1 // SPDX-License-Identifier: GPL-2.0-or-later
3 * vvvvvvvvvvvvvvvvvvvvvvv Original vvvvvvvvvvvvvvvvvvvvvvvvvvvvvvv
4 * Copyright (C) 1992 Eric Youngdale
5 * Simulate a host adapter with 2 disks attached. Do a lot of checking
6 * to make sure that we are not getting blocks mixed up, and PANIC if
7 * anything out of the ordinary is seen.
8 * ^^^^^^^^^^^^^^^^^^^^^^^ Original ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
10 * Copyright (C) 2001 - 2021 Douglas Gilbert
12 * For documentation see http://sg.danny.cz/sg/scsi_debug.html
16 #define pr_fmt(fmt) KBUILD_MODNAME ":%s: " fmt, __func__
18 #include <linux/module.h>
19 #include <linux/align.h>
20 #include <linux/kernel.h>
21 #include <linux/errno.h>
22 #include <linux/jiffies.h>
23 #include <linux/slab.h>
24 #include <linux/types.h>
25 #include <linux/string.h>
27 #include <linux/init.h>
28 #include <linux/proc_fs.h>
29 #include <linux/vmalloc.h>
30 #include <linux/moduleparam.h>
31 #include <linux/scatterlist.h>
32 #include <linux/blkdev.h>
33 #include <linux/crc-t10dif.h>
34 #include <linux/spinlock.h>
35 #include <linux/interrupt.h>
36 #include <linux/atomic.h>
37 #include <linux/hrtimer.h>
38 #include <linux/uuid.h>
39 #include <linux/t10-pi.h>
40 #include <linux/msdos_partition.h>
41 #include <linux/random.h>
42 #include <linux/xarray.h>
43 #include <linux/prefetch.h>
44 #include <linux/debugfs.h>
45 #include <linux/async.h>
47 #include <net/checksum.h>
49 #include <asm/unaligned.h>
51 #include <scsi/scsi.h>
52 #include <scsi/scsi_cmnd.h>
53 #include <scsi/scsi_device.h>
54 #include <scsi/scsi_host.h>
55 #include <scsi/scsicam.h>
56 #include <scsi/scsi_eh.h>
57 #include <scsi/scsi_tcq.h>
58 #include <scsi/scsi_dbg.h>
61 #include "scsi_logging.h"
63 /* make sure inq_product_rev string corresponds to this version */
64 #define SDEBUG_VERSION "0191" /* format to fit INQUIRY revision field */
65 static const char *sdebug_version_date = "20210520";
67 #define MY_NAME "scsi_debug"
69 /* Additional Sense Code (ASC) */
70 #define NO_ADDITIONAL_SENSE 0x0
71 #define LOGICAL_UNIT_NOT_READY 0x4
72 #define LOGICAL_UNIT_COMMUNICATION_FAILURE 0x8
73 #define UNRECOVERED_READ_ERR 0x11
74 #define PARAMETER_LIST_LENGTH_ERR 0x1a
75 #define INVALID_OPCODE 0x20
76 #define LBA_OUT_OF_RANGE 0x21
77 #define INVALID_FIELD_IN_CDB 0x24
78 #define INVALID_FIELD_IN_PARAM_LIST 0x26
79 #define WRITE_PROTECTED 0x27
80 #define UA_RESET_ASC 0x29
81 #define UA_CHANGED_ASC 0x2a
82 #define TARGET_CHANGED_ASC 0x3f
83 #define LUNS_CHANGED_ASCQ 0x0e
84 #define INSUFF_RES_ASC 0x55
85 #define INSUFF_RES_ASCQ 0x3
86 #define POWER_ON_RESET_ASCQ 0x0
87 #define POWER_ON_OCCURRED_ASCQ 0x1
88 #define BUS_RESET_ASCQ 0x2 /* scsi bus reset occurred */
89 #define MODE_CHANGED_ASCQ 0x1 /* mode parameters changed */
90 #define CAPACITY_CHANGED_ASCQ 0x9
91 #define SAVING_PARAMS_UNSUP 0x39
92 #define TRANSPORT_PROBLEM 0x4b
93 #define THRESHOLD_EXCEEDED 0x5d
94 #define LOW_POWER_COND_ON 0x5e
95 #define MISCOMPARE_VERIFY_ASC 0x1d
96 #define MICROCODE_CHANGED_ASCQ 0x1 /* with TARGET_CHANGED_ASC */
97 #define MICROCODE_CHANGED_WO_RESET_ASCQ 0x16
98 #define WRITE_ERROR_ASC 0xc
99 #define UNALIGNED_WRITE_ASCQ 0x4
100 #define WRITE_BOUNDARY_ASCQ 0x5
101 #define READ_INVDATA_ASCQ 0x6
102 #define READ_BOUNDARY_ASCQ 0x7
103 #define ATTEMPT_ACCESS_GAP 0x9
104 #define INSUFF_ZONE_ASCQ 0xe
106 /* Additional Sense Code Qualifier (ASCQ) */
107 #define ACK_NAK_TO 0x3
109 /* Default values for driver parameters */
110 #define DEF_NUM_HOST 1
111 #define DEF_NUM_TGTS 1
112 #define DEF_MAX_LUNS 1
113 /* With these defaults, this driver will make 1 host with 1 target
114 * (id 0) containing 1 logical unit (lun 0). That is 1 device.
117 #define DEF_CDB_LEN 10
118 #define DEF_JDELAY 1 /* if > 0 unit is a jiffy */
119 #define DEF_DEV_SIZE_PRE_INIT 0
120 #define DEF_DEV_SIZE_MB 8
121 #define DEF_ZBC_DEV_SIZE_MB 128
124 #define DEF_PER_HOST_STORE false
125 #define DEF_D_SENSE 0
126 #define DEF_EVERY_NTH 0
127 #define DEF_FAKE_RW 0
129 #define DEF_HOST_LOCK 0
132 #define DEF_LBPWS10 0
134 #define DEF_LOWEST_ALIGNED 0
135 #define DEF_NDELAY 0 /* if > 0 unit is a nanosecond */
136 #define DEF_NO_LUN_0 0
137 #define DEF_NUM_PARTS 0
139 #define DEF_OPT_BLKS 1024
140 #define DEF_PHYSBLK_EXP 0
141 #define DEF_OPT_XFERLEN_EXP 0
142 #define DEF_PTYPE TYPE_DISK
143 #define DEF_RANDOM false
144 #define DEF_REMOVABLE false
145 #define DEF_SCSI_LEVEL 7 /* INQUIRY, byte2 [6->SPC-4; 7->SPC-5] */
146 #define DEF_SECTOR_SIZE 512
147 #define DEF_UNMAP_ALIGNMENT 0
148 #define DEF_UNMAP_GRANULARITY 1
149 #define DEF_UNMAP_MAX_BLOCKS 0xFFFFFFFF
150 #define DEF_UNMAP_MAX_DESC 256
151 #define DEF_VIRTUAL_GB 0
152 #define DEF_VPD_USE_HOSTNO 1
153 #define DEF_WRITESAME_LENGTH 0xFFFF
155 #define DEF_STATISTICS false
156 #define DEF_SUBMIT_QUEUES 1
157 #define DEF_TUR_MS_TO_READY 0
158 #define DEF_UUID_CTL 0
159 #define JDELAY_OVERRIDDEN -9999
161 /* Default parameters for ZBC drives */
162 #define DEF_ZBC_ZONE_SIZE_MB 128
163 #define DEF_ZBC_MAX_OPEN_ZONES 8
164 #define DEF_ZBC_NR_CONV_ZONES 1
166 #define SDEBUG_LUN_0_VAL 0
168 /* bit mask values for sdebug_opts */
169 #define SDEBUG_OPT_NOISE 1
170 #define SDEBUG_OPT_MEDIUM_ERR 2
171 #define SDEBUG_OPT_TIMEOUT 4
172 #define SDEBUG_OPT_RECOVERED_ERR 8
173 #define SDEBUG_OPT_TRANSPORT_ERR 16
174 #define SDEBUG_OPT_DIF_ERR 32
175 #define SDEBUG_OPT_DIX_ERR 64
176 #define SDEBUG_OPT_MAC_TIMEOUT 128
177 #define SDEBUG_OPT_SHORT_TRANSFER 0x100
178 #define SDEBUG_OPT_Q_NOISE 0x200
179 #define SDEBUG_OPT_ALL_TSF 0x400 /* ignore */
180 #define SDEBUG_OPT_RARE_TSF 0x800
181 #define SDEBUG_OPT_N_WCE 0x1000
182 #define SDEBUG_OPT_RESET_NOISE 0x2000
183 #define SDEBUG_OPT_NO_CDB_NOISE 0x4000
184 #define SDEBUG_OPT_HOST_BUSY 0x8000
185 #define SDEBUG_OPT_CMD_ABORT 0x10000
186 #define SDEBUG_OPT_ALL_NOISE (SDEBUG_OPT_NOISE | SDEBUG_OPT_Q_NOISE | \
187 SDEBUG_OPT_RESET_NOISE)
188 #define SDEBUG_OPT_ALL_INJECTING (SDEBUG_OPT_RECOVERED_ERR | \
189 SDEBUG_OPT_TRANSPORT_ERR | \
190 SDEBUG_OPT_DIF_ERR | SDEBUG_OPT_DIX_ERR | \
191 SDEBUG_OPT_SHORT_TRANSFER | \
192 SDEBUG_OPT_HOST_BUSY | \
193 SDEBUG_OPT_CMD_ABORT)
194 #define SDEBUG_OPT_RECOV_DIF_DIX (SDEBUG_OPT_RECOVERED_ERR | \
195 SDEBUG_OPT_DIF_ERR | SDEBUG_OPT_DIX_ERR)
197 /* As indicated in SAM-5 and SPC-4 Unit Attentions (UAs) are returned in
198 * priority order. In the subset implemented here lower numbers have higher
199 * priority. The UA numbers should be a sequence starting from 0 with
200 * SDEBUG_NUM_UAS being 1 higher than the highest numbered UA. */
201 #define SDEBUG_UA_POR 0 /* Power on, reset, or bus device reset */
202 #define SDEBUG_UA_POOCCUR 1 /* Power on occurred */
203 #define SDEBUG_UA_BUS_RESET 2
204 #define SDEBUG_UA_MODE_CHANGED 3
205 #define SDEBUG_UA_CAPACITY_CHANGED 4
206 #define SDEBUG_UA_LUNS_CHANGED 5
207 #define SDEBUG_UA_MICROCODE_CHANGED 6 /* simulate firmware change */
208 #define SDEBUG_UA_MICROCODE_CHANGED_WO_RESET 7
209 #define SDEBUG_NUM_UAS 8
211 /* when 1==SDEBUG_OPT_MEDIUM_ERR, a medium error is simulated at this
212 * sector on read commands: */
213 #define OPT_MEDIUM_ERR_ADDR 0x1234 /* that's sector 4660 in decimal */
214 #define OPT_MEDIUM_ERR_NUM 10 /* number of consecutive medium errs */
216 /* SDEBUG_CANQUEUE is the maximum number of commands that can be queued
217 * (for response) per submit queue at one time. Can be reduced by max_queue
218 * option. Command responses are not queued when jdelay=0 and ndelay=0. The
219 * per-device DEF_CMD_PER_LUN can be changed via sysfs:
220 * /sys/class/scsi_device/<h:c:t:l>/device/queue_depth
221 * but cannot exceed SDEBUG_CANQUEUE .
223 #define SDEBUG_CANQUEUE_WORDS 3 /* a WORD is bits in a long */
224 #define SDEBUG_CANQUEUE (SDEBUG_CANQUEUE_WORDS * BITS_PER_LONG)
225 #define DEF_CMD_PER_LUN SDEBUG_CANQUEUE
227 /* UA - Unit Attention; SA - Service Action; SSU - Start Stop Unit */
228 #define F_D_IN 1 /* Data-in command (e.g. READ) */
229 #define F_D_OUT 2 /* Data-out command (e.g. WRITE) */
230 #define F_D_OUT_MAYBE 4 /* WRITE SAME, NDOB bit */
232 #define F_RL_WLUN_OK 0x10 /* allowed with REPORT LUNS W-LUN */
233 #define F_SKIP_UA 0x20 /* bypass UAs (e.g. INQUIRY command) */
234 #define F_DELAY_OVERR 0x40 /* for commands like INQUIRY */
235 #define F_SA_LOW 0x80 /* SA is in cdb byte 1, bits 4 to 0 */
236 #define F_SA_HIGH 0x100 /* SA is in cdb bytes 8 and 9 */
237 #define F_INV_OP 0x200 /* invalid opcode (not supported) */
238 #define F_FAKE_RW 0x400 /* bypass resp_*() when fake_rw set */
239 #define F_M_ACCESS 0x800 /* media access, reacts to SSU state */
240 #define F_SSU_DELAY 0x1000 /* SSU command delay (long-ish) */
241 #define F_SYNC_DELAY 0x2000 /* SYNCHRONIZE CACHE delay */
243 /* Useful combinations of the above flags */
244 #define FF_RESPOND (F_RL_WLUN_OK | F_SKIP_UA | F_DELAY_OVERR)
245 #define FF_MEDIA_IO (F_M_ACCESS | F_FAKE_RW)
246 #define FF_SA (F_SA_HIGH | F_SA_LOW)
247 #define F_LONG_DELAY (F_SSU_DELAY | F_SYNC_DELAY)
249 #define SDEBUG_MAX_PARTS 4
251 #define SDEBUG_MAX_CMD_LEN 32
253 #define SDEB_XA_NOT_IN_USE XA_MARK_1
255 static struct kmem_cache *queued_cmd_cache;
257 #define TO_QUEUED_CMD(scmd) ((void *)(scmd)->host_scribble)
258 #define ASSIGN_QUEUED_CMD(scmnd, qc) { (scmnd)->host_scribble = (void *) qc; }
260 /* Zone types (zbcr05 table 25) */
265 /* ZBC_ZTYPE_SOBR = 0x4, */
269 /* enumeration names taken from table 26, zbcr05 */
271 ZBC_NOT_WRITE_POINTER = 0x0,
273 ZC2_IMPLICIT_OPEN = 0x2,
274 ZC3_EXPLICIT_OPEN = 0x3,
281 struct sdeb_zone_state { /* ZBC: per zone state */
282 enum sdebug_z_type z_type;
283 enum sdebug_z_cond z_cond;
284 bool z_non_seq_resource;
290 enum sdebug_err_type {
291 ERR_TMOUT_CMD = 0, /* make specific scsi command timeout */
292 ERR_FAIL_QUEUE_CMD = 1, /* make specific scsi command's */
293 /* queuecmd return failed */
294 ERR_FAIL_CMD = 2, /* make specific scsi command's */
295 /* queuecmd return succeed but */
296 /* with errors set in scsi_cmnd */
297 ERR_ABORT_CMD_FAILED = 3, /* control return FAILED from */
298 /* scsi_debug_abort() */
299 ERR_LUN_RESET_FAILED = 4, /* control return FAILED from */
300 /* scsi_debug_device_reseLUN_RESET_FAILEDt() */
303 struct sdebug_err_inject {
305 struct list_head list;
312 * For ERR_FAIL_QUEUE_CMD
320 unsigned char host_byte;
321 unsigned char driver_byte;
322 unsigned char status_byte;
323 unsigned char sense_key;
330 struct sdebug_dev_info {
331 struct list_head dev_list;
332 unsigned int channel;
336 struct sdebug_host_info *sdbg_host;
337 unsigned long uas_bm[1];
338 atomic_t stopped; /* 1: by SSU, 2: device start */
341 /* For ZBC devices */
345 unsigned int zsize_shift;
346 unsigned int nr_zones;
347 unsigned int nr_conv_zones;
348 unsigned int nr_seq_zones;
349 unsigned int nr_imp_open;
350 unsigned int nr_exp_open;
351 unsigned int nr_closed;
352 unsigned int max_open;
353 ktime_t create_ts; /* time since bootup that this device was created */
354 struct sdeb_zone_state *zstate;
356 struct dentry *debugfs_entry;
357 struct spinlock list_lock;
358 struct list_head inject_err_list;
361 struct sdebug_target_info {
363 struct dentry *debugfs_entry;
366 struct sdebug_host_info {
367 struct list_head host_list;
368 int si_idx; /* sdeb_store_info (per host) xarray index */
369 struct Scsi_Host *shost;
371 struct list_head dev_info_list;
374 /* There is an xarray of pointers to this struct's objects, one per host */
375 struct sdeb_store_info {
376 rwlock_t macc_lck; /* for atomic media access on this store */
377 u8 *storep; /* user data storage (ram) */
378 struct t10_pi_tuple *dif_storep; /* protection info */
379 void *map_storep; /* provisioning map */
382 #define dev_to_sdebug_host(d) \
383 container_of(d, struct sdebug_host_info, dev)
385 #define shost_to_sdebug_host(shost) \
386 dev_to_sdebug_host(shost->dma_dev)
388 enum sdeb_defer_type {SDEB_DEFER_NONE = 0, SDEB_DEFER_HRT = 1,
389 SDEB_DEFER_WQ = 2, SDEB_DEFER_POLL = 3};
391 struct sdebug_defer {
393 struct execute_work ew;
394 ktime_t cmpl_ts;/* time since boot to complete this cmd */
396 bool aborted; /* true when blk_abort_request() already called */
397 enum sdeb_defer_type defer_t;
400 struct sdebug_queued_cmd {
401 /* corresponding bit set in in_use_bm[] in owning struct sdebug_queue
402 * instance indicates this slot is in use.
404 struct sdebug_defer sd_dp;
405 struct scsi_cmnd *scmd;
408 struct sdebug_scsi_cmd {
412 static atomic_t sdebug_cmnd_count; /* number of incoming commands */
413 static atomic_t sdebug_completions; /* count of deferred completions */
414 static atomic_t sdebug_miss_cpus; /* submission + completion cpus differ */
415 static atomic_t sdebug_a_tsf; /* 'almost task set full' counter */
416 static atomic_t sdeb_inject_pending;
417 static atomic_t sdeb_mq_poll_count; /* bumped when mq_poll returns > 0 */
419 struct opcode_info_t {
420 u8 num_attached; /* 0 if this is it (i.e. a leaf); use 0xff */
421 /* for terminating element */
422 u8 opcode; /* if num_attached > 0, preferred */
423 u16 sa; /* service action */
424 u32 flags; /* OR-ed set of SDEB_F_* */
425 int (*pfp)(struct scsi_cmnd *, struct sdebug_dev_info *);
426 const struct opcode_info_t *arrp; /* num_attached elements or NULL */
427 u8 len_mask[16]; /* len_mask[0]-->cdb_len, then mask for cdb */
428 /* 1 to min(cdb_len, 15); ignore cdb[15...] */
431 /* SCSI opcodes (first byte of cdb) of interest mapped onto these indexes */
432 enum sdeb_opcode_index {
433 SDEB_I_INVALID_OPCODE = 0,
435 SDEB_I_REPORT_LUNS = 2,
436 SDEB_I_REQUEST_SENSE = 3,
437 SDEB_I_TEST_UNIT_READY = 4,
438 SDEB_I_MODE_SENSE = 5, /* 6, 10 */
439 SDEB_I_MODE_SELECT = 6, /* 6, 10 */
440 SDEB_I_LOG_SENSE = 7,
441 SDEB_I_READ_CAPACITY = 8, /* 10; 16 is in SA_IN(16) */
442 SDEB_I_READ = 9, /* 6, 10, 12, 16 */
443 SDEB_I_WRITE = 10, /* 6, 10, 12, 16 */
444 SDEB_I_START_STOP = 11,
445 SDEB_I_SERV_ACT_IN_16 = 12, /* add ...SERV_ACT_IN_12 if needed */
446 SDEB_I_SERV_ACT_OUT_16 = 13, /* add ...SERV_ACT_OUT_12 if needed */
447 SDEB_I_MAINT_IN = 14,
448 SDEB_I_MAINT_OUT = 15,
449 SDEB_I_VERIFY = 16, /* VERIFY(10), VERIFY(16) */
450 SDEB_I_VARIABLE_LEN = 17, /* READ(32), WRITE(32), WR_SCAT(32) */
451 SDEB_I_RESERVE = 18, /* 6, 10 */
452 SDEB_I_RELEASE = 19, /* 6, 10 */
453 SDEB_I_ALLOW_REMOVAL = 20, /* PREVENT ALLOW MEDIUM REMOVAL */
454 SDEB_I_REZERO_UNIT = 21, /* REWIND in SSC */
455 SDEB_I_ATA_PT = 22, /* 12, 16 */
456 SDEB_I_SEND_DIAG = 23,
458 SDEB_I_WRITE_BUFFER = 25,
459 SDEB_I_WRITE_SAME = 26, /* 10, 16 */
460 SDEB_I_SYNC_CACHE = 27, /* 10, 16 */
461 SDEB_I_COMP_WRITE = 28,
462 SDEB_I_PRE_FETCH = 29, /* 10, 16 */
463 SDEB_I_ZONE_OUT = 30, /* 0x94+SA; includes no data xfer */
464 SDEB_I_ZONE_IN = 31, /* 0x95+SA; all have data-in */
465 SDEB_I_LAST_ELEM_P1 = 32, /* keep this last (previous + 1) */
469 static const unsigned char opcode_ind_arr[256] = {
470 /* 0x0; 0x0->0x1f: 6 byte cdbs */
471 SDEB_I_TEST_UNIT_READY, SDEB_I_REZERO_UNIT, 0, SDEB_I_REQUEST_SENSE,
473 SDEB_I_READ, 0, SDEB_I_WRITE, 0, 0, 0, 0, 0,
474 0, 0, SDEB_I_INQUIRY, 0, 0, SDEB_I_MODE_SELECT, SDEB_I_RESERVE,
476 0, 0, SDEB_I_MODE_SENSE, SDEB_I_START_STOP, 0, SDEB_I_SEND_DIAG,
477 SDEB_I_ALLOW_REMOVAL, 0,
478 /* 0x20; 0x20->0x3f: 10 byte cdbs */
479 0, 0, 0, 0, 0, SDEB_I_READ_CAPACITY, 0, 0,
480 SDEB_I_READ, 0, SDEB_I_WRITE, 0, 0, 0, 0, SDEB_I_VERIFY,
481 0, 0, 0, 0, SDEB_I_PRE_FETCH, SDEB_I_SYNC_CACHE, 0, 0,
482 0, 0, 0, SDEB_I_WRITE_BUFFER, 0, 0, 0, 0,
483 /* 0x40; 0x40->0x5f: 10 byte cdbs */
484 0, SDEB_I_WRITE_SAME, SDEB_I_UNMAP, 0, 0, 0, 0, 0,
485 0, 0, 0, 0, 0, SDEB_I_LOG_SENSE, 0, 0,
486 0, 0, 0, 0, 0, SDEB_I_MODE_SELECT, SDEB_I_RESERVE,
488 0, 0, SDEB_I_MODE_SENSE, 0, 0, 0, 0, 0,
489 /* 0x60; 0x60->0x7d are reserved, 0x7e is "extended cdb" */
490 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
491 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
492 0, SDEB_I_VARIABLE_LEN,
493 /* 0x80; 0x80->0x9f: 16 byte cdbs */
494 0, 0, 0, 0, 0, SDEB_I_ATA_PT, 0, 0,
495 SDEB_I_READ, SDEB_I_COMP_WRITE, SDEB_I_WRITE, 0,
496 0, 0, 0, SDEB_I_VERIFY,
497 SDEB_I_PRE_FETCH, SDEB_I_SYNC_CACHE, 0, SDEB_I_WRITE_SAME,
498 SDEB_I_ZONE_OUT, SDEB_I_ZONE_IN, 0, 0,
499 0, 0, 0, 0, 0, 0, SDEB_I_SERV_ACT_IN_16, SDEB_I_SERV_ACT_OUT_16,
500 /* 0xa0; 0xa0->0xbf: 12 byte cdbs */
501 SDEB_I_REPORT_LUNS, SDEB_I_ATA_PT, 0, SDEB_I_MAINT_IN,
502 SDEB_I_MAINT_OUT, 0, 0, 0,
503 SDEB_I_READ, 0 /* SDEB_I_SERV_ACT_OUT_12 */, SDEB_I_WRITE,
504 0 /* SDEB_I_SERV_ACT_IN_12 */, 0, 0, 0, 0,
505 0, 0, 0, 0, 0, 0, 0, 0,
506 0, 0, 0, 0, 0, 0, 0, 0,
507 /* 0xc0; 0xc0->0xff: vendor specific */
508 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
509 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
510 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
511 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
515 * The following "response" functions return the SCSI mid-level's 4 byte
516 * tuple-in-an-int. To handle commands with an IMMED bit, for a faster
517 * command completion, they can mask their return value with
518 * SDEG_RES_IMMED_MASK .
520 #define SDEG_RES_IMMED_MASK 0x40000000
522 static int resp_inquiry(struct scsi_cmnd *, struct sdebug_dev_info *);
523 static int resp_report_luns(struct scsi_cmnd *, struct sdebug_dev_info *);
524 static int resp_requests(struct scsi_cmnd *, struct sdebug_dev_info *);
525 static int resp_mode_sense(struct scsi_cmnd *, struct sdebug_dev_info *);
526 static int resp_mode_select(struct scsi_cmnd *, struct sdebug_dev_info *);
527 static int resp_log_sense(struct scsi_cmnd *, struct sdebug_dev_info *);
528 static int resp_readcap(struct scsi_cmnd *, struct sdebug_dev_info *);
529 static int resp_read_dt0(struct scsi_cmnd *, struct sdebug_dev_info *);
530 static int resp_write_dt0(struct scsi_cmnd *, struct sdebug_dev_info *);
531 static int resp_write_scat(struct scsi_cmnd *, struct sdebug_dev_info *);
532 static int resp_start_stop(struct scsi_cmnd *, struct sdebug_dev_info *);
533 static int resp_readcap16(struct scsi_cmnd *, struct sdebug_dev_info *);
534 static int resp_get_lba_status(struct scsi_cmnd *, struct sdebug_dev_info *);
535 static int resp_report_tgtpgs(struct scsi_cmnd *, struct sdebug_dev_info *);
536 static int resp_unmap(struct scsi_cmnd *, struct sdebug_dev_info *);
537 static int resp_rsup_opcodes(struct scsi_cmnd *, struct sdebug_dev_info *);
538 static int resp_rsup_tmfs(struct scsi_cmnd *, struct sdebug_dev_info *);
539 static int resp_verify(struct scsi_cmnd *, struct sdebug_dev_info *);
540 static int resp_write_same_10(struct scsi_cmnd *, struct sdebug_dev_info *);
541 static int resp_write_same_16(struct scsi_cmnd *, struct sdebug_dev_info *);
542 static int resp_comp_write(struct scsi_cmnd *, struct sdebug_dev_info *);
543 static int resp_write_buffer(struct scsi_cmnd *, struct sdebug_dev_info *);
544 static int resp_sync_cache(struct scsi_cmnd *, struct sdebug_dev_info *);
545 static int resp_pre_fetch(struct scsi_cmnd *, struct sdebug_dev_info *);
546 static int resp_report_zones(struct scsi_cmnd *, struct sdebug_dev_info *);
547 static int resp_open_zone(struct scsi_cmnd *, struct sdebug_dev_info *);
548 static int resp_close_zone(struct scsi_cmnd *, struct sdebug_dev_info *);
549 static int resp_finish_zone(struct scsi_cmnd *, struct sdebug_dev_info *);
550 static int resp_rwp_zone(struct scsi_cmnd *, struct sdebug_dev_info *);
552 static int sdebug_do_add_host(bool mk_new_store);
553 static int sdebug_add_host_helper(int per_host_idx);
554 static void sdebug_do_remove_host(bool the_end);
555 static int sdebug_add_store(void);
556 static void sdebug_erase_store(int idx, struct sdeb_store_info *sip);
557 static void sdebug_erase_all_stores(bool apart_from_first);
559 static void sdebug_free_queued_cmd(struct sdebug_queued_cmd *sqcp);
562 * The following are overflow arrays for cdbs that "hit" the same index in
563 * the opcode_info_arr array. The most time sensitive (or commonly used) cdb
564 * should be placed in opcode_info_arr[], the others should be placed here.
