REQUEST */
4134 buffer[offset+SPC_SENSE_KEY_OFFSET] = ILLEGAL_REQUEST;
4135 /* INVALID FIELD IN CDB */
4136 buffer[offset+SPC_ASC_KEY_OFFSET] = 0x24;
4137 break;
4138 case TCM_INVALID_PARAMETER_LIST:
4139 /* CURRENT ERROR */
4140 buffer[offset] = 0x70;
4141 buffer[offset+SPC_ADD_SENSE_LEN_OFFSET] = 10;
4142 /* ILLEGAL REQUEST */
4143 buffer[offset+SPC_SENSE_KEY_OFFSET] = ILLEGAL_REQUEST;
4144 /* INVALID FIELD IN PARAMETER LIST */
4145 buffer[offset+SPC_ASC_KEY_OFFSET] = 0x26;
4146 break;
4147 case TCM_UNEXPECTED_UNSOLICITED_DATA:
4148 /* CURRENT ERROR */
4149 buffer[offset] = 0x70;
4150 buffer[offset+SPC_ADD_SENSE_LEN_OFFSET] = 10;
4151 /* ABORTED COMMAND */
4152 buffer[offset+SPC_SENSE_KEY_OFFSET] = ABORTED_COMMAND;
4153 /* WRITE ERROR */
4154 buffer[offset+SPC_ASC_KEY_OFFSET] = 0x0c;
4155 /* UNEXPECTED_UNSOLICITED_DATA */
4156 buffer[offset+SPC_ASCQ_KEY_OFFSET] = 0x0c;
4157 break;
4158 case TCM_SERVICE_CRC_ERROR:
4159 /* CURRENT ERROR */
4160 buffer[offset] = 0x70;
4161 buffer[offset+SPC_ADD_SENSE_LEN_OFFSET] = 10;
4162 /* ABORTED COMMAND */
4163 buffer[offset+SPC_SENSE_KEY_OFFSET] = ABORTED_COMMAND;
4164 /* PROTOCOL SERVICE CRC ERROR */
4165 buffer[offset+SPC_ASC_KEY_OFFSET] = 0x47;
4166 /* N/A */
4167 buffer[offset+SPC_ASCQ_KEY_OFFSET] = 0x05;
4168 break;
4169 case TCM_SNACK_REJECTED:
4170 /* CURRENT ERROR */
4171 buffer[offset] = 0x70;
4172 buffer[offset+SPC_ADD_SENSE_LEN_OFFSET] = 10;
4173 /* ABORTED COMMAND */
4174 buffer[offset+SPC_SENSE_KEY_OFFSET] = ABORTED_COMMAND;
4175 /* READ ERROR */
4176 buffer[offset+SPC_ASC_KEY_OFFSET] = 0x11;
4177 /* FAILED RETRANSMISSION REQUEST */
4178 buffer[offset+SPC_ASCQ_KEY_OFFSET] = 0x13;
4179 break;
4180 case TCM_WRITE_PROTECTED:
4181 /* CURRENT ERROR */
4182 buffer[offset] = 0x70;
4183 buffer[offset+SPC_ADD_SENSE_LEN_OFFSET] = 10;
4184 /* DATA PROTECT */
4185 buffer[offset+SPC_SENSE_KEY_OFFSET] = DATA_PROTECT;
4186 /* WRITE PROTECTED */
4187 buffer[offset+SPC_ASC_KEY_OFFSET] = 0x27;
4188 break;
4189 case TCM_CHECK_CONDITION_UNIT_ATTENTION:
4190 /* CURRENT ERROR */
4191 buffer[offset] = 0x70;
4192 buffer[offset+SPC_ADD_SENSE_LEN_OFFSET] = 10;
4193 /* UNIT ATTENTION */
4194 buffer[offset+SPC_SENSE_KEY_OFFSET] = UNIT_ATTENTION;
4195 core_scsi3_ua_for_check_condition(cmd, &asc, &ascq);
4196 buffer[offset+SPC_ASC_KEY_OFFSET] = asc;
4197 buffer[offset+SPC_ASCQ_KEY_OFFSET] = ascq;
4198 break;
4199 case TCM_CHECK_CONDITION_NOT_READY:
4200 /* CURRENT ERROR */
4201 buffer[offset] = 0x70;
4202 buffer[offset+SPC_ADD_SENSE_LEN_OFFSET] = 10;
4203 /* Not Ready */
4204 buffer[offset+SPC_SENSE_KEY_OFFSET] = NOT_READY;
4205 transport_get_sense_codes(cmd, &asc, &ascq);
4206 buffer[offset+SPC_ASC_KEY_OFFSET] = asc;
4207 buffer[offset+SPC_ASCQ_KEY_OFFSET] = ascq;
4208 break;
4209 case TCM_LOGICAL_UNIT_COMMUNICATION_FAILURE:
4210 default:
4211 /* CURRENT ERROR */
4212 buffer[offset] = 0x70;
4213 buffer[offset+SPC_ADD_SENSE_LEN_OFFSET] = 10;
4214 /* ILLEGAL REQUEST */
4215 buffer[offset+SPC_SENSE_KEY_OFFSET] = ILLEGAL_REQUEST;
4216 /* LOGICAL UNIT COMMUNICATION FAILURE */
4217 buffer[offset+SPC_ASC_KEY_OFFSET] = 0x80;
4218 break;
4219 }
4220 /*
4221 * This code uses linux/include/scsi/scsi.h SAM status codes!
