1 // SPDX-License-Identifier: GPL-2.0-or-later
3 * vvvvvvvvvvvvvvvvvvvvvvv Original vvvvvvvvvvvvvvvvvvvvvvvvvvvvvvv
4 * Copyright (C) 1992 Eric Youngdale
5 * Simulate a host adapter with 2 disks attached. Do a lot of checking
6 * to make sure that we are not getting blocks mixed up, and PANIC if
7 * anything out of the ordinary is seen.
8 * ^^^^^^^^^^^^^^^^^^^^^^^ Original ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
10 * Copyright (C) 2001 - 2018 Douglas Gilbert
12 * For documentation see http://sg.danny.cz/sg/sdebug26.html
16 #define pr_fmt(fmt) KBUILD_MODNAME ":%s: " fmt, __func__
18 #include <linux/module.h>
20 #include <linux/kernel.h>
21 #include <linux/errno.h>
22 #include <linux/jiffies.h>
23 #include <linux/slab.h>
24 #include <linux/types.h>
25 #include <linux/string.h>
26 #include <linux/genhd.h>
28 #include <linux/init.h>
29 #include <linux/proc_fs.h>
30 #include <linux/vmalloc.h>
31 #include <linux/moduleparam.h>
32 #include <linux/scatterlist.h>
33 #include <linux/blkdev.h>
34 #include <linux/crc-t10dif.h>
35 #include <linux/spinlock.h>
36 #include <linux/interrupt.h>
37 #include <linux/atomic.h>
38 #include <linux/hrtimer.h>
39 #include <linux/uuid.h>
40 #include <linux/t10-pi.h>
42 #include <net/checksum.h>
44 #include <asm/unaligned.h>
46 #include <scsi/scsi.h>
47 #include <scsi/scsi_cmnd.h>
48 #include <scsi/scsi_device.h>
49 #include <scsi/scsi_host.h>
50 #include <scsi/scsicam.h>
51 #include <scsi/scsi_eh.h>
52 #include <scsi/scsi_tcq.h>
53 #include <scsi/scsi_dbg.h>
56 #include "scsi_logging.h"
58 /* make sure inq_product_rev string corresponds to this version */
59 #define SDEBUG_VERSION "0188" /* format to fit INQUIRY revision field */
60 static const char *sdebug_version_date = "20190125";
62 #define MY_NAME "scsi_debug"
64 /* Additional Sense Code (ASC) */
65 #define NO_ADDITIONAL_SENSE 0x0
66 #define LOGICAL_UNIT_NOT_READY 0x4
67 #define LOGICAL_UNIT_COMMUNICATION_FAILURE 0x8
68 #define UNRECOVERED_READ_ERR 0x11
69 #define PARAMETER_LIST_LENGTH_ERR 0x1a
70 #define INVALID_OPCODE 0x20
71 #define LBA_OUT_OF_RANGE 0x21
72 #define INVALID_FIELD_IN_CDB 0x24
73 #define INVALID_FIELD_IN_PARAM_LIST 0x26
74 #define WRITE_PROTECTED 0x27
75 #define UA_RESET_ASC 0x29
76 #define UA_CHANGED_ASC 0x2a
77 #define TARGET_CHANGED_ASC 0x3f
78 #define LUNS_CHANGED_ASCQ 0x0e
79 #define INSUFF_RES_ASC 0x55
80 #define INSUFF_RES_ASCQ 0x3
81 #define POWER_ON_RESET_ASCQ 0x0
82 #define BUS_RESET_ASCQ 0x2 /* scsi bus reset occurred */
83 #define MODE_CHANGED_ASCQ 0x1 /* mode parameters changed */
84 #define CAPACITY_CHANGED_ASCQ 0x9
85 #define SAVING_PARAMS_UNSUP 0x39
86 #define TRANSPORT_PROBLEM 0x4b
87 #define THRESHOLD_EXCEEDED 0x5d
88 #define LOW_POWER_COND_ON 0x5e
89 #define MISCOMPARE_VERIFY_ASC 0x1d
90 #define MICROCODE_CHANGED_ASCQ 0x1 /* with TARGET_CHANGED_ASC */
91 #define MICROCODE_CHANGED_WO_RESET_ASCQ 0x16
92 #define WRITE_ERROR_ASC 0xc
94 /* Additional Sense Code Qualifier (ASCQ) */
95 #define ACK_NAK_TO 0x3
97 /* Default values for driver parameters */
98 #define DEF_NUM_HOST 1
99 #define DEF_NUM_TGTS 1
100 #define DEF_MAX_LUNS 1
101 /* With these defaults, this driver will make 1 host with 1 target
102 * (id 0) containing 1 logical unit (lun 0). That is 1 device.
105 #define DEF_CDB_LEN 10
106 #define DEF_JDELAY 1 /* if > 0 unit is a jiffy */
107 #define DEF_DEV_SIZE_MB 8
110 #define DEF_D_SENSE 0
111 #define DEF_EVERY_NTH 0
112 #define DEF_FAKE_RW 0
114 #define DEF_HOST_LOCK 0
117 #define DEF_LBPWS10 0
119 #define DEF_LOWEST_ALIGNED 0
120 #define DEF_NDELAY 0 /* if > 0 unit is a nanosecond */
121 #define DEF_NO_LUN_0 0
122 #define DEF_NUM_PARTS 0
124 #define DEF_OPT_BLKS 1024
125 #define DEF_PHYSBLK_EXP 0
126 #define DEF_OPT_XFERLEN_EXP 0
127 #define DEF_PTYPE TYPE_DISK
128 #define DEF_REMOVABLE false
129 #define DEF_SCSI_LEVEL 7 /* INQUIRY, byte2 [6->SPC-4; 7->SPC-5] */
130 #define DEF_SECTOR_SIZE 512
131 #define DEF_UNMAP_ALIGNMENT 0
132 #define DEF_UNMAP_GRANULARITY 1
133 #define DEF_UNMAP_MAX_BLOCKS 0xFFFFFFFF
134 #define DEF_UNMAP_MAX_DESC 256
135 #define DEF_VIRTUAL_GB 0
136 #define DEF_VPD_USE_HOSTNO 1
137 #define DEF_WRITESAME_LENGTH 0xFFFF
139 #define DEF_STATISTICS false
140 #define DEF_SUBMIT_QUEUES 1
141 #define DEF_UUID_CTL 0
142 #define JDELAY_OVERRIDDEN -9999
144 #define SDEBUG_LUN_0_VAL 0
146 /* bit mask values for sdebug_opts */
147 #define SDEBUG_OPT_NOISE 1
148 #define SDEBUG_OPT_MEDIUM_ERR 2
149 #define SDEBUG_OPT_TIMEOUT 4
150 #define SDEBUG_OPT_RECOVERED_ERR 8
151 #define SDEBUG_OPT_TRANSPORT_ERR 16
152 #define SDEBUG_OPT_DIF_ERR 32
153 #define SDEBUG_OPT_DIX_ERR 64
154 #define SDEBUG_OPT_MAC_TIMEOUT 128
155 #define SDEBUG_OPT_SHORT_TRANSFER 0x100
156 #define SDEBUG_OPT_Q_NOISE 0x200
157 #define SDEBUG_OPT_ALL_TSF 0x400
158 #define SDEBUG_OPT_RARE_TSF 0x800
159 #define SDEBUG_OPT_N_WCE 0x1000
160 #define SDEBUG_OPT_RESET_NOISE 0x2000
161 #define SDEBUG_OPT_NO_CDB_NOISE 0x4000
162 #define SDEBUG_OPT_HOST_BUSY 0x8000
163 #define SDEBUG_OPT_CMD_ABORT 0x10000
164 #define SDEBUG_OPT_ALL_NOISE (SDEBUG_OPT_NOISE | SDEBUG_OPT_Q_NOISE | \
165 SDEBUG_OPT_RESET_NOISE)
166 #define SDEBUG_OPT_ALL_INJECTING (SDEBUG_OPT_RECOVERED_ERR | \
167 SDEBUG_OPT_TRANSPORT_ERR | \
168 SDEBUG_OPT_DIF_ERR | SDEBUG_OPT_DIX_ERR | \
169 SDEBUG_OPT_SHORT_TRANSFER | \
170 SDEBUG_OPT_HOST_BUSY | \
171 SDEBUG_OPT_CMD_ABORT)
172 /* When "every_nth" > 0 then modulo "every_nth" commands:
173 * - a missing response is simulated if SDEBUG_OPT_TIMEOUT is set
174 * - a RECOVERED_ERROR is simulated on successful read and write
175 * commands if SDEBUG_OPT_RECOVERED_ERR is set.
176 * - a TRANSPORT_ERROR is simulated on successful read and write
177 * commands if SDEBUG_OPT_TRANSPORT_ERR is set.
178 * - similarly for DIF_ERR, DIX_ERR, SHORT_TRANSFER, HOST_BUSY and
181 * When "every_nth" < 0 then after "- every_nth" commands the selected
182 * error will be injected. The error will be injected on every subsequent
183 * command until some other action occurs; for example, the user writing
184 * a new value (other than -1 or 1) to every_nth:
185 * echo 0 > /sys/bus/pseudo/drivers/scsi_debug/every_nth
188 /* As indicated in SAM-5 and SPC-4 Unit Attentions (UAs) are returned in
189 * priority order. In the subset implemented here lower numbers have higher
190 * priority. The UA numbers should be a sequence starting from 0 with
191 * SDEBUG_NUM_UAS being 1 higher than the highest numbered UA. */
192 #define SDEBUG_UA_POR 0 /* Power on, reset, or bus device reset */
193 #define SDEBUG_UA_BUS_RESET 1
194 #define SDEBUG_UA_MODE_CHANGED 2
195 #define SDEBUG_UA_CAPACITY_CHANGED 3
196 #define SDEBUG_UA_LUNS_CHANGED 4
197 #define SDEBUG_UA_MICROCODE_CHANGED 5 /* simulate firmware change */
198 #define SDEBUG_UA_MICROCODE_CHANGED_WO_RESET 6
199 #define SDEBUG_NUM_UAS 7
201 /* when 1==SDEBUG_OPT_MEDIUM_ERR, a medium error is simulated at this
202 * sector on read commands: */
203 #define OPT_MEDIUM_ERR_ADDR 0x1234 /* that's sector 4660 in decimal */
204 #define OPT_MEDIUM_ERR_NUM 10 /* number of consecutive medium errs */
206 /* If REPORT LUNS has luns >= 256 it can choose "flat space" (value 1)
207 * or "peripheral device" addressing (value 0) */
208 #define SAM2_LUN_ADDRESS_METHOD 0
210 /* SDEBUG_CANQUEUE is the maximum number of commands that can be queued
211 * (for response) per submit queue at one time. Can be reduced by max_queue
212 * option. Command responses are not queued when jdelay=0 and ndelay=0. The
213 * per-device DEF_CMD_PER_LUN can be changed via sysfs:
214 * /sys/class/scsi_device/<h:c:t:l>/device/queue_depth
215 * but cannot exceed SDEBUG_CANQUEUE .
217 #define SDEBUG_CANQUEUE_WORDS 3 /* a WORD is bits in a long */
218 #define SDEBUG_CANQUEUE (SDEBUG_CANQUEUE_WORDS * BITS_PER_LONG)
219 #define DEF_CMD_PER_LUN 255
223 #define F_D_OUT_MAYBE 4 /* WRITE SAME, NDOB bit */
225 #define F_RL_WLUN_OK 0x10
226 #define F_SKIP_UA 0x20
227 #define F_DELAY_OVERR 0x40
228 #define F_SA_LOW 0x80 /* cdb byte 1, bits 4 to 0 */
229 #define F_SA_HIGH 0x100 /* as used by variable length cdbs */
230 #define F_INV_OP 0x200
231 #define F_FAKE_RW 0x400
232 #define F_M_ACCESS 0x800 /* media access */
233 #define F_SSU_DELAY 0x1000
234 #define F_SYNC_DELAY 0x2000
236 #define FF_RESPOND (F_RL_WLUN_OK | F_SKIP_UA | F_DELAY_OVERR)
237 #define FF_MEDIA_IO (F_M_ACCESS | F_FAKE_RW)
238 #define FF_SA (F_SA_HIGH | F_SA_LOW)
239 #define F_LONG_DELAY (F_SSU_DELAY | F_SYNC_DELAY)
241 #define SDEBUG_MAX_PARTS 4
243 #define SDEBUG_MAX_CMD_LEN 32
246 struct sdebug_dev_info {
247 struct list_head dev_list;
248 unsigned int channel;
252 struct sdebug_host_info *sdbg_host;
253 unsigned long uas_bm[1];
259 struct sdebug_host_info {
260 struct list_head host_list;
261 struct Scsi_Host *shost;
263 struct list_head dev_info_list;
266 #define to_sdebug_host(d) \
267 container_of(d, struct sdebug_host_info, dev)
269 enum sdeb_defer_type {SDEB_DEFER_NONE = 0, SDEB_DEFER_HRT = 1,
272 struct sdebug_defer {
274 struct execute_work ew;
275 int sqa_idx; /* index of sdebug_queue array */
276 int qc_idx; /* index of sdebug_queued_cmd array within sqa_idx */
280 bool aborted; /* true when blk_abort_request() already called */
281 enum sdeb_defer_type defer_t;
284 struct sdebug_queued_cmd {
285 /* corresponding bit set in in_use_bm[] in owning struct sdebug_queue
286 * instance indicates this slot is in use.
288 struct sdebug_defer *sd_dp;
289 struct scsi_cmnd *a_cmnd;
290 unsigned int inj_recovered:1;
291 unsigned int inj_transport:1;
292 unsigned int inj_dif:1;
293 unsigned int inj_dix:1;
294 unsigned int inj_short:1;
295 unsigned int inj_host_busy:1;
296 unsigned int inj_cmd_abort:1;
299 struct sdebug_queue {
300 struct sdebug_queued_cmd qc_arr[SDEBUG_CANQUEUE];
301 unsigned long in_use_bm[SDEBUG_CANQUEUE_WORDS];
303 atomic_t blocked; /* to temporarily stop more being queued */
306 static atomic_t sdebug_cmnd_count; /* number of incoming commands */
307 static atomic_t sdebug_completions; /* count of deferred completions */
308 static atomic_t sdebug_miss_cpus; /* submission + completion cpus differ */
309 static atomic_t sdebug_a_tsf; /* 'almost task set full' counter */
311 struct opcode_info_t {
312 u8 num_attached; /* 0 if this is it (i.e. a leaf); use 0xff */
313 /* for terminating element */
314 u8 opcode; /* if num_attached > 0, preferred */
315 u16 sa; /* service action */
316 u32 flags; /* OR-ed set of SDEB_F_* */
317 int (*pfp)(struct scsi_cmnd *, struct sdebug_dev_info *);
318 const struct opcode_info_t *arrp; /* num_attached elements or NULL */
319 u8 len_mask[16]; /* len_mask[0]-->cdb_len, then mask for cdb */
320 /* 1 to min(cdb_len, 15); ignore cdb[15...] */
323 /* SCSI opcodes (first byte of cdb) of interest mapped onto these indexes */
324 enum sdeb_opcode_index {
325 SDEB_I_INVALID_OPCODE = 0,
327 SDEB_I_REPORT_LUNS = 2,
328 SDEB_I_REQUEST_SENSE = 3,
329 SDEB_I_TEST_UNIT_READY = 4,
330 SDEB_I_MODE_SENSE = 5, /* 6, 10 */
331 SDEB_I_MODE_SELECT = 6, /* 6, 10 */
332 SDEB_I_LOG_SENSE = 7,
333 SDEB_I_READ_CAPACITY = 8, /* 10; 16 is in SA_IN(16) */
334 SDEB_I_READ = 9, /* 6, 10, 12, 16 */
335 SDEB_I_WRITE = 10, /* 6, 10, 12, 16 */
336 SDEB_I_START_STOP = 11,
337 SDEB_I_SERV_ACT_IN_16 = 12, /* add ...SERV_ACT_IN_12 if needed */
338 SDEB_I_SERV_ACT_OUT_16 = 13, /* add ...SERV_ACT_OUT_12 if needed */
339 SDEB_I_MAINT_IN = 14,
340 SDEB_I_MAINT_OUT = 15,
341 SDEB_I_VERIFY = 16, /* 10 only */
342 SDEB_I_VARIABLE_LEN = 17, /* READ(32), WRITE(32), WR_SCAT(32) */
343 SDEB_I_RESERVE = 18, /* 6, 10 */
344 SDEB_I_RELEASE = 19, /* 6, 10 */
345 SDEB_I_ALLOW_REMOVAL = 20, /* PREVENT ALLOW MEDIUM REMOVAL */
346 SDEB_I_REZERO_UNIT = 21, /* REWIND in SSC */
347 SDEB_I_ATA_PT = 22, /* 12, 16 */
348 SDEB_I_SEND_DIAG = 23,
350 SDEB_I_WRITE_BUFFER = 25,
351 SDEB_I_WRITE_SAME = 26, /* 10, 16 */
352 SDEB_I_SYNC_CACHE = 27, /* 10, 16 */
353 SDEB_I_COMP_WRITE = 28,
354 SDEB_I_LAST_ELEMENT = 29, /* keep this last (previous + 1) */
358 static const unsigned char opcode_ind_arr[256] = {
359 /* 0x0; 0x0->0x1f: 6 byte cdbs */
360 SDEB_I_TEST_UNIT_READY, SDEB_I_REZERO_UNIT, 0, SDEB_I_REQUEST_SENSE,
362 SDEB_I_READ, 0, SDEB_I_WRITE, 0, 0, 0, 0, 0,
363 0, 0, SDEB_I_INQUIRY, 0, 0, SDEB_I_MODE_SELECT, SDEB_I_RESERVE,
365 0, 0, SDEB_I_MODE_SENSE, SDEB_I_START_STOP, 0, SDEB_I_SEND_DIAG,
366 SDEB_I_ALLOW_REMOVAL, 0,
367 /* 0x20; 0x20->0x3f: 10 byte cdbs */
368 0, 0, 0, 0, 0, SDEB_I_READ_CAPACITY, 0, 0,
369 SDEB_I_READ, 0, SDEB_I_WRITE, 0, 0, 0, 0, SDEB_I_VERIFY,
370 0, 0, 0, 0, 0, SDEB_I_SYNC_CACHE, 0, 0,
371 0, 0, 0, SDEB_I_WRITE_BUFFER, 0, 0, 0, 0,
372 /* 0x40; 0x40->0x5f: 10 byte cdbs */
373 0, SDEB_I_WRITE_SAME, SDEB_I_UNMAP, 0, 0, 0, 0, 0,
374 0, 0, 0, 0, 0, SDEB_I_LOG_SENSE, 0, 0,
375 0, 0, 0, 0, 0, SDEB_I_MODE_SELECT, SDEB_I_RESERVE,
377 0, 0, SDEB_I_MODE_SENSE, 0, 0, 0, 0, 0,
378 /* 0x60; 0x60->0x7d are reserved, 0x7e is "extended cdb" */
379 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
380 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
381 0, SDEB_I_VARIABLE_LEN,
382 /* 0x80; 0x80->0x9f: 16 byte cdbs */
383 0, 0, 0, 0, 0, SDEB_I_ATA_PT, 0, 0,
384 SDEB_I_READ, SDEB_I_COMP_WRITE, SDEB_I_WRITE, 0, 0, 0, 0, 0,
385 0, SDEB_I_SYNC_CACHE, 0, SDEB_I_WRITE_SAME, 0, 0, 0, 0,
386 0, 0, 0, 0, 0, 0, SDEB_I_SERV_ACT_IN_16, SDEB_I_SERV_ACT_OUT_16,
387 /* 0xa0; 0xa0->0xbf: 12 byte cdbs */
388 SDEB_I_REPORT_LUNS, SDEB_I_ATA_PT, 0, SDEB_I_MAINT_IN,
389 SDEB_I_MAINT_OUT, 0, 0, 0,
390 SDEB_I_READ, 0 /* SDEB_I_SERV_ACT_OUT_12 */, SDEB_I_WRITE,
391 0 /* SDEB_I_SERV_ACT_IN_12 */, 0, 0, 0, 0,
392 0, 0, 0, 0, 0, 0, 0, 0,
393 0, 0, 0, 0, 0, 0, 0, 0,
394 /* 0xc0; 0xc0->0xff: vendor specific */
395 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
396 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
397 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
398 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
402 * The following "response" functions return the SCSI mid-level's 4 byte
403 * tuple-in-an-int. To handle commands with an IMMED bit, for a faster
404 * command completion, they can mask their return value with
405 * SDEG_RES_IMMED_MASK .
407 #define SDEG_RES_IMMED_MASK 0x40000000
409 static int resp_inquiry(struct scsi_cmnd *, struct sdebug_dev_info *);
410 static int resp_report_luns(struct scsi_cmnd *, struct sdebug_dev_info *);
411 static int resp_requests(struct scsi_cmnd *, struct sdebug_dev_info *);
412 static int resp_mode_sense(struct scsi_cmnd *, struct sdebug_dev_info *);
413 static int resp_mode_select(struct scsi_cmnd *, struct sdebug_dev_info *);
414 static int resp_log_sense(struct scsi_cmnd *, struct sdebug_dev_info *);
415 static int resp_readcap(struct scsi_cmnd *, struct sdebug_dev_info *);
416 static int resp_read_dt0(struct scsi_cmnd *, struct sdebug_dev_info *);
417 static int resp_write_dt0(struct scsi_cmnd *, struct sdebug_dev_info *);
418 static int resp_write_scat(struct scsi_cmnd *, struct sdebug_dev_info *);
419 static int resp_start_stop(struct scsi_cmnd *, struct sdebug_dev_info *);
420 static int resp_readcap16(struct scsi_cmnd *, struct sdebug_dev_info *);
421 static int resp_get_lba_status(struct scsi_cmnd *, struct sdebug_dev_info *);
422 static int resp_report_tgtpgs(struct scsi_cmnd *, struct sdebug_dev_info *);
423 static int resp_unmap(struct scsi_cmnd *, struct sdebug_dev_info *);
424 static int resp_rsup_opcodes(struct scsi_cmnd *, struct sdebug_dev_info *);
425 static int resp_rsup_tmfs(struct scsi_cmnd *, struct sdebug_dev_info *);
426 static int resp_write_same_10(struct scsi_cmnd *, struct sdebug_dev_info *);
427 static int resp_write_same_16(struct scsi_cmnd *, struct sdebug_dev_info *);
428 static int resp_comp_write(struct scsi_cmnd *, struct sdebug_dev_info *);
429 static int resp_write_buffer(struct scsi_cmnd *, struct sdebug_dev_info *);
430 static int resp_sync_cache(struct scsi_cmnd *, struct sdebug_dev_info *);
433 * The following are overflow arrays for cdbs that "hit" the same index in
434 * the opcode_info_arr array. The most time sensitive (or commonly used) cdb
435 * should be placed in opcode_info_arr[], the others should be placed here.
