1 // SPDX-License-Identifier: GPL-2.0-or-later
3 * vvvvvvvvvvvvvvvvvvvvvvv Original vvvvvvvvvvvvvvvvvvvvvvvvvvvvvvv
4 * Copyright (C) 1992 Eric Youngdale
5 * Simulate a host adapter with 2 disks attached. Do a lot of checking
6 * to make sure that we are not getting blocks mixed up, and PANIC if
7 * anything out of the ordinary is seen.
8 * ^^^^^^^^^^^^^^^^^^^^^^^ Original ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
10 * Copyright (C) 2001 - 2018 Douglas Gilbert
12 * For documentation see http://sg.danny.cz/sg/sdebug26.html
16 #define pr_fmt(fmt) KBUILD_MODNAME ":%s: " fmt, __func__
18 #include <linux/module.h>
20 #include <linux/kernel.h>
21 #include <linux/errno.h>
22 #include <linux/jiffies.h>
23 #include <linux/slab.h>
24 #include <linux/types.h>
25 #include <linux/string.h>
26 #include <linux/genhd.h>
28 #include <linux/init.h>
29 #include <linux/proc_fs.h>
30 #include <linux/vmalloc.h>
31 #include <linux/moduleparam.h>
32 #include <linux/scatterlist.h>
33 #include <linux/blkdev.h>
34 #include <linux/crc-t10dif.h>
35 #include <linux/spinlock.h>
36 #include <linux/interrupt.h>
37 #include <linux/atomic.h>
38 #include <linux/hrtimer.h>
39 #include <linux/uuid.h>
40 #include <linux/t10-pi.h>
41 #include <linux/msdos_partition.h>
43 #include <net/checksum.h>
45 #include <asm/unaligned.h>
47 #include <scsi/scsi.h>
48 #include <scsi/scsi_cmnd.h>
49 #include <scsi/scsi_device.h>
50 #include <scsi/scsi_host.h>
51 #include <scsi/scsicam.h>
52 #include <scsi/scsi_eh.h>
53 #include <scsi/scsi_tcq.h>
54 #include <scsi/scsi_dbg.h>
57 #include "scsi_logging.h"
59 /* make sure inq_product_rev string corresponds to this version */
60 #define SDEBUG_VERSION "0188" /* format to fit INQUIRY revision field */
61 static const char *sdebug_version_date = "20190125";
63 #define MY_NAME "scsi_debug"
65 /* Additional Sense Code (ASC) */
66 #define NO_ADDITIONAL_SENSE 0x0
67 #define LOGICAL_UNIT_NOT_READY 0x4
68 #define LOGICAL_UNIT_COMMUNICATION_FAILURE 0x8
69 #define UNRECOVERED_READ_ERR 0x11
70 #define PARAMETER_LIST_LENGTH_ERR 0x1a
71 #define INVALID_OPCODE 0x20
72 #define LBA_OUT_OF_RANGE 0x21
73 #define INVALID_FIELD_IN_CDB 0x24
74 #define INVALID_FIELD_IN_PARAM_LIST 0x26
75 #define WRITE_PROTECTED 0x27
76 #define UA_RESET_ASC 0x29
77 #define UA_CHANGED_ASC 0x2a
78 #define TARGET_CHANGED_ASC 0x3f
79 #define LUNS_CHANGED_ASCQ 0x0e
80 #define INSUFF_RES_ASC 0x55
81 #define INSUFF_RES_ASCQ 0x3
82 #define POWER_ON_RESET_ASCQ 0x0
83 #define BUS_RESET_ASCQ 0x2 /* scsi bus reset occurred */
84 #define MODE_CHANGED_ASCQ 0x1 /* mode parameters changed */
85 #define CAPACITY_CHANGED_ASCQ 0x9
86 #define SAVING_PARAMS_UNSUP 0x39
87 #define TRANSPORT_PROBLEM 0x4b
88 #define THRESHOLD_EXCEEDED 0x5d
89 #define LOW_POWER_COND_ON 0x5e
90 #define MISCOMPARE_VERIFY_ASC 0x1d
91 #define MICROCODE_CHANGED_ASCQ 0x1 /* with TARGET_CHANGED_ASC */
92 #define MICROCODE_CHANGED_WO_RESET_ASCQ 0x16
93 #define WRITE_ERROR_ASC 0xc
95 /* Additional Sense Code Qualifier (ASCQ) */
96 #define ACK_NAK_TO 0x3
98 /* Default values for driver parameters */
99 #define DEF_NUM_HOST 1
100 #define DEF_NUM_TGTS 1
101 #define DEF_MAX_LUNS 1
102 /* With these defaults, this driver will make 1 host with 1 target
103 * (id 0) containing 1 logical unit (lun 0). That is 1 device.
106 #define DEF_CDB_LEN 10
107 #define DEF_JDELAY 1 /* if > 0 unit is a jiffy */
108 #define DEF_DEV_SIZE_MB 8
111 #define DEF_D_SENSE 0
112 #define DEF_EVERY_NTH 0
113 #define DEF_FAKE_RW 0
115 #define DEF_HOST_LOCK 0
118 #define DEF_LBPWS10 0
120 #define DEF_LOWEST_ALIGNED 0
121 #define DEF_NDELAY 0 /* if > 0 unit is a nanosecond */
122 #define DEF_NO_LUN_0 0
123 #define DEF_NUM_PARTS 0
125 #define DEF_OPT_BLKS 1024
126 #define DEF_PHYSBLK_EXP 0
127 #define DEF_OPT_XFERLEN_EXP 0
128 #define DEF_PTYPE TYPE_DISK
129 #define DEF_REMOVABLE false
130 #define DEF_SCSI_LEVEL 7 /* INQUIRY, byte2 [6->SPC-4; 7->SPC-5] */
131 #define DEF_SECTOR_SIZE 512
132 #define DEF_UNMAP_ALIGNMENT 0
133 #define DEF_UNMAP_GRANULARITY 1
134 #define DEF_UNMAP_MAX_BLOCKS 0xFFFFFFFF
135 #define DEF_UNMAP_MAX_DESC 256
136 #define DEF_VIRTUAL_GB 0
137 #define DEF_VPD_USE_HOSTNO 1
138 #define DEF_WRITESAME_LENGTH 0xFFFF
140 #define DEF_STATISTICS false
141 #define DEF_SUBMIT_QUEUES 1
142 #define DEF_UUID_CTL 0
143 #define JDELAY_OVERRIDDEN -9999
145 #define SDEBUG_LUN_0_VAL 0
147 /* bit mask values for sdebug_opts */
148 #define SDEBUG_OPT_NOISE 1
149 #define SDEBUG_OPT_MEDIUM_ERR 2
150 #define SDEBUG_OPT_TIMEOUT 4
151 #define SDEBUG_OPT_RECOVERED_ERR 8
152 #define SDEBUG_OPT_TRANSPORT_ERR 16
153 #define SDEBUG_OPT_DIF_ERR 32
154 #define SDEBUG_OPT_DIX_ERR 64
155 #define SDEBUG_OPT_MAC_TIMEOUT 128
156 #define SDEBUG_OPT_SHORT_TRANSFER 0x100
157 #define SDEBUG_OPT_Q_NOISE 0x200
158 #define SDEBUG_OPT_ALL_TSF 0x400
159 #define SDEBUG_OPT_RARE_TSF 0x800
160 #define SDEBUG_OPT_N_WCE 0x1000
161 #define SDEBUG_OPT_RESET_NOISE 0x2000
162 #define SDEBUG_OPT_NO_CDB_NOISE 0x4000
163 #define SDEBUG_OPT_HOST_BUSY 0x8000
164 #define SDEBUG_OPT_CMD_ABORT 0x10000
165 #define SDEBUG_OPT_ALL_NOISE (SDEBUG_OPT_NOISE | SDEBUG_OPT_Q_NOISE | \
166 SDEBUG_OPT_RESET_NOISE)
167 #define SDEBUG_OPT_ALL_INJECTING (SDEBUG_OPT_RECOVERED_ERR | \
168 SDEBUG_OPT_TRANSPORT_ERR | \
169 SDEBUG_OPT_DIF_ERR | SDEBUG_OPT_DIX_ERR | \
170 SDEBUG_OPT_SHORT_TRANSFER | \
171 SDEBUG_OPT_HOST_BUSY | \
172 SDEBUG_OPT_CMD_ABORT)
173 /* When "every_nth" > 0 then modulo "every_nth" commands:
174 * - a missing response is simulated if SDEBUG_OPT_TIMEOUT is set
175 * - a RECOVERED_ERROR is simulated on successful read and write
176 * commands if SDEBUG_OPT_RECOVERED_ERR is set.
177 * - a TRANSPORT_ERROR is simulated on successful read and write
178 * commands if SDEBUG_OPT_TRANSPORT_ERR is set.
179 * - similarly for DIF_ERR, DIX_ERR, SHORT_TRANSFER, HOST_BUSY and
182 * When "every_nth" < 0 then after "- every_nth" commands the selected
183 * error will be injected. The error will be injected on every subsequent
184 * command until some other action occurs; for example, the user writing
185 * a new value (other than -1 or 1) to every_nth:
186 * echo 0 > /sys/bus/pseudo/drivers/scsi_debug/every_nth
189 /* As indicated in SAM-5 and SPC-4 Unit Attentions (UAs) are returned in
190 * priority order. In the subset implemented here lower numbers have higher
191 * priority. The UA numbers should be a sequence starting from 0 with
192 * SDEBUG_NUM_UAS being 1 higher than the highest numbered UA. */
193 #define SDEBUG_UA_POR 0 /* Power on, reset, or bus device reset */
194 #define SDEBUG_UA_BUS_RESET 1
195 #define SDEBUG_UA_MODE_CHANGED 2
196 #define SDEBUG_UA_CAPACITY_CHANGED 3
197 #define SDEBUG_UA_LUNS_CHANGED 4
198 #define SDEBUG_UA_MICROCODE_CHANGED 5 /* simulate firmware change */
199 #define SDEBUG_UA_MICROCODE_CHANGED_WO_RESET 6
200 #define SDEBUG_NUM_UAS 7
202 /* when 1==SDEBUG_OPT_MEDIUM_ERR, a medium error is simulated at this
203 * sector on read commands: */
204 #define OPT_MEDIUM_ERR_ADDR 0x1234 /* that's sector 4660 in decimal */
205 #define OPT_MEDIUM_ERR_NUM 10 /* number of consecutive medium errs */
207 /* If REPORT LUNS has luns >= 256 it can choose "flat space" (value 1)
208 * or "peripheral device" addressing (value 0) */
209 #define SAM2_LUN_ADDRESS_METHOD 0
211 /* SDEBUG_CANQUEUE is the maximum number of commands that can be queued
212 * (for response) per submit queue at one time. Can be reduced by max_queue
213 * option. Command responses are not queued when jdelay=0 and ndelay=0. The
214 * per-device DEF_CMD_PER_LUN can be changed via sysfs:
215 * /sys/class/scsi_device/<h:c:t:l>/device/queue_depth
216 * but cannot exceed SDEBUG_CANQUEUE .
218 #define SDEBUG_CANQUEUE_WORDS 3 /* a WORD is bits in a long */
219 #define SDEBUG_CANQUEUE (SDEBUG_CANQUEUE_WORDS * BITS_PER_LONG)
220 #define DEF_CMD_PER_LUN 255
224 #define F_D_OUT_MAYBE 4 /* WRITE SAME, NDOB bit */
226 #define F_RL_WLUN_OK 0x10
227 #define F_SKIP_UA 0x20
228 #define F_DELAY_OVERR 0x40
229 #define F_SA_LOW 0x80 /* cdb byte 1, bits 4 to 0 */
230 #define F_SA_HIGH 0x100 /* as used by variable length cdbs */
231 #define F_INV_OP 0x200
232 #define F_FAKE_RW 0x400
233 #define F_M_ACCESS 0x800 /* media access */
234 #define F_SSU_DELAY 0x1000
235 #define F_SYNC_DELAY 0x2000
237 #define FF_RESPOND (F_RL_WLUN_OK | F_SKIP_UA | F_DELAY_OVERR)
238 #define FF_MEDIA_IO (F_M_ACCESS | F_FAKE_RW)
239 #define FF_SA (F_SA_HIGH | F_SA_LOW)
240 #define F_LONG_DELAY (F_SSU_DELAY | F_SYNC_DELAY)
242 #define SDEBUG_MAX_PARTS 4
244 #define SDEBUG_MAX_CMD_LEN 32
247 struct sdebug_dev_info {
248 struct list_head dev_list;
249 unsigned int channel;
253 struct sdebug_host_info *sdbg_host;
254 unsigned long uas_bm[1];
260 struct sdebug_host_info {
261 struct list_head host_list;
262 struct Scsi_Host *shost;
264 struct list_head dev_info_list;
267 #define to_sdebug_host(d) \
268 container_of(d, struct sdebug_host_info, dev)
270 enum sdeb_defer_type {SDEB_DEFER_NONE = 0, SDEB_DEFER_HRT = 1,
273 struct sdebug_defer {
275 struct execute_work ew;
276 int sqa_idx; /* index of sdebug_queue array */
277 int qc_idx; /* index of sdebug_queued_cmd array within sqa_idx */
281 bool aborted; /* true when blk_abort_request() already called */
282 enum sdeb_defer_type defer_t;
285 struct sdebug_queued_cmd {
286 /* corresponding bit set in in_use_bm[] in owning struct sdebug_queue
287 * instance indicates this slot is in use.
289 struct sdebug_defer *sd_dp;
290 struct scsi_cmnd *a_cmnd;
291 unsigned int inj_recovered:1;
292 unsigned int inj_transport:1;
293 unsigned int inj_dif:1;
294 unsigned int inj_dix:1;
295 unsigned int inj_short:1;
296 unsigned int inj_host_busy:1;
297 unsigned int inj_cmd_abort:1;
300 struct sdebug_queue {
301 struct sdebug_queued_cmd qc_arr[SDEBUG_CANQUEUE];
302 unsigned long in_use_bm[SDEBUG_CANQUEUE_WORDS];
304 atomic_t blocked; /* to temporarily stop more being queued */
307 static atomic_t sdebug_cmnd_count; /* number of incoming commands */
308 static atomic_t sdebug_completions; /* count of deferred completions */
309 static atomic_t sdebug_miss_cpus; /* submission + completion cpus differ */
310 static atomic_t sdebug_a_tsf; /* 'almost task set full' counter */
312 struct opcode_info_t {
313 u8 num_attached; /* 0 if this is it (i.e. a leaf); use 0xff */
314 /* for terminating element */
315 u8 opcode; /* if num_attached > 0, preferred */
316 u16 sa; /* service action */
317 u32 flags; /* OR-ed set of SDEB_F_* */
318 int (*pfp)(struct scsi_cmnd *, struct sdebug_dev_info *);
319 const struct opcode_info_t *arrp; /* num_attached elements or NULL */
320 u8 len_mask[16]; /* len_mask[0]-->cdb_len, then mask for cdb */
321 /* 1 to min(cdb_len, 15); ignore cdb[15...] */
324 /* SCSI opcodes (first byte of cdb) of interest mapped onto these indexes */
325 enum sdeb_opcode_index {
326 SDEB_I_INVALID_OPCODE = 0,
328 SDEB_I_REPORT_LUNS = 2,
329 SDEB_I_REQUEST_SENSE = 3,
330 SDEB_I_TEST_UNIT_READY = 4,
331 SDEB_I_MODE_SENSE = 5, /* 6, 10 */
332 SDEB_I_MODE_SELECT = 6, /* 6, 10 */
333 SDEB_I_LOG_SENSE = 7,
334 SDEB_I_READ_CAPACITY = 8, /* 10; 16 is in SA_IN(16) */
335 SDEB_I_READ = 9, /* 6, 10, 12, 16 */
336 SDEB_I_WRITE = 10, /* 6, 10, 12, 16 */
337 SDEB_I_START_STOP = 11,
338 SDEB_I_SERV_ACT_IN_16 = 12, /* add ...SERV_ACT_IN_12 if needed */
339 SDEB_I_SERV_ACT_OUT_16 = 13, /* add ...SERV_ACT_OUT_12 if needed */
340 SDEB_I_MAINT_IN = 14,
341 SDEB_I_MAINT_OUT = 15,
342 SDEB_I_VERIFY = 16, /* 10 only */
343 SDEB_I_VARIABLE_LEN = 17, /* READ(32), WRITE(32), WR_SCAT(32) */
344 SDEB_I_RESERVE = 18, /* 6, 10 */
345 SDEB_I_RELEASE = 19, /* 6, 10 */
346 SDEB_I_ALLOW_REMOVAL = 20, /* PREVENT ALLOW MEDIUM REMOVAL */
347 SDEB_I_REZERO_UNIT = 21, /* REWIND in SSC */
348 SDEB_I_ATA_PT = 22, /* 12, 16 */
349 SDEB_I_SEND_DIAG = 23,
351 SDEB_I_WRITE_BUFFER = 25,
352 SDEB_I_WRITE_SAME = 26, /* 10, 16 */
353 SDEB_I_SYNC_CACHE = 27, /* 10, 16 */
354 SDEB_I_COMP_WRITE = 28,
355 SDEB_I_LAST_ELEMENT = 29, /* keep this last (previous + 1) */
359 static const unsigned char opcode_ind_arr[256] = {
360 /* 0x0; 0x0->0x1f: 6 byte cdbs */
361 SDEB_I_TEST_UNIT_READY, SDEB_I_REZERO_UNIT, 0, SDEB_I_REQUEST_SENSE,
363 SDEB_I_READ, 0, SDEB_I_WRITE, 0, 0, 0, 0, 0,
364 0, 0, SDEB_I_INQUIRY, 0, 0, SDEB_I_MODE_SELECT, SDEB_I_RESERVE,
366 0, 0, SDEB_I_MODE_SENSE, SDEB_I_START_STOP, 0, SDEB_I_SEND_DIAG,
367 SDEB_I_ALLOW_REMOVAL, 0,
368 /* 0x20; 0x20->0x3f: 10 byte cdbs */
369 0, 0, 0, 0, 0, SDEB_I_READ_CAPACITY, 0, 0,
370 SDEB_I_READ, 0, SDEB_I_WRITE, 0, 0, 0, 0, SDEB_I_VERIFY,
371 0, 0, 0, 0, 0, SDEB_I_SYNC_CACHE, 0, 0,
372 0, 0, 0, SDEB_I_WRITE_BUFFER, 0, 0, 0, 0,
373 /* 0x40; 0x40->0x5f: 10 byte cdbs */
374 0, SDEB_I_WRITE_SAME, SDEB_I_UNMAP, 0, 0, 0, 0, 0,
375 0, 0, 0, 0, 0, SDEB_I_LOG_SENSE, 0, 0,
376 0, 0, 0, 0, 0, SDEB_I_MODE_SELECT, SDEB_I_RESERVE,
378 0, 0, SDEB_I_MODE_SENSE, 0, 0, 0, 0, 0,
379 /* 0x60; 0x60->0x7d are reserved, 0x7e is "extended cdb" */
380 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
381 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
382 0, SDEB_I_VARIABLE_LEN,
383 /* 0x80; 0x80->0x9f: 16 byte cdbs */
384 0, 0, 0, 0, 0, SDEB_I_ATA_PT, 0, 0,
385 SDEB_I_READ, SDEB_I_COMP_WRITE, SDEB_I_WRITE, 0, 0, 0, 0, 0,
386 0, SDEB_I_SYNC_CACHE, 0, SDEB_I_WRITE_SAME, 0, 0, 0, 0,
387 0, 0, 0, 0, 0, 0, SDEB_I_SERV_ACT_IN_16, SDEB_I_SERV_ACT_OUT_16,
388 /* 0xa0; 0xa0->0xbf: 12 byte cdbs */
389 SDEB_I_REPORT_LUNS, SDEB_I_ATA_PT, 0, SDEB_I_MAINT_IN,
390 SDEB_I_MAINT_OUT, 0, 0, 0,
391 SDEB_I_READ, 0 /* SDEB_I_SERV_ACT_OUT_12 */, SDEB_I_WRITE,
392 0 /* SDEB_I_SERV_ACT_IN_12 */, 0, 0, 0, 0,
393 0, 0, 0, 0, 0, 0, 0, 0,
394 0, 0, 0, 0, 0, 0, 0, 0,
395 /* 0xc0; 0xc0->0xff: vendor specific */
396 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
397 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
398 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
399 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
403 * The following "response" functions return the SCSI mid-level's 4 byte
404 * tuple-in-an-int. To handle commands with an IMMED bit, for a faster
405 * command completion, they can mask their return value with
406 * SDEG_RES_IMMED_MASK .
408 #define SDEG_RES_IMMED_MASK 0x40000000
410 static int resp_inquiry(struct scsi_cmnd *, struct sdebug_dev_info *);
411 static int resp_report_luns(struct scsi_cmnd *, struct sdebug_dev_info *);
412 static int resp_requests(struct scsi_cmnd *, struct sdebug_dev_info *);
413 static int resp_mode_sense(struct scsi_cmnd *, struct sdebug_dev_info *);
414 static int resp_mode_select(struct scsi_cmnd *, struct sdebug_dev_info *);
415 static int resp_log_sense(struct scsi_cmnd *, struct sdebug_dev_info *);
416 static int resp_readcap(struct scsi_cmnd *, struct sdebug_dev_info *);
417 static int resp_read_dt0(struct scsi_cmnd *, struct sdebug_dev_info *);
418 static int resp_write_dt0(struct scsi_cmnd *, struct sdebug_dev_info *);
419 static int resp_write_scat(struct scsi_cmnd *, struct sdebug_dev_info *);
420 static int resp_start_stop(struct scsi_cmnd *, struct sdebug_dev_info *);
421 static int resp_readcap16(struct scsi_cmnd *, struct sdebug_dev_info *);
422 static int resp_get_lba_status(struct scsi_cmnd *, struct sdebug_dev_info *);
423 static int resp_report_tgtpgs(struct scsi_cmnd *, struct sdebug_dev_info *);
424 static int resp_unmap(struct scsi_cmnd *, struct sdebug_dev_info *);
425 static int resp_rsup_opcodes(struct scsi_cmnd *, struct sdebug_dev_info *);
426 static int resp_rsup_tmfs(struct scsi_cmnd *, struct sdebug_dev_info *);
427 static int resp_write_same_10(struct scsi_cmnd *, struct sdebug_dev_info *);
428 static int resp_write_same_16(struct scsi_cmnd *, struct sdebug_dev_info *);
429 static int resp_comp_write(struct scsi_cmnd *, struct sdebug_dev_info *);
430 static int resp_write_buffer(struct scsi_cmnd *, struct sdebug_dev_info *);
431 static int resp_sync_cache(struct scsi_cmnd *, struct sdebug_dev_info *);
434 * The following are overflow arrays for cdbs that "hit" the same index in
435 * the opcode_info_arr array. The most time sensitive (or commonly used) cdb
436 * should be placed in opcode_info_arr[], the others should be placed here.