4222 */
4223 cmd->scsi_status = SAM_STAT_CHECK_CONDITION;
4224 /*
4225 * Automatically padded, this value is encoded in the fabric's
4226 * data_length response PDU containing the SCSI defined sense data.
4227 */
4228 cmd->scsi_sense_length = TRANSPORT_SENSE_BUFFER + offset;
4229
4230 after_reason:
4231 return cmd->se_tfo->queue_status(cmd);
4232 }
4233 EXPORT_SYMBOL(transport_send_check_condition_and_sense);
4234
4235 int transport_check_aborted_status(struct se_cmd *cmd, int send_status)
4236 {
4237 int ret = 0;
4238
4239 if (cmd->transport_state & CMD_T_ABORTED) {
4240 if (!send_status ||
4241 (cmd->se_cmd_flags & SCF_SENT_DELAYED_TAS))
4242 return 1;
4243
4244 pr_debug("Sending delayed SAM_STAT_TASK_ABORTED"
4245 " status for CDB: 0x%02x ITT: 0x%08x\n",
4246 cmd->t_task_cdb[0],
4247 cmd->se_tfo->get_task_tag(cmd));
4248
4249 cmd->se_cmd_flags |= SCF_SENT_DELAYED_TAS;
4250 cmd->se_tfo->queue_status(cmd);
4251 ret = 1;
4252 }
4253 return ret;
4254 }
4255 EXPORT_SYMBOL(transport_check_aborted_status);
4256
4257 void transport_send_task_abort(struct se_cmd *cmd)
4258 {
4259 unsigned long flags;
4260
4261 spin_lock_irqsave(&cmd->t_state_lock, flags);
4262 if (cmd->se_cmd_flags & SCF_SENT_CHECK_CONDITION) {
4263 spin_unlock_irqrestore(&cmd->t_state_lock, flags);
4264 return;
4265 }
4266 spin_unlock_irqrestore(&cmd->t_state_lock, flags);
4267
4268 /*
4269 * If there are still expected incoming fabric WRITEs, we wait
4270 * until until they have completed before sending a TASK_ABORTED
4271 * response. This response with TASK_ABORTED status will be
4272 * queued back to fabric module by transport_check_aborted_status().