437 static const struct opcode_info_t msense_iarr[] = {
438 {0, 0x1a, 0, F_D_IN, NULL, NULL,
439 {6, 0xe8, 0xff, 0xff, 0xff, 0xc7, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} },
442 static const struct opcode_info_t mselect_iarr[] = {
443 {0, 0x15, 0, F_D_OUT, NULL, NULL,
444 {6, 0xf1, 0, 0, 0xff, 0xc7, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} },
447 static const struct opcode_info_t read_iarr[] = {
448 {0, 0x28, 0, F_D_IN | FF_MEDIA_IO, resp_read_dt0, NULL,/* READ(10) */
449 {10, 0xff, 0xff, 0xff, 0xff, 0xff, 0x3f, 0xff, 0xff, 0xc7, 0, 0,
451 {0, 0x8, 0, F_D_IN | FF_MEDIA_IO, resp_read_dt0, NULL, /* READ(6) */
452 {6, 0xff, 0xff, 0xff, 0xff, 0xc7, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} },
453 {0, 0xa8, 0, F_D_IN | FF_MEDIA_IO, resp_read_dt0, NULL,/* READ(12) */
454 {12, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xbf,
458 static const struct opcode_info_t write_iarr[] = {
459 {0, 0x2a, 0, F_D_OUT | FF_MEDIA_IO, resp_write_dt0, /* WRITE(10) */
460 NULL, {10, 0xfb, 0xff, 0xff, 0xff, 0xff, 0x3f, 0xff, 0xff, 0xc7,
462 {0, 0xa, 0, F_D_OUT | FF_MEDIA_IO, resp_write_dt0, /* WRITE(6) */
463 NULL, {6, 0xff, 0xff, 0xff, 0xff, 0xc7, 0, 0, 0, 0, 0, 0, 0,
465 {0, 0xaa, 0, F_D_OUT | FF_MEDIA_IO, resp_write_dt0, /* WRITE(12) */
466 NULL, {12, 0xfb, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
467 0xbf, 0xc7, 0, 0, 0, 0} },
470 static const struct opcode_info_t sa_in_16_iarr[] = {
471 {0, 0x9e, 0x12, F_SA_LOW | F_D_IN, resp_get_lba_status, NULL,
472 {16, 0x12, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
473 0xff, 0xff, 0xff, 0, 0xc7} }, /* GET LBA STATUS(16) */
476 static const struct opcode_info_t vl_iarr[] = { /* VARIABLE LENGTH */
477 {0, 0x7f, 0xb, F_SA_HIGH | F_D_OUT | FF_MEDIA_IO, resp_write_dt0,
478 NULL, {32, 0xc7, 0, 0, 0, 0, 0x3f, 0x18, 0x0, 0xb, 0xfa,
479 0, 0xff, 0xff, 0xff, 0xff} }, /* WRITE(32) */
480 {0, 0x7f, 0x11, F_SA_HIGH | F_D_OUT | FF_MEDIA_IO, resp_write_scat,
481 NULL, {32, 0xc7, 0, 0, 0, 0, 0x3f, 0x18, 0x0, 0x11, 0xf8,
482 0, 0xff, 0xff, 0x0, 0x0} }, /* WRITE SCATTERED(32) */
485 static const struct opcode_info_t maint_in_iarr[] = { /* MAINT IN */
486 {0, 0xa3, 0xc, F_SA_LOW | F_D_IN, resp_rsup_opcodes, NULL,
487 {12, 0xc, 0x87, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0,
488 0xc7, 0, 0, 0, 0} }, /* REPORT SUPPORTED OPERATION CODES */
489 {0, 0xa3, 0xd, F_SA_LOW | F_D_IN, resp_rsup_tmfs, NULL,
490 {12, 0xd, 0x80, 0, 0, 0, 0xff, 0xff, 0xff, 0xff, 0, 0xc7, 0, 0,
491 0, 0} }, /* REPORTED SUPPORTED TASK MANAGEMENT FUNCTIONS */
494 static const struct opcode_info_t write_same_iarr[] = {
495 {0, 0x93, 0, F_D_OUT_MAYBE | FF_MEDIA_IO, resp_write_same_16, NULL,
496 {16, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
497 0xff, 0xff, 0xff, 0x3f, 0xc7} }, /* WRITE SAME(16) */
500 static const struct opcode_info_t reserve_iarr[] = {
501 {0, 0x16, 0, F_D_OUT, NULL, NULL, /* RESERVE(6) */
502 {6, 0x1f, 0xff, 0xff, 0xff, 0xc7, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} },
505 static const struct opcode_info_t release_iarr[] = {
506 {0, 0x17, 0, F_D_OUT, NULL, NULL, /* RELEASE(6) */
507 {6, 0x1f, 0xff, 0, 0, 0xc7, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} },
510 static const struct opcode_info_t sync_cache_iarr[] = {
511 {0, 0x91, 0, F_SYNC_DELAY | F_M_ACCESS, resp_sync_cache, NULL,
512 {16, 0x6, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
513 0xff, 0xff, 0xff, 0xff, 0x3f, 0xc7} }, /* SYNC_CACHE (16) */
517 /* This array is accessed via SDEB_I_* values. Make sure all are mapped,
518 * plus the terminating elements for logic that scans this table such as
519 * REPORT SUPPORTED OPERATION CODES. */
520 static const struct opcode_info_t opcode_info_arr[SDEB_I_LAST_ELEMENT + 1] = {
522 {0, 0, 0, F_INV_OP | FF_RESPOND, NULL, NULL, /* unknown opcodes */
523 {0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} },
524 {0, 0x12, 0, FF_RESPOND | F_D_IN, resp_inquiry, NULL, /* INQUIRY */
525 {6, 0xe3, 0xff, 0xff, 0xff, 0xc7, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} },
526 {0, 0xa0, 0, FF_RESPOND | F_D_IN, resp_report_luns, NULL,
527 {12, 0xe3, 0xff, 0, 0, 0, 0xff, 0xff, 0xff, 0xff, 0, 0xc7, 0, 0,
528 0, 0} }, /* REPORT LUNS */
529 {0, 0x3, 0, FF_RESPOND | F_D_IN, resp_requests, NULL,
530 {6, 0xe1, 0, 0, 0xff, 0xc7, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} },
531 {0, 0x0, 0, F_M_ACCESS | F_RL_WLUN_OK, NULL, NULL,/* TEST UNIT READY */
532 {6, 0, 0, 0, 0, 0xc7, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} },
534 {ARRAY_SIZE(msense_iarr), 0x5a, 0, F_D_IN, /* MODE SENSE(10) */
535 resp_mode_sense, msense_iarr, {10, 0xf8, 0xff, 0xff, 0, 0, 0,
536 0xff, 0xff, 0xc7, 0, 0, 0, 0, 0, 0} },
537 {ARRAY_SIZE(mselect_iarr), 0x55, 0, F_D_OUT, /* MODE SELECT(10) */
538 resp_mode_select, mselect_iarr, {10, 0xf1, 0, 0, 0, 0, 0, 0xff,
539 0xff, 0xc7, 0, 0, 0, 0, 0, 0} },
540 {0, 0x4d, 0, F_D_IN, resp_log_sense, NULL, /* LOG SENSE */
541 {10, 0xe3, 0xff, 0xff, 0, 0xff, 0xff, 0xff, 0xff, 0xc7, 0, 0, 0,
543 {0, 0x25, 0, F_D_IN, resp_readcap, NULL, /* READ CAPACITY(10) */
544 {10, 0xe1, 0xff, 0xff, 0xff, 0xff, 0, 0, 0x1, 0xc7, 0, 0, 0, 0,
546 {ARRAY_SIZE(read_iarr), 0x88, 0, F_D_IN | FF_MEDIA_IO, /* READ(16) */
547 resp_read_dt0, read_iarr, {16, 0xfe, 0xff, 0xff, 0xff, 0xff,
548 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xc7} },
550 {ARRAY_SIZE(write_iarr), 0x8a, 0, F_D_OUT | FF_MEDIA_IO,
551 resp_write_dt0, write_iarr, /* WRITE(16) */
552 {16, 0xfa, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
553 0xff, 0xff, 0xff, 0xff, 0xff, 0xc7} },
554 {0, 0x1b, 0, F_SSU_DELAY, resp_start_stop, NULL,/* START STOP UNIT */
555 {6, 0x1, 0, 0xf, 0xf7, 0xc7, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} },
556 {ARRAY_SIZE(sa_in_16_iarr), 0x9e, 0x10, F_SA_LOW | F_D_IN,
557 resp_readcap16, sa_in_16_iarr, /* SA_IN(16), READ CAPACITY(16) */
558 {16, 0x10, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
559 0xff, 0xff, 0xff, 0xff, 0x1, 0xc7} },
560 {0, 0x9f, 0x12, F_SA_LOW | F_D_OUT | FF_MEDIA_IO, resp_write_scat,
561 NULL, {16, 0x12, 0xf9, 0x0, 0xff, 0xff, 0, 0, 0xff, 0xff, 0xff,
562 0xff, 0xff, 0xff, 0xff, 0xc7} }, /* SA_OUT(16), WRITE SCAT(16) */
563 {ARRAY_SIZE(maint_in_iarr), 0xa3, 0xa, F_SA_LOW | F_D_IN,
564 resp_report_tgtpgs, /* MAINT IN, REPORT TARGET PORT GROUPS */
565 maint_in_iarr, {12, 0xea, 0, 0, 0, 0, 0xff, 0xff, 0xff,
566 0xff, 0, 0xc7, 0, 0, 0, 0} },
568 {0, 0, 0, F_INV_OP | FF_RESPOND, NULL, NULL, /* MAINT OUT */
569 {0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} },
570 {0, 0x2f, 0, F_D_OUT_MAYBE | FF_MEDIA_IO, NULL, NULL, /* VERIFY(10) */
571 {10, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xc7,
573 {ARRAY_SIZE(vl_iarr), 0x7f, 0x9, F_SA_HIGH | F_D_IN | FF_MEDIA_IO,
574 resp_read_dt0, vl_iarr, /* VARIABLE LENGTH, READ(32) */
575 {32, 0xc7, 0, 0, 0, 0, 0x3f, 0x18, 0x0, 0x9, 0xfe, 0, 0xff, 0xff,
577 {ARRAY_SIZE(reserve_iarr), 0x56, 0, F_D_OUT,
578 NULL, reserve_iarr, /* RESERVE(10) <no response function> */
579 {10, 0xff, 0xff, 0xff, 0, 0, 0, 0xff, 0xff, 0xc7, 0, 0, 0, 0, 0,
581 {ARRAY_SIZE(release_iarr), 0x57, 0, F_D_OUT,
582 NULL, release_iarr, /* RELEASE(10) <no response function> */
583 {10, 0x13, 0xff, 0xff, 0, 0, 0, 0xff, 0xff, 0xc7, 0, 0, 0, 0, 0,
586 {0, 0x1e, 0, 0, NULL, NULL, /* ALLOW REMOVAL */
587 {6, 0, 0, 0, 0x3, 0xc7, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} },
588 {0, 0x1, 0, 0, resp_start_stop, NULL, /* REWIND ?? */
589 {6, 0x1, 0, 0, 0, 0xc7, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} },
590 {0, 0, 0, F_INV_OP | FF_RESPOND, NULL, NULL, /* ATA_PT */
591 {0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} },
592 {0, 0x1d, F_D_OUT, 0, NULL, NULL, /* SEND DIAGNOSTIC */
593 {6, 0xf7, 0, 0xff, 0xff, 0xc7, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} },
594 {0, 0x42, 0, F_D_OUT | FF_MEDIA_IO, resp_unmap, NULL, /* UNMAP */
595 {10, 0x1, 0, 0, 0, 0, 0x3f, 0xff, 0xff, 0xc7, 0, 0, 0, 0, 0, 0} },
597 {0, 0x3b, 0, F_D_OUT_MAYBE, resp_write_buffer, NULL,
598 {10, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xc7, 0, 0,
599 0, 0, 0, 0} }, /* WRITE_BUFFER */
600 {ARRAY_SIZE(write_same_iarr), 0x41, 0, F_D_OUT_MAYBE | FF_MEDIA_IO,
601 resp_write_same_10, write_same_iarr, /* WRITE SAME(10) */
602 {10, 0xff, 0xff, 0xff, 0xff, 0xff, 0x3f, 0xff, 0xff, 0xc7, 0,
604 {ARRAY_SIZE(sync_cache_iarr), 0x35, 0, F_SYNC_DELAY | F_M_ACCESS,
605 resp_sync_cache, sync_cache_iarr,
606 {10, 0x7, 0xff, 0xff, 0xff, 0xff, 0x3f, 0xff, 0xff, 0xc7, 0, 0,
607 0, 0, 0, 0} }, /* SYNC_CACHE (10) */
608 {0, 0x89, 0, F_D_OUT | FF_MEDIA_IO, resp_comp_write, NULL,
609 {16, 0xf8, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0, 0,
610 0, 0xff, 0x3f, 0xc7} }, /* COMPARE AND WRITE */
613 {0xff, 0, 0, 0, NULL, NULL, /* terminating element */
614 {0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} },
617 static int sdebug_add_host = DEF_NUM_HOST;
618 static int sdebug_ato = DEF_ATO;
619 static int sdebug_cdb_len = DEF_CDB_LEN;
620 static int sdebug_jdelay = DEF_JDELAY; /* if > 0 then unit is jiffies */
621 static int sdebug_dev_size_mb = DEF_DEV_SIZE_MB;
622 static int sdebug_dif = DEF_DIF;
623 static int sdebug_dix = DEF_DIX;
624 static int sdebug_dsense = DEF_D_SENSE;
625 static int sdebug_every_nth = DEF_EVERY_NTH;
626 static int sdebug_fake_rw = DEF_FAKE_RW;
627 static unsigned int sdebug_guard = DEF_GUARD;
628 static int sdebug_lowest_aligned = DEF_LOWEST_ALIGNED;
629 static int sdebug_max_luns = DEF_MAX_LUNS;
630 static int sdebug_max_queue = SDEBUG_CANQUEUE; /* per submit queue */
631 static unsigned int sdebug_medium_error_start = OPT_MEDIUM_ERR_ADDR;
632 static int sdebug_medium_error_count = OPT_MEDIUM_ERR_NUM;
633 static atomic_t retired_max_queue; /* if > 0 then was prior max_queue */
634 static int sdebug_ndelay = DEF_NDELAY; /* if > 0 then unit is nanoseconds */
635 static int sdebug_no_lun_0 = DEF_NO_LUN_0;
636 static int sdebug_no_uld;
637 static int sdebug_num_parts = DEF_NUM_PARTS;
638 static int sdebug_num_tgts = DEF_NUM_TGTS; /* targets per host */
639 static int sdebug_opt_blks = DEF_OPT_BLKS;
640 static int sdebug_opts = DEF_OPTS;
641 static int sdebug_physblk_exp = DEF_PHYSBLK_EXP;
642 static int sdebug_opt_xferlen_exp = DEF_OPT_XFERLEN_EXP;
643 static int sdebug_ptype = DEF_PTYPE; /* SCSI peripheral device type */
644 static int sdebug_scsi_level = DEF_SCSI_LEVEL;
645 static int sdebug_sector_size = DEF_SECTOR_SIZE;
646 static int sdebug_virtual_gb = DEF_VIRTUAL_GB;
647 static int sdebug_vpd_use_hostno = DEF_VPD_USE_HOSTNO;
648 static unsigned int sdebug_lbpu = DEF_LBPU;
649 static unsigned int sdebug_lbpws = DEF_LBPWS;
650 static unsigned int sdebug_lbpws10 = DEF_LBPWS10;
651 static unsigned int sdebug_lbprz = DEF_LBPRZ;
652 static unsigned int sdebug_unmap_alignment = DEF_UNMAP_ALIGNMENT;
653 static unsigned int sdebug_unmap_granularity = DEF_UNMAP_GRANULARITY;
654 static unsigned int sdebug_unmap_max_blocks = DEF_UNMAP_MAX_BLOCKS;
655 static unsigned int sdebug_unmap_max_desc = DEF_UNMAP_MAX_DESC;
656 static unsigned int sdebug_write_same_length = DEF_WRITESAME_LENGTH;
657 static int sdebug_uuid_ctl = DEF_UUID_CTL;
658 static bool sdebug_removable = DEF_REMOVABLE;
659 static bool sdebug_clustering;
660 static bool sdebug_host_lock = DEF_HOST_LOCK;
661 static bool sdebug_strict = DEF_STRICT;
662 static bool sdebug_any_injecting_opt;
663 static bool sdebug_verbose;
664 static bool have_dif_prot;
665 static bool write_since_sync;
666 static bool sdebug_statistics = DEF_STATISTICS;
667 static bool sdebug_wp;
669 static unsigned int sdebug_store_sectors;
670 static sector_t sdebug_capacity; /* in sectors */
672 /* old BIOS stuff, kernel may get rid of them but some mode sense pages
673 may still need them */
674 static int sdebug_heads; /* heads per disk */
675 static int sdebug_cylinders_per; /* cylinders per surface */
676 static int sdebug_sectors_per; /* sectors per cylinder */
678 static LIST_HEAD(sdebug_host_list);
679 static DEFINE_SPINLOCK(sdebug_host_list_lock);
681 static unsigned char *fake_storep; /* ramdisk storage */
682 static struct t10_pi_tuple *dif_storep; /* protection info */
683 static void *map_storep; /* provisioning map */
685 static unsigned long map_size;
686 static int num_aborts;
687 static int num_dev_resets;
688 static int num_target_resets;
689 static int num_bus_resets;
690 static int num_host_resets;
691 static int dix_writes;
692 static int dix_reads;
693 static int dif_errors;
695 static int submit_queues = DEF_SUBMIT_QUEUES; /* > 1 for multi-queue (mq) */
696 static struct sdebug_queue *sdebug_q_arr; /* ptr to array of submit queues */
698 static DEFINE_RWLOCK(atomic_rw);
700 static char sdebug_proc_name[] = MY_NAME;
701 static const char *my_name = MY_NAME;
703 static struct bus_type pseudo_lld_bus;
705 static struct device_driver sdebug_driverfs_driver = {
706 .name = sdebug_proc_name,
707 .bus = &pseudo_lld_bus,
710 static const int check_condition_result =
711 (DRIVER_SENSE << 24) | SAM_STAT_CHECK_CONDITION;
713 static const int illegal_condition_result =
714 (DRIVER_SENSE << 24) | (DID_ABORT << 16) | SAM_STAT_CHECK_CONDITION;
716 static const int device_qfull_result =
717 (DID_OK << 16) | (COMMAND_COMPLETE << 8) | SAM_STAT_TASK_SET_FULL;
720 /* Only do the extra work involved in logical block provisioning if one or
721 * more of the lbpu, lbpws or lbpws10 parameters are given and we are doing
722 * real reads and writes (i.e. not skipping them for speed).
724 static inline bool scsi_debug_lbp(void)
726 return 0 == sdebug_fake_rw &&
727 (sdebug_lbpu || sdebug_lbpws || sdebug_lbpws10);
730 static void *lba2fake_store(unsigned long long lba)
732 lba = do_div(lba, sdebug_store_sectors);
734 return fake_storep + lba * sdebug_sector_size;
737 static struct t10_pi_tuple *dif_store(sector_t sector)
739 sector = sector_div(sector, sdebug_store_sectors);
741 return dif_storep + sector;
744 static void sdebug_max_tgts_luns(void)
746 struct sdebug_host_info *sdbg_host;
747 struct Scsi_Host *hpnt;
749 spin_lock(&sdebug_host_list_lock);
750 list_for_each_entry(sdbg_host, &sdebug_host_list, host_list) {
751 hpnt = sdbg_host->shost;
752 if ((hpnt->this_id >= 0) &&
753 (sdebug_num_tgts > hpnt->this_id))
754 hpnt->max_id = sdebug_num_tgts + 1;
756 hpnt->max_id = sdebug_num_tgts;
757 /* sdebug_max_luns; */
758 hpnt->max_lun = SCSI_W_LUN_REPORT_LUNS + 1;
760 spin_unlock(&sdebug_host_list_lock);
763 enum sdeb_cmd_data {SDEB_IN_DATA = 0, SDEB_IN_CDB = 1};
765 /* Set in_bit to -1 to indicate no bit position of invalid field */
766 static void mk_sense_invalid_fld(struct scsi_cmnd *scp,
767 enum sdeb_cmd_data c_d,
768 int in_byte, int in_bit)
770 unsigned char *sbuff;
774 sbuff = scp->sense_buffer;
776 sdev_printk(KERN_ERR, scp->device,
777 "%s: sense_buffer is NULL\n", __func__);
780 asc = c_d ? INVALID_FIELD_IN_CDB : INVALID_FIELD_IN_PARAM_LIST;
781 memset(sbuff, 0, SCSI_SENSE_BUFFERSIZE);
782 scsi_build_sense_buffer(sdebug_dsense, sbuff, ILLEGAL_REQUEST, asc, 0);
783 memset(sks, 0, sizeof(sks));
789 sks[0] |= 0x7 & in_bit;
791 put_unaligned_be16(in_byte, sks + 1);
797 memcpy(sbuff + sl + 4, sks, 3);
799 memcpy(sbuff + 15, sks, 3);
801 sdev_printk(KERN_INFO, scp->device, "%s: [sense_key,asc,ascq"
802 "]: [0x5,0x%x,0x0] %c byte=%d, bit=%d\n",
803 my_name, asc, c_d ? 'C' : 'D', in_byte, in_bit);
806 static void mk_sense_buffer(struct scsi_cmnd *scp, int key, int asc, int asq)
808 unsigned char *sbuff;
810 sbuff = scp->sense_buffer;
812 sdev_printk(KERN_ERR, scp->device,
813 "%s: sense_buffer is NULL\n", __func__);
816 memset(sbuff, 0, SCSI_SENSE_BUFFERSIZE);
818 scsi_build_sense_buffer(sdebug_dsense, sbuff, key, asc, asq);
821 sdev_printk(KERN_INFO, scp->device,
822 "%s: [sense_key,asc,ascq]: [0x%x,0x%x,0x%x]\n",
823 my_name, key, asc, asq);
826 static void mk_sense_invalid_opcode(struct scsi_cmnd *scp)
828 mk_sense_buffer(scp, ILLEGAL_REQUEST, INVALID_OPCODE, 0);
831 static int scsi_debug_ioctl(struct scsi_device *dev, unsigned int cmd,
834 if (sdebug_verbose) {
836 sdev_printk(KERN_INFO, dev,
837 "%s: BLKFLSBUF [0x1261]\n", __func__);
838 else if (0x5331 == cmd)
839 sdev_printk(KERN_INFO, dev,
840 "%s: CDROM_GET_CAPABILITY [0x5331]\n",
843 sdev_printk(KERN_INFO, dev, "%s: cmd=0x%x\n",
847 /* return -ENOTTY; // correct return but upsets fdisk */
850 static void config_cdb_len(struct scsi_device *sdev)
852 switch (sdebug_cdb_len) {
853 case 6: /* suggest 6 byte READ, WRITE and MODE SENSE/SELECT */
854 sdev->use_10_for_rw = false;
855 sdev->use_16_for_rw = false;
856 sdev->use_10_for_ms = false;
858 case 10: /* suggest 10 byte RWs and 6 byte MODE SENSE/SELECT */
859 sdev->use_10_for_rw = true;
860 sdev->use_16_for_rw = false;
861 sdev->use_10_for_ms = false;
863 case 12: /* suggest 10 byte RWs and 10 byte MODE SENSE/SELECT */
864 sdev->use_10_for_rw = true;
865 sdev->use_16_for_rw = false;
866 sdev->use_10_for_ms = true;
869 sdev->use_10_for_rw = false;
870 sdev->use_16_for_rw = true;
871 sdev->use_10_for_ms = true;
873 case 32: /* No knobs to suggest this so same as 16 for now */
874 sdev->use_10_for_rw = false;
875 sdev->use_16_for_rw = true;
876 sdev->use_10_for_ms = true;
879 pr_warn("unexpected cdb_len=%d, force to 10\n",
881 sdev->use_10_for_rw = true;
882 sdev->use_16_for_rw = false;
883 sdev->use_10_for_ms = false;
889 static void all_config_cdb_len(void)
891 struct sdebug_host_info *sdbg_host;
892 struct Scsi_Host *shost;
893 struct scsi_device *sdev;
895 spin_lock(&sdebug_host_list_lock);
896 list_for_each_entry(sdbg_host, &sdebug_host_list, host_list) {
897 shost = sdbg_host->shost;
898 shost_for_each_device(sdev, shost) {
899 config_cdb_len(sdev);
902 spin_unlock(&sdebug_host_list_lock);
905 static void clear_luns_changed_on_target(struct sdebug_dev_info *devip)
907 struct sdebug_host_info *sdhp;
908 struct sdebug_dev_info *dp;
910 spin_lock(&sdebug_host_list_lock);
911 list_for_each_entry(sdhp, &sdebug_host_list, host_list) {
912 list_for_each_entry(dp, &sdhp->dev_info_list, dev_list) {
913 if ((devip->sdbg_host == dp->sdbg_host) &&
914 (devip->target == dp->target))
915 clear_bit(SDEBUG_UA_LUNS_CHANGED, dp->uas_bm);
918 spin_unlock(&sdebug_host_list_lock);
921 static int make_ua(struct scsi_cmnd *scp, struct sdebug_dev_info *devip)
925 k = find_first_bit(devip->uas_bm, SDEBUG_NUM_UAS);
926 if (k != SDEBUG_NUM_UAS) {
927 const char *cp = NULL;
931 mk_sense_buffer(scp, UNIT_ATTENTION, UA_RESET_ASC,
932 POWER_ON_RESET_ASCQ);
934 cp = "power on reset";
936 case SDEBUG_UA_BUS_RESET:
937 mk_sense_buffer(scp, UNIT_ATTENTION, UA_RESET_ASC,
942 case SDEBUG_UA_MODE_CHANGED:
943 mk_sense_buffer(scp, UNIT_ATTENTION, UA_CHANGED_ASC,
946 cp = "mode parameters changed";
948 case SDEBUG_UA_CAPACITY_CHANGED:
949 mk_sense_buffer(scp, UNIT_ATTENTION, UA_CHANGED_ASC,
950 CAPACITY_CHANGED_ASCQ);
952 cp = "capacity data changed";
954 case SDEBUG_UA_MICROCODE_CHANGED:
955 mk_sense_buffer(scp, UNIT_ATTENTION,
957 MICROCODE_CHANGED_ASCQ);
959 cp = "microcode has been changed";
961 case SDEBUG_UA_MICROCODE_CHANGED_WO_RESET:
962 mk_sense_buffer(scp, UNIT_ATTENTION,
964 MICROCODE_CHANGED_WO_RESET_ASCQ);
966 cp = "microcode has been changed without reset";
968 case SDEBUG_UA_LUNS_CHANGED:
970 * SPC-3 behavior is to report a UNIT ATTENTION with
971 * ASC/ASCQ REPORTED LUNS DATA HAS CHANGED on every LUN
972 * on the target, until a REPORT LUNS command is
973 * received. SPC-4 behavior is to report it only once.
974 * NOTE: sdebug_scsi_level does not use the same
975 * values as struct scsi_device->scsi_level.
977 if (sdebug_scsi_level >= 6) /* SPC-4 and above */
978 clear_luns_changed_on_target(devip);
979 mk_sense_buffer(scp, UNIT_ATTENTION,
983 cp = "reported luns data has changed";
986 pr_warn("unexpected unit attention code=%d\n", k);
991 clear_bit(k, devip->uas_bm);
993 sdev_printk(KERN_INFO, scp->device,
994 "%s reports: Unit attention: %s\n",
996 return check_condition_result;
1001 /* Build SCSI "data-in" buffer. Returns 0 if ok else (DID_ERROR << 16). */
1002 static int fill_from_dev_buffer(struct scsi_cmnd *scp, unsigned char *arr,
1006 struct scsi_data_buffer *sdb = &scp->sdb;
1010 if (scp->sc_data_direction != DMA_FROM_DEVICE)
1011 return DID_ERROR << 16;
1013 act_len = sg_copy_from_buffer(sdb->table.sgl, sdb->table.nents,
1015 scsi_set_resid(scp, scsi_bufflen(scp) - act_len);
1020 /* Partial build of SCSI "data-in" buffer. Returns 0 if ok else
1021 * (DID_ERROR << 16). Can write to offset in data-in buffer. If multiple
1022 * calls, not required to write in ascending offset order. Assumes resid
1023 * set to scsi_bufflen() prior to any calls.
1025 static int p_fill_from_dev_buffer(struct scsi_cmnd *scp, const void *arr,
1026 int arr_len, unsigned int off_dst)
1028 unsigned int act_len, n;
1029 struct scsi_data_buffer *sdb = &scp->sdb;
1030 off_t skip = off_dst;
1032 if (sdb->length <= off_dst)
1034 if (scp->sc_data_direction != DMA_FROM_DEVICE)
1035 return DID_ERROR << 16;
1037 act_len = sg_pcopy_from_buffer(sdb->table.sgl, sdb->table.nents,
1038 arr, arr_len, skip);
1039 pr_debug("%s: off_dst=%u, scsi_bufflen=%u, act_len=%u, resid=%d\n",
1040 __func__, off_dst, scsi_bufflen(scp), act_len,
1041 scsi_get_resid(scp));
1042 n = scsi_bufflen(scp) - (off_dst + act_len);
1043 scsi_set_resid(scp, min(scsi_get_resid(scp), n));
1047 /* Fetches from SCSI "data-out" buffer. Returns number of bytes fetched into
1048 * 'arr' or -1 if error.
