tjh.dev
Linux kernel mirror (for testing)
git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel
os
linux
1// SPDX-License-Identifier: GPL-2.0-or-later
2/*
3 * vvvvvvvvvvvvvvvvvvvvvvv Original vvvvvvvvvvvvvvvvvvvvvvvvvvvvvvv
4 * Copyright (C) 1992 Eric Youngdale
5 * Simulate a host adapter with 2 disks attached. Do a lot of checking
6 * to make sure that we are not getting blocks mixed up, and PANIC if
7 * anything out of the ordinary is seen.
8 * ^^^^^^^^^^^^^^^^^^^^^^^ Original ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
9 *
10 * Copyright (C) 2001 - 2021 Douglas Gilbert
11 *
12 * For documentation see http://sg.danny.cz/sg/scsi_debug.html
13 */
14
15
16#define pr_fmt(fmt) KBUILD_MODNAME ":%s: " fmt, __func__
17
18#include <linux/module.h>
19#include <linux/align.h>
20#include <linux/kernel.h>
21#include <linux/errno.h>
22#include <linux/jiffies.h>
23#include <linux/slab.h>
24#include <linux/types.h>
25#include <linux/string.h>
26#include <linux/fs.h>
27#include <linux/init.h>
28#include <linux/proc_fs.h>
29#include <linux/vmalloc.h>
30#include <linux/moduleparam.h>
31#include <linux/scatterlist.h>
32#include <linux/blkdev.h>
33#include <linux/crc-t10dif.h>
34#include <linux/spinlock.h>
35#include <linux/interrupt.h>
36#include <linux/atomic.h>
37#include <linux/hrtimer.h>
38#include <linux/uuid.h>
39#include <linux/t10-pi.h>
40#include <linux/msdos_partition.h>
41#include <linux/random.h>
42#include <linux/xarray.h>
43#include <linux/prefetch.h>
44#include <linux/debugfs.h>
45#include <linux/async.h>
46#include <linux/cleanup.h>
47
48#include <net/checksum.h>
49
50#include <linux/unaligned.h>
51
52#include <scsi/scsi.h>
53#include <scsi/scsi_cmnd.h>
54#include <scsi/scsi_device.h>
55#include <scsi/scsi_host.h>
56#include <scsi/scsicam.h>
57#include <scsi/scsi_eh.h>
58#include <scsi/scsi_tcq.h>
59#include <scsi/scsi_dbg.h>
60
61#include "sd.h"
62#include "scsi_logging.h"
63
64/* make sure inq_product_rev string corresponds to this version */
65#define SDEBUG_VERSION "0191" /* format to fit INQUIRY revision field */
66static const char *sdebug_version_date = "20210520";
67
68#define MY_NAME "scsi_debug"
69
70/* Additional Sense Code (ASC) */
71#define NO_ADDITIONAL_SENSE 0x0
72#define OVERLAP_ATOMIC_COMMAND_ASC 0x0
73#define OVERLAP_ATOMIC_COMMAND_ASCQ 0x23
74#define LOGICAL_UNIT_NOT_READY 0x4
75#define LOGICAL_UNIT_COMMUNICATION_FAILURE 0x8
76#define UNRECOVERED_READ_ERR 0x11
77#define PARAMETER_LIST_LENGTH_ERR 0x1a
78#define INVALID_OPCODE 0x20
79#define LBA_OUT_OF_RANGE 0x21
80#define INVALID_FIELD_IN_CDB 0x24
81#define INVALID_FIELD_IN_PARAM_LIST 0x26
82#define WRITE_PROTECTED 0x27
83#define UA_RESET_ASC 0x29
84#define UA_CHANGED_ASC 0x2a
85#define TARGET_CHANGED_ASC 0x3f
86#define LUNS_CHANGED_ASCQ 0x0e
87#define INSUFF_RES_ASC 0x55
88#define INSUFF_RES_ASCQ 0x3
89#define POWER_ON_RESET_ASCQ 0x0
90#define POWER_ON_OCCURRED_ASCQ 0x1
91#define BUS_RESET_ASCQ 0x2 /* scsi bus reset occurred */
92#define MODE_CHANGED_ASCQ 0x1 /* mode parameters changed */
93#define CAPACITY_CHANGED_ASCQ 0x9
94#define SAVING_PARAMS_UNSUP 0x39
95#define TRANSPORT_PROBLEM 0x4b
96#define THRESHOLD_EXCEEDED 0x5d
97#define LOW_POWER_COND_ON 0x5e
98#define MISCOMPARE_VERIFY_ASC 0x1d
99#define MICROCODE_CHANGED_ASCQ 0x1 /* with TARGET_CHANGED_ASC */
100#define MICROCODE_CHANGED_WO_RESET_ASCQ 0x16
101#define WRITE_ERROR_ASC 0xc
102#define UNALIGNED_WRITE_ASCQ 0x4
103#define WRITE_BOUNDARY_ASCQ 0x5
104#define READ_INVDATA_ASCQ 0x6
105#define READ_BOUNDARY_ASCQ 0x7
106#define ATTEMPT_ACCESS_GAP 0x9
107#define INSUFF_ZONE_ASCQ 0xe
108/* see drivers/scsi/sense_codes.h */
109
110/* Additional Sense Code Qualifier (ASCQ) */
111#define ACK_NAK_TO 0x3
112
113/* Default values for driver parameters */
114#define DEF_NUM_HOST 1
115#define DEF_NUM_TGTS 1
116#define DEF_MAX_LUNS 1
117/* With these defaults, this driver will make 1 host with 1 target
118 * (id 0) containing 1 logical unit (lun 0). That is 1 device.
119 */
120#define DEF_ATO 1
121#define DEF_CDB_LEN 10
122#define DEF_JDELAY 1 /* if > 0 unit is a jiffy */
123#define DEF_DEV_SIZE_PRE_INIT 0
124#define DEF_DEV_SIZE_MB 8
125#define DEF_ZBC_DEV_SIZE_MB 128
126#define DEF_DIF 0
127#define DEF_DIX 0
128#define DEF_PER_HOST_STORE false
129#define DEF_D_SENSE 0
130#define DEF_EVERY_NTH 0
131#define DEF_FAKE_RW 0
132#define DEF_GUARD 0
133#define DEF_HOST_LOCK 0
134#define DEF_LBPU 0
135#define DEF_LBPWS 0
136#define DEF_LBPWS10 0
137#define DEF_LBPRZ 1
138#define DEF_LOWEST_ALIGNED 0
139#define DEF_NDELAY 0 /* if > 0 unit is a nanosecond */
140#define DEF_NO_LUN_0 0
141#define DEF_NUM_PARTS 0
142#define DEF_OPTS 0
143#define DEF_OPT_BLKS 1024
144#define DEF_PHYSBLK_EXP 0
145#define DEF_OPT_XFERLEN_EXP 0
146#define DEF_PTYPE TYPE_DISK
147#define DEF_RANDOM false
148#define DEF_REMOVABLE false
149#define DEF_SCSI_LEVEL 7 /* INQUIRY, byte2 [6->SPC-4; 7->SPC-5] */
150#define DEF_SECTOR_SIZE 512
151#define DEF_UNMAP_ALIGNMENT 0
152#define DEF_UNMAP_GRANULARITY 1
153#define DEF_UNMAP_MAX_BLOCKS 0xFFFFFFFF
154#define DEF_UNMAP_MAX_DESC 256
155#define DEF_VIRTUAL_GB 0
156#define DEF_VPD_USE_HOSTNO 1
157#define DEF_WRITESAME_LENGTH 0xFFFF
158#define DEF_ATOMIC_WR 0
159#define DEF_ATOMIC_WR_MAX_LENGTH 8192
160#define DEF_ATOMIC_WR_ALIGN 2
161#define DEF_ATOMIC_WR_GRAN 2
162#define DEF_ATOMIC_WR_MAX_LENGTH_BNDRY (DEF_ATOMIC_WR_MAX_LENGTH)
163#define DEF_ATOMIC_WR_MAX_BNDRY 128
164#define DEF_STRICT 0
165#define DEF_STATISTICS false
166#define DEF_SUBMIT_QUEUES 1
167#define DEF_TUR_MS_TO_READY 0
168#define DEF_UUID_CTL 0
169#define JDELAY_OVERRIDDEN -9999
170
171/* Default parameters for ZBC drives */
172#define DEF_ZBC_ZONE_SIZE_MB 128
173#define DEF_ZBC_MAX_OPEN_ZONES 8
174#define DEF_ZBC_NR_CONV_ZONES 1
175
176#define SDEBUG_LUN_0_VAL 0
177
178/* bit mask values for sdebug_opts */
179#define SDEBUG_OPT_NOISE 1
180#define SDEBUG_OPT_MEDIUM_ERR 2
181#define SDEBUG_OPT_TIMEOUT 4
182#define SDEBUG_OPT_RECOVERED_ERR 8
183#define SDEBUG_OPT_TRANSPORT_ERR 16
184#define SDEBUG_OPT_DIF_ERR 32
185#define SDEBUG_OPT_DIX_ERR 64
186#define SDEBUG_OPT_MAC_TIMEOUT 128
187#define SDEBUG_OPT_SHORT_TRANSFER 0x100
188#define SDEBUG_OPT_Q_NOISE 0x200
189#define SDEBUG_OPT_ALL_TSF 0x400 /* ignore */
190#define SDEBUG_OPT_RARE_TSF 0x800
191#define SDEBUG_OPT_N_WCE 0x1000
192#define SDEBUG_OPT_RESET_NOISE 0x2000
193#define SDEBUG_OPT_NO_CDB_NOISE 0x4000
194#define SDEBUG_OPT_HOST_BUSY 0x8000
195#define SDEBUG_OPT_CMD_ABORT 0x10000
196#define SDEBUG_OPT_ALL_NOISE (SDEBUG_OPT_NOISE | SDEBUG_OPT_Q_NOISE | \
197 SDEBUG_OPT_RESET_NOISE)
198#define SDEBUG_OPT_ALL_INJECTING (SDEBUG_OPT_RECOVERED_ERR | \
199 SDEBUG_OPT_TRANSPORT_ERR | \
200 SDEBUG_OPT_DIF_ERR | SDEBUG_OPT_DIX_ERR | \
201 SDEBUG_OPT_SHORT_TRANSFER | \
202 SDEBUG_OPT_HOST_BUSY | \
203 SDEBUG_OPT_CMD_ABORT)
204#define SDEBUG_OPT_RECOV_DIF_DIX (SDEBUG_OPT_RECOVERED_ERR | \
205 SDEBUG_OPT_DIF_ERR | SDEBUG_OPT_DIX_ERR)
206
207/* As indicated in SAM-5 and SPC-4 Unit Attentions (UAs) are returned in
208 * priority order. In the subset implemented here lower numbers have higher
209 * priority. The UA numbers should be a sequence starting from 0 with
210 * SDEBUG_NUM_UAS being 1 higher than the highest numbered UA. */
211#define SDEBUG_UA_POR 0 /* Power on, reset, or bus device reset */
212#define SDEBUG_UA_POOCCUR 1 /* Power on occurred */
213#define SDEBUG_UA_BUS_RESET 2
214#define SDEBUG_UA_MODE_CHANGED 3
215#define SDEBUG_UA_CAPACITY_CHANGED 4
216#define SDEBUG_UA_LUNS_CHANGED 5
217#define SDEBUG_UA_MICROCODE_CHANGED 6 /* simulate firmware change */
218#define SDEBUG_UA_MICROCODE_CHANGED_WO_RESET 7
219#define SDEBUG_NUM_UAS 8
220
221/* when 1==SDEBUG_OPT_MEDIUM_ERR, a medium error is simulated at this
222 * sector on read commands: */
223#define OPT_MEDIUM_ERR_ADDR 0x1234 /* that's sector 4660 in decimal */
224#define OPT_MEDIUM_ERR_NUM 10 /* number of consecutive medium errs */
225
226/* SDEBUG_CANQUEUE is the maximum number of commands that can be queued
227 * (for response) per submit queue at one time. Can be reduced by max_queue
228 * option. Command responses are not queued when jdelay=0 and ndelay=0. The
229 * per-device DEF_CMD_PER_LUN can be changed via sysfs:
230 * /sys/class/scsi_device/<h:c:t:l>/device/queue_depth
231 * but cannot exceed SDEBUG_CANQUEUE .
232 */
233#define SDEBUG_CANQUEUE_WORDS 3 /* a WORD is bits in a long */
234#define SDEBUG_CANQUEUE (SDEBUG_CANQUEUE_WORDS * BITS_PER_LONG)
235#define DEF_CMD_PER_LUN SDEBUG_CANQUEUE
236
237/* UA - Unit Attention; SA - Service Action; SSU - Start Stop Unit */
238#define F_D_IN 1 /* Data-in command (e.g. READ) */
239#define F_D_OUT 2 /* Data-out command (e.g. WRITE) */
240#define F_D_OUT_MAYBE 4 /* WRITE SAME, NDOB bit */
241#define F_D_UNKN 8
242#define F_RL_WLUN_OK 0x10 /* allowed with REPORT LUNS W-LUN */
243#define F_SKIP_UA 0x20 /* bypass UAs (e.g. INQUIRY command) */
244#define F_DELAY_OVERR 0x40 /* for commands like INQUIRY */
245#define F_SA_LOW 0x80 /* SA is in cdb byte 1, bits 4 to 0 */
246#define F_SA_HIGH 0x100 /* SA is in cdb bytes 8 and 9 */
247#define F_INV_OP 0x200 /* invalid opcode (not supported) */
248#define F_FAKE_RW 0x400 /* bypass resp_*() when fake_rw set */
249#define F_M_ACCESS 0x800 /* media access, reacts to SSU state */
250#define F_SSU_DELAY 0x1000 /* SSU command delay (long-ish) */
251#define F_SYNC_DELAY 0x2000 /* SYNCHRONIZE CACHE delay */
252
253/* Useful combinations of the above flags */
254#define FF_RESPOND (F_RL_WLUN_OK | F_SKIP_UA | F_DELAY_OVERR)
255#define FF_MEDIA_IO (F_M_ACCESS | F_FAKE_RW)
256#define FF_SA (F_SA_HIGH | F_SA_LOW)
257#define F_LONG_DELAY (F_SSU_DELAY | F_SYNC_DELAY)
258
259#define SDEBUG_MAX_PARTS 4
260
261#define SDEBUG_MAX_CMD_LEN 32
262
263#define SDEB_XA_NOT_IN_USE XA_MARK_1
264
265static struct kmem_cache *queued_cmd_cache;
266
267#define TO_QUEUED_CMD(scmd) ((void *)(scmd)->host_scribble)
268#define ASSIGN_QUEUED_CMD(scmnd, qc) { (scmnd)->host_scribble = (void *) qc; }
269
270/* Zone types (zbcr05 table 25) */
271enum sdebug_z_type {
272 ZBC_ZTYPE_CNV = 0x1,
273 ZBC_ZTYPE_SWR = 0x2,
274 ZBC_ZTYPE_SWP = 0x3,
275 /* ZBC_ZTYPE_SOBR = 0x4, */
276 ZBC_ZTYPE_GAP = 0x5,
277};
278
279/* enumeration names taken from table 26, zbcr05 */
280enum sdebug_z_cond {
281 ZBC_NOT_WRITE_POINTER = 0x0,
282 ZC1_EMPTY = 0x1,
283 ZC2_IMPLICIT_OPEN = 0x2,
284 ZC3_EXPLICIT_OPEN = 0x3,
285 ZC4_CLOSED = 0x4,
286 ZC6_READ_ONLY = 0xd,
287 ZC5_FULL = 0xe,
288 ZC7_OFFLINE = 0xf,
289};
290
291struct sdeb_zone_state { /* ZBC: per zone state */
292 enum sdebug_z_type z_type;
293 enum sdebug_z_cond z_cond;
294 bool z_non_seq_resource;
295 unsigned int z_size;
296 sector_t z_start;
297 sector_t z_wp;
298};
299
300enum sdebug_err_type {
301 ERR_TMOUT_CMD = 0, /* make specific scsi command timeout */
302 ERR_FAIL_QUEUE_CMD = 1, /* make specific scsi command's */
303 /* queuecmd return failed */
304 ERR_FAIL_CMD = 2, /* make specific scsi command's */
305 /* queuecmd return succeed but */
306 /* with errors set in scsi_cmnd */
307 ERR_ABORT_CMD_FAILED = 3, /* control return FAILED from */
308 /* scsi_debug_abort() */
309 ERR_LUN_RESET_FAILED = 4, /* control return FAILED from */
310 /* scsi_debug_device_reseLUN_RESET_FAILEDt() */
311};
312
313struct sdebug_err_inject {
314 int type;
315 struct list_head list;
316 int cnt;
317 unsigned char cmd;
318 struct rcu_head rcu;
319
320 union {
321 /*
322 * For ERR_FAIL_QUEUE_CMD
323 */
324 int queuecmd_ret;
325
326 /*
327 * For ERR_FAIL_CMD
328 */
329 struct {
330 unsigned char host_byte;
331 unsigned char driver_byte;
332 unsigned char status_byte;
333 unsigned char sense_key;
334 unsigned char asc;
335 unsigned char asq;
336 };
337 };
338};
339
340struct sdebug_dev_info {
341 struct list_head dev_list;
342 unsigned int channel;
343 unsigned int target;
344 u64 lun;
345 uuid_t lu_name;
346 struct sdebug_host_info *sdbg_host;
347 unsigned long uas_bm[1];
348 atomic_t stopped; /* 1: by SSU, 2: device start */
349 bool used;
350
351 /* For ZBC devices */
352 bool zoned;
353 unsigned int zcap;
354 unsigned int zsize;
355 unsigned int zsize_shift;
356 unsigned int nr_zones;
357 unsigned int nr_conv_zones;
358 unsigned int nr_seq_zones;
359 unsigned int nr_imp_open;
360 unsigned int nr_exp_open;
361 unsigned int nr_closed;
362 unsigned int max_open;
363 ktime_t create_ts; /* time since bootup that this device was created */
364 struct sdeb_zone_state *zstate;
365
366 struct dentry *debugfs_entry;
367 struct spinlock list_lock;
368 struct list_head inject_err_list;
369};
370
371struct sdebug_target_info {
372 bool reset_fail;
373 struct dentry *debugfs_entry;
374};
375
376struct sdebug_host_info {
377 struct list_head host_list;
378 int si_idx; /* sdeb_store_info (per host) xarray index */
379 struct Scsi_Host *shost;
380 struct device dev;
381 struct list_head dev_info_list;
382};
383
384/* There is an xarray of pointers to this struct's objects, one per host */
385struct sdeb_store_info {
386 rwlock_t macc_data_lck; /* for media data access on this store */
387 rwlock_t macc_meta_lck; /* for atomic media meta access on this store */
388 rwlock_t macc_sector_lck; /* per-sector media data access on this store */
389 u8 *storep; /* user data storage (ram) */
390 struct t10_pi_tuple *dif_storep; /* protection info */
391 void *map_storep; /* provisioning map */
392};
393
394#define dev_to_sdebug_host(d) \
395 container_of(d, struct sdebug_host_info, dev)
396
397#define shost_to_sdebug_host(shost) \
398 dev_to_sdebug_host(shost->dma_dev)
399
400enum sdeb_defer_type {SDEB_DEFER_NONE = 0, SDEB_DEFER_HRT = 1,
401 SDEB_DEFER_WQ = 2, SDEB_DEFER_POLL = 3};
402
403struct sdebug_defer {
404 struct hrtimer hrt;
405 struct execute_work ew;
406 ktime_t cmpl_ts;/* time since boot to complete this cmd */
407 int issuing_cpu;
408 bool aborted; /* true when blk_abort_request() already called */
409 enum sdeb_defer_type defer_t;
410};
411
412struct sdebug_device_access_info {
413 bool atomic_write;
414 u64 lba;
415 u32 num;
416 struct scsi_cmnd *self;
417};
418
419struct sdebug_queued_cmd {
420 /* corresponding bit set in in_use_bm[] in owning struct sdebug_queue
421 * instance indicates this slot is in use.
422 */
423 struct sdebug_defer sd_dp;
424 struct scsi_cmnd *scmd;
425 struct sdebug_device_access_info *i;
426};
427
428struct sdebug_scsi_cmd {
429 spinlock_t lock;
430};
431
432static atomic_t sdebug_cmnd_count; /* number of incoming commands */
433static atomic_t sdebug_completions; /* count of deferred completions */
434static atomic_t sdebug_miss_cpus; /* submission + completion cpus differ */
435static atomic_t sdebug_a_tsf; /* 'almost task set full' counter */
436static atomic_t sdeb_inject_pending;
437static atomic_t sdeb_mq_poll_count; /* bumped when mq_poll returns > 0 */
438
439struct opcode_info_t {
440 u8 num_attached; /* 0 if this is it (i.e. a leaf); use 0xff */
441 /* for terminating element */
442 u8 opcode; /* if num_attached > 0, preferred */
443 u16 sa; /* service action */
444 u32 flags; /* OR-ed set of SDEB_F_* */
445 int (*pfp)(struct scsi_cmnd *, struct sdebug_dev_info *);
446 const struct opcode_info_t *arrp; /* num_attached elements or NULL */
447 u8 len_mask[16]; /* len_mask[0]-->cdb_len, then mask for cdb */
448 /* 1 to min(cdb_len, 15); ignore cdb[15...] */
449};
450
451/* SCSI opcodes (first byte of cdb) of interest mapped onto these indexes */
452enum sdeb_opcode_index {
453 SDEB_I_INVALID_OPCODE = 0,
454 SDEB_I_INQUIRY = 1,
455 SDEB_I_REPORT_LUNS = 2,
456 SDEB_I_REQUEST_SENSE = 3,
457 SDEB_I_TEST_UNIT_READY = 4,
458 SDEB_I_MODE_SENSE = 5, /* 6, 10 */
459 SDEB_I_MODE_SELECT = 6, /* 6, 10 */
460 SDEB_I_LOG_SENSE = 7,
461 SDEB_I_READ_CAPACITY = 8, /* 10; 16 is in SA_IN(16) */
462 SDEB_I_READ = 9, /* 6, 10, 12, 16 */
463 SDEB_I_WRITE = 10, /* 6, 10, 12, 16 */
464 SDEB_I_START_STOP = 11,
465 SDEB_I_SERV_ACT_IN_16 = 12, /* add ...SERV_ACT_IN_12 if needed */
466 SDEB_I_SERV_ACT_OUT_16 = 13, /* add ...SERV_ACT_OUT_12 if needed */
467 SDEB_I_MAINT_IN = 14,
468 SDEB_I_MAINT_OUT = 15,
469 SDEB_I_VERIFY = 16, /* VERIFY(10), VERIFY(16) */
470 SDEB_I_VARIABLE_LEN = 17, /* READ(32), WRITE(32), WR_SCAT(32) */
471 SDEB_I_RESERVE = 18, /* 6, 10 */
472 SDEB_I_RELEASE = 19, /* 6, 10 */
473 SDEB_I_ALLOW_REMOVAL = 20, /* PREVENT ALLOW MEDIUM REMOVAL */
474 SDEB_I_REZERO_UNIT = 21, /* REWIND in SSC */
475 SDEB_I_ATA_PT = 22, /* 12, 16 */
476 SDEB_I_SEND_DIAG = 23,
477 SDEB_I_UNMAP = 24,
478 SDEB_I_WRITE_BUFFER = 25,
479 SDEB_I_WRITE_SAME = 26, /* 10, 16 */
480 SDEB_I_SYNC_CACHE = 27, /* 10, 16 */
481 SDEB_I_COMP_WRITE = 28,
482 SDEB_I_PRE_FETCH = 29, /* 10, 16 */
483 SDEB_I_ZONE_OUT = 30, /* 0x94+SA; includes no data xfer */
484 SDEB_I_ZONE_IN = 31, /* 0x95+SA; all have data-in */
485 SDEB_I_ATOMIC_WRITE_16 = 32,
486 SDEB_I_LAST_ELEM_P1 = 33, /* keep this last (previous + 1) */
487};
488
489
490static const unsigned char opcode_ind_arr[256] = {
491/* 0x0; 0x0->0x1f: 6 byte cdbs */
492 SDEB_I_TEST_UNIT_READY, SDEB_I_REZERO_UNIT, 0, SDEB_I_REQUEST_SENSE,
493 0, 0, 0, 0,
494 SDEB_I_READ, 0, SDEB_I_WRITE, 0, 0, 0, 0, 0,
495 0, 0, SDEB_I_INQUIRY, 0, 0, SDEB_I_MODE_SELECT, SDEB_I_RESERVE,
496 SDEB_I_RELEASE,
497 0, 0, SDEB_I_MODE_SENSE, SDEB_I_START_STOP, 0, SDEB_I_SEND_DIAG,
498 SDEB_I_ALLOW_REMOVAL, 0,
499/* 0x20; 0x20->0x3f: 10 byte cdbs */
500 0, 0, 0, 0, 0, SDEB_I_READ_CAPACITY, 0, 0,
501 SDEB_I_READ, 0, SDEB_I_WRITE, 0, 0, 0, 0, SDEB_I_VERIFY,
502 0, 0, 0, 0, SDEB_I_PRE_FETCH, SDEB_I_SYNC_CACHE, 0, 0,
503 0, 0, 0, SDEB_I_WRITE_BUFFER, 0, 0, 0, 0,
504/* 0x40; 0x40->0x5f: 10 byte cdbs */
505 0, SDEB_I_WRITE_SAME, SDEB_I_UNMAP, 0, 0, 0, 0, 0,
506 0, 0, 0, 0, 0, SDEB_I_LOG_SENSE, 0, 0,
507 0, 0, 0, 0, 0, SDEB_I_MODE_SELECT, SDEB_I_RESERVE,
508 SDEB_I_RELEASE,
509 0, 0, SDEB_I_MODE_SENSE, 0, 0, 0, 0, 0,
510/* 0x60; 0x60->0x7d are reserved, 0x7e is "extended cdb" */
511 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
512 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
513 0, SDEB_I_VARIABLE_LEN,
514/* 0x80; 0x80->0x9f: 16 byte cdbs */
515 0, 0, 0, 0, 0, SDEB_I_ATA_PT, 0, 0,
516 SDEB_I_READ, SDEB_I_COMP_WRITE, SDEB_I_WRITE, 0,
517 0, 0, 0, SDEB_I_VERIFY,
518 SDEB_I_PRE_FETCH, SDEB_I_SYNC_CACHE, 0, SDEB_I_WRITE_SAME,
519 SDEB_I_ZONE_OUT, SDEB_I_ZONE_IN, 0, 0,
520 0, 0, 0, 0,
521 SDEB_I_ATOMIC_WRITE_16, 0, SDEB_I_SERV_ACT_IN_16, SDEB_I_SERV_ACT_OUT_16,
522/* 0xa0; 0xa0->0xbf: 12 byte cdbs */
523 SDEB_I_REPORT_LUNS, SDEB_I_ATA_PT, 0, SDEB_I_MAINT_IN,
524 SDEB_I_MAINT_OUT, 0, 0, 0,
525 SDEB_I_READ, 0 /* SDEB_I_SERV_ACT_OUT_12 */, SDEB_I_WRITE,
526 0 /* SDEB_I_SERV_ACT_IN_12 */, 0, 0, 0, 0,
527 0, 0, 0, 0, 0, 0, 0, 0,
528 0, 0, 0, 0, 0, 0, 0, 0,
529/* 0xc0; 0xc0->0xff: vendor specific */
530 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
531 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
532 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
533 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
534};
535
536/*
537 * The following "response" functions return the SCSI mid-level's 4 byte
538 * tuple-in-an-int. To handle commands with an IMMED bit, for a faster
539 * command completion, they can mask their return value with
540 * SDEG_RES_IMMED_MASK .
541 */
542#define SDEG_RES_IMMED_MASK 0x40000000
543
544static int resp_inquiry(struct scsi_cmnd *, struct sdebug_dev_info *);
545static int resp_report_luns(struct scsi_cmnd *, struct sdebug_dev_info *);
546static int resp_requests(struct scsi_cmnd *, struct sdebug_dev_info *);
547static int resp_mode_sense(struct scsi_cmnd *, struct sdebug_dev_info *);
548static int resp_mode_select(struct scsi_cmnd *, struct sdebug_dev_info *);
549static int resp_log_sense(struct scsi_cmnd *, struct sdebug_dev_info *);
550static int resp_readcap(struct scsi_cmnd *, struct sdebug_dev_info *);
551static int resp_read_dt0(struct scsi_cmnd *, struct sdebug_dev_info *);
552static int resp_write_dt0(struct scsi_cmnd *, struct sdebug_dev_info *);
553static int resp_write_scat(struct scsi_cmnd *, struct sdebug_dev_info *);
554static int resp_start_stop(struct scsi_cmnd *, struct sdebug_dev_info *);
555static int resp_readcap16(struct scsi_cmnd *, struct sdebug_dev_info *);
556static int resp_get_lba_status(struct scsi_cmnd *, struct sdebug_dev_info *);
557static int resp_get_stream_status(struct scsi_cmnd *scp,
558 struct sdebug_dev_info *devip);
559static int resp_report_tgtpgs(struct scsi_cmnd *, struct sdebug_dev_info *);
560static int resp_unmap(struct scsi_cmnd *, struct sdebug_dev_info *);
561static int resp_rsup_opcodes(struct scsi_cmnd *, struct sdebug_dev_info *);
562static int resp_rsup_tmfs(struct scsi_cmnd *, struct sdebug_dev_info *);
563static int resp_verify(struct scsi_cmnd *, struct sdebug_dev_info *);
564static int resp_write_same_10(struct scsi_cmnd *, struct sdebug_dev_info *);
565static int resp_write_same_16(struct scsi_cmnd *, struct sdebug_dev_info *);
566static int resp_comp_write(struct scsi_cmnd *, struct sdebug_dev_info *);
567static int resp_write_buffer(struct scsi_cmnd *, struct sdebug_dev_info *);
568static int resp_sync_cache(struct scsi_cmnd *, struct sdebug_dev_info *);
569static int resp_pre_fetch(struct scsi_cmnd *, struct sdebug_dev_info *);
570static int resp_report_zones(struct scsi_cmnd *, struct sdebug_dev_info *);
571static int resp_atomic_write(struct scsi_cmnd *, struct sdebug_dev_info *);
572static int resp_open_zone(struct scsi_cmnd *, struct sdebug_dev_info *);
573static int resp_close_zone(struct scsi_cmnd *, struct sdebug_dev_info *);
574static int resp_finish_zone(struct scsi_cmnd *, struct sdebug_dev_info *);
575static int resp_rwp_zone(struct scsi_cmnd *, struct sdebug_dev_info *);
576
577static int sdebug_do_add_host(bool mk_new_store);
578static int sdebug_add_host_helper(int per_host_idx);
579static void sdebug_do_remove_host(bool the_end);
580static int sdebug_add_store(void);
581static void sdebug_erase_store(int idx, struct sdeb_store_info *sip);
582static void sdebug_erase_all_stores(bool apart_from_first);
583
584static void sdebug_free_queued_cmd(struct sdebug_queued_cmd *sqcp);
585
586/*
587 * The following are overflow arrays for cdbs that "hit" the same index in
588 * the opcode_info_arr array. The most time sensitive (or commonly used) cdb
589 * should be placed in opcode_info_arr[], the others should be placed here.
590 */
591static const struct opcode_info_t msense_iarr[] = {
592 {0, 0x1a, 0, F_D_IN, NULL, NULL,
593 {6, 0xe8, 0xff, 0xff, 0xff, 0xc7, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} },
594};
595
596static const struct opcode_info_t mselect_iarr[] = {
597 {0, 0x15, 0, F_D_OUT, NULL, NULL,
598 {6, 0xf1, 0, 0, 0xff, 0xc7, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} },
599};
600
601static const struct opcode_info_t read_iarr[] = {
602 {0, 0x28, 0, F_D_IN | FF_MEDIA_IO, resp_read_dt0, NULL,/* READ(10) */
603 {10, 0xff, 0xff, 0xff, 0xff, 0xff, 0x3f, 0xff, 0xff, 0xc7, 0, 0,
604 0, 0, 0, 0} },
605 {0, 0x8, 0, F_D_IN | FF_MEDIA_IO, resp_read_dt0, NULL, /* READ(6) */
606 {6, 0xff, 0xff, 0xff, 0xff, 0xc7, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} },
607 {0, 0xa8, 0, F_D_IN | FF_MEDIA_IO, resp_read_dt0, NULL,/* READ(12) */
608 {12, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xbf,
609 0xc7, 0, 0, 0, 0} },
610};
611
612static const struct opcode_info_t write_iarr[] = {
613 {0, 0x2a, 0, F_D_OUT | FF_MEDIA_IO, resp_write_dt0, /* WRITE(10) */
614 NULL, {10, 0xfb, 0xff, 0xff, 0xff, 0xff, 0x3f, 0xff, 0xff, 0xc7,
615 0, 0, 0, 0, 0, 0} },
616 {0, 0xa, 0, F_D_OUT | FF_MEDIA_IO, resp_write_dt0, /* WRITE(6) */
617 NULL, {6, 0xff, 0xff, 0xff, 0xff, 0xc7, 0, 0, 0, 0, 0, 0, 0,
618 0, 0, 0} },
619 {0, 0xaa, 0, F_D_OUT | FF_MEDIA_IO, resp_write_dt0, /* WRITE(12) */
620 NULL, {12, 0xfb, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
621 0xbf, 0xc7, 0, 0, 0, 0} },
622};
623
624static const struct opcode_info_t verify_iarr[] = {
625 {0, 0x2f, 0, F_D_OUT_MAYBE | FF_MEDIA_IO, resp_verify,/* VERIFY(10) */
626 NULL, {10, 0xf7, 0xff, 0xff, 0xff, 0xff, 0xbf, 0xff, 0xff, 0xc7,
627 0, 0, 0, 0, 0, 0} },
628};
629
630static const struct opcode_info_t sa_in_16_iarr[] = {
631 {0, 0x9e, 0x12, F_SA_LOW | F_D_IN, resp_get_lba_status, NULL,
632 {16, 0x12, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
633 0xff, 0xff, 0xff, 0, 0xc7} }, /* GET LBA STATUS(16) */
634 {0, 0x9e, 0x16, F_SA_LOW | F_D_IN, resp_get_stream_status, NULL,
635 {16, 0x16, 0, 0, 0xff, 0xff, 0, 0, 0, 0, 0xff, 0xff, 0xff, 0xff,
636 0, 0} }, /* GET STREAM STATUS */
637};
638
639static const struct opcode_info_t vl_iarr[] = { /* VARIABLE LENGTH */
640 {0, 0x7f, 0xb, F_SA_HIGH | F_D_OUT | FF_MEDIA_IO, resp_write_dt0,
641 NULL, {32, 0xc7, 0, 0, 0, 0, 0x3f, 0x18, 0x0, 0xb, 0xfa,
642 0, 0xff, 0xff, 0xff, 0xff} }, /* WRITE(32) */
643 {0, 0x7f, 0x11, F_SA_HIGH | F_D_OUT | FF_MEDIA_IO, resp_write_scat,
644 NULL, {32, 0xc7, 0, 0, 0, 0, 0x3f, 0x18, 0x0, 0x11, 0xf8,
645 0, 0xff, 0xff, 0x0, 0x0} }, /* WRITE SCATTERED(32) */
646};
647
648static const struct opcode_info_t maint_in_iarr[] = { /* MAINT IN */
649 {0, 0xa3, 0xc, F_SA_LOW | F_D_IN, resp_rsup_opcodes, NULL,
650 {12, 0xc, 0x87, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0,
651 0xc7, 0, 0, 0, 0} }, /* REPORT SUPPORTED OPERATION CODES */
652 {0, 0xa3, 0xd, F_SA_LOW | F_D_IN, resp_rsup_tmfs, NULL,
653 {12, 0xd, 0x80, 0, 0, 0, 0xff, 0xff, 0xff, 0xff, 0, 0xc7, 0, 0,
654 0, 0} }, /* REPORTED SUPPORTED TASK MANAGEMENT FUNCTIONS */
655};
656
657static const struct opcode_info_t write_same_iarr[] = {
658 {0, 0x93, 0, F_D_OUT_MAYBE | FF_MEDIA_IO, resp_write_same_16, NULL,
659 {16, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
660 0xff, 0xff, 0xff, 0x3f, 0xc7} }, /* WRITE SAME(16) */
661};
662
663static const struct opcode_info_t reserve_iarr[] = {
664 {0, 0x16, 0, F_D_OUT, NULL, NULL, /* RESERVE(6) */
665 {6, 0x1f, 0xff, 0xff, 0xff, 0xc7, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} },
666};
667
668static const struct opcode_info_t release_iarr[] = {
669 {0, 0x17, 0, F_D_OUT, NULL, NULL, /* RELEASE(6) */
670 {6, 0x1f, 0xff, 0, 0, 0xc7, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} },
671};
672
673static const struct opcode_info_t sync_cache_iarr[] = {
674 {0, 0x91, 0, F_SYNC_DELAY | F_M_ACCESS, resp_sync_cache, NULL,
675 {16, 0x6, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
676 0xff, 0xff, 0xff, 0xff, 0x3f, 0xc7} }, /* SYNC_CACHE (16) */
677};
678
679static const struct opcode_info_t pre_fetch_iarr[] = {
680 {0, 0x90, 0, F_SYNC_DELAY | FF_MEDIA_IO, resp_pre_fetch, NULL,
681 {16, 0x2, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
682 0xff, 0xff, 0xff, 0xff, 0x3f, 0xc7} }, /* PRE-FETCH (16) */
683};
684
685static const struct opcode_info_t zone_out_iarr[] = { /* ZONE OUT(16) */
686 {0, 0x94, 0x1, F_SA_LOW | F_M_ACCESS, resp_close_zone, NULL,
687 {16, 0x1, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
688 0xff, 0, 0, 0xff, 0xff, 0x1, 0xc7} }, /* CLOSE ZONE */
689 {0, 0x94, 0x2, F_SA_LOW | F_M_ACCESS, resp_finish_zone, NULL,
690 {16, 0x2, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
691 0xff, 0, 0, 0xff, 0xff, 0x1, 0xc7} }, /* FINISH ZONE */
692 {0, 0x94, 0x4, F_SA_LOW | F_M_ACCESS, resp_rwp_zone, NULL,
693 {16, 0x4, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
694 0xff, 0, 0, 0xff, 0xff, 0x1, 0xc7} }, /* RESET WRITE POINTER */
695};
696
697static const struct opcode_info_t zone_in_iarr[] = { /* ZONE IN(16) */
698 {0, 0x95, 0x6, F_SA_LOW | F_D_IN | F_M_ACCESS, NULL, NULL,
699 {16, 0x6, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
700 0xff, 0xff, 0xff, 0xff, 0x3f, 0xc7} }, /* REPORT ZONES */
701};
702
703
704/* This array is accessed via SDEB_I_* values. Make sure all are mapped,
705 * plus the terminating elements for logic that scans this table such as
706 * REPORT SUPPORTED OPERATION CODES. */
707static const struct opcode_info_t opcode_info_arr[SDEB_I_LAST_ELEM_P1 + 1] = {
708/* 0 */
709 {0, 0, 0, F_INV_OP | FF_RESPOND, NULL, NULL, /* unknown opcodes */
710 {0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} },
711 {0, 0x12, 0, FF_RESPOND | F_D_IN, resp_inquiry, NULL, /* INQUIRY */
712 {6, 0xe3, 0xff, 0xff, 0xff, 0xc7, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} },
713 {0, 0xa0, 0, FF_RESPOND | F_D_IN, resp_report_luns, NULL,
714 {12, 0xe3, 0xff, 0, 0, 0, 0xff, 0xff, 0xff, 0xff, 0, 0xc7, 0, 0,
715 0, 0} }, /* REPORT LUNS */
716 {0, 0x3, 0, FF_RESPOND | F_D_IN, resp_requests, NULL,
717 {6, 0xe1, 0, 0, 0xff, 0xc7, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} },
718 {0, 0x0, 0, F_M_ACCESS | F_RL_WLUN_OK, NULL, NULL,/* TEST UNIT READY */
719 {6, 0, 0, 0, 0, 0xc7, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} },
720/* 5 */
721 {ARRAY_SIZE(msense_iarr), 0x5a, 0, F_D_IN, /* MODE SENSE(10) */
722 resp_mode_sense, msense_iarr, {10, 0xf8, 0xff, 0xff, 0, 0, 0,
723 0xff, 0xff, 0xc7, 0, 0, 0, 0, 0, 0} },
724 {ARRAY_SIZE(mselect_iarr), 0x55, 0, F_D_OUT, /* MODE SELECT(10) */
725 resp_mode_select, mselect_iarr, {10, 0xf1, 0, 0, 0, 0, 0, 0xff,
726 0xff, 0xc7, 0, 0, 0, 0, 0, 0} },
727 {0, 0x4d, 0, F_D_IN, resp_log_sense, NULL, /* LOG SENSE */
728 {10, 0xe3, 0xff, 0xff, 0, 0xff, 0xff, 0xff, 0xff, 0xc7, 0, 0, 0,
729 0, 0, 0} },
730 {0, 0x25, 0, F_D_IN, resp_readcap, NULL, /* READ CAPACITY(10) */
731 {10, 0xe1, 0xff, 0xff, 0xff, 0xff, 0, 0, 0x1, 0xc7, 0, 0, 0, 0,
732 0, 0} },
733 {ARRAY_SIZE(read_iarr), 0x88, 0, F_D_IN | FF_MEDIA_IO, /* READ(16) */
734 resp_read_dt0, read_iarr, {16, 0xfe, 0xff, 0xff, 0xff, 0xff,
735 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xc7} },
736/* 10 */
737 {ARRAY_SIZE(write_iarr), 0x8a, 0, F_D_OUT | FF_MEDIA_IO,
738 resp_write_dt0, write_iarr, /* WRITE(16) */
739 {16, 0xfa, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
740 0xff, 0xff, 0xff, 0xff, 0xff, 0xc7} },
741 {0, 0x1b, 0, F_SSU_DELAY, resp_start_stop, NULL,/* START STOP UNIT */
742 {6, 0x1, 0, 0xf, 0xf7, 0xc7, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} },
743 {ARRAY_SIZE(sa_in_16_iarr), 0x9e, 0x10, F_SA_LOW | F_D_IN,
744 resp_readcap16, sa_in_16_iarr, /* SA_IN(16), READ CAPACITY(16) */
745 {16, 0x10, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
746 0xff, 0xff, 0xff, 0xff, 0x1, 0xc7} },
747 {0, 0x9f, 0x12, F_SA_LOW | F_D_OUT | FF_MEDIA_IO, resp_write_scat,
748 NULL, {16, 0x12, 0xf9, 0x0, 0xff, 0xff, 0, 0, 0xff, 0xff, 0xff,
749 0xff, 0xff, 0xff, 0xff, 0xc7} }, /* SA_OUT(16), WRITE SCAT(16) */
750 {ARRAY_SIZE(maint_in_iarr), 0xa3, 0xa, F_SA_LOW | F_D_IN,
751 resp_report_tgtpgs, /* MAINT IN, REPORT TARGET PORT GROUPS */
752 maint_in_iarr, {12, 0xea, 0, 0, 0, 0, 0xff, 0xff, 0xff,
753 0xff, 0, 0xc7, 0, 0, 0, 0} },
754/* 15 */
755 {0, 0, 0, F_INV_OP | FF_RESPOND, NULL, NULL, /* MAINT OUT */
756 {0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} },
757 {ARRAY_SIZE(verify_iarr), 0x8f, 0,
758 F_D_OUT_MAYBE | FF_MEDIA_IO, resp_verify, /* VERIFY(16) */
759 verify_iarr, {16, 0xf6, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
760 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0x3f, 0xc7} },
761 {ARRAY_SIZE(vl_iarr), 0x7f, 0x9, F_SA_HIGH | F_D_IN | FF_MEDIA_IO,
762 resp_read_dt0, vl_iarr, /* VARIABLE LENGTH, READ(32) */
763 {32, 0xc7, 0, 0, 0, 0, 0x3f, 0x18, 0x0, 0x9, 0xfe, 0, 0xff, 0xff,
764 0xff, 0xff} },
765 {ARRAY_SIZE(reserve_iarr), 0x56, 0, F_D_OUT,
766 NULL, reserve_iarr, /* RESERVE(10) <no response function> */
767 {10, 0xff, 0xff, 0xff, 0, 0, 0, 0xff, 0xff, 0xc7, 0, 0, 0, 0, 0,
768 0} },
769 {ARRAY_SIZE(release_iarr), 0x57, 0, F_D_OUT,
770 NULL, release_iarr, /* RELEASE(10) <no response function> */
771 {10, 0x13, 0xff, 0xff, 0, 0, 0, 0xff, 0xff, 0xc7, 0, 0, 0, 0, 0,
772 0} },
773/* 20 */
774 {0, 0x1e, 0, 0, NULL, NULL, /* ALLOW REMOVAL */
775 {6, 0, 0, 0, 0x3, 0xc7, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} },
776 {0, 0x1, 0, 0, resp_start_stop, NULL, /* REWIND ?? */
777 {6, 0x1, 0, 0, 0, 0xc7, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} },
778 {0, 0, 0, F_INV_OP | FF_RESPOND, NULL, NULL, /* ATA_PT */
779 {0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} },
780 {0, 0x1d, F_D_OUT, 0, NULL, NULL, /* SEND DIAGNOSTIC */
781 {6, 0xf7, 0, 0xff, 0xff, 0xc7, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} },
782 {0, 0x42, 0, F_D_OUT | FF_MEDIA_IO, resp_unmap, NULL, /* UNMAP */
783 {10, 0x1, 0, 0, 0, 0, 0x3f, 0xff, 0xff, 0xc7, 0, 0, 0, 0, 0, 0} },
784/* 25 */
785 {0, 0x3b, 0, F_D_OUT_MAYBE, resp_write_buffer, NULL,
786 {10, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xc7, 0, 0,
787 0, 0, 0, 0} }, /* WRITE_BUFFER */
788 {ARRAY_SIZE(write_same_iarr), 0x41, 0, F_D_OUT_MAYBE | FF_MEDIA_IO,
789 resp_write_same_10, write_same_iarr, /* WRITE SAME(10) */
790 {10, 0xff, 0xff, 0xff, 0xff, 0xff, 0x3f, 0xff, 0xff, 0xc7, 0,
791 0, 0, 0, 0, 0} },
792 {ARRAY_SIZE(sync_cache_iarr), 0x35, 0, F_SYNC_DELAY | F_M_ACCESS,
793 resp_sync_cache, sync_cache_iarr,
794 {10, 0x7, 0xff, 0xff, 0xff, 0xff, 0x3f, 0xff, 0xff, 0xc7, 0, 0,
795 0, 0, 0, 0} }, /* SYNC_CACHE (10) */
796 {0, 0x89, 0, F_D_OUT | FF_MEDIA_IO, resp_comp_write, NULL,
797 {16, 0xf8, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0, 0,
798 0, 0xff, 0x3f, 0xc7} }, /* COMPARE AND WRITE */
799 {ARRAY_SIZE(pre_fetch_iarr), 0x34, 0, F_SYNC_DELAY | FF_MEDIA_IO,
800 resp_pre_fetch, pre_fetch_iarr,
801 {10, 0x2, 0xff, 0xff, 0xff, 0xff, 0x3f, 0xff, 0xff, 0xc7, 0, 0,
802 0, 0, 0, 0} }, /* PRE-FETCH (10) */
803
804/* 30 */
805 {ARRAY_SIZE(zone_out_iarr), 0x94, 0x3, F_SA_LOW | F_M_ACCESS,
806 resp_open_zone, zone_out_iarr, /* ZONE_OUT(16), OPEN ZONE) */
807 {16, 0x3 /* SA */, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
808 0xff, 0xff, 0x0, 0x0, 0xff, 0xff, 0x1, 0xc7} },
809 {ARRAY_SIZE(zone_in_iarr), 0x95, 0x0, F_SA_LOW | F_M_ACCESS,
810 resp_report_zones, zone_in_iarr, /* ZONE_IN(16), REPORT ZONES) */
811 {16, 0x0 /* SA */, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
812 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xbf, 0xc7} },
813/* 31 */
814 {0, 0x0, 0x0, F_D_OUT | FF_MEDIA_IO,
815 resp_atomic_write, NULL, /* ATOMIC WRITE 16 */
816 {16, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
817 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff} },
818/* sentinel */
819 {0xff, 0, 0, 0, NULL, NULL, /* terminating element */
820 {0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} },
821};
822
823static int sdebug_num_hosts;
824static int sdebug_add_host = DEF_NUM_HOST; /* in sysfs this is relative */
825static int sdebug_ato = DEF_ATO;
826static int sdebug_cdb_len = DEF_CDB_LEN;
827static int sdebug_jdelay = DEF_JDELAY; /* if > 0 then unit is jiffies */
828static int sdebug_dev_size_mb = DEF_DEV_SIZE_PRE_INIT;
829static int sdebug_dif = DEF_DIF;
830static int sdebug_dix = DEF_DIX;
831static int sdebug_dsense = DEF_D_SENSE;
832static int sdebug_every_nth = DEF_EVERY_NTH;
833static int sdebug_fake_rw = DEF_FAKE_RW;
834static unsigned int sdebug_guard = DEF_GUARD;
835static int sdebug_host_max_queue; /* per host */
836static int sdebug_lowest_aligned = DEF_LOWEST_ALIGNED;
837static int sdebug_max_luns = DEF_MAX_LUNS;
838static int sdebug_max_queue = SDEBUG_CANQUEUE; /* per submit queue */
839static unsigned int sdebug_medium_error_start = OPT_MEDIUM_ERR_ADDR;
840static int sdebug_medium_error_count = OPT_MEDIUM_ERR_NUM;
