2 * vvvvvvvvvvvvvvvvvvvvvvv Original vvvvvvvvvvvvvvvvvvvvvvvvvvvvvvv
3 * Copyright (C) 1992 Eric Youngdale
4 * Simulate a host adapter with 2 disks attached. Do a lot of checking
5 * to make sure that we are not getting blocks mixed up, and PANIC if
6 * anything out of the ordinary is seen.
7 * ^^^^^^^^^^^^^^^^^^^^^^^ Original ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
9 * Copyright (C) 2001 - 2016 Douglas Gilbert
11 * This program is free software; you can redistribute it and/or modify
12 * it under the terms of the GNU General Public License as published by
13 * the Free Software Foundation; either version 2, or (at your option)
16 * For documentation see http://sg.danny.cz/sg/sdebug26.html
21 #define pr_fmt(fmt) KBUILD_MODNAME ":%s: " fmt, __func__
23 #include <linux/module.h>
25 #include <linux/kernel.h>
26 #include <linux/errno.h>
27 #include <linux/jiffies.h>
28 #include <linux/slab.h>
29 #include <linux/types.h>
30 #include <linux/string.h>
31 #include <linux/genhd.h>
33 #include <linux/init.h>
34 #include <linux/proc_fs.h>
35 #include <linux/vmalloc.h>
36 #include <linux/moduleparam.h>
37 #include <linux/scatterlist.h>
38 #include <linux/blkdev.h>
39 #include <linux/crc-t10dif.h>
40 #include <linux/spinlock.h>
41 #include <linux/interrupt.h>
42 #include <linux/atomic.h>
43 #include <linux/hrtimer.h>
44 #include <linux/uuid.h>
45 #include <linux/t10-pi.h>
47 #include <net/checksum.h>
49 #include <asm/unaligned.h>
51 #include <scsi/scsi.h>
52 #include <scsi/scsi_cmnd.h>
53 #include <scsi/scsi_device.h>
54 #include <scsi/scsi_host.h>
55 #include <scsi/scsicam.h>
56 #include <scsi/scsi_eh.h>
57 #include <scsi/scsi_tcq.h>
58 #include <scsi/scsi_dbg.h>
61 #include "scsi_logging.h"
63 /* make sure inq_product_rev string corresponds to this version */
64 #define SDEBUG_VERSION "1.86"
65 static const char *sdebug_version_date = "20160430";
67 #define MY_NAME "scsi_debug"
69 /* Additional Sense Code (ASC) */
70 #define NO_ADDITIONAL_SENSE 0x0
71 #define LOGICAL_UNIT_NOT_READY 0x4
72 #define LOGICAL_UNIT_COMMUNICATION_FAILURE 0x8
73 #define UNRECOVERED_READ_ERR 0x11
74 #define PARAMETER_LIST_LENGTH_ERR 0x1a
75 #define INVALID_OPCODE 0x20
76 #define LBA_OUT_OF_RANGE 0x21
77 #define INVALID_FIELD_IN_CDB 0x24
78 #define INVALID_FIELD_IN_PARAM_LIST 0x26
79 #define UA_RESET_ASC 0x29
80 #define UA_CHANGED_ASC 0x2a
81 #define TARGET_CHANGED_ASC 0x3f
82 #define LUNS_CHANGED_ASCQ 0x0e
83 #define INSUFF_RES_ASC 0x55
84 #define INSUFF_RES_ASCQ 0x3
85 #define POWER_ON_RESET_ASCQ 0x0
86 #define BUS_RESET_ASCQ 0x2 /* scsi bus reset occurred */
87 #define MODE_CHANGED_ASCQ 0x1 /* mode parameters changed */
88 #define CAPACITY_CHANGED_ASCQ 0x9
89 #define SAVING_PARAMS_UNSUP 0x39
90 #define TRANSPORT_PROBLEM 0x4b
91 #define THRESHOLD_EXCEEDED 0x5d
92 #define LOW_POWER_COND_ON 0x5e
93 #define MISCOMPARE_VERIFY_ASC 0x1d
94 #define MICROCODE_CHANGED_ASCQ 0x1 /* with TARGET_CHANGED_ASC */
95 #define MICROCODE_CHANGED_WO_RESET_ASCQ 0x16
97 /* Additional Sense Code Qualifier (ASCQ) */
98 #define ACK_NAK_TO 0x3
100 /* Default values for driver parameters */
101 #define DEF_NUM_HOST 1
102 #define DEF_NUM_TGTS 1
103 #define DEF_MAX_LUNS 1
104 /* With these defaults, this driver will make 1 host with 1 target
105 * (id 0) containing 1 logical unit (lun 0). That is 1 device.
108 #define DEF_JDELAY 1 /* if > 0 unit is a jiffy */
109 #define DEF_DEV_SIZE_MB 8
112 #define DEF_D_SENSE 0
113 #define DEF_EVERY_NTH 0
114 #define DEF_FAKE_RW 0
116 #define DEF_HOST_LOCK 0
119 #define DEF_LBPWS10 0
121 #define DEF_LOWEST_ALIGNED 0
122 #define DEF_NDELAY 0 /* if > 0 unit is a nanosecond */
123 #define DEF_NO_LUN_0 0
124 #define DEF_NUM_PARTS 0
126 #define DEF_OPT_BLKS 1024
127 #define DEF_PHYSBLK_EXP 0
128 #define DEF_OPT_XFERLEN_EXP 0
129 #define DEF_PTYPE TYPE_DISK
130 #define DEF_REMOVABLE false
131 #define DEF_SCSI_LEVEL 7 /* INQUIRY, byte2 [6->SPC-4; 7->SPC-5] */
132 #define DEF_SECTOR_SIZE 512
133 #define DEF_UNMAP_ALIGNMENT 0
134 #define DEF_UNMAP_GRANULARITY 1
135 #define DEF_UNMAP_MAX_BLOCKS 0xFFFFFFFF
136 #define DEF_UNMAP_MAX_DESC 256
137 #define DEF_VIRTUAL_GB 0
138 #define DEF_VPD_USE_HOSTNO 1
139 #define DEF_WRITESAME_LENGTH 0xFFFF
141 #define DEF_STATISTICS false
142 #define DEF_SUBMIT_QUEUES 1
143 #define DEF_UUID_CTL 0
144 #define JDELAY_OVERRIDDEN -9999
146 #define SDEBUG_LUN_0_VAL 0
148 /* bit mask values for sdebug_opts */
149 #define SDEBUG_OPT_NOISE 1
150 #define SDEBUG_OPT_MEDIUM_ERR 2
151 #define SDEBUG_OPT_TIMEOUT 4
152 #define SDEBUG_OPT_RECOVERED_ERR 8
153 #define SDEBUG_OPT_TRANSPORT_ERR 16
154 #define SDEBUG_OPT_DIF_ERR 32
155 #define SDEBUG_OPT_DIX_ERR 64
156 #define SDEBUG_OPT_MAC_TIMEOUT 128
157 #define SDEBUG_OPT_SHORT_TRANSFER 0x100
158 #define SDEBUG_OPT_Q_NOISE 0x200
159 #define SDEBUG_OPT_ALL_TSF 0x400
160 #define SDEBUG_OPT_RARE_TSF 0x800
161 #define SDEBUG_OPT_N_WCE 0x1000
162 #define SDEBUG_OPT_RESET_NOISE 0x2000
163 #define SDEBUG_OPT_NO_CDB_NOISE 0x4000
164 #define SDEBUG_OPT_ALL_NOISE (SDEBUG_OPT_NOISE | SDEBUG_OPT_Q_NOISE | \
165 SDEBUG_OPT_RESET_NOISE)
166 #define SDEBUG_OPT_ALL_INJECTING (SDEBUG_OPT_RECOVERED_ERR | \
167 SDEBUG_OPT_TRANSPORT_ERR | \
168 SDEBUG_OPT_DIF_ERR | SDEBUG_OPT_DIX_ERR | \
169 SDEBUG_OPT_SHORT_TRANSFER)
170 /* When "every_nth" > 0 then modulo "every_nth" commands:
171 * - a missing response is simulated if SDEBUG_OPT_TIMEOUT is set
172 * - a RECOVERED_ERROR is simulated on successful read and write
173 * commands if SDEBUG_OPT_RECOVERED_ERR is set.