438 static const struct opcode_info_t msense_iarr[] = {
439 {0, 0x1a, 0, F_D_IN, NULL, NULL,
440 {6, 0xe8, 0xff, 0xff, 0xff, 0xc7, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} },
443 static const struct opcode_info_t mselect_iarr[] = {
444 {0, 0x15, 0, F_D_OUT, NULL, NULL,
445 {6, 0xf1, 0, 0, 0xff, 0xc7, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} },
448 static const struct opcode_info_t read_iarr[] = {
449 {0, 0x28, 0, F_D_IN | FF_MEDIA_IO, resp_read_dt0, NULL,/* READ(10) */
450 {10, 0xff, 0xff, 0xff, 0xff, 0xff, 0x3f, 0xff, 0xff, 0xc7, 0, 0,
452 {0, 0x8, 0, F_D_IN | FF_MEDIA_IO, resp_read_dt0, NULL, /* READ(6) */
453 {6, 0xff, 0xff, 0xff, 0xff, 0xc7, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} },
454 {0, 0xa8, 0, F_D_IN | FF_MEDIA_IO, resp_read_dt0, NULL,/* READ(12) */
455 {12, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xbf,
459 static const struct opcode_info_t write_iarr[] = {
460 {0, 0x2a, 0, F_D_OUT | FF_MEDIA_IO, resp_write_dt0, /* WRITE(10) */
461 NULL, {10, 0xfb, 0xff, 0xff, 0xff, 0xff, 0x3f, 0xff, 0xff, 0xc7,
463 {0, 0xa, 0, F_D_OUT | FF_MEDIA_IO, resp_write_dt0, /* WRITE(6) */
464 NULL, {6, 0xff, 0xff, 0xff, 0xff, 0xc7, 0, 0, 0, 0, 0, 0, 0,
466 {0, 0xaa, 0, F_D_OUT | FF_MEDIA_IO, resp_write_dt0, /* WRITE(12) */
467 NULL, {12, 0xfb, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
468 0xbf, 0xc7, 0, 0, 0, 0} },
471 static const struct opcode_info_t sa_in_16_iarr[] = {
472 {0, 0x9e, 0x12, F_SA_LOW | F_D_IN, resp_get_lba_status, NULL,
473 {16, 0x12, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
474 0xff, 0xff, 0xff, 0, 0xc7} }, /* GET LBA STATUS(16) */
477 static const struct opcode_info_t vl_iarr[] = { /* VARIABLE LENGTH */
478 {0, 0x7f, 0xb, F_SA_HIGH | F_D_OUT | FF_MEDIA_IO, resp_write_dt0,
479 NULL, {32, 0xc7, 0, 0, 0, 0, 0x3f, 0x18, 0x0, 0xb, 0xfa,
480 0, 0xff, 0xff, 0xff, 0xff} }, /* WRITE(32) */
481 {0, 0x7f, 0x11, F_SA_HIGH | F_D_OUT | FF_MEDIA_IO, resp_write_scat,
482 NULL, {32, 0xc7, 0, 0, 0, 0, 0x3f, 0x18, 0x0, 0x11, 0xf8,
483 0, 0xff, 0xff, 0x0, 0x0} }, /* WRITE SCATTERED(32) */
486 static const struct opcode_info_t maint_in_iarr[] = { /* MAINT IN */
487 {0, 0xa3, 0xc, F_SA_LOW | F_D_IN, resp_rsup_opcodes, NULL,
488 {12, 0xc, 0x87, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0,
489 0xc7, 0, 0, 0, 0} }, /* REPORT SUPPORTED OPERATION CODES */
490 {0, 0xa3, 0xd, F_SA_LOW | F_D_IN, resp_rsup_tmfs, NULL,
491 {12, 0xd, 0x80, 0, 0, 0, 0xff, 0xff, 0xff, 0xff, 0, 0xc7, 0, 0,
492 0, 0} }, /* REPORTED SUPPORTED TASK MANAGEMENT FUNCTIONS */
495 static const struct opcode_info_t write_same_iarr[] = {
496 {0, 0x93, 0, F_D_OUT_MAYBE | FF_MEDIA_IO, resp_write_same_16, NULL,
497 {16, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
498 0xff, 0xff, 0xff, 0x3f, 0xc7} }, /* WRITE SAME(16) */
501 static const struct opcode_info_t reserve_iarr[] = {
502 {0, 0x16, 0, F_D_OUT, NULL, NULL, /* RESERVE(6) */
503 {6, 0x1f, 0xff, 0xff, 0xff, 0xc7, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} },
506 static const struct opcode_info_t release_iarr[] = {
507 {0, 0x17, 0, F_D_OUT, NULL, NULL, /* RELEASE(6) */
508 {6, 0x1f, 0xff, 0, 0, 0xc7, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} },
511 static const struct opcode_info_t sync_cache_iarr[] = {
512 {0, 0x91, 0, F_SYNC_DELAY | F_M_ACCESS, resp_sync_cache, NULL,
513 {16, 0x6, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
514 0xff, 0xff, 0xff, 0xff, 0x3f, 0xc7} }, /* SYNC_CACHE (16) */
518 /* This array is accessed via SDEB_I_* values. Make sure all are mapped,
519 * plus the terminating elements for logic that scans this table such as
520 * REPORT SUPPORTED OPERATION CODES. */
521 static const struct opcode_info_t opcode_info_arr[SDEB_I_LAST_ELEMENT + 1] = {
523 {0, 0, 0, F_INV_OP | FF_RESPOND, NULL, NULL, /* unknown opcodes */
524 {0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} },
525 {0, 0x12, 0, FF_RESPOND | F_D_IN, resp_inquiry, NULL, /* INQUIRY */
526 {6, 0xe3, 0xff, 0xff, 0xff, 0xc7, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} },
527 {0, 0xa0, 0, FF_RESPOND | F_D_IN, resp_report_luns, NULL,
528 {12, 0xe3, 0xff, 0, 0, 0, 0xff, 0xff, 0xff, 0xff, 0, 0xc7, 0, 0,
529 0, 0} }, /* REPORT LUNS */
530 {0, 0x3, 0, FF_RESPOND | F_D_IN, resp_requests, NULL,
531 {6, 0xe1, 0, 0, 0xff, 0xc7, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} },
532 {0, 0x0, 0, F_M_ACCESS | F_RL_WLUN_OK, NULL, NULL,/* TEST UNIT READY */
533 {6, 0, 0, 0, 0, 0xc7, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} },
535 {ARRAY_SIZE(msense_iarr), 0x5a, 0, F_D_IN, /* MODE SENSE(10) */
536 resp_mode_sense, msense_iarr, {10, 0xf8, 0xff, 0xff, 0, 0, 0,
537 0xff, 0xff, 0xc7, 0, 0, 0, 0, 0, 0} },
538 {ARRAY_SIZE(mselect_iarr), 0x55, 0, F_D_OUT, /* MODE SELECT(10) */
539 resp_mode_select, mselect_iarr, {10, 0xf1, 0, 0, 0, 0, 0, 0xff,
540 0xff, 0xc7, 0, 0, 0, 0, 0, 0} },
541 {0, 0x4d, 0, F_D_IN, resp_log_sense, NULL, /* LOG SENSE */
542 {10, 0xe3, 0xff, 0xff, 0, 0xff, 0xff, 0xff, 0xff, 0xc7, 0, 0, 0,
544 {0, 0x25, 0, F_D_IN, resp_readcap, NULL, /* READ CAPACITY(10) */
545 {10, 0xe1, 0xff, 0xff, 0xff, 0xff, 0, 0, 0x1, 0xc7, 0, 0, 0, 0,
547 {ARRAY_SIZE(read_iarr), 0x88, 0, F_D_IN | FF_MEDIA_IO, /* READ(16) */
548 resp_read_dt0, read_iarr, {16, 0xfe, 0xff, 0xff, 0xff, 0xff,
549 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xc7} },
551 {ARRAY_SIZE(write_iarr), 0x8a, 0, F_D_OUT | FF_MEDIA_IO,
552 resp_write_dt0, write_iarr, /* WRITE(16) */
553 {16, 0xfa, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
554 0xff, 0xff, 0xff, 0xff, 0xff, 0xc7} },
555 {0, 0x1b, 0, F_SSU_DELAY, resp_start_stop, NULL,/* START STOP UNIT */
556 {6, 0x1, 0, 0xf, 0xf7, 0xc7, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} },
557 {ARRAY_SIZE(sa_in_16_iarr), 0x9e, 0x10, F_SA_LOW | F_D_IN,
558 resp_readcap16, sa_in_16_iarr, /* SA_IN(16), READ CAPACITY(16) */
559 {16, 0x10, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
560 0xff, 0xff, 0xff, 0xff, 0x1, 0xc7} },
561 {0, 0x9f, 0x12, F_SA_LOW | F_D_OUT | FF_MEDIA_IO, resp_write_scat,
562 NULL, {16, 0x12, 0xf9, 0x0, 0xff, 0xff, 0, 0, 0xff, 0xff, 0xff,
563 0xff, 0xff, 0xff, 0xff, 0xc7} }, /* SA_OUT(16), WRITE SCAT(16) */
564 {ARRAY_SIZE(maint_in_iarr), 0xa3, 0xa, F_SA_LOW | F_D_IN,
565 resp_report_tgtpgs, /* MAINT IN, REPORT TARGET PORT GROUPS */
566 maint_in_iarr, {12, 0xea, 0, 0, 0, 0, 0xff, 0xff, 0xff,
567 0xff, 0, 0xc7, 0, 0, 0, 0} },
569 {0, 0, 0, F_INV_OP | FF_RESPOND, NULL, NULL, /* MAINT OUT */
570 {0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} },
571 {0, 0x2f, 0, F_D_OUT_MAYBE | FF_MEDIA_IO, NULL, NULL, /* VERIFY(10) */
572 {10, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xc7,
574 {ARRAY_SIZE(vl_iarr), 0x7f, 0x9, F_SA_HIGH | F_D_IN | FF_MEDIA_IO,
575 resp_read_dt0, vl_iarr, /* VARIABLE LENGTH, READ(32) */
576 {32, 0xc7, 0, 0, 0, 0, 0x3f, 0x18, 0x0, 0x9, 0xfe, 0, 0xff, 0xff,
578 {ARRAY_SIZE(reserve_iarr), 0x56, 0, F_D_OUT,
579 NULL, reserve_iarr, /* RESERVE(10) <no response function> */
580 {10, 0xff, 0xff, 0xff, 0, 0, 0, 0xff, 0xff, 0xc7, 0, 0, 0, 0, 0,
582 {ARRAY_SIZE(release_iarr), 0x57, 0, F_D_OUT,
583 NULL, release_iarr, /* RELEASE(10) <no response function> */
584 {10, 0x13, 0xff, 0xff, 0, 0, 0, 0xff, 0xff, 0xc7, 0, 0, 0, 0, 0,
587 {0, 0x1e, 0, 0, NULL, NULL, /* ALLOW REMOVAL */
588 {6, 0, 0, 0, 0x3, 0xc7, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} },
589 {0, 0x1, 0, 0, resp_start_stop, NULL, /* REWIND ?? */
590 {6, 0x1, 0, 0, 0, 0xc7, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} },
591 {0, 0, 0, F_INV_OP | FF_RESPOND, NULL, NULL, /* ATA_PT */
592 {0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} },
593 {0, 0x1d, F_D_OUT, 0, NULL, NULL, /* SEND DIAGNOSTIC */
594 {6, 0xf7, 0, 0xff, 0xff, 0xc7, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} },
595 {0, 0x42, 0, F_D_OUT | FF_MEDIA_IO, resp_unmap, NULL, /* UNMAP */
596 {10, 0x1, 0, 0, 0, 0, 0x3f, 0xff, 0xff, 0xc7, 0, 0, 0, 0, 0, 0} },
598 {0, 0x3b, 0, F_D_OUT_MAYBE, resp_write_buffer, NULL,
599 {10, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xc7, 0, 0,
600 0, 0, 0, 0} }, /* WRITE_BUFFER */
601 {ARRAY_SIZE(write_same_iarr), 0x41, 0, F_D_OUT_MAYBE | FF_MEDIA_IO,
602 resp_write_same_10, write_same_iarr, /* WRITE SAME(10) */
603 {10, 0xff, 0xff, 0xff, 0xff, 0xff, 0x3f, 0xff, 0xff, 0xc7, 0,
605 {ARRAY_SIZE(sync_cache_iarr), 0x35, 0, F_SYNC_DELAY | F_M_ACCESS,
606 resp_sync_cache, sync_cache_iarr,
607 {10, 0x7, 0xff, 0xff, 0xff, 0xff, 0x3f, 0xff, 0xff, 0xc7, 0, 0,
608 0, 0, 0, 0} }, /* SYNC_CACHE (10) */
609 {0, 0x89, 0, F_D_OUT | FF_MEDIA_IO, resp_comp_write, NULL,
610 {16, 0xf8, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0, 0,
611 0, 0xff, 0x3f, 0xc7} }, /* COMPARE AND WRITE */
614 {0xff, 0, 0, 0, NULL, NULL, /* terminating element */
615 {0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} },
618 static int sdebug_add_host = DEF_NUM_HOST;
619 static int sdebug_ato = DEF_ATO;
620 static int sdebug_cdb_len = DEF_CDB_LEN;
621 static int sdebug_jdelay = DEF_JDELAY; /* if > 0 then unit is jiffies */
622 static int sdebug_dev_size_mb = DEF_DEV_SIZE_MB;
623 static int sdebug_dif = DEF_DIF;
624 static int sdebug_dix = DEF_DIX;
625 static int sdebug_dsense = DEF_D_SENSE;
626 static int sdebug_every_nth = DEF_EVERY_NTH;
627 static int sdebug_fake_rw = DEF_FAKE_RW;
628 static unsigned int sdebug_guard = DEF_GUARD;
629 static int sdebug_lowest_aligned = DEF_LOWEST_ALIGNED;
630 static int sdebug_max_luns = DEF_MAX_LUNS;
631 static int sdebug_max_queue = SDEBUG_CANQUEUE; /* per submit queue */
632 static unsigned int sdebug_medium_error_start = OPT_MEDIUM_ERR_ADDR;
633 static int sdebug_medium_error_count = OPT_MEDIUM_ERR_NUM;
634 static atomic_t retired_max_queue; /* if > 0 then was prior max_queue */
635 static int sdebug_ndelay = DEF_NDELAY; /* if > 0 then unit is nanoseconds */
636 static int sdebug_no_lun_0 = DEF_NO_LUN_0;
637 static int sdebug_no_uld;
638 static int sdebug_num_parts = DEF_NUM_PARTS;
639 static int sdebug_num_tgts = DEF_NUM_TGTS; /* targets per host */
640 static int sdebug_opt_blks = DEF_OPT_BLKS;
641 static int sdebug_opts = DEF_OPTS;
642 static int sdebug_physblk_exp = DEF_PHYSBLK_EXP;
643 static int sdebug_opt_xferlen_exp = DEF_OPT_XFERLEN_EXP;
644 static int sdebug_ptype = DEF_PTYPE; /* SCSI peripheral device type */
645 static int sdebug_scsi_level = DEF_SCSI_LEVEL;
646 static int sdebug_sector_size = DEF_SECTOR_SIZE;
647 static int sdebug_virtual_gb = DEF_VIRTUAL_GB;
648 static int sdebug_vpd_use_hostno = DEF_VPD_USE_HOSTNO;
649 static unsigned int sdebug_lbpu = DEF_LBPU;
650 static unsigned int sdebug_lbpws = DEF_LBPWS;
651 static unsigned int sdebug_lbpws10 = DEF_LBPWS10;
652 static unsigned int sdebug_lbprz = DEF_LBPRZ;
653 static unsigned int sdebug_unmap_alignment = DEF_UNMAP_ALIGNMENT;
654 static unsigned int sdebug_unmap_granularity = DEF_UNMAP_GRANULARITY;
655 static unsigned int sdebug_unmap_max_blocks = DEF_UNMAP_MAX_BLOCKS;
656 static unsigned int sdebug_unmap_max_desc = DEF_UNMAP_MAX_DESC;
657 static unsigned int sdebug_write_same_length = DEF_WRITESAME_LENGTH;
658 static int sdebug_uuid_ctl = DEF_UUID_CTL;
659 static bool sdebug_removable = DEF_REMOVABLE;
660 static bool sdebug_clustering;
661 static bool sdebug_host_lock = DEF_HOST_LOCK;
662 static bool sdebug_strict = DEF_STRICT;
663 static bool sdebug_any_injecting_opt;
664 static bool sdebug_verbose;
665 static bool have_dif_prot;
666 static bool write_since_sync;
667 static bool sdebug_statistics = DEF_STATISTICS;
668 static bool sdebug_wp;
670 static unsigned int sdebug_store_sectors;
671 static sector_t sdebug_capacity; /* in sectors */
673 /* old BIOS stuff, kernel may get rid of them but some mode sense pages
674 may still need them */
675 static int sdebug_heads; /* heads per disk */
676 static int sdebug_cylinders_per; /* cylinders per surface */
677 static int sdebug_sectors_per; /* sectors per cylinder */
679 static LIST_HEAD(sdebug_host_list);
680 static DEFINE_SPINLOCK(sdebug_host_list_lock);
682 static unsigned char *fake_storep; /* ramdisk storage */
683 static struct t10_pi_tuple *dif_storep; /* protection info */
684 static void *map_storep; /* provisioning map */
686 static unsigned long map_size;
687 static int num_aborts;
688 static int num_dev_resets;
689 static int num_target_resets;
690 static int num_bus_resets;
691 static int num_host_resets;
692 static int dix_writes;
693 static int dix_reads;
694 static int dif_errors;
696 static int submit_queues = DEF_SUBMIT_QUEUES; /* > 1 for multi-queue (mq) */
697 static struct sdebug_queue *sdebug_q_arr; /* ptr to array of submit queues */
699 static DEFINE_RWLOCK(atomic_rw);
701 static char sdebug_proc_name[] = MY_NAME;
702 static const char *my_name = MY_NAME;
704 static struct bus_type pseudo_lld_bus;
706 static struct device_driver sdebug_driverfs_driver = {
707 .name = sdebug_proc_name,
708 .bus = &pseudo_lld_bus,
711 static const int check_condition_result =
712 (DRIVER_SENSE << 24) | SAM_STAT_CHECK_CONDITION;
714 static const int illegal_condition_result =
715 (DRIVER_SENSE << 24) | (DID_ABORT << 16) | SAM_STAT_CHECK_CONDITION;
717 static const int device_qfull_result =
718 (DID_OK << 16) | (COMMAND_COMPLETE << 8) | SAM_STAT_TASK_SET_FULL;
721 /* Only do the extra work involved in logical block provisioning if one or
722 * more of the lbpu, lbpws or lbpws10 parameters are given and we are doing
723 * real reads and writes (i.e. not skipping them for speed).
725 static inline bool scsi_debug_lbp(void)
727 return 0 == sdebug_fake_rw &&
728 (sdebug_lbpu || sdebug_lbpws || sdebug_lbpws10);
731 static void *lba2fake_store(unsigned long long lba)
733 lba = do_div(lba, sdebug_store_sectors);
735 return fake_storep + lba * sdebug_sector_size;
738 static struct t10_pi_tuple *dif_store(sector_t sector)
740 sector = sector_div(sector, sdebug_store_sectors);
742 return dif_storep + sector;
745 static void sdebug_max_tgts_luns(void)
747 struct sdebug_host_info *sdbg_host;
748 struct Scsi_Host *hpnt;
750 spin_lock(&sdebug_host_list_lock);
751 list_for_each_entry(sdbg_host, &sdebug_host_list, host_list) {
752 hpnt = sdbg_host->shost;
753 if ((hpnt->this_id >= 0) &&
754 (sdebug_num_tgts > hpnt->this_id))
755 hpnt->max_id = sdebug_num_tgts + 1;
757 hpnt->max_id = sdebug_num_tgts;
758 /* sdebug_max_luns; */
759 hpnt->max_lun = SCSI_W_LUN_REPORT_LUNS + 1;
761 spin_unlock(&sdebug_host_list_lock);
764 enum sdeb_cmd_data {SDEB_IN_DATA = 0, SDEB_IN_CDB = 1};
766 /* Set in_bit to -1 to indicate no bit position of invalid field */
767 static void mk_sense_invalid_fld(struct scsi_cmnd *scp,
768 enum sdeb_cmd_data c_d,
769 int in_byte, int in_bit)
771 unsigned char *sbuff;
775 sbuff = scp->sense_buffer;
777 sdev_printk(KERN_ERR, scp->device,
778 "%s: sense_buffer is NULL\n", __func__);
781 asc = c_d ? INVALID_FIELD_IN_CDB : INVALID_FIELD_IN_PARAM_LIST;
782 memset(sbuff, 0, SCSI_SENSE_BUFFERSIZE);
783 scsi_build_sense_buffer(sdebug_dsense, sbuff, ILLEGAL_REQUEST, asc, 0);
784 memset(sks, 0, sizeof(sks));
790 sks[0] |= 0x7 & in_bit;
792 put_unaligned_be16(in_byte, sks + 1);
798 memcpy(sbuff + sl + 4, sks, 3);
800 memcpy(sbuff + 15, sks, 3);
802 sdev_printk(KERN_INFO, scp->device, "%s: [sense_key,asc,ascq"
803 "]: [0x5,0x%x,0x0] %c byte=%d, bit=%d\n",
804 my_name, asc, c_d ? 'C' : 'D', in_byte, in_bit);
807 static void mk_sense_buffer(struct scsi_cmnd *scp, int key, int asc, int asq)
809 unsigned char *sbuff;
811 sbuff = scp->sense_buffer;
813 sdev_printk(KERN_ERR, scp->device,
814 "%s: sense_buffer is NULL\n", __func__);
817 memset(sbuff, 0, SCSI_SENSE_BUFFERSIZE);
819 scsi_build_sense_buffer(sdebug_dsense, sbuff, key, asc, asq);
822 sdev_printk(KERN_INFO, scp->device,
823 "%s: [sense_key,asc,ascq]: [0x%x,0x%x,0x%x]\n",
824 my_name, key, asc, asq);
827 static void mk_sense_invalid_opcode(struct scsi_cmnd *scp)
829 mk_sense_buffer(scp, ILLEGAL_REQUEST, INVALID_OPCODE, 0);
832 static int scsi_debug_ioctl(struct scsi_device *dev, unsigned int cmd,
835 if (sdebug_verbose) {
837 sdev_printk(KERN_INFO, dev,
838 "%s: BLKFLSBUF [0x1261]\n", __func__);
839 else if (0x5331 == cmd)
840 sdev_printk(KERN_INFO, dev,
841 "%s: CDROM_GET_CAPABILITY [0x5331]\n",
844 sdev_printk(KERN_INFO, dev, "%s: cmd=0x%x\n",
848 /* return -ENOTTY; // correct return but upsets fdisk */
851 static void config_cdb_len(struct scsi_device *sdev)
853 switch (sdebug_cdb_len) {
854 case 6: /* suggest 6 byte READ, WRITE and MODE SENSE/SELECT */
855 sdev->use_10_for_rw = false;
856 sdev->use_16_for_rw = false;
857 sdev->use_10_for_ms = false;
859 case 10: /* suggest 10 byte RWs and 6 byte MODE SENSE/SELECT */
860 sdev->use_10_for_rw = true;
861 sdev->use_16_for_rw = false;
862 sdev->use_10_for_ms = false;
864 case 12: /* suggest 10 byte RWs and 10 byte MODE SENSE/SELECT */
865 sdev->use_10_for_rw = true;
866 sdev->use_16_for_rw = false;
867 sdev->use_10_for_ms = true;
870 sdev->use_10_for_rw = false;
871 sdev->use_16_for_rw = true;
872 sdev->use_10_for_ms = true;
874 case 32: /* No knobs to suggest this so same as 16 for now */
875 sdev->use_10_for_rw = false;
876 sdev->use_16_for_rw = true;
877 sdev->use_10_for_ms = true;
880 pr_warn("unexpected cdb_len=%d, force to 10\n",
882 sdev->use_10_for_rw = true;
883 sdev->use_16_for_rw = false;
884 sdev->use_10_for_ms = false;
890 static void all_config_cdb_len(void)
892 struct sdebug_host_info *sdbg_host;
893 struct Scsi_Host *shost;
894 struct scsi_device *sdev;
896 spin_lock(&sdebug_host_list_lock);
897 list_for_each_entry(sdbg_host, &sdebug_host_list, host_list) {
898 shost = sdbg_host->shost;
899 shost_for_each_device(sdev, shost) {
900 config_cdb_len(sdev);
903 spin_unlock(&sdebug_host_list_lock);
906 static void clear_luns_changed_on_target(struct sdebug_dev_info *devip)
908 struct sdebug_host_info *sdhp;
909 struct sdebug_dev_info *dp;
911 spin_lock(&sdebug_host_list_lock);
912 list_for_each_entry(sdhp, &sdebug_host_list, host_list) {
913 list_for_each_entry(dp, &sdhp->dev_info_list, dev_list) {
914 if ((devip->sdbg_host == dp->sdbg_host) &&
915 (devip->target == dp->target))
916 clear_bit(SDEBUG_UA_LUNS_CHANGED, dp->uas_bm);
919 spin_unlock(&sdebug_host_list_lock);
922 static int make_ua(struct scsi_cmnd *scp, struct sdebug_dev_info *devip)
926 k = find_first_bit(devip->uas_bm, SDEBUG_NUM_UAS);
927 if (k != SDEBUG_NUM_UAS) {
928 const char *cp = NULL;
932 mk_sense_buffer(scp, UNIT_ATTENTION, UA_RESET_ASC,
933 POWER_ON_RESET_ASCQ);
935 cp = "power on reset";
937 case SDEBUG_UA_BUS_RESET:
938 mk_sense_buffer(scp, UNIT_ATTENTION, UA_RESET_ASC,
943 case SDEBUG_UA_MODE_CHANGED:
944 mk_sense_buffer(scp, UNIT_ATTENTION, UA_CHANGED_ASC,
947 cp = "mode parameters changed";
949 case SDEBUG_UA_CAPACITY_CHANGED:
950 mk_sense_buffer(scp, UNIT_ATTENTION, UA_CHANGED_ASC,
951 CAPACITY_CHANGED_ASCQ);
953 cp = "capacity data changed";
955 case SDEBUG_UA_MICROCODE_CHANGED:
956 mk_sense_buffer(scp, UNIT_ATTENTION,
958 MICROCODE_CHANGED_ASCQ);
960 cp = "microcode has been changed";
962 case SDEBUG_UA_MICROCODE_CHANGED_WO_RESET:
963 mk_sense_buffer(scp, UNIT_ATTENTION,
965 MICROCODE_CHANGED_WO_RESET_ASCQ);
967 cp = "microcode has been changed without reset";
969 case SDEBUG_UA_LUNS_CHANGED:
971 * SPC-3 behavior is to report a UNIT ATTENTION with
972 * ASC/ASCQ REPORTED LUNS DATA HAS CHANGED on every LUN
973 * on the target, until a REPORT LUNS command is
974 * received. SPC-4 behavior is to report it only once.
975 * NOTE: sdebug_scsi_level does not use the same
976 * values as struct scsi_device->scsi_level.
978 if (sdebug_scsi_level >= 6) /* SPC-4 and above */
979 clear_luns_changed_on_target(devip);
980 mk_sense_buffer(scp, UNIT_ATTENTION,
984 cp = "reported luns data has changed";
987 pr_warn("unexpected unit attention code=%d\n", k);
992 clear_bit(k, devip->uas_bm);
994 sdev_printk(KERN_INFO, scp->device,
995 "%s reports: Unit attention: %s\n",
997 return check_condition_result;
1002 /* Build SCSI "data-in" buffer. Returns 0 if ok else (DID_ERROR << 16). */
1003 static int fill_from_dev_buffer(struct scsi_cmnd *scp, unsigned char *arr,
1007 struct scsi_data_buffer *sdb = &scp->sdb;
1011 if (scp->sc_data_direction != DMA_FROM_DEVICE)
1012 return DID_ERROR << 16;
1014 act_len = sg_copy_from_buffer(sdb->table.sgl, sdb->table.nents,
1016 scsi_set_resid(scp, scsi_bufflen(scp) - act_len);
1021 /* Partial build of SCSI "data-in" buffer. Returns 0 if ok else
1022 * (DID_ERROR << 16). Can write to offset in data-in buffer. If multiple
1023 * calls, not required to write in ascending offset order. Assumes resid
1024 * set to scsi_bufflen() prior to any calls.
1026 static int p_fill_from_dev_buffer(struct scsi_cmnd *scp, const void *arr,
1027 int arr_len, unsigned int off_dst)
1029 unsigned int act_len, n;
1030 struct scsi_data_buffer *sdb = &scp->sdb;
1031 off_t skip = off_dst;
1033 if (sdb->length <= off_dst)
1035 if (scp->sc_data_direction != DMA_FROM_DEVICE)
1036 return DID_ERROR << 16;
1038 act_len = sg_pcopy_from_buffer(sdb->table.sgl, sdb->table.nents,
1039 arr, arr_len, skip);
1040 pr_debug("%s: off_dst=%u, scsi_bufflen=%u, act_len=%u, resid=%d\n",
1041 __func__, off_dst, scsi_bufflen(scp), act_len,
1042 scsi_get_resid(scp));
1043 n = scsi_bufflen(scp) - (off_dst + act_len);
1044 scsi_set_resid(scp, min(scsi_get_resid(scp), n));
1048 /* Fetches from SCSI "data-out" buffer. Returns number of bytes fetched into
1049 * 'arr' or -1 if error.