566 static const struct opcode_info_t msense_iarr[] = {
567 {0, 0x1a, 0, F_D_IN, NULL, NULL,
568 {6, 0xe8, 0xff, 0xff, 0xff, 0xc7, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} },
571 static const struct opcode_info_t mselect_iarr[] = {
572 {0, 0x15, 0, F_D_OUT, NULL, NULL,
573 {6, 0xf1, 0, 0, 0xff, 0xc7, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} },
576 static const struct opcode_info_t read_iarr[] = {
577 {0, 0x28, 0, F_D_IN | FF_MEDIA_IO, resp_read_dt0, NULL,/* READ(10) */
578 {10, 0xff, 0xff, 0xff, 0xff, 0xff, 0x3f, 0xff, 0xff, 0xc7, 0, 0,
580 {0, 0x8, 0, F_D_IN | FF_MEDIA_IO, resp_read_dt0, NULL, /* READ(6) */
581 {6, 0xff, 0xff, 0xff, 0xff, 0xc7, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} },
582 {0, 0xa8, 0, F_D_IN | FF_MEDIA_IO, resp_read_dt0, NULL,/* READ(12) */
583 {12, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xbf,
587 static const struct opcode_info_t write_iarr[] = {
588 {0, 0x2a, 0, F_D_OUT | FF_MEDIA_IO, resp_write_dt0, /* WRITE(10) */
589 NULL, {10, 0xfb, 0xff, 0xff, 0xff, 0xff, 0x3f, 0xff, 0xff, 0xc7,
591 {0, 0xa, 0, F_D_OUT | FF_MEDIA_IO, resp_write_dt0, /* WRITE(6) */
592 NULL, {6, 0xff, 0xff, 0xff, 0xff, 0xc7, 0, 0, 0, 0, 0, 0, 0,
594 {0, 0xaa, 0, F_D_OUT | FF_MEDIA_IO, resp_write_dt0, /* WRITE(12) */
595 NULL, {12, 0xfb, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
596 0xbf, 0xc7, 0, 0, 0, 0} },
599 static const struct opcode_info_t verify_iarr[] = {
600 {0, 0x2f, 0, F_D_OUT_MAYBE | FF_MEDIA_IO, resp_verify,/* VERIFY(10) */
601 NULL, {10, 0xf7, 0xff, 0xff, 0xff, 0xff, 0xbf, 0xff, 0xff, 0xc7,
605 static const struct opcode_info_t sa_in_16_iarr[] = {
606 {0, 0x9e, 0x12, F_SA_LOW | F_D_IN, resp_get_lba_status, NULL,
607 {16, 0x12, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
608 0xff, 0xff, 0xff, 0, 0xc7} }, /* GET LBA STATUS(16) */
611 static const struct opcode_info_t vl_iarr[] = { /* VARIABLE LENGTH */
612 {0, 0x7f, 0xb, F_SA_HIGH | F_D_OUT | FF_MEDIA_IO, resp_write_dt0,
613 NULL, {32, 0xc7, 0, 0, 0, 0, 0x3f, 0x18, 0x0, 0xb, 0xfa,
614 0, 0xff, 0xff, 0xff, 0xff} }, /* WRITE(32) */
615 {0, 0x7f, 0x11, F_SA_HIGH | F_D_OUT | FF_MEDIA_IO, resp_write_scat,
616 NULL, {32, 0xc7, 0, 0, 0, 0, 0x3f, 0x18, 0x0, 0x11, 0xf8,
617 0, 0xff, 0xff, 0x0, 0x0} }, /* WRITE SCATTERED(32) */
620 static const struct opcode_info_t maint_in_iarr[] = { /* MAINT IN */
621 {0, 0xa3, 0xc, F_SA_LOW | F_D_IN, resp_rsup_opcodes, NULL,
622 {12, 0xc, 0x87, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0,
623 0xc7, 0, 0, 0, 0} }, /* REPORT SUPPORTED OPERATION CODES */
624 {0, 0xa3, 0xd, F_SA_LOW | F_D_IN, resp_rsup_tmfs, NULL,
625 {12, 0xd, 0x80, 0, 0, 0, 0xff, 0xff, 0xff, 0xff, 0, 0xc7, 0, 0,
626 0, 0} }, /* REPORTED SUPPORTED TASK MANAGEMENT FUNCTIONS */
629 static const struct opcode_info_t write_same_iarr[] = {
630 {0, 0x93, 0, F_D_OUT_MAYBE | FF_MEDIA_IO, resp_write_same_16, NULL,
631 {16, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
632 0xff, 0xff, 0xff, 0x3f, 0xc7} }, /* WRITE SAME(16) */
635 static const struct opcode_info_t reserve_iarr[] = {
636 {0, 0x16, 0, F_D_OUT, NULL, NULL, /* RESERVE(6) */
637 {6, 0x1f, 0xff, 0xff, 0xff, 0xc7, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} },
640 static const struct opcode_info_t release_iarr[] = {
641 {0, 0x17, 0, F_D_OUT, NULL, NULL, /* RELEASE(6) */
642 {6, 0x1f, 0xff, 0, 0, 0xc7, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} },
645 static const struct opcode_info_t sync_cache_iarr[] = {
646 {0, 0x91, 0, F_SYNC_DELAY | F_M_ACCESS, resp_sync_cache, NULL,
647 {16, 0x6, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
648 0xff, 0xff, 0xff, 0xff, 0x3f, 0xc7} }, /* SYNC_CACHE (16) */
651 static const struct opcode_info_t pre_fetch_iarr[] = {
652 {0, 0x90, 0, F_SYNC_DELAY | FF_MEDIA_IO, resp_pre_fetch, NULL,
653 {16, 0x2, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
654 0xff, 0xff, 0xff, 0xff, 0x3f, 0xc7} }, /* PRE-FETCH (16) */
657 static const struct opcode_info_t zone_out_iarr[] = { /* ZONE OUT(16) */
658 {0, 0x94, 0x1, F_SA_LOW | F_M_ACCESS, resp_close_zone, NULL,
659 {16, 0x1, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
660 0xff, 0, 0, 0xff, 0xff, 0x1, 0xc7} }, /* CLOSE ZONE */
661 {0, 0x94, 0x2, F_SA_LOW | F_M_ACCESS, resp_finish_zone, NULL,
662 {16, 0x2, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
663 0xff, 0, 0, 0xff, 0xff, 0x1, 0xc7} }, /* FINISH ZONE */
664 {0, 0x94, 0x4, F_SA_LOW | F_M_ACCESS, resp_rwp_zone, NULL,
665 {16, 0x4, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
666 0xff, 0, 0, 0xff, 0xff, 0x1, 0xc7} }, /* RESET WRITE POINTER */
669 static const struct opcode_info_t zone_in_iarr[] = { /* ZONE IN(16) */
670 {0, 0x95, 0x6, F_SA_LOW | F_D_IN | F_M_ACCESS, NULL, NULL,
671 {16, 0x6, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
672 0xff, 0xff, 0xff, 0xff, 0x3f, 0xc7} }, /* REPORT ZONES */
676 /* This array is accessed via SDEB_I_* values. Make sure all are mapped,
677 * plus the terminating elements for logic that scans this table such as
678 * REPORT SUPPORTED OPERATION CODES. */
679 static const struct opcode_info_t opcode_info_arr[SDEB_I_LAST_ELEM_P1 + 1] = {
681 {0, 0, 0, F_INV_OP | FF_RESPOND, NULL, NULL, /* unknown opcodes */
682 {0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} },
683 {0, 0x12, 0, FF_RESPOND | F_D_IN, resp_inquiry, NULL, /* INQUIRY */
684 {6, 0xe3, 0xff, 0xff, 0xff, 0xc7, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} },
685 {0, 0xa0, 0, FF_RESPOND | F_D_IN, resp_report_luns, NULL,
686 {12, 0xe3, 0xff, 0, 0, 0, 0xff, 0xff, 0xff, 0xff, 0, 0xc7, 0, 0,
687 0, 0} }, /* REPORT LUNS */
688 {0, 0x3, 0, FF_RESPOND | F_D_IN, resp_requests, NULL,
689 {6, 0xe1, 0, 0, 0xff, 0xc7, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} },
690 {0, 0x0, 0, F_M_ACCESS | F_RL_WLUN_OK, NULL, NULL,/* TEST UNIT READY */
691 {6, 0, 0, 0, 0, 0xc7, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} },
693 {ARRAY_SIZE(msense_iarr), 0x5a, 0, F_D_IN, /* MODE SENSE(10) */
694 resp_mode_sense, msense_iarr, {10, 0xf8, 0xff, 0xff, 0, 0, 0,
695 0xff, 0xff, 0xc7, 0, 0, 0, 0, 0, 0} },
696 {ARRAY_SIZE(mselect_iarr), 0x55, 0, F_D_OUT, /* MODE SELECT(10) */
697 resp_mode_select, mselect_iarr, {10, 0xf1, 0, 0, 0, 0, 0, 0xff,
698 0xff, 0xc7, 0, 0, 0, 0, 0, 0} },
699 {0, 0x4d, 0, F_D_IN, resp_log_sense, NULL, /* LOG SENSE */
700 {10, 0xe3, 0xff, 0xff, 0, 0xff, 0xff, 0xff, 0xff, 0xc7, 0, 0, 0,
702 {0, 0x25, 0, F_D_IN, resp_readcap, NULL, /* READ CAPACITY(10) */
703 {10, 0xe1, 0xff, 0xff, 0xff, 0xff, 0, 0, 0x1, 0xc7, 0, 0, 0, 0,
705 {ARRAY_SIZE(read_iarr), 0x88, 0, F_D_IN | FF_MEDIA_IO, /* READ(16) */
706 resp_read_dt0, read_iarr, {16, 0xfe, 0xff, 0xff, 0xff, 0xff,
707 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xc7} },
709 {ARRAY_SIZE(write_iarr), 0x8a, 0, F_D_OUT | FF_MEDIA_IO,
710 resp_write_dt0, write_iarr, /* WRITE(16) */
711 {16, 0xfa, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
712 0xff, 0xff, 0xff, 0xff, 0xff, 0xc7} },
713 {0, 0x1b, 0, F_SSU_DELAY, resp_start_stop, NULL,/* START STOP UNIT */
714 {6, 0x1, 0, 0xf, 0xf7, 0xc7, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} },
715 {ARRAY_SIZE(sa_in_16_iarr), 0x9e, 0x10, F_SA_LOW | F_D_IN,
716 resp_readcap16, sa_in_16_iarr, /* SA_IN(16), READ CAPACITY(16) */
717 {16, 0x10, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
718 0xff, 0xff, 0xff, 0xff, 0x1, 0xc7} },
719 {0, 0x9f, 0x12, F_SA_LOW | F_D_OUT | FF_MEDIA_IO, resp_write_scat,
720 NULL, {16, 0x12, 0xf9, 0x0, 0xff, 0xff, 0, 0, 0xff, 0xff, 0xff,
721 0xff, 0xff, 0xff, 0xff, 0xc7} }, /* SA_OUT(16), WRITE SCAT(16) */
722 {ARRAY_SIZE(maint_in_iarr), 0xa3, 0xa, F_SA_LOW | F_D_IN,
723 resp_report_tgtpgs, /* MAINT IN, REPORT TARGET PORT GROUPS */
724 maint_in_iarr, {12, 0xea, 0, 0, 0, 0, 0xff, 0xff, 0xff,
725 0xff, 0, 0xc7, 0, 0, 0, 0} },
727 {0, 0, 0, F_INV_OP | FF_RESPOND, NULL, NULL, /* MAINT OUT */
728 {0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} },
729 {ARRAY_SIZE(verify_iarr), 0x8f, 0,
730 F_D_OUT_MAYBE | FF_MEDIA_IO, resp_verify, /* VERIFY(16) */
731 verify_iarr, {16, 0xf6, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
732 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0x3f, 0xc7} },
733 {ARRAY_SIZE(vl_iarr), 0x7f, 0x9, F_SA_HIGH | F_D_IN | FF_MEDIA_IO,
734 resp_read_dt0, vl_iarr, /* VARIABLE LENGTH, READ(32) */
735 {32, 0xc7, 0, 0, 0, 0, 0x3f, 0x18, 0x0, 0x9, 0xfe, 0, 0xff, 0xff,
737 {ARRAY_SIZE(reserve_iarr), 0x56, 0, F_D_OUT,
738 NULL, reserve_iarr, /* RESERVE(10) <no response function> */
739 {10, 0xff, 0xff, 0xff, 0, 0, 0, 0xff, 0xff, 0xc7, 0, 0, 0, 0, 0,
741 {ARRAY_SIZE(release_iarr), 0x57, 0, F_D_OUT,
742 NULL, release_iarr, /* RELEASE(10) <no response function> */
743 {10, 0x13, 0xff, 0xff, 0, 0, 0, 0xff, 0xff, 0xc7, 0, 0, 0, 0, 0,
746 {0, 0x1e, 0, 0, NULL, NULL, /* ALLOW REMOVAL */
747 {6, 0, 0, 0, 0x3, 0xc7, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} },
748 {0, 0x1, 0, 0, resp_start_stop, NULL, /* REWIND ?? */
749 {6, 0x1, 0, 0, 0, 0xc7, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} },
750 {0, 0, 0, F_INV_OP | FF_RESPOND, NULL, NULL, /* ATA_PT */
751 {0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} },
752 {0, 0x1d, F_D_OUT, 0, NULL, NULL, /* SEND DIAGNOSTIC */
753 {6, 0xf7, 0, 0xff, 0xff, 0xc7, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} },
754 {0, 0x42, 0, F_D_OUT | FF_MEDIA_IO, resp_unmap, NULL, /* UNMAP */
755 {10, 0x1, 0, 0, 0, 0, 0x3f, 0xff, 0xff, 0xc7, 0, 0, 0, 0, 0, 0} },
757 {0, 0x3b, 0, F_D_OUT_MAYBE, resp_write_buffer, NULL,
758 {10, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xc7, 0, 0,
759 0, 0, 0, 0} }, /* WRITE_BUFFER */
760 {ARRAY_SIZE(write_same_iarr), 0x41, 0, F_D_OUT_MAYBE | FF_MEDIA_IO,
761 resp_write_same_10, write_same_iarr, /* WRITE SAME(10) */
762 {10, 0xff, 0xff, 0xff, 0xff, 0xff, 0x3f, 0xff, 0xff, 0xc7, 0,
764 {ARRAY_SIZE(sync_cache_iarr), 0x35, 0, F_SYNC_DELAY | F_M_ACCESS,
765 resp_sync_cache, sync_cache_iarr,
766 {10, 0x7, 0xff, 0xff, 0xff, 0xff, 0x3f, 0xff, 0xff, 0xc7, 0, 0,
767 0, 0, 0, 0} }, /* SYNC_CACHE (10) */
768 {0, 0x89, 0, F_D_OUT | FF_MEDIA_IO, resp_comp_write, NULL,
769 {16, 0xf8, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0, 0,
770 0, 0xff, 0x3f, 0xc7} }, /* COMPARE AND WRITE */
771 {ARRAY_SIZE(pre_fetch_iarr), 0x34, 0, F_SYNC_DELAY | FF_MEDIA_IO,
772 resp_pre_fetch, pre_fetch_iarr,
773 {10, 0x2, 0xff, 0xff, 0xff, 0xff, 0x3f, 0xff, 0xff, 0xc7, 0, 0,
774 0, 0, 0, 0} }, /* PRE-FETCH (10) */
777 {ARRAY_SIZE(zone_out_iarr), 0x94, 0x3, F_SA_LOW | F_M_ACCESS,
778 resp_open_zone, zone_out_iarr, /* ZONE_OUT(16), OPEN ZONE) */
779 {16, 0x3 /* SA */, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
780 0xff, 0xff, 0x0, 0x0, 0xff, 0xff, 0x1, 0xc7} },
781 {ARRAY_SIZE(zone_in_iarr), 0x95, 0x0, F_SA_LOW | F_M_ACCESS,
782 resp_report_zones, zone_in_iarr, /* ZONE_IN(16), REPORT ZONES) */
783 {16, 0x0 /* SA */, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
784 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xbf, 0xc7} },
786 {0xff, 0, 0, 0, NULL, NULL, /* terminating element */
787 {0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} },
790 static int sdebug_num_hosts;
791 static int sdebug_add_host = DEF_NUM_HOST; /* in sysfs this is relative */
792 static int sdebug_ato = DEF_ATO;
793 static int sdebug_cdb_len = DEF_CDB_LEN;
794 static int sdebug_jdelay = DEF_JDELAY; /* if > 0 then unit is jiffies */
795 static int sdebug_dev_size_mb = DEF_DEV_SIZE_PRE_INIT;
796 static int sdebug_dif = DEF_DIF;
797 static int sdebug_dix = DEF_DIX;
798 static int sdebug_dsense = DEF_D_SENSE;
799 static int sdebug_every_nth = DEF_EVERY_NTH;
800 static int sdebug_fake_rw = DEF_FAKE_RW;
801 static unsigned int sdebug_guard = DEF_GUARD;
802 static int sdebug_host_max_queue; /* per host */
803 static int sdebug_lowest_aligned = DEF_LOWEST_ALIGNED;
804 static int sdebug_max_luns = DEF_MAX_LUNS;
805 static int sdebug_max_queue = SDEBUG_CANQUEUE; /* per submit queue */
806 static unsigned int sdebug_medium_error_start = OPT_MEDIUM_ERR_ADDR;
807 static int sdebug_medium_error_count = OPT_MEDIUM_ERR_NUM;
808 static int sdebug_ndelay = DEF_NDELAY; /* if > 0 then unit is nanoseconds */
809 static int sdebug_no_lun_0 = DEF_NO_LUN_0;
810 static int sdebug_no_uld;
811 static int sdebug_num_parts = DEF_NUM_PARTS;
812 static int sdebug_num_tgts = DEF_NUM_TGTS; /* targets per host */
813 static int sdebug_opt_blks = DEF_OPT_BLKS;
814 static int sdebug_opts = DEF_OPTS;
815 static int sdebug_physblk_exp = DEF_PHYSBLK_EXP;
816 static int sdebug_opt_xferlen_exp = DEF_OPT_XFERLEN_EXP;
817 static int sdebug_ptype = DEF_PTYPE; /* SCSI peripheral device type */
818 static int sdebug_scsi_level = DEF_SCSI_LEVEL;
819 static int sdebug_sector_size = DEF_SECTOR_SIZE;
820 static int sdeb_tur_ms_to_ready = DEF_TUR_MS_TO_READY;
821 static int sdebug_virtual_gb = DEF_VIRTUAL_GB;
822 static int sdebug_vpd_use_hostno = DEF_VPD_USE_HOSTNO;
823 static unsigned int sdebug_lbpu = DEF_LBPU;
824 static unsigned int sdebug_lbpws = DEF_LBPWS;
825 static unsigned int sdebug_lbpws10 = DEF_LBPWS10;
826 static unsigned int sdebug_lbprz = DEF_LBPRZ;
827 static unsigned int sdebug_unmap_alignment = DEF_UNMAP_ALIGNMENT;
828 static unsigned int sdebug_unmap_granularity = DEF_UNMAP_GRANULARITY;
829 static unsigned int sdebug_unmap_max_blocks = DEF_UNMAP_MAX_BLOCKS;
830 static unsigned int sdebug_unmap_max_desc = DEF_UNMAP_MAX_DESC;
831 static unsigned int sdebug_write_same_length = DEF_WRITESAME_LENGTH;
832 static int sdebug_uuid_ctl = DEF_UUID_CTL;
833 static bool sdebug_random = DEF_RANDOM;
834 static bool sdebug_per_host_store = DEF_PER_HOST_STORE;
835 static bool sdebug_removable = DEF_REMOVABLE;
836 static bool sdebug_clustering;
837 static bool sdebug_host_lock = DEF_HOST_LOCK;
838 static bool sdebug_strict = DEF_STRICT;
839 static bool sdebug_any_injecting_opt;
840 static bool sdebug_no_rwlock;
841 static bool sdebug_verbose;
842 static bool have_dif_prot;
843 static bool write_since_sync;
844 static bool sdebug_statistics = DEF_STATISTICS;
845 static bool sdebug_wp;
846 static bool sdebug_allow_restart;
851 } sdeb_zbc_model = BLK_ZONED_NONE;
852 static char *sdeb_zbc_model_s;
854 enum sam_lun_addr_method {SAM_LUN_AM_PERIPHERAL = 0x0,
855 SAM_LUN_AM_FLAT = 0x1,
856 SAM_LUN_AM_LOGICAL_UNIT = 0x2,
857 SAM_LUN_AM_EXTENDED = 0x3};
858 static enum sam_lun_addr_method sdebug_lun_am = SAM_LUN_AM_PERIPHERAL;
859 static int sdebug_lun_am_i = (int)SAM_LUN_AM_PERIPHERAL;
861 static unsigned int sdebug_store_sectors;
862 static sector_t sdebug_capacity; /* in sectors */
864 /* old BIOS stuff, kernel may get rid of them but some mode sense pages
865 may still need them */
866 static int sdebug_heads; /* heads per disk */
867 static int sdebug_cylinders_per; /* cylinders per surface */
868 static int sdebug_sectors_per; /* sectors per cylinder */
870 static LIST_HEAD(sdebug_host_list);
871 static DEFINE_MUTEX(sdebug_host_list_mutex);
873 static struct xarray per_store_arr;
874 static struct xarray *per_store_ap = &per_store_arr;
875 static int sdeb_first_idx = -1; /* invalid index ==> none created */
876 static int sdeb_most_recent_idx = -1;
877 static DEFINE_RWLOCK(sdeb_fake_rw_lck); /* need a RW lock when fake_rw=1 */
879 static unsigned long map_size;
880 static int num_aborts;
881 static int num_dev_resets;
882 static int num_target_resets;
883 static int num_bus_resets;
884 static int num_host_resets;
885 static int dix_writes;
886 static int dix_reads;
887 static int dif_errors;
889 /* ZBC global data */
890 static bool sdeb_zbc_in_use; /* true for host-aware and host-managed disks */
891 static int sdeb_zbc_zone_cap_mb;
892 static int sdeb_zbc_zone_size_mb;
893 static int sdeb_zbc_max_open = DEF_ZBC_MAX_OPEN_ZONES;
894 static int sdeb_zbc_nr_conv = DEF_ZBC_NR_CONV_ZONES;
896 static int submit_queues = DEF_SUBMIT_QUEUES; /* > 1 for multi-queue (mq) */
897 static int poll_queues; /* iouring iopoll interface.*/
899 static char sdebug_proc_name[] = MY_NAME;
900 static const char *my_name = MY_NAME;
902 static const struct bus_type pseudo_lld_bus;
904 static struct device_driver sdebug_driverfs_driver = {
905 .name = sdebug_proc_name,
906 .bus = &pseudo_lld_bus,
909 static const int check_condition_result =
910 SAM_STAT_CHECK_CONDITION;
912 static const int illegal_condition_result =
913 (DID_ABORT << 16) | SAM_STAT_CHECK_CONDITION;
915 static const int device_qfull_result =
916 (DID_ABORT << 16) | SAM_STAT_TASK_SET_FULL;
918 static const int condition_met_result = SAM_STAT_CONDITION_MET;
920 static struct dentry *sdebug_debugfs_root;
922 static void sdebug_err_free(struct rcu_head *head)
924 struct sdebug_err_inject *inject =
925 container_of(head, typeof(*inject), rcu);
930 static void sdebug_err_add(struct scsi_device *sdev, struct sdebug_err_inject *new)
932 struct sdebug_dev_info *devip = (struct sdebug_dev_info *)sdev->hostdata;
933 struct sdebug_err_inject *err;
935 spin_lock(&devip->list_lock);
936 list_for_each_entry_rcu(err, &devip->inject_err_list, list) {
937 if (err->type == new->type && err->cmd == new->cmd) {
938 list_del_rcu(&err->list);
939 call_rcu(&err->rcu, sdebug_err_free);
943 list_add_tail_rcu(&new->list, &devip->inject_err_list);
944 spin_unlock(&devip->list_lock);
947 static int sdebug_err_remove(struct scsi_device *sdev, const char *buf, size_t count)
949 struct sdebug_dev_info *devip = (struct sdebug_dev_info *)sdev->hostdata;
950 struct sdebug_err_inject *err;
954 if (sscanf(buf, "- %d %hhx", &type, &cmd) != 2) {
959 spin_lock(&devip->list_lock);
960 list_for_each_entry_rcu(err, &devip->inject_err_list, list) {
961 if (err->type == type && err->cmd == cmd) {
962 list_del_rcu(&err->list);
963 call_rcu(&err->rcu, sdebug_err_free);
964 spin_unlock(&devip->list_lock);
969 spin_unlock(&devip->list_lock);
975 static int sdebug_error_show(struct seq_file *m, void *p)
977 struct scsi_device *sdev = (struct scsi_device *)m->private;
978 struct sdebug_dev_info *devip = (struct sdebug_dev_info *)sdev->hostdata;
979 struct sdebug_err_inject *err;
981 seq_puts(m, "Type\tCount\tCommand\n");
984 list_for_each_entry_rcu(err, &devip->inject_err_list, list) {
987 case ERR_ABORT_CMD_FAILED:
988 case ERR_LUN_RESET_FAILED:
989 seq_printf(m, "%d\t%d\t0x%x\n", err->type, err->cnt,
993 case ERR_FAIL_QUEUE_CMD:
994 seq_printf(m, "%d\t%d\t0x%x\t0x%x\n", err->type,
995 err->cnt, err->cmd, err->queuecmd_ret);
999 seq_printf(m, "%d\t%d\t0x%x\t0x%x 0x%x 0x%x 0x%x 0x%x 0x%x\n",
1000 err->type, err->cnt, err->cmd,
1001 err->host_byte, err->driver_byte,
1002 err->status_byte, err->sense_key,
1003 err->asc, err->asq);
1012 static int sdebug_error_open(struct inode *inode, struct file *file)
1014 return single_open(file, sdebug_error_show, inode->i_private);
1017 static ssize_t sdebug_error_write(struct file *file, const char __user *ubuf,
1018 size_t count, loff_t *ppos)
1021 unsigned int inject_type;
1022 struct sdebug_err_inject *inject;
1023 struct scsi_device *sdev = (struct scsi_device *)file->f_inode->i_private;
1025 buf = kzalloc(count + 1, GFP_KERNEL);
1029 if (copy_from_user(buf, ubuf, count)) {
1035 return sdebug_err_remove(sdev, buf, count);
1037 if (sscanf(buf, "%d", &inject_type) != 1) {
1042 inject = kzalloc(sizeof(struct sdebug_err_inject), GFP_KERNEL);
1048 switch (inject_type) {
1050 case ERR_ABORT_CMD_FAILED:
1051 case ERR_LUN_RESET_FAILED:
1052 if (sscanf(buf, "%d %d %hhx", &inject->type, &inject->cnt,
1057 case ERR_FAIL_QUEUE_CMD:
1058 if (sscanf(buf, "%d %d %hhx %x", &inject->type, &inject->cnt,
1059 &inject->cmd, &inject->queuecmd_ret) != 4)
1064 if (sscanf(buf, "%d %d %hhx %hhx %hhx %hhx %hhx %hhx %hhx",
1065 &inject->type, &inject->cnt, &inject->cmd,
1066 &inject->host_byte, &inject->driver_byte,
1067 &inject->status_byte, &inject->sense_key,
1068 &inject->asc, &inject->asq) != 9)
1078 sdebug_err_add(sdev, inject);
1088 static const struct file_operations sdebug_error_fops = {
1089 .open = sdebug_error_open,
1091 .write = sdebug_error_write,
1092 .release = single_release,
1095 static int sdebug_target_reset_fail_show(struct seq_file *m, void *p)
1097 struct scsi_target *starget = (struct scsi_target *)m->private;
1098 struct sdebug_target_info *targetip =
1099 (struct sdebug_target_info *)starget->hostdata;
1102 seq_printf(m, "%c\n", targetip->reset_fail ? 'Y' : 'N');
1107 static int sdebug_target_reset_fail_open(struct inode *inode, struct file *file)
1109 return single_open(file, sdebug_target_reset_fail_show, inode->i_private);
1112 static ssize_t sdebug_target_reset_fail_write(struct file *file,
1113 const char __user *ubuf, size_t count, loff_t *ppos)
1116 struct scsi_target *starget =
1117 (struct scsi_target *)file->f_inode->i_private;
1118 struct sdebug_target_info *targetip =
1119 (struct sdebug_target_info *)starget->hostdata;
1122 ret = kstrtobool_from_user(ubuf, count, &targetip->reset_fail);
1123 return ret < 0 ? ret : count;
1128 static const struct file_operations sdebug_target_reset_fail_fops = {
1129 .open = sdebug_target_reset_fail_open,
1131 .write = sdebug_target_reset_fail_write,
1132 .release = single_release,
1135 static int sdebug_target_alloc(struct scsi_target *starget)
1137 struct sdebug_target_info *targetip;
1139 targetip = kzalloc(sizeof(struct sdebug_target_info), GFP_KERNEL);
1143 targetip->debugfs_entry = debugfs_create_dir(dev_name(&starget->dev),
1144 sdebug_debugfs_root);
1146 debugfs_create_file("fail_reset", 0600, targetip->debugfs_entry, starget,
1147 &sdebug_target_reset_fail_fops);
1149 starget->hostdata = targetip;
1154 static void sdebug_tartget_cleanup_async(void *data, async_cookie_t cookie)
1156 struct sdebug_target_info *targetip = data;
1158 debugfs_remove(targetip->debugfs_entry);
1162 static void sdebug_target_destroy(struct scsi_target *starget)
1164 struct sdebug_target_info *targetip;
1166 targetip = (struct sdebug_target_info *)starget->hostdata;
1168 starget->hostdata = NULL;
1169 async_schedule(sdebug_tartget_cleanup_async, targetip);
1173 /* Only do the extra work involved in logical block provisioning if one or
1174 * more of the lbpu, lbpws or lbpws10 parameters are given and we are doing
1175 * real reads and writes (i.e. not skipping them for speed).
1177 static inline bool scsi_debug_lbp(void)
1179 return 0 == sdebug_fake_rw &&
1180 (sdebug_lbpu || sdebug_lbpws || sdebug_lbpws10);
1183 static void *lba2fake_store(struct sdeb_store_info *sip,
1184 unsigned long long lba)
1186 struct sdeb_store_info *lsip = sip;
1188 lba = do_div(lba, sdebug_store_sectors);
1189 if (!sip || !sip->storep) {
1191 lsip = xa_load(per_store_ap, 0); /* should never be NULL */
1193 return lsip->storep + lba * sdebug_sector_size;
1196 static struct t10_pi_tuple *dif_store(struct sdeb_store_info *sip,
1199 sector = sector_div(sector, sdebug_store_sectors);
1201 return sip->dif_storep + sector;
1204 static void sdebug_max_tgts_luns(void)
1206 struct sdebug_host_info *sdbg_host;
1207 struct Scsi_Host *hpnt;
1209 mutex_lock(&sdebug_host_list_mutex);
1210 list_for_each_entry(sdbg_host, &sdebug_host_list, host_list) {
1211 hpnt = sdbg_host->shost;
1212 if ((hpnt->this_id >= 0) &&
1213 (sdebug_num_tgts > hpnt->this_id))
1214 hpnt->max_id = sdebug_num_tgts + 1;
1216 hpnt->max_id = sdebug_num_tgts;
1217 /* sdebug_max_luns; */
1218 hpnt->max_lun = SCSI_W_LUN_REPORT_LUNS + 1;
1220 mutex_unlock(&sdebug_host_list_mutex);
1223 enum sdeb_cmd_data {SDEB_IN_DATA = 0, SDEB_IN_CDB = 1};
1225 /* Set in_bit to -1 to indicate no bit position of invalid field */
1226 static void mk_sense_invalid_fld(struct scsi_cmnd *scp,
1227 enum sdeb_cmd_data c_d,
1228 int in_byte, int in_bit)
1230 unsigned char *sbuff;
1234 sbuff = scp->sense_buffer;
1236 sdev_printk(KERN_ERR, scp->device,
1237 "%s: sense_buffer is NULL\n", __func__);
1240 asc = c_d ? INVALID_FIELD_IN_CDB : INVALID_FIELD_IN_PARAM_LIST;
1241 memset(sbuff, 0, SCSI_SENSE_BUFFERSIZE);
1242 scsi_build_sense(scp, sdebug_dsense, ILLEGAL_REQUEST, asc, 0);
1243 memset(sks, 0, sizeof(sks));
1249 sks[0] |= 0x7 & in_bit;
1251 put_unaligned_be16(in_byte, sks + 1);
1252 if (sdebug_dsense) {
1256 sbuff[sl + 1] = 0x6;
1257 memcpy(sbuff + sl + 4, sks, 3);
1259 memcpy(sbuff + 15, sks, 3);
1261 sdev_printk(KERN_INFO, scp->device, "%s: [sense_key,asc,ascq"
1262 "]: [0x5,0x%x,0x0] %c byte=%d, bit=%d\n",
1263 my_name, asc, c_d ? 'C' : 'D', in_byte, in_bit);
1266 static void mk_sense_buffer(struct scsi_cmnd *scp, int key, int asc, int asq)
1268 if (!scp->sense_buffer) {
1269 sdev_printk(KERN_ERR, scp->device,
1270 "%s: sense_buffer is NULL\n", __func__);
1273 memset(scp->sense_buffer, 0, SCSI_SENSE_BUFFERSIZE);
1275 scsi_build_sense(scp, sdebug_dsense, key, asc, asq);
1278 sdev_printk(KERN_INFO, scp->device,
1279 "%s: [sense_key,asc,ascq]: [0x%x,0x%x,0x%x]\n",
1280 my_name, key, asc, asq);
1283 static void mk_sense_invalid_opcode(struct scsi_cmnd *scp)
1285 mk_sense_buffer(scp, ILLEGAL_REQUEST, INVALID_OPCODE, 0);
1288 static int scsi_debug_ioctl(struct scsi_device *dev, unsigned int cmd,
1291 if (sdebug_verbose) {
1293 sdev_printk(KERN_INFO, dev,
1294 "%s: BLKFLSBUF [0x1261]\n", __func__);
1295 else if (0x5331 == cmd)
1296 sdev_printk(KERN_INFO, dev,
1297 "%s: CDROM_GET_CAPABILITY [0x5331]\n",
1300 sdev_printk(KERN_INFO, dev, "%s: cmd=0x%x\n",
1304 /* return -ENOTTY; // correct return but upsets fdisk */
1307 static void config_cdb_len(struct scsi_device *sdev)
1309 switch (sdebug_cdb_len) {
1310 case 6: /* suggest 6 byte READ, WRITE and MODE SENSE/SELECT */
1311 sdev->use_10_for_rw = false;
1312 sdev->use_16_for_rw = false;
1313 sdev->use_10_for_ms = false;
1315 case 10: /* suggest 10 byte RWs and 6 byte MODE SENSE/SELECT */
1316 sdev->use_10_for_rw = true;
1317 sdev->use_16_for_rw = false;
1318 sdev->use_10_for_ms = false;
1320 case 12: /* suggest 10 byte RWs and 10 byte MODE SENSE/SELECT */
1321 sdev->use_10_for_rw = true;
1322 sdev->use_16_for_rw = false;
1323 sdev->use_10_for_ms = true;
1326 sdev->use_10_for_rw = false;
1327 sdev->use_16_for_rw = true;
1328 sdev->use_10_for_ms = true;
1330 case 32: /* No knobs to suggest this so same as 16 for now */
1331 sdev->use_10_for_rw = false;
1332 sdev->use_16_for_rw = true;
1333 sdev->use_10_for_ms = true;
1336 pr_warn("unexpected cdb_len=%d, force to 10\n",
1338 sdev->use_10_for_rw = true;
1339 sdev->use_16_for_rw = false;
1340 sdev->use_10_for_ms = false;
1341 sdebug_cdb_len = 10;
1346 static void all_config_cdb_len(void)
1348 struct sdebug_host_info *sdbg_host;
1349 struct Scsi_Host *shost;
1350 struct scsi_device *sdev;
1352 mutex_lock(&sdebug_host_list_mutex);
1353 list_for_each_entry(sdbg_host, &sdebug_host_list, host_list) {
1354 shost = sdbg_host->shost;
1355 shost_for_each_device(sdev, shost) {
1356 config_cdb_len(sdev);
1359 mutex_unlock(&sdebug_host_list_mutex);
1362 static void clear_luns_changed_on_target(struct sdebug_dev_info *devip)
1364 struct sdebug_host_info *sdhp = devip->sdbg_host;
1365 struct sdebug_dev_info *dp;
1367 list_for_each_entry(dp, &sdhp->dev_info_list, dev_list) {
1368 if ((devip->sdbg_host == dp->sdbg_host) &&
1369 (devip->target == dp->target)) {
1370 clear_bit(SDEBUG_UA_LUNS_CHANGED, dp->uas_bm);
1375 static int make_ua(struct scsi_cmnd *scp, struct sdebug_dev_info *devip)
1379 k = find_first_bit(devip->uas_bm, SDEBUG_NUM_UAS);
1380 if (k != SDEBUG_NUM_UAS) {
1381 const char *cp = NULL;
1385 mk_sense_buffer(scp, UNIT_ATTENTION, UA_RESET_ASC,
1386 POWER_ON_RESET_ASCQ);
1388 cp = "power on reset";
1390 case SDEBUG_UA_POOCCUR:
1391 mk_sense_buffer(scp, UNIT_ATTENTION, UA_RESET_ASC,
1392 POWER_ON_OCCURRED_ASCQ);
1394 cp = "power on occurred";
1396 case SDEBUG_UA_BUS_RESET:
1397 mk_sense_buffer(scp, UNIT_ATTENTION, UA_RESET_ASC,
1402 case SDEBUG_UA_MODE_CHANGED:
1403 mk_sense_buffer(scp, UNIT_ATTENTION, UA_CHANGED_ASC,
1406 cp = "mode parameters changed";
1408 case SDEBUG_UA_CAPACITY_CHANGED:
1409 mk_sense_buffer(scp, UNIT_ATTENTION, UA_CHANGED_ASC,
1410 CAPACITY_CHANGED_ASCQ);
1412 cp = "capacity data changed";
1414 case SDEBUG_UA_MICROCODE_CHANGED:
1415 mk_sense_buffer(scp, UNIT_ATTENTION,
1417 MICROCODE_CHANGED_ASCQ);
1419 cp = "microcode has been changed";
1421 case SDEBUG_UA_MICROCODE_CHANGED_WO_RESET:
1422 mk_sense_buffer(scp, UNIT_ATTENTION,
1424 MICROCODE_CHANGED_WO_RESET_ASCQ);
1426 cp = "microcode has been changed without reset";
1428 case SDEBUG_UA_LUNS_CHANGED:
1430 * SPC-3 behavior is to report a UNIT ATTENTION with
1431 * ASC/ASCQ REPORTED LUNS DATA HAS CHANGED on every LUN
1432 * on the target, until a REPORT LUNS command is
1433 * received. SPC-4 behavior is to report it only once.
1434 * NOTE: sdebug_scsi_level does not use the same
1435 * values as struct scsi_device->scsi_level.
1437 if (sdebug_scsi_level >= 6) /* SPC-4 and above */
1438 clear_luns_changed_on_target(devip);
1439 mk_sense_buffer(scp, UNIT_ATTENTION,
1443 cp = "reported luns data has changed";
1446 pr_warn("unexpected unit attention code=%d\n", k);
1451 clear_bit(k, devip->uas_bm);
1453 sdev_printk(KERN_INFO, scp->device,
1454 "%s reports: Unit attention: %s\n",
1456 return check_condition_result;
1461 /* Build SCSI "data-in" buffer. Returns 0 if ok else (DID_ERROR << 16). */
1462 static int fill_from_dev_buffer(struct scsi_cmnd *scp, unsigned char *arr,
1466 struct scsi_data_buffer *sdb = &scp->sdb;
1470 if (scp->sc_data_direction != DMA_FROM_DEVICE)
1471 return DID_ERROR << 16;
1473 act_len = sg_copy_from_buffer(sdb->table.sgl, sdb->table.nents,
1475 scsi_set_resid(scp, scsi_bufflen(scp) - act_len);
1480 /* Partial build of SCSI "data-in" buffer. Returns 0 if ok else
1481 * (DID_ERROR << 16). Can write to offset in data-in buffer. If multiple
1482 * calls, not required to write in ascending offset order. Assumes resid
1483 * set to scsi_bufflen() prior to any calls.
1485 static int p_fill_from_dev_buffer(struct scsi_cmnd *scp, const void *arr,
1486 int arr_len, unsigned int off_dst)
1488 unsigned int act_len, n;
1489 struct scsi_data_buffer *sdb = &scp->sdb;
1490 off_t skip = off_dst;
1492 if (sdb->length <= off_dst)
1494 if (scp->sc_data_direction != DMA_FROM_DEVICE)
1495 return DID_ERROR << 16;
1497 act_len = sg_pcopy_from_buffer(sdb->table.sgl, sdb->table.nents,
1498 arr, arr_len, skip);
1499 pr_debug("%s: off_dst=%u, scsi_bufflen=%u, act_len=%u, resid=%d\n",
1500 __func__, off_dst, scsi_bufflen(scp), act_len,
1501 scsi_get_resid(scp));
1502 n = scsi_bufflen(scp) - (off_dst + act_len);
1503 scsi_set_resid(scp, min_t(u32, scsi_get_resid(scp), n));
1507 /* Fetches from SCSI "data-out" buffer. Returns number of bytes fetched into
1508 * 'arr' or -1 if error.
1510 static int fetch_to_dev_buffer(struct scsi_cmnd *scp, unsigned char *arr,
1513 if (!scsi_bufflen(scp))
1515 if (scp->sc_data_direction != DMA_TO_DEVICE)
1518 return scsi_sg_copy_to_buffer(scp, arr, arr_len);
1522 static char sdebug_inq_vendor_id[9] = "Linux ";
1523 static char sdebug_inq_product_id[17] = "scsi_debug ";
1524 static char sdebug_inq_product_rev[5] = SDEBUG_VERSION;
1525 /* Use some locally assigned NAAs for SAS addresses. */
1526 static const u64 naa3_comp_a = 0x3222222000000000ULL;
1527 static const u64 naa3_comp_b = 0x3333333000000000ULL;
1528 static const u64 naa3_comp_c = 0x3111111000000000ULL;
1530 /* Device identification VPD page. Returns number of bytes placed in arr */
1531 static int inquiry_vpd_83(unsigned char *arr, int port_group_id,
1532 int target_dev_id, int dev_id_num,
1533 const char *dev_id_str, int dev_id_str_len,
1534 const uuid_t *lu_name)
1539 port_a = target_dev_id + 1;
1540 /* T10 vendor identifier field format (faked) */
1541 arr[0] = 0x2; /* ASCII */
1544 memcpy(&arr[4], sdebug_inq_vendor_id, 8);
1545 memcpy(&arr[12], sdebug_inq_product_id, 16);
1546 memcpy(&arr[28], dev_id_str, dev_id_str_len);
1547 num = 8 + 16 + dev_id_str_len;
1550 if (dev_id_num >= 0) {
1551 if (sdebug_uuid_ctl) {
1552 /* Locally assigned UUID */
1553 arr[num++] = 0x1; /* binary (not necessarily sas) */
1554 arr[num++] = 0xa; /* PIV=0, lu, naa */
1557 arr[num++] = 0x10; /* uuid type=1, locally assigned */
1559 memcpy(arr + num, lu_name, 16);
1562 /* NAA-3, Logical unit identifier (binary) */
1563 arr[num++] = 0x1; /* binary (not necessarily sas) */
1564 arr[num++] = 0x3; /* PIV=0, lu, naa */
1567 put_unaligned_be64(naa3_comp_b + dev_id_num, arr + num);
1570 /* Target relative port number */
1571 arr[num++] = 0x61; /* proto=sas, binary */
1572 arr[num++] = 0x94; /* PIV=1, target port, rel port */
1573 arr[num++] = 0x0; /* reserved */
1574 arr[num++] = 0x4; /* length */
1575 arr[num++] = 0x0; /* reserved */
1576 arr[num++] = 0x0; /* reserved */
1578 arr[num++] = 0x1; /* relative port A */
1580 /* NAA-3, Target port identifier */
1581 arr[num++] = 0x61; /* proto=sas, binary */
1582 arr[num++] = 0x93; /* piv=1, target port, naa */
1585 put_unaligned_be64(naa3_comp_a + port_a, arr + num);
1587 /* NAA-3, Target port group identifier */
1588 arr[num++] = 0x61; /* proto=sas, binary */
1589 arr[num++] = 0x95; /* piv=1, target port group id */
1594 put_unaligned_be16(port_group_id, arr + num);
1596 /* NAA-3, Target device identifier */
1597 arr[num++] = 0x61; /* proto=sas, binary */
1598 arr[num++] = 0xa3; /* piv=1, target device, naa */
1601 put_unaligned_be64(naa3_comp_a + target_dev_id, arr + num);
1603 /* SCSI name string: Target device identifier */
1604 arr[num++] = 0x63; /* proto=sas, UTF-8 */
1605 arr[num++] = 0xa8; /* piv=1, target device, SCSI name string */
1608 memcpy(arr + num, "naa.32222220", 12);
1610 snprintf(b, sizeof(b), "%08X", target_dev_id);
1611 memcpy(arr + num, b, 8);
1613 memset(arr + num, 0, 4);
1618 static unsigned char vpd84_data[] = {
1619 /* from 4th byte */ 0x22,0x22,0x22,0x0,0xbb,0x0,
1620 0x22,0x22,0x22,0x0,0xbb,0x1,
1621 0x22,0x22,0x22,0x0,0xbb,0x2,
1624 /* Software interface identification VPD page */
1625 static int inquiry_vpd_84(unsigned char *arr)
1627 memcpy(arr, vpd84_data, sizeof(vpd84_data));
1628 return sizeof(vpd84_data);
1631 /* Management network addresses VPD page */
1632 static int inquiry_vpd_85(unsigned char *arr)
1635 const char *na1 = "https://www.kernel.org/config";
1636 const char *na2 = "http://www.kernel.org/log";
1639 arr[num++] = 0x1; /* lu, storage config */
1640 arr[num++] = 0x0; /* reserved */
1645 plen = ((plen / 4) + 1) * 4;
1646 arr[num++] = plen; /* length, null termianted, padded */
1647 memcpy(arr + num, na1, olen);
1648 memset(arr + num + olen, 0, plen - olen);
1651 arr[num++] = 0x4; /* lu, logging */
1652 arr[num++] = 0x0; /* reserved */
1657 plen = ((plen / 4) + 1) * 4;
1658 arr[num++] = plen; /* length, null terminated, padded */
1659 memcpy(arr + num, na2, olen);
1660 memset(arr + num + olen, 0, plen - olen);
1666 /* SCSI ports VPD page */
1667 static int inquiry_vpd_88(unsigned char *arr, int target_dev_id)
1672 port_a = target_dev_id + 1;
1673 port_b = port_a + 1;
1674 arr[num++] = 0x0; /* reserved */
1675 arr[num++] = 0x0; /* reserved */
1677 arr[num++] = 0x1; /* relative port 1 (primary) */
1678 memset(arr + num, 0, 6);
1681 arr[num++] = 12; /* length tp descriptor */
1682 /* naa-5 target port identifier (A) */
1683 arr[num++] = 0x61; /* proto=sas, binary */
1684 arr[num++] = 0x93; /* PIV=1, target port, NAA */
1685 arr[num++] = 0x0; /* reserved */
1686 arr[num++] = 0x8; /* length */
1687 put_unaligned_be64(naa3_comp_a + port_a, arr + num);
1689 arr[num++] = 0x0; /* reserved */
1690 arr[num++] = 0x0; /* reserved */
1692 arr[num++] = 0x2; /* relative port 2 (secondary) */
1693 memset(arr + num, 0, 6);
1696 arr[num++] = 12; /* length tp descriptor */
1697 /* naa-5 target port identifier (B) */
1698 arr[num++] = 0x61; /* proto=sas, binary */
1699 arr[num++] = 0x93; /* PIV=1, target port, NAA */
1700 arr[num++] = 0x0; /* reserved */
1701 arr[num++] = 0x8; /* length */
1702 put_unaligned_be64(naa3_comp_a + port_b, arr + num);
1709 static unsigned char vpd89_data[] = {
1710 /* from 4th byte */ 0,0,0,0,
1711 'l','i','n','u','x',' ',' ',' ',
1712 'S','A','T',' ','s','c','s','i','_','d','e','b','u','g',' ',' ',
1714 0x34,0,0,0,1,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,
1716 0x5a,0xc,0xff,0x3f,0x37,0xc8,0x10,0,0,0,0,0,0x3f,0,0,0,
1717 0,0,0,0,0x58,0x58,0x58,0x58,0x58,0x58,0x58,0x58,0x20,0x20,0x20,0x20,
1718 0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,0,0,0,0x40,0x4,0,0x2e,0x33,
1719 0x38,0x31,0x20,0x20,0x20,0x20,0x54,0x53,0x38,0x33,0x30,0x30,0x33,0x31,
1721 0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,
1723 0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,
1725 0,0,0,0x2f,0,0,0,0x2,0,0x2,0x7,0,0xff,0xff,0x1,0,
1726 0x3f,0,0xc1,0xff,0x3e,0,0x10,0x1,0xb0,0xf8,0x50,0x9,0,0,0x7,0,
1727 0x3,0,0x78,0,0x78,0,0xf0,0,0x78,0,0,0,0,0,0,0,
1728 0,0,0,0,0,0,0,0,0x2,0,0,0,0,0,0,0,
1729 0x7e,0,0x1b,0,0x6b,0x34,0x1,0x7d,0x3,0x40,0x69,0x34,0x1,0x3c,0x3,0x40,
1730 0x7f,0x40,0,0,0,0,0xfe,0xfe,0,0,0,0,0,0xfe,0,0,
1731 0,0,0,0,0,0,0,0,0xb0,0xf8,0x50,0x9,0,0,0,0,
1732 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
1733 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
1734 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
1735 0x1,0,0xb0,0xf8,0x50,0x9,0xb0,0xf8,0x50,0x9,0x20,0x20,0x2,0,0xb6,0x42,
1736 0,0x80,0x8a,0,0x6,0x3c,0xa,0x3c,0xff,0xff,0xc6,0x7,0,0x1,0,0x8,
1737 0xf0,0xf,0,0x10,0x2,0,0x30,0,0,0,0,0,0,0,0x6,0xfe,
1738 0,0,0x2,0,0x50,0,0x8a,0,0x4f,0x95,0,0,0x21,0,0xb,0,
1739 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
1740 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
1741 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
1742 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
1743 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
1744 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
1745 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
1746 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
1747 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
1748 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
1749 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
1750 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0xa5,0x51,
1753 /* ATA Information VPD page */
1754 static int inquiry_vpd_89(unsigned char *arr)
1756 memcpy(arr, vpd89_data, sizeof(vpd89_data));
1757 return sizeof(vpd89_data);
1761 static unsigned char vpdb0_data[] = {
1762 /* from 4th byte */ 0,0,0,4, 0,0,0x4,0, 0,0,0,64,
1763 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
1764 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
1765 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
1768 /* Block limits VPD page (SBC-3) */
1769 static int inquiry_vpd_b0(unsigned char *arr)
1773 memcpy(arr, vpdb0_data, sizeof(vpdb0_data));
1775 /* Optimal transfer length granularity */
1776 if (sdebug_opt_xferlen_exp != 0 &&
1777 sdebug_physblk_exp < sdebug_opt_xferlen_exp)
1778 gran = 1 << sdebug_opt_xferlen_exp;
1780 gran = 1 << sdebug_physblk_exp;
1781 put_unaligned_be16(gran, arr + 2);
1783 /* Maximum Transfer Length */
1784 if (sdebug_store_sectors > 0x400)
1785 put_unaligned_be32(sdebug_store_sectors, arr + 4);
1787 /* Optimal Transfer Length */
1788 put_unaligned_be32(sdebug_opt_blks, &arr[8]);
1791 /* Maximum Unmap LBA Count */
1792 put_unaligned_be32(sdebug_unmap_max_blocks, &arr[16]);
1794 /* Maximum Unmap Block Descriptor Count */
1795 put_unaligned_be32(sdebug_unmap_max_desc, &arr[20]);
1798 /* Unmap Granularity Alignment */
1799 if (sdebug_unmap_alignment) {
1800 put_unaligned_be32(sdebug_unmap_alignment, &arr[28]);
1801 arr[28] |= 0x80; /* UGAVALID */
1804 /* Optimal Unmap Granularity */
1805 put_unaligned_be32(sdebug_unmap_granularity, &arr[24]);
1807 /* Maximum WRITE SAME Length */
1808 put_unaligned_be64(sdebug_write_same_length, &arr[32]);
1810 return 0x3c; /* Mandatory page length for Logical Block Provisioning */
1813 /* Block device characteristics VPD page (SBC-3) */
1814 static int inquiry_vpd_b1(struct sdebug_dev_info *devip, unsigned char *arr)
1816 memset(arr, 0, 0x3c);
1818 arr[1] = 1; /* non rotating medium (e.g. solid state) */
1820 arr[3] = 5; /* less than 1.8" */
1825 /* Logical block provisioning VPD page (SBC-4) */
1826 static int inquiry_vpd_b2(unsigned char *arr)
1828 memset(arr, 0, 0x4);
1829 arr[0] = 0; /* threshold exponent */
1836 if (sdebug_lbprz && scsi_debug_lbp())
1837 arr[1] |= (sdebug_lbprz & 0x7) << 2; /* sbc4r07 and later */
1838 /* anc_sup=0; dp=0 (no provisioning group descriptor) */
1839 /* minimum_percentage=0; provisioning_type=0 (unknown) */
1840 /* threshold_percentage=0 */
1844 /* Zoned block device characteristics VPD page (ZBC mandatory) */
1845 static int inquiry_vpd_b6(struct sdebug_dev_info *devip, unsigned char *arr)
1847 memset(arr, 0, 0x3c);
1848 arr[0] = 0x1; /* set URSWRZ (unrestricted read in seq. wr req zone) */
1850 * Set Optimal number of open sequential write preferred zones and
1851 * Optimal number of non-sequentially written sequential write
1852 * preferred zones fields to 'not reported' (0xffffffff). Leave other
1853 * fields set to zero, apart from Max. number of open swrz_s field.