1050 static int fetch_to_dev_buffer(struct scsi_cmnd *scp, unsigned char *arr,
1053 if (!scsi_bufflen(scp))
1055 if (scp->sc_data_direction != DMA_TO_DEVICE)
1058 return scsi_sg_copy_to_buffer(scp, arr, arr_len);
1062 static char sdebug_inq_vendor_id[9] = "Linux ";
1063 static char sdebug_inq_product_id[17] = "scsi_debug ";
1064 static char sdebug_inq_product_rev[5] = SDEBUG_VERSION;
1065 /* Use some locally assigned NAAs for SAS addresses. */
1066 static const u64 naa3_comp_a = 0x3222222000000000ULL;
1067 static const u64 naa3_comp_b = 0x3333333000000000ULL;
1068 static const u64 naa3_comp_c = 0x3111111000000000ULL;
1070 /* Device identification VPD page. Returns number of bytes placed in arr */
1071 static int inquiry_vpd_83(unsigned char *arr, int port_group_id,
1072 int target_dev_id, int dev_id_num,
1073 const char *dev_id_str, int dev_id_str_len,
1074 const uuid_t *lu_name)
1079 port_a = target_dev_id + 1;
1080 /* T10 vendor identifier field format (faked) */
1081 arr[0] = 0x2; /* ASCII */
1084 memcpy(&arr[4], sdebug_inq_vendor_id, 8);
1085 memcpy(&arr[12], sdebug_inq_product_id, 16);
1086 memcpy(&arr[28], dev_id_str, dev_id_str_len);
1087 num = 8 + 16 + dev_id_str_len;
1090 if (dev_id_num >= 0) {
1091 if (sdebug_uuid_ctl) {
1092 /* Locally assigned UUID */
1093 arr[num++] = 0x1; /* binary (not necessarily sas) */
1094 arr[num++] = 0xa; /* PIV=0, lu, naa */
1097 arr[num++] = 0x10; /* uuid type=1, locally assigned */
1099 memcpy(arr + num, lu_name, 16);
1102 /* NAA-3, Logical unit identifier (binary) */
1103 arr[num++] = 0x1; /* binary (not necessarily sas) */
1104 arr[num++] = 0x3; /* PIV=0, lu, naa */
1107 put_unaligned_be64(naa3_comp_b + dev_id_num, arr + num);
1110 /* Target relative port number */
1111 arr[num++] = 0x61; /* proto=sas, binary */
1112 arr[num++] = 0x94; /* PIV=1, target port, rel port */
1113 arr[num++] = 0x0; /* reserved */
1114 arr[num++] = 0x4; /* length */
1115 arr[num++] = 0x0; /* reserved */
1116 arr[num++] = 0x0; /* reserved */
1118 arr[num++] = 0x1; /* relative port A */
1120 /* NAA-3, Target port identifier */
1121 arr[num++] = 0x61; /* proto=sas, binary */
1122 arr[num++] = 0x93; /* piv=1, target port, naa */
1125 put_unaligned_be64(naa3_comp_a + port_a, arr + num);
1127 /* NAA-3, Target port group identifier */
1128 arr[num++] = 0x61; /* proto=sas, binary */
1129 arr[num++] = 0x95; /* piv=1, target port group id */
1134 put_unaligned_be16(port_group_id, arr + num);
1136 /* NAA-3, Target device identifier */
1137 arr[num++] = 0x61; /* proto=sas, binary */
1138 arr[num++] = 0xa3; /* piv=1, target device, naa */
1141 put_unaligned_be64(naa3_comp_a + target_dev_id, arr + num);
1143 /* SCSI name string: Target device identifier */
1144 arr[num++] = 0x63; /* proto=sas, UTF-8 */
1145 arr[num++] = 0xa8; /* piv=1, target device, SCSI name string */
1148 memcpy(arr + num, "naa.32222220", 12);
1150 snprintf(b, sizeof(b), "%08X", target_dev_id);
1151 memcpy(arr + num, b, 8);
1153 memset(arr + num, 0, 4);
1158 static unsigned char vpd84_data[] = {
1159 /* from 4th byte */ 0x22,0x22,0x22,0x0,0xbb,0x0,
1160 0x22,0x22,0x22,0x0,0xbb,0x1,
1161 0x22,0x22,0x22,0x0,0xbb,0x2,
1164 /* Software interface identification VPD page */
1165 static int inquiry_vpd_84(unsigned char *arr)
1167 memcpy(arr, vpd84_data, sizeof(vpd84_data));
1168 return sizeof(vpd84_data);
1171 /* Management network addresses VPD page */
1172 static int inquiry_vpd_85(unsigned char *arr)
1175 const char *na1 = "https://www.kernel.org/config";
1176 const char *na2 = "http://www.kernel.org/log";
1179 arr[num++] = 0x1; /* lu, storage config */
1180 arr[num++] = 0x0; /* reserved */
1185 plen = ((plen / 4) + 1) * 4;
1186 arr[num++] = plen; /* length, null termianted, padded */
1187 memcpy(arr + num, na1, olen);
1188 memset(arr + num + olen, 0, plen - olen);
1191 arr[num++] = 0x4; /* lu, logging */
1192 arr[num++] = 0x0; /* reserved */
1197 plen = ((plen / 4) + 1) * 4;
1198 arr[num++] = plen; /* length, null terminated, padded */
1199 memcpy(arr + num, na2, olen);
1200 memset(arr + num + olen, 0, plen - olen);
1206 /* SCSI ports VPD page */
1207 static int inquiry_vpd_88(unsigned char *arr, int target_dev_id)
1212 port_a = target_dev_id + 1;
1213 port_b = port_a + 1;
1214 arr[num++] = 0x0; /* reserved */
1215 arr[num++] = 0x0; /* reserved */
1217 arr[num++] = 0x1; /* relative port 1 (primary) */
1218 memset(arr + num, 0, 6);
1221 arr[num++] = 12; /* length tp descriptor */
1222 /* naa-5 target port identifier (A) */
1223 arr[num++] = 0x61; /* proto=sas, binary */
1224 arr[num++] = 0x93; /* PIV=1, target port, NAA */
1225 arr[num++] = 0x0; /* reserved */
1226 arr[num++] = 0x8; /* length */
1227 put_unaligned_be64(naa3_comp_a + port_a, arr + num);
1229 arr[num++] = 0x0; /* reserved */
1230 arr[num++] = 0x0; /* reserved */
1232 arr[num++] = 0x2; /* relative port 2 (secondary) */
1233 memset(arr + num, 0, 6);
1236 arr[num++] = 12; /* length tp descriptor */
1237 /* naa-5 target port identifier (B) */
1238 arr[num++] = 0x61; /* proto=sas, binary */
1239 arr[num++] = 0x93; /* PIV=1, target port, NAA */
1240 arr[num++] = 0x0; /* reserved */
1241 arr[num++] = 0x8; /* length */
1242 put_unaligned_be64(naa3_comp_a + port_b, arr + num);
1249 static unsigned char vpd89_data[] = {
1250 /* from 4th byte */ 0,0,0,0,
1251 'l','i','n','u','x',' ',' ',' ',
1252 'S','A','T',' ','s','c','s','i','_','d','e','b','u','g',' ',' ',
1254 0x34,0,0,0,1,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,
1256 0x5a,0xc,0xff,0x3f,0x37,0xc8,0x10,0,0,0,0,0,0x3f,0,0,0,
1257 0,0,0,0,0x58,0x58,0x58,0x58,0x58,0x58,0x58,0x58,0x20,0x20,0x20,0x20,
1258 0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,0,0,0,0x40,0x4,0,0x2e,0x33,
1259 0x38,0x31,0x20,0x20,0x20,0x20,0x54,0x53,0x38,0x33,0x30,0x30,0x33,0x31,
1261 0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,
1263 0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,
1265 0,0,0,0x2f,0,0,0,0x2,0,0x2,0x7,0,0xff,0xff,0x1,0,
1266 0x3f,0,0xc1,0xff,0x3e,0,0x10,0x1,0xb0,0xf8,0x50,0x9,0,0,0x7,0,
1267 0x3,0,0x78,0,0x78,0,0xf0,0,0x78,0,0,0,0,0,0,0,
1268 0,0,0,0,0,0,0,0,0x2,0,0,0,0,0,0,0,
1269 0x7e,0,0x1b,0,0x6b,0x34,0x1,0x7d,0x3,0x40,0x69,0x34,0x1,0x3c,0x3,0x40,
1270 0x7f,0x40,0,0,0,0,0xfe,0xfe,0,0,0,0,0,0xfe,0,0,
1271 0,0,0,0,0,0,0,0,0xb0,0xf8,0x50,0x9,0,0,0,0,
1272 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
1273 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
1274 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
1275 0x1,0,0xb0,0xf8,0x50,0x9,0xb0,0xf8,0x50,0x9,0x20,0x20,0x2,0,0xb6,0x42,
1276 0,0x80,0x8a,0,0x6,0x3c,0xa,0x3c,0xff,0xff,0xc6,0x7,0,0x1,0,0x8,
1277 0xf0,0xf,0,0x10,0x2,0,0x30,0,0,0,0,0,0,0,0x6,0xfe,
1278 0,0,0x2,0,0x50,0,0x8a,0,0x4f,0x95,0,0,0x21,0,0xb,0,
1279 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
1280 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
1281 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
1282 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
1283 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
1284 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
1285 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
1286 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
1287 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
1288 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
1289 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
1290 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0xa5,0x51,
1293 /* ATA Information VPD page */
1294 static int inquiry_vpd_89(unsigned char *arr)
1296 memcpy(arr, vpd89_data, sizeof(vpd89_data));
1297 return sizeof(vpd89_data);
1301 static unsigned char vpdb0_data[] = {
1302 /* from 4th byte */ 0,0,0,4, 0,0,0x4,0, 0,0,0,64,
1303 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
1304 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
1305 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
1308 /* Block limits VPD page (SBC-3) */
1309 static int inquiry_vpd_b0(unsigned char *arr)
1313 memcpy(arr, vpdb0_data, sizeof(vpdb0_data));
1315 /* Optimal transfer length granularity */
1316 if (sdebug_opt_xferlen_exp != 0 &&
1317 sdebug_physblk_exp < sdebug_opt_xferlen_exp)
1318 gran = 1 << sdebug_opt_xferlen_exp;
1320 gran = 1 << sdebug_physblk_exp;
1321 put_unaligned_be16(gran, arr + 2);
1323 /* Maximum Transfer Length */
1324 if (sdebug_store_sectors > 0x400)
1325 put_unaligned_be32(sdebug_store_sectors, arr + 4);
1327 /* Optimal Transfer Length */
1328 put_unaligned_be32(sdebug_opt_blks, &arr[8]);
1331 /* Maximum Unmap LBA Count */
1332 put_unaligned_be32(sdebug_unmap_max_blocks, &arr[16]);
1334 /* Maximum Unmap Block Descriptor Count */
1335 put_unaligned_be32(sdebug_unmap_max_desc, &arr[20]);
1338 /* Unmap Granularity Alignment */
1339 if (sdebug_unmap_alignment) {
1340 put_unaligned_be32(sdebug_unmap_alignment, &arr[28]);
1341 arr[28] |= 0x80; /* UGAVALID */
1344 /* Optimal Unmap Granularity */
1345 put_unaligned_be32(sdebug_unmap_granularity, &arr[24]);
1347 /* Maximum WRITE SAME Length */
1348 put_unaligned_be64(sdebug_write_same_length, &arr[32]);
1350 return 0x3c; /* Mandatory page length for Logical Block Provisioning */
1352 return sizeof(vpdb0_data);
1355 /* Block device characteristics VPD page (SBC-3) */
1356 static int inquiry_vpd_b1(unsigned char *arr)
1358 memset(arr, 0, 0x3c);
1360 arr[1] = 1; /* non rotating medium (e.g. solid state) */
1362 arr[3] = 5; /* less than 1.8" */
1367 /* Logical block provisioning VPD page (SBC-4) */
1368 static int inquiry_vpd_b2(unsigned char *arr)
1370 memset(arr, 0, 0x4);
1371 arr[0] = 0; /* threshold exponent */
1378 if (sdebug_lbprz && scsi_debug_lbp())
1379 arr[1] |= (sdebug_lbprz & 0x7) << 2; /* sbc4r07 and later */
1380 /* anc_sup=0; dp=0 (no provisioning group descriptor) */
1381 /* minimum_percentage=0; provisioning_type=0 (unknown) */
1382 /* threshold_percentage=0 */
1386 #define SDEBUG_LONG_INQ_SZ 96
1387 #define SDEBUG_MAX_INQ_ARR_SZ 584
1389 static int resp_inquiry(struct scsi_cmnd *scp, struct sdebug_dev_info *devip)
1391 unsigned char pq_pdt;
1393 unsigned char *cmd = scp->cmnd;
1394 int alloc_len, n, ret;
1395 bool have_wlun, is_disk;
1397 alloc_len = get_unaligned_be16(cmd + 3);
1398 arr = kzalloc(SDEBUG_MAX_INQ_ARR_SZ, GFP_ATOMIC);
1400 return DID_REQUEUE << 16;
1401 is_disk = (sdebug_ptype == TYPE_DISK);
1402 have_wlun = scsi_is_wlun(scp->device->lun);
1404 pq_pdt = TYPE_WLUN; /* present, wlun */
1405 else if (sdebug_no_lun_0 && (devip->lun == SDEBUG_LUN_0_VAL))
1406 pq_pdt = 0x7f; /* not present, PQ=3, PDT=0x1f */
1408 pq_pdt = (sdebug_ptype & 0x1f);
1410 if (0x2 & cmd[1]) { /* CMDDT bit set */
1411 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 1, 1);
1413 return check_condition_result;
1414 } else if (0x1 & cmd[1]) { /* EVPD bit set */
1415 int lu_id_num, port_group_id, target_dev_id, len;
1417 int host_no = devip->sdbg_host->shost->host_no;
1419 port_group_id = (((host_no + 1) & 0x7f) << 8) +
1420 (devip->channel & 0x7f);
1421 if (sdebug_vpd_use_hostno == 0)
1423 lu_id_num = have_wlun ? -1 : (((host_no + 1) * 2000) +
1424 (devip->target * 1000) + devip->lun);
1425 target_dev_id = ((host_no + 1) * 2000) +
1426 (devip->target * 1000) - 3;
1427 len = scnprintf(lu_id_str, 6, "%d", lu_id_num);
1428 if (0 == cmd[2]) { /* supported vital product data pages */
1429 arr[1] = cmd[2]; /*sanity */
1431 arr[n++] = 0x0; /* this page */
1432 arr[n++] = 0x80; /* unit serial number */
1433 arr[n++] = 0x83; /* device identification */
1434 arr[n++] = 0x84; /* software interface ident. */
1435 arr[n++] = 0x85; /* management network addresses */
1436 arr[n++] = 0x86; /* extended inquiry */
1437 arr[n++] = 0x87; /* mode page policy */
1438 arr[n++] = 0x88; /* SCSI ports */
1439 if (is_disk) { /* SBC only */
1440 arr[n++] = 0x89; /* ATA information */
1441 arr[n++] = 0xb0; /* Block limits */
1442 arr[n++] = 0xb1; /* Block characteristics */
1443 arr[n++] = 0xb2; /* Logical Block Prov */
1445 arr[3] = n - 4; /* number of supported VPD pages */
1446 } else if (0x80 == cmd[2]) { /* unit serial number */
1447 arr[1] = cmd[2]; /*sanity */
1449 memcpy(&arr[4], lu_id_str, len);
1450 } else if (0x83 == cmd[2]) { /* device identification */
1451 arr[1] = cmd[2]; /*sanity */
1452 arr[3] = inquiry_vpd_83(&arr[4], port_group_id,
1453 target_dev_id, lu_id_num,
1456 } else if (0x84 == cmd[2]) { /* Software interface ident. */
1457 arr[1] = cmd[2]; /*sanity */
1458 arr[3] = inquiry_vpd_84(&arr[4]);
1459 } else if (0x85 == cmd[2]) { /* Management network addresses */
1460 arr[1] = cmd[2]; /*sanity */
1461 arr[3] = inquiry_vpd_85(&arr[4]);
1462 } else if (0x86 == cmd[2]) { /* extended inquiry */
1463 arr[1] = cmd[2]; /*sanity */
1464 arr[3] = 0x3c; /* number of following entries */
1465 if (sdebug_dif == T10_PI_TYPE3_PROTECTION)
1466 arr[4] = 0x4; /* SPT: GRD_CHK:1 */
1467 else if (have_dif_prot)
1468 arr[4] = 0x5; /* SPT: GRD_CHK:1, REF_CHK:1 */
1470 arr[4] = 0x0; /* no protection stuff */
1471 arr[5] = 0x7; /* head of q, ordered + simple q's */
1472 } else if (0x87 == cmd[2]) { /* mode page policy */
1473 arr[1] = cmd[2]; /*sanity */
1474 arr[3] = 0x8; /* number of following entries */
1475 arr[4] = 0x2; /* disconnect-reconnect mp */
1476 arr[6] = 0x80; /* mlus, shared */
1477 arr[8] = 0x18; /* protocol specific lu */
1478 arr[10] = 0x82; /* mlus, per initiator port */
1479 } else if (0x88 == cmd[2]) { /* SCSI Ports */
1480 arr[1] = cmd[2]; /*sanity */
1481 arr[3] = inquiry_vpd_88(&arr[4], target_dev_id);
1482 } else if (is_disk && 0x89 == cmd[2]) { /* ATA information */
1483 arr[1] = cmd[2]; /*sanity */
1484 n = inquiry_vpd_89(&arr[4]);
1485 put_unaligned_be16(n, arr + 2);
1486 } else if (is_disk && 0xb0 == cmd[2]) { /* Block limits */
1487 arr[1] = cmd[2]; /*sanity */
1488 arr[3] = inquiry_vpd_b0(&arr[4]);
1489 } else if (is_disk && 0xb1 == cmd[2]) { /* Block char. */
1490 arr[1] = cmd[2]; /*sanity */
1491 arr[3] = inquiry_vpd_b1(&arr[4]);
1492 } else if (is_disk && 0xb2 == cmd[2]) { /* LB Prov. */
1493 arr[1] = cmd[2]; /*sanity */
1494 arr[3] = inquiry_vpd_b2(&arr[4]);
1496 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 2, -1);
1498 return check_condition_result;
1500 len = min(get_unaligned_be16(arr + 2) + 4, alloc_len);
1501 ret = fill_from_dev_buffer(scp, arr,
1502 min(len, SDEBUG_MAX_INQ_ARR_SZ));
1506 /* drops through here for a standard inquiry */
1507 arr[1] = sdebug_removable ? 0x80 : 0; /* Removable disk */
1508 arr[2] = sdebug_scsi_level;
1509 arr[3] = 2; /* response_data_format==2 */
1510 arr[4] = SDEBUG_LONG_INQ_SZ - 5;
1511 arr[5] = (int)have_dif_prot; /* PROTECT bit */
1512 if (sdebug_vpd_use_hostno == 0)
1513 arr[5] |= 0x10; /* claim: implicit TPGS */
1514 arr[6] = 0x10; /* claim: MultiP */
1515 /* arr[6] |= 0x40; ... claim: EncServ (enclosure services) */
1516 arr[7] = 0xa; /* claim: LINKED + CMDQUE */
1517 memcpy(&arr[8], sdebug_inq_vendor_id, 8);
1518 memcpy(&arr[16], sdebug_inq_product_id, 16);
1519 memcpy(&arr[32], sdebug_inq_product_rev, 4);
1520 /* Use Vendor Specific area to place driver date in ASCII hex */
1521 memcpy(&arr[36], sdebug_version_date, 8);
1522 /* version descriptors (2 bytes each) follow */
1523 put_unaligned_be16(0xc0, arr + 58); /* SAM-6 no version claimed */
1524 put_unaligned_be16(0x5c0, arr + 60); /* SPC-5 no version claimed */
1526 if (is_disk) { /* SBC-4 no version claimed */
1527 put_unaligned_be16(0x600, arr + n);
1529 } else if (sdebug_ptype == TYPE_TAPE) { /* SSC-4 rev 3 */
1530 put_unaligned_be16(0x525, arr + n);
1533 put_unaligned_be16(0x2100, arr + n); /* SPL-4 no version claimed */
1534 ret = fill_from_dev_buffer(scp, arr,
1535 min(alloc_len, SDEBUG_LONG_INQ_SZ));
1540 static unsigned char iec_m_pg[] = {0x1c, 0xa, 0x08, 0, 0, 0, 0, 0,
1543 static int resp_requests(struct scsi_cmnd *scp,
1544 struct sdebug_dev_info *devip)
1546 unsigned char *sbuff;
1547 unsigned char *cmd = scp->cmnd;
1548 unsigned char arr[SCSI_SENSE_BUFFERSIZE];
1552 memset(arr, 0, sizeof(arr));
1553 dsense = !!(cmd[1] & 1);
1554 sbuff = scp->sense_buffer;
1555 if ((iec_m_pg[2] & 0x4) && (6 == (iec_m_pg[3] & 0xf))) {
1558 arr[1] = 0x0; /* NO_SENSE in sense_key */
1559 arr[2] = THRESHOLD_EXCEEDED;
1560 arr[3] = 0xff; /* TEST set and MRIE==6 */
1564 arr[2] = 0x0; /* NO_SENSE in sense_key */
1565 arr[7] = 0xa; /* 18 byte sense buffer */
1566 arr[12] = THRESHOLD_EXCEEDED;
1567 arr[13] = 0xff; /* TEST set and MRIE==6 */
1570 memcpy(arr, sbuff, SCSI_SENSE_BUFFERSIZE);
1571 if (arr[0] >= 0x70 && dsense == sdebug_dsense)
1572 ; /* have sense and formats match */
1573 else if (arr[0] <= 0x70) {
1583 } else if (dsense) {
1586 arr[1] = sbuff[2]; /* sense key */
1587 arr[2] = sbuff[12]; /* asc */
1588 arr[3] = sbuff[13]; /* ascq */
1600 mk_sense_buffer(scp, 0, NO_ADDITIONAL_SENSE, 0);
1601 return fill_from_dev_buffer(scp, arr, len);
1604 static int resp_start_stop(struct scsi_cmnd *scp,
1605 struct sdebug_dev_info *devip)
1607 unsigned char *cmd = scp->cmnd;
1608 int power_cond, stop;
1611 power_cond = (cmd[4] & 0xf0) >> 4;
1613 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 4, 7);
1614 return check_condition_result;
1616 stop = !(cmd[4] & 1);
1617 changing = atomic_read(&devip->stopped) == !stop;
1618 atomic_xchg(&devip->stopped, stop);
1619 if (!changing || cmd[1] & 0x1) /* state unchanged or IMMED set */
1620 return SDEG_RES_IMMED_MASK;
1625 static sector_t get_sdebug_capacity(void)
1627 static const unsigned int gibibyte = 1073741824;
1629 if (sdebug_virtual_gb > 0)
1630 return (sector_t)sdebug_virtual_gb *
1631 (gibibyte / sdebug_sector_size);
1633 return sdebug_store_sectors;
1636 #define SDEBUG_READCAP_ARR_SZ 8
1637 static int resp_readcap(struct scsi_cmnd *scp,
1638 struct sdebug_dev_info *devip)
1640 unsigned char arr[SDEBUG_READCAP_ARR_SZ];
1643 /* following just in case virtual_gb changed */
1644 sdebug_capacity = get_sdebug_capacity();
1645 memset(arr, 0, SDEBUG_READCAP_ARR_SZ);
1646 if (sdebug_capacity < 0xffffffff) {
1647 capac = (unsigned int)sdebug_capacity - 1;
1648 put_unaligned_be32(capac, arr + 0);
1650 put_unaligned_be32(0xffffffff, arr + 0);
1651 put_unaligned_be16(sdebug_sector_size, arr + 6);
1652 return fill_from_dev_buffer(scp, arr, SDEBUG_READCAP_ARR_SZ);
1655 #define SDEBUG_READCAP16_ARR_SZ 32
1656 static int resp_readcap16(struct scsi_cmnd *scp,
1657 struct sdebug_dev_info *devip)
1659 unsigned char *cmd = scp->cmnd;
1660 unsigned char arr[SDEBUG_READCAP16_ARR_SZ];
1663 alloc_len = get_unaligned_be32(cmd + 10);
1664 /* following just in case virtual_gb changed */
1665 sdebug_capacity = get_sdebug_capacity();
1666 memset(arr, 0, SDEBUG_READCAP16_ARR_SZ);
1667 put_unaligned_be64((u64)(sdebug_capacity - 1), arr + 0);
1668 put_unaligned_be32(sdebug_sector_size, arr + 8);
1669 arr[13] = sdebug_physblk_exp & 0xf;
1670 arr[14] = (sdebug_lowest_aligned >> 8) & 0x3f;
1672 if (scsi_debug_lbp()) {
1673 arr[14] |= 0x80; /* LBPME */
1674 /* from sbc4r07, this LBPRZ field is 1 bit, but the LBPRZ in
1675 * the LB Provisioning VPD page is 3 bits. Note that lbprz=2
1676 * in the wider field maps to 0 in this field.
1678 if (sdebug_lbprz & 1) /* precisely what the draft requires */
1682 arr[15] = sdebug_lowest_aligned & 0xff;
1684 if (have_dif_prot) {
1685 arr[12] = (sdebug_dif - 1) << 1; /* P_TYPE */
1686 arr[12] |= 1; /* PROT_EN */
1689 return fill_from_dev_buffer(scp, arr,
1690 min(alloc_len, SDEBUG_READCAP16_ARR_SZ));
1693 #define SDEBUG_MAX_TGTPGS_ARR_SZ 1412
1695 static int resp_report_tgtpgs(struct scsi_cmnd *scp,
1696 struct sdebug_dev_info *devip)
1698 unsigned char *cmd = scp->cmnd;
1700 int host_no = devip->sdbg_host->shost->host_no;
1701 int n, ret, alen, rlen;
1702 int port_group_a, port_group_b, port_a, port_b;
1704 alen = get_unaligned_be32(cmd + 6);
1705 arr = kzalloc(SDEBUG_MAX_TGTPGS_ARR_SZ, GFP_ATOMIC);
1707 return DID_REQUEUE << 16;
1709 * EVPD page 0x88 states we have two ports, one
1710 * real and a fake port with no device connected.
1711 * So we create two port groups with one port each
1712 * and set the group with port B to unavailable.
1714 port_a = 0x1; /* relative port A */
1715 port_b = 0x2; /* relative port B */
1716 port_group_a = (((host_no + 1) & 0x7f) << 8) +
1717 (devip->channel & 0x7f);
1718 port_group_b = (((host_no + 1) & 0x7f) << 8) +
1719 (devip->channel & 0x7f) + 0x80;
1722 * The asymmetric access state is cycled according to the host_id.
1725 if (sdebug_vpd_use_hostno == 0) {
1726 arr[n++] = host_no % 3; /* Asymm access state */
1727 arr[n++] = 0x0F; /* claim: all states are supported */
1729 arr[n++] = 0x0; /* Active/Optimized path */
1730 arr[n++] = 0x01; /* only support active/optimized paths */
1732 put_unaligned_be16(port_group_a, arr + n);
1734 arr[n++] = 0; /* Reserved */
1735 arr[n++] = 0; /* Status code */
1736 arr[n++] = 0; /* Vendor unique */
1737 arr[n++] = 0x1; /* One port per group */
1738 arr[n++] = 0; /* Reserved */
1739 arr[n++] = 0; /* Reserved */
1740 put_unaligned_be16(port_a, arr + n);
1742 arr[n++] = 3; /* Port unavailable */
1743 arr[n++] = 0x08; /* claim: only unavailalbe paths are supported */
1744 put_unaligned_be16(port_group_b, arr + n);
1746 arr[n++] = 0; /* Reserved */
1747 arr[n++] = 0; /* Status code */
1748 arr[n++] = 0; /* Vendor unique */
1749 arr[n++] = 0x1; /* One port per group */
1750 arr[n++] = 0; /* Reserved */
1751 arr[n++] = 0; /* Reserved */
1752 put_unaligned_be16(port_b, arr + n);
1756 put_unaligned_be32(rlen, arr + 0);
1759 * Return the smallest value of either
1760 * - The allocated length
1761 * - The constructed command length
1762 * - The maximum array size
1765 ret = fill_from_dev_buffer(scp, arr,
1766 min(rlen, SDEBUG_MAX_TGTPGS_ARR_SZ));
1771 static int resp_rsup_opcodes(struct scsi_cmnd *scp,
1772 struct sdebug_dev_info *devip)
1775 u8 reporting_opts, req_opcode, sdeb_i, supp;
1777 u32 alloc_len, a_len;
1778 int k, offset, len, errsts, count, bump, na;
1779 const struct opcode_info_t *oip;
1780 const struct opcode_info_t *r_oip;
1782 u8 *cmd = scp->cmnd;
1784 rctd = !!(cmd[2] & 0x80);
1785 reporting_opts = cmd[2] & 0x7;
1786 req_opcode = cmd[3];
1787 req_sa = get_unaligned_be16(cmd + 4);
1788 alloc_len = get_unaligned_be32(cmd + 6);
1789 if (alloc_len < 4 || alloc_len > 0xffff) {
1790 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 6, -1);
1791 return check_condition_result;
1793 if (alloc_len > 8192)
1797 arr = kzalloc((a_len < 256) ? 320 : a_len + 64, GFP_ATOMIC);
1799 mk_sense_buffer(scp, ILLEGAL_REQUEST, INSUFF_RES_ASC,
1801 return check_condition_result;
1803 switch (reporting_opts) {
1804 case 0: /* all commands */
1805 /* count number of commands */
1806 for (count = 0, oip = opcode_info_arr;
1807 oip->num_attached != 0xff; ++oip) {
1808 if (F_INV_OP & oip->flags)
1810 count += (oip->num_attached + 1);
1812 bump = rctd ? 20 : 8;
1813 put_unaligned_be32(count * bump, arr);
1814 for (offset = 4, oip = opcode_info_arr;
1815 oip->num_attached != 0xff && offset < a_len; ++oip) {
1816 if (F_INV_OP & oip->flags)
1818 na = oip->num_attached;
1819 arr[offset] = oip->opcode;
1820 put_unaligned_be16(oip->sa, arr + offset + 2);
1822 arr[offset + 5] |= 0x2;
1823 if (FF_SA & oip->flags)
1824 arr[offset + 5] |= 0x1;
1825 put_unaligned_be16(oip->len_mask[0], arr + offset + 6);
1827 put_unaligned_be16(0xa, arr + offset + 8);
1829 for (k = 0, oip = oip->arrp; k < na; ++k, ++oip) {
1830 if (F_INV_OP & oip->flags)
1833 arr[offset] = oip->opcode;
1834 put_unaligned_be16(oip->sa, arr + offset + 2);
1836 arr[offset + 5] |= 0x2;
1837 if (FF_SA & oip->flags)
1838 arr[offset + 5] |= 0x1;
1839 put_unaligned_be16(oip->len_mask[0],
1842 put_unaligned_be16(0xa,
1849 case 1: /* one command: opcode only */
1850 case 2: /* one command: opcode plus service action */
1851 case 3: /* one command: if sa==0 then opcode only else opcode+sa */
1852 sdeb_i = opcode_ind_arr[req_opcode];
1853 oip = &opcode_info_arr[sdeb_i];
1854 if (F_INV_OP & oip->flags) {
1858 if (1 == reporting_opts) {
1859 if (FF_SA & oip->flags) {
1860 mk_sense_invalid_fld(scp, SDEB_IN_CDB,
1863 return check_condition_result;
1866 } else if (2 == reporting_opts &&
1867 0 == (FF_SA & oip->flags)) {
1868 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 4, -1);
1869 kfree(arr); /* point at requested sa */
1870 return check_condition_result;
1872 if (0 == (FF_SA & oip->flags) &&
1873 req_opcode == oip->opcode)
1875 else if (0 == (FF_SA & oip->flags)) {
1876 na = oip->num_attached;
1877 for (k = 0, oip = oip->arrp; k < na;
1879 if (req_opcode == oip->opcode)
1882 supp = (k >= na) ? 1 : 3;
1883 } else if (req_sa != oip->sa) {
1884 na = oip->num_attached;
1885 for (k = 0, oip = oip->arrp; k < na;
1887 if (req_sa == oip->sa)
1890 supp = (k >= na) ? 1 : 3;
1894 u = oip->len_mask[0];
1895 put_unaligned_be16(u, arr + 2);
1896 arr[4] = oip->opcode;
1897 for (k = 1; k < u; ++k)
1898 arr[4 + k] = (k < 16) ?