1051 static int fetch_to_dev_buffer(struct scsi_cmnd *scp, unsigned char *arr,
1054 if (!scsi_bufflen(scp))
1056 if (scp->sc_data_direction != DMA_TO_DEVICE)
1059 return scsi_sg_copy_to_buffer(scp, arr, arr_len);
1063 static char sdebug_inq_vendor_id[9] = "Linux ";
1064 static char sdebug_inq_product_id[17] = "scsi_debug ";
1065 static char sdebug_inq_product_rev[5] = SDEBUG_VERSION;
1066 /* Use some locally assigned NAAs for SAS addresses. */
1067 static const u64 naa3_comp_a = 0x3222222000000000ULL;
1068 static const u64 naa3_comp_b = 0x3333333000000000ULL;
1069 static const u64 naa3_comp_c = 0x3111111000000000ULL;
1071 /* Device identification VPD page. Returns number of bytes placed in arr */
1072 static int inquiry_vpd_83(unsigned char *arr, int port_group_id,
1073 int target_dev_id, int dev_id_num,
1074 const char *dev_id_str, int dev_id_str_len,
1075 const uuid_t *lu_name)
1080 port_a = target_dev_id + 1;
1081 /* T10 vendor identifier field format (faked) */
1082 arr[0] = 0x2; /* ASCII */
1085 memcpy(&arr[4], sdebug_inq_vendor_id, 8);
1086 memcpy(&arr[12], sdebug_inq_product_id, 16);
1087 memcpy(&arr[28], dev_id_str, dev_id_str_len);
1088 num = 8 + 16 + dev_id_str_len;
1091 if (dev_id_num >= 0) {
1092 if (sdebug_uuid_ctl) {
1093 /* Locally assigned UUID */
1094 arr[num++] = 0x1; /* binary (not necessarily sas) */
1095 arr[num++] = 0xa; /* PIV=0, lu, naa */
1098 arr[num++] = 0x10; /* uuid type=1, locally assigned */
1100 memcpy(arr + num, lu_name, 16);
1103 /* NAA-3, Logical unit identifier (binary) */
1104 arr[num++] = 0x1; /* binary (not necessarily sas) */
1105 arr[num++] = 0x3; /* PIV=0, lu, naa */
1108 put_unaligned_be64(naa3_comp_b + dev_id_num, arr + num);
1111 /* Target relative port number */
1112 arr[num++] = 0x61; /* proto=sas, binary */
1113 arr[num++] = 0x94; /* PIV=1, target port, rel port */
1114 arr[num++] = 0x0; /* reserved */
1115 arr[num++] = 0x4; /* length */
1116 arr[num++] = 0x0; /* reserved */
1117 arr[num++] = 0x0; /* reserved */
1119 arr[num++] = 0x1; /* relative port A */
1121 /* NAA-3, Target port identifier */
1122 arr[num++] = 0x61; /* proto=sas, binary */
1123 arr[num++] = 0x93; /* piv=1, target port, naa */
1126 put_unaligned_be64(naa3_comp_a + port_a, arr + num);
1128 /* NAA-3, Target port group identifier */
1129 arr[num++] = 0x61; /* proto=sas, binary */
1130 arr[num++] = 0x95; /* piv=1, target port group id */
1135 put_unaligned_be16(port_group_id, arr + num);
1137 /* NAA-3, Target device identifier */
1138 arr[num++] = 0x61; /* proto=sas, binary */
1139 arr[num++] = 0xa3; /* piv=1, target device, naa */
1142 put_unaligned_be64(naa3_comp_a + target_dev_id, arr + num);
1144 /* SCSI name string: Target device identifier */
1145 arr[num++] = 0x63; /* proto=sas, UTF-8 */
1146 arr[num++] = 0xa8; /* piv=1, target device, SCSI name string */
1149 memcpy(arr + num, "naa.32222220", 12);
1151 snprintf(b, sizeof(b), "%08X", target_dev_id);
1152 memcpy(arr + num, b, 8);
1154 memset(arr + num, 0, 4);
1159 static unsigned char vpd84_data[] = {
1160 /* from 4th byte */ 0x22,0x22,0x22,0x0,0xbb,0x0,
1161 0x22,0x22,0x22,0x0,0xbb,0x1,
1162 0x22,0x22,0x22,0x0,0xbb,0x2,
1165 /* Software interface identification VPD page */
1166 static int inquiry_vpd_84(unsigned char *arr)
1168 memcpy(arr, vpd84_data, sizeof(vpd84_data));
1169 return sizeof(vpd84_data);
1172 /* Management network addresses VPD page */
1173 static int inquiry_vpd_85(unsigned char *arr)
1176 const char *na1 = "https://www.kernel.org/config";
1177 const char *na2 = "http://www.kernel.org/log";
1180 arr[num++] = 0x1; /* lu, storage config */
1181 arr[num++] = 0x0; /* reserved */
1186 plen = ((plen / 4) + 1) * 4;
1187 arr[num++] = plen; /* length, null termianted, padded */
1188 memcpy(arr + num, na1, olen);
1189 memset(arr + num + olen, 0, plen - olen);
1192 arr[num++] = 0x4; /* lu, logging */
1193 arr[num++] = 0x0; /* reserved */
1198 plen = ((plen / 4) + 1) * 4;
1199 arr[num++] = plen; /* length, null terminated, padded */
1200 memcpy(arr + num, na2, olen);
1201 memset(arr + num + olen, 0, plen - olen);
1207 /* SCSI ports VPD page */
1208 static int inquiry_vpd_88(unsigned char *arr, int target_dev_id)
1213 port_a = target_dev_id + 1;
1214 port_b = port_a + 1;
1215 arr[num++] = 0x0; /* reserved */
1216 arr[num++] = 0x0; /* reserved */
1218 arr[num++] = 0x1; /* relative port 1 (primary) */
1219 memset(arr + num, 0, 6);
1222 arr[num++] = 12; /* length tp descriptor */
1223 /* naa-5 target port identifier (A) */
1224 arr[num++] = 0x61; /* proto=sas, binary */
1225 arr[num++] = 0x93; /* PIV=1, target port, NAA */
1226 arr[num++] = 0x0; /* reserved */
1227 arr[num++] = 0x8; /* length */
1228 put_unaligned_be64(naa3_comp_a + port_a, arr + num);
1230 arr[num++] = 0x0; /* reserved */
1231 arr[num++] = 0x0; /* reserved */
1233 arr[num++] = 0x2; /* relative port 2 (secondary) */
1234 memset(arr + num, 0, 6);
1237 arr[num++] = 12; /* length tp descriptor */
1238 /* naa-5 target port identifier (B) */
1239 arr[num++] = 0x61; /* proto=sas, binary */
1240 arr[num++] = 0x93; /* PIV=1, target port, NAA */
1241 arr[num++] = 0x0; /* reserved */
1242 arr[num++] = 0x8; /* length */
1243 put_unaligned_be64(naa3_comp_a + port_b, arr + num);
1250 static unsigned char vpd89_data[] = {
1251 /* from 4th byte */ 0,0,0,0,
1252 'l','i','n','u','x',' ',' ',' ',
1253 'S','A','T',' ','s','c','s','i','_','d','e','b','u','g',' ',' ',
1255 0x34,0,0,0,1,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,
1257 0x5a,0xc,0xff,0x3f,0x37,0xc8,0x10,0,0,0,0,0,0x3f,0,0,0,
1258 0,0,0,0,0x58,0x58,0x58,0x58,0x58,0x58,0x58,0x58,0x20,0x20,0x20,0x20,
1259 0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,0,0,0,0x40,0x4,0,0x2e,0x33,
1260 0x38,0x31,0x20,0x20,0x20,0x20,0x54,0x53,0x38,0x33,0x30,0x30,0x33,0x31,
1262 0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,
1264 0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,
1266 0,0,0,0x2f,0,0,0,0x2,0,0x2,0x7,0,0xff,0xff,0x1,0,
1267 0x3f,0,0xc1,0xff,0x3e,0,0x10,0x1,0xb0,0xf8,0x50,0x9,0,0,0x7,0,
1268 0x3,0,0x78,0,0x78,0,0xf0,0,0x78,0,0,0,0,0,0,0,
1269 0,0,0,0,0,0,0,0,0x2,0,0,0,0,0,0,0,
1270 0x7e,0,0x1b,0,0x6b,0x34,0x1,0x7d,0x3,0x40,0x69,0x34,0x1,0x3c,0x3,0x40,
1271 0x7f,0x40,0,0,0,0,0xfe,0xfe,0,0,0,0,0,0xfe,0,0,
1272 0,0,0,0,0,0,0,0,0xb0,0xf8,0x50,0x9,0,0,0,0,
1273 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
1274 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
1275 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
1276 0x1,0,0xb0,0xf8,0x50,0x9,0xb0,0xf8,0x50,0x9,0x20,0x20,0x2,0,0xb6,0x42,
1277 0,0x80,0x8a,0,0x6,0x3c,0xa,0x3c,0xff,0xff,0xc6,0x7,0,0x1,0,0x8,
1278 0xf0,0xf,0,0x10,0x2,0,0x30,0,0,0,0,0,0,0,0x6,0xfe,
1279 0,0,0x2,0,0x50,0,0x8a,0,0x4f,0x95,0,0,0x21,0,0xb,0,
1280 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
1281 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
1282 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
1283 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
1284 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
1285 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
1286 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
1287 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
1288 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
1289 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
1290 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
1291 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0xa5,0x51,
1294 /* ATA Information VPD page */
1295 static int inquiry_vpd_89(unsigned char *arr)
1297 memcpy(arr, vpd89_data, sizeof(vpd89_data));
1298 return sizeof(vpd89_data);
1302 static unsigned char vpdb0_data[] = {
1303 /* from 4th byte */ 0,0,0,4, 0,0,0x4,0, 0,0,0,64,
1304 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
1305 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
1306 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
1309 /* Block limits VPD page (SBC-3) */
1310 static int inquiry_vpd_b0(unsigned char *arr)
1314 memcpy(arr, vpdb0_data, sizeof(vpdb0_data));
1316 /* Optimal transfer length granularity */
1317 if (sdebug_opt_xferlen_exp != 0 &&
1318 sdebug_physblk_exp < sdebug_opt_xferlen_exp)
1319 gran = 1 << sdebug_opt_xferlen_exp;
1321 gran = 1 << sdebug_physblk_exp;
1322 put_unaligned_be16(gran, arr + 2);
1324 /* Maximum Transfer Length */
1325 if (sdebug_store_sectors > 0x400)
1326 put_unaligned_be32(sdebug_store_sectors, arr + 4);
1328 /* Optimal Transfer Length */
1329 put_unaligned_be32(sdebug_opt_blks, &arr[8]);
1332 /* Maximum Unmap LBA Count */
1333 put_unaligned_be32(sdebug_unmap_max_blocks, &arr[16]);
1335 /* Maximum Unmap Block Descriptor Count */
1336 put_unaligned_be32(sdebug_unmap_max_desc, &arr[20]);
1339 /* Unmap Granularity Alignment */
1340 if (sdebug_unmap_alignment) {
1341 put_unaligned_be32(sdebug_unmap_alignment, &arr[28]);
1342 arr[28] |= 0x80; /* UGAVALID */
1345 /* Optimal Unmap Granularity */
1346 put_unaligned_be32(sdebug_unmap_granularity, &arr[24]);
1348 /* Maximum WRITE SAME Length */
1349 put_unaligned_be64(sdebug_write_same_length, &arr[32]);
1351 return 0x3c; /* Mandatory page length for Logical Block Provisioning */
1353 return sizeof(vpdb0_data);
1356 /* Block device characteristics VPD page (SBC-3) */
1357 static int inquiry_vpd_b1(unsigned char *arr)
1359 memset(arr, 0, 0x3c);
1361 arr[1] = 1; /* non rotating medium (e.g. solid state) */
1363 arr[3] = 5; /* less than 1.8" */
1368 /* Logical block provisioning VPD page (SBC-4) */
1369 static int inquiry_vpd_b2(unsigned char *arr)
1371 memset(arr, 0, 0x4);
1372 arr[0] = 0; /* threshold exponent */
1379 if (sdebug_lbprz && scsi_debug_lbp())
1380 arr[1] |= (sdebug_lbprz & 0x7) << 2; /* sbc4r07 and later */
1381 /* anc_sup=0; dp=0 (no provisioning group descriptor) */
1382 /* minimum_percentage=0; provisioning_type=0 (unknown) */
1383 /* threshold_percentage=0 */
1387 #define SDEBUG_LONG_INQ_SZ 96
1388 #define SDEBUG_MAX_INQ_ARR_SZ 584
1390 static int resp_inquiry(struct scsi_cmnd *scp, struct sdebug_dev_info *devip)
1392 unsigned char pq_pdt;
1394 unsigned char *cmd = scp->cmnd;
1395 int alloc_len, n, ret;
1396 bool have_wlun, is_disk;
1398 alloc_len = get_unaligned_be16(cmd + 3);
1399 arr = kzalloc(SDEBUG_MAX_INQ_ARR_SZ, GFP_ATOMIC);
1401 return DID_REQUEUE << 16;
1402 is_disk = (sdebug_ptype == TYPE_DISK);
1403 have_wlun = scsi_is_wlun(scp->device->lun);
1405 pq_pdt = TYPE_WLUN; /* present, wlun */
1406 else if (sdebug_no_lun_0 && (devip->lun == SDEBUG_LUN_0_VAL))
1407 pq_pdt = 0x7f; /* not present, PQ=3, PDT=0x1f */
1409 pq_pdt = (sdebug_ptype & 0x1f);
1411 if (0x2 & cmd[1]) { /* CMDDT bit set */
1412 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 1, 1);
1414 return check_condition_result;
1415 } else if (0x1 & cmd[1]) { /* EVPD bit set */
1416 int lu_id_num, port_group_id, target_dev_id, len;
1418 int host_no = devip->sdbg_host->shost->host_no;
1420 port_group_id = (((host_no + 1) & 0x7f) << 8) +
1421 (devip->channel & 0x7f);
1422 if (sdebug_vpd_use_hostno == 0)
1424 lu_id_num = have_wlun ? -1 : (((host_no + 1) * 2000) +
1425 (devip->target * 1000) + devip->lun);
1426 target_dev_id = ((host_no + 1) * 2000) +
1427 (devip->target * 1000) - 3;
1428 len = scnprintf(lu_id_str, 6, "%d", lu_id_num);
1429 if (0 == cmd[2]) { /* supported vital product data pages */
1430 arr[1] = cmd[2]; /*sanity */
1432 arr[n++] = 0x0; /* this page */
1433 arr[n++] = 0x80; /* unit serial number */
1434 arr[n++] = 0x83; /* device identification */
1435 arr[n++] = 0x84; /* software interface ident. */
1436 arr[n++] = 0x85; /* management network addresses */
1437 arr[n++] = 0x86; /* extended inquiry */
1438 arr[n++] = 0x87; /* mode page policy */
1439 arr[n++] = 0x88; /* SCSI ports */
1440 if (is_disk) { /* SBC only */
1441 arr[n++] = 0x89; /* ATA information */
1442 arr[n++] = 0xb0; /* Block limits */
1443 arr[n++] = 0xb1; /* Block characteristics */
1444 arr[n++] = 0xb2; /* Logical Block Prov */
1446 arr[3] = n - 4; /* number of supported VPD pages */
1447 } else if (0x80 == cmd[2]) { /* unit serial number */
1448 arr[1] = cmd[2]; /*sanity */
1450 memcpy(&arr[4], lu_id_str, len);
1451 } else if (0x83 == cmd[2]) { /* device identification */
1452 arr[1] = cmd[2]; /*sanity */
1453 arr[3] = inquiry_vpd_83(&arr[4], port_group_id,
1454 target_dev_id, lu_id_num,
1457 } else if (0x84 == cmd[2]) { /* Software interface ident. */
1458 arr[1] = cmd[2]; /*sanity */
1459 arr[3] = inquiry_vpd_84(&arr[4]);
1460 } else if (0x85 == cmd[2]) { /* Management network addresses */
1461 arr[1] = cmd[2]; /*sanity */
1462 arr[3] = inquiry_vpd_85(&arr[4]);
1463 } else if (0x86 == cmd[2]) { /* extended inquiry */
1464 arr[1] = cmd[2]; /*sanity */
1465 arr[3] = 0x3c; /* number of following entries */
1466 if (sdebug_dif == T10_PI_TYPE3_PROTECTION)
1467 arr[4] = 0x4; /* SPT: GRD_CHK:1 */
1468 else if (have_dif_prot)
1469 arr[4] = 0x5; /* SPT: GRD_CHK:1, REF_CHK:1 */
1471 arr[4] = 0x0; /* no protection stuff */
1472 arr[5] = 0x7; /* head of q, ordered + simple q's */
1473 } else if (0x87 == cmd[2]) { /* mode page policy */
1474 arr[1] = cmd[2]; /*sanity */
1475 arr[3] = 0x8; /* number of following entries */
1476 arr[4] = 0x2; /* disconnect-reconnect mp */
1477 arr[6] = 0x80; /* mlus, shared */
1478 arr[8] = 0x18; /* protocol specific lu */
1479 arr[10] = 0x82; /* mlus, per initiator port */
1480 } else if (0x88 == cmd[2]) { /* SCSI Ports */
1481 arr[1] = cmd[2]; /*sanity */
1482 arr[3] = inquiry_vpd_88(&arr[4], target_dev_id);
1483 } else if (is_disk && 0x89 == cmd[2]) { /* ATA information */
1484 arr[1] = cmd[2]; /*sanity */
1485 n = inquiry_vpd_89(&arr[4]);
1486 put_unaligned_be16(n, arr + 2);
1487 } else if (is_disk && 0xb0 == cmd[2]) { /* Block limits */
1488 arr[1] = cmd[2]; /*sanity */
1489 arr[3] = inquiry_vpd_b0(&arr[4]);
1490 } else if (is_disk && 0xb1 == cmd[2]) { /* Block char. */
1491 arr[1] = cmd[2]; /*sanity */
1492 arr[3] = inquiry_vpd_b1(&arr[4]);
1493 } else if (is_disk && 0xb2 == cmd[2]) { /* LB Prov. */
1494 arr[1] = cmd[2]; /*sanity */
1495 arr[3] = inquiry_vpd_b2(&arr[4]);
1497 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 2, -1);
1499 return check_condition_result;
1501 len = min(get_unaligned_be16(arr + 2) + 4, alloc_len);
1502 ret = fill_from_dev_buffer(scp, arr,
1503 min(len, SDEBUG_MAX_INQ_ARR_SZ));
1507 /* drops through here for a standard inquiry */
1508 arr[1] = sdebug_removable ? 0x80 : 0; /* Removable disk */
1509 arr[2] = sdebug_scsi_level;
1510 arr[3] = 2; /* response_data_format==2 */
1511 arr[4] = SDEBUG_LONG_INQ_SZ - 5;
1512 arr[5] = (int)have_dif_prot; /* PROTECT bit */
1513 if (sdebug_vpd_use_hostno == 0)
1514 arr[5] |= 0x10; /* claim: implicit TPGS */
1515 arr[6] = 0x10; /* claim: MultiP */
1516 /* arr[6] |= 0x40; ... claim: EncServ (enclosure services) */
1517 arr[7] = 0xa; /* claim: LINKED + CMDQUE */
1518 memcpy(&arr[8], sdebug_inq_vendor_id, 8);
1519 memcpy(&arr[16], sdebug_inq_product_id, 16);
1520 memcpy(&arr[32], sdebug_inq_product_rev, 4);
1521 /* Use Vendor Specific area to place driver date in ASCII hex */
1522 memcpy(&arr[36], sdebug_version_date, 8);
1523 /* version descriptors (2 bytes each) follow */
1524 put_unaligned_be16(0xc0, arr + 58); /* SAM-6 no version claimed */
1525 put_unaligned_be16(0x5c0, arr + 60); /* SPC-5 no version claimed */
1527 if (is_disk) { /* SBC-4 no version claimed */
1528 put_unaligned_be16(0x600, arr + n);
1530 } else if (sdebug_ptype == TYPE_TAPE) { /* SSC-4 rev 3 */
1531 put_unaligned_be16(0x525, arr + n);
1534 put_unaligned_be16(0x2100, arr + n); /* SPL-4 no version claimed */
1535 ret = fill_from_dev_buffer(scp, arr,
1536 min(alloc_len, SDEBUG_LONG_INQ_SZ));
1541 static unsigned char iec_m_pg[] = {0x1c, 0xa, 0x08, 0, 0, 0, 0, 0,
1544 static int resp_requests(struct scsi_cmnd *scp,
1545 struct sdebug_dev_info *devip)
1547 unsigned char *sbuff;
1548 unsigned char *cmd = scp->cmnd;
1549 unsigned char arr[SCSI_SENSE_BUFFERSIZE];
1553 memset(arr, 0, sizeof(arr));
1554 dsense = !!(cmd[1] & 1);
1555 sbuff = scp->sense_buffer;
1556 if ((iec_m_pg[2] & 0x4) && (6 == (iec_m_pg[3] & 0xf))) {
1559 arr[1] = 0x0; /* NO_SENSE in sense_key */
1560 arr[2] = THRESHOLD_EXCEEDED;
1561 arr[3] = 0xff; /* TEST set and MRIE==6 */
1565 arr[2] = 0x0; /* NO_SENSE in sense_key */
1566 arr[7] = 0xa; /* 18 byte sense buffer */
1567 arr[12] = THRESHOLD_EXCEEDED;
1568 arr[13] = 0xff; /* TEST set and MRIE==6 */
1571 memcpy(arr, sbuff, SCSI_SENSE_BUFFERSIZE);
1572 if (arr[0] >= 0x70 && dsense == sdebug_dsense)
1573 ; /* have sense and formats match */
1574 else if (arr[0] <= 0x70) {
1584 } else if (dsense) {
1587 arr[1] = sbuff[2]; /* sense key */
1588 arr[2] = sbuff[12]; /* asc */
1589 arr[3] = sbuff[13]; /* ascq */
1601 mk_sense_buffer(scp, 0, NO_ADDITIONAL_SENSE, 0);
1602 return fill_from_dev_buffer(scp, arr, len);
1605 static int resp_start_stop(struct scsi_cmnd *scp,
1606 struct sdebug_dev_info *devip)
1608 unsigned char *cmd = scp->cmnd;
1609 int power_cond, stop;
1612 power_cond = (cmd[4] & 0xf0) >> 4;
1614 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 4, 7);
1615 return check_condition_result;
1617 stop = !(cmd[4] & 1);
1618 changing = atomic_read(&devip->stopped) == !stop;
1619 atomic_xchg(&devip->stopped, stop);
1620 if (!changing || cmd[1] & 0x1) /* state unchanged or IMMED set */
1621 return SDEG_RES_IMMED_MASK;
1626 static sector_t get_sdebug_capacity(void)
1628 static const unsigned int gibibyte = 1073741824;
1630 if (sdebug_virtual_gb > 0)
1631 return (sector_t)sdebug_virtual_gb *
1632 (gibibyte / sdebug_sector_size);
1634 return sdebug_store_sectors;
1637 #define SDEBUG_READCAP_ARR_SZ 8
1638 static int resp_readcap(struct scsi_cmnd *scp,
1639 struct sdebug_dev_info *devip)
1641 unsigned char arr[SDEBUG_READCAP_ARR_SZ];
1644 /* following just in case virtual_gb changed */
1645 sdebug_capacity = get_sdebug_capacity();
1646 memset(arr, 0, SDEBUG_READCAP_ARR_SZ);
1647 if (sdebug_capacity < 0xffffffff) {
1648 capac = (unsigned int)sdebug_capacity - 1;
1649 put_unaligned_be32(capac, arr + 0);
1651 put_unaligned_be32(0xffffffff, arr + 0);
1652 put_unaligned_be16(sdebug_sector_size, arr + 6);
1653 return fill_from_dev_buffer(scp, arr, SDEBUG_READCAP_ARR_SZ);
1656 #define SDEBUG_READCAP16_ARR_SZ 32
1657 static int resp_readcap16(struct scsi_cmnd *scp,
1658 struct sdebug_dev_info *devip)
1660 unsigned char *cmd = scp->cmnd;
1661 unsigned char arr[SDEBUG_READCAP16_ARR_SZ];
1664 alloc_len = get_unaligned_be32(cmd + 10);
1665 /* following just in case virtual_gb changed */
1666 sdebug_capacity = get_sdebug_capacity();
1667 memset(arr, 0, SDEBUG_READCAP16_ARR_SZ);
1668 put_unaligned_be64((u64)(sdebug_capacity - 1), arr + 0);
1669 put_unaligned_be32(sdebug_sector_size, arr + 8);
1670 arr[13] = sdebug_physblk_exp & 0xf;
1671 arr[14] = (sdebug_lowest_aligned >> 8) & 0x3f;
1673 if (scsi_debug_lbp()) {
1674 arr[14] |= 0x80; /* LBPME */
1675 /* from sbc4r07, this LBPRZ field is 1 bit, but the LBPRZ in
1676 * the LB Provisioning VPD page is 3 bits. Note that lbprz=2
1677 * in the wider field maps to 0 in this field.
1679 if (sdebug_lbprz & 1) /* precisely what the draft requires */
1683 arr[15] = sdebug_lowest_aligned & 0xff;
1685 if (have_dif_prot) {
1686 arr[12] = (sdebug_dif - 1) << 1; /* P_TYPE */
1687 arr[12] |= 1; /* PROT_EN */
1690 return fill_from_dev_buffer(scp, arr,
1691 min(alloc_len, SDEBUG_READCAP16_ARR_SZ));
1694 #define SDEBUG_MAX_TGTPGS_ARR_SZ 1412
1696 static int resp_report_tgtpgs(struct scsi_cmnd *scp,
1697 struct sdebug_dev_info *devip)
1699 unsigned char *cmd = scp->cmnd;
1701 int host_no = devip->sdbg_host->shost->host_no;
1702 int n, ret, alen, rlen;
1703 int port_group_a, port_group_b, port_a, port_b;
1705 alen = get_unaligned_be32(cmd + 6);
1706 arr = kzalloc(SDEBUG_MAX_TGTPGS_ARR_SZ, GFP_ATOMIC);
1708 return DID_REQUEUE << 16;
1710 * EVPD page 0x88 states we have two ports, one
1711 * real and a fake port with no device connected.
1712 * So we create two port groups with one port each
1713 * and set the group with port B to unavailable.
1715 port_a = 0x1; /* relative port A */
1716 port_b = 0x2; /* relative port B */
1717 port_group_a = (((host_no + 1) & 0x7f) << 8) +
1718 (devip->channel & 0x7f);
1719 port_group_b = (((host_no + 1) & 0x7f) << 8) +
1720 (devip->channel & 0x7f) + 0x80;
1723 * The asymmetric access state is cycled according to the host_id.
1726 if (sdebug_vpd_use_hostno == 0) {
1727 arr[n++] = host_no % 3; /* Asymm access state */
1728 arr[n++] = 0x0F; /* claim: all states are supported */
1730 arr[n++] = 0x0; /* Active/Optimized path */
1731 arr[n++] = 0x01; /* only support active/optimized paths */
1733 put_unaligned_be16(port_group_a, arr + n);
1735 arr[n++] = 0; /* Reserved */
1736 arr[n++] = 0; /* Status code */
1737 arr[n++] = 0; /* Vendor unique */
1738 arr[n++] = 0x1; /* One port per group */
1739 arr[n++] = 0; /* Reserved */
1740 arr[n++] = 0; /* Reserved */
1741 put_unaligned_be16(port_a, arr + n);
1743 arr[n++] = 3; /* Port unavailable */
1744 arr[n++] = 0x08; /* claim: only unavailalbe paths are supported */
1745 put_unaligned_be16(port_group_b, arr + n);
1747 arr[n++] = 0; /* Reserved */
1748 arr[n++] = 0; /* Status code */
1749 arr[n++] = 0; /* Vendor unique */
1750 arr[n++] = 0x1; /* One port per group */
1751 arr[n++] = 0; /* Reserved */
1752 arr[n++] = 0; /* Reserved */
1753 put_unaligned_be16(port_b, arr + n);
1757 put_unaligned_be32(rlen, arr + 0);
1760 * Return the smallest value of either
1761 * - The allocated length
1762 * - The constructed command length
1763 * - The maximum array size
1766 ret = fill_from_dev_buffer(scp, arr,
1767 min(rlen, SDEBUG_MAX_TGTPGS_ARR_SZ));
1772 static int resp_rsup_opcodes(struct scsi_cmnd *scp,
1773 struct sdebug_dev_info *devip)
1776 u8 reporting_opts, req_opcode, sdeb_i, supp;
1778 u32 alloc_len, a_len;
1779 int k, offset, len, errsts, count, bump, na;
1780 const struct opcode_info_t *oip;
1781 const struct opcode_info_t *r_oip;
1783 u8 *cmd = scp->cmnd;
1785 rctd = !!(cmd[2] & 0x80);
1786 reporting_opts = cmd[2] & 0x7;
1787 req_opcode = cmd[3];
1788 req_sa = get_unaligned_be16(cmd + 4);
1789 alloc_len = get_unaligned_be32(cmd + 6);
1790 if (alloc_len < 4 || alloc_len > 0xffff) {
1791 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 6, -1);
1792 return check_condition_result;
1794 if (alloc_len > 8192)
1798 arr = kzalloc((a_len < 256) ? 320 : a_len + 64, GFP_ATOMIC);
1800 mk_sense_buffer(scp, ILLEGAL_REQUEST, INSUFF_RES_ASC,
1802 return check_condition_result;
1804 switch (reporting_opts) {
1805 case 0: /* all commands */
1806 /* count number of commands */
1807 for (count = 0, oip = opcode_info_arr;
1808 oip->num_attached != 0xff; ++oip) {
1809 if (F_INV_OP & oip->flags)
1811 count += (oip->num_attached + 1);
1813 bump = rctd ? 20 : 8;
1814 put_unaligned_be32(count * bump, arr);
1815 for (offset = 4, oip = opcode_info_arr;
1816 oip->num_attached != 0xff && offset < a_len; ++oip) {
1817 if (F_INV_OP & oip->flags)
1819 na = oip->num_attached;
1820 arr[offset] = oip->opcode;
1821 put_unaligned_be16(oip->sa, arr + offset + 2);
1823 arr[offset + 5] |= 0x2;
1824 if (FF_SA & oip->flags)
1825 arr[offset + 5] |= 0x1;
1826 put_unaligned_be16(oip->len_mask[0], arr + offset + 6);
1828 put_unaligned_be16(0xa, arr + offset + 8);
1830 for (k = 0, oip = oip->arrp; k < na; ++k, ++oip) {
1831 if (F_INV_OP & oip->flags)
1834 arr[offset] = oip->opcode;
1835 put_unaligned_be16(oip->sa, arr + offset + 2);
1837 arr[offset + 5] |= 0x2;
1838 if (FF_SA & oip->flags)
1839 arr[offset + 5] |= 0x1;
1840 put_unaligned_be16(oip->len_mask[0],
1843 put_unaligned_be16(0xa,
1850 case 1: /* one command: opcode only */
1851 case 2: /* one command: opcode plus service action */
1852 case 3: /* one command: if sa==0 then opcode only else opcode+sa */
1853 sdeb_i = opcode_ind_arr[req_opcode];
1854 oip = &opcode_info_arr[sdeb_i];
1855 if (F_INV_OP & oip->flags) {
1859 if (1 == reporting_opts) {
1860 if (FF_SA & oip->flags) {
1861 mk_sense_invalid_fld(scp, SDEB_IN_CDB,
1864 return check_condition_result;
1867 } else if (2 == reporting_opts &&
1868 0 == (FF_SA & oip->flags)) {
1869 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 4, -1);
1870 kfree(arr); /* point at requested sa */
1871 return check_condition_result;
1873 if (0 == (FF_SA & oip->flags) &&
1874 req_opcode == oip->opcode)
1876 else if (0 == (FF_SA & oip->flags)) {
1877 na = oip->num_attached;
1878 for (k = 0, oip = oip->arrp; k < na;
1880 if (req_opcode == oip->opcode)
1883 supp = (k >= na) ? 1 : 3;
1884 } else if (req_sa != oip->sa) {
1885 na = oip->num_attached;
1886 for (k = 0, oip = oip->arrp; k < na;
1888 if (req_sa == oip->sa)
1891 supp = (k >= na) ? 1 : 3;
1895 u = oip->len_mask[0];
1896 put_unaligned_be16(u, arr + 2);
1897 arr[4] = oip->opcode;
1898 for (k = 1; k < u; ++k)
1899 arr[4 + k] = (k < 16) ?