841static int sdebug_ndelay = DEF_NDELAY; /* if > 0 then unit is nanoseconds */
842static int sdebug_no_lun_0 = DEF_NO_LUN_0;
843static int sdebug_no_uld;
844static int sdebug_num_parts = DEF_NUM_PARTS;
845static int sdebug_num_tgts = DEF_NUM_TGTS; /* targets per host */
846static int sdebug_opt_blks = DEF_OPT_BLKS;
847static int sdebug_opts = DEF_OPTS;
848static int sdebug_physblk_exp = DEF_PHYSBLK_EXP;
849static int sdebug_opt_xferlen_exp = DEF_OPT_XFERLEN_EXP;
850static int sdebug_ptype = DEF_PTYPE; /* SCSI peripheral device type */
851static int sdebug_scsi_level = DEF_SCSI_LEVEL;
852static int sdebug_sector_size = DEF_SECTOR_SIZE;
853static int sdeb_tur_ms_to_ready = DEF_TUR_MS_TO_READY;
854static int sdebug_virtual_gb = DEF_VIRTUAL_GB;
855static int sdebug_vpd_use_hostno = DEF_VPD_USE_HOSTNO;
856static unsigned int sdebug_lbpu = DEF_LBPU;
857static unsigned int sdebug_lbpws = DEF_LBPWS;
858static unsigned int sdebug_lbpws10 = DEF_LBPWS10;
859static unsigned int sdebug_lbprz = DEF_LBPRZ;
860static unsigned int sdebug_unmap_alignment = DEF_UNMAP_ALIGNMENT;
861static unsigned int sdebug_unmap_granularity = DEF_UNMAP_GRANULARITY;
862static unsigned int sdebug_unmap_max_blocks = DEF_UNMAP_MAX_BLOCKS;
863static unsigned int sdebug_unmap_max_desc = DEF_UNMAP_MAX_DESC;
864static unsigned int sdebug_write_same_length = DEF_WRITESAME_LENGTH;
865static unsigned int sdebug_atomic_wr = DEF_ATOMIC_WR;
866static unsigned int sdebug_atomic_wr_max_length = DEF_ATOMIC_WR_MAX_LENGTH;
867static unsigned int sdebug_atomic_wr_align = DEF_ATOMIC_WR_ALIGN;
868static unsigned int sdebug_atomic_wr_gran = DEF_ATOMIC_WR_GRAN;
869static unsigned int sdebug_atomic_wr_max_length_bndry =
870 DEF_ATOMIC_WR_MAX_LENGTH_BNDRY;
871static unsigned int sdebug_atomic_wr_max_bndry = DEF_ATOMIC_WR_MAX_BNDRY;
872static int sdebug_uuid_ctl = DEF_UUID_CTL;
873static bool sdebug_random = DEF_RANDOM;
874static bool sdebug_per_host_store = DEF_PER_HOST_STORE;
875static bool sdebug_removable = DEF_REMOVABLE;
876static bool sdebug_clustering;
877static bool sdebug_host_lock = DEF_HOST_LOCK;
878static bool sdebug_strict = DEF_STRICT;
879static bool sdebug_any_injecting_opt;
880static bool sdebug_no_rwlock;
881static bool sdebug_verbose;
882static bool have_dif_prot;
883static bool write_since_sync;
884static bool sdebug_statistics = DEF_STATISTICS;
885static bool sdebug_wp;
886static bool sdebug_allow_restart;
887static enum {
888 BLK_ZONED_NONE = 0,
889 BLK_ZONED_HA = 1,
890 BLK_ZONED_HM = 2,
891} sdeb_zbc_model = BLK_ZONED_NONE;
892static char *sdeb_zbc_model_s;
893
894enum sam_lun_addr_method {SAM_LUN_AM_PERIPHERAL = 0x0,
895 SAM_LUN_AM_FLAT = 0x1,
896 SAM_LUN_AM_LOGICAL_UNIT = 0x2,
897 SAM_LUN_AM_EXTENDED = 0x3};
898static enum sam_lun_addr_method sdebug_lun_am = SAM_LUN_AM_PERIPHERAL;
899static int sdebug_lun_am_i = (int)SAM_LUN_AM_PERIPHERAL;
900
901static unsigned int sdebug_store_sectors;
902static sector_t sdebug_capacity; /* in sectors */
903
904/* old BIOS stuff, kernel may get rid of them but some mode sense pages
905 may still need them */
906static int sdebug_heads; /* heads per disk */
907static int sdebug_cylinders_per; /* cylinders per surface */
908static int sdebug_sectors_per; /* sectors per cylinder */
909
910static LIST_HEAD(sdebug_host_list);
911static DEFINE_MUTEX(sdebug_host_list_mutex);
912
913static struct xarray per_store_arr;
914static struct xarray *per_store_ap = &per_store_arr;
915static int sdeb_first_idx = -1; /* invalid index ==> none created */
916static int sdeb_most_recent_idx = -1;
917static DEFINE_RWLOCK(sdeb_fake_rw_lck); /* need a RW lock when fake_rw=1 */
918
919static unsigned long map_size;
920static int num_aborts;
921static int num_dev_resets;
922static int num_target_resets;
923static int num_bus_resets;
924static int num_host_resets;
925static int dix_writes;
926static int dix_reads;
927static int dif_errors;
928
929/* ZBC global data */
930static bool sdeb_zbc_in_use; /* true for host-aware and host-managed disks */
931static int sdeb_zbc_zone_cap_mb;
932static int sdeb_zbc_zone_size_mb;
933static int sdeb_zbc_max_open = DEF_ZBC_MAX_OPEN_ZONES;
934static int sdeb_zbc_nr_conv = DEF_ZBC_NR_CONV_ZONES;
935
936static int submit_queues = DEF_SUBMIT_QUEUES; /* > 1 for multi-queue (mq) */
937static int poll_queues; /* iouring iopoll interface.*/
938
939static atomic_long_t writes_by_group_number[64];
940
941static char sdebug_proc_name[] = MY_NAME;
942static const char *my_name = MY_NAME;
943
944static const struct bus_type pseudo_lld_bus;
945
946static struct device_driver sdebug_driverfs_driver = {
947 .name = sdebug_proc_name,
948 .bus = &pseudo_lld_bus,
949};
950
951static const int check_condition_result =
952 SAM_STAT_CHECK_CONDITION;
953
954static const int illegal_condition_result =
955 (DID_ABORT << 16) | SAM_STAT_CHECK_CONDITION;
956
957static const int device_qfull_result =
958 (DID_ABORT << 16) | SAM_STAT_TASK_SET_FULL;
959
960static const int condition_met_result = SAM_STAT_CONDITION_MET;
961
962static struct dentry *sdebug_debugfs_root;
963static ASYNC_DOMAIN_EXCLUSIVE(sdebug_async_domain);
964
965static void sdebug_err_free(struct rcu_head *head)
966{
967 struct sdebug_err_inject *inject =
968 container_of(head, typeof(*inject), rcu);
969
970 kfree(inject);
971}
972
973static void sdebug_err_add(struct scsi_device *sdev, struct sdebug_err_inject *new)
974{
975 struct sdebug_dev_info *devip = (struct sdebug_dev_info *)sdev->hostdata;
976 struct sdebug_err_inject *err;
977
978 spin_lock(&devip->list_lock);
979 list_for_each_entry_rcu(err, &devip->inject_err_list, list) {
980 if (err->type == new->type && err->cmd == new->cmd) {
981 list_del_rcu(&err->list);
982 call_rcu(&err->rcu, sdebug_err_free);
983 }
984 }
985
986 list_add_tail_rcu(&new->list, &devip->inject_err_list);
987 spin_unlock(&devip->list_lock);
988}
989
990static int sdebug_err_remove(struct scsi_device *sdev, const char *buf, size_t count)
991{
992 struct sdebug_dev_info *devip = (struct sdebug_dev_info *)sdev->hostdata;
993 struct sdebug_err_inject *err;
994 int type;
995 unsigned char cmd;
996
997 if (sscanf(buf, "- %d %hhx", &type, &cmd) != 2) {
998 kfree(buf);
999 return -EINVAL;
1000 }
1001
1002 spin_lock(&devip->list_lock);
1003 list_for_each_entry_rcu(err, &devip->inject_err_list, list) {
1004 if (err->type == type && err->cmd == cmd) {
1005 list_del_rcu(&err->list);
1006 call_rcu(&err->rcu, sdebug_err_free);
1007 spin_unlock(&devip->list_lock);
1008 kfree(buf);
1009 return count;
1010 }
1011 }
1012 spin_unlock(&devip->list_lock);
1013
1014 kfree(buf);
1015 return -EINVAL;
1016}
1017
1018static int sdebug_error_show(struct seq_file *m, void *p)
1019{
1020 struct scsi_device *sdev = (struct scsi_device *)m->private;
1021 struct sdebug_dev_info *devip = (struct sdebug_dev_info *)sdev->hostdata;
1022 struct sdebug_err_inject *err;
1023
1024 seq_puts(m, "Type\tCount\tCommand\n");
1025
1026 rcu_read_lock();
1027 list_for_each_entry_rcu(err, &devip->inject_err_list, list) {
1028 switch (err->type) {
1029 case ERR_TMOUT_CMD:
1030 case ERR_ABORT_CMD_FAILED:
1031 case ERR_LUN_RESET_FAILED:
1032 seq_printf(m, "%d\t%d\t0x%x\n", err->type, err->cnt,
1033 err->cmd);
1034 break;
1035
1036 case ERR_FAIL_QUEUE_CMD:
1037 seq_printf(m, "%d\t%d\t0x%x\t0x%x\n", err->type,
1038 err->cnt, err->cmd, err->queuecmd_ret);
1039 break;
1040
1041 case ERR_FAIL_CMD:
1042 seq_printf(m, "%d\t%d\t0x%x\t0x%x 0x%x 0x%x 0x%x 0x%x 0x%x\n",
1043 err->type, err->cnt, err->cmd,
1044 err->host_byte, err->driver_byte,
1045 err->status_byte, err->sense_key,
1046 err->asc, err->asq);
1047 break;
1048 }
1049 }
1050 rcu_read_unlock();
1051
1052 return 0;
1053}
1054
1055static int sdebug_error_open(struct inode *inode, struct file *file)
1056{
1057 return single_open(file, sdebug_error_show, inode->i_private);
1058}
1059
1060static ssize_t sdebug_error_write(struct file *file, const char __user *ubuf,
1061 size_t count, loff_t *ppos)
1062{
1063 char *buf;
1064 unsigned int inject_type;
1065 struct sdebug_err_inject *inject;
1066 struct scsi_device *sdev = (struct scsi_device *)file->f_inode->i_private;
1067
1068 buf = kzalloc(count + 1, GFP_KERNEL);
1069 if (!buf)
1070 return -ENOMEM;
1071
1072 if (copy_from_user(buf, ubuf, count)) {
1073 kfree(buf);
1074 return -EFAULT;
1075 }
1076
1077 if (buf[0] == '-')
1078 return sdebug_err_remove(sdev, buf, count);
1079
1080 if (sscanf(buf, "%d", &inject_type) != 1) {
1081 kfree(buf);
1082 return -EINVAL;
1083 }
1084
1085 inject = kzalloc(sizeof(struct sdebug_err_inject), GFP_KERNEL);
1086 if (!inject) {
1087 kfree(buf);
1088 return -ENOMEM;
1089 }
1090
1091 switch (inject_type) {
1092 case ERR_TMOUT_CMD:
1093 case ERR_ABORT_CMD_FAILED:
1094 case ERR_LUN_RESET_FAILED:
1095 if (sscanf(buf, "%d %d %hhx", &inject->type, &inject->cnt,
1096 &inject->cmd) != 3)
1097 goto out_error;
1098 break;
1099
1100 case ERR_FAIL_QUEUE_CMD:
1101 if (sscanf(buf, "%d %d %hhx %x", &inject->type, &inject->cnt,
1102 &inject->cmd, &inject->queuecmd_ret) != 4)
1103 goto out_error;
1104 break;
1105
1106 case ERR_FAIL_CMD:
1107 if (sscanf(buf, "%d %d %hhx %hhx %hhx %hhx %hhx %hhx %hhx",
1108 &inject->type, &inject->cnt, &inject->cmd,
1109 &inject->host_byte, &inject->driver_byte,
1110 &inject->status_byte, &inject->sense_key,
1111 &inject->asc, &inject->asq) != 9)
1112 goto out_error;
1113 break;
1114
1115 default:
1116 goto out_error;
1117 break;
1118 }
1119
1120 kfree(buf);
1121 sdebug_err_add(sdev, inject);
1122
1123 return count;
1124
1125out_error:
1126 kfree(buf);
1127 kfree(inject);
1128 return -EINVAL;
1129}
1130
1131static const struct file_operations sdebug_error_fops = {
1132 .open = sdebug_error_open,
1133 .read = seq_read,
1134 .write = sdebug_error_write,
1135 .release = single_release,
1136};
1137
1138static int sdebug_target_reset_fail_show(struct seq_file *m, void *p)
1139{
1140 struct scsi_target *starget = (struct scsi_target *)m->private;
1141 struct sdebug_target_info *targetip =
1142 (struct sdebug_target_info *)starget->hostdata;
1143
1144 if (targetip)
1145 seq_printf(m, "%c\n", targetip->reset_fail ? 'Y' : 'N');
1146
1147 return 0;
1148}
1149
1150static int sdebug_target_reset_fail_open(struct inode *inode, struct file *file)
1151{
1152 return single_open(file, sdebug_target_reset_fail_show, inode->i_private);
1153}
1154
1155static ssize_t sdebug_target_reset_fail_write(struct file *file,
1156 const char __user *ubuf, size_t count, loff_t *ppos)
1157{
1158 int ret;
1159 struct scsi_target *starget =
1160 (struct scsi_target *)file->f_inode->i_private;
1161 struct sdebug_target_info *targetip =
1162 (struct sdebug_target_info *)starget->hostdata;
1163
1164 if (targetip) {
1165 ret = kstrtobool_from_user(ubuf, count, &targetip->reset_fail);
1166 return ret < 0 ? ret : count;
1167 }
1168 return -ENODEV;
1169}
1170
1171static const struct file_operations sdebug_target_reset_fail_fops = {
1172 .open = sdebug_target_reset_fail_open,
1173 .read = seq_read,
1174 .write = sdebug_target_reset_fail_write,
1175 .release = single_release,
1176};
1177
1178static int sdebug_target_alloc(struct scsi_target *starget)
1179{
1180 struct sdebug_target_info *targetip;
1181
1182 targetip = kzalloc(sizeof(struct sdebug_target_info), GFP_KERNEL);
1183 if (!targetip)
1184 return -ENOMEM;
1185
1186 async_synchronize_full_domain(&sdebug_async_domain);
1187
1188 targetip->debugfs_entry = debugfs_create_dir(dev_name(&starget->dev),
1189 sdebug_debugfs_root);
1190
1191 debugfs_create_file("fail_reset", 0600, targetip->debugfs_entry, starget,
1192 &sdebug_target_reset_fail_fops);
1193
1194 starget->hostdata = targetip;
1195
1196 return 0;
1197}
1198
1199static void sdebug_tartget_cleanup_async(void *data, async_cookie_t cookie)
1200{
1201 struct sdebug_target_info *targetip = data;
1202
1203 debugfs_remove(targetip->debugfs_entry);
1204 kfree(targetip);
1205}
1206
1207static void sdebug_target_destroy(struct scsi_target *starget)
1208{
1209 struct sdebug_target_info *targetip;
1210
1211 targetip = (struct sdebug_target_info *)starget->hostdata;
1212 if (targetip) {
1213 starget->hostdata = NULL;
1214 async_schedule_domain(sdebug_tartget_cleanup_async, targetip,
1215 &sdebug_async_domain);
1216 }
1217}
1218
1219/* Only do the extra work involved in logical block provisioning if one or
1220 * more of the lbpu, lbpws or lbpws10 parameters are given and we are doing
1221 * real reads and writes (i.e. not skipping them for speed).
1222 */
1223static inline bool scsi_debug_lbp(void)
1224{
1225 return 0 == sdebug_fake_rw &&
1226 (sdebug_lbpu || sdebug_lbpws || sdebug_lbpws10);
1227}
1228
1229static inline bool scsi_debug_atomic_write(void)
1230{
1231 return sdebug_fake_rw == 0 && sdebug_atomic_wr;
1232}
1233
1234static void *lba2fake_store(struct sdeb_store_info *sip,
1235 unsigned long long lba)
1236{
1237 struct sdeb_store_info *lsip = sip;
1238
1239 lba = do_div(lba, sdebug_store_sectors);
1240 if (!sip || !sip->storep) {
1241 WARN_ON_ONCE(true);
1242 lsip = xa_load(per_store_ap, 0); /* should never be NULL */
1243 }
1244 return lsip->storep + lba * sdebug_sector_size;
1245}
1246
1247static struct t10_pi_tuple *dif_store(struct sdeb_store_info *sip,
1248 sector_t sector)
1249{
1250 sector = sector_div(sector, sdebug_store_sectors);
1251
1252 return sip->dif_storep + sector;
1253}
1254
1255static void sdebug_max_tgts_luns(void)
1256{
1257 struct sdebug_host_info *sdbg_host;
1258 struct Scsi_Host *hpnt;
1259
1260 mutex_lock(&sdebug_host_list_mutex);
1261 list_for_each_entry(sdbg_host, &sdebug_host_list, host_list) {
1262 hpnt = sdbg_host->shost;
1263 if ((hpnt->this_id >= 0) &&
1264 (sdebug_num_tgts > hpnt->this_id))
1265 hpnt->max_id = sdebug_num_tgts + 1;
1266 else
1267 hpnt->max_id = sdebug_num_tgts;
1268 /* sdebug_max_luns; */
1269 hpnt->max_lun = SCSI_W_LUN_REPORT_LUNS + 1;
1270 }
1271 mutex_unlock(&sdebug_host_list_mutex);
1272}
1273
1274enum sdeb_cmd_data {SDEB_IN_DATA = 0, SDEB_IN_CDB = 1};
1275
1276/* Set in_bit to -1 to indicate no bit position of invalid field */
1277static void mk_sense_invalid_fld(struct scsi_cmnd *scp,
1278 enum sdeb_cmd_data c_d,
1279 int in_byte, int in_bit)
1280{
1281 unsigned char *sbuff;
1282 u8 sks[4];
1283 int sl, asc;
1284
1285 sbuff = scp->sense_buffer;
1286 if (!sbuff) {
1287 sdev_printk(KERN_ERR, scp->device,
1288 "%s: sense_buffer is NULL\n", __func__);
1289 return;
1290 }
1291 asc = c_d ? INVALID_FIELD_IN_CDB : INVALID_FIELD_IN_PARAM_LIST;
1292 memset(sbuff, 0, SCSI_SENSE_BUFFERSIZE);
1293 scsi_build_sense(scp, sdebug_dsense, ILLEGAL_REQUEST, asc, 0);
1294 memset(sks, 0, sizeof(sks));
1295 sks[0] = 0x80;
1296 if (c_d)
1297 sks[0] |= 0x40;
1298 if (in_bit >= 0) {
1299 sks[0] |= 0x8;
1300 sks[0] |= 0x7 & in_bit;
1301 }
1302 put_unaligned_be16(in_byte, sks + 1);
1303 if (sdebug_dsense) {
1304 sl = sbuff[7] + 8;
1305 sbuff[7] = sl;
1306 sbuff[sl] = 0x2;
1307 sbuff[sl + 1] = 0x6;
1308 memcpy(sbuff + sl + 4, sks, 3);
1309 } else
1310 memcpy(sbuff + 15, sks, 3);
1311 if (sdebug_verbose)
1312 sdev_printk(KERN_INFO, scp->device, "%s: [sense_key,asc,ascq"
1313 "]: [0x5,0x%x,0x0] %c byte=%d, bit=%d\n",
1314 my_name, asc, c_d ? 'C' : 'D', in_byte, in_bit);
1315}
1316
1317static void mk_sense_buffer(struct scsi_cmnd *scp, int key, int asc, int asq)
1318{
1319 if (!scp->sense_buffer) {
1320 sdev_printk(KERN_ERR, scp->device,
1321 "%s: sense_buffer is NULL\n", __func__);
1322 return;
1323 }
1324 memset(scp->sense_buffer, 0, SCSI_SENSE_BUFFERSIZE);
1325
1326 scsi_build_sense(scp, sdebug_dsense, key, asc, asq);
1327
1328 if (sdebug_verbose)
1329 sdev_printk(KERN_INFO, scp->device,
1330 "%s: [sense_key,asc,ascq]: [0x%x,0x%x,0x%x]\n",
1331 my_name, key, asc, asq);
1332}
1333
1334static void mk_sense_invalid_opcode(struct scsi_cmnd *scp)
1335{
1336 mk_sense_buffer(scp, ILLEGAL_REQUEST, INVALID_OPCODE, 0);
1337}
1338
1339static int scsi_debug_ioctl(struct scsi_device *dev, unsigned int cmd,
1340 void __user *arg)
1341{
1342 if (sdebug_verbose) {
1343 if (0x1261 == cmd)
1344 sdev_printk(KERN_INFO, dev,
1345 "%s: BLKFLSBUF [0x1261]\n", __func__);
1346 else if (0x5331 == cmd)
1347 sdev_printk(KERN_INFO, dev,
1348 "%s: CDROM_GET_CAPABILITY [0x5331]\n",
1349 __func__);
1350 else
1351 sdev_printk(KERN_INFO, dev, "%s: cmd=0x%x\n",
1352 __func__, cmd);
1353 }
1354 return -EINVAL;
1355 /* return -ENOTTY; // correct return but upsets fdisk */
1356}
1357
1358static void config_cdb_len(struct scsi_device *sdev)
1359{
1360 switch (sdebug_cdb_len) {
1361 case 6: /* suggest 6 byte READ, WRITE and MODE SENSE/SELECT */
1362 sdev->use_10_for_rw = false;
1363 sdev->use_16_for_rw = false;
1364 sdev->use_10_for_ms = false;
1365 break;
1366 case 10: /* suggest 10 byte RWs and 6 byte MODE SENSE/SELECT */
1367 sdev->use_10_for_rw = true;
1368 sdev->use_16_for_rw = false;
1369 sdev->use_10_for_ms = false;
1370 break;
1371 case 12: /* suggest 10 byte RWs and 10 byte MODE SENSE/SELECT */
1372 sdev->use_10_for_rw = true;
1373 sdev->use_16_for_rw = false;
1374 sdev->use_10_for_ms = true;
1375 break;
1376 case 16:
1377 sdev->use_10_for_rw = false;
1378 sdev->use_16_for_rw = true;
1379 sdev->use_10_for_ms = true;
1380 break;
1381 case 32: /* No knobs to suggest this so same as 16 for now */
1382 sdev->use_10_for_rw = false;
1383 sdev->use_16_for_rw = true;
1384 sdev->use_10_for_ms = true;
1385 break;
1386 default:
1387 pr_warn("unexpected cdb_len=%d, force to 10\n",
1388 sdebug_cdb_len);
1389 sdev->use_10_for_rw = true;
1390 sdev->use_16_for_rw = false;
1391 sdev->use_10_for_ms = false;
1392 sdebug_cdb_len = 10;
1393 break;
1394 }
1395}
1396
1397static void all_config_cdb_len(void)
1398{
1399 struct sdebug_host_info *sdbg_host;
1400 struct Scsi_Host *shost;
1401 struct scsi_device *sdev;
1402
1403 mutex_lock(&sdebug_host_list_mutex);
1404 list_for_each_entry(sdbg_host, &sdebug_host_list, host_list) {
1405 shost = sdbg_host->shost;
1406 shost_for_each_device(sdev, shost) {
1407 config_cdb_len(sdev);
1408 }
1409 }
1410 mutex_unlock(&sdebug_host_list_mutex);
1411}
1412
1413static void clear_luns_changed_on_target(struct sdebug_dev_info *devip)
1414{
1415 struct sdebug_host_info *sdhp = devip->sdbg_host;
1416 struct sdebug_dev_info *dp;
1417
1418 list_for_each_entry(dp, &sdhp->dev_info_list, dev_list) {
1419 if ((devip->sdbg_host == dp->sdbg_host) &&
1420 (devip->target == dp->target)) {
1421 clear_bit(SDEBUG_UA_LUNS_CHANGED, dp->uas_bm);
1422 }
1423 }
1424}
1425
1426static int make_ua(struct scsi_cmnd *scp, struct sdebug_dev_info *devip)
1427{
1428 int k;
1429
1430 k = find_first_bit(devip->uas_bm, SDEBUG_NUM_UAS);
1431 if (k != SDEBUG_NUM_UAS) {
1432 const char *cp = NULL;
1433
1434 switch (k) {
1435 case SDEBUG_UA_POR:
1436 mk_sense_buffer(scp, UNIT_ATTENTION, UA_RESET_ASC,
1437 POWER_ON_RESET_ASCQ);
1438 if (sdebug_verbose)
1439 cp = "power on reset";
1440 break;
1441 case SDEBUG_UA_POOCCUR:
1442 mk_sense_buffer(scp, UNIT_ATTENTION, UA_RESET_ASC,
1443 POWER_ON_OCCURRED_ASCQ);
1444 if (sdebug_verbose)
1445 cp = "power on occurred";
1446 break;
1447 case SDEBUG_UA_BUS_RESET:
1448 mk_sense_buffer(scp, UNIT_ATTENTION, UA_RESET_ASC,
1449 BUS_RESET_ASCQ);
1450 if (sdebug_verbose)
1451 cp = "bus reset";
1452 break;
1453 case SDEBUG_UA_MODE_CHANGED:
1454 mk_sense_buffer(scp, UNIT_ATTENTION, UA_CHANGED_ASC,
1455 MODE_CHANGED_ASCQ);
1456 if (sdebug_verbose)
1457 cp = "mode parameters changed";
1458 break;
1459 case SDEBUG_UA_CAPACITY_CHANGED:
1460 mk_sense_buffer(scp, UNIT_ATTENTION, UA_CHANGED_ASC,
1461 CAPACITY_CHANGED_ASCQ);
1462 if (sdebug_verbose)
1463 cp = "capacity data changed";
1464 break;
1465 case SDEBUG_UA_MICROCODE_CHANGED:
1466 mk_sense_buffer(scp, UNIT_ATTENTION,
1467 TARGET_CHANGED_ASC,
1468 MICROCODE_CHANGED_ASCQ);
1469 if (sdebug_verbose)
1470 cp = "microcode has been changed";
1471 break;
1472 case SDEBUG_UA_MICROCODE_CHANGED_WO_RESET:
1473 mk_sense_buffer(scp, UNIT_ATTENTION,
1474 TARGET_CHANGED_ASC,
1475 MICROCODE_CHANGED_WO_RESET_ASCQ);
1476 if (sdebug_verbose)
1477 cp = "microcode has been changed without reset";
1478 break;
1479 case SDEBUG_UA_LUNS_CHANGED:
1480 /*
1481 * SPC-3 behavior is to report a UNIT ATTENTION with
1482 * ASC/ASCQ REPORTED LUNS DATA HAS CHANGED on every LUN
1483 * on the target, until a REPORT LUNS command is
1484 * received. SPC-4 behavior is to report it only once.
1485 * NOTE: sdebug_scsi_level does not use the same
1486 * values as struct scsi_device->scsi_level.
1487 */
1488 if (sdebug_scsi_level >= 6) /* SPC-4 and above */
1489 clear_luns_changed_on_target(devip);
1490 mk_sense_buffer(scp, UNIT_ATTENTION,
1491 TARGET_CHANGED_ASC,
1492 LUNS_CHANGED_ASCQ);
1493 if (sdebug_verbose)
1494 cp = "reported luns data has changed";
1495 break;
1496 default:
1497 pr_warn("unexpected unit attention code=%d\n", k);
1498 if (sdebug_verbose)
1499 cp = "unknown";
1500 break;
1501 }
1502 clear_bit(k, devip->uas_bm);
1503 if (sdebug_verbose)
1504 sdev_printk(KERN_INFO, scp->device,
1505 "%s reports: Unit attention: %s\n",
1506 my_name, cp);
1507 return check_condition_result;
1508 }
1509 return 0;
1510}
1511
1512/* Build SCSI "data-in" buffer. Returns 0 if ok else (DID_ERROR << 16). */
1513static int fill_from_dev_buffer(struct scsi_cmnd *scp, unsigned char *arr,
1514 int arr_len)
1515{
1516 int act_len;
1517 struct scsi_data_buffer *sdb = &scp->sdb;
1518
1519 if (!sdb->length)
1520 return 0;
1521 if (scp->sc_data_direction != DMA_FROM_DEVICE)
1522 return DID_ERROR << 16;
1523
1524 act_len = sg_copy_from_buffer(sdb->table.sgl, sdb->table.nents,
1525 arr, arr_len);
1526 scsi_set_resid(scp, scsi_bufflen(scp) - act_len);
1527
1528 return 0;
1529}
1530
1531/* Partial build of SCSI "data-in" buffer. Returns 0 if ok else
1532 * (DID_ERROR << 16). Can write to offset in data-in buffer. If multiple
1533 * calls, not required to write in ascending offset order. Assumes resid
1534 * set to scsi_bufflen() prior to any calls.
1535 */
1536static int p_fill_from_dev_buffer(struct scsi_cmnd *scp, const void *arr,
1537 int arr_len, unsigned int off_dst)
1538{
1539 unsigned int act_len, n;
1540 struct scsi_data_buffer *sdb = &scp->sdb;
1541 off_t skip = off_dst;
1542
1543 if (sdb->length <= off_dst)
1544 return 0;
1545 if (scp->sc_data_direction != DMA_FROM_DEVICE)
1546 return DID_ERROR << 16;
1547
1548 act_len = sg_pcopy_from_buffer(sdb->table.sgl, sdb->table.nents,
1549 arr, arr_len, skip);
1550 pr_debug("%s: off_dst=%u, scsi_bufflen=%u, act_len=%u, resid=%d\n",
1551 __func__, off_dst, scsi_bufflen(scp), act_len,
1552 scsi_get_resid(scp));
1553 n = scsi_bufflen(scp) - (off_dst + act_len);
1554 scsi_set_resid(scp, min_t(u32, scsi_get_resid(scp), n));
1555 return 0;
1556}
1557
1558/* Fetches from SCSI "data-out" buffer. Returns number of bytes fetched into
1559 * 'arr' or -1 if error.
1560 */
1561static int fetch_to_dev_buffer(struct scsi_cmnd *scp, unsigned char *arr,
1562 int arr_len)
1563{
1564 if (!scsi_bufflen(scp))
1565 return 0;
1566 if (scp->sc_data_direction != DMA_TO_DEVICE)
1567 return -1;
1568
1569 return scsi_sg_copy_to_buffer(scp, arr, arr_len);
1570}
1571
1572
1573static char sdebug_inq_vendor_id[9] = "Linux ";
1574static char sdebug_inq_product_id[17] = "scsi_debug ";
1575static char sdebug_inq_product_rev[5] = SDEBUG_VERSION;
1576/* Use some locally assigned NAAs for SAS addresses. */
1577static const u64 naa3_comp_a = 0x3222222000000000ULL;
1578static const u64 naa3_comp_b = 0x3333333000000000ULL;
1579static const u64 naa3_comp_c = 0x3111111000000000ULL;
1580
1581/* Device identification VPD page. Returns number of bytes placed in arr */
1582static int inquiry_vpd_83(unsigned char *arr, int port_group_id,
1583 int target_dev_id, int dev_id_num,
1584 const char *dev_id_str, int dev_id_str_len,
1585 const uuid_t *lu_name)
1586{
1587 int num, port_a;
1588 char b[32];
1589
1590 port_a = target_dev_id + 1;
1591 /* T10 vendor identifier field format (faked) */
1592 arr[0] = 0x2; /* ASCII */
1593 arr[1] = 0x1;
1594 arr[2] = 0x0;
1595 memcpy(&arr[4], sdebug_inq_vendor_id, 8);
1596 memcpy(&arr[12], sdebug_inq_product_id, 16);
1597 memcpy(&arr[28], dev_id_str, dev_id_str_len);
1598 num = 8 + 16 + dev_id_str_len;
1599 arr[3] = num;
1600 num += 4;
1601 if (dev_id_num >= 0) {
1602 if (sdebug_uuid_ctl) {
1603 /* Locally assigned UUID */
1604 arr[num++] = 0x1; /* binary (not necessarily sas) */
1605 arr[num++] = 0xa; /* PIV=0, lu, naa */
1606 arr[num++] = 0x0;
1607 arr[num++] = 0x12;
1608 arr[num++] = 0x10; /* uuid type=1, locally assigned */
1609 arr[num++] = 0x0;
1610 memcpy(arr + num, lu_name, 16);
1611 num += 16;
1612 } else {
1613 /* NAA-3, Logical unit identifier (binary) */
1614 arr[num++] = 0x1; /* binary (not necessarily sas) */
1615 arr[num++] = 0x3; /* PIV=0, lu, naa */
1616 arr[num++] = 0x0;
1617 arr[num++] = 0x8;
1618 put_unaligned_be64(naa3_comp_b + dev_id_num, arr + num);
1619 num += 8;
1620 }
1621 /* Target relative port number */
1622 arr[num++] = 0x61; /* proto=sas, binary */
1623 arr[num++] = 0x94; /* PIV=1, target port, rel port */
1624 arr[num++] = 0x0; /* reserved */
1625 arr[num++] = 0x4; /* length */
1626 arr[num++] = 0x0; /* reserved */
1627 arr[num++] = 0x0; /* reserved */
1628 arr[num++] = 0x0;
1629 arr[num++] = 0x1; /* relative port A */
1630 }
1631 /* NAA-3, Target port identifier */
1632 arr[num++] = 0x61; /* proto=sas, binary */
1633 arr[num++] = 0x93; /* piv=1, target port, naa */
1634 arr[num++] = 0x0;
1635 arr[num++] = 0x8;
1636 put_unaligned_be64(naa3_comp_a + port_a, arr + num);
1637 num += 8;
1638 /* NAA-3, Target port group identifier */
1639 arr[num++] = 0x61; /* proto=sas, binary */
1640 arr[num++] = 0x95; /* piv=1, target port group id */
1641 arr[num++] = 0x0;
1642 arr[num++] = 0x4;
1643 arr[num++] = 0;
1644 arr[num++] = 0;
1645 put_unaligned_be16(port_group_id, arr + num);
1646 num += 2;
1647 /* NAA-3, Target device identifier */
1648 arr[num++] = 0x61; /* proto=sas, binary */
1649 arr[num++] = 0xa3; /* piv=1, target device, naa */
1650 arr[num++] = 0x0;
1651 arr[num++] = 0x8;
1652 put_unaligned_be64(naa3_comp_a + target_dev_id, arr + num);
1653 num += 8;
1654 /* SCSI name string: Target device identifier */
1655 arr[num++] = 0x63; /* proto=sas, UTF-8 */
1656 arr[num++] = 0xa8; /* piv=1, target device, SCSI name string */
1657 arr[num++] = 0x0;
1658 arr[num++] = 24;
1659 memcpy(arr + num, "naa.32222220", 12);
1660 num += 12;
1661 snprintf(b, sizeof(b), "%08X", target_dev_id);
1662 memcpy(arr + num, b, 8);
1663 num += 8;
1664 memset(arr + num, 0, 4);
1665 num += 4;
1666 return num;
1667}
1668
1669static unsigned char vpd84_data[] = {
1670/* from 4th byte */ 0x22,0x22,0x22,0x0,0xbb,0x0,
1671 0x22,0x22,0x22,0x0,0xbb,0x1,
1672 0x22,0x22,0x22,0x0,0xbb,0x2,
1673};
1674
1675/* Software interface identification VPD page */
1676static int inquiry_vpd_84(unsigned char *arr)
1677{
1678 memcpy(arr, vpd84_data, sizeof(vpd84_data));
1679 return sizeof(vpd84_data);
1680}
1681
1682/* Management network addresses VPD page */
1683static int inquiry_vpd_85(unsigned char *arr)
1684{
1685 int num = 0;
1686 const char *na1 = "https://www.kernel.org/config";
1687 const char *na2 = "http://www.kernel.org/log";
1688 int plen, olen;
1689
1690 arr[num++] = 0x1; /* lu, storage config */
1691 arr[num++] = 0x0; /* reserved */
1692 arr[num++] = 0x0;
1693 olen = strlen(na1);
1694 plen = olen + 1;
1695 if (plen % 4)
1696 plen = ((plen / 4) + 1) * 4;
1697 arr[num++] = plen; /* length, null termianted, padded */
1698 memcpy(arr + num, na1, olen);
1699 memset(arr + num + olen, 0, plen - olen);
1700 num += plen;
1701
1702 arr[num++] = 0x4; /* lu, logging */
1703 arr[num++] = 0x0; /* reserved */
1704 arr[num++] = 0x0;
1705 olen = strlen(na2);
1706 plen = olen + 1;
1707 if (plen % 4)
1708 plen = ((plen / 4) + 1) * 4;
1709 arr[num++] = plen; /* length, null terminated, padded */
1710 memcpy(arr + num, na2, olen);
1711 memset(arr + num + olen, 0, plen - olen);
1712 num += plen;
1713
1714 return num;
1715}
1716
1717/* SCSI ports VPD page */
1718static int inquiry_vpd_88(unsigned char *arr, int target_dev_id)
1719{
1720 int num = 0;
1721 int port_a, port_b;
1722
1723 port_a = target_dev_id + 1;
1724 port_b = port_a + 1;
1725 arr[num++] = 0x0; /* reserved */
1726 arr[num++] = 0x0; /* reserved */
1727 arr[num++] = 0x0;
1728 arr[num++] = 0x1; /* relative port 1 (primary) */
1729 memset(arr + num, 0, 6);
1730 num += 6;
1731 arr[num++] = 0x0;
1732 arr[num++] = 12; /* length tp descriptor */
1733 /* naa-5 target port identifier (A) */
1734 arr[num++] = 0x61; /* proto=sas, binary */
1735 arr[num++] = 0x93; /* PIV=1, target port, NAA */
1736 arr[num++] = 0x0; /* reserved */
1737 arr[num++] = 0x8; /* length */
1738 put_unaligned_be64(naa3_comp_a + port_a, arr + num);
1739 num += 8;
1740 arr[num++] = 0x0; /* reserved */
1741 arr[num++] = 0x0; /* reserved */
1742 arr[num++] = 0x0;
1743 arr[num++] = 0x2; /* relative port 2 (secondary) */
1744 memset(arr + num, 0, 6);
1745 num += 6;
1746 arr[num++] = 0x0;
1747 arr[num++] = 12; /* length tp descriptor */
1748 /* naa-5 target port identifier (B) */
1749 arr[num++] = 0x61; /* proto=sas, binary */
1750 arr[num++] = 0x93; /* PIV=1, target port, NAA */
1751 arr[num++] = 0x0; /* reserved */
1752 arr[num++] = 0x8; /* length */
1753 put_unaligned_be64(naa3_comp_a + port_b, arr + num);
1754 num += 8;
1755
1756 return num;
1757}
1758
1759
1760static unsigned char vpd89_data[] = {
1761/* from 4th byte */ 0,0,0,0,
1762'l','i','n','u','x',' ',' ',' ',
1763'S','A','T',' ','s','c','s','i','_','d','e','b','u','g',' ',' ',
1764'1','2','3','4',
17650x34,0,0,0,1,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,
17660xec,0,0,0,
17670x5a,0xc,0xff,0x3f,0x37,0xc8,0x10,0,0,0,0,0,0x3f,0,0,0,
17680,0,0,0,0x58,0x58,0x58,0x58,0x58,0x58,0x58,0x58,0x20,0x20,0x20,0x20,
17690x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,0,0,0,0x40,0x4,0,0x2e,0x33,
17700x38,0x31,0x20,0x20,0x20,0x20,0x54,0x53,0x38,0x33,0x30,0x30,0x33,0x31,
17710x53,0x41,
17720x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,
17730x20,0x20,
17740x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,
17750x10,0x80,
17760,0,0,0x2f,0,0,0,0x2,0,0x2,0x7,0,0xff,0xff,0x1,0,
17770x3f,0,0xc1,0xff,0x3e,0,0x10,0x1,0xb0,0xf8,0x50,0x9,0,0,0x7,0,
17780x3,0,0x78,0,0x78,0,0xf0,0,0x78,0,0,0,0,0,0,0,
17790,0,0,0,0,0,0,0,0x2,0,0,0,0,0,0,0,
17800x7e,0,0x1b,0,0x6b,0x34,0x1,0x7d,0x3,0x40,0x69,0x34,0x1,0x3c,0x3,0x40,
17810x7f,0x40,0,0,0,0,0xfe,0xfe,0,0,0,0,0,0xfe,0,0,
17820,0,0,0,0,0,0,0,0xb0,0xf8,0x50,0x9,0,0,0,0,
17830,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
17840,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
17850,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
17860x1,0,0xb0,0xf8,0x50,0x9,0xb0,0xf8,0x50,0x9,0x20,0x20,0x2,0,0xb6,0x42,
17870,0x80,0x8a,0,0x6,0x3c,0xa,0x3c,0xff,0xff,0xc6,0x7,0,0x1,0,0x8,
17880xf0,0xf,0,0x10,0x2,0,0x30,0,0,0,0,0,0,0,0x6,0xfe,
17890,0,0x2,0,0x50,0,0x8a,0,0x4f,0x95,0,0,0x21,0,0xb,0,
17900,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
17910,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
17920,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
17930,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
17940,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
17950,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
17960,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
17970,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
17980,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
17990,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
18000,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
18010,0,0,0,0,0,0,0,0,0,0,0,0,0,0xa5,0x51,
1802};
1803
1804/* ATA Information VPD page */
1805static int inquiry_vpd_89(unsigned char *arr)
1806{
1807 memcpy(arr, vpd89_data, sizeof(vpd89_data));
1808 return sizeof(vpd89_data);
1809}
1810
1811
1812static unsigned char vpdb0_data[] = {
1813 /* from 4th byte */ 0,0,0,4, 0,0,0x4,0, 0,0,0,64,
1814 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
1815 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
1816 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
1817};
1818
1819/* Block limits VPD page (SBC-3) */
1820static int inquiry_vpd_b0(unsigned char *arr)
1821{
1822 unsigned int gran;
1823
1824 memcpy(arr, vpdb0_data, sizeof(vpdb0_data));
1825
1826 /* Optimal transfer length granularity */
1827 if (sdebug_opt_xferlen_exp != 0 &&
1828 sdebug_physblk_exp < sdebug_opt_xferlen_exp)
1829 gran = 1 << sdebug_opt_xferlen_exp;
1830 else
1831 gran = 1 << sdebug_physblk_exp;
1832 put_unaligned_be16(gran, arr + 2);
1833
1834 /* Maximum Transfer Length */
1835 if (sdebug_store_sectors > 0x400)
1836 put_unaligned_be32(sdebug_store_sectors, arr + 4);
1837
1838 /* Optimal Transfer Length */
1839 put_unaligned_be32(sdebug_opt_blks, &arr[8]);
1840
1841 if (sdebug_lbpu) {
1842 /* Maximum Unmap LBA Count */
1843 put_unaligned_be32(sdebug_unmap_max_blocks, &arr[16]);
1844
1845 /* Maximum Unmap Block Descriptor Count */
1846 put_unaligned_be32(sdebug_unmap_max_desc, &arr[20]);
1847 }
1848
1849 /* Unmap Granularity Alignment */
1850 if (sdebug_unmap_alignment) {
1851 put_unaligned_be32(sdebug_unmap_alignment, &arr[28]);
1852 arr[28] |= 0x80; /* UGAVALID */
1853 }
1854
1855 /* Optimal Unmap Granularity */
1856 put_unaligned_be32(sdebug_unmap_granularity, &arr[24]);
1857
1858 /* Maximum WRITE SAME Length */
1859 put_unaligned_be64(sdebug_write_same_length, &arr[32]);
1860
1861 if (sdebug_atomic_wr) {
1862 put_unaligned_be32(sdebug_atomic_wr_max_length, &arr[40]);
1863 put_unaligned_be32(sdebug_atomic_wr_align, &arr[44]);
1864 put_unaligned_be32(sdebug_atomic_wr_gran, &arr[48]);
1865 put_unaligned_be32(sdebug_atomic_wr_max_length_bndry, &arr[52]);
1866 put_unaligned_be32(sdebug_atomic_wr_max_bndry, &arr[56]);
1867 }
1868
1869 return 0x3c; /* Mandatory page length for Logical Block Provisioning */
1870}
1871
1872/* Block device characteristics VPD page (SBC-3) */
1873static int inquiry_vpd_b1(struct sdebug_dev_info *devip, unsigned char *arr)
1874{
1875 memset(arr, 0, 0x3c);
1876 arr[0] = 0;
1877 arr[1] = 1; /* non rotating medium (e.g. solid state) */
1878 arr[2] = 0;
1879 arr[3] = 5; /* less than 1.8" */
1880
1881 return 0x3c;
1882}
1883
1884/* Logical block provisioning VPD page (SBC-4) */
1885static int inquiry_vpd_b2(unsigned char *arr)
1886{
1887 memset(arr, 0, 0x4);
1888 arr[0] = 0; /* threshold exponent */
1889 if (sdebug_lbpu)
1890 arr[1] = 1 << 7;
1891 if (sdebug_lbpws)
1892 arr[1] |= 1 << 6;
1893 if (sdebug_lbpws10)
1894 arr[1] |= 1 << 5;
1895 if (sdebug_lbprz && scsi_debug_lbp())
1896 arr[1] |= (sdebug_lbprz & 0x7) << 2; /* sbc4r07 and later */
1897 /* anc_sup=0; dp=0 (no provisioning group descriptor) */
1898 /* minimum_percentage=0; provisioning_type=0 (unknown) */
1899 /* threshold_percentage=0 */
1900 return 0x4;
1901}
1902
1903/* Zoned block device characteristics VPD page (ZBC mandatory) */
1904static int inquiry_vpd_b6(struct sdebug_dev_info *devip, unsigned char *arr)
1905{
1906 memset(arr, 0, 0x3c);
1907 arr[0] = 0x1; /* set URSWRZ (unrestricted read in seq. wr req zone) */
1908 /*
1909 * Set Optimal number of open sequential write preferred zones and
1910 * Optimal number of non-sequentially written sequential write
1911 * preferred zones fields to 'not reported' (0xffffffff). Leave other
1912 * fields set to zero, apart from Max. number of open swrz_s field.
