2 * vvvvvvvvvvvvvvvvvvvvvvv Original vvvvvvvvvvvvvvvvvvvvvvvvvvvvvvv
3 * Copyright (C) 1992 Eric Youngdale
4 * Simulate a host adapter with 2 disks attached. Do a lot of checking
5 * to make sure that we are not getting blocks mixed up, and PANIC if
6 * anything out of the ordinary is seen.
7 * ^^^^^^^^^^^^^^^^^^^^^^^ Original ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
9 * Copyright (C) 2001 - 2017 Douglas Gilbert
11 * This program is free software; you can redistribute it and/or modify
12 * it under the terms of the GNU General Public License as published by
13 * the Free Software Foundation; either version 2, or (at your option)
16 * For documentation see http://sg.danny.cz/sg/sdebug26.html
21 #define pr_fmt(fmt) KBUILD_MODNAME ":%s: " fmt, __func__
23 #include <linux/module.h>
25 #include <linux/kernel.h>
26 #include <linux/errno.h>
27 #include <linux/jiffies.h>
28 #include <linux/slab.h>
29 #include <linux/types.h>
30 #include <linux/string.h>
31 #include <linux/genhd.h>
33 #include <linux/init.h>
34 #include <linux/proc_fs.h>
35 #include <linux/vmalloc.h>
36 #include <linux/moduleparam.h>
37 #include <linux/scatterlist.h>
38 #include <linux/blkdev.h>
39 #include <linux/crc-t10dif.h>
40 #include <linux/spinlock.h>
41 #include <linux/interrupt.h>
42 #include <linux/atomic.h>
43 #include <linux/hrtimer.h>
44 #include <linux/uuid.h>
45 #include <linux/t10-pi.h>
47 #include <net/checksum.h>
49 #include <asm/unaligned.h>
51 #include <scsi/scsi.h>
52 #include <scsi/scsi_cmnd.h>
53 #include <scsi/scsi_device.h>
54 #include <scsi/scsi_host.h>
55 #include <scsi/scsicam.h>
56 #include <scsi/scsi_eh.h>
57 #include <scsi/scsi_tcq.h>
58 #include <scsi/scsi_dbg.h>
61 #include "scsi_logging.h"
63 /* make sure inq_product_rev string corresponds to this version */
64 #define SDEBUG_VERSION "0187" /* format to fit INQUIRY revision field */
65 static const char *sdebug_version_date = "20171202";
67 #define MY_NAME "scsi_debug"
69 /* Additional Sense Code (ASC) */
70 #define NO_ADDITIONAL_SENSE 0x0
71 #define LOGICAL_UNIT_NOT_READY 0x4
72 #define LOGICAL_UNIT_COMMUNICATION_FAILURE 0x8
73 #define UNRECOVERED_READ_ERR 0x11
74 #define PARAMETER_LIST_LENGTH_ERR 0x1a
75 #define INVALID_OPCODE 0x20
76 #define LBA_OUT_OF_RANGE 0x21
77 #define INVALID_FIELD_IN_CDB 0x24
78 #define INVALID_FIELD_IN_PARAM_LIST 0x26
79 #define UA_RESET_ASC 0x29
80 #define UA_CHANGED_ASC 0x2a
81 #define TARGET_CHANGED_ASC 0x3f
82 #define LUNS_CHANGED_ASCQ 0x0e
83 #define INSUFF_RES_ASC 0x55
84 #define INSUFF_RES_ASCQ 0x3
85 #define POWER_ON_RESET_ASCQ 0x0
86 #define BUS_RESET_ASCQ 0x2 /* scsi bus reset occurred */
87 #define MODE_CHANGED_ASCQ 0x1 /* mode parameters changed */
88 #define CAPACITY_CHANGED_ASCQ 0x9
89 #define SAVING_PARAMS_UNSUP 0x39
90 #define TRANSPORT_PROBLEM 0x4b
91 #define THRESHOLD_EXCEEDED 0x5d
92 #define LOW_POWER_COND_ON 0x5e
93 #define MISCOMPARE_VERIFY_ASC 0x1d
94 #define MICROCODE_CHANGED_ASCQ 0x1 /* with TARGET_CHANGED_ASC */
95 #define MICROCODE_CHANGED_WO_RESET_ASCQ 0x16
96 #define WRITE_ERROR_ASC 0xc
98 /* Additional Sense Code Qualifier (ASCQ) */
99 #define ACK_NAK_TO 0x3
101 /* Default values for driver parameters */
102 #define DEF_NUM_HOST 1
103 #define DEF_NUM_TGTS 1
104 #define DEF_MAX_LUNS 1
105 /* With these defaults, this driver will make 1 host with 1 target
106 * (id 0) containing 1 logical unit (lun 0). That is 1 device.
109 #define DEF_CDB_LEN 10
110 #define DEF_JDELAY 1 /* if > 0 unit is a jiffy */
111 #define DEF_DEV_SIZE_MB 8
114 #define DEF_D_SENSE 0
115 #define DEF_EVERY_NTH 0
116 #define DEF_FAKE_RW 0
118 #define DEF_HOST_LOCK 0
121 #define DEF_LBPWS10 0
123 #define DEF_LOWEST_ALIGNED 0
124 #define DEF_NDELAY 0 /* if > 0 unit is a nanosecond */
125 #define DEF_NO_LUN_0 0
126 #define DEF_NUM_PARTS 0
128 #define DEF_OPT_BLKS 1024
129 #define DEF_PHYSBLK_EXP 0
130 #define DEF_OPT_XFERLEN_EXP 0
131 #define DEF_PTYPE TYPE_DISK
132 #define DEF_REMOVABLE false
133 #define DEF_SCSI_LEVEL 7 /* INQUIRY, byte2 [6->SPC-4; 7->SPC-5] */
134 #define DEF_SECTOR_SIZE 512
135 #define DEF_UNMAP_ALIGNMENT 0
136 #define DEF_UNMAP_GRANULARITY 1
137 #define DEF_UNMAP_MAX_BLOCKS 0xFFFFFFFF
138 #define DEF_UNMAP_MAX_DESC 256
139 #define DEF_VIRTUAL_GB 0
140 #define DEF_VPD_USE_HOSTNO 1
141 #define DEF_WRITESAME_LENGTH 0xFFFF
143 #define DEF_STATISTICS false
144 #define DEF_SUBMIT_QUEUES 1
145 #define DEF_UUID_CTL 0
146 #define JDELAY_OVERRIDDEN -9999
148 #define SDEBUG_LUN_0_VAL 0
150 /* bit mask values for sdebug_opts */
151 #define SDEBUG_OPT_NOISE 1
152 #define SDEBUG_OPT_MEDIUM_ERR 2
153 #define SDEBUG_OPT_TIMEOUT 4
154 #define SDEBUG_OPT_RECOVERED_ERR 8
155 #define SDEBUG_OPT_TRANSPORT_ERR 16
156 #define SDEBUG_OPT_DIF_ERR 32
157 #define SDEBUG_OPT_DIX_ERR 64
158 #define SDEBUG_OPT_MAC_TIMEOUT 128
159 #define SDEBUG_OPT_SHORT_TRANSFER 0x100
160 #define SDEBUG_OPT_Q_NOISE 0x200
161 #define SDEBUG_OPT_ALL_TSF 0x400
162 #define SDEBUG_OPT_RARE_TSF 0x800
163 #define SDEBUG_OPT_N_WCE 0x1000
164 #define SDEBUG_OPT_RESET_NOISE 0x2000
165 #define SDEBUG_OPT_NO_CDB_NOISE 0x4000
166 #define SDEBUG_OPT_HOST_BUSY 0x8000
167 #define SDEBUG_OPT_ALL_NOISE (SDEBUG_OPT_NOISE | SDEBUG_OPT_Q_NOISE | \
168 SDEBUG_OPT_RESET_NOISE)
169 #define SDEBUG_OPT_ALL_INJECTING (SDEBUG_OPT_RECOVERED_ERR | \
170 SDEBUG_OPT_TRANSPORT_ERR | \
171 SDEBUG_OPT_DIF_ERR | SDEBUG_OPT_DIX_ERR | \
172 SDEBUG_OPT_SHORT_TRANSFER | \
173 SDEBUG_OPT_HOST_BUSY)
174 /* When "every_nth" > 0 then modulo "every_nth" commands:
175 * - a missing response is simulated if SDEBUG_OPT_TIMEOUT is set
176 * - a RECOVERED_ERROR is simulated on successful read and write
177 * commands if SDEBUG_OPT_RECOVERED_ERR is set.
178 * - a TRANSPORT_ERROR is simulated on successful read and write
179 * commands if SDEBUG_OPT_TRANSPORT_ERR is set.
181 * When "every_nth" < 0 then after "- every_nth" commands:
182 * - a missing response is simulated if SDEBUG_OPT_TIMEOUT is set
183 * - a RECOVERED_ERROR is simulated on successful read and write
184 * commands if SDEBUG_OPT_RECOVERED_ERR is set.
185 * - a TRANSPORT_ERROR is simulated on successful read and write
186 * commands if _DEBUG_OPT_TRANSPORT_ERR is set.
187 * This will continue on every subsequent command until some other action
188 * occurs (e.g. the user * writing a new value (other than -1 or 1) to
189 * every_nth via sysfs).
192 /* As indicated in SAM-5 and SPC-4 Unit Attentions (UAs) are returned in
193 * priority order. In the subset implemented here lower numbers have higher
194 * priority. The UA numbers should be a sequence starting from 0 with
195 * SDEBUG_NUM_UAS being 1 higher than the highest numbered UA. */
196 #define SDEBUG_UA_POR 0 /* Power on, reset, or bus device reset */
197 #define SDEBUG_UA_BUS_RESET 1
198 #define SDEBUG_UA_MODE_CHANGED 2
199 #define SDEBUG_UA_CAPACITY_CHANGED 3
200 #define SDEBUG_UA_LUNS_CHANGED 4
201 #define SDEBUG_UA_MICROCODE_CHANGED 5 /* simulate firmware change */
202 #define SDEBUG_UA_MICROCODE_CHANGED_WO_RESET 6
203 #define SDEBUG_NUM_UAS 7
205 /* when 1==SDEBUG_OPT_MEDIUM_ERR, a medium error is simulated at this
206 * sector on read commands: */
207 #define OPT_MEDIUM_ERR_ADDR 0x1234 /* that's sector 4660 in decimal */
208 #define OPT_MEDIUM_ERR_NUM 10 /* number of consecutive medium errs */
210 /* If REPORT LUNS has luns >= 256 it can choose "flat space" (value 1)
211 * or "peripheral device" addressing (value 0) */
212 #define SAM2_LUN_ADDRESS_METHOD 0
214 /* SDEBUG_CANQUEUE is the maximum number of commands that can be queued
215 * (for response) per submit queue at one time. Can be reduced by max_queue
216 * option. Command responses are not queued when jdelay=0 and ndelay=0. The
217 * per-device DEF_CMD_PER_LUN can be changed via sysfs:
218 * /sys/class/scsi_device/<h:c:t:l>/device/queue_depth
219 * but cannot exceed SDEBUG_CANQUEUE .
221 #define SDEBUG_CANQUEUE_WORDS 3 /* a WORD is bits in a long */
222 #define SDEBUG_CANQUEUE (SDEBUG_CANQUEUE_WORDS * BITS_PER_LONG)
223 #define DEF_CMD_PER_LUN 255
227 #define F_D_OUT_MAYBE 4 /* WRITE SAME, NDOB bit */
229 #define F_RL_WLUN_OK 0x10
230 #define F_SKIP_UA 0x20
231 #define F_DELAY_OVERR 0x40
232 #define F_SA_LOW 0x80 /* cdb byte 1, bits 4 to 0 */
233 #define F_SA_HIGH 0x100 /* as used by variable length cdbs */
234 #define F_INV_OP 0x200
235 #define F_FAKE_RW 0x400
236 #define F_M_ACCESS 0x800 /* media access */
238 #define FF_RESPOND (F_RL_WLUN_OK | F_SKIP_UA | F_DELAY_OVERR)
239 #define FF_MEDIA_IO (F_M_ACCESS | F_FAKE_RW)
240 #define FF_SA (F_SA_HIGH | F_SA_LOW)
242 #define SDEBUG_MAX_PARTS 4
244 #define SDEBUG_MAX_CMD_LEN 32
247 struct sdebug_dev_info {
248 struct list_head dev_list;
249 unsigned int channel;
253 struct sdebug_host_info *sdbg_host;
254 unsigned long uas_bm[1];
260 struct sdebug_host_info {
261 struct list_head host_list;
262 struct Scsi_Host *shost;
264 struct list_head dev_info_list;
267 #define to_sdebug_host(d) \
268 container_of(d, struct sdebug_host_info, dev)
270 enum sdeb_defer_type {SDEB_DEFER_NONE = 0, SDEB_DEFER_HRT = 1,
273 struct sdebug_defer {
275 struct execute_work ew;
276 int sqa_idx; /* index of sdebug_queue array */
277 int qc_idx; /* index of sdebug_queued_cmd array within sqa_idx */
281 enum sdeb_defer_type defer_t;
284 struct sdebug_queued_cmd {
285 /* corresponding bit set in in_use_bm[] in owning struct sdebug_queue
286 * instance indicates this slot is in use.
288 struct sdebug_defer *sd_dp;
289 struct scsi_cmnd *a_cmnd;
290 unsigned int inj_recovered:1;
291 unsigned int inj_transport:1;
292 unsigned int inj_dif:1;
293 unsigned int inj_dix:1;
294 unsigned int inj_short:1;
295 unsigned int inj_host_busy:1;
298 struct sdebug_queue {
299 struct sdebug_queued_cmd qc_arr[SDEBUG_CANQUEUE];
300 unsigned long in_use_bm[SDEBUG_CANQUEUE_WORDS];
302 atomic_t blocked; /* to temporarily stop more being queued */
305 static atomic_t sdebug_cmnd_count; /* number of incoming commands */
306 static atomic_t sdebug_completions; /* count of deferred completions */
307 static atomic_t sdebug_miss_cpus; /* submission + completion cpus differ */
308 static atomic_t sdebug_a_tsf; /* 'almost task set full' counter */
310 struct opcode_info_t {
311 u8 num_attached; /* 0 if this is it (i.e. a leaf); use 0xff */
312 /* for terminating element */
313 u8 opcode; /* if num_attached > 0, preferred */
314 u16 sa; /* service action */
315 u32 flags; /* OR-ed set of SDEB_F_* */
316 int (*pfp)(struct scsi_cmnd *, struct sdebug_dev_info *);
317 const struct opcode_info_t *arrp; /* num_attached elements or NULL */
318 u8 len_mask[16]; /* len_mask[0]-->cdb_len, then mask for cdb */
319 /* 1 to min(cdb_len, 15); ignore cdb[15...] */
322 /* SCSI opcodes (first byte of cdb) of interest mapped onto these indexes */
323 enum sdeb_opcode_index {
324 SDEB_I_INVALID_OPCODE = 0,
326 SDEB_I_REPORT_LUNS = 2,
327 SDEB_I_REQUEST_SENSE = 3,
328 SDEB_I_TEST_UNIT_READY = 4,
329 SDEB_I_MODE_SENSE = 5, /* 6, 10 */
330 SDEB_I_MODE_SELECT = 6, /* 6, 10 */
331 SDEB_I_LOG_SENSE = 7,
332 SDEB_I_READ_CAPACITY = 8, /* 10; 16 is in SA_IN(16) */
333 SDEB_I_READ = 9, /* 6, 10, 12, 16 */
334 SDEB_I_WRITE = 10, /* 6, 10, 12, 16 */
335 SDEB_I_START_STOP = 11,
336 SDEB_I_SERV_ACT_IN_16 = 12, /* add ...SERV_ACT_IN_12 if needed */
337 SDEB_I_SERV_ACT_OUT_16 = 13, /* add ...SERV_ACT_OUT_12 if needed */
338 SDEB_I_MAINT_IN = 14,
339 SDEB_I_MAINT_OUT = 15,
340 SDEB_I_VERIFY = 16, /* 10 only */
341 SDEB_I_VARIABLE_LEN = 17, /* READ(32), WRITE(32), WR_SCAT(32) */
342 SDEB_I_RESERVE = 18, /* 6, 10 */
343 SDEB_I_RELEASE = 19, /* 6, 10 */
344 SDEB_I_ALLOW_REMOVAL = 20, /* PREVENT ALLOW MEDIUM REMOVAL */
345 SDEB_I_REZERO_UNIT = 21, /* REWIND in SSC */
346 SDEB_I_ATA_PT = 22, /* 12, 16 */
347 SDEB_I_SEND_DIAG = 23,
349 SDEB_I_XDWRITEREAD = 25, /* 10 only */
350 SDEB_I_WRITE_BUFFER = 26,
351 SDEB_I_WRITE_SAME = 27, /* 10, 16 */
352 SDEB_I_SYNC_CACHE = 28, /* 10 only */
353 SDEB_I_COMP_WRITE = 29,
354 SDEB_I_LAST_ELEMENT = 30, /* keep this last (previous + 1) */
358 static const unsigned char opcode_ind_arr[256] = {
359 /* 0x0; 0x0->0x1f: 6 byte cdbs */
360 SDEB_I_TEST_UNIT_READY, SDEB_I_REZERO_UNIT, 0, SDEB_I_REQUEST_SENSE,
362 SDEB_I_READ, 0, SDEB_I_WRITE, 0, 0, 0, 0, 0,
363 0, 0, SDEB_I_INQUIRY, 0, 0, SDEB_I_MODE_SELECT, SDEB_I_RESERVE,
365 0, 0, SDEB_I_MODE_SENSE, SDEB_I_START_STOP, 0, SDEB_I_SEND_DIAG,
366 SDEB_I_ALLOW_REMOVAL, 0,
367 /* 0x20; 0x20->0x3f: 10 byte cdbs */
368 0, 0, 0, 0, 0, SDEB_I_READ_CAPACITY, 0, 0,
369 SDEB_I_READ, 0, SDEB_I_WRITE, 0, 0, 0, 0, SDEB_I_VERIFY,
370 0, 0, 0, 0, 0, SDEB_I_SYNC_CACHE, 0, 0,
371 0, 0, 0, SDEB_I_WRITE_BUFFER, 0, 0, 0, 0,
372 /* 0x40; 0x40->0x5f: 10 byte cdbs */
373 0, SDEB_I_WRITE_SAME, SDEB_I_UNMAP, 0, 0, 0, 0, 0,
374 0, 0, 0, 0, 0, SDEB_I_LOG_SENSE, 0, 0,
375 0, 0, 0, SDEB_I_XDWRITEREAD, 0, SDEB_I_MODE_SELECT, SDEB_I_RESERVE,
377 0, 0, SDEB_I_MODE_SENSE, 0, 0, 0, 0, 0,
378 /* 0x60; 0x60->0x7d are reserved, 0x7e is "extended cdb" */
379 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
380 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
381 0, SDEB_I_VARIABLE_LEN,
382 /* 0x80; 0x80->0x9f: 16 byte cdbs */
383 0, 0, 0, 0, 0, SDEB_I_ATA_PT, 0, 0,
384 SDEB_I_READ, SDEB_I_COMP_WRITE, SDEB_I_WRITE, 0, 0, 0, 0, 0,
385 0, 0, 0, SDEB_I_WRITE_SAME, 0, 0, 0, 0,
386 0, 0, 0, 0, 0, 0, SDEB_I_SERV_ACT_IN_16, SDEB_I_SERV_ACT_OUT_16,
387 /* 0xa0; 0xa0->0xbf: 12 byte cdbs */
388 SDEB_I_REPORT_LUNS, SDEB_I_ATA_PT, 0, SDEB_I_MAINT_IN,
389 SDEB_I_MAINT_OUT, 0, 0, 0,
390 SDEB_I_READ, 0 /* SDEB_I_SERV_ACT_OUT_12 */, SDEB_I_WRITE,
391 0 /* SDEB_I_SERV_ACT_IN_12 */, 0, 0, 0, 0,
392 0, 0, 0, 0, 0, 0, 0, 0,
393 0, 0, 0, 0, 0, 0, 0, 0,
394 /* 0xc0; 0xc0->0xff: vendor specific */
395 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
396 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
397 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
398 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
401 static int resp_inquiry(struct scsi_cmnd *, struct sdebug_dev_info *);
402 static int resp_report_luns(struct scsi_cmnd *, struct sdebug_dev_info *);
403 static int resp_requests(struct scsi_cmnd *, struct sdebug_dev_info *);
404 static int resp_mode_sense(struct scsi_cmnd *, struct sdebug_dev_info *);
405 static int resp_mode_select(struct scsi_cmnd *, struct sdebug_dev_info *);
406 static int resp_log_sense(struct scsi_cmnd *, struct sdebug_dev_info *);
407 static int resp_readcap(struct scsi_cmnd *, struct sdebug_dev_info *);
408 static int resp_read_dt0(struct scsi_cmnd *, struct sdebug_dev_info *);
409 static int resp_write_dt0(struct scsi_cmnd *, struct sdebug_dev_info *);
410 static int resp_write_scat(struct scsi_cmnd *, struct sdebug_dev_info *);
411 static int resp_start_stop(struct scsi_cmnd *, struct sdebug_dev_info *);
412 static int resp_readcap16(struct scsi_cmnd *, struct sdebug_dev_info *);
413 static int resp_get_lba_status(struct scsi_cmnd *, struct sdebug_dev_info *);
414 static int resp_report_tgtpgs(struct scsi_cmnd *, struct sdebug_dev_info *);
415 static int resp_unmap(struct scsi_cmnd *, struct sdebug_dev_info *);
416 static int resp_rsup_opcodes(struct scsi_cmnd *, struct sdebug_dev_info *);
417 static int resp_rsup_tmfs(struct scsi_cmnd *, struct sdebug_dev_info *);
418 static int resp_write_same_10(struct scsi_cmnd *, struct sdebug_dev_info *);
419 static int resp_write_same_16(struct scsi_cmnd *, struct sdebug_dev_info *);
420 static int resp_xdwriteread_10(struct scsi_cmnd *, struct sdebug_dev_info *);
421 static int resp_comp_write(struct scsi_cmnd *, struct sdebug_dev_info *);
422 static int resp_write_buffer(struct scsi_cmnd *, struct sdebug_dev_info *);
425 * The following are overflow arrays for cdbs that "hit" the same index in
426 * the opcode_info_arr array. The most time sensitive (or commonly used) cdb
427 * should be placed in opcode_info_arr[], the others should be placed here.