1899 oip->len_mask[k] : 0xff;
1904 arr[1] = (rctd ? 0x80 : 0) | supp;
1906 put_unaligned_be16(0xa, arr + offset);
1911 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 2, 2);
1913 return check_condition_result;
1915 offset = (offset < a_len) ? offset : a_len;
1916 len = (offset < alloc_len) ? offset : alloc_len;
1917 errsts = fill_from_dev_buffer(scp, arr, len);
1922 static int resp_rsup_tmfs(struct scsi_cmnd *scp,
1923 struct sdebug_dev_info *devip)
1928 u8 *cmd = scp->cmnd;
1930 memset(arr, 0, sizeof(arr));
1931 repd = !!(cmd[2] & 0x80);
1932 alloc_len = get_unaligned_be32(cmd + 6);
1933 if (alloc_len < 4) {
1934 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 6, -1);
1935 return check_condition_result;
1937 arr[0] = 0xc8; /* ATS | ATSS | LURS */
1938 arr[1] = 0x1; /* ITNRS */
1945 len = (len < alloc_len) ? len : alloc_len;
1946 return fill_from_dev_buffer(scp, arr, len);
1949 /* <<Following mode page info copied from ST318451LW>> */
1951 static int resp_err_recov_pg(unsigned char *p, int pcontrol, int target)
1952 { /* Read-Write Error Recovery page for mode_sense */
1953 unsigned char err_recov_pg[] = {0x1, 0xa, 0xc0, 11, 240, 0, 0, 0,
1956 memcpy(p, err_recov_pg, sizeof(err_recov_pg));
1958 memset(p + 2, 0, sizeof(err_recov_pg) - 2);
1959 return sizeof(err_recov_pg);
1962 static int resp_disconnect_pg(unsigned char *p, int pcontrol, int target)
1963 { /* Disconnect-Reconnect page for mode_sense */
1964 unsigned char disconnect_pg[] = {0x2, 0xe, 128, 128, 0, 10, 0, 0,
1965 0, 0, 0, 0, 0, 0, 0, 0};
1967 memcpy(p, disconnect_pg, sizeof(disconnect_pg));
1969 memset(p + 2, 0, sizeof(disconnect_pg) - 2);
1970 return sizeof(disconnect_pg);
1973 static int resp_format_pg(unsigned char *p, int pcontrol, int target)
1974 { /* Format device page for mode_sense */
1975 unsigned char format_pg[] = {0x3, 0x16, 0, 0, 0, 0, 0, 0,
1976 0, 0, 0, 0, 0, 0, 0, 0,
1977 0, 0, 0, 0, 0x40, 0, 0, 0};
1979 memcpy(p, format_pg, sizeof(format_pg));
1980 put_unaligned_be16(sdebug_sectors_per, p + 10);
1981 put_unaligned_be16(sdebug_sector_size, p + 12);
1982 if (sdebug_removable)
1983 p[20] |= 0x20; /* should agree with INQUIRY */
1985 memset(p + 2, 0, sizeof(format_pg) - 2);
1986 return sizeof(format_pg);
1989 static unsigned char caching_pg[] = {0x8, 18, 0x14, 0, 0xff, 0xff, 0, 0,
1990 0xff, 0xff, 0xff, 0xff, 0x80, 0x14, 0, 0,
1993 static int resp_caching_pg(unsigned char *p, int pcontrol, int target)
1994 { /* Caching page for mode_sense */
1995 unsigned char ch_caching_pg[] = {/* 0x8, 18, */ 0x4, 0, 0, 0, 0, 0,
1996 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0};
1997 unsigned char d_caching_pg[] = {0x8, 18, 0x14, 0, 0xff, 0xff, 0, 0,
1998 0xff, 0xff, 0xff, 0xff, 0x80, 0x14, 0, 0, 0, 0, 0, 0};
2000 if (SDEBUG_OPT_N_WCE & sdebug_opts)
2001 caching_pg[2] &= ~0x4; /* set WCE=0 (default WCE=1) */
2002 memcpy(p, caching_pg, sizeof(caching_pg));
2004 memcpy(p + 2, ch_caching_pg, sizeof(ch_caching_pg));
2005 else if (2 == pcontrol)
2006 memcpy(p, d_caching_pg, sizeof(d_caching_pg));
2007 return sizeof(caching_pg);
2010 static unsigned char ctrl_m_pg[] = {0xa, 10, 2, 0, 0, 0, 0, 0,
2013 static int resp_ctrl_m_pg(unsigned char *p, int pcontrol, int target)
2014 { /* Control mode page for mode_sense */
2015 unsigned char ch_ctrl_m_pg[] = {/* 0xa, 10, */ 0x6, 0, 0, 0, 0, 0,
2017 unsigned char d_ctrl_m_pg[] = {0xa, 10, 2, 0, 0, 0, 0, 0,
2021 ctrl_m_pg[2] |= 0x4;
2023 ctrl_m_pg[2] &= ~0x4;
2026 ctrl_m_pg[5] |= 0x80; /* ATO=1 */
2028 memcpy(p, ctrl_m_pg, sizeof(ctrl_m_pg));
2030 memcpy(p + 2, ch_ctrl_m_pg, sizeof(ch_ctrl_m_pg));
2031 else if (2 == pcontrol)
2032 memcpy(p, d_ctrl_m_pg, sizeof(d_ctrl_m_pg));
2033 return sizeof(ctrl_m_pg);
2037 static int resp_iec_m_pg(unsigned char *p, int pcontrol, int target)
2038 { /* Informational Exceptions control mode page for mode_sense */
2039 unsigned char ch_iec_m_pg[] = {/* 0x1c, 0xa, */ 0x4, 0xf, 0, 0, 0, 0,
2041 unsigned char d_iec_m_pg[] = {0x1c, 0xa, 0x08, 0, 0, 0, 0, 0,
2044 memcpy(p, iec_m_pg, sizeof(iec_m_pg));
2046 memcpy(p + 2, ch_iec_m_pg, sizeof(ch_iec_m_pg));
2047 else if (2 == pcontrol)
2048 memcpy(p, d_iec_m_pg, sizeof(d_iec_m_pg));
2049 return sizeof(iec_m_pg);
2052 static int resp_sas_sf_m_pg(unsigned char *p, int pcontrol, int target)
2053 { /* SAS SSP mode page - short format for mode_sense */
2054 unsigned char sas_sf_m_pg[] = {0x19, 0x6,
2055 0x6, 0x0, 0x7, 0xd0, 0x0, 0x0};
2057 memcpy(p, sas_sf_m_pg, sizeof(sas_sf_m_pg));
2059 memset(p + 2, 0, sizeof(sas_sf_m_pg) - 2);
2060 return sizeof(sas_sf_m_pg);
2064 static int resp_sas_pcd_m_spg(unsigned char *p, int pcontrol, int target,
2066 { /* SAS phy control and discover mode page for mode_sense */
2067 unsigned char sas_pcd_m_pg[] = {0x59, 0x1, 0, 0x64, 0, 0x6, 0, 2,
2068 0, 0, 0, 0, 0x10, 0x9, 0x8, 0x0,
2069 0, 0, 0, 0, 0, 0, 0, 0, /* insert SAS addr */
2070 0, 0, 0, 0, 0, 0, 0, 0, /* insert SAS addr */
2071 0x2, 0, 0, 0, 0, 0, 0, 0,
2072 0x88, 0x99, 0, 0, 0, 0, 0, 0,
2073 0, 0, 0, 0, 0, 0, 0, 0,
2074 0, 1, 0, 0, 0x10, 0x9, 0x8, 0x0,
2075 0, 0, 0, 0, 0, 0, 0, 0, /* insert SAS addr */
2076 0, 0, 0, 0, 0, 0, 0, 0, /* insert SAS addr */
2077 0x3, 0, 0, 0, 0, 0, 0, 0,
2078 0x88, 0x99, 0, 0, 0, 0, 0, 0,
2079 0, 0, 0, 0, 0, 0, 0, 0,
2083 put_unaligned_be64(naa3_comp_a, sas_pcd_m_pg + 16);
2084 put_unaligned_be64(naa3_comp_c + 1, sas_pcd_m_pg + 24);
2085 put_unaligned_be64(naa3_comp_a, sas_pcd_m_pg + 64);
2086 put_unaligned_be64(naa3_comp_c + 1, sas_pcd_m_pg + 72);
2087 port_a = target_dev_id + 1;
2088 port_b = port_a + 1;
2089 memcpy(p, sas_pcd_m_pg, sizeof(sas_pcd_m_pg));
2090 put_unaligned_be32(port_a, p + 20);
2091 put_unaligned_be32(port_b, p + 48 + 20);
2093 memset(p + 4, 0, sizeof(sas_pcd_m_pg) - 4);
2094 return sizeof(sas_pcd_m_pg);
2097 static int resp_sas_sha_m_spg(unsigned char *p, int pcontrol)
2098 { /* SAS SSP shared protocol specific port mode subpage */
2099 unsigned char sas_sha_m_pg[] = {0x59, 0x2, 0, 0xc, 0, 0x6, 0x10, 0,
2100 0, 0, 0, 0, 0, 0, 0, 0,
2103 memcpy(p, sas_sha_m_pg, sizeof(sas_sha_m_pg));
2105 memset(p + 4, 0, sizeof(sas_sha_m_pg) - 4);
2106 return sizeof(sas_sha_m_pg);
2109 #define SDEBUG_MAX_MSENSE_SZ 256
2111 static int resp_mode_sense(struct scsi_cmnd *scp,
2112 struct sdebug_dev_info *devip)
2114 int pcontrol, pcode, subpcode, bd_len;
2115 unsigned char dev_spec;
2116 int alloc_len, offset, len, target_dev_id;
2117 int target = scp->device->id;
2119 unsigned char arr[SDEBUG_MAX_MSENSE_SZ];
2120 unsigned char *cmd = scp->cmnd;
2121 bool dbd, llbaa, msense_6, is_disk, bad_pcode;
2123 dbd = !!(cmd[1] & 0x8); /* disable block descriptors */
2124 pcontrol = (cmd[2] & 0xc0) >> 6;
2125 pcode = cmd[2] & 0x3f;
2127 msense_6 = (MODE_SENSE == cmd[0]);
2128 llbaa = msense_6 ? false : !!(cmd[1] & 0x10);
2129 is_disk = (sdebug_ptype == TYPE_DISK);
2130 if (is_disk && !dbd)
2131 bd_len = llbaa ? 16 : 8;
2134 alloc_len = msense_6 ? cmd[4] : get_unaligned_be16(cmd + 7);
2135 memset(arr, 0, SDEBUG_MAX_MSENSE_SZ);
2136 if (0x3 == pcontrol) { /* Saving values not supported */
2137 mk_sense_buffer(scp, ILLEGAL_REQUEST, SAVING_PARAMS_UNSUP, 0);
2138 return check_condition_result;
2140 target_dev_id = ((devip->sdbg_host->shost->host_no + 1) * 2000) +
2141 (devip->target * 1000) - 3;
2142 /* for disks set DPOFUA bit and clear write protect (WP) bit */
2144 dev_spec = 0x10; /* =0x90 if WP=1 implies read-only */
2156 arr[4] = 0x1; /* set LONGLBA bit */
2157 arr[7] = bd_len; /* assume 255 or less */
2161 if ((bd_len > 0) && (!sdebug_capacity))
2162 sdebug_capacity = get_sdebug_capacity();
2165 if (sdebug_capacity > 0xfffffffe)
2166 put_unaligned_be32(0xffffffff, ap + 0);
2168 put_unaligned_be32(sdebug_capacity, ap + 0);
2169 put_unaligned_be16(sdebug_sector_size, ap + 6);
2172 } else if (16 == bd_len) {
2173 put_unaligned_be64((u64)sdebug_capacity, ap + 0);
2174 put_unaligned_be32(sdebug_sector_size, ap + 12);
2179 if ((subpcode > 0x0) && (subpcode < 0xff) && (0x19 != pcode)) {
2180 /* TODO: Control Extension page */
2181 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 3, -1);
2182 return check_condition_result;
2187 case 0x1: /* Read-Write error recovery page, direct access */
2188 len = resp_err_recov_pg(ap, pcontrol, target);
2191 case 0x2: /* Disconnect-Reconnect page, all devices */
2192 len = resp_disconnect_pg(ap, pcontrol, target);
2195 case 0x3: /* Format device page, direct access */
2197 len = resp_format_pg(ap, pcontrol, target);
2202 case 0x8: /* Caching page, direct access */
2204 len = resp_caching_pg(ap, pcontrol, target);
2209 case 0xa: /* Control Mode page, all devices */
2210 len = resp_ctrl_m_pg(ap, pcontrol, target);
2213 case 0x19: /* if spc==1 then sas phy, control+discover */
2214 if ((subpcode > 0x2) && (subpcode < 0xff)) {
2215 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 3, -1);
2216 return check_condition_result;
2219 if ((0x0 == subpcode) || (0xff == subpcode))
2220 len += resp_sas_sf_m_pg(ap + len, pcontrol, target);
2221 if ((0x1 == subpcode) || (0xff == subpcode))
2222 len += resp_sas_pcd_m_spg(ap + len, pcontrol, target,
2224 if ((0x2 == subpcode) || (0xff == subpcode))
2225 len += resp_sas_sha_m_spg(ap + len, pcontrol);
2228 case 0x1c: /* Informational Exceptions Mode page, all devices */
2229 len = resp_iec_m_pg(ap, pcontrol, target);
2232 case 0x3f: /* Read all Mode pages */
2233 if ((0 == subpcode) || (0xff == subpcode)) {
2234 len = resp_err_recov_pg(ap, pcontrol, target);
2235 len += resp_disconnect_pg(ap + len, pcontrol, target);
2237 len += resp_format_pg(ap + len, pcontrol,
2239 len += resp_caching_pg(ap + len, pcontrol,
2242 len += resp_ctrl_m_pg(ap + len, pcontrol, target);
2243 len += resp_sas_sf_m_pg(ap + len, pcontrol, target);
2244 if (0xff == subpcode) {
2245 len += resp_sas_pcd_m_spg(ap + len, pcontrol,
2246 target, target_dev_id);
2247 len += resp_sas_sha_m_spg(ap + len, pcontrol);
2249 len += resp_iec_m_pg(ap + len, pcontrol, target);
2252 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 3, -1);
2253 return check_condition_result;
2261 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 2, 5);
2262 return check_condition_result;
2265 arr[0] = offset - 1;
2267 put_unaligned_be16((offset - 2), arr + 0);
2268 return fill_from_dev_buffer(scp, arr, min(alloc_len, offset));
2271 #define SDEBUG_MAX_MSELECT_SZ 512
2273 static int resp_mode_select(struct scsi_cmnd *scp,
2274 struct sdebug_dev_info *devip)
2276 int pf, sp, ps, md_len, bd_len, off, spf, pg_len;
2277 int param_len, res, mpage;
2278 unsigned char arr[SDEBUG_MAX_MSELECT_SZ];
2279 unsigned char *cmd = scp->cmnd;
2280 int mselect6 = (MODE_SELECT == cmd[0]);
2282 memset(arr, 0, sizeof(arr));
2285 param_len = mselect6 ? cmd[4] : get_unaligned_be16(cmd + 7);
2286 if ((0 == pf) || sp || (param_len > SDEBUG_MAX_MSELECT_SZ)) {
2287 mk_sense_invalid_fld(scp, SDEB_IN_CDB, mselect6 ? 4 : 7, -1);
2288 return check_condition_result;
2290 res = fetch_to_dev_buffer(scp, arr, param_len);
2292 return DID_ERROR << 16;
2293 else if (sdebug_verbose && (res < param_len))
2294 sdev_printk(KERN_INFO, scp->device,
2295 "%s: cdb indicated=%d, IO sent=%d bytes\n",
2296 __func__, param_len, res);
2297 md_len = mselect6 ? (arr[0] + 1) : (get_unaligned_be16(arr + 0) + 2);
2298 bd_len = mselect6 ? arr[3] : get_unaligned_be16(arr + 6);
2300 mk_sense_invalid_fld(scp, SDEB_IN_DATA, 0, -1);
2301 return check_condition_result;
2303 off = bd_len + (mselect6 ? 4 : 8);
2304 mpage = arr[off] & 0x3f;
2305 ps = !!(arr[off] & 0x80);
2307 mk_sense_invalid_fld(scp, SDEB_IN_DATA, off, 7);
2308 return check_condition_result;
2310 spf = !!(arr[off] & 0x40);
2311 pg_len = spf ? (get_unaligned_be16(arr + off + 2) + 4) :
2313 if ((pg_len + off) > param_len) {
2314 mk_sense_buffer(scp, ILLEGAL_REQUEST,
2315 PARAMETER_LIST_LENGTH_ERR, 0);
2316 return check_condition_result;
2319 case 0x8: /* Caching Mode page */
2320 if (caching_pg[1] == arr[off + 1]) {
2321 memcpy(caching_pg + 2, arr + off + 2,
2322 sizeof(caching_pg) - 2);
2323 goto set_mode_changed_ua;
2326 case 0xa: /* Control Mode page */
2327 if (ctrl_m_pg[1] == arr[off + 1]) {
2328 memcpy(ctrl_m_pg + 2, arr + off + 2,
2329 sizeof(ctrl_m_pg) - 2);
2330 if (ctrl_m_pg[4] & 0x8)
2334 sdebug_dsense = !!(ctrl_m_pg[2] & 0x4);
2335 goto set_mode_changed_ua;
2338 case 0x1c: /* Informational Exceptions Mode page */
2339 if (iec_m_pg[1] == arr[off + 1]) {
2340 memcpy(iec_m_pg + 2, arr + off + 2,
2341 sizeof(iec_m_pg) - 2);
2342 goto set_mode_changed_ua;
2348 mk_sense_invalid_fld(scp, SDEB_IN_DATA, off, 5);
2349 return check_condition_result;
2350 set_mode_changed_ua:
2351 set_bit(SDEBUG_UA_MODE_CHANGED, devip->uas_bm);
2355 static int resp_temp_l_pg(unsigned char *arr)
2357 unsigned char temp_l_pg[] = {0x0, 0x0, 0x3, 0x2, 0x0, 38,
2358 0x0, 0x1, 0x3, 0x2, 0x0, 65,
2361 memcpy(arr, temp_l_pg, sizeof(temp_l_pg));
2362 return sizeof(temp_l_pg);
2365 static int resp_ie_l_pg(unsigned char *arr)
2367 unsigned char ie_l_pg[] = {0x0, 0x0, 0x3, 0x3, 0x0, 0x0, 38,
2370 memcpy(arr, ie_l_pg, sizeof(ie_l_pg));
2371 if (iec_m_pg[2] & 0x4) { /* TEST bit set */
2372 arr[4] = THRESHOLD_EXCEEDED;
2375 return sizeof(ie_l_pg);
2378 #define SDEBUG_MAX_LSENSE_SZ 512
2380 static int resp_log_sense(struct scsi_cmnd *scp,
2381 struct sdebug_dev_info *devip)
2383 int ppc, sp, pcode, subpcode, alloc_len, len, n;
2384 unsigned char arr[SDEBUG_MAX_LSENSE_SZ];
2385 unsigned char *cmd = scp->cmnd;
2387 memset(arr, 0, sizeof(arr));
2391 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 1, ppc ? 1 : 0);
2392 return check_condition_result;
2394 pcode = cmd[2] & 0x3f;
2395 subpcode = cmd[3] & 0xff;
2396 alloc_len = get_unaligned_be16(cmd + 7);
2398 if (0 == subpcode) {
2400 case 0x0: /* Supported log pages log page */
2402 arr[n++] = 0x0; /* this page */
2403 arr[n++] = 0xd; /* Temperature */
2404 arr[n++] = 0x2f; /* Informational exceptions */
2407 case 0xd: /* Temperature log page */
2408 arr[3] = resp_temp_l_pg(arr + 4);
2410 case 0x2f: /* Informational exceptions log page */
2411 arr[3] = resp_ie_l_pg(arr + 4);
2414 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 2, 5);
2415 return check_condition_result;
2417 } else if (0xff == subpcode) {
2421 case 0x0: /* Supported log pages and subpages log page */
2424 arr[n++] = 0x0; /* 0,0 page */
2426 arr[n++] = 0xff; /* this page */
2428 arr[n++] = 0x0; /* Temperature */
2430 arr[n++] = 0x0; /* Informational exceptions */
2433 case 0xd: /* Temperature subpages */
2436 arr[n++] = 0x0; /* Temperature */
2439 case 0x2f: /* Informational exceptions subpages */
2442 arr[n++] = 0x0; /* Informational exceptions */
2446 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 2, 5);
2447 return check_condition_result;
2450 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 3, -1);
2451 return check_condition_result;
2453 len = min(get_unaligned_be16(arr + 2) + 4, alloc_len);
2454 return fill_from_dev_buffer(scp, arr,
2455 min(len, SDEBUG_MAX_INQ_ARR_SZ));
2458 static inline int check_device_access_params(struct scsi_cmnd *scp,
2459 unsigned long long lba, unsigned int num, bool write)
2461 if (lba + num > sdebug_capacity) {
2462 mk_sense_buffer(scp, ILLEGAL_REQUEST, LBA_OUT_OF_RANGE, 0);
2463 return check_condition_result;
2465 /* transfer length excessive (tie in to block limits VPD page) */
2466 if (num > sdebug_store_sectors) {
2467 /* needs work to find which cdb byte 'num' comes from */
2468 mk_sense_buffer(scp, ILLEGAL_REQUEST, INVALID_FIELD_IN_CDB, 0);
2469 return check_condition_result;
2471 if (write && unlikely(sdebug_wp)) {
2472 mk_sense_buffer(scp, DATA_PROTECT, WRITE_PROTECTED, 0x2);
2473 return check_condition_result;
2478 /* Returns number of bytes copied or -1 if error. */
2479 static int do_device_access(struct scsi_cmnd *scmd, u32 sg_skip, u64 lba,
2480 u32 num, bool do_write)
2483 u64 block, rest = 0;
2484 struct scsi_data_buffer *sdb = &scmd->sdb;
2485 enum dma_data_direction dir;
2488 dir = DMA_TO_DEVICE;
2489 write_since_sync = true;
2491 dir = DMA_FROM_DEVICE;
2496 if (scmd->sc_data_direction != dir)
2499 block = do_div(lba, sdebug_store_sectors);
2500 if (block + num > sdebug_store_sectors)
2501 rest = block + num - sdebug_store_sectors;
2503 ret = sg_copy_buffer(sdb->table.sgl, sdb->table.nents,
2504 fake_storep + (block * sdebug_sector_size),
2505 (num - rest) * sdebug_sector_size, sg_skip, do_write);
2506 if (ret != (num - rest) * sdebug_sector_size)
2510 ret += sg_copy_buffer(sdb->table.sgl, sdb->table.nents,
2511 fake_storep, rest * sdebug_sector_size,
2512 sg_skip + ((num - rest) * sdebug_sector_size),
2519 /* If lba2fake_store(lba,num) compares equal to arr(num), then copy top half of
2520 * arr into lba2fake_store(lba,num) and return true. If comparison fails then
2522 static bool comp_write_worker(u64 lba, u32 num, const u8 *arr)
2525 u64 block, rest = 0;
2526 u32 store_blks = sdebug_store_sectors;
2527 u32 lb_size = sdebug_sector_size;
2529 block = do_div(lba, store_blks);
2530 if (block + num > store_blks)
2531 rest = block + num - store_blks;
2533 res = !memcmp(fake_storep + (block * lb_size), arr,
2534 (num - rest) * lb_size);
2538 res = memcmp(fake_storep, arr + ((num - rest) * lb_size),
2542 arr += num * lb_size;
2543 memcpy(fake_storep + (block * lb_size), arr, (num - rest) * lb_size);
2545 memcpy(fake_storep, arr + ((num - rest) * lb_size),
2550 static __be16 dif_compute_csum(const void *buf, int len)
2555 csum = (__force __be16)ip_compute_csum(buf, len);
2557 csum = cpu_to_be16(crc_t10dif(buf, len));
2562 static int dif_verify(struct t10_pi_tuple *sdt, const void *data,
2563 sector_t sector, u32 ei_lba)
2565 __be16 csum = dif_compute_csum(data, sdebug_sector_size);
2567 if (sdt->guard_tag != csum) {
2568 pr_err("GUARD check failed on sector %lu rcvd 0x%04x, data 0x%04x\n",
2569 (unsigned long)sector,
2570 be16_to_cpu(sdt->guard_tag),
2574 if (sdebug_dif == T10_PI_TYPE1_PROTECTION &&
2575 be32_to_cpu(sdt->ref_tag) != (sector & 0xffffffff)) {
2576 pr_err("REF check failed on sector %lu\n",
2577 (unsigned long)sector);
2580 if (sdebug_dif == T10_PI_TYPE2_PROTECTION &&
2581 be32_to_cpu(sdt->ref_tag) != ei_lba) {
2582 pr_err("REF check failed on sector %lu\n",
2583 (unsigned long)sector);
2589 static void dif_copy_prot(struct scsi_cmnd *SCpnt, sector_t sector,
2590 unsigned int sectors, bool read)
2594 const void *dif_store_end = dif_storep + sdebug_store_sectors;
2595 struct sg_mapping_iter miter;
2597 /* Bytes of protection data to copy into sgl */
2598 resid = sectors * sizeof(*dif_storep);
2600 sg_miter_start(&miter, scsi_prot_sglist(SCpnt),
2601 scsi_prot_sg_count(SCpnt), SG_MITER_ATOMIC |
2602 (read ? SG_MITER_TO_SG : SG_MITER_FROM_SG));
2604 while (sg_miter_next(&miter) && resid > 0) {
2605 size_t len = min(miter.length, resid);
2606 void *start = dif_store(sector);
2609 if (dif_store_end < start + len)
2610 rest = start + len - dif_store_end;
2615 memcpy(paddr, start, len - rest);
2617 memcpy(start, paddr, len - rest);
2621 memcpy(paddr + len - rest, dif_storep, rest);
2623 memcpy(dif_storep, paddr + len - rest, rest);
2626 sector += len / sizeof(*dif_storep);
2629 sg_miter_stop(&miter);
2632 static int prot_verify_read(struct scsi_cmnd *SCpnt, sector_t start_sec,
2633 unsigned int sectors, u32 ei_lba)
2636 struct t10_pi_tuple *sdt;
2639 for (i = 0; i < sectors; i++, ei_lba++) {
2642 sector = start_sec + i;
2643 sdt = dif_store(sector);
2645 if (sdt->app_tag == cpu_to_be16(0xffff))
2648 ret = dif_verify(sdt, lba2fake_store(sector), sector, ei_lba);
2655 dif_copy_prot(SCpnt, start_sec, sectors, true);
2661 static int resp_read_dt0(struct scsi_cmnd *scp, struct sdebug_dev_info *devip)
2663 u8 *cmd = scp->cmnd;
2664 struct sdebug_queued_cmd *sqcp;
2668 unsigned long iflags;
2675 lba = get_unaligned_be64(cmd + 2);
2676 num = get_unaligned_be32(cmd + 10);
2681 lba = get_unaligned_be32(cmd + 2);
2682 num = get_unaligned_be16(cmd + 7);
2687 lba = (u32)cmd[3] | (u32)cmd[2] << 8 |
2688 (u32)(cmd[1] & 0x1f) << 16;
2689 num = (0 == cmd[4]) ? 256 : cmd[4];
2694 lba = get_unaligned_be32(cmd + 2);
2695 num = get_unaligned_be32(cmd + 6);
2698 case XDWRITEREAD_10:
2700 lba = get_unaligned_be32(cmd + 2);
2701 num = get_unaligned_be16(cmd + 7);
2704 default: /* assume READ(32) */
2705 lba = get_unaligned_be64(cmd + 12);
2706 ei_lba = get_unaligned_be32(cmd + 20);
2707 num = get_unaligned_be32(cmd + 28);
2711 if (unlikely(have_dif_prot && check_prot)) {
2712 if (sdebug_dif == T10_PI_TYPE2_PROTECTION &&
2714 mk_sense_invalid_opcode(scp);
2715 return check_condition_result;
2717 if ((sdebug_dif == T10_PI_TYPE1_PROTECTION ||
2718 sdebug_dif == T10_PI_TYPE3_PROTECTION) &&
2719 (cmd[1] & 0xe0) == 0)
2720 sdev_printk(KERN_ERR, scp->device, "Unprotected RD "
2723 if (unlikely(sdebug_any_injecting_opt)) {
2724 sqcp = (struct sdebug_queued_cmd *)scp->host_scribble;
2727 if (sqcp->inj_short)
2733 ret = check_device_access_params(scp, lba, num, false);
2736 if (unlikely((SDEBUG_OPT_MEDIUM_ERR & sdebug_opts) &&
2737 (lba <= (sdebug_medium_error_start + sdebug_medium_error_count - 1)) &&