1913 */
1914 put_unaligned_be32(0xffffffff, &arr[4]);
1915 put_unaligned_be32(0xffffffff, &arr[8]);
1916 if (sdeb_zbc_model == BLK_ZONED_HM && devip->max_open)
1917 put_unaligned_be32(devip->max_open, &arr[12]);
1918 else
1919 put_unaligned_be32(0xffffffff, &arr[12]);
1920 if (devip->zcap < devip->zsize) {
1921 arr[19] = ZBC_CONSTANT_ZONE_START_OFFSET;
1922 put_unaligned_be64(devip->zsize, &arr[20]);
1923 } else {
1924 arr[19] = 0;
1925 }
1926 return 0x3c;
1927}
1928
1929#define SDEBUG_BLE_LEN_AFTER_B4 28 /* thus vpage 32 bytes long */
1930
1931enum { MAXIMUM_NUMBER_OF_STREAMS = 6, PERMANENT_STREAM_COUNT = 5 };
1932
1933/* Block limits extension VPD page (SBC-4) */
1934static int inquiry_vpd_b7(unsigned char *arrb4)
1935{
1936 memset(arrb4, 0, SDEBUG_BLE_LEN_AFTER_B4);
1937 arrb4[1] = 1; /* Reduced stream control support (RSCS) */
1938 put_unaligned_be16(MAXIMUM_NUMBER_OF_STREAMS, &arrb4[2]);
1939 return SDEBUG_BLE_LEN_AFTER_B4;
1940}
1941
1942#define SDEBUG_LONG_INQ_SZ 96
1943#define SDEBUG_MAX_INQ_ARR_SZ 584
1944
1945static int resp_inquiry(struct scsi_cmnd *scp, struct sdebug_dev_info *devip)
1946{
1947 unsigned char pq_pdt;
1948 unsigned char *arr;
1949 unsigned char *cmd = scp->cmnd;
1950 u32 alloc_len, n;
1951 int ret;
1952 bool have_wlun, is_disk, is_zbc, is_disk_zbc;
1953
1954 alloc_len = get_unaligned_be16(cmd + 3);
1955 arr = kzalloc(SDEBUG_MAX_INQ_ARR_SZ, GFP_ATOMIC);
1956 if (! arr)
1957 return DID_REQUEUE << 16;
1958 is_disk = (sdebug_ptype == TYPE_DISK);
1959 is_zbc = devip->zoned;
1960 is_disk_zbc = (is_disk || is_zbc);
1961 have_wlun = scsi_is_wlun(scp->device->lun);
1962 if (have_wlun)
1963 pq_pdt = TYPE_WLUN; /* present, wlun */
1964 else if (sdebug_no_lun_0 && (devip->lun == SDEBUG_LUN_0_VAL))
1965 pq_pdt = 0x7f; /* not present, PQ=3, PDT=0x1f */
1966 else
1967 pq_pdt = (sdebug_ptype & 0x1f);
1968 arr[0] = pq_pdt;
1969 if (0x2 & cmd[1]) { /* CMDDT bit set */
1970 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 1, 1);
1971 kfree(arr);
1972 return check_condition_result;
1973 } else if (0x1 & cmd[1]) { /* EVPD bit set */
1974 int lu_id_num, port_group_id, target_dev_id;
1975 u32 len;
1976 char lu_id_str[6];
1977 int host_no = devip->sdbg_host->shost->host_no;
1978
1979 arr[1] = cmd[2];
1980 port_group_id = (((host_no + 1) & 0x7f) << 8) +
1981 (devip->channel & 0x7f);
1982 if (sdebug_vpd_use_hostno == 0)
1983 host_no = 0;
1984 lu_id_num = have_wlun ? -1 : (((host_no + 1) * 2000) +
1985 (devip->target * 1000) + devip->lun);
1986 target_dev_id = ((host_no + 1) * 2000) +
1987 (devip->target * 1000) - 3;
1988 len = scnprintf(lu_id_str, 6, "%d", lu_id_num);
1989 if (0 == cmd[2]) { /* supported vital product data pages */
1990 n = 4;
1991 arr[n++] = 0x0; /* this page */
1992 arr[n++] = 0x80; /* unit serial number */
1993 arr[n++] = 0x83; /* device identification */
1994 arr[n++] = 0x84; /* software interface ident. */
1995 arr[n++] = 0x85; /* management network addresses */
1996 arr[n++] = 0x86; /* extended inquiry */
1997 arr[n++] = 0x87; /* mode page policy */
1998 arr[n++] = 0x88; /* SCSI ports */
1999 if (is_disk_zbc) { /* SBC or ZBC */
2000 arr[n++] = 0x89; /* ATA information */
2001 arr[n++] = 0xb0; /* Block limits */
2002 arr[n++] = 0xb1; /* Block characteristics */
2003 if (is_disk)
2004 arr[n++] = 0xb2; /* LB Provisioning */
2005 if (is_zbc)
2006 arr[n++] = 0xb6; /* ZB dev. char. */
2007 arr[n++] = 0xb7; /* Block limits extension */
2008 }
2009 arr[3] = n - 4; /* number of supported VPD pages */
2010 } else if (0x80 == cmd[2]) { /* unit serial number */
2011 arr[3] = len;
2012 memcpy(&arr[4], lu_id_str, len);
2013 } else if (0x83 == cmd[2]) { /* device identification */
2014 arr[3] = inquiry_vpd_83(&arr[4], port_group_id,
2015 target_dev_id, lu_id_num,
2016 lu_id_str, len,
2017 &devip->lu_name);
2018 } else if (0x84 == cmd[2]) { /* Software interface ident. */
2019 arr[3] = inquiry_vpd_84(&arr[4]);
2020 } else if (0x85 == cmd[2]) { /* Management network addresses */
2021 arr[3] = inquiry_vpd_85(&arr[4]);
2022 } else if (0x86 == cmd[2]) { /* extended inquiry */
2023 arr[3] = 0x3c; /* number of following entries */
2024 if (sdebug_dif == T10_PI_TYPE3_PROTECTION)
2025 arr[4] = 0x4; /* SPT: GRD_CHK:1 */
2026 else if (have_dif_prot)
2027 arr[4] = 0x5; /* SPT: GRD_CHK:1, REF_CHK:1 */
2028 else
2029 arr[4] = 0x0; /* no protection stuff */
2030 /*
2031 * GROUP_SUP=1; HEADSUP=1 (HEAD OF QUEUE); ORDSUP=1
2032 * (ORDERED queuing); SIMPSUP=1 (SIMPLE queuing).
2033 */
2034 arr[5] = 0x17;
2035 } else if (0x87 == cmd[2]) { /* mode page policy */
2036 arr[3] = 0x8; /* number of following entries */
2037 arr[4] = 0x2; /* disconnect-reconnect mp */
2038 arr[6] = 0x80; /* mlus, shared */
2039 arr[8] = 0x18; /* protocol specific lu */
2040 arr[10] = 0x82; /* mlus, per initiator port */
2041 } else if (0x88 == cmd[2]) { /* SCSI Ports */
2042 arr[3] = inquiry_vpd_88(&arr[4], target_dev_id);
2043 } else if (is_disk_zbc && 0x89 == cmd[2]) { /* ATA info */
2044 n = inquiry_vpd_89(&arr[4]);
2045 put_unaligned_be16(n, arr + 2);
2046 } else if (is_disk_zbc && 0xb0 == cmd[2]) { /* Block limits */
2047 arr[3] = inquiry_vpd_b0(&arr[4]);
2048 } else if (is_disk_zbc && 0xb1 == cmd[2]) { /* Block char. */
2049 arr[3] = inquiry_vpd_b1(devip, &arr[4]);
2050 } else if (is_disk && 0xb2 == cmd[2]) { /* LB Prov. */
2051 arr[3] = inquiry_vpd_b2(&arr[4]);
2052 } else if (is_zbc && cmd[2] == 0xb6) { /* ZB dev. charact. */
2053 arr[3] = inquiry_vpd_b6(devip, &arr[4]);
2054 } else if (cmd[2] == 0xb7) { /* block limits extension page */
2055 arr[3] = inquiry_vpd_b7(&arr[4]);
2056 } else {
2057 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 2, -1);
2058 kfree(arr);
2059 return check_condition_result;
2060 }
2061 len = min_t(u32, get_unaligned_be16(arr + 2) + 4, alloc_len);
2062 ret = fill_from_dev_buffer(scp, arr,
2063 min_t(u32, len, SDEBUG_MAX_INQ_ARR_SZ));
2064 kfree(arr);
2065 return ret;
2066 }
2067 /* drops through here for a standard inquiry */
2068 arr[1] = sdebug_removable ? 0x80 : 0; /* Removable disk */
2069 arr[2] = sdebug_scsi_level;
2070 arr[3] = 2; /* response_data_format==2 */
2071 arr[4] = SDEBUG_LONG_INQ_SZ - 5;
2072 arr[5] = (int)have_dif_prot; /* PROTECT bit */
2073 if (sdebug_vpd_use_hostno == 0)
2074 arr[5] |= 0x10; /* claim: implicit TPGS */
2075 arr[6] = 0x10; /* claim: MultiP */
2076 /* arr[6] |= 0x40; ... claim: EncServ (enclosure services) */
2077 arr[7] = 0xa; /* claim: LINKED + CMDQUE */
2078 memcpy(&arr[8], sdebug_inq_vendor_id, 8);
2079 memcpy(&arr[16], sdebug_inq_product_id, 16);
2080 memcpy(&arr[32], sdebug_inq_product_rev, 4);
2081 /* Use Vendor Specific area to place driver date in ASCII hex */
2082 memcpy(&arr[36], sdebug_version_date, 8);
2083 /* version descriptors (2 bytes each) follow */
2084 put_unaligned_be16(0xc0, arr + 58); /* SAM-6 no version claimed */
2085 put_unaligned_be16(0x5c0, arr + 60); /* SPC-5 no version claimed */
2086 n = 62;
2087 if (is_disk) { /* SBC-4 no version claimed */
2088 put_unaligned_be16(0x600, arr + n);
2089 n += 2;
2090 } else if (sdebug_ptype == TYPE_TAPE) { /* SSC-4 rev 3 */
2091 put_unaligned_be16(0x525, arr + n);
2092 n += 2;
2093 } else if (is_zbc) { /* ZBC BSR INCITS 536 revision 05 */
2094 put_unaligned_be16(0x624, arr + n);
2095 n += 2;
2096 }
2097 put_unaligned_be16(0x2100, arr + n); /* SPL-4 no version claimed */
2098 ret = fill_from_dev_buffer(scp, arr,
2099 min_t(u32, alloc_len, SDEBUG_LONG_INQ_SZ));
2100 kfree(arr);
2101 return ret;
2102}
2103
2104/* See resp_iec_m_pg() for how this data is manipulated */
2105static unsigned char iec_m_pg[] = {0x1c, 0xa, 0x08, 0, 0, 0, 0, 0,
2106 0, 0, 0x0, 0x0};
2107
2108static int resp_requests(struct scsi_cmnd *scp,
2109 struct sdebug_dev_info *devip)
2110{
2111 unsigned char *cmd = scp->cmnd;
2112 unsigned char arr[SCSI_SENSE_BUFFERSIZE]; /* assume >= 18 bytes */
2113 bool dsense = !!(cmd[1] & 1);
2114 u32 alloc_len = cmd[4];
2115 u32 len = 18;
2116 int stopped_state = atomic_read(&devip->stopped);
2117
2118 memset(arr, 0, sizeof(arr));
2119 if (stopped_state > 0) { /* some "pollable" data [spc6r02: 5.12.2] */
2120 if (dsense) {
2121 arr[0] = 0x72;
2122 arr[1] = NOT_READY;
2123 arr[2] = LOGICAL_UNIT_NOT_READY;
2124 arr[3] = (stopped_state == 2) ? 0x1 : 0x2;
2125 len = 8;
2126 } else {
2127 arr[0] = 0x70;
2128 arr[2] = NOT_READY; /* NO_SENSE in sense_key */
2129 arr[7] = 0xa; /* 18 byte sense buffer */
2130 arr[12] = LOGICAL_UNIT_NOT_READY;
2131 arr[13] = (stopped_state == 2) ? 0x1 : 0x2;
2132 }
2133 } else if ((iec_m_pg[2] & 0x4) && (6 == (iec_m_pg[3] & 0xf))) {
2134 /* Information exceptions control mode page: TEST=1, MRIE=6 */
2135 if (dsense) {
2136 arr[0] = 0x72;
2137 arr[1] = 0x0; /* NO_SENSE in sense_key */
2138 arr[2] = THRESHOLD_EXCEEDED;
2139 arr[3] = 0xff; /* Failure prediction(false) */
2140 len = 8;
2141 } else {
2142 arr[0] = 0x70;
2143 arr[2] = 0x0; /* NO_SENSE in sense_key */
2144 arr[7] = 0xa; /* 18 byte sense buffer */
2145 arr[12] = THRESHOLD_EXCEEDED;
2146 arr[13] = 0xff; /* Failure prediction(false) */
2147 }
2148 } else { /* nothing to report */
2149 if (dsense) {
2150 len = 8;
2151 memset(arr, 0, len);
2152 arr[0] = 0x72;
2153 } else {
2154 memset(arr, 0, len);
2155 arr[0] = 0x70;
2156 arr[7] = 0xa;
2157 }
2158 }
2159 return fill_from_dev_buffer(scp, arr, min_t(u32, len, alloc_len));
2160}
2161
2162static int resp_start_stop(struct scsi_cmnd *scp, struct sdebug_dev_info *devip)
2163{
2164 unsigned char *cmd = scp->cmnd;
2165 int power_cond, want_stop, stopped_state;
2166 bool changing;
2167
2168 power_cond = (cmd[4] & 0xf0) >> 4;
2169 if (power_cond) {
2170 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 4, 7);
2171 return check_condition_result;
2172 }
2173 want_stop = !(cmd[4] & 1);
2174 stopped_state = atomic_read(&devip->stopped);
2175 if (stopped_state == 2) {
2176 ktime_t now_ts = ktime_get_boottime();
2177
2178 if (ktime_to_ns(now_ts) > ktime_to_ns(devip->create_ts)) {
2179 u64 diff_ns = ktime_to_ns(ktime_sub(now_ts, devip->create_ts));
2180
2181 if (diff_ns >= ((u64)sdeb_tur_ms_to_ready * 1000000)) {
2182 /* tur_ms_to_ready timer extinguished */
2183 atomic_set(&devip->stopped, 0);
2184 stopped_state = 0;
2185 }
2186 }
2187 if (stopped_state == 2) {
2188 if (want_stop) {
2189 stopped_state = 1; /* dummy up success */
2190 } else { /* Disallow tur_ms_to_ready delay to be overridden */
2191 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 4, 0 /* START bit */);
2192 return check_condition_result;
2193 }
2194 }
2195 }
2196 changing = (stopped_state != want_stop);
2197 if (changing)
2198 atomic_xchg(&devip->stopped, want_stop);
2199 if (!changing || (cmd[1] & 0x1)) /* state unchanged or IMMED bit set in cdb */
2200 return SDEG_RES_IMMED_MASK;
2201 else
2202 return 0;
2203}
2204
2205static sector_t get_sdebug_capacity(void)
2206{
2207 static const unsigned int gibibyte = 1073741824;
2208
2209 if (sdebug_virtual_gb > 0)
2210 return (sector_t)sdebug_virtual_gb *
2211 (gibibyte / sdebug_sector_size);
2212 else
2213 return sdebug_store_sectors;
2214}
2215
2216#define SDEBUG_READCAP_ARR_SZ 8
2217static int resp_readcap(struct scsi_cmnd *scp,
2218 struct sdebug_dev_info *devip)
2219{
2220 unsigned char arr[SDEBUG_READCAP_ARR_SZ];
2221 unsigned int capac;
2222
2223 /* following just in case virtual_gb changed */
2224 sdebug_capacity = get_sdebug_capacity();
2225 memset(arr, 0, SDEBUG_READCAP_ARR_SZ);
2226 if (sdebug_capacity < 0xffffffff) {
2227 capac = (unsigned int)sdebug_capacity - 1;
2228 put_unaligned_be32(capac, arr + 0);
2229 } else
2230 put_unaligned_be32(0xffffffff, arr + 0);
2231 put_unaligned_be16(sdebug_sector_size, arr + 6);
2232 return fill_from_dev_buffer(scp, arr, SDEBUG_READCAP_ARR_SZ);
2233}
2234
2235#define SDEBUG_READCAP16_ARR_SZ 32
2236static int resp_readcap16(struct scsi_cmnd *scp,
2237 struct sdebug_dev_info *devip)
2238{
2239 unsigned char *cmd = scp->cmnd;
2240 unsigned char arr[SDEBUG_READCAP16_ARR_SZ];
2241 u32 alloc_len;
2242
2243 alloc_len = get_unaligned_be32(cmd + 10);
2244 /* following just in case virtual_gb changed */
2245 sdebug_capacity = get_sdebug_capacity();
2246 memset(arr, 0, SDEBUG_READCAP16_ARR_SZ);
2247 put_unaligned_be64((u64)(sdebug_capacity - 1), arr + 0);
2248 put_unaligned_be32(sdebug_sector_size, arr + 8);
2249 arr[13] = sdebug_physblk_exp & 0xf;
2250 arr[14] = (sdebug_lowest_aligned >> 8) & 0x3f;
2251
2252 if (scsi_debug_lbp()) {
2253 arr[14] |= 0x80; /* LBPME */
2254 /* from sbc4r07, this LBPRZ field is 1 bit, but the LBPRZ in
2255 * the LB Provisioning VPD page is 3 bits. Note that lbprz=2
2256 * in the wider field maps to 0 in this field.
2257 */
2258 if (sdebug_lbprz & 1) /* precisely what the draft requires */
2259 arr[14] |= 0x40;
2260 }
2261
2262 /*
2263 * Since the scsi_debug READ CAPACITY implementation always reports the
2264 * total disk capacity, set RC BASIS = 1 for host-managed ZBC devices.
2265 */
2266 if (devip->zoned)
2267 arr[12] |= 1 << 4;
2268
2269 arr[15] = sdebug_lowest_aligned & 0xff;
2270
2271 if (have_dif_prot) {
2272 arr[12] = (sdebug_dif - 1) << 1; /* P_TYPE */
2273 arr[12] |= 1; /* PROT_EN */
2274 }
2275
2276 return fill_from_dev_buffer(scp, arr,
2277 min_t(u32, alloc_len, SDEBUG_READCAP16_ARR_SZ));
2278}
2279
2280#define SDEBUG_MAX_TGTPGS_ARR_SZ 1412
2281
2282static int resp_report_tgtpgs(struct scsi_cmnd *scp,
2283 struct sdebug_dev_info *devip)
2284{
2285 unsigned char *cmd = scp->cmnd;
2286 unsigned char *arr;
2287 int host_no = devip->sdbg_host->shost->host_no;
2288 int port_group_a, port_group_b, port_a, port_b;
2289 u32 alen, n, rlen;
2290 int ret;
2291
2292 alen = get_unaligned_be32(cmd + 6);
2293 arr = kzalloc(SDEBUG_MAX_TGTPGS_ARR_SZ, GFP_ATOMIC);
2294 if (! arr)
2295 return DID_REQUEUE << 16;
2296 /*
2297 * EVPD page 0x88 states we have two ports, one
2298 * real and a fake port with no device connected.
2299 * So we create two port groups with one port each
2300 * and set the group with port B to unavailable.
2301 */
2302 port_a = 0x1; /* relative port A */
2303 port_b = 0x2; /* relative port B */
2304 port_group_a = (((host_no + 1) & 0x7f) << 8) +
2305 (devip->channel & 0x7f);
2306 port_group_b = (((host_no + 1) & 0x7f) << 8) +
2307 (devip->channel & 0x7f) + 0x80;
2308
2309 /*
2310 * The asymmetric access state is cycled according to the host_id.
2311 */
2312 n = 4;
2313 if (sdebug_vpd_use_hostno == 0) {
2314 arr[n++] = host_no % 3; /* Asymm access state */
2315 arr[n++] = 0x0F; /* claim: all states are supported */
2316 } else {
2317 arr[n++] = 0x0; /* Active/Optimized path */
2318 arr[n++] = 0x01; /* only support active/optimized paths */
2319 }
2320 put_unaligned_be16(port_group_a, arr + n);
2321 n += 2;
2322 arr[n++] = 0; /* Reserved */
2323 arr[n++] = 0; /* Status code */
2324 arr[n++] = 0; /* Vendor unique */
2325 arr[n++] = 0x1; /* One port per group */
2326 arr[n++] = 0; /* Reserved */
2327 arr[n++] = 0; /* Reserved */
2328 put_unaligned_be16(port_a, arr + n);
2329 n += 2;
2330 arr[n++] = 3; /* Port unavailable */
2331 arr[n++] = 0x08; /* claim: only unavailalbe paths are supported */
2332 put_unaligned_be16(port_group_b, arr + n);
2333 n += 2;
2334 arr[n++] = 0; /* Reserved */
2335 arr[n++] = 0; /* Status code */
2336 arr[n++] = 0; /* Vendor unique */
2337 arr[n++] = 0x1; /* One port per group */
2338 arr[n++] = 0; /* Reserved */
2339 arr[n++] = 0; /* Reserved */
2340 put_unaligned_be16(port_b, arr + n);
2341 n += 2;
2342
2343 rlen = n - 4;
2344 put_unaligned_be32(rlen, arr + 0);
2345
2346 /*
2347 * Return the smallest value of either
2348 * - The allocated length
2349 * - The constructed command length
2350 * - The maximum array size
2351 */
2352 rlen = min(alen, n);
2353 ret = fill_from_dev_buffer(scp, arr,
2354 min_t(u32, rlen, SDEBUG_MAX_TGTPGS_ARR_SZ));
2355 kfree(arr);
2356 return ret;
2357}
2358
2359static int resp_rsup_opcodes(struct scsi_cmnd *scp,
2360 struct sdebug_dev_info *devip)
2361{
2362 bool rctd;
2363 u8 reporting_opts, req_opcode, sdeb_i, supp;
2364 u16 req_sa, u;
2365 u32 alloc_len, a_len;
2366 int k, offset, len, errsts, count, bump, na;
2367 const struct opcode_info_t *oip;
2368 const struct opcode_info_t *r_oip;
2369 u8 *arr;
2370 u8 *cmd = scp->cmnd;
2371
2372 rctd = !!(cmd[2] & 0x80);
2373 reporting_opts = cmd[2] & 0x7;
2374 req_opcode = cmd[3];
2375 req_sa = get_unaligned_be16(cmd + 4);
2376 alloc_len = get_unaligned_be32(cmd + 6);
2377 if (alloc_len < 4 || alloc_len > 0xffff) {
2378 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 6, -1);
2379 return check_condition_result;
2380 }
2381 if (alloc_len > 8192)
2382 a_len = 8192;
2383 else
2384 a_len = alloc_len;
2385 arr = kzalloc((a_len < 256) ? 320 : a_len + 64, GFP_ATOMIC);
2386 if (NULL == arr) {
2387 mk_sense_buffer(scp, ILLEGAL_REQUEST, INSUFF_RES_ASC,
2388 INSUFF_RES_ASCQ);
2389 return check_condition_result;
2390 }
2391 switch (reporting_opts) {
2392 case 0: /* all commands */
2393 /* count number of commands */
2394 for (count = 0, oip = opcode_info_arr;
2395 oip->num_attached != 0xff; ++oip) {
2396 if (F_INV_OP & oip->flags)
2397 continue;
2398 count += (oip->num_attached + 1);
2399 }
2400 bump = rctd ? 20 : 8;
2401 put_unaligned_be32(count * bump, arr);
2402 for (offset = 4, oip = opcode_info_arr;
2403 oip->num_attached != 0xff && offset < a_len; ++oip) {
2404 if (F_INV_OP & oip->flags)
2405 continue;
2406 na = oip->num_attached;
2407 arr[offset] = oip->opcode;
2408 put_unaligned_be16(oip->sa, arr + offset + 2);
2409 if (rctd)
2410 arr[offset + 5] |= 0x2;
2411 if (FF_SA & oip->flags)
2412 arr[offset + 5] |= 0x1;
2413 put_unaligned_be16(oip->len_mask[0], arr + offset + 6);
2414 if (rctd)
2415 put_unaligned_be16(0xa, arr + offset + 8);
2416 r_oip = oip;
2417 for (k = 0, oip = oip->arrp; k < na; ++k, ++oip) {
2418 if (F_INV_OP & oip->flags)
2419 continue;
2420 offset += bump;
2421 arr[offset] = oip->opcode;
2422 put_unaligned_be16(oip->sa, arr + offset + 2);
2423 if (rctd)
2424 arr[offset + 5] |= 0x2;
2425 if (FF_SA & oip->flags)
2426 arr[offset + 5] |= 0x1;
2427 put_unaligned_be16(oip->len_mask[0],
2428 arr + offset + 6);
2429 if (rctd)
2430 put_unaligned_be16(0xa,
2431 arr + offset + 8);
2432 }
2433 oip = r_oip;
2434 offset += bump;
2435 }
2436 break;
2437 case 1: /* one command: opcode only */
2438 case 2: /* one command: opcode plus service action */
2439 case 3: /* one command: if sa==0 then opcode only else opcode+sa */
2440 sdeb_i = opcode_ind_arr[req_opcode];
2441 oip = &opcode_info_arr[sdeb_i];
2442 if (F_INV_OP & oip->flags) {
2443 supp = 1;
2444 offset = 4;
2445 } else {
2446 if (1 == reporting_opts) {
2447 if (FF_SA & oip->flags) {
2448 mk_sense_invalid_fld(scp, SDEB_IN_CDB,
2449 2, 2);
2450 kfree(arr);
2451 return check_condition_result;
2452 }
2453 req_sa = 0;
2454 } else if (2 == reporting_opts &&
2455 0 == (FF_SA & oip->flags)) {
2456 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 4, -1);
2457 kfree(arr); /* point at requested sa */
2458 return check_condition_result;
2459 }
2460 if (0 == (FF_SA & oip->flags) &&
2461 req_opcode == oip->opcode)
2462 supp = 3;
2463 else if (0 == (FF_SA & oip->flags)) {
2464 na = oip->num_attached;
2465 for (k = 0, oip = oip->arrp; k < na;
2466 ++k, ++oip) {
2467 if (req_opcode == oip->opcode)
2468 break;
2469 }
2470 supp = (k >= na) ? 1 : 3;
2471 } else if (req_sa != oip->sa) {
2472 na = oip->num_attached;
2473 for (k = 0, oip = oip->arrp; k < na;
2474 ++k, ++oip) {
2475 if (req_sa == oip->sa)
2476 break;
2477 }
2478 supp = (k >= na) ? 1 : 3;
2479 } else
2480 supp = 3;
2481 if (3 == supp) {
2482 u = oip->len_mask[0];
2483 put_unaligned_be16(u, arr + 2);
2484 arr[4] = oip->opcode;
2485 for (k = 1; k < u; ++k)
2486 arr[4 + k] = (k < 16) ?
2487 oip->len_mask[k] : 0xff;
2488 offset = 4 + u;
2489 } else
2490 offset = 4;
2491 }
2492 arr[1] = (rctd ? 0x80 : 0) | supp;
2493 if (rctd) {
2494 put_unaligned_be16(0xa, arr + offset);
2495 offset += 12;
2496 }
2497 break;
2498 default:
2499 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 2, 2);
2500 kfree(arr);
2501 return check_condition_result;
2502 }
2503 offset = (offset < a_len) ? offset : a_len;
2504 len = (offset < alloc_len) ? offset : alloc_len;
2505 errsts = fill_from_dev_buffer(scp, arr, len);
2506 kfree(arr);
2507 return errsts;
2508}
2509
2510static int resp_rsup_tmfs(struct scsi_cmnd *scp,
2511 struct sdebug_dev_info *devip)
2512{
2513 bool repd;
2514 u32 alloc_len, len;
2515 u8 arr[16];
2516 u8 *cmd = scp->cmnd;
2517
2518 memset(arr, 0, sizeof(arr));
2519 repd = !!(cmd[2] & 0x80);
2520 alloc_len = get_unaligned_be32(cmd + 6);
2521 if (alloc_len < 4) {
2522 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 6, -1);
2523 return check_condition_result;
2524 }
2525 arr[0] = 0xc8; /* ATS | ATSS | LURS */
2526 arr[1] = 0x1; /* ITNRS */
2527 if (repd) {
2528 arr[3] = 0xc;
2529 len = 16;
2530 } else
2531 len = 4;
2532
2533 len = (len < alloc_len) ? len : alloc_len;
2534 return fill_from_dev_buffer(scp, arr, len);
2535}
2536
2537/* <<Following mode page info copied from ST318451LW>> */
2538
2539static int resp_err_recov_pg(unsigned char *p, int pcontrol, int target)
2540{ /* Read-Write Error Recovery page for mode_sense */
2541 unsigned char err_recov_pg[] = {0x1, 0xa, 0xc0, 11, 240, 0, 0, 0,
2542 5, 0, 0xff, 0xff};
2543
2544 memcpy(p, err_recov_pg, sizeof(err_recov_pg));
2545 if (1 == pcontrol)
2546 memset(p + 2, 0, sizeof(err_recov_pg) - 2);
2547 return sizeof(err_recov_pg);
2548}
2549
2550static int resp_disconnect_pg(unsigned char *p, int pcontrol, int target)
2551{ /* Disconnect-Reconnect page for mode_sense */
2552 unsigned char disconnect_pg[] = {0x2, 0xe, 128, 128, 0, 10, 0, 0,
2553 0, 0, 0, 0, 0, 0, 0, 0};
2554
2555 memcpy(p, disconnect_pg, sizeof(disconnect_pg));
2556 if (1 == pcontrol)
2557 memset(p + 2, 0, sizeof(disconnect_pg) - 2);
2558 return sizeof(disconnect_pg);
2559}
2560
2561static int resp_format_pg(unsigned char *p, int pcontrol, int target)
2562{ /* Format device page for mode_sense */
2563 unsigned char format_pg[] = {0x3, 0x16, 0, 0, 0, 0, 0, 0,
2564 0, 0, 0, 0, 0, 0, 0, 0,
2565 0, 0, 0, 0, 0x40, 0, 0, 0};
2566
2567 memcpy(p, format_pg, sizeof(format_pg));
2568 put_unaligned_be16(sdebug_sectors_per, p + 10);
2569 put_unaligned_be16(sdebug_sector_size, p + 12);
2570 if (sdebug_removable)
2571 p[20] |= 0x20; /* should agree with INQUIRY */
2572 if (1 == pcontrol)
2573 memset(p + 2, 0, sizeof(format_pg) - 2);
2574 return sizeof(format_pg);
2575}
2576
2577static unsigned char caching_pg[] = {0x8, 18, 0x14, 0, 0xff, 0xff, 0, 0,
2578 0xff, 0xff, 0xff, 0xff, 0x80, 0x14, 0, 0,
2579 0, 0, 0, 0};
2580
2581static int resp_caching_pg(unsigned char *p, int pcontrol, int target)
2582{ /* Caching page for mode_sense */
2583 unsigned char ch_caching_pg[] = {/* 0x8, 18, */ 0x4, 0, 0, 0, 0, 0,
2584 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0};
2585 unsigned char d_caching_pg[] = {0x8, 18, 0x14, 0, 0xff, 0xff, 0, 0,
2586 0xff, 0xff, 0xff, 0xff, 0x80, 0x14, 0, 0, 0, 0, 0, 0};
2587
2588 if (SDEBUG_OPT_N_WCE & sdebug_opts)
2589 caching_pg[2] &= ~0x4; /* set WCE=0 (default WCE=1) */
2590 memcpy(p, caching_pg, sizeof(caching_pg));
2591 if (1 == pcontrol)
2592 memcpy(p + 2, ch_caching_pg, sizeof(ch_caching_pg));
2593 else if (2 == pcontrol)
2594 memcpy(p, d_caching_pg, sizeof(d_caching_pg));
2595 return sizeof(caching_pg);
2596}
2597
2598static unsigned char ctrl_m_pg[] = {0xa, 10, 2, 0, 0, 0, 0, 0,
2599 0, 0, 0x2, 0x4b};
2600
2601static int resp_ctrl_m_pg(unsigned char *p, int pcontrol, int target)
2602{ /* Control mode page for mode_sense */
2603 unsigned char ch_ctrl_m_pg[] = {/* 0xa, 10, */ 0x6, 0, 0, 0, 0, 0,
2604 0, 0, 0, 0};
2605 unsigned char d_ctrl_m_pg[] = {0xa, 10, 2, 0, 0, 0, 0, 0,
2606 0, 0, 0x2, 0x4b};
2607
2608 if (sdebug_dsense)
2609 ctrl_m_pg[2] |= 0x4;
2610 else
2611 ctrl_m_pg[2] &= ~0x4;
2612
2613 if (sdebug_ato)
2614 ctrl_m_pg[5] |= 0x80; /* ATO=1 */
2615
2616 memcpy(p, ctrl_m_pg, sizeof(ctrl_m_pg));
2617 if (1 == pcontrol)
2618 memcpy(p + 2, ch_ctrl_m_pg, sizeof(ch_ctrl_m_pg));
2619 else if (2 == pcontrol)
2620 memcpy(p, d_ctrl_m_pg, sizeof(d_ctrl_m_pg));
2621 return sizeof(ctrl_m_pg);
2622}
2623
2624/* IO Advice Hints Grouping mode page */
2625static int resp_grouping_m_pg(unsigned char *p, int pcontrol, int target)
2626{
2627 /* IO Advice Hints Grouping mode page */
2628 struct grouping_m_pg {
2629 u8 page_code; /* OR 0x40 when subpage_code > 0 */
2630 u8 subpage_code;
2631 __be16 page_length;
2632 u8 reserved[12];
2633 struct scsi_io_group_descriptor descr[MAXIMUM_NUMBER_OF_STREAMS];
2634 };
2635 static const struct grouping_m_pg gr_m_pg = {
2636 .page_code = 0xa | 0x40,
2637 .subpage_code = 5,
2638 .page_length = cpu_to_be16(sizeof(gr_m_pg) - 4),
2639 .descr = {
2640 { .st_enble = 1 },
2641 { .st_enble = 1 },
2642 { .st_enble = 1 },
2643 { .st_enble = 1 },
2644 { .st_enble = 1 },
2645 { .st_enble = 0 },
2646 }
2647 };
2648
2649 BUILD_BUG_ON(sizeof(struct grouping_m_pg) !=
2650 16 + MAXIMUM_NUMBER_OF_STREAMS * 16);
2651 memcpy(p, &gr_m_pg, sizeof(gr_m_pg));
2652 if (1 == pcontrol) {
2653 /* There are no changeable values so clear from byte 4 on. */
2654 memset(p + 4, 0, sizeof(gr_m_pg) - 4);
2655 }
2656 return sizeof(gr_m_pg);
2657}
2658
2659static int resp_iec_m_pg(unsigned char *p, int pcontrol, int target)
2660{ /* Informational Exceptions control mode page for mode_sense */
2661 unsigned char ch_iec_m_pg[] = {/* 0x1c, 0xa, */ 0x4, 0xf, 0, 0, 0, 0,
2662 0, 0, 0x0, 0x0};
2663 unsigned char d_iec_m_pg[] = {0x1c, 0xa, 0x08, 0, 0, 0, 0, 0,
2664 0, 0, 0x0, 0x0};
2665
2666 memcpy(p, iec_m_pg, sizeof(iec_m_pg));
2667 if (1 == pcontrol)
2668 memcpy(p + 2, ch_iec_m_pg, sizeof(ch_iec_m_pg));
2669 else if (2 == pcontrol)
2670 memcpy(p, d_iec_m_pg, sizeof(d_iec_m_pg));
2671 return sizeof(iec_m_pg);
2672}
2673
2674static int resp_sas_sf_m_pg(unsigned char *p, int pcontrol, int target)
2675{ /* SAS SSP mode page - short format for mode_sense */
2676 unsigned char sas_sf_m_pg[] = {0x19, 0x6,
2677 0x6, 0x0, 0x7, 0xd0, 0x0, 0x0};
2678
2679 memcpy(p, sas_sf_m_pg, sizeof(sas_sf_m_pg));
2680 if (1 == pcontrol)
2681 memset(p + 2, 0, sizeof(sas_sf_m_pg) - 2);
2682 return sizeof(sas_sf_m_pg);
2683}
2684
2685
2686static int resp_sas_pcd_m_spg(unsigned char *p, int pcontrol, int target,
2687 int target_dev_id)
2688{ /* SAS phy control and discover mode page for mode_sense */
2689 unsigned char sas_pcd_m_pg[] = {0x59, 0x1, 0, 0x64, 0, 0x6, 0, 2,
2690 0, 0, 0, 0, 0x10, 0x9, 0x8, 0x0,
2691 0, 0, 0, 0, 0, 0, 0, 0, /* insert SAS addr */
2692 0, 0, 0, 0, 0, 0, 0, 0, /* insert SAS addr */
2693 0x2, 0, 0, 0, 0, 0, 0, 0,
2694 0x88, 0x99, 0, 0, 0, 0, 0, 0,
2695 0, 0, 0, 0, 0, 0, 0, 0,
2696 0, 1, 0, 0, 0x10, 0x9, 0x8, 0x0,
2697 0, 0, 0, 0, 0, 0, 0, 0, /* insert SAS addr */
2698 0, 0, 0, 0, 0, 0, 0, 0, /* insert SAS addr */
2699 0x3, 0, 0, 0, 0, 0, 0, 0,
2700 0x88, 0x99, 0, 0, 0, 0, 0, 0,
2701 0, 0, 0, 0, 0, 0, 0, 0,
2702 };
2703 int port_a, port_b;
2704
2705 put_unaligned_be64(naa3_comp_a, sas_pcd_m_pg + 16);
2706 put_unaligned_be64(naa3_comp_c + 1, sas_pcd_m_pg + 24);
2707 put_unaligned_be64(naa3_comp_a, sas_pcd_m_pg + 64);
2708 put_unaligned_be64(naa3_comp_c + 1, sas_pcd_m_pg + 72);
2709 port_a = target_dev_id + 1;
2710 port_b = port_a + 1;
2711 memcpy(p, sas_pcd_m_pg, sizeof(sas_pcd_m_pg));
2712 put_unaligned_be32(port_a, p + 20);
2713 put_unaligned_be32(port_b, p + 48 + 20);
2714 if (1 == pcontrol)
2715 memset(p + 4, 0, sizeof(sas_pcd_m_pg) - 4);
2716 return sizeof(sas_pcd_m_pg);
2717}
2718
2719static int resp_sas_sha_m_spg(unsigned char *p, int pcontrol)
2720{ /* SAS SSP shared protocol specific port mode subpage */
2721 unsigned char sas_sha_m_pg[] = {0x59, 0x2, 0, 0xc, 0, 0x6, 0x10, 0,
2722 0, 0, 0, 0, 0, 0, 0, 0,
2723 };
2724
2725 memcpy(p, sas_sha_m_pg, sizeof(sas_sha_m_pg));
2726 if (1 == pcontrol)
2727 memset(p + 4, 0, sizeof(sas_sha_m_pg) - 4);
2728 return sizeof(sas_sha_m_pg);
2729}
2730
2731/* PAGE_SIZE is more than necessary but provides room for future expansion. */
2732#define SDEBUG_MAX_MSENSE_SZ PAGE_SIZE
2733
2734static int resp_mode_sense(struct scsi_cmnd *scp,
2735 struct sdebug_dev_info *devip)
2736{
2737 int pcontrol, pcode, subpcode, bd_len;
2738 unsigned char dev_spec;
2739 u32 alloc_len, offset, len;
2740 int target_dev_id;
2741 int target = scp->device->id;
2742 unsigned char *ap;
2743 unsigned char *arr __free(kfree);
2744 unsigned char *cmd = scp->cmnd;
2745 bool dbd, llbaa, msense_6, is_disk, is_zbc;
2746
2747 arr = kzalloc(SDEBUG_MAX_MSENSE_SZ, GFP_ATOMIC);
2748 if (!arr)
2749 return -ENOMEM;
2750 dbd = !!(cmd[1] & 0x8); /* disable block descriptors */
2751 pcontrol = (cmd[2] & 0xc0) >> 6;
2752 pcode = cmd[2] & 0x3f;
2753 subpcode = cmd[3];
2754 msense_6 = (MODE_SENSE == cmd[0]);
2755 llbaa = msense_6 ? false : !!(cmd[1] & 0x10);
2756 is_disk = (sdebug_ptype == TYPE_DISK);
2757 is_zbc = devip->zoned;
2758 if ((is_disk || is_zbc) && !dbd)
2759 bd_len = llbaa ? 16 : 8;
2760 else
2761 bd_len = 0;
2762 alloc_len = msense_6 ? cmd[4] : get_unaligned_be16(cmd + 7);
2763 if (0x3 == pcontrol) { /* Saving values not supported */
2764 mk_sense_buffer(scp, ILLEGAL_REQUEST, SAVING_PARAMS_UNSUP, 0);
2765 return check_condition_result;
2766 }
2767 target_dev_id = ((devip->sdbg_host->shost->host_no + 1) * 2000) +
2768 (devip->target * 1000) - 3;
2769 /* for disks+zbc set DPOFUA bit and clear write protect (WP) bit */
2770 if (is_disk || is_zbc) {
2771 dev_spec = 0x10; /* =0x90 if WP=1 implies read-only */
2772 if (sdebug_wp)
2773 dev_spec |= 0x80;
2774 } else
2775 dev_spec = 0x0;
2776 if (msense_6) {
2777 arr[2] = dev_spec;
2778 arr[3] = bd_len;
2779 offset = 4;
2780 } else {
2781 arr[3] = dev_spec;
2782 if (16 == bd_len)
2783 arr[4] = 0x1; /* set LONGLBA bit */
2784 arr[7] = bd_len; /* assume 255 or less */
2785 offset = 8;
2786 }
2787 ap = arr + offset;
2788 if ((bd_len > 0) && (!sdebug_capacity))
2789 sdebug_capacity = get_sdebug_capacity();
2790
2791 if (8 == bd_len) {
2792 if (sdebug_capacity > 0xfffffffe)
2793 put_unaligned_be32(0xffffffff, ap + 0);
2794 else
2795 put_unaligned_be32(sdebug_capacity, ap + 0);
2796 put_unaligned_be16(sdebug_sector_size, ap + 6);
2797 offset += bd_len;
2798 ap = arr + offset;
2799 } else if (16 == bd_len) {
2800 put_unaligned_be64((u64)sdebug_capacity, ap + 0);
2801 put_unaligned_be32(sdebug_sector_size, ap + 12);
2802 offset += bd_len;
2803 ap = arr + offset;
2804 }
2805
2806 /*
2807 * N.B. If len>0 before resp_*_pg() call, then form of that call should be:
2808 * len += resp_*_pg(ap + len, pcontrol, target);
2809 */
2810 switch (pcode) {
2811 case 0x1: /* Read-Write error recovery page, direct access */
2812 if (subpcode > 0x0 && subpcode < 0xff)
2813 goto bad_subpcode;
2814 len = resp_err_recov_pg(ap, pcontrol, target);
2815 offset += len;
2816 break;
2817 case 0x2: /* Disconnect-Reconnect page, all devices */
2818 if (subpcode > 0x0 && subpcode < 0xff)
2819 goto bad_subpcode;
2820 len = resp_disconnect_pg(ap, pcontrol, target);
2821 offset += len;
2822 break;
2823 case 0x3: /* Format device page, direct access */
2824 if (subpcode > 0x0 && subpcode < 0xff)
2825 goto bad_subpcode;
2826 if (is_disk) {
2827 len = resp_format_pg(ap, pcontrol, target);
2828 offset += len;
2829 } else {
2830 goto bad_pcode;
2831 }
2832 break;
2833 case 0x8: /* Caching page, direct access */
2834 if (subpcode > 0x0 && subpcode < 0xff)
2835 goto bad_subpcode;
2836 if (is_disk || is_zbc) {
2837 len = resp_caching_pg(ap, pcontrol, target);
2838 offset += len;
2839 } else {
2840 goto bad_pcode;
2841 }
2842 break;
2843 case 0xa: /* Control Mode page, all devices */
2844 switch (subpcode) {
2845 case 0:
2846 len = resp_ctrl_m_pg(ap, pcontrol, target);
2847 break;
2848 case 0x05:
2849 len = resp_grouping_m_pg(ap, pcontrol, target);
2850 break;
2851 case 0xff:
2852 len = resp_ctrl_m_pg(ap, pcontrol, target);
2853 len += resp_grouping_m_pg(ap + len, pcontrol, target);
2854 break;
2855 default:
2856 goto bad_subpcode;
2857 }
2858 offset += len;
2859 break;
2860 case 0x19: /* if spc==1 then sas phy, control+discover */
2861 if (subpcode > 0x2 && subpcode < 0xff)
2862 goto bad_subpcode;
2863 len = 0;
2864 if ((0x0 == subpcode) || (0xff == subpcode))
2865 len += resp_sas_sf_m_pg(ap + len, pcontrol, target);
2866 if ((0x1 == subpcode) || (0xff == subpcode))
2867 len += resp_sas_pcd_m_spg(ap + len, pcontrol, target,
2868 target_dev_id);
2869 if ((0x2 == subpcode) || (0xff == subpcode))
2870 len += resp_sas_sha_m_spg(ap + len, pcontrol);
2871 offset += len;
2872 break;
2873 case 0x1c: /* Informational Exceptions Mode page, all devices */
2874 if (subpcode > 0x0 && subpcode < 0xff)
2875 goto bad_subpcode;
2876 len = resp_iec_m_pg(ap, pcontrol, target);
2877 offset += len;
2878 break;
2879 case 0x3f: /* Read all Mode pages */
2880 if (subpcode > 0x0 && subpcode < 0xff)
2881 goto bad_subpcode;
2882 len = resp_err_recov_pg(ap, pcontrol, target);
2883 len += resp_disconnect_pg(ap + len, pcontrol, target);
2884 if (is_disk) {
2885 len += resp_format_pg(ap + len, pcontrol, target);
2886 len += resp_caching_pg(ap + len, pcontrol, target);
2887 } else if (is_zbc) {
2888 len += resp_caching_pg(ap + len, pcontrol, target);
2889 }
2890 len += resp_ctrl_m_pg(ap + len, pcontrol, target);
2891 if (0xff == subpcode)
2892 len += resp_grouping_m_pg(ap + len, pcontrol, target);
2893 len += resp_sas_sf_m_pg(ap + len, pcontrol, target);
2894 if (0xff == subpcode) {
2895 len += resp_sas_pcd_m_spg(ap + len, pcontrol, target,
2896 target_dev_id);
2897 len += resp_sas_sha_m_spg(ap + len, pcontrol);
2898 }
2899 len += resp_iec_m_pg(ap + len, pcontrol, target);
2900 offset += len;
2901 break;
2902 default:
2903 goto bad_pcode;
2904 }
2905 if (msense_6)
2906 arr[0] = offset - 1;
2907 else
2908 put_unaligned_be16((offset - 2), arr + 0);
2909 return fill_from_dev_buffer(scp, arr, min_t(u32, alloc_len, offset));
2910
2911bad_pcode:
2912 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 2, 5);
2913 return check_condition_result;
2914
2915bad_subpcode:
2916 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 3, -1);
2917 return check_condition_result;
2918}
2919
2920#define SDEBUG_MAX_MSELECT_SZ 512
2921
2922static int resp_mode_select(struct scsi_cmnd *scp,
2923 struct sdebug_dev_info *devip)
2924{
2925 int pf, sp, ps, md_len, bd_len, off, spf, pg_len;
2926 int param_len, res, mpage;
2927 unsigned char arr[SDEBUG_MAX_MSELECT_SZ];
2928 unsigned char *cmd = scp->cmnd;
2929 int mselect6 = (MODE_SELECT == cmd[0]);
2930
2931 memset(arr, 0, sizeof(arr));
2932 pf = cmd[1] & 0x10;
2933 sp = cmd[1] & 0x1;
2934 param_len = mselect6 ? cmd[4] : get_unaligned_be16(cmd + 7);
2935 if ((0 == pf) || sp || (param_len > SDEBUG_MAX_MSELECT_SZ)) {
2936 mk_sense_invalid_fld(scp, SDEB_IN_CDB, mselect6 ? 4 : 7, -1);
2937 return check_condition_result;
2938 }
2939 res = fetch_to_dev_buffer(scp, arr, param_len);
2940 if (-1 == res)
2941 return DID_ERROR << 16;
2942 else if (sdebug_verbose && (res < param_len))
2943 sdev_printk(KERN_INFO, scp->device,
2944 "%s: cdb indicated=%d, IO sent=%d bytes\n",
2945 __func__, param_len, res);
2946 md_len = mselect6 ? (arr[0] + 1) : (get_unaligned_be16(arr + 0) + 2);
2947 bd_len = mselect6 ? arr[3] : get_unaligned_be16(arr + 6);
2948 off = bd_len + (mselect6 ? 4 : 8);
2949 if (md_len > 2 || off >= res) {
2950 mk_sense_invalid_fld(scp, SDEB_IN_DATA, 0, -1);
2951 return check_condition_result;
2952 }
2953 mpage = arr[off] & 0x3f;
2954 ps = !!(arr[off] & 0x80);
2955 if (ps) {
2956 mk_sense_invalid_fld(scp, SDEB_IN_DATA, off, 7);
2957 return check_condition_result;
2958 }
2959 spf = !!(arr[off] & 0x40);
2960 pg_len = spf ? (get_unaligned_be16(arr + off + 2) + 4) :
2961 (arr[off + 1] + 2);
2962 if ((pg_len + off) > param_len) {
2963 mk_sense_buffer(scp, ILLEGAL_REQUEST,
2964 PARAMETER_LIST_LENGTH_ERR, 0);
2965 return check_condition_result;
2966 }
2967 switch (mpage) {
2968 case 0x8: /* Caching Mode page */
2969 if (caching_pg[1] == arr[off + 1]) {
2970 memcpy(caching_pg + 2, arr + off + 2,
2971 sizeof(caching_pg) - 2);
2972 goto set_mode_changed_ua;
2973 }
2974 break;
2975 case 0xa: /* Control Mode page */
2976 if (ctrl_m_pg[1] == arr[off + 1]) {
2977 memcpy(ctrl_m_pg + 2, arr + off + 2,
2978 sizeof(ctrl_m_pg) - 2);
2979 if (ctrl_m_pg[4] & 0x8)
2980 sdebug_wp = true;
2981 else
2982 sdebug_wp = false;
2983 sdebug_dsense = !!(ctrl_m_pg[2] & 0x4);
2984 goto set_mode_changed_ua;
2985 }
2986 break;
2987 case 0x1c: /* Informational Exceptions Mode page */
2988 if (iec_m_pg[1] == arr[off + 1]) {
2989 memcpy(iec_m_pg + 2, arr + off + 2,
2990 sizeof(iec_m_pg) - 2);
2991 goto set_mode_changed_ua;
2992 }
2993 break;
2994 default:
2995 break;
2996 }
2997 mk_sense_invalid_fld(scp, SDEB_IN_DATA, off, 5);
2998 return check_condition_result;
2999set_mode_changed_ua:
3000 set_bit(SDEBUG_UA_MODE_CHANGED, devip->uas_bm);
3001 return 0;
3002}
3003
3004static int resp_temp_l_pg(unsigned char *arr)
3005{
3006 unsigned char temp_l_pg[] = {0x0, 0x0, 0x3, 0x2, 0x0, 38,
3007 0x0, 0x1, 0x3, 0x2, 0x0, 65,
3008 };
3009
3010 memcpy(arr, temp_l_pg, sizeof(temp_l_pg));
3011 return sizeof(temp_l_pg);
3012}
3013
3014static int resp_ie_l_pg(unsigned char *arr)
3015{
3016 unsigned char ie_l_pg[] = {0x0, 0x0, 0x3, 0x3, 0x0, 0x0, 38,
3017 };
3018
3019 memcpy(arr, ie_l_pg, sizeof(ie_l_pg));
3020 if (iec_m_pg[2] & 0x4) { /* TEST bit set */
3021 arr[4] = THRESHOLD_EXCEEDED;
3022 arr[5] = 0xff;
3023 }
3024 return sizeof(ie_l_pg);
3025}
3026
3027static int resp_env_rep_l_spg(unsigned char *arr)
3028{
3029 unsigned char env_rep_l_spg[] = {0x0, 0x0, 0x23, 0x8,
3030 0x0, 40, 72, 0xff, 45, 18, 0, 0,
3031 0x1, 0x0, 0x23, 0x8,
3032 0x0, 55, 72, 35, 55, 45, 0, 0,
3033 };
3034
3035 memcpy(arr, env_rep_l_spg, sizeof(env_rep_l_spg));
3036 return sizeof(env_rep_l_spg);
3037}
3038
3039#define SDEBUG_MAX_LSENSE_SZ 512
3040
3041static int resp_log_sense(struct scsi_cmnd *scp,
3042 struct sdebug_dev_info *devip)
3043{
3044 int ppc, sp, pcode, subpcode;
3045 u32 alloc_len, len, n;
3046 unsigned char arr[SDEBUG_MAX_LSENSE_SZ];
3047 unsigned char *cmd = scp->cmnd;
3048
3049 memset(arr, 0, sizeof(arr));
3050 ppc = cmd[1] & 0x2;
3051 sp = cmd[1] & 0x1;
3052 if (ppc || sp) {
3053 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 1, ppc ? 1 : 0);
3054 return check_condition_result;
3055 }
3056 pcode = cmd[2] & 0x3f;
3057 subpcode = cmd[3] & 0xff;
3058 alloc_len = get_unaligned_be16(cmd + 7);
3059 arr[0] = pcode;
3060 if (0 == subpcode) {
3061 switch (pcode) {
3062 case 0x0: /* Supported log pages log page */
3063 n = 4;
3064 arr[n++] = 0x0; /* this page */
3065 arr[n++] = 0xd; /* Temperature */
3066 arr[n++] = 0x2f; /* Informational exceptions */
3067 arr[3] = n - 4;
3068 break;
3069 case 0xd: /* Temperature log page */
3070 arr[3] = resp_temp_l_pg(arr + 4);
3071 break;
3072 case 0x2f: /* Informational exceptions log page */
3073 arr[3] = resp_ie_l_pg(arr + 4);
3074 break;
3075 default:
3076 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 2, 5);
3077 return check_condition_result;
3078 }
3079 } else if (0xff == subpcode) {
3080 arr[0] |= 0x40;
3081 arr[1] = subpcode;
3082 switch (pcode) {
3083 case 0x0: /* Supported log pages and subpages log page */
3084 n = 4;
3085 arr[n++] = 0x0;
3086 arr[n++] = 0x0; /* 0,0 page */
3087 arr[n++] = 0x0;
3088 arr[n++] = 0xff; /* this page */
3089 arr[n++] = 0xd;
3090 arr[n++] = 0x0; /* Temperature */
3091 arr[n++] = 0xd;
3092 arr[n++] = 0x1; /* Environment reporting */
3093 arr[n++] = 0xd;
3094 arr[n++] = 0xff; /* all 0xd subpages */
3095 arr[n++] = 0x2f;
3096 arr[n++] = 0x0; /* Informational exceptions */
3097 arr[n++] = 0x2f;
3098 arr[n++] = 0xff; /* all 0x2f subpages */
3099 arr[3] = n - 4;
3100 break;
3101 case 0xd: /* Temperature subpages */
3102 n = 4;
3103 arr[n++] = 0xd;
3104 arr[n++] = 0x0; /* Temperature */
3105 arr[n++] = 0xd;
3106 arr[n++] = 0x1; /* Environment reporting */
3107 arr[n++] = 0xd;
3108 arr[n++] = 0xff; /* these subpages */
3109 arr[3] = n - 4;
3110 break;
3111 case 0x2f: /* Informational exceptions subpages */
3112 n = 4;
3113 arr[n++] = 0x2f;
3114 arr[n++] = 0x0; /* Informational exceptions */
3115 arr[n++] = 0x2f;
3116 arr[n++] = 0xff; /* these subpages */
3117 arr[3] = n - 4;
3118 break;
3119 default:
3120 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 2, 5);
3121 return check_condition_result;
3122 }
3123 } else if (subpcode > 0) {
3124 arr[0] |= 0x40;
3125 arr[1] = subpcode;
3126 if (pcode == 0xd && subpcode == 1)
3127 arr[3] = resp_env_rep_l_spg(arr + 4);
3128 else {
3129 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 2, 5);
3130 return check_condition_result;
3131 }
3132 } else {
3133 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 3, -1);
3134 return check_condition_result;
3135 }
3136 len = min_t(u32, get_unaligned_be16(arr + 2) + 4, alloc_len);
3137 return fill_from_dev_buffer(scp, arr,
3138 min_t(u32, len, SDEBUG_MAX_INQ_ARR_SZ));
3139}
3140
3141static inline bool sdebug_dev_is_zoned(struct sdebug_dev_info *devip)
3142{
3143 return devip->nr_zones != 0;
3144}
3145
3146static struct sdeb_zone_state *zbc_zone(struct sdebug_dev_info *devip,
3147 unsigned long long lba)
3148{
3149 u32 zno = lba >> devip->zsize_shift;
3150 struct sdeb_zone_state *zsp;
3151
3152 if (devip->zcap == devip->zsize || zno < devip->nr_conv_zones)
3153 return &devip->zstate[zno];
3154
3155 /*
3156 * If the zone capacity is less than the zone size, adjust for gap
3157 * zones.