429 static const struct opcode_info_t msense_iarr[] = {
430 {0, 0x1a, 0, F_D_IN, NULL, NULL,
431 {6, 0xe8, 0xff, 0xff, 0xff, 0xc7, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} },
434 static const struct opcode_info_t mselect_iarr[] = {
435 {0, 0x15, 0, F_D_OUT, NULL, NULL,
436 {6, 0xf1, 0, 0, 0xff, 0xc7, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} },
439 static const struct opcode_info_t read_iarr[] = {
440 {0, 0x28, 0, F_D_IN | FF_MEDIA_IO, resp_read_dt0, NULL,/* READ(10) */
441 {10, 0xff, 0xff, 0xff, 0xff, 0xff, 0x3f, 0xff, 0xff, 0xc7, 0, 0,
443 {0, 0x8, 0, F_D_IN | FF_MEDIA_IO, resp_read_dt0, NULL, /* READ(6) */
444 {6, 0xff, 0xff, 0xff, 0xff, 0xc7, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} },
445 {0, 0xa8, 0, F_D_IN | FF_MEDIA_IO, resp_read_dt0, NULL,/* READ(12) */
446 {12, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xbf,
450 static const struct opcode_info_t write_iarr[] = {
451 {0, 0x2a, 0, F_D_OUT | FF_MEDIA_IO, resp_write_dt0, /* WRITE(10) */
452 NULL, {10, 0xfb, 0xff, 0xff, 0xff, 0xff, 0x3f, 0xff, 0xff, 0xc7,
454 {0, 0xa, 0, F_D_OUT | FF_MEDIA_IO, resp_write_dt0, /* WRITE(6) */
455 NULL, {6, 0xff, 0xff, 0xff, 0xff, 0xc7, 0, 0, 0, 0, 0, 0, 0,
457 {0, 0xaa, 0, F_D_OUT | FF_MEDIA_IO, resp_write_dt0, /* WRITE(12) */
458 NULL, {12, 0xfb, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
459 0xbf, 0xc7, 0, 0, 0, 0} },
462 static const struct opcode_info_t sa_in_16_iarr[] = {
463 {0, 0x9e, 0x12, F_SA_LOW | F_D_IN, resp_get_lba_status, NULL,
464 {16, 0x12, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
465 0xff, 0xff, 0xff, 0, 0xc7} }, /* GET LBA STATUS(16) */
468 static const struct opcode_info_t vl_iarr[] = { /* VARIABLE LENGTH */
469 {0, 0x7f, 0xb, F_SA_HIGH | F_D_OUT | FF_MEDIA_IO, resp_write_dt0,
470 NULL, {32, 0xc7, 0, 0, 0, 0, 0x3f, 0x18, 0x0, 0xb, 0xfa,
471 0, 0xff, 0xff, 0xff, 0xff} }, /* WRITE(32) */
472 {0, 0x7f, 0x11, F_SA_HIGH | F_D_OUT | FF_MEDIA_IO, resp_write_scat,
473 NULL, {32, 0xc7, 0, 0, 0, 0, 0x3f, 0x18, 0x0, 0x11, 0xf8,
474 0, 0xff, 0xff, 0x0, 0x0} }, /* WRITE SCATTERED(32) */
477 static const struct opcode_info_t maint_in_iarr[] = { /* MAINT IN */
478 {0, 0xa3, 0xc, F_SA_LOW | F_D_IN, resp_rsup_opcodes, NULL,
479 {12, 0xc, 0x87, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0,
480 0xc7, 0, 0, 0, 0} }, /* REPORT SUPPORTED OPERATION CODES */
481 {0, 0xa3, 0xd, F_SA_LOW | F_D_IN, resp_rsup_tmfs, NULL,
482 {12, 0xd, 0x80, 0, 0, 0, 0xff, 0xff, 0xff, 0xff, 0, 0xc7, 0, 0,
483 0, 0} }, /* REPORTED SUPPORTED TASK MANAGEMENT FUNCTIONS */
486 static const struct opcode_info_t write_same_iarr[] = {
487 {0, 0x93, 0, F_D_OUT_MAYBE | FF_MEDIA_IO, resp_write_same_16, NULL,
488 {16, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
489 0xff, 0xff, 0xff, 0x3f, 0xc7} }, /* WRITE SAME(16) */
492 static const struct opcode_info_t reserve_iarr[] = {
493 {0, 0x16, 0, F_D_OUT, NULL, NULL, /* RESERVE(6) */
494 {6, 0x1f, 0xff, 0xff, 0xff, 0xc7, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} },
497 static const struct opcode_info_t release_iarr[] = {
498 {0, 0x17, 0, F_D_OUT, NULL, NULL, /* RELEASE(6) */
499 {6, 0x1f, 0xff, 0, 0, 0xc7, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} },
503 /* This array is accessed via SDEB_I_* values. Make sure all are mapped,
504 * plus the terminating elements for logic that scans this table such as
505 * REPORT SUPPORTED OPERATION CODES. */
506 static const struct opcode_info_t opcode_info_arr[SDEB_I_LAST_ELEMENT + 1] = {
508 {0, 0, 0, F_INV_OP | FF_RESPOND, NULL, NULL, /* unknown opcodes */
509 {0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} },
510 {0, 0x12, 0, FF_RESPOND | F_D_IN, resp_inquiry, NULL, /* INQUIRY */
511 {6, 0xe3, 0xff, 0xff, 0xff, 0xc7, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} },
512 {0, 0xa0, 0, FF_RESPOND | F_D_IN, resp_report_luns, NULL,
513 {12, 0xe3, 0xff, 0, 0, 0, 0xff, 0xff, 0xff, 0xff, 0, 0xc7, 0, 0,
514 0, 0} }, /* REPORT LUNS */
515 {0, 0x3, 0, FF_RESPOND | F_D_IN, resp_requests, NULL,
516 {6, 0xe1, 0, 0, 0xff, 0xc7, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} },
517 {0, 0x0, 0, F_M_ACCESS | F_RL_WLUN_OK, NULL, NULL,/* TEST UNIT READY */
518 {6, 0, 0, 0, 0, 0xc7, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} },
520 {ARRAY_SIZE(msense_iarr), 0x5a, 0, F_D_IN, /* MODE SENSE(10) */
521 resp_mode_sense, msense_iarr, {10, 0xf8, 0xff, 0xff, 0, 0, 0,
522 0xff, 0xff, 0xc7, 0, 0, 0, 0, 0, 0} },
523 {ARRAY_SIZE(mselect_iarr), 0x55, 0, F_D_OUT, /* MODE SELECT(10) */
524 resp_mode_select, mselect_iarr, {10, 0xf1, 0, 0, 0, 0, 0, 0xff,
525 0xff, 0xc7, 0, 0, 0, 0, 0, 0} },
526 {0, 0x4d, 0, F_D_IN, resp_log_sense, NULL, /* LOG SENSE */
527 {10, 0xe3, 0xff, 0xff, 0, 0xff, 0xff, 0xff, 0xff, 0xc7, 0, 0, 0,
529 {0, 0x25, 0, F_D_IN, resp_readcap, NULL, /* READ CAPACITY(10) */
530 {10, 0xe1, 0xff, 0xff, 0xff, 0xff, 0, 0, 0x1, 0xc7, 0, 0, 0, 0,
532 {ARRAY_SIZE(read_iarr), 0x88, 0, F_D_IN | FF_MEDIA_IO, /* READ(16) */
533 resp_read_dt0, read_iarr, {16, 0xfe, 0xff, 0xff, 0xff, 0xff,
534 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xc7} },
536 {ARRAY_SIZE(write_iarr), 0x8a, 0, F_D_OUT | FF_MEDIA_IO,
537 resp_write_dt0, write_iarr, /* WRITE(16) */
538 {16, 0xfa, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
539 0xff, 0xff, 0xff, 0xff, 0xff, 0xc7} }, /* WRITE(16) */
540 {0, 0x1b, 0, 0, resp_start_stop, NULL, /* START STOP UNIT */
541 {6, 0x1, 0, 0xf, 0xf7, 0xc7, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} },
542 {ARRAY_SIZE(sa_in_16_iarr), 0x9e, 0x10, F_SA_LOW | F_D_IN,
543 resp_readcap16, sa_in_16_iarr, /* SA_IN(16), READ CAPACITY(16) */
544 {16, 0x10, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
545 0xff, 0xff, 0xff, 0xff, 0x1, 0xc7} },
546 {0, 0x9f, 0x12, F_SA_LOW | F_D_OUT | FF_MEDIA_IO, resp_write_scat,
547 NULL, {16, 0x12, 0xf9, 0x0, 0xff, 0xff, 0, 0, 0xff, 0xff, 0xff,
548 0xff, 0xff, 0xff, 0xff, 0xc7} }, /* SA_OUT(16), WRITE SCAT(16) */
549 {ARRAY_SIZE(maint_in_iarr), 0xa3, 0xa, F_SA_LOW | F_D_IN,
550 resp_report_tgtpgs, /* MAINT IN, REPORT TARGET PORT GROUPS */
551 maint_in_iarr, {12, 0xea, 0, 0, 0, 0, 0xff, 0xff, 0xff,
552 0xff, 0, 0xc7, 0, 0, 0, 0} },
554 {0, 0, 0, F_INV_OP | FF_RESPOND, NULL, NULL, /* MAINT OUT */
555 {0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} },
556 {0, 0x2f, 0, F_D_OUT_MAYBE | FF_MEDIA_IO, NULL, NULL, /* VERIFY(10) */
557 {10, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xc7,
559 {ARRAY_SIZE(vl_iarr), 0x7f, 0x9, F_SA_HIGH | F_D_IN | FF_MEDIA_IO,
560 resp_read_dt0, vl_iarr, /* VARIABLE LENGTH, READ(32) */
561 {32, 0xc7, 0, 0, 0, 0, 0x3f, 0x18, 0x0, 0x9, 0xfe, 0, 0xff, 0xff,
563 {ARRAY_SIZE(reserve_iarr), 0x56, 0, F_D_OUT,
564 NULL, reserve_iarr, /* RESERVE(10) <no response function> */
565 {10, 0xff, 0xff, 0xff, 0, 0, 0, 0xff, 0xff, 0xc7, 0, 0, 0, 0, 0,
567 {ARRAY_SIZE(release_iarr), 0x57, 0, F_D_OUT,
568 NULL, release_iarr, /* RELEASE(10) <no response function> */
569 {10, 0x13, 0xff, 0xff, 0, 0, 0, 0xff, 0xff, 0xc7, 0, 0, 0, 0, 0,
572 {0, 0x1e, 0, 0, NULL, NULL, /* ALLOW REMOVAL */
573 {6, 0, 0, 0, 0x3, 0xc7, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} },
574 {0, 0x1, 0, 0, resp_start_stop, NULL, /* REWIND ?? */
575 {6, 0x1, 0, 0, 0, 0xc7, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} },
576 {0, 0, 0, F_INV_OP | FF_RESPOND, NULL, NULL, /* ATA_PT */
577 {0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} },
578 {0, 0x1d, F_D_OUT, 0, NULL, NULL, /* SEND DIAGNOSTIC */
579 {6, 0xf7, 0, 0xff, 0xff, 0xc7, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} },
580 {0, 0x42, 0, F_D_OUT | FF_MEDIA_IO, resp_unmap, NULL, /* UNMAP */
581 {10, 0x1, 0, 0, 0, 0, 0x3f, 0xff, 0xff, 0xc7, 0, 0, 0, 0, 0, 0} },
583 {0, 0x53, 0, F_D_IN | F_D_OUT | FF_MEDIA_IO, resp_xdwriteread_10,
584 NULL, {10, 0xff, 0xff, 0xff, 0xff, 0xff, 0x3f, 0xff, 0xff, 0xc7,
585 0, 0, 0, 0, 0, 0} }, /* XDWRITEREAD(10) */
586 {0, 0x3b, 0, F_D_OUT_MAYBE, resp_write_buffer, NULL,
587 {10, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xc7, 0, 0,
588 0, 0, 0, 0} }, /* WRITE_BUFFER */
589 {ARRAY_SIZE(write_same_iarr), 0x41, 0, F_D_OUT_MAYBE | FF_MEDIA_IO,
590 resp_write_same_10, write_same_iarr, /* WRITE SAME(10) */
591 {10, 0xff, 0xff, 0xff, 0xff, 0xff, 0x3f, 0xff, 0xff, 0xc7, 0,
593 {0, 0x35, 0, F_DELAY_OVERR | FF_MEDIA_IO, NULL, NULL, /* SYNC_CACHE */
594 {10, 0x7, 0xff, 0xff, 0xff, 0xff, 0x3f, 0xff, 0xff, 0xc7, 0, 0,
596 {0, 0x89, 0, F_D_OUT | FF_MEDIA_IO, resp_comp_write, NULL,
597 {16, 0xf8, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0, 0,
598 0, 0xff, 0x3f, 0xc7} }, /* COMPARE AND WRITE */
601 {0xff, 0, 0, 0, NULL, NULL, /* terminating element */
602 {0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} },
605 static int sdebug_add_host = DEF_NUM_HOST;
606 static int sdebug_ato = DEF_ATO;
607 static int sdebug_cdb_len = DEF_CDB_LEN;
608 static int sdebug_jdelay = DEF_JDELAY; /* if > 0 then unit is jiffies */
609 static int sdebug_dev_size_mb = DEF_DEV_SIZE_MB;
610 static int sdebug_dif = DEF_DIF;
611 static int sdebug_dix = DEF_DIX;
612 static int sdebug_dsense = DEF_D_SENSE;
613 static int sdebug_every_nth = DEF_EVERY_NTH;
614 static int sdebug_fake_rw = DEF_FAKE_RW;
615 static unsigned int sdebug_guard = DEF_GUARD;
616 static int sdebug_lowest_aligned = DEF_LOWEST_ALIGNED;
617 static int sdebug_max_luns = DEF_MAX_LUNS;
618 static int sdebug_max_queue = SDEBUG_CANQUEUE; /* per submit queue */
619 static atomic_t retired_max_queue; /* if > 0 then was prior max_queue */
620 static int sdebug_ndelay = DEF_NDELAY; /* if > 0 then unit is nanoseconds */
621 static int sdebug_no_lun_0 = DEF_NO_LUN_0;
622 static int sdebug_no_uld;
623 static int sdebug_num_parts = DEF_NUM_PARTS;
624 static int sdebug_num_tgts = DEF_NUM_TGTS; /* targets per host */
625 static int sdebug_opt_blks = DEF_OPT_BLKS;
626 static int sdebug_opts = DEF_OPTS;
627 static int sdebug_physblk_exp = DEF_PHYSBLK_EXP;
628 static int sdebug_opt_xferlen_exp = DEF_OPT_XFERLEN_EXP;
629 static int sdebug_ptype = DEF_PTYPE; /* SCSI peripheral device type */
630 static int sdebug_scsi_level = DEF_SCSI_LEVEL;
631 static int sdebug_sector_size = DEF_SECTOR_SIZE;
632 static int sdebug_virtual_gb = DEF_VIRTUAL_GB;
633 static int sdebug_vpd_use_hostno = DEF_VPD_USE_HOSTNO;
634 static unsigned int sdebug_lbpu = DEF_LBPU;
635 static unsigned int sdebug_lbpws = DEF_LBPWS;
636 static unsigned int sdebug_lbpws10 = DEF_LBPWS10;
637 static unsigned int sdebug_lbprz = DEF_LBPRZ;
638 static unsigned int sdebug_unmap_alignment = DEF_UNMAP_ALIGNMENT;
639 static unsigned int sdebug_unmap_granularity = DEF_UNMAP_GRANULARITY;
640 static unsigned int sdebug_unmap_max_blocks = DEF_UNMAP_MAX_BLOCKS;
641 static unsigned int sdebug_unmap_max_desc = DEF_UNMAP_MAX_DESC;
642 static unsigned int sdebug_write_same_length = DEF_WRITESAME_LENGTH;
643 static int sdebug_uuid_ctl = DEF_UUID_CTL;
644 static bool sdebug_removable = DEF_REMOVABLE;
645 static bool sdebug_clustering;
646 static bool sdebug_host_lock = DEF_HOST_LOCK;
647 static bool sdebug_strict = DEF_STRICT;
648 static bool sdebug_any_injecting_opt;
649 static bool sdebug_verbose;
650 static bool have_dif_prot;
651 static bool sdebug_statistics = DEF_STATISTICS;
652 static bool sdebug_mq_active;
654 static unsigned int sdebug_store_sectors;
655 static sector_t sdebug_capacity; /* in sectors */
657 /* old BIOS stuff, kernel may get rid of them but some mode sense pages
658 may still need them */
659 static int sdebug_heads; /* heads per disk */
660 static int sdebug_cylinders_per; /* cylinders per surface */
661 static int sdebug_sectors_per; /* sectors per cylinder */
663 static LIST_HEAD(sdebug_host_list);
664 static DEFINE_SPINLOCK(sdebug_host_list_lock);
666 static unsigned char *fake_storep; /* ramdisk storage */
667 static struct t10_pi_tuple *dif_storep; /* protection info */
668 static void *map_storep; /* provisioning map */
670 static unsigned long map_size;
671 static int num_aborts;
672 static int num_dev_resets;
673 static int num_target_resets;
674 static int num_bus_resets;
675 static int num_host_resets;
676 static int dix_writes;
677 static int dix_reads;
678 static int dif_errors;
680 static int submit_queues = DEF_SUBMIT_QUEUES; /* > 1 for multi-queue (mq) */
681 static struct sdebug_queue *sdebug_q_arr; /* ptr to array of submit queues */
683 static DEFINE_RWLOCK(atomic_rw);
685 static char sdebug_proc_name[] = MY_NAME;
686 static const char *my_name = MY_NAME;
688 static struct bus_type pseudo_lld_bus;
690 static struct device_driver sdebug_driverfs_driver = {
691 .name = sdebug_proc_name,
692 .bus = &pseudo_lld_bus,
695 static const int check_condition_result =
696 (DRIVER_SENSE << 24) | SAM_STAT_CHECK_CONDITION;
698 static const int illegal_condition_result =
699 (DRIVER_SENSE << 24) | (DID_ABORT << 16) | SAM_STAT_CHECK_CONDITION;
701 static const int device_qfull_result =
702 (DID_OK << 16) | (COMMAND_COMPLETE << 8) | SAM_STAT_TASK_SET_FULL;
705 /* Only do the extra work involved in logical block provisioning if one or
706 * more of the lbpu, lbpws or lbpws10 parameters are given and we are doing
707 * real reads and writes (i.e. not skipping them for speed).
709 static inline bool scsi_debug_lbp(void)
711 return 0 == sdebug_fake_rw &&
712 (sdebug_lbpu || sdebug_lbpws || sdebug_lbpws10);
715 static void *fake_store(unsigned long long lba)
717 lba = do_div(lba, sdebug_store_sectors);
719 return fake_storep + lba * sdebug_sector_size;
722 static struct t10_pi_tuple *dif_store(sector_t sector)
724 sector = sector_div(sector, sdebug_store_sectors);
726 return dif_storep + sector;
729 static void sdebug_max_tgts_luns(void)
731 struct sdebug_host_info *sdbg_host;
732 struct Scsi_Host *hpnt;
734 spin_lock(&sdebug_host_list_lock);
735 list_for_each_entry(sdbg_host, &sdebug_host_list, host_list) {
736 hpnt = sdbg_host->shost;
737 if ((hpnt->this_id >= 0) &&
738 (sdebug_num_tgts > hpnt->this_id))
739 hpnt->max_id = sdebug_num_tgts + 1;
741 hpnt->max_id = sdebug_num_tgts;
742 /* sdebug_max_luns; */
743 hpnt->max_lun = SCSI_W_LUN_REPORT_LUNS + 1;
745 spin_unlock(&sdebug_host_list_lock);
748 enum sdeb_cmd_data {SDEB_IN_DATA = 0, SDEB_IN_CDB = 1};
750 /* Set in_bit to -1 to indicate no bit position of invalid field */
751 static void mk_sense_invalid_fld(struct scsi_cmnd *scp,
752 enum sdeb_cmd_data c_d,
753 int in_byte, int in_bit)
755 unsigned char *sbuff;
759 sbuff = scp->sense_buffer;
761 sdev_printk(KERN_ERR, scp->device,
762 "%s: sense_buffer is NULL\n", __func__);
765 asc = c_d ? INVALID_FIELD_IN_CDB : INVALID_FIELD_IN_PARAM_LIST;
766 memset(sbuff, 0, SCSI_SENSE_BUFFERSIZE);
767 scsi_build_sense_buffer(sdebug_dsense, sbuff, ILLEGAL_REQUEST, asc, 0);
768 memset(sks, 0, sizeof(sks));
774 sks[0] |= 0x7 & in_bit;
776 put_unaligned_be16(in_byte, sks + 1);
782 memcpy(sbuff + sl + 4, sks, 3);
784 memcpy(sbuff + 15, sks, 3);
786 sdev_printk(KERN_INFO, scp->device, "%s: [sense_key,asc,ascq"
787 "]: [0x5,0x%x,0x0] %c byte=%d, bit=%d\n",
788 my_name, asc, c_d ? 'C' : 'D', in_byte, in_bit);
791 static void mk_sense_buffer(struct scsi_cmnd *scp, int key, int asc, int asq)
793 unsigned char *sbuff;
795 sbuff = scp->sense_buffer;
797 sdev_printk(KERN_ERR, scp->device,
798 "%s: sense_buffer is NULL\n", __func__);
801 memset(sbuff, 0, SCSI_SENSE_BUFFERSIZE);
803 scsi_build_sense_buffer(sdebug_dsense, sbuff, key, asc, asq);
806 sdev_printk(KERN_INFO, scp->device,
807 "%s: [sense_key,asc,ascq]: [0x%x,0x%x,0x%x]\n",
808 my_name, key, asc, asq);
811 static void mk_sense_invalid_opcode(struct scsi_cmnd *scp)
813 mk_sense_buffer(scp, ILLEGAL_REQUEST, INVALID_OPCODE, 0);
816 static int scsi_debug_ioctl(struct scsi_device *dev, int cmd, void __user *arg)
818 if (sdebug_verbose) {
820 sdev_printk(KERN_INFO, dev,
821 "%s: BLKFLSBUF [0x1261]\n", __func__);
822 else if (0x5331 == cmd)
823 sdev_printk(KERN_INFO, dev,
824 "%s: CDROM_GET_CAPABILITY [0x5331]\n",
827 sdev_printk(KERN_INFO, dev, "%s: cmd=0x%x\n",
831 /* return -ENOTTY; // correct return but upsets fdisk */
834 static void config_cdb_len(struct scsi_device *sdev)
836 switch (sdebug_cdb_len) {
837 case 6: /* suggest 6 byte READ, WRITE and MODE SENSE/SELECT */
838 sdev->use_10_for_rw = false;
839 sdev->use_16_for_rw = false;
840 sdev->use_10_for_ms = false;
842 case 10: /* suggest 10 byte RWs and 6 byte MODE SENSE/SELECT */
843 sdev->use_10_for_rw = true;
844 sdev->use_16_for_rw = false;
845 sdev->use_10_for_ms = false;
847 case 12: /* suggest 10 byte RWs and 10 byte MODE SENSE/SELECT */
848 sdev->use_10_for_rw = true;
849 sdev->use_16_for_rw = false;
850 sdev->use_10_for_ms = true;
853 sdev->use_10_for_rw = false;
854 sdev->use_16_for_rw = true;
855 sdev->use_10_for_ms = true;
857 case 32: /* No knobs to suggest this so same as 16 for now */
858 sdev->use_10_for_rw = false;
859 sdev->use_16_for_rw = true;
860 sdev->use_10_for_ms = true;
863 pr_warn("unexpected cdb_len=%d, force to 10\n",
865 sdev->use_10_for_rw = true;
866 sdev->use_16_for_rw = false;
867 sdev->use_10_for_ms = false;
873 static void all_config_cdb_len(void)
875 struct sdebug_host_info *sdbg_host;
876 struct Scsi_Host *shost;
877 struct scsi_device *sdev;
879 spin_lock(&sdebug_host_list_lock);
880 list_for_each_entry(sdbg_host, &sdebug_host_list, host_list) {
881 shost = sdbg_host->shost;
882 shost_for_each_device(sdev, shost) {
883 config_cdb_len(sdev);
886 spin_unlock(&sdebug_host_list_lock);
889 static void clear_luns_changed_on_target(struct sdebug_dev_info *devip)
891 struct sdebug_host_info *sdhp;
892 struct sdebug_dev_info *dp;
894 spin_lock(&sdebug_host_list_lock);
895 list_for_each_entry(sdhp, &sdebug_host_list, host_list) {
896 list_for_each_entry(dp, &sdhp->dev_info_list, dev_list) {
897 if ((devip->sdbg_host == dp->sdbg_host) &&
898 (devip->target == dp->target))
899 clear_bit(SDEBUG_UA_LUNS_CHANGED, dp->uas_bm);
902 spin_unlock(&sdebug_host_list_lock);
905 static int make_ua(struct scsi_cmnd *scp, struct sdebug_dev_info *devip)
909 k = find_first_bit(devip->uas_bm, SDEBUG_NUM_UAS);
910 if (k != SDEBUG_NUM_UAS) {
911 const char *cp = NULL;
915 mk_sense_buffer(scp, UNIT_ATTENTION, UA_RESET_ASC,
916 POWER_ON_RESET_ASCQ);
918 cp = "power on reset";
920 case SDEBUG_UA_BUS_RESET:
921 mk_sense_buffer(scp, UNIT_ATTENTION, UA_RESET_ASC,
926 case SDEBUG_UA_MODE_CHANGED:
927 mk_sense_buffer(scp, UNIT_ATTENTION, UA_CHANGED_ASC,
930 cp = "mode parameters changed";
932 case SDEBUG_UA_CAPACITY_CHANGED:
933 mk_sense_buffer(scp, UNIT_ATTENTION, UA_CHANGED_ASC,
934 CAPACITY_CHANGED_ASCQ);
936 cp = "capacity data changed";
938 case SDEBUG_UA_MICROCODE_CHANGED:
939 mk_sense_buffer(scp, UNIT_ATTENTION,
941 MICROCODE_CHANGED_ASCQ);
943 cp = "microcode has been changed";
945 case SDEBUG_UA_MICROCODE_CHANGED_WO_RESET:
946 mk_sense_buffer(scp, UNIT_ATTENTION,
948 MICROCODE_CHANGED_WO_RESET_ASCQ);
950 cp = "microcode has been changed without reset";
952 case SDEBUG_UA_LUNS_CHANGED:
954 * SPC-3 behavior is to report a UNIT ATTENTION with
955 * ASC/ASCQ REPORTED LUNS DATA HAS CHANGED on every LUN
956 * on the target, until a REPORT LUNS command is
957 * received. SPC-4 behavior is to report it only once.
958 * NOTE: sdebug_scsi_level does not use the same
959 * values as struct scsi_device->scsi_level.
961 if (sdebug_scsi_level >= 6) /* SPC-4 and above */
962 clear_luns_changed_on_target(devip);
963 mk_sense_buffer(scp, UNIT_ATTENTION,
967 cp = "reported luns data has changed";
970 pr_warn("unexpected unit attention code=%d\n", k);
975 clear_bit(k, devip->uas_bm);
977 sdev_printk(KERN_INFO, scp->device,
978 "%s reports: Unit attention: %s\n",
980 return check_condition_result;
985 /* Build SCSI "data-in" buffer. Returns 0 if ok else (DID_ERROR << 16). */
986 static int fill_from_dev_buffer(struct scsi_cmnd *scp, unsigned char *arr,
990 struct scsi_data_buffer *sdb = scsi_in(scp);
994 if (!(scsi_bidi_cmnd(scp) || scp->sc_data_direction == DMA_FROM_DEVICE))
995 return DID_ERROR << 16;
997 act_len = sg_copy_from_buffer(sdb->table.sgl, sdb->table.nents,
999 sdb->resid = scsi_bufflen(scp) - act_len;
1004 /* Partial build of SCSI "data-in" buffer. Returns 0 if ok else
1005 * (DID_ERROR << 16). Can write to offset in data-in buffer. If multiple
1006 * calls, not required to write in ascending offset order. Assumes resid
1007 * set to scsi_bufflen() prior to any calls.
1009 static int p_fill_from_dev_buffer(struct scsi_cmnd *scp, const void *arr,
1010 int arr_len, unsigned int off_dst)
1013 struct scsi_data_buffer *sdb = scsi_in(scp);
1014 off_t skip = off_dst;
1016 if (sdb->length <= off_dst)
1018 if (!(scsi_bidi_cmnd(scp) || scp->sc_data_direction == DMA_FROM_DEVICE))
1019 return DID_ERROR << 16;
1021 act_len = sg_pcopy_from_buffer(sdb->table.sgl, sdb->table.nents,
1022 arr, arr_len, skip);
1023 pr_debug("%s: off_dst=%u, scsi_bufflen=%u, act_len=%u, resid=%d\n",
1024 __func__, off_dst, scsi_bufflen(scp), act_len, sdb->resid);
1025 n = (int)scsi_bufflen(scp) - ((int)off_dst + act_len);
1026 sdb->resid = min(sdb->resid, n);
1030 /* Fetches from SCSI "data-out" buffer. Returns number of bytes fetched into
1031 * 'arr' or -1 if error.