174 * - a TRANSPORT_ERROR is simulated on successful read and write
175 * commands if SDEBUG_OPT_TRANSPORT_ERR is set.
177 * When "every_nth" < 0 then after "- every_nth" commands:
178 * - a missing response is simulated if SDEBUG_OPT_TIMEOUT is set
179 * - a RECOVERED_ERROR is simulated on successful read and write
180 * commands if SDEBUG_OPT_RECOVERED_ERR is set.
181 * - a TRANSPORT_ERROR is simulated on successful read and write
182 * commands if _DEBUG_OPT_TRANSPORT_ERR is set.
183 * This will continue on every subsequent command until some other action
184 * occurs (e.g. the user * writing a new value (other than -1 or 1) to
185 * every_nth via sysfs).
188 /* As indicated in SAM-5 and SPC-4 Unit Attentions (UAs) are returned in
189 * priority order. In the subset implemented here lower numbers have higher
190 * priority. The UA numbers should be a sequence starting from 0 with
191 * SDEBUG_NUM_UAS being 1 higher than the highest numbered UA. */
192 #define SDEBUG_UA_POR 0 /* Power on, reset, or bus device reset */
193 #define SDEBUG_UA_BUS_RESET 1
194 #define SDEBUG_UA_MODE_CHANGED 2
195 #define SDEBUG_UA_CAPACITY_CHANGED 3
196 #define SDEBUG_UA_LUNS_CHANGED 4
197 #define SDEBUG_UA_MICROCODE_CHANGED 5 /* simulate firmware change */
198 #define SDEBUG_UA_MICROCODE_CHANGED_WO_RESET 6
199 #define SDEBUG_NUM_UAS 7
201 /* when 1==SDEBUG_OPT_MEDIUM_ERR, a medium error is simulated at this
202 * sector on read commands: */
203 #define OPT_MEDIUM_ERR_ADDR 0x1234 /* that's sector 4660 in decimal */
204 #define OPT_MEDIUM_ERR_NUM 10 /* number of consecutive medium errs */
206 /* If REPORT LUNS has luns >= 256 it can choose "flat space" (value 1)
207 * or "peripheral device" addressing (value 0) */
208 #define SAM2_LUN_ADDRESS_METHOD 0
210 /* SDEBUG_CANQUEUE is the maximum number of commands that can be queued
211 * (for response) per submit queue at one time. Can be reduced by max_queue
212 * option. Command responses are not queued when jdelay=0 and ndelay=0. The
213 * per-device DEF_CMD_PER_LUN can be changed via sysfs:
214 * /sys/class/scsi_device/<h:c:t:l>/device/queue_depth
215 * but cannot exceed SDEBUG_CANQUEUE .
217 #define SDEBUG_CANQUEUE_WORDS 3 /* a WORD is bits in a long */
218 #define SDEBUG_CANQUEUE (SDEBUG_CANQUEUE_WORDS * BITS_PER_LONG)
219 #define DEF_CMD_PER_LUN 255
223 #define F_D_OUT_MAYBE 4 /* WRITE SAME, NDOB bit */
225 #define F_RL_WLUN_OK 0x10
226 #define F_SKIP_UA 0x20
227 #define F_DELAY_OVERR 0x40
228 #define F_SA_LOW 0x80 /* cdb byte 1, bits 4 to 0 */
229 #define F_SA_HIGH 0x100 /* as used by variable length cdbs */
230 #define F_INV_OP 0x200
231 #define F_FAKE_RW 0x400
232 #define F_M_ACCESS 0x800 /* media access */
234 #define FF_RESPOND (F_RL_WLUN_OK | F_SKIP_UA | F_DELAY_OVERR)
235 #define FF_DIRECT_IO (F_M_ACCESS | F_FAKE_RW)
236 #define FF_SA (F_SA_HIGH | F_SA_LOW)
238 #define SDEBUG_MAX_PARTS 4
240 #define SDEBUG_MAX_CMD_LEN 32
243 struct sdebug_dev_info {
244 struct list_head dev_list;
245 unsigned int channel;
249 struct sdebug_host_info *sdbg_host;
250 unsigned long uas_bm[1];
256 struct sdebug_host_info {
257 struct list_head host_list;
258 struct Scsi_Host *shost;
260 struct list_head dev_info_list;
263 #define to_sdebug_host(d) \
264 container_of(d, struct sdebug_host_info, dev)
266 struct sdebug_defer {
268 struct execute_work ew;
269 int sqa_idx; /* index of sdebug_queue array */
270 int qc_idx; /* index of sdebug_queued_cmd array within sqa_idx */
274 struct sdebug_queued_cmd {
275 /* corresponding bit set in in_use_bm[] in owning struct sdebug_queue
276 * instance indicates this slot is in use.
278 struct sdebug_defer *sd_dp;
279 struct scsi_cmnd *a_cmnd;
280 unsigned int inj_recovered:1;
281 unsigned int inj_transport:1;
282 unsigned int inj_dif:1;
283 unsigned int inj_dix:1;
284 unsigned int inj_short:1;
287 struct sdebug_queue {
288 struct sdebug_queued_cmd qc_arr[SDEBUG_CANQUEUE];
289 unsigned long in_use_bm[SDEBUG_CANQUEUE_WORDS];
291 atomic_t blocked; /* to temporarily stop more being queued */
294 static atomic_t sdebug_cmnd_count; /* number of incoming commands */
295 static atomic_t sdebug_completions; /* count of deferred completions */
296 static atomic_t sdebug_miss_cpus; /* submission + completion cpus differ */
297 static atomic_t sdebug_a_tsf; /* 'almost task set full' counter */
299 struct opcode_info_t {
300 u8 num_attached; /* 0 if this is it (i.e. a leaf); use 0xff */
301 /* for terminating element */
302 u8 opcode; /* if num_attached > 0, preferred */
303 u16 sa; /* service action */
304 u32 flags; /* OR-ed set of SDEB_F_* */
305 int (*pfp)(struct scsi_cmnd *, struct sdebug_dev_info *);
306 const struct opcode_info_t *arrp; /* num_attached elements or NULL */
307 u8 len_mask[16]; /* len=len_mask[0], then mask for cdb[1]... */
308 /* ignore cdb bytes after position 15 */
311 /* SCSI opcodes (first byte of cdb) of interest mapped onto these indexes */
312 enum sdeb_opcode_index {
313 SDEB_I_INVALID_OPCODE = 0,
315 SDEB_I_REPORT_LUNS = 2,
316 SDEB_I_REQUEST_SENSE = 3,
317 SDEB_I_TEST_UNIT_READY = 4,
318 SDEB_I_MODE_SENSE = 5, /* 6, 10 */
319 SDEB_I_MODE_SELECT = 6, /* 6, 10 */
320 SDEB_I_LOG_SENSE = 7,
321 SDEB_I_READ_CAPACITY = 8, /* 10; 16 is in SA_IN(16) */
322 SDEB_I_READ = 9, /* 6, 10, 12, 16 */
323 SDEB_I_WRITE = 10, /* 6, 10, 12, 16 */
324 SDEB_I_START_STOP = 11,
325 SDEB_I_SERV_ACT_IN = 12, /* 12, 16 */
326 SDEB_I_SERV_ACT_OUT = 13, /* 12, 16 */