3158 */
3159 zno = 2 * zno - devip->nr_conv_zones;
3160 WARN_ONCE(zno >= devip->nr_zones, "%u > %u\n", zno, devip->nr_zones);
3161 zsp = &devip->zstate[zno];
3162 if (lba >= zsp->z_start + zsp->z_size)
3163 zsp++;
3164 WARN_ON_ONCE(lba >= zsp->z_start + zsp->z_size);
3165 return zsp;
3166}
3167
3168static inline bool zbc_zone_is_conv(struct sdeb_zone_state *zsp)
3169{
3170 return zsp->z_type == ZBC_ZTYPE_CNV;
3171}
3172
3173static inline bool zbc_zone_is_gap(struct sdeb_zone_state *zsp)
3174{
3175 return zsp->z_type == ZBC_ZTYPE_GAP;
3176}
3177
3178static inline bool zbc_zone_is_seq(struct sdeb_zone_state *zsp)
3179{
3180 return !zbc_zone_is_conv(zsp) && !zbc_zone_is_gap(zsp);
3181}
3182
3183static void zbc_close_zone(struct sdebug_dev_info *devip,
3184 struct sdeb_zone_state *zsp)
3185{
3186 enum sdebug_z_cond zc;
3187
3188 if (!zbc_zone_is_seq(zsp))
3189 return;
3190
3191 zc = zsp->z_cond;
3192 if (!(zc == ZC2_IMPLICIT_OPEN || zc == ZC3_EXPLICIT_OPEN))
3193 return;
3194
3195 if (zc == ZC2_IMPLICIT_OPEN)
3196 devip->nr_imp_open--;
3197 else
3198 devip->nr_exp_open--;
3199
3200 if (zsp->z_wp == zsp->z_start) {
3201 zsp->z_cond = ZC1_EMPTY;
3202 } else {
3203 zsp->z_cond = ZC4_CLOSED;
3204 devip->nr_closed++;
3205 }
3206}
3207
3208static void zbc_close_imp_open_zone(struct sdebug_dev_info *devip)
3209{
3210 struct sdeb_zone_state *zsp = &devip->zstate[0];
3211 unsigned int i;
3212
3213 for (i = 0; i < devip->nr_zones; i++, zsp++) {
3214 if (zsp->z_cond == ZC2_IMPLICIT_OPEN) {
3215 zbc_close_zone(devip, zsp);
3216 return;
3217 }
3218 }
3219}
3220
3221static void zbc_open_zone(struct sdebug_dev_info *devip,
3222 struct sdeb_zone_state *zsp, bool explicit)
3223{
3224 enum sdebug_z_cond zc;
3225
3226 if (!zbc_zone_is_seq(zsp))
3227 return;
3228
3229 zc = zsp->z_cond;
3230 if ((explicit && zc == ZC3_EXPLICIT_OPEN) ||
3231 (!explicit && zc == ZC2_IMPLICIT_OPEN))
3232 return;
3233
3234 /* Close an implicit open zone if necessary */
3235 if (explicit && zsp->z_cond == ZC2_IMPLICIT_OPEN)
3236 zbc_close_zone(devip, zsp);
3237 else if (devip->max_open &&
3238 devip->nr_imp_open + devip->nr_exp_open >= devip->max_open)
3239 zbc_close_imp_open_zone(devip);
3240
3241 if (zsp->z_cond == ZC4_CLOSED)
3242 devip->nr_closed--;
3243 if (explicit) {
3244 zsp->z_cond = ZC3_EXPLICIT_OPEN;
3245 devip->nr_exp_open++;
3246 } else {
3247 zsp->z_cond = ZC2_IMPLICIT_OPEN;
3248 devip->nr_imp_open++;
3249 }
3250}
3251
3252static inline void zbc_set_zone_full(struct sdebug_dev_info *devip,
3253 struct sdeb_zone_state *zsp)
3254{
3255 switch (zsp->z_cond) {
3256 case ZC2_IMPLICIT_OPEN:
3257 devip->nr_imp_open--;
3258 break;
3259 case ZC3_EXPLICIT_OPEN:
3260 devip->nr_exp_open--;
3261 break;
3262 default:
3263 WARN_ONCE(true, "Invalid zone %llu condition %x\n",
3264 zsp->z_start, zsp->z_cond);
3265 break;
3266 }
3267 zsp->z_cond = ZC5_FULL;
3268}
3269
3270static void zbc_inc_wp(struct sdebug_dev_info *devip,
3271 unsigned long long lba, unsigned int num)
3272{
3273 struct sdeb_zone_state *zsp = zbc_zone(devip, lba);
3274 unsigned long long n, end, zend = zsp->z_start + zsp->z_size;
3275
3276 if (!zbc_zone_is_seq(zsp))
3277 return;
3278
3279 if (zsp->z_type == ZBC_ZTYPE_SWR) {
3280 zsp->z_wp += num;
3281 if (zsp->z_wp >= zend)
3282 zbc_set_zone_full(devip, zsp);
3283 return;
3284 }
3285
3286 while (num) {
3287 if (lba != zsp->z_wp)
3288 zsp->z_non_seq_resource = true;
3289
3290 end = lba + num;
3291 if (end >= zend) {
3292 n = zend - lba;
3293 zsp->z_wp = zend;
3294 } else if (end > zsp->z_wp) {
3295 n = num;
3296 zsp->z_wp = end;
3297 } else {
3298 n = num;
3299 }
3300 if (zsp->z_wp >= zend)
3301 zbc_set_zone_full(devip, zsp);
3302
3303 num -= n;
3304 lba += n;
3305 if (num) {
3306 zsp++;
3307 zend = zsp->z_start + zsp->z_size;
3308 }
3309 }
3310}
3311
3312static int check_zbc_access_params(struct scsi_cmnd *scp,
3313 unsigned long long lba, unsigned int num, bool write)
3314{
3315 struct scsi_device *sdp = scp->device;
3316 struct sdebug_dev_info *devip = (struct sdebug_dev_info *)sdp->hostdata;
3317 struct sdeb_zone_state *zsp = zbc_zone(devip, lba);
3318 struct sdeb_zone_state *zsp_end = zbc_zone(devip, lba + num - 1);
3319
3320 if (!write) {
3321 /* For host-managed, reads cannot cross zone types boundaries */
3322 if (zsp->z_type != zsp_end->z_type) {
3323 mk_sense_buffer(scp, ILLEGAL_REQUEST,
3324 LBA_OUT_OF_RANGE,
3325 READ_INVDATA_ASCQ);
3326 return check_condition_result;
3327 }
3328 return 0;
3329 }
3330
3331 /* Writing into a gap zone is not allowed */
3332 if (zbc_zone_is_gap(zsp)) {
3333 mk_sense_buffer(scp, ILLEGAL_REQUEST, LBA_OUT_OF_RANGE,
3334 ATTEMPT_ACCESS_GAP);
3335 return check_condition_result;
3336 }
3337
3338 /* No restrictions for writes within conventional zones */
3339 if (zbc_zone_is_conv(zsp)) {
3340 if (!zbc_zone_is_conv(zsp_end)) {
3341 mk_sense_buffer(scp, ILLEGAL_REQUEST,
3342 LBA_OUT_OF_RANGE,
3343 WRITE_BOUNDARY_ASCQ);
3344 return check_condition_result;
3345 }
3346 return 0;
3347 }
3348
3349 if (zsp->z_type == ZBC_ZTYPE_SWR) {
3350 /* Writes cannot cross sequential zone boundaries */
3351 if (zsp_end != zsp) {
3352 mk_sense_buffer(scp, ILLEGAL_REQUEST,
3353 LBA_OUT_OF_RANGE,
3354 WRITE_BOUNDARY_ASCQ);
3355 return check_condition_result;
3356 }
3357 /* Cannot write full zones */
3358 if (zsp->z_cond == ZC5_FULL) {
3359 mk_sense_buffer(scp, ILLEGAL_REQUEST,
3360 INVALID_FIELD_IN_CDB, 0);
3361 return check_condition_result;
3362 }
3363 /* Writes must be aligned to the zone WP */
3364 if (lba != zsp->z_wp) {
3365 mk_sense_buffer(scp, ILLEGAL_REQUEST,
3366 LBA_OUT_OF_RANGE,
3367 UNALIGNED_WRITE_ASCQ);
3368 return check_condition_result;
3369 }
3370 }
3371
3372 /* Handle implicit open of closed and empty zones */
3373 if (zsp->z_cond == ZC1_EMPTY || zsp->z_cond == ZC4_CLOSED) {
3374 if (devip->max_open &&
3375 devip->nr_exp_open >= devip->max_open) {
3376 mk_sense_buffer(scp, DATA_PROTECT,
3377 INSUFF_RES_ASC,
3378 INSUFF_ZONE_ASCQ);
3379 return check_condition_result;
3380 }
3381 zbc_open_zone(devip, zsp, false);
3382 }
3383
3384 return 0;
3385}
3386
3387static inline int check_device_access_params
3388 (struct scsi_cmnd *scp, unsigned long long lba,
3389 unsigned int num, bool write)
3390{
3391 struct scsi_device *sdp = scp->device;
3392 struct sdebug_dev_info *devip = (struct sdebug_dev_info *)sdp->hostdata;
3393
3394 if (lba + num > sdebug_capacity) {
3395 mk_sense_buffer(scp, ILLEGAL_REQUEST, LBA_OUT_OF_RANGE, 0);
3396 return check_condition_result;
3397 }
3398 /* transfer length excessive (tie in to block limits VPD page) */
3399 if (num > sdebug_store_sectors) {
3400 /* needs work to find which cdb byte 'num' comes from */
3401 mk_sense_buffer(scp, ILLEGAL_REQUEST, INVALID_FIELD_IN_CDB, 0);
3402 return check_condition_result;
3403 }
3404 if (write && unlikely(sdebug_wp)) {
3405 mk_sense_buffer(scp, DATA_PROTECT, WRITE_PROTECTED, 0x2);
3406 return check_condition_result;
3407 }
3408 if (sdebug_dev_is_zoned(devip))
3409 return check_zbc_access_params(scp, lba, num, write);
3410
3411 return 0;
3412}
3413
3414/*
3415 * Note: if BUG_ON() fires it usually indicates a problem with the parser
3416 * tables. Perhaps a missing F_FAKE_RW or FF_MEDIA_IO flag. Response functions
3417 * that access any of the "stores" in struct sdeb_store_info should call this
3418 * function with bug_if_fake_rw set to true.
3419 */
3420static inline struct sdeb_store_info *devip2sip(struct sdebug_dev_info *devip,
3421 bool bug_if_fake_rw)
3422{
3423 if (sdebug_fake_rw) {
3424 BUG_ON(bug_if_fake_rw); /* See note above */
3425 return NULL;
3426 }
3427 return xa_load(per_store_ap, devip->sdbg_host->si_idx);
3428}
3429
3430static inline void
3431sdeb_read_lock(rwlock_t *lock)
3432{
3433 if (sdebug_no_rwlock)
3434 __acquire(lock);
3435 else
3436 read_lock(lock);
3437}
3438
3439static inline void
3440sdeb_read_unlock(rwlock_t *lock)
3441{
3442 if (sdebug_no_rwlock)
3443 __release(lock);
3444 else
3445 read_unlock(lock);
3446}
3447
3448static inline void
3449sdeb_write_lock(rwlock_t *lock)
3450{
3451 if (sdebug_no_rwlock)
3452 __acquire(lock);
3453 else
3454 write_lock(lock);
3455}
3456
3457static inline void
3458sdeb_write_unlock(rwlock_t *lock)
3459{
3460 if (sdebug_no_rwlock)
3461 __release(lock);
3462 else
3463 write_unlock(lock);
3464}
3465
3466static inline void
3467sdeb_data_read_lock(struct sdeb_store_info *sip)
3468{
3469 BUG_ON(!sip);
3470
3471 sdeb_read_lock(&sip->macc_data_lck);
3472}
3473
3474static inline void
3475sdeb_data_read_unlock(struct sdeb_store_info *sip)
3476{
3477 BUG_ON(!sip);
3478
3479 sdeb_read_unlock(&sip->macc_data_lck);
3480}
3481
3482static inline void
3483sdeb_data_write_lock(struct sdeb_store_info *sip)
3484{
3485 BUG_ON(!sip);
3486
3487 sdeb_write_lock(&sip->macc_data_lck);
3488}
3489
3490static inline void
3491sdeb_data_write_unlock(struct sdeb_store_info *sip)
3492{
3493 BUG_ON(!sip);
3494
3495 sdeb_write_unlock(&sip->macc_data_lck);
3496}
3497
3498static inline void
3499sdeb_data_sector_read_lock(struct sdeb_store_info *sip)
3500{
3501 BUG_ON(!sip);
3502
3503 sdeb_read_lock(&sip->macc_sector_lck);
3504}
3505
3506static inline void
3507sdeb_data_sector_read_unlock(struct sdeb_store_info *sip)
3508{
3509 BUG_ON(!sip);
3510
3511 sdeb_read_unlock(&sip->macc_sector_lck);
3512}
3513
3514static inline void
3515sdeb_data_sector_write_lock(struct sdeb_store_info *sip)
3516{
3517 BUG_ON(!sip);
3518
3519 sdeb_write_lock(&sip->macc_sector_lck);
3520}
3521
3522static inline void
3523sdeb_data_sector_write_unlock(struct sdeb_store_info *sip)
3524{
3525 BUG_ON(!sip);
3526
3527 sdeb_write_unlock(&sip->macc_sector_lck);
3528}
3529
3530/*
3531 * Atomic locking:
3532 * We simplify the atomic model to allow only 1x atomic write and many non-
3533 * atomic reads or writes for all LBAs.
3534
3535 * A RW lock has a similar bahaviour:
3536 * Only 1x writer and many readers.
3537
3538 * So use a RW lock for per-device read and write locking:
3539 * An atomic access grabs the lock as a writer and non-atomic grabs the lock
3540 * as a reader.
3541 */
3542
3543static inline void
3544sdeb_data_lock(struct sdeb_store_info *sip, bool atomic)
3545{
3546 if (atomic)
3547 sdeb_data_write_lock(sip);
3548 else
3549 sdeb_data_read_lock(sip);
3550}
3551
3552static inline void
3553sdeb_data_unlock(struct sdeb_store_info *sip, bool atomic)
3554{
3555 if (atomic)
3556 sdeb_data_write_unlock(sip);
3557 else
3558 sdeb_data_read_unlock(sip);
3559}
3560
3561/* Allow many reads but only 1x write per sector */
3562static inline void
3563sdeb_data_sector_lock(struct sdeb_store_info *sip, bool do_write)
3564{
3565 if (do_write)
3566 sdeb_data_sector_write_lock(sip);
3567 else
3568 sdeb_data_sector_read_lock(sip);
3569}
3570
3571static inline void
3572sdeb_data_sector_unlock(struct sdeb_store_info *sip, bool do_write)
3573{
3574 if (do_write)
3575 sdeb_data_sector_write_unlock(sip);
3576 else
3577 sdeb_data_sector_read_unlock(sip);
3578}
3579
3580static inline void
3581sdeb_meta_read_lock(struct sdeb_store_info *sip)
3582{
3583 if (sdebug_no_rwlock) {
3584 if (sip)
3585 __acquire(&sip->macc_meta_lck);
3586 else
3587 __acquire(&sdeb_fake_rw_lck);
3588 } else {
3589 if (sip)
3590 read_lock(&sip->macc_meta_lck);
3591 else
3592 read_lock(&sdeb_fake_rw_lck);
3593 }
3594}
3595
3596static inline void
3597sdeb_meta_read_unlock(struct sdeb_store_info *sip)
3598{
3599 if (sdebug_no_rwlock) {
3600 if (sip)
3601 __release(&sip->macc_meta_lck);
3602 else
3603 __release(&sdeb_fake_rw_lck);
3604 } else {
3605 if (sip)
3606 read_unlock(&sip->macc_meta_lck);
3607 else
3608 read_unlock(&sdeb_fake_rw_lck);
3609 }
3610}
3611
3612static inline void
3613sdeb_meta_write_lock(struct sdeb_store_info *sip)
3614{
3615 if (sdebug_no_rwlock) {
3616 if (sip)
3617 __acquire(&sip->macc_meta_lck);
3618 else
3619 __acquire(&sdeb_fake_rw_lck);
3620 } else {
3621 if (sip)
3622 write_lock(&sip->macc_meta_lck);
3623 else
3624 write_lock(&sdeb_fake_rw_lck);
3625 }
3626}
3627
3628static inline void
3629sdeb_meta_write_unlock(struct sdeb_store_info *sip)
3630{
3631 if (sdebug_no_rwlock) {
3632 if (sip)
3633 __release(&sip->macc_meta_lck);
3634 else
3635 __release(&sdeb_fake_rw_lck);
3636 } else {
3637 if (sip)
3638 write_unlock(&sip->macc_meta_lck);
3639 else
3640 write_unlock(&sdeb_fake_rw_lck);
3641 }
3642}
3643
3644/* Returns number of bytes copied or -1 if error. */
3645static int do_device_access(struct sdeb_store_info *sip, struct scsi_cmnd *scp,
3646 u32 sg_skip, u64 lba, u32 num, u8 group_number,
3647 bool do_write, bool atomic)
3648{
3649 int ret;
3650 u64 block;
3651 enum dma_data_direction dir;
3652 struct scsi_data_buffer *sdb = &scp->sdb;
3653 u8 *fsp;
3654 int i;
3655
3656 /*
3657 * Even though reads are inherently atomic (in this driver), we expect
3658 * the atomic flag only for writes.
3659 */
3660 if (!do_write && atomic)
3661 return -1;
3662
3663 if (do_write) {
3664 dir = DMA_TO_DEVICE;
3665 write_since_sync = true;
3666 } else {
3667 dir = DMA_FROM_DEVICE;
3668 }
3669
3670 if (!sdb->length || !sip)
3671 return 0;
3672 if (scp->sc_data_direction != dir)
3673 return -1;
3674
3675 if (do_write && group_number < ARRAY_SIZE(writes_by_group_number))
3676 atomic_long_inc(&writes_by_group_number[group_number]);
3677
3678 fsp = sip->storep;
3679
3680 block = do_div(lba, sdebug_store_sectors);
3681
3682 /* Only allow 1x atomic write or multiple non-atomic writes at any given time */
3683 sdeb_data_lock(sip, atomic);
3684 for (i = 0; i < num; i++) {
3685 /* We shouldn't need to lock for atomic writes, but do it anyway */
3686 sdeb_data_sector_lock(sip, do_write);
3687 ret = sg_copy_buffer(sdb->table.sgl, sdb->table.nents,
3688 fsp + (block * sdebug_sector_size),
3689 sdebug_sector_size, sg_skip, do_write);
3690 sdeb_data_sector_unlock(sip, do_write);
3691 if (ret != sdebug_sector_size) {
3692 ret += (i * sdebug_sector_size);
3693 break;
3694 }
3695 sg_skip += sdebug_sector_size;
3696 if (++block >= sdebug_store_sectors)
3697 block = 0;
3698 }
3699 ret = num * sdebug_sector_size;
3700 sdeb_data_unlock(sip, atomic);
3701
3702 return ret;
3703}
3704
3705/* Returns number of bytes copied or -1 if error. */
3706static int do_dout_fetch(struct scsi_cmnd *scp, u32 num, u8 *doutp)
3707{
3708 struct scsi_data_buffer *sdb = &scp->sdb;
3709
3710 if (!sdb->length)
3711 return 0;
3712 if (scp->sc_data_direction != DMA_TO_DEVICE)
3713 return -1;
3714 return sg_copy_buffer(sdb->table.sgl, sdb->table.nents, doutp,
3715 num * sdebug_sector_size, 0, true);
3716}
3717
3718/* If sip->storep+lba compares equal to arr(num), then copy top half of
3719 * arr into sip->storep+lba and return true. If comparison fails then
3720 * return false. */
3721static bool comp_write_worker(struct sdeb_store_info *sip, u64 lba, u32 num,
3722 const u8 *arr, bool compare_only)
3723{
3724 bool res;
3725 u64 block, rest = 0;
3726 u32 store_blks = sdebug_store_sectors;
3727 u32 lb_size = sdebug_sector_size;
3728 u8 *fsp = sip->storep;
3729
3730 block = do_div(lba, store_blks);
3731 if (block + num > store_blks)
3732 rest = block + num - store_blks;
3733
3734 res = !memcmp(fsp + (block * lb_size), arr, (num - rest) * lb_size);
3735 if (!res)
3736 return res;
3737 if (rest)
3738 res = memcmp(fsp, arr + ((num - rest) * lb_size),
3739 rest * lb_size);
3740 if (!res)
3741 return res;
3742 if (compare_only)
3743 return true;
3744 arr += num * lb_size;
3745 memcpy(fsp + (block * lb_size), arr, (num - rest) * lb_size);
3746 if (rest)
3747 memcpy(fsp, arr + ((num - rest) * lb_size), rest * lb_size);
3748 return res;
3749}
3750
3751static __be16 dif_compute_csum(const void *buf, int len)
3752{
3753 __be16 csum;
3754
3755 if (sdebug_guard)
3756 csum = (__force __be16)ip_compute_csum(buf, len);
3757 else
3758 csum = cpu_to_be16(crc_t10dif(buf, len));
3759
3760 return csum;
3761}
3762
3763static int dif_verify(struct t10_pi_tuple *sdt, const void *data,
3764 sector_t sector, u32 ei_lba)
3765{
3766 __be16 csum = dif_compute_csum(data, sdebug_sector_size);
3767
3768 if (sdt->guard_tag != csum) {
3769 pr_err("GUARD check failed on sector %lu rcvd 0x%04x, data 0x%04x\n",
3770 (unsigned long)sector,
3771 be16_to_cpu(sdt->guard_tag),
3772 be16_to_cpu(csum));
3773 return 0x01;
3774 }
3775 if (sdebug_dif == T10_PI_TYPE1_PROTECTION &&
3776 be32_to_cpu(sdt->ref_tag) != (sector & 0xffffffff)) {
3777 pr_err("REF check failed on sector %lu\n",
3778 (unsigned long)sector);
3779 return 0x03;
3780 }
3781 if (sdebug_dif == T10_PI_TYPE2_PROTECTION &&
3782 be32_to_cpu(sdt->ref_tag) != ei_lba) {
3783 pr_err("REF check failed on sector %lu\n",
3784 (unsigned long)sector);
3785 return 0x03;
3786 }
3787 return 0;
3788}
3789
3790static void dif_copy_prot(struct scsi_cmnd *scp, sector_t sector,
3791 unsigned int sectors, bool read)
3792{
3793 size_t resid;
3794 void *paddr;
3795 struct sdeb_store_info *sip = devip2sip((struct sdebug_dev_info *)
3796 scp->device->hostdata, true);
3797 struct t10_pi_tuple *dif_storep = sip->dif_storep;
3798 const void *dif_store_end = dif_storep + sdebug_store_sectors;
3799 struct sg_mapping_iter miter;
3800
3801 /* Bytes of protection data to copy into sgl */
3802 resid = sectors * sizeof(*dif_storep);
3803
3804 sg_miter_start(&miter, scsi_prot_sglist(scp),
3805 scsi_prot_sg_count(scp), SG_MITER_ATOMIC |
3806 (read ? SG_MITER_TO_SG : SG_MITER_FROM_SG));
3807
3808 while (sg_miter_next(&miter) && resid > 0) {
3809 size_t len = min_t(size_t, miter.length, resid);
3810 void *start = dif_store(sip, sector);
3811 size_t rest = 0;
3812
3813 if (dif_store_end < start + len)
3814 rest = start + len - dif_store_end;
3815
3816 paddr = miter.addr;
3817
3818 if (read)
3819 memcpy(paddr, start, len - rest);
3820 else
3821 memcpy(start, paddr, len - rest);
3822
3823 if (rest) {
3824 if (read)
3825 memcpy(paddr + len - rest, dif_storep, rest);
3826 else
3827 memcpy(dif_storep, paddr + len - rest, rest);
3828 }
3829
3830 sector += len / sizeof(*dif_storep);
3831 resid -= len;
3832 }
3833 sg_miter_stop(&miter);
3834}
3835
3836static int prot_verify_read(struct scsi_cmnd *scp, sector_t start_sec,
3837 unsigned int sectors, u32 ei_lba)
3838{
3839 int ret = 0;
3840 unsigned int i;
3841 sector_t sector;
3842 struct sdeb_store_info *sip = devip2sip((struct sdebug_dev_info *)
3843 scp->device->hostdata, true);
3844 struct t10_pi_tuple *sdt;
3845
3846 for (i = 0; i < sectors; i++, ei_lba++) {
3847 sector = start_sec + i;
3848 sdt = dif_store(sip, sector);
3849
3850 if (sdt->app_tag == cpu_to_be16(0xffff))
3851 continue;
3852
3853 /*
3854 * Because scsi_debug acts as both initiator and
3855 * target we proceed to verify the PI even if
3856 * RDPROTECT=3. This is done so the "initiator" knows
3857 * which type of error to return. Otherwise we would
3858 * have to iterate over the PI twice.
3859 */
3860 if (scp->cmnd[1] >> 5) { /* RDPROTECT */
3861 ret = dif_verify(sdt, lba2fake_store(sip, sector),
3862 sector, ei_lba);
3863 if (ret) {
3864 dif_errors++;
3865 break;
3866 }
3867 }
3868 }
3869
3870 dif_copy_prot(scp, start_sec, sectors, true);
3871 dix_reads++;
3872
3873 return ret;
3874}
3875
3876static int resp_read_dt0(struct scsi_cmnd *scp, struct sdebug_dev_info *devip)
3877{
3878 bool check_prot;
3879 u32 num;
3880 u32 ei_lba;
3881 int ret;
3882 u64 lba;
3883 struct sdeb_store_info *sip = devip2sip(devip, true);
3884 u8 *cmd = scp->cmnd;
3885 bool meta_data_locked = false;
3886
3887 switch (cmd[0]) {
3888 case READ_16:
3889 ei_lba = 0;
3890 lba = get_unaligned_be64(cmd + 2);
3891 num = get_unaligned_be32(cmd + 10);
3892 check_prot = true;
3893 break;
3894 case READ_10:
3895 ei_lba = 0;
3896 lba = get_unaligned_be32(cmd + 2);
3897 num = get_unaligned_be16(cmd + 7);
3898 check_prot = true;
3899 break;
3900 case READ_6:
3901 ei_lba = 0;
3902 lba = (u32)cmd[3] | (u32)cmd[2] << 8 |
3903 (u32)(cmd[1] & 0x1f) << 16;
3904 num = (0 == cmd[4]) ? 256 : cmd[4];
3905 check_prot = true;
3906 break;
3907 case READ_12:
3908 ei_lba = 0;
3909 lba = get_unaligned_be32(cmd + 2);
3910 num = get_unaligned_be32(cmd + 6);
3911 check_prot = true;
3912 break;
3913 case XDWRITEREAD_10:
3914 ei_lba = 0;
3915 lba = get_unaligned_be32(cmd + 2);
3916 num = get_unaligned_be16(cmd + 7);
3917 check_prot = false;
3918 break;
3919 default: /* assume READ(32) */
3920 lba = get_unaligned_be64(cmd + 12);
3921 ei_lba = get_unaligned_be32(cmd + 20);
3922 num = get_unaligned_be32(cmd + 28);
3923 check_prot = false;
3924 break;
3925 }
3926 if (unlikely(have_dif_prot && check_prot)) {
3927 if (sdebug_dif == T10_PI_TYPE2_PROTECTION &&
3928 (cmd[1] & 0xe0)) {
3929 mk_sense_invalid_opcode(scp);
3930 return check_condition_result;
3931 }
3932 if ((sdebug_dif == T10_PI_TYPE1_PROTECTION ||
3933 sdebug_dif == T10_PI_TYPE3_PROTECTION) &&
3934 (cmd[1] & 0xe0) == 0)
3935 sdev_printk(KERN_ERR, scp->device, "Unprotected RD "
3936 "to DIF device\n");
3937 }
3938 if (unlikely((sdebug_opts & SDEBUG_OPT_SHORT_TRANSFER) &&
3939 atomic_read(&sdeb_inject_pending))) {
3940 num /= 2;
3941 atomic_set(&sdeb_inject_pending, 0);
3942 }
3943
3944 /*
3945 * When checking device access params, for reads we only check data
3946 * versus what is set at init time, so no need to lock.
3947 */
3948 ret = check_device_access_params(scp, lba, num, false);
3949 if (ret)
3950 return ret;
3951 if (unlikely((SDEBUG_OPT_MEDIUM_ERR & sdebug_opts) &&
3952 (lba <= (sdebug_medium_error_start + sdebug_medium_error_count - 1)) &&
3953 ((lba + num) > sdebug_medium_error_start))) {
3954 /* claim unrecoverable read error */
3955 mk_sense_buffer(scp, MEDIUM_ERROR, UNRECOVERED_READ_ERR, 0);
3956 /* set info field and valid bit for fixed descriptor */
3957 if (0x70 == (scp->sense_buffer[0] & 0x7f)) {
3958 scp->sense_buffer[0] |= 0x80; /* Valid bit */
3959 ret = (lba < OPT_MEDIUM_ERR_ADDR)
3960 ? OPT_MEDIUM_ERR_ADDR : (int)lba;
3961 put_unaligned_be32(ret, scp->sense_buffer + 3);
3962 }
3963 scsi_set_resid(scp, scsi_bufflen(scp));
3964 return check_condition_result;
3965 }
3966
3967 if (sdebug_dev_is_zoned(devip) ||
3968 (sdebug_dix && scsi_prot_sg_count(scp))) {
3969 sdeb_meta_read_lock(sip);
3970 meta_data_locked = true;
3971 }
3972
3973 /* DIX + T10 DIF */
3974 if (unlikely(sdebug_dix && scsi_prot_sg_count(scp))) {
3975 switch (prot_verify_read(scp, lba, num, ei_lba)) {
3976 case 1: /* Guard tag error */
3977 if (cmd[1] >> 5 != 3) { /* RDPROTECT != 3 */
3978 sdeb_meta_read_unlock(sip);
3979 mk_sense_buffer(scp, ABORTED_COMMAND, 0x10, 1);
3980 return check_condition_result;
3981 } else if (scp->prot_flags & SCSI_PROT_GUARD_CHECK) {
3982 sdeb_meta_read_unlock(sip);
3983 mk_sense_buffer(scp, ILLEGAL_REQUEST, 0x10, 1);
3984 return illegal_condition_result;
3985 }
3986 break;
3987 case 3: /* Reference tag error */
3988 if (cmd[1] >> 5 != 3) { /* RDPROTECT != 3 */
3989 sdeb_meta_read_unlock(sip);
3990 mk_sense_buffer(scp, ABORTED_COMMAND, 0x10, 3);
3991 return check_condition_result;
3992 } else if (scp->prot_flags & SCSI_PROT_REF_CHECK) {
3993 sdeb_meta_read_unlock(sip);
3994 mk_sense_buffer(scp, ILLEGAL_REQUEST, 0x10, 3);
3995 return illegal_condition_result;
3996 }
3997 break;
3998 }
3999 }
4000
4001 ret = do_device_access(sip, scp, 0, lba, num, 0, false, false);
4002 if (meta_data_locked)
4003 sdeb_meta_read_unlock(sip);
4004 if (unlikely(ret == -1))
4005 return DID_ERROR << 16;
4006
4007 scsi_set_resid(scp, scsi_bufflen(scp) - ret);
4008
4009 if (unlikely((sdebug_opts & SDEBUG_OPT_RECOV_DIF_DIX) &&
4010 atomic_read(&sdeb_inject_pending))) {
4011 if (sdebug_opts & SDEBUG_OPT_RECOVERED_ERR) {
4012 mk_sense_buffer(scp, RECOVERED_ERROR, THRESHOLD_EXCEEDED, 0);
4013 atomic_set(&sdeb_inject_pending, 0);
4014 return check_condition_result;
4015 } else if (sdebug_opts & SDEBUG_OPT_DIF_ERR) {
4016 /* Logical block guard check failed */
4017 mk_sense_buffer(scp, ABORTED_COMMAND, 0x10, 1);
4018 atomic_set(&sdeb_inject_pending, 0);
4019 return illegal_condition_result;
4020 } else if (SDEBUG_OPT_DIX_ERR & sdebug_opts) {
4021 mk_sense_buffer(scp, ILLEGAL_REQUEST, 0x10, 1);
4022 atomic_set(&sdeb_inject_pending, 0);
4023 return illegal_condition_result;
4024 }
4025 }
4026 return 0;
4027}
4028
4029static int prot_verify_write(struct scsi_cmnd *SCpnt, sector_t start_sec,
4030 unsigned int sectors, u32 ei_lba)
4031{
4032 int ret;
4033 struct t10_pi_tuple *sdt;
4034 void *daddr;
4035 sector_t sector = start_sec;
4036 int ppage_offset;
4037 int dpage_offset;
4038 struct sg_mapping_iter diter;
4039 struct sg_mapping_iter piter;
4040
4041 BUG_ON(scsi_sg_count(SCpnt) == 0);
4042 BUG_ON(scsi_prot_sg_count(SCpnt) == 0);
4043
4044 sg_miter_start(&piter, scsi_prot_sglist(SCpnt),
4045 scsi_prot_sg_count(SCpnt),
4046 SG_MITER_ATOMIC | SG_MITER_FROM_SG);
4047 sg_miter_start(&diter, scsi_sglist(SCpnt), scsi_sg_count(SCpnt),
4048 SG_MITER_ATOMIC | SG_MITER_FROM_SG);
4049
4050 /* For each protection page */
4051 while (sg_miter_next(&piter)) {
4052 dpage_offset = 0;
4053 if (WARN_ON(!sg_miter_next(&diter))) {
4054 ret = 0x01;
4055 goto out;
4056 }
4057
4058 for (ppage_offset = 0; ppage_offset < piter.length;
4059 ppage_offset += sizeof(struct t10_pi_tuple)) {
4060 /* If we're at the end of the current
4061 * data page advance to the next one
4062 */
4063 if (dpage_offset >= diter.length) {
4064 if (WARN_ON(!sg_miter_next(&diter))) {
4065 ret = 0x01;
4066 goto out;
4067 }
4068 dpage_offset = 0;
4069 }
4070
4071 sdt = piter.addr + ppage_offset;
4072 daddr = diter.addr + dpage_offset;
4073
4074 if (SCpnt->cmnd[1] >> 5 != 3) { /* WRPROTECT */
4075 ret = dif_verify(sdt, daddr, sector, ei_lba);
4076 if (ret)
4077 goto out;
4078 }
4079
4080 sector++;
4081 ei_lba++;
4082 dpage_offset += sdebug_sector_size;
4083 }
4084 diter.consumed = dpage_offset;
4085 sg_miter_stop(&diter);
4086 }
4087 sg_miter_stop(&piter);
4088
4089 dif_copy_prot(SCpnt, start_sec, sectors, false);
4090 dix_writes++;
4091
4092 return 0;
4093
4094out:
4095 dif_errors++;
4096 sg_miter_stop(&diter);
4097 sg_miter_stop(&piter);
4098 return ret;
4099}
4100
4101static unsigned long lba_to_map_index(sector_t lba)
4102{
4103 if (sdebug_unmap_alignment)
4104 lba += sdebug_unmap_granularity - sdebug_unmap_alignment;
4105 sector_div(lba, sdebug_unmap_granularity);
4106 return lba;
4107}
4108
4109static sector_t map_index_to_lba(unsigned long index)
4110{
4111 sector_t lba = index * sdebug_unmap_granularity;
4112
4113 if (sdebug_unmap_alignment)
4114 lba -= sdebug_unmap_granularity - sdebug_unmap_alignment;
4115 return lba;
4116}
4117
4118static unsigned int map_state(struct sdeb_store_info *sip, sector_t lba,
4119 unsigned int *num)
4120{
4121 sector_t end;
4122 unsigned int mapped;
4123 unsigned long index;
4124 unsigned long next;
4125
4126 index = lba_to_map_index(lba);
4127 mapped = test_bit(index, sip->map_storep);
4128
4129 if (mapped)
4130 next = find_next_zero_bit(sip->map_storep, map_size, index);
4131 else
4132 next = find_next_bit(sip->map_storep, map_size, index);
4133
4134 end = min_t(sector_t, sdebug_store_sectors, map_index_to_lba(next));
4135 *num = end - lba;
4136 return mapped;
4137}
4138
4139static void map_region(struct sdeb_store_info *sip, sector_t lba,
4140 unsigned int len)
4141{
4142 sector_t end = lba + len;
4143
4144 while (lba < end) {
4145 unsigned long index = lba_to_map_index(lba);
4146
4147 if (index < map_size)
4148 set_bit(index, sip->map_storep);
4149
4150 lba = map_index_to_lba(index + 1);
4151 }
4152}
4153
4154static void unmap_region(struct sdeb_store_info *sip, sector_t lba,
4155 unsigned int len)
4156{
4157 sector_t end = lba + len;
4158 u8 *fsp = sip->storep;
4159
4160 while (lba < end) {
4161 unsigned long index = lba_to_map_index(lba);
4162
4163 if (lba == map_index_to_lba(index) &&
4164 lba + sdebug_unmap_granularity <= end &&
4165 index < map_size) {
4166 clear_bit(index, sip->map_storep);
4167 if (sdebug_lbprz) { /* for LBPRZ=2 return 0xff_s */
4168 memset(fsp + lba * sdebug_sector_size,
4169 (sdebug_lbprz & 1) ? 0 : 0xff,
4170 sdebug_sector_size *
4171 sdebug_unmap_granularity);
4172 }
4173 if (sip->dif_storep) {
4174 memset(sip->dif_storep + lba, 0xff,
4175 sizeof(*sip->dif_storep) *
4176 sdebug_unmap_granularity);
4177 }
4178 }
4179 lba = map_index_to_lba(index + 1);
4180 }
4181}
4182
4183static int resp_write_dt0(struct scsi_cmnd *scp, struct sdebug_dev_info *devip)
4184{
4185 bool check_prot;
4186 u32 num;
4187 u8 group = 0;
4188 u32 ei_lba;
4189 int ret;
4190 u64 lba;
4191 struct sdeb_store_info *sip = devip2sip(devip, true);
4192 u8 *cmd = scp->cmnd;
4193 bool meta_data_locked = false;
4194
4195 switch (cmd[0]) {
4196 case WRITE_16:
4197 ei_lba = 0;
4198 lba = get_unaligned_be64(cmd + 2);
4199 num = get_unaligned_be32(cmd + 10);
4200 group = cmd[14] & 0x3f;
4201 check_prot = true;
4202 break;
4203 case WRITE_10:
4204 ei_lba = 0;
4205 lba = get_unaligned_be32(cmd + 2);
4206 group = cmd[6] & 0x3f;
4207 num = get_unaligned_be16(cmd + 7);
4208 check_prot = true;
4209 break;
4210 case WRITE_6:
4211 ei_lba = 0;
4212 lba = (u32)cmd[3] | (u32)cmd[2] << 8 |
4213 (u32)(cmd[1] & 0x1f) << 16;
4214 num = (0 == cmd[4]) ? 256 : cmd[4];
4215 check_prot = true;
4216 break;
4217 case WRITE_12:
4218 ei_lba = 0;
4219 lba = get_unaligned_be32(cmd + 2);
4220 num = get_unaligned_be32(cmd + 6);
4221 group = cmd[6] & 0x3f;
4222 check_prot = true;
4223 break;
4224 case 0x53: /* XDWRITEREAD(10) */
4225 ei_lba = 0;
4226 lba = get_unaligned_be32(cmd + 2);
4227 group = cmd[6] & 0x1f;
4228 num = get_unaligned_be16(cmd + 7);
4229 check_prot = false;
4230 break;
4231 default: /* assume WRITE(32) */
4232 group = cmd[6] & 0x3f;
4233 lba = get_unaligned_be64(cmd + 12);
4234 ei_lba = get_unaligned_be32(cmd + 20);
4235 num = get_unaligned_be32(cmd + 28);
4236 check_prot = false;
4237 break;
4238 }
4239 if (unlikely(have_dif_prot && check_prot)) {
4240 if (sdebug_dif == T10_PI_TYPE2_PROTECTION &&
4241 (cmd[1] & 0xe0)) {
4242 mk_sense_invalid_opcode(scp);
4243 return check_condition_result;
4244 }
4245 if ((sdebug_dif == T10_PI_TYPE1_PROTECTION ||
4246 sdebug_dif == T10_PI_TYPE3_PROTECTION) &&
4247 (cmd[1] & 0xe0) == 0)
4248 sdev_printk(KERN_ERR, scp->device, "Unprotected WR "
4249 "to DIF device\n");
4250 }
4251
4252 if (sdebug_dev_is_zoned(devip) ||
4253 (sdebug_dix && scsi_prot_sg_count(scp)) ||
4254 scsi_debug_lbp()) {
4255 sdeb_meta_write_lock(sip);
4256 meta_data_locked = true;
4257 }
4258
4259 ret = check_device_access_params(scp, lba, num, true);
4260 if (ret) {
4261 if (meta_data_locked)
4262 sdeb_meta_write_unlock(sip);
4263 return ret;
4264 }
4265
4266 /* DIX + T10 DIF */
4267 if (unlikely(sdebug_dix && scsi_prot_sg_count(scp))) {
4268 switch (prot_verify_write(scp, lba, num, ei_lba)) {
4269 case 1: /* Guard tag error */
4270 if (scp->prot_flags & SCSI_PROT_GUARD_CHECK) {
4271 sdeb_meta_write_unlock(sip);
4272 mk_sense_buffer(scp, ILLEGAL_REQUEST, 0x10, 1);
4273 return illegal_condition_result;
4274 } else if (scp->cmnd[1] >> 5 != 3) { /* WRPROTECT != 3 */
4275 sdeb_meta_write_unlock(sip);
4276 mk_sense_buffer(scp, ABORTED_COMMAND, 0x10, 1);
4277 return check_condition_result;
4278 }
4279 break;
4280 case 3: /* Reference tag error */
4281 if (scp->prot_flags & SCSI_PROT_REF_CHECK) {
4282 sdeb_meta_write_unlock(sip);
4283 mk_sense_buffer(scp, ILLEGAL_REQUEST, 0x10, 3);
4284 return illegal_condition_result;
4285 } else if (scp->cmnd[1] >> 5 != 3) { /* WRPROTECT != 3 */
4286 sdeb_meta_write_unlock(sip);
4287 mk_sense_buffer(scp, ABORTED_COMMAND, 0x10, 3);
4288 return check_condition_result;
4289 }
4290 break;
4291 }
4292 }
4293
4294 ret = do_device_access(sip, scp, 0, lba, num, group, true, false);
4295 if (unlikely(scsi_debug_lbp()))
4296 map_region(sip, lba, num);
4297
4298 /* If ZBC zone then bump its write pointer */
4299 if (sdebug_dev_is_zoned(devip))
4300 zbc_inc_wp(devip, lba, num);
4301 if (meta_data_locked)
4302 sdeb_meta_write_unlock(sip);
4303
4304 if (unlikely(-1 == ret))
4305 return DID_ERROR << 16;
4306 else if (unlikely(sdebug_verbose &&
4307 (ret < (num * sdebug_sector_size))))
4308 sdev_printk(KERN_INFO, scp->device,
4309 "%s: write: cdb indicated=%u, IO sent=%d bytes\n",
4310 my_name, num * sdebug_sector_size, ret);
4311
4312 if (unlikely((sdebug_opts & SDEBUG_OPT_RECOV_DIF_DIX) &&
4313 atomic_read(&sdeb_inject_pending))) {
4314 if (sdebug_opts & SDEBUG_OPT_RECOVERED_ERR) {
4315 mk_sense_buffer(scp, RECOVERED_ERROR, THRESHOLD_EXCEEDED, 0);
4316 atomic_set(&sdeb_inject_pending, 0);
4317 return check_condition_result;
4318 } else if (sdebug_opts & SDEBUG_OPT_DIF_ERR) {
4319 /* Logical block guard check failed */
4320 mk_sense_buffer(scp, ABORTED_COMMAND, 0x10, 1);
4321 atomic_set(&sdeb_inject_pending, 0);
4322 return illegal_condition_result;
4323 } else if (sdebug_opts & SDEBUG_OPT_DIX_ERR) {
4324 mk_sense_buffer(scp, ILLEGAL_REQUEST, 0x10, 1);
4325 atomic_set(&sdeb_inject_pending, 0);
4326 return illegal_condition_result;
4327 }
4328 }
4329 return 0;
4330}
4331
4332/*
4333 * T10 has only specified WRITE SCATTERED(16) and WRITE SCATTERED(32).