1033 static int fetch_to_dev_buffer(struct scsi_cmnd *scp, unsigned char *arr,
1036 if (!scsi_bufflen(scp))
1038 if (!(scsi_bidi_cmnd(scp) || scp->sc_data_direction == DMA_TO_DEVICE))
1041 return scsi_sg_copy_to_buffer(scp, arr, arr_len);
1045 static char sdebug_inq_vendor_id[9] = "Linux ";
1046 static char sdebug_inq_product_id[17] = "scsi_debug ";
1047 static char sdebug_inq_product_rev[5] = SDEBUG_VERSION;
1048 /* Use some locally assigned NAAs for SAS addresses. */
1049 static const u64 naa3_comp_a = 0x3222222000000000ULL;
1050 static const u64 naa3_comp_b = 0x3333333000000000ULL;
1051 static const u64 naa3_comp_c = 0x3111111000000000ULL;
1053 /* Device identification VPD page. Returns number of bytes placed in arr */
1054 static int inquiry_vpd_83(unsigned char *arr, int port_group_id,
1055 int target_dev_id, int dev_id_num,
1056 const char *dev_id_str, int dev_id_str_len,
1057 const uuid_t *lu_name)
1062 port_a = target_dev_id + 1;
1063 /* T10 vendor identifier field format (faked) */
1064 arr[0] = 0x2; /* ASCII */
1067 memcpy(&arr[4], sdebug_inq_vendor_id, 8);
1068 memcpy(&arr[12], sdebug_inq_product_id, 16);
1069 memcpy(&arr[28], dev_id_str, dev_id_str_len);
1070 num = 8 + 16 + dev_id_str_len;
1073 if (dev_id_num >= 0) {
1074 if (sdebug_uuid_ctl) {
1075 /* Locally assigned UUID */
1076 arr[num++] = 0x1; /* binary (not necessarily sas) */
1077 arr[num++] = 0xa; /* PIV=0, lu, naa */
1080 arr[num++] = 0x10; /* uuid type=1, locally assigned */
1082 memcpy(arr + num, lu_name, 16);
1085 /* NAA-3, Logical unit identifier (binary) */
1086 arr[num++] = 0x1; /* binary (not necessarily sas) */
1087 arr[num++] = 0x3; /* PIV=0, lu, naa */
1090 put_unaligned_be64(naa3_comp_b + dev_id_num, arr + num);
1093 /* Target relative port number */
1094 arr[num++] = 0x61; /* proto=sas, binary */
1095 arr[num++] = 0x94; /* PIV=1, target port, rel port */
1096 arr[num++] = 0x0; /* reserved */
1097 arr[num++] = 0x4; /* length */
1098 arr[num++] = 0x0; /* reserved */
1099 arr[num++] = 0x0; /* reserved */
1101 arr[num++] = 0x1; /* relative port A */
1103 /* NAA-3, Target port identifier */
1104 arr[num++] = 0x61; /* proto=sas, binary */
1105 arr[num++] = 0x93; /* piv=1, target port, naa */
1108 put_unaligned_be64(naa3_comp_a + port_a, arr + num);
1110 /* NAA-3, Target port group identifier */
1111 arr[num++] = 0x61; /* proto=sas, binary */
1112 arr[num++] = 0x95; /* piv=1, target port group id */
1117 put_unaligned_be16(port_group_id, arr + num);
1119 /* NAA-3, Target device identifier */
1120 arr[num++] = 0x61; /* proto=sas, binary */
1121 arr[num++] = 0xa3; /* piv=1, target device, naa */
1124 put_unaligned_be64(naa3_comp_a + target_dev_id, arr + num);
1126 /* SCSI name string: Target device identifier */
1127 arr[num++] = 0x63; /* proto=sas, UTF-8 */
1128 arr[num++] = 0xa8; /* piv=1, target device, SCSI name string */
1131 memcpy(arr + num, "naa.32222220", 12);
1133 snprintf(b, sizeof(b), "%08X", target_dev_id);
1134 memcpy(arr + num, b, 8);
1136 memset(arr + num, 0, 4);
1141 static unsigned char vpd84_data[] = {
1142 /* from 4th byte */ 0x22,0x22,0x22,0x0,0xbb,0x0,
1143 0x22,0x22,0x22,0x0,0xbb,0x1,
1144 0x22,0x22,0x22,0x0,0xbb,0x2,
1147 /* Software interface identification VPD page */
1148 static int inquiry_vpd_84(unsigned char *arr)
1150 memcpy(arr, vpd84_data, sizeof(vpd84_data));
1151 return sizeof(vpd84_data);
1154 /* Management network addresses VPD page */
1155 static int inquiry_vpd_85(unsigned char *arr)
1158 const char * na1 = "https://www.kernel.org/config";
1159 const char * na2 = "http://www.kernel.org/log";
1162 arr[num++] = 0x1; /* lu, storage config */
1163 arr[num++] = 0x0; /* reserved */
1168 plen = ((plen / 4) + 1) * 4;
1169 arr[num++] = plen; /* length, null termianted, padded */
1170 memcpy(arr + num, na1, olen);
1171 memset(arr + num + olen, 0, plen - olen);
1174 arr[num++] = 0x4; /* lu, logging */
1175 arr[num++] = 0x0; /* reserved */
1180 plen = ((plen / 4) + 1) * 4;
1181 arr[num++] = plen; /* length, null terminated, padded */
1182 memcpy(arr + num, na2, olen);
1183 memset(arr + num + olen, 0, plen - olen);
1189 /* SCSI ports VPD page */
1190 static int inquiry_vpd_88(unsigned char *arr, int target_dev_id)
1195 port_a = target_dev_id + 1;
1196 port_b = port_a + 1;
1197 arr[num++] = 0x0; /* reserved */
1198 arr[num++] = 0x0; /* reserved */
1200 arr[num++] = 0x1; /* relative port 1 (primary) */
1201 memset(arr + num, 0, 6);
1204 arr[num++] = 12; /* length tp descriptor */
1205 /* naa-5 target port identifier (A) */
1206 arr[num++] = 0x61; /* proto=sas, binary */
1207 arr[num++] = 0x93; /* PIV=1, target port, NAA */
1208 arr[num++] = 0x0; /* reserved */
1209 arr[num++] = 0x8; /* length */
1210 put_unaligned_be64(naa3_comp_a + port_a, arr + num);
1212 arr[num++] = 0x0; /* reserved */
1213 arr[num++] = 0x0; /* reserved */
1215 arr[num++] = 0x2; /* relative port 2 (secondary) */
1216 memset(arr + num, 0, 6);
1219 arr[num++] = 12; /* length tp descriptor */
1220 /* naa-5 target port identifier (B) */
1221 arr[num++] = 0x61; /* proto=sas, binary */
1222 arr[num++] = 0x93; /* PIV=1, target port, NAA */
1223 arr[num++] = 0x0; /* reserved */
1224 arr[num++] = 0x8; /* length */
1225 put_unaligned_be64(naa3_comp_a + port_b, arr + num);
1232 static unsigned char vpd89_data[] = {
1233 /* from 4th byte */ 0,0,0,0,
1234 'l','i','n','u','x',' ',' ',' ',
1235 'S','A','T',' ','s','c','s','i','_','d','e','b','u','g',' ',' ',
1237 0x34,0,0,0,1,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,
1239 0x5a,0xc,0xff,0x3f,0x37,0xc8,0x10,0,0,0,0,0,0x3f,0,0,0,
1240 0,0,0,0,0x58,0x58,0x58,0x58,0x58,0x58,0x58,0x58,0x20,0x20,0x20,0x20,
1241 0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,0,0,0,0x40,0x4,0,0x2e,0x33,
1242 0x38,0x31,0x20,0x20,0x20,0x20,0x54,0x53,0x38,0x33,0x30,0x30,0x33,0x31,
1244 0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,
1246 0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,
1248 0,0,0,0x2f,0,0,0,0x2,0,0x2,0x7,0,0xff,0xff,0x1,0,
1249 0x3f,0,0xc1,0xff,0x3e,0,0x10,0x1,0xb0,0xf8,0x50,0x9,0,0,0x7,0,
1250 0x3,0,0x78,0,0x78,0,0xf0,0,0x78,0,0,0,0,0,0,0,
1251 0,0,0,0,0,0,0,0,0x2,0,0,0,0,0,0,0,
1252 0x7e,0,0x1b,0,0x6b,0x34,0x1,0x7d,0x3,0x40,0x69,0x34,0x1,0x3c,0x3,0x40,
1253 0x7f,0x40,0,0,0,0,0xfe,0xfe,0,0,0,0,0,0xfe,0,0,
1254 0,0,0,0,0,0,0,0,0xb0,0xf8,0x50,0x9,0,0,0,0,
1255 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
1256 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
1257 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
1258 0x1,0,0xb0,0xf8,0x50,0x9,0xb0,0xf8,0x50,0x9,0x20,0x20,0x2,0,0xb6,0x42,
1259 0,0x80,0x8a,0,0x6,0x3c,0xa,0x3c,0xff,0xff,0xc6,0x7,0,0x1,0,0x8,
1260 0xf0,0xf,0,0x10,0x2,0,0x30,0,0,0,0,0,0,0,0x6,0xfe,
1261 0,0,0x2,0,0x50,0,0x8a,0,0x4f,0x95,0,0,0x21,0,0xb,0,
1262 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
1263 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
1264 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
1265 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
1266 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
1267 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
1268 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
1269 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
1270 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
1271 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
1272 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
1273 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0xa5,0x51,
1276 /* ATA Information VPD page */
1277 static int inquiry_vpd_89(unsigned char *arr)
1279 memcpy(arr, vpd89_data, sizeof(vpd89_data));
1280 return sizeof(vpd89_data);
1284 static unsigned char vpdb0_data[] = {
1285 /* from 4th byte */ 0,0,0,4, 0,0,0x4,0, 0,0,0,64,
1286 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
1287 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
1288 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
1291 /* Block limits VPD page (SBC-3) */
1292 static int inquiry_vpd_b0(unsigned char *arr)
1296 memcpy(arr, vpdb0_data, sizeof(vpdb0_data));
1298 /* Optimal transfer length granularity */
1299 if (sdebug_opt_xferlen_exp != 0 &&
1300 sdebug_physblk_exp < sdebug_opt_xferlen_exp)
1301 gran = 1 << sdebug_opt_xferlen_exp;
1303 gran = 1 << sdebug_physblk_exp;
1304 put_unaligned_be16(gran, arr + 2);
1306 /* Maximum Transfer Length */
1307 if (sdebug_store_sectors > 0x400)
1308 put_unaligned_be32(sdebug_store_sectors, arr + 4);
1310 /* Optimal Transfer Length */
1311 put_unaligned_be32(sdebug_opt_blks, &arr[8]);
1314 /* Maximum Unmap LBA Count */
1315 put_unaligned_be32(sdebug_unmap_max_blocks, &arr[16]);
1317 /* Maximum Unmap Block Descriptor Count */
1318 put_unaligned_be32(sdebug_unmap_max_desc, &arr[20]);
1321 /* Unmap Granularity Alignment */
1322 if (sdebug_unmap_alignment) {
1323 put_unaligned_be32(sdebug_unmap_alignment, &arr[28]);
1324 arr[28] |= 0x80; /* UGAVALID */
1327 /* Optimal Unmap Granularity */
1328 put_unaligned_be32(sdebug_unmap_granularity, &arr[24]);
1330 /* Maximum WRITE SAME Length */
1331 put_unaligned_be64(sdebug_write_same_length, &arr[32]);
1333 return 0x3c; /* Mandatory page length for Logical Block Provisioning */
1335 return sizeof(vpdb0_data);
1338 /* Block device characteristics VPD page (SBC-3) */
1339 static int inquiry_vpd_b1(unsigned char *arr)
1341 memset(arr, 0, 0x3c);
1343 arr[1] = 1; /* non rotating medium (e.g. solid state) */
1345 arr[3] = 5; /* less than 1.8" */
1350 /* Logical block provisioning VPD page (SBC-4) */
1351 static int inquiry_vpd_b2(unsigned char *arr)
1353 memset(arr, 0, 0x4);
1354 arr[0] = 0; /* threshold exponent */
1361 if (sdebug_lbprz && scsi_debug_lbp())
1362 arr[1] |= (sdebug_lbprz & 0x7) << 2; /* sbc4r07 and later */
1363 /* anc_sup=0; dp=0 (no provisioning group descriptor) */
1364 /* minimum_percentage=0; provisioning_type=0 (unknown) */
1365 /* threshold_percentage=0 */
1369 #define SDEBUG_LONG_INQ_SZ 96
1370 #define SDEBUG_MAX_INQ_ARR_SZ 584
1372 static int resp_inquiry(struct scsi_cmnd *scp, struct sdebug_dev_info *devip)
1374 unsigned char pq_pdt;
1375 unsigned char * arr;
1376 unsigned char *cmd = scp->cmnd;
1377 int alloc_len, n, ret;
1378 bool have_wlun, is_disk;
1380 alloc_len = get_unaligned_be16(cmd + 3);
1381 arr = kzalloc(SDEBUG_MAX_INQ_ARR_SZ, GFP_ATOMIC);
1383 return DID_REQUEUE << 16;
1384 is_disk = (sdebug_ptype == TYPE_DISK);
1385 have_wlun = scsi_is_wlun(scp->device->lun);
1387 pq_pdt = TYPE_WLUN; /* present, wlun */
1388 else if (sdebug_no_lun_0 && (devip->lun == SDEBUG_LUN_0_VAL))
1389 pq_pdt = 0x7f; /* not present, PQ=3, PDT=0x1f */
1391 pq_pdt = (sdebug_ptype & 0x1f);
1393 if (0x2 & cmd[1]) { /* CMDDT bit set */
1394 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 1, 1);
1396 return check_condition_result;
1397 } else if (0x1 & cmd[1]) { /* EVPD bit set */
1398 int lu_id_num, port_group_id, target_dev_id, len;
1400 int host_no = devip->sdbg_host->shost->host_no;
1402 port_group_id = (((host_no + 1) & 0x7f) << 8) +
1403 (devip->channel & 0x7f);
1404 if (sdebug_vpd_use_hostno == 0)
1406 lu_id_num = have_wlun ? -1 : (((host_no + 1) * 2000) +
1407 (devip->target * 1000) + devip->lun);
1408 target_dev_id = ((host_no + 1) * 2000) +
1409 (devip->target * 1000) - 3;
1410 len = scnprintf(lu_id_str, 6, "%d", lu_id_num);
1411 if (0 == cmd[2]) { /* supported vital product data pages */
1412 arr[1] = cmd[2]; /*sanity */
1414 arr[n++] = 0x0; /* this page */
1415 arr[n++] = 0x80; /* unit serial number */
1416 arr[n++] = 0x83; /* device identification */
1417 arr[n++] = 0x84; /* software interface ident. */
1418 arr[n++] = 0x85; /* management network addresses */
1419 arr[n++] = 0x86; /* extended inquiry */
1420 arr[n++] = 0x87; /* mode page policy */
1421 arr[n++] = 0x88; /* SCSI ports */
1422 if (is_disk) { /* SBC only */
1423 arr[n++] = 0x89; /* ATA information */
1424 arr[n++] = 0xb0; /* Block limits */
1425 arr[n++] = 0xb1; /* Block characteristics */
1426 arr[n++] = 0xb2; /* Logical Block Prov */
1428 arr[3] = n - 4; /* number of supported VPD pages */
1429 } else if (0x80 == cmd[2]) { /* unit serial number */
1430 arr[1] = cmd[2]; /*sanity */
1432 memcpy(&arr[4], lu_id_str, len);
1433 } else if (0x83 == cmd[2]) { /* device identification */
1434 arr[1] = cmd[2]; /*sanity */
1435 arr[3] = inquiry_vpd_83(&arr[4], port_group_id,
1436 target_dev_id, lu_id_num,
1439 } else if (0x84 == cmd[2]) { /* Software interface ident. */
1440 arr[1] = cmd[2]; /*sanity */
1441 arr[3] = inquiry_vpd_84(&arr[4]);
1442 } else if (0x85 == cmd[2]) { /* Management network addresses */
1443 arr[1] = cmd[2]; /*sanity */
1444 arr[3] = inquiry_vpd_85(&arr[4]);
1445 } else if (0x86 == cmd[2]) { /* extended inquiry */
1446 arr[1] = cmd[2]; /*sanity */
1447 arr[3] = 0x3c; /* number of following entries */
1448 if (sdebug_dif == T10_PI_TYPE3_PROTECTION)
1449 arr[4] = 0x4; /* SPT: GRD_CHK:1 */
1450 else if (have_dif_prot)
1451 arr[4] = 0x5; /* SPT: GRD_CHK:1, REF_CHK:1 */
1453 arr[4] = 0x0; /* no protection stuff */
1454 arr[5] = 0x7; /* head of q, ordered + simple q's */
1455 } else if (0x87 == cmd[2]) { /* mode page policy */
1456 arr[1] = cmd[2]; /*sanity */
1457 arr[3] = 0x8; /* number of following entries */
1458 arr[4] = 0x2; /* disconnect-reconnect mp */
1459 arr[6] = 0x80; /* mlus, shared */
1460 arr[8] = 0x18; /* protocol specific lu */
1461 arr[10] = 0x82; /* mlus, per initiator port */
1462 } else if (0x88 == cmd[2]) { /* SCSI Ports */
1463 arr[1] = cmd[2]; /*sanity */
1464 arr[3] = inquiry_vpd_88(&arr[4], target_dev_id);
1465 } else if (is_disk && 0x89 == cmd[2]) { /* ATA information */
1466 arr[1] = cmd[2]; /*sanity */
1467 n = inquiry_vpd_89(&arr[4]);
1468 put_unaligned_be16(n, arr + 2);
1469 } else if (is_disk && 0xb0 == cmd[2]) { /* Block limits */
1470 arr[1] = cmd[2]; /*sanity */
1471 arr[3] = inquiry_vpd_b0(&arr[4]);
1472 } else if (is_disk && 0xb1 == cmd[2]) { /* Block char. */
1473 arr[1] = cmd[2]; /*sanity */
1474 arr[3] = inquiry_vpd_b1(&arr[4]);
1475 } else if (is_disk && 0xb2 == cmd[2]) { /* LB Prov. */
1476 arr[1] = cmd[2]; /*sanity */
1477 arr[3] = inquiry_vpd_b2(&arr[4]);
1479 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 2, -1);
1481 return check_condition_result;
1483 len = min(get_unaligned_be16(arr + 2) + 4, alloc_len);
1484 ret = fill_from_dev_buffer(scp, arr,
1485 min(len, SDEBUG_MAX_INQ_ARR_SZ));
1489 /* drops through here for a standard inquiry */
1490 arr[1] = sdebug_removable ? 0x80 : 0; /* Removable disk */
1491 arr[2] = sdebug_scsi_level;
1492 arr[3] = 2; /* response_data_format==2 */
1493 arr[4] = SDEBUG_LONG_INQ_SZ - 5;
1494 arr[5] = (int)have_dif_prot; /* PROTECT bit */
1495 if (sdebug_vpd_use_hostno == 0)
1496 arr[5] |= 0x10; /* claim: implicit TPGS */
1497 arr[6] = 0x10; /* claim: MultiP */
1498 /* arr[6] |= 0x40; ... claim: EncServ (enclosure services) */
1499 arr[7] = 0xa; /* claim: LINKED + CMDQUE */
1500 memcpy(&arr[8], sdebug_inq_vendor_id, 8);
1501 memcpy(&arr[16], sdebug_inq_product_id, 16);
1502 memcpy(&arr[32], sdebug_inq_product_rev, 4);
1503 /* Use Vendor Specific area to place driver date in ASCII hex */
1504 memcpy(&arr[36], sdebug_version_date, 8);
1505 /* version descriptors (2 bytes each) follow */
1506 put_unaligned_be16(0xc0, arr + 58); /* SAM-6 no version claimed */
1507 put_unaligned_be16(0x5c0, arr + 60); /* SPC-5 no version claimed */
1509 if (is_disk) { /* SBC-4 no version claimed */
1510 put_unaligned_be16(0x600, arr + n);
1512 } else if (sdebug_ptype == TYPE_TAPE) { /* SSC-4 rev 3 */
1513 put_unaligned_be16(0x525, arr + n);
1516 put_unaligned_be16(0x2100, arr + n); /* SPL-4 no version claimed */
1517 ret = fill_from_dev_buffer(scp, arr,
1518 min(alloc_len, SDEBUG_LONG_INQ_SZ));
1523 static unsigned char iec_m_pg[] = {0x1c, 0xa, 0x08, 0, 0, 0, 0, 0,
1526 static int resp_requests(struct scsi_cmnd * scp,
1527 struct sdebug_dev_info * devip)
1529 unsigned char * sbuff;
1530 unsigned char *cmd = scp->cmnd;
1531 unsigned char arr[SCSI_SENSE_BUFFERSIZE];
1535 memset(arr, 0, sizeof(arr));
1536 dsense = !!(cmd[1] & 1);
1537 sbuff = scp->sense_buffer;
1538 if ((iec_m_pg[2] & 0x4) && (6 == (iec_m_pg[3] & 0xf))) {
1541 arr[1] = 0x0; /* NO_SENSE in sense_key */
1542 arr[2] = THRESHOLD_EXCEEDED;
1543 arr[3] = 0xff; /* TEST set and MRIE==6 */
1547 arr[2] = 0x0; /* NO_SENSE in sense_key */
1548 arr[7] = 0xa; /* 18 byte sense buffer */
1549 arr[12] = THRESHOLD_EXCEEDED;
1550 arr[13] = 0xff; /* TEST set and MRIE==6 */
1553 memcpy(arr, sbuff, SCSI_SENSE_BUFFERSIZE);
1554 if (arr[0] >= 0x70 && dsense == sdebug_dsense)
1555 ; /* have sense and formats match */
1556 else if (arr[0] <= 0x70) {
1566 } else if (dsense) {
1569 arr[1] = sbuff[2]; /* sense key */
1570 arr[2] = sbuff[12]; /* asc */
1571 arr[3] = sbuff[13]; /* ascq */
1583 mk_sense_buffer(scp, 0, NO_ADDITIONAL_SENSE, 0);
1584 return fill_from_dev_buffer(scp, arr, len);
1587 static int resp_start_stop(struct scsi_cmnd * scp,
1588 struct sdebug_dev_info * devip)
1590 unsigned char *cmd = scp->cmnd;
1591 int power_cond, stop;
1593 power_cond = (cmd[4] & 0xf0) >> 4;
1595 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 4, 7);
1596 return check_condition_result;
1598 stop = !(cmd[4] & 1);
1599 atomic_xchg(&devip->stopped, stop);
1603 static sector_t get_sdebug_capacity(void)
1605 static const unsigned int gibibyte = 1073741824;
1607 if (sdebug_virtual_gb > 0)
1608 return (sector_t)sdebug_virtual_gb *
1609 (gibibyte / sdebug_sector_size);
1611 return sdebug_store_sectors;
1614 #define SDEBUG_READCAP_ARR_SZ 8
1615 static int resp_readcap(struct scsi_cmnd * scp,
1616 struct sdebug_dev_info * devip)
1618 unsigned char arr[SDEBUG_READCAP_ARR_SZ];
1621 /* following just in case virtual_gb changed */
1622 sdebug_capacity = get_sdebug_capacity();
1623 memset(arr, 0, SDEBUG_READCAP_ARR_SZ);
1624 if (sdebug_capacity < 0xffffffff) {
1625 capac = (unsigned int)sdebug_capacity - 1;
1626 put_unaligned_be32(capac, arr + 0);
1628 put_unaligned_be32(0xffffffff, arr + 0);
1629 put_unaligned_be16(sdebug_sector_size, arr + 6);
1630 return fill_from_dev_buffer(scp, arr, SDEBUG_READCAP_ARR_SZ);
1633 #define SDEBUG_READCAP16_ARR_SZ 32
1634 static int resp_readcap16(struct scsi_cmnd * scp,
1635 struct sdebug_dev_info * devip)
1637 unsigned char *cmd = scp->cmnd;
1638 unsigned char arr[SDEBUG_READCAP16_ARR_SZ];
1641 alloc_len = get_unaligned_be32(cmd + 10);
1642 /* following just in case virtual_gb changed */
1643 sdebug_capacity = get_sdebug_capacity();
1644 memset(arr, 0, SDEBUG_READCAP16_ARR_SZ);
1645 put_unaligned_be64((u64)(sdebug_capacity - 1), arr + 0);
1646 put_unaligned_be32(sdebug_sector_size, arr + 8);
1647 arr[13] = sdebug_physblk_exp & 0xf;
1648 arr[14] = (sdebug_lowest_aligned >> 8) & 0x3f;
1650 if (scsi_debug_lbp()) {
1651 arr[14] |= 0x80; /* LBPME */
1652 /* from sbc4r07, this LBPRZ field is 1 bit, but the LBPRZ in
1653 * the LB Provisioning VPD page is 3 bits. Note that lbprz=2
1654 * in the wider field maps to 0 in this field.
1656 if (sdebug_lbprz & 1) /* precisely what the draft requires */
1660 arr[15] = sdebug_lowest_aligned & 0xff;
1662 if (have_dif_prot) {
1663 arr[12] = (sdebug_dif - 1) << 1; /* P_TYPE */
1664 arr[12] |= 1; /* PROT_EN */
1667 return fill_from_dev_buffer(scp, arr,
1668 min(alloc_len, SDEBUG_READCAP16_ARR_SZ));
1671 #define SDEBUG_MAX_TGTPGS_ARR_SZ 1412
1673 static int resp_report_tgtpgs(struct scsi_cmnd * scp,
1674 struct sdebug_dev_info * devip)
1676 unsigned char *cmd = scp->cmnd;
1677 unsigned char * arr;
1678 int host_no = devip->sdbg_host->shost->host_no;
1679 int n, ret, alen, rlen;
1680 int port_group_a, port_group_b, port_a, port_b;
1682 alen = get_unaligned_be32(cmd + 6);
1683 arr = kzalloc(SDEBUG_MAX_TGTPGS_ARR_SZ, GFP_ATOMIC);
1685 return DID_REQUEUE << 16;
1687 * EVPD page 0x88 states we have two ports, one
1688 * real and a fake port with no device connected.
1689 * So we create two port groups with one port each
1690 * and set the group with port B to unavailable.
1692 port_a = 0x1; /* relative port A */
1693 port_b = 0x2; /* relative port B */
1694 port_group_a = (((host_no + 1) & 0x7f) << 8) +
1695 (devip->channel & 0x7f);
1696 port_group_b = (((host_no + 1) & 0x7f) << 8) +
1697 (devip->channel & 0x7f) + 0x80;
1700 * The asymmetric access state is cycled according to the host_id.
1703 if (sdebug_vpd_use_hostno == 0) {
1704 arr[n++] = host_no % 3; /* Asymm access state */
1705 arr[n++] = 0x0F; /* claim: all states are supported */
1707 arr[n++] = 0x0; /* Active/Optimized path */
1708 arr[n++] = 0x01; /* only support active/optimized paths */
1710 put_unaligned_be16(port_group_a, arr + n);
1712 arr[n++] = 0; /* Reserved */
1713 arr[n++] = 0; /* Status code */
1714 arr[n++] = 0; /* Vendor unique */
1715 arr[n++] = 0x1; /* One port per group */
1716 arr[n++] = 0; /* Reserved */
1717 arr[n++] = 0; /* Reserved */
1718 put_unaligned_be16(port_a, arr + n);
1720 arr[n++] = 3; /* Port unavailable */
1721 arr[n++] = 0x08; /* claim: only unavailalbe paths are supported */
1722 put_unaligned_be16(port_group_b, arr + n);
1724 arr[n++] = 0; /* Reserved */
1725 arr[n++] = 0; /* Status code */
1726 arr[n++] = 0; /* Vendor unique */
1727 arr[n++] = 0x1; /* One port per group */
1728 arr[n++] = 0; /* Reserved */
1729 arr[n++] = 0; /* Reserved */
1730 put_unaligned_be16(port_b, arr + n);
1734 put_unaligned_be32(rlen, arr + 0);
1737 * Return the smallest value of either
1738 * - The allocated length
1739 * - The constructed command length
1740 * - The maximum array size
1743 ret = fill_from_dev_buffer(scp, arr,
1744 min(rlen, SDEBUG_MAX_TGTPGS_ARR_SZ));
1749 static int resp_rsup_opcodes(struct scsi_cmnd *scp,
1750 struct sdebug_dev_info *devip)
1753 u8 reporting_opts, req_opcode, sdeb_i, supp;
1755 u32 alloc_len, a_len;
1756 int k, offset, len, errsts, count, bump, na;
1757 const struct opcode_info_t *oip;
1758 const struct opcode_info_t *r_oip;
1760 u8 *cmd = scp->cmnd;
1762 rctd = !!(cmd[2] & 0x80);
1763 reporting_opts = cmd[2] & 0x7;
1764 req_opcode = cmd[3];
1765 req_sa = get_unaligned_be16(cmd + 4);
1766 alloc_len = get_unaligned_be32(cmd + 6);
1767 if (alloc_len < 4 || alloc_len > 0xffff) {
1768 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 6, -1);
1769 return check_condition_result;
1771 if (alloc_len > 8192)
1775 arr = kzalloc((a_len < 256) ? 320 : a_len + 64, GFP_ATOMIC);
1777 mk_sense_buffer(scp, ILLEGAL_REQUEST, INSUFF_RES_ASC,
1779 return check_condition_result;
1781 switch (reporting_opts) {
1782 case 0: /* all commands */
1783 /* count number of commands */
1784 for (count = 0, oip = opcode_info_arr;
1785 oip->num_attached != 0xff; ++oip) {
1786 if (F_INV_OP & oip->flags)
1788 count += (oip->num_attached + 1);
1790 bump = rctd ? 20 : 8;
1791 put_unaligned_be32(count * bump, arr);
1792 for (offset = 4, oip = opcode_info_arr;
1793 oip->num_attached != 0xff && offset < a_len; ++oip) {
1794 if (F_INV_OP & oip->flags)
1796 na = oip->num_attached;
1797 arr[offset] = oip->opcode;
1798 put_unaligned_be16(oip->sa, arr + offset + 2);
1800 arr[offset + 5] |= 0x2;
1801 if (FF_SA & oip->flags)
1802 arr[offset + 5] |= 0x1;
1803 put_unaligned_be16(oip->len_mask[0], arr + offset + 6);
1805 put_unaligned_be16(0xa, arr + offset + 8);
1807 for (k = 0, oip = oip->arrp; k < na; ++k, ++oip) {
1808 if (F_INV_OP & oip->flags)
1811 arr[offset] = oip->opcode;
1812 put_unaligned_be16(oip->sa, arr + offset + 2);
1814 arr[offset + 5] |= 0x2;
1815 if (FF_SA & oip->flags)
1816 arr[offset + 5] |= 0x1;
1817 put_unaligned_be16(oip->len_mask[0],
1820 put_unaligned_be16(0xa,
1827 case 1: /* one command: opcode only */
1828 case 2: /* one command: opcode plus service action */
1829 case 3: /* one command: if sa==0 then opcode only else opcode+sa */
1830 sdeb_i = opcode_ind_arr[req_opcode];
1831 oip = &opcode_info_arr[sdeb_i];
1832 if (F_INV_OP & oip->flags) {
1836 if (1 == reporting_opts) {
1837 if (FF_SA & oip->flags) {
1838 mk_sense_invalid_fld(scp, SDEB_IN_CDB,
1841 return check_condition_result;
1844 } else if (2 == reporting_opts &&
1845 0 == (FF_SA & oip->flags)) {
1846 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 4, -1);
1847 kfree(arr); /* point at requested sa */
1848 return check_condition_result;
1850 if (0 == (FF_SA & oip->flags) &&
1851 req_opcode == oip->opcode)
1853 else if (0 == (FF_SA & oip->flags)) {
1854 na = oip->num_attached;
1855 for (k = 0, oip = oip->arrp; k < na;
1857 if (req_opcode == oip->opcode)
1860 supp = (k >= na) ? 1 : 3;
1861 } else if (req_sa != oip->sa) {
1862 na = oip->num_attached;
1863 for (k = 0, oip = oip->arrp; k < na;
1865 if (req_sa == oip->sa)
1868 supp = (k >= na) ? 1 : 3;
1872 u = oip->len_mask[0];
1873 put_unaligned_be16(u, arr + 2);
1874 arr[4] = oip->opcode;
1875 for (k = 1; k < u; ++k)
1876 arr[4 + k] = (k < 16) ?