1855 put_unaligned_be32(0xffffffff, &arr[4]);
1856 put_unaligned_be32(0xffffffff, &arr[8]);
1857 if (sdeb_zbc_model == BLK_ZONED_HM && devip->max_open)
1858 put_unaligned_be32(devip->max_open, &arr[12]);
1860 put_unaligned_be32(0xffffffff, &arr[12]);
1861 if (devip->zcap < devip->zsize) {
1862 arr[19] = ZBC_CONSTANT_ZONE_START_OFFSET;
1863 put_unaligned_be64(devip->zsize, &arr[20]);
1870 #define SDEBUG_LONG_INQ_SZ 96
1871 #define SDEBUG_MAX_INQ_ARR_SZ 584
1873 static int resp_inquiry(struct scsi_cmnd *scp, struct sdebug_dev_info *devip)
1875 unsigned char pq_pdt;
1877 unsigned char *cmd = scp->cmnd;
1880 bool have_wlun, is_disk, is_zbc, is_disk_zbc;
1882 alloc_len = get_unaligned_be16(cmd + 3);
1883 arr = kzalloc(SDEBUG_MAX_INQ_ARR_SZ, GFP_ATOMIC);
1885 return DID_REQUEUE << 16;
1886 is_disk = (sdebug_ptype == TYPE_DISK);
1887 is_zbc = devip->zoned;
1888 is_disk_zbc = (is_disk || is_zbc);
1889 have_wlun = scsi_is_wlun(scp->device->lun);
1891 pq_pdt = TYPE_WLUN; /* present, wlun */
1892 else if (sdebug_no_lun_0 && (devip->lun == SDEBUG_LUN_0_VAL))
1893 pq_pdt = 0x7f; /* not present, PQ=3, PDT=0x1f */
1895 pq_pdt = (sdebug_ptype & 0x1f);
1897 if (0x2 & cmd[1]) { /* CMDDT bit set */
1898 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 1, 1);
1900 return check_condition_result;
1901 } else if (0x1 & cmd[1]) { /* EVPD bit set */
1902 int lu_id_num, port_group_id, target_dev_id;
1905 int host_no = devip->sdbg_host->shost->host_no;
1907 port_group_id = (((host_no + 1) & 0x7f) << 8) +
1908 (devip->channel & 0x7f);
1909 if (sdebug_vpd_use_hostno == 0)
1911 lu_id_num = have_wlun ? -1 : (((host_no + 1) * 2000) +
1912 (devip->target * 1000) + devip->lun);
1913 target_dev_id = ((host_no + 1) * 2000) +
1914 (devip->target * 1000) - 3;
1915 len = scnprintf(lu_id_str, 6, "%d", lu_id_num);
1916 if (0 == cmd[2]) { /* supported vital product data pages */
1917 arr[1] = cmd[2]; /*sanity */
1919 arr[n++] = 0x0; /* this page */
1920 arr[n++] = 0x80; /* unit serial number */
1921 arr[n++] = 0x83; /* device identification */
1922 arr[n++] = 0x84; /* software interface ident. */
1923 arr[n++] = 0x85; /* management network addresses */
1924 arr[n++] = 0x86; /* extended inquiry */
1925 arr[n++] = 0x87; /* mode page policy */
1926 arr[n++] = 0x88; /* SCSI ports */
1927 if (is_disk_zbc) { /* SBC or ZBC */
1928 arr[n++] = 0x89; /* ATA information */
1929 arr[n++] = 0xb0; /* Block limits */
1930 arr[n++] = 0xb1; /* Block characteristics */
1932 arr[n++] = 0xb2; /* LB Provisioning */
1934 arr[n++] = 0xb6; /* ZB dev. char. */
1936 arr[3] = n - 4; /* number of supported VPD pages */
1937 } else if (0x80 == cmd[2]) { /* unit serial number */
1938 arr[1] = cmd[2]; /*sanity */
1940 memcpy(&arr[4], lu_id_str, len);
1941 } else if (0x83 == cmd[2]) { /* device identification */
1942 arr[1] = cmd[2]; /*sanity */
1943 arr[3] = inquiry_vpd_83(&arr[4], port_group_id,
1944 target_dev_id, lu_id_num,
1947 } else if (0x84 == cmd[2]) { /* Software interface ident. */
1948 arr[1] = cmd[2]; /*sanity */
1949 arr[3] = inquiry_vpd_84(&arr[4]);
1950 } else if (0x85 == cmd[2]) { /* Management network addresses */
1951 arr[1] = cmd[2]; /*sanity */
1952 arr[3] = inquiry_vpd_85(&arr[4]);
1953 } else if (0x86 == cmd[2]) { /* extended inquiry */
1954 arr[1] = cmd[2]; /*sanity */
1955 arr[3] = 0x3c; /* number of following entries */
1956 if (sdebug_dif == T10_PI_TYPE3_PROTECTION)
1957 arr[4] = 0x4; /* SPT: GRD_CHK:1 */
1958 else if (have_dif_prot)
1959 arr[4] = 0x5; /* SPT: GRD_CHK:1, REF_CHK:1 */
1961 arr[4] = 0x0; /* no protection stuff */
1962 arr[5] = 0x7; /* head of q, ordered + simple q's */
1963 } else if (0x87 == cmd[2]) { /* mode page policy */
1964 arr[1] = cmd[2]; /*sanity */
1965 arr[3] = 0x8; /* number of following entries */
1966 arr[4] = 0x2; /* disconnect-reconnect mp */
1967 arr[6] = 0x80; /* mlus, shared */
1968 arr[8] = 0x18; /* protocol specific lu */
1969 arr[10] = 0x82; /* mlus, per initiator port */
1970 } else if (0x88 == cmd[2]) { /* SCSI Ports */
1971 arr[1] = cmd[2]; /*sanity */
1972 arr[3] = inquiry_vpd_88(&arr[4], target_dev_id);
1973 } else if (is_disk_zbc && 0x89 == cmd[2]) { /* ATA info */
1974 arr[1] = cmd[2]; /*sanity */
1975 n = inquiry_vpd_89(&arr[4]);
1976 put_unaligned_be16(n, arr + 2);
1977 } else if (is_disk_zbc && 0xb0 == cmd[2]) { /* Block limits */
1978 arr[1] = cmd[2]; /*sanity */
1979 arr[3] = inquiry_vpd_b0(&arr[4]);
1980 } else if (is_disk_zbc && 0xb1 == cmd[2]) { /* Block char. */
1981 arr[1] = cmd[2]; /*sanity */
1982 arr[3] = inquiry_vpd_b1(devip, &arr[4]);
1983 } else if (is_disk && 0xb2 == cmd[2]) { /* LB Prov. */
1984 arr[1] = cmd[2]; /*sanity */
1985 arr[3] = inquiry_vpd_b2(&arr[4]);
1986 } else if (is_zbc && cmd[2] == 0xb6) { /* ZB dev. charact. */
1987 arr[1] = cmd[2]; /*sanity */
1988 arr[3] = inquiry_vpd_b6(devip, &arr[4]);
1990 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 2, -1);
1992 return check_condition_result;
1994 len = min_t(u32, get_unaligned_be16(arr + 2) + 4, alloc_len);
1995 ret = fill_from_dev_buffer(scp, arr,
1996 min_t(u32, len, SDEBUG_MAX_INQ_ARR_SZ));
2000 /* drops through here for a standard inquiry */
2001 arr[1] = sdebug_removable ? 0x80 : 0; /* Removable disk */
2002 arr[2] = sdebug_scsi_level;
2003 arr[3] = 2; /* response_data_format==2 */
2004 arr[4] = SDEBUG_LONG_INQ_SZ - 5;
2005 arr[5] = (int)have_dif_prot; /* PROTECT bit */
2006 if (sdebug_vpd_use_hostno == 0)
2007 arr[5] |= 0x10; /* claim: implicit TPGS */
2008 arr[6] = 0x10; /* claim: MultiP */
2009 /* arr[6] |= 0x40; ... claim: EncServ (enclosure services) */
2010 arr[7] = 0xa; /* claim: LINKED + CMDQUE */
2011 memcpy(&arr[8], sdebug_inq_vendor_id, 8);
2012 memcpy(&arr[16], sdebug_inq_product_id, 16);
2013 memcpy(&arr[32], sdebug_inq_product_rev, 4);
2014 /* Use Vendor Specific area to place driver date in ASCII hex */
2015 memcpy(&arr[36], sdebug_version_date, 8);
2016 /* version descriptors (2 bytes each) follow */
2017 put_unaligned_be16(0xc0, arr + 58); /* SAM-6 no version claimed */
2018 put_unaligned_be16(0x5c0, arr + 60); /* SPC-5 no version claimed */
2020 if (is_disk) { /* SBC-4 no version claimed */
2021 put_unaligned_be16(0x600, arr + n);
2023 } else if (sdebug_ptype == TYPE_TAPE) { /* SSC-4 rev 3 */
2024 put_unaligned_be16(0x525, arr + n);
2026 } else if (is_zbc) { /* ZBC BSR INCITS 536 revision 05 */
2027 put_unaligned_be16(0x624, arr + n);
2030 put_unaligned_be16(0x2100, arr + n); /* SPL-4 no version claimed */
2031 ret = fill_from_dev_buffer(scp, arr,
2032 min_t(u32, alloc_len, SDEBUG_LONG_INQ_SZ));
2037 /* See resp_iec_m_pg() for how this data is manipulated */
2038 static unsigned char iec_m_pg[] = {0x1c, 0xa, 0x08, 0, 0, 0, 0, 0,
2041 static int resp_requests(struct scsi_cmnd *scp,
2042 struct sdebug_dev_info *devip)
2044 unsigned char *cmd = scp->cmnd;
2045 unsigned char arr[SCSI_SENSE_BUFFERSIZE]; /* assume >= 18 bytes */
2046 bool dsense = !!(cmd[1] & 1);
2047 u32 alloc_len = cmd[4];
2049 int stopped_state = atomic_read(&devip->stopped);
2051 memset(arr, 0, sizeof(arr));
2052 if (stopped_state > 0) { /* some "pollable" data [spc6r02: 5.12.2] */
2056 arr[2] = LOGICAL_UNIT_NOT_READY;
2057 arr[3] = (stopped_state == 2) ? 0x1 : 0x2;
2061 arr[2] = NOT_READY; /* NO_SENSE in sense_key */
2062 arr[7] = 0xa; /* 18 byte sense buffer */
2063 arr[12] = LOGICAL_UNIT_NOT_READY;
2064 arr[13] = (stopped_state == 2) ? 0x1 : 0x2;
2066 } else if ((iec_m_pg[2] & 0x4) && (6 == (iec_m_pg[3] & 0xf))) {
2067 /* Information exceptions control mode page: TEST=1, MRIE=6 */
2070 arr[1] = 0x0; /* NO_SENSE in sense_key */
2071 arr[2] = THRESHOLD_EXCEEDED;
2072 arr[3] = 0xff; /* Failure prediction(false) */
2076 arr[2] = 0x0; /* NO_SENSE in sense_key */
2077 arr[7] = 0xa; /* 18 byte sense buffer */
2078 arr[12] = THRESHOLD_EXCEEDED;
2079 arr[13] = 0xff; /* Failure prediction(false) */
2081 } else { /* nothing to report */
2084 memset(arr, 0, len);
2087 memset(arr, 0, len);
2092 return fill_from_dev_buffer(scp, arr, min_t(u32, len, alloc_len));
2095 static int resp_start_stop(struct scsi_cmnd *scp, struct sdebug_dev_info *devip)
2097 unsigned char *cmd = scp->cmnd;
2098 int power_cond, want_stop, stopped_state;
2101 power_cond = (cmd[4] & 0xf0) >> 4;
2103 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 4, 7);
2104 return check_condition_result;
2106 want_stop = !(cmd[4] & 1);
2107 stopped_state = atomic_read(&devip->stopped);
2108 if (stopped_state == 2) {
2109 ktime_t now_ts = ktime_get_boottime();
2111 if (ktime_to_ns(now_ts) > ktime_to_ns(devip->create_ts)) {
2112 u64 diff_ns = ktime_to_ns(ktime_sub(now_ts, devip->create_ts));
2114 if (diff_ns >= ((u64)sdeb_tur_ms_to_ready * 1000000)) {
2115 /* tur_ms_to_ready timer extinguished */
2116 atomic_set(&devip->stopped, 0);
2120 if (stopped_state == 2) {
2122 stopped_state = 1; /* dummy up success */
2123 } else { /* Disallow tur_ms_to_ready delay to be overridden */
2124 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 4, 0 /* START bit */);
2125 return check_condition_result;
2129 changing = (stopped_state != want_stop);
2131 atomic_xchg(&devip->stopped, want_stop);
2132 if (!changing || (cmd[1] & 0x1)) /* state unchanged or IMMED bit set in cdb */
2133 return SDEG_RES_IMMED_MASK;
2138 static sector_t get_sdebug_capacity(void)
2140 static const unsigned int gibibyte = 1073741824;
2142 if (sdebug_virtual_gb > 0)
2143 return (sector_t)sdebug_virtual_gb *
2144 (gibibyte / sdebug_sector_size);
2146 return sdebug_store_sectors;
2149 #define SDEBUG_READCAP_ARR_SZ 8
2150 static int resp_readcap(struct scsi_cmnd *scp,
2151 struct sdebug_dev_info *devip)
2153 unsigned char arr[SDEBUG_READCAP_ARR_SZ];
2156 /* following just in case virtual_gb changed */
2157 sdebug_capacity = get_sdebug_capacity();
2158 memset(arr, 0, SDEBUG_READCAP_ARR_SZ);
2159 if (sdebug_capacity < 0xffffffff) {
2160 capac = (unsigned int)sdebug_capacity - 1;
2161 put_unaligned_be32(capac, arr + 0);
2163 put_unaligned_be32(0xffffffff, arr + 0);
2164 put_unaligned_be16(sdebug_sector_size, arr + 6);
2165 return fill_from_dev_buffer(scp, arr, SDEBUG_READCAP_ARR_SZ);
2168 #define SDEBUG_READCAP16_ARR_SZ 32
2169 static int resp_readcap16(struct scsi_cmnd *scp,
2170 struct sdebug_dev_info *devip)
2172 unsigned char *cmd = scp->cmnd;
2173 unsigned char arr[SDEBUG_READCAP16_ARR_SZ];
2176 alloc_len = get_unaligned_be32(cmd + 10);
2177 /* following just in case virtual_gb changed */
2178 sdebug_capacity = get_sdebug_capacity();
2179 memset(arr, 0, SDEBUG_READCAP16_ARR_SZ);
2180 put_unaligned_be64((u64)(sdebug_capacity - 1), arr + 0);
2181 put_unaligned_be32(sdebug_sector_size, arr + 8);
2182 arr[13] = sdebug_physblk_exp & 0xf;
2183 arr[14] = (sdebug_lowest_aligned >> 8) & 0x3f;
2185 if (scsi_debug_lbp()) {
2186 arr[14] |= 0x80; /* LBPME */
2187 /* from sbc4r07, this LBPRZ field is 1 bit, but the LBPRZ in
2188 * the LB Provisioning VPD page is 3 bits. Note that lbprz=2
2189 * in the wider field maps to 0 in this field.
2191 if (sdebug_lbprz & 1) /* precisely what the draft requires */
2196 * Since the scsi_debug READ CAPACITY implementation always reports the
2197 * total disk capacity, set RC BASIS = 1 for host-managed ZBC devices.
2202 arr[15] = sdebug_lowest_aligned & 0xff;
2204 if (have_dif_prot) {
2205 arr[12] = (sdebug_dif - 1) << 1; /* P_TYPE */
2206 arr[12] |= 1; /* PROT_EN */
2209 return fill_from_dev_buffer(scp, arr,
2210 min_t(u32, alloc_len, SDEBUG_READCAP16_ARR_SZ));
2213 #define SDEBUG_MAX_TGTPGS_ARR_SZ 1412
2215 static int resp_report_tgtpgs(struct scsi_cmnd *scp,
2216 struct sdebug_dev_info *devip)
2218 unsigned char *cmd = scp->cmnd;
2220 int host_no = devip->sdbg_host->shost->host_no;
2221 int port_group_a, port_group_b, port_a, port_b;
2225 alen = get_unaligned_be32(cmd + 6);
2226 arr = kzalloc(SDEBUG_MAX_TGTPGS_ARR_SZ, GFP_ATOMIC);
2228 return DID_REQUEUE << 16;
2230 * EVPD page 0x88 states we have two ports, one
2231 * real and a fake port with no device connected.
2232 * So we create two port groups with one port each
2233 * and set the group with port B to unavailable.
2235 port_a = 0x1; /* relative port A */
2236 port_b = 0x2; /* relative port B */
2237 port_group_a = (((host_no + 1) & 0x7f) << 8) +
2238 (devip->channel & 0x7f);
2239 port_group_b = (((host_no + 1) & 0x7f) << 8) +
2240 (devip->channel & 0x7f) + 0x80;
2243 * The asymmetric access state is cycled according to the host_id.
2246 if (sdebug_vpd_use_hostno == 0) {
2247 arr[n++] = host_no % 3; /* Asymm access state */
2248 arr[n++] = 0x0F; /* claim: all states are supported */
2250 arr[n++] = 0x0; /* Active/Optimized path */
2251 arr[n++] = 0x01; /* only support active/optimized paths */
2253 put_unaligned_be16(port_group_a, arr + n);
2255 arr[n++] = 0; /* Reserved */
2256 arr[n++] = 0; /* Status code */
2257 arr[n++] = 0; /* Vendor unique */
2258 arr[n++] = 0x1; /* One port per group */
2259 arr[n++] = 0; /* Reserved */
2260 arr[n++] = 0; /* Reserved */
2261 put_unaligned_be16(port_a, arr + n);
2263 arr[n++] = 3; /* Port unavailable */
2264 arr[n++] = 0x08; /* claim: only unavailalbe paths are supported */
2265 put_unaligned_be16(port_group_b, arr + n);
2267 arr[n++] = 0; /* Reserved */
2268 arr[n++] = 0; /* Status code */
2269 arr[n++] = 0; /* Vendor unique */
2270 arr[n++] = 0x1; /* One port per group */
2271 arr[n++] = 0; /* Reserved */
2272 arr[n++] = 0; /* Reserved */
2273 put_unaligned_be16(port_b, arr + n);
2277 put_unaligned_be32(rlen, arr + 0);
2280 * Return the smallest value of either
2281 * - The allocated length
2282 * - The constructed command length
2283 * - The maximum array size
2285 rlen = min(alen, n);
2286 ret = fill_from_dev_buffer(scp, arr,
2287 min_t(u32, rlen, SDEBUG_MAX_TGTPGS_ARR_SZ));
2292 static int resp_rsup_opcodes(struct scsi_cmnd *scp,
2293 struct sdebug_dev_info *devip)
2296 u8 reporting_opts, req_opcode, sdeb_i, supp;
2298 u32 alloc_len, a_len;
2299 int k, offset, len, errsts, count, bump, na;
2300 const struct opcode_info_t *oip;
2301 const struct opcode_info_t *r_oip;
2303 u8 *cmd = scp->cmnd;
2305 rctd = !!(cmd[2] & 0x80);
2306 reporting_opts = cmd[2] & 0x7;
2307 req_opcode = cmd[3];
2308 req_sa = get_unaligned_be16(cmd + 4);
2309 alloc_len = get_unaligned_be32(cmd + 6);
2310 if (alloc_len < 4 || alloc_len > 0xffff) {
2311 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 6, -1);
2312 return check_condition_result;
2314 if (alloc_len > 8192)
2318 arr = kzalloc((a_len < 256) ? 320 : a_len + 64, GFP_ATOMIC);
2320 mk_sense_buffer(scp, ILLEGAL_REQUEST, INSUFF_RES_ASC,
2322 return check_condition_result;
2324 switch (reporting_opts) {
2325 case 0: /* all commands */
2326 /* count number of commands */
2327 for (count = 0, oip = opcode_info_arr;
2328 oip->num_attached != 0xff; ++oip) {
2329 if (F_INV_OP & oip->flags)
2331 count += (oip->num_attached + 1);
2333 bump = rctd ? 20 : 8;
2334 put_unaligned_be32(count * bump, arr);
2335 for (offset = 4, oip = opcode_info_arr;
2336 oip->num_attached != 0xff && offset < a_len; ++oip) {
2337 if (F_INV_OP & oip->flags)
2339 na = oip->num_attached;
2340 arr[offset] = oip->opcode;
2341 put_unaligned_be16(oip->sa, arr + offset + 2);
2343 arr[offset + 5] |= 0x2;
2344 if (FF_SA & oip->flags)
2345 arr[offset + 5] |= 0x1;
2346 put_unaligned_be16(oip->len_mask[0], arr + offset + 6);
2348 put_unaligned_be16(0xa, arr + offset + 8);
2350 for (k = 0, oip = oip->arrp; k < na; ++k, ++oip) {
2351 if (F_INV_OP & oip->flags)
2354 arr[offset] = oip->opcode;
2355 put_unaligned_be16(oip->sa, arr + offset + 2);
2357 arr[offset + 5] |= 0x2;
2358 if (FF_SA & oip->flags)
2359 arr[offset + 5] |= 0x1;
2360 put_unaligned_be16(oip->len_mask[0],
2363 put_unaligned_be16(0xa,
2370 case 1: /* one command: opcode only */
2371 case 2: /* one command: opcode plus service action */
2372 case 3: /* one command: if sa==0 then opcode only else opcode+sa */
2373 sdeb_i = opcode_ind_arr[req_opcode];
2374 oip = &opcode_info_arr[sdeb_i];
2375 if (F_INV_OP & oip->flags) {
2379 if (1 == reporting_opts) {
2380 if (FF_SA & oip->flags) {
2381 mk_sense_invalid_fld(scp, SDEB_IN_CDB,
2384 return check_condition_result;
2387 } else if (2 == reporting_opts &&
2388 0 == (FF_SA & oip->flags)) {
2389 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 4, -1);
2390 kfree(arr); /* point at requested sa */
2391 return check_condition_result;
2393 if (0 == (FF_SA & oip->flags) &&
2394 req_opcode == oip->opcode)
2396 else if (0 == (FF_SA & oip->flags)) {
2397 na = oip->num_attached;
2398 for (k = 0, oip = oip->arrp; k < na;
2400 if (req_opcode == oip->opcode)
2403 supp = (k >= na) ? 1 : 3;
2404 } else if (req_sa != oip->sa) {
2405 na = oip->num_attached;
2406 for (k = 0, oip = oip->arrp; k < na;
2408 if (req_sa == oip->sa)
2411 supp = (k >= na) ? 1 : 3;
2415 u = oip->len_mask[0];
2416 put_unaligned_be16(u, arr + 2);
2417 arr[4] = oip->opcode;
2418 for (k = 1; k < u; ++k)
2419 arr[4 + k] = (k < 16) ?