4334 * No READ GATHERED yet (requires bidi or long cdb holding gather list).
4335 */
4336static int resp_write_scat(struct scsi_cmnd *scp,
4337 struct sdebug_dev_info *devip)
4338{
4339 u8 *cmd = scp->cmnd;
4340 u8 *lrdp = NULL;
4341 u8 *up;
4342 struct sdeb_store_info *sip = devip2sip(devip, true);
4343 u8 wrprotect;
4344 u16 lbdof, num_lrd, k;
4345 u32 num, num_by, bt_len, lbdof_blen, sg_off, cum_lb;
4346 u32 lb_size = sdebug_sector_size;
4347 u32 ei_lba;
4348 u64 lba;
4349 u8 group;
4350 int ret, res;
4351 bool is_16;
4352 static const u32 lrd_size = 32; /* + parameter list header size */
4353
4354 if (cmd[0] == VARIABLE_LENGTH_CMD) {
4355 is_16 = false;
4356 group = cmd[6] & 0x3f;
4357 wrprotect = (cmd[10] >> 5) & 0x7;
4358 lbdof = get_unaligned_be16(cmd + 12);
4359 num_lrd = get_unaligned_be16(cmd + 16);
4360 bt_len = get_unaligned_be32(cmd + 28);
4361 } else { /* that leaves WRITE SCATTERED(16) */
4362 is_16 = true;
4363 wrprotect = (cmd[2] >> 5) & 0x7;
4364 lbdof = get_unaligned_be16(cmd + 4);
4365 num_lrd = get_unaligned_be16(cmd + 8);
4366 bt_len = get_unaligned_be32(cmd + 10);
4367 group = cmd[14] & 0x3f;
4368 if (unlikely(have_dif_prot)) {
4369 if (sdebug_dif == T10_PI_TYPE2_PROTECTION &&
4370 wrprotect) {
4371 mk_sense_invalid_opcode(scp);
4372 return illegal_condition_result;
4373 }
4374 if ((sdebug_dif == T10_PI_TYPE1_PROTECTION ||
4375 sdebug_dif == T10_PI_TYPE3_PROTECTION) &&
4376 wrprotect == 0)
4377 sdev_printk(KERN_ERR, scp->device,
4378 "Unprotected WR to DIF device\n");
4379 }
4380 }
4381 if ((num_lrd == 0) || (bt_len == 0))
4382 return 0; /* T10 says these do-nothings are not errors */
4383 if (lbdof == 0) {
4384 if (sdebug_verbose)
4385 sdev_printk(KERN_INFO, scp->device,
4386 "%s: %s: LB Data Offset field bad\n",
4387 my_name, __func__);
4388 mk_sense_buffer(scp, ILLEGAL_REQUEST, INVALID_FIELD_IN_CDB, 0);
4389 return illegal_condition_result;
4390 }
4391 lbdof_blen = lbdof * lb_size;
4392 if ((lrd_size + (num_lrd * lrd_size)) > lbdof_blen) {
4393 if (sdebug_verbose)
4394 sdev_printk(KERN_INFO, scp->device,
4395 "%s: %s: LBA range descriptors don't fit\n",
4396 my_name, __func__);
4397 mk_sense_buffer(scp, ILLEGAL_REQUEST, INVALID_FIELD_IN_CDB, 0);
4398 return illegal_condition_result;
4399 }
4400 lrdp = kzalloc(lbdof_blen, GFP_ATOMIC | __GFP_NOWARN);
4401 if (lrdp == NULL)
4402 return SCSI_MLQUEUE_HOST_BUSY;
4403 if (sdebug_verbose)
4404 sdev_printk(KERN_INFO, scp->device,
4405 "%s: %s: Fetch header+scatter_list, lbdof_blen=%u\n",
4406 my_name, __func__, lbdof_blen);
4407 res = fetch_to_dev_buffer(scp, lrdp, lbdof_blen);
4408 if (res == -1) {
4409 ret = DID_ERROR << 16;
4410 goto err_out;
4411 }
4412
4413 /* Just keep it simple and always lock for now */
4414 sdeb_meta_write_lock(sip);
4415 sg_off = lbdof_blen;
4416 /* Spec says Buffer xfer Length field in number of LBs in dout */
4417 cum_lb = 0;
4418 for (k = 0, up = lrdp + lrd_size; k < num_lrd; ++k, up += lrd_size) {
4419 lba = get_unaligned_be64(up + 0);
4420 num = get_unaligned_be32(up + 8);
4421 if (sdebug_verbose)
4422 sdev_printk(KERN_INFO, scp->device,
4423 "%s: %s: k=%d LBA=0x%llx num=%u sg_off=%u\n",
4424 my_name, __func__, k, lba, num, sg_off);
4425 if (num == 0)
4426 continue;
4427 ret = check_device_access_params(scp, lba, num, true);
4428 if (ret)
4429 goto err_out_unlock;
4430 num_by = num * lb_size;
4431 ei_lba = is_16 ? 0 : get_unaligned_be32(up + 12);
4432
4433 if ((cum_lb + num) > bt_len) {
4434 if (sdebug_verbose)
4435 sdev_printk(KERN_INFO, scp->device,
4436 "%s: %s: sum of blocks > data provided\n",
4437 my_name, __func__);
4438 mk_sense_buffer(scp, ILLEGAL_REQUEST, WRITE_ERROR_ASC,
4439 0);
4440 ret = illegal_condition_result;
4441 goto err_out_unlock;
4442 }
4443
4444 /* DIX + T10 DIF */
4445 if (unlikely(sdebug_dix && scsi_prot_sg_count(scp))) {
4446 int prot_ret = prot_verify_write(scp, lba, num,
4447 ei_lba);
4448
4449 if (prot_ret) {
4450 mk_sense_buffer(scp, ILLEGAL_REQUEST, 0x10,
4451 prot_ret);
4452 ret = illegal_condition_result;
4453 goto err_out_unlock;
4454 }
4455 }
4456
4457 /*
4458 * Write ranges atomically to keep as close to pre-atomic
4459 * writes behaviour as possible.
4460 */
4461 ret = do_device_access(sip, scp, sg_off, lba, num, group, true, true);
4462 /* If ZBC zone then bump its write pointer */
4463 if (sdebug_dev_is_zoned(devip))
4464 zbc_inc_wp(devip, lba, num);
4465 if (unlikely(scsi_debug_lbp()))
4466 map_region(sip, lba, num);
4467 if (unlikely(-1 == ret)) {
4468 ret = DID_ERROR << 16;
4469 goto err_out_unlock;
4470 } else if (unlikely(sdebug_verbose && (ret < num_by)))
4471 sdev_printk(KERN_INFO, scp->device,
4472 "%s: write: cdb indicated=%u, IO sent=%d bytes\n",
4473 my_name, num_by, ret);
4474
4475 if (unlikely((sdebug_opts & SDEBUG_OPT_RECOV_DIF_DIX) &&
4476 atomic_read(&sdeb_inject_pending))) {
4477 if (sdebug_opts & SDEBUG_OPT_RECOVERED_ERR) {
4478 mk_sense_buffer(scp, RECOVERED_ERROR, THRESHOLD_EXCEEDED, 0);
4479 atomic_set(&sdeb_inject_pending, 0);
4480 ret = check_condition_result;
4481 goto err_out_unlock;
4482 } else if (sdebug_opts & SDEBUG_OPT_DIF_ERR) {
4483 /* Logical block guard check failed */
4484 mk_sense_buffer(scp, ABORTED_COMMAND, 0x10, 1);
4485 atomic_set(&sdeb_inject_pending, 0);
4486 ret = illegal_condition_result;
4487 goto err_out_unlock;
4488 } else if (sdebug_opts & SDEBUG_OPT_DIX_ERR) {
4489 mk_sense_buffer(scp, ILLEGAL_REQUEST, 0x10, 1);
4490 atomic_set(&sdeb_inject_pending, 0);
4491 ret = illegal_condition_result;
4492 goto err_out_unlock;
4493 }
4494 }
4495 sg_off += num_by;
4496 cum_lb += num;
4497 }
4498 ret = 0;
4499err_out_unlock:
4500 sdeb_meta_write_unlock(sip);
4501err_out:
4502 kfree(lrdp);
4503 return ret;
4504}
4505
4506static int resp_write_same(struct scsi_cmnd *scp, u64 lba, u32 num,
4507 u32 ei_lba, bool unmap, bool ndob)
4508{
4509 struct scsi_device *sdp = scp->device;
4510 struct sdebug_dev_info *devip = (struct sdebug_dev_info *)sdp->hostdata;
4511 unsigned long long i;
4512 u64 block, lbaa;
4513 u32 lb_size = sdebug_sector_size;
4514 int ret;
4515 struct sdeb_store_info *sip = devip2sip((struct sdebug_dev_info *)
4516 scp->device->hostdata, true);
4517 u8 *fs1p;
4518 u8 *fsp;
4519 bool meta_data_locked = false;
4520
4521 if (sdebug_dev_is_zoned(devip) || scsi_debug_lbp()) {
4522 sdeb_meta_write_lock(sip);
4523 meta_data_locked = true;
4524 }
4525
4526 ret = check_device_access_params(scp, lba, num, true);
4527 if (ret)
4528 goto out;
4529
4530 if (unmap && scsi_debug_lbp()) {
4531 unmap_region(sip, lba, num);
4532 goto out;
4533 }
4534 lbaa = lba;
4535 block = do_div(lbaa, sdebug_store_sectors);
4536 /* if ndob then zero 1 logical block, else fetch 1 logical block */
4537 fsp = sip->storep;
4538 fs1p = fsp + (block * lb_size);
4539 sdeb_data_write_lock(sip);
4540 if (ndob) {
4541 memset(fs1p, 0, lb_size);
4542 ret = 0;
4543 } else
4544 ret = fetch_to_dev_buffer(scp, fs1p, lb_size);
4545
4546 if (-1 == ret) {
4547 ret = DID_ERROR << 16;
4548 goto out;
4549 } else if (sdebug_verbose && !ndob && (ret < lb_size))
4550 sdev_printk(KERN_INFO, scp->device,
4551 "%s: %s: lb size=%u, IO sent=%d bytes\n",
4552 my_name, "write same", lb_size, ret);
4553
4554 /* Copy first sector to remaining blocks */
4555 for (i = 1 ; i < num ; i++) {
4556 lbaa = lba + i;
4557 block = do_div(lbaa, sdebug_store_sectors);
4558 memmove(fsp + (block * lb_size), fs1p, lb_size);
4559 }
4560 if (scsi_debug_lbp())
4561 map_region(sip, lba, num);
4562 /* If ZBC zone then bump its write pointer */
4563 if (sdebug_dev_is_zoned(devip))
4564 zbc_inc_wp(devip, lba, num);
4565 sdeb_data_write_unlock(sip);
4566 ret = 0;
4567out:
4568 if (meta_data_locked)
4569 sdeb_meta_write_unlock(sip);
4570 return ret;
4571}
4572
4573static int resp_write_same_10(struct scsi_cmnd *scp,
4574 struct sdebug_dev_info *devip)
4575{
4576 u8 *cmd = scp->cmnd;
4577 u32 lba;
4578 u16 num;
4579 u32 ei_lba = 0;
4580 bool unmap = false;
4581
4582 if (cmd[1] & 0x8) {
4583 if (sdebug_lbpws10 == 0) {
4584 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 1, 3);
4585 return check_condition_result;
4586 } else
4587 unmap = true;
4588 }
4589 lba = get_unaligned_be32(cmd + 2);
4590 num = get_unaligned_be16(cmd + 7);
4591 if (num > sdebug_write_same_length) {
4592 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 7, -1);
4593 return check_condition_result;
4594 }
4595 return resp_write_same(scp, lba, num, ei_lba, unmap, false);
4596}
4597
4598static int resp_write_same_16(struct scsi_cmnd *scp,
4599 struct sdebug_dev_info *devip)
4600{
4601 u8 *cmd = scp->cmnd;
4602 u64 lba;
4603 u32 num;
4604 u32 ei_lba = 0;
4605 bool unmap = false;
4606 bool ndob = false;
4607
4608 if (cmd[1] & 0x8) { /* UNMAP */
4609 if (sdebug_lbpws == 0) {
4610 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 1, 3);
4611 return check_condition_result;
4612 } else
4613 unmap = true;
4614 }
4615 if (cmd[1] & 0x1) /* NDOB (no data-out buffer, assumes zeroes) */
4616 ndob = true;
4617 lba = get_unaligned_be64(cmd + 2);
4618 num = get_unaligned_be32(cmd + 10);
4619 if (num > sdebug_write_same_length) {
4620 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 10, -1);
4621 return check_condition_result;
4622 }
4623 return resp_write_same(scp, lba, num, ei_lba, unmap, ndob);
4624}
4625
4626/* Note the mode field is in the same position as the (lower) service action
4627 * field. For the Report supported operation codes command, SPC-4 suggests
4628 * each mode of this command should be reported separately; for future. */
4629static int resp_write_buffer(struct scsi_cmnd *scp,
4630 struct sdebug_dev_info *devip)
4631{
4632 u8 *cmd = scp->cmnd;
4633 struct scsi_device *sdp = scp->device;
4634 struct sdebug_dev_info *dp;
4635 u8 mode;
4636
4637 mode = cmd[1] & 0x1f;
4638 switch (mode) {
4639 case 0x4: /* download microcode (MC) and activate (ACT) */
4640 /* set UAs on this device only */
4641 set_bit(SDEBUG_UA_BUS_RESET, devip->uas_bm);
4642 set_bit(SDEBUG_UA_MICROCODE_CHANGED, devip->uas_bm);
4643 break;
4644 case 0x5: /* download MC, save and ACT */
4645 set_bit(SDEBUG_UA_MICROCODE_CHANGED_WO_RESET, devip->uas_bm);
4646 break;
4647 case 0x6: /* download MC with offsets and ACT */
4648 /* set UAs on most devices (LUs) in this target */
4649 list_for_each_entry(dp,
4650 &devip->sdbg_host->dev_info_list,
4651 dev_list)
4652 if (dp->target == sdp->id) {
4653 set_bit(SDEBUG_UA_BUS_RESET, dp->uas_bm);
4654 if (devip != dp)
4655 set_bit(SDEBUG_UA_MICROCODE_CHANGED,
4656 dp->uas_bm);
4657 }
4658 break;
4659 case 0x7: /* download MC with offsets, save, and ACT */
4660 /* set UA on all devices (LUs) in this target */
4661 list_for_each_entry(dp,
4662 &devip->sdbg_host->dev_info_list,
4663 dev_list)
4664 if (dp->target == sdp->id)
4665 set_bit(SDEBUG_UA_MICROCODE_CHANGED_WO_RESET,
4666 dp->uas_bm);
4667 break;
4668 default:
4669 /* do nothing for this command for other mode values */
4670 break;
4671 }
4672 return 0;
4673}
4674
4675static int resp_comp_write(struct scsi_cmnd *scp,
4676 struct sdebug_dev_info *devip)
4677{
4678 u8 *cmd = scp->cmnd;
4679 u8 *arr;
4680 struct sdeb_store_info *sip = devip2sip(devip, true);
4681 u64 lba;
4682 u32 dnum;
4683 u32 lb_size = sdebug_sector_size;
4684 u8 num;
4685 int ret;
4686 int retval = 0;
4687
4688 lba = get_unaligned_be64(cmd + 2);
4689 num = cmd[13]; /* 1 to a maximum of 255 logical blocks */
4690 if (0 == num)
4691 return 0; /* degenerate case, not an error */
4692 if (sdebug_dif == T10_PI_TYPE2_PROTECTION &&
4693 (cmd[1] & 0xe0)) {
4694 mk_sense_invalid_opcode(scp);
4695 return check_condition_result;
4696 }
4697 if ((sdebug_dif == T10_PI_TYPE1_PROTECTION ||
4698 sdebug_dif == T10_PI_TYPE3_PROTECTION) &&
4699 (cmd[1] & 0xe0) == 0)
4700 sdev_printk(KERN_ERR, scp->device, "Unprotected WR "
4701 "to DIF device\n");
4702 ret = check_device_access_params(scp, lba, num, false);
4703 if (ret)
4704 return ret;
4705 dnum = 2 * num;
4706 arr = kcalloc(lb_size, dnum, GFP_ATOMIC);
4707 if (NULL == arr) {
4708 mk_sense_buffer(scp, ILLEGAL_REQUEST, INSUFF_RES_ASC,
4709 INSUFF_RES_ASCQ);
4710 return check_condition_result;
4711 }
4712
4713 ret = do_dout_fetch(scp, dnum, arr);
4714 if (ret == -1) {
4715 retval = DID_ERROR << 16;
4716 goto cleanup_free;
4717 } else if (sdebug_verbose && (ret < (dnum * lb_size)))
4718 sdev_printk(KERN_INFO, scp->device, "%s: compare_write: cdb "
4719 "indicated=%u, IO sent=%d bytes\n", my_name,
4720 dnum * lb_size, ret);
4721
4722 sdeb_data_write_lock(sip);
4723 sdeb_meta_write_lock(sip);
4724 if (!comp_write_worker(sip, lba, num, arr, false)) {
4725 mk_sense_buffer(scp, MISCOMPARE, MISCOMPARE_VERIFY_ASC, 0);
4726 retval = check_condition_result;
4727 goto cleanup_unlock;
4728 }
4729
4730 /* Cover sip->map_storep (which map_region()) sets with data lock */
4731 if (scsi_debug_lbp())
4732 map_region(sip, lba, num);
4733cleanup_unlock:
4734 sdeb_meta_write_unlock(sip);
4735 sdeb_data_write_unlock(sip);
4736cleanup_free:
4737 kfree(arr);
4738 return retval;
4739}
4740
4741struct unmap_block_desc {
4742 __be64 lba;
4743 __be32 blocks;
4744 __be32 __reserved;
4745};
4746
4747static int resp_unmap(struct scsi_cmnd *scp, struct sdebug_dev_info *devip)
4748{
4749 unsigned char *buf;
4750 struct unmap_block_desc *desc;
4751 struct sdeb_store_info *sip = devip2sip(devip, true);
4752 unsigned int i, payload_len, descriptors;
4753 int ret;
4754
4755 if (!scsi_debug_lbp())
4756 return 0; /* fib and say its done */
4757 payload_len = get_unaligned_be16(scp->cmnd + 7);
4758 BUG_ON(scsi_bufflen(scp) != payload_len);
4759
4760 descriptors = (payload_len - 8) / 16;
4761 if (descriptors > sdebug_unmap_max_desc) {
4762 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 7, -1);
4763 return check_condition_result;
4764 }
4765
4766 buf = kzalloc(scsi_bufflen(scp), GFP_ATOMIC);
4767 if (!buf) {
4768 mk_sense_buffer(scp, ILLEGAL_REQUEST, INSUFF_RES_ASC,
4769 INSUFF_RES_ASCQ);
4770 return check_condition_result;
4771 }
4772
4773 scsi_sg_copy_to_buffer(scp, buf, scsi_bufflen(scp));
4774
4775 BUG_ON(get_unaligned_be16(&buf[0]) != payload_len - 2);
4776 BUG_ON(get_unaligned_be16(&buf[2]) != descriptors * 16);
4777
4778 desc = (void *)&buf[8];
4779
4780 sdeb_meta_write_lock(sip);
4781
4782 for (i = 0 ; i < descriptors ; i++) {
4783 unsigned long long lba = get_unaligned_be64(&desc[i].lba);
4784 unsigned int num = get_unaligned_be32(&desc[i].blocks);
4785
4786 ret = check_device_access_params(scp, lba, num, true);
4787 if (ret)
4788 goto out;
4789
4790 unmap_region(sip, lba, num);
4791 }
4792
4793 ret = 0;
4794
4795out:
4796 sdeb_meta_write_unlock(sip);
4797 kfree(buf);
4798
4799 return ret;
4800}
4801
4802#define SDEBUG_GET_LBA_STATUS_LEN 32
4803
4804static int resp_get_lba_status(struct scsi_cmnd *scp,
4805 struct sdebug_dev_info *devip)
4806{
4807 u8 *cmd = scp->cmnd;
4808 u64 lba;
4809 u32 alloc_len, mapped, num;
4810 int ret;
4811 u8 arr[SDEBUG_GET_LBA_STATUS_LEN];
4812
4813 lba = get_unaligned_be64(cmd + 2);
4814 alloc_len = get_unaligned_be32(cmd + 10);
4815
4816 if (alloc_len < 24)
4817 return 0;
4818
4819 ret = check_device_access_params(scp, lba, 1, false);
4820 if (ret)
4821 return ret;
4822
4823 if (scsi_debug_lbp()) {
4824 struct sdeb_store_info *sip = devip2sip(devip, true);
4825
4826 mapped = map_state(sip, lba, &num);
4827 } else {
4828 mapped = 1;
4829 /* following just in case virtual_gb changed */
4830 sdebug_capacity = get_sdebug_capacity();
4831 if (sdebug_capacity - lba <= 0xffffffff)
4832 num = sdebug_capacity - lba;
4833 else
4834 num = 0xffffffff;
4835 }
4836
4837 memset(arr, 0, SDEBUG_GET_LBA_STATUS_LEN);
4838 put_unaligned_be32(20, arr); /* Parameter Data Length */
4839 put_unaligned_be64(lba, arr + 8); /* LBA */
4840 put_unaligned_be32(num, arr + 16); /* Number of blocks */
4841 arr[20] = !mapped; /* prov_stat=0: mapped; 1: dealloc */
4842
4843 return fill_from_dev_buffer(scp, arr, SDEBUG_GET_LBA_STATUS_LEN);
4844}
4845
4846static int resp_get_stream_status(struct scsi_cmnd *scp,
4847 struct sdebug_dev_info *devip)
4848{
4849 u16 starting_stream_id, stream_id;
4850 const u8 *cmd = scp->cmnd;
4851 u32 alloc_len, offset;
4852 u8 arr[256] = {};
4853 struct scsi_stream_status_header *h = (void *)arr;
4854
4855 starting_stream_id = get_unaligned_be16(cmd + 4);
4856 alloc_len = get_unaligned_be32(cmd + 10);
4857
4858 if (alloc_len < 8) {
4859 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 10, -1);
4860 return check_condition_result;
4861 }
4862
4863 if (starting_stream_id >= MAXIMUM_NUMBER_OF_STREAMS) {
4864 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 4, -1);
4865 return check_condition_result;
4866 }
4867
4868 /*
4869 * The GET STREAM STATUS command only reports status information
4870 * about open streams. Treat the non-permanent stream as open.
4871 */
4872 put_unaligned_be16(MAXIMUM_NUMBER_OF_STREAMS,
4873 &h->number_of_open_streams);
4874
4875 for (offset = 8, stream_id = starting_stream_id;
4876 offset + 8 <= min_t(u32, alloc_len, sizeof(arr)) &&
4877 stream_id < MAXIMUM_NUMBER_OF_STREAMS;
4878 offset += 8, stream_id++) {
4879 struct scsi_stream_status *stream_status = (void *)arr + offset;
4880
4881 stream_status->perm = stream_id < PERMANENT_STREAM_COUNT;
4882 put_unaligned_be16(stream_id,
4883 &stream_status->stream_identifier);
4884 stream_status->rel_lifetime = stream_id + 1;
4885 }
4886 put_unaligned_be32(offset - 8, &h->len); /* PARAMETER DATA LENGTH */
4887
4888 return fill_from_dev_buffer(scp, arr, min(offset, alloc_len));
4889}
4890
4891static int resp_sync_cache(struct scsi_cmnd *scp,
4892 struct sdebug_dev_info *devip)
4893{
4894 int res = 0;
4895 u64 lba;
4896 u32 num_blocks;
4897 u8 *cmd = scp->cmnd;
4898
4899 if (cmd[0] == SYNCHRONIZE_CACHE) { /* 10 byte cdb */
4900 lba = get_unaligned_be32(cmd + 2);
4901 num_blocks = get_unaligned_be16(cmd + 7);
4902 } else { /* SYNCHRONIZE_CACHE(16) */
4903 lba = get_unaligned_be64(cmd + 2);
4904 num_blocks = get_unaligned_be32(cmd + 10);
4905 }
4906 if (lba + num_blocks > sdebug_capacity) {
4907 mk_sense_buffer(scp, ILLEGAL_REQUEST, LBA_OUT_OF_RANGE, 0);
4908 return check_condition_result;
4909 }
4910 if (!write_since_sync || (cmd[1] & 0x2))
4911 res = SDEG_RES_IMMED_MASK;
4912 else /* delay if write_since_sync and IMMED clear */
4913 write_since_sync = false;
4914 return res;
4915}
4916
4917/*
4918 * Assuming the LBA+num_blocks is not out-of-range, this function will return
4919 * CONDITION MET if the specified blocks will/have fitted in the cache, and
4920 * a GOOD status otherwise. Model a disk with a big cache and yield
4921 * CONDITION MET. Actually tries to bring range in main memory into the
4922 * cache associated with the CPU(s).
4923 */
4924static int resp_pre_fetch(struct scsi_cmnd *scp,
4925 struct sdebug_dev_info *devip)
4926{
4927 int res = 0;
4928 u64 lba;
4929 u64 block, rest = 0;
4930 u32 nblks;
4931 u8 *cmd = scp->cmnd;
4932 struct sdeb_store_info *sip = devip2sip(devip, true);
4933 u8 *fsp = sip->storep;
4934
4935 if (cmd[0] == PRE_FETCH) { /* 10 byte cdb */
4936 lba = get_unaligned_be32(cmd + 2);
4937 nblks = get_unaligned_be16(cmd + 7);
4938 } else { /* PRE-FETCH(16) */
4939 lba = get_unaligned_be64(cmd + 2);
4940 nblks = get_unaligned_be32(cmd + 10);
4941 }
4942 if (lba + nblks > sdebug_capacity) {
4943 mk_sense_buffer(scp, ILLEGAL_REQUEST, LBA_OUT_OF_RANGE, 0);
4944 return check_condition_result;
4945 }
4946 if (!fsp)
4947 goto fini;
4948 /* PRE-FETCH spec says nothing about LBP or PI so skip them */
4949 block = do_div(lba, sdebug_store_sectors);
4950 if (block + nblks > sdebug_store_sectors)
4951 rest = block + nblks - sdebug_store_sectors;
4952
4953 /* Try to bring the PRE-FETCH range into CPU's cache */
4954 sdeb_data_read_lock(sip);
4955 prefetch_range(fsp + (sdebug_sector_size * block),
4956 (nblks - rest) * sdebug_sector_size);
4957 if (rest)
4958 prefetch_range(fsp, rest * sdebug_sector_size);
4959
4960 sdeb_data_read_unlock(sip);
4961fini:
4962 if (cmd[1] & 0x2)
4963 res = SDEG_RES_IMMED_MASK;
4964 return res | condition_met_result;
4965}
4966
4967#define RL_BUCKET_ELEMS 8
4968
4969/* Even though each pseudo target has a REPORT LUNS "well known logical unit"
4970 * (W-LUN), the normal Linux scanning logic does not associate it with a
4971 * device (e.g. /dev/sg7). The following magic will make that association:
4972 * "cd /sys/class/scsi_host/host<n> ; echo '- - 49409' > scan"
4973 * where <n> is a host number. If there are multiple targets in a host then
4974 * the above will associate a W-LUN to each target. To only get a W-LUN
4975 * for target 2, then use "echo '- 2 49409' > scan" .
4976 */
4977static int resp_report_luns(struct scsi_cmnd *scp,
4978 struct sdebug_dev_info *devip)
4979{
4980 unsigned char *cmd = scp->cmnd;
4981 unsigned int alloc_len;
4982 unsigned char select_report;
4983 u64 lun;
4984 struct scsi_lun *lun_p;
4985 u8 arr[RL_BUCKET_ELEMS * sizeof(struct scsi_lun)];
4986 unsigned int lun_cnt; /* normal LUN count (max: 256) */
4987 unsigned int wlun_cnt; /* report luns W-LUN count */
4988 unsigned int tlun_cnt; /* total LUN count */
4989 unsigned int rlen; /* response length (in bytes) */
4990 int k, j, n, res;
4991 unsigned int off_rsp = 0;
4992 const int sz_lun = sizeof(struct scsi_lun);
4993
4994 clear_luns_changed_on_target(devip);
4995
4996 select_report = cmd[2];
4997 alloc_len = get_unaligned_be32(cmd + 6);
4998
4999 if (alloc_len < 4) {
5000 pr_err("alloc len too small %d\n", alloc_len);
5001 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 6, -1);
5002 return check_condition_result;
5003 }
5004
5005 switch (select_report) {
5006 case 0: /* all LUNs apart from W-LUNs */
5007 lun_cnt = sdebug_max_luns;
5008 wlun_cnt = 0;
5009 break;
5010 case 1: /* only W-LUNs */
5011 lun_cnt = 0;
5012 wlun_cnt = 1;
5013 break;
5014 case 2: /* all LUNs */
5015 lun_cnt = sdebug_max_luns;
5016 wlun_cnt = 1;
5017 break;
5018 case 0x10: /* only administrative LUs */
5019 case 0x11: /* see SPC-5 */
5020 case 0x12: /* only subsiduary LUs owned by referenced LU */
5021 default:
5022 pr_debug("select report invalid %d\n", select_report);
5023 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 2, -1);
5024 return check_condition_result;
5025 }
5026
5027 if (sdebug_no_lun_0 && (lun_cnt > 0))
5028 --lun_cnt;
5029
5030 tlun_cnt = lun_cnt + wlun_cnt;
5031 rlen = tlun_cnt * sz_lun; /* excluding 8 byte header */
5032 scsi_set_resid(scp, scsi_bufflen(scp));
5033 pr_debug("select_report %d luns = %d wluns = %d no_lun0 %d\n",
5034 select_report, lun_cnt, wlun_cnt, sdebug_no_lun_0);
5035
5036 /* loops rely on sizeof response header same as sizeof lun (both 8) */
5037 lun = sdebug_no_lun_0 ? 1 : 0;
5038 for (k = 0, j = 0, res = 0; true; ++k, j = 0) {
5039 memset(arr, 0, sizeof(arr));
5040 lun_p = (struct scsi_lun *)&arr[0];
5041 if (k == 0) {
5042 put_unaligned_be32(rlen, &arr[0]);
5043 ++lun_p;
5044 j = 1;
5045 }
5046 for ( ; j < RL_BUCKET_ELEMS; ++j, ++lun_p) {
5047 if ((k * RL_BUCKET_ELEMS) + j > lun_cnt)
5048 break;
5049 int_to_scsilun(lun++, lun_p);
5050 if (lun > 1 && sdebug_lun_am == SAM_LUN_AM_FLAT)
5051 lun_p->scsi_lun[0] |= 0x40;
5052 }
5053 if (j < RL_BUCKET_ELEMS)
5054 break;
5055 n = j * sz_lun;
5056 res = p_fill_from_dev_buffer(scp, arr, n, off_rsp);
5057 if (res)
5058 return res;
5059 off_rsp += n;
5060 }
5061 if (wlun_cnt) {
5062 int_to_scsilun(SCSI_W_LUN_REPORT_LUNS, lun_p);
5063 ++j;
5064 }
5065 if (j > 0)
5066 res = p_fill_from_dev_buffer(scp, arr, j * sz_lun, off_rsp);
5067 return res;
5068}
5069
5070static int resp_verify(struct scsi_cmnd *scp, struct sdebug_dev_info *devip)
5071{
5072 bool is_bytchk3 = false;
5073 u8 bytchk;
5074 int ret, j;
5075 u32 vnum, a_num, off;
5076 const u32 lb_size = sdebug_sector_size;
5077 u64 lba;
5078 u8 *arr;
5079 u8 *cmd = scp->cmnd;
5080 struct sdeb_store_info *sip = devip2sip(devip, true);
5081
5082 bytchk = (cmd[1] >> 1) & 0x3;
5083 if (bytchk == 0) {
5084 return 0; /* always claim internal verify okay */
5085 } else if (bytchk == 2) {
5086 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 2, 2);
5087 return check_condition_result;
5088 } else if (bytchk == 3) {
5089 is_bytchk3 = true; /* 1 block sent, compared repeatedly */
5090 }
5091 switch (cmd[0]) {
5092 case VERIFY_16:
5093 lba = get_unaligned_be64(cmd + 2);
5094 vnum = get_unaligned_be32(cmd + 10);
5095 break;
5096 case VERIFY: /* is VERIFY(10) */
5097 lba = get_unaligned_be32(cmd + 2);
5098 vnum = get_unaligned_be16(cmd + 7);
5099 break;
5100 default:
5101 mk_sense_invalid_opcode(scp);
5102 return check_condition_result;
5103 }
5104 if (vnum == 0)
5105 return 0; /* not an error */
5106 a_num = is_bytchk3 ? 1 : vnum;
5107 /* Treat following check like one for read (i.e. no write) access */
5108 ret = check_device_access_params(scp, lba, a_num, false);
5109 if (ret)
5110 return ret;
5111
5112 arr = kcalloc(lb_size, vnum, GFP_ATOMIC | __GFP_NOWARN);
5113 if (!arr) {
5114 mk_sense_buffer(scp, ILLEGAL_REQUEST, INSUFF_RES_ASC,
5115 INSUFF_RES_ASCQ);
5116 return check_condition_result;
5117 }
5118 /* Not changing store, so only need read access */
5119 sdeb_data_read_lock(sip);
5120
5121 ret = do_dout_fetch(scp, a_num, arr);
5122 if (ret == -1) {
5123 ret = DID_ERROR << 16;
5124 goto cleanup;
5125 } else if (sdebug_verbose && (ret < (a_num * lb_size))) {
5126 sdev_printk(KERN_INFO, scp->device,
5127 "%s: %s: cdb indicated=%u, IO sent=%d bytes\n",
5128 my_name, __func__, a_num * lb_size, ret);
5129 }
5130 if (is_bytchk3) {
5131 for (j = 1, off = lb_size; j < vnum; ++j, off += lb_size)
5132 memcpy(arr + off, arr, lb_size);
5133 }
5134 ret = 0;
5135 if (!comp_write_worker(sip, lba, vnum, arr, true)) {
5136 mk_sense_buffer(scp, MISCOMPARE, MISCOMPARE_VERIFY_ASC, 0);
5137 ret = check_condition_result;
5138 goto cleanup;
5139 }
5140cleanup:
5141 sdeb_data_read_unlock(sip);
5142 kfree(arr);
5143 return ret;
5144}
5145
5146#define RZONES_DESC_HD 64
5147
5148/* Report zones depending on start LBA and reporting options */
5149static int resp_report_zones(struct scsi_cmnd *scp,
5150 struct sdebug_dev_info *devip)
5151{
5152 unsigned int rep_max_zones, nrz = 0;
5153 int ret = 0;
5154 u32 alloc_len, rep_opts, rep_len;
5155 bool partial;
5156 u64 lba, zs_lba;
5157 u8 *arr = NULL, *desc;
5158 u8 *cmd = scp->cmnd;
5159 struct sdeb_zone_state *zsp = NULL;
5160 struct sdeb_store_info *sip = devip2sip(devip, false);
5161
5162 if (!sdebug_dev_is_zoned(devip)) {
5163 mk_sense_invalid_opcode(scp);
5164 return check_condition_result;
5165 }
5166 zs_lba = get_unaligned_be64(cmd + 2);
5167 alloc_len = get_unaligned_be32(cmd + 10);
5168 if (alloc_len == 0)
5169 return 0; /* not an error */
5170 rep_opts = cmd[14] & 0x3f;
5171 partial = cmd[14] & 0x80;
5172
5173 if (zs_lba >= sdebug_capacity) {
5174 mk_sense_buffer(scp, ILLEGAL_REQUEST, LBA_OUT_OF_RANGE, 0);
5175 return check_condition_result;
5176 }
5177
5178 rep_max_zones = (alloc_len - 64) >> ilog2(RZONES_DESC_HD);
5179
5180 arr = kzalloc(alloc_len, GFP_ATOMIC | __GFP_NOWARN);
5181 if (!arr) {
5182 mk_sense_buffer(scp, ILLEGAL_REQUEST, INSUFF_RES_ASC,
5183 INSUFF_RES_ASCQ);
5184 return check_condition_result;
5185 }
5186
5187 sdeb_meta_read_lock(sip);
5188
5189 desc = arr + 64;
5190 for (lba = zs_lba; lba < sdebug_capacity;
5191 lba = zsp->z_start + zsp->z_size) {
5192 if (WARN_ONCE(zbc_zone(devip, lba) == zsp, "lba = %llu\n", lba))
5193 break;
5194 zsp = zbc_zone(devip, lba);
5195 switch (rep_opts) {
5196 case 0x00:
5197 /* All zones */
5198 break;
5199 case 0x01:
5200 /* Empty zones */
5201 if (zsp->z_cond != ZC1_EMPTY)
5202 continue;
5203 break;
5204 case 0x02:
5205 /* Implicit open zones */
5206 if (zsp->z_cond != ZC2_IMPLICIT_OPEN)
5207 continue;
5208 break;
5209 case 0x03:
5210 /* Explicit open zones */
5211 if (zsp->z_cond != ZC3_EXPLICIT_OPEN)
5212 continue;
5213 break;
5214 case 0x04:
5215 /* Closed zones */
5216 if (zsp->z_cond != ZC4_CLOSED)
5217 continue;
5218 break;
5219 case 0x05:
5220 /* Full zones */
5221 if (zsp->z_cond != ZC5_FULL)
5222 continue;
5223 break;
5224 case 0x06:
5225 case 0x07:
5226 case 0x10:
5227 /*
5228 * Read-only, offline, reset WP recommended are
5229 * not emulated: no zones to report;
5230 */
5231 continue;
5232 case 0x11:
5233 /* non-seq-resource set */
5234 if (!zsp->z_non_seq_resource)
5235 continue;
5236 break;
5237 case 0x3e:
5238 /* All zones except gap zones. */
5239 if (zbc_zone_is_gap(zsp))
5240 continue;
5241 break;
5242 case 0x3f:
5243 /* Not write pointer (conventional) zones */
5244 if (zbc_zone_is_seq(zsp))
5245 continue;
5246 break;
5247 default:
5248 mk_sense_buffer(scp, ILLEGAL_REQUEST,
5249 INVALID_FIELD_IN_CDB, 0);
5250 ret = check_condition_result;
5251 goto fini;
5252 }
5253
5254 if (nrz < rep_max_zones) {
5255 /* Fill zone descriptor */
5256 desc[0] = zsp->z_type;
5257 desc[1] = zsp->z_cond << 4;
5258 if (zsp->z_non_seq_resource)
5259 desc[1] |= 1 << 1;
5260 put_unaligned_be64((u64)zsp->z_size, desc + 8);
5261 put_unaligned_be64((u64)zsp->z_start, desc + 16);
5262 put_unaligned_be64((u64)zsp->z_wp, desc + 24);
5263 desc += 64;
5264 }
5265
5266 if (partial && nrz >= rep_max_zones)
5267 break;
5268
5269 nrz++;
5270 }
5271
5272 /* Report header */
5273 /* Zone list length. */
5274 put_unaligned_be32(nrz * RZONES_DESC_HD, arr + 0);
5275 /* Maximum LBA */
5276 put_unaligned_be64(sdebug_capacity - 1, arr + 8);
5277 /* Zone starting LBA granularity. */
5278 if (devip->zcap < devip->zsize)
5279 put_unaligned_be64(devip->zsize, arr + 16);
5280
5281 rep_len = (unsigned long)desc - (unsigned long)arr;
5282 ret = fill_from_dev_buffer(scp, arr, min_t(u32, alloc_len, rep_len));
5283
5284fini:
5285 sdeb_meta_read_unlock(sip);
5286 kfree(arr);
5287 return ret;
5288}
5289
5290static int resp_atomic_write(struct scsi_cmnd *scp,
5291 struct sdebug_dev_info *devip)
5292{
5293 struct sdeb_store_info *sip;
5294 u8 *cmd = scp->cmnd;
5295 u16 boundary, len;
5296 u64 lba, lba_tmp;
5297 int ret;
5298
5299 if (!scsi_debug_atomic_write()) {
5300 mk_sense_invalid_opcode(scp);
5301 return check_condition_result;
5302 }
5303
5304 sip = devip2sip(devip, true);
5305
5306 lba = get_unaligned_be64(cmd + 2);
5307 boundary = get_unaligned_be16(cmd + 10);
5308 len = get_unaligned_be16(cmd + 12);
5309
5310 lba_tmp = lba;
5311 if (sdebug_atomic_wr_align &&
5312 do_div(lba_tmp, sdebug_atomic_wr_align)) {
5313 /* Does not meet alignment requirement */
5314 mk_sense_buffer(scp, ILLEGAL_REQUEST, INVALID_FIELD_IN_CDB, 0);
5315 return check_condition_result;
5316 }
5317
5318 if (sdebug_atomic_wr_gran && len % sdebug_atomic_wr_gran) {
5319 /* Does not meet alignment requirement */
5320 mk_sense_buffer(scp, ILLEGAL_REQUEST, INVALID_FIELD_IN_CDB, 0);
5321 return check_condition_result;
5322 }
5323
5324 if (boundary > 0) {
5325 if (boundary > sdebug_atomic_wr_max_bndry) {
5326 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 12, -1);
5327 return check_condition_result;
5328 }
5329
5330 if (len > sdebug_atomic_wr_max_length_bndry) {
5331 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 12, -1);
5332 return check_condition_result;
5333 }
5334 } else {
5335 if (len > sdebug_atomic_wr_max_length) {
5336 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 12, -1);
5337 return check_condition_result;
5338 }
5339 }
5340
5341 ret = do_device_access(sip, scp, 0, lba, len, 0, true, true);
5342 if (unlikely(ret == -1))
5343 return DID_ERROR << 16;
5344 if (unlikely(ret != len * sdebug_sector_size))
5345 return DID_ERROR << 16;
5346 return 0;
5347}
5348
5349/* Logic transplanted from tcmu-runner, file_zbc.c */
5350static void zbc_open_all(struct sdebug_dev_info *devip)
5351{
5352 struct sdeb_zone_state *zsp = &devip->zstate[0];
5353 unsigned int i;
5354
5355 for (i = 0; i < devip->nr_zones; i++, zsp++) {
5356 if (zsp->z_cond == ZC4_CLOSED)
5357 zbc_open_zone(devip, &devip->zstate[i], true);
5358 }
5359}
5360
5361static int resp_open_zone(struct scsi_cmnd *scp, struct sdebug_dev_info *devip)
5362{
5363 int res = 0;
5364 u64 z_id;
5365 enum sdebug_z_cond zc;
5366 u8 *cmd = scp->cmnd;
5367 struct sdeb_zone_state *zsp;
5368 bool all = cmd[14] & 0x01;
5369 struct sdeb_store_info *sip = devip2sip(devip, false);
5370
5371 if (!sdebug_dev_is_zoned(devip)) {
5372 mk_sense_invalid_opcode(scp);
5373 return check_condition_result;
5374 }
5375 sdeb_meta_write_lock(sip);
5376
5377 if (all) {
5378 /* Check if all closed zones can be open */
5379 if (devip->max_open &&
5380 devip->nr_exp_open + devip->nr_closed > devip->max_open) {
5381 mk_sense_buffer(scp, DATA_PROTECT, INSUFF_RES_ASC,
5382 INSUFF_ZONE_ASCQ);
5383 res = check_condition_result;
5384 goto fini;
5385 }
5386 /* Open all closed zones */
5387 zbc_open_all(devip);
5388 goto fini;
5389 }
5390
5391 /* Open the specified zone */
5392 z_id = get_unaligned_be64(cmd + 2);
5393 if (z_id >= sdebug_capacity) {
5394 mk_sense_buffer(scp, ILLEGAL_REQUEST, LBA_OUT_OF_RANGE, 0);
5395 res = check_condition_result;
5396 goto fini;
5397 }
5398
5399 zsp = zbc_zone(devip, z_id);
5400 if (z_id != zsp->z_start) {
5401 mk_sense_buffer(scp, ILLEGAL_REQUEST, INVALID_FIELD_IN_CDB, 0);
5402 res = check_condition_result;
5403 goto fini;
5404 }
5405 if (zbc_zone_is_conv(zsp)) {
5406 mk_sense_buffer(scp, ILLEGAL_REQUEST, INVALID_FIELD_IN_CDB, 0);
5407 res = check_condition_result;
5408 goto fini;
5409 }
5410
5411 zc = zsp->z_cond;
5412 if (zc == ZC3_EXPLICIT_OPEN || zc == ZC5_FULL)
5413 goto fini;
5414
5415 if (devip->max_open && devip->nr_exp_open >= devip->max_open) {
5416 mk_sense_buffer(scp, DATA_PROTECT, INSUFF_RES_ASC,
5417 INSUFF_ZONE_ASCQ);
5418 res = check_condition_result;
5419 goto fini;
5420 }
5421
5422 zbc_open_zone(devip, zsp, true);
5423fini:
5424 sdeb_meta_write_unlock(sip);
5425 return res;
5426}
5427
5428static void zbc_close_all(struct sdebug_dev_info *devip)
5429{
5430 unsigned int i;
5431
5432 for (i = 0; i < devip->nr_zones; i++)
5433 zbc_close_zone(devip, &devip->zstate[i]);
5434}
5435
5436static int resp_close_zone(struct scsi_cmnd *scp,
5437 struct sdebug_dev_info *devip)
5438{
5439 int res = 0;
5440 u64 z_id;
5441 u8 *cmd = scp->cmnd;
5442 struct sdeb_zone_state *zsp;
5443 bool all = cmd[14] & 0x01;
5444 struct sdeb_store_info *sip = devip2sip(devip, false);
5445
5446 if (!sdebug_dev_is_zoned(devip)) {
5447 mk_sense_invalid_opcode(scp);
5448 return check_condition_result;
5449 }
5450
5451 sdeb_meta_write_lock(sip);
5452
5453 if (all) {
5454 zbc_close_all(devip);
5455 goto fini;
5456 }
5457
5458 /* Close specified zone */
5459 z_id = get_unaligned_be64(cmd + 2);
5460 if (z_id >= sdebug_capacity) {
5461 mk_sense_buffer(scp, ILLEGAL_REQUEST, LBA_OUT_OF_RANGE, 0);
5462 res = check_condition_result;
5463 goto fini;
5464 }
5465
5466 zsp = zbc_zone(devip, z_id);
5467 if (z_id != zsp->z_start) {
5468 mk_sense_buffer(scp, ILLEGAL_REQUEST, INVALID_FIELD_IN_CDB, 0);
5469 res = check_condition_result;
5470 goto fini;
5471 }
5472 if (zbc_zone_is_conv(zsp)) {
5473 mk_sense_buffer(scp, ILLEGAL_REQUEST, INVALID_FIELD_IN_CDB, 0);
5474 res = check_condition_result;
5475 goto fini;
5476 }
5477
5478 zbc_close_zone(devip, zsp);
5479fini:
5480 sdeb_meta_write_unlock(sip);
5481 return res;
5482}
5483
5484static void zbc_finish_zone(struct sdebug_dev_info *devip,
5485 struct sdeb_zone_state *zsp, bool empty)
5486{
5487 enum sdebug_z_cond zc = zsp->z_cond;
5488
5489 if (zc == ZC4_CLOSED || zc == ZC2_IMPLICIT_OPEN ||
5490 zc == ZC3_EXPLICIT_OPEN || (empty && zc == ZC1_EMPTY)) {
5491 if (zc == ZC2_IMPLICIT_OPEN || zc == ZC3_EXPLICIT_OPEN)
5492 zbc_close_zone(devip, zsp);
5493 if (zsp->z_cond == ZC4_CLOSED)
5494 devip->nr_closed--;
5495 zsp->z_wp = zsp->z_start + zsp->z_size;
5496 zsp->z_cond = ZC5_FULL;
5497 }
5498}
5499
5500static void zbc_finish_all(struct sdebug_dev_info *devip)
5501{
5502 unsigned int i;
5503
5504 for (i = 0; i < devip->nr_zones; i++)
5505 zbc_finish_zone(devip, &devip->zstate[i], false);
5506}
5507
5508static int resp_finish_zone(struct scsi_cmnd *scp,
5509 struct sdebug_dev_info *devip)
5510{
5511 struct sdeb_zone_state *zsp;
5512 int res = 0;
5513 u64 z_id;
5514 u8 *cmd = scp->cmnd;
5515 bool all = cmd[14] & 0x01;
5516 struct sdeb_store_info *sip = devip2sip(devip, false);
5517
5518 if (!sdebug_dev_is_zoned(devip)) {
5519 mk_sense_invalid_opcode(scp);
5520 return check_condition_result;
5521 }
5522
5523 sdeb_meta_write_lock(sip);
5524
5525 if (all) {
5526 zbc_finish_all(devip);
5527 goto fini;
5528 }
5529
5530 /* Finish the specified zone */
5531 z_id = get_unaligned_be64(cmd + 2);
5532 if (z_id >= sdebug_capacity) {
5533 mk_sense_buffer(scp, ILLEGAL_REQUEST, LBA_OUT_OF_RANGE, 0);
5534 res = check_condition_result;
5535 goto fini;
5536 }
5537
5538 zsp = zbc_zone(devip, z_id);
5539 if (z_id != zsp->z_start) {
5540 mk_sense_buffer(scp, ILLEGAL_REQUEST, INVALID_FIELD_IN_CDB, 0);
5541 res = check_condition_result;
5542 goto fini;
5543 }
5544 if (zbc_zone_is_conv(zsp)) {
5545 mk_sense_buffer(scp, ILLEGAL_REQUEST, INVALID_FIELD_IN_CDB, 0);
5546 res = check_condition_result;
5547 goto fini;
5548 }
5549
5550 zbc_finish_zone(devip, zsp, true);
5551fini:
5552 sdeb_meta_write_unlock(sip);
5553 return res;
5554}
5555
5556static void zbc_rwp_zone(struct sdebug_dev_info *devip,
5557 struct sdeb_zone_state *zsp)
5558{
5559 enum sdebug_z_cond zc;
5560 struct sdeb_store_info *sip = devip2sip(devip, false);
5561
5562 if (!zbc_zone_is_seq(zsp))
5563 return;
5564
5565 zc = zsp->z_cond;
5566 if (zc == ZC2_IMPLICIT_OPEN || zc == ZC3_EXPLICIT_OPEN)
5567 zbc_close_zone(devip, zsp);
5568
5569 if (zsp->z_cond == ZC4_CLOSED)
5570 devip->nr_closed--;
5571
5572 if (zsp->z_wp > zsp->z_start)
5573 memset(sip->storep + zsp->z_start * sdebug_sector_size, 0,
5574 (zsp->z_wp - zsp->z_start) * sdebug_sector_size);
5575
5576 zsp->z_non_seq_resource = false;
5577 zsp->z_wp = zsp->z_start;
5578 zsp->z_cond = ZC1_EMPTY;
5579}
5580
5581static void zbc_rwp_all(struct sdebug_dev_info *devip)
5582{
5583 unsigned int i;
5584
5585 for (i = 0; i < devip->nr_zones; i++)
5586 zbc_rwp_zone(devip, &devip->zstate[i]);
5587}
5588
5589static int resp_rwp_zone(struct scsi_cmnd *scp, struct sdebug_dev_info *devip)
5590{
5591 struct sdeb_zone_state *zsp;
5592 int res = 0;
5593 u64 z_id;
5594 u8 *cmd = scp->cmnd;
5595 bool all = cmd[14] & 0x01;
5596 struct sdeb_store_info *sip = devip2sip(devip, false);
5597
5598 if (!sdebug_dev_is_zoned(devip)) {
5599 mk_sense_invalid_opcode(scp);
5600 return check_condition_result;
5601 }
5602
5603 sdeb_meta_write_lock(sip);
5604
5605 if (all) {
5606 zbc_rwp_all(devip);
5607 goto fini;
5608 }
5609
5610 z_id = get_unaligned_be64(cmd + 2);
5611 if (z_id >= sdebug_capacity) {
5612 mk_sense_buffer(scp, ILLEGAL_REQUEST, LBA_OUT_OF_RANGE, 0);
5613 res = check_condition_result;
5614 goto fini;
5615 }
5616
5617 zsp = zbc_zone(devip, z_id);
5618 if (z_id != zsp->z_start) {
5619 mk_sense_buffer(scp, ILLEGAL_REQUEST, INVALID_FIELD_IN_CDB, 0);
5620 res = check_condition_result;
5621 goto fini;
5622 }
5623 if (zbc_zone_is_conv(zsp)) {
5624 mk_sense_buffer(scp, ILLEGAL_REQUEST, INVALID_FIELD_IN_CDB, 0);
5625 res = check_condition_result;
5626 goto fini;
5627 }
5628
5629 zbc_rwp_zone(devip, zsp);
5630fini:
5631 sdeb_meta_write_unlock(sip);
5632 return res;
5633}
5634
5635static u32 get_tag(struct scsi_cmnd *cmnd)
5636{
5637 return blk_mq_unique_tag(scsi_cmd_to_rq(cmnd));
5638}
5639
5640/* Queued (deferred) command completions converge here. */
5641static void sdebug_q_cmd_complete(struct sdebug_defer *sd_dp)
5642{
5643 struct sdebug_queued_cmd *sqcp = container_of(sd_dp, struct sdebug_queued_cmd, sd_dp);
5644 unsigned long flags;
5645 struct scsi_cmnd *scp = sqcp->scmd;
5646 struct sdebug_scsi_cmd *sdsc;
5647 bool aborted;
5648
5649 if (sdebug_statistics) {
5650 atomic_inc(&sdebug_completions);
5651 if (raw_smp_processor_id() != sd_dp->issuing_cpu)
5652 atomic_inc(&sdebug_miss_cpus);
5653 }
5654
5655 if (!scp) {
5656 pr_err("scmd=NULL\n");
5657 goto out;
5658 }
5659
5660 sdsc = scsi_cmd_priv(scp);
5661 spin_lock_irqsave(&sdsc->lock, flags);
5662 aborted = sd_dp->aborted;
5663 if (unlikely(aborted))
5664 sd_dp->aborted = false;
5665 ASSIGN_QUEUED_CMD(scp, NULL);
5666
5667 spin_unlock_irqrestore(&sdsc->lock, flags);
5668
5669 if (aborted) {
5670 pr_info("bypassing scsi_done() due to aborted cmd, kicking-off EH\n");
5671 blk_abort_request(scsi_cmd_to_rq(scp));
5672 goto out;
5673 }
5674
5675 scsi_done(scp); /* callback to mid level */
5676out:
5677 sdebug_free_queued_cmd(sqcp);
5678}
5679
5680/* When high resolution timer goes off this function is called. */
5681static enum hrtimer_restart sdebug_q_cmd_hrt_complete(struct hrtimer *timer)
5682{
5683 struct sdebug_defer *sd_dp = container_of(timer, struct sdebug_defer,
5684 hrt);
5685 sdebug_q_cmd_complete(sd_dp);
5686 return HRTIMER_NORESTART;
5687}
5688
5689/* When work queue schedules work, it calls this function. */
5690static void sdebug_q_cmd_wq_complete(struct work_struct *work)
5691{
5692 struct sdebug_defer *sd_dp = container_of(work, struct sdebug_defer,
5693 ew.work);
5694 sdebug_q_cmd_complete(sd_dp);
5695}
5696
5697static bool got_shared_uuid;
5698static uuid_t shared_uuid;
5699
5700static int sdebug_device_create_zones(struct sdebug_dev_info *devip)
5701{
5702 struct sdeb_zone_state *zsp;
5703 sector_t capacity = get_sdebug_capacity();
5704 sector_t conv_capacity;
5705 sector_t zstart = 0;
5706 unsigned int i;
5707
5708 /*
5709 * Set the zone size: if sdeb_zbc_zone_size_mb is not set, figure out
5710 * a zone size allowing for at least 4 zones on the device. Otherwise,
5711 * use the specified zone size checking that at least 2 zones can be
5712 * created for the device.