1900 oip->len_mask[k] : 0xff;
1905 arr[1] = (rctd ? 0x80 : 0) | supp;
1907 put_unaligned_be16(0xa, arr + offset);
1912 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 2, 2);
1914 return check_condition_result;
1916 offset = (offset < a_len) ? offset : a_len;
1917 len = (offset < alloc_len) ? offset : alloc_len;
1918 errsts = fill_from_dev_buffer(scp, arr, len);
1923 static int resp_rsup_tmfs(struct scsi_cmnd *scp,
1924 struct sdebug_dev_info *devip)
1929 u8 *cmd = scp->cmnd;
1931 memset(arr, 0, sizeof(arr));
1932 repd = !!(cmd[2] & 0x80);
1933 alloc_len = get_unaligned_be32(cmd + 6);
1934 if (alloc_len < 4) {
1935 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 6, -1);
1936 return check_condition_result;
1938 arr[0] = 0xc8; /* ATS | ATSS | LURS */
1939 arr[1] = 0x1; /* ITNRS */
1946 len = (len < alloc_len) ? len : alloc_len;
1947 return fill_from_dev_buffer(scp, arr, len);
1950 /* <<Following mode page info copied from ST318451LW>> */
1952 static int resp_err_recov_pg(unsigned char *p, int pcontrol, int target)
1953 { /* Read-Write Error Recovery page for mode_sense */
1954 unsigned char err_recov_pg[] = {0x1, 0xa, 0xc0, 11, 240, 0, 0, 0,
1957 memcpy(p, err_recov_pg, sizeof(err_recov_pg));
1959 memset(p + 2, 0, sizeof(err_recov_pg) - 2);
1960 return sizeof(err_recov_pg);
1963 static int resp_disconnect_pg(unsigned char *p, int pcontrol, int target)
1964 { /* Disconnect-Reconnect page for mode_sense */
1965 unsigned char disconnect_pg[] = {0x2, 0xe, 128, 128, 0, 10, 0, 0,
1966 0, 0, 0, 0, 0, 0, 0, 0};
1968 memcpy(p, disconnect_pg, sizeof(disconnect_pg));
1970 memset(p + 2, 0, sizeof(disconnect_pg) - 2);
1971 return sizeof(disconnect_pg);
1974 static int resp_format_pg(unsigned char *p, int pcontrol, int target)
1975 { /* Format device page for mode_sense */
1976 unsigned char format_pg[] = {0x3, 0x16, 0, 0, 0, 0, 0, 0,
1977 0, 0, 0, 0, 0, 0, 0, 0,
1978 0, 0, 0, 0, 0x40, 0, 0, 0};
1980 memcpy(p, format_pg, sizeof(format_pg));
1981 put_unaligned_be16(sdebug_sectors_per, p + 10);
1982 put_unaligned_be16(sdebug_sector_size, p + 12);
1983 if (sdebug_removable)
1984 p[20] |= 0x20; /* should agree with INQUIRY */
1986 memset(p + 2, 0, sizeof(format_pg) - 2);
1987 return sizeof(format_pg);
1990 static unsigned char caching_pg[] = {0x8, 18, 0x14, 0, 0xff, 0xff, 0, 0,
1991 0xff, 0xff, 0xff, 0xff, 0x80, 0x14, 0, 0,
1994 static int resp_caching_pg(unsigned char *p, int pcontrol, int target)
1995 { /* Caching page for mode_sense */
1996 unsigned char ch_caching_pg[] = {/* 0x8, 18, */ 0x4, 0, 0, 0, 0, 0,
1997 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0};
1998 unsigned char d_caching_pg[] = {0x8, 18, 0x14, 0, 0xff, 0xff, 0, 0,
1999 0xff, 0xff, 0xff, 0xff, 0x80, 0x14, 0, 0, 0, 0, 0, 0};
2001 if (SDEBUG_OPT_N_WCE & sdebug_opts)
2002 caching_pg[2] &= ~0x4; /* set WCE=0 (default WCE=1) */
2003 memcpy(p, caching_pg, sizeof(caching_pg));
2005 memcpy(p + 2, ch_caching_pg, sizeof(ch_caching_pg));
2006 else if (2 == pcontrol)
2007 memcpy(p, d_caching_pg, sizeof(d_caching_pg));
2008 return sizeof(caching_pg);
2011 static unsigned char ctrl_m_pg[] = {0xa, 10, 2, 0, 0, 0, 0, 0,
2014 static int resp_ctrl_m_pg(unsigned char *p, int pcontrol, int target)
2015 { /* Control mode page for mode_sense */
2016 unsigned char ch_ctrl_m_pg[] = {/* 0xa, 10, */ 0x6, 0, 0, 0, 0, 0,
2018 unsigned char d_ctrl_m_pg[] = {0xa, 10, 2, 0, 0, 0, 0, 0,
2022 ctrl_m_pg[2] |= 0x4;
2024 ctrl_m_pg[2] &= ~0x4;
2027 ctrl_m_pg[5] |= 0x80; /* ATO=1 */
2029 memcpy(p, ctrl_m_pg, sizeof(ctrl_m_pg));
2031 memcpy(p + 2, ch_ctrl_m_pg, sizeof(ch_ctrl_m_pg));
2032 else if (2 == pcontrol)
2033 memcpy(p, d_ctrl_m_pg, sizeof(d_ctrl_m_pg));
2034 return sizeof(ctrl_m_pg);
2038 static int resp_iec_m_pg(unsigned char *p, int pcontrol, int target)
2039 { /* Informational Exceptions control mode page for mode_sense */
2040 unsigned char ch_iec_m_pg[] = {/* 0x1c, 0xa, */ 0x4, 0xf, 0, 0, 0, 0,
2042 unsigned char d_iec_m_pg[] = {0x1c, 0xa, 0x08, 0, 0, 0, 0, 0,
2045 memcpy(p, iec_m_pg, sizeof(iec_m_pg));
2047 memcpy(p + 2, ch_iec_m_pg, sizeof(ch_iec_m_pg));
2048 else if (2 == pcontrol)
2049 memcpy(p, d_iec_m_pg, sizeof(d_iec_m_pg));
2050 return sizeof(iec_m_pg);
2053 static int resp_sas_sf_m_pg(unsigned char *p, int pcontrol, int target)
2054 { /* SAS SSP mode page - short format for mode_sense */
2055 unsigned char sas_sf_m_pg[] = {0x19, 0x6,
2056 0x6, 0x0, 0x7, 0xd0, 0x0, 0x0};
2058 memcpy(p, sas_sf_m_pg, sizeof(sas_sf_m_pg));
2060 memset(p + 2, 0, sizeof(sas_sf_m_pg) - 2);
2061 return sizeof(sas_sf_m_pg);
2065 static int resp_sas_pcd_m_spg(unsigned char *p, int pcontrol, int target,
2067 { /* SAS phy control and discover mode page for mode_sense */
2068 unsigned char sas_pcd_m_pg[] = {0x59, 0x1, 0, 0x64, 0, 0x6, 0, 2,
2069 0, 0, 0, 0, 0x10, 0x9, 0x8, 0x0,
2070 0, 0, 0, 0, 0, 0, 0, 0, /* insert SAS addr */
2071 0, 0, 0, 0, 0, 0, 0, 0, /* insert SAS addr */
2072 0x2, 0, 0, 0, 0, 0, 0, 0,
2073 0x88, 0x99, 0, 0, 0, 0, 0, 0,
2074 0, 0, 0, 0, 0, 0, 0, 0,
2075 0, 1, 0, 0, 0x10, 0x9, 0x8, 0x0,
2076 0, 0, 0, 0, 0, 0, 0, 0, /* insert SAS addr */
2077 0, 0, 0, 0, 0, 0, 0, 0, /* insert SAS addr */
2078 0x3, 0, 0, 0, 0, 0, 0, 0,
2079 0x88, 0x99, 0, 0, 0, 0, 0, 0,
2080 0, 0, 0, 0, 0, 0, 0, 0,
2084 put_unaligned_be64(naa3_comp_a, sas_pcd_m_pg + 16);
2085 put_unaligned_be64(naa3_comp_c + 1, sas_pcd_m_pg + 24);
2086 put_unaligned_be64(naa3_comp_a, sas_pcd_m_pg + 64);
2087 put_unaligned_be64(naa3_comp_c + 1, sas_pcd_m_pg + 72);
2088 port_a = target_dev_id + 1;
2089 port_b = port_a + 1;
2090 memcpy(p, sas_pcd_m_pg, sizeof(sas_pcd_m_pg));
2091 put_unaligned_be32(port_a, p + 20);
2092 put_unaligned_be32(port_b, p + 48 + 20);
2094 memset(p + 4, 0, sizeof(sas_pcd_m_pg) - 4);
2095 return sizeof(sas_pcd_m_pg);
2098 static int resp_sas_sha_m_spg(unsigned char *p, int pcontrol)
2099 { /* SAS SSP shared protocol specific port mode subpage */
2100 unsigned char sas_sha_m_pg[] = {0x59, 0x2, 0, 0xc, 0, 0x6, 0x10, 0,
2101 0, 0, 0, 0, 0, 0, 0, 0,
2104 memcpy(p, sas_sha_m_pg, sizeof(sas_sha_m_pg));
2106 memset(p + 4, 0, sizeof(sas_sha_m_pg) - 4);
2107 return sizeof(sas_sha_m_pg);
2110 #define SDEBUG_MAX_MSENSE_SZ 256
2112 static int resp_mode_sense(struct scsi_cmnd *scp,
2113 struct sdebug_dev_info *devip)
2115 int pcontrol, pcode, subpcode, bd_len;
2116 unsigned char dev_spec;
2117 int alloc_len, offset, len, target_dev_id;
2118 int target = scp->device->id;
2120 unsigned char arr[SDEBUG_MAX_MSENSE_SZ];
2121 unsigned char *cmd = scp->cmnd;
2122 bool dbd, llbaa, msense_6, is_disk, bad_pcode;
2124 dbd = !!(cmd[1] & 0x8); /* disable block descriptors */
2125 pcontrol = (cmd[2] & 0xc0) >> 6;
2126 pcode = cmd[2] & 0x3f;
2128 msense_6 = (MODE_SENSE == cmd[0]);
2129 llbaa = msense_6 ? false : !!(cmd[1] & 0x10);
2130 is_disk = (sdebug_ptype == TYPE_DISK);
2131 if (is_disk && !dbd)
2132 bd_len = llbaa ? 16 : 8;
2135 alloc_len = msense_6 ? cmd[4] : get_unaligned_be16(cmd + 7);
2136 memset(arr, 0, SDEBUG_MAX_MSENSE_SZ);
2137 if (0x3 == pcontrol) { /* Saving values not supported */
2138 mk_sense_buffer(scp, ILLEGAL_REQUEST, SAVING_PARAMS_UNSUP, 0);
2139 return check_condition_result;
2141 target_dev_id = ((devip->sdbg_host->shost->host_no + 1) * 2000) +
2142 (devip->target * 1000) - 3;
2143 /* for disks set DPOFUA bit and clear write protect (WP) bit */
2145 dev_spec = 0x10; /* =0x90 if WP=1 implies read-only */
2157 arr[4] = 0x1; /* set LONGLBA bit */
2158 arr[7] = bd_len; /* assume 255 or less */
2162 if ((bd_len > 0) && (!sdebug_capacity))
2163 sdebug_capacity = get_sdebug_capacity();
2166 if (sdebug_capacity > 0xfffffffe)
2167 put_unaligned_be32(0xffffffff, ap + 0);
2169 put_unaligned_be32(sdebug_capacity, ap + 0);
2170 put_unaligned_be16(sdebug_sector_size, ap + 6);
2173 } else if (16 == bd_len) {
2174 put_unaligned_be64((u64)sdebug_capacity, ap + 0);
2175 put_unaligned_be32(sdebug_sector_size, ap + 12);
2180 if ((subpcode > 0x0) && (subpcode < 0xff) && (0x19 != pcode)) {
2181 /* TODO: Control Extension page */
2182 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 3, -1);
2183 return check_condition_result;
2188 case 0x1: /* Read-Write error recovery page, direct access */
2189 len = resp_err_recov_pg(ap, pcontrol, target);
2192 case 0x2: /* Disconnect-Reconnect page, all devices */
2193 len = resp_disconnect_pg(ap, pcontrol, target);
2196 case 0x3: /* Format device page, direct access */
2198 len = resp_format_pg(ap, pcontrol, target);
2203 case 0x8: /* Caching page, direct access */
2205 len = resp_caching_pg(ap, pcontrol, target);
2210 case 0xa: /* Control Mode page, all devices */
2211 len = resp_ctrl_m_pg(ap, pcontrol, target);
2214 case 0x19: /* if spc==1 then sas phy, control+discover */
2215 if ((subpcode > 0x2) && (subpcode < 0xff)) {
2216 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 3, -1);
2217 return check_condition_result;
2220 if ((0x0 == subpcode) || (0xff == subpcode))
2221 len += resp_sas_sf_m_pg(ap + len, pcontrol, target);
2222 if ((0x1 == subpcode) || (0xff == subpcode))
2223 len += resp_sas_pcd_m_spg(ap + len, pcontrol, target,
2225 if ((0x2 == subpcode) || (0xff == subpcode))
2226 len += resp_sas_sha_m_spg(ap + len, pcontrol);
2229 case 0x1c: /* Informational Exceptions Mode page, all devices */
2230 len = resp_iec_m_pg(ap, pcontrol, target);
2233 case 0x3f: /* Read all Mode pages */
2234 if ((0 == subpcode) || (0xff == subpcode)) {
2235 len = resp_err_recov_pg(ap, pcontrol, target);
2236 len += resp_disconnect_pg(ap + len, pcontrol, target);
2238 len += resp_format_pg(ap + len, pcontrol,
2240 len += resp_caching_pg(ap + len, pcontrol,
2243 len += resp_ctrl_m_pg(ap + len, pcontrol, target);
2244 len += resp_sas_sf_m_pg(ap + len, pcontrol, target);
2245 if (0xff == subpcode) {
2246 len += resp_sas_pcd_m_spg(ap + len, pcontrol,
2247 target, target_dev_id);
2248 len += resp_sas_sha_m_spg(ap + len, pcontrol);
2250 len += resp_iec_m_pg(ap + len, pcontrol, target);
2253 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 3, -1);
2254 return check_condition_result;
2262 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 2, 5);
2263 return check_condition_result;
2266 arr[0] = offset - 1;
2268 put_unaligned_be16((offset - 2), arr + 0);
2269 return fill_from_dev_buffer(scp, arr, min(alloc_len, offset));
2272 #define SDEBUG_MAX_MSELECT_SZ 512
2274 static int resp_mode_select(struct scsi_cmnd *scp,
2275 struct sdebug_dev_info *devip)
2277 int pf, sp, ps, md_len, bd_len, off, spf, pg_len;
2278 int param_len, res, mpage;
2279 unsigned char arr[SDEBUG_MAX_MSELECT_SZ];
2280 unsigned char *cmd = scp->cmnd;
2281 int mselect6 = (MODE_SELECT == cmd[0]);
2283 memset(arr, 0, sizeof(arr));
2286 param_len = mselect6 ? cmd[4] : get_unaligned_be16(cmd + 7);
2287 if ((0 == pf) || sp || (param_len > SDEBUG_MAX_MSELECT_SZ)) {
2288 mk_sense_invalid_fld(scp, SDEB_IN_CDB, mselect6 ? 4 : 7, -1);
2289 return check_condition_result;
2291 res = fetch_to_dev_buffer(scp, arr, param_len);
2293 return DID_ERROR << 16;
2294 else if (sdebug_verbose && (res < param_len))
2295 sdev_printk(KERN_INFO, scp->device,
2296 "%s: cdb indicated=%d, IO sent=%d bytes\n",
2297 __func__, param_len, res);
2298 md_len = mselect6 ? (arr[0] + 1) : (get_unaligned_be16(arr + 0) + 2);
2299 bd_len = mselect6 ? arr[3] : get_unaligned_be16(arr + 6);
2301 mk_sense_invalid_fld(scp, SDEB_IN_DATA, 0, -1);
2302 return check_condition_result;
2304 off = bd_len + (mselect6 ? 4 : 8);
2305 mpage = arr[off] & 0x3f;
2306 ps = !!(arr[off] & 0x80);
2308 mk_sense_invalid_fld(scp, SDEB_IN_DATA, off, 7);
2309 return check_condition_result;
2311 spf = !!(arr[off] & 0x40);
2312 pg_len = spf ? (get_unaligned_be16(arr + off + 2) + 4) :
2314 if ((pg_len + off) > param_len) {
2315 mk_sense_buffer(scp, ILLEGAL_REQUEST,
2316 PARAMETER_LIST_LENGTH_ERR, 0);
2317 return check_condition_result;
2320 case 0x8: /* Caching Mode page */
2321 if (caching_pg[1] == arr[off + 1]) {
2322 memcpy(caching_pg + 2, arr + off + 2,
2323 sizeof(caching_pg) - 2);
2324 goto set_mode_changed_ua;
2327 case 0xa: /* Control Mode page */
2328 if (ctrl_m_pg[1] == arr[off + 1]) {
2329 memcpy(ctrl_m_pg + 2, arr + off + 2,
2330 sizeof(ctrl_m_pg) - 2);
2331 if (ctrl_m_pg[4] & 0x8)
2335 sdebug_dsense = !!(ctrl_m_pg[2] & 0x4);
2336 goto set_mode_changed_ua;
2339 case 0x1c: /* Informational Exceptions Mode page */
2340 if (iec_m_pg[1] == arr[off + 1]) {
2341 memcpy(iec_m_pg + 2, arr + off + 2,
2342 sizeof(iec_m_pg) - 2);
2343 goto set_mode_changed_ua;
2349 mk_sense_invalid_fld(scp, SDEB_IN_DATA, off, 5);
2350 return check_condition_result;
2351 set_mode_changed_ua:
2352 set_bit(SDEBUG_UA_MODE_CHANGED, devip->uas_bm);
2356 static int resp_temp_l_pg(unsigned char *arr)
2358 unsigned char temp_l_pg[] = {0x0, 0x0, 0x3, 0x2, 0x0, 38,
2359 0x0, 0x1, 0x3, 0x2, 0x0, 65,
2362 memcpy(arr, temp_l_pg, sizeof(temp_l_pg));
2363 return sizeof(temp_l_pg);
2366 static int resp_ie_l_pg(unsigned char *arr)
2368 unsigned char ie_l_pg[] = {0x0, 0x0, 0x3, 0x3, 0x0, 0x0, 38,
2371 memcpy(arr, ie_l_pg, sizeof(ie_l_pg));
2372 if (iec_m_pg[2] & 0x4) { /* TEST bit set */
2373 arr[4] = THRESHOLD_EXCEEDED;
2376 return sizeof(ie_l_pg);
2379 #define SDEBUG_MAX_LSENSE_SZ 512
2381 static int resp_log_sense(struct scsi_cmnd *scp,
2382 struct sdebug_dev_info *devip)
2384 int ppc, sp, pcode, subpcode, alloc_len, len, n;
2385 unsigned char arr[SDEBUG_MAX_LSENSE_SZ];
2386 unsigned char *cmd = scp->cmnd;
2388 memset(arr, 0, sizeof(arr));
2392 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 1, ppc ? 1 : 0);
2393 return check_condition_result;
2395 pcode = cmd[2] & 0x3f;
2396 subpcode = cmd[3] & 0xff;
2397 alloc_len = get_unaligned_be16(cmd + 7);
2399 if (0 == subpcode) {
2401 case 0x0: /* Supported log pages log page */
2403 arr[n++] = 0x0; /* this page */
2404 arr[n++] = 0xd; /* Temperature */
2405 arr[n++] = 0x2f; /* Informational exceptions */
2408 case 0xd: /* Temperature log page */
2409 arr[3] = resp_temp_l_pg(arr + 4);
2411 case 0x2f: /* Informational exceptions log page */
2412 arr[3] = resp_ie_l_pg(arr + 4);
2415 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 2, 5);
2416 return check_condition_result;
2418 } else if (0xff == subpcode) {
2422 case 0x0: /* Supported log pages and subpages log page */
2425 arr[n++] = 0x0; /* 0,0 page */
2427 arr[n++] = 0xff; /* this page */
2429 arr[n++] = 0x0; /* Temperature */
2431 arr[n++] = 0x0; /* Informational exceptions */
2434 case 0xd: /* Temperature subpages */
2437 arr[n++] = 0x0; /* Temperature */
2440 case 0x2f: /* Informational exceptions subpages */
2443 arr[n++] = 0x0; /* Informational exceptions */
2447 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 2, 5);
2448 return check_condition_result;
2451 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 3, -1);
2452 return check_condition_result;
2454 len = min(get_unaligned_be16(arr + 2) + 4, alloc_len);
2455 return fill_from_dev_buffer(scp, arr,
2456 min(len, SDEBUG_MAX_INQ_ARR_SZ));
2459 static inline int check_device_access_params(struct scsi_cmnd *scp,
2460 unsigned long long lba, unsigned int num, bool write)
2462 if (lba + num > sdebug_capacity) {
2463 mk_sense_buffer(scp, ILLEGAL_REQUEST, LBA_OUT_OF_RANGE, 0);
2464 return check_condition_result;
2466 /* transfer length excessive (tie in to block limits VPD page) */
2467 if (num > sdebug_store_sectors) {
2468 /* needs work to find which cdb byte 'num' comes from */
2469 mk_sense_buffer(scp, ILLEGAL_REQUEST, INVALID_FIELD_IN_CDB, 0);
2470 return check_condition_result;
2472 if (write && unlikely(sdebug_wp)) {
2473 mk_sense_buffer(scp, DATA_PROTECT, WRITE_PROTECTED, 0x2);
2474 return check_condition_result;
2479 /* Returns number of bytes copied or -1 if error. */
2480 static int do_device_access(struct scsi_cmnd *scmd, u32 sg_skip, u64 lba,
2481 u32 num, bool do_write)
2484 u64 block, rest = 0;
2485 struct scsi_data_buffer *sdb = &scmd->sdb;
2486 enum dma_data_direction dir;
2489 dir = DMA_TO_DEVICE;
2490 write_since_sync = true;
2492 dir = DMA_FROM_DEVICE;
2497 if (scmd->sc_data_direction != dir)
2500 block = do_div(lba, sdebug_store_sectors);
2501 if (block + num > sdebug_store_sectors)
2502 rest = block + num - sdebug_store_sectors;
2504 ret = sg_copy_buffer(sdb->table.sgl, sdb->table.nents,
2505 fake_storep + (block * sdebug_sector_size),
2506 (num - rest) * sdebug_sector_size, sg_skip, do_write);
2507 if (ret != (num - rest) * sdebug_sector_size)
2511 ret += sg_copy_buffer(sdb->table.sgl, sdb->table.nents,
2512 fake_storep, rest * sdebug_sector_size,
2513 sg_skip + ((num - rest) * sdebug_sector_size),
2520 /* If lba2fake_store(lba,num) compares equal to arr(num), then copy top half of
2521 * arr into lba2fake_store(lba,num) and return true. If comparison fails then
2523 static bool comp_write_worker(u64 lba, u32 num, const u8 *arr)
2526 u64 block, rest = 0;
2527 u32 store_blks = sdebug_store_sectors;
2528 u32 lb_size = sdebug_sector_size;
2530 block = do_div(lba, store_blks);
2531 if (block + num > store_blks)
2532 rest = block + num - store_blks;
2534 res = !memcmp(fake_storep + (block * lb_size), arr,
2535 (num - rest) * lb_size);
2539 res = memcmp(fake_storep, arr + ((num - rest) * lb_size),
2543 arr += num * lb_size;
2544 memcpy(fake_storep + (block * lb_size), arr, (num - rest) * lb_size);
2546 memcpy(fake_storep, arr + ((num - rest) * lb_size),
2551 static __be16 dif_compute_csum(const void *buf, int len)
2556 csum = (__force __be16)ip_compute_csum(buf, len);
2558 csum = cpu_to_be16(crc_t10dif(buf, len));
2563 static int dif_verify(struct t10_pi_tuple *sdt, const void *data,
2564 sector_t sector, u32 ei_lba)
2566 __be16 csum = dif_compute_csum(data, sdebug_sector_size);
2568 if (sdt->guard_tag != csum) {
2569 pr_err("GUARD check failed on sector %lu rcvd 0x%04x, data 0x%04x\n",
2570 (unsigned long)sector,
2571 be16_to_cpu(sdt->guard_tag),
2575 if (sdebug_dif == T10_PI_TYPE1_PROTECTION &&
2576 be32_to_cpu(sdt->ref_tag) != (sector & 0xffffffff)) {
2577 pr_err("REF check failed on sector %lu\n",
2578 (unsigned long)sector);
2581 if (sdebug_dif == T10_PI_TYPE2_PROTECTION &&
2582 be32_to_cpu(sdt->ref_tag) != ei_lba) {
2583 pr_err("REF check failed on sector %lu\n",
2584 (unsigned long)sector);
2590 static void dif_copy_prot(struct scsi_cmnd *SCpnt, sector_t sector,
2591 unsigned int sectors, bool read)
2595 const void *dif_store_end = dif_storep + sdebug_store_sectors;
2596 struct sg_mapping_iter miter;
2598 /* Bytes of protection data to copy into sgl */
2599 resid = sectors * sizeof(*dif_storep);
2601 sg_miter_start(&miter, scsi_prot_sglist(SCpnt),
2602 scsi_prot_sg_count(SCpnt), SG_MITER_ATOMIC |
2603 (read ? SG_MITER_TO_SG : SG_MITER_FROM_SG));
2605 while (sg_miter_next(&miter) && resid > 0) {
2606 size_t len = min(miter.length, resid);
2607 void *start = dif_store(sector);
2610 if (dif_store_end < start + len)
2611 rest = start + len - dif_store_end;
2616 memcpy(paddr, start, len - rest);
2618 memcpy(start, paddr, len - rest);
2622 memcpy(paddr + len - rest, dif_storep, rest);
2624 memcpy(dif_storep, paddr + len - rest, rest);
2627 sector += len / sizeof(*dif_storep);
2630 sg_miter_stop(&miter);
2633 static int prot_verify_read(struct scsi_cmnd *SCpnt, sector_t start_sec,
2634 unsigned int sectors, u32 ei_lba)
2637 struct t10_pi_tuple *sdt;
2640 for (i = 0; i < sectors; i++, ei_lba++) {
2643 sector = start_sec + i;
2644 sdt = dif_store(sector);
2646 if (sdt->app_tag == cpu_to_be16(0xffff))
2649 ret = dif_verify(sdt, lba2fake_store(sector), sector, ei_lba);
2656 dif_copy_prot(SCpnt, start_sec, sectors, true);
2662 static int resp_read_dt0(struct scsi_cmnd *scp, struct sdebug_dev_info *devip)
2664 u8 *cmd = scp->cmnd;
2665 struct sdebug_queued_cmd *sqcp;
2669 unsigned long iflags;
2676 lba = get_unaligned_be64(cmd + 2);
2677 num = get_unaligned_be32(cmd + 10);
2682 lba = get_unaligned_be32(cmd + 2);
2683 num = get_unaligned_be16(cmd + 7);
2688 lba = (u32)cmd[3] | (u32)cmd[2] << 8 |
2689 (u32)(cmd[1] & 0x1f) << 16;
2690 num = (0 == cmd[4]) ? 256 : cmd[4];
2695 lba = get_unaligned_be32(cmd + 2);
2696 num = get_unaligned_be32(cmd + 6);
2699 case XDWRITEREAD_10:
2701 lba = get_unaligned_be32(cmd + 2);
2702 num = get_unaligned_be16(cmd + 7);
2705 default: /* assume READ(32) */
2706 lba = get_unaligned_be64(cmd + 12);
2707 ei_lba = get_unaligned_be32(cmd + 20);
2708 num = get_unaligned_be32(cmd + 28);
2712 if (unlikely(have_dif_prot && check_prot)) {
2713 if (sdebug_dif == T10_PI_TYPE2_PROTECTION &&
2715 mk_sense_invalid_opcode(scp);
2716 return check_condition_result;
2718 if ((sdebug_dif == T10_PI_TYPE1_PROTECTION ||
2719 sdebug_dif == T10_PI_TYPE3_PROTECTION) &&
2720 (cmd[1] & 0xe0) == 0)
2721 sdev_printk(KERN_ERR, scp->device, "Unprotected RD "
2724 if (unlikely(sdebug_any_injecting_opt)) {
2725 sqcp = (struct sdebug_queued_cmd *)scp->host_scribble;
2728 if (sqcp->inj_short)
2734 ret = check_device_access_params(scp, lba, num, false);
2737 if (unlikely((SDEBUG_OPT_MEDIUM_ERR & sdebug_opts) &&
2738 (lba <= (sdebug_medium_error_start + sdebug_medium_error_count - 1)) &&