2420 oip->len_mask[k] : 0xff;
2425 arr[1] = (rctd ? 0x80 : 0) | supp;
2427 put_unaligned_be16(0xa, arr + offset);
2432 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 2, 2);
2434 return check_condition_result;
2436 offset = (offset < a_len) ? offset : a_len;
2437 len = (offset < alloc_len) ? offset : alloc_len;
2438 errsts = fill_from_dev_buffer(scp, arr, len);
2443 static int resp_rsup_tmfs(struct scsi_cmnd *scp,
2444 struct sdebug_dev_info *devip)
2449 u8 *cmd = scp->cmnd;
2451 memset(arr, 0, sizeof(arr));
2452 repd = !!(cmd[2] & 0x80);
2453 alloc_len = get_unaligned_be32(cmd + 6);
2454 if (alloc_len < 4) {
2455 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 6, -1);
2456 return check_condition_result;
2458 arr[0] = 0xc8; /* ATS | ATSS | LURS */
2459 arr[1] = 0x1; /* ITNRS */
2466 len = (len < alloc_len) ? len : alloc_len;
2467 return fill_from_dev_buffer(scp, arr, len);
2470 /* <<Following mode page info copied from ST318451LW>> */
2472 static int resp_err_recov_pg(unsigned char *p, int pcontrol, int target)
2473 { /* Read-Write Error Recovery page for mode_sense */
2474 unsigned char err_recov_pg[] = {0x1, 0xa, 0xc0, 11, 240, 0, 0, 0,
2477 memcpy(p, err_recov_pg, sizeof(err_recov_pg));
2479 memset(p + 2, 0, sizeof(err_recov_pg) - 2);
2480 return sizeof(err_recov_pg);
2483 static int resp_disconnect_pg(unsigned char *p, int pcontrol, int target)
2484 { /* Disconnect-Reconnect page for mode_sense */
2485 unsigned char disconnect_pg[] = {0x2, 0xe, 128, 128, 0, 10, 0, 0,
2486 0, 0, 0, 0, 0, 0, 0, 0};
2488 memcpy(p, disconnect_pg, sizeof(disconnect_pg));
2490 memset(p + 2, 0, sizeof(disconnect_pg) - 2);
2491 return sizeof(disconnect_pg);
2494 static int resp_format_pg(unsigned char *p, int pcontrol, int target)
2495 { /* Format device page for mode_sense */
2496 unsigned char format_pg[] = {0x3, 0x16, 0, 0, 0, 0, 0, 0,
2497 0, 0, 0, 0, 0, 0, 0, 0,
2498 0, 0, 0, 0, 0x40, 0, 0, 0};
2500 memcpy(p, format_pg, sizeof(format_pg));
2501 put_unaligned_be16(sdebug_sectors_per, p + 10);
2502 put_unaligned_be16(sdebug_sector_size, p + 12);
2503 if (sdebug_removable)
2504 p[20] |= 0x20; /* should agree with INQUIRY */
2506 memset(p + 2, 0, sizeof(format_pg) - 2);
2507 return sizeof(format_pg);
2510 static unsigned char caching_pg[] = {0x8, 18, 0x14, 0, 0xff, 0xff, 0, 0,
2511 0xff, 0xff, 0xff, 0xff, 0x80, 0x14, 0, 0,
2514 static int resp_caching_pg(unsigned char *p, int pcontrol, int target)
2515 { /* Caching page for mode_sense */
2516 unsigned char ch_caching_pg[] = {/* 0x8, 18, */ 0x4, 0, 0, 0, 0, 0,
2517 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0};
2518 unsigned char d_caching_pg[] = {0x8, 18, 0x14, 0, 0xff, 0xff, 0, 0,
2519 0xff, 0xff, 0xff, 0xff, 0x80, 0x14, 0, 0, 0, 0, 0, 0};
2521 if (SDEBUG_OPT_N_WCE & sdebug_opts)
2522 caching_pg[2] &= ~0x4; /* set WCE=0 (default WCE=1) */
2523 memcpy(p, caching_pg, sizeof(caching_pg));
2525 memcpy(p + 2, ch_caching_pg, sizeof(ch_caching_pg));
2526 else if (2 == pcontrol)
2527 memcpy(p, d_caching_pg, sizeof(d_caching_pg));
2528 return sizeof(caching_pg);
2531 static unsigned char ctrl_m_pg[] = {0xa, 10, 2, 0, 0, 0, 0, 0,
2534 static int resp_ctrl_m_pg(unsigned char *p, int pcontrol, int target)
2535 { /* Control mode page for mode_sense */
2536 unsigned char ch_ctrl_m_pg[] = {/* 0xa, 10, */ 0x6, 0, 0, 0, 0, 0,
2538 unsigned char d_ctrl_m_pg[] = {0xa, 10, 2, 0, 0, 0, 0, 0,
2542 ctrl_m_pg[2] |= 0x4;
2544 ctrl_m_pg[2] &= ~0x4;
2547 ctrl_m_pg[5] |= 0x80; /* ATO=1 */
2549 memcpy(p, ctrl_m_pg, sizeof(ctrl_m_pg));
2551 memcpy(p + 2, ch_ctrl_m_pg, sizeof(ch_ctrl_m_pg));
2552 else if (2 == pcontrol)
2553 memcpy(p, d_ctrl_m_pg, sizeof(d_ctrl_m_pg));
2554 return sizeof(ctrl_m_pg);
2558 static int resp_iec_m_pg(unsigned char *p, int pcontrol, int target)
2559 { /* Informational Exceptions control mode page for mode_sense */
2560 unsigned char ch_iec_m_pg[] = {/* 0x1c, 0xa, */ 0x4, 0xf, 0, 0, 0, 0,
2562 unsigned char d_iec_m_pg[] = {0x1c, 0xa, 0x08, 0, 0, 0, 0, 0,
2565 memcpy(p, iec_m_pg, sizeof(iec_m_pg));
2567 memcpy(p + 2, ch_iec_m_pg, sizeof(ch_iec_m_pg));
2568 else if (2 == pcontrol)
2569 memcpy(p, d_iec_m_pg, sizeof(d_iec_m_pg));
2570 return sizeof(iec_m_pg);
2573 static int resp_sas_sf_m_pg(unsigned char *p, int pcontrol, int target)
2574 { /* SAS SSP mode page - short format for mode_sense */
2575 unsigned char sas_sf_m_pg[] = {0x19, 0x6,
2576 0x6, 0x0, 0x7, 0xd0, 0x0, 0x0};
2578 memcpy(p, sas_sf_m_pg, sizeof(sas_sf_m_pg));
2580 memset(p + 2, 0, sizeof(sas_sf_m_pg) - 2);
2581 return sizeof(sas_sf_m_pg);
2585 static int resp_sas_pcd_m_spg(unsigned char *p, int pcontrol, int target,
2587 { /* SAS phy control and discover mode page for mode_sense */
2588 unsigned char sas_pcd_m_pg[] = {0x59, 0x1, 0, 0x64, 0, 0x6, 0, 2,
2589 0, 0, 0, 0, 0x10, 0x9, 0x8, 0x0,
2590 0, 0, 0, 0, 0, 0, 0, 0, /* insert SAS addr */
2591 0, 0, 0, 0, 0, 0, 0, 0, /* insert SAS addr */
2592 0x2, 0, 0, 0, 0, 0, 0, 0,
2593 0x88, 0x99, 0, 0, 0, 0, 0, 0,
2594 0, 0, 0, 0, 0, 0, 0, 0,
2595 0, 1, 0, 0, 0x10, 0x9, 0x8, 0x0,
2596 0, 0, 0, 0, 0, 0, 0, 0, /* insert SAS addr */
2597 0, 0, 0, 0, 0, 0, 0, 0, /* insert SAS addr */
2598 0x3, 0, 0, 0, 0, 0, 0, 0,
2599 0x88, 0x99, 0, 0, 0, 0, 0, 0,
2600 0, 0, 0, 0, 0, 0, 0, 0,
2604 put_unaligned_be64(naa3_comp_a, sas_pcd_m_pg + 16);
2605 put_unaligned_be64(naa3_comp_c + 1, sas_pcd_m_pg + 24);
2606 put_unaligned_be64(naa3_comp_a, sas_pcd_m_pg + 64);
2607 put_unaligned_be64(naa3_comp_c + 1, sas_pcd_m_pg + 72);
2608 port_a = target_dev_id + 1;
2609 port_b = port_a + 1;
2610 memcpy(p, sas_pcd_m_pg, sizeof(sas_pcd_m_pg));
2611 put_unaligned_be32(port_a, p + 20);
2612 put_unaligned_be32(port_b, p + 48 + 20);
2614 memset(p + 4, 0, sizeof(sas_pcd_m_pg) - 4);
2615 return sizeof(sas_pcd_m_pg);
2618 static int resp_sas_sha_m_spg(unsigned char *p, int pcontrol)
2619 { /* SAS SSP shared protocol specific port mode subpage */
2620 unsigned char sas_sha_m_pg[] = {0x59, 0x2, 0, 0xc, 0, 0x6, 0x10, 0,
2621 0, 0, 0, 0, 0, 0, 0, 0,
2624 memcpy(p, sas_sha_m_pg, sizeof(sas_sha_m_pg));
2626 memset(p + 4, 0, sizeof(sas_sha_m_pg) - 4);
2627 return sizeof(sas_sha_m_pg);
2630 #define SDEBUG_MAX_MSENSE_SZ 256
2632 static int resp_mode_sense(struct scsi_cmnd *scp,
2633 struct sdebug_dev_info *devip)
2635 int pcontrol, pcode, subpcode, bd_len;
2636 unsigned char dev_spec;
2637 u32 alloc_len, offset, len;
2639 int target = scp->device->id;
2641 unsigned char arr[SDEBUG_MAX_MSENSE_SZ];
2642 unsigned char *cmd = scp->cmnd;
2643 bool dbd, llbaa, msense_6, is_disk, is_zbc, bad_pcode;
2645 dbd = !!(cmd[1] & 0x8); /* disable block descriptors */
2646 pcontrol = (cmd[2] & 0xc0) >> 6;
2647 pcode = cmd[2] & 0x3f;
2649 msense_6 = (MODE_SENSE == cmd[0]);
2650 llbaa = msense_6 ? false : !!(cmd[1] & 0x10);
2651 is_disk = (sdebug_ptype == TYPE_DISK);
2652 is_zbc = devip->zoned;
2653 if ((is_disk || is_zbc) && !dbd)
2654 bd_len = llbaa ? 16 : 8;
2657 alloc_len = msense_6 ? cmd[4] : get_unaligned_be16(cmd + 7);
2658 memset(arr, 0, SDEBUG_MAX_MSENSE_SZ);
2659 if (0x3 == pcontrol) { /* Saving values not supported */
2660 mk_sense_buffer(scp, ILLEGAL_REQUEST, SAVING_PARAMS_UNSUP, 0);
2661 return check_condition_result;
2663 target_dev_id = ((devip->sdbg_host->shost->host_no + 1) * 2000) +
2664 (devip->target * 1000) - 3;
2665 /* for disks+zbc set DPOFUA bit and clear write protect (WP) bit */
2666 if (is_disk || is_zbc) {
2667 dev_spec = 0x10; /* =0x90 if WP=1 implies read-only */
2679 arr[4] = 0x1; /* set LONGLBA bit */
2680 arr[7] = bd_len; /* assume 255 or less */
2684 if ((bd_len > 0) && (!sdebug_capacity))
2685 sdebug_capacity = get_sdebug_capacity();
2688 if (sdebug_capacity > 0xfffffffe)
2689 put_unaligned_be32(0xffffffff, ap + 0);
2691 put_unaligned_be32(sdebug_capacity, ap + 0);
2692 put_unaligned_be16(sdebug_sector_size, ap + 6);
2695 } else if (16 == bd_len) {
2696 put_unaligned_be64((u64)sdebug_capacity, ap + 0);
2697 put_unaligned_be32(sdebug_sector_size, ap + 12);
2702 if ((subpcode > 0x0) && (subpcode < 0xff) && (0x19 != pcode)) {
2703 /* TODO: Control Extension page */
2704 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 3, -1);
2705 return check_condition_result;
2710 case 0x1: /* Read-Write error recovery page, direct access */
2711 len = resp_err_recov_pg(ap, pcontrol, target);
2714 case 0x2: /* Disconnect-Reconnect page, all devices */
2715 len = resp_disconnect_pg(ap, pcontrol, target);
2718 case 0x3: /* Format device page, direct access */
2720 len = resp_format_pg(ap, pcontrol, target);
2725 case 0x8: /* Caching page, direct access */
2726 if (is_disk || is_zbc) {
2727 len = resp_caching_pg(ap, pcontrol, target);
2732 case 0xa: /* Control Mode page, all devices */
2733 len = resp_ctrl_m_pg(ap, pcontrol, target);
2736 case 0x19: /* if spc==1 then sas phy, control+discover */
2737 if ((subpcode > 0x2) && (subpcode < 0xff)) {
2738 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 3, -1);
2739 return check_condition_result;
2742 if ((0x0 == subpcode) || (0xff == subpcode))
2743 len += resp_sas_sf_m_pg(ap + len, pcontrol, target);
2744 if ((0x1 == subpcode) || (0xff == subpcode))
2745 len += resp_sas_pcd_m_spg(ap + len, pcontrol, target,
2747 if ((0x2 == subpcode) || (0xff == subpcode))
2748 len += resp_sas_sha_m_spg(ap + len, pcontrol);
2751 case 0x1c: /* Informational Exceptions Mode page, all devices */
2752 len = resp_iec_m_pg(ap, pcontrol, target);
2755 case 0x3f: /* Read all Mode pages */
2756 if ((0 == subpcode) || (0xff == subpcode)) {
2757 len = resp_err_recov_pg(ap, pcontrol, target);
2758 len += resp_disconnect_pg(ap + len, pcontrol, target);
2760 len += resp_format_pg(ap + len, pcontrol,
2762 len += resp_caching_pg(ap + len, pcontrol,
2764 } else if (is_zbc) {
2765 len += resp_caching_pg(ap + len, pcontrol,
2768 len += resp_ctrl_m_pg(ap + len, pcontrol, target);
2769 len += resp_sas_sf_m_pg(ap + len, pcontrol, target);
2770 if (0xff == subpcode) {
2771 len += resp_sas_pcd_m_spg(ap + len, pcontrol,
2772 target, target_dev_id);
2773 len += resp_sas_sha_m_spg(ap + len, pcontrol);
2775 len += resp_iec_m_pg(ap + len, pcontrol, target);
2778 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 3, -1);
2779 return check_condition_result;
2787 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 2, 5);
2788 return check_condition_result;
2791 arr[0] = offset - 1;
2793 put_unaligned_be16((offset - 2), arr + 0);
2794 return fill_from_dev_buffer(scp, arr, min_t(u32, alloc_len, offset));
2797 #define SDEBUG_MAX_MSELECT_SZ 512
2799 static int resp_mode_select(struct scsi_cmnd *scp,
2800 struct sdebug_dev_info *devip)
2802 int pf, sp, ps, md_len, bd_len, off, spf, pg_len;
2803 int param_len, res, mpage;
2804 unsigned char arr[SDEBUG_MAX_MSELECT_SZ];
2805 unsigned char *cmd = scp->cmnd;
2806 int mselect6 = (MODE_SELECT == cmd[0]);
2808 memset(arr, 0, sizeof(arr));
2811 param_len = mselect6 ? cmd[4] : get_unaligned_be16(cmd + 7);
2812 if ((0 == pf) || sp || (param_len > SDEBUG_MAX_MSELECT_SZ)) {
2813 mk_sense_invalid_fld(scp, SDEB_IN_CDB, mselect6 ? 4 : 7, -1);
2814 return check_condition_result;
2816 res = fetch_to_dev_buffer(scp, arr, param_len);
2818 return DID_ERROR << 16;
2819 else if (sdebug_verbose && (res < param_len))
2820 sdev_printk(KERN_INFO, scp->device,
2821 "%s: cdb indicated=%d, IO sent=%d bytes\n",
2822 __func__, param_len, res);
2823 md_len = mselect6 ? (arr[0] + 1) : (get_unaligned_be16(arr + 0) + 2);
2824 bd_len = mselect6 ? arr[3] : get_unaligned_be16(arr + 6);
2825 off = bd_len + (mselect6 ? 4 : 8);
2826 if (md_len > 2 || off >= res) {
2827 mk_sense_invalid_fld(scp, SDEB_IN_DATA, 0, -1);
2828 return check_condition_result;
2830 mpage = arr[off] & 0x3f;
2831 ps = !!(arr[off] & 0x80);
2833 mk_sense_invalid_fld(scp, SDEB_IN_DATA, off, 7);
2834 return check_condition_result;
2836 spf = !!(arr[off] & 0x40);
2837 pg_len = spf ? (get_unaligned_be16(arr + off + 2) + 4) :
2839 if ((pg_len + off) > param_len) {
2840 mk_sense_buffer(scp, ILLEGAL_REQUEST,
2841 PARAMETER_LIST_LENGTH_ERR, 0);
2842 return check_condition_result;
2845 case 0x8: /* Caching Mode page */
2846 if (caching_pg[1] == arr[off + 1]) {
2847 memcpy(caching_pg + 2, arr + off + 2,
2848 sizeof(caching_pg) - 2);
2849 goto set_mode_changed_ua;
2852 case 0xa: /* Control Mode page */
2853 if (ctrl_m_pg[1] == arr[off + 1]) {
2854 memcpy(ctrl_m_pg + 2, arr + off + 2,
2855 sizeof(ctrl_m_pg) - 2);
2856 if (ctrl_m_pg[4] & 0x8)
2860 sdebug_dsense = !!(ctrl_m_pg[2] & 0x4);
2861 goto set_mode_changed_ua;
2864 case 0x1c: /* Informational Exceptions Mode page */
2865 if (iec_m_pg[1] == arr[off + 1]) {
2866 memcpy(iec_m_pg + 2, arr + off + 2,
2867 sizeof(iec_m_pg) - 2);
2868 goto set_mode_changed_ua;
2874 mk_sense_invalid_fld(scp, SDEB_IN_DATA, off, 5);
2875 return check_condition_result;
2876 set_mode_changed_ua:
2877 set_bit(SDEBUG_UA_MODE_CHANGED, devip->uas_bm);
2881 static int resp_temp_l_pg(unsigned char *arr)
2883 unsigned char temp_l_pg[] = {0x0, 0x0, 0x3, 0x2, 0x0, 38,
2884 0x0, 0x1, 0x3, 0x2, 0x0, 65,
2887 memcpy(arr, temp_l_pg, sizeof(temp_l_pg));
2888 return sizeof(temp_l_pg);
2891 static int resp_ie_l_pg(unsigned char *arr)
2893 unsigned char ie_l_pg[] = {0x0, 0x0, 0x3, 0x3, 0x0, 0x0, 38,
2896 memcpy(arr, ie_l_pg, sizeof(ie_l_pg));
2897 if (iec_m_pg[2] & 0x4) { /* TEST bit set */
2898 arr[4] = THRESHOLD_EXCEEDED;
2901 return sizeof(ie_l_pg);
2904 static int resp_env_rep_l_spg(unsigned char *arr)
2906 unsigned char env_rep_l_spg[] = {0x0, 0x0, 0x23, 0x8,
2907 0x0, 40, 72, 0xff, 45, 18, 0, 0,
2908 0x1, 0x0, 0x23, 0x8,
2909 0x0, 55, 72, 35, 55, 45, 0, 0,
2912 memcpy(arr, env_rep_l_spg, sizeof(env_rep_l_spg));
2913 return sizeof(env_rep_l_spg);
2916 #define SDEBUG_MAX_LSENSE_SZ 512
2918 static int resp_log_sense(struct scsi_cmnd *scp,
2919 struct sdebug_dev_info *devip)
2921 int ppc, sp, pcode, subpcode;
2922 u32 alloc_len, len, n;
2923 unsigned char arr[SDEBUG_MAX_LSENSE_SZ];
2924 unsigned char *cmd = scp->cmnd;
2926 memset(arr, 0, sizeof(arr));
2930 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 1, ppc ? 1 : 0);
2931 return check_condition_result;
2933 pcode = cmd[2] & 0x3f;
2934 subpcode = cmd[3] & 0xff;
2935 alloc_len = get_unaligned_be16(cmd + 7);
2937 if (0 == subpcode) {
2939 case 0x0: /* Supported log pages log page */
2941 arr[n++] = 0x0; /* this page */
2942 arr[n++] = 0xd; /* Temperature */
2943 arr[n++] = 0x2f; /* Informational exceptions */
2946 case 0xd: /* Temperature log page */
2947 arr[3] = resp_temp_l_pg(arr + 4);
2949 case 0x2f: /* Informational exceptions log page */
2950 arr[3] = resp_ie_l_pg(arr + 4);
2953 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 2, 5);
2954 return check_condition_result;
2956 } else if (0xff == subpcode) {
2960 case 0x0: /* Supported log pages and subpages log page */
2963 arr[n++] = 0x0; /* 0,0 page */
2965 arr[n++] = 0xff; /* this page */
2967 arr[n++] = 0x0; /* Temperature */
2969 arr[n++] = 0x1; /* Environment reporting */
2971 arr[n++] = 0xff; /* all 0xd subpages */
2973 arr[n++] = 0x0; /* Informational exceptions */
2975 arr[n++] = 0xff; /* all 0x2f subpages */
2978 case 0xd: /* Temperature subpages */
2981 arr[n++] = 0x0; /* Temperature */
2983 arr[n++] = 0x1; /* Environment reporting */
2985 arr[n++] = 0xff; /* these subpages */
2988 case 0x2f: /* Informational exceptions subpages */
2991 arr[n++] = 0x0; /* Informational exceptions */
2993 arr[n++] = 0xff; /* these subpages */
2997 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 2, 5);
2998 return check_condition_result;
3000 } else if (subpcode > 0) {
3003 if (pcode == 0xd && subpcode == 1)
3004 arr[3] = resp_env_rep_l_spg(arr + 4);
3006 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 2, 5);
3007 return check_condition_result;
3010 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 3, -1);
3011 return check_condition_result;
3013 len = min_t(u32, get_unaligned_be16(arr + 2) + 4, alloc_len);
3014 return fill_from_dev_buffer(scp, arr,
3015 min_t(u32, len, SDEBUG_MAX_INQ_ARR_SZ));
3018 static inline bool sdebug_dev_is_zoned(struct sdebug_dev_info *devip)
3020 return devip->nr_zones != 0;
3023 static struct sdeb_zone_state *zbc_zone(struct sdebug_dev_info *devip,
3024 unsigned long long lba)
3026 u32 zno = lba >> devip->zsize_shift;
3027 struct sdeb_zone_state *zsp;
3029 if (devip->zcap == devip->zsize || zno < devip->nr_conv_zones)
3030 return &devip->zstate[zno];
3033 * If the zone capacity is less than the zone size, adjust for gap
3036 zno = 2 * zno - devip->nr_conv_zones;
3037 WARN_ONCE(zno >= devip->nr_zones, "%u > %u\n", zno, devip->nr_zones);
3038 zsp = &devip->zstate[zno];
3039 if (lba >= zsp->z_start + zsp->z_size)
3041 WARN_ON_ONCE(lba >= zsp->z_start + zsp->z_size);
3045 static inline bool zbc_zone_is_conv(struct sdeb_zone_state *zsp)
3047 return zsp->z_type == ZBC_ZTYPE_CNV;
3050 static inline bool zbc_zone_is_gap(struct sdeb_zone_state *zsp)
3052 return zsp->z_type == ZBC_ZTYPE_GAP;
3055 static inline bool zbc_zone_is_seq(struct sdeb_zone_state *zsp)
3057 return !zbc_zone_is_conv(zsp) && !zbc_zone_is_gap(zsp);
3060 static void zbc_close_zone(struct sdebug_dev_info *devip,
3061 struct sdeb_zone_state *zsp)
3063 enum sdebug_z_cond zc;
3065 if (!zbc_zone_is_seq(zsp))
3069 if (!(zc == ZC2_IMPLICIT_OPEN || zc == ZC3_EXPLICIT_OPEN))
3072 if (zc == ZC2_IMPLICIT_OPEN)
3073 devip->nr_imp_open--;
3075 devip->nr_exp_open--;
3077 if (zsp->z_wp == zsp->z_start) {
3078 zsp->z_cond = ZC1_EMPTY;
3080 zsp->z_cond = ZC4_CLOSED;
3085 static void zbc_close_imp_open_zone(struct sdebug_dev_info *devip)
3087 struct sdeb_zone_state *zsp = &devip->zstate[0];
3090 for (i = 0; i < devip->nr_zones; i++, zsp++) {
3091 if (zsp->z_cond == ZC2_IMPLICIT_OPEN) {
3092 zbc_close_zone(devip, zsp);
3098 static void zbc_open_zone(struct sdebug_dev_info *devip,
3099 struct sdeb_zone_state *zsp, bool explicit)
3101 enum sdebug_z_cond zc;
3103 if (!zbc_zone_is_seq(zsp))
3107 if ((explicit && zc == ZC3_EXPLICIT_OPEN) ||
3108 (!explicit && zc == ZC2_IMPLICIT_OPEN))
3111 /* Close an implicit open zone if necessary */
3112 if (explicit && zsp->z_cond == ZC2_IMPLICIT_OPEN)
3113 zbc_close_zone(devip, zsp);
3114 else if (devip->max_open &&
3115 devip->nr_imp_open + devip->nr_exp_open >= devip->max_open)
3116 zbc_close_imp_open_zone(devip);
3118 if (zsp->z_cond == ZC4_CLOSED)
3121 zsp->z_cond = ZC3_EXPLICIT_OPEN;
3122 devip->nr_exp_open++;
3124 zsp->z_cond = ZC2_IMPLICIT_OPEN;
3125 devip->nr_imp_open++;
3129 static inline void zbc_set_zone_full(struct sdebug_dev_info *devip,
3130 struct sdeb_zone_state *zsp)
3132 switch (zsp->z_cond) {
3133 case ZC2_IMPLICIT_OPEN:
3134 devip->nr_imp_open--;
3136 case ZC3_EXPLICIT_OPEN:
3137 devip->nr_exp_open--;
3140 WARN_ONCE(true, "Invalid zone %llu condition %x\n",
3141 zsp->z_start, zsp->z_cond);
3144 zsp->z_cond = ZC5_FULL;
3147 static void zbc_inc_wp(struct sdebug_dev_info *devip,
3148 unsigned long long lba, unsigned int num)
3150 struct sdeb_zone_state *zsp = zbc_zone(devip, lba);
3151 unsigned long long n, end, zend = zsp->z_start + zsp->z_size;
3153 if (!zbc_zone_is_seq(zsp))
3156 if (zsp->z_type == ZBC_ZTYPE_SWR) {
3158 if (zsp->z_wp >= zend)
3159 zbc_set_zone_full(devip, zsp);
3164 if (lba != zsp->z_wp)
3165 zsp->z_non_seq_resource = true;
3171 } else if (end > zsp->z_wp) {
3177 if (zsp->z_wp >= zend)
3178 zbc_set_zone_full(devip, zsp);
3184 zend = zsp->z_start + zsp->z_size;
3189 static int check_zbc_access_params(struct scsi_cmnd *scp,
3190 unsigned long long lba, unsigned int num, bool write)
3192 struct scsi_device *sdp = scp->device;
3193 struct sdebug_dev_info *devip = (struct sdebug_dev_info *)sdp->hostdata;
3194 struct sdeb_zone_state *zsp = zbc_zone(devip, lba);
3195 struct sdeb_zone_state *zsp_end = zbc_zone(devip, lba + num - 1);
3198 /* For host-managed, reads cannot cross zone types boundaries */
3199 if (zsp->z_type != zsp_end->z_type) {
3200 mk_sense_buffer(scp, ILLEGAL_REQUEST,
3203 return check_condition_result;
3208 /* Writing into a gap zone is not allowed */
3209 if (zbc_zone_is_gap(zsp)) {
3210 mk_sense_buffer(scp, ILLEGAL_REQUEST, LBA_OUT_OF_RANGE,
3211 ATTEMPT_ACCESS_GAP);
3212 return check_condition_result;
3215 /* No restrictions for writes within conventional zones */
3216 if (zbc_zone_is_conv(zsp)) {
3217 if (!zbc_zone_is_conv(zsp_end)) {
3218 mk_sense_buffer(scp, ILLEGAL_REQUEST,
3220 WRITE_BOUNDARY_ASCQ);
3221 return check_condition_result;
3226 if (zsp->z_type == ZBC_ZTYPE_SWR) {
3227 /* Writes cannot cross sequential zone boundaries */
3228 if (zsp_end != zsp) {
3229 mk_sense_buffer(scp, ILLEGAL_REQUEST,
3231 WRITE_BOUNDARY_ASCQ);
3232 return check_condition_result;
3234 /* Cannot write full zones */
3235 if (zsp->z_cond == ZC5_FULL) {
3236 mk_sense_buffer(scp, ILLEGAL_REQUEST,
3237 INVALID_FIELD_IN_CDB, 0);
3238 return check_condition_result;
3240 /* Writes must be aligned to the zone WP */
3241 if (lba != zsp->z_wp) {
3242 mk_sense_buffer(scp, ILLEGAL_REQUEST,
3244 UNALIGNED_WRITE_ASCQ);
3245 return check_condition_result;
3249 /* Handle implicit open of closed and empty zones */
3250 if (zsp->z_cond == ZC1_EMPTY || zsp->z_cond == ZC4_CLOSED) {
3251 if (devip->max_open &&
3252 devip->nr_exp_open >= devip->max_open) {
3253 mk_sense_buffer(scp, DATA_PROTECT,
3256 return check_condition_result;
3258 zbc_open_zone(devip, zsp, false);
3264 static inline int check_device_access_params
3265 (struct scsi_cmnd *scp, unsigned long long lba,
3266 unsigned int num, bool write)
3268 struct scsi_device *sdp = scp->device;
3269 struct sdebug_dev_info *devip = (struct sdebug_dev_info *)sdp->hostdata;
3271 if (lba + num > sdebug_capacity) {
3272 mk_sense_buffer(scp, ILLEGAL_REQUEST, LBA_OUT_OF_RANGE, 0);
3273 return check_condition_result;
3275 /* transfer length excessive (tie in to block limits VPD page) */
3276 if (num > sdebug_store_sectors) {
3277 /* needs work to find which cdb byte 'num' comes from */
3278 mk_sense_buffer(scp, ILLEGAL_REQUEST, INVALID_FIELD_IN_CDB, 0);
3279 return check_condition_result;
3281 if (write && unlikely(sdebug_wp)) {
3282 mk_sense_buffer(scp, DATA_PROTECT, WRITE_PROTECTED, 0x2);
3283 return check_condition_result;
3285 if (sdebug_dev_is_zoned(devip))
3286 return check_zbc_access_params(scp, lba, num, write);
3292 * Note: if BUG_ON() fires it usually indicates a problem with the parser
3293 * tables. Perhaps a missing F_FAKE_RW or FF_MEDIA_IO flag. Response functions
3294 * that access any of the "stores" in struct sdeb_store_info should call this
3295 * function with bug_if_fake_rw set to true.
3297 static inline struct sdeb_store_info *devip2sip(struct sdebug_dev_info *devip,
3298 bool bug_if_fake_rw)
3300 if (sdebug_fake_rw) {
3301 BUG_ON(bug_if_fake_rw); /* See note above */
3304 return xa_load(per_store_ap, devip->sdbg_host->si_idx);
3307 /* Returns number of bytes copied or -1 if error. */
3308 static int do_device_access(struct sdeb_store_info *sip, struct scsi_cmnd *scp,
3309 u32 sg_skip, u64 lba, u32 num, bool do_write)
3312 u64 block, rest = 0;
3313 enum dma_data_direction dir;
3314 struct scsi_data_buffer *sdb = &scp->sdb;
3318 dir = DMA_TO_DEVICE;
3319 write_since_sync = true;
3321 dir = DMA_FROM_DEVICE;
3324 if (!sdb->length || !sip)
3326 if (scp->sc_data_direction != dir)
3330 block = do_div(lba, sdebug_store_sectors);
3331 if (block + num > sdebug_store_sectors)
3332 rest = block + num - sdebug_store_sectors;
3334 ret = sg_copy_buffer(sdb->table.sgl, sdb->table.nents,
3335 fsp + (block * sdebug_sector_size),
3336 (num - rest) * sdebug_sector_size, sg_skip, do_write);
3337 if (ret != (num - rest) * sdebug_sector_size)
3341 ret += sg_copy_buffer(sdb->table.sgl, sdb->table.nents,
3342 fsp, rest * sdebug_sector_size,
3343 sg_skip + ((num - rest) * sdebug_sector_size),
3350 /* Returns number of bytes copied or -1 if error. */
3351 static int do_dout_fetch(struct scsi_cmnd *scp, u32 num, u8 *doutp)
3353 struct scsi_data_buffer *sdb = &scp->sdb;
3357 if (scp->sc_data_direction != DMA_TO_DEVICE)
3359 return sg_copy_buffer(sdb->table.sgl, sdb->table.nents, doutp,
3360 num * sdebug_sector_size, 0, true);
3363 /* If sip->storep+lba compares equal to arr(num), then copy top half of
3364 * arr into sip->storep+lba and return true. If comparison fails then
3366 static bool comp_write_worker(struct sdeb_store_info *sip, u64 lba, u32 num,
3367 const u8 *arr, bool compare_only)
3370 u64 block, rest = 0;
3371 u32 store_blks = sdebug_store_sectors;
3372 u32 lb_size = sdebug_sector_size;
3373 u8 *fsp = sip->storep;
3375 block = do_div(lba, store_blks);
3376 if (block + num > store_blks)
3377 rest = block + num - store_blks;
3379 res = !memcmp(fsp + (block * lb_size), arr, (num - rest) * lb_size);
3383 res = memcmp(fsp, arr + ((num - rest) * lb_size),
3389 arr += num * lb_size;
3390 memcpy(fsp + (block * lb_size), arr, (num - rest) * lb_size);
3392 memcpy(fsp, arr + ((num - rest) * lb_size), rest * lb_size);
3396 static __be16 dif_compute_csum(const void *buf, int len)
3401 csum = (__force __be16)ip_compute_csum(buf, len);
3403 csum = cpu_to_be16(crc_t10dif(buf, len));
3408 static int dif_verify(struct t10_pi_tuple *sdt, const void *data,
3409 sector_t sector, u32 ei_lba)
3411 __be16 csum = dif_compute_csum(data, sdebug_sector_size);
3413 if (sdt->guard_tag != csum) {
3414 pr_err("GUARD check failed on sector %lu rcvd 0x%04x, data 0x%04x\n",
3415 (unsigned long)sector,
3416 be16_to_cpu(sdt->guard_tag),
3420 if (sdebug_dif == T10_PI_TYPE1_PROTECTION &&
3421 be32_to_cpu(sdt->ref_tag) != (sector & 0xffffffff)) {
3422 pr_err("REF check failed on sector %lu\n",
3423 (unsigned long)sector);
3426 if (sdebug_dif == T10_PI_TYPE2_PROTECTION &&
3427 be32_to_cpu(sdt->ref_tag) != ei_lba) {
3428 pr_err("REF check failed on sector %lu\n",
3429 (unsigned long)sector);
3435 static void dif_copy_prot(struct scsi_cmnd *scp, sector_t sector,
3436 unsigned int sectors, bool read)
3440 struct sdeb_store_info *sip = devip2sip((struct sdebug_dev_info *)
3441 scp->device->hostdata, true);
3442 struct t10_pi_tuple *dif_storep = sip->dif_storep;
3443 const void *dif_store_end = dif_storep + sdebug_store_sectors;
3444 struct sg_mapping_iter miter;
3446 /* Bytes of protection data to copy into sgl */
3447 resid = sectors * sizeof(*dif_storep);
3449 sg_miter_start(&miter, scsi_prot_sglist(scp),
3450 scsi_prot_sg_count(scp), SG_MITER_ATOMIC |
3451 (read ? SG_MITER_TO_SG : SG_MITER_FROM_SG));
3453 while (sg_miter_next(&miter) && resid > 0) {
3454 size_t len = min_t(size_t, miter.length, resid);
3455 void *start = dif_store(sip, sector);
3458 if (dif_store_end < start + len)
3459 rest = start + len - dif_store_end;
3464 memcpy(paddr, start, len - rest);
3466 memcpy(start, paddr, len - rest);
3470 memcpy(paddr + len - rest, dif_storep, rest);
3472 memcpy(dif_storep, paddr + len - rest, rest);
3475 sector += len / sizeof(*dif_storep);
3478 sg_miter_stop(&miter);
3481 static int prot_verify_read(struct scsi_cmnd *scp, sector_t start_sec,
3482 unsigned int sectors, u32 ei_lba)
3487 struct sdeb_store_info *sip = devip2sip((struct sdebug_dev_info *)
3488 scp->device->hostdata, true);
3489 struct t10_pi_tuple *sdt;
3491 for (i = 0; i < sectors; i++, ei_lba++) {
3492 sector = start_sec + i;
3493 sdt = dif_store(sip, sector);
3495 if (sdt->app_tag == cpu_to_be16(0xffff))
3499 * Because scsi_debug acts as both initiator and
3500 * target we proceed to verify the PI even if
3501 * RDPROTECT=3. This is done so the "initiator" knows
3502 * which type of error to return. Otherwise we would
3503 * have to iterate over the PI twice.
3505 if (scp->cmnd[1] >> 5) { /* RDPROTECT */
3506 ret = dif_verify(sdt, lba2fake_store(sip, sector),
3515 dif_copy_prot(scp, start_sec, sectors, true);
3522 sdeb_read_lock(struct sdeb_store_info *sip)
3524 if (sdebug_no_rwlock) {
3526 __acquire(&sip->macc_lck);
3528 __acquire(&sdeb_fake_rw_lck);
3531 read_lock(&sip->macc_lck);
3533 read_lock(&sdeb_fake_rw_lck);
3538 sdeb_read_unlock(struct sdeb_store_info *sip)
3540 if (sdebug_no_rwlock) {
3542 __release(&sip->macc_lck);
3544 __release(&sdeb_fake_rw_lck);
3547 read_unlock(&sip->macc_lck);
3549 read_unlock(&sdeb_fake_rw_lck);
3554 sdeb_write_lock(struct sdeb_store_info *sip)
3556 if (sdebug_no_rwlock) {
3558 __acquire(&sip->macc_lck);
3560 __acquire(&sdeb_fake_rw_lck);
3563 write_lock(&sip->macc_lck);
3565 write_lock(&sdeb_fake_rw_lck);
3570 sdeb_write_unlock(struct sdeb_store_info *sip)
3572 if (sdebug_no_rwlock) {
3574 __release(&sip->macc_lck);
3576 __release(&sdeb_fake_rw_lck);
3579 write_unlock(&sip->macc_lck);
3581 write_unlock(&sdeb_fake_rw_lck);
3585 static int resp_read_dt0(struct scsi_cmnd *scp, struct sdebug_dev_info *devip)
3592 struct sdeb_store_info *sip = devip2sip(devip, true);
3593 u8 *cmd = scp->cmnd;
3598 lba = get_unaligned_be64(cmd + 2);
3599 num = get_unaligned_be32(cmd + 10);
3604 lba = get_unaligned_be32(cmd + 2);
3605 num = get_unaligned_be16(cmd + 7);
3610 lba = (u32)cmd[3] | (u32)cmd[2] << 8 |
3611 (u32)(cmd[1] & 0x1f) << 16;
3612 num = (0 == cmd[4]) ? 256 : cmd[4];
3617 lba = get_unaligned_be32(cmd + 2);
3618 num = get_unaligned_be32(cmd + 6);
3621 case XDWRITEREAD_10:
3623 lba = get_unaligned_be32(cmd + 2);
3624 num = get_unaligned_be16(cmd + 7);
3627 default: /* assume READ(32) */
3628 lba = get_unaligned_be64(cmd + 12);
3629 ei_lba = get_unaligned_be32(cmd + 20);
3630 num = get_unaligned_be32(cmd + 28);
3634 if (unlikely(have_dif_prot && check_prot)) {
3635 if (sdebug_dif == T10_PI_TYPE2_PROTECTION &&
3637 mk_sense_invalid_opcode(scp);
3638 return check_condition_result;
3640 if ((sdebug_dif == T10_PI_TYPE1_PROTECTION ||
3641 sdebug_dif == T10_PI_TYPE3_PROTECTION) &&
3642 (cmd[1] & 0xe0) == 0)
3643 sdev_printk(KERN_ERR, scp->device, "Unprotected RD "
3646 if (unlikely((sdebug_opts & SDEBUG_OPT_SHORT_TRANSFER) &&
3647 atomic_read(&sdeb_inject_pending))) {
3649 atomic_set(&sdeb_inject_pending, 0);
3652 ret = check_device_access_params(scp, lba, num, false);
3655 if (unlikely((SDEBUG_OPT_MEDIUM_ERR & sdebug_opts) &&
3656 (lba <= (sdebug_medium_error_start + sdebug_medium_error_count - 1)) &&
3657 ((lba + num) > sdebug_medium_error_start))) {
3658 /* claim unrecoverable read error */
3659 mk_sense_buffer(scp, MEDIUM_ERROR, UNRECOVERED_READ_ERR, 0);
3660 /* set info field and valid bit for fixed descriptor */
3661 if (0x70 == (scp->sense_buffer[0] & 0x7f)) {
3662 scp->sense_buffer[0] |= 0x80; /* Valid bit */
3663 ret = (lba < OPT_MEDIUM_ERR_ADDR)
3664 ? OPT_MEDIUM_ERR_ADDR : (int)lba;
3665 put_unaligned_be32(ret, scp->sense_buffer + 3);
3667 scsi_set_resid(scp, scsi_bufflen(scp));
3668 return check_condition_result;
3671 sdeb_read_lock(sip);
3674 if (unlikely(sdebug_dix && scsi_prot_sg_count(scp))) {
3675 switch (prot_verify_read(scp, lba, num, ei_lba)) {
3676 case 1: /* Guard tag error */
3677 if (cmd[1] >> 5 != 3) { /* RDPROTECT != 3 */
3678 sdeb_read_unlock(sip);
3679 mk_sense_buffer(scp, ABORTED_COMMAND, 0x10, 1);
3680 return check_condition_result;
3681 } else if (scp->prot_flags & SCSI_PROT_GUARD_CHECK) {
3682 sdeb_read_unlock(sip);
3683 mk_sense_buffer(scp, ILLEGAL_REQUEST, 0x10, 1);
3684 return illegal_condition_result;
3687 case 3: /* Reference tag error */
3688 if (cmd[1] >> 5 != 3) { /* RDPROTECT != 3 */
3689 sdeb_read_unlock(sip);
3690 mk_sense_buffer(scp, ABORTED_COMMAND, 0x10, 3);
3691 return check_condition_result;
3692 } else if (scp->prot_flags & SCSI_PROT_REF_CHECK) {
3693 sdeb_read_unlock(sip);
3694 mk_sense_buffer(scp, ILLEGAL_REQUEST, 0x10, 3);
3695 return illegal_condition_result;
3701 ret = do_device_access(sip, scp, 0, lba, num, false);
3702 sdeb_read_unlock(sip);
3703 if (unlikely(ret == -1))
3704 return DID_ERROR << 16;
3706 scsi_set_resid(scp, scsi_bufflen(scp) - ret);
3708 if (unlikely((sdebug_opts & SDEBUG_OPT_RECOV_DIF_DIX) &&
3709 atomic_read(&sdeb_inject_pending))) {
3710 if (sdebug_opts & SDEBUG_OPT_RECOVERED_ERR) {
3711 mk_sense_buffer(scp, RECOVERED_ERROR, THRESHOLD_EXCEEDED, 0);
3712 atomic_set(&sdeb_inject_pending, 0);
3713 return check_condition_result;
3714 } else if (sdebug_opts & SDEBUG_OPT_DIF_ERR) {
3715 /* Logical block guard check failed */
3716 mk_sense_buffer(scp, ABORTED_COMMAND, 0x10, 1);
3717 atomic_set(&sdeb_inject_pending, 0);
3718 return illegal_condition_result;
3719 } else if (SDEBUG_OPT_DIX_ERR & sdebug_opts) {
3720 mk_sense_buffer(scp, ILLEGAL_REQUEST, 0x10, 1);
3721 atomic_set(&sdeb_inject_pending, 0);
3722 return illegal_condition_result;
3728 static int prot_verify_write(struct scsi_cmnd *SCpnt, sector_t start_sec,
3729 unsigned int sectors, u32 ei_lba)
3732 struct t10_pi_tuple *sdt;
3734 sector_t sector = start_sec;
3737 struct sg_mapping_iter diter;
3738 struct sg_mapping_iter piter;
3740 BUG_ON(scsi_sg_count(SCpnt) == 0);
3741 BUG_ON(scsi_prot_sg_count(SCpnt) == 0);
3743 sg_miter_start(&piter, scsi_prot_sglist(SCpnt),
3744 scsi_prot_sg_count(SCpnt),
3745 SG_MITER_ATOMIC | SG_MITER_FROM_SG);
3746 sg_miter_start(&diter, scsi_sglist(SCpnt), scsi_sg_count(SCpnt),
3747 SG_MITER_ATOMIC | SG_MITER_FROM_SG);
3749 /* For each protection page */
3750 while (sg_miter_next(&piter)) {
3752 if (WARN_ON(!sg_miter_next(&diter))) {
3757 for (ppage_offset = 0; ppage_offset < piter.length;
3758 ppage_offset += sizeof(struct t10_pi_tuple)) {
3759 /* If we're at the end of the current
3760 * data page advance to the next one
3762 if (dpage_offset >= diter.length) {
3763 if (WARN_ON(!sg_miter_next(&diter))) {
3770 sdt = piter.addr + ppage_offset;
3771 daddr = diter.addr + dpage_offset;
3773 if (SCpnt->cmnd[1] >> 5 != 3) { /* WRPROTECT */
3774 ret = dif_verify(sdt, daddr, sector, ei_lba);
3781 dpage_offset += sdebug_sector_size;
3783 diter.consumed = dpage_offset;
3784 sg_miter_stop(&diter);
3786 sg_miter_stop(&piter);
3788 dif_copy_prot(SCpnt, start_sec, sectors, false);
3795 sg_miter_stop(&diter);
3796 sg_miter_stop(&piter);
3800 static unsigned long lba_to_map_index(sector_t lba)
3802 if (sdebug_unmap_alignment)
3803 lba += sdebug_unmap_granularity - sdebug_unmap_alignment;
3804 sector_div(lba, sdebug_unmap_granularity);
3808 static sector_t map_index_to_lba(unsigned long index)
3810 sector_t lba = index * sdebug_unmap_granularity;
3812 if (sdebug_unmap_alignment)
3813 lba -= sdebug_unmap_granularity - sdebug_unmap_alignment;
3817 static unsigned int map_state(struct sdeb_store_info *sip, sector_t lba,
3821 unsigned int mapped;
3822 unsigned long index;
3825 index = lba_to_map_index(lba);
3826 mapped = test_bit(index, sip->map_storep);
3829 next = find_next_zero_bit(sip->map_storep, map_size, index);
3831 next = find_next_bit(sip->map_storep, map_size, index);
3833 end = min_t(sector_t, sdebug_store_sectors, map_index_to_lba(next));
3838 static void map_region(struct sdeb_store_info *sip, sector_t lba,
3841 sector_t end = lba + len;
3844 unsigned long index = lba_to_map_index(lba);
3846 if (index < map_size)
3847 set_bit(index, sip->map_storep);
3849 lba = map_index_to_lba(index + 1);
3853 static void unmap_region(struct sdeb_store_info *sip, sector_t lba,
3856 sector_t end = lba + len;
3857 u8 *fsp = sip->storep;
3860 unsigned long index = lba_to_map_index(lba);
3862 if (lba == map_index_to_lba(index) &&
3863 lba + sdebug_unmap_granularity <= end &&
3865 clear_bit(index, sip->map_storep);
3866 if (sdebug_lbprz) { /* for LBPRZ=2 return 0xff_s */
3867 memset(fsp + lba * sdebug_sector_size,
3868 (sdebug_lbprz & 1) ? 0 : 0xff,
3869 sdebug_sector_size *
3870 sdebug_unmap_granularity);
3872 if (sip->dif_storep) {
3873 memset(sip->dif_storep + lba, 0xff,
3874 sizeof(*sip->dif_storep) *
3875 sdebug_unmap_granularity);
3878 lba = map_index_to_lba(index + 1);
3882 static int resp_write_dt0(struct scsi_cmnd *scp, struct sdebug_dev_info *devip)
3889 struct sdeb_store_info *sip = devip2sip(devip, true);
3890 u8 *cmd = scp->cmnd;
3895 lba = get_unaligned_be64(cmd + 2);
3896 num = get_unaligned_be32(cmd + 10);
3901 lba = get_unaligned_be32(cmd + 2);
3902 num = get_unaligned_be16(cmd + 7);
3907 lba = (u32)cmd[3] | (u32)cmd[2] << 8 |
3908 (u32)(cmd[1] & 0x1f) << 16;
3909 num = (0 == cmd[4]) ? 256 : cmd[4];
3914 lba = get_unaligned_be32(cmd + 2);
3915 num = get_unaligned_be32(cmd + 6);
3918 case 0x53: /* XDWRITEREAD(10) */
3920 lba = get_unaligned_be32(cmd + 2);
3921 num = get_unaligned_be16(cmd + 7);
3924 default: /* assume WRITE(32) */
3925 lba = get_unaligned_be64(cmd + 12);
3926 ei_lba = get_unaligned_be32(cmd + 20);
3927 num = get_unaligned_be32(cmd + 28);
3931 if (unlikely(have_dif_prot && check_prot)) {
3932 if (sdebug_dif == T10_PI_TYPE2_PROTECTION &&
3934 mk_sense_invalid_opcode(scp);
3935 return check_condition_result;
3937 if ((sdebug_dif == T10_PI_TYPE1_PROTECTION ||
3938 sdebug_dif == T10_PI_TYPE3_PROTECTION) &&
3939 (cmd[1] & 0xe0) == 0)
3940 sdev_printk(KERN_ERR, scp->device, "Unprotected WR "
3944 sdeb_write_lock(sip);
3945 ret = check_device_access_params(scp, lba, num, true);
3947 sdeb_write_unlock(sip);
3952 if (unlikely(sdebug_dix && scsi_prot_sg_count(scp))) {
3953 switch (prot_verify_write(scp, lba, num, ei_lba)) {
3954 case 1: /* Guard tag error */
3955 if (scp->prot_flags & SCSI_PROT_GUARD_CHECK) {
3956 sdeb_write_unlock(sip);
3957 mk_sense_buffer(scp, ILLEGAL_REQUEST, 0x10, 1);
3958 return illegal_condition_result;
3959 } else if (scp->cmnd[1] >> 5 != 3) { /* WRPROTECT != 3 */
3960 sdeb_write_unlock(sip);
3961 mk_sense_buffer(scp, ABORTED_COMMAND, 0x10, 1);
3962 return check_condition_result;
3965 case 3: /* Reference tag error */
3966 if (scp->prot_flags & SCSI_PROT_REF_CHECK) {
3967 sdeb_write_unlock(sip);
3968 mk_sense_buffer(scp, ILLEGAL_REQUEST, 0x10, 3);
3969 return illegal_condition_result;
3970 } else if (scp->cmnd[1] >> 5 != 3) { /* WRPROTECT != 3 */
3971 sdeb_write_unlock(sip);
3972 mk_sense_buffer(scp, ABORTED_COMMAND, 0x10, 3);
3973 return check_condition_result;
3979 ret = do_device_access(sip, scp, 0, lba, num, true);
3980 if (unlikely(scsi_debug_lbp()))
3981 map_region(sip, lba, num);
3982 /* If ZBC zone then bump its write pointer */
3983 if (sdebug_dev_is_zoned(devip))
3984 zbc_inc_wp(devip, lba, num);
3985 sdeb_write_unlock(sip);
3986 if (unlikely(-1 == ret))
3987 return DID_ERROR << 16;
3988 else if (unlikely(sdebug_verbose &&
3989 (ret < (num * sdebug_sector_size))))
3990 sdev_printk(KERN_INFO, scp->device,
3991 "%s: write: cdb indicated=%u, IO sent=%d bytes\n",
3992 my_name, num * sdebug_sector_size, ret);
3994 if (unlikely((sdebug_opts & SDEBUG_OPT_RECOV_DIF_DIX) &&
3995 atomic_read(&sdeb_inject_pending))) {
3996 if (sdebug_opts & SDEBUG_OPT_RECOVERED_ERR) {
3997 mk_sense_buffer(scp, RECOVERED_ERROR, THRESHOLD_EXCEEDED, 0);
3998 atomic_set(&sdeb_inject_pending, 0);
3999 return check_condition_result;
4000 } else if (sdebug_opts & SDEBUG_OPT_DIF_ERR) {
4001 /* Logical block guard check failed */
4002 mk_sense_buffer(scp, ABORTED_COMMAND, 0x10, 1);
4003 atomic_set(&sdeb_inject_pending, 0);
4004 return illegal_condition_result;
4005 } else if (sdebug_opts & SDEBUG_OPT_DIX_ERR) {
4006 mk_sense_buffer(scp, ILLEGAL_REQUEST, 0x10, 1);
4007 atomic_set(&sdeb_inject_pending, 0);
4008 return illegal_condition_result;
4015 * T10 has only specified WRITE SCATTERED(16) and WRITE SCATTERED(32).