4273 */
4274 if (cmd->data_direction == DMA_TO_DEVICE) {
4275 if (cmd->se_tfo->write_pending_status(cmd) != 0) {
4276 cmd->transport_state |= CMD_T_ABORTED;
4277 smp_mb__after_atomic_inc();
4278 }
4279 }
4280 cmd->scsi_status = SAM_STAT_TASK_ABORTED;
4281
4282 pr_debug("Setting SAM_STAT_TASK_ABORTED status for CDB: 0x%02x,"
4283 " ITT: 0x%08x\n", cmd->t_task_cdb[0],
4284 cmd->se_tfo->get_task_tag(cmd));
4285
4286 cmd->se_tfo->queue_status(cmd);
4287 }
4288
4289 static int transport_generic_do_tmr(struct se_cmd *cmd)
4290 {
4291 struct se_device *dev = cmd->se_dev;
4292 struct se_tmr_req *tmr = cmd->se_tmr_req;
4293 int ret;
4294
4295 switch (tmr->function) {
4296 case TMR_ABORT_TASK:
4297 core_tmr_abort_task(dev, tmr, cmd->se_sess);
4298 break;
4299 case TMR_ABORT_TASK_SET:
4300 case TMR_CLEAR_ACA:
4301 case TMR_CLEAR_TASK_SET:
4302 tmr->response = TMR_TASK_MGMT_FUNCTION_NOT_SUPPORTED;
4303 break;
4304 case TMR_LUN_RESET:
4305 ret = core_tmr_lun_reset(dev, tmr, NULL, NULL);
4306 tmr->response = (!ret) ? TMR_FUNCTION_COMPLETE :
4307 TMR_FUNCTION_REJECTED;
4308 break;
4309 case TMR_TARGET_WARM_RESET:
4310 tmr->response = TMR_FUNCTION_REJECTED;
4311 break;
4312 case TMR_TARGET_COLD_RESET:
4313 tmr->response = TMR_FUNCTION_REJECTED;
4314 break;
4315 default:
4316 pr_err("Uknown TMR function: 0x%02x.\n",
4317 tmr->function);
4318 tmr->response = TMR_FUNCTION_REJECTED;
4319 break;
4320 }
4321
4322 cmd->t_state = TRANSPORT_ISTATE_PROCESSING;
4323 cmd->se_tfo->queue_tm_rsp(cmd);
4324
4325 transport_cmd_check_stop_to_fabric(cmd);
4326 return 0;
4327 }
4328
4329 /* transport_processing_thread():
4330 *
4331 *
4332 */
4333 static int transport_processing_thread(void *param)
4334 {
4335 int ret;
4336 struct se_cmd *cmd;
4337 struct se_device *dev = param;
4338
4339 while (!kthread_should_stop()) {
4340 ret = wait_event_interruptible(dev->dev_queue_obj.thread_wq,
4341 atomic_read(&dev->dev_queue_obj.queue_cnt) ||
4342 kthread_should_stop());
4343 if (ret < 0)
4344 goto out;
4345
4346 get_cmd:
4347 cmd = transport_get_cmd_from_queue(&dev->dev_queue_obj);
4348 if (!cmd)
4349 continue;
4350
4351 switch (cmd->t_state) {
4352 case TRANSPORT_NEW_CMD:
4353 BUG();
4354 break;
4355 case TRANSPORT_NEW_CMD_MAP:
4356 if (!cmd->se_tfo->new_cmd_map) {
4357 pr_err("cmd->se_tfo->new_cmd_map is"
4358 " NULL for TRANSPORT_NEW_CMD_MAP\n");
4359 BUG();
4360 }
4361 ret = cmd->se_tfo->new_cmd_map(cmd);
4362 if (ret < 0) {
4363 transport_generic_request_failure(cmd);
4364 break;
4365 }
4366 ret = transport_generic_new_cmd(cmd);
4367 if (ret < 0) {
4368 transport_generic_request_failure(cmd);
4369 break;
4370 }
4371 break;
4372 case TRANSPORT_PROCESS_WRITE:
4373 transport_generic_process_write(cmd);
4374 break;
4375 case TRANSPORT_PROCESS_TMR:
4376 transport_generic_do_tmr(cmd);
4377 break;
4378 case TRANSPORT_COMPLETE_QF_WP:
4379 transport_write_pending_qf(cmd);
4380 break;
4381 case TRANSPORT_COMPLETE_QF_OK:
4382 transport_complete_qf(cmd);
4383 break;
4384 default:
4385 pr_err("Unknown t_state: %d for ITT: 0x%08x "
4386 "i_state: %d on SE LUN: %u\n",
4387 cmd->t_state,
4388 cmd->se_tfo->get_task_tag(cmd),
4389 cmd->se_tfo->get_cmd_state(cmd),
4390 cmd->se_lun->unpacked_lun);
4391 BUG();
4392 }
4393
4394 goto get_cmd;
4395 }
4396
4397 out:
4398 WARN_ON(!list_empty(&dev->state_list));
4399 WARN_ON(!list_empty(&dev->dev_queue_obj.qobj_list));
4400 dev->process_thread = NULL;
4401 return 0;
4402 }
Linux kernel - Deliverables
This page took 0.124197 seconds and 5 git commands to generate.