1877 oip->len_mask[k] : 0xff;
1882 arr[1] = (rctd ? 0x80 : 0) | supp;
1884 put_unaligned_be16(0xa, arr + offset);
1889 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 2, 2);
1891 return check_condition_result;
1893 offset = (offset < a_len) ? offset : a_len;
1894 len = (offset < alloc_len) ? offset : alloc_len;
1895 errsts = fill_from_dev_buffer(scp, arr, len);
1900 static int resp_rsup_tmfs(struct scsi_cmnd *scp,
1901 struct sdebug_dev_info *devip)
1906 u8 *cmd = scp->cmnd;
1908 memset(arr, 0, sizeof(arr));
1909 repd = !!(cmd[2] & 0x80);
1910 alloc_len = get_unaligned_be32(cmd + 6);
1911 if (alloc_len < 4) {
1912 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 6, -1);
1913 return check_condition_result;
1915 arr[0] = 0xc8; /* ATS | ATSS | LURS */
1916 arr[1] = 0x1; /* ITNRS */
1923 len = (len < alloc_len) ? len : alloc_len;
1924 return fill_from_dev_buffer(scp, arr, len);
1927 /* <<Following mode page info copied from ST318451LW>> */
1929 static int resp_err_recov_pg(unsigned char * p, int pcontrol, int target)
1930 { /* Read-Write Error Recovery page for mode_sense */
1931 unsigned char err_recov_pg[] = {0x1, 0xa, 0xc0, 11, 240, 0, 0, 0,
1934 memcpy(p, err_recov_pg, sizeof(err_recov_pg));
1936 memset(p + 2, 0, sizeof(err_recov_pg) - 2);
1937 return sizeof(err_recov_pg);
1940 static int resp_disconnect_pg(unsigned char * p, int pcontrol, int target)
1941 { /* Disconnect-Reconnect page for mode_sense */
1942 unsigned char disconnect_pg[] = {0x2, 0xe, 128, 128, 0, 10, 0, 0,
1943 0, 0, 0, 0, 0, 0, 0, 0};
1945 memcpy(p, disconnect_pg, sizeof(disconnect_pg));
1947 memset(p + 2, 0, sizeof(disconnect_pg) - 2);
1948 return sizeof(disconnect_pg);
1951 static int resp_format_pg(unsigned char * p, int pcontrol, int target)
1952 { /* Format device page for mode_sense */
1953 unsigned char format_pg[] = {0x3, 0x16, 0, 0, 0, 0, 0, 0,
1954 0, 0, 0, 0, 0, 0, 0, 0,
1955 0, 0, 0, 0, 0x40, 0, 0, 0};
1957 memcpy(p, format_pg, sizeof(format_pg));
1958 put_unaligned_be16(sdebug_sectors_per, p + 10);
1959 put_unaligned_be16(sdebug_sector_size, p + 12);
1960 if (sdebug_removable)
1961 p[20] |= 0x20; /* should agree with INQUIRY */
1963 memset(p + 2, 0, sizeof(format_pg) - 2);
1964 return sizeof(format_pg);
1967 static unsigned char caching_pg[] = {0x8, 18, 0x14, 0, 0xff, 0xff, 0, 0,
1968 0xff, 0xff, 0xff, 0xff, 0x80, 0x14, 0, 0,
1971 static int resp_caching_pg(unsigned char * p, int pcontrol, int target)
1972 { /* Caching page for mode_sense */
1973 unsigned char ch_caching_pg[] = {/* 0x8, 18, */ 0x4, 0, 0, 0, 0, 0,
1974 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0};
1975 unsigned char d_caching_pg[] = {0x8, 18, 0x14, 0, 0xff, 0xff, 0, 0,
1976 0xff, 0xff, 0xff, 0xff, 0x80, 0x14, 0, 0, 0, 0, 0, 0};
1978 if (SDEBUG_OPT_N_WCE & sdebug_opts)
1979 caching_pg[2] &= ~0x4; /* set WCE=0 (default WCE=1) */
1980 memcpy(p, caching_pg, sizeof(caching_pg));
1982 memcpy(p + 2, ch_caching_pg, sizeof(ch_caching_pg));
1983 else if (2 == pcontrol)
1984 memcpy(p, d_caching_pg, sizeof(d_caching_pg));
1985 return sizeof(caching_pg);
1988 static unsigned char ctrl_m_pg[] = {0xa, 10, 2, 0, 0, 0, 0, 0,
1991 static int resp_ctrl_m_pg(unsigned char * p, int pcontrol, int target)
1992 { /* Control mode page for mode_sense */
1993 unsigned char ch_ctrl_m_pg[] = {/* 0xa, 10, */ 0x6, 0, 0, 0, 0, 0,
1995 unsigned char d_ctrl_m_pg[] = {0xa, 10, 2, 0, 0, 0, 0, 0,
1999 ctrl_m_pg[2] |= 0x4;
2001 ctrl_m_pg[2] &= ~0x4;
2004 ctrl_m_pg[5] |= 0x80; /* ATO=1 */
2006 memcpy(p, ctrl_m_pg, sizeof(ctrl_m_pg));
2008 memcpy(p + 2, ch_ctrl_m_pg, sizeof(ch_ctrl_m_pg));
2009 else if (2 == pcontrol)
2010 memcpy(p, d_ctrl_m_pg, sizeof(d_ctrl_m_pg));
2011 return sizeof(ctrl_m_pg);
2015 static int resp_iec_m_pg(unsigned char * p, int pcontrol, int target)
2016 { /* Informational Exceptions control mode page for mode_sense */
2017 unsigned char ch_iec_m_pg[] = {/* 0x1c, 0xa, */ 0x4, 0xf, 0, 0, 0, 0,
2019 unsigned char d_iec_m_pg[] = {0x1c, 0xa, 0x08, 0, 0, 0, 0, 0,
2022 memcpy(p, iec_m_pg, sizeof(iec_m_pg));
2024 memcpy(p + 2, ch_iec_m_pg, sizeof(ch_iec_m_pg));
2025 else if (2 == pcontrol)
2026 memcpy(p, d_iec_m_pg, sizeof(d_iec_m_pg));
2027 return sizeof(iec_m_pg);
2030 static int resp_sas_sf_m_pg(unsigned char * p, int pcontrol, int target)
2031 { /* SAS SSP mode page - short format for mode_sense */
2032 unsigned char sas_sf_m_pg[] = {0x19, 0x6,
2033 0x6, 0x0, 0x7, 0xd0, 0x0, 0x0};
2035 memcpy(p, sas_sf_m_pg, sizeof(sas_sf_m_pg));
2037 memset(p + 2, 0, sizeof(sas_sf_m_pg) - 2);
2038 return sizeof(sas_sf_m_pg);
2042 static int resp_sas_pcd_m_spg(unsigned char * p, int pcontrol, int target,
2044 { /* SAS phy control and discover mode page for mode_sense */
2045 unsigned char sas_pcd_m_pg[] = {0x59, 0x1, 0, 0x64, 0, 0x6, 0, 2,
2046 0, 0, 0, 0, 0x10, 0x9, 0x8, 0x0,
2047 0, 0, 0, 0, 0, 0, 0, 0, /* insert SAS addr */
2048 0, 0, 0, 0, 0, 0, 0, 0, /* insert SAS addr */
2049 0x2, 0, 0, 0, 0, 0, 0, 0,
2050 0x88, 0x99, 0, 0, 0, 0, 0, 0,
2051 0, 0, 0, 0, 0, 0, 0, 0,
2052 0, 1, 0, 0, 0x10, 0x9, 0x8, 0x0,
2053 0, 0, 0, 0, 0, 0, 0, 0, /* insert SAS addr */
2054 0, 0, 0, 0, 0, 0, 0, 0, /* insert SAS addr */
2055 0x3, 0, 0, 0, 0, 0, 0, 0,
2056 0x88, 0x99, 0, 0, 0, 0, 0, 0,
2057 0, 0, 0, 0, 0, 0, 0, 0,
2061 put_unaligned_be64(naa3_comp_a, sas_pcd_m_pg + 16);
2062 put_unaligned_be64(naa3_comp_c + 1, sas_pcd_m_pg + 24);
2063 put_unaligned_be64(naa3_comp_a, sas_pcd_m_pg + 64);
2064 put_unaligned_be64(naa3_comp_c + 1, sas_pcd_m_pg + 72);
2065 port_a = target_dev_id + 1;
2066 port_b = port_a + 1;
2067 memcpy(p, sas_pcd_m_pg, sizeof(sas_pcd_m_pg));
2068 put_unaligned_be32(port_a, p + 20);
2069 put_unaligned_be32(port_b, p + 48 + 20);
2071 memset(p + 4, 0, sizeof(sas_pcd_m_pg) - 4);
2072 return sizeof(sas_pcd_m_pg);
2075 static int resp_sas_sha_m_spg(unsigned char * p, int pcontrol)
2076 { /* SAS SSP shared protocol specific port mode subpage */
2077 unsigned char sas_sha_m_pg[] = {0x59, 0x2, 0, 0xc, 0, 0x6, 0x10, 0,
2078 0, 0, 0, 0, 0, 0, 0, 0,
2081 memcpy(p, sas_sha_m_pg, sizeof(sas_sha_m_pg));
2083 memset(p + 4, 0, sizeof(sas_sha_m_pg) - 4);
2084 return sizeof(sas_sha_m_pg);
2087 #define SDEBUG_MAX_MSENSE_SZ 256
2089 static int resp_mode_sense(struct scsi_cmnd *scp,
2090 struct sdebug_dev_info *devip)
2092 int pcontrol, pcode, subpcode, bd_len;
2093 unsigned char dev_spec;
2094 int alloc_len, offset, len, target_dev_id;
2095 int target = scp->device->id;
2097 unsigned char arr[SDEBUG_MAX_MSENSE_SZ];
2098 unsigned char *cmd = scp->cmnd;
2099 bool dbd, llbaa, msense_6, is_disk, bad_pcode;
2101 dbd = !!(cmd[1] & 0x8); /* disable block descriptors */
2102 pcontrol = (cmd[2] & 0xc0) >> 6;
2103 pcode = cmd[2] & 0x3f;
2105 msense_6 = (MODE_SENSE == cmd[0]);
2106 llbaa = msense_6 ? false : !!(cmd[1] & 0x10);
2107 is_disk = (sdebug_ptype == TYPE_DISK);
2108 if (is_disk && !dbd)
2109 bd_len = llbaa ? 16 : 8;
2112 alloc_len = msense_6 ? cmd[4] : get_unaligned_be16(cmd + 7);
2113 memset(arr, 0, SDEBUG_MAX_MSENSE_SZ);
2114 if (0x3 == pcontrol) { /* Saving values not supported */
2115 mk_sense_buffer(scp, ILLEGAL_REQUEST, SAVING_PARAMS_UNSUP, 0);
2116 return check_condition_result;
2118 target_dev_id = ((devip->sdbg_host->shost->host_no + 1) * 2000) +
2119 (devip->target * 1000) - 3;
2120 /* for disks set DPOFUA bit and clear write protect (WP) bit */
2122 dev_spec = 0x10; /* =0x90 if WP=1 implies read-only */
2132 arr[4] = 0x1; /* set LONGLBA bit */
2133 arr[7] = bd_len; /* assume 255 or less */
2137 if ((bd_len > 0) && (!sdebug_capacity))
2138 sdebug_capacity = get_sdebug_capacity();
2141 if (sdebug_capacity > 0xfffffffe)
2142 put_unaligned_be32(0xffffffff, ap + 0);
2144 put_unaligned_be32(sdebug_capacity, ap + 0);
2145 put_unaligned_be16(sdebug_sector_size, ap + 6);
2148 } else if (16 == bd_len) {
2149 put_unaligned_be64((u64)sdebug_capacity, ap + 0);
2150 put_unaligned_be32(sdebug_sector_size, ap + 12);
2155 if ((subpcode > 0x0) && (subpcode < 0xff) && (0x19 != pcode)) {
2156 /* TODO: Control Extension page */
2157 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 3, -1);
2158 return check_condition_result;
2163 case 0x1: /* Read-Write error recovery page, direct access */
2164 len = resp_err_recov_pg(ap, pcontrol, target);
2167 case 0x2: /* Disconnect-Reconnect page, all devices */
2168 len = resp_disconnect_pg(ap, pcontrol, target);
2171 case 0x3: /* Format device page, direct access */
2173 len = resp_format_pg(ap, pcontrol, target);
2178 case 0x8: /* Caching page, direct access */
2180 len = resp_caching_pg(ap, pcontrol, target);
2185 case 0xa: /* Control Mode page, all devices */
2186 len = resp_ctrl_m_pg(ap, pcontrol, target);
2189 case 0x19: /* if spc==1 then sas phy, control+discover */
2190 if ((subpcode > 0x2) && (subpcode < 0xff)) {
2191 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 3, -1);
2192 return check_condition_result;
2195 if ((0x0 == subpcode) || (0xff == subpcode))
2196 len += resp_sas_sf_m_pg(ap + len, pcontrol, target);
2197 if ((0x1 == subpcode) || (0xff == subpcode))
2198 len += resp_sas_pcd_m_spg(ap + len, pcontrol, target,
2200 if ((0x2 == subpcode) || (0xff == subpcode))
2201 len += resp_sas_sha_m_spg(ap + len, pcontrol);
2204 case 0x1c: /* Informational Exceptions Mode page, all devices */
2205 len = resp_iec_m_pg(ap, pcontrol, target);
2208 case 0x3f: /* Read all Mode pages */
2209 if ((0 == subpcode) || (0xff == subpcode)) {
2210 len = resp_err_recov_pg(ap, pcontrol, target);
2211 len += resp_disconnect_pg(ap + len, pcontrol, target);
2213 len += resp_format_pg(ap + len, pcontrol,
2215 len += resp_caching_pg(ap + len, pcontrol,
2218 len += resp_ctrl_m_pg(ap + len, pcontrol, target);
2219 len += resp_sas_sf_m_pg(ap + len, pcontrol, target);
2220 if (0xff == subpcode) {
2221 len += resp_sas_pcd_m_spg(ap + len, pcontrol,
2222 target, target_dev_id);
2223 len += resp_sas_sha_m_spg(ap + len, pcontrol);
2225 len += resp_iec_m_pg(ap + len, pcontrol, target);
2228 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 3, -1);
2229 return check_condition_result;
2237 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 2, 5);
2238 return check_condition_result;
2241 arr[0] = offset - 1;
2243 put_unaligned_be16((offset - 2), arr + 0);
2244 return fill_from_dev_buffer(scp, arr, min(alloc_len, offset));
2247 #define SDEBUG_MAX_MSELECT_SZ 512
2249 static int resp_mode_select(struct scsi_cmnd *scp,
2250 struct sdebug_dev_info *devip)
2252 int pf, sp, ps, md_len, bd_len, off, spf, pg_len;
2253 int param_len, res, mpage;
2254 unsigned char arr[SDEBUG_MAX_MSELECT_SZ];
2255 unsigned char *cmd = scp->cmnd;
2256 int mselect6 = (MODE_SELECT == cmd[0]);
2258 memset(arr, 0, sizeof(arr));
2261 param_len = mselect6 ? cmd[4] : get_unaligned_be16(cmd + 7);
2262 if ((0 == pf) || sp || (param_len > SDEBUG_MAX_MSELECT_SZ)) {
2263 mk_sense_invalid_fld(scp, SDEB_IN_CDB, mselect6 ? 4 : 7, -1);
2264 return check_condition_result;
2266 res = fetch_to_dev_buffer(scp, arr, param_len);
2268 return DID_ERROR << 16;
2269 else if (sdebug_verbose && (res < param_len))
2270 sdev_printk(KERN_INFO, scp->device,
2271 "%s: cdb indicated=%d, IO sent=%d bytes\n",
2272 __func__, param_len, res);
2273 md_len = mselect6 ? (arr[0] + 1) : (get_unaligned_be16(arr + 0) + 2);
2274 bd_len = mselect6 ? arr[3] : get_unaligned_be16(arr + 6);
2276 mk_sense_invalid_fld(scp, SDEB_IN_DATA, 0, -1);
2277 return check_condition_result;
2279 off = bd_len + (mselect6 ? 4 : 8);
2280 mpage = arr[off] & 0x3f;
2281 ps = !!(arr[off] & 0x80);
2283 mk_sense_invalid_fld(scp, SDEB_IN_DATA, off, 7);
2284 return check_condition_result;
2286 spf = !!(arr[off] & 0x40);
2287 pg_len = spf ? (get_unaligned_be16(arr + off + 2) + 4) :
2289 if ((pg_len + off) > param_len) {
2290 mk_sense_buffer(scp, ILLEGAL_REQUEST,
2291 PARAMETER_LIST_LENGTH_ERR, 0);
2292 return check_condition_result;
2295 case 0x8: /* Caching Mode page */
2296 if (caching_pg[1] == arr[off + 1]) {
2297 memcpy(caching_pg + 2, arr + off + 2,
2298 sizeof(caching_pg) - 2);
2299 goto set_mode_changed_ua;
2302 case 0xa: /* Control Mode page */
2303 if (ctrl_m_pg[1] == arr[off + 1]) {
2304 memcpy(ctrl_m_pg + 2, arr + off + 2,
2305 sizeof(ctrl_m_pg) - 2);
2306 sdebug_dsense = !!(ctrl_m_pg[2] & 0x4);
2307 goto set_mode_changed_ua;
2310 case 0x1c: /* Informational Exceptions Mode page */
2311 if (iec_m_pg[1] == arr[off + 1]) {
2312 memcpy(iec_m_pg + 2, arr + off + 2,
2313 sizeof(iec_m_pg) - 2);
2314 goto set_mode_changed_ua;
2320 mk_sense_invalid_fld(scp, SDEB_IN_DATA, off, 5);
2321 return check_condition_result;
2322 set_mode_changed_ua:
2323 set_bit(SDEBUG_UA_MODE_CHANGED, devip->uas_bm);
2327 static int resp_temp_l_pg(unsigned char * arr)
2329 unsigned char temp_l_pg[] = {0x0, 0x0, 0x3, 0x2, 0x0, 38,
2330 0x0, 0x1, 0x3, 0x2, 0x0, 65,
2333 memcpy(arr, temp_l_pg, sizeof(temp_l_pg));
2334 return sizeof(temp_l_pg);
2337 static int resp_ie_l_pg(unsigned char * arr)
2339 unsigned char ie_l_pg[] = {0x0, 0x0, 0x3, 0x3, 0x0, 0x0, 38,
2342 memcpy(arr, ie_l_pg, sizeof(ie_l_pg));
2343 if (iec_m_pg[2] & 0x4) { /* TEST bit set */
2344 arr[4] = THRESHOLD_EXCEEDED;
2347 return sizeof(ie_l_pg);
2350 #define SDEBUG_MAX_LSENSE_SZ 512
2352 static int resp_log_sense(struct scsi_cmnd *scp,
2353 struct sdebug_dev_info *devip)
2355 int ppc, sp, pcode, subpcode, alloc_len, len, n;
2356 unsigned char arr[SDEBUG_MAX_LSENSE_SZ];
2357 unsigned char *cmd = scp->cmnd;
2359 memset(arr, 0, sizeof(arr));
2363 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 1, ppc ? 1 : 0);
2364 return check_condition_result;
2366 pcode = cmd[2] & 0x3f;
2367 subpcode = cmd[3] & 0xff;
2368 alloc_len = get_unaligned_be16(cmd + 7);
2370 if (0 == subpcode) {
2372 case 0x0: /* Supported log pages log page */
2374 arr[n++] = 0x0; /* this page */
2375 arr[n++] = 0xd; /* Temperature */
2376 arr[n++] = 0x2f; /* Informational exceptions */
2379 case 0xd: /* Temperature log page */
2380 arr[3] = resp_temp_l_pg(arr + 4);
2382 case 0x2f: /* Informational exceptions log page */
2383 arr[3] = resp_ie_l_pg(arr + 4);
2386 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 2, 5);
2387 return check_condition_result;
2389 } else if (0xff == subpcode) {
2393 case 0x0: /* Supported log pages and subpages log page */
2396 arr[n++] = 0x0; /* 0,0 page */
2398 arr[n++] = 0xff; /* this page */
2400 arr[n++] = 0x0; /* Temperature */
2402 arr[n++] = 0x0; /* Informational exceptions */
2405 case 0xd: /* Temperature subpages */
2408 arr[n++] = 0x0; /* Temperature */
2411 case 0x2f: /* Informational exceptions subpages */
2414 arr[n++] = 0x0; /* Informational exceptions */
2418 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 2, 5);
2419 return check_condition_result;
2422 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 3, -1);
2423 return check_condition_result;
2425 len = min(get_unaligned_be16(arr + 2) + 4, alloc_len);
2426 return fill_from_dev_buffer(scp, arr,
2427 min(len, SDEBUG_MAX_INQ_ARR_SZ));
2430 static int check_device_access_params(struct scsi_cmnd *scp,
2431 unsigned long long lba, unsigned int num)
2433 if (lba + num > sdebug_capacity) {
2434 mk_sense_buffer(scp, ILLEGAL_REQUEST, LBA_OUT_OF_RANGE, 0);
2435 return check_condition_result;
2437 /* transfer length excessive (tie in to block limits VPD page) */
2438 if (num > sdebug_store_sectors) {
2439 /* needs work to find which cdb byte 'num' comes from */
2440 mk_sense_buffer(scp, ILLEGAL_REQUEST, INVALID_FIELD_IN_CDB, 0);
2441 return check_condition_result;
2446 /* Returns number of bytes copied or -1 if error. */
2447 static int do_device_access(struct scsi_cmnd *scmd, u32 sg_skip, u64 lba,
2448 u32 num, bool do_write)
2451 u64 block, rest = 0;
2452 struct scsi_data_buffer *sdb;
2453 enum dma_data_direction dir;
2456 sdb = scsi_out(scmd);
2457 dir = DMA_TO_DEVICE;
2459 sdb = scsi_in(scmd);
2460 dir = DMA_FROM_DEVICE;
2465 if (!(scsi_bidi_cmnd(scmd) || scmd->sc_data_direction == dir))
2468 block = do_div(lba, sdebug_store_sectors);
2469 if (block + num > sdebug_store_sectors)
2470 rest = block + num - sdebug_store_sectors;
2472 ret = sg_copy_buffer(sdb->table.sgl, sdb->table.nents,
2473 fake_storep + (block * sdebug_sector_size),
2474 (num - rest) * sdebug_sector_size, sg_skip, do_write);
2475 if (ret != (num - rest) * sdebug_sector_size)
2479 ret += sg_copy_buffer(sdb->table.sgl, sdb->table.nents,
2480 fake_storep, rest * sdebug_sector_size,
2481 sg_skip + ((num - rest) * sdebug_sector_size),
2488 /* If fake_store(lba,num) compares equal to arr(num), then copy top half of
2489 * arr into fake_store(lba,num) and return true. If comparison fails then
2491 static bool comp_write_worker(u64 lba, u32 num, const u8 *arr)
2494 u64 block, rest = 0;
2495 u32 store_blks = sdebug_store_sectors;
2496 u32 lb_size = sdebug_sector_size;
2498 block = do_div(lba, store_blks);
2499 if (block + num > store_blks)
2500 rest = block + num - store_blks;
2502 res = !memcmp(fake_storep + (block * lb_size), arr,
2503 (num - rest) * lb_size);
2507 res = memcmp(fake_storep, arr + ((num - rest) * lb_size),
2511 arr += num * lb_size;
2512 memcpy(fake_storep + (block * lb_size), arr, (num - rest) * lb_size);
2514 memcpy(fake_storep, arr + ((num - rest) * lb_size),
2519 static __be16 dif_compute_csum(const void *buf, int len)
2524 csum = (__force __be16)ip_compute_csum(buf, len);
2526 csum = cpu_to_be16(crc_t10dif(buf, len));
2531 static int dif_verify(struct t10_pi_tuple *sdt, const void *data,
2532 sector_t sector, u32 ei_lba)
2534 __be16 csum = dif_compute_csum(data, sdebug_sector_size);
2536 if (sdt->guard_tag != csum) {
2537 pr_err("GUARD check failed on sector %lu rcvd 0x%04x, data 0x%04x\n",
2538 (unsigned long)sector,
2539 be16_to_cpu(sdt->guard_tag),
2543 if (sdebug_dif == T10_PI_TYPE1_PROTECTION &&
2544 be32_to_cpu(sdt->ref_tag) != (sector & 0xffffffff)) {
2545 pr_err("REF check failed on sector %lu\n",
2546 (unsigned long)sector);
2549 if (sdebug_dif == T10_PI_TYPE2_PROTECTION &&
2550 be32_to_cpu(sdt->ref_tag) != ei_lba) {
2551 pr_err("REF check failed on sector %lu\n",
2552 (unsigned long)sector);
2558 static void dif_copy_prot(struct scsi_cmnd *SCpnt, sector_t sector,
2559 unsigned int sectors, bool read)
2563 const void *dif_store_end = dif_storep + sdebug_store_sectors;
2564 struct sg_mapping_iter miter;
2566 /* Bytes of protection data to copy into sgl */
2567 resid = sectors * sizeof(*dif_storep);
2569 sg_miter_start(&miter, scsi_prot_sglist(SCpnt),
2570 scsi_prot_sg_count(SCpnt), SG_MITER_ATOMIC |
2571 (read ? SG_MITER_TO_SG : SG_MITER_FROM_SG));
2573 while (sg_miter_next(&miter) && resid > 0) {
2574 size_t len = min(miter.length, resid);
2575 void *start = dif_store(sector);
2578 if (dif_store_end < start + len)
2579 rest = start + len - dif_store_end;
2584 memcpy(paddr, start, len - rest);
2586 memcpy(start, paddr, len - rest);
2590 memcpy(paddr + len - rest, dif_storep, rest);
2592 memcpy(dif_storep, paddr + len - rest, rest);
2595 sector += len / sizeof(*dif_storep);
2598 sg_miter_stop(&miter);
2601 static int prot_verify_read(struct scsi_cmnd *SCpnt, sector_t start_sec,
2602 unsigned int sectors, u32 ei_lba)
2605 struct t10_pi_tuple *sdt;
2608 for (i = 0; i < sectors; i++, ei_lba++) {
2611 sector = start_sec + i;
2612 sdt = dif_store(sector);
2614 if (sdt->app_tag == cpu_to_be16(0xffff))
2617 ret = dif_verify(sdt, fake_store(sector), sector, ei_lba);
2624 dif_copy_prot(SCpnt, start_sec, sectors, true);
2630 static int resp_read_dt0(struct scsi_cmnd *scp, struct sdebug_dev_info *devip)
2632 u8 *cmd = scp->cmnd;
2633 struct sdebug_queued_cmd *sqcp;
2637 unsigned long iflags;
2644 lba = get_unaligned_be64(cmd + 2);
2645 num = get_unaligned_be32(cmd + 10);
2650 lba = get_unaligned_be32(cmd + 2);
2651 num = get_unaligned_be16(cmd + 7);
2656 lba = (u32)cmd[3] | (u32)cmd[2] << 8 |
2657 (u32)(cmd[1] & 0x1f) << 16;
2658 num = (0 == cmd[4]) ? 256 : cmd[4];
2663 lba = get_unaligned_be32(cmd + 2);
2664 num = get_unaligned_be32(cmd + 6);
2667 case XDWRITEREAD_10:
2669 lba = get_unaligned_be32(cmd + 2);
2670 num = get_unaligned_be16(cmd + 7);
2673 default: /* assume READ(32) */
2674 lba = get_unaligned_be64(cmd + 12);
2675 ei_lba = get_unaligned_be32(cmd + 20);
2676 num = get_unaligned_be32(cmd + 28);
2680 if (unlikely(have_dif_prot && check_prot)) {
2681 if (sdebug_dif == T10_PI_TYPE2_PROTECTION &&
2683 mk_sense_invalid_opcode(scp);
2684 return check_condition_result;
2686 if ((sdebug_dif == T10_PI_TYPE1_PROTECTION ||
2687 sdebug_dif == T10_PI_TYPE3_PROTECTION) &&
2688 (cmd[1] & 0xe0) == 0)
2689 sdev_printk(KERN_ERR, scp->device, "Unprotected RD "
2692 if (unlikely(sdebug_any_injecting_opt)) {
2693 sqcp = (struct sdebug_queued_cmd *)scp->host_scribble;
2696 if (sqcp->inj_short)
2702 /* inline check_device_access_params() */
2703 if (unlikely(lba + num > sdebug_capacity)) {
2704 mk_sense_buffer(scp, ILLEGAL_REQUEST, LBA_OUT_OF_RANGE, 0);
2705 return check_condition_result;
2707 /* transfer length excessive (tie in to block limits VPD page) */
2708 if (unlikely(num > sdebug_store_sectors)) {
2709 /* needs work to find which cdb byte 'num' comes from */
2710 mk_sense_buffer(scp, ILLEGAL_REQUEST, INVALID_FIELD_IN_CDB, 0);
2711 return check_condition_result;