2738 ((lba + num) > sdebug_medium_error_start))) {
2739 /* claim unrecoverable read error */
2740 mk_sense_buffer(scp, MEDIUM_ERROR, UNRECOVERED_READ_ERR, 0);
2741 /* set info field and valid bit for fixed descriptor */
2742 if (0x70 == (scp->sense_buffer[0] & 0x7f)) {
2743 scp->sense_buffer[0] |= 0x80; /* Valid bit */
2744 ret = (lba < OPT_MEDIUM_ERR_ADDR)
2745 ? OPT_MEDIUM_ERR_ADDR : (int)lba;
2746 put_unaligned_be32(ret, scp->sense_buffer + 3);
2748 scsi_set_resid(scp, scsi_bufflen(scp));
2749 return check_condition_result;
2752 read_lock_irqsave(&atomic_rw, iflags);
2755 if (unlikely(sdebug_dix && scsi_prot_sg_count(scp))) {
2756 int prot_ret = prot_verify_read(scp, lba, num, ei_lba);
2759 read_unlock_irqrestore(&atomic_rw, iflags);
2760 mk_sense_buffer(scp, ABORTED_COMMAND, 0x10, prot_ret);
2761 return illegal_condition_result;
2765 ret = do_device_access(scp, 0, lba, num, false);
2766 read_unlock_irqrestore(&atomic_rw, iflags);
2767 if (unlikely(ret == -1))
2768 return DID_ERROR << 16;
2770 scsi_set_resid(scp, scsi_bufflen(scp) - ret);
2772 if (unlikely(sqcp)) {
2773 if (sqcp->inj_recovered) {
2774 mk_sense_buffer(scp, RECOVERED_ERROR,
2775 THRESHOLD_EXCEEDED, 0);
2776 return check_condition_result;
2777 } else if (sqcp->inj_transport) {
2778 mk_sense_buffer(scp, ABORTED_COMMAND,
2779 TRANSPORT_PROBLEM, ACK_NAK_TO);
2780 return check_condition_result;
2781 } else if (sqcp->inj_dif) {
2782 /* Logical block guard check failed */
2783 mk_sense_buffer(scp, ABORTED_COMMAND, 0x10, 1);
2784 return illegal_condition_result;
2785 } else if (sqcp->inj_dix) {
2786 mk_sense_buffer(scp, ILLEGAL_REQUEST, 0x10, 1);
2787 return illegal_condition_result;
2793 static void dump_sector(unsigned char *buf, int len)
2797 pr_err(">>> Sector Dump <<<\n");
2798 for (i = 0 ; i < len ; i += 16) {
2801 for (j = 0, n = 0; j < 16; j++) {
2802 unsigned char c = buf[i+j];
2804 if (c >= 0x20 && c < 0x7e)
2805 n += scnprintf(b + n, sizeof(b) - n,
2808 n += scnprintf(b + n, sizeof(b) - n,
2811 pr_err("%04d: %s\n", i, b);
2815 static int prot_verify_write(struct scsi_cmnd *SCpnt, sector_t start_sec,
2816 unsigned int sectors, u32 ei_lba)
2819 struct t10_pi_tuple *sdt;
2821 sector_t sector = start_sec;
2824 struct sg_mapping_iter diter;
2825 struct sg_mapping_iter piter;
2827 BUG_ON(scsi_sg_count(SCpnt) == 0);
2828 BUG_ON(scsi_prot_sg_count(SCpnt) == 0);
2830 sg_miter_start(&piter, scsi_prot_sglist(SCpnt),
2831 scsi_prot_sg_count(SCpnt),
2832 SG_MITER_ATOMIC | SG_MITER_FROM_SG);
2833 sg_miter_start(&diter, scsi_sglist(SCpnt), scsi_sg_count(SCpnt),
2834 SG_MITER_ATOMIC | SG_MITER_FROM_SG);
2836 /* For each protection page */
2837 while (sg_miter_next(&piter)) {
2839 if (WARN_ON(!sg_miter_next(&diter))) {
2844 for (ppage_offset = 0; ppage_offset < piter.length;
2845 ppage_offset += sizeof(struct t10_pi_tuple)) {
2846 /* If we're at the end of the current
2847 * data page advance to the next one
2849 if (dpage_offset >= diter.length) {
2850 if (WARN_ON(!sg_miter_next(&diter))) {
2857 sdt = piter.addr + ppage_offset;
2858 daddr = diter.addr + dpage_offset;
2860 ret = dif_verify(sdt, daddr, sector, ei_lba);
2862 dump_sector(daddr, sdebug_sector_size);
2868 dpage_offset += sdebug_sector_size;
2870 diter.consumed = dpage_offset;
2871 sg_miter_stop(&diter);
2873 sg_miter_stop(&piter);
2875 dif_copy_prot(SCpnt, start_sec, sectors, false);
2882 sg_miter_stop(&diter);
2883 sg_miter_stop(&piter);
2887 static unsigned long lba_to_map_index(sector_t lba)
2889 if (sdebug_unmap_alignment)
2890 lba += sdebug_unmap_granularity - sdebug_unmap_alignment;
2891 sector_div(lba, sdebug_unmap_granularity);
2895 static sector_t map_index_to_lba(unsigned long index)
2897 sector_t lba = index * sdebug_unmap_granularity;
2899 if (sdebug_unmap_alignment)
2900 lba -= sdebug_unmap_granularity - sdebug_unmap_alignment;
2904 static unsigned int map_state(sector_t lba, unsigned int *num)
2907 unsigned int mapped;
2908 unsigned long index;
2911 index = lba_to_map_index(lba);
2912 mapped = test_bit(index, map_storep);
2915 next = find_next_zero_bit(map_storep, map_size, index);
2917 next = find_next_bit(map_storep, map_size, index);
2919 end = min_t(sector_t, sdebug_store_sectors, map_index_to_lba(next));
2924 static void map_region(sector_t lba, unsigned int len)
2926 sector_t end = lba + len;
2929 unsigned long index = lba_to_map_index(lba);
2931 if (index < map_size)
2932 set_bit(index, map_storep);
2934 lba = map_index_to_lba(index + 1);
2938 static void unmap_region(sector_t lba, unsigned int len)
2940 sector_t end = lba + len;
2943 unsigned long index = lba_to_map_index(lba);
2945 if (lba == map_index_to_lba(index) &&
2946 lba + sdebug_unmap_granularity <= end &&
2948 clear_bit(index, map_storep);
2949 if (sdebug_lbprz) { /* for LBPRZ=2 return 0xff_s */
2950 memset(fake_storep +
2951 lba * sdebug_sector_size,
2952 (sdebug_lbprz & 1) ? 0 : 0xff,
2953 sdebug_sector_size *
2954 sdebug_unmap_granularity);
2957 memset(dif_storep + lba, 0xff,
2958 sizeof(*dif_storep) *
2959 sdebug_unmap_granularity);
2962 lba = map_index_to_lba(index + 1);
2966 static int resp_write_dt0(struct scsi_cmnd *scp, struct sdebug_dev_info *devip)
2968 u8 *cmd = scp->cmnd;
2972 unsigned long iflags;
2979 lba = get_unaligned_be64(cmd + 2);
2980 num = get_unaligned_be32(cmd + 10);
2985 lba = get_unaligned_be32(cmd + 2);
2986 num = get_unaligned_be16(cmd + 7);
2991 lba = (u32)cmd[3] | (u32)cmd[2] << 8 |
2992 (u32)(cmd[1] & 0x1f) << 16;
2993 num = (0 == cmd[4]) ? 256 : cmd[4];
2998 lba = get_unaligned_be32(cmd + 2);
2999 num = get_unaligned_be32(cmd + 6);
3002 case 0x53: /* XDWRITEREAD(10) */
3004 lba = get_unaligned_be32(cmd + 2);
3005 num = get_unaligned_be16(cmd + 7);
3008 default: /* assume WRITE(32) */
3009 lba = get_unaligned_be64(cmd + 12);
3010 ei_lba = get_unaligned_be32(cmd + 20);
3011 num = get_unaligned_be32(cmd + 28);
3015 if (unlikely(have_dif_prot && check_prot)) {
3016 if (sdebug_dif == T10_PI_TYPE2_PROTECTION &&
3018 mk_sense_invalid_opcode(scp);
3019 return check_condition_result;
3021 if ((sdebug_dif == T10_PI_TYPE1_PROTECTION ||
3022 sdebug_dif == T10_PI_TYPE3_PROTECTION) &&
3023 (cmd[1] & 0xe0) == 0)
3024 sdev_printk(KERN_ERR, scp->device, "Unprotected WR "
3027 ret = check_device_access_params(scp, lba, num, true);
3030 write_lock_irqsave(&atomic_rw, iflags);
3033 if (unlikely(sdebug_dix && scsi_prot_sg_count(scp))) {
3034 int prot_ret = prot_verify_write(scp, lba, num, ei_lba);
3037 write_unlock_irqrestore(&atomic_rw, iflags);
3038 mk_sense_buffer(scp, ILLEGAL_REQUEST, 0x10, prot_ret);
3039 return illegal_condition_result;
3043 ret = do_device_access(scp, 0, lba, num, true);
3044 if (unlikely(scsi_debug_lbp()))
3045 map_region(lba, num);
3046 write_unlock_irqrestore(&atomic_rw, iflags);
3047 if (unlikely(-1 == ret))
3048 return DID_ERROR << 16;
3049 else if (unlikely(sdebug_verbose &&
3050 (ret < (num * sdebug_sector_size))))
3051 sdev_printk(KERN_INFO, scp->device,
3052 "%s: write: cdb indicated=%u, IO sent=%d bytes\n",
3053 my_name, num * sdebug_sector_size, ret);
3055 if (unlikely(sdebug_any_injecting_opt)) {
3056 struct sdebug_queued_cmd *sqcp =
3057 (struct sdebug_queued_cmd *)scp->host_scribble;
3060 if (sqcp->inj_recovered) {
3061 mk_sense_buffer(scp, RECOVERED_ERROR,
3062 THRESHOLD_EXCEEDED, 0);
3063 return check_condition_result;
3064 } else if (sqcp->inj_dif) {
3065 /* Logical block guard check failed */
3066 mk_sense_buffer(scp, ABORTED_COMMAND, 0x10, 1);
3067 return illegal_condition_result;
3068 } else if (sqcp->inj_dix) {
3069 mk_sense_buffer(scp, ILLEGAL_REQUEST, 0x10, 1);
3070 return illegal_condition_result;
3078 * T10 has only specified WRITE SCATTERED(16) and WRITE SCATTERED(32).
3079 * No READ GATHERED yet (requires bidi or long cdb holding gather list).
3081 static int resp_write_scat(struct scsi_cmnd *scp,
3082 struct sdebug_dev_info *devip)
3084 u8 *cmd = scp->cmnd;
3088 u16 lbdof, num_lrd, k;
3089 u32 num, num_by, bt_len, lbdof_blen, sg_off, cum_lb;
3090 u32 lb_size = sdebug_sector_size;
3093 unsigned long iflags;
3096 static const u32 lrd_size = 32; /* + parameter list header size */
3098 if (cmd[0] == VARIABLE_LENGTH_CMD) {
3100 wrprotect = (cmd[10] >> 5) & 0x7;
3101 lbdof = get_unaligned_be16(cmd + 12);
3102 num_lrd = get_unaligned_be16(cmd + 16);
3103 bt_len = get_unaligned_be32(cmd + 28);
3104 } else { /* that leaves WRITE SCATTERED(16) */
3106 wrprotect = (cmd[2] >> 5) & 0x7;
3107 lbdof = get_unaligned_be16(cmd + 4);
3108 num_lrd = get_unaligned_be16(cmd + 8);
3109 bt_len = get_unaligned_be32(cmd + 10);
3110 if (unlikely(have_dif_prot)) {
3111 if (sdebug_dif == T10_PI_TYPE2_PROTECTION &&
3113 mk_sense_invalid_opcode(scp);
3114 return illegal_condition_result;
3116 if ((sdebug_dif == T10_PI_TYPE1_PROTECTION ||
3117 sdebug_dif == T10_PI_TYPE3_PROTECTION) &&
3119 sdev_printk(KERN_ERR, scp->device,
3120 "Unprotected WR to DIF device\n");
3123 if ((num_lrd == 0) || (bt_len == 0))
3124 return 0; /* T10 says these do-nothings are not errors */
3127 sdev_printk(KERN_INFO, scp->device,
3128 "%s: %s: LB Data Offset field bad\n",
3130 mk_sense_buffer(scp, ILLEGAL_REQUEST, INVALID_FIELD_IN_CDB, 0);
3131 return illegal_condition_result;
3133 lbdof_blen = lbdof * lb_size;
3134 if ((lrd_size + (num_lrd * lrd_size)) > lbdof_blen) {
3136 sdev_printk(KERN_INFO, scp->device,
3137 "%s: %s: LBA range descriptors don't fit\n",
3139 mk_sense_buffer(scp, ILLEGAL_REQUEST, INVALID_FIELD_IN_CDB, 0);
3140 return illegal_condition_result;
3142 lrdp = kzalloc(lbdof_blen, GFP_ATOMIC);
3144 return SCSI_MLQUEUE_HOST_BUSY;
3146 sdev_printk(KERN_INFO, scp->device,
3147 "%s: %s: Fetch header+scatter_list, lbdof_blen=%u\n",
3148 my_name, __func__, lbdof_blen);
3149 res = fetch_to_dev_buffer(scp, lrdp, lbdof_blen);
3151 ret = DID_ERROR << 16;
3155 write_lock_irqsave(&atomic_rw, iflags);
3156 sg_off = lbdof_blen;
3157 /* Spec says Buffer xfer Length field in number of LBs in dout */
3159 for (k = 0, up = lrdp + lrd_size; k < num_lrd; ++k, up += lrd_size) {
3160 lba = get_unaligned_be64(up + 0);
3161 num = get_unaligned_be32(up + 8);
3163 sdev_printk(KERN_INFO, scp->device,
3164 "%s: %s: k=%d LBA=0x%llx num=%u sg_off=%u\n",
3165 my_name, __func__, k, lba, num, sg_off);
3168 ret = check_device_access_params(scp, lba, num, true);
3170 goto err_out_unlock;
3171 num_by = num * lb_size;
3172 ei_lba = is_16 ? 0 : get_unaligned_be32(up + 12);
3174 if ((cum_lb + num) > bt_len) {
3176 sdev_printk(KERN_INFO, scp->device,
3177 "%s: %s: sum of blocks > data provided\n",
3179 mk_sense_buffer(scp, ILLEGAL_REQUEST, WRITE_ERROR_ASC,
3181 ret = illegal_condition_result;
3182 goto err_out_unlock;
3186 if (unlikely(sdebug_dix && scsi_prot_sg_count(scp))) {
3187 int prot_ret = prot_verify_write(scp, lba, num,
3191 mk_sense_buffer(scp, ILLEGAL_REQUEST, 0x10,
3193 ret = illegal_condition_result;
3194 goto err_out_unlock;
3198 ret = do_device_access(scp, sg_off, lba, num, true);
3199 if (unlikely(scsi_debug_lbp()))
3200 map_region(lba, num);
3201 if (unlikely(-1 == ret)) {
3202 ret = DID_ERROR << 16;
3203 goto err_out_unlock;
3204 } else if (unlikely(sdebug_verbose && (ret < num_by)))
3205 sdev_printk(KERN_INFO, scp->device,
3206 "%s: write: cdb indicated=%u, IO sent=%d bytes\n",
3207 my_name, num_by, ret);
3209 if (unlikely(sdebug_any_injecting_opt)) {
3210 struct sdebug_queued_cmd *sqcp =
3211 (struct sdebug_queued_cmd *)scp->host_scribble;
3214 if (sqcp->inj_recovered) {
3215 mk_sense_buffer(scp, RECOVERED_ERROR,
3216 THRESHOLD_EXCEEDED, 0);
3217 ret = illegal_condition_result;
3218 goto err_out_unlock;
3219 } else if (sqcp->inj_dif) {
3220 /* Logical block guard check failed */
3221 mk_sense_buffer(scp, ABORTED_COMMAND,
3223 ret = illegal_condition_result;
3224 goto err_out_unlock;
3225 } else if (sqcp->inj_dix) {
3226 mk_sense_buffer(scp, ILLEGAL_REQUEST,
3228 ret = illegal_condition_result;
3229 goto err_out_unlock;
3238 write_unlock_irqrestore(&atomic_rw, iflags);
3244 static int resp_write_same(struct scsi_cmnd *scp, u64 lba, u32 num,
3245 u32 ei_lba, bool unmap, bool ndob)
3248 unsigned long iflags;
3249 unsigned long long i;
3250 u32 lb_size = sdebug_sector_size;
3254 ret = check_device_access_params(scp, lba, num, true);
3258 write_lock_irqsave(&atomic_rw, iflags);
3260 if (unmap && scsi_debug_lbp()) {
3261 unmap_region(lba, num);
3265 block = do_div(lbaa, sdebug_store_sectors);
3266 /* if ndob then zero 1 logical block, else fetch 1 logical block */
3267 fs1p = fake_storep + (block * lb_size);
3269 memset(fs1p, 0, lb_size);
3272 ret = fetch_to_dev_buffer(scp, fs1p, lb_size);
3275 write_unlock_irqrestore(&atomic_rw, iflags);
3276 return DID_ERROR << 16;
3277 } else if (sdebug_verbose && !ndob && (ret < lb_size))
3278 sdev_printk(KERN_INFO, scp->device,
3279 "%s: %s: lb size=%u, IO sent=%d bytes\n",
3280 my_name, "write same", lb_size, ret);
3282 /* Copy first sector to remaining blocks */
3283 for (i = 1 ; i < num ; i++) {
3285 block = do_div(lbaa, sdebug_store_sectors);
3286 memmove(fake_storep + (block * lb_size), fs1p, lb_size);
3288 if (scsi_debug_lbp())
3289 map_region(lba, num);
3291 write_unlock_irqrestore(&atomic_rw, iflags);
3296 static int resp_write_same_10(struct scsi_cmnd *scp,
3297 struct sdebug_dev_info *devip)
3299 u8 *cmd = scp->cmnd;
3306 if (sdebug_lbpws10 == 0) {
3307 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 1, 3);
3308 return check_condition_result;
3312 lba = get_unaligned_be32(cmd + 2);
3313 num = get_unaligned_be16(cmd + 7);
3314 if (num > sdebug_write_same_length) {
3315 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 7, -1);
3316 return check_condition_result;
3318 return resp_write_same(scp, lba, num, ei_lba, unmap, false);
3321 static int resp_write_same_16(struct scsi_cmnd *scp,
3322 struct sdebug_dev_info *devip)
3324 u8 *cmd = scp->cmnd;
3331 if (cmd[1] & 0x8) { /* UNMAP */
3332 if (sdebug_lbpws == 0) {
3333 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 1, 3);
3334 return check_condition_result;
3338 if (cmd[1] & 0x1) /* NDOB (no data-out buffer, assumes zeroes) */
3340 lba = get_unaligned_be64(cmd + 2);
3341 num = get_unaligned_be32(cmd + 10);
3342 if (num > sdebug_write_same_length) {
3343 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 10, -1);
3344 return check_condition_result;
3346 return resp_write_same(scp, lba, num, ei_lba, unmap, ndob);
3349 /* Note the mode field is in the same position as the (lower) service action
3350 * field. For the Report supported operation codes command, SPC-4 suggests
3351 * each mode of this command should be reported separately; for future. */
3352 static int resp_write_buffer(struct scsi_cmnd *scp,
3353 struct sdebug_dev_info *devip)
3355 u8 *cmd = scp->cmnd;
3356 struct scsi_device *sdp = scp->device;
3357 struct sdebug_dev_info *dp;
3360 mode = cmd[1] & 0x1f;
3362 case 0x4: /* download microcode (MC) and activate (ACT) */
3363 /* set UAs on this device only */
3364 set_bit(SDEBUG_UA_BUS_RESET, devip->uas_bm);
3365 set_bit(SDEBUG_UA_MICROCODE_CHANGED, devip->uas_bm);
3367 case 0x5: /* download MC, save and ACT */
3368 set_bit(SDEBUG_UA_MICROCODE_CHANGED_WO_RESET, devip->uas_bm);
3370 case 0x6: /* download MC with offsets and ACT */
3371 /* set UAs on most devices (LUs) in this target */
3372 list_for_each_entry(dp,
3373 &devip->sdbg_host->dev_info_list,
3375 if (dp->target == sdp->id) {
3376 set_bit(SDEBUG_UA_BUS_RESET, dp->uas_bm);
3378 set_bit(SDEBUG_UA_MICROCODE_CHANGED,
3382 case 0x7: /* download MC with offsets, save, and ACT */
3383 /* set UA on all devices (LUs) in this target */
3384 list_for_each_entry(dp,
3385 &devip->sdbg_host->dev_info_list,
3387 if (dp->target == sdp->id)
3388 set_bit(SDEBUG_UA_MICROCODE_CHANGED_WO_RESET,
3392 /* do nothing for this command for other mode values */
3398 static int resp_comp_write(struct scsi_cmnd *scp,
3399 struct sdebug_dev_info *devip)
3401 u8 *cmd = scp->cmnd;
3403 u8 *fake_storep_hold;
3406 u32 lb_size = sdebug_sector_size;
3408 unsigned long iflags;
3412 lba = get_unaligned_be64(cmd + 2);
3413 num = cmd[13]; /* 1 to a maximum of 255 logical blocks */
3415 return 0; /* degenerate case, not an error */
3416 if (sdebug_dif == T10_PI_TYPE2_PROTECTION &&
3418 mk_sense_invalid_opcode(scp);
3419 return check_condition_result;
3421 if ((sdebug_dif == T10_PI_TYPE1_PROTECTION ||
3422 sdebug_dif == T10_PI_TYPE3_PROTECTION) &&
3423 (cmd[1] & 0xe0) == 0)
3424 sdev_printk(KERN_ERR, scp->device, "Unprotected WR "
3426 ret = check_device_access_params(scp, lba, num, false);
3430 arr = kcalloc(lb_size, dnum, GFP_ATOMIC);
3432 mk_sense_buffer(scp, ILLEGAL_REQUEST, INSUFF_RES_ASC,
3434 return check_condition_result;
3437 write_lock_irqsave(&atomic_rw, iflags);
3439 /* trick do_device_access() to fetch both compare and write buffers
3440 * from data-in into arr. Safe (atomic) since write_lock held. */
3441 fake_storep_hold = fake_storep;
3443 ret = do_device_access(scp, 0, 0, dnum, true);
3444 fake_storep = fake_storep_hold;
3446 retval = DID_ERROR << 16;
3448 } else if (sdebug_verbose && (ret < (dnum * lb_size)))
3449 sdev_printk(KERN_INFO, scp->device, "%s: compare_write: cdb "
3450 "indicated=%u, IO sent=%d bytes\n", my_name,
3451 dnum * lb_size, ret);
3452 if (!comp_write_worker(lba, num, arr)) {
3453 mk_sense_buffer(scp, MISCOMPARE, MISCOMPARE_VERIFY_ASC, 0);
3454 retval = check_condition_result;
3457 if (scsi_debug_lbp())
3458 map_region(lba, num);
3460 write_unlock_irqrestore(&atomic_rw, iflags);
3465 struct unmap_block_desc {
3471 static int resp_unmap(struct scsi_cmnd *scp, struct sdebug_dev_info *devip)
3474 struct unmap_block_desc *desc;
3475 unsigned int i, payload_len, descriptors;
3477 unsigned long iflags;
3480 if (!scsi_debug_lbp())
3481 return 0; /* fib and say its done */
3482 payload_len = get_unaligned_be16(scp->cmnd + 7);
3483 BUG_ON(scsi_bufflen(scp) != payload_len);
3485 descriptors = (payload_len - 8) / 16;
3486 if (descriptors > sdebug_unmap_max_desc) {
3487 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 7, -1);
3488 return check_condition_result;
3491 buf = kzalloc(scsi_bufflen(scp), GFP_ATOMIC);
3493 mk_sense_buffer(scp, ILLEGAL_REQUEST, INSUFF_RES_ASC,
3495 return check_condition_result;
3498 scsi_sg_copy_to_buffer(scp, buf, scsi_bufflen(scp));
3500 BUG_ON(get_unaligned_be16(&buf[0]) != payload_len - 2);
3501 BUG_ON(get_unaligned_be16(&buf[2]) != descriptors * 16);
3503 desc = (void *)&buf[8];
3505 write_lock_irqsave(&atomic_rw, iflags);
3507 for (i = 0 ; i < descriptors ; i++) {
3508 unsigned long long lba = get_unaligned_be64(&desc[i].lba);
3509 unsigned int num = get_unaligned_be32(&desc[i].blocks);
3511 ret = check_device_access_params(scp, lba, num, true);
3515 unmap_region(lba, num);
3521 write_unlock_irqrestore(&atomic_rw, iflags);
3527 #define SDEBUG_GET_LBA_STATUS_LEN 32
3529 static int resp_get_lba_status(struct scsi_cmnd *scp,
3530 struct sdebug_dev_info *devip)
3532 u8 *cmd = scp->cmnd;
3534 u32 alloc_len, mapped, num;
3535 u8 arr[SDEBUG_GET_LBA_STATUS_LEN];
3538 lba = get_unaligned_be64(cmd + 2);
3539 alloc_len = get_unaligned_be32(cmd + 10);
3544 ret = check_device_access_params(scp, lba, 1, false);
3548 if (scsi_debug_lbp())
3549 mapped = map_state(lba, &num);
3552 /* following just in case virtual_gb changed */
3553 sdebug_capacity = get_sdebug_capacity();
3554 if (sdebug_capacity - lba <= 0xffffffff)
3555 num = sdebug_capacity - lba;
3560 memset(arr, 0, SDEBUG_GET_LBA_STATUS_LEN);
3561 put_unaligned_be32(20, arr); /* Parameter Data Length */
3562 put_unaligned_be64(lba, arr + 8); /* LBA */
3563 put_unaligned_be32(num, arr + 16); /* Number of blocks */
3564 arr[20] = !mapped; /* prov_stat=0: mapped; 1: dealloc */
3566 return fill_from_dev_buffer(scp, arr, SDEBUG_GET_LBA_STATUS_LEN);
3569 static int resp_sync_cache(struct scsi_cmnd *scp,
3570 struct sdebug_dev_info *devip)
3575 u8 *cmd = scp->cmnd;
3577 if (cmd[0] == SYNCHRONIZE_CACHE) { /* 10 byte cdb */
3578 lba = get_unaligned_be32(cmd + 2);
3579 num_blocks = get_unaligned_be16(cmd + 7);
3580 } else { /* SYNCHRONIZE_CACHE(16) */
3581 lba = get_unaligned_be64(cmd + 2);
3582 num_blocks = get_unaligned_be32(cmd + 10);
3584 if (lba + num_blocks > sdebug_capacity) {
3585 mk_sense_buffer(scp, ILLEGAL_REQUEST, LBA_OUT_OF_RANGE, 0);
3586 return check_condition_result;
3588 if (!write_since_sync || cmd[1] & 0x2)
3589 res = SDEG_RES_IMMED_MASK;
3590 else /* delay if write_since_sync and IMMED clear */
3591 write_since_sync = false;
3595 #define RL_BUCKET_ELEMS 8
3597 /* Even though each pseudo target has a REPORT LUNS "well known logical unit"
3598 * (W-LUN), the normal Linux scanning logic does not associate it with a
3599 * device (e.g. /dev/sg7). The following magic will make that association:
3600 * "cd /sys/class/scsi_host/host<n> ; echo '- - 49409' > scan"
3601 * where <n> is a host number. If there are multiple targets in a host then
3602 * the above will associate a W-LUN to each target. To only get a W-LUN
3603 * for target 2, then use "echo '- 2 49409' > scan" .