327 SDEB_I_MAINT_IN = 14,
328 SDEB_I_MAINT_OUT = 15,
329 SDEB_I_VERIFY = 16, /* 10 only */
330 SDEB_I_VARIABLE_LEN = 17,
331 SDEB_I_RESERVE = 18, /* 6, 10 */
332 SDEB_I_RELEASE = 19, /* 6, 10 */
333 SDEB_I_ALLOW_REMOVAL = 20, /* PREVENT ALLOW MEDIUM REMOVAL */
334 SDEB_I_REZERO_UNIT = 21, /* REWIND in SSC */
335 SDEB_I_ATA_PT = 22, /* 12, 16 */
336 SDEB_I_SEND_DIAG = 23,
338 SDEB_I_XDWRITEREAD = 25, /* 10 only */
339 SDEB_I_WRITE_BUFFER = 26,
340 SDEB_I_WRITE_SAME = 27, /* 10, 16 */
341 SDEB_I_SYNC_CACHE = 28, /* 10 only */
342 SDEB_I_COMP_WRITE = 29,
343 SDEB_I_LAST_ELEMENT = 30, /* keep this last */
347 static const unsigned char opcode_ind_arr[256] = {
348 /* 0x0; 0x0->0x1f: 6 byte cdbs */
349 SDEB_I_TEST_UNIT_READY, SDEB_I_REZERO_UNIT, 0, SDEB_I_REQUEST_SENSE,
351 SDEB_I_READ, 0, SDEB_I_WRITE, 0, 0, 0, 0, 0,
352 0, 0, SDEB_I_INQUIRY, 0, 0, SDEB_I_MODE_SELECT, SDEB_I_RESERVE,
354 0, 0, SDEB_I_MODE_SENSE, SDEB_I_START_STOP, 0, SDEB_I_SEND_DIAG,
355 SDEB_I_ALLOW_REMOVAL, 0,
356 /* 0x20; 0x20->0x3f: 10 byte cdbs */
357 0, 0, 0, 0, 0, SDEB_I_READ_CAPACITY, 0, 0,
358 SDEB_I_READ, 0, SDEB_I_WRITE, 0, 0, 0, 0, SDEB_I_VERIFY,
359 0, 0, 0, 0, 0, SDEB_I_SYNC_CACHE, 0, 0,
360 0, 0, 0, SDEB_I_WRITE_BUFFER, 0, 0, 0, 0,
361 /* 0x40; 0x40->0x5f: 10 byte cdbs */
362 0, SDEB_I_WRITE_SAME, SDEB_I_UNMAP, 0, 0, 0, 0, 0,
363 0, 0, 0, 0, 0, SDEB_I_LOG_SENSE, 0, 0,
364 0, 0, 0, SDEB_I_XDWRITEREAD, 0, SDEB_I_MODE_SELECT, SDEB_I_RESERVE,
366 0, 0, SDEB_I_MODE_SENSE, 0, 0, 0, 0, 0,
367 /* 0x60; 0x60->0x7d are reserved, 0x7e is "extended cdb" */
368 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
369 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
370 0, SDEB_I_VARIABLE_LEN,
371 /* 0x80; 0x80->0x9f: 16 byte cdbs */
372 0, 0, 0, 0, 0, SDEB_I_ATA_PT, 0, 0,
373 SDEB_I_READ, SDEB_I_COMP_WRITE, SDEB_I_WRITE, 0, 0, 0, 0, 0,
374 0, 0, 0, SDEB_I_WRITE_SAME, 0, 0, 0, 0,
375 0, 0, 0, 0, 0, 0, SDEB_I_SERV_ACT_IN, SDEB_I_SERV_ACT_OUT,
376 /* 0xa0; 0xa0->0xbf: 12 byte cdbs */
377 SDEB_I_REPORT_LUNS, SDEB_I_ATA_PT, 0, SDEB_I_MAINT_IN,
378 SDEB_I_MAINT_OUT, 0, 0, 0,
379 SDEB_I_READ, SDEB_I_SERV_ACT_OUT, SDEB_I_WRITE, SDEB_I_SERV_ACT_IN,
381 0, 0, 0, 0, 0, 0, 0, 0,
382 0, 0, 0, 0, 0, 0, 0, 0,
383 /* 0xc0; 0xc0->0xff: vendor specific */
384 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
385 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
386 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
387 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
390 static int resp_inquiry(struct scsi_cmnd *, struct sdebug_dev_info *);
391 static int resp_report_luns(struct scsi_cmnd *, struct sdebug_dev_info *);
392 static int resp_requests(struct scsi_cmnd *, struct sdebug_dev_info *);
393 static int resp_mode_sense(struct scsi_cmnd *, struct sdebug_dev_info *);
394 static int resp_mode_select(struct scsi_cmnd *, struct sdebug_dev_info *);
395 static int resp_log_sense(struct scsi_cmnd *, struct sdebug_dev_info *);
396 static int resp_readcap(struct scsi_cmnd *, struct sdebug_dev_info *);
397 static int resp_read_dt0(struct scsi_cmnd *, struct sdebug_dev_info *);
398 static int resp_write_dt0(struct scsi_cmnd *, struct sdebug_dev_info *);
399 static int resp_start_stop(struct scsi_cmnd *, struct sdebug_dev_info *);
400 static int resp_readcap16(struct scsi_cmnd *, struct sdebug_dev_info *);
401 static int resp_get_lba_status(struct scsi_cmnd *, struct sdebug_dev_info *);
402 static int resp_report_tgtpgs(struct scsi_cmnd *, struct sdebug_dev_info *);
403 static int resp_unmap(struct scsi_cmnd *, struct sdebug_dev_info *);
404 static int resp_rsup_opcodes(struct scsi_cmnd *, struct sdebug_dev_info *);
405 static int resp_rsup_tmfs(struct scsi_cmnd *, struct sdebug_dev_info *);
406 static int resp_write_same_10(struct scsi_cmnd *, struct sdebug_dev_info *);
407 static int resp_write_same_16(struct scsi_cmnd *, struct sdebug_dev_info *);
408 static int resp_xdwriteread_10(struct scsi_cmnd *, struct sdebug_dev_info *);
409 static int resp_comp_write(struct scsi_cmnd *, struct sdebug_dev_info *);
410 static int resp_write_buffer(struct scsi_cmnd *, struct sdebug_dev_info *);
412 static const struct opcode_info_t msense_iarr[1] = {
413 {0, 0x1a, 0, F_D_IN, NULL, NULL,
414 {6, 0xe8, 0xff, 0xff, 0xff, 0xc7, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} },
417 static const struct opcode_info_t mselect_iarr[1] = {
418 {0, 0x15, 0, F_D_OUT, NULL, NULL,
419 {6, 0xf1, 0, 0, 0xff, 0xc7, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} },
422 static const struct opcode_info_t read_iarr[3] = {
423 {0, 0x28, 0, F_D_IN | FF_DIRECT_IO, resp_read_dt0, NULL,/* READ(10) */
424 {10, 0xff, 0xff, 0xff, 0xff, 0xff, 0x1f, 0xff, 0xff, 0xc7, 0, 0,
426 {0, 0x8, 0, F_D_IN | FF_DIRECT_IO, resp_read_dt0, NULL, /* READ(6) */
427 {6, 0xff, 0xff, 0xff, 0xff, 0xc7, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} },
428 {0, 0xa8, 0, F_D_IN | FF_DIRECT_IO, resp_read_dt0, NULL,/* READ(12) */
429 {12, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0x9f,
433 static const struct opcode_info_t write_iarr[3] = {
434 {0, 0x2a, 0, F_D_OUT | FF_DIRECT_IO, resp_write_dt0, NULL, /* 10 */
435 {10, 0xfb, 0xff, 0xff, 0xff, 0xff, 0x1f, 0xff, 0xff, 0xc7, 0, 0,
437 {0, 0xa, 0, F_D_OUT | FF_DIRECT_IO, resp_write_dt0, NULL, /* 6 */
438 {6, 0xff, 0xff, 0xff, 0xff, 0xc7, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} },