2714 if (unlikely((SDEBUG_OPT_MEDIUM_ERR & sdebug_opts) &&
2715 (lba <= (OPT_MEDIUM_ERR_ADDR + OPT_MEDIUM_ERR_NUM - 1)) &&
2716 ((lba + num) > OPT_MEDIUM_ERR_ADDR))) {
2717 /* claim unrecoverable read error */
2718 mk_sense_buffer(scp, MEDIUM_ERROR, UNRECOVERED_READ_ERR, 0);
2719 /* set info field and valid bit for fixed descriptor */
2720 if (0x70 == (scp->sense_buffer[0] & 0x7f)) {
2721 scp->sense_buffer[0] |= 0x80; /* Valid bit */
2722 ret = (lba < OPT_MEDIUM_ERR_ADDR)
2723 ? OPT_MEDIUM_ERR_ADDR : (int)lba;
2724 put_unaligned_be32(ret, scp->sense_buffer + 3);
2726 scsi_set_resid(scp, scsi_bufflen(scp));
2727 return check_condition_result;
2730 read_lock_irqsave(&atomic_rw, iflags);
2733 if (unlikely(sdebug_dix && scsi_prot_sg_count(scp))) {
2734 int prot_ret = prot_verify_read(scp, lba, num, ei_lba);
2737 read_unlock_irqrestore(&atomic_rw, iflags);
2738 mk_sense_buffer(scp, ABORTED_COMMAND, 0x10, prot_ret);
2739 return illegal_condition_result;
2743 ret = do_device_access(scp, 0, lba, num, false);
2744 read_unlock_irqrestore(&atomic_rw, iflags);
2745 if (unlikely(ret == -1))
2746 return DID_ERROR << 16;
2748 scsi_in(scp)->resid = scsi_bufflen(scp) - ret;
2750 if (unlikely(sqcp)) {
2751 if (sqcp->inj_recovered) {
2752 mk_sense_buffer(scp, RECOVERED_ERROR,
2753 THRESHOLD_EXCEEDED, 0);
2754 return check_condition_result;
2755 } else if (sqcp->inj_transport) {
2756 mk_sense_buffer(scp, ABORTED_COMMAND,
2757 TRANSPORT_PROBLEM, ACK_NAK_TO);
2758 return check_condition_result;
2759 } else if (sqcp->inj_dif) {
2760 /* Logical block guard check failed */
2761 mk_sense_buffer(scp, ABORTED_COMMAND, 0x10, 1);
2762 return illegal_condition_result;
2763 } else if (sqcp->inj_dix) {
2764 mk_sense_buffer(scp, ILLEGAL_REQUEST, 0x10, 1);
2765 return illegal_condition_result;
2771 static void dump_sector(unsigned char *buf, int len)
2775 pr_err(">>> Sector Dump <<<\n");
2776 for (i = 0 ; i < len ; i += 16) {
2779 for (j = 0, n = 0; j < 16; j++) {
2780 unsigned char c = buf[i+j];
2782 if (c >= 0x20 && c < 0x7e)
2783 n += scnprintf(b + n, sizeof(b) - n,
2786 n += scnprintf(b + n, sizeof(b) - n,
2789 pr_err("%04d: %s\n", i, b);
2793 static int prot_verify_write(struct scsi_cmnd *SCpnt, sector_t start_sec,
2794 unsigned int sectors, u32 ei_lba)
2797 struct t10_pi_tuple *sdt;
2799 sector_t sector = start_sec;
2802 struct sg_mapping_iter diter;
2803 struct sg_mapping_iter piter;
2805 BUG_ON(scsi_sg_count(SCpnt) == 0);
2806 BUG_ON(scsi_prot_sg_count(SCpnt) == 0);
2808 sg_miter_start(&piter, scsi_prot_sglist(SCpnt),
2809 scsi_prot_sg_count(SCpnt),
2810 SG_MITER_ATOMIC | SG_MITER_FROM_SG);
2811 sg_miter_start(&diter, scsi_sglist(SCpnt), scsi_sg_count(SCpnt),
2812 SG_MITER_ATOMIC | SG_MITER_FROM_SG);
2814 /* For each protection page */
2815 while (sg_miter_next(&piter)) {
2817 if (WARN_ON(!sg_miter_next(&diter))) {
2822 for (ppage_offset = 0; ppage_offset < piter.length;
2823 ppage_offset += sizeof(struct t10_pi_tuple)) {
2824 /* If we're at the end of the current
2825 * data page advance to the next one
2827 if (dpage_offset >= diter.length) {
2828 if (WARN_ON(!sg_miter_next(&diter))) {
2835 sdt = piter.addr + ppage_offset;
2836 daddr = diter.addr + dpage_offset;
2838 ret = dif_verify(sdt, daddr, sector, ei_lba);
2840 dump_sector(daddr, sdebug_sector_size);
2846 dpage_offset += sdebug_sector_size;
2848 diter.consumed = dpage_offset;
2849 sg_miter_stop(&diter);
2851 sg_miter_stop(&piter);
2853 dif_copy_prot(SCpnt, start_sec, sectors, false);
2860 sg_miter_stop(&diter);
2861 sg_miter_stop(&piter);
2865 static unsigned long lba_to_map_index(sector_t lba)
2867 if (sdebug_unmap_alignment)
2868 lba += sdebug_unmap_granularity - sdebug_unmap_alignment;
2869 sector_div(lba, sdebug_unmap_granularity);
2873 static sector_t map_index_to_lba(unsigned long index)
2875 sector_t lba = index * sdebug_unmap_granularity;
2877 if (sdebug_unmap_alignment)
2878 lba -= sdebug_unmap_granularity - sdebug_unmap_alignment;
2882 static unsigned int map_state(sector_t lba, unsigned int *num)
2885 unsigned int mapped;
2886 unsigned long index;
2889 index = lba_to_map_index(lba);
2890 mapped = test_bit(index, map_storep);
2893 next = find_next_zero_bit(map_storep, map_size, index);
2895 next = find_next_bit(map_storep, map_size, index);
2897 end = min_t(sector_t, sdebug_store_sectors, map_index_to_lba(next));
2902 static void map_region(sector_t lba, unsigned int len)
2904 sector_t end = lba + len;
2907 unsigned long index = lba_to_map_index(lba);
2909 if (index < map_size)
2910 set_bit(index, map_storep);
2912 lba = map_index_to_lba(index + 1);
2916 static void unmap_region(sector_t lba, unsigned int len)
2918 sector_t end = lba + len;
2921 unsigned long index = lba_to_map_index(lba);
2923 if (lba == map_index_to_lba(index) &&
2924 lba + sdebug_unmap_granularity <= end &&
2926 clear_bit(index, map_storep);
2927 if (sdebug_lbprz) { /* for LBPRZ=2 return 0xff_s */
2928 memset(fake_storep +
2929 lba * sdebug_sector_size,
2930 (sdebug_lbprz & 1) ? 0 : 0xff,
2931 sdebug_sector_size *
2932 sdebug_unmap_granularity);
2935 memset(dif_storep + lba, 0xff,
2936 sizeof(*dif_storep) *
2937 sdebug_unmap_granularity);
2940 lba = map_index_to_lba(index + 1);
2944 static int resp_write_dt0(struct scsi_cmnd *scp, struct sdebug_dev_info *devip)
2946 u8 *cmd = scp->cmnd;
2950 unsigned long iflags;
2957 lba = get_unaligned_be64(cmd + 2);
2958 num = get_unaligned_be32(cmd + 10);
2963 lba = get_unaligned_be32(cmd + 2);
2964 num = get_unaligned_be16(cmd + 7);
2969 lba = (u32)cmd[3] | (u32)cmd[2] << 8 |
2970 (u32)(cmd[1] & 0x1f) << 16;
2971 num = (0 == cmd[4]) ? 256 : cmd[4];
2976 lba = get_unaligned_be32(cmd + 2);
2977 num = get_unaligned_be32(cmd + 6);
2980 case 0x53: /* XDWRITEREAD(10) */
2982 lba = get_unaligned_be32(cmd + 2);
2983 num = get_unaligned_be16(cmd + 7);
2986 default: /* assume WRITE(32) */
2987 lba = get_unaligned_be64(cmd + 12);
2988 ei_lba = get_unaligned_be32(cmd + 20);
2989 num = get_unaligned_be32(cmd + 28);
2993 if (unlikely(have_dif_prot && check_prot)) {
2994 if (sdebug_dif == T10_PI_TYPE2_PROTECTION &&
2996 mk_sense_invalid_opcode(scp);
2997 return check_condition_result;
2999 if ((sdebug_dif == T10_PI_TYPE1_PROTECTION ||
3000 sdebug_dif == T10_PI_TYPE3_PROTECTION) &&
3001 (cmd[1] & 0xe0) == 0)
3002 sdev_printk(KERN_ERR, scp->device, "Unprotected WR "
3006 /* inline check_device_access_params() */
3007 if (unlikely(lba + num > sdebug_capacity)) {
3008 mk_sense_buffer(scp, ILLEGAL_REQUEST, LBA_OUT_OF_RANGE, 0);
3009 return check_condition_result;
3011 /* transfer length excessive (tie in to block limits VPD page) */
3012 if (unlikely(num > sdebug_store_sectors)) {
3013 /* needs work to find which cdb byte 'num' comes from */
3014 mk_sense_buffer(scp, ILLEGAL_REQUEST, INVALID_FIELD_IN_CDB, 0);
3015 return check_condition_result;
3018 write_lock_irqsave(&atomic_rw, iflags);
3021 if (unlikely(sdebug_dix && scsi_prot_sg_count(scp))) {
3022 int prot_ret = prot_verify_write(scp, lba, num, ei_lba);
3025 write_unlock_irqrestore(&atomic_rw, iflags);
3026 mk_sense_buffer(scp, ILLEGAL_REQUEST, 0x10, prot_ret);
3027 return illegal_condition_result;
3031 ret = do_device_access(scp, 0, lba, num, true);
3032 if (unlikely(scsi_debug_lbp()))
3033 map_region(lba, num);
3034 write_unlock_irqrestore(&atomic_rw, iflags);
3035 if (unlikely(-1 == ret))
3036 return DID_ERROR << 16;
3037 else if (unlikely(sdebug_verbose &&
3038 (ret < (num * sdebug_sector_size))))
3039 sdev_printk(KERN_INFO, scp->device,
3040 "%s: write: cdb indicated=%u, IO sent=%d bytes\n",
3041 my_name, num * sdebug_sector_size, ret);
3043 if (unlikely(sdebug_any_injecting_opt)) {
3044 struct sdebug_queued_cmd *sqcp =
3045 (struct sdebug_queued_cmd *)scp->host_scribble;
3048 if (sqcp->inj_recovered) {
3049 mk_sense_buffer(scp, RECOVERED_ERROR,
3050 THRESHOLD_EXCEEDED, 0);
3051 return check_condition_result;
3052 } else if (sqcp->inj_dif) {
3053 /* Logical block guard check failed */
3054 mk_sense_buffer(scp, ABORTED_COMMAND, 0x10, 1);
3055 return illegal_condition_result;
3056 } else if (sqcp->inj_dix) {
3057 mk_sense_buffer(scp, ILLEGAL_REQUEST, 0x10, 1);
3058 return illegal_condition_result;
3066 * T10 has only specified WRITE SCATTERED(16) and WRITE SCATTERED(32).
3067 * No READ GATHERED yet (requires bidi or long cdb holding gather list).
3069 static int resp_write_scat(struct scsi_cmnd *scp,
3070 struct sdebug_dev_info *devip)
3072 u8 *cmd = scp->cmnd;
3076 u16 lbdof, num_lrd, k;
3077 u32 num, num_by, bt_len, lbdof_blen, sg_off, cum_lb;
3078 u32 lb_size = sdebug_sector_size;
3081 unsigned long iflags;
3084 static const u32 lrd_size = 32; /* + parameter list header size */
3086 if (cmd[0] == VARIABLE_LENGTH_CMD) {
3088 wrprotect = (cmd[10] >> 5) & 0x7;
3089 lbdof = get_unaligned_be16(cmd + 12);
3090 num_lrd = get_unaligned_be16(cmd + 16);
3091 bt_len = get_unaligned_be32(cmd + 28);
3092 } else { /* that leaves WRITE SCATTERED(16) */
3094 wrprotect = (cmd[2] >> 5) & 0x7;
3095 lbdof = get_unaligned_be16(cmd + 4);
3096 num_lrd = get_unaligned_be16(cmd + 8);
3097 bt_len = get_unaligned_be32(cmd + 10);
3098 if (unlikely(have_dif_prot)) {
3099 if (sdebug_dif == T10_PI_TYPE2_PROTECTION &&
3101 mk_sense_invalid_opcode(scp);
3102 return illegal_condition_result;
3104 if ((sdebug_dif == T10_PI_TYPE1_PROTECTION ||
3105 sdebug_dif == T10_PI_TYPE3_PROTECTION) &&
3107 sdev_printk(KERN_ERR, scp->device,
3108 "Unprotected WR to DIF device\n");
3111 if ((num_lrd == 0) || (bt_len == 0))
3112 return 0; /* T10 says these do-nothings are not errors */
3115 sdev_printk(KERN_INFO, scp->device,
3116 "%s: %s: LB Data Offset field bad\n",
3118 mk_sense_buffer(scp, ILLEGAL_REQUEST, INVALID_FIELD_IN_CDB, 0);
3119 return illegal_condition_result;
3121 lbdof_blen = lbdof * lb_size;
3122 if ((lrd_size + (num_lrd * lrd_size)) > lbdof_blen) {
3124 sdev_printk(KERN_INFO, scp->device,
3125 "%s: %s: LBA range descriptors don't fit\n",
3127 mk_sense_buffer(scp, ILLEGAL_REQUEST, INVALID_FIELD_IN_CDB, 0);
3128 return illegal_condition_result;
3130 lrdp = kzalloc(lbdof_blen, GFP_ATOMIC);
3132 return SCSI_MLQUEUE_HOST_BUSY;
3134 sdev_printk(KERN_INFO, scp->device,
3135 "%s: %s: Fetch header+scatter_list, lbdof_blen=%u\n",
3136 my_name, __func__, lbdof_blen);
3137 res = fetch_to_dev_buffer(scp, lrdp, lbdof_blen);
3139 ret = DID_ERROR << 16;
3143 write_lock_irqsave(&atomic_rw, iflags);
3144 sg_off = lbdof_blen;
3145 /* Spec says Buffer xfer Length field in number of LBs in dout */
3147 for (k = 0, up = lrdp + lrd_size; k < num_lrd; ++k, up += lrd_size) {
3148 lba = get_unaligned_be64(up + 0);
3149 num = get_unaligned_be32(up + 8);
3151 sdev_printk(KERN_INFO, scp->device,
3152 "%s: %s: k=%d LBA=0x%llx num=%u sg_off=%u\n",
3153 my_name, __func__, k, lba, num, sg_off);
3156 ret = check_device_access_params(scp, lba, num);
3158 goto err_out_unlock;
3159 num_by = num * lb_size;
3160 ei_lba = is_16 ? 0 : get_unaligned_be32(up + 12);
3162 if ((cum_lb + num) > bt_len) {
3164 sdev_printk(KERN_INFO, scp->device,
3165 "%s: %s: sum of blocks > data provided\n",
3167 mk_sense_buffer(scp, ILLEGAL_REQUEST, WRITE_ERROR_ASC,
3169 ret = illegal_condition_result;
3170 goto err_out_unlock;
3174 if (unlikely(sdebug_dix && scsi_prot_sg_count(scp))) {
3175 int prot_ret = prot_verify_write(scp, lba, num,
3179 mk_sense_buffer(scp, ILLEGAL_REQUEST, 0x10,
3181 ret = illegal_condition_result;
3182 goto err_out_unlock;
3186 ret = do_device_access(scp, sg_off, lba, num, true);
3187 if (unlikely(scsi_debug_lbp()))
3188 map_region(lba, num);
3189 if (unlikely(-1 == ret)) {
3190 ret = DID_ERROR << 16;
3191 goto err_out_unlock;
3192 } else if (unlikely(sdebug_verbose && (ret < num_by)))
3193 sdev_printk(KERN_INFO, scp->device,
3194 "%s: write: cdb indicated=%u, IO sent=%d bytes\n",
3195 my_name, num_by, ret);
3197 if (unlikely(sdebug_any_injecting_opt)) {
3198 struct sdebug_queued_cmd *sqcp =
3199 (struct sdebug_queued_cmd *)scp->host_scribble;
3202 if (sqcp->inj_recovered) {
3203 mk_sense_buffer(scp, RECOVERED_ERROR,
3204 THRESHOLD_EXCEEDED, 0);
3205 ret = illegal_condition_result;
3206 goto err_out_unlock;
3207 } else if (sqcp->inj_dif) {
3208 /* Logical block guard check failed */
3209 mk_sense_buffer(scp, ABORTED_COMMAND,
3211 ret = illegal_condition_result;
3212 goto err_out_unlock;
3213 } else if (sqcp->inj_dix) {
3214 mk_sense_buffer(scp, ILLEGAL_REQUEST,
3216 ret = illegal_condition_result;
3217 goto err_out_unlock;
3226 write_unlock_irqrestore(&atomic_rw, iflags);
3232 static int resp_write_same(struct scsi_cmnd *scp, u64 lba, u32 num,
3233 u32 ei_lba, bool unmap, bool ndob)
3235 unsigned long iflags;
3236 unsigned long long i;
3240 ret = check_device_access_params(scp, lba, num);
3244 write_lock_irqsave(&atomic_rw, iflags);
3246 if (unmap && scsi_debug_lbp()) {
3247 unmap_region(lba, num);
3251 lba_off = lba * sdebug_sector_size;
3252 /* if ndob then zero 1 logical block, else fetch 1 logical block */
3254 memset(fake_storep + lba_off, 0, sdebug_sector_size);
3257 ret = fetch_to_dev_buffer(scp, fake_storep + lba_off,
3258 sdebug_sector_size);
3261 write_unlock_irqrestore(&atomic_rw, iflags);
3262 return DID_ERROR << 16;
3263 } else if (sdebug_verbose && !ndob && (ret < sdebug_sector_size))
3264 sdev_printk(KERN_INFO, scp->device,
3265 "%s: %s: lb size=%u, IO sent=%d bytes\n",
3266 my_name, "write same",
3267 sdebug_sector_size, ret);
3269 /* Copy first sector to remaining blocks */
3270 for (i = 1 ; i < num ; i++)
3271 memcpy(fake_storep + ((lba + i) * sdebug_sector_size),
3272 fake_storep + lba_off,
3273 sdebug_sector_size);
3275 if (scsi_debug_lbp())
3276 map_region(lba, num);
3278 write_unlock_irqrestore(&atomic_rw, iflags);
3283 static int resp_write_same_10(struct scsi_cmnd *scp,
3284 struct sdebug_dev_info *devip)
3286 u8 *cmd = scp->cmnd;
3293 if (sdebug_lbpws10 == 0) {
3294 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 1, 3);
3295 return check_condition_result;
3299 lba = get_unaligned_be32(cmd + 2);
3300 num = get_unaligned_be16(cmd + 7);
3301 if (num > sdebug_write_same_length) {
3302 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 7, -1);
3303 return check_condition_result;
3305 return resp_write_same(scp, lba, num, ei_lba, unmap, false);
3308 static int resp_write_same_16(struct scsi_cmnd *scp,
3309 struct sdebug_dev_info *devip)
3311 u8 *cmd = scp->cmnd;
3318 if (cmd[1] & 0x8) { /* UNMAP */
3319 if (sdebug_lbpws == 0) {
3320 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 1, 3);
3321 return check_condition_result;
3325 if (cmd[1] & 0x1) /* NDOB (no data-out buffer, assumes zeroes) */
3327 lba = get_unaligned_be64(cmd + 2);
3328 num = get_unaligned_be32(cmd + 10);
3329 if (num > sdebug_write_same_length) {
3330 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 10, -1);
3331 return check_condition_result;
3333 return resp_write_same(scp, lba, num, ei_lba, unmap, ndob);
3336 /* Note the mode field is in the same position as the (lower) service action
3337 * field. For the Report supported operation codes command, SPC-4 suggests
3338 * each mode of this command should be reported separately; for future. */
3339 static int resp_write_buffer(struct scsi_cmnd *scp,
3340 struct sdebug_dev_info *devip)
3342 u8 *cmd = scp->cmnd;
3343 struct scsi_device *sdp = scp->device;
3344 struct sdebug_dev_info *dp;
3347 mode = cmd[1] & 0x1f;
3349 case 0x4: /* download microcode (MC) and activate (ACT) */
3350 /* set UAs on this device only */
3351 set_bit(SDEBUG_UA_BUS_RESET, devip->uas_bm);
3352 set_bit(SDEBUG_UA_MICROCODE_CHANGED, devip->uas_bm);
3354 case 0x5: /* download MC, save and ACT */
3355 set_bit(SDEBUG_UA_MICROCODE_CHANGED_WO_RESET, devip->uas_bm);
3357 case 0x6: /* download MC with offsets and ACT */
3358 /* set UAs on most devices (LUs) in this target */
3359 list_for_each_entry(dp,
3360 &devip->sdbg_host->dev_info_list,
3362 if (dp->target == sdp->id) {
3363 set_bit(SDEBUG_UA_BUS_RESET, dp->uas_bm);
3365 set_bit(SDEBUG_UA_MICROCODE_CHANGED,
3369 case 0x7: /* download MC with offsets, save, and ACT */
3370 /* set UA on all devices (LUs) in this target */
3371 list_for_each_entry(dp,
3372 &devip->sdbg_host->dev_info_list,
3374 if (dp->target == sdp->id)
3375 set_bit(SDEBUG_UA_MICROCODE_CHANGED_WO_RESET,
3379 /* do nothing for this command for other mode values */
3385 static int resp_comp_write(struct scsi_cmnd *scp,
3386 struct sdebug_dev_info *devip)
3388 u8 *cmd = scp->cmnd;
3390 u8 *fake_storep_hold;
3393 u32 lb_size = sdebug_sector_size;
3395 unsigned long iflags;
3399 lba = get_unaligned_be64(cmd + 2);
3400 num = cmd[13]; /* 1 to a maximum of 255 logical blocks */
3402 return 0; /* degenerate case, not an error */
3403 if (sdebug_dif == T10_PI_TYPE2_PROTECTION &&
3405 mk_sense_invalid_opcode(scp);
3406 return check_condition_result;
3408 if ((sdebug_dif == T10_PI_TYPE1_PROTECTION ||
3409 sdebug_dif == T10_PI_TYPE3_PROTECTION) &&
3410 (cmd[1] & 0xe0) == 0)
3411 sdev_printk(KERN_ERR, scp->device, "Unprotected WR "
3414 /* inline check_device_access_params() */
3415 if (lba + num > sdebug_capacity) {
3416 mk_sense_buffer(scp, ILLEGAL_REQUEST, LBA_OUT_OF_RANGE, 0);
3417 return check_condition_result;
3419 /* transfer length excessive (tie in to block limits VPD page) */
3420 if (num > sdebug_store_sectors) {
3421 /* needs work to find which cdb byte 'num' comes from */
3422 mk_sense_buffer(scp, ILLEGAL_REQUEST, INVALID_FIELD_IN_CDB, 0);
3423 return check_condition_result;
3426 arr = kzalloc(dnum * lb_size, GFP_ATOMIC);
3428 mk_sense_buffer(scp, ILLEGAL_REQUEST, INSUFF_RES_ASC,
3430 return check_condition_result;
3433 write_lock_irqsave(&atomic_rw, iflags);
3435 /* trick do_device_access() to fetch both compare and write buffers
3436 * from data-in into arr. Safe (atomic) since write_lock held. */
3437 fake_storep_hold = fake_storep;
3439 ret = do_device_access(scp, 0, 0, dnum, true);
3440 fake_storep = fake_storep_hold;
3442 retval = DID_ERROR << 16;
3444 } else if (sdebug_verbose && (ret < (dnum * lb_size)))
3445 sdev_printk(KERN_INFO, scp->device, "%s: compare_write: cdb "
3446 "indicated=%u, IO sent=%d bytes\n", my_name,
3447 dnum * lb_size, ret);
3448 if (!comp_write_worker(lba, num, arr)) {
3449 mk_sense_buffer(scp, MISCOMPARE, MISCOMPARE_VERIFY_ASC, 0);
3450 retval = check_condition_result;
3453 if (scsi_debug_lbp())
3454 map_region(lba, num);
3456 write_unlock_irqrestore(&atomic_rw, iflags);
3461 struct unmap_block_desc {
3467 static int resp_unmap(struct scsi_cmnd *scp, struct sdebug_dev_info *devip)
3470 struct unmap_block_desc *desc;
3471 unsigned int i, payload_len, descriptors;
3473 unsigned long iflags;
3476 if (!scsi_debug_lbp())
3477 return 0; /* fib and say its done */
3478 payload_len = get_unaligned_be16(scp->cmnd + 7);
3479 BUG_ON(scsi_bufflen(scp) != payload_len);
3481 descriptors = (payload_len - 8) / 16;
3482 if (descriptors > sdebug_unmap_max_desc) {
3483 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 7, -1);
3484 return check_condition_result;
3487 buf = kzalloc(scsi_bufflen(scp), GFP_ATOMIC);
3489 mk_sense_buffer(scp, ILLEGAL_REQUEST, INSUFF_RES_ASC,
3491 return check_condition_result;
3494 scsi_sg_copy_to_buffer(scp, buf, scsi_bufflen(scp));
3496 BUG_ON(get_unaligned_be16(&buf[0]) != payload_len - 2);
3497 BUG_ON(get_unaligned_be16(&buf[2]) != descriptors * 16);
3499 desc = (void *)&buf[8];
3501 write_lock_irqsave(&atomic_rw, iflags);
3503 for (i = 0 ; i < descriptors ; i++) {
3504 unsigned long long lba = get_unaligned_be64(&desc[i].lba);
3505 unsigned int num = get_unaligned_be32(&desc[i].blocks);
3507 ret = check_device_access_params(scp, lba, num);
3511 unmap_region(lba, num);
3517 write_unlock_irqrestore(&atomic_rw, iflags);
3523 #define SDEBUG_GET_LBA_STATUS_LEN 32
3525 static int resp_get_lba_status(struct scsi_cmnd *scp,
3526 struct sdebug_dev_info *devip)
3528 u8 *cmd = scp->cmnd;
3530 u32 alloc_len, mapped, num;
3531 u8 arr[SDEBUG_GET_LBA_STATUS_LEN];
3534 lba = get_unaligned_be64(cmd + 2);
3535 alloc_len = get_unaligned_be32(cmd + 10);
3540 ret = check_device_access_params(scp, lba, 1);
3544 if (scsi_debug_lbp())
3545 mapped = map_state(lba, &num);
3548 /* following just in case virtual_gb changed */
3549 sdebug_capacity = get_sdebug_capacity();
3550 if (sdebug_capacity - lba <= 0xffffffff)
3551 num = sdebug_capacity - lba;
3556 memset(arr, 0, SDEBUG_GET_LBA_STATUS_LEN);
3557 put_unaligned_be32(20, arr); /* Parameter Data Length */
3558 put_unaligned_be64(lba, arr + 8); /* LBA */
3559 put_unaligned_be32(num, arr + 16); /* Number of blocks */
3560 arr[20] = !mapped; /* prov_stat=0: mapped; 1: dealloc */
3562 return fill_from_dev_buffer(scp, arr, SDEBUG_GET_LBA_STATUS_LEN);
3565 #define RL_BUCKET_ELEMS 8
3567 /* Even though each pseudo target has a REPORT LUNS "well known logical unit"
3568 * (W-LUN), the normal Linux scanning logic does not associate it with a
3569 * device (e.g. /dev/sg7). The following magic will make that association:
3570 * "cd /sys/class/scsi_host/host<n> ; echo '- - 49409' > scan"
3571 * where <n> is a host number. If there are multiple targets in a host then
3572 * the above will associate a W-LUN to each target. To only get a W-LUN
3573 * for target 2, then use "echo '- 2 49409' > scan" .