3605 static int resp_report_luns(struct scsi_cmnd *scp,
3606 struct sdebug_dev_info *devip)
3608 unsigned char *cmd = scp->cmnd;
3609 unsigned int alloc_len;
3610 unsigned char select_report;
3612 struct scsi_lun *lun_p;
3613 u8 arr[RL_BUCKET_ELEMS * sizeof(struct scsi_lun)];
3614 unsigned int lun_cnt; /* normal LUN count (max: 256) */
3615 unsigned int wlun_cnt; /* report luns W-LUN count */
3616 unsigned int tlun_cnt; /* total LUN count */
3617 unsigned int rlen; /* response length (in bytes) */
3619 unsigned int off_rsp = 0;
3620 const int sz_lun = sizeof(struct scsi_lun);
3622 clear_luns_changed_on_target(devip);
3624 select_report = cmd[2];
3625 alloc_len = get_unaligned_be32(cmd + 6);
3627 if (alloc_len < 4) {
3628 pr_err("alloc len too small %d\n", alloc_len);
3629 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 6, -1);
3630 return check_condition_result;
3633 switch (select_report) {
3634 case 0: /* all LUNs apart from W-LUNs */
3635 lun_cnt = sdebug_max_luns;
3638 case 1: /* only W-LUNs */
3642 case 2: /* all LUNs */
3643 lun_cnt = sdebug_max_luns;
3646 case 0x10: /* only administrative LUs */
3647 case 0x11: /* see SPC-5 */
3648 case 0x12: /* only subsiduary LUs owned by referenced LU */
3650 pr_debug("select report invalid %d\n", select_report);
3651 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 2, -1);
3652 return check_condition_result;
3655 if (sdebug_no_lun_0 && (lun_cnt > 0))
3658 tlun_cnt = lun_cnt + wlun_cnt;
3659 rlen = tlun_cnt * sz_lun; /* excluding 8 byte header */
3660 scsi_set_resid(scp, scsi_bufflen(scp));
3661 pr_debug("select_report %d luns = %d wluns = %d no_lun0 %d\n",
3662 select_report, lun_cnt, wlun_cnt, sdebug_no_lun_0);
3664 /* loops rely on sizeof response header same as sizeof lun (both 8) */
3665 lun = sdebug_no_lun_0 ? 1 : 0;
3666 for (k = 0, j = 0, res = 0; true; ++k, j = 0) {
3667 memset(arr, 0, sizeof(arr));
3668 lun_p = (struct scsi_lun *)&arr[0];
3670 put_unaligned_be32(rlen, &arr[0]);
3674 for ( ; j < RL_BUCKET_ELEMS; ++j, ++lun_p) {
3675 if ((k * RL_BUCKET_ELEMS) + j > lun_cnt)
3677 int_to_scsilun(lun++, lun_p);
3679 if (j < RL_BUCKET_ELEMS)
3682 res = p_fill_from_dev_buffer(scp, arr, n, off_rsp);
3688 int_to_scsilun(SCSI_W_LUN_REPORT_LUNS, lun_p);
3692 res = p_fill_from_dev_buffer(scp, arr, j * sz_lun, off_rsp);
3696 static struct sdebug_queue *get_queue(struct scsi_cmnd *cmnd)
3698 u32 tag = blk_mq_unique_tag(cmnd->request);
3699 u16 hwq = blk_mq_unique_tag_to_hwq(tag);
3701 pr_debug("tag=%#x, hwq=%d\n", tag, hwq);
3702 if (WARN_ON_ONCE(hwq >= submit_queues))
3704 return sdebug_q_arr + hwq;
3707 /* Queued (deferred) command completions converge here. */
3708 static void sdebug_q_cmd_complete(struct sdebug_defer *sd_dp)
3710 bool aborted = sd_dp->aborted;
3713 unsigned long iflags;
3714 struct sdebug_queue *sqp;
3715 struct sdebug_queued_cmd *sqcp;
3716 struct scsi_cmnd *scp;
3717 struct sdebug_dev_info *devip;
3719 sd_dp->defer_t = SDEB_DEFER_NONE;
3720 if (unlikely(aborted))
3721 sd_dp->aborted = false;
3722 qc_idx = sd_dp->qc_idx;
3723 sqp = sdebug_q_arr + sd_dp->sqa_idx;
3724 if (sdebug_statistics) {
3725 atomic_inc(&sdebug_completions);
3726 if (raw_smp_processor_id() != sd_dp->issuing_cpu)
3727 atomic_inc(&sdebug_miss_cpus);
3729 if (unlikely((qc_idx < 0) || (qc_idx >= SDEBUG_CANQUEUE))) {
3730 pr_err("wild qc_idx=%d\n", qc_idx);
3733 spin_lock_irqsave(&sqp->qc_lock, iflags);
3734 sqcp = &sqp->qc_arr[qc_idx];
3736 if (unlikely(scp == NULL)) {
3737 spin_unlock_irqrestore(&sqp->qc_lock, iflags);
3738 pr_err("scp is NULL, sqa_idx=%d, qc_idx=%d\n",
3739 sd_dp->sqa_idx, qc_idx);
3742 devip = (struct sdebug_dev_info *)scp->device->hostdata;
3744 atomic_dec(&devip->num_in_q);
3746 pr_err("devip=NULL\n");
3747 if (unlikely(atomic_read(&retired_max_queue) > 0))
3750 sqcp->a_cmnd = NULL;
3751 if (unlikely(!test_and_clear_bit(qc_idx, sqp->in_use_bm))) {
3752 spin_unlock_irqrestore(&sqp->qc_lock, iflags);
3753 pr_err("Unexpected completion\n");
3757 if (unlikely(retiring)) { /* user has reduced max_queue */
3760 retval = atomic_read(&retired_max_queue);
3761 if (qc_idx >= retval) {
3762 spin_unlock_irqrestore(&sqp->qc_lock, iflags);
3763 pr_err("index %d too large\n", retval);
3766 k = find_last_bit(sqp->in_use_bm, retval);
3767 if ((k < sdebug_max_queue) || (k == retval))
3768 atomic_set(&retired_max_queue, 0);
3770 atomic_set(&retired_max_queue, k + 1);
3772 spin_unlock_irqrestore(&sqp->qc_lock, iflags);
3773 if (unlikely(aborted)) {
3775 pr_info("bypassing scsi_done() due to aborted cmd\n");
3778 scp->scsi_done(scp); /* callback to mid level */
3781 /* When high resolution timer goes off this function is called. */
3782 static enum hrtimer_restart sdebug_q_cmd_hrt_complete(struct hrtimer *timer)
3784 struct sdebug_defer *sd_dp = container_of(timer, struct sdebug_defer,
3786 sdebug_q_cmd_complete(sd_dp);
3787 return HRTIMER_NORESTART;
3790 /* When work queue schedules work, it calls this function. */
3791 static void sdebug_q_cmd_wq_complete(struct work_struct *work)
3793 struct sdebug_defer *sd_dp = container_of(work, struct sdebug_defer,
3795 sdebug_q_cmd_complete(sd_dp);
3798 static bool got_shared_uuid;
3799 static uuid_t shared_uuid;
3801 static struct sdebug_dev_info *sdebug_device_create(
3802 struct sdebug_host_info *sdbg_host, gfp_t flags)
3804 struct sdebug_dev_info *devip;
3806 devip = kzalloc(sizeof(*devip), flags);
3808 if (sdebug_uuid_ctl == 1)
3809 uuid_gen(&devip->lu_name);
3810 else if (sdebug_uuid_ctl == 2) {
3811 if (got_shared_uuid)
3812 devip->lu_name = shared_uuid;
3814 uuid_gen(&shared_uuid);
3815 got_shared_uuid = true;
3816 devip->lu_name = shared_uuid;
3819 devip->sdbg_host = sdbg_host;
3820 list_add_tail(&devip->dev_list, &sdbg_host->dev_info_list);
3825 static struct sdebug_dev_info *find_build_dev_info(struct scsi_device *sdev)
3827 struct sdebug_host_info *sdbg_host;
3828 struct sdebug_dev_info *open_devip = NULL;
3829 struct sdebug_dev_info *devip;
3831 sdbg_host = *(struct sdebug_host_info **)shost_priv(sdev->host);
3833 pr_err("Host info NULL\n");
3836 list_for_each_entry(devip, &sdbg_host->dev_info_list, dev_list) {
3837 if ((devip->used) && (devip->channel == sdev->channel) &&
3838 (devip->target == sdev->id) &&
3839 (devip->lun == sdev->lun))
3842 if ((!devip->used) && (!open_devip))
3846 if (!open_devip) { /* try and make a new one */
3847 open_devip = sdebug_device_create(sdbg_host, GFP_ATOMIC);
3849 pr_err("out of memory at line %d\n", __LINE__);
3854 open_devip->channel = sdev->channel;
3855 open_devip->target = sdev->id;
3856 open_devip->lun = sdev->lun;
3857 open_devip->sdbg_host = sdbg_host;
3858 atomic_set(&open_devip->num_in_q, 0);
3859 set_bit(SDEBUG_UA_POR, open_devip->uas_bm);
3860 open_devip->used = true;
3864 static int scsi_debug_slave_alloc(struct scsi_device *sdp)
3867 pr_info("slave_alloc <%u %u %u %llu>\n",
3868 sdp->host->host_no, sdp->channel, sdp->id, sdp->lun);
3872 static int scsi_debug_slave_configure(struct scsi_device *sdp)
3874 struct sdebug_dev_info *devip =
3875 (struct sdebug_dev_info *)sdp->hostdata;
3878 pr_info("slave_configure <%u %u %u %llu>\n",
3879 sdp->host->host_no, sdp->channel, sdp->id, sdp->lun);
3880 if (sdp->host->max_cmd_len != SDEBUG_MAX_CMD_LEN)
3881 sdp->host->max_cmd_len = SDEBUG_MAX_CMD_LEN;
3882 if (devip == NULL) {
3883 devip = find_build_dev_info(sdp);
3885 return 1; /* no resources, will be marked offline */
3887 sdp->hostdata = devip;
3889 sdp->no_uld_attach = 1;
3890 config_cdb_len(sdp);
3894 static void scsi_debug_slave_destroy(struct scsi_device *sdp)
3896 struct sdebug_dev_info *devip =
3897 (struct sdebug_dev_info *)sdp->hostdata;
3900 pr_info("slave_destroy <%u %u %u %llu>\n",
3901 sdp->host->host_no, sdp->channel, sdp->id, sdp->lun);
3903 /* make this slot available for re-use */
3904 devip->used = false;
3905 sdp->hostdata = NULL;
3909 static void stop_qc_helper(struct sdebug_defer *sd_dp,
3910 enum sdeb_defer_type defer_t)
3914 if (defer_t == SDEB_DEFER_HRT)
3915 hrtimer_cancel(&sd_dp->hrt);
3916 else if (defer_t == SDEB_DEFER_WQ)
3917 cancel_work_sync(&sd_dp->ew.work);
3920 /* If @cmnd found deletes its timer or work queue and returns true; else
3922 static bool stop_queued_cmnd(struct scsi_cmnd *cmnd)
3924 unsigned long iflags;
3925 int j, k, qmax, r_qmax;
3926 enum sdeb_defer_type l_defer_t;
3927 struct sdebug_queue *sqp;
3928 struct sdebug_queued_cmd *sqcp;
3929 struct sdebug_dev_info *devip;
3930 struct sdebug_defer *sd_dp;
3932 for (j = 0, sqp = sdebug_q_arr; j < submit_queues; ++j, ++sqp) {
3933 spin_lock_irqsave(&sqp->qc_lock, iflags);
3934 qmax = sdebug_max_queue;
3935 r_qmax = atomic_read(&retired_max_queue);
3938 for (k = 0; k < qmax; ++k) {
3939 if (test_bit(k, sqp->in_use_bm)) {
3940 sqcp = &sqp->qc_arr[k];
3941 if (cmnd != sqcp->a_cmnd)
3944 devip = (struct sdebug_dev_info *)
3945 cmnd->device->hostdata;
3947 atomic_dec(&devip->num_in_q);
3948 sqcp->a_cmnd = NULL;
3949 sd_dp = sqcp->sd_dp;
3951 l_defer_t = sd_dp->defer_t;
3952 sd_dp->defer_t = SDEB_DEFER_NONE;
3954 l_defer_t = SDEB_DEFER_NONE;
3955 spin_unlock_irqrestore(&sqp->qc_lock, iflags);
3956 stop_qc_helper(sd_dp, l_defer_t);
3957 clear_bit(k, sqp->in_use_bm);
3961 spin_unlock_irqrestore(&sqp->qc_lock, iflags);
3966 /* Deletes (stops) timers or work queues of all queued commands */
3967 static void stop_all_queued(void)
3969 unsigned long iflags;
3971 enum sdeb_defer_type l_defer_t;
3972 struct sdebug_queue *sqp;
3973 struct sdebug_queued_cmd *sqcp;
3974 struct sdebug_dev_info *devip;
3975 struct sdebug_defer *sd_dp;
3977 for (j = 0, sqp = sdebug_q_arr; j < submit_queues; ++j, ++sqp) {
3978 spin_lock_irqsave(&sqp->qc_lock, iflags);
3979 for (k = 0; k < SDEBUG_CANQUEUE; ++k) {
3980 if (test_bit(k, sqp->in_use_bm)) {
3981 sqcp = &sqp->qc_arr[k];
3982 if (sqcp->a_cmnd == NULL)
3984 devip = (struct sdebug_dev_info *)
3985 sqcp->a_cmnd->device->hostdata;
3987 atomic_dec(&devip->num_in_q);
3988 sqcp->a_cmnd = NULL;
3989 sd_dp = sqcp->sd_dp;
3991 l_defer_t = sd_dp->defer_t;
3992 sd_dp->defer_t = SDEB_DEFER_NONE;
3994 l_defer_t = SDEB_DEFER_NONE;
3995 spin_unlock_irqrestore(&sqp->qc_lock, iflags);
3996 stop_qc_helper(sd_dp, l_defer_t);
3997 clear_bit(k, sqp->in_use_bm);
3998 spin_lock_irqsave(&sqp->qc_lock, iflags);
4001 spin_unlock_irqrestore(&sqp->qc_lock, iflags);
4005 /* Free queued command memory on heap */
4006 static void free_all_queued(void)
4009 struct sdebug_queue *sqp;
4010 struct sdebug_queued_cmd *sqcp;
4012 for (j = 0, sqp = sdebug_q_arr; j < submit_queues; ++j, ++sqp) {
4013 for (k = 0; k < SDEBUG_CANQUEUE; ++k) {
4014 sqcp = &sqp->qc_arr[k];
4021 static int scsi_debug_abort(struct scsi_cmnd *SCpnt)
4027 ok = stop_queued_cmnd(SCpnt);
4028 if (SCpnt->device && (SDEBUG_OPT_ALL_NOISE & sdebug_opts))
4029 sdev_printk(KERN_INFO, SCpnt->device,
4030 "%s: command%s found\n", __func__,
4036 static int scsi_debug_device_reset(struct scsi_cmnd *SCpnt)
4039 if (SCpnt && SCpnt->device) {
4040 struct scsi_device *sdp = SCpnt->device;
4041 struct sdebug_dev_info *devip =
4042 (struct sdebug_dev_info *)sdp->hostdata;
4044 if (SDEBUG_OPT_ALL_NOISE & sdebug_opts)
4045 sdev_printk(KERN_INFO, sdp, "%s\n", __func__);
4047 set_bit(SDEBUG_UA_POR, devip->uas_bm);
4052 static int scsi_debug_target_reset(struct scsi_cmnd *SCpnt)
4054 struct sdebug_host_info *sdbg_host;
4055 struct sdebug_dev_info *devip;
4056 struct scsi_device *sdp;
4057 struct Scsi_Host *hp;
4060 ++num_target_resets;
4063 sdp = SCpnt->device;
4066 if (SDEBUG_OPT_ALL_NOISE & sdebug_opts)
4067 sdev_printk(KERN_INFO, sdp, "%s\n", __func__);
4071 sdbg_host = *(struct sdebug_host_info **)shost_priv(hp);
4073 list_for_each_entry(devip,
4074 &sdbg_host->dev_info_list,
4076 if (devip->target == sdp->id) {
4077 set_bit(SDEBUG_UA_BUS_RESET, devip->uas_bm);
4081 if (SDEBUG_OPT_RESET_NOISE & sdebug_opts)
4082 sdev_printk(KERN_INFO, sdp,
4083 "%s: %d device(s) found in target\n", __func__, k);
4088 static int scsi_debug_bus_reset(struct scsi_cmnd *SCpnt)
4090 struct sdebug_host_info *sdbg_host;
4091 struct sdebug_dev_info *devip;
4092 struct scsi_device *sdp;
4093 struct Scsi_Host *hp;
4097 if (!(SCpnt && SCpnt->device))
4099 sdp = SCpnt->device;
4100 if (SDEBUG_OPT_ALL_NOISE & sdebug_opts)
4101 sdev_printk(KERN_INFO, sdp, "%s\n", __func__);
4104 sdbg_host = *(struct sdebug_host_info **)shost_priv(hp);
4106 list_for_each_entry(devip,
4107 &sdbg_host->dev_info_list,
4109 set_bit(SDEBUG_UA_BUS_RESET, devip->uas_bm);
4114 if (SDEBUG_OPT_RESET_NOISE & sdebug_opts)
4115 sdev_printk(KERN_INFO, sdp,
4116 "%s: %d device(s) found in host\n", __func__, k);
4121 static int scsi_debug_host_reset(struct scsi_cmnd *SCpnt)
4123 struct sdebug_host_info *sdbg_host;
4124 struct sdebug_dev_info *devip;
4128 if ((SCpnt->device) && (SDEBUG_OPT_ALL_NOISE & sdebug_opts))
4129 sdev_printk(KERN_INFO, SCpnt->device, "%s\n", __func__);
4130 spin_lock(&sdebug_host_list_lock);
4131 list_for_each_entry(sdbg_host, &sdebug_host_list, host_list) {
4132 list_for_each_entry(devip, &sdbg_host->dev_info_list,
4134 set_bit(SDEBUG_UA_BUS_RESET, devip->uas_bm);
4138 spin_unlock(&sdebug_host_list_lock);
4140 if (SDEBUG_OPT_RESET_NOISE & sdebug_opts)
4141 sdev_printk(KERN_INFO, SCpnt->device,
4142 "%s: %d device(s) found\n", __func__, k);
4146 static void __init sdebug_build_parts(unsigned char *ramp,
4147 unsigned long store_size)
4149 struct partition *pp;
4150 int starts[SDEBUG_MAX_PARTS + 2];
4151 int sectors_per_part, num_sectors, k;
4152 int heads_by_sects, start_sec, end_sec;
4154 /* assume partition table already zeroed */
4155 if ((sdebug_num_parts < 1) || (store_size < 1048576))
4157 if (sdebug_num_parts > SDEBUG_MAX_PARTS) {
4158 sdebug_num_parts = SDEBUG_MAX_PARTS;
4159 pr_warn("reducing partitions to %d\n", SDEBUG_MAX_PARTS);
4161 num_sectors = (int)sdebug_store_sectors;
4162 sectors_per_part = (num_sectors - sdebug_sectors_per)
4164 heads_by_sects = sdebug_heads * sdebug_sectors_per;
4165 starts[0] = sdebug_sectors_per;
4166 for (k = 1; k < sdebug_num_parts; ++k)
4167 starts[k] = ((k * sectors_per_part) / heads_by_sects)
4169 starts[sdebug_num_parts] = num_sectors;
4170 starts[sdebug_num_parts + 1] = 0;
4172 ramp[510] = 0x55; /* magic partition markings */
4174 pp = (struct partition *)(ramp + 0x1be);
4175 for (k = 0; starts[k + 1]; ++k, ++pp) {
4176 start_sec = starts[k];
4177 end_sec = starts[k + 1] - 1;
4180 pp->cyl = start_sec / heads_by_sects;
4181 pp->head = (start_sec - (pp->cyl * heads_by_sects))
4182 / sdebug_sectors_per;
4183 pp->sector = (start_sec % sdebug_sectors_per) + 1;
4185 pp->end_cyl = end_sec / heads_by_sects;
4186 pp->end_head = (end_sec - (pp->end_cyl * heads_by_sects))
4187 / sdebug_sectors_per;
4188 pp->end_sector = (end_sec % sdebug_sectors_per) + 1;
4190 pp->start_sect = cpu_to_le32(start_sec);
4191 pp->nr_sects = cpu_to_le32(end_sec - start_sec + 1);
4192 pp->sys_ind = 0x83; /* plain Linux partition */
4196 static void block_unblock_all_queues(bool block)
4199 struct sdebug_queue *sqp;
4201 for (j = 0, sqp = sdebug_q_arr; j < submit_queues; ++j, ++sqp)
4202 atomic_set(&sqp->blocked, (int)block);
4205 /* Adjust (by rounding down) the sdebug_cmnd_count so abs(every_nth)-1
4206 * commands will be processed normally before triggers occur.
4208 static void tweak_cmnd_count(void)
4212 modulo = abs(sdebug_every_nth);
4215 block_unblock_all_queues(true);
4216 count = atomic_read(&sdebug_cmnd_count);
4217 atomic_set(&sdebug_cmnd_count, (count / modulo) * modulo);
4218 block_unblock_all_queues(false);
4221 static void clear_queue_stats(void)
4223 atomic_set(&sdebug_cmnd_count, 0);
4224 atomic_set(&sdebug_completions, 0);
4225 atomic_set(&sdebug_miss_cpus, 0);
4226 atomic_set(&sdebug_a_tsf, 0);
4229 static void setup_inject(struct sdebug_queue *sqp,
4230 struct sdebug_queued_cmd *sqcp)
4232 if ((atomic_read(&sdebug_cmnd_count) % abs(sdebug_every_nth)) > 0) {
4233 if (sdebug_every_nth > 0)
4234 sqcp->inj_recovered = sqcp->inj_transport
4236 = sqcp->inj_dix = sqcp->inj_short
4237 = sqcp->inj_host_busy = sqcp->inj_cmd_abort = 0;
4240 sqcp->inj_recovered = !!(SDEBUG_OPT_RECOVERED_ERR & sdebug_opts);
4241 sqcp->inj_transport = !!(SDEBUG_OPT_TRANSPORT_ERR & sdebug_opts);
4242 sqcp->inj_dif = !!(SDEBUG_OPT_DIF_ERR & sdebug_opts);
4243 sqcp->inj_dix = !!(SDEBUG_OPT_DIX_ERR & sdebug_opts);
4244 sqcp->inj_short = !!(SDEBUG_OPT_SHORT_TRANSFER & sdebug_opts);
4245 sqcp->inj_host_busy = !!(SDEBUG_OPT_HOST_BUSY & sdebug_opts);
4246 sqcp->inj_cmd_abort = !!(SDEBUG_OPT_CMD_ABORT & sdebug_opts);
4249 /* Complete the processing of the thread that queued a SCSI command to this
4250 * driver. It either completes the command by calling cmnd_done() or
4251 * schedules a hr timer or work queue then returns 0. Returns
4252 * SCSI_MLQUEUE_HOST_BUSY if temporarily out of resources.
4254 static int schedule_resp(struct scsi_cmnd *cmnd, struct sdebug_dev_info *devip,
4256 int (*pfp)(struct scsi_cmnd *,
4257 struct sdebug_dev_info *),
4258 int delta_jiff, int ndelay)
4260 unsigned long iflags;
4261 int k, num_in_q, qdepth, inject;
4262 struct sdebug_queue *sqp;
4263 struct sdebug_queued_cmd *sqcp;
4264 struct scsi_device *sdp;
4265 struct sdebug_defer *sd_dp;
4267 if (unlikely(devip == NULL)) {
4268 if (scsi_result == 0)
4269 scsi_result = DID_NO_CONNECT << 16;
4270 goto respond_in_thread;
4274 if (delta_jiff == 0)
4275 goto respond_in_thread;
4277 /* schedule the response at a later time if resources permit */
4278 sqp = get_queue(cmnd);
4279 spin_lock_irqsave(&sqp->qc_lock, iflags);
4280 if (unlikely(atomic_read(&sqp->blocked))) {
4281 spin_unlock_irqrestore(&sqp->qc_lock, iflags);
4282 return SCSI_MLQUEUE_HOST_BUSY;
4284 num_in_q = atomic_read(&devip->num_in_q);
4285 qdepth = cmnd->device->queue_depth;
4287 if (unlikely((qdepth > 0) && (num_in_q >= qdepth))) {
4289 spin_unlock_irqrestore(&sqp->qc_lock, iflags);
4290 goto respond_in_thread;
4292 scsi_result = device_qfull_result;
4293 } else if (unlikely(sdebug_every_nth &&
4294 (SDEBUG_OPT_RARE_TSF & sdebug_opts) &&
4295 (scsi_result == 0))) {
4296 if ((num_in_q == (qdepth - 1)) &&
4297 (atomic_inc_return(&sdebug_a_tsf) >=
4298 abs(sdebug_every_nth))) {
4299 atomic_set(&sdebug_a_tsf, 0);
4301 scsi_result = device_qfull_result;
4305 k = find_first_zero_bit(sqp->in_use_bm, sdebug_max_queue);
4306 if (unlikely(k >= sdebug_max_queue)) {
4307 spin_unlock_irqrestore(&sqp->qc_lock, iflags);
4309 goto respond_in_thread;
4310 else if (SDEBUG_OPT_ALL_TSF & sdebug_opts)
4311 scsi_result = device_qfull_result;
4312 if (SDEBUG_OPT_Q_NOISE & sdebug_opts)
4313 sdev_printk(KERN_INFO, sdp,
4314 "%s: max_queue=%d exceeded, %s\n",
4315 __func__, sdebug_max_queue,
4316 (scsi_result ? "status: TASK SET FULL" :
4317 "report: host busy"));
4319 goto respond_in_thread;
4321 return SCSI_MLQUEUE_HOST_BUSY;
4323 __set_bit(k, sqp->in_use_bm);
4324 atomic_inc(&devip->num_in_q);
4325 sqcp = &sqp->qc_arr[k];
4326 sqcp->a_cmnd = cmnd;
4327 cmnd->host_scribble = (unsigned char *)sqcp;
4328 sd_dp = sqcp->sd_dp;
4329 spin_unlock_irqrestore(&sqp->qc_lock, iflags);
4330 if (unlikely(sdebug_every_nth && sdebug_any_injecting_opt))
4331 setup_inject(sqp, sqcp);
4332 if (sd_dp == NULL) {
4333 sd_dp = kzalloc(sizeof(*sd_dp), GFP_ATOMIC);
4335 return SCSI_MLQUEUE_HOST_BUSY;
4338 cmnd->result = pfp != NULL ? pfp(cmnd, devip) : 0;
4339 if (cmnd->result & SDEG_RES_IMMED_MASK) {
4341 * This is the F_DELAY_OVERR case. No delay.