439 {0, 0xaa, 0, F_D_OUT | FF_DIRECT_IO, resp_write_dt0, NULL, /* 12 */
440 {12, 0xfb, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0x9f,
444 static const struct opcode_info_t sa_in_iarr[1] = {
445 {0, 0x9e, 0x12, F_SA_LOW | F_D_IN, resp_get_lba_status, NULL,
446 {16, 0x12, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
447 0xff, 0xff, 0xff, 0, 0xc7} },
450 static const struct opcode_info_t vl_iarr[1] = { /* VARIABLE LENGTH */
451 {0, 0x7f, 0xb, F_SA_HIGH | F_D_OUT | FF_DIRECT_IO, resp_write_dt0,
452 NULL, {32, 0xc7, 0, 0, 0, 0, 0x1f, 0x18, 0x0, 0xb, 0xfa,
453 0, 0xff, 0xff, 0xff, 0xff} }, /* WRITE(32) */
456 static const struct opcode_info_t maint_in_iarr[2] = {
457 {0, 0xa3, 0xc, F_SA_LOW | F_D_IN, resp_rsup_opcodes, NULL,
458 {12, 0xc, 0x87, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0,
460 {0, 0xa3, 0xd, F_SA_LOW | F_D_IN, resp_rsup_tmfs, NULL,
461 {12, 0xd, 0x80, 0, 0, 0, 0xff, 0xff, 0xff, 0xff, 0, 0xc7, 0, 0,
465 static const struct opcode_info_t write_same_iarr[1] = {
466 {0, 0x93, 0, F_D_OUT_MAYBE | FF_DIRECT_IO, resp_write_same_16, NULL,
467 {16, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
468 0xff, 0xff, 0xff, 0x1f, 0xc7} },
471 static const struct opcode_info_t reserve_iarr[1] = {
472 {0, 0x16, 0, F_D_OUT, NULL, NULL, /* RESERVE(6) */
473 {6, 0x1f, 0xff, 0xff, 0xff, 0xc7, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} },
476 static const struct opcode_info_t release_iarr[1] = {
477 {0, 0x17, 0, F_D_OUT, NULL, NULL, /* RELEASE(6) */
478 {6, 0x1f, 0xff, 0, 0, 0xc7, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} },
482 /* This array is accessed via SDEB_I_* values. Make sure all are mapped,
483 * plus the terminating elements for logic that scans this table such as
484 * REPORT SUPPORTED OPERATION CODES. */
485 static const struct opcode_info_t opcode_info_arr[SDEB_I_LAST_ELEMENT + 1] = {
487 {0, 0, 0, F_INV_OP | FF_RESPOND, NULL, NULL,
488 {0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} },
489 {0, 0x12, 0, FF_RESPOND | F_D_IN, resp_inquiry, NULL,
490 {6, 0xe3, 0xff, 0xff, 0xff, 0xc7, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} },
491 {0, 0xa0, 0, FF_RESPOND | F_D_IN, resp_report_luns, NULL,
492 {12, 0xe3, 0xff, 0, 0, 0, 0xff, 0xff, 0xff, 0xff, 0, 0xc7, 0, 0,
494 {0, 0x3, 0, FF_RESPOND | F_D_IN, resp_requests, NULL,
495 {6, 0xe1, 0, 0, 0xff, 0xc7, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} },
496 {0, 0x0, 0, F_M_ACCESS | F_RL_WLUN_OK, NULL, NULL,/* TEST UNIT READY */
497 {6, 0, 0, 0, 0, 0xc7, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} },
498 {1, 0x5a, 0, F_D_IN, resp_mode_sense, msense_iarr,
499 {10, 0xf8, 0xff, 0xff, 0, 0, 0, 0xff, 0xff, 0xc7, 0, 0, 0, 0, 0,
501 {1, 0x55, 0, F_D_OUT, resp_mode_select, mselect_iarr,
502 {10, 0xf1, 0, 0, 0, 0, 0, 0xff, 0xff, 0xc7, 0, 0, 0, 0, 0, 0} },
503 {0, 0x4d, 0, F_D_IN, resp_log_sense, NULL,
504 {10, 0xe3, 0xff, 0xff, 0, 0xff, 0xff, 0xff, 0xff, 0xc7, 0, 0, 0,
506 {0, 0x25, 0, F_D_IN, resp_readcap, NULL,
507 {10, 0xe1, 0xff, 0xff, 0xff, 0xff, 0, 0, 0x1, 0xc7, 0, 0, 0, 0,
509 {3, 0x88, 0, F_D_IN | FF_DIRECT_IO, resp_read_dt0, read_iarr,
510 {16, 0xfe, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
511 0xff, 0xff, 0xff, 0x9f, 0xc7} }, /* READ(16) */
513 {3, 0x8a, 0, F_D_OUT | FF_DIRECT_IO, resp_write_dt0, write_iarr,
514 {16, 0xfa, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
515 0xff, 0xff, 0xff, 0x9f, 0xc7} }, /* WRITE(16) */
516 {0, 0x1b, 0, 0, resp_start_stop, NULL, /* START STOP UNIT */
517 {6, 0x1, 0, 0xf, 0xf7, 0xc7, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} },
518 {1, 0x9e, 0x10, F_SA_LOW | F_D_IN, resp_readcap16, sa_in_iarr,
519 {16, 0x10, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
520 0xff, 0xff, 0xff, 0x1, 0xc7} }, /* READ CAPACITY(16) */
521 {0, 0, 0, F_INV_OP | FF_RESPOND, NULL, NULL, /* SA OUT */
522 {0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} },
523 {2, 0xa3, 0xa, F_SA_LOW | F_D_IN, resp_report_tgtpgs, maint_in_iarr,
524 {12, 0xea, 0, 0, 0, 0, 0xff, 0xff, 0xff, 0xff, 0, 0xc7, 0, 0, 0,
526 {0, 0, 0, F_INV_OP | FF_RESPOND, NULL, NULL, /* MAINT OUT */
527 {0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} },
528 {0, 0x2f, 0, F_D_OUT_MAYBE | FF_DIRECT_IO, NULL, NULL, /* VERIFY(10) */
529 {10, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xc7,
531 {1, 0x7f, 0x9, F_SA_HIGH | F_D_IN | FF_DIRECT_IO, resp_read_dt0,
532 vl_iarr, {32, 0xc7, 0, 0, 0, 0, 0x1f, 0x18, 0x0, 0x9, 0xfe, 0,
533 0xff, 0xff, 0xff, 0xff} },/* VARIABLE LENGTH, READ(32) */
534 {1, 0x56, 0, F_D_OUT, NULL, reserve_iarr, /* RESERVE(10) */
535 {10, 0xff, 0xff, 0xff, 0, 0, 0, 0xff, 0xff, 0xc7, 0, 0, 0, 0, 0,
537 {1, 0x57, 0, F_D_OUT, NULL, release_iarr, /* RELEASE(10) */
538 {10, 0x13, 0xff, 0xff, 0, 0, 0, 0xff, 0xff, 0xc7, 0, 0, 0, 0, 0,
541 {0, 0x1e, 0, 0, NULL, NULL, /* ALLOW REMOVAL */
542 {6, 0, 0, 0, 0x3, 0xc7, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} },
543 {0, 0x1, 0, 0, resp_start_stop, NULL, /* REWIND ?? */
544 {6, 0x1, 0, 0, 0, 0xc7, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} },
545 {0, 0, 0, F_INV_OP | FF_RESPOND, NULL, NULL, /* ATA_PT */
546 {0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} },
547 {0, 0x1d, F_D_OUT, 0, NULL, NULL, /* SEND DIAGNOSTIC */
548 {6, 0xf7, 0, 0xff, 0xff, 0xc7, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} },
549 {0, 0x42, 0, F_D_OUT | FF_DIRECT_IO, resp_unmap, NULL, /* UNMAP */