3575 static int resp_report_luns(struct scsi_cmnd *scp,
3576 struct sdebug_dev_info *devip)
3578 unsigned char *cmd = scp->cmnd;
3579 unsigned int alloc_len;
3580 unsigned char select_report;
3582 struct scsi_lun *lun_p;
3583 u8 arr[RL_BUCKET_ELEMS * sizeof(struct scsi_lun)];
3584 unsigned int lun_cnt; /* normal LUN count (max: 256) */
3585 unsigned int wlun_cnt; /* report luns W-LUN count */
3586 unsigned int tlun_cnt; /* total LUN count */
3587 unsigned int rlen; /* response length (in bytes) */
3589 unsigned int off_rsp = 0;
3590 const int sz_lun = sizeof(struct scsi_lun);
3592 clear_luns_changed_on_target(devip);
3594 select_report = cmd[2];
3595 alloc_len = get_unaligned_be32(cmd + 6);
3597 if (alloc_len < 4) {
3598 pr_err("alloc len too small %d\n", alloc_len);
3599 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 6, -1);
3600 return check_condition_result;
3603 switch (select_report) {
3604 case 0: /* all LUNs apart from W-LUNs */
3605 lun_cnt = sdebug_max_luns;
3608 case 1: /* only W-LUNs */
3612 case 2: /* all LUNs */
3613 lun_cnt = sdebug_max_luns;
3616 case 0x10: /* only administrative LUs */
3617 case 0x11: /* see SPC-5 */
3618 case 0x12: /* only subsiduary LUs owned by referenced LU */
3620 pr_debug("select report invalid %d\n", select_report);
3621 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 2, -1);
3622 return check_condition_result;
3625 if (sdebug_no_lun_0 && (lun_cnt > 0))
3628 tlun_cnt = lun_cnt + wlun_cnt;
3629 rlen = tlun_cnt * sz_lun; /* excluding 8 byte header */
3630 scsi_set_resid(scp, scsi_bufflen(scp));
3631 pr_debug("select_report %d luns = %d wluns = %d no_lun0 %d\n",
3632 select_report, lun_cnt, wlun_cnt, sdebug_no_lun_0);
3634 /* loops rely on sizeof response header same as sizeof lun (both 8) */
3635 lun = sdebug_no_lun_0 ? 1 : 0;
3636 for (k = 0, j = 0, res = 0; true; ++k, j = 0) {
3637 memset(arr, 0, sizeof(arr));
3638 lun_p = (struct scsi_lun *)&arr[0];
3640 put_unaligned_be32(rlen, &arr[0]);
3644 for ( ; j < RL_BUCKET_ELEMS; ++j, ++lun_p) {
3645 if ((k * RL_BUCKET_ELEMS) + j > lun_cnt)
3647 int_to_scsilun(lun++, lun_p);
3649 if (j < RL_BUCKET_ELEMS)
3652 res = p_fill_from_dev_buffer(scp, arr, n, off_rsp);
3658 int_to_scsilun(SCSI_W_LUN_REPORT_LUNS, lun_p);
3662 res = p_fill_from_dev_buffer(scp, arr, j * sz_lun, off_rsp);
3666 static int resp_xdwriteread(struct scsi_cmnd *scp, unsigned long long lba,
3667 unsigned int num, struct sdebug_dev_info *devip)
3670 unsigned char *kaddr, *buf;
3671 unsigned int offset;
3672 struct scsi_data_buffer *sdb = scsi_in(scp);
3673 struct sg_mapping_iter miter;
3675 /* better not to use temporary buffer. */
3676 buf = kzalloc(scsi_bufflen(scp), GFP_ATOMIC);
3678 mk_sense_buffer(scp, ILLEGAL_REQUEST, INSUFF_RES_ASC,
3680 return check_condition_result;
3683 scsi_sg_copy_to_buffer(scp, buf, scsi_bufflen(scp));
3686 sg_miter_start(&miter, sdb->table.sgl, sdb->table.nents,
3687 SG_MITER_ATOMIC | SG_MITER_TO_SG);
3689 while (sg_miter_next(&miter)) {
3691 for (j = 0; j < miter.length; j++)
3692 *(kaddr + j) ^= *(buf + offset + j);
3694 offset += miter.length;
3696 sg_miter_stop(&miter);
3702 static int resp_xdwriteread_10(struct scsi_cmnd *scp,
3703 struct sdebug_dev_info *devip)
3705 u8 *cmd = scp->cmnd;
3710 if (!scsi_bidi_cmnd(scp)) {
3711 mk_sense_buffer(scp, ILLEGAL_REQUEST, INSUFF_RES_ASC,
3713 return check_condition_result;
3715 errsts = resp_read_dt0(scp, devip);
3718 if (!(cmd[1] & 0x4)) { /* DISABLE_WRITE is not set */
3719 errsts = resp_write_dt0(scp, devip);
3723 lba = get_unaligned_be32(cmd + 2);
3724 num = get_unaligned_be16(cmd + 7);
3725 return resp_xdwriteread(scp, lba, num, devip);
3728 static struct sdebug_queue *get_queue(struct scsi_cmnd *cmnd)
3730 struct sdebug_queue *sqp = sdebug_q_arr;
3732 if (sdebug_mq_active) {
3733 u32 tag = blk_mq_unique_tag(cmnd->request);
3734 u16 hwq = blk_mq_unique_tag_to_hwq(tag);
3736 if (unlikely(hwq >= submit_queues)) {
3737 pr_warn("Unexpected hwq=%d, apply modulo\n", hwq);
3738 hwq %= submit_queues;
3740 pr_debug("tag=%u, hwq=%d\n", tag, hwq);
3746 /* Queued (deferred) command completions converge here. */
3747 static void sdebug_q_cmd_complete(struct sdebug_defer *sd_dp)
3751 unsigned long iflags;
3752 struct sdebug_queue *sqp;
3753 struct sdebug_queued_cmd *sqcp;
3754 struct scsi_cmnd *scp;
3755 struct sdebug_dev_info *devip;
3757 sd_dp->defer_t = SDEB_DEFER_NONE;
3758 qc_idx = sd_dp->qc_idx;
3759 sqp = sdebug_q_arr + sd_dp->sqa_idx;
3760 if (sdebug_statistics) {
3761 atomic_inc(&sdebug_completions);
3762 if (raw_smp_processor_id() != sd_dp->issuing_cpu)
3763 atomic_inc(&sdebug_miss_cpus);
3765 if (unlikely((qc_idx < 0) || (qc_idx >= SDEBUG_CANQUEUE))) {
3766 pr_err("wild qc_idx=%d\n", qc_idx);
3769 spin_lock_irqsave(&sqp->qc_lock, iflags);
3770 sqcp = &sqp->qc_arr[qc_idx];
3772 if (unlikely(scp == NULL)) {
3773 spin_unlock_irqrestore(&sqp->qc_lock, iflags);
3774 pr_err("scp is NULL, sqa_idx=%d, qc_idx=%d\n",
3775 sd_dp->sqa_idx, qc_idx);
3778 devip = (struct sdebug_dev_info *)scp->device->hostdata;
3780 atomic_dec(&devip->num_in_q);
3782 pr_err("devip=NULL\n");
3783 if (unlikely(atomic_read(&retired_max_queue) > 0))
3786 sqcp->a_cmnd = NULL;
3787 if (unlikely(!test_and_clear_bit(qc_idx, sqp->in_use_bm))) {
3788 spin_unlock_irqrestore(&sqp->qc_lock, iflags);
3789 pr_err("Unexpected completion\n");
3793 if (unlikely(retiring)) { /* user has reduced max_queue */
3796 retval = atomic_read(&retired_max_queue);
3797 if (qc_idx >= retval) {
3798 spin_unlock_irqrestore(&sqp->qc_lock, iflags);
3799 pr_err("index %d too large\n", retval);
3802 k = find_last_bit(sqp->in_use_bm, retval);
3803 if ((k < sdebug_max_queue) || (k == retval))
3804 atomic_set(&retired_max_queue, 0);
3806 atomic_set(&retired_max_queue, k + 1);
3808 spin_unlock_irqrestore(&sqp->qc_lock, iflags);
3809 scp->scsi_done(scp); /* callback to mid level */
3812 /* When high resolution timer goes off this function is called. */
3813 static enum hrtimer_restart sdebug_q_cmd_hrt_complete(struct hrtimer *timer)
3815 struct sdebug_defer *sd_dp = container_of(timer, struct sdebug_defer,
3817 sdebug_q_cmd_complete(sd_dp);
3818 return HRTIMER_NORESTART;
3821 /* When work queue schedules work, it calls this function. */
3822 static void sdebug_q_cmd_wq_complete(struct work_struct *work)
3824 struct sdebug_defer *sd_dp = container_of(work, struct sdebug_defer,
3826 sdebug_q_cmd_complete(sd_dp);
3829 static bool got_shared_uuid;
3830 static uuid_t shared_uuid;
3832 static struct sdebug_dev_info *sdebug_device_create(
3833 struct sdebug_host_info *sdbg_host, gfp_t flags)
3835 struct sdebug_dev_info *devip;
3837 devip = kzalloc(sizeof(*devip), flags);
3839 if (sdebug_uuid_ctl == 1)
3840 uuid_gen(&devip->lu_name);
3841 else if (sdebug_uuid_ctl == 2) {
3842 if (got_shared_uuid)
3843 devip->lu_name = shared_uuid;
3845 uuid_gen(&shared_uuid);
3846 got_shared_uuid = true;
3847 devip->lu_name = shared_uuid;
3850 devip->sdbg_host = sdbg_host;
3851 list_add_tail(&devip->dev_list, &sdbg_host->dev_info_list);
3856 static struct sdebug_dev_info *find_build_dev_info(struct scsi_device *sdev)
3858 struct sdebug_host_info *sdbg_host;
3859 struct sdebug_dev_info *open_devip = NULL;
3860 struct sdebug_dev_info *devip;
3862 sdbg_host = *(struct sdebug_host_info **)shost_priv(sdev->host);
3864 pr_err("Host info NULL\n");
3867 list_for_each_entry(devip, &sdbg_host->dev_info_list, dev_list) {
3868 if ((devip->used) && (devip->channel == sdev->channel) &&
3869 (devip->target == sdev->id) &&
3870 (devip->lun == sdev->lun))
3873 if ((!devip->used) && (!open_devip))
3877 if (!open_devip) { /* try and make a new one */
3878 open_devip = sdebug_device_create(sdbg_host, GFP_ATOMIC);
3880 pr_err("out of memory at line %d\n", __LINE__);
3885 open_devip->channel = sdev->channel;
3886 open_devip->target = sdev->id;
3887 open_devip->lun = sdev->lun;
3888 open_devip->sdbg_host = sdbg_host;
3889 atomic_set(&open_devip->num_in_q, 0);
3890 set_bit(SDEBUG_UA_POR, open_devip->uas_bm);
3891 open_devip->used = true;
3895 static int scsi_debug_slave_alloc(struct scsi_device *sdp)
3898 pr_info("slave_alloc <%u %u %u %llu>\n",
3899 sdp->host->host_no, sdp->channel, sdp->id, sdp->lun);
3900 queue_flag_set_unlocked(QUEUE_FLAG_BIDI, sdp->request_queue);
3904 static int scsi_debug_slave_configure(struct scsi_device *sdp)
3906 struct sdebug_dev_info *devip =
3907 (struct sdebug_dev_info *)sdp->hostdata;
3910 pr_info("slave_configure <%u %u %u %llu>\n",
3911 sdp->host->host_no, sdp->channel, sdp->id, sdp->lun);
3912 if (sdp->host->max_cmd_len != SDEBUG_MAX_CMD_LEN)
3913 sdp->host->max_cmd_len = SDEBUG_MAX_CMD_LEN;
3914 if (devip == NULL) {
3915 devip = find_build_dev_info(sdp);
3917 return 1; /* no resources, will be marked offline */
3919 sdp->hostdata = devip;
3920 blk_queue_max_segment_size(sdp->request_queue, -1U);
3922 sdp->no_uld_attach = 1;
3923 config_cdb_len(sdp);
3927 static void scsi_debug_slave_destroy(struct scsi_device *sdp)
3929 struct sdebug_dev_info *devip =
3930 (struct sdebug_dev_info *)sdp->hostdata;
3933 pr_info("slave_destroy <%u %u %u %llu>\n",
3934 sdp->host->host_no, sdp->channel, sdp->id, sdp->lun);
3936 /* make this slot available for re-use */
3937 devip->used = false;
3938 sdp->hostdata = NULL;
3942 static void stop_qc_helper(struct sdebug_defer *sd_dp,
3943 enum sdeb_defer_type defer_t)
3947 if (defer_t == SDEB_DEFER_HRT)
3948 hrtimer_cancel(&sd_dp->hrt);
3949 else if (defer_t == SDEB_DEFER_WQ)
3950 cancel_work_sync(&sd_dp->ew.work);
3953 /* If @cmnd found deletes its timer or work queue and returns true; else
3955 static bool stop_queued_cmnd(struct scsi_cmnd *cmnd)
3957 unsigned long iflags;
3958 int j, k, qmax, r_qmax;
3959 enum sdeb_defer_type l_defer_t;
3960 struct sdebug_queue *sqp;
3961 struct sdebug_queued_cmd *sqcp;
3962 struct sdebug_dev_info *devip;
3963 struct sdebug_defer *sd_dp;
3965 for (j = 0, sqp = sdebug_q_arr; j < submit_queues; ++j, ++sqp) {
3966 spin_lock_irqsave(&sqp->qc_lock, iflags);
3967 qmax = sdebug_max_queue;
3968 r_qmax = atomic_read(&retired_max_queue);
3971 for (k = 0; k < qmax; ++k) {
3972 if (test_bit(k, sqp->in_use_bm)) {
3973 sqcp = &sqp->qc_arr[k];
3974 if (cmnd != sqcp->a_cmnd)
3977 devip = (struct sdebug_dev_info *)
3978 cmnd->device->hostdata;
3980 atomic_dec(&devip->num_in_q);
3981 sqcp->a_cmnd = NULL;
3982 sd_dp = sqcp->sd_dp;
3984 l_defer_t = sd_dp->defer_t;
3985 sd_dp->defer_t = SDEB_DEFER_NONE;
3987 l_defer_t = SDEB_DEFER_NONE;
3988 spin_unlock_irqrestore(&sqp->qc_lock, iflags);
3989 stop_qc_helper(sd_dp, l_defer_t);
3990 clear_bit(k, sqp->in_use_bm);
3994 spin_unlock_irqrestore(&sqp->qc_lock, iflags);
3999 /* Deletes (stops) timers or work queues of all queued commands */
4000 static void stop_all_queued(void)
4002 unsigned long iflags;
4004 enum sdeb_defer_type l_defer_t;
4005 struct sdebug_queue *sqp;
4006 struct sdebug_queued_cmd *sqcp;
4007 struct sdebug_dev_info *devip;
4008 struct sdebug_defer *sd_dp;
4010 for (j = 0, sqp = sdebug_q_arr; j < submit_queues; ++j, ++sqp) {
4011 spin_lock_irqsave(&sqp->qc_lock, iflags);
4012 for (k = 0; k < SDEBUG_CANQUEUE; ++k) {
4013 if (test_bit(k, sqp->in_use_bm)) {
4014 sqcp = &sqp->qc_arr[k];
4015 if (sqcp->a_cmnd == NULL)
4017 devip = (struct sdebug_dev_info *)
4018 sqcp->a_cmnd->device->hostdata;
4020 atomic_dec(&devip->num_in_q);
4021 sqcp->a_cmnd = NULL;
4022 sd_dp = sqcp->sd_dp;
4024 l_defer_t = sd_dp->defer_t;
4025 sd_dp->defer_t = SDEB_DEFER_NONE;
4027 l_defer_t = SDEB_DEFER_NONE;
4028 spin_unlock_irqrestore(&sqp->qc_lock, iflags);
4029 stop_qc_helper(sd_dp, l_defer_t);
4030 clear_bit(k, sqp->in_use_bm);
4031 spin_lock_irqsave(&sqp->qc_lock, iflags);
4034 spin_unlock_irqrestore(&sqp->qc_lock, iflags);
4038 /* Free queued command memory on heap */
4039 static void free_all_queued(void)
4042 struct sdebug_queue *sqp;
4043 struct sdebug_queued_cmd *sqcp;
4045 for (j = 0, sqp = sdebug_q_arr; j < submit_queues; ++j, ++sqp) {
4046 for (k = 0; k < SDEBUG_CANQUEUE; ++k) {
4047 sqcp = &sqp->qc_arr[k];
4054 static int scsi_debug_abort(struct scsi_cmnd *SCpnt)
4060 ok = stop_queued_cmnd(SCpnt);
4061 if (SCpnt->device && (SDEBUG_OPT_ALL_NOISE & sdebug_opts))
4062 sdev_printk(KERN_INFO, SCpnt->device,
4063 "%s: command%s found\n", __func__,
4069 static int scsi_debug_device_reset(struct scsi_cmnd * SCpnt)
4072 if (SCpnt && SCpnt->device) {
4073 struct scsi_device *sdp = SCpnt->device;
4074 struct sdebug_dev_info *devip =
4075 (struct sdebug_dev_info *)sdp->hostdata;
4077 if (SDEBUG_OPT_ALL_NOISE & sdebug_opts)
4078 sdev_printk(KERN_INFO, sdp, "%s\n", __func__);
4080 set_bit(SDEBUG_UA_POR, devip->uas_bm);
4085 static int scsi_debug_target_reset(struct scsi_cmnd *SCpnt)
4087 struct sdebug_host_info *sdbg_host;
4088 struct sdebug_dev_info *devip;
4089 struct scsi_device *sdp;
4090 struct Scsi_Host *hp;
4093 ++num_target_resets;
4096 sdp = SCpnt->device;
4099 if (SDEBUG_OPT_ALL_NOISE & sdebug_opts)
4100 sdev_printk(KERN_INFO, sdp, "%s\n", __func__);
4104 sdbg_host = *(struct sdebug_host_info **)shost_priv(hp);
4106 list_for_each_entry(devip,
4107 &sdbg_host->dev_info_list,
4109 if (devip->target == sdp->id) {
4110 set_bit(SDEBUG_UA_BUS_RESET, devip->uas_bm);
4114 if (SDEBUG_OPT_RESET_NOISE & sdebug_opts)
4115 sdev_printk(KERN_INFO, sdp,
4116 "%s: %d device(s) found in target\n", __func__, k);
4121 static int scsi_debug_bus_reset(struct scsi_cmnd * SCpnt)
4123 struct sdebug_host_info *sdbg_host;
4124 struct sdebug_dev_info *devip;
4125 struct scsi_device *sdp;
4126 struct Scsi_Host *hp;
4130 if (!(SCpnt && SCpnt->device))
4132 sdp = SCpnt->device;
4133 if (SDEBUG_OPT_ALL_NOISE & sdebug_opts)
4134 sdev_printk(KERN_INFO, sdp, "%s\n", __func__);
4137 sdbg_host = *(struct sdebug_host_info **)shost_priv(hp);
4139 list_for_each_entry(devip,
4140 &sdbg_host->dev_info_list,
4142 set_bit(SDEBUG_UA_BUS_RESET, devip->uas_bm);
4147 if (SDEBUG_OPT_RESET_NOISE & sdebug_opts)
4148 sdev_printk(KERN_INFO, sdp,
4149 "%s: %d device(s) found in host\n", __func__, k);
4154 static int scsi_debug_host_reset(struct scsi_cmnd * SCpnt)
4156 struct sdebug_host_info * sdbg_host;
4157 struct sdebug_dev_info *devip;
4161 if ((SCpnt->device) && (SDEBUG_OPT_ALL_NOISE & sdebug_opts))
4162 sdev_printk(KERN_INFO, SCpnt->device, "%s\n", __func__);
4163 spin_lock(&sdebug_host_list_lock);
4164 list_for_each_entry(sdbg_host, &sdebug_host_list, host_list) {
4165 list_for_each_entry(devip, &sdbg_host->dev_info_list,
4167 set_bit(SDEBUG_UA_BUS_RESET, devip->uas_bm);
4171 spin_unlock(&sdebug_host_list_lock);
4173 if (SDEBUG_OPT_RESET_NOISE & sdebug_opts)
4174 sdev_printk(KERN_INFO, SCpnt->device,
4175 "%s: %d device(s) found\n", __func__, k);
4179 static void __init sdebug_build_parts(unsigned char *ramp,
4180 unsigned long store_size)
4182 struct partition * pp;
4183 int starts[SDEBUG_MAX_PARTS + 2];
4184 int sectors_per_part, num_sectors, k;
4185 int heads_by_sects, start_sec, end_sec;
4187 /* assume partition table already zeroed */
4188 if ((sdebug_num_parts < 1) || (store_size < 1048576))
4190 if (sdebug_num_parts > SDEBUG_MAX_PARTS) {
4191 sdebug_num_parts = SDEBUG_MAX_PARTS;
4192 pr_warn("reducing partitions to %d\n", SDEBUG_MAX_PARTS);
4194 num_sectors = (int)sdebug_store_sectors;
4195 sectors_per_part = (num_sectors - sdebug_sectors_per)
4197 heads_by_sects = sdebug_heads * sdebug_sectors_per;
4198 starts[0] = sdebug_sectors_per;
4199 for (k = 1; k < sdebug_num_parts; ++k)
4200 starts[k] = ((k * sectors_per_part) / heads_by_sects)
4202 starts[sdebug_num_parts] = num_sectors;
4203 starts[sdebug_num_parts + 1] = 0;
4205 ramp[510] = 0x55; /* magic partition markings */
4207 pp = (struct partition *)(ramp + 0x1be);
4208 for (k = 0; starts[k + 1]; ++k, ++pp) {
4209 start_sec = starts[k];
4210 end_sec = starts[k + 1] - 1;
4213 pp->cyl = start_sec / heads_by_sects;
4214 pp->head = (start_sec - (pp->cyl * heads_by_sects))
4215 / sdebug_sectors_per;
4216 pp->sector = (start_sec % sdebug_sectors_per) + 1;
4218 pp->end_cyl = end_sec / heads_by_sects;
4219 pp->end_head = (end_sec - (pp->end_cyl * heads_by_sects))
4220 / sdebug_sectors_per;
4221 pp->end_sector = (end_sec % sdebug_sectors_per) + 1;
4223 pp->start_sect = cpu_to_le32(start_sec);
4224 pp->nr_sects = cpu_to_le32(end_sec - start_sec + 1);
4225 pp->sys_ind = 0x83; /* plain Linux partition */
4229 static void block_unblock_all_queues(bool block)
4232 struct sdebug_queue *sqp;
4234 for (j = 0, sqp = sdebug_q_arr; j < submit_queues; ++j, ++sqp)
4235 atomic_set(&sqp->blocked, (int)block);
4238 /* Adjust (by rounding down) the sdebug_cmnd_count so abs(every_nth)-1
4239 * commands will be processed normally before triggers occur.
4241 static void tweak_cmnd_count(void)
4245 modulo = abs(sdebug_every_nth);
4248 block_unblock_all_queues(true);
4249 count = atomic_read(&sdebug_cmnd_count);
4250 atomic_set(&sdebug_cmnd_count, (count / modulo) * modulo);
4251 block_unblock_all_queues(false);
4254 static void clear_queue_stats(void)
4256 atomic_set(&sdebug_cmnd_count, 0);
4257 atomic_set(&sdebug_completions, 0);
4258 atomic_set(&sdebug_miss_cpus, 0);
4259 atomic_set(&sdebug_a_tsf, 0);
4262 static void setup_inject(struct sdebug_queue *sqp,
4263 struct sdebug_queued_cmd *sqcp)
4265 if ((atomic_read(&sdebug_cmnd_count) % abs(sdebug_every_nth)) > 0)
4267 sqcp->inj_recovered = !!(SDEBUG_OPT_RECOVERED_ERR & sdebug_opts);
4268 sqcp->inj_transport = !!(SDEBUG_OPT_TRANSPORT_ERR & sdebug_opts);
4269 sqcp->inj_dif = !!(SDEBUG_OPT_DIF_ERR & sdebug_opts);
4270 sqcp->inj_dix = !!(SDEBUG_OPT_DIX_ERR & sdebug_opts);
4271 sqcp->inj_short = !!(SDEBUG_OPT_SHORT_TRANSFER & sdebug_opts);
4272 sqcp->inj_host_busy = !!(SDEBUG_OPT_HOST_BUSY & sdebug_opts);
4275 /* Complete the processing of the thread that queued a SCSI command to this
4276 * driver. It either completes the command by calling cmnd_done() or
4277 * schedules a hr timer or work queue then returns 0. Returns
4278 * SCSI_MLQUEUE_HOST_BUSY if temporarily out of resources.