4343 cmnd->result &= ~SDEG_RES_IMMED_MASK;
4344 delta_jiff = ndelay = 0;
4346 if (cmnd->result == 0 && scsi_result != 0)
4347 cmnd->result = scsi_result;
4349 if (unlikely(sdebug_verbose && cmnd->result))
4350 sdev_printk(KERN_INFO, sdp, "%s: non-zero result=0x%x\n",
4351 __func__, cmnd->result);
4353 if (delta_jiff > 0 || ndelay > 0) {
4356 if (delta_jiff > 0) {
4357 kt = ns_to_ktime((u64)delta_jiff * (NSEC_PER_SEC / HZ));
4360 if (!sd_dp->init_hrt) {
4361 sd_dp->init_hrt = true;
4362 sqcp->sd_dp = sd_dp;
4363 hrtimer_init(&sd_dp->hrt, CLOCK_MONOTONIC,
4364 HRTIMER_MODE_REL_PINNED);
4365 sd_dp->hrt.function = sdebug_q_cmd_hrt_complete;
4366 sd_dp->sqa_idx = sqp - sdebug_q_arr;
4369 if (sdebug_statistics)
4370 sd_dp->issuing_cpu = raw_smp_processor_id();
4371 sd_dp->defer_t = SDEB_DEFER_HRT;
4372 hrtimer_start(&sd_dp->hrt, kt, HRTIMER_MODE_REL_PINNED);
4373 } else { /* jdelay < 0, use work queue */
4374 if (!sd_dp->init_wq) {
4375 sd_dp->init_wq = true;
4376 sqcp->sd_dp = sd_dp;
4377 sd_dp->sqa_idx = sqp - sdebug_q_arr;
4379 INIT_WORK(&sd_dp->ew.work, sdebug_q_cmd_wq_complete);
4381 if (sdebug_statistics)
4382 sd_dp->issuing_cpu = raw_smp_processor_id();
4383 sd_dp->defer_t = SDEB_DEFER_WQ;
4384 if (unlikely(sqcp->inj_cmd_abort))
4385 sd_dp->aborted = true;
4386 schedule_work(&sd_dp->ew.work);
4387 if (unlikely(sqcp->inj_cmd_abort)) {
4388 sdev_printk(KERN_INFO, sdp, "abort request tag %d\n",
4389 cmnd->request->tag);
4390 blk_abort_request(cmnd->request);
4393 if (unlikely((SDEBUG_OPT_Q_NOISE & sdebug_opts) &&
4394 (scsi_result == device_qfull_result)))
4395 sdev_printk(KERN_INFO, sdp,
4396 "%s: num_in_q=%d +1, %s%s\n", __func__,
4397 num_in_q, (inject ? "<inject> " : ""),
4398 "status: TASK SET FULL");
4401 respond_in_thread: /* call back to mid-layer using invocation thread */
4402 cmnd->result = pfp != NULL ? pfp(cmnd, devip) : 0;
4403 cmnd->result &= ~SDEG_RES_IMMED_MASK;
4404 if (cmnd->result == 0 && scsi_result != 0)
4405 cmnd->result = scsi_result;
4406 cmnd->scsi_done(cmnd);
4410 /* Note: The following macros create attribute files in the
4411 /sys/module/scsi_debug/parameters directory. Unfortunately this
4412 driver is unaware of a change and cannot trigger auxiliary actions
4413 as it can when the corresponding attribute in the
4414 /sys/bus/pseudo/drivers/scsi_debug directory is changed.
4416 module_param_named(add_host, sdebug_add_host, int, S_IRUGO | S_IWUSR);
4417 module_param_named(ato, sdebug_ato, int, S_IRUGO);
4418 module_param_named(cdb_len, sdebug_cdb_len, int, 0644);
4419 module_param_named(clustering, sdebug_clustering, bool, S_IRUGO | S_IWUSR);
4420 module_param_named(delay, sdebug_jdelay, int, S_IRUGO | S_IWUSR);
4421 module_param_named(dev_size_mb, sdebug_dev_size_mb, int, S_IRUGO);
4422 module_param_named(dif, sdebug_dif, int, S_IRUGO);
4423 module_param_named(dix, sdebug_dix, int, S_IRUGO);
4424 module_param_named(dsense, sdebug_dsense, int, S_IRUGO | S_IWUSR);
4425 module_param_named(every_nth, sdebug_every_nth, int, S_IRUGO | S_IWUSR);
4426 module_param_named(fake_rw, sdebug_fake_rw, int, S_IRUGO | S_IWUSR);
4427 module_param_named(guard, sdebug_guard, uint, S_IRUGO);
4428 module_param_named(host_lock, sdebug_host_lock, bool, S_IRUGO | S_IWUSR);
4429 module_param_string(inq_vendor, sdebug_inq_vendor_id,
4430 sizeof(sdebug_inq_vendor_id), S_IRUGO|S_IWUSR);
4431 module_param_string(inq_product, sdebug_inq_product_id,
4432 sizeof(sdebug_inq_product_id), S_IRUGO|S_IWUSR);
4433 module_param_string(inq_rev, sdebug_inq_product_rev,
4434 sizeof(sdebug_inq_product_rev), S_IRUGO|S_IWUSR);
4435 module_param_named(lbpu, sdebug_lbpu, int, S_IRUGO);
4436 module_param_named(lbpws, sdebug_lbpws, int, S_IRUGO);
4437 module_param_named(lbpws10, sdebug_lbpws10, int, S_IRUGO);
4438 module_param_named(lbprz, sdebug_lbprz, int, S_IRUGO);
4439 module_param_named(lowest_aligned, sdebug_lowest_aligned, int, S_IRUGO);
4440 module_param_named(max_luns, sdebug_max_luns, int, S_IRUGO | S_IWUSR);
4441 module_param_named(max_queue, sdebug_max_queue, int, S_IRUGO | S_IWUSR);
4442 module_param_named(medium_error_start, sdebug_medium_error_start, int, S_IRUGO | S_IWUSR);
4443 module_param_named(medium_error_count, sdebug_medium_error_count, int, S_IRUGO | S_IWUSR);
4444 module_param_named(ndelay, sdebug_ndelay, int, S_IRUGO | S_IWUSR);
4445 module_param_named(no_lun_0, sdebug_no_lun_0, int, S_IRUGO | S_IWUSR);
4446 module_param_named(no_uld, sdebug_no_uld, int, S_IRUGO);
4447 module_param_named(num_parts, sdebug_num_parts, int, S_IRUGO);
4448 module_param_named(num_tgts, sdebug_num_tgts, int, S_IRUGO | S_IWUSR);
4449 module_param_named(opt_blks, sdebug_opt_blks, int, S_IRUGO);
4450 module_param_named(opts, sdebug_opts, int, S_IRUGO | S_IWUSR);
4451 module_param_named(physblk_exp, sdebug_physblk_exp, int, S_IRUGO);
4452 module_param_named(opt_xferlen_exp, sdebug_opt_xferlen_exp, int, S_IRUGO);
4453 module_param_named(ptype, sdebug_ptype, int, S_IRUGO | S_IWUSR);
4454 module_param_named(removable, sdebug_removable, bool, S_IRUGO | S_IWUSR);
4455 module_param_named(scsi_level, sdebug_scsi_level, int, S_IRUGO);
4456 module_param_named(sector_size, sdebug_sector_size, int, S_IRUGO);
4457 module_param_named(statistics, sdebug_statistics, bool, S_IRUGO | S_IWUSR);
4458 module_param_named(strict, sdebug_strict, bool, S_IRUGO | S_IWUSR);
4459 module_param_named(submit_queues, submit_queues, int, S_IRUGO);
4460 module_param_named(unmap_alignment, sdebug_unmap_alignment, int, S_IRUGO);
4461 module_param_named(unmap_granularity, sdebug_unmap_granularity, int, S_IRUGO);
4462 module_param_named(unmap_max_blocks, sdebug_unmap_max_blocks, int, S_IRUGO);
4463 module_param_named(unmap_max_desc, sdebug_unmap_max_desc, int, S_IRUGO);
4464 module_param_named(virtual_gb, sdebug_virtual_gb, int, S_IRUGO | S_IWUSR);
4465 module_param_named(uuid_ctl, sdebug_uuid_ctl, int, S_IRUGO);
4466 module_param_named(vpd_use_hostno, sdebug_vpd_use_hostno, int,
4468 module_param_named(wp, sdebug_wp, bool, S_IRUGO | S_IWUSR);
4469 module_param_named(write_same_length, sdebug_write_same_length, int,
4472 MODULE_AUTHOR("Eric Youngdale + Douglas Gilbert");
4473 MODULE_DESCRIPTION("SCSI debug adapter driver");
4474 MODULE_LICENSE("GPL");
4475 MODULE_VERSION(SDEBUG_VERSION);
4477 MODULE_PARM_DESC(add_host, "0..127 hosts allowed(def=1)");
4478 MODULE_PARM_DESC(ato, "application tag ownership: 0=disk 1=host (def=1)");
4479 MODULE_PARM_DESC(cdb_len, "suggest CDB lengths to drivers (def=10)");
4480 MODULE_PARM_DESC(clustering, "when set enables larger transfers (def=0)");
4481 MODULE_PARM_DESC(delay, "response delay (def=1 jiffy); 0:imm, -1,-2:tiny");
4482 MODULE_PARM_DESC(dev_size_mb, "size in MiB of ram shared by devs(def=8)");
4483 MODULE_PARM_DESC(dif, "data integrity field type: 0-3 (def=0)");
4484 MODULE_PARM_DESC(dix, "data integrity extensions mask (def=0)");
4485 MODULE_PARM_DESC(dsense, "use descriptor sense format(def=0 -> fixed)");
4486 MODULE_PARM_DESC(every_nth, "timeout every nth command(def=0)");
4487 MODULE_PARM_DESC(fake_rw, "fake reads/writes instead of copying (def=0)");
4488 MODULE_PARM_DESC(guard, "protection checksum: 0=crc, 1=ip (def=0)");
4489 MODULE_PARM_DESC(host_lock, "host_lock is ignored (def=0)");
4490 MODULE_PARM_DESC(inq_vendor, "SCSI INQUIRY vendor string (def=\"Linux\")");
4491 MODULE_PARM_DESC(inq_product, "SCSI INQUIRY product string (def=\"scsi_debug\")");
4492 MODULE_PARM_DESC(inq_rev, "SCSI INQUIRY revision string (def=\""
4493 SDEBUG_VERSION "\")");
4494 MODULE_PARM_DESC(lbpu, "enable LBP, support UNMAP command (def=0)");
4495 MODULE_PARM_DESC(lbpws, "enable LBP, support WRITE SAME(16) with UNMAP bit (def=0)");
4496 MODULE_PARM_DESC(lbpws10, "enable LBP, support WRITE SAME(10) with UNMAP bit (def=0)");
4497 MODULE_PARM_DESC(lbprz,
4498 "on read unmapped LBs return 0 when 1 (def), return 0xff when 2");
4499 MODULE_PARM_DESC(lowest_aligned, "lowest aligned lba (def=0)");
4500 MODULE_PARM_DESC(max_luns, "number of LUNs per target to simulate(def=1)");
4501 MODULE_PARM_DESC(max_queue, "max number of queued commands (1 to max(def))");
4502 MODULE_PARM_DESC(medium_error_start, "starting sector number to return MEDIUM error");
4503 MODULE_PARM_DESC(medium_error_count, "count of sectors to return follow on MEDIUM error");
4504 MODULE_PARM_DESC(ndelay, "response delay in nanoseconds (def=0 -> ignore)");
4505 MODULE_PARM_DESC(no_lun_0, "no LU number 0 (def=0 -> have lun 0)");
4506 MODULE_PARM_DESC(no_uld, "stop ULD (e.g. sd driver) attaching (def=0))");
4507 MODULE_PARM_DESC(num_parts, "number of partitions(def=0)");
4508 MODULE_PARM_DESC(num_tgts, "number of targets per host to simulate(def=1)");
4509 MODULE_PARM_DESC(opt_blks, "optimal transfer length in blocks (def=1024)");
4510 MODULE_PARM_DESC(opts, "1->noise, 2->medium_err, 4->timeout, 8->recovered_err... (def=0)");
4511 MODULE_PARM_DESC(physblk_exp, "physical block exponent (def=0)");
4512 MODULE_PARM_DESC(opt_xferlen_exp, "optimal transfer length granularity exponent (def=physblk_exp)");
4513 MODULE_PARM_DESC(ptype, "SCSI peripheral type(def=0[disk])");
4514 MODULE_PARM_DESC(removable, "claim to have removable media (def=0)");
4515 MODULE_PARM_DESC(scsi_level, "SCSI level to simulate(def=7[SPC-5])");
4516 MODULE_PARM_DESC(sector_size, "logical block size in bytes (def=512)");
4517 MODULE_PARM_DESC(statistics, "collect statistics on commands, queues (def=0)");
4518 MODULE_PARM_DESC(strict, "stricter checks: reserved field in cdb (def=0)");
4519 MODULE_PARM_DESC(submit_queues, "support for block multi-queue (def=1)");
4520 MODULE_PARM_DESC(unmap_alignment, "lowest aligned thin provisioning lba (def=0)");
4521 MODULE_PARM_DESC(unmap_granularity, "thin provisioning granularity in blocks (def=1)");
4522 MODULE_PARM_DESC(unmap_max_blocks, "max # of blocks can be unmapped in one cmd (def=0xffffffff)");
4523 MODULE_PARM_DESC(unmap_max_desc, "max # of ranges that can be unmapped in one cmd (def=256)");
4524 MODULE_PARM_DESC(uuid_ctl,
4525 "1->use uuid for lu name, 0->don't, 2->all use same (def=0)");
4526 MODULE_PARM_DESC(virtual_gb, "virtual gigabyte (GiB) size (def=0 -> use dev_size_mb)");
4527 MODULE_PARM_DESC(vpd_use_hostno, "0 -> dev ids ignore hostno (def=1 -> unique dev ids)");
4528 MODULE_PARM_DESC(wp, "Write Protect (def=0)");
4529 MODULE_PARM_DESC(write_same_length, "Maximum blocks per WRITE SAME cmd (def=0xffff)");
4531 #define SDEBUG_INFO_LEN 256
4532 static char sdebug_info[SDEBUG_INFO_LEN];
4534 static const char *scsi_debug_info(struct Scsi_Host *shp)
4538 k = scnprintf(sdebug_info, SDEBUG_INFO_LEN, "%s: version %s [%s]\n",
4539 my_name, SDEBUG_VERSION, sdebug_version_date);
4540 if (k >= (SDEBUG_INFO_LEN - 1))
4542 scnprintf(sdebug_info + k, SDEBUG_INFO_LEN - k,
4543 " dev_size_mb=%d, opts=0x%x, submit_queues=%d, %s=%d",
4544 sdebug_dev_size_mb, sdebug_opts, submit_queues,
4545 "statistics", (int)sdebug_statistics);
4549 /* 'echo <val> > /proc/scsi/scsi_debug/<host_id>' writes to opts */
4550 static int scsi_debug_write_info(struct Scsi_Host *host, char *buffer,
4555 int minLen = length > 15 ? 15 : length;
4557 if (!capable(CAP_SYS_ADMIN) || !capable(CAP_SYS_RAWIO))
4559 memcpy(arr, buffer, minLen);
4561 if (1 != sscanf(arr, "%d", &opts))
4564 sdebug_verbose = !!(SDEBUG_OPT_NOISE & opts);
4565 sdebug_any_injecting_opt = !!(SDEBUG_OPT_ALL_INJECTING & opts);
4566 if (sdebug_every_nth != 0)
4571 /* Output seen with 'cat /proc/scsi/scsi_debug/<host_id>'. It will be the
4572 * same for each scsi_debug host (if more than one). Some of the counters
4573 * output are not atomics so might be inaccurate in a busy system. */
4574 static int scsi_debug_show_info(struct seq_file *m, struct Scsi_Host *host)
4577 struct sdebug_queue *sqp;
4579 seq_printf(m, "scsi_debug adapter driver, version %s [%s]\n",
4580 SDEBUG_VERSION, sdebug_version_date);
4581 seq_printf(m, "num_tgts=%d, %ssize=%d MB, opts=0x%x, every_nth=%d\n",
4582 sdebug_num_tgts, "shared (ram) ", sdebug_dev_size_mb,
4583 sdebug_opts, sdebug_every_nth);
4584 seq_printf(m, "delay=%d, ndelay=%d, max_luns=%d, sector_size=%d %s\n",
4585 sdebug_jdelay, sdebug_ndelay, sdebug_max_luns,
4586 sdebug_sector_size, "bytes");
4587 seq_printf(m, "cylinders=%d, heads=%d, sectors=%d, command aborts=%d\n",
4588 sdebug_cylinders_per, sdebug_heads, sdebug_sectors_per,
4590 seq_printf(m, "RESETs: device=%d, target=%d, bus=%d, host=%d\n",
4591 num_dev_resets, num_target_resets, num_bus_resets,
4593 seq_printf(m, "dix_reads=%d, dix_writes=%d, dif_errors=%d\n",
4594 dix_reads, dix_writes, dif_errors);
4595 seq_printf(m, "usec_in_jiffy=%lu, statistics=%d\n", TICK_NSEC / 1000,
4597 seq_printf(m, "cmnd_count=%d, completions=%d, %s=%d, a_tsf=%d\n",
4598 atomic_read(&sdebug_cmnd_count),
4599 atomic_read(&sdebug_completions),
4600 "miss_cpus", atomic_read(&sdebug_miss_cpus),
4601 atomic_read(&sdebug_a_tsf));
4603 seq_printf(m, "submit_queues=%d\n", submit_queues);
4604 for (j = 0, sqp = sdebug_q_arr; j < submit_queues; ++j, ++sqp) {
4605 seq_printf(m, " queue %d:\n", j);
4606 f = find_first_bit(sqp->in_use_bm, sdebug_max_queue);
4607 if (f != sdebug_max_queue) {
4608 l = find_last_bit(sqp->in_use_bm, sdebug_max_queue);
4609 seq_printf(m, " in_use_bm BUSY: %s: %d,%d\n",
4610 "first,last bits", f, l);
4616 static ssize_t delay_show(struct device_driver *ddp, char *buf)
4618 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_jdelay);
4620 /* Returns -EBUSY if jdelay is being changed and commands are queued. The unit
4621 * of delay is jiffies.
4623 static ssize_t delay_store(struct device_driver *ddp, const char *buf,
4628 if (count > 0 && sscanf(buf, "%d", &jdelay) == 1) {
4630 if (sdebug_jdelay != jdelay) {
4632 struct sdebug_queue *sqp;
4634 block_unblock_all_queues(true);
4635 for (j = 0, sqp = sdebug_q_arr; j < submit_queues;
4637 k = find_first_bit(sqp->in_use_bm,
4639 if (k != sdebug_max_queue) {
4640 res = -EBUSY; /* queued commands */
4645 sdebug_jdelay = jdelay;
4648 block_unblock_all_queues(false);
4654 static DRIVER_ATTR_RW(delay);
4656 static ssize_t ndelay_show(struct device_driver *ddp, char *buf)
4658 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_ndelay);
4660 /* Returns -EBUSY if ndelay is being changed and commands are queued */
4661 /* If > 0 and accepted then sdebug_jdelay is set to JDELAY_OVERRIDDEN */
4662 static ssize_t ndelay_store(struct device_driver *ddp, const char *buf,
4667 if ((count > 0) && (1 == sscanf(buf, "%d", &ndelay)) &&
4668 (ndelay >= 0) && (ndelay < (1000 * 1000 * 1000))) {
4670 if (sdebug_ndelay != ndelay) {
4672 struct sdebug_queue *sqp;
4674 block_unblock_all_queues(true);
4675 for (j = 0, sqp = sdebug_q_arr; j < submit_queues;
4677 k = find_first_bit(sqp->in_use_bm,
4679 if (k != sdebug_max_queue) {
4680 res = -EBUSY; /* queued commands */
4685 sdebug_ndelay = ndelay;
4686 sdebug_jdelay = ndelay ? JDELAY_OVERRIDDEN
4689 block_unblock_all_queues(false);
4695 static DRIVER_ATTR_RW(ndelay);
4697 static ssize_t opts_show(struct device_driver *ddp, char *buf)
4699 return scnprintf(buf, PAGE_SIZE, "0x%x\n", sdebug_opts);
4702 static ssize_t opts_store(struct device_driver *ddp, const char *buf,
4708 if (sscanf(buf, "%10s", work) == 1) {
4709 if (strncasecmp(work, "0x", 2) == 0) {
4710 if (kstrtoint(work + 2, 16, &opts) == 0)
4713 if (kstrtoint(work, 10, &opts) == 0)
4720 sdebug_verbose = !!(SDEBUG_OPT_NOISE & opts);
4721 sdebug_any_injecting_opt = !!(SDEBUG_OPT_ALL_INJECTING & opts);
4725 static DRIVER_ATTR_RW(opts);
4727 static ssize_t ptype_show(struct device_driver *ddp, char *buf)
4729 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_ptype);
4731 static ssize_t ptype_store(struct device_driver *ddp, const char *buf,
4736 if ((count > 0) && (1 == sscanf(buf, "%d", &n)) && (n >= 0)) {
4742 static DRIVER_ATTR_RW(ptype);
4744 static ssize_t dsense_show(struct device_driver *ddp, char *buf)
4746 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_dsense);
4748 static ssize_t dsense_store(struct device_driver *ddp, const char *buf,
4753 if ((count > 0) && (1 == sscanf(buf, "%d", &n)) && (n >= 0)) {
4759 static DRIVER_ATTR_RW(dsense);
4761 static ssize_t fake_rw_show(struct device_driver *ddp, char *buf)
4763 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_fake_rw);
4765 static ssize_t fake_rw_store(struct device_driver *ddp, const char *buf,
4770 if ((count > 0) && (1 == sscanf(buf, "%d", &n)) && (n >= 0)) {
4772 sdebug_fake_rw = (sdebug_fake_rw > 0);
4773 if (sdebug_fake_rw != n) {
4774 if ((0 == n) && (NULL == fake_storep)) {
4776 (unsigned long)sdebug_dev_size_mb *
4779 fake_storep = vzalloc(sz);
4780 if (NULL == fake_storep) {
4781 pr_err("out of memory, 9\n");
4791 static DRIVER_ATTR_RW(fake_rw);
4793 static ssize_t no_lun_0_show(struct device_driver *ddp, char *buf)
4795 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_no_lun_0);
4797 static ssize_t no_lun_0_store(struct device_driver *ddp, const char *buf,
4802 if ((count > 0) && (1 == sscanf(buf, "%d", &n)) && (n >= 0)) {
4803 sdebug_no_lun_0 = n;
4808 static DRIVER_ATTR_RW(no_lun_0);
4810 static ssize_t num_tgts_show(struct device_driver *ddp, char *buf)
4812 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_num_tgts);
4814 static ssize_t num_tgts_store(struct device_driver *ddp, const char *buf,
4819 if ((count > 0) && (1 == sscanf(buf, "%d", &n)) && (n >= 0)) {
4820 sdebug_num_tgts = n;
4821 sdebug_max_tgts_luns();
4826 static DRIVER_ATTR_RW(num_tgts);
4828 static ssize_t dev_size_mb_show(struct device_driver *ddp, char *buf)
4830 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_dev_size_mb);
4832 static DRIVER_ATTR_RO(dev_size_mb);
4834 static ssize_t num_parts_show(struct device_driver *ddp, char *buf)
4836 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_num_parts);
4838 static DRIVER_ATTR_RO(num_parts);
4840 static ssize_t every_nth_show(struct device_driver *ddp, char *buf)
4842 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_every_nth);
4844 static ssize_t every_nth_store(struct device_driver *ddp, const char *buf,
4849 if ((count > 0) && (1 == sscanf(buf, "%d", &nth))) {
4850 sdebug_every_nth = nth;
4851 if (nth && !sdebug_statistics) {
4852 pr_info("every_nth needs statistics=1, set it\n");
4853 sdebug_statistics = true;
4860 static DRIVER_ATTR_RW(every_nth);
4862 static ssize_t max_luns_show(struct device_driver *ddp, char *buf)
4864 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_max_luns);
4866 static ssize_t max_luns_store(struct device_driver *ddp, const char *buf,
4872 if ((count > 0) && (1 == sscanf(buf, "%d", &n)) && (n >= 0)) {
4874 pr_warn("max_luns can be no more than 256\n");
4877 changed = (sdebug_max_luns != n);
4878 sdebug_max_luns = n;
4879 sdebug_max_tgts_luns();
4880 if (changed && (sdebug_scsi_level >= 5)) { /* >= SPC-3 */
4881 struct sdebug_host_info *sdhp;
4882 struct sdebug_dev_info *dp;
4884 spin_lock(&sdebug_host_list_lock);
4885 list_for_each_entry(sdhp, &sdebug_host_list,
4887 list_for_each_entry(dp, &sdhp->dev_info_list,
4889 set_bit(SDEBUG_UA_LUNS_CHANGED,
4893 spin_unlock(&sdebug_host_list_lock);
4899 static DRIVER_ATTR_RW(max_luns);
4901 static ssize_t max_queue_show(struct device_driver *ddp, char *buf)
4903 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_max_queue);
4905 /* N.B. max_queue can be changed while there are queued commands. In flight
4906 * commands beyond the new max_queue will be completed. */
4907 static ssize_t max_queue_store(struct device_driver *ddp, const char *buf,
4911 struct sdebug_queue *sqp;
4913 if ((count > 0) && (1 == sscanf(buf, "%d", &n)) && (n > 0) &&
4914 (n <= SDEBUG_CANQUEUE)) {
4915 block_unblock_all_queues(true);
4917 for (j = 0, sqp = sdebug_q_arr; j < submit_queues;
4919 a = find_last_bit(sqp->in_use_bm, SDEBUG_CANQUEUE);
4923 sdebug_max_queue = n;
4924 if (k == SDEBUG_CANQUEUE)
4925 atomic_set(&retired_max_queue, 0);
4927 atomic_set(&retired_max_queue, k + 1);
4929 atomic_set(&retired_max_queue, 0);
4930 block_unblock_all_queues(false);
4935 static DRIVER_ATTR_RW(max_queue);
4937 static ssize_t no_uld_show(struct device_driver *ddp, char *buf)
4939 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_no_uld);
4941 static DRIVER_ATTR_RO(no_uld);
4943 static ssize_t scsi_level_show(struct device_driver *ddp, char *buf)
4945 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_scsi_level);
4947 static DRIVER_ATTR_RO(scsi_level);
4949 static ssize_t virtual_gb_show(struct device_driver *ddp, char *buf)
4951 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_virtual_gb);
4953 static ssize_t virtual_gb_store(struct device_driver *ddp, const char *buf,
4959 if ((count > 0) && (1 == sscanf(buf, "%d", &n)) && (n >= 0)) {
4960 changed = (sdebug_virtual_gb != n);
4961 sdebug_virtual_gb = n;
4962 sdebug_capacity = get_sdebug_capacity();
4964 struct sdebug_host_info *sdhp;
4965 struct sdebug_dev_info *dp;
4967 spin_lock(&sdebug_host_list_lock);
4968 list_for_each_entry(sdhp, &sdebug_host_list,
4970 list_for_each_entry(dp, &sdhp->dev_info_list,
4972 set_bit(SDEBUG_UA_CAPACITY_CHANGED,
4976 spin_unlock(&sdebug_host_list_lock);
4982 static DRIVER_ATTR_RW(virtual_gb);
4984 static ssize_t add_host_show(struct device_driver *ddp, char *buf)
4986 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_add_host);
4989 static int sdebug_add_adapter(void);
4990 static void sdebug_remove_adapter(void);
4992 static ssize_t add_host_store(struct device_driver *ddp, const char *buf,
4997 if (sscanf(buf, "%d", &delta_hosts) != 1)
4999 if (delta_hosts > 0) {
5001 sdebug_add_adapter();
5002 } while (--delta_hosts);
5003 } else if (delta_hosts < 0) {
5005 sdebug_remove_adapter();
5006 } while (++delta_hosts);
5010 static DRIVER_ATTR_RW(add_host);
5012 static ssize_t vpd_use_hostno_show(struct device_driver *ddp, char *buf)
5014 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_vpd_use_hostno);
5016 static ssize_t vpd_use_hostno_store(struct device_driver *ddp, const char *buf,
5021 if ((count > 0) && (1 == sscanf(buf, "%d", &n)) && (n >= 0)) {
5022 sdebug_vpd_use_hostno = n;
5027 static DRIVER_ATTR_RW(vpd_use_hostno);
5029 static ssize_t statistics_show(struct device_driver *ddp, char *buf)
5031 return scnprintf(buf, PAGE_SIZE, "%d\n", (int)sdebug_statistics);
5033 static ssize_t statistics_store(struct device_driver *ddp, const char *buf,
5038 if ((count > 0) && (sscanf(buf, "%d", &n) == 1) && (n >= 0)) {
5040 sdebug_statistics = true;
5042 clear_queue_stats();
5043 sdebug_statistics = false;
5049 static DRIVER_ATTR_RW(statistics);
5051 static ssize_t sector_size_show(struct device_driver *ddp, char *buf)
5053 return scnprintf(buf, PAGE_SIZE, "%u\n", sdebug_sector_size);
5055 static DRIVER_ATTR_RO(sector_size);
5057 static ssize_t submit_queues_show(struct device_driver *ddp, char *buf)
5059 return scnprintf(buf, PAGE_SIZE, "%d\n", submit_queues);
5061 static DRIVER_ATTR_RO(submit_queues);
5063 static ssize_t dix_show(struct device_driver *ddp, char *buf)
5065 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_dix);
5067 static DRIVER_ATTR_RO(dix);
5069 static ssize_t dif_show(struct device_driver *ddp, char *buf)
5071 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_dif);
5073 static DRIVER_ATTR_RO(dif);
5075 static ssize_t guard_show(struct device_driver *ddp, char *buf)
5077 return scnprintf(buf, PAGE_SIZE, "%u\n", sdebug_guard);
5079 static DRIVER_ATTR_RO(guard);
5081 static ssize_t ato_show(struct device_driver *ddp, char *buf)
5083 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_ato);
5085 static DRIVER_ATTR_RO(ato);
5087 static ssize_t map_show(struct device_driver *ddp, char *buf)
5091 if (!scsi_debug_lbp())
5092 return scnprintf(buf, PAGE_SIZE, "0-%u\n",
5093 sdebug_store_sectors);
5095 count = scnprintf(buf, PAGE_SIZE - 1, "%*pbl",
5096 (int)map_size, map_storep);
5097 buf[count++] = '\n';
5102 static DRIVER_ATTR_RO(map);
5104 static ssize_t removable_show(struct device_driver *ddp, char *buf)
5106 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_removable ? 1 : 0);
5108 static ssize_t removable_store(struct device_driver *ddp, const char *buf,
5113 if ((count > 0) && (1 == sscanf(buf, "%d", &n)) && (n >= 0)) {
5114 sdebug_removable = (n > 0);
5119 static DRIVER_ATTR_RW(removable);
5121 static ssize_t host_lock_show(struct device_driver *ddp, char *buf)
5123 return scnprintf(buf, PAGE_SIZE, "%d\n", !!sdebug_host_lock);
5125 /* N.B. sdebug_host_lock does nothing, kept for backward compatibility */
5126 static ssize_t host_lock_store(struct device_driver *ddp, const char *buf,
5131 if ((count > 0) && (1 == sscanf(buf, "%d", &n)) && (n >= 0)) {
5132 sdebug_host_lock = (n > 0);
5137 static DRIVER_ATTR_RW(host_lock);
5139 static ssize_t strict_show(struct device_driver *ddp, char *buf)
5141 return scnprintf(buf, PAGE_SIZE, "%d\n", !!sdebug_strict);
5143 static ssize_t strict_store(struct device_driver *ddp, const char *buf,
5148 if ((count > 0) && (1 == sscanf(buf, "%d", &n)) && (n >= 0)) {
5149 sdebug_strict = (n > 0);
5154 static DRIVER_ATTR_RW(strict);
5156 static ssize_t uuid_ctl_show(struct device_driver *ddp, char *buf)
5158 return scnprintf(buf, PAGE_SIZE, "%d\n", !!sdebug_uuid_ctl);
5160 static DRIVER_ATTR_RO(uuid_ctl);
5162 static ssize_t cdb_len_show(struct device_driver *ddp, char *buf)
5164 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_cdb_len);
5166 static ssize_t cdb_len_store(struct device_driver *ddp, const char *buf,
5171 ret = kstrtoint(buf, 0, &n);
5175 all_config_cdb_len();
5178 static DRIVER_ATTR_RW(cdb_len);
5181 /* Note: The following array creates attribute files in the
5182 /sys/bus/pseudo/drivers/scsi_debug directory. The advantage of these
5183 files (over those found in the /sys/module/scsi_debug/parameters
5184 directory) is that auxiliary actions can be triggered when an attribute
5185 is changed. For example see: sdebug_add_host_store() above.