2739 ((lba + num) > sdebug_medium_error_start))) {
2740 /* claim unrecoverable read error */
2741 mk_sense_buffer(scp, MEDIUM_ERROR, UNRECOVERED_READ_ERR, 0);
2742 /* set info field and valid bit for fixed descriptor */
2743 if (0x70 == (scp->sense_buffer[0] & 0x7f)) {
2744 scp->sense_buffer[0] |= 0x80; /* Valid bit */
2745 ret = (lba < OPT_MEDIUM_ERR_ADDR)
2746 ? OPT_MEDIUM_ERR_ADDR : (int)lba;
2747 put_unaligned_be32(ret, scp->sense_buffer + 3);
2749 scsi_set_resid(scp, scsi_bufflen(scp));
2750 return check_condition_result;
2753 read_lock_irqsave(&atomic_rw, iflags);
2756 if (unlikely(sdebug_dix && scsi_prot_sg_count(scp))) {
2757 int prot_ret = prot_verify_read(scp, lba, num, ei_lba);
2760 read_unlock_irqrestore(&atomic_rw, iflags);
2761 mk_sense_buffer(scp, ABORTED_COMMAND, 0x10, prot_ret);
2762 return illegal_condition_result;
2766 ret = do_device_access(scp, 0, lba, num, false);
2767 read_unlock_irqrestore(&atomic_rw, iflags);
2768 if (unlikely(ret == -1))
2769 return DID_ERROR << 16;
2771 scsi_set_resid(scp, scsi_bufflen(scp) - ret);
2773 if (unlikely(sqcp)) {
2774 if (sqcp->inj_recovered) {
2775 mk_sense_buffer(scp, RECOVERED_ERROR,
2776 THRESHOLD_EXCEEDED, 0);
2777 return check_condition_result;
2778 } else if (sqcp->inj_transport) {
2779 mk_sense_buffer(scp, ABORTED_COMMAND,
2780 TRANSPORT_PROBLEM, ACK_NAK_TO);
2781 return check_condition_result;
2782 } else if (sqcp->inj_dif) {
2783 /* Logical block guard check failed */
2784 mk_sense_buffer(scp, ABORTED_COMMAND, 0x10, 1);
2785 return illegal_condition_result;
2786 } else if (sqcp->inj_dix) {
2787 mk_sense_buffer(scp, ILLEGAL_REQUEST, 0x10, 1);
2788 return illegal_condition_result;
2794 static void dump_sector(unsigned char *buf, int len)
2798 pr_err(">>> Sector Dump <<<\n");
2799 for (i = 0 ; i < len ; i += 16) {
2802 for (j = 0, n = 0; j < 16; j++) {
2803 unsigned char c = buf[i+j];
2805 if (c >= 0x20 && c < 0x7e)
2806 n += scnprintf(b + n, sizeof(b) - n,
2809 n += scnprintf(b + n, sizeof(b) - n,
2812 pr_err("%04d: %s\n", i, b);
2816 static int prot_verify_write(struct scsi_cmnd *SCpnt, sector_t start_sec,
2817 unsigned int sectors, u32 ei_lba)
2820 struct t10_pi_tuple *sdt;
2822 sector_t sector = start_sec;
2825 struct sg_mapping_iter diter;
2826 struct sg_mapping_iter piter;
2828 BUG_ON(scsi_sg_count(SCpnt) == 0);
2829 BUG_ON(scsi_prot_sg_count(SCpnt) == 0);
2831 sg_miter_start(&piter, scsi_prot_sglist(SCpnt),
2832 scsi_prot_sg_count(SCpnt),
2833 SG_MITER_ATOMIC | SG_MITER_FROM_SG);
2834 sg_miter_start(&diter, scsi_sglist(SCpnt), scsi_sg_count(SCpnt),
2835 SG_MITER_ATOMIC | SG_MITER_FROM_SG);
2837 /* For each protection page */
2838 while (sg_miter_next(&piter)) {
2840 if (WARN_ON(!sg_miter_next(&diter))) {
2845 for (ppage_offset = 0; ppage_offset < piter.length;
2846 ppage_offset += sizeof(struct t10_pi_tuple)) {
2847 /* If we're at the end of the current
2848 * data page advance to the next one
2850 if (dpage_offset >= diter.length) {
2851 if (WARN_ON(!sg_miter_next(&diter))) {
2858 sdt = piter.addr + ppage_offset;
2859 daddr = diter.addr + dpage_offset;
2861 ret = dif_verify(sdt, daddr, sector, ei_lba);
2863 dump_sector(daddr, sdebug_sector_size);
2869 dpage_offset += sdebug_sector_size;
2871 diter.consumed = dpage_offset;
2872 sg_miter_stop(&diter);
2874 sg_miter_stop(&piter);
2876 dif_copy_prot(SCpnt, start_sec, sectors, false);
2883 sg_miter_stop(&diter);
2884 sg_miter_stop(&piter);
2888 static unsigned long lba_to_map_index(sector_t lba)
2890 if (sdebug_unmap_alignment)
2891 lba += sdebug_unmap_granularity - sdebug_unmap_alignment;
2892 sector_div(lba, sdebug_unmap_granularity);
2896 static sector_t map_index_to_lba(unsigned long index)
2898 sector_t lba = index * sdebug_unmap_granularity;
2900 if (sdebug_unmap_alignment)
2901 lba -= sdebug_unmap_granularity - sdebug_unmap_alignment;
2905 static unsigned int map_state(sector_t lba, unsigned int *num)
2908 unsigned int mapped;
2909 unsigned long index;
2912 index = lba_to_map_index(lba);
2913 mapped = test_bit(index, map_storep);
2916 next = find_next_zero_bit(map_storep, map_size, index);
2918 next = find_next_bit(map_storep, map_size, index);
2920 end = min_t(sector_t, sdebug_store_sectors, map_index_to_lba(next));
2925 static void map_region(sector_t lba, unsigned int len)
2927 sector_t end = lba + len;
2930 unsigned long index = lba_to_map_index(lba);
2932 if (index < map_size)
2933 set_bit(index, map_storep);
2935 lba = map_index_to_lba(index + 1);
2939 static void unmap_region(sector_t lba, unsigned int len)
2941 sector_t end = lba + len;
2944 unsigned long index = lba_to_map_index(lba);
2946 if (lba == map_index_to_lba(index) &&
2947 lba + sdebug_unmap_granularity <= end &&
2949 clear_bit(index, map_storep);
2950 if (sdebug_lbprz) { /* for LBPRZ=2 return 0xff_s */
2951 memset(fake_storep +
2952 lba * sdebug_sector_size,
2953 (sdebug_lbprz & 1) ? 0 : 0xff,
2954 sdebug_sector_size *
2955 sdebug_unmap_granularity);
2958 memset(dif_storep + lba, 0xff,
2959 sizeof(*dif_storep) *
2960 sdebug_unmap_granularity);
2963 lba = map_index_to_lba(index + 1);
2967 static int resp_write_dt0(struct scsi_cmnd *scp, struct sdebug_dev_info *devip)
2969 u8 *cmd = scp->cmnd;
2973 unsigned long iflags;
2980 lba = get_unaligned_be64(cmd + 2);
2981 num = get_unaligned_be32(cmd + 10);
2986 lba = get_unaligned_be32(cmd + 2);
2987 num = get_unaligned_be16(cmd + 7);
2992 lba = (u32)cmd[3] | (u32)cmd[2] << 8 |
2993 (u32)(cmd[1] & 0x1f) << 16;
2994 num = (0 == cmd[4]) ? 256 : cmd[4];
2999 lba = get_unaligned_be32(cmd + 2);
3000 num = get_unaligned_be32(cmd + 6);
3003 case 0x53: /* XDWRITEREAD(10) */
3005 lba = get_unaligned_be32(cmd + 2);
3006 num = get_unaligned_be16(cmd + 7);
3009 default: /* assume WRITE(32) */
3010 lba = get_unaligned_be64(cmd + 12);
3011 ei_lba = get_unaligned_be32(cmd + 20);
3012 num = get_unaligned_be32(cmd + 28);
3016 if (unlikely(have_dif_prot && check_prot)) {
3017 if (sdebug_dif == T10_PI_TYPE2_PROTECTION &&
3019 mk_sense_invalid_opcode(scp);
3020 return check_condition_result;
3022 if ((sdebug_dif == T10_PI_TYPE1_PROTECTION ||
3023 sdebug_dif == T10_PI_TYPE3_PROTECTION) &&
3024 (cmd[1] & 0xe0) == 0)
3025 sdev_printk(KERN_ERR, scp->device, "Unprotected WR "
3028 ret = check_device_access_params(scp, lba, num, true);
3031 write_lock_irqsave(&atomic_rw, iflags);
3034 if (unlikely(sdebug_dix && scsi_prot_sg_count(scp))) {
3035 int prot_ret = prot_verify_write(scp, lba, num, ei_lba);
3038 write_unlock_irqrestore(&atomic_rw, iflags);
3039 mk_sense_buffer(scp, ILLEGAL_REQUEST, 0x10, prot_ret);
3040 return illegal_condition_result;
3044 ret = do_device_access(scp, 0, lba, num, true);
3045 if (unlikely(scsi_debug_lbp()))
3046 map_region(lba, num);
3047 write_unlock_irqrestore(&atomic_rw, iflags);
3048 if (unlikely(-1 == ret))
3049 return DID_ERROR << 16;
3050 else if (unlikely(sdebug_verbose &&
3051 (ret < (num * sdebug_sector_size))))
3052 sdev_printk(KERN_INFO, scp->device,
3053 "%s: write: cdb indicated=%u, IO sent=%d bytes\n",
3054 my_name, num * sdebug_sector_size, ret);
3056 if (unlikely(sdebug_any_injecting_opt)) {
3057 struct sdebug_queued_cmd *sqcp =
3058 (struct sdebug_queued_cmd *)scp->host_scribble;
3061 if (sqcp->inj_recovered) {
3062 mk_sense_buffer(scp, RECOVERED_ERROR,
3063 THRESHOLD_EXCEEDED, 0);
3064 return check_condition_result;
3065 } else if (sqcp->inj_dif) {
3066 /* Logical block guard check failed */
3067 mk_sense_buffer(scp, ABORTED_COMMAND, 0x10, 1);
3068 return illegal_condition_result;
3069 } else if (sqcp->inj_dix) {
3070 mk_sense_buffer(scp, ILLEGAL_REQUEST, 0x10, 1);
3071 return illegal_condition_result;
3079 * T10 has only specified WRITE SCATTERED(16) and WRITE SCATTERED(32).
3080 * No READ GATHERED yet (requires bidi or long cdb holding gather list).
3082 static int resp_write_scat(struct scsi_cmnd *scp,
3083 struct sdebug_dev_info *devip)
3085 u8 *cmd = scp->cmnd;
3089 u16 lbdof, num_lrd, k;
3090 u32 num, num_by, bt_len, lbdof_blen, sg_off, cum_lb;
3091 u32 lb_size = sdebug_sector_size;
3094 unsigned long iflags;
3097 static const u32 lrd_size = 32; /* + parameter list header size */
3099 if (cmd[0] == VARIABLE_LENGTH_CMD) {
3101 wrprotect = (cmd[10] >> 5) & 0x7;
3102 lbdof = get_unaligned_be16(cmd + 12);
3103 num_lrd = get_unaligned_be16(cmd + 16);
3104 bt_len = get_unaligned_be32(cmd + 28);
3105 } else { /* that leaves WRITE SCATTERED(16) */
3107 wrprotect = (cmd[2] >> 5) & 0x7;
3108 lbdof = get_unaligned_be16(cmd + 4);
3109 num_lrd = get_unaligned_be16(cmd + 8);
3110 bt_len = get_unaligned_be32(cmd + 10);
3111 if (unlikely(have_dif_prot)) {
3112 if (sdebug_dif == T10_PI_TYPE2_PROTECTION &&
3114 mk_sense_invalid_opcode(scp);
3115 return illegal_condition_result;
3117 if ((sdebug_dif == T10_PI_TYPE1_PROTECTION ||
3118 sdebug_dif == T10_PI_TYPE3_PROTECTION) &&
3120 sdev_printk(KERN_ERR, scp->device,
3121 "Unprotected WR to DIF device\n");
3124 if ((num_lrd == 0) || (bt_len == 0))
3125 return 0; /* T10 says these do-nothings are not errors */
3128 sdev_printk(KERN_INFO, scp->device,
3129 "%s: %s: LB Data Offset field bad\n",
3131 mk_sense_buffer(scp, ILLEGAL_REQUEST, INVALID_FIELD_IN_CDB, 0);
3132 return illegal_condition_result;
3134 lbdof_blen = lbdof * lb_size;
3135 if ((lrd_size + (num_lrd * lrd_size)) > lbdof_blen) {
3137 sdev_printk(KERN_INFO, scp->device,
3138 "%s: %s: LBA range descriptors don't fit\n",
3140 mk_sense_buffer(scp, ILLEGAL_REQUEST, INVALID_FIELD_IN_CDB, 0);
3141 return illegal_condition_result;
3143 lrdp = kzalloc(lbdof_blen, GFP_ATOMIC);
3145 return SCSI_MLQUEUE_HOST_BUSY;
3147 sdev_printk(KERN_INFO, scp->device,
3148 "%s: %s: Fetch header+scatter_list, lbdof_blen=%u\n",
3149 my_name, __func__, lbdof_blen);
3150 res = fetch_to_dev_buffer(scp, lrdp, lbdof_blen);
3152 ret = DID_ERROR << 16;
3156 write_lock_irqsave(&atomic_rw, iflags);
3157 sg_off = lbdof_blen;
3158 /* Spec says Buffer xfer Length field in number of LBs in dout */
3160 for (k = 0, up = lrdp + lrd_size; k < num_lrd; ++k, up += lrd_size) {
3161 lba = get_unaligned_be64(up + 0);
3162 num = get_unaligned_be32(up + 8);
3164 sdev_printk(KERN_INFO, scp->device,
3165 "%s: %s: k=%d LBA=0x%llx num=%u sg_off=%u\n",
3166 my_name, __func__, k, lba, num, sg_off);
3169 ret = check_device_access_params(scp, lba, num, true);
3171 goto err_out_unlock;
3172 num_by = num * lb_size;
3173 ei_lba = is_16 ? 0 : get_unaligned_be32(up + 12);
3175 if ((cum_lb + num) > bt_len) {
3177 sdev_printk(KERN_INFO, scp->device,
3178 "%s: %s: sum of blocks > data provided\n",
3180 mk_sense_buffer(scp, ILLEGAL_REQUEST, WRITE_ERROR_ASC,
3182 ret = illegal_condition_result;
3183 goto err_out_unlock;
3187 if (unlikely(sdebug_dix && scsi_prot_sg_count(scp))) {
3188 int prot_ret = prot_verify_write(scp, lba, num,
3192 mk_sense_buffer(scp, ILLEGAL_REQUEST, 0x10,
3194 ret = illegal_condition_result;
3195 goto err_out_unlock;
3199 ret = do_device_access(scp, sg_off, lba, num, true);
3200 if (unlikely(scsi_debug_lbp()))
3201 map_region(lba, num);
3202 if (unlikely(-1 == ret)) {
3203 ret = DID_ERROR << 16;
3204 goto err_out_unlock;
3205 } else if (unlikely(sdebug_verbose && (ret < num_by)))
3206 sdev_printk(KERN_INFO, scp->device,
3207 "%s: write: cdb indicated=%u, IO sent=%d bytes\n",
3208 my_name, num_by, ret);
3210 if (unlikely(sdebug_any_injecting_opt)) {
3211 struct sdebug_queued_cmd *sqcp =
3212 (struct sdebug_queued_cmd *)scp->host_scribble;
3215 if (sqcp->inj_recovered) {
3216 mk_sense_buffer(scp, RECOVERED_ERROR,
3217 THRESHOLD_EXCEEDED, 0);
3218 ret = illegal_condition_result;
3219 goto err_out_unlock;
3220 } else if (sqcp->inj_dif) {
3221 /* Logical block guard check failed */
3222 mk_sense_buffer(scp, ABORTED_COMMAND,
3224 ret = illegal_condition_result;
3225 goto err_out_unlock;
3226 } else if (sqcp->inj_dix) {
3227 mk_sense_buffer(scp, ILLEGAL_REQUEST,
3229 ret = illegal_condition_result;
3230 goto err_out_unlock;
3239 write_unlock_irqrestore(&atomic_rw, iflags);
3245 static int resp_write_same(struct scsi_cmnd *scp, u64 lba, u32 num,
3246 u32 ei_lba, bool unmap, bool ndob)
3249 unsigned long iflags;
3250 unsigned long long i;
3251 u32 lb_size = sdebug_sector_size;
3255 ret = check_device_access_params(scp, lba, num, true);
3259 write_lock_irqsave(&atomic_rw, iflags);
3261 if (unmap && scsi_debug_lbp()) {
3262 unmap_region(lba, num);
3266 block = do_div(lbaa, sdebug_store_sectors);
3267 /* if ndob then zero 1 logical block, else fetch 1 logical block */
3268 fs1p = fake_storep + (block * lb_size);
3270 memset(fs1p, 0, lb_size);
3273 ret = fetch_to_dev_buffer(scp, fs1p, lb_size);
3276 write_unlock_irqrestore(&atomic_rw, iflags);
3277 return DID_ERROR << 16;
3278 } else if (sdebug_verbose && !ndob && (ret < lb_size))
3279 sdev_printk(KERN_INFO, scp->device,
3280 "%s: %s: lb size=%u, IO sent=%d bytes\n",
3281 my_name, "write same", lb_size, ret);
3283 /* Copy first sector to remaining blocks */
3284 for (i = 1 ; i < num ; i++) {
3286 block = do_div(lbaa, sdebug_store_sectors);
3287 memmove(fake_storep + (block * lb_size), fs1p, lb_size);
3289 if (scsi_debug_lbp())
3290 map_region(lba, num);
3292 write_unlock_irqrestore(&atomic_rw, iflags);
3297 static int resp_write_same_10(struct scsi_cmnd *scp,
3298 struct sdebug_dev_info *devip)
3300 u8 *cmd = scp->cmnd;
3307 if (sdebug_lbpws10 == 0) {
3308 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 1, 3);
3309 return check_condition_result;
3313 lba = get_unaligned_be32(cmd + 2);
3314 num = get_unaligned_be16(cmd + 7);
3315 if (num > sdebug_write_same_length) {
3316 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 7, -1);
3317 return check_condition_result;
3319 return resp_write_same(scp, lba, num, ei_lba, unmap, false);
3322 static int resp_write_same_16(struct scsi_cmnd *scp,
3323 struct sdebug_dev_info *devip)
3325 u8 *cmd = scp->cmnd;
3332 if (cmd[1] & 0x8) { /* UNMAP */
3333 if (sdebug_lbpws == 0) {
3334 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 1, 3);
3335 return check_condition_result;
3339 if (cmd[1] & 0x1) /* NDOB (no data-out buffer, assumes zeroes) */
3341 lba = get_unaligned_be64(cmd + 2);
3342 num = get_unaligned_be32(cmd + 10);
3343 if (num > sdebug_write_same_length) {
3344 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 10, -1);
3345 return check_condition_result;
3347 return resp_write_same(scp, lba, num, ei_lba, unmap, ndob);
3350 /* Note the mode field is in the same position as the (lower) service action
3351 * field. For the Report supported operation codes command, SPC-4 suggests
3352 * each mode of this command should be reported separately; for future. */
3353 static int resp_write_buffer(struct scsi_cmnd *scp,
3354 struct sdebug_dev_info *devip)
3356 u8 *cmd = scp->cmnd;
3357 struct scsi_device *sdp = scp->device;
3358 struct sdebug_dev_info *dp;
3361 mode = cmd[1] & 0x1f;
3363 case 0x4: /* download microcode (MC) and activate (ACT) */
3364 /* set UAs on this device only */
3365 set_bit(SDEBUG_UA_BUS_RESET, devip->uas_bm);
3366 set_bit(SDEBUG_UA_MICROCODE_CHANGED, devip->uas_bm);
3368 case 0x5: /* download MC, save and ACT */
3369 set_bit(SDEBUG_UA_MICROCODE_CHANGED_WO_RESET, devip->uas_bm);
3371 case 0x6: /* download MC with offsets and ACT */
3372 /* set UAs on most devices (LUs) in this target */
3373 list_for_each_entry(dp,
3374 &devip->sdbg_host->dev_info_list,
3376 if (dp->target == sdp->id) {
3377 set_bit(SDEBUG_UA_BUS_RESET, dp->uas_bm);
3379 set_bit(SDEBUG_UA_MICROCODE_CHANGED,
3383 case 0x7: /* download MC with offsets, save, and ACT */
3384 /* set UA on all devices (LUs) in this target */
3385 list_for_each_entry(dp,
3386 &devip->sdbg_host->dev_info_list,
3388 if (dp->target == sdp->id)
3389 set_bit(SDEBUG_UA_MICROCODE_CHANGED_WO_RESET,
3393 /* do nothing for this command for other mode values */
3399 static int resp_comp_write(struct scsi_cmnd *scp,
3400 struct sdebug_dev_info *devip)
3402 u8 *cmd = scp->cmnd;
3404 u8 *fake_storep_hold;
3407 u32 lb_size = sdebug_sector_size;
3409 unsigned long iflags;
3413 lba = get_unaligned_be64(cmd + 2);
3414 num = cmd[13]; /* 1 to a maximum of 255 logical blocks */
3416 return 0; /* degenerate case, not an error */
3417 if (sdebug_dif == T10_PI_TYPE2_PROTECTION &&
3419 mk_sense_invalid_opcode(scp);
3420 return check_condition_result;
3422 if ((sdebug_dif == T10_PI_TYPE1_PROTECTION ||
3423 sdebug_dif == T10_PI_TYPE3_PROTECTION) &&
3424 (cmd[1] & 0xe0) == 0)
3425 sdev_printk(KERN_ERR, scp->device, "Unprotected WR "
3427 ret = check_device_access_params(scp, lba, num, false);
3431 arr = kcalloc(lb_size, dnum, GFP_ATOMIC);
3433 mk_sense_buffer(scp, ILLEGAL_REQUEST, INSUFF_RES_ASC,
3435 return check_condition_result;
3438 write_lock_irqsave(&atomic_rw, iflags);
3440 /* trick do_device_access() to fetch both compare and write buffers
3441 * from data-in into arr. Safe (atomic) since write_lock held. */
3442 fake_storep_hold = fake_storep;
3444 ret = do_device_access(scp, 0, 0, dnum, true);
3445 fake_storep = fake_storep_hold;
3447 retval = DID_ERROR << 16;
3449 } else if (sdebug_verbose && (ret < (dnum * lb_size)))
3450 sdev_printk(KERN_INFO, scp->device, "%s: compare_write: cdb "
3451 "indicated=%u, IO sent=%d bytes\n", my_name,
3452 dnum * lb_size, ret);
3453 if (!comp_write_worker(lba, num, arr)) {
3454 mk_sense_buffer(scp, MISCOMPARE, MISCOMPARE_VERIFY_ASC, 0);
3455 retval = check_condition_result;
3458 if (scsi_debug_lbp())
3459 map_region(lba, num);
3461 write_unlock_irqrestore(&atomic_rw, iflags);
3466 struct unmap_block_desc {
3472 static int resp_unmap(struct scsi_cmnd *scp, struct sdebug_dev_info *devip)
3475 struct unmap_block_desc *desc;
3476 unsigned int i, payload_len, descriptors;
3478 unsigned long iflags;
3481 if (!scsi_debug_lbp())
3482 return 0; /* fib and say its done */
3483 payload_len = get_unaligned_be16(scp->cmnd + 7);
3484 BUG_ON(scsi_bufflen(scp) != payload_len);
3486 descriptors = (payload_len - 8) / 16;
3487 if (descriptors > sdebug_unmap_max_desc) {
3488 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 7, -1);
3489 return check_condition_result;
3492 buf = kzalloc(scsi_bufflen(scp), GFP_ATOMIC);
3494 mk_sense_buffer(scp, ILLEGAL_REQUEST, INSUFF_RES_ASC,
3496 return check_condition_result;
3499 scsi_sg_copy_to_buffer(scp, buf, scsi_bufflen(scp));
3501 BUG_ON(get_unaligned_be16(&buf[0]) != payload_len - 2);
3502 BUG_ON(get_unaligned_be16(&buf[2]) != descriptors * 16);
3504 desc = (void *)&buf[8];
3506 write_lock_irqsave(&atomic_rw, iflags);
3508 for (i = 0 ; i < descriptors ; i++) {
3509 unsigned long long lba = get_unaligned_be64(&desc[i].lba);
3510 unsigned int num = get_unaligned_be32(&desc[i].blocks);
3512 ret = check_device_access_params(scp, lba, num, true);
3516 unmap_region(lba, num);
3522 write_unlock_irqrestore(&atomic_rw, iflags);
3528 #define SDEBUG_GET_LBA_STATUS_LEN 32
3530 static int resp_get_lba_status(struct scsi_cmnd *scp,
3531 struct sdebug_dev_info *devip)
3533 u8 *cmd = scp->cmnd;
3535 u32 alloc_len, mapped, num;
3536 u8 arr[SDEBUG_GET_LBA_STATUS_LEN];
3539 lba = get_unaligned_be64(cmd + 2);
3540 alloc_len = get_unaligned_be32(cmd + 10);
3545 ret = check_device_access_params(scp, lba, 1, false);
3549 if (scsi_debug_lbp())
3550 mapped = map_state(lba, &num);
3553 /* following just in case virtual_gb changed */
3554 sdebug_capacity = get_sdebug_capacity();
3555 if (sdebug_capacity - lba <= 0xffffffff)
3556 num = sdebug_capacity - lba;
3561 memset(arr, 0, SDEBUG_GET_LBA_STATUS_LEN);
3562 put_unaligned_be32(20, arr); /* Parameter Data Length */
3563 put_unaligned_be64(lba, arr + 8); /* LBA */
3564 put_unaligned_be32(num, arr + 16); /* Number of blocks */
3565 arr[20] = !mapped; /* prov_stat=0: mapped; 1: dealloc */
3567 return fill_from_dev_buffer(scp, arr, SDEBUG_GET_LBA_STATUS_LEN);
3570 static int resp_sync_cache(struct scsi_cmnd *scp,
3571 struct sdebug_dev_info *devip)
3576 u8 *cmd = scp->cmnd;
3578 if (cmd[0] == SYNCHRONIZE_CACHE) { /* 10 byte cdb */
3579 lba = get_unaligned_be32(cmd + 2);
3580 num_blocks = get_unaligned_be16(cmd + 7);
3581 } else { /* SYNCHRONIZE_CACHE(16) */
3582 lba = get_unaligned_be64(cmd + 2);
3583 num_blocks = get_unaligned_be32(cmd + 10);
3585 if (lba + num_blocks > sdebug_capacity) {
3586 mk_sense_buffer(scp, ILLEGAL_REQUEST, LBA_OUT_OF_RANGE, 0);
3587 return check_condition_result;
3589 if (!write_since_sync || cmd[1] & 0x2)
3590 res = SDEG_RES_IMMED_MASK;
3591 else /* delay if write_since_sync and IMMED clear */
3592 write_since_sync = false;
3596 #define RL_BUCKET_ELEMS 8
3598 /* Even though each pseudo target has a REPORT LUNS "well known logical unit"
3599 * (W-LUN), the normal Linux scanning logic does not associate it with a
3600 * device (e.g. /dev/sg7). The following magic will make that association:
3601 * "cd /sys/class/scsi_host/host<n> ; echo '- - 49409' > scan"
3602 * where <n> is a host number. If there are multiple targets in a host then
3603 * the above will associate a W-LUN to each target. To only get a W-LUN
3604 * for target 2, then use "echo '- 2 49409' > scan" .