4280 static int schedule_resp(struct scsi_cmnd *cmnd, struct sdebug_dev_info *devip,
4281 int scsi_result, int delta_jiff, int ndelay)
4283 unsigned long iflags;
4284 int k, num_in_q, qdepth, inject;
4285 struct sdebug_queue *sqp;
4286 struct sdebug_queued_cmd *sqcp;
4287 struct scsi_device *sdp;
4288 struct sdebug_defer *sd_dp;
4290 if (unlikely(devip == NULL)) {
4291 if (scsi_result == 0)
4292 scsi_result = DID_NO_CONNECT << 16;
4293 goto respond_in_thread;
4297 if (unlikely(sdebug_verbose && scsi_result))
4298 sdev_printk(KERN_INFO, sdp, "%s: non-zero result=0x%x\n",
4299 __func__, scsi_result);
4300 if (delta_jiff == 0)
4301 goto respond_in_thread;
4303 /* schedule the response at a later time if resources permit */
4304 sqp = get_queue(cmnd);
4305 spin_lock_irqsave(&sqp->qc_lock, iflags);
4306 if (unlikely(atomic_read(&sqp->blocked))) {
4307 spin_unlock_irqrestore(&sqp->qc_lock, iflags);
4308 return SCSI_MLQUEUE_HOST_BUSY;
4310 num_in_q = atomic_read(&devip->num_in_q);
4311 qdepth = cmnd->device->queue_depth;
4313 if (unlikely((qdepth > 0) && (num_in_q >= qdepth))) {
4315 spin_unlock_irqrestore(&sqp->qc_lock, iflags);
4316 goto respond_in_thread;
4318 scsi_result = device_qfull_result;
4319 } else if (unlikely(sdebug_every_nth &&
4320 (SDEBUG_OPT_RARE_TSF & sdebug_opts) &&
4321 (scsi_result == 0))) {
4322 if ((num_in_q == (qdepth - 1)) &&
4323 (atomic_inc_return(&sdebug_a_tsf) >=
4324 abs(sdebug_every_nth))) {
4325 atomic_set(&sdebug_a_tsf, 0);
4327 scsi_result = device_qfull_result;
4331 k = find_first_zero_bit(sqp->in_use_bm, sdebug_max_queue);
4332 if (unlikely(k >= sdebug_max_queue)) {
4333 spin_unlock_irqrestore(&sqp->qc_lock, iflags);
4335 goto respond_in_thread;
4336 else if (SDEBUG_OPT_ALL_TSF & sdebug_opts)
4337 scsi_result = device_qfull_result;
4338 if (SDEBUG_OPT_Q_NOISE & sdebug_opts)
4339 sdev_printk(KERN_INFO, sdp,
4340 "%s: max_queue=%d exceeded, %s\n",
4341 __func__, sdebug_max_queue,
4342 (scsi_result ? "status: TASK SET FULL" :
4343 "report: host busy"));
4345 goto respond_in_thread;
4347 return SCSI_MLQUEUE_HOST_BUSY;
4349 __set_bit(k, sqp->in_use_bm);
4350 atomic_inc(&devip->num_in_q);
4351 sqcp = &sqp->qc_arr[k];
4352 sqcp->a_cmnd = cmnd;
4353 cmnd->host_scribble = (unsigned char *)sqcp;
4354 cmnd->result = scsi_result;
4355 sd_dp = sqcp->sd_dp;
4356 spin_unlock_irqrestore(&sqp->qc_lock, iflags);
4357 if (unlikely(sdebug_every_nth && sdebug_any_injecting_opt))
4358 setup_inject(sqp, sqcp);
4359 if (sd_dp == NULL) {
4360 sd_dp = kzalloc(sizeof(*sd_dp), GFP_ATOMIC);
4362 return SCSI_MLQUEUE_HOST_BUSY;
4364 if (delta_jiff > 0 || ndelay > 0) {
4367 if (delta_jiff > 0) {
4368 kt = ns_to_ktime((u64)delta_jiff * (NSEC_PER_SEC / HZ));
4371 if (!sd_dp->init_hrt) {
4372 sd_dp->init_hrt = true;
4373 sqcp->sd_dp = sd_dp;
4374 hrtimer_init(&sd_dp->hrt, CLOCK_MONOTONIC,
4375 HRTIMER_MODE_REL_PINNED);
4376 sd_dp->hrt.function = sdebug_q_cmd_hrt_complete;
4377 sd_dp->sqa_idx = sqp - sdebug_q_arr;
4380 if (sdebug_statistics)
4381 sd_dp->issuing_cpu = raw_smp_processor_id();
4382 sd_dp->defer_t = SDEB_DEFER_HRT;
4383 hrtimer_start(&sd_dp->hrt, kt, HRTIMER_MODE_REL_PINNED);
4384 } else { /* jdelay < 0, use work queue */
4385 if (!sd_dp->init_wq) {
4386 sd_dp->init_wq = true;
4387 sqcp->sd_dp = sd_dp;
4388 sd_dp->sqa_idx = sqp - sdebug_q_arr;
4390 INIT_WORK(&sd_dp->ew.work, sdebug_q_cmd_wq_complete);
4392 if (sdebug_statistics)
4393 sd_dp->issuing_cpu = raw_smp_processor_id();
4394 sd_dp->defer_t = SDEB_DEFER_WQ;
4395 schedule_work(&sd_dp->ew.work);
4397 if (unlikely((SDEBUG_OPT_Q_NOISE & sdebug_opts) &&
4398 (scsi_result == device_qfull_result)))
4399 sdev_printk(KERN_INFO, sdp,
4400 "%s: num_in_q=%d +1, %s%s\n", __func__,
4401 num_in_q, (inject ? "<inject> " : ""),
4402 "status: TASK SET FULL");
4405 respond_in_thread: /* call back to mid-layer using invocation thread */
4406 cmnd->result = scsi_result;
4407 cmnd->scsi_done(cmnd);
4411 /* Note: The following macros create attribute files in the
4412 /sys/module/scsi_debug/parameters directory. Unfortunately this
4413 driver is unaware of a change and cannot trigger auxiliary actions
4414 as it can when the corresponding attribute in the
4415 /sys/bus/pseudo/drivers/scsi_debug directory is changed.
4417 module_param_named(add_host, sdebug_add_host, int, S_IRUGO | S_IWUSR);
4418 module_param_named(ato, sdebug_ato, int, S_IRUGO);
4419 module_param_named(cdb_len, sdebug_cdb_len, int, 0644);
4420 module_param_named(clustering, sdebug_clustering, bool, S_IRUGO | S_IWUSR);
4421 module_param_named(delay, sdebug_jdelay, int, S_IRUGO | S_IWUSR);
4422 module_param_named(dev_size_mb, sdebug_dev_size_mb, int, S_IRUGO);
4423 module_param_named(dif, sdebug_dif, int, S_IRUGO);
4424 module_param_named(dix, sdebug_dix, int, S_IRUGO);
4425 module_param_named(dsense, sdebug_dsense, int, S_IRUGO | S_IWUSR);
4426 module_param_named(every_nth, sdebug_every_nth, int, S_IRUGO | S_IWUSR);
4427 module_param_named(fake_rw, sdebug_fake_rw, int, S_IRUGO | S_IWUSR);
4428 module_param_named(guard, sdebug_guard, uint, S_IRUGO);
4429 module_param_named(host_lock, sdebug_host_lock, bool, S_IRUGO | S_IWUSR);
4430 module_param_string(inq_vendor, sdebug_inq_vendor_id,
4431 sizeof(sdebug_inq_vendor_id), S_IRUGO|S_IWUSR);
4432 module_param_string(inq_product, sdebug_inq_product_id,
4433 sizeof(sdebug_inq_product_id), S_IRUGO|S_IWUSR);
4434 module_param_string(inq_rev, sdebug_inq_product_rev,
4435 sizeof(sdebug_inq_product_rev), S_IRUGO|S_IWUSR);
4436 module_param_named(lbpu, sdebug_lbpu, int, S_IRUGO);
4437 module_param_named(lbpws, sdebug_lbpws, int, S_IRUGO);
4438 module_param_named(lbpws10, sdebug_lbpws10, int, S_IRUGO);
4439 module_param_named(lbprz, sdebug_lbprz, int, S_IRUGO);
4440 module_param_named(lowest_aligned, sdebug_lowest_aligned, int, S_IRUGO);
4441 module_param_named(max_luns, sdebug_max_luns, int, S_IRUGO | S_IWUSR);
4442 module_param_named(max_queue, sdebug_max_queue, int, S_IRUGO | S_IWUSR);
4443 module_param_named(ndelay, sdebug_ndelay, int, S_IRUGO | S_IWUSR);
4444 module_param_named(no_lun_0, sdebug_no_lun_0, int, S_IRUGO | S_IWUSR);
4445 module_param_named(no_uld, sdebug_no_uld, int, S_IRUGO);
4446 module_param_named(num_parts, sdebug_num_parts, int, S_IRUGO);
4447 module_param_named(num_tgts, sdebug_num_tgts, int, S_IRUGO | S_IWUSR);
4448 module_param_named(opt_blks, sdebug_opt_blks, int, S_IRUGO);
4449 module_param_named(opts, sdebug_opts, int, S_IRUGO | S_IWUSR);
4450 module_param_named(physblk_exp, sdebug_physblk_exp, int, S_IRUGO);
4451 module_param_named(opt_xferlen_exp, sdebug_opt_xferlen_exp, int, S_IRUGO);
4452 module_param_named(ptype, sdebug_ptype, int, S_IRUGO | S_IWUSR);
4453 module_param_named(removable, sdebug_removable, bool, S_IRUGO | S_IWUSR);
4454 module_param_named(scsi_level, sdebug_scsi_level, int, S_IRUGO);
4455 module_param_named(sector_size, sdebug_sector_size, int, S_IRUGO);
4456 module_param_named(statistics, sdebug_statistics, bool, S_IRUGO | S_IWUSR);
4457 module_param_named(strict, sdebug_strict, bool, S_IRUGO | S_IWUSR);
4458 module_param_named(submit_queues, submit_queues, int, S_IRUGO);
4459 module_param_named(unmap_alignment, sdebug_unmap_alignment, int, S_IRUGO);
4460 module_param_named(unmap_granularity, sdebug_unmap_granularity, int, S_IRUGO);
4461 module_param_named(unmap_max_blocks, sdebug_unmap_max_blocks, int, S_IRUGO);
4462 module_param_named(unmap_max_desc, sdebug_unmap_max_desc, int, S_IRUGO);
4463 module_param_named(virtual_gb, sdebug_virtual_gb, int, S_IRUGO | S_IWUSR);
4464 module_param_named(uuid_ctl, sdebug_uuid_ctl, int, S_IRUGO);
4465 module_param_named(vpd_use_hostno, sdebug_vpd_use_hostno, int,
4467 module_param_named(write_same_length, sdebug_write_same_length, int,
4470 MODULE_AUTHOR("Eric Youngdale + Douglas Gilbert");
4471 MODULE_DESCRIPTION("SCSI debug adapter driver");
4472 MODULE_LICENSE("GPL");
4473 MODULE_VERSION(SDEBUG_VERSION);
4475 MODULE_PARM_DESC(add_host, "0..127 hosts allowed(def=1)");
4476 MODULE_PARM_DESC(ato, "application tag ownership: 0=disk 1=host (def=1)");
4477 MODULE_PARM_DESC(cdb_len, "suggest CDB lengths to drivers (def=10)");
4478 MODULE_PARM_DESC(clustering, "when set enables larger transfers (def=0)");
4479 MODULE_PARM_DESC(delay, "response delay (def=1 jiffy); 0:imm, -1,-2:tiny");
4480 MODULE_PARM_DESC(dev_size_mb, "size in MiB of ram shared by devs(def=8)");
4481 MODULE_PARM_DESC(dif, "data integrity field type: 0-3 (def=0)");
4482 MODULE_PARM_DESC(dix, "data integrity extensions mask (def=0)");
4483 MODULE_PARM_DESC(dsense, "use descriptor sense format(def=0 -> fixed)");
4484 MODULE_PARM_DESC(every_nth, "timeout every nth command(def=0)");
4485 MODULE_PARM_DESC(fake_rw, "fake reads/writes instead of copying (def=0)");
4486 MODULE_PARM_DESC(guard, "protection checksum: 0=crc, 1=ip (def=0)");
4487 MODULE_PARM_DESC(host_lock, "host_lock is ignored (def=0)");
4488 MODULE_PARM_DESC(inq_vendor, "SCSI INQUIRY vendor string (def=\"Linux\")");
4489 MODULE_PARM_DESC(inq_product, "SCSI INQUIRY product string (def=\"scsi_debug\")");
4490 MODULE_PARM_DESC(inq_rev, "SCSI INQUIRY revision string (def=\""
4491 SDEBUG_VERSION "\")");
4492 MODULE_PARM_DESC(lbpu, "enable LBP, support UNMAP command (def=0)");
4493 MODULE_PARM_DESC(lbpws, "enable LBP, support WRITE SAME(16) with UNMAP bit (def=0)");
4494 MODULE_PARM_DESC(lbpws10, "enable LBP, support WRITE SAME(10) with UNMAP bit (def=0)");
4495 MODULE_PARM_DESC(lbprz,
4496 "on read unmapped LBs return 0 when 1 (def), return 0xff when 2");
4497 MODULE_PARM_DESC(lowest_aligned, "lowest aligned lba (def=0)");
4498 MODULE_PARM_DESC(max_luns, "number of LUNs per target to simulate(def=1)");
4499 MODULE_PARM_DESC(max_queue, "max number of queued commands (1 to max(def))");
4500 MODULE_PARM_DESC(ndelay, "response delay in nanoseconds (def=0 -> ignore)");
4501 MODULE_PARM_DESC(no_lun_0, "no LU number 0 (def=0 -> have lun 0)");
4502 MODULE_PARM_DESC(no_uld, "stop ULD (e.g. sd driver) attaching (def=0))");
4503 MODULE_PARM_DESC(num_parts, "number of partitions(def=0)");
4504 MODULE_PARM_DESC(num_tgts, "number of targets per host to simulate(def=1)");
4505 MODULE_PARM_DESC(opt_blks, "optimal transfer length in blocks (def=1024)");
4506 MODULE_PARM_DESC(opts, "1->noise, 2->medium_err, 4->timeout, 8->recovered_err... (def=0)");
4507 MODULE_PARM_DESC(physblk_exp, "physical block exponent (def=0)");
4508 MODULE_PARM_DESC(opt_xferlen_exp, "optimal transfer length granularity exponent (def=physblk_exp)");
4509 MODULE_PARM_DESC(ptype, "SCSI peripheral type(def=0[disk])");
4510 MODULE_PARM_DESC(removable, "claim to have removable media (def=0)");
4511 MODULE_PARM_DESC(scsi_level, "SCSI level to simulate(def=7[SPC-5])");
4512 MODULE_PARM_DESC(sector_size, "logical block size in bytes (def=512)");
4513 MODULE_PARM_DESC(statistics, "collect statistics on commands, queues (def=0)");
4514 MODULE_PARM_DESC(strict, "stricter checks: reserved field in cdb (def=0)");
4515 MODULE_PARM_DESC(submit_queues, "support for block multi-queue (def=1)");
4516 MODULE_PARM_DESC(unmap_alignment, "lowest aligned thin provisioning lba (def=0)");
4517 MODULE_PARM_DESC(unmap_granularity, "thin provisioning granularity in blocks (def=1)");
4518 MODULE_PARM_DESC(unmap_max_blocks, "max # of blocks can be unmapped in one cmd (def=0xffffffff)");
4519 MODULE_PARM_DESC(unmap_max_desc, "max # of ranges that can be unmapped in one cmd (def=256)");
4520 MODULE_PARM_DESC(uuid_ctl,
4521 "1->use uuid for lu name, 0->don't, 2->all use same (def=0)");
4522 MODULE_PARM_DESC(virtual_gb, "virtual gigabyte (GiB) size (def=0 -> use dev_size_mb)");
4523 MODULE_PARM_DESC(vpd_use_hostno, "0 -> dev ids ignore hostno (def=1 -> unique dev ids)");
4524 MODULE_PARM_DESC(write_same_length, "Maximum blocks per WRITE SAME cmd (def=0xffff)");
4526 #define SDEBUG_INFO_LEN 256
4527 static char sdebug_info[SDEBUG_INFO_LEN];
4529 static const char * scsi_debug_info(struct Scsi_Host * shp)
4533 k = scnprintf(sdebug_info, SDEBUG_INFO_LEN, "%s: version %s [%s]\n",
4534 my_name, SDEBUG_VERSION, sdebug_version_date);
4535 if (k >= (SDEBUG_INFO_LEN - 1))
4537 scnprintf(sdebug_info + k, SDEBUG_INFO_LEN - k,
4538 " dev_size_mb=%d, opts=0x%x, submit_queues=%d, %s=%d",
4539 sdebug_dev_size_mb, sdebug_opts, submit_queues,
4540 "statistics", (int)sdebug_statistics);
4544 /* 'echo <val> > /proc/scsi/scsi_debug/<host_id>' writes to opts */
4545 static int scsi_debug_write_info(struct Scsi_Host *host, char *buffer,
4550 int minLen = length > 15 ? 15 : length;
4552 if (!capable(CAP_SYS_ADMIN) || !capable(CAP_SYS_RAWIO))
4554 memcpy(arr, buffer, minLen);
4556 if (1 != sscanf(arr, "%d", &opts))
4559 sdebug_verbose = !!(SDEBUG_OPT_NOISE & opts);
4560 sdebug_any_injecting_opt = !!(SDEBUG_OPT_ALL_INJECTING & opts);
4561 if (sdebug_every_nth != 0)
4566 /* Output seen with 'cat /proc/scsi/scsi_debug/<host_id>'. It will be the
4567 * same for each scsi_debug host (if more than one). Some of the counters
4568 * output are not atomics so might be inaccurate in a busy system. */
4569 static int scsi_debug_show_info(struct seq_file *m, struct Scsi_Host *host)
4572 struct sdebug_queue *sqp;
4574 seq_printf(m, "scsi_debug adapter driver, version %s [%s]\n",
4575 SDEBUG_VERSION, sdebug_version_date);
4576 seq_printf(m, "num_tgts=%d, %ssize=%d MB, opts=0x%x, every_nth=%d\n",
4577 sdebug_num_tgts, "shared (ram) ", sdebug_dev_size_mb,
4578 sdebug_opts, sdebug_every_nth);
4579 seq_printf(m, "delay=%d, ndelay=%d, max_luns=%d, sector_size=%d %s\n",
4580 sdebug_jdelay, sdebug_ndelay, sdebug_max_luns,
4581 sdebug_sector_size, "bytes");
4582 seq_printf(m, "cylinders=%d, heads=%d, sectors=%d, command aborts=%d\n",
4583 sdebug_cylinders_per, sdebug_heads, sdebug_sectors_per,
4585 seq_printf(m, "RESETs: device=%d, target=%d, bus=%d, host=%d\n",
4586 num_dev_resets, num_target_resets, num_bus_resets,
4588 seq_printf(m, "dix_reads=%d, dix_writes=%d, dif_errors=%d\n",
4589 dix_reads, dix_writes, dif_errors);
4590 seq_printf(m, "usec_in_jiffy=%lu, %s=%d, mq_active=%d\n",
4591 TICK_NSEC / 1000, "statistics", sdebug_statistics,
4593 seq_printf(m, "cmnd_count=%d, completions=%d, %s=%d, a_tsf=%d\n",
4594 atomic_read(&sdebug_cmnd_count),
4595 atomic_read(&sdebug_completions),
4596 "miss_cpus", atomic_read(&sdebug_miss_cpus),
4597 atomic_read(&sdebug_a_tsf));
4599 seq_printf(m, "submit_queues=%d\n", submit_queues);
4600 for (j = 0, sqp = sdebug_q_arr; j < submit_queues; ++j, ++sqp) {
4601 seq_printf(m, " queue %d:\n", j);
4602 f = find_first_bit(sqp->in_use_bm, sdebug_max_queue);
4603 if (f != sdebug_max_queue) {
4604 l = find_last_bit(sqp->in_use_bm, sdebug_max_queue);
4605 seq_printf(m, " in_use_bm BUSY: %s: %d,%d\n",
4606 "first,last bits", f, l);
4612 static ssize_t delay_show(struct device_driver *ddp, char *buf)
4614 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_jdelay);
4616 /* Returns -EBUSY if jdelay is being changed and commands are queued. The unit
4617 * of delay is jiffies.
4619 static ssize_t delay_store(struct device_driver *ddp, const char *buf,
4624 if (count > 0 && sscanf(buf, "%d", &jdelay) == 1) {
4626 if (sdebug_jdelay != jdelay) {
4628 struct sdebug_queue *sqp;
4630 block_unblock_all_queues(true);
4631 for (j = 0, sqp = sdebug_q_arr; j < submit_queues;
4633 k = find_first_bit(sqp->in_use_bm,
4635 if (k != sdebug_max_queue) {
4636 res = -EBUSY; /* queued commands */
4641 sdebug_jdelay = jdelay;
4644 block_unblock_all_queues(false);
4650 static DRIVER_ATTR_RW(delay);
4652 static ssize_t ndelay_show(struct device_driver *ddp, char *buf)
4654 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_ndelay);
4656 /* Returns -EBUSY if ndelay is being changed and commands are queued */
4657 /* If > 0 and accepted then sdebug_jdelay is set to JDELAY_OVERRIDDEN */
4658 static ssize_t ndelay_store(struct device_driver *ddp, const char *buf,
4663 if ((count > 0) && (1 == sscanf(buf, "%d", &ndelay)) &&
4664 (ndelay >= 0) && (ndelay < (1000 * 1000 * 1000))) {
4666 if (sdebug_ndelay != ndelay) {
4668 struct sdebug_queue *sqp;
4670 block_unblock_all_queues(true);
4671 for (j = 0, sqp = sdebug_q_arr; j < submit_queues;
4673 k = find_first_bit(sqp->in_use_bm,
4675 if (k != sdebug_max_queue) {
4676 res = -EBUSY; /* queued commands */
4681 sdebug_ndelay = ndelay;
4682 sdebug_jdelay = ndelay ? JDELAY_OVERRIDDEN
4685 block_unblock_all_queues(false);
4691 static DRIVER_ATTR_RW(ndelay);
4693 static ssize_t opts_show(struct device_driver *ddp, char *buf)
4695 return scnprintf(buf, PAGE_SIZE, "0x%x\n", sdebug_opts);
4698 static ssize_t opts_store(struct device_driver *ddp, const char *buf,
4704 if (sscanf(buf, "%10s", work) == 1) {
4705 if (strncasecmp(work, "0x", 2) == 0) {
4706 if (kstrtoint(work + 2, 16, &opts) == 0)
4709 if (kstrtoint(work, 10, &opts) == 0)
4716 sdebug_verbose = !!(SDEBUG_OPT_NOISE & opts);
4717 sdebug_any_injecting_opt = !!(SDEBUG_OPT_ALL_INJECTING & opts);
4721 static DRIVER_ATTR_RW(opts);
4723 static ssize_t ptype_show(struct device_driver *ddp, char *buf)
4725 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_ptype);
4727 static ssize_t ptype_store(struct device_driver *ddp, const char *buf,
4732 if ((count > 0) && (1 == sscanf(buf, "%d", &n)) && (n >= 0)) {
4738 static DRIVER_ATTR_RW(ptype);
4740 static ssize_t dsense_show(struct device_driver *ddp, char *buf)
4742 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_dsense);
4744 static ssize_t dsense_store(struct device_driver *ddp, const char *buf,
4749 if ((count > 0) && (1 == sscanf(buf, "%d", &n)) && (n >= 0)) {
4755 static DRIVER_ATTR_RW(dsense);
4757 static ssize_t fake_rw_show(struct device_driver *ddp, char *buf)
4759 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_fake_rw);
4761 static ssize_t fake_rw_store(struct device_driver *ddp, const char *buf,
4766 if ((count > 0) && (1 == sscanf(buf, "%d", &n)) && (n >= 0)) {
4768 sdebug_fake_rw = (sdebug_fake_rw > 0);
4769 if (sdebug_fake_rw != n) {
4770 if ((0 == n) && (NULL == fake_storep)) {
4772 (unsigned long)sdebug_dev_size_mb *
4775 fake_storep = vmalloc(sz);
4776 if (NULL == fake_storep) {
4777 pr_err("out of memory, 9\n");
4780 memset(fake_storep, 0, sz);
4788 static DRIVER_ATTR_RW(fake_rw);
4790 static ssize_t no_lun_0_show(struct device_driver *ddp, char *buf)
4792 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_no_lun_0);
4794 static ssize_t no_lun_0_store(struct device_driver *ddp, const char *buf,
4799 if ((count > 0) && (1 == sscanf(buf, "%d", &n)) && (n >= 0)) {
4800 sdebug_no_lun_0 = n;
4805 static DRIVER_ATTR_RW(no_lun_0);
4807 static ssize_t num_tgts_show(struct device_driver *ddp, char *buf)
4809 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_num_tgts);
4811 static ssize_t num_tgts_store(struct device_driver *ddp, const char *buf,
4816 if ((count > 0) && (1 == sscanf(buf, "%d", &n)) && (n >= 0)) {
4817 sdebug_num_tgts = n;
4818 sdebug_max_tgts_luns();
4823 static DRIVER_ATTR_RW(num_tgts);
4825 static ssize_t dev_size_mb_show(struct device_driver *ddp, char *buf)
4827 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_dev_size_mb);
4829 static DRIVER_ATTR_RO(dev_size_mb);
4831 static ssize_t num_parts_show(struct device_driver *ddp, char *buf)
4833 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_num_parts);
4835 static DRIVER_ATTR_RO(num_parts);
4837 static ssize_t every_nth_show(struct device_driver *ddp, char *buf)
4839 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_every_nth);
4841 static ssize_t every_nth_store(struct device_driver *ddp, const char *buf,
4846 if ((count > 0) && (1 == sscanf(buf, "%d", &nth))) {
4847 sdebug_every_nth = nth;
4848 if (nth && !sdebug_statistics) {
4849 pr_info("every_nth needs statistics=1, set it\n");
4850 sdebug_statistics = true;
4857 static DRIVER_ATTR_RW(every_nth);
4859 static ssize_t max_luns_show(struct device_driver *ddp, char *buf)
4861 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_max_luns);
4863 static ssize_t max_luns_store(struct device_driver *ddp, const char *buf,
4869 if ((count > 0) && (1 == sscanf(buf, "%d", &n)) && (n >= 0)) {
4871 pr_warn("max_luns can be no more than 256\n");
4874 changed = (sdebug_max_luns != n);
4875 sdebug_max_luns = n;
4876 sdebug_max_tgts_luns();
4877 if (changed && (sdebug_scsi_level >= 5)) { /* >= SPC-3 */
4878 struct sdebug_host_info *sdhp;
4879 struct sdebug_dev_info *dp;
4881 spin_lock(&sdebug_host_list_lock);
4882 list_for_each_entry(sdhp, &sdebug_host_list,
4884 list_for_each_entry(dp, &sdhp->dev_info_list,
4886 set_bit(SDEBUG_UA_LUNS_CHANGED,
4890 spin_unlock(&sdebug_host_list_lock);
4896 static DRIVER_ATTR_RW(max_luns);
4898 static ssize_t max_queue_show(struct device_driver *ddp, char *buf)
4900 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_max_queue);
4902 /* N.B. max_queue can be changed while there are queued commands. In flight
4903 * commands beyond the new max_queue will be completed. */
4904 static ssize_t max_queue_store(struct device_driver *ddp, const char *buf,
4908 struct sdebug_queue *sqp;
4910 if ((count > 0) && (1 == sscanf(buf, "%d", &n)) && (n > 0) &&
4911 (n <= SDEBUG_CANQUEUE)) {
4912 block_unblock_all_queues(true);
4914 for (j = 0, sqp = sdebug_q_arr; j < submit_queues;
4916 a = find_last_bit(sqp->in_use_bm, SDEBUG_CANQUEUE);
4920 sdebug_max_queue = n;
4921 if (k == SDEBUG_CANQUEUE)
4922 atomic_set(&retired_max_queue, 0);
4924 atomic_set(&retired_max_queue, k + 1);
4926 atomic_set(&retired_max_queue, 0);
4927 block_unblock_all_queues(false);
4932 static DRIVER_ATTR_RW(max_queue);
4934 static ssize_t no_uld_show(struct device_driver *ddp, char *buf)
4936 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_no_uld);
4938 static DRIVER_ATTR_RO(no_uld);
4940 static ssize_t scsi_level_show(struct device_driver *ddp, char *buf)
4942 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_scsi_level);
4944 static DRIVER_ATTR_RO(scsi_level);
4946 static ssize_t virtual_gb_show(struct device_driver *ddp, char *buf)
4948 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_virtual_gb);
4950 static ssize_t virtual_gb_store(struct device_driver *ddp, const char *buf,
4956 if ((count > 0) && (1 == sscanf(buf, "%d", &n)) && (n >= 0)) {
4957 changed = (sdebug_virtual_gb != n);
4958 sdebug_virtual_gb = n;
4959 sdebug_capacity = get_sdebug_capacity();
4961 struct sdebug_host_info *sdhp;
4962 struct sdebug_dev_info *dp;
4964 spin_lock(&sdebug_host_list_lock);
4965 list_for_each_entry(sdhp, &sdebug_host_list,
4967 list_for_each_entry(dp, &sdhp->dev_info_list,
4969 set_bit(SDEBUG_UA_CAPACITY_CHANGED,
4973 spin_unlock(&sdebug_host_list_lock);
4979 static DRIVER_ATTR_RW(virtual_gb);
4981 static ssize_t add_host_show(struct device_driver *ddp, char *buf)
4983 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_add_host);
4986 static int sdebug_add_adapter(void);
4987 static void sdebug_remove_adapter(void);
4989 static ssize_t add_host_store(struct device_driver *ddp, const char *buf,
4994 if (sscanf(buf, "%d", &delta_hosts) != 1)
4996 if (delta_hosts > 0) {
4998 sdebug_add_adapter();
4999 } while (--delta_hosts);
5000 } else if (delta_hosts < 0) {
5002 sdebug_remove_adapter();
5003 } while (++delta_hosts);
5007 static DRIVER_ATTR_RW(add_host);
5009 static ssize_t vpd_use_hostno_show(struct device_driver *ddp, char *buf)
5011 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_vpd_use_hostno);
5013 static ssize_t vpd_use_hostno_store(struct device_driver *ddp, const char *buf,
5018 if ((count > 0) && (1 == sscanf(buf, "%d", &n)) && (n >= 0)) {
5019 sdebug_vpd_use_hostno = n;
5024 static DRIVER_ATTR_RW(vpd_use_hostno);
5026 static ssize_t statistics_show(struct device_driver *ddp, char *buf)
5028 return scnprintf(buf, PAGE_SIZE, "%d\n", (int)sdebug_statistics);
5030 static ssize_t statistics_store(struct device_driver *ddp, const char *buf,
5035 if ((count > 0) && (sscanf(buf, "%d", &n) == 1) && (n >= 0)) {
5037 sdebug_statistics = true;
5039 clear_queue_stats();
5040 sdebug_statistics = false;
5046 static DRIVER_ATTR_RW(statistics);
5048 static ssize_t sector_size_show(struct device_driver *ddp, char *buf)
5050 return scnprintf(buf, PAGE_SIZE, "%u\n", sdebug_sector_size);
5052 static DRIVER_ATTR_RO(sector_size);
5054 static ssize_t submit_queues_show(struct device_driver *ddp, char *buf)
5056 return scnprintf(buf, PAGE_SIZE, "%d\n", submit_queues);
5058 static DRIVER_ATTR_RO(submit_queues);
5060 static ssize_t dix_show(struct device_driver *ddp, char *buf)
5062 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_dix);
5064 static DRIVER_ATTR_RO(dix);
5066 static ssize_t dif_show(struct device_driver *ddp, char *buf)
5068 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_dif);
5070 static DRIVER_ATTR_RO(dif);
5072 static ssize_t guard_show(struct device_driver *ddp, char *buf)
5074 return scnprintf(buf, PAGE_SIZE, "%u\n", sdebug_guard);
5076 static DRIVER_ATTR_RO(guard);
5078 static ssize_t ato_show(struct device_driver *ddp, char *buf)
5080 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_ato);
5082 static DRIVER_ATTR_RO(ato);
5084 static ssize_t map_show(struct device_driver *ddp, char *buf)
5088 if (!scsi_debug_lbp())
5089 return scnprintf(buf, PAGE_SIZE, "0-%u\n",
5090 sdebug_store_sectors);
5092 count = scnprintf(buf, PAGE_SIZE - 1, "%*pbl",
5093 (int)map_size, map_storep);
5094 buf[count++] = '\n';
5099 static DRIVER_ATTR_RO(map);
5101 static ssize_t removable_show(struct device_driver *ddp, char *buf)
5103 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_removable ? 1 : 0);
5105 static ssize_t removable_store(struct device_driver *ddp, const char *buf,
5110 if ((count > 0) && (1 == sscanf(buf, "%d", &n)) && (n >= 0)) {
5111 sdebug_removable = (n > 0);
5116 static DRIVER_ATTR_RW(removable);
5118 static ssize_t host_lock_show(struct device_driver *ddp, char *buf)
5120 return scnprintf(buf, PAGE_SIZE, "%d\n", !!sdebug_host_lock);
5122 /* N.B. sdebug_host_lock does nothing, kept for backward compatibility */
5123 static ssize_t host_lock_store(struct device_driver *ddp, const char *buf,
5128 if ((count > 0) && (1 == sscanf(buf, "%d", &n)) && (n >= 0)) {
5129 sdebug_host_lock = (n > 0);
5134 static DRIVER_ATTR_RW(host_lock);
5136 static ssize_t strict_show(struct device_driver *ddp, char *buf)
5138 return scnprintf(buf, PAGE_SIZE, "%d\n", !!sdebug_strict);
5140 static ssize_t strict_store(struct device_driver *ddp, const char *buf,
5145 if ((count > 0) && (1 == sscanf(buf, "%d", &n)) && (n >= 0)) {
5146 sdebug_strict = (n > 0);
5151 static DRIVER_ATTR_RW(strict);
5153 static ssize_t uuid_ctl_show(struct device_driver *ddp, char *buf)
5155 return scnprintf(buf, PAGE_SIZE, "%d\n", !!sdebug_uuid_ctl);
5157 static DRIVER_ATTR_RO(uuid_ctl);
5159 static ssize_t cdb_len_show(struct device_driver *ddp, char *buf)
5161 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_cdb_len);
5163 static ssize_t cdb_len_store(struct device_driver *ddp, const char *buf,
5168 ret = kstrtoint(buf, 0, &n);
5172 all_config_cdb_len();
5175 static DRIVER_ATTR_RW(cdb_len);
5178 /* Note: The following array creates attribute files in the
5179 /sys/bus/pseudo/drivers/scsi_debug directory. The advantage of these
5180 files (over those found in the /sys/module/scsi_debug/parameters
5181 directory) is that auxiliary actions can be triggered when an attribute
5182 is changed. For example see: sdebug_add_host_store() above.