550 {10, 0x1, 0, 0, 0, 0, 0x1f, 0xff, 0xff, 0xc7, 0, 0, 0, 0, 0, 0} },
551 {0, 0x53, 0, F_D_IN | F_D_OUT | FF_DIRECT_IO, resp_xdwriteread_10,
552 NULL, {10, 0xff, 0xff, 0xff, 0xff, 0xff, 0x1f, 0xff, 0xff, 0xc7,
554 {0, 0x3b, 0, F_D_OUT_MAYBE, resp_write_buffer, NULL,
555 {10, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xc7, 0, 0,
556 0, 0, 0, 0} }, /* WRITE_BUFFER */
557 {1, 0x41, 0, F_D_OUT_MAYBE | FF_DIRECT_IO, resp_write_same_10,
558 write_same_iarr, {10, 0xff, 0xff, 0xff, 0xff, 0xff, 0x1f, 0xff,
559 0xff, 0xc7, 0, 0, 0, 0, 0, 0} },
560 {0, 0x35, 0, F_DELAY_OVERR | FF_DIRECT_IO, NULL, NULL, /* SYNC_CACHE */
561 {10, 0x7, 0xff, 0xff, 0xff, 0xff, 0x1f, 0xff, 0xff, 0xc7, 0, 0,
563 {0, 0x89, 0, F_D_OUT | FF_DIRECT_IO, resp_comp_write, NULL,
564 {16, 0xf8, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0, 0,
565 0, 0xff, 0x1f, 0xc7} }, /* COMPARE AND WRITE */
568 {0xff, 0, 0, 0, NULL, NULL, /* terminating element */
569 {0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} },
572 static int sdebug_add_host = DEF_NUM_HOST;
573 static int sdebug_ato = DEF_ATO;
574 static int sdebug_jdelay = DEF_JDELAY; /* if > 0 then unit is jiffies */
575 static int sdebug_dev_size_mb = DEF_DEV_SIZE_MB;
576 static int sdebug_dif = DEF_DIF;
577 static int sdebug_dix = DEF_DIX;
578 static int sdebug_dsense = DEF_D_SENSE;
579 static int sdebug_every_nth = DEF_EVERY_NTH;
580 static int sdebug_fake_rw = DEF_FAKE_RW;
581 static unsigned int sdebug_guard = DEF_GUARD;
582 static int sdebug_lowest_aligned = DEF_LOWEST_ALIGNED;
583 static int sdebug_max_luns = DEF_MAX_LUNS;
584 static int sdebug_max_queue = SDEBUG_CANQUEUE; /* per submit queue */
585 static atomic_t retired_max_queue; /* if > 0 then was prior max_queue */
586 static int sdebug_ndelay = DEF_NDELAY; /* if > 0 then unit is nanoseconds */
587 static int sdebug_no_lun_0 = DEF_NO_LUN_0;
588 static int sdebug_no_uld;
589 static int sdebug_num_parts = DEF_NUM_PARTS;
590 static int sdebug_num_tgts = DEF_NUM_TGTS; /* targets per host */
591 static int sdebug_opt_blks = DEF_OPT_BLKS;
592 static int sdebug_opts = DEF_OPTS;
593 static int sdebug_physblk_exp = DEF_PHYSBLK_EXP;
594 static int sdebug_opt_xferlen_exp = DEF_OPT_XFERLEN_EXP;
595 static int sdebug_ptype = DEF_PTYPE; /* SCSI peripheral device type */
596 static int sdebug_scsi_level = DEF_SCSI_LEVEL;
597 static int sdebug_sector_size = DEF_SECTOR_SIZE;
598 static int sdebug_virtual_gb = DEF_VIRTUAL_GB;
599 static int sdebug_vpd_use_hostno = DEF_VPD_USE_HOSTNO;
600 static unsigned int sdebug_lbpu = DEF_LBPU;
601 static unsigned int sdebug_lbpws = DEF_LBPWS;
602 static unsigned int sdebug_lbpws10 = DEF_LBPWS10;
603 static unsigned int sdebug_lbprz = DEF_LBPRZ;
604 static unsigned int sdebug_unmap_alignment = DEF_UNMAP_ALIGNMENT;
605 static unsigned int sdebug_unmap_granularity = DEF_UNMAP_GRANULARITY;
606 static unsigned int sdebug_unmap_max_blocks = DEF_UNMAP_MAX_BLOCKS;
607 static unsigned int sdebug_unmap_max_desc = DEF_UNMAP_MAX_DESC;
608 static unsigned int sdebug_write_same_length = DEF_WRITESAME_LENGTH;
609 static int sdebug_uuid_ctl = DEF_UUID_CTL;
610 static bool sdebug_removable = DEF_REMOVABLE;
611 static bool sdebug_clustering;
612 static bool sdebug_host_lock = DEF_HOST_LOCK;
613 static bool sdebug_strict = DEF_STRICT;
614 static bool sdebug_any_injecting_opt;
615 static bool sdebug_verbose;
616 static bool have_dif_prot;
617 static bool sdebug_statistics = DEF_STATISTICS;
618 static bool sdebug_mq_active;
620 static unsigned int sdebug_store_sectors;
621 static sector_t sdebug_capacity; /* in sectors */
623 /* old BIOS stuff, kernel may get rid of them but some mode sense pages
624 may still need them */
625 static int sdebug_heads; /* heads per disk */
626 static int sdebug_cylinders_per; /* cylinders per surface */
627 static int sdebug_sectors_per; /* sectors per cylinder */
629 static LIST_HEAD(sdebug_host_list);
630 static DEFINE_SPINLOCK(sdebug_host_list_lock);
632 static unsigned char *fake_storep; /* ramdisk storage */
633 static struct t10_pi_tuple *dif_storep; /* protection info */
634 static void *map_storep; /* provisioning map */
636 static unsigned long map_size;
637 static int num_aborts;
638 static int num_dev_resets;
639 static int num_target_resets;
640 static int num_bus_resets;
641 static int num_host_resets;
642 static int dix_writes;
643 static int dix_reads;
644 static int dif_errors;
646 static int submit_queues = DEF_SUBMIT_QUEUES; /* > 1 for multi-queue (mq) */
647 static struct sdebug_queue *sdebug_q_arr; /* ptr to array of submit queues */
649 static DEFINE_RWLOCK(atomic_rw);
651 static char sdebug_proc_name[] = MY_NAME;
652 static const char *my_name = MY_NAME;
654 static struct bus_type pseudo_lld_bus;
656 static struct device_driver sdebug_driverfs_driver = {
657 .name = sdebug_proc_name,
658 .bus = &pseudo_lld_bus,
661 static const int check_condition_result =
662 (DRIVER_SENSE << 24) | SAM_STAT_CHECK_CONDITION;
664 static const int illegal_condition_result =
665 (DRIVER_SENSE << 24) | (DID_ABORT << 16) | SAM_STAT_CHECK_CONDITION;
667 static const int device_qfull_result =
668 (DID_OK << 16) | (COMMAND_COMPLETE << 8) | SAM_STAT_TASK_SET_FULL;
671 /* Only do the extra work involved in logical block provisioning if one or
672 * more of the lbpu, lbpws or lbpws10 parameters are given and we are doing
673 * real reads and writes (i.e. not skipping them for speed).