3606 static int resp_report_luns(struct scsi_cmnd *scp,
3607 struct sdebug_dev_info *devip)
3609 unsigned char *cmd = scp->cmnd;
3610 unsigned int alloc_len;
3611 unsigned char select_report;
3613 struct scsi_lun *lun_p;
3614 u8 arr[RL_BUCKET_ELEMS * sizeof(struct scsi_lun)];
3615 unsigned int lun_cnt; /* normal LUN count (max: 256) */
3616 unsigned int wlun_cnt; /* report luns W-LUN count */
3617 unsigned int tlun_cnt; /* total LUN count */
3618 unsigned int rlen; /* response length (in bytes) */
3620 unsigned int off_rsp = 0;
3621 const int sz_lun = sizeof(struct scsi_lun);
3623 clear_luns_changed_on_target(devip);
3625 select_report = cmd[2];
3626 alloc_len = get_unaligned_be32(cmd + 6);
3628 if (alloc_len < 4) {
3629 pr_err("alloc len too small %d\n", alloc_len);
3630 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 6, -1);
3631 return check_condition_result;
3634 switch (select_report) {
3635 case 0: /* all LUNs apart from W-LUNs */
3636 lun_cnt = sdebug_max_luns;
3639 case 1: /* only W-LUNs */
3643 case 2: /* all LUNs */
3644 lun_cnt = sdebug_max_luns;
3647 case 0x10: /* only administrative LUs */
3648 case 0x11: /* see SPC-5 */
3649 case 0x12: /* only subsiduary LUs owned by referenced LU */
3651 pr_debug("select report invalid %d\n", select_report);
3652 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 2, -1);
3653 return check_condition_result;
3656 if (sdebug_no_lun_0 && (lun_cnt > 0))
3659 tlun_cnt = lun_cnt + wlun_cnt;
3660 rlen = tlun_cnt * sz_lun; /* excluding 8 byte header */
3661 scsi_set_resid(scp, scsi_bufflen(scp));
3662 pr_debug("select_report %d luns = %d wluns = %d no_lun0 %d\n",
3663 select_report, lun_cnt, wlun_cnt, sdebug_no_lun_0);
3665 /* loops rely on sizeof response header same as sizeof lun (both 8) */
3666 lun = sdebug_no_lun_0 ? 1 : 0;
3667 for (k = 0, j = 0, res = 0; true; ++k, j = 0) {
3668 memset(arr, 0, sizeof(arr));
3669 lun_p = (struct scsi_lun *)&arr[0];
3671 put_unaligned_be32(rlen, &arr[0]);
3675 for ( ; j < RL_BUCKET_ELEMS; ++j, ++lun_p) {
3676 if ((k * RL_BUCKET_ELEMS) + j > lun_cnt)
3678 int_to_scsilun(lun++, lun_p);
3680 if (j < RL_BUCKET_ELEMS)
3683 res = p_fill_from_dev_buffer(scp, arr, n, off_rsp);
3689 int_to_scsilun(SCSI_W_LUN_REPORT_LUNS, lun_p);
3693 res = p_fill_from_dev_buffer(scp, arr, j * sz_lun, off_rsp);
3697 static struct sdebug_queue *get_queue(struct scsi_cmnd *cmnd)
3699 u32 tag = blk_mq_unique_tag(cmnd->request);
3700 u16 hwq = blk_mq_unique_tag_to_hwq(tag);
3702 pr_debug("tag=%#x, hwq=%d\n", tag, hwq);
3703 if (WARN_ON_ONCE(hwq >= submit_queues))
3705 return sdebug_q_arr + hwq;
3708 /* Queued (deferred) command completions converge here. */
3709 static void sdebug_q_cmd_complete(struct sdebug_defer *sd_dp)
3711 bool aborted = sd_dp->aborted;
3714 unsigned long iflags;
3715 struct sdebug_queue *sqp;
3716 struct sdebug_queued_cmd *sqcp;
3717 struct scsi_cmnd *scp;
3718 struct sdebug_dev_info *devip;
3720 sd_dp->defer_t = SDEB_DEFER_NONE;
3721 if (unlikely(aborted))
3722 sd_dp->aborted = false;
3723 qc_idx = sd_dp->qc_idx;
3724 sqp = sdebug_q_arr + sd_dp->sqa_idx;
3725 if (sdebug_statistics) {
3726 atomic_inc(&sdebug_completions);
3727 if (raw_smp_processor_id() != sd_dp->issuing_cpu)
3728 atomic_inc(&sdebug_miss_cpus);
3730 if (unlikely((qc_idx < 0) || (qc_idx >= SDEBUG_CANQUEUE))) {
3731 pr_err("wild qc_idx=%d\n", qc_idx);
3734 spin_lock_irqsave(&sqp->qc_lock, iflags);
3735 sqcp = &sqp->qc_arr[qc_idx];
3737 if (unlikely(scp == NULL)) {
3738 spin_unlock_irqrestore(&sqp->qc_lock, iflags);
3739 pr_err("scp is NULL, sqa_idx=%d, qc_idx=%d\n",
3740 sd_dp->sqa_idx, qc_idx);
3743 devip = (struct sdebug_dev_info *)scp->device->hostdata;
3745 atomic_dec(&devip->num_in_q);
3747 pr_err("devip=NULL\n");
3748 if (unlikely(atomic_read(&retired_max_queue) > 0))
3751 sqcp->a_cmnd = NULL;
3752 if (unlikely(!test_and_clear_bit(qc_idx, sqp->in_use_bm))) {
3753 spin_unlock_irqrestore(&sqp->qc_lock, iflags);
3754 pr_err("Unexpected completion\n");
3758 if (unlikely(retiring)) { /* user has reduced max_queue */
3761 retval = atomic_read(&retired_max_queue);
3762 if (qc_idx >= retval) {
3763 spin_unlock_irqrestore(&sqp->qc_lock, iflags);
3764 pr_err("index %d too large\n", retval);
3767 k = find_last_bit(sqp->in_use_bm, retval);
3768 if ((k < sdebug_max_queue) || (k == retval))
3769 atomic_set(&retired_max_queue, 0);
3771 atomic_set(&retired_max_queue, k + 1);
3773 spin_unlock_irqrestore(&sqp->qc_lock, iflags);
3774 if (unlikely(aborted)) {
3776 pr_info("bypassing scsi_done() due to aborted cmd\n");
3779 scp->scsi_done(scp); /* callback to mid level */
3782 /* When high resolution timer goes off this function is called. */
3783 static enum hrtimer_restart sdebug_q_cmd_hrt_complete(struct hrtimer *timer)
3785 struct sdebug_defer *sd_dp = container_of(timer, struct sdebug_defer,
3787 sdebug_q_cmd_complete(sd_dp);
3788 return HRTIMER_NORESTART;
3791 /* When work queue schedules work, it calls this function. */
3792 static void sdebug_q_cmd_wq_complete(struct work_struct *work)
3794 struct sdebug_defer *sd_dp = container_of(work, struct sdebug_defer,
3796 sdebug_q_cmd_complete(sd_dp);
3799 static bool got_shared_uuid;
3800 static uuid_t shared_uuid;
3802 static struct sdebug_dev_info *sdebug_device_create(
3803 struct sdebug_host_info *sdbg_host, gfp_t flags)
3805 struct sdebug_dev_info *devip;
3807 devip = kzalloc(sizeof(*devip), flags);
3809 if (sdebug_uuid_ctl == 1)
3810 uuid_gen(&devip->lu_name);
3811 else if (sdebug_uuid_ctl == 2) {
3812 if (got_shared_uuid)
3813 devip->lu_name = shared_uuid;
3815 uuid_gen(&shared_uuid);
3816 got_shared_uuid = true;
3817 devip->lu_name = shared_uuid;
3820 devip->sdbg_host = sdbg_host;
3821 list_add_tail(&devip->dev_list, &sdbg_host->dev_info_list);
3826 static struct sdebug_dev_info *find_build_dev_info(struct scsi_device *sdev)
3828 struct sdebug_host_info *sdbg_host;
3829 struct sdebug_dev_info *open_devip = NULL;
3830 struct sdebug_dev_info *devip;
3832 sdbg_host = *(struct sdebug_host_info **)shost_priv(sdev->host);
3834 pr_err("Host info NULL\n");
3837 list_for_each_entry(devip, &sdbg_host->dev_info_list, dev_list) {
3838 if ((devip->used) && (devip->channel == sdev->channel) &&
3839 (devip->target == sdev->id) &&
3840 (devip->lun == sdev->lun))
3843 if ((!devip->used) && (!open_devip))
3847 if (!open_devip) { /* try and make a new one */
3848 open_devip = sdebug_device_create(sdbg_host, GFP_ATOMIC);
3850 pr_err("out of memory at line %d\n", __LINE__);
3855 open_devip->channel = sdev->channel;
3856 open_devip->target = sdev->id;
3857 open_devip->lun = sdev->lun;
3858 open_devip->sdbg_host = sdbg_host;
3859 atomic_set(&open_devip->num_in_q, 0);
3860 set_bit(SDEBUG_UA_POR, open_devip->uas_bm);
3861 open_devip->used = true;
3865 static int scsi_debug_slave_alloc(struct scsi_device *sdp)
3868 pr_info("slave_alloc <%u %u %u %llu>\n",
3869 sdp->host->host_no, sdp->channel, sdp->id, sdp->lun);
3873 static int scsi_debug_slave_configure(struct scsi_device *sdp)
3875 struct sdebug_dev_info *devip =
3876 (struct sdebug_dev_info *)sdp->hostdata;
3879 pr_info("slave_configure <%u %u %u %llu>\n",
3880 sdp->host->host_no, sdp->channel, sdp->id, sdp->lun);
3881 if (sdp->host->max_cmd_len != SDEBUG_MAX_CMD_LEN)
3882 sdp->host->max_cmd_len = SDEBUG_MAX_CMD_LEN;
3883 if (devip == NULL) {
3884 devip = find_build_dev_info(sdp);
3886 return 1; /* no resources, will be marked offline */
3888 sdp->hostdata = devip;
3890 sdp->no_uld_attach = 1;
3891 config_cdb_len(sdp);
3895 static void scsi_debug_slave_destroy(struct scsi_device *sdp)
3897 struct sdebug_dev_info *devip =
3898 (struct sdebug_dev_info *)sdp->hostdata;
3901 pr_info("slave_destroy <%u %u %u %llu>\n",
3902 sdp->host->host_no, sdp->channel, sdp->id, sdp->lun);
3904 /* make this slot available for re-use */
3905 devip->used = false;
3906 sdp->hostdata = NULL;
3910 static void stop_qc_helper(struct sdebug_defer *sd_dp,
3911 enum sdeb_defer_type defer_t)
3915 if (defer_t == SDEB_DEFER_HRT)
3916 hrtimer_cancel(&sd_dp->hrt);
3917 else if (defer_t == SDEB_DEFER_WQ)
3918 cancel_work_sync(&sd_dp->ew.work);
3921 /* If @cmnd found deletes its timer or work queue and returns true; else
3923 static bool stop_queued_cmnd(struct scsi_cmnd *cmnd)
3925 unsigned long iflags;
3926 int j, k, qmax, r_qmax;
3927 enum sdeb_defer_type l_defer_t;
3928 struct sdebug_queue *sqp;
3929 struct sdebug_queued_cmd *sqcp;
3930 struct sdebug_dev_info *devip;
3931 struct sdebug_defer *sd_dp;
3933 for (j = 0, sqp = sdebug_q_arr; j < submit_queues; ++j, ++sqp) {
3934 spin_lock_irqsave(&sqp->qc_lock, iflags);
3935 qmax = sdebug_max_queue;
3936 r_qmax = atomic_read(&retired_max_queue);
3939 for (k = 0; k < qmax; ++k) {
3940 if (test_bit(k, sqp->in_use_bm)) {
3941 sqcp = &sqp->qc_arr[k];
3942 if (cmnd != sqcp->a_cmnd)
3945 devip = (struct sdebug_dev_info *)
3946 cmnd->device->hostdata;
3948 atomic_dec(&devip->num_in_q);
3949 sqcp->a_cmnd = NULL;
3950 sd_dp = sqcp->sd_dp;
3952 l_defer_t = sd_dp->defer_t;
3953 sd_dp->defer_t = SDEB_DEFER_NONE;
3955 l_defer_t = SDEB_DEFER_NONE;
3956 spin_unlock_irqrestore(&sqp->qc_lock, iflags);
3957 stop_qc_helper(sd_dp, l_defer_t);
3958 clear_bit(k, sqp->in_use_bm);
3962 spin_unlock_irqrestore(&sqp->qc_lock, iflags);
3967 /* Deletes (stops) timers or work queues of all queued commands */
3968 static void stop_all_queued(void)
3970 unsigned long iflags;
3972 enum sdeb_defer_type l_defer_t;
3973 struct sdebug_queue *sqp;
3974 struct sdebug_queued_cmd *sqcp;
3975 struct sdebug_dev_info *devip;
3976 struct sdebug_defer *sd_dp;
3978 for (j = 0, sqp = sdebug_q_arr; j < submit_queues; ++j, ++sqp) {
3979 spin_lock_irqsave(&sqp->qc_lock, iflags);
3980 for (k = 0; k < SDEBUG_CANQUEUE; ++k) {
3981 if (test_bit(k, sqp->in_use_bm)) {
3982 sqcp = &sqp->qc_arr[k];
3983 if (sqcp->a_cmnd == NULL)
3985 devip = (struct sdebug_dev_info *)
3986 sqcp->a_cmnd->device->hostdata;
3988 atomic_dec(&devip->num_in_q);
3989 sqcp->a_cmnd = NULL;
3990 sd_dp = sqcp->sd_dp;
3992 l_defer_t = sd_dp->defer_t;
3993 sd_dp->defer_t = SDEB_DEFER_NONE;
3995 l_defer_t = SDEB_DEFER_NONE;
3996 spin_unlock_irqrestore(&sqp->qc_lock, iflags);
3997 stop_qc_helper(sd_dp, l_defer_t);
3998 clear_bit(k, sqp->in_use_bm);
3999 spin_lock_irqsave(&sqp->qc_lock, iflags);
4002 spin_unlock_irqrestore(&sqp->qc_lock, iflags);
4006 /* Free queued command memory on heap */
4007 static void free_all_queued(void)
4010 struct sdebug_queue *sqp;
4011 struct sdebug_queued_cmd *sqcp;
4013 for (j = 0, sqp = sdebug_q_arr; j < submit_queues; ++j, ++sqp) {
4014 for (k = 0; k < SDEBUG_CANQUEUE; ++k) {
4015 sqcp = &sqp->qc_arr[k];
4022 static int scsi_debug_abort(struct scsi_cmnd *SCpnt)
4028 ok = stop_queued_cmnd(SCpnt);
4029 if (SCpnt->device && (SDEBUG_OPT_ALL_NOISE & sdebug_opts))
4030 sdev_printk(KERN_INFO, SCpnt->device,
4031 "%s: command%s found\n", __func__,
4037 static int scsi_debug_device_reset(struct scsi_cmnd *SCpnt)
4040 if (SCpnt && SCpnt->device) {
4041 struct scsi_device *sdp = SCpnt->device;
4042 struct sdebug_dev_info *devip =
4043 (struct sdebug_dev_info *)sdp->hostdata;
4045 if (SDEBUG_OPT_ALL_NOISE & sdebug_opts)
4046 sdev_printk(KERN_INFO, sdp, "%s\n", __func__);
4048 set_bit(SDEBUG_UA_POR, devip->uas_bm);
4053 static int scsi_debug_target_reset(struct scsi_cmnd *SCpnt)
4055 struct sdebug_host_info *sdbg_host;
4056 struct sdebug_dev_info *devip;
4057 struct scsi_device *sdp;
4058 struct Scsi_Host *hp;
4061 ++num_target_resets;
4064 sdp = SCpnt->device;
4067 if (SDEBUG_OPT_ALL_NOISE & sdebug_opts)
4068 sdev_printk(KERN_INFO, sdp, "%s\n", __func__);
4072 sdbg_host = *(struct sdebug_host_info **)shost_priv(hp);
4074 list_for_each_entry(devip,
4075 &sdbg_host->dev_info_list,
4077 if (devip->target == sdp->id) {
4078 set_bit(SDEBUG_UA_BUS_RESET, devip->uas_bm);
4082 if (SDEBUG_OPT_RESET_NOISE & sdebug_opts)
4083 sdev_printk(KERN_INFO, sdp,
4084 "%s: %d device(s) found in target\n", __func__, k);
4089 static int scsi_debug_bus_reset(struct scsi_cmnd *SCpnt)
4091 struct sdebug_host_info *sdbg_host;
4092 struct sdebug_dev_info *devip;
4093 struct scsi_device *sdp;
4094 struct Scsi_Host *hp;
4098 if (!(SCpnt && SCpnt->device))
4100 sdp = SCpnt->device;
4101 if (SDEBUG_OPT_ALL_NOISE & sdebug_opts)
4102 sdev_printk(KERN_INFO, sdp, "%s\n", __func__);
4105 sdbg_host = *(struct sdebug_host_info **)shost_priv(hp);
4107 list_for_each_entry(devip,
4108 &sdbg_host->dev_info_list,
4110 set_bit(SDEBUG_UA_BUS_RESET, devip->uas_bm);
4115 if (SDEBUG_OPT_RESET_NOISE & sdebug_opts)
4116 sdev_printk(KERN_INFO, sdp,
4117 "%s: %d device(s) found in host\n", __func__, k);
4122 static int scsi_debug_host_reset(struct scsi_cmnd *SCpnt)
4124 struct sdebug_host_info *sdbg_host;
4125 struct sdebug_dev_info *devip;
4129 if ((SCpnt->device) && (SDEBUG_OPT_ALL_NOISE & sdebug_opts))
4130 sdev_printk(KERN_INFO, SCpnt->device, "%s\n", __func__);
4131 spin_lock(&sdebug_host_list_lock);
4132 list_for_each_entry(sdbg_host, &sdebug_host_list, host_list) {
4133 list_for_each_entry(devip, &sdbg_host->dev_info_list,
4135 set_bit(SDEBUG_UA_BUS_RESET, devip->uas_bm);
4139 spin_unlock(&sdebug_host_list_lock);
4141 if (SDEBUG_OPT_RESET_NOISE & sdebug_opts)
4142 sdev_printk(KERN_INFO, SCpnt->device,
4143 "%s: %d device(s) found\n", __func__, k);
4147 static void __init sdebug_build_parts(unsigned char *ramp,
4148 unsigned long store_size)
4150 struct msdos_partition *pp;
4151 int starts[SDEBUG_MAX_PARTS + 2];
4152 int sectors_per_part, num_sectors, k;
4153 int heads_by_sects, start_sec, end_sec;
4155 /* assume partition table already zeroed */
4156 if ((sdebug_num_parts < 1) || (store_size < 1048576))
4158 if (sdebug_num_parts > SDEBUG_MAX_PARTS) {
4159 sdebug_num_parts = SDEBUG_MAX_PARTS;
4160 pr_warn("reducing partitions to %d\n", SDEBUG_MAX_PARTS);
4162 num_sectors = (int)sdebug_store_sectors;
4163 sectors_per_part = (num_sectors - sdebug_sectors_per)
4165 heads_by_sects = sdebug_heads * sdebug_sectors_per;
4166 starts[0] = sdebug_sectors_per;
4167 for (k = 1; k < sdebug_num_parts; ++k)
4168 starts[k] = ((k * sectors_per_part) / heads_by_sects)
4170 starts[sdebug_num_parts] = num_sectors;
4171 starts[sdebug_num_parts + 1] = 0;
4173 ramp[510] = 0x55; /* magic partition markings */
4175 pp = (struct msdos_partition *)(ramp + 0x1be);
4176 for (k = 0; starts[k + 1]; ++k, ++pp) {
4177 start_sec = starts[k];
4178 end_sec = starts[k + 1] - 1;
4181 pp->cyl = start_sec / heads_by_sects;
4182 pp->head = (start_sec - (pp->cyl * heads_by_sects))
4183 / sdebug_sectors_per;
4184 pp->sector = (start_sec % sdebug_sectors_per) + 1;
4186 pp->end_cyl = end_sec / heads_by_sects;
4187 pp->end_head = (end_sec - (pp->end_cyl * heads_by_sects))
4188 / sdebug_sectors_per;
4189 pp->end_sector = (end_sec % sdebug_sectors_per) + 1;
4191 pp->start_sect = cpu_to_le32(start_sec);
4192 pp->nr_sects = cpu_to_le32(end_sec - start_sec + 1);
4193 pp->sys_ind = 0x83; /* plain Linux partition */
4197 static void block_unblock_all_queues(bool block)
4200 struct sdebug_queue *sqp;
4202 for (j = 0, sqp = sdebug_q_arr; j < submit_queues; ++j, ++sqp)
4203 atomic_set(&sqp->blocked, (int)block);
4206 /* Adjust (by rounding down) the sdebug_cmnd_count so abs(every_nth)-1
4207 * commands will be processed normally before triggers occur.
4209 static void tweak_cmnd_count(void)
4213 modulo = abs(sdebug_every_nth);
4216 block_unblock_all_queues(true);
4217 count = atomic_read(&sdebug_cmnd_count);
4218 atomic_set(&sdebug_cmnd_count, (count / modulo) * modulo);
4219 block_unblock_all_queues(false);
4222 static void clear_queue_stats(void)
4224 atomic_set(&sdebug_cmnd_count, 0);
4225 atomic_set(&sdebug_completions, 0);
4226 atomic_set(&sdebug_miss_cpus, 0);
4227 atomic_set(&sdebug_a_tsf, 0);
4230 static void setup_inject(struct sdebug_queue *sqp,
4231 struct sdebug_queued_cmd *sqcp)
4233 if ((atomic_read(&sdebug_cmnd_count) % abs(sdebug_every_nth)) > 0) {
4234 if (sdebug_every_nth > 0)
4235 sqcp->inj_recovered = sqcp->inj_transport
4237 = sqcp->inj_dix = sqcp->inj_short
4238 = sqcp->inj_host_busy = sqcp->inj_cmd_abort = 0;
4241 sqcp->inj_recovered = !!(SDEBUG_OPT_RECOVERED_ERR & sdebug_opts);
4242 sqcp->inj_transport = !!(SDEBUG_OPT_TRANSPORT_ERR & sdebug_opts);
4243 sqcp->inj_dif = !!(SDEBUG_OPT_DIF_ERR & sdebug_opts);
4244 sqcp->inj_dix = !!(SDEBUG_OPT_DIX_ERR & sdebug_opts);
4245 sqcp->inj_short = !!(SDEBUG_OPT_SHORT_TRANSFER & sdebug_opts);
4246 sqcp->inj_host_busy = !!(SDEBUG_OPT_HOST_BUSY & sdebug_opts);
4247 sqcp->inj_cmd_abort = !!(SDEBUG_OPT_CMD_ABORT & sdebug_opts);
4250 /* Complete the processing of the thread that queued a SCSI command to this
4251 * driver. It either completes the command by calling cmnd_done() or
4252 * schedules a hr timer or work queue then returns 0. Returns
4253 * SCSI_MLQUEUE_HOST_BUSY if temporarily out of resources.
4255 static int schedule_resp(struct scsi_cmnd *cmnd, struct sdebug_dev_info *devip,
4257 int (*pfp)(struct scsi_cmnd *,
4258 struct sdebug_dev_info *),
4259 int delta_jiff, int ndelay)
4261 unsigned long iflags;
4262 int k, num_in_q, qdepth, inject;
4263 struct sdebug_queue *sqp;
4264 struct sdebug_queued_cmd *sqcp;
4265 struct scsi_device *sdp;
4266 struct sdebug_defer *sd_dp;
4268 if (unlikely(devip == NULL)) {
4269 if (scsi_result == 0)
4270 scsi_result = DID_NO_CONNECT << 16;
4271 goto respond_in_thread;
4275 if (delta_jiff == 0)
4276 goto respond_in_thread;
4278 /* schedule the response at a later time if resources permit */
4279 sqp = get_queue(cmnd);
4280 spin_lock_irqsave(&sqp->qc_lock, iflags);
4281 if (unlikely(atomic_read(&sqp->blocked))) {
4282 spin_unlock_irqrestore(&sqp->qc_lock, iflags);
4283 return SCSI_MLQUEUE_HOST_BUSY;
4285 num_in_q = atomic_read(&devip->num_in_q);
4286 qdepth = cmnd->device->queue_depth;
4288 if (unlikely((qdepth > 0) && (num_in_q >= qdepth))) {
4290 spin_unlock_irqrestore(&sqp->qc_lock, iflags);
4291 goto respond_in_thread;
4293 scsi_result = device_qfull_result;
4294 } else if (unlikely(sdebug_every_nth &&
4295 (SDEBUG_OPT_RARE_TSF & sdebug_opts) &&
4296 (scsi_result == 0))) {
4297 if ((num_in_q == (qdepth - 1)) &&
4298 (atomic_inc_return(&sdebug_a_tsf) >=
4299 abs(sdebug_every_nth))) {
4300 atomic_set(&sdebug_a_tsf, 0);
4302 scsi_result = device_qfull_result;
4306 k = find_first_zero_bit(sqp->in_use_bm, sdebug_max_queue);
4307 if (unlikely(k >= sdebug_max_queue)) {
4308 spin_unlock_irqrestore(&sqp->qc_lock, iflags);
4310 goto respond_in_thread;
4311 else if (SDEBUG_OPT_ALL_TSF & sdebug_opts)
4312 scsi_result = device_qfull_result;
4313 if (SDEBUG_OPT_Q_NOISE & sdebug_opts)
4314 sdev_printk(KERN_INFO, sdp,
4315 "%s: max_queue=%d exceeded, %s\n",
4316 __func__, sdebug_max_queue,
4317 (scsi_result ? "status: TASK SET FULL" :
4318 "report: host busy"));
4320 goto respond_in_thread;
4322 return SCSI_MLQUEUE_HOST_BUSY;
4324 __set_bit(k, sqp->in_use_bm);
4325 atomic_inc(&devip->num_in_q);
4326 sqcp = &sqp->qc_arr[k];
4327 sqcp->a_cmnd = cmnd;
4328 cmnd->host_scribble = (unsigned char *)sqcp;
4329 sd_dp = sqcp->sd_dp;
4330 spin_unlock_irqrestore(&sqp->qc_lock, iflags);
4331 if (unlikely(sdebug_every_nth && sdebug_any_injecting_opt))
4332 setup_inject(sqp, sqcp);
4333 if (sd_dp == NULL) {
4334 sd_dp = kzalloc(sizeof(*sd_dp), GFP_ATOMIC);
4336 return SCSI_MLQUEUE_HOST_BUSY;
4339 cmnd->result = pfp != NULL ? pfp(cmnd, devip) : 0;
4340 if (cmnd->result & SDEG_RES_IMMED_MASK) {
4342 * This is the F_DELAY_OVERR case. No delay.