5185 static struct attribute *sdebug_drv_attrs[] = {
5186 &driver_attr_delay.attr,
5187 &driver_attr_opts.attr,
5188 &driver_attr_ptype.attr,
5189 &driver_attr_dsense.attr,
5190 &driver_attr_fake_rw.attr,
5191 &driver_attr_no_lun_0.attr,
5192 &driver_attr_num_tgts.attr,
5193 &driver_attr_dev_size_mb.attr,
5194 &driver_attr_num_parts.attr,
5195 &driver_attr_every_nth.attr,
5196 &driver_attr_max_luns.attr,
5197 &driver_attr_max_queue.attr,
5198 &driver_attr_no_uld.attr,
5199 &driver_attr_scsi_level.attr,
5200 &driver_attr_virtual_gb.attr,
5201 &driver_attr_add_host.attr,
5202 &driver_attr_vpd_use_hostno.attr,
5203 &driver_attr_sector_size.attr,
5204 &driver_attr_statistics.attr,
5205 &driver_attr_submit_queues.attr,
5206 &driver_attr_dix.attr,
5207 &driver_attr_dif.attr,
5208 &driver_attr_guard.attr,
5209 &driver_attr_ato.attr,
5210 &driver_attr_map.attr,
5211 &driver_attr_removable.attr,
5212 &driver_attr_host_lock.attr,
5213 &driver_attr_ndelay.attr,
5214 &driver_attr_strict.attr,
5215 &driver_attr_uuid_ctl.attr,
5216 &driver_attr_cdb_len.attr,
5219 ATTRIBUTE_GROUPS(sdebug_drv);
5221 static struct device *pseudo_primary;
5223 static int __init scsi_debug_init(void)
5230 atomic_set(&retired_max_queue, 0);
5232 if (sdebug_ndelay >= 1000 * 1000 * 1000) {
5233 pr_warn("ndelay must be less than 1 second, ignored\n");
5235 } else if (sdebug_ndelay > 0)
5236 sdebug_jdelay = JDELAY_OVERRIDDEN;
5238 switch (sdebug_sector_size) {
5245 pr_err("invalid sector_size %d\n", sdebug_sector_size);
5249 switch (sdebug_dif) {
5250 case T10_PI_TYPE0_PROTECTION:
5252 case T10_PI_TYPE1_PROTECTION:
5253 case T10_PI_TYPE2_PROTECTION:
5254 case T10_PI_TYPE3_PROTECTION:
5255 have_dif_prot = true;
5259 pr_err("dif must be 0, 1, 2 or 3\n");
5263 if (sdebug_guard > 1) {
5264 pr_err("guard must be 0 or 1\n");
5268 if (sdebug_ato > 1) {
5269 pr_err("ato must be 0 or 1\n");
5273 if (sdebug_physblk_exp > 15) {
5274 pr_err("invalid physblk_exp %u\n", sdebug_physblk_exp);
5277 if (sdebug_max_luns > 256) {
5278 pr_warn("max_luns can be no more than 256, use default\n");
5279 sdebug_max_luns = DEF_MAX_LUNS;
5282 if (sdebug_lowest_aligned > 0x3fff) {
5283 pr_err("lowest_aligned too big: %u\n", sdebug_lowest_aligned);
5287 if (submit_queues < 1) {
5288 pr_err("submit_queues must be 1 or more\n");
5291 sdebug_q_arr = kcalloc(submit_queues, sizeof(struct sdebug_queue),
5293 if (sdebug_q_arr == NULL)
5295 for (k = 0; k < submit_queues; ++k)
5296 spin_lock_init(&sdebug_q_arr[k].qc_lock);
5298 if (sdebug_dev_size_mb < 1)
5299 sdebug_dev_size_mb = 1; /* force minimum 1 MB ramdisk */
5300 sz = (unsigned long)sdebug_dev_size_mb * 1048576;
5301 sdebug_store_sectors = sz / sdebug_sector_size;
5302 sdebug_capacity = get_sdebug_capacity();
5304 /* play around with geometry, don't waste too much on track 0 */
5306 sdebug_sectors_per = 32;
5307 if (sdebug_dev_size_mb >= 256)
5309 else if (sdebug_dev_size_mb >= 16)
5311 sdebug_cylinders_per = (unsigned long)sdebug_capacity /
5312 (sdebug_sectors_per * sdebug_heads);
5313 if (sdebug_cylinders_per >= 1024) {
5314 /* other LLDs do this; implies >= 1GB ram disk ... */
5316 sdebug_sectors_per = 63;
5317 sdebug_cylinders_per = (unsigned long)sdebug_capacity /
5318 (sdebug_sectors_per * sdebug_heads);
5321 if (sdebug_fake_rw == 0) {
5322 fake_storep = vmalloc(sz);
5323 if (NULL == fake_storep) {
5324 pr_err("out of memory, 1\n");
5328 memset(fake_storep, 0, sz);
5329 if (sdebug_num_parts > 0)
5330 sdebug_build_parts(fake_storep, sz);
5336 dif_size = sdebug_store_sectors * sizeof(struct t10_pi_tuple);
5337 dif_storep = vmalloc(dif_size);
5339 pr_err("dif_storep %u bytes @ %p\n", dif_size, dif_storep);
5341 if (dif_storep == NULL) {
5342 pr_err("out of mem. (DIX)\n");
5347 memset(dif_storep, 0xff, dif_size);
5350 /* Logical Block Provisioning */
5351 if (scsi_debug_lbp()) {
5352 sdebug_unmap_max_blocks =
5353 clamp(sdebug_unmap_max_blocks, 0U, 0xffffffffU);
5355 sdebug_unmap_max_desc =
5356 clamp(sdebug_unmap_max_desc, 0U, 256U);
5358 sdebug_unmap_granularity =
5359 clamp(sdebug_unmap_granularity, 1U, 0xffffffffU);
5361 if (sdebug_unmap_alignment &&
5362 sdebug_unmap_granularity <=
5363 sdebug_unmap_alignment) {
5364 pr_err("ERR: unmap_granularity <= unmap_alignment\n");
5369 map_size = lba_to_map_index(sdebug_store_sectors - 1) + 1;
5370 map_storep = vmalloc(BITS_TO_LONGS(map_size) * sizeof(long));
5372 pr_info("%lu provisioning blocks\n", map_size);
5374 if (map_storep == NULL) {
5375 pr_err("out of mem. (MAP)\n");
5380 bitmap_zero(map_storep, map_size);
5382 /* Map first 1KB for partition table */
5383 if (sdebug_num_parts)
5387 pseudo_primary = root_device_register("pseudo_0");
5388 if (IS_ERR(pseudo_primary)) {
5389 pr_warn("root_device_register() error\n");
5390 ret = PTR_ERR(pseudo_primary);
5393 ret = bus_register(&pseudo_lld_bus);
5395 pr_warn("bus_register error: %d\n", ret);
5398 ret = driver_register(&sdebug_driverfs_driver);
5400 pr_warn("driver_register error: %d\n", ret);
5404 host_to_add = sdebug_add_host;
5405 sdebug_add_host = 0;
5407 for (k = 0; k < host_to_add; k++) {
5408 if (sdebug_add_adapter()) {
5409 pr_err("sdebug_add_adapter failed k=%d\n", k);
5415 pr_info("built %d host(s)\n", sdebug_add_host);
5420 bus_unregister(&pseudo_lld_bus);
5422 root_device_unregister(pseudo_primary);
5428 kfree(sdebug_q_arr);
5432 static void __exit scsi_debug_exit(void)
5434 int k = sdebug_add_host;
5439 sdebug_remove_adapter();
5440 driver_unregister(&sdebug_driverfs_driver);
5441 bus_unregister(&pseudo_lld_bus);
5442 root_device_unregister(pseudo_primary);
5447 kfree(sdebug_q_arr);
5450 device_initcall(scsi_debug_init);
5451 module_exit(scsi_debug_exit);
5453 static void sdebug_release_adapter(struct device * dev)
5455 struct sdebug_host_info *sdbg_host;
5457 sdbg_host = to_sdebug_host(dev);
5461 static int sdebug_add_adapter(void)
5463 int k, devs_per_host;
5465 struct sdebug_host_info *sdbg_host;
5466 struct sdebug_dev_info *sdbg_devinfo, *tmp;
5468 sdbg_host = kzalloc(sizeof(*sdbg_host), GFP_KERNEL);
5469 if (sdbg_host == NULL) {
5470 pr_err("out of memory at line %d\n", __LINE__);
5474 INIT_LIST_HEAD(&sdbg_host->dev_info_list);
5476 devs_per_host = sdebug_num_tgts * sdebug_max_luns;
5477 for (k = 0; k < devs_per_host; k++) {
5478 sdbg_devinfo = sdebug_device_create(sdbg_host, GFP_KERNEL);
5479 if (!sdbg_devinfo) {
5480 pr_err("out of memory at line %d\n", __LINE__);
5486 spin_lock(&sdebug_host_list_lock);
5487 list_add_tail(&sdbg_host->host_list, &sdebug_host_list);
5488 spin_unlock(&sdebug_host_list_lock);
5490 sdbg_host->dev.bus = &pseudo_lld_bus;
5491 sdbg_host->dev.parent = pseudo_primary;
5492 sdbg_host->dev.release = &sdebug_release_adapter;
5493 dev_set_name(&sdbg_host->dev, "adapter%d", sdebug_add_host);
5495 error = device_register(&sdbg_host->dev);
5504 list_for_each_entry_safe(sdbg_devinfo, tmp, &sdbg_host->dev_info_list,
5506 list_del(&sdbg_devinfo->dev_list);
5507 kfree(sdbg_devinfo);
5514 static void sdebug_remove_adapter(void)
5516 struct sdebug_host_info *sdbg_host = NULL;
5518 spin_lock(&sdebug_host_list_lock);
5519 if (!list_empty(&sdebug_host_list)) {
5520 sdbg_host = list_entry(sdebug_host_list.prev,
5521 struct sdebug_host_info, host_list);
5522 list_del(&sdbg_host->host_list);
5524 spin_unlock(&sdebug_host_list_lock);
5529 device_unregister(&sdbg_host->dev);
5533 static int sdebug_change_qdepth(struct scsi_device *sdev, int qdepth)
5536 struct sdebug_dev_info *devip;
5538 block_unblock_all_queues(true);
5539 devip = (struct sdebug_dev_info *)sdev->hostdata;
5540 if (NULL == devip) {
5541 block_unblock_all_queues(false);
5544 num_in_q = atomic_read(&devip->num_in_q);
5548 /* allow to exceed max host qc_arr elements for testing */
5549 if (qdepth > SDEBUG_CANQUEUE + 10)
5550 qdepth = SDEBUG_CANQUEUE + 10;
5551 scsi_change_queue_depth(sdev, qdepth);
5553 if (SDEBUG_OPT_Q_NOISE & sdebug_opts) {
5554 sdev_printk(KERN_INFO, sdev, "%s: qdepth=%d, num_in_q=%d\n",
5555 __func__, qdepth, num_in_q);
5557 block_unblock_all_queues(false);
5558 return sdev->queue_depth;
5561 static bool fake_timeout(struct scsi_cmnd *scp)
5563 if (0 == (atomic_read(&sdebug_cmnd_count) % abs(sdebug_every_nth))) {
5564 if (sdebug_every_nth < -1)
5565 sdebug_every_nth = -1;
5566 if (SDEBUG_OPT_TIMEOUT & sdebug_opts)
5567 return true; /* ignore command causing timeout */
5568 else if (SDEBUG_OPT_MAC_TIMEOUT & sdebug_opts &&
5569 scsi_medium_access_command(scp))
5570 return true; /* time out reads and writes */
5575 static bool fake_host_busy(struct scsi_cmnd *scp)
5577 return (sdebug_opts & SDEBUG_OPT_HOST_BUSY) &&
5578 (atomic_read(&sdebug_cmnd_count) % abs(sdebug_every_nth)) == 0;
5581 static int scsi_debug_queuecommand(struct Scsi_Host *shost,
5582 struct scsi_cmnd *scp)
5585 struct scsi_device *sdp = scp->device;
5586 const struct opcode_info_t *oip;
5587 const struct opcode_info_t *r_oip;
5588 struct sdebug_dev_info *devip;
5589 u8 *cmd = scp->cmnd;
5590 int (*r_pfp)(struct scsi_cmnd *, struct sdebug_dev_info *);
5598 scsi_set_resid(scp, 0);
5599 if (sdebug_statistics)
5600 atomic_inc(&sdebug_cmnd_count);
5601 if (unlikely(sdebug_verbose &&
5602 !(SDEBUG_OPT_NO_CDB_NOISE & sdebug_opts))) {
5607 sb = (int)sizeof(b);
5609 strcpy(b, "too long, over 32 bytes");
5611 for (k = 0, n = 0; k < len && n < sb; ++k)
5612 n += scnprintf(b + n, sb - n, "%02x ",
5615 if (sdebug_mq_active)
5616 sdev_printk(KERN_INFO, sdp, "%s: tag=%u, cmd %s\n",
5617 my_name, blk_mq_unique_tag(scp->request),
5620 sdev_printk(KERN_INFO, sdp, "%s: cmd %s\n", my_name,
5623 if (fake_host_busy(scp))
5624 return SCSI_MLQUEUE_HOST_BUSY;
5625 has_wlun_rl = (sdp->lun == SCSI_W_LUN_REPORT_LUNS);
5626 if (unlikely((sdp->lun >= sdebug_max_luns) && !has_wlun_rl))
5629 sdeb_i = opcode_ind_arr[opcode]; /* fully mapped */
5630 oip = &opcode_info_arr[sdeb_i]; /* safe if table consistent */
5631 devip = (struct sdebug_dev_info *)sdp->hostdata;
5632 if (unlikely(!devip)) {
5633 devip = find_build_dev_info(sdp);
5637 na = oip->num_attached;
5639 if (na) { /* multiple commands with this opcode */
5641 if (FF_SA & r_oip->flags) {
5642 if (F_SA_LOW & oip->flags)
5645 sa = get_unaligned_be16(cmd + 8);
5646 for (k = 0; k <= na; oip = r_oip->arrp + k++) {
5647 if (opcode == oip->opcode && sa == oip->sa)
5650 } else { /* since no service action only check opcode */
5651 for (k = 0; k <= na; oip = r_oip->arrp + k++) {
5652 if (opcode == oip->opcode)
5657 if (F_SA_LOW & r_oip->flags)
5658 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 1, 4);
5659 else if (F_SA_HIGH & r_oip->flags)
5660 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 8, 7);
5662 mk_sense_invalid_opcode(scp);
5665 } /* else (when na==0) we assume the oip is a match */
5667 if (unlikely(F_INV_OP & flags)) {
5668 mk_sense_invalid_opcode(scp);
5671 if (unlikely(has_wlun_rl && !(F_RL_WLUN_OK & flags))) {
5673 sdev_printk(KERN_INFO, sdp, "%s: Opcode 0x%x not%s\n",
5674 my_name, opcode, " supported for wlun");
5675 mk_sense_invalid_opcode(scp);
5678 if (unlikely(sdebug_strict)) { /* check cdb against mask */
5682 for (k = 1; k < oip->len_mask[0] && k < 16; ++k) {
5683 rem = ~oip->len_mask[k] & cmd[k];
5685 for (j = 7; j >= 0; --j, rem <<= 1) {
5689 mk_sense_invalid_fld(scp, SDEB_IN_CDB, k, j);
5694 if (unlikely(!(F_SKIP_UA & flags) &&
5695 find_first_bit(devip->uas_bm,
5696 SDEBUG_NUM_UAS) != SDEBUG_NUM_UAS)) {
5697 errsts = make_ua(scp, devip);
5701 if (unlikely((F_M_ACCESS & flags) && atomic_read(&devip->stopped))) {
5702 mk_sense_buffer(scp, NOT_READY, LOGICAL_UNIT_NOT_READY, 0x2);
5704 sdev_printk(KERN_INFO, sdp, "%s reports: Not ready: "
5705 "%s\n", my_name, "initializing command "
5707 errsts = check_condition_result;
5710 if (sdebug_fake_rw && (F_FAKE_RW & flags))
5712 if (unlikely(sdebug_every_nth)) {
5713 if (fake_timeout(scp))
5714 return 0; /* ignore command: make trouble */
5716 if (likely(oip->pfp))
5717 errsts = oip->pfp(scp, devip); /* calls a resp_* function */
5718 else if (r_pfp) /* if leaf function ptr NULL, try the root's */
5719 errsts = r_pfp(scp, devip);
5722 if (F_DELAY_OVERR & flags)
5723 return schedule_resp(scp, devip, errsts, 0, 0);
5725 return schedule_resp(scp, devip, errsts, sdebug_jdelay,
5728 return schedule_resp(scp, devip, check_condition_result, 0, 0);
5730 return schedule_resp(scp, NULL, DID_NO_CONNECT << 16, 0, 0);
5733 static struct scsi_host_template sdebug_driver_template = {
5734 .show_info = scsi_debug_show_info,
5735 .write_info = scsi_debug_write_info,
5736 .proc_name = sdebug_proc_name,
5737 .name = "SCSI DEBUG",
5738 .info = scsi_debug_info,
5739 .slave_alloc = scsi_debug_slave_alloc,
5740 .slave_configure = scsi_debug_slave_configure,
5741 .slave_destroy = scsi_debug_slave_destroy,
5742 .ioctl = scsi_debug_ioctl,
5743 .queuecommand = scsi_debug_queuecommand,
5744 .change_queue_depth = sdebug_change_qdepth,
5745 .eh_abort_handler = scsi_debug_abort,
5746 .eh_device_reset_handler = scsi_debug_device_reset,
5747 .eh_target_reset_handler = scsi_debug_target_reset,
5748 .eh_bus_reset_handler = scsi_debug_bus_reset,
5749 .eh_host_reset_handler = scsi_debug_host_reset,
5750 .can_queue = SDEBUG_CANQUEUE,
5752 .sg_tablesize = SG_MAX_SEGMENTS,
5753 .cmd_per_lun = DEF_CMD_PER_LUN,
5755 .use_clustering = DISABLE_CLUSTERING,
5756 .module = THIS_MODULE,
5757 .track_queue_depth = 1,
5760 static int sdebug_driver_probe(struct device * dev)
5763 struct sdebug_host_info *sdbg_host;
5764 struct Scsi_Host *hpnt;
5767 sdbg_host = to_sdebug_host(dev);
5769 sdebug_driver_template.can_queue = sdebug_max_queue;
5770 if (sdebug_clustering)
5771 sdebug_driver_template.use_clustering = ENABLE_CLUSTERING;
5772 hpnt = scsi_host_alloc(&sdebug_driver_template, sizeof(sdbg_host));
5774 pr_err("scsi_host_alloc failed\n");
5778 if (submit_queues > nr_cpu_ids) {
5779 pr_warn("%s: trim submit_queues (was %d) to nr_cpu_ids=%u\n",
5780 my_name, submit_queues, nr_cpu_ids);
5781 submit_queues = nr_cpu_ids;
5783 /* Decide whether to tell scsi subsystem that we want mq */
5784 /* Following should give the same answer for each host */
5785 sdebug_mq_active = shost_use_blk_mq(hpnt) && (submit_queues > 1);
5786 if (sdebug_mq_active)
5787 hpnt->nr_hw_queues = submit_queues;
5789 sdbg_host->shost = hpnt;
5790 *((struct sdebug_host_info **)hpnt->hostdata) = sdbg_host;
5791 if ((hpnt->this_id >= 0) && (sdebug_num_tgts > hpnt->this_id))
5792 hpnt->max_id = sdebug_num_tgts + 1;
5794 hpnt->max_id = sdebug_num_tgts;
5795 /* = sdebug_max_luns; */
5796 hpnt->max_lun = SCSI_W_LUN_REPORT_LUNS + 1;
5800 switch (sdebug_dif) {
5802 case T10_PI_TYPE1_PROTECTION:
5803 hprot = SHOST_DIF_TYPE1_PROTECTION;
5805 hprot |= SHOST_DIX_TYPE1_PROTECTION;
5808 case T10_PI_TYPE2_PROTECTION:
5809 hprot = SHOST_DIF_TYPE2_PROTECTION;
5811 hprot |= SHOST_DIX_TYPE2_PROTECTION;
5814 case T10_PI_TYPE3_PROTECTION:
5815 hprot = SHOST_DIF_TYPE3_PROTECTION;
5817 hprot |= SHOST_DIX_TYPE3_PROTECTION;
5822 hprot |= SHOST_DIX_TYPE0_PROTECTION;
5826 scsi_host_set_prot(hpnt, hprot);
5828 if (have_dif_prot || sdebug_dix)
5829 pr_info("host protection%s%s%s%s%s%s%s\n",
5830 (hprot & SHOST_DIF_TYPE1_PROTECTION) ? " DIF1" : "",
5831 (hprot & SHOST_DIF_TYPE2_PROTECTION) ? " DIF2" : "",
5832 (hprot & SHOST_DIF_TYPE3_PROTECTION) ? " DIF3" : "",
5833 (hprot & SHOST_DIX_TYPE0_PROTECTION) ? " DIX0" : "",
5834 (hprot & SHOST_DIX_TYPE1_PROTECTION) ? " DIX1" : "",
5835 (hprot & SHOST_DIX_TYPE2_PROTECTION) ? " DIX2" : "",
5836 (hprot & SHOST_DIX_TYPE3_PROTECTION) ? " DIX3" : "");
5838 if (sdebug_guard == 1)
5839 scsi_host_set_guard(hpnt, SHOST_DIX_GUARD_IP);
5841 scsi_host_set_guard(hpnt, SHOST_DIX_GUARD_CRC);
5843 sdebug_verbose = !!(SDEBUG_OPT_NOISE & sdebug_opts);
5844 sdebug_any_injecting_opt = !!(SDEBUG_OPT_ALL_INJECTING & sdebug_opts);
5845 if (sdebug_every_nth) /* need stats counters for every_nth */
5846 sdebug_statistics = true;
5847 error = scsi_add_host(hpnt, &sdbg_host->dev);
5849 pr_err("scsi_add_host failed\n");
5851 scsi_host_put(hpnt);
5853 scsi_scan_host(hpnt);
5858 static int sdebug_driver_remove(struct device * dev)
5860 struct sdebug_host_info *sdbg_host;
5861 struct sdebug_dev_info *sdbg_devinfo, *tmp;
5863 sdbg_host = to_sdebug_host(dev);
5866 pr_err("Unable to locate host info\n");
5870 scsi_remove_host(sdbg_host->shost);
5872 list_for_each_entry_safe(sdbg_devinfo, tmp, &sdbg_host->dev_info_list,
5874 list_del(&sdbg_devinfo->dev_list);
5875 kfree(sdbg_devinfo);
5878 scsi_host_put(sdbg_host->shost);
5882 static int pseudo_lld_bus_match(struct device *dev,
5883 struct device_driver *dev_driver)
5888 static struct bus_type pseudo_lld_bus = {
5890 .match = pseudo_lld_bus_match,
5891 .probe = sdebug_driver_probe,
5892 .remove = sdebug_driver_remove,
5893 .drv_groups = sdebug_drv_groups,
projects / linux-2.6-microblaze.git / blob