675 static inline bool scsi_debug_lbp(void)
677 return 0 == sdebug_fake_rw &&
678 (sdebug_lbpu || sdebug_lbpws || sdebug_lbpws10);
681 static void *fake_store(unsigned long long lba)
683 lba = do_div(lba, sdebug_store_sectors);
685 return fake_storep + lba * sdebug_sector_size;
688 static struct t10_pi_tuple *dif_store(sector_t sector)
690 sector = sector_div(sector, sdebug_store_sectors);
692 return dif_storep + sector;
695 static void sdebug_max_tgts_luns(void)
697 struct sdebug_host_info *sdbg_host;
698 struct Scsi_Host *hpnt;
700 spin_lock(&sdebug_host_list_lock);
701 list_for_each_entry(sdbg_host, &sdebug_host_list, host_list) {
702 hpnt = sdbg_host->shost;
703 if ((hpnt->this_id >= 0) &&
704 (sdebug_num_tgts > hpnt->this_id))
705 hpnt->max_id = sdebug_num_tgts + 1;
707 hpnt->max_id = sdebug_num_tgts;
708 /* sdebug_max_luns; */
709 hpnt->max_lun = SCSI_W_LUN_REPORT_LUNS + 1;
711 spin_unlock(&sdebug_host_list_lock);
714 enum sdeb_cmd_data {SDEB_IN_DATA = 0, SDEB_IN_CDB = 1};
716 /* Set in_bit to -1 to indicate no bit position of invalid field */
717 static void mk_sense_invalid_fld(struct scsi_cmnd *scp,
718 enum sdeb_cmd_data c_d,
719 int in_byte, int in_bit)
721 unsigned char *sbuff;
725 sbuff = scp->sense_buffer;
727 sdev_printk(KERN_ERR, scp->device,
728 "%s: sense_buffer is NULL\n", __func__);
731 asc = c_d ? INVALID_FIELD_IN_CDB : INVALID_FIELD_IN_PARAM_LIST;
732 memset(sbuff, 0, SCSI_SENSE_BUFFERSIZE);
733 scsi_build_sense_buffer(sdebug_dsense, sbuff, ILLEGAL_REQUEST, asc, 0);
734 memset(sks, 0, sizeof(sks));
740 sks[0] |= 0x7 & in_bit;
742 put_unaligned_be16(in_byte, sks + 1);
748 memcpy(sbuff + sl + 4, sks, 3);
750 memcpy(sbuff + 15, sks, 3);
752 sdev_printk(KERN_INFO, scp->device, "%s: [sense_key,asc,ascq"
753 "]: [0x5,0x%x,0x0] %c byte=%d, bit=%d\n",
754 my_name, asc, c_d ? 'C' : 'D', in_byte, in_bit);
757 static void mk_sense_buffer(struct scsi_cmnd *scp, int key, int asc, int asq)
759 unsigned char *sbuff;
761 sbuff = scp->sense_buffer;
763 sdev_printk(KERN_ERR, scp->device,
764 "%s: sense_buffer is NULL\n", __func__);
767 memset(sbuff, 0, SCSI_SENSE_BUFFERSIZE);
769 scsi_build_sense_buffer(sdebug_dsense, sbuff, key, asc, asq);
772 sdev_printk(KERN_INFO, scp->device,
773 "%s: [sense_key,asc,ascq]: [0x%x,0x%x,0x%x]\n",
774 my_name, key, asc, asq);
777 static void mk_sense_invalid_opcode(struct scsi_cmnd *scp)
779 mk_sense_buffer(scp, ILLEGAL_REQUEST, INVALID_OPCODE, 0);
782 static int scsi_debug_ioctl(struct scsi_device *dev, int cmd, void __user *arg)
784 if (sdebug_verbose) {
786 sdev_printk(KERN_INFO, dev,
787 "%s: BLKFLSBUF [0x1261]\n", __func__);
788 else if (0x5331 == cmd)
789 sdev_printk(KERN_INFO, dev,
790 "%s: CDROM_GET_CAPABILITY [0x5331]\n",
793 sdev_printk(KERN_INFO, dev, "%s: cmd=0x%x\n",
797 /* return -ENOTTY; // correct return but upsets fdisk */
800 static void clear_luns_changed_on_target(struct sdebug_dev_info *devip)
802 struct sdebug_host_info *sdhp;
803 struct sdebug_dev_info *dp;
805 spin_lock(&sdebug_host_list_lock);
806 list_for_each_entry(sdhp, &sdebug_host_list, host_list) {
807 list_for_each_entry(dp, &sdhp->dev_info_list, dev_list) {
808 if ((devip->sdbg_host == dp->sdbg_host) &&
809 (devip->target == dp->target))
810 clear_bit(SDEBUG_UA_LUNS_CHANGED, dp->uas_bm);
813 spin_unlock(&sdebug_host_list_lock);
816 static int make_ua(struct scsi_cmnd *scp, struct sdebug_dev_info *devip)
820 k = find_first_bit(devip->uas_bm, SDEBUG_NUM_UAS);
821 if (k != SDEBUG_NUM_UAS) {
822 const char *cp = NULL;
826 mk_sense_buffer(scp, UNIT_ATTENTION, UA_RESET_ASC,
827 POWER_ON_RESET_ASCQ);
829 cp = "power on reset";
831 case SDEBUG_UA_BUS_RESET:
832 mk_sense_buffer(scp, UNIT_ATTENTION, UA_RESET_ASC,
837 case SDEBUG_UA_MODE_CHANGED:
838 mk_sense_buffer(scp, UNIT_ATTENTION, UA_CHANGED_ASC,
841 cp = "mode parameters changed";
843 case SDEBUG_UA_CAPACITY_CHANGED:
844 mk_sense_buffer(scp, UNIT_ATTENTION, UA_CHANGED_ASC,
845 CAPACITY_CHANGED_ASCQ);
847 cp = "capacity data changed";
849 case SDEBUG_UA_MICROCODE_CHANGED:
850 mk_sense_buffer(scp, UNIT_ATTENTION,
852 MICROCODE_CHANGED_ASCQ);
854 cp = "microcode has been changed";
856 case SDEBUG_UA_MICROCODE_CHANGED_WO_RESET:
857 mk_sense_buffer(scp, UNIT_ATTENTION,
859 MICROCODE_CHANGED_WO_RESET_ASCQ);
861 cp = "microcode has been changed without reset";
863 case SDEBUG_UA_LUNS_CHANGED:
865 * SPC-3 behavior is to report a UNIT ATTENTION with
866 * ASC/ASCQ REPORTED LUNS DATA HAS CHANGED on every LUN
867 * on the target, until a REPORT LUNS command is
868 * received. SPC-4 behavior is to report it only once.
869 * NOTE: sdebug_scsi_level does not use the same
870 * values as struct scsi_device->scsi_level.