4016 * No READ GATHERED yet (requires bidi or long cdb holding gather list).
4018 static int resp_write_scat(struct scsi_cmnd *scp,
4019 struct sdebug_dev_info *devip)
4021 u8 *cmd = scp->cmnd;
4024 struct sdeb_store_info *sip = devip2sip(devip, true);
4026 u16 lbdof, num_lrd, k;
4027 u32 num, num_by, bt_len, lbdof_blen, sg_off, cum_lb;
4028 u32 lb_size = sdebug_sector_size;
4033 static const u32 lrd_size = 32; /* + parameter list header size */
4035 if (cmd[0] == VARIABLE_LENGTH_CMD) {
4037 wrprotect = (cmd[10] >> 5) & 0x7;
4038 lbdof = get_unaligned_be16(cmd + 12);
4039 num_lrd = get_unaligned_be16(cmd + 16);
4040 bt_len = get_unaligned_be32(cmd + 28);
4041 } else { /* that leaves WRITE SCATTERED(16) */
4043 wrprotect = (cmd[2] >> 5) & 0x7;
4044 lbdof = get_unaligned_be16(cmd + 4);
4045 num_lrd = get_unaligned_be16(cmd + 8);
4046 bt_len = get_unaligned_be32(cmd + 10);
4047 if (unlikely(have_dif_prot)) {
4048 if (sdebug_dif == T10_PI_TYPE2_PROTECTION &&
4050 mk_sense_invalid_opcode(scp);
4051 return illegal_condition_result;
4053 if ((sdebug_dif == T10_PI_TYPE1_PROTECTION ||
4054 sdebug_dif == T10_PI_TYPE3_PROTECTION) &&
4056 sdev_printk(KERN_ERR, scp->device,
4057 "Unprotected WR to DIF device\n");
4060 if ((num_lrd == 0) || (bt_len == 0))
4061 return 0; /* T10 says these do-nothings are not errors */
4064 sdev_printk(KERN_INFO, scp->device,
4065 "%s: %s: LB Data Offset field bad\n",
4067 mk_sense_buffer(scp, ILLEGAL_REQUEST, INVALID_FIELD_IN_CDB, 0);
4068 return illegal_condition_result;
4070 lbdof_blen = lbdof * lb_size;
4071 if ((lrd_size + (num_lrd * lrd_size)) > lbdof_blen) {
4073 sdev_printk(KERN_INFO, scp->device,
4074 "%s: %s: LBA range descriptors don't fit\n",
4076 mk_sense_buffer(scp, ILLEGAL_REQUEST, INVALID_FIELD_IN_CDB, 0);
4077 return illegal_condition_result;
4079 lrdp = kzalloc(lbdof_blen, GFP_ATOMIC | __GFP_NOWARN);
4081 return SCSI_MLQUEUE_HOST_BUSY;
4083 sdev_printk(KERN_INFO, scp->device,
4084 "%s: %s: Fetch header+scatter_list, lbdof_blen=%u\n",
4085 my_name, __func__, lbdof_blen);
4086 res = fetch_to_dev_buffer(scp, lrdp, lbdof_blen);
4088 ret = DID_ERROR << 16;
4092 sdeb_write_lock(sip);
4093 sg_off = lbdof_blen;
4094 /* Spec says Buffer xfer Length field in number of LBs in dout */
4096 for (k = 0, up = lrdp + lrd_size; k < num_lrd; ++k, up += lrd_size) {
4097 lba = get_unaligned_be64(up + 0);
4098 num = get_unaligned_be32(up + 8);
4100 sdev_printk(KERN_INFO, scp->device,
4101 "%s: %s: k=%d LBA=0x%llx num=%u sg_off=%u\n",
4102 my_name, __func__, k, lba, num, sg_off);
4105 ret = check_device_access_params(scp, lba, num, true);
4107 goto err_out_unlock;
4108 num_by = num * lb_size;
4109 ei_lba = is_16 ? 0 : get_unaligned_be32(up + 12);
4111 if ((cum_lb + num) > bt_len) {
4113 sdev_printk(KERN_INFO, scp->device,
4114 "%s: %s: sum of blocks > data provided\n",
4116 mk_sense_buffer(scp, ILLEGAL_REQUEST, WRITE_ERROR_ASC,
4118 ret = illegal_condition_result;
4119 goto err_out_unlock;
4123 if (unlikely(sdebug_dix && scsi_prot_sg_count(scp))) {
4124 int prot_ret = prot_verify_write(scp, lba, num,
4128 mk_sense_buffer(scp, ILLEGAL_REQUEST, 0x10,
4130 ret = illegal_condition_result;
4131 goto err_out_unlock;
4135 ret = do_device_access(sip, scp, sg_off, lba, num, true);
4136 /* If ZBC zone then bump its write pointer */
4137 if (sdebug_dev_is_zoned(devip))
4138 zbc_inc_wp(devip, lba, num);
4139 if (unlikely(scsi_debug_lbp()))
4140 map_region(sip, lba, num);
4141 if (unlikely(-1 == ret)) {
4142 ret = DID_ERROR << 16;
4143 goto err_out_unlock;
4144 } else if (unlikely(sdebug_verbose && (ret < num_by)))
4145 sdev_printk(KERN_INFO, scp->device,
4146 "%s: write: cdb indicated=%u, IO sent=%d bytes\n",
4147 my_name, num_by, ret);
4149 if (unlikely((sdebug_opts & SDEBUG_OPT_RECOV_DIF_DIX) &&
4150 atomic_read(&sdeb_inject_pending))) {
4151 if (sdebug_opts & SDEBUG_OPT_RECOVERED_ERR) {
4152 mk_sense_buffer(scp, RECOVERED_ERROR, THRESHOLD_EXCEEDED, 0);
4153 atomic_set(&sdeb_inject_pending, 0);
4154 ret = check_condition_result;
4155 goto err_out_unlock;
4156 } else if (sdebug_opts & SDEBUG_OPT_DIF_ERR) {
4157 /* Logical block guard check failed */
4158 mk_sense_buffer(scp, ABORTED_COMMAND, 0x10, 1);
4159 atomic_set(&sdeb_inject_pending, 0);
4160 ret = illegal_condition_result;
4161 goto err_out_unlock;
4162 } else if (sdebug_opts & SDEBUG_OPT_DIX_ERR) {
4163 mk_sense_buffer(scp, ILLEGAL_REQUEST, 0x10, 1);
4164 atomic_set(&sdeb_inject_pending, 0);
4165 ret = illegal_condition_result;
4166 goto err_out_unlock;
4174 sdeb_write_unlock(sip);
4180 static int resp_write_same(struct scsi_cmnd *scp, u64 lba, u32 num,
4181 u32 ei_lba, bool unmap, bool ndob)
4183 struct scsi_device *sdp = scp->device;
4184 struct sdebug_dev_info *devip = (struct sdebug_dev_info *)sdp->hostdata;
4185 unsigned long long i;
4187 u32 lb_size = sdebug_sector_size;
4189 struct sdeb_store_info *sip = devip2sip((struct sdebug_dev_info *)
4190 scp->device->hostdata, true);
4194 sdeb_write_lock(sip);
4196 ret = check_device_access_params(scp, lba, num, true);
4198 sdeb_write_unlock(sip);
4202 if (unmap && scsi_debug_lbp()) {
4203 unmap_region(sip, lba, num);
4207 block = do_div(lbaa, sdebug_store_sectors);
4208 /* if ndob then zero 1 logical block, else fetch 1 logical block */
4210 fs1p = fsp + (block * lb_size);
4212 memset(fs1p, 0, lb_size);
4215 ret = fetch_to_dev_buffer(scp, fs1p, lb_size);
4218 sdeb_write_unlock(sip);
4219 return DID_ERROR << 16;
4220 } else if (sdebug_verbose && !ndob && (ret < lb_size))
4221 sdev_printk(KERN_INFO, scp->device,
4222 "%s: %s: lb size=%u, IO sent=%d bytes\n",
4223 my_name, "write same", lb_size, ret);
4225 /* Copy first sector to remaining blocks */
4226 for (i = 1 ; i < num ; i++) {
4228 block = do_div(lbaa, sdebug_store_sectors);
4229 memmove(fsp + (block * lb_size), fs1p, lb_size);
4231 if (scsi_debug_lbp())
4232 map_region(sip, lba, num);
4233 /* If ZBC zone then bump its write pointer */
4234 if (sdebug_dev_is_zoned(devip))
4235 zbc_inc_wp(devip, lba, num);
4237 sdeb_write_unlock(sip);
4242 static int resp_write_same_10(struct scsi_cmnd *scp,
4243 struct sdebug_dev_info *devip)
4245 u8 *cmd = scp->cmnd;
4252 if (sdebug_lbpws10 == 0) {
4253 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 1, 3);
4254 return check_condition_result;
4258 lba = get_unaligned_be32(cmd + 2);
4259 num = get_unaligned_be16(cmd + 7);
4260 if (num > sdebug_write_same_length) {
4261 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 7, -1);
4262 return check_condition_result;
4264 return resp_write_same(scp, lba, num, ei_lba, unmap, false);
4267 static int resp_write_same_16(struct scsi_cmnd *scp,
4268 struct sdebug_dev_info *devip)
4270 u8 *cmd = scp->cmnd;
4277 if (cmd[1] & 0x8) { /* UNMAP */
4278 if (sdebug_lbpws == 0) {
4279 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 1, 3);
4280 return check_condition_result;
4284 if (cmd[1] & 0x1) /* NDOB (no data-out buffer, assumes zeroes) */
4286 lba = get_unaligned_be64(cmd + 2);
4287 num = get_unaligned_be32(cmd + 10);
4288 if (num > sdebug_write_same_length) {
4289 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 10, -1);
4290 return check_condition_result;
4292 return resp_write_same(scp, lba, num, ei_lba, unmap, ndob);
4295 /* Note the mode field is in the same position as the (lower) service action
4296 * field. For the Report supported operation codes command, SPC-4 suggests
4297 * each mode of this command should be reported separately; for future. */
4298 static int resp_write_buffer(struct scsi_cmnd *scp,
4299 struct sdebug_dev_info *devip)
4301 u8 *cmd = scp->cmnd;
4302 struct scsi_device *sdp = scp->device;
4303 struct sdebug_dev_info *dp;
4306 mode = cmd[1] & 0x1f;
4308 case 0x4: /* download microcode (MC) and activate (ACT) */
4309 /* set UAs on this device only */
4310 set_bit(SDEBUG_UA_BUS_RESET, devip->uas_bm);
4311 set_bit(SDEBUG_UA_MICROCODE_CHANGED, devip->uas_bm);
4313 case 0x5: /* download MC, save and ACT */
4314 set_bit(SDEBUG_UA_MICROCODE_CHANGED_WO_RESET, devip->uas_bm);
4316 case 0x6: /* download MC with offsets and ACT */
4317 /* set UAs on most devices (LUs) in this target */
4318 list_for_each_entry(dp,
4319 &devip->sdbg_host->dev_info_list,
4321 if (dp->target == sdp->id) {
4322 set_bit(SDEBUG_UA_BUS_RESET, dp->uas_bm);
4324 set_bit(SDEBUG_UA_MICROCODE_CHANGED,
4328 case 0x7: /* download MC with offsets, save, and ACT */
4329 /* set UA on all devices (LUs) in this target */
4330 list_for_each_entry(dp,
4331 &devip->sdbg_host->dev_info_list,
4333 if (dp->target == sdp->id)
4334 set_bit(SDEBUG_UA_MICROCODE_CHANGED_WO_RESET,
4338 /* do nothing for this command for other mode values */
4344 static int resp_comp_write(struct scsi_cmnd *scp,
4345 struct sdebug_dev_info *devip)
4347 u8 *cmd = scp->cmnd;
4349 struct sdeb_store_info *sip = devip2sip(devip, true);
4352 u32 lb_size = sdebug_sector_size;
4357 lba = get_unaligned_be64(cmd + 2);
4358 num = cmd[13]; /* 1 to a maximum of 255 logical blocks */
4360 return 0; /* degenerate case, not an error */
4361 if (sdebug_dif == T10_PI_TYPE2_PROTECTION &&
4363 mk_sense_invalid_opcode(scp);
4364 return check_condition_result;
4366 if ((sdebug_dif == T10_PI_TYPE1_PROTECTION ||
4367 sdebug_dif == T10_PI_TYPE3_PROTECTION) &&
4368 (cmd[1] & 0xe0) == 0)
4369 sdev_printk(KERN_ERR, scp->device, "Unprotected WR "
4371 ret = check_device_access_params(scp, lba, num, false);
4375 arr = kcalloc(lb_size, dnum, GFP_ATOMIC);
4377 mk_sense_buffer(scp, ILLEGAL_REQUEST, INSUFF_RES_ASC,
4379 return check_condition_result;
4382 sdeb_write_lock(sip);
4384 ret = do_dout_fetch(scp, dnum, arr);
4386 retval = DID_ERROR << 16;
4388 } else if (sdebug_verbose && (ret < (dnum * lb_size)))
4389 sdev_printk(KERN_INFO, scp->device, "%s: compare_write: cdb "
4390 "indicated=%u, IO sent=%d bytes\n", my_name,
4391 dnum * lb_size, ret);
4392 if (!comp_write_worker(sip, lba, num, arr, false)) {
4393 mk_sense_buffer(scp, MISCOMPARE, MISCOMPARE_VERIFY_ASC, 0);
4394 retval = check_condition_result;
4397 if (scsi_debug_lbp())
4398 map_region(sip, lba, num);
4400 sdeb_write_unlock(sip);
4405 struct unmap_block_desc {
4411 static int resp_unmap(struct scsi_cmnd *scp, struct sdebug_dev_info *devip)
4414 struct unmap_block_desc *desc;
4415 struct sdeb_store_info *sip = devip2sip(devip, true);
4416 unsigned int i, payload_len, descriptors;
4419 if (!scsi_debug_lbp())
4420 return 0; /* fib and say its done */
4421 payload_len = get_unaligned_be16(scp->cmnd + 7);
4422 BUG_ON(scsi_bufflen(scp) != payload_len);
4424 descriptors = (payload_len - 8) / 16;
4425 if (descriptors > sdebug_unmap_max_desc) {
4426 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 7, -1);
4427 return check_condition_result;
4430 buf = kzalloc(scsi_bufflen(scp), GFP_ATOMIC);
4432 mk_sense_buffer(scp, ILLEGAL_REQUEST, INSUFF_RES_ASC,
4434 return check_condition_result;
4437 scsi_sg_copy_to_buffer(scp, buf, scsi_bufflen(scp));
4439 BUG_ON(get_unaligned_be16(&buf[0]) != payload_len - 2);
4440 BUG_ON(get_unaligned_be16(&buf[2]) != descriptors * 16);
4442 desc = (void *)&buf[8];
4444 sdeb_write_lock(sip);
4446 for (i = 0 ; i < descriptors ; i++) {
4447 unsigned long long lba = get_unaligned_be64(&desc[i].lba);
4448 unsigned int num = get_unaligned_be32(&desc[i].blocks);
4450 ret = check_device_access_params(scp, lba, num, true);
4454 unmap_region(sip, lba, num);
4460 sdeb_write_unlock(sip);
4466 #define SDEBUG_GET_LBA_STATUS_LEN 32
4468 static int resp_get_lba_status(struct scsi_cmnd *scp,
4469 struct sdebug_dev_info *devip)
4471 u8 *cmd = scp->cmnd;
4473 u32 alloc_len, mapped, num;
4475 u8 arr[SDEBUG_GET_LBA_STATUS_LEN];
4477 lba = get_unaligned_be64(cmd + 2);
4478 alloc_len = get_unaligned_be32(cmd + 10);
4483 ret = check_device_access_params(scp, lba, 1, false);
4487 if (scsi_debug_lbp()) {
4488 struct sdeb_store_info *sip = devip2sip(devip, true);
4490 mapped = map_state(sip, lba, &num);
4493 /* following just in case virtual_gb changed */
4494 sdebug_capacity = get_sdebug_capacity();
4495 if (sdebug_capacity - lba <= 0xffffffff)
4496 num = sdebug_capacity - lba;
4501 memset(arr, 0, SDEBUG_GET_LBA_STATUS_LEN);
4502 put_unaligned_be32(20, arr); /* Parameter Data Length */
4503 put_unaligned_be64(lba, arr + 8); /* LBA */
4504 put_unaligned_be32(num, arr + 16); /* Number of blocks */
4505 arr[20] = !mapped; /* prov_stat=0: mapped; 1: dealloc */
4507 return fill_from_dev_buffer(scp, arr, SDEBUG_GET_LBA_STATUS_LEN);
4510 static int resp_sync_cache(struct scsi_cmnd *scp,
4511 struct sdebug_dev_info *devip)
4516 u8 *cmd = scp->cmnd;
4518 if (cmd[0] == SYNCHRONIZE_CACHE) { /* 10 byte cdb */
4519 lba = get_unaligned_be32(cmd + 2);
4520 num_blocks = get_unaligned_be16(cmd + 7);
4521 } else { /* SYNCHRONIZE_CACHE(16) */
4522 lba = get_unaligned_be64(cmd + 2);
4523 num_blocks = get_unaligned_be32(cmd + 10);
4525 if (lba + num_blocks > sdebug_capacity) {
4526 mk_sense_buffer(scp, ILLEGAL_REQUEST, LBA_OUT_OF_RANGE, 0);
4527 return check_condition_result;
4529 if (!write_since_sync || (cmd[1] & 0x2))
4530 res = SDEG_RES_IMMED_MASK;
4531 else /* delay if write_since_sync and IMMED clear */
4532 write_since_sync = false;
4537 * Assuming the LBA+num_blocks is not out-of-range, this function will return
4538 * CONDITION MET if the specified blocks will/have fitted in the cache, and
4539 * a GOOD status otherwise. Model a disk with a big cache and yield
4540 * CONDITION MET. Actually tries to bring range in main memory into the
4541 * cache associated with the CPU(s).
4543 static int resp_pre_fetch(struct scsi_cmnd *scp,
4544 struct sdebug_dev_info *devip)
4548 u64 block, rest = 0;
4550 u8 *cmd = scp->cmnd;
4551 struct sdeb_store_info *sip = devip2sip(devip, true);
4552 u8 *fsp = sip->storep;
4554 if (cmd[0] == PRE_FETCH) { /* 10 byte cdb */
4555 lba = get_unaligned_be32(cmd + 2);
4556 nblks = get_unaligned_be16(cmd + 7);
4557 } else { /* PRE-FETCH(16) */
4558 lba = get_unaligned_be64(cmd + 2);
4559 nblks = get_unaligned_be32(cmd + 10);
4561 if (lba + nblks > sdebug_capacity) {
4562 mk_sense_buffer(scp, ILLEGAL_REQUEST, LBA_OUT_OF_RANGE, 0);
4563 return check_condition_result;
4567 /* PRE-FETCH spec says nothing about LBP or PI so skip them */
4568 block = do_div(lba, sdebug_store_sectors);
4569 if (block + nblks > sdebug_store_sectors)
4570 rest = block + nblks - sdebug_store_sectors;
4572 /* Try to bring the PRE-FETCH range into CPU's cache */
4573 sdeb_read_lock(sip);
4574 prefetch_range(fsp + (sdebug_sector_size * block),
4575 (nblks - rest) * sdebug_sector_size);
4577 prefetch_range(fsp, rest * sdebug_sector_size);
4578 sdeb_read_unlock(sip);
4581 res = SDEG_RES_IMMED_MASK;
4582 return res | condition_met_result;
4585 #define RL_BUCKET_ELEMS 8
4587 /* Even though each pseudo target has a REPORT LUNS "well known logical unit"
4588 * (W-LUN), the normal Linux scanning logic does not associate it with a
4589 * device (e.g. /dev/sg7). The following magic will make that association:
4590 * "cd /sys/class/scsi_host/host<n> ; echo '- - 49409' > scan"
4591 * where <n> is a host number. If there are multiple targets in a host then
4592 * the above will associate a W-LUN to each target. To only get a W-LUN
4593 * for target 2, then use "echo '- 2 49409' > scan" .
4595 static int resp_report_luns(struct scsi_cmnd *scp,
4596 struct sdebug_dev_info *devip)
4598 unsigned char *cmd = scp->cmnd;
4599 unsigned int alloc_len;
4600 unsigned char select_report;
4602 struct scsi_lun *lun_p;
4603 u8 arr[RL_BUCKET_ELEMS * sizeof(struct scsi_lun)];
4604 unsigned int lun_cnt; /* normal LUN count (max: 256) */
4605 unsigned int wlun_cnt; /* report luns W-LUN count */
4606 unsigned int tlun_cnt; /* total LUN count */
4607 unsigned int rlen; /* response length (in bytes) */
4609 unsigned int off_rsp = 0;
4610 const int sz_lun = sizeof(struct scsi_lun);
4612 clear_luns_changed_on_target(devip);
4614 select_report = cmd[2];
4615 alloc_len = get_unaligned_be32(cmd + 6);
4617 if (alloc_len < 4) {
4618 pr_err("alloc len too small %d\n", alloc_len);
4619 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 6, -1);
4620 return check_condition_result;
4623 switch (select_report) {
4624 case 0: /* all LUNs apart from W-LUNs */
4625 lun_cnt = sdebug_max_luns;
4628 case 1: /* only W-LUNs */
4632 case 2: /* all LUNs */
4633 lun_cnt = sdebug_max_luns;
4636 case 0x10: /* only administrative LUs */
4637 case 0x11: /* see SPC-5 */
4638 case 0x12: /* only subsiduary LUs owned by referenced LU */
4640 pr_debug("select report invalid %d\n", select_report);
4641 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 2, -1);
4642 return check_condition_result;
4645 if (sdebug_no_lun_0 && (lun_cnt > 0))
4648 tlun_cnt = lun_cnt + wlun_cnt;
4649 rlen = tlun_cnt * sz_lun; /* excluding 8 byte header */
4650 scsi_set_resid(scp, scsi_bufflen(scp));
4651 pr_debug("select_report %d luns = %d wluns = %d no_lun0 %d\n",
4652 select_report, lun_cnt, wlun_cnt, sdebug_no_lun_0);
4654 /* loops rely on sizeof response header same as sizeof lun (both 8) */
4655 lun = sdebug_no_lun_0 ? 1 : 0;
4656 for (k = 0, j = 0, res = 0; true; ++k, j = 0) {
4657 memset(arr, 0, sizeof(arr));
4658 lun_p = (struct scsi_lun *)&arr[0];
4660 put_unaligned_be32(rlen, &arr[0]);
4664 for ( ; j < RL_BUCKET_ELEMS; ++j, ++lun_p) {
4665 if ((k * RL_BUCKET_ELEMS) + j > lun_cnt)
4667 int_to_scsilun(lun++, lun_p);
4668 if (lun > 1 && sdebug_lun_am == SAM_LUN_AM_FLAT)
4669 lun_p->scsi_lun[0] |= 0x40;
4671 if (j < RL_BUCKET_ELEMS)
4674 res = p_fill_from_dev_buffer(scp, arr, n, off_rsp);
4680 int_to_scsilun(SCSI_W_LUN_REPORT_LUNS, lun_p);
4684 res = p_fill_from_dev_buffer(scp, arr, j * sz_lun, off_rsp);
4688 static int resp_verify(struct scsi_cmnd *scp, struct sdebug_dev_info *devip)
4690 bool is_bytchk3 = false;
4693 u32 vnum, a_num, off;
4694 const u32 lb_size = sdebug_sector_size;
4697 u8 *cmd = scp->cmnd;
4698 struct sdeb_store_info *sip = devip2sip(devip, true);
4700 bytchk = (cmd[1] >> 1) & 0x3;
4702 return 0; /* always claim internal verify okay */
4703 } else if (bytchk == 2) {
4704 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 2, 2);
4705 return check_condition_result;
4706 } else if (bytchk == 3) {
4707 is_bytchk3 = true; /* 1 block sent, compared repeatedly */
4711 lba = get_unaligned_be64(cmd + 2);
4712 vnum = get_unaligned_be32(cmd + 10);
4714 case VERIFY: /* is VERIFY(10) */
4715 lba = get_unaligned_be32(cmd + 2);
4716 vnum = get_unaligned_be16(cmd + 7);
4719 mk_sense_invalid_opcode(scp);
4720 return check_condition_result;
4723 return 0; /* not an error */
4724 a_num = is_bytchk3 ? 1 : vnum;
4725 /* Treat following check like one for read (i.e. no write) access */
4726 ret = check_device_access_params(scp, lba, a_num, false);
4730 arr = kcalloc(lb_size, vnum, GFP_ATOMIC | __GFP_NOWARN);
4732 mk_sense_buffer(scp, ILLEGAL_REQUEST, INSUFF_RES_ASC,
4734 return check_condition_result;
4736 /* Not changing store, so only need read access */
4737 sdeb_read_lock(sip);
4739 ret = do_dout_fetch(scp, a_num, arr);
4741 ret = DID_ERROR << 16;
4743 } else if (sdebug_verbose && (ret < (a_num * lb_size))) {
4744 sdev_printk(KERN_INFO, scp->device,
4745 "%s: %s: cdb indicated=%u, IO sent=%d bytes\n",
4746 my_name, __func__, a_num * lb_size, ret);
4749 for (j = 1, off = lb_size; j < vnum; ++j, off += lb_size)
4750 memcpy(arr + off, arr, lb_size);
4753 if (!comp_write_worker(sip, lba, vnum, arr, true)) {
4754 mk_sense_buffer(scp, MISCOMPARE, MISCOMPARE_VERIFY_ASC, 0);
4755 ret = check_condition_result;
4759 sdeb_read_unlock(sip);
4764 #define RZONES_DESC_HD 64
4766 /* Report zones depending on start LBA and reporting options */
4767 static int resp_report_zones(struct scsi_cmnd *scp,
4768 struct sdebug_dev_info *devip)
4770 unsigned int rep_max_zones, nrz = 0;
4772 u32 alloc_len, rep_opts, rep_len;
4775 u8 *arr = NULL, *desc;
4776 u8 *cmd = scp->cmnd;
4777 struct sdeb_zone_state *zsp = NULL;
4778 struct sdeb_store_info *sip = devip2sip(devip, false);
4780 if (!sdebug_dev_is_zoned(devip)) {
4781 mk_sense_invalid_opcode(scp);
4782 return check_condition_result;
4784 zs_lba = get_unaligned_be64(cmd + 2);
4785 alloc_len = get_unaligned_be32(cmd + 10);
4787 return 0; /* not an error */
4788 rep_opts = cmd[14] & 0x3f;
4789 partial = cmd[14] & 0x80;
4791 if (zs_lba >= sdebug_capacity) {
4792 mk_sense_buffer(scp, ILLEGAL_REQUEST, LBA_OUT_OF_RANGE, 0);
4793 return check_condition_result;
4796 rep_max_zones = (alloc_len - 64) >> ilog2(RZONES_DESC_HD);
4798 arr = kzalloc(alloc_len, GFP_ATOMIC | __GFP_NOWARN);
4800 mk_sense_buffer(scp, ILLEGAL_REQUEST, INSUFF_RES_ASC,
4802 return check_condition_result;
4805 sdeb_read_lock(sip);
4808 for (lba = zs_lba; lba < sdebug_capacity;
4809 lba = zsp->z_start + zsp->z_size) {
4810 if (WARN_ONCE(zbc_zone(devip, lba) == zsp, "lba = %llu\n", lba))
4812 zsp = zbc_zone(devip, lba);
4819 if (zsp->z_cond != ZC1_EMPTY)
4823 /* Implicit open zones */
4824 if (zsp->z_cond != ZC2_IMPLICIT_OPEN)
4828 /* Explicit open zones */
4829 if (zsp->z_cond != ZC3_EXPLICIT_OPEN)
4834 if (zsp->z_cond != ZC4_CLOSED)
4839 if (zsp->z_cond != ZC5_FULL)
4846 * Read-only, offline, reset WP recommended are
4847 * not emulated: no zones to report;
4851 /* non-seq-resource set */
4852 if (!zsp->z_non_seq_resource)
4856 /* All zones except gap zones. */
4857 if (zbc_zone_is_gap(zsp))
4861 /* Not write pointer (conventional) zones */
4862 if (zbc_zone_is_seq(zsp))
4866 mk_sense_buffer(scp, ILLEGAL_REQUEST,
4867 INVALID_FIELD_IN_CDB, 0);
4868 ret = check_condition_result;
4872 if (nrz < rep_max_zones) {
4873 /* Fill zone descriptor */
4874 desc[0] = zsp->z_type;
4875 desc[1] = zsp->z_cond << 4;
4876 if (zsp->z_non_seq_resource)
4878 put_unaligned_be64((u64)zsp->z_size, desc + 8);
4879 put_unaligned_be64((u64)zsp->z_start, desc + 16);
4880 put_unaligned_be64((u64)zsp->z_wp, desc + 24);
4884 if (partial && nrz >= rep_max_zones)
4891 /* Zone list length. */
4892 put_unaligned_be32(nrz * RZONES_DESC_HD, arr + 0);
4894 put_unaligned_be64(sdebug_capacity - 1, arr + 8);
4895 /* Zone starting LBA granularity. */
4896 if (devip->zcap < devip->zsize)
4897 put_unaligned_be64(devip->zsize, arr + 16);
4899 rep_len = (unsigned long)desc - (unsigned long)arr;
4900 ret = fill_from_dev_buffer(scp, arr, min_t(u32, alloc_len, rep_len));
4903 sdeb_read_unlock(sip);
4908 /* Logic transplanted from tcmu-runner, file_zbc.c */
4909 static void zbc_open_all(struct sdebug_dev_info *devip)
4911 struct sdeb_zone_state *zsp = &devip->zstate[0];
4914 for (i = 0; i < devip->nr_zones; i++, zsp++) {
4915 if (zsp->z_cond == ZC4_CLOSED)
4916 zbc_open_zone(devip, &devip->zstate[i], true);
4920 static int resp_open_zone(struct scsi_cmnd *scp, struct sdebug_dev_info *devip)
4924 enum sdebug_z_cond zc;
4925 u8 *cmd = scp->cmnd;
4926 struct sdeb_zone_state *zsp;
4927 bool all = cmd[14] & 0x01;
4928 struct sdeb_store_info *sip = devip2sip(devip, false);
4930 if (!sdebug_dev_is_zoned(devip)) {
4931 mk_sense_invalid_opcode(scp);
4932 return check_condition_result;
4935 sdeb_write_lock(sip);
4938 /* Check if all closed zones can be open */
4939 if (devip->max_open &&
4940 devip->nr_exp_open + devip->nr_closed > devip->max_open) {
4941 mk_sense_buffer(scp, DATA_PROTECT, INSUFF_RES_ASC,
4943 res = check_condition_result;
4946 /* Open all closed zones */
4947 zbc_open_all(devip);
4951 /* Open the specified zone */
4952 z_id = get_unaligned_be64(cmd + 2);
4953 if (z_id >= sdebug_capacity) {
4954 mk_sense_buffer(scp, ILLEGAL_REQUEST, LBA_OUT_OF_RANGE, 0);
4955 res = check_condition_result;
4959 zsp = zbc_zone(devip, z_id);
4960 if (z_id != zsp->z_start) {
4961 mk_sense_buffer(scp, ILLEGAL_REQUEST, INVALID_FIELD_IN_CDB, 0);
4962 res = check_condition_result;
4965 if (zbc_zone_is_conv(zsp)) {
4966 mk_sense_buffer(scp, ILLEGAL_REQUEST, INVALID_FIELD_IN_CDB, 0);
4967 res = check_condition_result;
4972 if (zc == ZC3_EXPLICIT_OPEN || zc == ZC5_FULL)
4975 if (devip->max_open && devip->nr_exp_open >= devip->max_open) {
4976 mk_sense_buffer(scp, DATA_PROTECT, INSUFF_RES_ASC,
4978 res = check_condition_result;
4982 zbc_open_zone(devip, zsp, true);
4984 sdeb_write_unlock(sip);
4988 static void zbc_close_all(struct sdebug_dev_info *devip)
4992 for (i = 0; i < devip->nr_zones; i++)
4993 zbc_close_zone(devip, &devip->zstate[i]);
4996 static int resp_close_zone(struct scsi_cmnd *scp,
4997 struct sdebug_dev_info *devip)
5001 u8 *cmd = scp->cmnd;
5002 struct sdeb_zone_state *zsp;
5003 bool all = cmd[14] & 0x01;
5004 struct sdeb_store_info *sip = devip2sip(devip, false);
5006 if (!sdebug_dev_is_zoned(devip)) {
5007 mk_sense_invalid_opcode(scp);
5008 return check_condition_result;
5011 sdeb_write_lock(sip);
5014 zbc_close_all(devip);
5018 /* Close specified zone */
5019 z_id = get_unaligned_be64(cmd + 2);
5020 if (z_id >= sdebug_capacity) {
5021 mk_sense_buffer(scp, ILLEGAL_REQUEST, LBA_OUT_OF_RANGE, 0);
5022 res = check_condition_result;
5026 zsp = zbc_zone(devip, z_id);
5027 if (z_id != zsp->z_start) {
5028 mk_sense_buffer(scp, ILLEGAL_REQUEST, INVALID_FIELD_IN_CDB, 0);
5029 res = check_condition_result;
5032 if (zbc_zone_is_conv(zsp)) {
5033 mk_sense_buffer(scp, ILLEGAL_REQUEST, INVALID_FIELD_IN_CDB, 0);
5034 res = check_condition_result;
5038 zbc_close_zone(devip, zsp);
5040 sdeb_write_unlock(sip);
5044 static void zbc_finish_zone(struct sdebug_dev_info *devip,
5045 struct sdeb_zone_state *zsp, bool empty)
5047 enum sdebug_z_cond zc = zsp->z_cond;
5049 if (zc == ZC4_CLOSED || zc == ZC2_IMPLICIT_OPEN ||
5050 zc == ZC3_EXPLICIT_OPEN || (empty && zc == ZC1_EMPTY)) {
5051 if (zc == ZC2_IMPLICIT_OPEN || zc == ZC3_EXPLICIT_OPEN)
5052 zbc_close_zone(devip, zsp);
5053 if (zsp->z_cond == ZC4_CLOSED)
5055 zsp->z_wp = zsp->z_start + zsp->z_size;
5056 zsp->z_cond = ZC5_FULL;
5060 static void zbc_finish_all(struct sdebug_dev_info *devip)
5064 for (i = 0; i < devip->nr_zones; i++)
5065 zbc_finish_zone(devip, &devip->zstate[i], false);
5068 static int resp_finish_zone(struct scsi_cmnd *scp,
5069 struct sdebug_dev_info *devip)
5071 struct sdeb_zone_state *zsp;
5074 u8 *cmd = scp->cmnd;
5075 bool all = cmd[14] & 0x01;
5076 struct sdeb_store_info *sip = devip2sip(devip, false);
5078 if (!sdebug_dev_is_zoned(devip)) {
5079 mk_sense_invalid_opcode(scp);
5080 return check_condition_result;
5083 sdeb_write_lock(sip);
5086 zbc_finish_all(devip);
5090 /* Finish the specified zone */
5091 z_id = get_unaligned_be64(cmd + 2);
5092 if (z_id >= sdebug_capacity) {
5093 mk_sense_buffer(scp, ILLEGAL_REQUEST, LBA_OUT_OF_RANGE, 0);
5094 res = check_condition_result;
5098 zsp = zbc_zone(devip, z_id);
5099 if (z_id != zsp->z_start) {
5100 mk_sense_buffer(scp, ILLEGAL_REQUEST, INVALID_FIELD_IN_CDB, 0);
5101 res = check_condition_result;
5104 if (zbc_zone_is_conv(zsp)) {
5105 mk_sense_buffer(scp, ILLEGAL_REQUEST, INVALID_FIELD_IN_CDB, 0);
5106 res = check_condition_result;
5110 zbc_finish_zone(devip, zsp, true);
5112 sdeb_write_unlock(sip);
5116 static void zbc_rwp_zone(struct sdebug_dev_info *devip,
5117 struct sdeb_zone_state *zsp)
5119 enum sdebug_z_cond zc;
5120 struct sdeb_store_info *sip = devip2sip(devip, false);
5122 if (!zbc_zone_is_seq(zsp))
5126 if (zc == ZC2_IMPLICIT_OPEN || zc == ZC3_EXPLICIT_OPEN)
5127 zbc_close_zone(devip, zsp);
5129 if (zsp->z_cond == ZC4_CLOSED)
5132 if (zsp->z_wp > zsp->z_start)
5133 memset(sip->storep + zsp->z_start * sdebug_sector_size, 0,
5134 (zsp->z_wp - zsp->z_start) * sdebug_sector_size);
5136 zsp->z_non_seq_resource = false;
5137 zsp->z_wp = zsp->z_start;
5138 zsp->z_cond = ZC1_EMPTY;
5141 static void zbc_rwp_all(struct sdebug_dev_info *devip)
5145 for (i = 0; i < devip->nr_zones; i++)
5146 zbc_rwp_zone(devip, &devip->zstate[i]);
5149 static int resp_rwp_zone(struct scsi_cmnd *scp, struct sdebug_dev_info *devip)
5151 struct sdeb_zone_state *zsp;
5154 u8 *cmd = scp->cmnd;
5155 bool all = cmd[14] & 0x01;
5156 struct sdeb_store_info *sip = devip2sip(devip, false);
5158 if (!sdebug_dev_is_zoned(devip)) {
5159 mk_sense_invalid_opcode(scp);
5160 return check_condition_result;
5163 sdeb_write_lock(sip);
5170 z_id = get_unaligned_be64(cmd + 2);
5171 if (z_id >= sdebug_capacity) {
5172 mk_sense_buffer(scp, ILLEGAL_REQUEST, LBA_OUT_OF_RANGE, 0);
5173 res = check_condition_result;
5177 zsp = zbc_zone(devip, z_id);
5178 if (z_id != zsp->z_start) {
5179 mk_sense_buffer(scp, ILLEGAL_REQUEST, INVALID_FIELD_IN_CDB, 0);
5180 res = check_condition_result;
5183 if (zbc_zone_is_conv(zsp)) {
5184 mk_sense_buffer(scp, ILLEGAL_REQUEST, INVALID_FIELD_IN_CDB, 0);
5185 res = check_condition_result;
5189 zbc_rwp_zone(devip, zsp);
5191 sdeb_write_unlock(sip);
5195 static u32 get_tag(struct scsi_cmnd *cmnd)
5197 return blk_mq_unique_tag(scsi_cmd_to_rq(cmnd));
5200 /* Queued (deferred) command completions converge here. */
5201 static void sdebug_q_cmd_complete(struct sdebug_defer *sd_dp)
5203 struct sdebug_queued_cmd *sqcp = container_of(sd_dp, struct sdebug_queued_cmd, sd_dp);
5204 unsigned long flags;
5205 struct scsi_cmnd *scp = sqcp->scmd;
5206 struct sdebug_scsi_cmd *sdsc;
5209 if (sdebug_statistics) {
5210 atomic_inc(&sdebug_completions);
5211 if (raw_smp_processor_id() != sd_dp->issuing_cpu)
5212 atomic_inc(&sdebug_miss_cpus);
5216 pr_err("scmd=NULL\n");
5220 sdsc = scsi_cmd_priv(scp);
5221 spin_lock_irqsave(&sdsc->lock, flags);
5222 aborted = sd_dp->aborted;
5223 if (unlikely(aborted))
5224 sd_dp->aborted = false;
5225 ASSIGN_QUEUED_CMD(scp, NULL);
5227 spin_unlock_irqrestore(&sdsc->lock, flags);
5230 pr_info("bypassing scsi_done() due to aborted cmd, kicking-off EH\n");
5231 blk_abort_request(scsi_cmd_to_rq(scp));
5235 scsi_done(scp); /* callback to mid level */
5237 sdebug_free_queued_cmd(sqcp);
5240 /* When high resolution timer goes off this function is called. */
5241 static enum hrtimer_restart sdebug_q_cmd_hrt_complete(struct hrtimer *timer)
5243 struct sdebug_defer *sd_dp = container_of(timer, struct sdebug_defer,
5245 sdebug_q_cmd_complete(sd_dp);
5246 return HRTIMER_NORESTART;
5249 /* When work queue schedules work, it calls this function. */
5250 static void sdebug_q_cmd_wq_complete(struct work_struct *work)
5252 struct sdebug_defer *sd_dp = container_of(work, struct sdebug_defer,
5254 sdebug_q_cmd_complete(sd_dp);
5257 static bool got_shared_uuid;
5258 static uuid_t shared_uuid;
5260 static int sdebug_device_create_zones(struct sdebug_dev_info *devip)
5262 struct sdeb_zone_state *zsp;
5263 sector_t capacity = get_sdebug_capacity();
5264 sector_t conv_capacity;
5265 sector_t zstart = 0;
5269 * Set the zone size: if sdeb_zbc_zone_size_mb is not set, figure out
5270 * a zone size allowing for at least 4 zones on the device. Otherwise,
5271 * use the specified zone size checking that at least 2 zones can be
5272 * created for the device.