5713 */
5714 if (!sdeb_zbc_zone_size_mb) {
5715 devip->zsize = (DEF_ZBC_ZONE_SIZE_MB * SZ_1M)
5716 >> ilog2(sdebug_sector_size);
5717 while (capacity < devip->zsize << 2 && devip->zsize >= 2)
5718 devip->zsize >>= 1;
5719 if (devip->zsize < 2) {
5720 pr_err("Device capacity too small\n");
5721 return -EINVAL;
5722 }
5723 } else {
5724 if (!is_power_of_2(sdeb_zbc_zone_size_mb)) {
5725 pr_err("Zone size is not a power of 2\n");
5726 return -EINVAL;
5727 }
5728 devip->zsize = (sdeb_zbc_zone_size_mb * SZ_1M)
5729 >> ilog2(sdebug_sector_size);
5730 if (devip->zsize >= capacity) {
5731 pr_err("Zone size too large for device capacity\n");
5732 return -EINVAL;
5733 }
5734 }
5735
5736 devip->zsize_shift = ilog2(devip->zsize);
5737 devip->nr_zones = (capacity + devip->zsize - 1) >> devip->zsize_shift;
5738
5739 if (sdeb_zbc_zone_cap_mb == 0) {
5740 devip->zcap = devip->zsize;
5741 } else {
5742 devip->zcap = (sdeb_zbc_zone_cap_mb * SZ_1M) >>
5743 ilog2(sdebug_sector_size);
5744 if (devip->zcap > devip->zsize) {
5745 pr_err("Zone capacity too large\n");
5746 return -EINVAL;
5747 }
5748 }
5749
5750 conv_capacity = (sector_t)sdeb_zbc_nr_conv << devip->zsize_shift;
5751 if (conv_capacity >= capacity) {
5752 pr_err("Number of conventional zones too large\n");
5753 return -EINVAL;
5754 }
5755 devip->nr_conv_zones = sdeb_zbc_nr_conv;
5756 devip->nr_seq_zones = ALIGN(capacity - conv_capacity, devip->zsize) >>
5757 devip->zsize_shift;
5758 devip->nr_zones = devip->nr_conv_zones + devip->nr_seq_zones;
5759
5760 /* Add gap zones if zone capacity is smaller than the zone size */
5761 if (devip->zcap < devip->zsize)
5762 devip->nr_zones += devip->nr_seq_zones;
5763
5764 if (devip->zoned) {
5765 /* zbc_max_open_zones can be 0, meaning "not reported" */
5766 if (sdeb_zbc_max_open >= devip->nr_zones - 1)
5767 devip->max_open = (devip->nr_zones - 1) / 2;
5768 else
5769 devip->max_open = sdeb_zbc_max_open;
5770 }
5771
5772 devip->zstate = kcalloc(devip->nr_zones,
5773 sizeof(struct sdeb_zone_state), GFP_KERNEL);
5774 if (!devip->zstate)
5775 return -ENOMEM;
5776
5777 for (i = 0; i < devip->nr_zones; i++) {
5778 zsp = &devip->zstate[i];
5779
5780 zsp->z_start = zstart;
5781
5782 if (i < devip->nr_conv_zones) {
5783 zsp->z_type = ZBC_ZTYPE_CNV;
5784 zsp->z_cond = ZBC_NOT_WRITE_POINTER;
5785 zsp->z_wp = (sector_t)-1;
5786 zsp->z_size =
5787 min_t(u64, devip->zsize, capacity - zstart);
5788 } else if ((zstart & (devip->zsize - 1)) == 0) {
5789 if (devip->zoned)
5790 zsp->z_type = ZBC_ZTYPE_SWR;
5791 else
5792 zsp->z_type = ZBC_ZTYPE_SWP;
5793 zsp->z_cond = ZC1_EMPTY;
5794 zsp->z_wp = zsp->z_start;
5795 zsp->z_size =
5796 min_t(u64, devip->zcap, capacity - zstart);
5797 } else {
5798 zsp->z_type = ZBC_ZTYPE_GAP;
5799 zsp->z_cond = ZBC_NOT_WRITE_POINTER;
5800 zsp->z_wp = (sector_t)-1;
5801 zsp->z_size = min_t(u64, devip->zsize - devip->zcap,
5802 capacity - zstart);
5803 }
5804
5805 WARN_ON_ONCE((int)zsp->z_size <= 0);
5806 zstart += zsp->z_size;
5807 }
5808
5809 return 0;
5810}
5811
5812static struct sdebug_dev_info *sdebug_device_create(
5813 struct sdebug_host_info *sdbg_host, gfp_t flags)
5814{
5815 struct sdebug_dev_info *devip;
5816
5817 devip = kzalloc(sizeof(*devip), flags);
5818 if (devip) {
5819 if (sdebug_uuid_ctl == 1)
5820 uuid_gen(&devip->lu_name);
5821 else if (sdebug_uuid_ctl == 2) {
5822 if (got_shared_uuid)
5823 devip->lu_name = shared_uuid;
5824 else {
5825 uuid_gen(&shared_uuid);
5826 got_shared_uuid = true;
5827 devip->lu_name = shared_uuid;
5828 }
5829 }
5830 devip->sdbg_host = sdbg_host;
5831 if (sdeb_zbc_in_use) {
5832 devip->zoned = sdeb_zbc_model == BLK_ZONED_HM;
5833 if (sdebug_device_create_zones(devip)) {
5834 kfree(devip);
5835 return NULL;
5836 }
5837 } else {
5838 devip->zoned = false;
5839 }
5840 devip->create_ts = ktime_get_boottime();
5841 atomic_set(&devip->stopped, (sdeb_tur_ms_to_ready > 0 ? 2 : 0));
5842 spin_lock_init(&devip->list_lock);
5843 INIT_LIST_HEAD(&devip->inject_err_list);
5844 list_add_tail(&devip->dev_list, &sdbg_host->dev_info_list);
5845 }
5846 return devip;
5847}
5848
5849static struct sdebug_dev_info *find_build_dev_info(struct scsi_device *sdev)
5850{
5851 struct sdebug_host_info *sdbg_host;
5852 struct sdebug_dev_info *open_devip = NULL;
5853 struct sdebug_dev_info *devip;
5854
5855 sdbg_host = shost_to_sdebug_host(sdev->host);
5856
5857 list_for_each_entry(devip, &sdbg_host->dev_info_list, dev_list) {
5858 if ((devip->used) && (devip->channel == sdev->channel) &&
5859 (devip->target == sdev->id) &&
5860 (devip->lun == sdev->lun))
5861 return devip;
5862 else {
5863 if ((!devip->used) && (!open_devip))
5864 open_devip = devip;
5865 }
5866 }
5867 if (!open_devip) { /* try and make a new one */
5868 open_devip = sdebug_device_create(sdbg_host, GFP_ATOMIC);
5869 if (!open_devip) {
5870 pr_err("out of memory at line %d\n", __LINE__);
5871 return NULL;
5872 }
5873 }
5874
5875 open_devip->channel = sdev->channel;
5876 open_devip->target = sdev->id;
5877 open_devip->lun = sdev->lun;
5878 open_devip->sdbg_host = sdbg_host;
5879 set_bit(SDEBUG_UA_POOCCUR, open_devip->uas_bm);
5880 open_devip->used = true;
5881 return open_devip;
5882}
5883
5884static int scsi_debug_slave_alloc(struct scsi_device *sdp)
5885{
5886 if (sdebug_verbose)
5887 pr_info("slave_alloc <%u %u %u %llu>\n",
5888 sdp->host->host_no, sdp->channel, sdp->id, sdp->lun);
5889
5890 return 0;
5891}
5892
5893static int scsi_debug_slave_configure(struct scsi_device *sdp)
5894{
5895 struct sdebug_dev_info *devip =
5896 (struct sdebug_dev_info *)sdp->hostdata;
5897 struct dentry *dentry;
5898
5899 if (sdebug_verbose)
5900 pr_info("slave_configure <%u %u %u %llu>\n",
5901 sdp->host->host_no, sdp->channel, sdp->id, sdp->lun);
5902 if (sdp->host->max_cmd_len != SDEBUG_MAX_CMD_LEN)
5903 sdp->host->max_cmd_len = SDEBUG_MAX_CMD_LEN;
5904 if (devip == NULL) {
5905 devip = find_build_dev_info(sdp);
5906 if (devip == NULL)
5907 return 1; /* no resources, will be marked offline */
5908 }
5909 sdp->hostdata = devip;
5910 if (sdebug_no_uld)
5911 sdp->no_uld_attach = 1;
5912 config_cdb_len(sdp);
5913
5914 if (sdebug_allow_restart)
5915 sdp->allow_restart = 1;
5916
5917 devip->debugfs_entry = debugfs_create_dir(dev_name(&sdp->sdev_dev),
5918 sdebug_debugfs_root);
5919 if (IS_ERR_OR_NULL(devip->debugfs_entry))
5920 pr_info("%s: failed to create debugfs directory for device %s\n",
5921 __func__, dev_name(&sdp->sdev_gendev));
5922
5923 dentry = debugfs_create_file("error", 0600, devip->debugfs_entry, sdp,
5924 &sdebug_error_fops);
5925 if (IS_ERR_OR_NULL(dentry))
5926 pr_info("%s: failed to create error file for device %s\n",
5927 __func__, dev_name(&sdp->sdev_gendev));
5928
5929 return 0;
5930}
5931
5932static void scsi_debug_slave_destroy(struct scsi_device *sdp)
5933{
5934 struct sdebug_dev_info *devip =
5935 (struct sdebug_dev_info *)sdp->hostdata;
5936 struct sdebug_err_inject *err;
5937
5938 if (sdebug_verbose)
5939 pr_info("slave_destroy <%u %u %u %llu>\n",
5940 sdp->host->host_no, sdp->channel, sdp->id, sdp->lun);
5941
5942 if (!devip)
5943 return;
5944
5945 spin_lock(&devip->list_lock);
5946 list_for_each_entry_rcu(err, &devip->inject_err_list, list) {
5947 list_del_rcu(&err->list);
5948 call_rcu(&err->rcu, sdebug_err_free);
5949 }
5950 spin_unlock(&devip->list_lock);
5951
5952 debugfs_remove(devip->debugfs_entry);
5953
5954 /* make this slot available for re-use */
5955 devip->used = false;
5956 sdp->hostdata = NULL;
5957}
5958
5959/* Returns true if we require the queued memory to be freed by the caller. */
5960static bool stop_qc_helper(struct sdebug_defer *sd_dp,
5961 enum sdeb_defer_type defer_t)
5962{
5963 if (defer_t == SDEB_DEFER_HRT) {
5964 int res = hrtimer_try_to_cancel(&sd_dp->hrt);
5965
5966 switch (res) {
5967 case 0: /* Not active, it must have already run */
5968 case -1: /* -1 It's executing the CB */
5969 return false;
5970 case 1: /* Was active, we've now cancelled */
5971 default:
5972 return true;
5973 }
5974 } else if (defer_t == SDEB_DEFER_WQ) {
5975 /* Cancel if pending */
5976 if (cancel_work_sync(&sd_dp->ew.work))
5977 return true;
5978 /* Was not pending, so it must have run */
5979 return false;
5980 } else if (defer_t == SDEB_DEFER_POLL) {
5981 return true;
5982 }
5983
5984 return false;
5985}
5986
5987
5988static bool scsi_debug_stop_cmnd(struct scsi_cmnd *cmnd)
5989{
5990 enum sdeb_defer_type l_defer_t;
5991 struct sdebug_defer *sd_dp;
5992 struct sdebug_scsi_cmd *sdsc = scsi_cmd_priv(cmnd);
5993 struct sdebug_queued_cmd *sqcp = TO_QUEUED_CMD(cmnd);
5994
5995 lockdep_assert_held(&sdsc->lock);
5996
5997 if (!sqcp)
5998 return false;
5999 sd_dp = &sqcp->sd_dp;
6000 l_defer_t = READ_ONCE(sd_dp->defer_t);
6001 ASSIGN_QUEUED_CMD(cmnd, NULL);
6002
6003 if (stop_qc_helper(sd_dp, l_defer_t))
6004 sdebug_free_queued_cmd(sqcp);
6005
6006 return true;
6007}
6008
6009/*
6010 * Called from scsi_debug_abort() only, which is for timed-out cmd.
6011 */
6012static bool scsi_debug_abort_cmnd(struct scsi_cmnd *cmnd)
6013{
6014 struct sdebug_scsi_cmd *sdsc = scsi_cmd_priv(cmnd);
6015 unsigned long flags;
6016 bool res;
6017
6018 spin_lock_irqsave(&sdsc->lock, flags);
6019 res = scsi_debug_stop_cmnd(cmnd);
6020 spin_unlock_irqrestore(&sdsc->lock, flags);
6021
6022 return res;
6023}
6024
6025/*
6026 * All we can do is set the cmnd as internally aborted and wait for it to
6027 * finish. We cannot call scsi_done() as normal completion path may do that.
6028 */
6029static bool sdebug_stop_cmnd(struct request *rq, void *data)
6030{
6031 scsi_debug_abort_cmnd(blk_mq_rq_to_pdu(rq));
6032
6033 return true;
6034}
6035
6036/* Deletes (stops) timers or work queues of all queued commands */
6037static void stop_all_queued(void)
6038{
6039 struct sdebug_host_info *sdhp;
6040
6041 mutex_lock(&sdebug_host_list_mutex);
6042 list_for_each_entry(sdhp, &sdebug_host_list, host_list) {
6043 struct Scsi_Host *shost = sdhp->shost;
6044
6045 blk_mq_tagset_busy_iter(&shost->tag_set, sdebug_stop_cmnd, NULL);
6046 }
6047 mutex_unlock(&sdebug_host_list_mutex);
6048}
6049
6050static int sdebug_fail_abort(struct scsi_cmnd *cmnd)
6051{
6052 struct scsi_device *sdp = cmnd->device;
6053 struct sdebug_dev_info *devip = (struct sdebug_dev_info *)sdp->hostdata;
6054 struct sdebug_err_inject *err;
6055 unsigned char *cmd = cmnd->cmnd;
6056 int ret = 0;
6057
6058 if (devip == NULL)
6059 return 0;
6060
6061 rcu_read_lock();
6062 list_for_each_entry_rcu(err, &devip->inject_err_list, list) {
6063 if (err->type == ERR_ABORT_CMD_FAILED &&
6064 (err->cmd == cmd[0] || err->cmd == 0xff)) {
6065 ret = !!err->cnt;
6066 if (err->cnt < 0)
6067 err->cnt++;
6068
6069 rcu_read_unlock();
6070 return ret;
6071 }
6072 }
6073 rcu_read_unlock();
6074
6075 return 0;
6076}
6077
6078static int scsi_debug_abort(struct scsi_cmnd *SCpnt)
6079{
6080 bool ok = scsi_debug_abort_cmnd(SCpnt);
6081 u8 *cmd = SCpnt->cmnd;
6082 u8 opcode = cmd[0];
6083
6084 ++num_aborts;
6085
6086 if (SDEBUG_OPT_ALL_NOISE & sdebug_opts)
6087 sdev_printk(KERN_INFO, SCpnt->device,
6088 "%s: command%s found\n", __func__,
6089 ok ? "" : " not");
6090
6091 if (sdebug_fail_abort(SCpnt)) {
6092 scmd_printk(KERN_INFO, SCpnt, "fail abort command 0x%x\n",
6093 opcode);
6094 return FAILED;
6095 }
6096
6097 return SUCCESS;
6098}
6099
6100static bool scsi_debug_stop_all_queued_iter(struct request *rq, void *data)
6101{
6102 struct scsi_device *sdp = data;
6103 struct scsi_cmnd *scmd = blk_mq_rq_to_pdu(rq);
6104
6105 if (scmd->device == sdp)
6106 scsi_debug_abort_cmnd(scmd);
6107
6108 return true;
6109}
6110
6111/* Deletes (stops) timers or work queues of all queued commands per sdev */
6112static void scsi_debug_stop_all_queued(struct scsi_device *sdp)
6113{
6114 struct Scsi_Host *shost = sdp->host;
6115
6116 blk_mq_tagset_busy_iter(&shost->tag_set,
6117 scsi_debug_stop_all_queued_iter, sdp);
6118}
6119
6120static int sdebug_fail_lun_reset(struct scsi_cmnd *cmnd)
6121{
6122 struct scsi_device *sdp = cmnd->device;
6123 struct sdebug_dev_info *devip = (struct sdebug_dev_info *)sdp->hostdata;
6124 struct sdebug_err_inject *err;
6125 unsigned char *cmd = cmnd->cmnd;
6126 int ret = 0;
6127
6128 if (devip == NULL)
6129 return 0;
6130
6131 rcu_read_lock();
6132 list_for_each_entry_rcu(err, &devip->inject_err_list, list) {
6133 if (err->type == ERR_LUN_RESET_FAILED &&
6134 (err->cmd == cmd[0] || err->cmd == 0xff)) {
6135 ret = !!err->cnt;
6136 if (err->cnt < 0)
6137 err->cnt++;
6138
6139 rcu_read_unlock();
6140 return ret;
6141 }
6142 }
6143 rcu_read_unlock();
6144
6145 return 0;
6146}
6147
6148static int scsi_debug_device_reset(struct scsi_cmnd *SCpnt)
6149{
6150 struct scsi_device *sdp = SCpnt->device;
6151 struct sdebug_dev_info *devip = sdp->hostdata;
6152 u8 *cmd = SCpnt->cmnd;
6153 u8 opcode = cmd[0];
6154
6155 ++num_dev_resets;
6156
6157 if (SDEBUG_OPT_ALL_NOISE & sdebug_opts)
6158 sdev_printk(KERN_INFO, sdp, "%s\n", __func__);
6159
6160 scsi_debug_stop_all_queued(sdp);
6161 if (devip)
6162 set_bit(SDEBUG_UA_POR, devip->uas_bm);
6163
6164 if (sdebug_fail_lun_reset(SCpnt)) {
6165 scmd_printk(KERN_INFO, SCpnt, "fail lun reset 0x%x\n", opcode);
6166 return FAILED;
6167 }
6168
6169 return SUCCESS;
6170}
6171
6172static int sdebug_fail_target_reset(struct scsi_cmnd *cmnd)
6173{
6174 struct scsi_target *starget = scsi_target(cmnd->device);
6175 struct sdebug_target_info *targetip =
6176 (struct sdebug_target_info *)starget->hostdata;
6177
6178 if (targetip)
6179 return targetip->reset_fail;
6180
6181 return 0;
6182}
6183
6184static int scsi_debug_target_reset(struct scsi_cmnd *SCpnt)
6185{
6186 struct scsi_device *sdp = SCpnt->device;
6187 struct sdebug_host_info *sdbg_host = shost_to_sdebug_host(sdp->host);
6188 struct sdebug_dev_info *devip;
6189 u8 *cmd = SCpnt->cmnd;
6190 u8 opcode = cmd[0];
6191 int k = 0;
6192
6193 ++num_target_resets;
6194 if (SDEBUG_OPT_ALL_NOISE & sdebug_opts)
6195 sdev_printk(KERN_INFO, sdp, "%s\n", __func__);
6196
6197 list_for_each_entry(devip, &sdbg_host->dev_info_list, dev_list) {
6198 if (devip->target == sdp->id) {
6199 set_bit(SDEBUG_UA_BUS_RESET, devip->uas_bm);
6200 ++k;
6201 }
6202 }
6203
6204 if (SDEBUG_OPT_RESET_NOISE & sdebug_opts)
6205 sdev_printk(KERN_INFO, sdp,
6206 "%s: %d device(s) found in target\n", __func__, k);
6207
6208 if (sdebug_fail_target_reset(SCpnt)) {
6209 scmd_printk(KERN_INFO, SCpnt, "fail target reset 0x%x\n",
6210 opcode);
6211 return FAILED;
6212 }
6213
6214 return SUCCESS;
6215}
6216
6217static int scsi_debug_bus_reset(struct scsi_cmnd *SCpnt)
6218{
6219 struct scsi_device *sdp = SCpnt->device;
6220 struct sdebug_host_info *sdbg_host = shost_to_sdebug_host(sdp->host);
6221 struct sdebug_dev_info *devip;
6222 int k = 0;
6223
6224 ++num_bus_resets;
6225
6226 if (SDEBUG_OPT_ALL_NOISE & sdebug_opts)
6227 sdev_printk(KERN_INFO, sdp, "%s\n", __func__);
6228
6229 list_for_each_entry(devip, &sdbg_host->dev_info_list, dev_list) {
6230 set_bit(SDEBUG_UA_BUS_RESET, devip->uas_bm);
6231 ++k;
6232 }
6233
6234 if (SDEBUG_OPT_RESET_NOISE & sdebug_opts)
6235 sdev_printk(KERN_INFO, sdp,
6236 "%s: %d device(s) found in host\n", __func__, k);
6237 return SUCCESS;
6238}
6239
6240static int scsi_debug_host_reset(struct scsi_cmnd *SCpnt)
6241{
6242 struct sdebug_host_info *sdbg_host;
6243 struct sdebug_dev_info *devip;
6244 int k = 0;
6245
6246 ++num_host_resets;
6247 if (SDEBUG_OPT_ALL_NOISE & sdebug_opts)
6248 sdev_printk(KERN_INFO, SCpnt->device, "%s\n", __func__);
6249 mutex_lock(&sdebug_host_list_mutex);
6250 list_for_each_entry(sdbg_host, &sdebug_host_list, host_list) {
6251 list_for_each_entry(devip, &sdbg_host->dev_info_list,
6252 dev_list) {
6253 set_bit(SDEBUG_UA_BUS_RESET, devip->uas_bm);
6254 ++k;
6255 }
6256 }
6257 mutex_unlock(&sdebug_host_list_mutex);
6258 stop_all_queued();
6259 if (SDEBUG_OPT_RESET_NOISE & sdebug_opts)
6260 sdev_printk(KERN_INFO, SCpnt->device,
6261 "%s: %d device(s) found\n", __func__, k);
6262 return SUCCESS;
6263}
6264
6265static void sdebug_build_parts(unsigned char *ramp, unsigned long store_size)
6266{
6267 struct msdos_partition *pp;
6268 int starts[SDEBUG_MAX_PARTS + 2], max_part_secs;
6269 int sectors_per_part, num_sectors, k;
6270 int heads_by_sects, start_sec, end_sec;
6271
6272 /* assume partition table already zeroed */
6273 if ((sdebug_num_parts < 1) || (store_size < 1048576))
6274 return;
6275 if (sdebug_num_parts > SDEBUG_MAX_PARTS) {
6276 sdebug_num_parts = SDEBUG_MAX_PARTS;
6277 pr_warn("reducing partitions to %d\n", SDEBUG_MAX_PARTS);
6278 }
6279 num_sectors = (int)get_sdebug_capacity();
6280 sectors_per_part = (num_sectors - sdebug_sectors_per)
6281 / sdebug_num_parts;
6282 heads_by_sects = sdebug_heads * sdebug_sectors_per;
6283 starts[0] = sdebug_sectors_per;
6284 max_part_secs = sectors_per_part;
6285 for (k = 1; k < sdebug_num_parts; ++k) {
6286 starts[k] = ((k * sectors_per_part) / heads_by_sects)
6287 * heads_by_sects;
6288 if (starts[k] - starts[k - 1] < max_part_secs)
6289 max_part_secs = starts[k] - starts[k - 1];
6290 }
6291 starts[sdebug_num_parts] = num_sectors;
6292 starts[sdebug_num_parts + 1] = 0;
6293
6294 ramp[510] = 0x55; /* magic partition markings */
6295 ramp[511] = 0xAA;
6296 pp = (struct msdos_partition *)(ramp + 0x1be);
6297 for (k = 0; starts[k + 1]; ++k, ++pp) {
6298 start_sec = starts[k];
6299 end_sec = starts[k] + max_part_secs - 1;
6300 pp->boot_ind = 0;
6301
6302 pp->cyl = start_sec / heads_by_sects;
6303 pp->head = (start_sec - (pp->cyl * heads_by_sects))
6304 / sdebug_sectors_per;
6305 pp->sector = (start_sec % sdebug_sectors_per) + 1;
6306
6307 pp->end_cyl = end_sec / heads_by_sects;
6308 pp->end_head = (end_sec - (pp->end_cyl * heads_by_sects))
6309 / sdebug_sectors_per;
6310 pp->end_sector = (end_sec % sdebug_sectors_per) + 1;
6311
6312 pp->start_sect = cpu_to_le32(start_sec);
6313 pp->nr_sects = cpu_to_le32(end_sec - start_sec + 1);
6314 pp->sys_ind = 0x83; /* plain Linux partition */
6315 }
6316}
6317
6318static void block_unblock_all_queues(bool block)
6319{
6320 struct sdebug_host_info *sdhp;
6321
6322 lockdep_assert_held(&sdebug_host_list_mutex);
6323
6324 list_for_each_entry(sdhp, &sdebug_host_list, host_list) {
6325 struct Scsi_Host *shost = sdhp->shost;
6326
6327 if (block)
6328 scsi_block_requests(shost);
6329 else
6330 scsi_unblock_requests(shost);
6331 }
6332}
6333
6334/* Adjust (by rounding down) the sdebug_cmnd_count so abs(every_nth)-1
6335 * commands will be processed normally before triggers occur.
6336 */
6337static void tweak_cmnd_count(void)
6338{
6339 int count, modulo;
6340
6341 modulo = abs(sdebug_every_nth);
6342 if (modulo < 2)
6343 return;
6344
6345 mutex_lock(&sdebug_host_list_mutex);
6346 block_unblock_all_queues(true);
6347 count = atomic_read(&sdebug_cmnd_count);
6348 atomic_set(&sdebug_cmnd_count, (count / modulo) * modulo);
6349 block_unblock_all_queues(false);
6350 mutex_unlock(&sdebug_host_list_mutex);
6351}
6352
6353static void clear_queue_stats(void)
6354{
6355 atomic_set(&sdebug_cmnd_count, 0);
6356 atomic_set(&sdebug_completions, 0);
6357 atomic_set(&sdebug_miss_cpus, 0);
6358 atomic_set(&sdebug_a_tsf, 0);
6359}
6360
6361static bool inject_on_this_cmd(void)
6362{
6363 if (sdebug_every_nth == 0)
6364 return false;
6365 return (atomic_read(&sdebug_cmnd_count) % abs(sdebug_every_nth)) == 0;
6366}
6367
6368#define INCLUSIVE_TIMING_MAX_NS 1000000 /* 1 millisecond */
6369
6370
6371void sdebug_free_queued_cmd(struct sdebug_queued_cmd *sqcp)
6372{
6373 if (sqcp)
6374 kmem_cache_free(queued_cmd_cache, sqcp);
6375}
6376
6377static struct sdebug_queued_cmd *sdebug_alloc_queued_cmd(struct scsi_cmnd *scmd)
6378{
6379 struct sdebug_queued_cmd *sqcp;
6380 struct sdebug_defer *sd_dp;
6381
6382 sqcp = kmem_cache_zalloc(queued_cmd_cache, GFP_ATOMIC);
6383 if (!sqcp)
6384 return NULL;
6385
6386 sd_dp = &sqcp->sd_dp;
6387
6388 hrtimer_init(&sd_dp->hrt, CLOCK_MONOTONIC, HRTIMER_MODE_REL_PINNED);
6389 sd_dp->hrt.function = sdebug_q_cmd_hrt_complete;
6390 INIT_WORK(&sd_dp->ew.work, sdebug_q_cmd_wq_complete);
6391
6392 sqcp->scmd = scmd;
6393
6394 return sqcp;
6395}
6396
6397/* Complete the processing of the thread that queued a SCSI command to this
6398 * driver. It either completes the command by calling cmnd_done() or
6399 * schedules a hr timer or work queue then returns 0. Returns
6400 * SCSI_MLQUEUE_HOST_BUSY if temporarily out of resources.
6401 */
6402static int schedule_resp(struct scsi_cmnd *cmnd, struct sdebug_dev_info *devip,
6403 int scsi_result,
6404 int (*pfp)(struct scsi_cmnd *,
6405 struct sdebug_dev_info *),
6406 int delta_jiff, int ndelay)
6407{
6408 struct request *rq = scsi_cmd_to_rq(cmnd);
6409 bool polled = rq->cmd_flags & REQ_POLLED;
6410 struct sdebug_scsi_cmd *sdsc = scsi_cmd_priv(cmnd);
6411 unsigned long flags;
6412 u64 ns_from_boot = 0;
6413 struct sdebug_queued_cmd *sqcp;
6414 struct scsi_device *sdp;
6415 struct sdebug_defer *sd_dp;
6416
6417 if (unlikely(devip == NULL)) {
6418 if (scsi_result == 0)
6419 scsi_result = DID_NO_CONNECT << 16;
6420 goto respond_in_thread;
6421 }
6422 sdp = cmnd->device;
6423
6424 if (delta_jiff == 0)
6425 goto respond_in_thread;
6426
6427
6428 if (unlikely(sdebug_every_nth && (SDEBUG_OPT_RARE_TSF & sdebug_opts) &&
6429 (scsi_result == 0))) {
6430 int num_in_q = scsi_device_busy(sdp);
6431 int qdepth = cmnd->device->queue_depth;
6432
6433 if ((num_in_q == qdepth) &&
6434 (atomic_inc_return(&sdebug_a_tsf) >=
6435 abs(sdebug_every_nth))) {
6436 atomic_set(&sdebug_a_tsf, 0);
6437 scsi_result = device_qfull_result;
6438
6439 if (unlikely(SDEBUG_OPT_Q_NOISE & sdebug_opts))
6440 sdev_printk(KERN_INFO, sdp, "%s: num_in_q=%d +1, <inject> status: TASK SET FULL\n",
6441 __func__, num_in_q);
6442 }
6443 }
6444
6445 sqcp = sdebug_alloc_queued_cmd(cmnd);
6446 if (!sqcp) {
6447 pr_err("%s no alloc\n", __func__);
6448 return SCSI_MLQUEUE_HOST_BUSY;
6449 }
6450 sd_dp = &sqcp->sd_dp;
6451
6452 if (polled)
6453 ns_from_boot = ktime_get_boottime_ns();
6454
6455 /* one of the resp_*() response functions is called here */
6456 cmnd->result = pfp ? pfp(cmnd, devip) : 0;
6457 if (cmnd->result & SDEG_RES_IMMED_MASK) {
6458 cmnd->result &= ~SDEG_RES_IMMED_MASK;
6459 delta_jiff = ndelay = 0;
6460 }
6461 if (cmnd->result == 0 && scsi_result != 0)
6462 cmnd->result = scsi_result;
6463 if (cmnd->result == 0 && unlikely(sdebug_opts & SDEBUG_OPT_TRANSPORT_ERR)) {
6464 if (atomic_read(&sdeb_inject_pending)) {
6465 mk_sense_buffer(cmnd, ABORTED_COMMAND, TRANSPORT_PROBLEM, ACK_NAK_TO);
6466 atomic_set(&sdeb_inject_pending, 0);
6467 cmnd->result = check_condition_result;
6468 }
6469 }
6470
6471 if (unlikely(sdebug_verbose && cmnd->result))
6472 sdev_printk(KERN_INFO, sdp, "%s: non-zero result=0x%x\n",
6473 __func__, cmnd->result);
6474
6475 if (delta_jiff > 0 || ndelay > 0) {
6476 ktime_t kt;
6477
6478 if (delta_jiff > 0) {
6479 u64 ns = jiffies_to_nsecs(delta_jiff);
6480
6481 if (sdebug_random && ns < U32_MAX) {
6482 ns = get_random_u32_below((u32)ns);
6483 } else if (sdebug_random) {
6484 ns >>= 12; /* scale to 4 usec precision */
6485 if (ns < U32_MAX) /* over 4 hours max */
6486 ns = get_random_u32_below((u32)ns);
6487 ns <<= 12;
6488 }
6489 kt = ns_to_ktime(ns);
6490 } else { /* ndelay has a 4.2 second max */
6491 kt = sdebug_random ? get_random_u32_below((u32)ndelay) :
6492 (u32)ndelay;
6493 if (ndelay < INCLUSIVE_TIMING_MAX_NS) {
6494 u64 d = ktime_get_boottime_ns() - ns_from_boot;
6495
6496 if (kt <= d) { /* elapsed duration >= kt */
6497 /* call scsi_done() from this thread */
6498 sdebug_free_queued_cmd(sqcp);
6499 scsi_done(cmnd);
6500 return 0;
6501 }
6502 /* otherwise reduce kt by elapsed time */
6503 kt -= d;
6504 }
6505 }
6506 if (sdebug_statistics)
6507 sd_dp->issuing_cpu = raw_smp_processor_id();
6508 if (polled) {
6509 spin_lock_irqsave(&sdsc->lock, flags);
6510 sd_dp->cmpl_ts = ktime_add(ns_to_ktime(ns_from_boot), kt);
6511 ASSIGN_QUEUED_CMD(cmnd, sqcp);
6512 WRITE_ONCE(sd_dp->defer_t, SDEB_DEFER_POLL);
6513 spin_unlock_irqrestore(&sdsc->lock, flags);
6514 } else {
6515 /* schedule the invocation of scsi_done() for a later time */
6516 spin_lock_irqsave(&sdsc->lock, flags);
6517 ASSIGN_QUEUED_CMD(cmnd, sqcp);
6518 WRITE_ONCE(sd_dp->defer_t, SDEB_DEFER_HRT);
6519 hrtimer_start(&sd_dp->hrt, kt, HRTIMER_MODE_REL_PINNED);
6520 /*
6521 * The completion handler will try to grab sqcp->lock,
6522 * so there is no chance that the completion handler
6523 * will call scsi_done() until we release the lock
6524 * here (so ok to keep referencing sdsc).
6525 */
6526 spin_unlock_irqrestore(&sdsc->lock, flags);
6527 }
6528 } else { /* jdelay < 0, use work queue */
6529 if (unlikely((sdebug_opts & SDEBUG_OPT_CMD_ABORT) &&
6530 atomic_read(&sdeb_inject_pending))) {
6531 sd_dp->aborted = true;
6532 atomic_set(&sdeb_inject_pending, 0);
6533 sdev_printk(KERN_INFO, sdp, "abort request tag=%#x\n",
6534 blk_mq_unique_tag_to_tag(get_tag(cmnd)));
6535 }
6536
6537 if (sdebug_statistics)
6538 sd_dp->issuing_cpu = raw_smp_processor_id();
6539 if (polled) {
6540 spin_lock_irqsave(&sdsc->lock, flags);
6541 ASSIGN_QUEUED_CMD(cmnd, sqcp);
6542 sd_dp->cmpl_ts = ns_to_ktime(ns_from_boot);
6543 WRITE_ONCE(sd_dp->defer_t, SDEB_DEFER_POLL);
6544 spin_unlock_irqrestore(&sdsc->lock, flags);
6545 } else {
6546 spin_lock_irqsave(&sdsc->lock, flags);
6547 ASSIGN_QUEUED_CMD(cmnd, sqcp);
6548 WRITE_ONCE(sd_dp->defer_t, SDEB_DEFER_WQ);
6549 schedule_work(&sd_dp->ew.work);
6550 spin_unlock_irqrestore(&sdsc->lock, flags);
6551 }
6552 }
6553
6554 return 0;
6555
6556respond_in_thread: /* call back to mid-layer using invocation thread */
6557 cmnd->result = pfp != NULL ? pfp(cmnd, devip) : 0;
6558 cmnd->result &= ~SDEG_RES_IMMED_MASK;
6559 if (cmnd->result == 0 && scsi_result != 0)
6560 cmnd->result = scsi_result;
6561 scsi_done(cmnd);
6562 return 0;
6563}
6564
6565/* Note: The following macros create attribute files in the
6566 /sys/module/scsi_debug/parameters directory. Unfortunately this
6567 driver is unaware of a change and cannot trigger auxiliary actions
6568 as it can when the corresponding attribute in the
6569 /sys/bus/pseudo/drivers/scsi_debug directory is changed.