872 if (sdebug_scsi_level >= 6) /* SPC-4 and above */
873 clear_luns_changed_on_target(devip);
874 mk_sense_buffer(scp, UNIT_ATTENTION,
878 cp = "reported luns data has changed";
881 pr_warn("unexpected unit attention code=%d\n", k);
886 clear_bit(k, devip->uas_bm);
888 sdev_printk(KERN_INFO, scp->device,
889 "%s reports: Unit attention: %s\n",
891 return check_condition_result;
896 /* Build SCSI "data-in" buffer. Returns 0 if ok else (DID_ERROR << 16). */
897 static int fill_from_dev_buffer(struct scsi_cmnd *scp, unsigned char *arr,
901 struct scsi_data_buffer *sdb = scsi_in(scp);
905 if (!(scsi_bidi_cmnd(scp) || scp->sc_data_direction == DMA_FROM_DEVICE))
906 return DID_ERROR << 16;
908 act_len = sg_copy_from_buffer(sdb->table.sgl, sdb->table.nents,
910 sdb->resid = scsi_bufflen(scp) - act_len;
915 /* Partial build of SCSI "data-in" buffer. Returns 0 if ok else
916 * (DID_ERROR << 16). Can write to offset in data-in buffer. If multiple
917 * calls, not required to write in ascending offset order. Assumes resid
918 * set to scsi_bufflen() prior to any calls.
920 static int p_fill_from_dev_buffer(struct scsi_cmnd *scp, const void *arr,
921 int arr_len, unsigned int off_dst)
924 struct scsi_data_buffer *sdb = scsi_in(scp);
925 off_t skip = off_dst;
927 if (sdb->length <= off_dst)
929 if (!(scsi_bidi_cmnd(scp) || scp->sc_data_direction == DMA_FROM_DEVICE))
930 return DID_ERROR << 16;
932 act_len = sg_pcopy_from_buffer(sdb->table.sgl, sdb->table.nents,
934 pr_debug("%s: off_dst=%u, scsi_bufflen=%u, act_len=%u, resid=%d\n",
935 __func__, off_dst, scsi_bufflen(scp), act_len, sdb->resid);
936 n = (int)scsi_bufflen(scp) - ((int)off_dst + act_len);
937 sdb->resid = min(sdb->resid, n);
941 /* Fetches from SCSI "data-out" buffer. Returns number of bytes fetched into
942 * 'arr' or -1 if error.
944 static int fetch_to_dev_buffer(struct scsi_cmnd *scp, unsigned char *arr,
947 if (!scsi_bufflen(scp))
949 if (!(scsi_bidi_cmnd(scp) || scp->sc_data_direction == DMA_TO_DEVICE))
952 return scsi_sg_copy_to_buffer(scp, arr, arr_len);
956 static const char * inq_vendor_id = "Linux ";
957 static const char * inq_product_id = "scsi_debug ";
958 static const char *inq_product_rev = "0186"; /* version less '.' */
959 /* Use some locally assigned NAAs for SAS addresses. */
960 static const u64 naa3_comp_a = 0x3222222000000000ULL;
961 static const u64 naa3_comp_b = 0x3333333000000000ULL;
962 static const u64 naa3_comp_c = 0x3111111000000000ULL;
964 /* Device identification VPD page. Returns number of bytes placed in arr */
965 static int inquiry_vpd_83(unsigned char *arr, int port_group_id,
966 int target_dev_id, int dev_id_num,
967 const char *dev_id_str, int dev_id_str_len,
968 const uuid_be *lu_name)
973 port_a = target_dev_id + 1;
974 /* T10 vendor identifier field format (faked) */
975 arr[0] = 0x2; /* ASCII */
978 memcpy(&arr[4], inq_vendor_id, 8);
979 memcpy(&arr[12], inq_product_id, 16);
980 memcpy(&arr[28], dev_id_str, dev_id_str_len);
981 num = 8 + 16 + dev_id_str_len;
984 if (dev_id_num >= 0) {
985 if (sdebug_uuid_ctl) {
986 /* Locally assigned UUID */
987 arr[num++] = 0x1; /* binary (not necessarily sas) */
988 arr[num++] = 0xa; /* PIV=0, lu, naa */
991 arr[num++] = 0x10; /* uuid type=1, locally assigned */
993 memcpy(arr + num, lu_name, 16);
996 /* NAA-3, Logical unit identifier (binary) */
997 arr[num++] = 0x1; /* binary (not necessarily sas) */
998 arr[num++] = 0x3; /* PIV=0, lu, naa */
1001 put_unaligned_be64(naa3_comp_b + dev_id_num, arr + num);
1004 /* Target relative port number */
1005 arr[num++] = 0x61; /* proto=sas, binary */
1006 arr[num++] = 0x94; /* PIV=1, target port, rel port */
1007 arr[num++] = 0x0; /* reserved */
1008 arr[num++] = 0x4; /* length */
1009 arr[num++] = 0x0; /* reserved */
1010 arr[num++] = 0x0; /* reserved */
1012 arr[num++] = 0x1; /* relative port A */
1014 /* NAA-3, Target port identifier */
1015 arr[num++] = 0x61; /* proto=sas, binary */
1016 arr[num++] = 0x93; /* piv=1, target port, naa */
1019 put_unaligned_be64(naa3_comp_a + port_a, arr + num);
1021 /* NAA-3, Target port group identifier */
1022 arr[num++] = 0x61; /* proto=sas, binary */
1023 arr[num++] = 0x95; /* piv=1, target port group id */
1028 put_unaligned_be16(port_group_id, arr + num);
1030 /* NAA-3, Target device identifier */
1031 arr[num++] = 0x61; /* proto=sas, binary */
1032 arr[num++] = 0xa3; /* piv=1, target device, naa */
1035 put_unaligned_be64(naa3_comp_a + target_dev_id, arr + num);
1037 /* SCSI name string: Target device identifier */
1038 arr[num++] = 0x63; /* proto=sas, UTF-8 */
1039 arr[num++] = 0xa8; /* piv=1, target device, SCSI name string */
1042 memcpy(arr + num, "naa.32222220", 12);
1044 snprintf(b, sizeof(b), "%08X", target_dev_id);
1045 memcpy(arr + num, b, 8);
1047 memset(arr + num, 0, 4);
1052 static unsigned char vpd84_data[] = {
1053 /* from 4th byte */ 0x22,0x22,0x22,0x0,0xbb,0x0,
1054 0x22,0x22,0x22,0x0,0xbb,0x1,
1055 0x22,0x22,0x22,0x0,0xbb,0x2,
1058 /* Software interface identification VPD page */
1059 static int inquiry_vpd_84(unsigned char *arr)
1061 memcpy(arr, vpd84_data, sizeof(vpd84_data));
1062 return sizeof(vpd84_data);
1065 /* Management network addresses VPD page */
1066 static int inquiry_vpd_85(unsigned char *arr)
1069 const char * na1 = "https://www.kernel.org/config";
1070 const char * na2 = "http://www.kernel.org/log";
1073 arr[num++] = 0x1; /* lu, storage config */
1074 arr[num++] = 0x0; /* reserved */
1079 plen = ((plen / 4) + 1) * 4;
1080 arr[num++] = plen; /* length, null termianted, padded */
1081 memcpy(arr + num, na1, olen);
1082 memset(arr + num + olen, 0, plen - olen);
1085 arr[num++] = 0x4; /* lu, logging */
1086 arr[num++] = 0x0; /* reserved */
1091 plen = ((plen / 4) + 1) * 4;
1092 arr[num++] = plen; /* length, null terminated, padded */
1093 memcpy(arr + num, na2, olen);
1094 memset(arr + num + olen, 0, plen - olen);
1100 /* SCSI ports VPD page */
1101 static int inquiry_vpd_88(unsigned char *arr, int target_dev_id)
1106 port_a = target_dev_id + 1;
1107 port_b = port_a + 1;
1108 arr[num++] = 0x0; /* reserved */