5274 if (!sdeb_zbc_zone_size_mb) {
5275 devip->zsize = (DEF_ZBC_ZONE_SIZE_MB * SZ_1M)
5276 >> ilog2(sdebug_sector_size);
5277 while (capacity < devip->zsize << 2 && devip->zsize >= 2)
5279 if (devip->zsize < 2) {
5280 pr_err("Device capacity too small\n");
5284 if (!is_power_of_2(sdeb_zbc_zone_size_mb)) {
5285 pr_err("Zone size is not a power of 2\n");
5288 devip->zsize = (sdeb_zbc_zone_size_mb * SZ_1M)
5289 >> ilog2(sdebug_sector_size);
5290 if (devip->zsize >= capacity) {
5291 pr_err("Zone size too large for device capacity\n");
5296 devip->zsize_shift = ilog2(devip->zsize);
5297 devip->nr_zones = (capacity + devip->zsize - 1) >> devip->zsize_shift;
5299 if (sdeb_zbc_zone_cap_mb == 0) {
5300 devip->zcap = devip->zsize;
5302 devip->zcap = (sdeb_zbc_zone_cap_mb * SZ_1M) >>
5303 ilog2(sdebug_sector_size);
5304 if (devip->zcap > devip->zsize) {
5305 pr_err("Zone capacity too large\n");
5310 conv_capacity = (sector_t)sdeb_zbc_nr_conv << devip->zsize_shift;
5311 if (conv_capacity >= capacity) {
5312 pr_err("Number of conventional zones too large\n");
5315 devip->nr_conv_zones = sdeb_zbc_nr_conv;
5316 devip->nr_seq_zones = ALIGN(capacity - conv_capacity, devip->zsize) >>
5318 devip->nr_zones = devip->nr_conv_zones + devip->nr_seq_zones;
5320 /* Add gap zones if zone capacity is smaller than the zone size */
5321 if (devip->zcap < devip->zsize)
5322 devip->nr_zones += devip->nr_seq_zones;
5325 /* zbc_max_open_zones can be 0, meaning "not reported" */
5326 if (sdeb_zbc_max_open >= devip->nr_zones - 1)
5327 devip->max_open = (devip->nr_zones - 1) / 2;
5329 devip->max_open = sdeb_zbc_max_open;
5332 devip->zstate = kcalloc(devip->nr_zones,
5333 sizeof(struct sdeb_zone_state), GFP_KERNEL);
5337 for (i = 0; i < devip->nr_zones; i++) {
5338 zsp = &devip->zstate[i];
5340 zsp->z_start = zstart;
5342 if (i < devip->nr_conv_zones) {
5343 zsp->z_type = ZBC_ZTYPE_CNV;
5344 zsp->z_cond = ZBC_NOT_WRITE_POINTER;
5345 zsp->z_wp = (sector_t)-1;
5347 min_t(u64, devip->zsize, capacity - zstart);
5348 } else if ((zstart & (devip->zsize - 1)) == 0) {
5350 zsp->z_type = ZBC_ZTYPE_SWR;
5352 zsp->z_type = ZBC_ZTYPE_SWP;
5353 zsp->z_cond = ZC1_EMPTY;
5354 zsp->z_wp = zsp->z_start;
5356 min_t(u64, devip->zcap, capacity - zstart);
5358 zsp->z_type = ZBC_ZTYPE_GAP;
5359 zsp->z_cond = ZBC_NOT_WRITE_POINTER;
5360 zsp->z_wp = (sector_t)-1;
5361 zsp->z_size = min_t(u64, devip->zsize - devip->zcap,
5365 WARN_ON_ONCE((int)zsp->z_size <= 0);
5366 zstart += zsp->z_size;
5372 static struct sdebug_dev_info *sdebug_device_create(
5373 struct sdebug_host_info *sdbg_host, gfp_t flags)
5375 struct sdebug_dev_info *devip;
5377 devip = kzalloc(sizeof(*devip), flags);
5379 if (sdebug_uuid_ctl == 1)
5380 uuid_gen(&devip->lu_name);
5381 else if (sdebug_uuid_ctl == 2) {
5382 if (got_shared_uuid)
5383 devip->lu_name = shared_uuid;
5385 uuid_gen(&shared_uuid);
5386 got_shared_uuid = true;
5387 devip->lu_name = shared_uuid;
5390 devip->sdbg_host = sdbg_host;
5391 if (sdeb_zbc_in_use) {
5392 devip->zoned = sdeb_zbc_model == BLK_ZONED_HM;
5393 if (sdebug_device_create_zones(devip)) {
5398 devip->zoned = false;
5400 devip->create_ts = ktime_get_boottime();
5401 atomic_set(&devip->stopped, (sdeb_tur_ms_to_ready > 0 ? 2 : 0));
5402 spin_lock_init(&devip->list_lock);
5403 INIT_LIST_HEAD(&devip->inject_err_list);
5404 list_add_tail(&devip->dev_list, &sdbg_host->dev_info_list);
5409 static struct sdebug_dev_info *find_build_dev_info(struct scsi_device *sdev)
5411 struct sdebug_host_info *sdbg_host;
5412 struct sdebug_dev_info *open_devip = NULL;
5413 struct sdebug_dev_info *devip;
5415 sdbg_host = shost_to_sdebug_host(sdev->host);
5417 list_for_each_entry(devip, &sdbg_host->dev_info_list, dev_list) {
5418 if ((devip->used) && (devip->channel == sdev->channel) &&
5419 (devip->target == sdev->id) &&
5420 (devip->lun == sdev->lun))
5423 if ((!devip->used) && (!open_devip))
5427 if (!open_devip) { /* try and make a new one */
5428 open_devip = sdebug_device_create(sdbg_host, GFP_ATOMIC);
5430 pr_err("out of memory at line %d\n", __LINE__);
5435 open_devip->channel = sdev->channel;
5436 open_devip->target = sdev->id;
5437 open_devip->lun = sdev->lun;
5438 open_devip->sdbg_host = sdbg_host;
5439 set_bit(SDEBUG_UA_POOCCUR, open_devip->uas_bm);
5440 open_devip->used = true;
5444 static int scsi_debug_slave_alloc(struct scsi_device *sdp)
5447 pr_info("slave_alloc <%u %u %u %llu>\n",
5448 sdp->host->host_no, sdp->channel, sdp->id, sdp->lun);
5453 static int scsi_debug_slave_configure(struct scsi_device *sdp)
5455 struct sdebug_dev_info *devip =
5456 (struct sdebug_dev_info *)sdp->hostdata;
5457 struct dentry *dentry;
5460 pr_info("slave_configure <%u %u %u %llu>\n",
5461 sdp->host->host_no, sdp->channel, sdp->id, sdp->lun);
5462 if (sdp->host->max_cmd_len != SDEBUG_MAX_CMD_LEN)
5463 sdp->host->max_cmd_len = SDEBUG_MAX_CMD_LEN;
5464 if (devip == NULL) {
5465 devip = find_build_dev_info(sdp);
5467 return 1; /* no resources, will be marked offline */
5469 sdp->hostdata = devip;
5471 sdp->no_uld_attach = 1;
5472 config_cdb_len(sdp);
5474 if (sdebug_allow_restart)
5475 sdp->allow_restart = 1;
5477 devip->debugfs_entry = debugfs_create_dir(dev_name(&sdp->sdev_dev),
5478 sdebug_debugfs_root);
5479 if (IS_ERR_OR_NULL(devip->debugfs_entry))
5480 pr_info("%s: failed to create debugfs directory for device %s\n",
5481 __func__, dev_name(&sdp->sdev_gendev));
5483 dentry = debugfs_create_file("error", 0600, devip->debugfs_entry, sdp,
5484 &sdebug_error_fops);
5485 if (IS_ERR_OR_NULL(dentry))
5486 pr_info("%s: failed to create error file for device %s\n",
5487 __func__, dev_name(&sdp->sdev_gendev));
5492 static void scsi_debug_slave_destroy(struct scsi_device *sdp)
5494 struct sdebug_dev_info *devip =
5495 (struct sdebug_dev_info *)sdp->hostdata;
5496 struct sdebug_err_inject *err;
5499 pr_info("slave_destroy <%u %u %u %llu>\n",
5500 sdp->host->host_no, sdp->channel, sdp->id, sdp->lun);
5505 spin_lock(&devip->list_lock);
5506 list_for_each_entry_rcu(err, &devip->inject_err_list, list) {
5507 list_del_rcu(&err->list);
5508 call_rcu(&err->rcu, sdebug_err_free);
5510 spin_unlock(&devip->list_lock);
5512 debugfs_remove(devip->debugfs_entry);
5514 /* make this slot available for re-use */
5515 devip->used = false;
5516 sdp->hostdata = NULL;
5519 /* Returns true if we require the queued memory to be freed by the caller. */
5520 static bool stop_qc_helper(struct sdebug_defer *sd_dp,
5521 enum sdeb_defer_type defer_t)
5523 if (defer_t == SDEB_DEFER_HRT) {
5524 int res = hrtimer_try_to_cancel(&sd_dp->hrt);
5527 case 0: /* Not active, it must have already run */
5528 case -1: /* -1 It's executing the CB */
5530 case 1: /* Was active, we've now cancelled */
5534 } else if (defer_t == SDEB_DEFER_WQ) {
5535 /* Cancel if pending */
5536 if (cancel_work_sync(&sd_dp->ew.work))
5538 /* Was not pending, so it must have run */
5540 } else if (defer_t == SDEB_DEFER_POLL) {
5548 static bool scsi_debug_stop_cmnd(struct scsi_cmnd *cmnd)
5550 enum sdeb_defer_type l_defer_t;
5551 struct sdebug_defer *sd_dp;
5552 struct sdebug_scsi_cmd *sdsc = scsi_cmd_priv(cmnd);
5553 struct sdebug_queued_cmd *sqcp = TO_QUEUED_CMD(cmnd);
5555 lockdep_assert_held(&sdsc->lock);
5559 sd_dp = &sqcp->sd_dp;
5560 l_defer_t = READ_ONCE(sd_dp->defer_t);
5561 ASSIGN_QUEUED_CMD(cmnd, NULL);
5563 if (stop_qc_helper(sd_dp, l_defer_t))
5564 sdebug_free_queued_cmd(sqcp);
5570 * Called from scsi_debug_abort() only, which is for timed-out cmd.
5572 static bool scsi_debug_abort_cmnd(struct scsi_cmnd *cmnd)
5574 struct sdebug_scsi_cmd *sdsc = scsi_cmd_priv(cmnd);
5575 unsigned long flags;
5578 spin_lock_irqsave(&sdsc->lock, flags);
5579 res = scsi_debug_stop_cmnd(cmnd);
5580 spin_unlock_irqrestore(&sdsc->lock, flags);
5586 * All we can do is set the cmnd as internally aborted and wait for it to
5587 * finish. We cannot call scsi_done() as normal completion path may do that.
5589 static bool sdebug_stop_cmnd(struct request *rq, void *data)
5591 scsi_debug_abort_cmnd(blk_mq_rq_to_pdu(rq));
5596 /* Deletes (stops) timers or work queues of all queued commands */
5597 static void stop_all_queued(void)
5599 struct sdebug_host_info *sdhp;
5601 mutex_lock(&sdebug_host_list_mutex);
5602 list_for_each_entry(sdhp, &sdebug_host_list, host_list) {
5603 struct Scsi_Host *shost = sdhp->shost;
5605 blk_mq_tagset_busy_iter(&shost->tag_set, sdebug_stop_cmnd, NULL);
5607 mutex_unlock(&sdebug_host_list_mutex);
5610 static int sdebug_fail_abort(struct scsi_cmnd *cmnd)
5612 struct scsi_device *sdp = cmnd->device;
5613 struct sdebug_dev_info *devip = (struct sdebug_dev_info *)sdp->hostdata;
5614 struct sdebug_err_inject *err;
5615 unsigned char *cmd = cmnd->cmnd;
5622 list_for_each_entry_rcu(err, &devip->inject_err_list, list) {
5623 if (err->type == ERR_ABORT_CMD_FAILED &&
5624 (err->cmd == cmd[0] || err->cmd == 0xff)) {
5638 static int scsi_debug_abort(struct scsi_cmnd *SCpnt)
5640 bool ok = scsi_debug_abort_cmnd(SCpnt);
5641 u8 *cmd = SCpnt->cmnd;
5646 if (SDEBUG_OPT_ALL_NOISE & sdebug_opts)
5647 sdev_printk(KERN_INFO, SCpnt->device,
5648 "%s: command%s found\n", __func__,
5651 if (sdebug_fail_abort(SCpnt)) {
5652 scmd_printk(KERN_INFO, SCpnt, "fail abort command 0x%x\n",
5660 static bool scsi_debug_stop_all_queued_iter(struct request *rq, void *data)
5662 struct scsi_device *sdp = data;
5663 struct scsi_cmnd *scmd = blk_mq_rq_to_pdu(rq);
5665 if (scmd->device == sdp)
5666 scsi_debug_abort_cmnd(scmd);
5671 /* Deletes (stops) timers or work queues of all queued commands per sdev */
5672 static void scsi_debug_stop_all_queued(struct scsi_device *sdp)
5674 struct Scsi_Host *shost = sdp->host;
5676 blk_mq_tagset_busy_iter(&shost->tag_set,
5677 scsi_debug_stop_all_queued_iter, sdp);
5680 static int sdebug_fail_lun_reset(struct scsi_cmnd *cmnd)
5682 struct scsi_device *sdp = cmnd->device;
5683 struct sdebug_dev_info *devip = (struct sdebug_dev_info *)sdp->hostdata;
5684 struct sdebug_err_inject *err;
5685 unsigned char *cmd = cmnd->cmnd;
5692 list_for_each_entry_rcu(err, &devip->inject_err_list, list) {
5693 if (err->type == ERR_LUN_RESET_FAILED &&
5694 (err->cmd == cmd[0] || err->cmd == 0xff)) {
5708 static int scsi_debug_device_reset(struct scsi_cmnd *SCpnt)
5710 struct scsi_device *sdp = SCpnt->device;
5711 struct sdebug_dev_info *devip = sdp->hostdata;
5712 u8 *cmd = SCpnt->cmnd;
5717 if (SDEBUG_OPT_ALL_NOISE & sdebug_opts)
5718 sdev_printk(KERN_INFO, sdp, "%s\n", __func__);
5720 scsi_debug_stop_all_queued(sdp);
5722 set_bit(SDEBUG_UA_POR, devip->uas_bm);
5724 if (sdebug_fail_lun_reset(SCpnt)) {
5725 scmd_printk(KERN_INFO, SCpnt, "fail lun reset 0x%x\n", opcode);
5732 static int sdebug_fail_target_reset(struct scsi_cmnd *cmnd)
5734 struct scsi_target *starget = scsi_target(cmnd->device);
5735 struct sdebug_target_info *targetip =
5736 (struct sdebug_target_info *)starget->hostdata;
5739 return targetip->reset_fail;
5744 static int scsi_debug_target_reset(struct scsi_cmnd *SCpnt)
5746 struct scsi_device *sdp = SCpnt->device;
5747 struct sdebug_host_info *sdbg_host = shost_to_sdebug_host(sdp->host);
5748 struct sdebug_dev_info *devip;
5749 u8 *cmd = SCpnt->cmnd;
5753 ++num_target_resets;
5754 if (SDEBUG_OPT_ALL_NOISE & sdebug_opts)
5755 sdev_printk(KERN_INFO, sdp, "%s\n", __func__);
5757 list_for_each_entry(devip, &sdbg_host->dev_info_list, dev_list) {
5758 if (devip->target == sdp->id) {
5759 set_bit(SDEBUG_UA_BUS_RESET, devip->uas_bm);
5764 if (SDEBUG_OPT_RESET_NOISE & sdebug_opts)
5765 sdev_printk(KERN_INFO, sdp,
5766 "%s: %d device(s) found in target\n", __func__, k);
5768 if (sdebug_fail_target_reset(SCpnt)) {
5769 scmd_printk(KERN_INFO, SCpnt, "fail target reset 0x%x\n",
5777 static int scsi_debug_bus_reset(struct scsi_cmnd *SCpnt)
5779 struct scsi_device *sdp = SCpnt->device;
5780 struct sdebug_host_info *sdbg_host = shost_to_sdebug_host(sdp->host);
5781 struct sdebug_dev_info *devip;
5786 if (SDEBUG_OPT_ALL_NOISE & sdebug_opts)
5787 sdev_printk(KERN_INFO, sdp, "%s\n", __func__);
5789 list_for_each_entry(devip, &sdbg_host->dev_info_list, dev_list) {
5790 set_bit(SDEBUG_UA_BUS_RESET, devip->uas_bm);
5794 if (SDEBUG_OPT_RESET_NOISE & sdebug_opts)
5795 sdev_printk(KERN_INFO, sdp,
5796 "%s: %d device(s) found in host\n", __func__, k);
5800 static int scsi_debug_host_reset(struct scsi_cmnd *SCpnt)
5802 struct sdebug_host_info *sdbg_host;
5803 struct sdebug_dev_info *devip;
5807 if (SDEBUG_OPT_ALL_NOISE & sdebug_opts)
5808 sdev_printk(KERN_INFO, SCpnt->device, "%s\n", __func__);
5809 mutex_lock(&sdebug_host_list_mutex);
5810 list_for_each_entry(sdbg_host, &sdebug_host_list, host_list) {
5811 list_for_each_entry(devip, &sdbg_host->dev_info_list,
5813 set_bit(SDEBUG_UA_BUS_RESET, devip->uas_bm);
5817 mutex_unlock(&sdebug_host_list_mutex);
5819 if (SDEBUG_OPT_RESET_NOISE & sdebug_opts)
5820 sdev_printk(KERN_INFO, SCpnt->device,
5821 "%s: %d device(s) found\n", __func__, k);
5825 static void sdebug_build_parts(unsigned char *ramp, unsigned long store_size)
5827 struct msdos_partition *pp;
5828 int starts[SDEBUG_MAX_PARTS + 2], max_part_secs;
5829 int sectors_per_part, num_sectors, k;
5830 int heads_by_sects, start_sec, end_sec;
5832 /* assume partition table already zeroed */
5833 if ((sdebug_num_parts < 1) || (store_size < 1048576))
5835 if (sdebug_num_parts > SDEBUG_MAX_PARTS) {
5836 sdebug_num_parts = SDEBUG_MAX_PARTS;
5837 pr_warn("reducing partitions to %d\n", SDEBUG_MAX_PARTS);
5839 num_sectors = (int)get_sdebug_capacity();
5840 sectors_per_part = (num_sectors - sdebug_sectors_per)
5842 heads_by_sects = sdebug_heads * sdebug_sectors_per;
5843 starts[0] = sdebug_sectors_per;
5844 max_part_secs = sectors_per_part;
5845 for (k = 1; k < sdebug_num_parts; ++k) {
5846 starts[k] = ((k * sectors_per_part) / heads_by_sects)
5848 if (starts[k] - starts[k - 1] < max_part_secs)
5849 max_part_secs = starts[k] - starts[k - 1];
5851 starts[sdebug_num_parts] = num_sectors;
5852 starts[sdebug_num_parts + 1] = 0;
5854 ramp[510] = 0x55; /* magic partition markings */
5856 pp = (struct msdos_partition *)(ramp + 0x1be);
5857 for (k = 0; starts[k + 1]; ++k, ++pp) {
5858 start_sec = starts[k];
5859 end_sec = starts[k] + max_part_secs - 1;
5862 pp->cyl = start_sec / heads_by_sects;
5863 pp->head = (start_sec - (pp->cyl * heads_by_sects))
5864 / sdebug_sectors_per;
5865 pp->sector = (start_sec % sdebug_sectors_per) + 1;
5867 pp->end_cyl = end_sec / heads_by_sects;
5868 pp->end_head = (end_sec - (pp->end_cyl * heads_by_sects))
5869 / sdebug_sectors_per;
5870 pp->end_sector = (end_sec % sdebug_sectors_per) + 1;
5872 pp->start_sect = cpu_to_le32(start_sec);
5873 pp->nr_sects = cpu_to_le32(end_sec - start_sec + 1);
5874 pp->sys_ind = 0x83; /* plain Linux partition */
5878 static void block_unblock_all_queues(bool block)
5880 struct sdebug_host_info *sdhp;
5882 lockdep_assert_held(&sdebug_host_list_mutex);
5884 list_for_each_entry(sdhp, &sdebug_host_list, host_list) {
5885 struct Scsi_Host *shost = sdhp->shost;
5888 scsi_block_requests(shost);
5890 scsi_unblock_requests(shost);
5894 /* Adjust (by rounding down) the sdebug_cmnd_count so abs(every_nth)-1
5895 * commands will be processed normally before triggers occur.
5897 static void tweak_cmnd_count(void)
5901 modulo = abs(sdebug_every_nth);
5905 mutex_lock(&sdebug_host_list_mutex);
5906 block_unblock_all_queues(true);
5907 count = atomic_read(&sdebug_cmnd_count);
5908 atomic_set(&sdebug_cmnd_count, (count / modulo) * modulo);
5909 block_unblock_all_queues(false);
5910 mutex_unlock(&sdebug_host_list_mutex);
5913 static void clear_queue_stats(void)
5915 atomic_set(&sdebug_cmnd_count, 0);
5916 atomic_set(&sdebug_completions, 0);
5917 atomic_set(&sdebug_miss_cpus, 0);
5918 atomic_set(&sdebug_a_tsf, 0);
5921 static bool inject_on_this_cmd(void)
5923 if (sdebug_every_nth == 0)
5925 return (atomic_read(&sdebug_cmnd_count) % abs(sdebug_every_nth)) == 0;
5928 #define INCLUSIVE_TIMING_MAX_NS 1000000 /* 1 millisecond */
5931 void sdebug_free_queued_cmd(struct sdebug_queued_cmd *sqcp)
5934 kmem_cache_free(queued_cmd_cache, sqcp);
5937 static struct sdebug_queued_cmd *sdebug_alloc_queued_cmd(struct scsi_cmnd *scmd)
5939 struct sdebug_queued_cmd *sqcp;
5940 struct sdebug_defer *sd_dp;
5942 sqcp = kmem_cache_zalloc(queued_cmd_cache, GFP_ATOMIC);
5946 sd_dp = &sqcp->sd_dp;
5948 hrtimer_init(&sd_dp->hrt, CLOCK_MONOTONIC, HRTIMER_MODE_REL_PINNED);
5949 sd_dp->hrt.function = sdebug_q_cmd_hrt_complete;
5950 INIT_WORK(&sd_dp->ew.work, sdebug_q_cmd_wq_complete);
5957 /* Complete the processing of the thread that queued a SCSI command to this
5958 * driver. It either completes the command by calling cmnd_done() or
5959 * schedules a hr timer or work queue then returns 0. Returns
5960 * SCSI_MLQUEUE_HOST_BUSY if temporarily out of resources.
5962 static int schedule_resp(struct scsi_cmnd *cmnd, struct sdebug_dev_info *devip,
5964 int (*pfp)(struct scsi_cmnd *,
5965 struct sdebug_dev_info *),
5966 int delta_jiff, int ndelay)
5968 struct request *rq = scsi_cmd_to_rq(cmnd);
5969 bool polled = rq->cmd_flags & REQ_POLLED;
5970 struct sdebug_scsi_cmd *sdsc = scsi_cmd_priv(cmnd);
5971 unsigned long flags;
5972 u64 ns_from_boot = 0;
5973 struct sdebug_queued_cmd *sqcp;
5974 struct scsi_device *sdp;
5975 struct sdebug_defer *sd_dp;
5977 if (unlikely(devip == NULL)) {
5978 if (scsi_result == 0)
5979 scsi_result = DID_NO_CONNECT << 16;
5980 goto respond_in_thread;
5984 if (delta_jiff == 0)
5985 goto respond_in_thread;
5988 if (unlikely(sdebug_every_nth && (SDEBUG_OPT_RARE_TSF & sdebug_opts) &&
5989 (scsi_result == 0))) {
5990 int num_in_q = scsi_device_busy(sdp);
5991 int qdepth = cmnd->device->queue_depth;
5993 if ((num_in_q == qdepth) &&
5994 (atomic_inc_return(&sdebug_a_tsf) >=
5995 abs(sdebug_every_nth))) {
5996 atomic_set(&sdebug_a_tsf, 0);
5997 scsi_result = device_qfull_result;
5999 if (unlikely(SDEBUG_OPT_Q_NOISE & sdebug_opts))
6000 sdev_printk(KERN_INFO, sdp, "%s: num_in_q=%d +1, <inject> status: TASK SET FULL\n",
6001 __func__, num_in_q);
6005 sqcp = sdebug_alloc_queued_cmd(cmnd);
6007 pr_err("%s no alloc\n", __func__);
6008 return SCSI_MLQUEUE_HOST_BUSY;
6010 sd_dp = &sqcp->sd_dp;
6013 ns_from_boot = ktime_get_boottime_ns();
6015 /* one of the resp_*() response functions is called here */
6016 cmnd->result = pfp ? pfp(cmnd, devip) : 0;
6017 if (cmnd->result & SDEG_RES_IMMED_MASK) {
6018 cmnd->result &= ~SDEG_RES_IMMED_MASK;
6019 delta_jiff = ndelay = 0;
6021 if (cmnd->result == 0 && scsi_result != 0)
6022 cmnd->result = scsi_result;
6023 if (cmnd->result == 0 && unlikely(sdebug_opts & SDEBUG_OPT_TRANSPORT_ERR)) {
6024 if (atomic_read(&sdeb_inject_pending)) {
6025 mk_sense_buffer(cmnd, ABORTED_COMMAND, TRANSPORT_PROBLEM, ACK_NAK_TO);
6026 atomic_set(&sdeb_inject_pending, 0);
6027 cmnd->result = check_condition_result;
6031 if (unlikely(sdebug_verbose && cmnd->result))
6032 sdev_printk(KERN_INFO, sdp, "%s: non-zero result=0x%x\n",
6033 __func__, cmnd->result);
6035 if (delta_jiff > 0 || ndelay > 0) {
6038 if (delta_jiff > 0) {
6039 u64 ns = jiffies_to_nsecs(delta_jiff);
6041 if (sdebug_random && ns < U32_MAX) {
6042 ns = get_random_u32_below((u32)ns);
6043 } else if (sdebug_random) {
6044 ns >>= 12; /* scale to 4 usec precision */
6045 if (ns < U32_MAX) /* over 4 hours max */
6046 ns = get_random_u32_below((u32)ns);
6049 kt = ns_to_ktime(ns);
6050 } else { /* ndelay has a 4.2 second max */
6051 kt = sdebug_random ? get_random_u32_below((u32)ndelay) :
6053 if (ndelay < INCLUSIVE_TIMING_MAX_NS) {
6054 u64 d = ktime_get_boottime_ns() - ns_from_boot;
6056 if (kt <= d) { /* elapsed duration >= kt */
6057 /* call scsi_done() from this thread */
6058 sdebug_free_queued_cmd(sqcp);
6062 /* otherwise reduce kt by elapsed time */
6066 if (sdebug_statistics)
6067 sd_dp->issuing_cpu = raw_smp_processor_id();
6069 spin_lock_irqsave(&sdsc->lock, flags);
6070 sd_dp->cmpl_ts = ktime_add(ns_to_ktime(ns_from_boot), kt);
6071 ASSIGN_QUEUED_CMD(cmnd, sqcp);
6072 WRITE_ONCE(sd_dp->defer_t, SDEB_DEFER_POLL);
6073 spin_unlock_irqrestore(&sdsc->lock, flags);
6075 /* schedule the invocation of scsi_done() for a later time */
6076 spin_lock_irqsave(&sdsc->lock, flags);
6077 ASSIGN_QUEUED_CMD(cmnd, sqcp);
6078 WRITE_ONCE(sd_dp->defer_t, SDEB_DEFER_HRT);
6079 hrtimer_start(&sd_dp->hrt, kt, HRTIMER_MODE_REL_PINNED);
6081 * The completion handler will try to grab sqcp->lock,
6082 * so there is no chance that the completion handler
6083 * will call scsi_done() until we release the lock
6084 * here (so ok to keep referencing sdsc).
6086 spin_unlock_irqrestore(&sdsc->lock, flags);
6088 } else { /* jdelay < 0, use work queue */
6089 if (unlikely((sdebug_opts & SDEBUG_OPT_CMD_ABORT) &&
6090 atomic_read(&sdeb_inject_pending))) {
6091 sd_dp->aborted = true;
6092 atomic_set(&sdeb_inject_pending, 0);
6093 sdev_printk(KERN_INFO, sdp, "abort request tag=%#x\n",
6094 blk_mq_unique_tag_to_tag(get_tag(cmnd)));
6097 if (sdebug_statistics)
6098 sd_dp->issuing_cpu = raw_smp_processor_id();
6100 spin_lock_irqsave(&sdsc->lock, flags);
6101 ASSIGN_QUEUED_CMD(cmnd, sqcp);
6102 sd_dp->cmpl_ts = ns_to_ktime(ns_from_boot);
6103 WRITE_ONCE(sd_dp->defer_t, SDEB_DEFER_POLL);
6104 spin_unlock_irqrestore(&sdsc->lock, flags);
6106 spin_lock_irqsave(&sdsc->lock, flags);
6107 ASSIGN_QUEUED_CMD(cmnd, sqcp);
6108 WRITE_ONCE(sd_dp->defer_t, SDEB_DEFER_WQ);
6109 schedule_work(&sd_dp->ew.work);
6110 spin_unlock_irqrestore(&sdsc->lock, flags);
6116 respond_in_thread: /* call back to mid-layer using invocation thread */
6117 cmnd->result = pfp != NULL ? pfp(cmnd, devip) : 0;
6118 cmnd->result &= ~SDEG_RES_IMMED_MASK;
6119 if (cmnd->result == 0 && scsi_result != 0)
6120 cmnd->result = scsi_result;
6125 /* Note: The following macros create attribute files in the
6126 /sys/module/scsi_debug/parameters directory. Unfortunately this
6127 driver is unaware of a change and cannot trigger auxiliary actions
6128 as it can when the corresponding attribute in the
6129 /sys/bus/pseudo/drivers/scsi_debug directory is changed.