6570 */
6571module_param_named(add_host, sdebug_add_host, int, S_IRUGO | S_IWUSR);
6572module_param_named(ato, sdebug_ato, int, S_IRUGO);
6573module_param_named(cdb_len, sdebug_cdb_len, int, 0644);
6574module_param_named(clustering, sdebug_clustering, bool, S_IRUGO | S_IWUSR);
6575module_param_named(delay, sdebug_jdelay, int, S_IRUGO | S_IWUSR);
6576module_param_named(dev_size_mb, sdebug_dev_size_mb, int, S_IRUGO);
6577module_param_named(dif, sdebug_dif, int, S_IRUGO);
6578module_param_named(dix, sdebug_dix, int, S_IRUGO);
6579module_param_named(dsense, sdebug_dsense, int, S_IRUGO | S_IWUSR);
6580module_param_named(every_nth, sdebug_every_nth, int, S_IRUGO | S_IWUSR);
6581module_param_named(fake_rw, sdebug_fake_rw, int, S_IRUGO | S_IWUSR);
6582module_param_named(guard, sdebug_guard, uint, S_IRUGO);
6583module_param_named(host_lock, sdebug_host_lock, bool, S_IRUGO | S_IWUSR);
6584module_param_named(host_max_queue, sdebug_host_max_queue, int, S_IRUGO);
6585module_param_string(inq_product, sdebug_inq_product_id,
6586 sizeof(sdebug_inq_product_id), S_IRUGO | S_IWUSR);
6587module_param_string(inq_rev, sdebug_inq_product_rev,
6588 sizeof(sdebug_inq_product_rev), S_IRUGO | S_IWUSR);
6589module_param_string(inq_vendor, sdebug_inq_vendor_id,
6590 sizeof(sdebug_inq_vendor_id), S_IRUGO | S_IWUSR);
6591module_param_named(lbprz, sdebug_lbprz, int, S_IRUGO);
6592module_param_named(lbpu, sdebug_lbpu, int, S_IRUGO);
6593module_param_named(lbpws, sdebug_lbpws, int, S_IRUGO);
6594module_param_named(lbpws10, sdebug_lbpws10, int, S_IRUGO);
6595module_param_named(atomic_wr, sdebug_atomic_wr, int, S_IRUGO);
6596module_param_named(lowest_aligned, sdebug_lowest_aligned, int, S_IRUGO);
6597module_param_named(lun_format, sdebug_lun_am_i, int, S_IRUGO | S_IWUSR);
6598module_param_named(max_luns, sdebug_max_luns, int, S_IRUGO | S_IWUSR);
6599module_param_named(max_queue, sdebug_max_queue, int, S_IRUGO | S_IWUSR);
6600module_param_named(medium_error_count, sdebug_medium_error_count, int,
6601 S_IRUGO | S_IWUSR);
6602module_param_named(medium_error_start, sdebug_medium_error_start, int,
6603 S_IRUGO | S_IWUSR);
6604module_param_named(ndelay, sdebug_ndelay, int, S_IRUGO | S_IWUSR);
6605module_param_named(no_lun_0, sdebug_no_lun_0, int, S_IRUGO | S_IWUSR);
6606module_param_named(no_rwlock, sdebug_no_rwlock, bool, S_IRUGO | S_IWUSR);
6607module_param_named(no_uld, sdebug_no_uld, int, S_IRUGO);
6608module_param_named(num_parts, sdebug_num_parts, int, S_IRUGO);
6609module_param_named(num_tgts, sdebug_num_tgts, int, S_IRUGO | S_IWUSR);
6610module_param_named(opt_blks, sdebug_opt_blks, int, S_IRUGO);
6611module_param_named(opt_xferlen_exp, sdebug_opt_xferlen_exp, int, S_IRUGO);
6612module_param_named(opts, sdebug_opts, int, S_IRUGO | S_IWUSR);
6613module_param_named(per_host_store, sdebug_per_host_store, bool,
6614 S_IRUGO | S_IWUSR);
6615module_param_named(physblk_exp, sdebug_physblk_exp, int, S_IRUGO);
6616module_param_named(ptype, sdebug_ptype, int, S_IRUGO | S_IWUSR);
6617module_param_named(random, sdebug_random, bool, S_IRUGO | S_IWUSR);
6618module_param_named(removable, sdebug_removable, bool, S_IRUGO | S_IWUSR);
6619module_param_named(scsi_level, sdebug_scsi_level, int, S_IRUGO);
6620module_param_named(sector_size, sdebug_sector_size, int, S_IRUGO);
6621module_param_named(statistics, sdebug_statistics, bool, S_IRUGO | S_IWUSR);
6622module_param_named(strict, sdebug_strict, bool, S_IRUGO | S_IWUSR);
6623module_param_named(submit_queues, submit_queues, int, S_IRUGO);
6624module_param_named(poll_queues, poll_queues, int, S_IRUGO);
6625module_param_named(tur_ms_to_ready, sdeb_tur_ms_to_ready, int, S_IRUGO);
6626module_param_named(unmap_alignment, sdebug_unmap_alignment, int, S_IRUGO);
6627module_param_named(unmap_granularity, sdebug_unmap_granularity, int, S_IRUGO);
6628module_param_named(unmap_max_blocks, sdebug_unmap_max_blocks, int, S_IRUGO);
6629module_param_named(unmap_max_desc, sdebug_unmap_max_desc, int, S_IRUGO);
6630module_param_named(atomic_wr_max_length, sdebug_atomic_wr_max_length, int, S_IRUGO);
6631module_param_named(atomic_wr_align, sdebug_atomic_wr_align, int, S_IRUGO);
6632module_param_named(atomic_wr_gran, sdebug_atomic_wr_gran, int, S_IRUGO);
6633module_param_named(atomic_wr_max_length_bndry, sdebug_atomic_wr_max_length_bndry, int, S_IRUGO);
6634module_param_named(atomic_wr_max_bndry, sdebug_atomic_wr_max_bndry, int, S_IRUGO);
6635module_param_named(uuid_ctl, sdebug_uuid_ctl, int, S_IRUGO);
6636module_param_named(virtual_gb, sdebug_virtual_gb, int, S_IRUGO | S_IWUSR);
6637module_param_named(vpd_use_hostno, sdebug_vpd_use_hostno, int,
6638 S_IRUGO | S_IWUSR);
6639module_param_named(wp, sdebug_wp, bool, S_IRUGO | S_IWUSR);
6640module_param_named(write_same_length, sdebug_write_same_length, int,
6641 S_IRUGO | S_IWUSR);
6642module_param_named(zbc, sdeb_zbc_model_s, charp, S_IRUGO);
6643module_param_named(zone_cap_mb, sdeb_zbc_zone_cap_mb, int, S_IRUGO);
6644module_param_named(zone_max_open, sdeb_zbc_max_open, int, S_IRUGO);
6645module_param_named(zone_nr_conv, sdeb_zbc_nr_conv, int, S_IRUGO);
6646module_param_named(zone_size_mb, sdeb_zbc_zone_size_mb, int, S_IRUGO);
6647module_param_named(allow_restart, sdebug_allow_restart, bool, S_IRUGO | S_IWUSR);
6648
6649MODULE_AUTHOR("Eric Youngdale + Douglas Gilbert");
6650MODULE_DESCRIPTION("SCSI debug adapter driver");
6651MODULE_LICENSE("GPL");
6652MODULE_VERSION(SDEBUG_VERSION);
6653
6654MODULE_PARM_DESC(add_host, "add n hosts, in sysfs if negative remove host(s) (def=1)");
6655MODULE_PARM_DESC(ato, "application tag ownership: 0=disk 1=host (def=1)");
6656MODULE_PARM_DESC(cdb_len, "suggest CDB lengths to drivers (def=10)");
6657MODULE_PARM_DESC(clustering, "when set enables larger transfers (def=0)");
6658MODULE_PARM_DESC(delay, "response delay (def=1 jiffy); 0:imm, -1,-2:tiny");
6659MODULE_PARM_DESC(dev_size_mb, "size in MiB of ram shared by devs(def=8)");
6660MODULE_PARM_DESC(dif, "data integrity field type: 0-3 (def=0)");
6661MODULE_PARM_DESC(dix, "data integrity extensions mask (def=0)");
6662MODULE_PARM_DESC(dsense, "use descriptor sense format(def=0 -> fixed)");
6663MODULE_PARM_DESC(every_nth, "timeout every nth command(def=0)");
6664MODULE_PARM_DESC(fake_rw, "fake reads/writes instead of copying (def=0)");
6665MODULE_PARM_DESC(guard, "protection checksum: 0=crc, 1=ip (def=0)");
6666MODULE_PARM_DESC(host_lock, "host_lock is ignored (def=0)");
6667MODULE_PARM_DESC(host_max_queue,
6668 "host max # of queued cmds (0 to max(def) [max_queue fixed equal for !0])");
6669MODULE_PARM_DESC(inq_product, "SCSI INQUIRY product string (def=\"scsi_debug\")");
6670MODULE_PARM_DESC(inq_rev, "SCSI INQUIRY revision string (def=\""
6671 SDEBUG_VERSION "\")");
6672MODULE_PARM_DESC(inq_vendor, "SCSI INQUIRY vendor string (def=\"Linux\")");
6673MODULE_PARM_DESC(lbprz,
6674 "on read unmapped LBs return 0 when 1 (def), return 0xff when 2");
6675MODULE_PARM_DESC(lbpu, "enable LBP, support UNMAP command (def=0)");
6676MODULE_PARM_DESC(lbpws, "enable LBP, support WRITE SAME(16) with UNMAP bit (def=0)");
6677MODULE_PARM_DESC(lbpws10, "enable LBP, support WRITE SAME(10) with UNMAP bit (def=0)");
6678MODULE_PARM_DESC(atomic_write, "enable ATOMIC WRITE support, support WRITE ATOMIC(16) (def=0)");
6679MODULE_PARM_DESC(lowest_aligned, "lowest aligned lba (def=0)");
6680MODULE_PARM_DESC(lun_format, "LUN format: 0->peripheral (def); 1 --> flat address method");
6681MODULE_PARM_DESC(max_luns, "number of LUNs per target to simulate(def=1)");
6682MODULE_PARM_DESC(max_queue, "max number of queued commands (1 to max(def))");
6683MODULE_PARM_DESC(medium_error_count, "count of sectors to return follow on MEDIUM error");
6684MODULE_PARM_DESC(medium_error_start, "starting sector number to return MEDIUM error");
6685MODULE_PARM_DESC(ndelay, "response delay in nanoseconds (def=0 -> ignore)");
6686MODULE_PARM_DESC(no_lun_0, "no LU number 0 (def=0 -> have lun 0)");
6687MODULE_PARM_DESC(no_rwlock, "don't protect user data reads+writes (def=0)");
6688MODULE_PARM_DESC(no_uld, "stop ULD (e.g. sd driver) attaching (def=0))");
6689MODULE_PARM_DESC(num_parts, "number of partitions(def=0)");
6690MODULE_PARM_DESC(num_tgts, "number of targets per host to simulate(def=1)");
6691MODULE_PARM_DESC(opt_blks, "optimal transfer length in blocks (def=1024)");
6692MODULE_PARM_DESC(opt_xferlen_exp, "optimal transfer length granularity exponent (def=physblk_exp)");
6693MODULE_PARM_DESC(opts, "1->noise, 2->medium_err, 4->timeout, 8->recovered_err... (def=0)");
6694MODULE_PARM_DESC(per_host_store, "If set, next positive add_host will get new store (def=0)");
6695MODULE_PARM_DESC(physblk_exp, "physical block exponent (def=0)");
6696MODULE_PARM_DESC(poll_queues, "support for iouring iopoll queues (1 to max(submit_queues - 1))");
6697MODULE_PARM_DESC(ptype, "SCSI peripheral type(def=0[disk])");
6698MODULE_PARM_DESC(random, "If set, uniformly randomize command duration between 0 and delay_in_ns");
6699MODULE_PARM_DESC(removable, "claim to have removable media (def=0)");
6700MODULE_PARM_DESC(scsi_level, "SCSI level to simulate(def=7[SPC-5])");
6701MODULE_PARM_DESC(sector_size, "logical block size in bytes (def=512)");
6702MODULE_PARM_DESC(statistics, "collect statistics on commands, queues (def=0)");
6703MODULE_PARM_DESC(strict, "stricter checks: reserved field in cdb (def=0)");
6704MODULE_PARM_DESC(submit_queues, "support for block multi-queue (def=1)");
6705MODULE_PARM_DESC(tur_ms_to_ready, "TEST UNIT READY millisecs before initial good status (def=0)");
6706MODULE_PARM_DESC(unmap_alignment, "lowest aligned thin provisioning lba (def=0)");
6707MODULE_PARM_DESC(unmap_granularity, "thin provisioning granularity in blocks (def=1)");
6708MODULE_PARM_DESC(unmap_max_blocks, "max # of blocks can be unmapped in one cmd (def=0xffffffff)");
6709MODULE_PARM_DESC(unmap_max_desc, "max # of ranges that can be unmapped in one cmd (def=256)");
6710MODULE_PARM_DESC(atomic_wr_max_length, "max # of blocks can be atomically written in one cmd (def=8192)");
6711MODULE_PARM_DESC(atomic_wr_align, "minimum alignment of atomic write in blocks (def=2)");
6712MODULE_PARM_DESC(atomic_wr_gran, "minimum granularity of atomic write in blocks (def=2)");
6713MODULE_PARM_DESC(atomic_wr_max_length_bndry, "max # of blocks can be atomically written in one cmd with boundary set (def=8192)");
6714MODULE_PARM_DESC(atomic_wr_max_bndry, "max # boundaries per atomic write (def=128)");
6715MODULE_PARM_DESC(uuid_ctl,
6716 "1->use uuid for lu name, 0->don't, 2->all use same (def=0)");
6717MODULE_PARM_DESC(virtual_gb, "virtual gigabyte (GiB) size (def=0 -> use dev_size_mb)");
6718MODULE_PARM_DESC(vpd_use_hostno, "0 -> dev ids ignore hostno (def=1 -> unique dev ids)");
6719MODULE_PARM_DESC(wp, "Write Protect (def=0)");
6720MODULE_PARM_DESC(write_same_length, "Maximum blocks per WRITE SAME cmd (def=0xffff)");
6721MODULE_PARM_DESC(zbc, "'none' [0]; 'aware' [1]; 'managed' [2] (def=0). Can have 'host-' prefix");
6722MODULE_PARM_DESC(zone_cap_mb, "Zone capacity in MiB (def=zone size)");
6723MODULE_PARM_DESC(zone_max_open, "Maximum number of open zones; [0] for no limit (def=auto)");
6724MODULE_PARM_DESC(zone_nr_conv, "Number of conventional zones (def=1)");
6725MODULE_PARM_DESC(zone_size_mb, "Zone size in MiB (def=auto)");
6726MODULE_PARM_DESC(allow_restart, "Set scsi_device's allow_restart flag(def=0)");
6727
6728#define SDEBUG_INFO_LEN 256
6729static char sdebug_info[SDEBUG_INFO_LEN];
6730
6731static const char *scsi_debug_info(struct Scsi_Host *shp)
6732{
6733 int k;
6734
6735 k = scnprintf(sdebug_info, SDEBUG_INFO_LEN, "%s: version %s [%s]\n",
6736 my_name, SDEBUG_VERSION, sdebug_version_date);
6737 if (k >= (SDEBUG_INFO_LEN - 1))
6738 return sdebug_info;
6739 scnprintf(sdebug_info + k, SDEBUG_INFO_LEN - k,
6740 " dev_size_mb=%d, opts=0x%x, submit_queues=%d, %s=%d",
6741 sdebug_dev_size_mb, sdebug_opts, submit_queues,
6742 "statistics", (int)sdebug_statistics);
6743 return sdebug_info;
6744}
6745
6746/* 'echo <val> > /proc/scsi/scsi_debug/<host_id>' writes to opts */
6747static int scsi_debug_write_info(struct Scsi_Host *host, char *buffer,
6748 int length)
6749{
6750 char arr[16];
6751 int opts;
6752 int minLen = length > 15 ? 15 : length;
6753
6754 if (!capable(CAP_SYS_ADMIN) || !capable(CAP_SYS_RAWIO))
6755 return -EACCES;
6756 memcpy(arr, buffer, minLen);
6757 arr[minLen] = '\0';
6758 if (1 != sscanf(arr, "%d", &opts))
6759 return -EINVAL;
6760 sdebug_opts = opts;
6761 sdebug_verbose = !!(SDEBUG_OPT_NOISE & opts);
6762 sdebug_any_injecting_opt = !!(SDEBUG_OPT_ALL_INJECTING & opts);
6763 if (sdebug_every_nth != 0)
6764 tweak_cmnd_count();
6765 return length;
6766}
6767
6768struct sdebug_submit_queue_data {
6769 int *first;
6770 int *last;
6771 int queue_num;
6772};
6773
6774static bool sdebug_submit_queue_iter(struct request *rq, void *opaque)
6775{
6776 struct sdebug_submit_queue_data *data = opaque;
6777 u32 unique_tag = blk_mq_unique_tag(rq);
6778 u16 hwq = blk_mq_unique_tag_to_hwq(unique_tag);
6779 u16 tag = blk_mq_unique_tag_to_tag(unique_tag);
6780 int queue_num = data->queue_num;
6781
6782 if (hwq != queue_num)
6783 return true;
6784
6785 /* Rely on iter'ing in ascending tag order */
6786 if (*data->first == -1)
6787 *data->first = *data->last = tag;
6788 else
6789 *data->last = tag;
6790
6791 return true;
6792}
6793
6794/* Output seen with 'cat /proc/scsi/scsi_debug/<host_id>'. It will be the
6795 * same for each scsi_debug host (if more than one). Some of the counters
6796 * output are not atomics so might be inaccurate in a busy system. */
6797static int scsi_debug_show_info(struct seq_file *m, struct Scsi_Host *host)
6798{
6799 struct sdebug_host_info *sdhp;
6800 int j;
6801
6802 seq_printf(m, "scsi_debug adapter driver, version %s [%s]\n",
6803 SDEBUG_VERSION, sdebug_version_date);
6804 seq_printf(m, "num_tgts=%d, %ssize=%d MB, opts=0x%x, every_nth=%d\n",
6805 sdebug_num_tgts, "shared (ram) ", sdebug_dev_size_mb,
6806 sdebug_opts, sdebug_every_nth);
6807 seq_printf(m, "delay=%d, ndelay=%d, max_luns=%d, sector_size=%d %s\n",
6808 sdebug_jdelay, sdebug_ndelay, sdebug_max_luns,
6809 sdebug_sector_size, "bytes");
6810 seq_printf(m, "cylinders=%d, heads=%d, sectors=%d, command aborts=%d\n",
6811 sdebug_cylinders_per, sdebug_heads, sdebug_sectors_per,
6812 num_aborts);
6813 seq_printf(m, "RESETs: device=%d, target=%d, bus=%d, host=%d\n",
6814 num_dev_resets, num_target_resets, num_bus_resets,
6815 num_host_resets);
6816 seq_printf(m, "dix_reads=%d, dix_writes=%d, dif_errors=%d\n",
6817 dix_reads, dix_writes, dif_errors);
6818 seq_printf(m, "usec_in_jiffy=%lu, statistics=%d\n", TICK_NSEC / 1000,
6819 sdebug_statistics);
6820 seq_printf(m, "cmnd_count=%d, completions=%d, %s=%d, a_tsf=%d, mq_polls=%d\n",
6821 atomic_read(&sdebug_cmnd_count),
6822 atomic_read(&sdebug_completions),
6823 "miss_cpus", atomic_read(&sdebug_miss_cpus),
6824 atomic_read(&sdebug_a_tsf),
6825 atomic_read(&sdeb_mq_poll_count));
6826
6827 seq_printf(m, "submit_queues=%d\n", submit_queues);
6828 for (j = 0; j < submit_queues; ++j) {
6829 int f = -1, l = -1;
6830 struct sdebug_submit_queue_data data = {
6831 .queue_num = j,
6832 .first = &f,
6833 .last = &l,
6834 };
6835 seq_printf(m, " queue %d:\n", j);
6836 blk_mq_tagset_busy_iter(&host->tag_set, sdebug_submit_queue_iter,
6837 &data);
6838 if (f >= 0) {
6839 seq_printf(m, " in_use_bm BUSY: %s: %d,%d\n",
6840 "first,last bits", f, l);
6841 }
6842 }
6843
6844 seq_printf(m, "this host_no=%d\n", host->host_no);
6845 if (!xa_empty(per_store_ap)) {
6846 bool niu;
6847 int idx;
6848 unsigned long l_idx;
6849 struct sdeb_store_info *sip;
6850
6851 seq_puts(m, "\nhost list:\n");
6852 j = 0;
6853 list_for_each_entry(sdhp, &sdebug_host_list, host_list) {
6854 idx = sdhp->si_idx;
6855 seq_printf(m, " %d: host_no=%d, si_idx=%d\n", j,
6856 sdhp->shost->host_no, idx);
6857 ++j;
6858 }
6859 seq_printf(m, "\nper_store array [most_recent_idx=%d]:\n",
6860 sdeb_most_recent_idx);
6861 j = 0;
6862 xa_for_each(per_store_ap, l_idx, sip) {
6863 niu = xa_get_mark(per_store_ap, l_idx,
6864 SDEB_XA_NOT_IN_USE);
6865 idx = (int)l_idx;
6866 seq_printf(m, " %d: idx=%d%s\n", j, idx,
6867 (niu ? " not_in_use" : ""));
6868 ++j;
6869 }
6870 }
6871 return 0;
6872}
6873
6874static ssize_t delay_show(struct device_driver *ddp, char *buf)
6875{
6876 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_jdelay);
6877}
6878/* Returns -EBUSY if jdelay is being changed and commands are queued. The unit
6879 * of delay is jiffies.
6880 */
6881static ssize_t delay_store(struct device_driver *ddp, const char *buf,
6882 size_t count)
6883{
6884 int jdelay, res;
6885
6886 if (count > 0 && sscanf(buf, "%d", &jdelay) == 1) {
6887 res = count;
6888 if (sdebug_jdelay != jdelay) {
6889 struct sdebug_host_info *sdhp;
6890
6891 mutex_lock(&sdebug_host_list_mutex);
6892 block_unblock_all_queues(true);
6893
6894 list_for_each_entry(sdhp, &sdebug_host_list, host_list) {
6895 struct Scsi_Host *shost = sdhp->shost;
6896
6897 if (scsi_host_busy(shost)) {
6898 res = -EBUSY; /* queued commands */
6899 break;
6900 }
6901 }
6902 if (res > 0) {
6903 sdebug_jdelay = jdelay;
6904 sdebug_ndelay = 0;
6905 }
6906 block_unblock_all_queues(false);
6907 mutex_unlock(&sdebug_host_list_mutex);
6908 }
6909 return res;
6910 }
6911 return -EINVAL;
6912}
6913static DRIVER_ATTR_RW(delay);
6914
6915static ssize_t ndelay_show(struct device_driver *ddp, char *buf)
6916{
6917 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_ndelay);
6918}
6919/* Returns -EBUSY if ndelay is being changed and commands are queued */
6920/* If > 0 and accepted then sdebug_jdelay is set to JDELAY_OVERRIDDEN */
6921static ssize_t ndelay_store(struct device_driver *ddp, const char *buf,
6922 size_t count)
6923{
6924 int ndelay, res;
6925
6926 if ((count > 0) && (1 == sscanf(buf, "%d", &ndelay)) &&
6927 (ndelay >= 0) && (ndelay < (1000 * 1000 * 1000))) {
6928 res = count;
6929 if (sdebug_ndelay != ndelay) {
6930 struct sdebug_host_info *sdhp;
6931
6932 mutex_lock(&sdebug_host_list_mutex);
6933 block_unblock_all_queues(true);
6934
6935 list_for_each_entry(sdhp, &sdebug_host_list, host_list) {
6936 struct Scsi_Host *shost = sdhp->shost;
6937
6938 if (scsi_host_busy(shost)) {
6939 res = -EBUSY; /* queued commands */
6940 break;
6941 }
6942 }
6943
6944 if (res > 0) {
6945 sdebug_ndelay = ndelay;
6946 sdebug_jdelay = ndelay ? JDELAY_OVERRIDDEN
6947 : DEF_JDELAY;
6948 }
6949 block_unblock_all_queues(false);
6950 mutex_unlock(&sdebug_host_list_mutex);
6951 }
6952 return res;
6953 }
6954 return -EINVAL;
6955}
6956static DRIVER_ATTR_RW(ndelay);
6957
6958static ssize_t opts_show(struct device_driver *ddp, char *buf)
6959{
6960 return scnprintf(buf, PAGE_SIZE, "0x%x\n", sdebug_opts);
6961}
6962
6963static ssize_t opts_store(struct device_driver *ddp, const char *buf,
6964 size_t count)
6965{
6966 int opts;
6967 char work[20];
6968
6969 if (sscanf(buf, "%10s", work) == 1) {
6970 if (strncasecmp(work, "0x", 2) == 0) {
6971 if (kstrtoint(work + 2, 16, &opts) == 0)
6972 goto opts_done;
6973 } else {
6974 if (kstrtoint(work, 10, &opts) == 0)
6975 goto opts_done;
6976 }
6977 }
6978 return -EINVAL;
6979opts_done:
6980 sdebug_opts = opts;
6981 sdebug_verbose = !!(SDEBUG_OPT_NOISE & opts);
6982 sdebug_any_injecting_opt = !!(SDEBUG_OPT_ALL_INJECTING & opts);
6983 tweak_cmnd_count();
6984 return count;
6985}
6986static DRIVER_ATTR_RW(opts);
6987
6988static ssize_t ptype_show(struct device_driver *ddp, char *buf)
6989{
6990 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_ptype);
6991}
6992static ssize_t ptype_store(struct device_driver *ddp, const char *buf,
6993 size_t count)
6994{
6995 int n;
6996
6997 /* Cannot change from or to TYPE_ZBC with sysfs */
6998 if (sdebug_ptype == TYPE_ZBC)
6999 return -EINVAL;
7000
7001 if ((count > 0) && (1 == sscanf(buf, "%d", &n)) && (n >= 0)) {
7002 if (n == TYPE_ZBC)
7003 return -EINVAL;
7004 sdebug_ptype = n;
7005 return count;
7006 }
7007 return -EINVAL;
7008}
7009static DRIVER_ATTR_RW(ptype);
7010
7011static ssize_t dsense_show(struct device_driver *ddp, char *buf)
7012{
7013 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_dsense);
7014}
7015static ssize_t dsense_store(struct device_driver *ddp, const char *buf,
7016 size_t count)
7017{
7018 int n;
7019
7020 if ((count > 0) && (1 == sscanf(buf, "%d", &n)) && (n >= 0)) {
7021 sdebug_dsense = n;
7022 return count;
7023 }
7024 return -EINVAL;
7025}
7026static DRIVER_ATTR_RW(dsense);
7027
7028static ssize_t fake_rw_show(struct device_driver *ddp, char *buf)
7029{
7030 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_fake_rw);
7031}
7032static ssize_t fake_rw_store(struct device_driver *ddp, const char *buf,
7033 size_t count)
7034{
7035 int n, idx;
7036
7037 if ((count > 0) && (1 == sscanf(buf, "%d", &n)) && (n >= 0)) {
7038 bool want_store = (n == 0);
7039 struct sdebug_host_info *sdhp;
7040
7041 n = (n > 0);
7042 sdebug_fake_rw = (sdebug_fake_rw > 0);
7043 if (sdebug_fake_rw == n)
7044 return count; /* not transitioning so do nothing */
7045
7046 if (want_store) { /* 1 --> 0 transition, set up store */
7047 if (sdeb_first_idx < 0) {
7048 idx = sdebug_add_store();
7049 if (idx < 0)
7050 return idx;
7051 } else {
7052 idx = sdeb_first_idx;
7053 xa_clear_mark(per_store_ap, idx,
7054 SDEB_XA_NOT_IN_USE);
7055 }
7056 /* make all hosts use same store */
7057 list_for_each_entry(sdhp, &sdebug_host_list,
7058 host_list) {
7059 if (sdhp->si_idx != idx) {
7060 xa_set_mark(per_store_ap, sdhp->si_idx,
7061 SDEB_XA_NOT_IN_USE);
7062 sdhp->si_idx = idx;
7063 }
7064 }
7065 sdeb_most_recent_idx = idx;
7066 } else { /* 0 --> 1 transition is trigger for shrink */
7067 sdebug_erase_all_stores(true /* apart from first */);
7068 }
7069 sdebug_fake_rw = n;
7070 return count;
7071 }
7072 return -EINVAL;
7073}
7074static DRIVER_ATTR_RW(fake_rw);
7075
7076static ssize_t no_lun_0_show(struct device_driver *ddp, char *buf)
7077{
7078 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_no_lun_0);
7079}
7080static ssize_t no_lun_0_store(struct device_driver *ddp, const char *buf,
7081 size_t count)
7082{
7083 int n;
7084
7085 if ((count > 0) && (1 == sscanf(buf, "%d", &n)) && (n >= 0)) {
7086 sdebug_no_lun_0 = n;
7087 return count;
7088 }
7089 return -EINVAL;
7090}
7091static DRIVER_ATTR_RW(no_lun_0);
7092
7093static ssize_t num_tgts_show(struct device_driver *ddp, char *buf)
7094{
7095 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_num_tgts);
7096}
7097static ssize_t num_tgts_store(struct device_driver *ddp, const char *buf,
7098 size_t count)
7099{
7100 int n;
7101
7102 if ((count > 0) && (1 == sscanf(buf, "%d", &n)) && (n >= 0)) {
7103 sdebug_num_tgts = n;
7104 sdebug_max_tgts_luns();
7105 return count;
7106 }
7107 return -EINVAL;
7108}
7109static DRIVER_ATTR_RW(num_tgts);
7110
7111static ssize_t dev_size_mb_show(struct device_driver *ddp, char *buf)
7112{
7113 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_dev_size_mb);
7114}
7115static DRIVER_ATTR_RO(dev_size_mb);
7116
7117static ssize_t per_host_store_show(struct device_driver *ddp, char *buf)
7118{
7119 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_per_host_store);
7120}
7121
7122static ssize_t per_host_store_store(struct device_driver *ddp, const char *buf,
7123 size_t count)
7124{
7125 bool v;
7126
7127 if (kstrtobool(buf, &v))
7128 return -EINVAL;
7129
7130 sdebug_per_host_store = v;
7131 return count;
7132}
7133static DRIVER_ATTR_RW(per_host_store);
7134
7135static ssize_t num_parts_show(struct device_driver *ddp, char *buf)
7136{
7137 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_num_parts);
7138}
7139static DRIVER_ATTR_RO(num_parts);
7140
7141static ssize_t every_nth_show(struct device_driver *ddp, char *buf)
7142{
7143 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_every_nth);
7144}
7145static ssize_t every_nth_store(struct device_driver *ddp, const char *buf,
7146 size_t count)
7147{
7148 int nth;
7149 char work[20];
7150
7151 if (sscanf(buf, "%10s", work) == 1) {
7152 if (strncasecmp(work, "0x", 2) == 0) {
7153 if (kstrtoint(work + 2, 16, &nth) == 0)
7154 goto every_nth_done;
7155 } else {
7156 if (kstrtoint(work, 10, &nth) == 0)
7157 goto every_nth_done;
7158 }
7159 }
7160 return -EINVAL;
7161
7162every_nth_done:
7163 sdebug_every_nth = nth;
7164 if (nth && !sdebug_statistics) {
7165 pr_info("every_nth needs statistics=1, set it\n");
7166 sdebug_statistics = true;
7167 }
7168 tweak_cmnd_count();
7169 return count;
7170}
7171static DRIVER_ATTR_RW(every_nth);
7172
7173static ssize_t lun_format_show(struct device_driver *ddp, char *buf)
7174{
7175 return scnprintf(buf, PAGE_SIZE, "%d\n", (int)sdebug_lun_am);
7176}
7177static ssize_t lun_format_store(struct device_driver *ddp, const char *buf,
7178 size_t count)
7179{
7180 int n;
7181 bool changed;
7182
7183 if (kstrtoint(buf, 0, &n))
7184 return -EINVAL;
7185 if (n >= 0) {
7186 if (n > (int)SAM_LUN_AM_FLAT) {
7187 pr_warn("only LUN address methods 0 and 1 are supported\n");
7188 return -EINVAL;
7189 }
7190 changed = ((int)sdebug_lun_am != n);
7191 sdebug_lun_am = n;
7192 if (changed && sdebug_scsi_level >= 5) { /* >= SPC-3 */
7193 struct sdebug_host_info *sdhp;
7194 struct sdebug_dev_info *dp;
7195
7196 mutex_lock(&sdebug_host_list_mutex);
7197 list_for_each_entry(sdhp, &sdebug_host_list, host_list) {
7198 list_for_each_entry(dp, &sdhp->dev_info_list, dev_list) {
7199 set_bit(SDEBUG_UA_LUNS_CHANGED, dp->uas_bm);
7200 }
7201 }
7202 mutex_unlock(&sdebug_host_list_mutex);
7203 }
7204 return count;
7205 }
7206 return -EINVAL;
7207}
7208static DRIVER_ATTR_RW(lun_format);
7209
7210static ssize_t max_luns_show(struct device_driver *ddp, char *buf)
7211{
7212 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_max_luns);
7213}
7214static ssize_t max_luns_store(struct device_driver *ddp, const char *buf,
7215 size_t count)
7216{
7217 int n;
7218 bool changed;
7219
7220 if ((count > 0) && (1 == sscanf(buf, "%d", &n)) && (n >= 0)) {
7221 if (n > 256) {
7222 pr_warn("max_luns can be no more than 256\n");
7223 return -EINVAL;
7224 }
7225 changed = (sdebug_max_luns != n);
7226 sdebug_max_luns = n;
7227 sdebug_max_tgts_luns();
7228 if (changed && (sdebug_scsi_level >= 5)) { /* >= SPC-3 */
7229 struct sdebug_host_info *sdhp;
7230 struct sdebug_dev_info *dp;
7231
7232 mutex_lock(&sdebug_host_list_mutex);
7233 list_for_each_entry(sdhp, &sdebug_host_list,
7234 host_list) {
7235 list_for_each_entry(dp, &sdhp->dev_info_list,
7236 dev_list) {
7237 set_bit(SDEBUG_UA_LUNS_CHANGED,
7238 dp->uas_bm);
7239 }
7240 }
7241 mutex_unlock(&sdebug_host_list_mutex);
7242 }
7243 return count;
7244 }
7245 return -EINVAL;
7246}
7247static DRIVER_ATTR_RW(max_luns);
7248
7249static ssize_t max_queue_show(struct device_driver *ddp, char *buf)
7250{
7251 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_max_queue);
7252}
7253/* N.B. max_queue can be changed while there are queued commands. In flight
7254 * commands beyond the new max_queue will be completed. */
7255static ssize_t max_queue_store(struct device_driver *ddp, const char *buf,
7256 size_t count)
7257{
7258 int n;
7259
7260 if ((count > 0) && (1 == sscanf(buf, "%d", &n)) && (n > 0) &&
7261 (n <= SDEBUG_CANQUEUE) &&
7262 (sdebug_host_max_queue == 0)) {
7263 mutex_lock(&sdebug_host_list_mutex);
7264
7265 /* We may only change sdebug_max_queue when we have no shosts */
7266 if (list_empty(&sdebug_host_list))
7267 sdebug_max_queue = n;
7268 else
7269 count = -EBUSY;
7270 mutex_unlock(&sdebug_host_list_mutex);
7271 return count;
7272 }
7273 return -EINVAL;
7274}
7275static DRIVER_ATTR_RW(max_queue);
7276
7277static ssize_t host_max_queue_show(struct device_driver *ddp, char *buf)
7278{
7279 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_host_max_queue);
7280}
7281
7282static ssize_t no_rwlock_show(struct device_driver *ddp, char *buf)
7283{
7284 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_no_rwlock);
7285}
7286
7287static ssize_t no_rwlock_store(struct device_driver *ddp, const char *buf, size_t count)
7288{
7289 bool v;
7290
7291 if (kstrtobool(buf, &v))
7292 return -EINVAL;
7293
7294 sdebug_no_rwlock = v;
7295 return count;
7296}
7297static DRIVER_ATTR_RW(no_rwlock);
7298
7299/*
7300 * Since this is used for .can_queue, and we get the hc_idx tag from the bitmap
7301 * in range [0, sdebug_host_max_queue), we can't change it.
7302 */
7303static DRIVER_ATTR_RO(host_max_queue);
7304
7305static ssize_t no_uld_show(struct device_driver *ddp, char *buf)
7306{
7307 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_no_uld);
7308}
7309static DRIVER_ATTR_RO(no_uld);
7310
7311static ssize_t scsi_level_show(struct device_driver *ddp, char *buf)
7312{
7313 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_scsi_level);
7314}
7315static DRIVER_ATTR_RO(scsi_level);
7316
7317static ssize_t virtual_gb_show(struct device_driver *ddp, char *buf)
7318{
7319 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_virtual_gb);
7320}
7321static ssize_t virtual_gb_store(struct device_driver *ddp, const char *buf,
7322 size_t count)
7323{
7324 int n;
7325 bool changed;
7326
7327 /* Ignore capacity change for ZBC drives for now */
7328 if (sdeb_zbc_in_use)
7329 return -ENOTSUPP;
7330
7331 if ((count > 0) && (1 == sscanf(buf, "%d", &n)) && (n >= 0)) {
7332 changed = (sdebug_virtual_gb != n);
7333 sdebug_virtual_gb = n;
7334 sdebug_capacity = get_sdebug_capacity();
7335 if (changed) {
7336 struct sdebug_host_info *sdhp;
7337 struct sdebug_dev_info *dp;
7338
7339 mutex_lock(&sdebug_host_list_mutex);
7340 list_for_each_entry(sdhp, &sdebug_host_list,
7341 host_list) {
7342 list_for_each_entry(dp, &sdhp->dev_info_list,
7343 dev_list) {
7344 set_bit(SDEBUG_UA_CAPACITY_CHANGED,
7345 dp->uas_bm);
7346 }
7347 }
7348 mutex_unlock(&sdebug_host_list_mutex);
7349 }
7350 return count;
7351 }
7352 return -EINVAL;
7353}
7354static DRIVER_ATTR_RW(virtual_gb);
7355
7356static ssize_t add_host_show(struct device_driver *ddp, char *buf)
7357{
7358 /* absolute number of hosts currently active is what is shown */
7359 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_num_hosts);
7360}
7361
7362static ssize_t add_host_store(struct device_driver *ddp, const char *buf,
7363 size_t count)
7364{
7365 bool found;
7366 unsigned long idx;
7367 struct sdeb_store_info *sip;
7368 bool want_phs = (sdebug_fake_rw == 0) && sdebug_per_host_store;
7369 int delta_hosts;
7370
7371 if (sscanf(buf, "%d", &delta_hosts) != 1)
7372 return -EINVAL;
7373 if (delta_hosts > 0) {
7374 do {
7375 found = false;
7376 if (want_phs) {
7377 xa_for_each_marked(per_store_ap, idx, sip,
7378 SDEB_XA_NOT_IN_USE) {
7379 sdeb_most_recent_idx = (int)idx;
7380 found = true;
7381 break;
7382 }
7383 if (found) /* re-use case */
7384 sdebug_add_host_helper((int)idx);
7385 else
7386 sdebug_do_add_host(true);
7387 } else {
7388 sdebug_do_add_host(false);
7389 }
7390 } while (--delta_hosts);
7391 } else if (delta_hosts < 0) {
7392 do {
7393 sdebug_do_remove_host(false);
7394 } while (++delta_hosts);
7395 }
7396 return count;
7397}
7398static DRIVER_ATTR_RW(add_host);
7399
7400static ssize_t vpd_use_hostno_show(struct device_driver *ddp, char *buf)
7401{
7402 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_vpd_use_hostno);
7403}
7404static ssize_t vpd_use_hostno_store(struct device_driver *ddp, const char *buf,
7405 size_t count)
7406{
7407 int n;
7408
7409 if ((count > 0) && (1 == sscanf(buf, "%d", &n)) && (n >= 0)) {
7410 sdebug_vpd_use_hostno = n;
7411 return count;
7412 }
7413 return -EINVAL;
7414}
7415static DRIVER_ATTR_RW(vpd_use_hostno);
7416
7417static ssize_t statistics_show(struct device_driver *ddp, char *buf)
7418{
7419 return scnprintf(buf, PAGE_SIZE, "%d\n", (int)sdebug_statistics);
7420}
7421static ssize_t statistics_store(struct device_driver *ddp, const char *buf,
7422 size_t count)
7423{
7424 int n;
7425
7426 if ((count > 0) && (sscanf(buf, "%d", &n) == 1) && (n >= 0)) {
7427 if (n > 0)
7428 sdebug_statistics = true;
7429 else {
7430 clear_queue_stats();
7431 sdebug_statistics = false;
7432 }
7433 return count;
7434 }
7435 return -EINVAL;
7436}
7437static DRIVER_ATTR_RW(statistics);
7438
7439static ssize_t sector_size_show(struct device_driver *ddp, char *buf)
7440{
7441 return scnprintf(buf, PAGE_SIZE, "%u\n", sdebug_sector_size);
7442}
7443static DRIVER_ATTR_RO(sector_size);
7444
7445static ssize_t submit_queues_show(struct device_driver *ddp, char *buf)
7446{
7447 return scnprintf(buf, PAGE_SIZE, "%d\n", submit_queues);
7448}
7449static DRIVER_ATTR_RO(submit_queues);
7450
7451static ssize_t dix_show(struct device_driver *ddp, char *buf)
7452{
7453 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_dix);
7454}
7455static DRIVER_ATTR_RO(dix);
7456
7457static ssize_t dif_show(struct device_driver *ddp, char *buf)
7458{
7459 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_dif);
7460}
7461static DRIVER_ATTR_RO(dif);
7462
7463static ssize_t guard_show(struct device_driver *ddp, char *buf)
7464{
7465 return scnprintf(buf, PAGE_SIZE, "%u\n", sdebug_guard);
7466}
7467static DRIVER_ATTR_RO(guard);
7468
7469static ssize_t ato_show(struct device_driver *ddp, char *buf)
7470{
7471 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_ato);
7472}
7473static DRIVER_ATTR_RO(ato);
7474
7475static ssize_t map_show(struct device_driver *ddp, char *buf)
7476{
7477 ssize_t count = 0;
7478
7479 if (!scsi_debug_lbp())
7480 return scnprintf(buf, PAGE_SIZE, "0-%u\n",
7481 sdebug_store_sectors);
7482
7483 if (sdebug_fake_rw == 0 && !xa_empty(per_store_ap)) {
7484 struct sdeb_store_info *sip = xa_load(per_store_ap, 0);
7485
7486 if (sip)
7487 count = scnprintf(buf, PAGE_SIZE - 1, "%*pbl",
7488 (int)map_size, sip->map_storep);
7489 }
7490 buf[count++] = '\n';
7491 buf[count] = '\0';
7492
7493 return count;
7494}
7495static DRIVER_ATTR_RO(map);
7496
7497static ssize_t random_show(struct device_driver *ddp, char *buf)
7498{
7499 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_random);
7500}
7501
7502static ssize_t random_store(struct device_driver *ddp, const char *buf,
7503 size_t count)
7504{
7505 bool v;
7506
7507 if (kstrtobool(buf, &v))
7508 return -EINVAL;
7509
7510 sdebug_random = v;
7511 return count;
7512}
7513static DRIVER_ATTR_RW(random);
7514
7515static ssize_t removable_show(struct device_driver *ddp, char *buf)
7516{
7517 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_removable ? 1 : 0);
7518}
7519static ssize_t removable_store(struct device_driver *ddp, const char *buf,
7520 size_t count)
7521{
7522 int n;
7523
7524 if ((count > 0) && (1 == sscanf(buf, "%d", &n)) && (n >= 0)) {
7525 sdebug_removable = (n > 0);
7526 return count;
7527 }
7528 return -EINVAL;
7529}
7530static DRIVER_ATTR_RW(removable);
7531
7532static ssize_t host_lock_show(struct device_driver *ddp, char *buf)
7533{
7534 return scnprintf(buf, PAGE_SIZE, "%d\n", !!sdebug_host_lock);
7535}
7536/* N.B. sdebug_host_lock does nothing, kept for backward compatibility */
7537static ssize_t host_lock_store(struct device_driver *ddp, const char *buf,
7538 size_t count)
7539{
7540 int n;
7541
7542 if ((count > 0) && (1 == sscanf(buf, "%d", &n)) && (n >= 0)) {
7543 sdebug_host_lock = (n > 0);
7544 return count;
7545 }
7546 return -EINVAL;
7547}
7548static DRIVER_ATTR_RW(host_lock);
7549
7550static ssize_t strict_show(struct device_driver *ddp, char *buf)
7551{
7552 return scnprintf(buf, PAGE_SIZE, "%d\n", !!sdebug_strict);
7553}
7554static ssize_t strict_store(struct device_driver *ddp, const char *buf,
7555 size_t count)
7556{
7557 int n;
7558
7559 if ((count > 0) && (1 == sscanf(buf, "%d", &n)) && (n >= 0)) {
7560 sdebug_strict = (n > 0);
7561 return count;
7562 }
7563 return -EINVAL;
7564}
7565static DRIVER_ATTR_RW(strict);
7566
7567static ssize_t uuid_ctl_show(struct device_driver *ddp, char *buf)
7568{
7569 return scnprintf(buf, PAGE_SIZE, "%d\n", !!sdebug_uuid_ctl);
7570}
7571static DRIVER_ATTR_RO(uuid_ctl);
7572
7573static ssize_t cdb_len_show(struct device_driver *ddp, char *buf)
7574{
7575 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_cdb_len);
7576}
7577static ssize_t cdb_len_store(struct device_driver *ddp, const char *buf,
7578 size_t count)
7579{
7580 int ret, n;
7581
7582 ret = kstrtoint(buf, 0, &n);
7583 if (ret)
7584 return ret;
7585 sdebug_cdb_len = n;
7586 all_config_cdb_len();
7587 return count;
7588}
7589static DRIVER_ATTR_RW(cdb_len);
7590
7591static const char * const zbc_model_strs_a[] = {
7592 [BLK_ZONED_NONE] = "none",
7593 [BLK_ZONED_HA] = "host-aware",
7594 [BLK_ZONED_HM] = "host-managed",
7595};
7596
7597static const char * const zbc_model_strs_b[] = {
7598 [BLK_ZONED_NONE] = "no",
7599 [BLK_ZONED_HA] = "aware",
7600 [BLK_ZONED_HM] = "managed",
7601};
7602
7603static const char * const zbc_model_strs_c[] = {
7604 [BLK_ZONED_NONE] = "0",
7605 [BLK_ZONED_HA] = "1",
7606 [BLK_ZONED_HM] = "2",
7607};
7608
7609static int sdeb_zbc_model_str(const char *cp)
7610{
7611 int res = sysfs_match_string(zbc_model_strs_a, cp);
7612
7613 if (res < 0) {
7614 res = sysfs_match_string(zbc_model_strs_b, cp);
7615 if (res < 0) {
7616 res = sysfs_match_string(zbc_model_strs_c, cp);
7617 if (res < 0)
7618 return -EINVAL;
7619 }
7620 }
7621 return res;
7622}
7623
7624static ssize_t zbc_show(struct device_driver *ddp, char *buf)
7625{
7626 return scnprintf(buf, PAGE_SIZE, "%s\n",
7627 zbc_model_strs_a[sdeb_zbc_model]);
7628}
7629static DRIVER_ATTR_RO(zbc);
7630
7631static ssize_t tur_ms_to_ready_show(struct device_driver *ddp, char *buf)
7632{
7633 return scnprintf(buf, PAGE_SIZE, "%d\n", sdeb_tur_ms_to_ready);
7634}
7635static DRIVER_ATTR_RO(tur_ms_to_ready);
7636
7637static ssize_t group_number_stats_show(struct device_driver *ddp, char *buf)
7638{
7639 char *p = buf, *end = buf + PAGE_SIZE;
7640 int i;
7641
7642 for (i = 0; i < ARRAY_SIZE(writes_by_group_number); i++)
7643 p += scnprintf(p, end - p, "%d %ld\n", i,
7644 atomic_long_read(&writes_by_group_number[i]));
7645
7646 return p - buf;
7647}
7648
7649static ssize_t group_number_stats_store(struct device_driver *ddp,
7650 const char *buf, size_t count)
7651{
7652 int i;
7653
7654 for (i = 0; i < ARRAY_SIZE(writes_by_group_number); i++)
7655 atomic_long_set(&writes_by_group_number[i], 0);
7656
7657 return count;
7658}
7659static DRIVER_ATTR_RW(group_number_stats);
7660
7661/* Note: The following array creates attribute files in the
7662 /sys/bus/pseudo/drivers/scsi_debug directory. The advantage of these
7663 files (over those found in the /sys/module/scsi_debug/parameters
7664 directory) is that auxiliary actions can be triggered when an attribute
7665 is changed. For example see: add_host_store() above.