5188 static struct attribute *sdebug_drv_attrs[] = {
5189 &driver_attr_delay.attr,
5190 &driver_attr_opts.attr,
5191 &driver_attr_ptype.attr,
5192 &driver_attr_dsense.attr,
5193 &driver_attr_fake_rw.attr,
5194 &driver_attr_no_lun_0.attr,
5195 &driver_attr_num_tgts.attr,
5196 &driver_attr_dev_size_mb.attr,
5197 &driver_attr_num_parts.attr,
5198 &driver_attr_every_nth.attr,
5199 &driver_attr_max_luns.attr,
5200 &driver_attr_max_queue.attr,
5201 &driver_attr_no_uld.attr,
5202 &driver_attr_scsi_level.attr,
5203 &driver_attr_virtual_gb.attr,
5204 &driver_attr_add_host.attr,
5205 &driver_attr_vpd_use_hostno.attr,
5206 &driver_attr_sector_size.attr,
5207 &driver_attr_statistics.attr,
5208 &driver_attr_submit_queues.attr,
5209 &driver_attr_dix.attr,
5210 &driver_attr_dif.attr,
5211 &driver_attr_guard.attr,
5212 &driver_attr_ato.attr,
5213 &driver_attr_map.attr,
5214 &driver_attr_removable.attr,
5215 &driver_attr_host_lock.attr,
5216 &driver_attr_ndelay.attr,
5217 &driver_attr_strict.attr,
5218 &driver_attr_uuid_ctl.attr,
5219 &driver_attr_cdb_len.attr,
5222 ATTRIBUTE_GROUPS(sdebug_drv);
5224 static struct device *pseudo_primary;
5226 static int __init scsi_debug_init(void)
5233 atomic_set(&retired_max_queue, 0);
5235 if (sdebug_ndelay >= 1000 * 1000 * 1000) {
5236 pr_warn("ndelay must be less than 1 second, ignored\n");
5238 } else if (sdebug_ndelay > 0)
5239 sdebug_jdelay = JDELAY_OVERRIDDEN;
5241 switch (sdebug_sector_size) {
5248 pr_err("invalid sector_size %d\n", sdebug_sector_size);
5252 switch (sdebug_dif) {
5253 case T10_PI_TYPE0_PROTECTION:
5255 case T10_PI_TYPE1_PROTECTION:
5256 case T10_PI_TYPE2_PROTECTION:
5257 case T10_PI_TYPE3_PROTECTION:
5258 have_dif_prot = true;
5262 pr_err("dif must be 0, 1, 2 or 3\n");
5266 if (sdebug_num_tgts < 0) {
5267 pr_err("num_tgts must be >= 0\n");
5271 if (sdebug_guard > 1) {
5272 pr_err("guard must be 0 or 1\n");
5276 if (sdebug_ato > 1) {
5277 pr_err("ato must be 0 or 1\n");
5281 if (sdebug_physblk_exp > 15) {
5282 pr_err("invalid physblk_exp %u\n", sdebug_physblk_exp);
5285 if (sdebug_max_luns > 256) {
5286 pr_warn("max_luns can be no more than 256, use default\n");
5287 sdebug_max_luns = DEF_MAX_LUNS;
5290 if (sdebug_lowest_aligned > 0x3fff) {
5291 pr_err("lowest_aligned too big: %u\n", sdebug_lowest_aligned);
5295 if (submit_queues < 1) {
5296 pr_err("submit_queues must be 1 or more\n");
5299 sdebug_q_arr = kcalloc(submit_queues, sizeof(struct sdebug_queue),
5301 if (sdebug_q_arr == NULL)
5303 for (k = 0; k < submit_queues; ++k)
5304 spin_lock_init(&sdebug_q_arr[k].qc_lock);
5306 if (sdebug_dev_size_mb < 1)
5307 sdebug_dev_size_mb = 1; /* force minimum 1 MB ramdisk */
5308 sz = (unsigned long)sdebug_dev_size_mb * 1048576;
5309 sdebug_store_sectors = sz / sdebug_sector_size;
5310 sdebug_capacity = get_sdebug_capacity();
5312 /* play around with geometry, don't waste too much on track 0 */
5314 sdebug_sectors_per = 32;
5315 if (sdebug_dev_size_mb >= 256)
5317 else if (sdebug_dev_size_mb >= 16)
5319 sdebug_cylinders_per = (unsigned long)sdebug_capacity /
5320 (sdebug_sectors_per * sdebug_heads);
5321 if (sdebug_cylinders_per >= 1024) {
5322 /* other LLDs do this; implies >= 1GB ram disk ... */
5324 sdebug_sectors_per = 63;
5325 sdebug_cylinders_per = (unsigned long)sdebug_capacity /
5326 (sdebug_sectors_per * sdebug_heads);
5329 if (sdebug_fake_rw == 0) {
5330 fake_storep = vzalloc(sz);
5331 if (NULL == fake_storep) {
5332 pr_err("out of memory, 1\n");
5336 if (sdebug_num_parts > 0)
5337 sdebug_build_parts(fake_storep, sz);
5343 dif_size = sdebug_store_sectors * sizeof(struct t10_pi_tuple);
5344 dif_storep = vmalloc(dif_size);
5346 pr_err("dif_storep %u bytes @ %p\n", dif_size, dif_storep);
5348 if (dif_storep == NULL) {
5349 pr_err("out of mem. (DIX)\n");
5354 memset(dif_storep, 0xff, dif_size);
5357 /* Logical Block Provisioning */
5358 if (scsi_debug_lbp()) {
5359 sdebug_unmap_max_blocks =
5360 clamp(sdebug_unmap_max_blocks, 0U, 0xffffffffU);
5362 sdebug_unmap_max_desc =
5363 clamp(sdebug_unmap_max_desc, 0U, 256U);
5365 sdebug_unmap_granularity =
5366 clamp(sdebug_unmap_granularity, 1U, 0xffffffffU);
5368 if (sdebug_unmap_alignment &&
5369 sdebug_unmap_granularity <=
5370 sdebug_unmap_alignment) {
5371 pr_err("ERR: unmap_granularity <= unmap_alignment\n");
5376 map_size = lba_to_map_index(sdebug_store_sectors - 1) + 1;
5377 map_storep = vmalloc(array_size(sizeof(long),
5378 BITS_TO_LONGS(map_size)));
5380 pr_info("%lu provisioning blocks\n", map_size);
5382 if (map_storep == NULL) {
5383 pr_err("out of mem. (MAP)\n");
5388 bitmap_zero(map_storep, map_size);
5390 /* Map first 1KB for partition table */
5391 if (sdebug_num_parts)
5395 pseudo_primary = root_device_register("pseudo_0");
5396 if (IS_ERR(pseudo_primary)) {
5397 pr_warn("root_device_register() error\n");
5398 ret = PTR_ERR(pseudo_primary);
5401 ret = bus_register(&pseudo_lld_bus);
5403 pr_warn("bus_register error: %d\n", ret);
5406 ret = driver_register(&sdebug_driverfs_driver);
5408 pr_warn("driver_register error: %d\n", ret);
5412 host_to_add = sdebug_add_host;
5413 sdebug_add_host = 0;
5415 for (k = 0; k < host_to_add; k++) {
5416 if (sdebug_add_adapter()) {
5417 pr_err("sdebug_add_adapter failed k=%d\n", k);
5423 pr_info("built %d host(s)\n", sdebug_add_host);
5428 bus_unregister(&pseudo_lld_bus);
5430 root_device_unregister(pseudo_primary);
5436 kfree(sdebug_q_arr);
5440 static void __exit scsi_debug_exit(void)
5442 int k = sdebug_add_host;
5446 sdebug_remove_adapter();
5448 driver_unregister(&sdebug_driverfs_driver);
5449 bus_unregister(&pseudo_lld_bus);
5450 root_device_unregister(pseudo_primary);
5455 kfree(sdebug_q_arr);
5458 device_initcall(scsi_debug_init);
5459 module_exit(scsi_debug_exit);
5461 static void sdebug_release_adapter(struct device *dev)
5463 struct sdebug_host_info *sdbg_host;
5465 sdbg_host = to_sdebug_host(dev);
5469 static int sdebug_add_adapter(void)
5471 int k, devs_per_host;
5473 struct sdebug_host_info *sdbg_host;
5474 struct sdebug_dev_info *sdbg_devinfo, *tmp;
5476 sdbg_host = kzalloc(sizeof(*sdbg_host), GFP_KERNEL);
5477 if (sdbg_host == NULL) {
5478 pr_err("out of memory at line %d\n", __LINE__);
5482 INIT_LIST_HEAD(&sdbg_host->dev_info_list);
5484 devs_per_host = sdebug_num_tgts * sdebug_max_luns;
5485 for (k = 0; k < devs_per_host; k++) {
5486 sdbg_devinfo = sdebug_device_create(sdbg_host, GFP_KERNEL);
5487 if (!sdbg_devinfo) {
5488 pr_err("out of memory at line %d\n", __LINE__);
5494 spin_lock(&sdebug_host_list_lock);
5495 list_add_tail(&sdbg_host->host_list, &sdebug_host_list);
5496 spin_unlock(&sdebug_host_list_lock);
5498 sdbg_host->dev.bus = &pseudo_lld_bus;
5499 sdbg_host->dev.parent = pseudo_primary;
5500 sdbg_host->dev.release = &sdebug_release_adapter;
5501 dev_set_name(&sdbg_host->dev, "adapter%d", sdebug_add_host);
5503 error = device_register(&sdbg_host->dev);
5512 list_for_each_entry_safe(sdbg_devinfo, tmp, &sdbg_host->dev_info_list,
5514 list_del(&sdbg_devinfo->dev_list);
5515 kfree(sdbg_devinfo);
5522 static void sdebug_remove_adapter(void)
5524 struct sdebug_host_info *sdbg_host = NULL;
5526 spin_lock(&sdebug_host_list_lock);
5527 if (!list_empty(&sdebug_host_list)) {
5528 sdbg_host = list_entry(sdebug_host_list.prev,
5529 struct sdebug_host_info, host_list);
5530 list_del(&sdbg_host->host_list);
5532 spin_unlock(&sdebug_host_list_lock);
5537 device_unregister(&sdbg_host->dev);
5541 static int sdebug_change_qdepth(struct scsi_device *sdev, int qdepth)
5544 struct sdebug_dev_info *devip;
5546 block_unblock_all_queues(true);
5547 devip = (struct sdebug_dev_info *)sdev->hostdata;
5548 if (NULL == devip) {
5549 block_unblock_all_queues(false);
5552 num_in_q = atomic_read(&devip->num_in_q);
5556 /* allow to exceed max host qc_arr elements for testing */
5557 if (qdepth > SDEBUG_CANQUEUE + 10)
5558 qdepth = SDEBUG_CANQUEUE + 10;
5559 scsi_change_queue_depth(sdev, qdepth);
5561 if (SDEBUG_OPT_Q_NOISE & sdebug_opts) {
5562 sdev_printk(KERN_INFO, sdev, "%s: qdepth=%d, num_in_q=%d\n",
5563 __func__, qdepth, num_in_q);
5565 block_unblock_all_queues(false);
5566 return sdev->queue_depth;
5569 static bool fake_timeout(struct scsi_cmnd *scp)
5571 if (0 == (atomic_read(&sdebug_cmnd_count) % abs(sdebug_every_nth))) {
5572 if (sdebug_every_nth < -1)
5573 sdebug_every_nth = -1;
5574 if (SDEBUG_OPT_TIMEOUT & sdebug_opts)
5575 return true; /* ignore command causing timeout */
5576 else if (SDEBUG_OPT_MAC_TIMEOUT & sdebug_opts &&
5577 scsi_medium_access_command(scp))
5578 return true; /* time out reads and writes */
5583 static bool fake_host_busy(struct scsi_cmnd *scp)
5585 return (sdebug_opts & SDEBUG_OPT_HOST_BUSY) &&
5586 (atomic_read(&sdebug_cmnd_count) % abs(sdebug_every_nth)) == 0;
5589 static int scsi_debug_queuecommand(struct Scsi_Host *shost,
5590 struct scsi_cmnd *scp)
5593 struct scsi_device *sdp = scp->device;
5594 const struct opcode_info_t *oip;
5595 const struct opcode_info_t *r_oip;
5596 struct sdebug_dev_info *devip;
5597 u8 *cmd = scp->cmnd;
5598 int (*r_pfp)(struct scsi_cmnd *, struct sdebug_dev_info *);
5599 int (*pfp)(struct scsi_cmnd *, struct sdebug_dev_info *) = NULL;
5607 scsi_set_resid(scp, 0);
5608 if (sdebug_statistics)
5609 atomic_inc(&sdebug_cmnd_count);
5610 if (unlikely(sdebug_verbose &&
5611 !(SDEBUG_OPT_NO_CDB_NOISE & sdebug_opts))) {
5616 sb = (int)sizeof(b);
5618 strcpy(b, "too long, over 32 bytes");
5620 for (k = 0, n = 0; k < len && n < sb; ++k)
5621 n += scnprintf(b + n, sb - n, "%02x ",
5624 sdev_printk(KERN_INFO, sdp, "%s: tag=%#x, cmd %s\n", my_name,
5625 blk_mq_unique_tag(scp->request), b);
5627 if (fake_host_busy(scp))
5628 return SCSI_MLQUEUE_HOST_BUSY;
5629 has_wlun_rl = (sdp->lun == SCSI_W_LUN_REPORT_LUNS);
5630 if (unlikely((sdp->lun >= sdebug_max_luns) && !has_wlun_rl))
5633 sdeb_i = opcode_ind_arr[opcode]; /* fully mapped */
5634 oip = &opcode_info_arr[sdeb_i]; /* safe if table consistent */
5635 devip = (struct sdebug_dev_info *)sdp->hostdata;
5636 if (unlikely(!devip)) {
5637 devip = find_build_dev_info(sdp);
5641 na = oip->num_attached;
5643 if (na) { /* multiple commands with this opcode */
5645 if (FF_SA & r_oip->flags) {
5646 if (F_SA_LOW & oip->flags)
5649 sa = get_unaligned_be16(cmd + 8);
5650 for (k = 0; k <= na; oip = r_oip->arrp + k++) {
5651 if (opcode == oip->opcode && sa == oip->sa)
5654 } else { /* since no service action only check opcode */
5655 for (k = 0; k <= na; oip = r_oip->arrp + k++) {
5656 if (opcode == oip->opcode)
5661 if (F_SA_LOW & r_oip->flags)
5662 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 1, 4);
5663 else if (F_SA_HIGH & r_oip->flags)
5664 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 8, 7);
5666 mk_sense_invalid_opcode(scp);
5669 } /* else (when na==0) we assume the oip is a match */
5671 if (unlikely(F_INV_OP & flags)) {
5672 mk_sense_invalid_opcode(scp);
5675 if (unlikely(has_wlun_rl && !(F_RL_WLUN_OK & flags))) {
5677 sdev_printk(KERN_INFO, sdp, "%s: Opcode 0x%x not%s\n",
5678 my_name, opcode, " supported for wlun");
5679 mk_sense_invalid_opcode(scp);
5682 if (unlikely(sdebug_strict)) { /* check cdb against mask */
5686 for (k = 1; k < oip->len_mask[0] && k < 16; ++k) {
5687 rem = ~oip->len_mask[k] & cmd[k];
5689 for (j = 7; j >= 0; --j, rem <<= 1) {
5693 mk_sense_invalid_fld(scp, SDEB_IN_CDB, k, j);
5698 if (unlikely(!(F_SKIP_UA & flags) &&
5699 find_first_bit(devip->uas_bm,
5700 SDEBUG_NUM_UAS) != SDEBUG_NUM_UAS)) {
5701 errsts = make_ua(scp, devip);
5705 if (unlikely((F_M_ACCESS & flags) && atomic_read(&devip->stopped))) {
5706 mk_sense_buffer(scp, NOT_READY, LOGICAL_UNIT_NOT_READY, 0x2);
5708 sdev_printk(KERN_INFO, sdp, "%s reports: Not ready: "
5709 "%s\n", my_name, "initializing command "
5711 errsts = check_condition_result;
5714 if (sdebug_fake_rw && (F_FAKE_RW & flags))
5716 if (unlikely(sdebug_every_nth)) {
5717 if (fake_timeout(scp))
5718 return 0; /* ignore command: make trouble */
5720 if (likely(oip->pfp))
5721 pfp = oip->pfp; /* calls a resp_* function */
5723 pfp = r_pfp; /* if leaf function ptr NULL, try the root's */
5726 if (F_DELAY_OVERR & flags)
5727 return schedule_resp(scp, devip, errsts, pfp, 0, 0);
5728 else if ((flags & F_LONG_DELAY) && (sdebug_jdelay > 0 ||
5729 sdebug_ndelay > 10000)) {
5731 * Skip long delays if ndelay <= 10 microseconds. Otherwise
5732 * for Start Stop Unit (SSU) want at least 1 second delay and
5733 * if sdebug_jdelay>1 want a long delay of that many seconds.
5734 * For Synchronize Cache want 1/20 of SSU's delay.
5736 int jdelay = (sdebug_jdelay < 2) ? 1 : sdebug_jdelay;
5737 int denom = (flags & F_SYNC_DELAY) ? 20 : 1;
5739 jdelay = mult_frac(USER_HZ * jdelay, HZ, denom * USER_HZ);
5740 return schedule_resp(scp, devip, errsts, pfp, jdelay, 0);
5742 return schedule_resp(scp, devip, errsts, pfp, sdebug_jdelay,
5745 return schedule_resp(scp, devip, check_condition_result, NULL, 0, 0);
5747 return schedule_resp(scp, NULL, DID_NO_CONNECT << 16, NULL, 0, 0);
5750 static struct scsi_host_template sdebug_driver_template = {
5751 .show_info = scsi_debug_show_info,
5752 .write_info = scsi_debug_write_info,
5753 .proc_name = sdebug_proc_name,
5754 .name = "SCSI DEBUG",
5755 .info = scsi_debug_info,
5756 .slave_alloc = scsi_debug_slave_alloc,
5757 .slave_configure = scsi_debug_slave_configure,
5758 .slave_destroy = scsi_debug_slave_destroy,
5759 .ioctl = scsi_debug_ioctl,
5760 .queuecommand = scsi_debug_queuecommand,
5761 .change_queue_depth = sdebug_change_qdepth,
5762 .eh_abort_handler = scsi_debug_abort,
5763 .eh_device_reset_handler = scsi_debug_device_reset,
5764 .eh_target_reset_handler = scsi_debug_target_reset,
5765 .eh_bus_reset_handler = scsi_debug_bus_reset,
5766 .eh_host_reset_handler = scsi_debug_host_reset,
5767 .can_queue = SDEBUG_CANQUEUE,
5769 .sg_tablesize = SG_MAX_SEGMENTS,
5770 .cmd_per_lun = DEF_CMD_PER_LUN,
5772 .max_segment_size = -1U,
5773 .module = THIS_MODULE,
5774 .track_queue_depth = 1,
5777 static int sdebug_driver_probe(struct device *dev)
5780 struct sdebug_host_info *sdbg_host;
5781 struct Scsi_Host *hpnt;
5784 sdbg_host = to_sdebug_host(dev);
5786 sdebug_driver_template.can_queue = sdebug_max_queue;
5787 if (!sdebug_clustering)
5788 sdebug_driver_template.dma_boundary = PAGE_SIZE - 1;
5790 hpnt = scsi_host_alloc(&sdebug_driver_template, sizeof(sdbg_host));
5792 pr_err("scsi_host_alloc failed\n");
5796 if (submit_queues > nr_cpu_ids) {
5797 pr_warn("%s: trim submit_queues (was %d) to nr_cpu_ids=%u\n",
5798 my_name, submit_queues, nr_cpu_ids);
5799 submit_queues = nr_cpu_ids;
5801 /* Decide whether to tell scsi subsystem that we want mq */
5802 /* Following should give the same answer for each host */
5803 hpnt->nr_hw_queues = submit_queues;
5805 sdbg_host->shost = hpnt;
5806 *((struct sdebug_host_info **)hpnt->hostdata) = sdbg_host;
5807 if ((hpnt->this_id >= 0) && (sdebug_num_tgts > hpnt->this_id))
5808 hpnt->max_id = sdebug_num_tgts + 1;
5810 hpnt->max_id = sdebug_num_tgts;
5811 /* = sdebug_max_luns; */
5812 hpnt->max_lun = SCSI_W_LUN_REPORT_LUNS + 1;
5816 switch (sdebug_dif) {
5818 case T10_PI_TYPE1_PROTECTION:
5819 hprot = SHOST_DIF_TYPE1_PROTECTION;
5821 hprot |= SHOST_DIX_TYPE1_PROTECTION;
5824 case T10_PI_TYPE2_PROTECTION:
5825 hprot = SHOST_DIF_TYPE2_PROTECTION;
5827 hprot |= SHOST_DIX_TYPE2_PROTECTION;
5830 case T10_PI_TYPE3_PROTECTION:
5831 hprot = SHOST_DIF_TYPE3_PROTECTION;
5833 hprot |= SHOST_DIX_TYPE3_PROTECTION;
5838 hprot |= SHOST_DIX_TYPE0_PROTECTION;
5842 scsi_host_set_prot(hpnt, hprot);
5844 if (have_dif_prot || sdebug_dix)
5845 pr_info("host protection%s%s%s%s%s%s%s\n",
5846 (hprot & SHOST_DIF_TYPE1_PROTECTION) ? " DIF1" : "",
5847 (hprot & SHOST_DIF_TYPE2_PROTECTION) ? " DIF2" : "",
5848 (hprot & SHOST_DIF_TYPE3_PROTECTION) ? " DIF3" : "",
5849 (hprot & SHOST_DIX_TYPE0_PROTECTION) ? " DIX0" : "",
5850 (hprot & SHOST_DIX_TYPE1_PROTECTION) ? " DIX1" : "",
5851 (hprot & SHOST_DIX_TYPE2_PROTECTION) ? " DIX2" : "",
5852 (hprot & SHOST_DIX_TYPE3_PROTECTION) ? " DIX3" : "");
5854 if (sdebug_guard == 1)
5855 scsi_host_set_guard(hpnt, SHOST_DIX_GUARD_IP);
5857 scsi_host_set_guard(hpnt, SHOST_DIX_GUARD_CRC);
5859 sdebug_verbose = !!(SDEBUG_OPT_NOISE & sdebug_opts);
5860 sdebug_any_injecting_opt = !!(SDEBUG_OPT_ALL_INJECTING & sdebug_opts);
5861 if (sdebug_every_nth) /* need stats counters for every_nth */
5862 sdebug_statistics = true;
5863 error = scsi_add_host(hpnt, &sdbg_host->dev);
5865 pr_err("scsi_add_host failed\n");
5867 scsi_host_put(hpnt);
5869 scsi_scan_host(hpnt);
5874 static int sdebug_driver_remove(struct device *dev)
5876 struct sdebug_host_info *sdbg_host;
5877 struct sdebug_dev_info *sdbg_devinfo, *tmp;
5879 sdbg_host = to_sdebug_host(dev);
5882 pr_err("Unable to locate host info\n");
5886 scsi_remove_host(sdbg_host->shost);
5888 list_for_each_entry_safe(sdbg_devinfo, tmp, &sdbg_host->dev_info_list,
5890 list_del(&sdbg_devinfo->dev_list);
5891 kfree(sdbg_devinfo);
5894 scsi_host_put(sdbg_host->shost);
5898 static int pseudo_lld_bus_match(struct device *dev,
5899 struct device_driver *dev_driver)
5904 static struct bus_type pseudo_lld_bus = {
5906 .match = pseudo_lld_bus_match,
5907 .probe = sdebug_driver_probe,
5908 .remove = sdebug_driver_remove,
5909 .drv_groups = sdebug_drv_groups,
git.samba.org / sfrench / cifs-2.6.git / blob