6131 module_param_named(add_host, sdebug_add_host, int, S_IRUGO | S_IWUSR);
6132 module_param_named(ato, sdebug_ato, int, S_IRUGO);
6133 module_param_named(cdb_len, sdebug_cdb_len, int, 0644);
6134 module_param_named(clustering, sdebug_clustering, bool, S_IRUGO | S_IWUSR);
6135 module_param_named(delay, sdebug_jdelay, int, S_IRUGO | S_IWUSR);
6136 module_param_named(dev_size_mb, sdebug_dev_size_mb, int, S_IRUGO);
6137 module_param_named(dif, sdebug_dif, int, S_IRUGO);
6138 module_param_named(dix, sdebug_dix, int, S_IRUGO);
6139 module_param_named(dsense, sdebug_dsense, int, S_IRUGO | S_IWUSR);
6140 module_param_named(every_nth, sdebug_every_nth, int, S_IRUGO | S_IWUSR);
6141 module_param_named(fake_rw, sdebug_fake_rw, int, S_IRUGO | S_IWUSR);
6142 module_param_named(guard, sdebug_guard, uint, S_IRUGO);
6143 module_param_named(host_lock, sdebug_host_lock, bool, S_IRUGO | S_IWUSR);
6144 module_param_named(host_max_queue, sdebug_host_max_queue, int, S_IRUGO);
6145 module_param_string(inq_product, sdebug_inq_product_id,
6146 sizeof(sdebug_inq_product_id), S_IRUGO | S_IWUSR);
6147 module_param_string(inq_rev, sdebug_inq_product_rev,
6148 sizeof(sdebug_inq_product_rev), S_IRUGO | S_IWUSR);
6149 module_param_string(inq_vendor, sdebug_inq_vendor_id,
6150 sizeof(sdebug_inq_vendor_id), S_IRUGO | S_IWUSR);
6151 module_param_named(lbprz, sdebug_lbprz, int, S_IRUGO);
6152 module_param_named(lbpu, sdebug_lbpu, int, S_IRUGO);
6153 module_param_named(lbpws, sdebug_lbpws, int, S_IRUGO);
6154 module_param_named(lbpws10, sdebug_lbpws10, int, S_IRUGO);
6155 module_param_named(lowest_aligned, sdebug_lowest_aligned, int, S_IRUGO);
6156 module_param_named(lun_format, sdebug_lun_am_i, int, S_IRUGO | S_IWUSR);
6157 module_param_named(max_luns, sdebug_max_luns, int, S_IRUGO | S_IWUSR);
6158 module_param_named(max_queue, sdebug_max_queue, int, S_IRUGO | S_IWUSR);
6159 module_param_named(medium_error_count, sdebug_medium_error_count, int,
6161 module_param_named(medium_error_start, sdebug_medium_error_start, int,
6163 module_param_named(ndelay, sdebug_ndelay, int, S_IRUGO | S_IWUSR);
6164 module_param_named(no_lun_0, sdebug_no_lun_0, int, S_IRUGO | S_IWUSR);
6165 module_param_named(no_rwlock, sdebug_no_rwlock, bool, S_IRUGO | S_IWUSR);
6166 module_param_named(no_uld, sdebug_no_uld, int, S_IRUGO);
6167 module_param_named(num_parts, sdebug_num_parts, int, S_IRUGO);
6168 module_param_named(num_tgts, sdebug_num_tgts, int, S_IRUGO | S_IWUSR);
6169 module_param_named(opt_blks, sdebug_opt_blks, int, S_IRUGO);
6170 module_param_named(opt_xferlen_exp, sdebug_opt_xferlen_exp, int, S_IRUGO);
6171 module_param_named(opts, sdebug_opts, int, S_IRUGO | S_IWUSR);
6172 module_param_named(per_host_store, sdebug_per_host_store, bool,
6174 module_param_named(physblk_exp, sdebug_physblk_exp, int, S_IRUGO);
6175 module_param_named(ptype, sdebug_ptype, int, S_IRUGO | S_IWUSR);
6176 module_param_named(random, sdebug_random, bool, S_IRUGO | S_IWUSR);
6177 module_param_named(removable, sdebug_removable, bool, S_IRUGO | S_IWUSR);
6178 module_param_named(scsi_level, sdebug_scsi_level, int, S_IRUGO);
6179 module_param_named(sector_size, sdebug_sector_size, int, S_IRUGO);
6180 module_param_named(statistics, sdebug_statistics, bool, S_IRUGO | S_IWUSR);
6181 module_param_named(strict, sdebug_strict, bool, S_IRUGO | S_IWUSR);
6182 module_param_named(submit_queues, submit_queues, int, S_IRUGO);
6183 module_param_named(poll_queues, poll_queues, int, S_IRUGO);
6184 module_param_named(tur_ms_to_ready, sdeb_tur_ms_to_ready, int, S_IRUGO);
6185 module_param_named(unmap_alignment, sdebug_unmap_alignment, int, S_IRUGO);
6186 module_param_named(unmap_granularity, sdebug_unmap_granularity, int, S_IRUGO);
6187 module_param_named(unmap_max_blocks, sdebug_unmap_max_blocks, int, S_IRUGO);
6188 module_param_named(unmap_max_desc, sdebug_unmap_max_desc, int, S_IRUGO);
6189 module_param_named(uuid_ctl, sdebug_uuid_ctl, int, S_IRUGO);
6190 module_param_named(virtual_gb, sdebug_virtual_gb, int, S_IRUGO | S_IWUSR);
6191 module_param_named(vpd_use_hostno, sdebug_vpd_use_hostno, int,
6193 module_param_named(wp, sdebug_wp, bool, S_IRUGO | S_IWUSR);
6194 module_param_named(write_same_length, sdebug_write_same_length, int,
6196 module_param_named(zbc, sdeb_zbc_model_s, charp, S_IRUGO);
6197 module_param_named(zone_cap_mb, sdeb_zbc_zone_cap_mb, int, S_IRUGO);
6198 module_param_named(zone_max_open, sdeb_zbc_max_open, int, S_IRUGO);
6199 module_param_named(zone_nr_conv, sdeb_zbc_nr_conv, int, S_IRUGO);
6200 module_param_named(zone_size_mb, sdeb_zbc_zone_size_mb, int, S_IRUGO);
6201 module_param_named(allow_restart, sdebug_allow_restart, bool, S_IRUGO | S_IWUSR);
6203 MODULE_AUTHOR("Eric Youngdale + Douglas Gilbert");
6204 MODULE_DESCRIPTION("SCSI debug adapter driver");
6205 MODULE_LICENSE("GPL");
6206 MODULE_VERSION(SDEBUG_VERSION);
6208 MODULE_PARM_DESC(add_host, "add n hosts, in sysfs if negative remove host(s) (def=1)");
6209 MODULE_PARM_DESC(ato, "application tag ownership: 0=disk 1=host (def=1)");
6210 MODULE_PARM_DESC(cdb_len, "suggest CDB lengths to drivers (def=10)");
6211 MODULE_PARM_DESC(clustering, "when set enables larger transfers (def=0)");
6212 MODULE_PARM_DESC(delay, "response delay (def=1 jiffy); 0:imm, -1,-2:tiny");
6213 MODULE_PARM_DESC(dev_size_mb, "size in MiB of ram shared by devs(def=8)");
6214 MODULE_PARM_DESC(dif, "data integrity field type: 0-3 (def=0)");
6215 MODULE_PARM_DESC(dix, "data integrity extensions mask (def=0)");
6216 MODULE_PARM_DESC(dsense, "use descriptor sense format(def=0 -> fixed)");
6217 MODULE_PARM_DESC(every_nth, "timeout every nth command(def=0)");
6218 MODULE_PARM_DESC(fake_rw, "fake reads/writes instead of copying (def=0)");
6219 MODULE_PARM_DESC(guard, "protection checksum: 0=crc, 1=ip (def=0)");
6220 MODULE_PARM_DESC(host_lock, "host_lock is ignored (def=0)");
6221 MODULE_PARM_DESC(host_max_queue,
6222 "host max # of queued cmds (0 to max(def) [max_queue fixed equal for !0])");
6223 MODULE_PARM_DESC(inq_product, "SCSI INQUIRY product string (def=\"scsi_debug\")");
6224 MODULE_PARM_DESC(inq_rev, "SCSI INQUIRY revision string (def=\""
6225 SDEBUG_VERSION "\")");
6226 MODULE_PARM_DESC(inq_vendor, "SCSI INQUIRY vendor string (def=\"Linux\")");
6227 MODULE_PARM_DESC(lbprz,
6228 "on read unmapped LBs return 0 when 1 (def), return 0xff when 2");
6229 MODULE_PARM_DESC(lbpu, "enable LBP, support UNMAP command (def=0)");
6230 MODULE_PARM_DESC(lbpws, "enable LBP, support WRITE SAME(16) with UNMAP bit (def=0)");
6231 MODULE_PARM_DESC(lbpws10, "enable LBP, support WRITE SAME(10) with UNMAP bit (def=0)");
6232 MODULE_PARM_DESC(lowest_aligned, "lowest aligned lba (def=0)");
6233 MODULE_PARM_DESC(lun_format, "LUN format: 0->peripheral (def); 1 --> flat address method");
6234 MODULE_PARM_DESC(max_luns, "number of LUNs per target to simulate(def=1)");
6235 MODULE_PARM_DESC(max_queue, "max number of queued commands (1 to max(def))");
6236 MODULE_PARM_DESC(medium_error_count, "count of sectors to return follow on MEDIUM error");
6237 MODULE_PARM_DESC(medium_error_start, "starting sector number to return MEDIUM error");
6238 MODULE_PARM_DESC(ndelay, "response delay in nanoseconds (def=0 -> ignore)");
6239 MODULE_PARM_DESC(no_lun_0, "no LU number 0 (def=0 -> have lun 0)");
6240 MODULE_PARM_DESC(no_rwlock, "don't protect user data reads+writes (def=0)");
6241 MODULE_PARM_DESC(no_uld, "stop ULD (e.g. sd driver) attaching (def=0))");
6242 MODULE_PARM_DESC(num_parts, "number of partitions(def=0)");
6243 MODULE_PARM_DESC(num_tgts, "number of targets per host to simulate(def=1)");
6244 MODULE_PARM_DESC(opt_blks, "optimal transfer length in blocks (def=1024)");
6245 MODULE_PARM_DESC(opt_xferlen_exp, "optimal transfer length granularity exponent (def=physblk_exp)");
6246 MODULE_PARM_DESC(opts, "1->noise, 2->medium_err, 4->timeout, 8->recovered_err... (def=0)");
6247 MODULE_PARM_DESC(per_host_store, "If set, next positive add_host will get new store (def=0)");
6248 MODULE_PARM_DESC(physblk_exp, "physical block exponent (def=0)");
6249 MODULE_PARM_DESC(poll_queues, "support for iouring iopoll queues (1 to max(submit_queues - 1))");
6250 MODULE_PARM_DESC(ptype, "SCSI peripheral type(def=0[disk])");
6251 MODULE_PARM_DESC(random, "If set, uniformly randomize command duration between 0 and delay_in_ns");
6252 MODULE_PARM_DESC(removable, "claim to have removable media (def=0)");
6253 MODULE_PARM_DESC(scsi_level, "SCSI level to simulate(def=7[SPC-5])");
6254 MODULE_PARM_DESC(sector_size, "logical block size in bytes (def=512)");
6255 MODULE_PARM_DESC(statistics, "collect statistics on commands, queues (def=0)");
6256 MODULE_PARM_DESC(strict, "stricter checks: reserved field in cdb (def=0)");
6257 MODULE_PARM_DESC(submit_queues, "support for block multi-queue (def=1)");
6258 MODULE_PARM_DESC(tur_ms_to_ready, "TEST UNIT READY millisecs before initial good status (def=0)");
6259 MODULE_PARM_DESC(unmap_alignment, "lowest aligned thin provisioning lba (def=0)");
6260 MODULE_PARM_DESC(unmap_granularity, "thin provisioning granularity in blocks (def=1)");
6261 MODULE_PARM_DESC(unmap_max_blocks, "max # of blocks can be unmapped in one cmd (def=0xffffffff)");
6262 MODULE_PARM_DESC(unmap_max_desc, "max # of ranges that can be unmapped in one cmd (def=256)");
6263 MODULE_PARM_DESC(uuid_ctl,
6264 "1->use uuid for lu name, 0->don't, 2->all use same (def=0)");
6265 MODULE_PARM_DESC(virtual_gb, "virtual gigabyte (GiB) size (def=0 -> use dev_size_mb)");
6266 MODULE_PARM_DESC(vpd_use_hostno, "0 -> dev ids ignore hostno (def=1 -> unique dev ids)");
6267 MODULE_PARM_DESC(wp, "Write Protect (def=0)");
6268 MODULE_PARM_DESC(write_same_length, "Maximum blocks per WRITE SAME cmd (def=0xffff)");
6269 MODULE_PARM_DESC(zbc, "'none' [0]; 'aware' [1]; 'managed' [2] (def=0). Can have 'host-' prefix");
6270 MODULE_PARM_DESC(zone_cap_mb, "Zone capacity in MiB (def=zone size)");
6271 MODULE_PARM_DESC(zone_max_open, "Maximum number of open zones; [0] for no limit (def=auto)");
6272 MODULE_PARM_DESC(zone_nr_conv, "Number of conventional zones (def=1)");
6273 MODULE_PARM_DESC(zone_size_mb, "Zone size in MiB (def=auto)");
6274 MODULE_PARM_DESC(allow_restart, "Set scsi_device's allow_restart flag(def=0)");
6276 #define SDEBUG_INFO_LEN 256
6277 static char sdebug_info[SDEBUG_INFO_LEN];
6279 static const char *scsi_debug_info(struct Scsi_Host *shp)
6283 k = scnprintf(sdebug_info, SDEBUG_INFO_LEN, "%s: version %s [%s]\n",
6284 my_name, SDEBUG_VERSION, sdebug_version_date);
6285 if (k >= (SDEBUG_INFO_LEN - 1))
6287 scnprintf(sdebug_info + k, SDEBUG_INFO_LEN - k,
6288 " dev_size_mb=%d, opts=0x%x, submit_queues=%d, %s=%d",
6289 sdebug_dev_size_mb, sdebug_opts, submit_queues,
6290 "statistics", (int)sdebug_statistics);
6294 /* 'echo <val> > /proc/scsi/scsi_debug/<host_id>' writes to opts */
6295 static int scsi_debug_write_info(struct Scsi_Host *host, char *buffer,
6300 int minLen = length > 15 ? 15 : length;
6302 if (!capable(CAP_SYS_ADMIN) || !capable(CAP_SYS_RAWIO))
6304 memcpy(arr, buffer, minLen);
6306 if (1 != sscanf(arr, "%d", &opts))
6309 sdebug_verbose = !!(SDEBUG_OPT_NOISE & opts);
6310 sdebug_any_injecting_opt = !!(SDEBUG_OPT_ALL_INJECTING & opts);
6311 if (sdebug_every_nth != 0)
6316 struct sdebug_submit_queue_data {
6322 static bool sdebug_submit_queue_iter(struct request *rq, void *opaque)
6324 struct sdebug_submit_queue_data *data = opaque;
6325 u32 unique_tag = blk_mq_unique_tag(rq);
6326 u16 hwq = blk_mq_unique_tag_to_hwq(unique_tag);
6327 u16 tag = blk_mq_unique_tag_to_tag(unique_tag);
6328 int queue_num = data->queue_num;
6330 if (hwq != queue_num)
6333 /* Rely on iter'ing in ascending tag order */
6334 if (*data->first == -1)
6335 *data->first = *data->last = tag;
6342 /* Output seen with 'cat /proc/scsi/scsi_debug/<host_id>'. It will be the
6343 * same for each scsi_debug host (if more than one). Some of the counters
6344 * output are not atomics so might be inaccurate in a busy system. */
6345 static int scsi_debug_show_info(struct seq_file *m, struct Scsi_Host *host)
6347 struct sdebug_host_info *sdhp;
6350 seq_printf(m, "scsi_debug adapter driver, version %s [%s]\n",
6351 SDEBUG_VERSION, sdebug_version_date);
6352 seq_printf(m, "num_tgts=%d, %ssize=%d MB, opts=0x%x, every_nth=%d\n",
6353 sdebug_num_tgts, "shared (ram) ", sdebug_dev_size_mb,
6354 sdebug_opts, sdebug_every_nth);
6355 seq_printf(m, "delay=%d, ndelay=%d, max_luns=%d, sector_size=%d %s\n",
6356 sdebug_jdelay, sdebug_ndelay, sdebug_max_luns,
6357 sdebug_sector_size, "bytes");
6358 seq_printf(m, "cylinders=%d, heads=%d, sectors=%d, command aborts=%d\n",
6359 sdebug_cylinders_per, sdebug_heads, sdebug_sectors_per,
6361 seq_printf(m, "RESETs: device=%d, target=%d, bus=%d, host=%d\n",
6362 num_dev_resets, num_target_resets, num_bus_resets,
6364 seq_printf(m, "dix_reads=%d, dix_writes=%d, dif_errors=%d\n",
6365 dix_reads, dix_writes, dif_errors);
6366 seq_printf(m, "usec_in_jiffy=%lu, statistics=%d\n", TICK_NSEC / 1000,
6368 seq_printf(m, "cmnd_count=%d, completions=%d, %s=%d, a_tsf=%d, mq_polls=%d\n",
6369 atomic_read(&sdebug_cmnd_count),
6370 atomic_read(&sdebug_completions),
6371 "miss_cpus", atomic_read(&sdebug_miss_cpus),
6372 atomic_read(&sdebug_a_tsf),
6373 atomic_read(&sdeb_mq_poll_count));
6375 seq_printf(m, "submit_queues=%d\n", submit_queues);
6376 for (j = 0; j < submit_queues; ++j) {
6378 struct sdebug_submit_queue_data data = {
6383 seq_printf(m, " queue %d:\n", j);
6384 blk_mq_tagset_busy_iter(&host->tag_set, sdebug_submit_queue_iter,
6387 seq_printf(m, " in_use_bm BUSY: %s: %d,%d\n",
6388 "first,last bits", f, l);
6392 seq_printf(m, "this host_no=%d\n", host->host_no);
6393 if (!xa_empty(per_store_ap)) {
6396 unsigned long l_idx;
6397 struct sdeb_store_info *sip;
6399 seq_puts(m, "\nhost list:\n");
6401 list_for_each_entry(sdhp, &sdebug_host_list, host_list) {
6403 seq_printf(m, " %d: host_no=%d, si_idx=%d\n", j,
6404 sdhp->shost->host_no, idx);
6407 seq_printf(m, "\nper_store array [most_recent_idx=%d]:\n",
6408 sdeb_most_recent_idx);
6410 xa_for_each(per_store_ap, l_idx, sip) {
6411 niu = xa_get_mark(per_store_ap, l_idx,
6412 SDEB_XA_NOT_IN_USE);
6414 seq_printf(m, " %d: idx=%d%s\n", j, idx,
6415 (niu ? " not_in_use" : ""));
6422 static ssize_t delay_show(struct device_driver *ddp, char *buf)
6424 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_jdelay);
6426 /* Returns -EBUSY if jdelay is being changed and commands are queued. The unit
6427 * of delay is jiffies.
6429 static ssize_t delay_store(struct device_driver *ddp, const char *buf,
6434 if (count > 0 && sscanf(buf, "%d", &jdelay) == 1) {
6436 if (sdebug_jdelay != jdelay) {
6437 struct sdebug_host_info *sdhp;
6439 mutex_lock(&sdebug_host_list_mutex);
6440 block_unblock_all_queues(true);
6442 list_for_each_entry(sdhp, &sdebug_host_list, host_list) {
6443 struct Scsi_Host *shost = sdhp->shost;
6445 if (scsi_host_busy(shost)) {
6446 res = -EBUSY; /* queued commands */
6451 sdebug_jdelay = jdelay;
6454 block_unblock_all_queues(false);
6455 mutex_unlock(&sdebug_host_list_mutex);
6461 static DRIVER_ATTR_RW(delay);
6463 static ssize_t ndelay_show(struct device_driver *ddp, char *buf)
6465 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_ndelay);
6467 /* Returns -EBUSY if ndelay is being changed and commands are queued */
6468 /* If > 0 and accepted then sdebug_jdelay is set to JDELAY_OVERRIDDEN */
6469 static ssize_t ndelay_store(struct device_driver *ddp, const char *buf,
6474 if ((count > 0) && (1 == sscanf(buf, "%d", &ndelay)) &&
6475 (ndelay >= 0) && (ndelay < (1000 * 1000 * 1000))) {
6477 if (sdebug_ndelay != ndelay) {
6478 struct sdebug_host_info *sdhp;
6480 mutex_lock(&sdebug_host_list_mutex);
6481 block_unblock_all_queues(true);
6483 list_for_each_entry(sdhp, &sdebug_host_list, host_list) {
6484 struct Scsi_Host *shost = sdhp->shost;
6486 if (scsi_host_busy(shost)) {
6487 res = -EBUSY; /* queued commands */
6493 sdebug_ndelay = ndelay;
6494 sdebug_jdelay = ndelay ? JDELAY_OVERRIDDEN
6497 block_unblock_all_queues(false);
6498 mutex_unlock(&sdebug_host_list_mutex);
6504 static DRIVER_ATTR_RW(ndelay);
6506 static ssize_t opts_show(struct device_driver *ddp, char *buf)
6508 return scnprintf(buf, PAGE_SIZE, "0x%x\n", sdebug_opts);
6511 static ssize_t opts_store(struct device_driver *ddp, const char *buf,
6517 if (sscanf(buf, "%10s", work) == 1) {
6518 if (strncasecmp(work, "0x", 2) == 0) {
6519 if (kstrtoint(work + 2, 16, &opts) == 0)
6522 if (kstrtoint(work, 10, &opts) == 0)
6529 sdebug_verbose = !!(SDEBUG_OPT_NOISE & opts);
6530 sdebug_any_injecting_opt = !!(SDEBUG_OPT_ALL_INJECTING & opts);
6534 static DRIVER_ATTR_RW(opts);
6536 static ssize_t ptype_show(struct device_driver *ddp, char *buf)
6538 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_ptype);
6540 static ssize_t ptype_store(struct device_driver *ddp, const char *buf,
6545 /* Cannot change from or to TYPE_ZBC with sysfs */
6546 if (sdebug_ptype == TYPE_ZBC)
6549 if ((count > 0) && (1 == sscanf(buf, "%d", &n)) && (n >= 0)) {
6557 static DRIVER_ATTR_RW(ptype);
6559 static ssize_t dsense_show(struct device_driver *ddp, char *buf)
6561 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_dsense);
6563 static ssize_t dsense_store(struct device_driver *ddp, const char *buf,
6568 if ((count > 0) && (1 == sscanf(buf, "%d", &n)) && (n >= 0)) {
6574 static DRIVER_ATTR_RW(dsense);
6576 static ssize_t fake_rw_show(struct device_driver *ddp, char *buf)
6578 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_fake_rw);
6580 static ssize_t fake_rw_store(struct device_driver *ddp, const char *buf,
6585 if ((count > 0) && (1 == sscanf(buf, "%d", &n)) && (n >= 0)) {
6586 bool want_store = (n == 0);
6587 struct sdebug_host_info *sdhp;
6590 sdebug_fake_rw = (sdebug_fake_rw > 0);
6591 if (sdebug_fake_rw == n)
6592 return count; /* not transitioning so do nothing */
6594 if (want_store) { /* 1 --> 0 transition, set up store */
6595 if (sdeb_first_idx < 0) {
6596 idx = sdebug_add_store();
6600 idx = sdeb_first_idx;
6601 xa_clear_mark(per_store_ap, idx,
6602 SDEB_XA_NOT_IN_USE);
6604 /* make all hosts use same store */
6605 list_for_each_entry(sdhp, &sdebug_host_list,
6607 if (sdhp->si_idx != idx) {
6608 xa_set_mark(per_store_ap, sdhp->si_idx,
6609 SDEB_XA_NOT_IN_USE);
6613 sdeb_most_recent_idx = idx;
6614 } else { /* 0 --> 1 transition is trigger for shrink */
6615 sdebug_erase_all_stores(true /* apart from first */);
6622 static DRIVER_ATTR_RW(fake_rw);
6624 static ssize_t no_lun_0_show(struct device_driver *ddp, char *buf)
6626 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_no_lun_0);
6628 static ssize_t no_lun_0_store(struct device_driver *ddp, const char *buf,
6633 if ((count > 0) && (1 == sscanf(buf, "%d", &n)) && (n >= 0)) {
6634 sdebug_no_lun_0 = n;
6639 static DRIVER_ATTR_RW(no_lun_0);
6641 static ssize_t num_tgts_show(struct device_driver *ddp, char *buf)
6643 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_num_tgts);
6645 static ssize_t num_tgts_store(struct device_driver *ddp, const char *buf,
6650 if ((count > 0) && (1 == sscanf(buf, "%d", &n)) && (n >= 0)) {
6651 sdebug_num_tgts = n;
6652 sdebug_max_tgts_luns();
6657 static DRIVER_ATTR_RW(num_tgts);
6659 static ssize_t dev_size_mb_show(struct device_driver *ddp, char *buf)
6661 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_dev_size_mb);
6663 static DRIVER_ATTR_RO(dev_size_mb);
6665 static ssize_t per_host_store_show(struct device_driver *ddp, char *buf)
6667 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_per_host_store);
6670 static ssize_t per_host_store_store(struct device_driver *ddp, const char *buf,
6675 if (kstrtobool(buf, &v))
6678 sdebug_per_host_store = v;
6681 static DRIVER_ATTR_RW(per_host_store);
6683 static ssize_t num_parts_show(struct device_driver *ddp, char *buf)
6685 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_num_parts);
6687 static DRIVER_ATTR_RO(num_parts);
6689 static ssize_t every_nth_show(struct device_driver *ddp, char *buf)
6691 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_every_nth);
6693 static ssize_t every_nth_store(struct device_driver *ddp, const char *buf,
6699 if (sscanf(buf, "%10s", work) == 1) {
6700 if (strncasecmp(work, "0x", 2) == 0) {
6701 if (kstrtoint(work + 2, 16, &nth) == 0)
6702 goto every_nth_done;
6704 if (kstrtoint(work, 10, &nth) == 0)
6705 goto every_nth_done;
6711 sdebug_every_nth = nth;
6712 if (nth && !sdebug_statistics) {
6713 pr_info("every_nth needs statistics=1, set it\n");
6714 sdebug_statistics = true;
6719 static DRIVER_ATTR_RW(every_nth);
6721 static ssize_t lun_format_show(struct device_driver *ddp, char *buf)
6723 return scnprintf(buf, PAGE_SIZE, "%d\n", (int)sdebug_lun_am);
6725 static ssize_t lun_format_store(struct device_driver *ddp, const char *buf,
6731 if (kstrtoint(buf, 0, &n))
6734 if (n > (int)SAM_LUN_AM_FLAT) {
6735 pr_warn("only LUN address methods 0 and 1 are supported\n");
6738 changed = ((int)sdebug_lun_am != n);
6740 if (changed && sdebug_scsi_level >= 5) { /* >= SPC-3 */
6741 struct sdebug_host_info *sdhp;
6742 struct sdebug_dev_info *dp;
6744 mutex_lock(&sdebug_host_list_mutex);
6745 list_for_each_entry(sdhp, &sdebug_host_list, host_list) {
6746 list_for_each_entry(dp, &sdhp->dev_info_list, dev_list) {
6747 set_bit(SDEBUG_UA_LUNS_CHANGED, dp->uas_bm);
6750 mutex_unlock(&sdebug_host_list_mutex);
6756 static DRIVER_ATTR_RW(lun_format);
6758 static ssize_t max_luns_show(struct device_driver *ddp, char *buf)
6760 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_max_luns);
6762 static ssize_t max_luns_store(struct device_driver *ddp, const char *buf,
6768 if ((count > 0) && (1 == sscanf(buf, "%d", &n)) && (n >= 0)) {
6770 pr_warn("max_luns can be no more than 256\n");
6773 changed = (sdebug_max_luns != n);
6774 sdebug_max_luns = n;
6775 sdebug_max_tgts_luns();
6776 if (changed && (sdebug_scsi_level >= 5)) { /* >= SPC-3 */
6777 struct sdebug_host_info *sdhp;
6778 struct sdebug_dev_info *dp;
6780 mutex_lock(&sdebug_host_list_mutex);
6781 list_for_each_entry(sdhp, &sdebug_host_list,
6783 list_for_each_entry(dp, &sdhp->dev_info_list,
6785 set_bit(SDEBUG_UA_LUNS_CHANGED,
6789 mutex_unlock(&sdebug_host_list_mutex);
6795 static DRIVER_ATTR_RW(max_luns);
6797 static ssize_t max_queue_show(struct device_driver *ddp, char *buf)
6799 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_max_queue);
6801 /* N.B. max_queue can be changed while there are queued commands. In flight
6802 * commands beyond the new max_queue will be completed. */
6803 static ssize_t max_queue_store(struct device_driver *ddp, const char *buf,
6808 if ((count > 0) && (1 == sscanf(buf, "%d", &n)) && (n > 0) &&
6809 (n <= SDEBUG_CANQUEUE) &&
6810 (sdebug_host_max_queue == 0)) {
6811 mutex_lock(&sdebug_host_list_mutex);
6813 /* We may only change sdebug_max_queue when we have no shosts */
6814 if (list_empty(&sdebug_host_list))
6815 sdebug_max_queue = n;
6818 mutex_unlock(&sdebug_host_list_mutex);
6823 static DRIVER_ATTR_RW(max_queue);
6825 static ssize_t host_max_queue_show(struct device_driver *ddp, char *buf)
6827 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_host_max_queue);
6830 static ssize_t no_rwlock_show(struct device_driver *ddp, char *buf)
6832 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_no_rwlock);
6835 static ssize_t no_rwlock_store(struct device_driver *ddp, const char *buf, size_t count)
6839 if (kstrtobool(buf, &v))
6842 sdebug_no_rwlock = v;
6845 static DRIVER_ATTR_RW(no_rwlock);
6848 * Since this is used for .can_queue, and we get the hc_idx tag from the bitmap
6849 * in range [0, sdebug_host_max_queue), we can't change it.
6851 static DRIVER_ATTR_RO(host_max_queue);
6853 static ssize_t no_uld_show(struct device_driver *ddp, char *buf)
6855 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_no_uld);
6857 static DRIVER_ATTR_RO(no_uld);
6859 static ssize_t scsi_level_show(struct device_driver *ddp, char *buf)
6861 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_scsi_level);
6863 static DRIVER_ATTR_RO(scsi_level);
6865 static ssize_t virtual_gb_show(struct device_driver *ddp, char *buf)
6867 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_virtual_gb);
6869 static ssize_t virtual_gb_store(struct device_driver *ddp, const char *buf,
6875 /* Ignore capacity change for ZBC drives for now */
6876 if (sdeb_zbc_in_use)
6879 if ((count > 0) && (1 == sscanf(buf, "%d", &n)) && (n >= 0)) {
6880 changed = (sdebug_virtual_gb != n);
6881 sdebug_virtual_gb = n;
6882 sdebug_capacity = get_sdebug_capacity();
6884 struct sdebug_host_info *sdhp;
6885 struct sdebug_dev_info *dp;
6887 mutex_lock(&sdebug_host_list_mutex);
6888 list_for_each_entry(sdhp, &sdebug_host_list,
6890 list_for_each_entry(dp, &sdhp->dev_info_list,
6892 set_bit(SDEBUG_UA_CAPACITY_CHANGED,
6896 mutex_unlock(&sdebug_host_list_mutex);
6902 static DRIVER_ATTR_RW(virtual_gb);
6904 static ssize_t add_host_show(struct device_driver *ddp, char *buf)
6906 /* absolute number of hosts currently active is what is shown */
6907 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_num_hosts);
6910 static ssize_t add_host_store(struct device_driver *ddp, const char *buf,
6915 struct sdeb_store_info *sip;
6916 bool want_phs = (sdebug_fake_rw == 0) && sdebug_per_host_store;
6919 if (sscanf(buf, "%d", &delta_hosts) != 1)
6921 if (delta_hosts > 0) {
6925 xa_for_each_marked(per_store_ap, idx, sip,
6926 SDEB_XA_NOT_IN_USE) {
6927 sdeb_most_recent_idx = (int)idx;
6931 if (found) /* re-use case */
6932 sdebug_add_host_helper((int)idx);
6934 sdebug_do_add_host(true);
6936 sdebug_do_add_host(false);
6938 } while (--delta_hosts);
6939 } else if (delta_hosts < 0) {
6941 sdebug_do_remove_host(false);
6942 } while (++delta_hosts);
6946 static DRIVER_ATTR_RW(add_host);
6948 static ssize_t vpd_use_hostno_show(struct device_driver *ddp, char *buf)
6950 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_vpd_use_hostno);
6952 static ssize_t vpd_use_hostno_store(struct device_driver *ddp, const char *buf,
6957 if ((count > 0) && (1 == sscanf(buf, "%d", &n)) && (n >= 0)) {
6958 sdebug_vpd_use_hostno = n;
6963 static DRIVER_ATTR_RW(vpd_use_hostno);
6965 static ssize_t statistics_show(struct device_driver *ddp, char *buf)
6967 return scnprintf(buf, PAGE_SIZE, "%d\n", (int)sdebug_statistics);
6969 static ssize_t statistics_store(struct device_driver *ddp, const char *buf,
6974 if ((count > 0) && (sscanf(buf, "%d", &n) == 1) && (n >= 0)) {
6976 sdebug_statistics = true;
6978 clear_queue_stats();
6979 sdebug_statistics = false;
6985 static DRIVER_ATTR_RW(statistics);
6987 static ssize_t sector_size_show(struct device_driver *ddp, char *buf)
6989 return scnprintf(buf, PAGE_SIZE, "%u\n", sdebug_sector_size);
6991 static DRIVER_ATTR_RO(sector_size);
6993 static ssize_t submit_queues_show(struct device_driver *ddp, char *buf)
6995 return scnprintf(buf, PAGE_SIZE, "%d\n", submit_queues);
6997 static DRIVER_ATTR_RO(submit_queues);
6999 static ssize_t dix_show(struct device_driver *ddp, char *buf)
7001 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_dix);
7003 static DRIVER_ATTR_RO(dix);
7005 static ssize_t dif_show(struct device_driver *ddp, char *buf)
7007 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_dif);
7009 static DRIVER_ATTR_RO(dif);
7011 static ssize_t guard_show(struct device_driver *ddp, char *buf)
7013 return scnprintf(buf, PAGE_SIZE, "%u\n", sdebug_guard);
7015 static DRIVER_ATTR_RO(guard);
7017 static ssize_t ato_show(struct device_driver *ddp, char *buf)
7019 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_ato);
7021 static DRIVER_ATTR_RO(ato);
7023 static ssize_t map_show(struct device_driver *ddp, char *buf)
7027 if (!scsi_debug_lbp())
7028 return scnprintf(buf, PAGE_SIZE, "0-%u\n",
7029 sdebug_store_sectors);
7031 if (sdebug_fake_rw == 0 && !xa_empty(per_store_ap)) {
7032 struct sdeb_store_info *sip = xa_load(per_store_ap, 0);
7035 count = scnprintf(buf, PAGE_SIZE - 1, "%*pbl",
7036 (int)map_size, sip->map_storep);
7038 buf[count++] = '\n';
7043 static DRIVER_ATTR_RO(map);
7045 static ssize_t random_show(struct device_driver *ddp, char *buf)
7047 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_random);
7050 static ssize_t random_store(struct device_driver *ddp, const char *buf,
7055 if (kstrtobool(buf, &v))
7061 static DRIVER_ATTR_RW(random);
7063 static ssize_t removable_show(struct device_driver *ddp, char *buf)
7065 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_removable ? 1 : 0);
7067 static ssize_t removable_store(struct device_driver *ddp, const char *buf,
7072 if ((count > 0) && (1 == sscanf(buf, "%d", &n)) && (n >= 0)) {
7073 sdebug_removable = (n > 0);
7078 static DRIVER_ATTR_RW(removable);
7080 static ssize_t host_lock_show(struct device_driver *ddp, char *buf)
7082 return scnprintf(buf, PAGE_SIZE, "%d\n", !!sdebug_host_lock);
7084 /* N.B. sdebug_host_lock does nothing, kept for backward compatibility */
7085 static ssize_t host_lock_store(struct device_driver *ddp, const char *buf,
7090 if ((count > 0) && (1 == sscanf(buf, "%d", &n)) && (n >= 0)) {
7091 sdebug_host_lock = (n > 0);
7096 static DRIVER_ATTR_RW(host_lock);
7098 static ssize_t strict_show(struct device_driver *ddp, char *buf)
7100 return scnprintf(buf, PAGE_SIZE, "%d\n", !!sdebug_strict);
7102 static ssize_t strict_store(struct device_driver *ddp, const char *buf,
7107 if ((count > 0) && (1 == sscanf(buf, "%d", &n)) && (n >= 0)) {
7108 sdebug_strict = (n > 0);
7113 static DRIVER_ATTR_RW(strict);
7115 static ssize_t uuid_ctl_show(struct device_driver *ddp, char *buf)
7117 return scnprintf(buf, PAGE_SIZE, "%d\n", !!sdebug_uuid_ctl);
7119 static DRIVER_ATTR_RO(uuid_ctl);
7121 static ssize_t cdb_len_show(struct device_driver *ddp, char *buf)
7123 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_cdb_len);
7125 static ssize_t cdb_len_store(struct device_driver *ddp, const char *buf,
7130 ret = kstrtoint(buf, 0, &n);
7134 all_config_cdb_len();
7137 static DRIVER_ATTR_RW(cdb_len);
7139 static const char * const zbc_model_strs_a[] = {
7140 [BLK_ZONED_NONE] = "none",
7141 [BLK_ZONED_HA] = "host-aware",
7142 [BLK_ZONED_HM] = "host-managed",
7145 static const char * const zbc_model_strs_b[] = {
7146 [BLK_ZONED_NONE] = "no",
7147 [BLK_ZONED_HA] = "aware",
7148 [BLK_ZONED_HM] = "managed",
7151 static const char * const zbc_model_strs_c[] = {
7152 [BLK_ZONED_NONE] = "0",
7153 [BLK_ZONED_HA] = "1",
7154 [BLK_ZONED_HM] = "2",
7157 static int sdeb_zbc_model_str(const char *cp)
7159 int res = sysfs_match_string(zbc_model_strs_a, cp);
7162 res = sysfs_match_string(zbc_model_strs_b, cp);
7164 res = sysfs_match_string(zbc_model_strs_c, cp);
7172 static ssize_t zbc_show(struct device_driver *ddp, char *buf)
7174 return scnprintf(buf, PAGE_SIZE, "%s\n",
7175 zbc_model_strs_a[sdeb_zbc_model]);
7177 static DRIVER_ATTR_RO(zbc);
7179 static ssize_t tur_ms_to_ready_show(struct device_driver *ddp, char *buf)
7181 return scnprintf(buf, PAGE_SIZE, "%d\n", sdeb_tur_ms_to_ready);
7183 static DRIVER_ATTR_RO(tur_ms_to_ready);
7185 /* Note: The following array creates attribute files in the
7186 /sys/bus/pseudo/drivers/scsi_debug directory. The advantage of these
7187 files (over those found in the /sys/module/scsi_debug/parameters
7188 directory) is that auxiliary actions can be triggered when an attribute
7189 is changed. For example see: add_host_store() above.