4344 cmnd->result &= ~SDEG_RES_IMMED_MASK;
4345 delta_jiff = ndelay = 0;
4347 if (cmnd->result == 0 && scsi_result != 0)
4348 cmnd->result = scsi_result;
4350 if (unlikely(sdebug_verbose && cmnd->result))
4351 sdev_printk(KERN_INFO, sdp, "%s: non-zero result=0x%x\n",
4352 __func__, cmnd->result);
4354 if (delta_jiff > 0 || ndelay > 0) {
4357 if (delta_jiff > 0) {
4358 kt = ns_to_ktime((u64)delta_jiff * (NSEC_PER_SEC / HZ));
4361 if (!sd_dp->init_hrt) {
4362 sd_dp->init_hrt = true;
4363 sqcp->sd_dp = sd_dp;
4364 hrtimer_init(&sd_dp->hrt, CLOCK_MONOTONIC,
4365 HRTIMER_MODE_REL_PINNED);
4366 sd_dp->hrt.function = sdebug_q_cmd_hrt_complete;
4367 sd_dp->sqa_idx = sqp - sdebug_q_arr;
4370 if (sdebug_statistics)
4371 sd_dp->issuing_cpu = raw_smp_processor_id();
4372 sd_dp->defer_t = SDEB_DEFER_HRT;
4373 hrtimer_start(&sd_dp->hrt, kt, HRTIMER_MODE_REL_PINNED);
4374 } else { /* jdelay < 0, use work queue */
4375 if (!sd_dp->init_wq) {
4376 sd_dp->init_wq = true;
4377 sqcp->sd_dp = sd_dp;
4378 sd_dp->sqa_idx = sqp - sdebug_q_arr;
4380 INIT_WORK(&sd_dp->ew.work, sdebug_q_cmd_wq_complete);
4382 if (sdebug_statistics)
4383 sd_dp->issuing_cpu = raw_smp_processor_id();
4384 sd_dp->defer_t = SDEB_DEFER_WQ;
4385 if (unlikely(sqcp->inj_cmd_abort))
4386 sd_dp->aborted = true;
4387 schedule_work(&sd_dp->ew.work);
4388 if (unlikely(sqcp->inj_cmd_abort)) {
4389 sdev_printk(KERN_INFO, sdp, "abort request tag %d\n",
4390 cmnd->request->tag);
4391 blk_abort_request(cmnd->request);
4394 if (unlikely((SDEBUG_OPT_Q_NOISE & sdebug_opts) &&
4395 (scsi_result == device_qfull_result)))
4396 sdev_printk(KERN_INFO, sdp,
4397 "%s: num_in_q=%d +1, %s%s\n", __func__,
4398 num_in_q, (inject ? "<inject> " : ""),
4399 "status: TASK SET FULL");
4402 respond_in_thread: /* call back to mid-layer using invocation thread */
4403 cmnd->result = pfp != NULL ? pfp(cmnd, devip) : 0;
4404 cmnd->result &= ~SDEG_RES_IMMED_MASK;
4405 if (cmnd->result == 0 && scsi_result != 0)
4406 cmnd->result = scsi_result;
4407 cmnd->scsi_done(cmnd);
4411 /* Note: The following macros create attribute files in the
4412 /sys/module/scsi_debug/parameters directory. Unfortunately this
4413 driver is unaware of a change and cannot trigger auxiliary actions
4414 as it can when the corresponding attribute in the
4415 /sys/bus/pseudo/drivers/scsi_debug directory is changed.
4417 module_param_named(add_host, sdebug_add_host, int, S_IRUGO | S_IWUSR);
4418 module_param_named(ato, sdebug_ato, int, S_IRUGO);
4419 module_param_named(cdb_len, sdebug_cdb_len, int, 0644);
4420 module_param_named(clustering, sdebug_clustering, bool, S_IRUGO | S_IWUSR);
4421 module_param_named(delay, sdebug_jdelay, int, S_IRUGO | S_IWUSR);
4422 module_param_named(dev_size_mb, sdebug_dev_size_mb, int, S_IRUGO);
4423 module_param_named(dif, sdebug_dif, int, S_IRUGO);
4424 module_param_named(dix, sdebug_dix, int, S_IRUGO);
4425 module_param_named(dsense, sdebug_dsense, int, S_IRUGO | S_IWUSR);
4426 module_param_named(every_nth, sdebug_every_nth, int, S_IRUGO | S_IWUSR);
4427 module_param_named(fake_rw, sdebug_fake_rw, int, S_IRUGO | S_IWUSR);
4428 module_param_named(guard, sdebug_guard, uint, S_IRUGO);
4429 module_param_named(host_lock, sdebug_host_lock, bool, S_IRUGO | S_IWUSR);
4430 module_param_string(inq_vendor, sdebug_inq_vendor_id,
4431 sizeof(sdebug_inq_vendor_id), S_IRUGO|S_IWUSR);
4432 module_param_string(inq_product, sdebug_inq_product_id,
4433 sizeof(sdebug_inq_product_id), S_IRUGO|S_IWUSR);
4434 module_param_string(inq_rev, sdebug_inq_product_rev,
4435 sizeof(sdebug_inq_product_rev), S_IRUGO|S_IWUSR);
4436 module_param_named(lbpu, sdebug_lbpu, int, S_IRUGO);
4437 module_param_named(lbpws, sdebug_lbpws, int, S_IRUGO);
4438 module_param_named(lbpws10, sdebug_lbpws10, int, S_IRUGO);
4439 module_param_named(lbprz, sdebug_lbprz, int, S_IRUGO);
4440 module_param_named(lowest_aligned, sdebug_lowest_aligned, int, S_IRUGO);
4441 module_param_named(max_luns, sdebug_max_luns, int, S_IRUGO | S_IWUSR);
4442 module_param_named(max_queue, sdebug_max_queue, int, S_IRUGO | S_IWUSR);
4443 module_param_named(medium_error_start, sdebug_medium_error_start, int, S_IRUGO | S_IWUSR);
4444 module_param_named(medium_error_count, sdebug_medium_error_count, int, S_IRUGO | S_IWUSR);
4445 module_param_named(ndelay, sdebug_ndelay, int, S_IRUGO | S_IWUSR);
4446 module_param_named(no_lun_0, sdebug_no_lun_0, int, S_IRUGO | S_IWUSR);
4447 module_param_named(no_uld, sdebug_no_uld, int, S_IRUGO);
4448 module_param_named(num_parts, sdebug_num_parts, int, S_IRUGO);
4449 module_param_named(num_tgts, sdebug_num_tgts, int, S_IRUGO | S_IWUSR);
4450 module_param_named(opt_blks, sdebug_opt_blks, int, S_IRUGO);
4451 module_param_named(opts, sdebug_opts, int, S_IRUGO | S_IWUSR);
4452 module_param_named(physblk_exp, sdebug_physblk_exp, int, S_IRUGO);
4453 module_param_named(opt_xferlen_exp, sdebug_opt_xferlen_exp, int, S_IRUGO);
4454 module_param_named(ptype, sdebug_ptype, int, S_IRUGO | S_IWUSR);
4455 module_param_named(removable, sdebug_removable, bool, S_IRUGO | S_IWUSR);
4456 module_param_named(scsi_level, sdebug_scsi_level, int, S_IRUGO);
4457 module_param_named(sector_size, sdebug_sector_size, int, S_IRUGO);
4458 module_param_named(statistics, sdebug_statistics, bool, S_IRUGO | S_IWUSR);
4459 module_param_named(strict, sdebug_strict, bool, S_IRUGO | S_IWUSR);
4460 module_param_named(submit_queues, submit_queues, int, S_IRUGO);
4461 module_param_named(unmap_alignment, sdebug_unmap_alignment, int, S_IRUGO);
4462 module_param_named(unmap_granularity, sdebug_unmap_granularity, int, S_IRUGO);
4463 module_param_named(unmap_max_blocks, sdebug_unmap_max_blocks, int, S_IRUGO);
4464 module_param_named(unmap_max_desc, sdebug_unmap_max_desc, int, S_IRUGO);
4465 module_param_named(virtual_gb, sdebug_virtual_gb, int, S_IRUGO | S_IWUSR);
4466 module_param_named(uuid_ctl, sdebug_uuid_ctl, int, S_IRUGO);
4467 module_param_named(vpd_use_hostno, sdebug_vpd_use_hostno, int,
4469 module_param_named(wp, sdebug_wp, bool, S_IRUGO | S_IWUSR);
4470 module_param_named(write_same_length, sdebug_write_same_length, int,
4473 MODULE_AUTHOR("Eric Youngdale + Douglas Gilbert");
4474 MODULE_DESCRIPTION("SCSI debug adapter driver");
4475 MODULE_LICENSE("GPL");
4476 MODULE_VERSION(SDEBUG_VERSION);
4478 MODULE_PARM_DESC(add_host, "0..127 hosts allowed(def=1)");
4479 MODULE_PARM_DESC(ato, "application tag ownership: 0=disk 1=host (def=1)");
4480 MODULE_PARM_DESC(cdb_len, "suggest CDB lengths to drivers (def=10)");
4481 MODULE_PARM_DESC(clustering, "when set enables larger transfers (def=0)");
4482 MODULE_PARM_DESC(delay, "response delay (def=1 jiffy); 0:imm, -1,-2:tiny");
4483 MODULE_PARM_DESC(dev_size_mb, "size in MiB of ram shared by devs(def=8)");
4484 MODULE_PARM_DESC(dif, "data integrity field type: 0-3 (def=0)");
4485 MODULE_PARM_DESC(dix, "data integrity extensions mask (def=0)");
4486 MODULE_PARM_DESC(dsense, "use descriptor sense format(def=0 -> fixed)");
4487 MODULE_PARM_DESC(every_nth, "timeout every nth command(def=0)");
4488 MODULE_PARM_DESC(fake_rw, "fake reads/writes instead of copying (def=0)");
4489 MODULE_PARM_DESC(guard, "protection checksum: 0=crc, 1=ip (def=0)");
4490 MODULE_PARM_DESC(host_lock, "host_lock is ignored (def=0)");
4491 MODULE_PARM_DESC(inq_vendor, "SCSI INQUIRY vendor string (def=\"Linux\")");
4492 MODULE_PARM_DESC(inq_product, "SCSI INQUIRY product string (def=\"scsi_debug\")");
4493 MODULE_PARM_DESC(inq_rev, "SCSI INQUIRY revision string (def=\""
4494 SDEBUG_VERSION "\")");
4495 MODULE_PARM_DESC(lbpu, "enable LBP, support UNMAP command (def=0)");
4496 MODULE_PARM_DESC(lbpws, "enable LBP, support WRITE SAME(16) with UNMAP bit (def=0)");
4497 MODULE_PARM_DESC(lbpws10, "enable LBP, support WRITE SAME(10) with UNMAP bit (def=0)");
4498 MODULE_PARM_DESC(lbprz,
4499 "on read unmapped LBs return 0 when 1 (def), return 0xff when 2");
4500 MODULE_PARM_DESC(lowest_aligned, "lowest aligned lba (def=0)");
4501 MODULE_PARM_DESC(max_luns, "number of LUNs per target to simulate(def=1)");
4502 MODULE_PARM_DESC(max_queue, "max number of queued commands (1 to max(def))");
4503 MODULE_PARM_DESC(medium_error_start, "starting sector number to return MEDIUM error");
4504 MODULE_PARM_DESC(medium_error_count, "count of sectors to return follow on MEDIUM error");
4505 MODULE_PARM_DESC(ndelay, "response delay in nanoseconds (def=0 -> ignore)");
4506 MODULE_PARM_DESC(no_lun_0, "no LU number 0 (def=0 -> have lun 0)");
4507 MODULE_PARM_DESC(no_uld, "stop ULD (e.g. sd driver) attaching (def=0))");
4508 MODULE_PARM_DESC(num_parts, "number of partitions(def=0)");
4509 MODULE_PARM_DESC(num_tgts, "number of targets per host to simulate(def=1)");
4510 MODULE_PARM_DESC(opt_blks, "optimal transfer length in blocks (def=1024)");
4511 MODULE_PARM_DESC(opts, "1->noise, 2->medium_err, 4->timeout, 8->recovered_err... (def=0)");
4512 MODULE_PARM_DESC(physblk_exp, "physical block exponent (def=0)");
4513 MODULE_PARM_DESC(opt_xferlen_exp, "optimal transfer length granularity exponent (def=physblk_exp)");
4514 MODULE_PARM_DESC(ptype, "SCSI peripheral type(def=0[disk])");
4515 MODULE_PARM_DESC(removable, "claim to have removable media (def=0)");
4516 MODULE_PARM_DESC(scsi_level, "SCSI level to simulate(def=7[SPC-5])");
4517 MODULE_PARM_DESC(sector_size, "logical block size in bytes (def=512)");
4518 MODULE_PARM_DESC(statistics, "collect statistics on commands, queues (def=0)");
4519 MODULE_PARM_DESC(strict, "stricter checks: reserved field in cdb (def=0)");
4520 MODULE_PARM_DESC(submit_queues, "support for block multi-queue (def=1)");
4521 MODULE_PARM_DESC(unmap_alignment, "lowest aligned thin provisioning lba (def=0)");
4522 MODULE_PARM_DESC(unmap_granularity, "thin provisioning granularity in blocks (def=1)");
4523 MODULE_PARM_DESC(unmap_max_blocks, "max # of blocks can be unmapped in one cmd (def=0xffffffff)");
4524 MODULE_PARM_DESC(unmap_max_desc, "max # of ranges that can be unmapped in one cmd (def=256)");
4525 MODULE_PARM_DESC(uuid_ctl,
4526 "1->use uuid for lu name, 0->don't, 2->all use same (def=0)");
4527 MODULE_PARM_DESC(virtual_gb, "virtual gigabyte (GiB) size (def=0 -> use dev_size_mb)");
4528 MODULE_PARM_DESC(vpd_use_hostno, "0 -> dev ids ignore hostno (def=1 -> unique dev ids)");
4529 MODULE_PARM_DESC(wp, "Write Protect (def=0)");
4530 MODULE_PARM_DESC(write_same_length, "Maximum blocks per WRITE SAME cmd (def=0xffff)");
4532 #define SDEBUG_INFO_LEN 256
4533 static char sdebug_info[SDEBUG_INFO_LEN];
4535 static const char *scsi_debug_info(struct Scsi_Host *shp)
4539 k = scnprintf(sdebug_info, SDEBUG_INFO_LEN, "%s: version %s [%s]\n",
4540 my_name, SDEBUG_VERSION, sdebug_version_date);
4541 if (k >= (SDEBUG_INFO_LEN - 1))
4543 scnprintf(sdebug_info + k, SDEBUG_INFO_LEN - k,
4544 " dev_size_mb=%d, opts=0x%x, submit_queues=%d, %s=%d",
4545 sdebug_dev_size_mb, sdebug_opts, submit_queues,
4546 "statistics", (int)sdebug_statistics);
4550 /* 'echo <val> > /proc/scsi/scsi_debug/<host_id>' writes to opts */
4551 static int scsi_debug_write_info(struct Scsi_Host *host, char *buffer,
4556 int minLen = length > 15 ? 15 : length;
4558 if (!capable(CAP_SYS_ADMIN) || !capable(CAP_SYS_RAWIO))
4560 memcpy(arr, buffer, minLen);
4562 if (1 != sscanf(arr, "%d", &opts))
4565 sdebug_verbose = !!(SDEBUG_OPT_NOISE & opts);
4566 sdebug_any_injecting_opt = !!(SDEBUG_OPT_ALL_INJECTING & opts);
4567 if (sdebug_every_nth != 0)
4572 /* Output seen with 'cat /proc/scsi/scsi_debug/<host_id>'. It will be the
4573 * same for each scsi_debug host (if more than one). Some of the counters
4574 * output are not atomics so might be inaccurate in a busy system. */
4575 static int scsi_debug_show_info(struct seq_file *m, struct Scsi_Host *host)
4578 struct sdebug_queue *sqp;
4580 seq_printf(m, "scsi_debug adapter driver, version %s [%s]\n",
4581 SDEBUG_VERSION, sdebug_version_date);
4582 seq_printf(m, "num_tgts=%d, %ssize=%d MB, opts=0x%x, every_nth=%d\n",
4583 sdebug_num_tgts, "shared (ram) ", sdebug_dev_size_mb,
4584 sdebug_opts, sdebug_every_nth);
4585 seq_printf(m, "delay=%d, ndelay=%d, max_luns=%d, sector_size=%d %s\n",
4586 sdebug_jdelay, sdebug_ndelay, sdebug_max_luns,
4587 sdebug_sector_size, "bytes");
4588 seq_printf(m, "cylinders=%d, heads=%d, sectors=%d, command aborts=%d\n",
4589 sdebug_cylinders_per, sdebug_heads, sdebug_sectors_per,
4591 seq_printf(m, "RESETs: device=%d, target=%d, bus=%d, host=%d\n",
4592 num_dev_resets, num_target_resets, num_bus_resets,
4594 seq_printf(m, "dix_reads=%d, dix_writes=%d, dif_errors=%d\n",
4595 dix_reads, dix_writes, dif_errors);
4596 seq_printf(m, "usec_in_jiffy=%lu, statistics=%d\n", TICK_NSEC / 1000,
4598 seq_printf(m, "cmnd_count=%d, completions=%d, %s=%d, a_tsf=%d\n",
4599 atomic_read(&sdebug_cmnd_count),
4600 atomic_read(&sdebug_completions),
4601 "miss_cpus", atomic_read(&sdebug_miss_cpus),
4602 atomic_read(&sdebug_a_tsf));
4604 seq_printf(m, "submit_queues=%d\n", submit_queues);
4605 for (j = 0, sqp = sdebug_q_arr; j < submit_queues; ++j, ++sqp) {
4606 seq_printf(m, " queue %d:\n", j);
4607 f = find_first_bit(sqp->in_use_bm, sdebug_max_queue);
4608 if (f != sdebug_max_queue) {
4609 l = find_last_bit(sqp->in_use_bm, sdebug_max_queue);
4610 seq_printf(m, " in_use_bm BUSY: %s: %d,%d\n",
4611 "first,last bits", f, l);
4617 static ssize_t delay_show(struct device_driver *ddp, char *buf)
4619 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_jdelay);
4621 /* Returns -EBUSY if jdelay is being changed and commands are queued. The unit
4622 * of delay is jiffies.
4624 static ssize_t delay_store(struct device_driver *ddp, const char *buf,
4629 if (count > 0 && sscanf(buf, "%d", &jdelay) == 1) {
4631 if (sdebug_jdelay != jdelay) {
4633 struct sdebug_queue *sqp;
4635 block_unblock_all_queues(true);
4636 for (j = 0, sqp = sdebug_q_arr; j < submit_queues;
4638 k = find_first_bit(sqp->in_use_bm,
4640 if (k != sdebug_max_queue) {
4641 res = -EBUSY; /* queued commands */
4646 sdebug_jdelay = jdelay;
4649 block_unblock_all_queues(false);
4655 static DRIVER_ATTR_RW(delay);
4657 static ssize_t ndelay_show(struct device_driver *ddp, char *buf)
4659 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_ndelay);
4661 /* Returns -EBUSY if ndelay is being changed and commands are queued */
4662 /* If > 0 and accepted then sdebug_jdelay is set to JDELAY_OVERRIDDEN */
4663 static ssize_t ndelay_store(struct device_driver *ddp, const char *buf,
4668 if ((count > 0) && (1 == sscanf(buf, "%d", &ndelay)) &&
4669 (ndelay >= 0) && (ndelay < (1000 * 1000 * 1000))) {
4671 if (sdebug_ndelay != ndelay) {
4673 struct sdebug_queue *sqp;
4675 block_unblock_all_queues(true);
4676 for (j = 0, sqp = sdebug_q_arr; j < submit_queues;
4678 k = find_first_bit(sqp->in_use_bm,
4680 if (k != sdebug_max_queue) {
4681 res = -EBUSY; /* queued commands */
4686 sdebug_ndelay = ndelay;
4687 sdebug_jdelay = ndelay ? JDELAY_OVERRIDDEN
4690 block_unblock_all_queues(false);
4696 static DRIVER_ATTR_RW(ndelay);
4698 static ssize_t opts_show(struct device_driver *ddp, char *buf)
4700 return scnprintf(buf, PAGE_SIZE, "0x%x\n", sdebug_opts);
4703 static ssize_t opts_store(struct device_driver *ddp, const char *buf,
4709 if (sscanf(buf, "%10s", work) == 1) {
4710 if (strncasecmp(work, "0x", 2) == 0) {
4711 if (kstrtoint(work + 2, 16, &opts) == 0)
4714 if (kstrtoint(work, 10, &opts) == 0)
4721 sdebug_verbose = !!(SDEBUG_OPT_NOISE & opts);
4722 sdebug_any_injecting_opt = !!(SDEBUG_OPT_ALL_INJECTING & opts);
4726 static DRIVER_ATTR_RW(opts);
4728 static ssize_t ptype_show(struct device_driver *ddp, char *buf)
4730 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_ptype);
4732 static ssize_t ptype_store(struct device_driver *ddp, const char *buf,
4737 if ((count > 0) && (1 == sscanf(buf, "%d", &n)) && (n >= 0)) {
4743 static DRIVER_ATTR_RW(ptype);
4745 static ssize_t dsense_show(struct device_driver *ddp, char *buf)
4747 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_dsense);
4749 static ssize_t dsense_store(struct device_driver *ddp, const char *buf,
4754 if ((count > 0) && (1 == sscanf(buf, "%d", &n)) && (n >= 0)) {
4760 static DRIVER_ATTR_RW(dsense);
4762 static ssize_t fake_rw_show(struct device_driver *ddp, char *buf)
4764 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_fake_rw);
4766 static ssize_t fake_rw_store(struct device_driver *ddp, const char *buf,
4771 if ((count > 0) && (1 == sscanf(buf, "%d", &n)) && (n >= 0)) {
4773 sdebug_fake_rw = (sdebug_fake_rw > 0);
4774 if (sdebug_fake_rw != n) {
4775 if ((0 == n) && (NULL == fake_storep)) {
4777 (unsigned long)sdebug_dev_size_mb *
4780 fake_storep = vzalloc(sz);
4781 if (NULL == fake_storep) {
4782 pr_err("out of memory, 9\n");
4792 static DRIVER_ATTR_RW(fake_rw);
4794 static ssize_t no_lun_0_show(struct device_driver *ddp, char *buf)
4796 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_no_lun_0);
4798 static ssize_t no_lun_0_store(struct device_driver *ddp, const char *buf,
4803 if ((count > 0) && (1 == sscanf(buf, "%d", &n)) && (n >= 0)) {
4804 sdebug_no_lun_0 = n;
4809 static DRIVER_ATTR_RW(no_lun_0);
4811 static ssize_t num_tgts_show(struct device_driver *ddp, char *buf)
4813 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_num_tgts);
4815 static ssize_t num_tgts_store(struct device_driver *ddp, const char *buf,
4820 if ((count > 0) && (1 == sscanf(buf, "%d", &n)) && (n >= 0)) {
4821 sdebug_num_tgts = n;
4822 sdebug_max_tgts_luns();
4827 static DRIVER_ATTR_RW(num_tgts);
4829 static ssize_t dev_size_mb_show(struct device_driver *ddp, char *buf)
4831 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_dev_size_mb);
4833 static DRIVER_ATTR_RO(dev_size_mb);
4835 static ssize_t num_parts_show(struct device_driver *ddp, char *buf)
4837 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_num_parts);
4839 static DRIVER_ATTR_RO(num_parts);
4841 static ssize_t every_nth_show(struct device_driver *ddp, char *buf)
4843 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_every_nth);
4845 static ssize_t every_nth_store(struct device_driver *ddp, const char *buf,
4850 if ((count > 0) && (1 == sscanf(buf, "%d", &nth))) {
4851 sdebug_every_nth = nth;
4852 if (nth && !sdebug_statistics) {
4853 pr_info("every_nth needs statistics=1, set it\n");
4854 sdebug_statistics = true;
4861 static DRIVER_ATTR_RW(every_nth);
4863 static ssize_t max_luns_show(struct device_driver *ddp, char *buf)
4865 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_max_luns);
4867 static ssize_t max_luns_store(struct device_driver *ddp, const char *buf,
4873 if ((count > 0) && (1 == sscanf(buf, "%d", &n)) && (n >= 0)) {
4875 pr_warn("max_luns can be no more than 256\n");
4878 changed = (sdebug_max_luns != n);
4879 sdebug_max_luns = n;
4880 sdebug_max_tgts_luns();
4881 if (changed && (sdebug_scsi_level >= 5)) { /* >= SPC-3 */
4882 struct sdebug_host_info *sdhp;
4883 struct sdebug_dev_info *dp;
4885 spin_lock(&sdebug_host_list_lock);
4886 list_for_each_entry(sdhp, &sdebug_host_list,
4888 list_for_each_entry(dp, &sdhp->dev_info_list,
4890 set_bit(SDEBUG_UA_LUNS_CHANGED,
4894 spin_unlock(&sdebug_host_list_lock);
4900 static DRIVER_ATTR_RW(max_luns);
4902 static ssize_t max_queue_show(struct device_driver *ddp, char *buf)
4904 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_max_queue);
4906 /* N.B. max_queue can be changed while there are queued commands. In flight
4907 * commands beyond the new max_queue will be completed. */
4908 static ssize_t max_queue_store(struct device_driver *ddp, const char *buf,
4912 struct sdebug_queue *sqp;
4914 if ((count > 0) && (1 == sscanf(buf, "%d", &n)) && (n > 0) &&
4915 (n <= SDEBUG_CANQUEUE)) {
4916 block_unblock_all_queues(true);
4918 for (j = 0, sqp = sdebug_q_arr; j < submit_queues;
4920 a = find_last_bit(sqp->in_use_bm, SDEBUG_CANQUEUE);
4924 sdebug_max_queue = n;
4925 if (k == SDEBUG_CANQUEUE)
4926 atomic_set(&retired_max_queue, 0);
4928 atomic_set(&retired_max_queue, k + 1);
4930 atomic_set(&retired_max_queue, 0);
4931 block_unblock_all_queues(false);
4936 static DRIVER_ATTR_RW(max_queue);
4938 static ssize_t no_uld_show(struct device_driver *ddp, char *buf)
4940 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_no_uld);
4942 static DRIVER_ATTR_RO(no_uld);
4944 static ssize_t scsi_level_show(struct device_driver *ddp, char *buf)
4946 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_scsi_level);
4948 static DRIVER_ATTR_RO(scsi_level);
4950 static ssize_t virtual_gb_show(struct device_driver *ddp, char *buf)
4952 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_virtual_gb);
4954 static ssize_t virtual_gb_store(struct device_driver *ddp, const char *buf,
4960 if ((count > 0) && (1 == sscanf(buf, "%d", &n)) && (n >= 0)) {
4961 changed = (sdebug_virtual_gb != n);
4962 sdebug_virtual_gb = n;
4963 sdebug_capacity = get_sdebug_capacity();
4965 struct sdebug_host_info *sdhp;
4966 struct sdebug_dev_info *dp;
4968 spin_lock(&sdebug_host_list_lock);
4969 list_for_each_entry(sdhp, &sdebug_host_list,
4971 list_for_each_entry(dp, &sdhp->dev_info_list,
4973 set_bit(SDEBUG_UA_CAPACITY_CHANGED,
4977 spin_unlock(&sdebug_host_list_lock);
4983 static DRIVER_ATTR_RW(virtual_gb);
4985 static ssize_t add_host_show(struct device_driver *ddp, char *buf)
4987 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_add_host);
4990 static int sdebug_add_adapter(void);
4991 static void sdebug_remove_adapter(void);
4993 static ssize_t add_host_store(struct device_driver *ddp, const char *buf,
4998 if (sscanf(buf, "%d", &delta_hosts) != 1)
5000 if (delta_hosts > 0) {
5002 sdebug_add_adapter();
5003 } while (--delta_hosts);
5004 } else if (delta_hosts < 0) {
5006 sdebug_remove_adapter();
5007 } while (++delta_hosts);
5011 static DRIVER_ATTR_RW(add_host);
5013 static ssize_t vpd_use_hostno_show(struct device_driver *ddp, char *buf)
5015 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_vpd_use_hostno);
5017 static ssize_t vpd_use_hostno_store(struct device_driver *ddp, const char *buf,
5022 if ((count > 0) && (1 == sscanf(buf, "%d", &n)) && (n >= 0)) {
5023 sdebug_vpd_use_hostno = n;
5028 static DRIVER_ATTR_RW(vpd_use_hostno);
5030 static ssize_t statistics_show(struct device_driver *ddp, char *buf)
5032 return scnprintf(buf, PAGE_SIZE, "%d\n", (int)sdebug_statistics);
5034 static ssize_t statistics_store(struct device_driver *ddp, const char *buf,
5039 if ((count > 0) && (sscanf(buf, "%d", &n) == 1) && (n >= 0)) {
5041 sdebug_statistics = true;
5043 clear_queue_stats();
5044 sdebug_statistics = false;
5050 static DRIVER_ATTR_RW(statistics);
5052 static ssize_t sector_size_show(struct device_driver *ddp, char *buf)
5054 return scnprintf(buf, PAGE_SIZE, "%u\n", sdebug_sector_size);
5056 static DRIVER_ATTR_RO(sector_size);
5058 static ssize_t submit_queues_show(struct device_driver *ddp, char *buf)
5060 return scnprintf(buf, PAGE_SIZE, "%d\n", submit_queues);
5062 static DRIVER_ATTR_RO(submit_queues);
5064 static ssize_t dix_show(struct device_driver *ddp, char *buf)
5066 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_dix);
5068 static DRIVER_ATTR_RO(dix);
5070 static ssize_t dif_show(struct device_driver *ddp, char *buf)
5072 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_dif);
5074 static DRIVER_ATTR_RO(dif);
5076 static ssize_t guard_show(struct device_driver *ddp, char *buf)
5078 return scnprintf(buf, PAGE_SIZE, "%u\n", sdebug_guard);
5080 static DRIVER_ATTR_RO(guard);
5082 static ssize_t ato_show(struct device_driver *ddp, char *buf)
5084 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_ato);
5086 static DRIVER_ATTR_RO(ato);
5088 static ssize_t map_show(struct device_driver *ddp, char *buf)
5092 if (!scsi_debug_lbp())
5093 return scnprintf(buf, PAGE_SIZE, "0-%u\n",
5094 sdebug_store_sectors);
5096 count = scnprintf(buf, PAGE_SIZE - 1, "%*pbl",
5097 (int)map_size, map_storep);
5098 buf[count++] = '\n';
5103 static DRIVER_ATTR_RO(map);
5105 static ssize_t removable_show(struct device_driver *ddp, char *buf)
5107 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_removable ? 1 : 0);
5109 static ssize_t removable_store(struct device_driver *ddp, const char *buf,
5114 if ((count > 0) && (1 == sscanf(buf, "%d", &n)) && (n >= 0)) {
5115 sdebug_removable = (n > 0);
5120 static DRIVER_ATTR_RW(removable);
5122 static ssize_t host_lock_show(struct device_driver *ddp, char *buf)
5124 return scnprintf(buf, PAGE_SIZE, "%d\n", !!sdebug_host_lock);
5126 /* N.B. sdebug_host_lock does nothing, kept for backward compatibility */
5127 static ssize_t host_lock_store(struct device_driver *ddp, const char *buf,
5132 if ((count > 0) && (1 == sscanf(buf, "%d", &n)) && (n >= 0)) {
5133 sdebug_host_lock = (n > 0);
5138 static DRIVER_ATTR_RW(host_lock);
5140 static ssize_t strict_show(struct device_driver *ddp, char *buf)
5142 return scnprintf(buf, PAGE_SIZE, "%d\n", !!sdebug_strict);
5144 static ssize_t strict_store(struct device_driver *ddp, const char *buf,
5149 if ((count > 0) && (1 == sscanf(buf, "%d", &n)) && (n >= 0)) {
5150 sdebug_strict = (n > 0);
5155 static DRIVER_ATTR_RW(strict);
5157 static ssize_t uuid_ctl_show(struct device_driver *ddp, char *buf)
5159 return scnprintf(buf, PAGE_SIZE, "%d\n", !!sdebug_uuid_ctl);
5161 static DRIVER_ATTR_RO(uuid_ctl);
5163 static ssize_t cdb_len_show(struct device_driver *ddp, char *buf)
5165 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_cdb_len);
5167 static ssize_t cdb_len_store(struct device_driver *ddp, const char *buf,
5172 ret = kstrtoint(buf, 0, &n);
5176 all_config_cdb_len();
5179 static DRIVER_ATTR_RW(cdb_len);
5182 /* Note: The following array creates attribute files in the
5183 /sys/bus/pseudo/drivers/scsi_debug directory. The advantage of these
5184 files (over those found in the /sys/module/scsi_debug/parameters
5185 directory) is that auxiliary actions can be triggered when an attribute
5186 is changed. For example see: sdebug_add_host_store() above.