7666 */
7667
7668static struct attribute *sdebug_drv_attrs[] = {
7669 &driver_attr_delay.attr,
7670 &driver_attr_opts.attr,
7671 &driver_attr_ptype.attr,
7672 &driver_attr_dsense.attr,
7673 &driver_attr_fake_rw.attr,
7674 &driver_attr_host_max_queue.attr,
7675 &driver_attr_no_lun_0.attr,
7676 &driver_attr_num_tgts.attr,
7677 &driver_attr_dev_size_mb.attr,
7678 &driver_attr_num_parts.attr,
7679 &driver_attr_every_nth.attr,
7680 &driver_attr_lun_format.attr,
7681 &driver_attr_max_luns.attr,
7682 &driver_attr_max_queue.attr,
7683 &driver_attr_no_rwlock.attr,
7684 &driver_attr_no_uld.attr,
7685 &driver_attr_scsi_level.attr,
7686 &driver_attr_virtual_gb.attr,
7687 &driver_attr_add_host.attr,
7688 &driver_attr_per_host_store.attr,
7689 &driver_attr_vpd_use_hostno.attr,
7690 &driver_attr_sector_size.attr,
7691 &driver_attr_statistics.attr,
7692 &driver_attr_submit_queues.attr,
7693 &driver_attr_dix.attr,
7694 &driver_attr_dif.attr,
7695 &driver_attr_guard.attr,
7696 &driver_attr_ato.attr,
7697 &driver_attr_map.attr,
7698 &driver_attr_random.attr,
7699 &driver_attr_removable.attr,
7700 &driver_attr_host_lock.attr,
7701 &driver_attr_ndelay.attr,
7702 &driver_attr_strict.attr,
7703 &driver_attr_uuid_ctl.attr,
7704 &driver_attr_cdb_len.attr,
7705 &driver_attr_tur_ms_to_ready.attr,
7706 &driver_attr_zbc.attr,
7707 &driver_attr_group_number_stats.attr,
7708 NULL,
7709};
7710ATTRIBUTE_GROUPS(sdebug_drv);
7711
7712static struct device *pseudo_primary;
7713
7714static int __init scsi_debug_init(void)
7715{
7716 bool want_store = (sdebug_fake_rw == 0);
7717 unsigned long sz;
7718 int k, ret, hosts_to_add;
7719 int idx = -1;
7720
7721 if (sdebug_ndelay >= 1000 * 1000 * 1000) {
7722 pr_warn("ndelay must be less than 1 second, ignored\n");
7723 sdebug_ndelay = 0;
7724 } else if (sdebug_ndelay > 0)
7725 sdebug_jdelay = JDELAY_OVERRIDDEN;
7726
7727 switch (sdebug_sector_size) {
7728 case 512:
7729 case 1024:
7730 case 2048:
7731 case 4096:
7732 break;
7733 default:
7734 pr_err("invalid sector_size %d\n", sdebug_sector_size);
7735 return -EINVAL;
7736 }
7737
7738 switch (sdebug_dif) {
7739 case T10_PI_TYPE0_PROTECTION:
7740 break;
7741 case T10_PI_TYPE1_PROTECTION:
7742 case T10_PI_TYPE2_PROTECTION:
7743 case T10_PI_TYPE3_PROTECTION:
7744 have_dif_prot = true;
7745 break;
7746
7747 default:
7748 pr_err("dif must be 0, 1, 2 or 3\n");
7749 return -EINVAL;
7750 }
7751
7752 if (sdebug_num_tgts < 0) {
7753 pr_err("num_tgts must be >= 0\n");
7754 return -EINVAL;
7755 }
7756
7757 if (sdebug_guard > 1) {
7758 pr_err("guard must be 0 or 1\n");
7759 return -EINVAL;
7760 }
7761
7762 if (sdebug_ato > 1) {
7763 pr_err("ato must be 0 or 1\n");
7764 return -EINVAL;
7765 }
7766
7767 if (sdebug_physblk_exp > 15) {
7768 pr_err("invalid physblk_exp %u\n", sdebug_physblk_exp);
7769 return -EINVAL;
7770 }
7771
7772 sdebug_lun_am = sdebug_lun_am_i;
7773 if (sdebug_lun_am > SAM_LUN_AM_FLAT) {
7774 pr_warn("Invalid LUN format %u, using default\n", (int)sdebug_lun_am);
7775 sdebug_lun_am = SAM_LUN_AM_PERIPHERAL;
7776 }
7777
7778 if (sdebug_max_luns > 256) {
7779 if (sdebug_max_luns > 16384) {
7780 pr_warn("max_luns can be no more than 16384, use default\n");
7781 sdebug_max_luns = DEF_MAX_LUNS;
7782 }
7783 sdebug_lun_am = SAM_LUN_AM_FLAT;
7784 }
7785
7786 if (sdebug_lowest_aligned > 0x3fff) {
7787 pr_err("lowest_aligned too big: %u\n", sdebug_lowest_aligned);
7788 return -EINVAL;
7789 }
7790
7791 if (submit_queues < 1) {
7792 pr_err("submit_queues must be 1 or more\n");
7793 return -EINVAL;
7794 }
7795
7796 if ((sdebug_max_queue > SDEBUG_CANQUEUE) || (sdebug_max_queue < 1)) {
7797 pr_err("max_queue must be in range [1, %d]\n", SDEBUG_CANQUEUE);
7798 return -EINVAL;
7799 }
7800
7801 if ((sdebug_host_max_queue > SDEBUG_CANQUEUE) ||
7802 (sdebug_host_max_queue < 0)) {
7803 pr_err("host_max_queue must be in range [0 %d]\n",
7804 SDEBUG_CANQUEUE);
7805 return -EINVAL;
7806 }
7807
7808 if (sdebug_host_max_queue &&
7809 (sdebug_max_queue != sdebug_host_max_queue)) {
7810 sdebug_max_queue = sdebug_host_max_queue;
7811 pr_warn("fixing max submit queue depth to host max queue depth, %d\n",
7812 sdebug_max_queue);
7813 }
7814
7815 /*
7816 * check for host managed zoned block device specified with
7817 * ptype=0x14 or zbc=XXX.
7818 */
7819 if (sdebug_ptype == TYPE_ZBC) {
7820 sdeb_zbc_model = BLK_ZONED_HM;
7821 } else if (sdeb_zbc_model_s && *sdeb_zbc_model_s) {
7822 k = sdeb_zbc_model_str(sdeb_zbc_model_s);
7823 if (k < 0)
7824 return k;
7825 sdeb_zbc_model = k;
7826 switch (sdeb_zbc_model) {
7827 case BLK_ZONED_NONE:
7828 case BLK_ZONED_HA:
7829 sdebug_ptype = TYPE_DISK;
7830 break;
7831 case BLK_ZONED_HM:
7832 sdebug_ptype = TYPE_ZBC;
7833 break;
7834 default:
7835 pr_err("Invalid ZBC model\n");
7836 return -EINVAL;
7837 }
7838 }
7839 if (sdeb_zbc_model != BLK_ZONED_NONE) {
7840 sdeb_zbc_in_use = true;
7841 if (sdebug_dev_size_mb == DEF_DEV_SIZE_PRE_INIT)
7842 sdebug_dev_size_mb = DEF_ZBC_DEV_SIZE_MB;
7843 }
7844
7845 if (sdebug_dev_size_mb == DEF_DEV_SIZE_PRE_INIT)
7846 sdebug_dev_size_mb = DEF_DEV_SIZE_MB;
7847 if (sdebug_dev_size_mb < 1)
7848 sdebug_dev_size_mb = 1; /* force minimum 1 MB ramdisk */
7849 sz = (unsigned long)sdebug_dev_size_mb * 1048576;
7850 sdebug_store_sectors = sz / sdebug_sector_size;
7851 sdebug_capacity = get_sdebug_capacity();
7852
7853 /* play around with geometry, don't waste too much on track 0 */
7854 sdebug_heads = 8;
7855 sdebug_sectors_per = 32;
7856 if (sdebug_dev_size_mb >= 256)
7857 sdebug_heads = 64;
7858 else if (sdebug_dev_size_mb >= 16)
7859 sdebug_heads = 32;
7860 sdebug_cylinders_per = (unsigned long)sdebug_capacity /
7861 (sdebug_sectors_per * sdebug_heads);
7862 if (sdebug_cylinders_per >= 1024) {
7863 /* other LLDs do this; implies >= 1GB ram disk ... */
7864 sdebug_heads = 255;
7865 sdebug_sectors_per = 63;
7866 sdebug_cylinders_per = (unsigned long)sdebug_capacity /
7867 (sdebug_sectors_per * sdebug_heads);
7868 }
7869 if (scsi_debug_lbp()) {
7870 sdebug_unmap_max_blocks =
7871 clamp(sdebug_unmap_max_blocks, 0U, 0xffffffffU);
7872
7873 sdebug_unmap_max_desc =
7874 clamp(sdebug_unmap_max_desc, 0U, 256U);
7875
7876 sdebug_unmap_granularity =
7877 clamp(sdebug_unmap_granularity, 1U, 0xffffffffU);
7878
7879 if (sdebug_unmap_alignment &&
7880 sdebug_unmap_granularity <=
7881 sdebug_unmap_alignment) {
7882 pr_err("ERR: unmap_granularity <= unmap_alignment\n");
7883 return -EINVAL;
7884 }
7885 }
7886
7887 xa_init_flags(per_store_ap, XA_FLAGS_ALLOC | XA_FLAGS_LOCK_IRQ);
7888 if (want_store) {
7889 idx = sdebug_add_store();
7890 if (idx < 0)
7891 return idx;
7892 }
7893
7894 pseudo_primary = root_device_register("pseudo_0");
7895 if (IS_ERR(pseudo_primary)) {
7896 pr_warn("root_device_register() error\n");
7897 ret = PTR_ERR(pseudo_primary);
7898 goto free_vm;
7899 }
7900 ret = bus_register(&pseudo_lld_bus);
7901 if (ret < 0) {
7902 pr_warn("bus_register error: %d\n", ret);
7903 goto dev_unreg;
7904 }
7905 ret = driver_register(&sdebug_driverfs_driver);
7906 if (ret < 0) {
7907 pr_warn("driver_register error: %d\n", ret);
7908 goto bus_unreg;
7909 }
7910
7911 hosts_to_add = sdebug_add_host;
7912 sdebug_add_host = 0;
7913
7914 queued_cmd_cache = KMEM_CACHE(sdebug_queued_cmd, SLAB_HWCACHE_ALIGN);
7915 if (!queued_cmd_cache) {
7916 ret = -ENOMEM;
7917 goto driver_unreg;
7918 }
7919
7920 sdebug_debugfs_root = debugfs_create_dir("scsi_debug", NULL);
7921 if (IS_ERR_OR_NULL(sdebug_debugfs_root))
7922 pr_info("%s: failed to create initial debugfs directory\n", __func__);
7923
7924 for (k = 0; k < hosts_to_add; k++) {
7925 if (want_store && k == 0) {
7926 ret = sdebug_add_host_helper(idx);
7927 if (ret < 0) {
7928 pr_err("add_host_helper k=%d, error=%d\n",
7929 k, -ret);
7930 break;
7931 }
7932 } else {
7933 ret = sdebug_do_add_host(want_store &&
7934 sdebug_per_host_store);
7935 if (ret < 0) {
7936 pr_err("add_host k=%d error=%d\n", k, -ret);
7937 break;
7938 }
7939 }
7940 }
7941 if (sdebug_verbose)
7942 pr_info("built %d host(s)\n", sdebug_num_hosts);
7943
7944 return 0;
7945
7946driver_unreg:
7947 driver_unregister(&sdebug_driverfs_driver);
7948bus_unreg:
7949 bus_unregister(&pseudo_lld_bus);
7950dev_unreg:
7951 root_device_unregister(pseudo_primary);
7952free_vm:
7953 sdebug_erase_store(idx, NULL);
7954 return ret;
7955}
7956
7957static void __exit scsi_debug_exit(void)
7958{
7959 int k = sdebug_num_hosts;
7960
7961 for (; k; k--)
7962 sdebug_do_remove_host(true);
7963 kmem_cache_destroy(queued_cmd_cache);
7964 driver_unregister(&sdebug_driverfs_driver);
7965 bus_unregister(&pseudo_lld_bus);
7966 root_device_unregister(pseudo_primary);
7967
7968 sdebug_erase_all_stores(false);
7969 xa_destroy(per_store_ap);
7970 debugfs_remove(sdebug_debugfs_root);
7971}
7972
7973device_initcall(scsi_debug_init);
7974module_exit(scsi_debug_exit);
7975
7976static void sdebug_release_adapter(struct device *dev)
7977{
7978 struct sdebug_host_info *sdbg_host;
7979
7980 sdbg_host = dev_to_sdebug_host(dev);
7981 kfree(sdbg_host);
7982}
7983
7984/* idx must be valid, if sip is NULL then it will be obtained using idx */
7985static void sdebug_erase_store(int idx, struct sdeb_store_info *sip)
7986{
7987 if (idx < 0)
7988 return;
7989 if (!sip) {
7990 if (xa_empty(per_store_ap))
7991 return;
7992 sip = xa_load(per_store_ap, idx);
7993 if (!sip)
7994 return;
7995 }
7996 vfree(sip->map_storep);
7997 vfree(sip->dif_storep);
7998 vfree(sip->storep);
7999 xa_erase(per_store_ap, idx);
8000 kfree(sip);
8001}
8002
8003/* Assume apart_from_first==false only in shutdown case. */
8004static void sdebug_erase_all_stores(bool apart_from_first)
8005{
8006 unsigned long idx;
8007 struct sdeb_store_info *sip = NULL;
8008
8009 xa_for_each(per_store_ap, idx, sip) {
8010 if (apart_from_first)
8011 apart_from_first = false;
8012 else
8013 sdebug_erase_store(idx, sip);
8014 }
8015 if (apart_from_first)
8016 sdeb_most_recent_idx = sdeb_first_idx;
8017}
8018
8019/*
8020 * Returns store xarray new element index (idx) if >=0 else negated errno.
8021 * Limit the number of stores to 65536.
8022 */
8023static int sdebug_add_store(void)
8024{
8025 int res;
8026 u32 n_idx;
8027 unsigned long iflags;
8028 unsigned long sz = (unsigned long)sdebug_dev_size_mb * 1048576;
8029 struct sdeb_store_info *sip = NULL;
8030 struct xa_limit xal = { .max = 1 << 16, .min = 0 };
8031
8032 sip = kzalloc(sizeof(*sip), GFP_KERNEL);
8033 if (!sip)
8034 return -ENOMEM;
8035
8036 xa_lock_irqsave(per_store_ap, iflags);
8037 res = __xa_alloc(per_store_ap, &n_idx, sip, xal, GFP_ATOMIC);
8038 if (unlikely(res < 0)) {
8039 xa_unlock_irqrestore(per_store_ap, iflags);
8040 kfree(sip);
8041 pr_warn("%s: xa_alloc() errno=%d\n", __func__, -res);
8042 return res;
8043 }
8044 sdeb_most_recent_idx = n_idx;
8045 if (sdeb_first_idx < 0)
8046 sdeb_first_idx = n_idx;
8047 xa_unlock_irqrestore(per_store_ap, iflags);
8048
8049 res = -ENOMEM;
8050 sip->storep = vzalloc(sz);
8051 if (!sip->storep) {
8052 pr_err("user data oom\n");
8053 goto err;
8054 }
8055 if (sdebug_num_parts > 0)
8056 sdebug_build_parts(sip->storep, sz);
8057
8058 /* DIF/DIX: what T10 calls Protection Information (PI) */
8059 if (sdebug_dix) {
8060 int dif_size;
8061
8062 dif_size = sdebug_store_sectors * sizeof(struct t10_pi_tuple);
8063 sip->dif_storep = vmalloc(dif_size);
8064
8065 pr_info("dif_storep %u bytes @ %pK\n", dif_size,
8066 sip->dif_storep);
8067
8068 if (!sip->dif_storep) {
8069 pr_err("DIX oom\n");
8070 goto err;
8071 }
8072 memset(sip->dif_storep, 0xff, dif_size);
8073 }
8074 /* Logical Block Provisioning */
8075 if (scsi_debug_lbp()) {
8076 map_size = lba_to_map_index(sdebug_store_sectors - 1) + 1;
8077 sip->map_storep = vmalloc(array_size(sizeof(long),
8078 BITS_TO_LONGS(map_size)));
8079
8080 pr_info("%lu provisioning blocks\n", map_size);
8081
8082 if (!sip->map_storep) {
8083 pr_err("LBP map oom\n");
8084 goto err;
8085 }
8086
8087 bitmap_zero(sip->map_storep, map_size);
8088
8089 /* Map first 1KB for partition table */
8090 if (sdebug_num_parts)
8091 map_region(sip, 0, 2);
8092 }
8093
8094 rwlock_init(&sip->macc_data_lck);
8095 rwlock_init(&sip->macc_meta_lck);
8096 rwlock_init(&sip->macc_sector_lck);
8097 return (int)n_idx;
8098err:
8099 sdebug_erase_store((int)n_idx, sip);
8100 pr_warn("%s: failed, errno=%d\n", __func__, -res);
8101 return res;
8102}
8103
8104static int sdebug_add_host_helper(int per_host_idx)
8105{
8106 int k, devs_per_host, idx;
8107 int error = -ENOMEM;
8108 struct sdebug_host_info *sdbg_host;
8109 struct sdebug_dev_info *sdbg_devinfo, *tmp;
8110
8111 sdbg_host = kzalloc(sizeof(*sdbg_host), GFP_KERNEL);
8112 if (!sdbg_host)
8113 return -ENOMEM;
8114 idx = (per_host_idx < 0) ? sdeb_first_idx : per_host_idx;
8115 if (xa_get_mark(per_store_ap, idx, SDEB_XA_NOT_IN_USE))
8116 xa_clear_mark(per_store_ap, idx, SDEB_XA_NOT_IN_USE);
8117 sdbg_host->si_idx = idx;
8118
8119 INIT_LIST_HEAD(&sdbg_host->dev_info_list);
8120
8121 devs_per_host = sdebug_num_tgts * sdebug_max_luns;
8122 for (k = 0; k < devs_per_host; k++) {
8123 sdbg_devinfo = sdebug_device_create(sdbg_host, GFP_KERNEL);
8124 if (!sdbg_devinfo)
8125 goto clean;
8126 }
8127
8128 mutex_lock(&sdebug_host_list_mutex);
8129 list_add_tail(&sdbg_host->host_list, &sdebug_host_list);
8130 mutex_unlock(&sdebug_host_list_mutex);
8131
8132 sdbg_host->dev.bus = &pseudo_lld_bus;
8133 sdbg_host->dev.parent = pseudo_primary;
8134 sdbg_host->dev.release = &sdebug_release_adapter;
8135 dev_set_name(&sdbg_host->dev, "adapter%d", sdebug_num_hosts);
8136
8137 error = device_register(&sdbg_host->dev);
8138 if (error) {
8139 mutex_lock(&sdebug_host_list_mutex);
8140 list_del(&sdbg_host->host_list);
8141 mutex_unlock(&sdebug_host_list_mutex);
8142 goto clean;
8143 }
8144
8145 ++sdebug_num_hosts;
8146 return 0;
8147
8148clean:
8149 list_for_each_entry_safe(sdbg_devinfo, tmp, &sdbg_host->dev_info_list,
8150 dev_list) {
8151 list_del(&sdbg_devinfo->dev_list);
8152 kfree(sdbg_devinfo->zstate);
8153 kfree(sdbg_devinfo);
8154 }
8155 if (sdbg_host->dev.release)
8156 put_device(&sdbg_host->dev);
8157 else
8158 kfree(sdbg_host);
8159 pr_warn("%s: failed, errno=%d\n", __func__, -error);
8160 return error;
8161}
8162
8163static int sdebug_do_add_host(bool mk_new_store)
8164{
8165 int ph_idx = sdeb_most_recent_idx;
8166
8167 if (mk_new_store) {
8168 ph_idx = sdebug_add_store();
8169 if (ph_idx < 0)
8170 return ph_idx;
8171 }
8172 return sdebug_add_host_helper(ph_idx);
8173}
8174
8175static void sdebug_do_remove_host(bool the_end)
8176{
8177 int idx = -1;
8178 struct sdebug_host_info *sdbg_host = NULL;
8179 struct sdebug_host_info *sdbg_host2;
8180
8181 mutex_lock(&sdebug_host_list_mutex);
8182 if (!list_empty(&sdebug_host_list)) {
8183 sdbg_host = list_entry(sdebug_host_list.prev,
8184 struct sdebug_host_info, host_list);
8185 idx = sdbg_host->si_idx;
8186 }
8187 if (!the_end && idx >= 0) {
8188 bool unique = true;
8189
8190 list_for_each_entry(sdbg_host2, &sdebug_host_list, host_list) {
8191 if (sdbg_host2 == sdbg_host)
8192 continue;
8193 if (idx == sdbg_host2->si_idx) {
8194 unique = false;
8195 break;
8196 }
8197 }
8198 if (unique) {
8199 xa_set_mark(per_store_ap, idx, SDEB_XA_NOT_IN_USE);
8200 if (idx == sdeb_most_recent_idx)
8201 --sdeb_most_recent_idx;
8202 }
8203 }
8204 if (sdbg_host)
8205 list_del(&sdbg_host->host_list);
8206 mutex_unlock(&sdebug_host_list_mutex);
8207
8208 if (!sdbg_host)
8209 return;
8210
8211 device_unregister(&sdbg_host->dev);
8212 --sdebug_num_hosts;
8213}
8214
8215static int sdebug_change_qdepth(struct scsi_device *sdev, int qdepth)
8216{
8217 struct sdebug_dev_info *devip = sdev->hostdata;
8218
8219 if (!devip)
8220 return -ENODEV;
8221
8222 mutex_lock(&sdebug_host_list_mutex);
8223 block_unblock_all_queues(true);
8224
8225 if (qdepth > SDEBUG_CANQUEUE) {
8226 qdepth = SDEBUG_CANQUEUE;
8227 pr_warn("%s: requested qdepth [%d] exceeds canqueue [%d], trim\n", __func__,
8228 qdepth, SDEBUG_CANQUEUE);
8229 }
8230 if (qdepth < 1)
8231 qdepth = 1;
8232 if (qdepth != sdev->queue_depth)
8233 scsi_change_queue_depth(sdev, qdepth);
8234
8235 block_unblock_all_queues(false);
8236 mutex_unlock(&sdebug_host_list_mutex);
8237
8238 if (SDEBUG_OPT_Q_NOISE & sdebug_opts)
8239 sdev_printk(KERN_INFO, sdev, "%s: qdepth=%d\n", __func__, qdepth);
8240
8241 return sdev->queue_depth;
8242}
8243
8244static bool fake_timeout(struct scsi_cmnd *scp)
8245{
8246 if (0 == (atomic_read(&sdebug_cmnd_count) % abs(sdebug_every_nth))) {
8247 if (sdebug_every_nth < -1)
8248 sdebug_every_nth = -1;
8249 if (SDEBUG_OPT_TIMEOUT & sdebug_opts)
8250 return true; /* ignore command causing timeout */
8251 else if (SDEBUG_OPT_MAC_TIMEOUT & sdebug_opts &&
8252 scsi_medium_access_command(scp))
8253 return true; /* time out reads and writes */
8254 }
8255 return false;
8256}
8257
8258/* Response to TUR or media access command when device stopped */
8259static int resp_not_ready(struct scsi_cmnd *scp, struct sdebug_dev_info *devip)
8260{
8261 int stopped_state;
8262 u64 diff_ns = 0;
8263 ktime_t now_ts = ktime_get_boottime();
8264 struct scsi_device *sdp = scp->device;
8265
8266 stopped_state = atomic_read(&devip->stopped);
8267 if (stopped_state == 2) {
8268 if (ktime_to_ns(now_ts) > ktime_to_ns(devip->create_ts)) {
8269 diff_ns = ktime_to_ns(ktime_sub(now_ts, devip->create_ts));
8270 if (diff_ns >= ((u64)sdeb_tur_ms_to_ready * 1000000)) {
8271 /* tur_ms_to_ready timer extinguished */
8272 atomic_set(&devip->stopped, 0);
8273 return 0;
8274 }
8275 }
8276 mk_sense_buffer(scp, NOT_READY, LOGICAL_UNIT_NOT_READY, 0x1);
8277 if (sdebug_verbose)
8278 sdev_printk(KERN_INFO, sdp,
8279 "%s: Not ready: in process of becoming ready\n", my_name);
8280 if (scp->cmnd[0] == TEST_UNIT_READY) {
8281 u64 tur_nanosecs_to_ready = (u64)sdeb_tur_ms_to_ready * 1000000;
8282
8283 if (diff_ns <= tur_nanosecs_to_ready)
8284 diff_ns = tur_nanosecs_to_ready - diff_ns;
8285 else
8286 diff_ns = tur_nanosecs_to_ready;
8287 /* As per 20-061r2 approved for spc6 by T10 on 20200716 */
8288 do_div(diff_ns, 1000000); /* diff_ns becomes milliseconds */
8289 scsi_set_sense_information(scp->sense_buffer, SCSI_SENSE_BUFFERSIZE,
8290 diff_ns);
8291 return check_condition_result;
8292 }
8293 }
8294 mk_sense_buffer(scp, NOT_READY, LOGICAL_UNIT_NOT_READY, 0x2);
8295 if (sdebug_verbose)
8296 sdev_printk(KERN_INFO, sdp, "%s: Not ready: initializing command required\n",
8297 my_name);
8298 return check_condition_result;
8299}
8300
8301static void sdebug_map_queues(struct Scsi_Host *shost)
8302{
8303 int i, qoff;
8304
8305 if (shost->nr_hw_queues == 1)
8306 return;
8307
8308 for (i = 0, qoff = 0; i < HCTX_MAX_TYPES; i++) {
8309 struct blk_mq_queue_map *map = &shost->tag_set.map[i];
8310
8311 map->nr_queues = 0;
8312
8313 if (i == HCTX_TYPE_DEFAULT)
8314 map->nr_queues = submit_queues - poll_queues;
8315 else if (i == HCTX_TYPE_POLL)
8316 map->nr_queues = poll_queues;
8317
8318 if (!map->nr_queues) {
8319 BUG_ON(i == HCTX_TYPE_DEFAULT);
8320 continue;
8321 }
8322
8323 map->queue_offset = qoff;
8324 blk_mq_map_queues(map);
8325
8326 qoff += map->nr_queues;
8327 }
8328}
8329
8330struct sdebug_blk_mq_poll_data {
8331 unsigned int queue_num;
8332 int *num_entries;
8333};
8334
8335/*
8336 * We don't handle aborted commands here, but it does not seem possible to have
8337 * aborted polled commands from schedule_resp()
8338 */
8339static bool sdebug_blk_mq_poll_iter(struct request *rq, void *opaque)
8340{
8341 struct sdebug_blk_mq_poll_data *data = opaque;
8342 struct scsi_cmnd *cmd = blk_mq_rq_to_pdu(rq);
8343 struct sdebug_scsi_cmd *sdsc = scsi_cmd_priv(cmd);
8344 struct sdebug_defer *sd_dp;
8345 u32 unique_tag = blk_mq_unique_tag(rq);
8346 u16 hwq = blk_mq_unique_tag_to_hwq(unique_tag);
8347 struct sdebug_queued_cmd *sqcp;
8348 unsigned long flags;
8349 int queue_num = data->queue_num;
8350 ktime_t time;
8351
8352 /* We're only interested in one queue for this iteration */
8353 if (hwq != queue_num)
8354 return true;
8355
8356 /* Subsequent checks would fail if this failed, but check anyway */
8357 if (!test_bit(SCMD_STATE_INFLIGHT, &cmd->state))
8358 return true;
8359
8360 time = ktime_get_boottime();
8361
8362 spin_lock_irqsave(&sdsc->lock, flags);
8363 sqcp = TO_QUEUED_CMD(cmd);
8364 if (!sqcp) {
8365 spin_unlock_irqrestore(&sdsc->lock, flags);
8366 return true;
8367 }
8368
8369 sd_dp = &sqcp->sd_dp;
8370 if (READ_ONCE(sd_dp->defer_t) != SDEB_DEFER_POLL) {
8371 spin_unlock_irqrestore(&sdsc->lock, flags);
8372 return true;
8373 }
8374
8375 if (time < sd_dp->cmpl_ts) {
8376 spin_unlock_irqrestore(&sdsc->lock, flags);
8377 return true;
8378 }
8379
8380 ASSIGN_QUEUED_CMD(cmd, NULL);
8381 spin_unlock_irqrestore(&sdsc->lock, flags);
8382
8383 if (sdebug_statistics) {
8384 atomic_inc(&sdebug_completions);
8385 if (raw_smp_processor_id() != sd_dp->issuing_cpu)
8386 atomic_inc(&sdebug_miss_cpus);
8387 }
8388
8389 sdebug_free_queued_cmd(sqcp);
8390
8391 scsi_done(cmd); /* callback to mid level */
8392 (*data->num_entries)++;
8393 return true;
8394}
8395
8396static int sdebug_blk_mq_poll(struct Scsi_Host *shost, unsigned int queue_num)
8397{
8398 int num_entries = 0;
8399 struct sdebug_blk_mq_poll_data data = {
8400 .queue_num = queue_num,
8401 .num_entries = &num_entries,
8402 };
8403
8404 blk_mq_tagset_busy_iter(&shost->tag_set, sdebug_blk_mq_poll_iter,
8405 &data);
8406
8407 if (num_entries > 0)
8408 atomic_add(num_entries, &sdeb_mq_poll_count);
8409 return num_entries;
8410}
8411
8412static int sdebug_timeout_cmd(struct scsi_cmnd *cmnd)
8413{
8414 struct scsi_device *sdp = cmnd->device;
8415 struct sdebug_dev_info *devip = (struct sdebug_dev_info *)sdp->hostdata;
8416 struct sdebug_err_inject *err;
8417 unsigned char *cmd = cmnd->cmnd;
8418 int ret = 0;
8419
8420 if (devip == NULL)
8421 return 0;
8422
8423 rcu_read_lock();
8424 list_for_each_entry_rcu(err, &devip->inject_err_list, list) {
8425 if (err->type == ERR_TMOUT_CMD &&
8426 (err->cmd == cmd[0] || err->cmd == 0xff)) {
8427 ret = !!err->cnt;
8428 if (err->cnt < 0)
8429 err->cnt++;
8430
8431 rcu_read_unlock();
8432 return ret;
8433 }
8434 }
8435 rcu_read_unlock();
8436
8437 return 0;
8438}
8439
8440static int sdebug_fail_queue_cmd(struct scsi_cmnd *cmnd)
8441{
8442 struct scsi_device *sdp = cmnd->device;
8443 struct sdebug_dev_info *devip = (struct sdebug_dev_info *)sdp->hostdata;
8444 struct sdebug_err_inject *err;
8445 unsigned char *cmd = cmnd->cmnd;
8446 int ret = 0;
8447
8448 if (devip == NULL)
8449 return 0;
8450
8451 rcu_read_lock();
8452 list_for_each_entry_rcu(err, &devip->inject_err_list, list) {
8453 if (err->type == ERR_FAIL_QUEUE_CMD &&
8454 (err->cmd == cmd[0] || err->cmd == 0xff)) {
8455 ret = err->cnt ? err->queuecmd_ret : 0;
8456 if (err->cnt < 0)
8457 err->cnt++;
8458
8459 rcu_read_unlock();
8460 return ret;
8461 }
8462 }
8463 rcu_read_unlock();
8464
8465 return 0;
8466}
8467
8468static int sdebug_fail_cmd(struct scsi_cmnd *cmnd, int *retval,
8469 struct sdebug_err_inject *info)
8470{
8471 struct scsi_device *sdp = cmnd->device;
8472 struct sdebug_dev_info *devip = (struct sdebug_dev_info *)sdp->hostdata;
8473 struct sdebug_err_inject *err;
8474 unsigned char *cmd = cmnd->cmnd;
8475 int ret = 0;
8476 int result;
8477
8478 if (devip == NULL)
8479 return 0;
8480
8481 rcu_read_lock();
8482 list_for_each_entry_rcu(err, &devip->inject_err_list, list) {
8483 if (err->type == ERR_FAIL_CMD &&
8484 (err->cmd == cmd[0] || err->cmd == 0xff)) {
8485 if (!err->cnt) {
8486 rcu_read_unlock();
8487 return 0;
8488 }
8489
8490 ret = !!err->cnt;
8491 rcu_read_unlock();
8492 goto out_handle;
8493 }
8494 }
8495 rcu_read_unlock();
8496
8497 return 0;
8498
8499out_handle:
8500 if (err->cnt < 0)
8501 err->cnt++;
8502 mk_sense_buffer(cmnd, err->sense_key, err->asc, err->asq);
8503 result = err->status_byte | err->host_byte << 16 | err->driver_byte << 24;
8504 *info = *err;
8505 *retval = schedule_resp(cmnd, devip, result, NULL, 0, 0);
8506
8507 return ret;
8508}
8509
8510static int scsi_debug_queuecommand(struct Scsi_Host *shost,
8511 struct scsi_cmnd *scp)
8512{
8513 u8 sdeb_i;
8514 struct scsi_device *sdp = scp->device;
8515 const struct opcode_info_t *oip;
8516 const struct opcode_info_t *r_oip;
8517 struct sdebug_dev_info *devip;
8518 u8 *cmd = scp->cmnd;
8519 int (*r_pfp)(struct scsi_cmnd *, struct sdebug_dev_info *);
8520 int (*pfp)(struct scsi_cmnd *, struct sdebug_dev_info *) = NULL;
8521 int k, na;
8522 int errsts = 0;
8523 u64 lun_index = sdp->lun & 0x3FFF;
8524 u32 flags;
8525 u16 sa;
8526 u8 opcode = cmd[0];
8527 bool has_wlun_rl;
8528 bool inject_now;
8529 int ret = 0;
8530 struct sdebug_err_inject err;
8531
8532 scsi_set_resid(scp, 0);
8533 if (sdebug_statistics) {
8534 atomic_inc(&sdebug_cmnd_count);
8535 inject_now = inject_on_this_cmd();
8536 } else {
8537 inject_now = false;
8538 }
8539 if (unlikely(sdebug_verbose &&
8540 !(SDEBUG_OPT_NO_CDB_NOISE & sdebug_opts))) {
8541 char b[120];
8542 int n, len, sb;
8543
8544 len = scp->cmd_len;
8545 sb = (int)sizeof(b);
8546 if (len > 32)
8547 strcpy(b, "too long, over 32 bytes");
8548 else {
8549 for (k = 0, n = 0; k < len && n < sb; ++k)
8550 n += scnprintf(b + n, sb - n, "%02x ",
8551 (u32)cmd[k]);
8552 }
8553 sdev_printk(KERN_INFO, sdp, "%s: tag=%#x, cmd %s\n", my_name,
8554 blk_mq_unique_tag(scsi_cmd_to_rq(scp)), b);
8555 }
8556 if (unlikely(inject_now && (sdebug_opts & SDEBUG_OPT_HOST_BUSY)))
8557 return SCSI_MLQUEUE_HOST_BUSY;
8558 has_wlun_rl = (sdp->lun == SCSI_W_LUN_REPORT_LUNS);
8559 if (unlikely(lun_index >= sdebug_max_luns && !has_wlun_rl))
8560 goto err_out;
8561
8562 sdeb_i = opcode_ind_arr[opcode]; /* fully mapped */
8563 oip = &opcode_info_arr[sdeb_i]; /* safe if table consistent */
8564 devip = (struct sdebug_dev_info *)sdp->hostdata;
8565 if (unlikely(!devip)) {
8566 devip = find_build_dev_info(sdp);
8567 if (NULL == devip)
8568 goto err_out;
8569 }
8570
8571 if (sdebug_timeout_cmd(scp)) {
8572 scmd_printk(KERN_INFO, scp, "timeout command 0x%x\n", opcode);
8573 return 0;
8574 }
8575
8576 ret = sdebug_fail_queue_cmd(scp);
8577 if (ret) {
8578 scmd_printk(KERN_INFO, scp, "fail queue command 0x%x with 0x%x\n",
8579 opcode, ret);
8580 return ret;
8581 }
8582
8583 if (sdebug_fail_cmd(scp, &ret, &err)) {
8584 scmd_printk(KERN_INFO, scp,
8585 "fail command 0x%x with hostbyte=0x%x, "
8586 "driverbyte=0x%x, statusbyte=0x%x, "
8587 "sense_key=0x%x, asc=0x%x, asq=0x%x\n",
8588 opcode, err.host_byte, err.driver_byte,
8589 err.status_byte, err.sense_key, err.asc, err.asq);
8590 return ret;
8591 }
8592
8593 if (unlikely(inject_now && !atomic_read(&sdeb_inject_pending)))
8594 atomic_set(&sdeb_inject_pending, 1);
8595
8596 na = oip->num_attached;
8597 r_pfp = oip->pfp;
8598 if (na) { /* multiple commands with this opcode */
8599 r_oip = oip;
8600 if (FF_SA & r_oip->flags) {
8601 if (F_SA_LOW & oip->flags)
8602 sa = 0x1f & cmd[1];
8603 else
8604 sa = get_unaligned_be16(cmd + 8);
8605 for (k = 0; k <= na; oip = r_oip->arrp + k++) {
8606 if (opcode == oip->opcode && sa == oip->sa)
8607 break;
8608 }
8609 } else { /* since no service action only check opcode */
8610 for (k = 0; k <= na; oip = r_oip->arrp + k++) {
8611 if (opcode == oip->opcode)
8612 break;
8613 }
8614 }
8615 if (k > na) {
8616 if (F_SA_LOW & r_oip->flags)
8617 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 1, 4);
8618 else if (F_SA_HIGH & r_oip->flags)
8619 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 8, 7);
8620 else
8621 mk_sense_invalid_opcode(scp);
8622 goto check_cond;
8623 }
8624 } /* else (when na==0) we assume the oip is a match */
8625 flags = oip->flags;
8626 if (unlikely(F_INV_OP & flags)) {
8627 mk_sense_invalid_opcode(scp);
8628 goto check_cond;
8629 }
8630 if (unlikely(has_wlun_rl && !(F_RL_WLUN_OK & flags))) {
8631 if (sdebug_verbose)
8632 sdev_printk(KERN_INFO, sdp, "%s: Opcode 0x%x not%s\n",
8633 my_name, opcode, " supported for wlun");
8634 mk_sense_invalid_opcode(scp);
8635 goto check_cond;
8636 }
8637 if (unlikely(sdebug_strict)) { /* check cdb against mask */
8638 u8 rem;
8639 int j;
8640
8641 for (k = 1; k < oip->len_mask[0] && k < 16; ++k) {
8642 rem = ~oip->len_mask[k] & cmd[k];
8643 if (rem) {
8644 for (j = 7; j >= 0; --j, rem <<= 1) {
8645 if (0x80 & rem)
8646 break;
8647 }
8648 mk_sense_invalid_fld(scp, SDEB_IN_CDB, k, j);
8649 goto check_cond;
8650 }
8651 }
8652 }
8653 if (unlikely(!(F_SKIP_UA & flags) &&
8654 find_first_bit(devip->uas_bm,
8655 SDEBUG_NUM_UAS) != SDEBUG_NUM_UAS)) {
8656 errsts = make_ua(scp, devip);
8657 if (errsts)
8658 goto check_cond;
8659 }
8660 if (unlikely(((F_M_ACCESS & flags) || scp->cmnd[0] == TEST_UNIT_READY) &&
8661 atomic_read(&devip->stopped))) {
8662 errsts = resp_not_ready(scp, devip);
8663 if (errsts)
8664 goto fini;
8665 }
8666 if (sdebug_fake_rw && (F_FAKE_RW & flags))
8667 goto fini;
8668 if (unlikely(sdebug_every_nth)) {
8669 if (fake_timeout(scp))
8670 return 0; /* ignore command: make trouble */
8671 }
8672 if (likely(oip->pfp))
8673 pfp = oip->pfp; /* calls a resp_* function */
8674 else
8675 pfp = r_pfp; /* if leaf function ptr NULL, try the root's */
8676
8677fini:
8678 if (F_DELAY_OVERR & flags) /* cmds like INQUIRY respond asap */
8679 return schedule_resp(scp, devip, errsts, pfp, 0, 0);
8680 else if ((flags & F_LONG_DELAY) && (sdebug_jdelay > 0 ||
8681 sdebug_ndelay > 10000)) {
8682 /*
8683 * Skip long delays if ndelay <= 10 microseconds. Otherwise
8684 * for Start Stop Unit (SSU) want at least 1 second delay and
8685 * if sdebug_jdelay>1 want a long delay of that many seconds.
8686 * For Synchronize Cache want 1/20 of SSU's delay.
8687 */
8688 int jdelay = (sdebug_jdelay < 2) ? 1 : sdebug_jdelay;
8689 int denom = (flags & F_SYNC_DELAY) ? 20 : 1;
8690
8691 jdelay = mult_frac(USER_HZ * jdelay, HZ, denom * USER_HZ);
8692 return schedule_resp(scp, devip, errsts, pfp, jdelay, 0);
8693 } else
8694 return schedule_resp(scp, devip, errsts, pfp, sdebug_jdelay,
8695 sdebug_ndelay);
8696check_cond:
8697 return schedule_resp(scp, devip, check_condition_result, NULL, 0, 0);
8698err_out:
8699 return schedule_resp(scp, NULL, DID_NO_CONNECT << 16, NULL, 0, 0);
8700}
8701
8702static int sdebug_init_cmd_priv(struct Scsi_Host *shost, struct scsi_cmnd *cmd)
8703{
8704 struct sdebug_scsi_cmd *sdsc = scsi_cmd_priv(cmd);
8705
8706 spin_lock_init(&sdsc->lock);
8707
8708 return 0;
8709}
8710
8711static struct scsi_host_template sdebug_driver_template = {
8712 .show_info = scsi_debug_show_info,
8713 .write_info = scsi_debug_write_info,
8714 .proc_name = sdebug_proc_name,
8715 .name = "SCSI DEBUG",
8716 .info = scsi_debug_info,
8717 .slave_alloc = scsi_debug_slave_alloc,
8718 .slave_configure = scsi_debug_slave_configure,
8719 .slave_destroy = scsi_debug_slave_destroy,
8720 .ioctl = scsi_debug_ioctl,
8721 .queuecommand = scsi_debug_queuecommand,
8722 .change_queue_depth = sdebug_change_qdepth,
8723 .map_queues = sdebug_map_queues,
8724 .mq_poll = sdebug_blk_mq_poll,
8725 .eh_abort_handler = scsi_debug_abort,
8726 .eh_device_reset_handler = scsi_debug_device_reset,
8727 .eh_target_reset_handler = scsi_debug_target_reset,
8728 .eh_bus_reset_handler = scsi_debug_bus_reset,
8729 .eh_host_reset_handler = scsi_debug_host_reset,
8730 .can_queue = SDEBUG_CANQUEUE,
8731 .this_id = 7,
8732 .sg_tablesize = SG_MAX_SEGMENTS,
8733 .cmd_per_lun = DEF_CMD_PER_LUN,
8734 .max_sectors = -1U,
8735 .max_segment_size = -1U,
8736 .module = THIS_MODULE,
8737 .track_queue_depth = 1,
8738 .cmd_size = sizeof(struct sdebug_scsi_cmd),
8739 .init_cmd_priv = sdebug_init_cmd_priv,
8740 .target_alloc = sdebug_target_alloc,
8741 .target_destroy = sdebug_target_destroy,
8742};
8743
8744static int sdebug_driver_probe(struct device *dev)
8745{
8746 int error = 0;
8747 struct sdebug_host_info *sdbg_host;
8748 struct Scsi_Host *hpnt;
8749 int hprot;
8750
8751 sdbg_host = dev_to_sdebug_host(dev);
8752
8753 sdebug_driver_template.can_queue = sdebug_max_queue;
8754 sdebug_driver_template.cmd_per_lun = sdebug_max_queue;
8755 if (!sdebug_clustering)
8756 sdebug_driver_template.dma_boundary = PAGE_SIZE - 1;
8757
8758 hpnt = scsi_host_alloc(&sdebug_driver_template, 0);
8759 if (NULL == hpnt) {
8760 pr_err("scsi_host_alloc failed\n");
8761 error = -ENODEV;
8762 return error;
8763 }
8764 if (submit_queues > nr_cpu_ids) {
8765 pr_warn("%s: trim submit_queues (was %d) to nr_cpu_ids=%u\n",
8766 my_name, submit_queues, nr_cpu_ids);
8767 submit_queues = nr_cpu_ids;
8768 }
8769 /*
8770 * Decide whether to tell scsi subsystem that we want mq. The
8771 * following should give the same answer for each host.
8772 */
8773 hpnt->nr_hw_queues = submit_queues;
8774 if (sdebug_host_max_queue)
8775 hpnt->host_tagset = 1;
8776
8777 /* poll queues are possible for nr_hw_queues > 1 */
8778 if (hpnt->nr_hw_queues == 1 || (poll_queues < 1)) {
8779 pr_warn("%s: trim poll_queues to 0. poll_q/nr_hw = (%d/%d)\n",
8780 my_name, poll_queues, hpnt->nr_hw_queues);
8781 poll_queues = 0;
8782 }
8783
8784 /*
8785 * Poll queues don't need interrupts, but we need at least one I/O queue
8786 * left over for non-polled I/O.
8787 * If condition not met, trim poll_queues to 1 (just for simplicity).
8788 */
8789 if (poll_queues >= submit_queues) {
8790 if (submit_queues < 3)
8791 pr_warn("%s: trim poll_queues to 1\n", my_name);
8792 else
8793 pr_warn("%s: trim poll_queues to 1. Perhaps try poll_queues=%d\n",
8794 my_name, submit_queues - 1);
8795 poll_queues = 1;
8796 }
8797 if (poll_queues)
8798 hpnt->nr_maps = 3;
8799
8800 sdbg_host->shost = hpnt;
8801 if ((hpnt->this_id >= 0) && (sdebug_num_tgts > hpnt->this_id))
8802 hpnt->max_id = sdebug_num_tgts + 1;
8803 else
8804 hpnt->max_id = sdebug_num_tgts;
8805 /* = sdebug_max_luns; */
8806 hpnt->max_lun = SCSI_W_LUN_REPORT_LUNS + 1;
8807
8808 hprot = 0;
8809
8810 switch (sdebug_dif) {
8811
8812 case T10_PI_TYPE1_PROTECTION:
8813 hprot = SHOST_DIF_TYPE1_PROTECTION;
8814 if (sdebug_dix)
8815 hprot |= SHOST_DIX_TYPE1_PROTECTION;
8816 break;
8817
8818 case T10_PI_TYPE2_PROTECTION:
8819 hprot = SHOST_DIF_TYPE2_PROTECTION;
8820 if (sdebug_dix)
8821 hprot |= SHOST_DIX_TYPE2_PROTECTION;
8822 break;
8823
8824 case T10_PI_TYPE3_PROTECTION:
8825 hprot = SHOST_DIF_TYPE3_PROTECTION;
8826 if (sdebug_dix)
8827 hprot |= SHOST_DIX_TYPE3_PROTECTION;
8828 break;
8829
8830 default:
8831 if (sdebug_dix)
8832 hprot |= SHOST_DIX_TYPE0_PROTECTION;
8833 break;
8834 }
8835
8836 scsi_host_set_prot(hpnt, hprot);
8837
8838 if (have_dif_prot || sdebug_dix)
8839 pr_info("host protection%s%s%s%s%s%s%s\n",
8840 (hprot & SHOST_DIF_TYPE1_PROTECTION) ? " DIF1" : "",
8841 (hprot & SHOST_DIF_TYPE2_PROTECTION) ? " DIF2" : "",
8842 (hprot & SHOST_DIF_TYPE3_PROTECTION) ? " DIF3" : "",
8843 (hprot & SHOST_DIX_TYPE0_PROTECTION) ? " DIX0" : "",
8844 (hprot & SHOST_DIX_TYPE1_PROTECTION) ? " DIX1" : "",
8845 (hprot & SHOST_DIX_TYPE2_PROTECTION) ? " DIX2" : "",
8846 (hprot & SHOST_DIX_TYPE3_PROTECTION) ? " DIX3" : "");
8847
8848 if (sdebug_guard == 1)
8849 scsi_host_set_guard(hpnt, SHOST_DIX_GUARD_IP);
8850 else
8851 scsi_host_set_guard(hpnt, SHOST_DIX_GUARD_CRC);
8852
8853 sdebug_verbose = !!(SDEBUG_OPT_NOISE & sdebug_opts);
8854 sdebug_any_injecting_opt = !!(SDEBUG_OPT_ALL_INJECTING & sdebug_opts);
8855 if (sdebug_every_nth) /* need stats counters for every_nth */
8856 sdebug_statistics = true;
8857 error = scsi_add_host(hpnt, &sdbg_host->dev);
8858 if (error) {
8859 pr_err("scsi_add_host failed\n");
8860 error = -ENODEV;
8861 scsi_host_put(hpnt);
8862 } else {
8863 scsi_scan_host(hpnt);
8864 }
8865
8866 return error;
8867}
8868
8869static void sdebug_driver_remove(struct device *dev)
8870{
8871 struct sdebug_host_info *sdbg_host;
8872 struct sdebug_dev_info *sdbg_devinfo, *tmp;
8873
8874 sdbg_host = dev_to_sdebug_host(dev);
8875
8876 scsi_remove_host(sdbg_host->shost);
8877
8878 list_for_each_entry_safe(sdbg_devinfo, tmp, &sdbg_host->dev_info_list,
8879 dev_list) {
8880 list_del(&sdbg_devinfo->dev_list);
8881 kfree(sdbg_devinfo->zstate);
8882 kfree(sdbg_devinfo);
8883 }
8884
8885 scsi_host_put(sdbg_host->shost);
8886}
8887
8888static const struct bus_type pseudo_lld_bus = {
8889 .name = "pseudo",
8890 .probe = sdebug_driver_probe,
8891 .remove = sdebug_driver_remove,
8892 .drv_groups = sdebug_drv_groups,
8893};