7192 static struct attribute *sdebug_drv_attrs[] = {
7193 &driver_attr_delay.attr,
7194 &driver_attr_opts.attr,
7195 &driver_attr_ptype.attr,
7196 &driver_attr_dsense.attr,
7197 &driver_attr_fake_rw.attr,
7198 &driver_attr_host_max_queue.attr,
7199 &driver_attr_no_lun_0.attr,
7200 &driver_attr_num_tgts.attr,
7201 &driver_attr_dev_size_mb.attr,
7202 &driver_attr_num_parts.attr,
7203 &driver_attr_every_nth.attr,
7204 &driver_attr_lun_format.attr,
7205 &driver_attr_max_luns.attr,
7206 &driver_attr_max_queue.attr,
7207 &driver_attr_no_rwlock.attr,
7208 &driver_attr_no_uld.attr,
7209 &driver_attr_scsi_level.attr,
7210 &driver_attr_virtual_gb.attr,
7211 &driver_attr_add_host.attr,
7212 &driver_attr_per_host_store.attr,
7213 &driver_attr_vpd_use_hostno.attr,
7214 &driver_attr_sector_size.attr,
7215 &driver_attr_statistics.attr,
7216 &driver_attr_submit_queues.attr,
7217 &driver_attr_dix.attr,
7218 &driver_attr_dif.attr,
7219 &driver_attr_guard.attr,
7220 &driver_attr_ato.attr,
7221 &driver_attr_map.attr,
7222 &driver_attr_random.attr,
7223 &driver_attr_removable.attr,
7224 &driver_attr_host_lock.attr,
7225 &driver_attr_ndelay.attr,
7226 &driver_attr_strict.attr,
7227 &driver_attr_uuid_ctl.attr,
7228 &driver_attr_cdb_len.attr,
7229 &driver_attr_tur_ms_to_ready.attr,
7230 &driver_attr_zbc.attr,
7233 ATTRIBUTE_GROUPS(sdebug_drv);
7235 static struct device *pseudo_primary;
7237 static int __init scsi_debug_init(void)
7239 bool want_store = (sdebug_fake_rw == 0);
7241 int k, ret, hosts_to_add;
7244 if (sdebug_ndelay >= 1000 * 1000 * 1000) {
7245 pr_warn("ndelay must be less than 1 second, ignored\n");
7247 } else if (sdebug_ndelay > 0)
7248 sdebug_jdelay = JDELAY_OVERRIDDEN;
7250 switch (sdebug_sector_size) {
7257 pr_err("invalid sector_size %d\n", sdebug_sector_size);
7261 switch (sdebug_dif) {
7262 case T10_PI_TYPE0_PROTECTION:
7264 case T10_PI_TYPE1_PROTECTION:
7265 case T10_PI_TYPE2_PROTECTION:
7266 case T10_PI_TYPE3_PROTECTION:
7267 have_dif_prot = true;
7271 pr_err("dif must be 0, 1, 2 or 3\n");
7275 if (sdebug_num_tgts < 0) {
7276 pr_err("num_tgts must be >= 0\n");
7280 if (sdebug_guard > 1) {
7281 pr_err("guard must be 0 or 1\n");
7285 if (sdebug_ato > 1) {
7286 pr_err("ato must be 0 or 1\n");
7290 if (sdebug_physblk_exp > 15) {
7291 pr_err("invalid physblk_exp %u\n", sdebug_physblk_exp);
7295 sdebug_lun_am = sdebug_lun_am_i;
7296 if (sdebug_lun_am > SAM_LUN_AM_FLAT) {
7297 pr_warn("Invalid LUN format %u, using default\n", (int)sdebug_lun_am);
7298 sdebug_lun_am = SAM_LUN_AM_PERIPHERAL;
7301 if (sdebug_max_luns > 256) {
7302 if (sdebug_max_luns > 16384) {
7303 pr_warn("max_luns can be no more than 16384, use default\n");
7304 sdebug_max_luns = DEF_MAX_LUNS;
7306 sdebug_lun_am = SAM_LUN_AM_FLAT;
7309 if (sdebug_lowest_aligned > 0x3fff) {
7310 pr_err("lowest_aligned too big: %u\n", sdebug_lowest_aligned);
7314 if (submit_queues < 1) {
7315 pr_err("submit_queues must be 1 or more\n");
7319 if ((sdebug_max_queue > SDEBUG_CANQUEUE) || (sdebug_max_queue < 1)) {
7320 pr_err("max_queue must be in range [1, %d]\n", SDEBUG_CANQUEUE);
7324 if ((sdebug_host_max_queue > SDEBUG_CANQUEUE) ||
7325 (sdebug_host_max_queue < 0)) {
7326 pr_err("host_max_queue must be in range [0 %d]\n",
7331 if (sdebug_host_max_queue &&
7332 (sdebug_max_queue != sdebug_host_max_queue)) {
7333 sdebug_max_queue = sdebug_host_max_queue;
7334 pr_warn("fixing max submit queue depth to host max queue depth, %d\n",
7339 * check for host managed zoned block device specified with
7340 * ptype=0x14 or zbc=XXX.
7342 if (sdebug_ptype == TYPE_ZBC) {
7343 sdeb_zbc_model = BLK_ZONED_HM;
7344 } else if (sdeb_zbc_model_s && *sdeb_zbc_model_s) {
7345 k = sdeb_zbc_model_str(sdeb_zbc_model_s);
7349 switch (sdeb_zbc_model) {
7350 case BLK_ZONED_NONE:
7352 sdebug_ptype = TYPE_DISK;
7355 sdebug_ptype = TYPE_ZBC;
7358 pr_err("Invalid ZBC model\n");
7362 if (sdeb_zbc_model != BLK_ZONED_NONE) {
7363 sdeb_zbc_in_use = true;
7364 if (sdebug_dev_size_mb == DEF_DEV_SIZE_PRE_INIT)
7365 sdebug_dev_size_mb = DEF_ZBC_DEV_SIZE_MB;
7368 if (sdebug_dev_size_mb == DEF_DEV_SIZE_PRE_INIT)
7369 sdebug_dev_size_mb = DEF_DEV_SIZE_MB;
7370 if (sdebug_dev_size_mb < 1)
7371 sdebug_dev_size_mb = 1; /* force minimum 1 MB ramdisk */
7372 sz = (unsigned long)sdebug_dev_size_mb * 1048576;
7373 sdebug_store_sectors = sz / sdebug_sector_size;
7374 sdebug_capacity = get_sdebug_capacity();
7376 /* play around with geometry, don't waste too much on track 0 */
7378 sdebug_sectors_per = 32;
7379 if (sdebug_dev_size_mb >= 256)
7381 else if (sdebug_dev_size_mb >= 16)
7383 sdebug_cylinders_per = (unsigned long)sdebug_capacity /
7384 (sdebug_sectors_per * sdebug_heads);
7385 if (sdebug_cylinders_per >= 1024) {
7386 /* other LLDs do this; implies >= 1GB ram disk ... */
7388 sdebug_sectors_per = 63;
7389 sdebug_cylinders_per = (unsigned long)sdebug_capacity /
7390 (sdebug_sectors_per * sdebug_heads);
7392 if (scsi_debug_lbp()) {
7393 sdebug_unmap_max_blocks =
7394 clamp(sdebug_unmap_max_blocks, 0U, 0xffffffffU);
7396 sdebug_unmap_max_desc =
7397 clamp(sdebug_unmap_max_desc, 0U, 256U);
7399 sdebug_unmap_granularity =
7400 clamp(sdebug_unmap_granularity, 1U, 0xffffffffU);
7402 if (sdebug_unmap_alignment &&
7403 sdebug_unmap_granularity <=
7404 sdebug_unmap_alignment) {
7405 pr_err("ERR: unmap_granularity <= unmap_alignment\n");
7409 xa_init_flags(per_store_ap, XA_FLAGS_ALLOC | XA_FLAGS_LOCK_IRQ);
7411 idx = sdebug_add_store();
7416 pseudo_primary = root_device_register("pseudo_0");
7417 if (IS_ERR(pseudo_primary)) {
7418 pr_warn("root_device_register() error\n");
7419 ret = PTR_ERR(pseudo_primary);
7422 ret = bus_register(&pseudo_lld_bus);
7424 pr_warn("bus_register error: %d\n", ret);
7427 ret = driver_register(&sdebug_driverfs_driver);
7429 pr_warn("driver_register error: %d\n", ret);
7433 hosts_to_add = sdebug_add_host;
7434 sdebug_add_host = 0;
7436 queued_cmd_cache = KMEM_CACHE(sdebug_queued_cmd, SLAB_HWCACHE_ALIGN);
7437 if (!queued_cmd_cache) {
7442 sdebug_debugfs_root = debugfs_create_dir("scsi_debug", NULL);
7443 if (IS_ERR_OR_NULL(sdebug_debugfs_root))
7444 pr_info("%s: failed to create initial debugfs directory\n", __func__);
7446 for (k = 0; k < hosts_to_add; k++) {
7447 if (want_store && k == 0) {
7448 ret = sdebug_add_host_helper(idx);
7450 pr_err("add_host_helper k=%d, error=%d\n",
7455 ret = sdebug_do_add_host(want_store &&
7456 sdebug_per_host_store);
7458 pr_err("add_host k=%d error=%d\n", k, -ret);
7464 pr_info("built %d host(s)\n", sdebug_num_hosts);
7469 driver_unregister(&sdebug_driverfs_driver);
7471 bus_unregister(&pseudo_lld_bus);
7473 root_device_unregister(pseudo_primary);
7475 sdebug_erase_store(idx, NULL);
7479 static void __exit scsi_debug_exit(void)
7481 int k = sdebug_num_hosts;
7484 sdebug_do_remove_host(true);
7485 kmem_cache_destroy(queued_cmd_cache);
7486 driver_unregister(&sdebug_driverfs_driver);
7487 bus_unregister(&pseudo_lld_bus);
7488 root_device_unregister(pseudo_primary);
7490 sdebug_erase_all_stores(false);
7491 xa_destroy(per_store_ap);
7492 debugfs_remove(sdebug_debugfs_root);
7495 device_initcall(scsi_debug_init);
7496 module_exit(scsi_debug_exit);
7498 static void sdebug_release_adapter(struct device *dev)
7500 struct sdebug_host_info *sdbg_host;
7502 sdbg_host = dev_to_sdebug_host(dev);
7506 /* idx must be valid, if sip is NULL then it will be obtained using idx */
7507 static void sdebug_erase_store(int idx, struct sdeb_store_info *sip)
7512 if (xa_empty(per_store_ap))
7514 sip = xa_load(per_store_ap, idx);
7518 vfree(sip->map_storep);
7519 vfree(sip->dif_storep);
7521 xa_erase(per_store_ap, idx);
7525 /* Assume apart_from_first==false only in shutdown case. */
7526 static void sdebug_erase_all_stores(bool apart_from_first)
7529 struct sdeb_store_info *sip = NULL;
7531 xa_for_each(per_store_ap, idx, sip) {
7532 if (apart_from_first)
7533 apart_from_first = false;
7535 sdebug_erase_store(idx, sip);
7537 if (apart_from_first)
7538 sdeb_most_recent_idx = sdeb_first_idx;
7542 * Returns store xarray new element index (idx) if >=0 else negated errno.
7543 * Limit the number of stores to 65536.
7545 static int sdebug_add_store(void)
7549 unsigned long iflags;
7550 unsigned long sz = (unsigned long)sdebug_dev_size_mb * 1048576;
7551 struct sdeb_store_info *sip = NULL;
7552 struct xa_limit xal = { .max = 1 << 16, .min = 0 };
7554 sip = kzalloc(sizeof(*sip), GFP_KERNEL);
7558 xa_lock_irqsave(per_store_ap, iflags);
7559 res = __xa_alloc(per_store_ap, &n_idx, sip, xal, GFP_ATOMIC);
7560 if (unlikely(res < 0)) {
7561 xa_unlock_irqrestore(per_store_ap, iflags);
7563 pr_warn("%s: xa_alloc() errno=%d\n", __func__, -res);
7566 sdeb_most_recent_idx = n_idx;
7567 if (sdeb_first_idx < 0)
7568 sdeb_first_idx = n_idx;
7569 xa_unlock_irqrestore(per_store_ap, iflags);
7572 sip->storep = vzalloc(sz);
7574 pr_err("user data oom\n");
7577 if (sdebug_num_parts > 0)
7578 sdebug_build_parts(sip->storep, sz);
7580 /* DIF/DIX: what T10 calls Protection Information (PI) */
7584 dif_size = sdebug_store_sectors * sizeof(struct t10_pi_tuple);
7585 sip->dif_storep = vmalloc(dif_size);
7587 pr_info("dif_storep %u bytes @ %pK\n", dif_size,
7590 if (!sip->dif_storep) {
7591 pr_err("DIX oom\n");
7594 memset(sip->dif_storep, 0xff, dif_size);
7596 /* Logical Block Provisioning */
7597 if (scsi_debug_lbp()) {
7598 map_size = lba_to_map_index(sdebug_store_sectors - 1) + 1;
7599 sip->map_storep = vmalloc(array_size(sizeof(long),
7600 BITS_TO_LONGS(map_size)));
7602 pr_info("%lu provisioning blocks\n", map_size);
7604 if (!sip->map_storep) {
7605 pr_err("LBP map oom\n");
7609 bitmap_zero(sip->map_storep, map_size);
7611 /* Map first 1KB for partition table */
7612 if (sdebug_num_parts)
7613 map_region(sip, 0, 2);
7616 rwlock_init(&sip->macc_lck);
7619 sdebug_erase_store((int)n_idx, sip);
7620 pr_warn("%s: failed, errno=%d\n", __func__, -res);
7624 static int sdebug_add_host_helper(int per_host_idx)
7626 int k, devs_per_host, idx;
7627 int error = -ENOMEM;
7628 struct sdebug_host_info *sdbg_host;
7629 struct sdebug_dev_info *sdbg_devinfo, *tmp;
7631 sdbg_host = kzalloc(sizeof(*sdbg_host), GFP_KERNEL);
7634 idx = (per_host_idx < 0) ? sdeb_first_idx : per_host_idx;
7635 if (xa_get_mark(per_store_ap, idx, SDEB_XA_NOT_IN_USE))
7636 xa_clear_mark(per_store_ap, idx, SDEB_XA_NOT_IN_USE);
7637 sdbg_host->si_idx = idx;
7639 INIT_LIST_HEAD(&sdbg_host->dev_info_list);
7641 devs_per_host = sdebug_num_tgts * sdebug_max_luns;
7642 for (k = 0; k < devs_per_host; k++) {
7643 sdbg_devinfo = sdebug_device_create(sdbg_host, GFP_KERNEL);
7648 mutex_lock(&sdebug_host_list_mutex);
7649 list_add_tail(&sdbg_host->host_list, &sdebug_host_list);
7650 mutex_unlock(&sdebug_host_list_mutex);
7652 sdbg_host->dev.bus = &pseudo_lld_bus;
7653 sdbg_host->dev.parent = pseudo_primary;
7654 sdbg_host->dev.release = &sdebug_release_adapter;
7655 dev_set_name(&sdbg_host->dev, "adapter%d", sdebug_num_hosts);
7657 error = device_register(&sdbg_host->dev);
7659 mutex_lock(&sdebug_host_list_mutex);
7660 list_del(&sdbg_host->host_list);
7661 mutex_unlock(&sdebug_host_list_mutex);
7669 list_for_each_entry_safe(sdbg_devinfo, tmp, &sdbg_host->dev_info_list,
7671 list_del(&sdbg_devinfo->dev_list);
7672 kfree(sdbg_devinfo->zstate);
7673 kfree(sdbg_devinfo);
7675 if (sdbg_host->dev.release)
7676 put_device(&sdbg_host->dev);
7679 pr_warn("%s: failed, errno=%d\n", __func__, -error);
7683 static int sdebug_do_add_host(bool mk_new_store)
7685 int ph_idx = sdeb_most_recent_idx;
7688 ph_idx = sdebug_add_store();
7692 return sdebug_add_host_helper(ph_idx);
7695 static void sdebug_do_remove_host(bool the_end)
7698 struct sdebug_host_info *sdbg_host = NULL;
7699 struct sdebug_host_info *sdbg_host2;
7701 mutex_lock(&sdebug_host_list_mutex);
7702 if (!list_empty(&sdebug_host_list)) {
7703 sdbg_host = list_entry(sdebug_host_list.prev,
7704 struct sdebug_host_info, host_list);
7705 idx = sdbg_host->si_idx;
7707 if (!the_end && idx >= 0) {
7710 list_for_each_entry(sdbg_host2, &sdebug_host_list, host_list) {
7711 if (sdbg_host2 == sdbg_host)
7713 if (idx == sdbg_host2->si_idx) {
7719 xa_set_mark(per_store_ap, idx, SDEB_XA_NOT_IN_USE);
7720 if (idx == sdeb_most_recent_idx)
7721 --sdeb_most_recent_idx;
7725 list_del(&sdbg_host->host_list);
7726 mutex_unlock(&sdebug_host_list_mutex);
7731 device_unregister(&sdbg_host->dev);
7735 static int sdebug_change_qdepth(struct scsi_device *sdev, int qdepth)
7737 struct sdebug_dev_info *devip = sdev->hostdata;
7742 mutex_lock(&sdebug_host_list_mutex);
7743 block_unblock_all_queues(true);
7745 if (qdepth > SDEBUG_CANQUEUE) {
7746 qdepth = SDEBUG_CANQUEUE;
7747 pr_warn("%s: requested qdepth [%d] exceeds canqueue [%d], trim\n", __func__,
7748 qdepth, SDEBUG_CANQUEUE);
7752 if (qdepth != sdev->queue_depth)
7753 scsi_change_queue_depth(sdev, qdepth);
7755 block_unblock_all_queues(false);
7756 mutex_unlock(&sdebug_host_list_mutex);
7758 if (SDEBUG_OPT_Q_NOISE & sdebug_opts)
7759 sdev_printk(KERN_INFO, sdev, "%s: qdepth=%d\n", __func__, qdepth);
7761 return sdev->queue_depth;
7764 static bool fake_timeout(struct scsi_cmnd *scp)
7766 if (0 == (atomic_read(&sdebug_cmnd_count) % abs(sdebug_every_nth))) {
7767 if (sdebug_every_nth < -1)
7768 sdebug_every_nth = -1;
7769 if (SDEBUG_OPT_TIMEOUT & sdebug_opts)
7770 return true; /* ignore command causing timeout */
7771 else if (SDEBUG_OPT_MAC_TIMEOUT & sdebug_opts &&
7772 scsi_medium_access_command(scp))
7773 return true; /* time out reads and writes */
7778 /* Response to TUR or media access command when device stopped */
7779 static int resp_not_ready(struct scsi_cmnd *scp, struct sdebug_dev_info *devip)
7783 ktime_t now_ts = ktime_get_boottime();
7784 struct scsi_device *sdp = scp->device;
7786 stopped_state = atomic_read(&devip->stopped);
7787 if (stopped_state == 2) {
7788 if (ktime_to_ns(now_ts) > ktime_to_ns(devip->create_ts)) {
7789 diff_ns = ktime_to_ns(ktime_sub(now_ts, devip->create_ts));
7790 if (diff_ns >= ((u64)sdeb_tur_ms_to_ready * 1000000)) {
7791 /* tur_ms_to_ready timer extinguished */
7792 atomic_set(&devip->stopped, 0);
7796 mk_sense_buffer(scp, NOT_READY, LOGICAL_UNIT_NOT_READY, 0x1);
7798 sdev_printk(KERN_INFO, sdp,
7799 "%s: Not ready: in process of becoming ready\n", my_name);
7800 if (scp->cmnd[0] == TEST_UNIT_READY) {
7801 u64 tur_nanosecs_to_ready = (u64)sdeb_tur_ms_to_ready * 1000000;
7803 if (diff_ns <= tur_nanosecs_to_ready)
7804 diff_ns = tur_nanosecs_to_ready - diff_ns;
7806 diff_ns = tur_nanosecs_to_ready;
7807 /* As per 20-061r2 approved for spc6 by T10 on 20200716 */
7808 do_div(diff_ns, 1000000); /* diff_ns becomes milliseconds */
7809 scsi_set_sense_information(scp->sense_buffer, SCSI_SENSE_BUFFERSIZE,
7811 return check_condition_result;
7814 mk_sense_buffer(scp, NOT_READY, LOGICAL_UNIT_NOT_READY, 0x2);
7816 sdev_printk(KERN_INFO, sdp, "%s: Not ready: initializing command required\n",
7818 return check_condition_result;
7821 static void sdebug_map_queues(struct Scsi_Host *shost)
7825 if (shost->nr_hw_queues == 1)
7828 for (i = 0, qoff = 0; i < HCTX_MAX_TYPES; i++) {
7829 struct blk_mq_queue_map *map = &shost->tag_set.map[i];
7833 if (i == HCTX_TYPE_DEFAULT)
7834 map->nr_queues = submit_queues - poll_queues;
7835 else if (i == HCTX_TYPE_POLL)
7836 map->nr_queues = poll_queues;
7838 if (!map->nr_queues) {
7839 BUG_ON(i == HCTX_TYPE_DEFAULT);
7843 map->queue_offset = qoff;
7844 blk_mq_map_queues(map);
7846 qoff += map->nr_queues;
7850 struct sdebug_blk_mq_poll_data {
7851 unsigned int queue_num;
7856 * We don't handle aborted commands here, but it does not seem possible to have
7857 * aborted polled commands from schedule_resp()
7859 static bool sdebug_blk_mq_poll_iter(struct request *rq, void *opaque)
7861 struct sdebug_blk_mq_poll_data *data = opaque;
7862 struct scsi_cmnd *cmd = blk_mq_rq_to_pdu(rq);
7863 struct sdebug_scsi_cmd *sdsc = scsi_cmd_priv(cmd);
7864 struct sdebug_defer *sd_dp;
7865 u32 unique_tag = blk_mq_unique_tag(rq);
7866 u16 hwq = blk_mq_unique_tag_to_hwq(unique_tag);
7867 struct sdebug_queued_cmd *sqcp;
7868 unsigned long flags;
7869 int queue_num = data->queue_num;
7872 /* We're only interested in one queue for this iteration */
7873 if (hwq != queue_num)
7876 /* Subsequent checks would fail if this failed, but check anyway */
7877 if (!test_bit(SCMD_STATE_INFLIGHT, &cmd->state))
7880 time = ktime_get_boottime();
7882 spin_lock_irqsave(&sdsc->lock, flags);
7883 sqcp = TO_QUEUED_CMD(cmd);
7885 spin_unlock_irqrestore(&sdsc->lock, flags);
7889 sd_dp = &sqcp->sd_dp;
7890 if (READ_ONCE(sd_dp->defer_t) != SDEB_DEFER_POLL) {
7891 spin_unlock_irqrestore(&sdsc->lock, flags);
7895 if (time < sd_dp->cmpl_ts) {
7896 spin_unlock_irqrestore(&sdsc->lock, flags);
7900 ASSIGN_QUEUED_CMD(cmd, NULL);
7901 spin_unlock_irqrestore(&sdsc->lock, flags);
7903 if (sdebug_statistics) {
7904 atomic_inc(&sdebug_completions);
7905 if (raw_smp_processor_id() != sd_dp->issuing_cpu)
7906 atomic_inc(&sdebug_miss_cpus);
7909 sdebug_free_queued_cmd(sqcp);
7911 scsi_done(cmd); /* callback to mid level */
7912 (*data->num_entries)++;
7916 static int sdebug_blk_mq_poll(struct Scsi_Host *shost, unsigned int queue_num)
7918 int num_entries = 0;
7919 struct sdebug_blk_mq_poll_data data = {
7920 .queue_num = queue_num,
7921 .num_entries = &num_entries,
7924 blk_mq_tagset_busy_iter(&shost->tag_set, sdebug_blk_mq_poll_iter,
7927 if (num_entries > 0)
7928 atomic_add(num_entries, &sdeb_mq_poll_count);
7932 static int sdebug_timeout_cmd(struct scsi_cmnd *cmnd)
7934 struct scsi_device *sdp = cmnd->device;
7935 struct sdebug_dev_info *devip = (struct sdebug_dev_info *)sdp->hostdata;
7936 struct sdebug_err_inject *err;
7937 unsigned char *cmd = cmnd->cmnd;
7944 list_for_each_entry_rcu(err, &devip->inject_err_list, list) {
7945 if (err->type == ERR_TMOUT_CMD &&
7946 (err->cmd == cmd[0] || err->cmd == 0xff)) {
7960 static int sdebug_fail_queue_cmd(struct scsi_cmnd *cmnd)
7962 struct scsi_device *sdp = cmnd->device;
7963 struct sdebug_dev_info *devip = (struct sdebug_dev_info *)sdp->hostdata;
7964 struct sdebug_err_inject *err;
7965 unsigned char *cmd = cmnd->cmnd;
7972 list_for_each_entry_rcu(err, &devip->inject_err_list, list) {
7973 if (err->type == ERR_FAIL_QUEUE_CMD &&
7974 (err->cmd == cmd[0] || err->cmd == 0xff)) {
7975 ret = err->cnt ? err->queuecmd_ret : 0;
7988 static int sdebug_fail_cmd(struct scsi_cmnd *cmnd, int *retval,
7989 struct sdebug_err_inject *info)
7991 struct scsi_device *sdp = cmnd->device;
7992 struct sdebug_dev_info *devip = (struct sdebug_dev_info *)sdp->hostdata;
7993 struct sdebug_err_inject *err;
7994 unsigned char *cmd = cmnd->cmnd;
8002 list_for_each_entry_rcu(err, &devip->inject_err_list, list) {
8003 if (err->type == ERR_FAIL_CMD &&
8004 (err->cmd == cmd[0] || err->cmd == 0xff)) {
8022 mk_sense_buffer(cmnd, err->sense_key, err->asc, err->asq);
8023 result = err->status_byte | err->host_byte << 16 | err->driver_byte << 24;
8025 *retval = schedule_resp(cmnd, devip, result, NULL, 0, 0);
8030 static int scsi_debug_queuecommand(struct Scsi_Host *shost,
8031 struct scsi_cmnd *scp)
8034 struct scsi_device *sdp = scp->device;
8035 const struct opcode_info_t *oip;
8036 const struct opcode_info_t *r_oip;
8037 struct sdebug_dev_info *devip;
8038 u8 *cmd = scp->cmnd;
8039 int (*r_pfp)(struct scsi_cmnd *, struct sdebug_dev_info *);
8040 int (*pfp)(struct scsi_cmnd *, struct sdebug_dev_info *) = NULL;
8043 u64 lun_index = sdp->lun & 0x3FFF;
8050 struct sdebug_err_inject err;
8052 scsi_set_resid(scp, 0);
8053 if (sdebug_statistics) {
8054 atomic_inc(&sdebug_cmnd_count);
8055 inject_now = inject_on_this_cmd();
8059 if (unlikely(sdebug_verbose &&
8060 !(SDEBUG_OPT_NO_CDB_NOISE & sdebug_opts))) {
8065 sb = (int)sizeof(b);
8067 strcpy(b, "too long, over 32 bytes");
8069 for (k = 0, n = 0; k < len && n < sb; ++k)
8070 n += scnprintf(b + n, sb - n, "%02x ",
8073 sdev_printk(KERN_INFO, sdp, "%s: tag=%#x, cmd %s\n", my_name,
8074 blk_mq_unique_tag(scsi_cmd_to_rq(scp)), b);
8076 if (unlikely(inject_now && (sdebug_opts & SDEBUG_OPT_HOST_BUSY)))
8077 return SCSI_MLQUEUE_HOST_BUSY;
8078 has_wlun_rl = (sdp->lun == SCSI_W_LUN_REPORT_LUNS);
8079 if (unlikely(lun_index >= sdebug_max_luns && !has_wlun_rl))
8082 sdeb_i = opcode_ind_arr[opcode]; /* fully mapped */
8083 oip = &opcode_info_arr[sdeb_i]; /* safe if table consistent */
8084 devip = (struct sdebug_dev_info *)sdp->hostdata;
8085 if (unlikely(!devip)) {
8086 devip = find_build_dev_info(sdp);
8091 if (sdebug_timeout_cmd(scp)) {
8092 scmd_printk(KERN_INFO, scp, "timeout command 0x%x\n", opcode);
8096 ret = sdebug_fail_queue_cmd(scp);
8098 scmd_printk(KERN_INFO, scp, "fail queue command 0x%x with 0x%x\n",
8103 if (sdebug_fail_cmd(scp, &ret, &err)) {
8104 scmd_printk(KERN_INFO, scp,
8105 "fail command 0x%x with hostbyte=0x%x, "
8106 "driverbyte=0x%x, statusbyte=0x%x, "
8107 "sense_key=0x%x, asc=0x%x, asq=0x%x\n",
8108 opcode, err.host_byte, err.driver_byte,
8109 err.status_byte, err.sense_key, err.asc, err.asq);
8113 if (unlikely(inject_now && !atomic_read(&sdeb_inject_pending)))
8114 atomic_set(&sdeb_inject_pending, 1);
8116 na = oip->num_attached;
8118 if (na) { /* multiple commands with this opcode */
8120 if (FF_SA & r_oip->flags) {
8121 if (F_SA_LOW & oip->flags)
8124 sa = get_unaligned_be16(cmd + 8);
8125 for (k = 0; k <= na; oip = r_oip->arrp + k++) {
8126 if (opcode == oip->opcode && sa == oip->sa)
8129 } else { /* since no service action only check opcode */
8130 for (k = 0; k <= na; oip = r_oip->arrp + k++) {
8131 if (opcode == oip->opcode)
8136 if (F_SA_LOW & r_oip->flags)
8137 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 1, 4);
8138 else if (F_SA_HIGH & r_oip->flags)
8139 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 8, 7);
8141 mk_sense_invalid_opcode(scp);
8144 } /* else (when na==0) we assume the oip is a match */
8146 if (unlikely(F_INV_OP & flags)) {
8147 mk_sense_invalid_opcode(scp);
8150 if (unlikely(has_wlun_rl && !(F_RL_WLUN_OK & flags))) {
8152 sdev_printk(KERN_INFO, sdp, "%s: Opcode 0x%x not%s\n",
8153 my_name, opcode, " supported for wlun");
8154 mk_sense_invalid_opcode(scp);
8157 if (unlikely(sdebug_strict)) { /* check cdb against mask */
8161 for (k = 1; k < oip->len_mask[0] && k < 16; ++k) {
8162 rem = ~oip->len_mask[k] & cmd[k];
8164 for (j = 7; j >= 0; --j, rem <<= 1) {
8168 mk_sense_invalid_fld(scp, SDEB_IN_CDB, k, j);
8173 if (unlikely(!(F_SKIP_UA & flags) &&
8174 find_first_bit(devip->uas_bm,
8175 SDEBUG_NUM_UAS) != SDEBUG_NUM_UAS)) {
8176 errsts = make_ua(scp, devip);
8180 if (unlikely(((F_M_ACCESS & flags) || scp->cmnd[0] == TEST_UNIT_READY) &&
8181 atomic_read(&devip->stopped))) {
8182 errsts = resp_not_ready(scp, devip);
8186 if (sdebug_fake_rw && (F_FAKE_RW & flags))
8188 if (unlikely(sdebug_every_nth)) {
8189 if (fake_timeout(scp))
8190 return 0; /* ignore command: make trouble */
8192 if (likely(oip->pfp))
8193 pfp = oip->pfp; /* calls a resp_* function */
8195 pfp = r_pfp; /* if leaf function ptr NULL, try the root's */
8198 if (F_DELAY_OVERR & flags) /* cmds like INQUIRY respond asap */
8199 return schedule_resp(scp, devip, errsts, pfp, 0, 0);
8200 else if ((flags & F_LONG_DELAY) && (sdebug_jdelay > 0 ||
8201 sdebug_ndelay > 10000)) {
8203 * Skip long delays if ndelay <= 10 microseconds. Otherwise
8204 * for Start Stop Unit (SSU) want at least 1 second delay and
8205 * if sdebug_jdelay>1 want a long delay of that many seconds.
8206 * For Synchronize Cache want 1/20 of SSU's delay.
8208 int jdelay = (sdebug_jdelay < 2) ? 1 : sdebug_jdelay;
8209 int denom = (flags & F_SYNC_DELAY) ? 20 : 1;
8211 jdelay = mult_frac(USER_HZ * jdelay, HZ, denom * USER_HZ);
8212 return schedule_resp(scp, devip, errsts, pfp, jdelay, 0);
8214 return schedule_resp(scp, devip, errsts, pfp, sdebug_jdelay,
8217 return schedule_resp(scp, devip, check_condition_result, NULL, 0, 0);
8219 return schedule_resp(scp, NULL, DID_NO_CONNECT << 16, NULL, 0, 0);
8222 static int sdebug_init_cmd_priv(struct Scsi_Host *shost, struct scsi_cmnd *cmd)
8224 struct sdebug_scsi_cmd *sdsc = scsi_cmd_priv(cmd);
8226 spin_lock_init(&sdsc->lock);
8231 static struct scsi_host_template sdebug_driver_template = {
8232 .show_info = scsi_debug_show_info,
8233 .write_info = scsi_debug_write_info,
8234 .proc_name = sdebug_proc_name,
8235 .name = "SCSI DEBUG",
8236 .info = scsi_debug_info,
8237 .slave_alloc = scsi_debug_slave_alloc,
8238 .slave_configure = scsi_debug_slave_configure,
8239 .slave_destroy = scsi_debug_slave_destroy,
8240 .ioctl = scsi_debug_ioctl,
8241 .queuecommand = scsi_debug_queuecommand,
8242 .change_queue_depth = sdebug_change_qdepth,
8243 .map_queues = sdebug_map_queues,
8244 .mq_poll = sdebug_blk_mq_poll,
8245 .eh_abort_handler = scsi_debug_abort,
8246 .eh_device_reset_handler = scsi_debug_device_reset,
8247 .eh_target_reset_handler = scsi_debug_target_reset,
8248 .eh_bus_reset_handler = scsi_debug_bus_reset,
8249 .eh_host_reset_handler = scsi_debug_host_reset,
8250 .can_queue = SDEBUG_CANQUEUE,
8252 .sg_tablesize = SG_MAX_SEGMENTS,
8253 .cmd_per_lun = DEF_CMD_PER_LUN,
8255 .max_segment_size = -1U,
8256 .module = THIS_MODULE,
8257 .track_queue_depth = 1,
8258 .cmd_size = sizeof(struct sdebug_scsi_cmd),
8259 .init_cmd_priv = sdebug_init_cmd_priv,
8260 .target_alloc = sdebug_target_alloc,
8261 .target_destroy = sdebug_target_destroy,
8264 static int sdebug_driver_probe(struct device *dev)
8267 struct sdebug_host_info *sdbg_host;
8268 struct Scsi_Host *hpnt;
8271 sdbg_host = dev_to_sdebug_host(dev);
8273 sdebug_driver_template.can_queue = sdebug_max_queue;
8274 sdebug_driver_template.cmd_per_lun = sdebug_max_queue;
8275 if (!sdebug_clustering)
8276 sdebug_driver_template.dma_boundary = PAGE_SIZE - 1;
8278 hpnt = scsi_host_alloc(&sdebug_driver_template, 0);
8280 pr_err("scsi_host_alloc failed\n");
8284 if (submit_queues > nr_cpu_ids) {
8285 pr_warn("%s: trim submit_queues (was %d) to nr_cpu_ids=%u\n",
8286 my_name, submit_queues, nr_cpu_ids);
8287 submit_queues = nr_cpu_ids;
8290 * Decide whether to tell scsi subsystem that we want mq. The
8291 * following should give the same answer for each host.
8293 hpnt->nr_hw_queues = submit_queues;
8294 if (sdebug_host_max_queue)
8295 hpnt->host_tagset = 1;
8297 /* poll queues are possible for nr_hw_queues > 1 */
8298 if (hpnt->nr_hw_queues == 1 || (poll_queues < 1)) {
8299 pr_warn("%s: trim poll_queues to 0. poll_q/nr_hw = (%d/%d)\n",
8300 my_name, poll_queues, hpnt->nr_hw_queues);
8305 * Poll queues don't need interrupts, but we need at least one I/O queue
8306 * left over for non-polled I/O.
8307 * If condition not met, trim poll_queues to 1 (just for simplicity).
8309 if (poll_queues >= submit_queues) {
8310 if (submit_queues < 3)
8311 pr_warn("%s: trim poll_queues to 1\n", my_name);
8313 pr_warn("%s: trim poll_queues to 1. Perhaps try poll_queues=%d\n",
8314 my_name, submit_queues - 1);
8320 sdbg_host->shost = hpnt;
8321 if ((hpnt->this_id >= 0) && (sdebug_num_tgts > hpnt->this_id))
8322 hpnt->max_id = sdebug_num_tgts + 1;
8324 hpnt->max_id = sdebug_num_tgts;
8325 /* = sdebug_max_luns; */
8326 hpnt->max_lun = SCSI_W_LUN_REPORT_LUNS + 1;
8330 switch (sdebug_dif) {
8332 case T10_PI_TYPE1_PROTECTION:
8333 hprot = SHOST_DIF_TYPE1_PROTECTION;
8335 hprot |= SHOST_DIX_TYPE1_PROTECTION;
8338 case T10_PI_TYPE2_PROTECTION:
8339 hprot = SHOST_DIF_TYPE2_PROTECTION;
8341 hprot |= SHOST_DIX_TYPE2_PROTECTION;
8344 case T10_PI_TYPE3_PROTECTION:
8345 hprot = SHOST_DIF_TYPE3_PROTECTION;
8347 hprot |= SHOST_DIX_TYPE3_PROTECTION;
8352 hprot |= SHOST_DIX_TYPE0_PROTECTION;
8356 scsi_host_set_prot(hpnt, hprot);
8358 if (have_dif_prot || sdebug_dix)
8359 pr_info("host protection%s%s%s%s%s%s%s\n",
8360 (hprot & SHOST_DIF_TYPE1_PROTECTION) ? " DIF1" : "",
8361 (hprot & SHOST_DIF_TYPE2_PROTECTION) ? " DIF2" : "",
8362 (hprot & SHOST_DIF_TYPE3_PROTECTION) ? " DIF3" : "",
8363 (hprot & SHOST_DIX_TYPE0_PROTECTION) ? " DIX0" : "",
8364 (hprot & SHOST_DIX_TYPE1_PROTECTION) ? " DIX1" : "",
8365 (hprot & SHOST_DIX_TYPE2_PROTECTION) ? " DIX2" : "",
8366 (hprot & SHOST_DIX_TYPE3_PROTECTION) ? " DIX3" : "");
8368 if (sdebug_guard == 1)
8369 scsi_host_set_guard(hpnt, SHOST_DIX_GUARD_IP);
8371 scsi_host_set_guard(hpnt, SHOST_DIX_GUARD_CRC);
8373 sdebug_verbose = !!(SDEBUG_OPT_NOISE & sdebug_opts);
8374 sdebug_any_injecting_opt = !!(SDEBUG_OPT_ALL_INJECTING & sdebug_opts);
8375 if (sdebug_every_nth) /* need stats counters for every_nth */
8376 sdebug_statistics = true;
8377 error = scsi_add_host(hpnt, &sdbg_host->dev);
8379 pr_err("scsi_add_host failed\n");
8381 scsi_host_put(hpnt);
8383 scsi_scan_host(hpnt);
8389 static void sdebug_driver_remove(struct device *dev)
8391 struct sdebug_host_info *sdbg_host;
8392 struct sdebug_dev_info *sdbg_devinfo, *tmp;
8394 sdbg_host = dev_to_sdebug_host(dev);
8396 scsi_remove_host(sdbg_host->shost);
8398 list_for_each_entry_safe(sdbg_devinfo, tmp, &sdbg_host->dev_info_list,
8400 list_del(&sdbg_devinfo->dev_list);
8401 kfree(sdbg_devinfo->zstate);
8402 kfree(sdbg_devinfo);
8405 scsi_host_put(sdbg_host->shost);
8408 static const struct bus_type pseudo_lld_bus = {
8410 .probe = sdebug_driver_probe,
8411 .remove = sdebug_driver_remove,
8412 .drv_groups = sdebug_drv_groups,
git.samba.org / sfrench / cifs-2.6.git / blob