5189 static struct attribute *sdebug_drv_attrs[] = {
5190 &driver_attr_delay.attr,
5191 &driver_attr_opts.attr,
5192 &driver_attr_ptype.attr,
5193 &driver_attr_dsense.attr,
5194 &driver_attr_fake_rw.attr,
5195 &driver_attr_no_lun_0.attr,
5196 &driver_attr_num_tgts.attr,
5197 &driver_attr_dev_size_mb.attr,
5198 &driver_attr_num_parts.attr,
5199 &driver_attr_every_nth.attr,
5200 &driver_attr_max_luns.attr,
5201 &driver_attr_max_queue.attr,
5202 &driver_attr_no_uld.attr,
5203 &driver_attr_scsi_level.attr,
5204 &driver_attr_virtual_gb.attr,
5205 &driver_attr_add_host.attr,
5206 &driver_attr_vpd_use_hostno.attr,
5207 &driver_attr_sector_size.attr,
5208 &driver_attr_statistics.attr,
5209 &driver_attr_submit_queues.attr,
5210 &driver_attr_dix.attr,
5211 &driver_attr_dif.attr,
5212 &driver_attr_guard.attr,
5213 &driver_attr_ato.attr,
5214 &driver_attr_map.attr,
5215 &driver_attr_removable.attr,
5216 &driver_attr_host_lock.attr,
5217 &driver_attr_ndelay.attr,
5218 &driver_attr_strict.attr,
5219 &driver_attr_uuid_ctl.attr,
5220 &driver_attr_cdb_len.attr,
5223 ATTRIBUTE_GROUPS(sdebug_drv);
5225 static struct device *pseudo_primary;
5227 static int __init scsi_debug_init(void)
5234 atomic_set(&retired_max_queue, 0);
5236 if (sdebug_ndelay >= 1000 * 1000 * 1000) {
5237 pr_warn("ndelay must be less than 1 second, ignored\n");
5239 } else if (sdebug_ndelay > 0)
5240 sdebug_jdelay = JDELAY_OVERRIDDEN;
5242 switch (sdebug_sector_size) {
5249 pr_err("invalid sector_size %d\n", sdebug_sector_size);
5253 switch (sdebug_dif) {
5254 case T10_PI_TYPE0_PROTECTION:
5256 case T10_PI_TYPE1_PROTECTION:
5257 case T10_PI_TYPE2_PROTECTION:
5258 case T10_PI_TYPE3_PROTECTION:
5259 have_dif_prot = true;
5263 pr_err("dif must be 0, 1, 2 or 3\n");
5267 if (sdebug_num_tgts < 0) {
5268 pr_err("num_tgts must be >= 0\n");
5272 if (sdebug_guard > 1) {
5273 pr_err("guard must be 0 or 1\n");
5277 if (sdebug_ato > 1) {
5278 pr_err("ato must be 0 or 1\n");
5282 if (sdebug_physblk_exp > 15) {
5283 pr_err("invalid physblk_exp %u\n", sdebug_physblk_exp);
5286 if (sdebug_max_luns > 256) {
5287 pr_warn("max_luns can be no more than 256, use default\n");
5288 sdebug_max_luns = DEF_MAX_LUNS;
5291 if (sdebug_lowest_aligned > 0x3fff) {
5292 pr_err("lowest_aligned too big: %u\n", sdebug_lowest_aligned);
5296 if (submit_queues < 1) {
5297 pr_err("submit_queues must be 1 or more\n");
5300 sdebug_q_arr = kcalloc(submit_queues, sizeof(struct sdebug_queue),
5302 if (sdebug_q_arr == NULL)
5304 for (k = 0; k < submit_queues; ++k)
5305 spin_lock_init(&sdebug_q_arr[k].qc_lock);
5307 if (sdebug_dev_size_mb < 1)
5308 sdebug_dev_size_mb = 1; /* force minimum 1 MB ramdisk */
5309 sz = (unsigned long)sdebug_dev_size_mb * 1048576;
5310 sdebug_store_sectors = sz / sdebug_sector_size;
5311 sdebug_capacity = get_sdebug_capacity();
5313 /* play around with geometry, don't waste too much on track 0 */
5315 sdebug_sectors_per = 32;
5316 if (sdebug_dev_size_mb >= 256)
5318 else if (sdebug_dev_size_mb >= 16)
5320 sdebug_cylinders_per = (unsigned long)sdebug_capacity /
5321 (sdebug_sectors_per * sdebug_heads);
5322 if (sdebug_cylinders_per >= 1024) {
5323 /* other LLDs do this; implies >= 1GB ram disk ... */
5325 sdebug_sectors_per = 63;
5326 sdebug_cylinders_per = (unsigned long)sdebug_capacity /
5327 (sdebug_sectors_per * sdebug_heads);
5330 if (sdebug_fake_rw == 0) {
5331 fake_storep = vzalloc(sz);
5332 if (NULL == fake_storep) {
5333 pr_err("out of memory, 1\n");
5337 if (sdebug_num_parts > 0)
5338 sdebug_build_parts(fake_storep, sz);
5344 dif_size = sdebug_store_sectors * sizeof(struct t10_pi_tuple);
5345 dif_storep = vmalloc(dif_size);
5347 pr_err("dif_storep %u bytes @ %p\n", dif_size, dif_storep);
5349 if (dif_storep == NULL) {
5350 pr_err("out of mem. (DIX)\n");
5355 memset(dif_storep, 0xff, dif_size);
5358 /* Logical Block Provisioning */
5359 if (scsi_debug_lbp()) {
5360 sdebug_unmap_max_blocks =
5361 clamp(sdebug_unmap_max_blocks, 0U, 0xffffffffU);
5363 sdebug_unmap_max_desc =
5364 clamp(sdebug_unmap_max_desc, 0U, 256U);
5366 sdebug_unmap_granularity =
5367 clamp(sdebug_unmap_granularity, 1U, 0xffffffffU);
5369 if (sdebug_unmap_alignment &&
5370 sdebug_unmap_granularity <=
5371 sdebug_unmap_alignment) {
5372 pr_err("ERR: unmap_granularity <= unmap_alignment\n");
5377 map_size = lba_to_map_index(sdebug_store_sectors - 1) + 1;
5378 map_storep = vmalloc(array_size(sizeof(long),
5379 BITS_TO_LONGS(map_size)));
5381 pr_info("%lu provisioning blocks\n", map_size);
5383 if (map_storep == NULL) {
5384 pr_err("out of mem. (MAP)\n");
5389 bitmap_zero(map_storep, map_size);
5391 /* Map first 1KB for partition table */
5392 if (sdebug_num_parts)
5396 pseudo_primary = root_device_register("pseudo_0");
5397 if (IS_ERR(pseudo_primary)) {
5398 pr_warn("root_device_register() error\n");
5399 ret = PTR_ERR(pseudo_primary);
5402 ret = bus_register(&pseudo_lld_bus);
5404 pr_warn("bus_register error: %d\n", ret);
5407 ret = driver_register(&sdebug_driverfs_driver);
5409 pr_warn("driver_register error: %d\n", ret);
5413 host_to_add = sdebug_add_host;
5414 sdebug_add_host = 0;
5416 for (k = 0; k < host_to_add; k++) {
5417 if (sdebug_add_adapter()) {
5418 pr_err("sdebug_add_adapter failed k=%d\n", k);
5424 pr_info("built %d host(s)\n", sdebug_add_host);
5429 bus_unregister(&pseudo_lld_bus);
5431 root_device_unregister(pseudo_primary);
5437 kfree(sdebug_q_arr);
5441 static void __exit scsi_debug_exit(void)
5443 int k = sdebug_add_host;
5447 sdebug_remove_adapter();
5449 driver_unregister(&sdebug_driverfs_driver);
5450 bus_unregister(&pseudo_lld_bus);
5451 root_device_unregister(pseudo_primary);
5456 kfree(sdebug_q_arr);
5459 device_initcall(scsi_debug_init);
5460 module_exit(scsi_debug_exit);
5462 static void sdebug_release_adapter(struct device *dev)
5464 struct sdebug_host_info *sdbg_host;
5466 sdbg_host = to_sdebug_host(dev);
5470 static int sdebug_add_adapter(void)
5472 int k, devs_per_host;
5474 struct sdebug_host_info *sdbg_host;
5475 struct sdebug_dev_info *sdbg_devinfo, *tmp;
5477 sdbg_host = kzalloc(sizeof(*sdbg_host), GFP_KERNEL);
5478 if (sdbg_host == NULL) {
5479 pr_err("out of memory at line %d\n", __LINE__);
5483 INIT_LIST_HEAD(&sdbg_host->dev_info_list);
5485 devs_per_host = sdebug_num_tgts * sdebug_max_luns;
5486 for (k = 0; k < devs_per_host; k++) {
5487 sdbg_devinfo = sdebug_device_create(sdbg_host, GFP_KERNEL);
5488 if (!sdbg_devinfo) {
5489 pr_err("out of memory at line %d\n", __LINE__);
5495 spin_lock(&sdebug_host_list_lock);
5496 list_add_tail(&sdbg_host->host_list, &sdebug_host_list);
5497 spin_unlock(&sdebug_host_list_lock);
5499 sdbg_host->dev.bus = &pseudo_lld_bus;
5500 sdbg_host->dev.parent = pseudo_primary;
5501 sdbg_host->dev.release = &sdebug_release_adapter;
5502 dev_set_name(&sdbg_host->dev, "adapter%d", sdebug_add_host);
5504 error = device_register(&sdbg_host->dev);
5513 list_for_each_entry_safe(sdbg_devinfo, tmp, &sdbg_host->dev_info_list,
5515 list_del(&sdbg_devinfo->dev_list);
5516 kfree(sdbg_devinfo);
5523 static void sdebug_remove_adapter(void)
5525 struct sdebug_host_info *sdbg_host = NULL;
5527 spin_lock(&sdebug_host_list_lock);
5528 if (!list_empty(&sdebug_host_list)) {
5529 sdbg_host = list_entry(sdebug_host_list.prev,
5530 struct sdebug_host_info, host_list);
5531 list_del(&sdbg_host->host_list);
5533 spin_unlock(&sdebug_host_list_lock);
5538 device_unregister(&sdbg_host->dev);
5542 static int sdebug_change_qdepth(struct scsi_device *sdev, int qdepth)
5545 struct sdebug_dev_info *devip;
5547 block_unblock_all_queues(true);
5548 devip = (struct sdebug_dev_info *)sdev->hostdata;
5549 if (NULL == devip) {
5550 block_unblock_all_queues(false);
5553 num_in_q = atomic_read(&devip->num_in_q);
5557 /* allow to exceed max host qc_arr elements for testing */
5558 if (qdepth > SDEBUG_CANQUEUE + 10)
5559 qdepth = SDEBUG_CANQUEUE + 10;
5560 scsi_change_queue_depth(sdev, qdepth);
5562 if (SDEBUG_OPT_Q_NOISE & sdebug_opts) {
5563 sdev_printk(KERN_INFO, sdev, "%s: qdepth=%d, num_in_q=%d\n",
5564 __func__, qdepth, num_in_q);
5566 block_unblock_all_queues(false);
5567 return sdev->queue_depth;
5570 static bool fake_timeout(struct scsi_cmnd *scp)
5572 if (0 == (atomic_read(&sdebug_cmnd_count) % abs(sdebug_every_nth))) {
5573 if (sdebug_every_nth < -1)
5574 sdebug_every_nth = -1;
5575 if (SDEBUG_OPT_TIMEOUT & sdebug_opts)
5576 return true; /* ignore command causing timeout */
5577 else if (SDEBUG_OPT_MAC_TIMEOUT & sdebug_opts &&
5578 scsi_medium_access_command(scp))
5579 return true; /* time out reads and writes */
5584 static bool fake_host_busy(struct scsi_cmnd *scp)
5586 return (sdebug_opts & SDEBUG_OPT_HOST_BUSY) &&
5587 (atomic_read(&sdebug_cmnd_count) % abs(sdebug_every_nth)) == 0;
5590 static int scsi_debug_queuecommand(struct Scsi_Host *shost,
5591 struct scsi_cmnd *scp)
5594 struct scsi_device *sdp = scp->device;
5595 const struct opcode_info_t *oip;
5596 const struct opcode_info_t *r_oip;
5597 struct sdebug_dev_info *devip;
5598 u8 *cmd = scp->cmnd;
5599 int (*r_pfp)(struct scsi_cmnd *, struct sdebug_dev_info *);
5600 int (*pfp)(struct scsi_cmnd *, struct sdebug_dev_info *) = NULL;
5608 scsi_set_resid(scp, 0);
5609 if (sdebug_statistics)
5610 atomic_inc(&sdebug_cmnd_count);
5611 if (unlikely(sdebug_verbose &&
5612 !(SDEBUG_OPT_NO_CDB_NOISE & sdebug_opts))) {
5617 sb = (int)sizeof(b);
5619 strcpy(b, "too long, over 32 bytes");
5621 for (k = 0, n = 0; k < len && n < sb; ++k)
5622 n += scnprintf(b + n, sb - n, "%02x ",
5625 sdev_printk(KERN_INFO, sdp, "%s: tag=%#x, cmd %s\n", my_name,
5626 blk_mq_unique_tag(scp->request), b);
5628 if (fake_host_busy(scp))
5629 return SCSI_MLQUEUE_HOST_BUSY;
5630 has_wlun_rl = (sdp->lun == SCSI_W_LUN_REPORT_LUNS);
5631 if (unlikely((sdp->lun >= sdebug_max_luns) && !has_wlun_rl))
5634 sdeb_i = opcode_ind_arr[opcode]; /* fully mapped */
5635 oip = &opcode_info_arr[sdeb_i]; /* safe if table consistent */
5636 devip = (struct sdebug_dev_info *)sdp->hostdata;
5637 if (unlikely(!devip)) {
5638 devip = find_build_dev_info(sdp);
5642 na = oip->num_attached;
5644 if (na) { /* multiple commands with this opcode */
5646 if (FF_SA & r_oip->flags) {
5647 if (F_SA_LOW & oip->flags)
5650 sa = get_unaligned_be16(cmd + 8);
5651 for (k = 0; k <= na; oip = r_oip->arrp + k++) {
5652 if (opcode == oip->opcode && sa == oip->sa)
5655 } else { /* since no service action only check opcode */
5656 for (k = 0; k <= na; oip = r_oip->arrp + k++) {
5657 if (opcode == oip->opcode)
5662 if (F_SA_LOW & r_oip->flags)
5663 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 1, 4);
5664 else if (F_SA_HIGH & r_oip->flags)
5665 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 8, 7);
5667 mk_sense_invalid_opcode(scp);
5670 } /* else (when na==0) we assume the oip is a match */
5672 if (unlikely(F_INV_OP & flags)) {
5673 mk_sense_invalid_opcode(scp);
5676 if (unlikely(has_wlun_rl && !(F_RL_WLUN_OK & flags))) {
5678 sdev_printk(KERN_INFO, sdp, "%s: Opcode 0x%x not%s\n",
5679 my_name, opcode, " supported for wlun");
5680 mk_sense_invalid_opcode(scp);
5683 if (unlikely(sdebug_strict)) { /* check cdb against mask */
5687 for (k = 1; k < oip->len_mask[0] && k < 16; ++k) {
5688 rem = ~oip->len_mask[k] & cmd[k];
5690 for (j = 7; j >= 0; --j, rem <<= 1) {
5694 mk_sense_invalid_fld(scp, SDEB_IN_CDB, k, j);
5699 if (unlikely(!(F_SKIP_UA & flags) &&
5700 find_first_bit(devip->uas_bm,
5701 SDEBUG_NUM_UAS) != SDEBUG_NUM_UAS)) {
5702 errsts = make_ua(scp, devip);
5706 if (unlikely((F_M_ACCESS & flags) && atomic_read(&devip->stopped))) {
5707 mk_sense_buffer(scp, NOT_READY, LOGICAL_UNIT_NOT_READY, 0x2);
5709 sdev_printk(KERN_INFO, sdp, "%s reports: Not ready: "
5710 "%s\n", my_name, "initializing command "
5712 errsts = check_condition_result;
5715 if (sdebug_fake_rw && (F_FAKE_RW & flags))
5717 if (unlikely(sdebug_every_nth)) {
5718 if (fake_timeout(scp))
5719 return 0; /* ignore command: make trouble */
5721 if (likely(oip->pfp))
5722 pfp = oip->pfp; /* calls a resp_* function */
5724 pfp = r_pfp; /* if leaf function ptr NULL, try the root's */
5727 if (F_DELAY_OVERR & flags)
5728 return schedule_resp(scp, devip, errsts, pfp, 0, 0);
5729 else if ((flags & F_LONG_DELAY) && (sdebug_jdelay > 0 ||
5730 sdebug_ndelay > 10000)) {
5732 * Skip long delays if ndelay <= 10 microseconds. Otherwise
5733 * for Start Stop Unit (SSU) want at least 1 second delay and
5734 * if sdebug_jdelay>1 want a long delay of that many seconds.
5735 * For Synchronize Cache want 1/20 of SSU's delay.
5737 int jdelay = (sdebug_jdelay < 2) ? 1 : sdebug_jdelay;
5738 int denom = (flags & F_SYNC_DELAY) ? 20 : 1;
5740 jdelay = mult_frac(USER_HZ * jdelay, HZ, denom * USER_HZ);
5741 return schedule_resp(scp, devip, errsts, pfp, jdelay, 0);
5743 return schedule_resp(scp, devip, errsts, pfp, sdebug_jdelay,
5746 return schedule_resp(scp, devip, check_condition_result, NULL, 0, 0);
5748 return schedule_resp(scp, NULL, DID_NO_CONNECT << 16, NULL, 0, 0);
5751 static struct scsi_host_template sdebug_driver_template = {
5752 .show_info = scsi_debug_show_info,
5753 .write_info = scsi_debug_write_info,
5754 .proc_name = sdebug_proc_name,
5755 .name = "SCSI DEBUG",
5756 .info = scsi_debug_info,
5757 .slave_alloc = scsi_debug_slave_alloc,
5758 .slave_configure = scsi_debug_slave_configure,
5759 .slave_destroy = scsi_debug_slave_destroy,
5760 .ioctl = scsi_debug_ioctl,
5761 .queuecommand = scsi_debug_queuecommand,
5762 .change_queue_depth = sdebug_change_qdepth,
5763 .eh_abort_handler = scsi_debug_abort,
5764 .eh_device_reset_handler = scsi_debug_device_reset,
5765 .eh_target_reset_handler = scsi_debug_target_reset,
5766 .eh_bus_reset_handler = scsi_debug_bus_reset,
5767 .eh_host_reset_handler = scsi_debug_host_reset,
5768 .can_queue = SDEBUG_CANQUEUE,
5770 .sg_tablesize = SG_MAX_SEGMENTS,
5771 .cmd_per_lun = DEF_CMD_PER_LUN,
5773 .max_segment_size = -1U,
5774 .module = THIS_MODULE,
5775 .track_queue_depth = 1,
5778 static int sdebug_driver_probe(struct device *dev)
5781 struct sdebug_host_info *sdbg_host;
5782 struct Scsi_Host *hpnt;
5785 sdbg_host = to_sdebug_host(dev);
5787 sdebug_driver_template.can_queue = sdebug_max_queue;
5788 if (!sdebug_clustering)
5789 sdebug_driver_template.dma_boundary = PAGE_SIZE - 1;
5791 hpnt = scsi_host_alloc(&sdebug_driver_template, sizeof(sdbg_host));
5793 pr_err("scsi_host_alloc failed\n");
5797 if (submit_queues > nr_cpu_ids) {
5798 pr_warn("%s: trim submit_queues (was %d) to nr_cpu_ids=%u\n",
5799 my_name, submit_queues, nr_cpu_ids);
5800 submit_queues = nr_cpu_ids;
5802 /* Decide whether to tell scsi subsystem that we want mq */
5803 /* Following should give the same answer for each host */
5804 hpnt->nr_hw_queues = submit_queues;
5806 sdbg_host->shost = hpnt;
5807 *((struct sdebug_host_info **)hpnt->hostdata) = sdbg_host;
5808 if ((hpnt->this_id >= 0) && (sdebug_num_tgts > hpnt->this_id))
5809 hpnt->max_id = sdebug_num_tgts + 1;
5811 hpnt->max_id = sdebug_num_tgts;
5812 /* = sdebug_max_luns; */
5813 hpnt->max_lun = SCSI_W_LUN_REPORT_LUNS + 1;
5817 switch (sdebug_dif) {
5819 case T10_PI_TYPE1_PROTECTION:
5820 hprot = SHOST_DIF_TYPE1_PROTECTION;
5822 hprot |= SHOST_DIX_TYPE1_PROTECTION;
5825 case T10_PI_TYPE2_PROTECTION:
5826 hprot = SHOST_DIF_TYPE2_PROTECTION;
5828 hprot |= SHOST_DIX_TYPE2_PROTECTION;
5831 case T10_PI_TYPE3_PROTECTION:
5832 hprot = SHOST_DIF_TYPE3_PROTECTION;
5834 hprot |= SHOST_DIX_TYPE3_PROTECTION;
5839 hprot |= SHOST_DIX_TYPE0_PROTECTION;
5843 scsi_host_set_prot(hpnt, hprot);
5845 if (have_dif_prot || sdebug_dix)
5846 pr_info("host protection%s%s%s%s%s%s%s\n",
5847 (hprot & SHOST_DIF_TYPE1_PROTECTION) ? " DIF1" : "",
5848 (hprot & SHOST_DIF_TYPE2_PROTECTION) ? " DIF2" : "",
5849 (hprot & SHOST_DIF_TYPE3_PROTECTION) ? " DIF3" : "",
5850 (hprot & SHOST_DIX_TYPE0_PROTECTION) ? " DIX0" : "",
5851 (hprot & SHOST_DIX_TYPE1_PROTECTION) ? " DIX1" : "",
5852 (hprot & SHOST_DIX_TYPE2_PROTECTION) ? " DIX2" : "",
5853 (hprot & SHOST_DIX_TYPE3_PROTECTION) ? " DIX3" : "");
5855 if (sdebug_guard == 1)
5856 scsi_host_set_guard(hpnt, SHOST_DIX_GUARD_IP);
5858 scsi_host_set_guard(hpnt, SHOST_DIX_GUARD_CRC);
5860 sdebug_verbose = !!(SDEBUG_OPT_NOISE & sdebug_opts);
5861 sdebug_any_injecting_opt = !!(SDEBUG_OPT_ALL_INJECTING & sdebug_opts);
5862 if (sdebug_every_nth) /* need stats counters for every_nth */
5863 sdebug_statistics = true;
5864 error = scsi_add_host(hpnt, &sdbg_host->dev);
5866 pr_err("scsi_add_host failed\n");
5868 scsi_host_put(hpnt);
5870 scsi_scan_host(hpnt);
5875 static int sdebug_driver_remove(struct device *dev)
5877 struct sdebug_host_info *sdbg_host;
5878 struct sdebug_dev_info *sdbg_devinfo, *tmp;
5880 sdbg_host = to_sdebug_host(dev);
5883 pr_err("Unable to locate host info\n");
5887 scsi_remove_host(sdbg_host->shost);
5889 list_for_each_entry_safe(sdbg_devinfo, tmp, &sdbg_host->dev_info_list,
5891 list_del(&sdbg_devinfo->dev_list);
5892 kfree(sdbg_devinfo);
5895 scsi_host_put(sdbg_host->shost);
5899 static int pseudo_lld_bus_match(struct device *dev,
5900 struct device_driver *dev_driver)
5905 static struct bus_type pseudo_lld_bus = {
5907 .match = pseudo_lld_bus_match,
5908 .probe = sdebug_driver_probe,
5909 .remove = sdebug_driver_remove,
5910 .drv_groups = sdebug_drv_groups,
projects / linux-2.6-microblaze.git / blob