1109 arr[num++] = 0x0; /* reserved */
1111 arr[num++] = 0x1; /* relative port 1 (primary) */
1112 memset(arr + num, 0, 6);
1115 arr[num++] = 12; /* length tp descriptor */
1116 /* naa-5 target port identifier (A) */
1117 arr[num++] = 0x61; /* proto=sas, binary */
1118 arr[num++] = 0x93; /* PIV=1, target port, NAA */
1119 arr[num++] = 0x0; /* reserved */
1120 arr[num++] = 0x8; /* length */
1121 put_unaligned_be64(naa3_comp_a + port_a, arr + num);
1123 arr[num++] = 0x0; /* reserved */
1124 arr[num++] = 0x0; /* reserved */
1126 arr[num++] = 0x2; /* relative port 2 (secondary) */
1127 memset(arr + num, 0, 6);
1130 arr[num++] = 12; /* length tp descriptor */
1131 /* naa-5 target port identifier (B) */
1132 arr[num++] = 0x61; /* proto=sas, binary */
1133 arr[num++] = 0x93; /* PIV=1, target port, NAA */
1134 arr[num++] = 0x0; /* reserved */
1135 arr[num++] = 0x8; /* length */
1136 put_unaligned_be64(naa3_comp_a + port_b, arr + num);
1143 static unsigned char vpd89_data[] = {
1144 /* from 4th byte */ 0,0,0,0,
1145 'l','i','n','u','x',' ',' ',' ',
1146 'S','A','T',' ','s','c','s','i','_','d','e','b','u','g',' ',' ',
1148 0x34,0,0,0,1,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,
1150 0x5a,0xc,0xff,0x3f,0x37,0xc8,0x10,0,0,0,0,0,0x3f,0,0,0,
1151 0,0,0,0,0x58,0x58,0x58,0x58,0x58,0x58,0x58,0x58,0x20,0x20,0x20,0x20,
1152 0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,0,0,0,0x40,0x4,0,0x2e,0x33,
1153 0x38,0x31,0x20,0x20,0x20,0x20,0x54,0x53,0x38,0x33,0x30,0x30,0x33,0x31,
1155 0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,
1157 0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,
1159 0,0,0,0x2f,0,0,0,0x2,0,0x2,0x7,0,0xff,0xff,0x1,0,
1160 0x3f,0,0xc1,0xff,0x3e,0,0x10,0x1,0xb0,0xf8,0x50,0x9,0,0,0x7,0,
1161 0x3,0,0x78,0,0x78,0,0xf0,0,0x78,0,0,0,0,0,0,0,
1162 0,0,0,0,0,0,0,0,0x2,0,0,0,0,0,0,0,
1163 0x7e,0,0x1b,0,0x6b,0x34,0x1,0x7d,0x3,0x40,0x69,0x34,0x1,0x3c,0x3,0x40,
1164 0x7f,0x40,0,0,0,0,0xfe,0xfe,0,0,0,0,0,0xfe,0,0,
1165 0,0,0,0,0,0,0,0,0xb0,0xf8,0x50,0x9,0,0,0,0,
1166 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
1167 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
1168 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
1169 0x1,0,0xb0,0xf8,0x50,0x9,0xb0,0xf8,0x50,0x9,0x20,0x20,0x2,0,0xb6,0x42,
1170 0,0x80,0x8a,0,0x6,0x3c,0xa,0x3c,0xff,0xff,0xc6,0x7,0,0x1,0,0x8,
1171 0xf0,0xf,0,0x10,0x2,0,0x30,0,0,0,0,0,0,0,0x6,0xfe,
1172 0,0,0x2,0,0x50,0,0x8a,0,0x4f,0x95,0,0,0x21,0,0xb,0,
1173 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
1174 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
1175 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
1176 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
1177 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
1178 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
1179 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
1180 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
1181 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
1182 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
1183 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
1184 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0xa5,0x51,
1187 /* ATA Information VPD page */
1188 static int inquiry_vpd_89(unsigned char *arr)
1190 memcpy(arr, vpd89_data, sizeof(vpd89_data));
1191 return sizeof(vpd89_data);
1195 static unsigned char vpdb0_data[] = {
1196 /* from 4th byte */ 0,0,0,4, 0,0,0x4,0, 0,0,0,64,
1197 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
1198 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
1199 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
1202 /* Block limits VPD page (SBC-3) */
1203 static int inquiry_vpd_b0(unsigned char *arr)
1207 memcpy(arr, vpdb0_data, sizeof(vpdb0_data));
1209 /* Optimal transfer length granularity */
1210 if (sdebug_opt_xferlen_exp != 0 &&
1211 sdebug_physblk_exp < sdebug_opt_xferlen_exp)
1212 gran = 1 << sdebug_opt_xferlen_exp;
1214 gran = 1 << sdebug_physblk_exp;
1215 put_unaligned_be16(gran, arr + 2);
1217 /* Maximum Transfer Length */
1218 if (sdebug_store_sectors > 0x400)
1219 put_unaligned_be32(sdebug_store_sectors, arr + 4);
1221 /* Optimal Transfer Length */
1222 put_unaligned_be32(sdebug_opt_blks, &arr[8]);
1225 /* Maximum Unmap LBA Count */
1226 put_unaligned_be32(sdebug_unmap_max_blocks, &arr[16]);
1228 /* Maximum Unmap Block Descriptor Count */
1229 put_unaligned_be32(sdebug_unmap_max_desc, &arr[20]);
1232 /* Unmap Granularity Alignment */
1233 if (sdebug_unmap_alignment) {
1234 put_unaligned_be32(sdebug_unmap_alignment, &arr[28]);
1235 arr[28] |= 0x80; /* UGAVALID */
1238 /* Optimal Unmap Granularity */
1239 put_unaligned_be32(sdebug_unmap_granularity, &arr[24]);
1241 /* Maximum WRITE SAME Length */
1242 put_unaligned_be64(sdebug_write_same_length, &arr[32]);
1244 return 0x3c; /* Mandatory page length for Logical Block Provisioning */
1246 return sizeof(vpdb0_data);
1249 /* Block device characteristics VPD page (SBC-3) */
1250 static int inquiry_vpd_b1(unsigned char *arr)
1252 memset(arr, 0, 0x3c);
1254 arr[1] = 1; /* non rotating medium (e.g. solid state) */
1256 arr[3] = 5; /* less than 1.8" */
1261 /* Logical block provisioning VPD page (SBC-4) */
1262 static int inquiry_vpd_b2(unsigned char *arr)
1264 memset(arr, 0, 0x4);
1265 arr[0] = 0; /* threshold exponent */
1272 if (sdebug_lbprz && scsi_debug_lbp())
1273 arr[1] |= (sdebug_lbprz & 0x7) << 2; /* sbc4r07 and later */
1274 /* anc_sup=0; dp=0 (no provisioning group descriptor) */
1275 /* minimum_percentage=0; provisioning_type=0 (unknown) */
1276 /* threshold_percentage=0 */
1280 #define SDEBUG_LONG_INQ_SZ 96
1281 #define SDEBUG_MAX_INQ_ARR_SZ 584
1283 static int resp_inquiry(struct scsi_cmnd *scp, struct sdebug_dev_info *devip)
1285 unsigned char pq_pdt;
1286 unsigned char * arr;
1287 unsigned char *cmd = scp->cmnd;
1288 int alloc_len, n, ret;
1289 bool have_wlun, is_disk;
1291 alloc_len = get_unaligned_be16(cmd + 3);
1292 arr = kzalloc(SDEBUG_MAX_INQ_ARR_SZ, GFP_ATOMIC);
1294 return DID_REQUEUE << 16;
1295 is_disk = (sdebug_ptype == TYPE_DISK);
1296 have_wlun = scsi_is_wlun(scp->device->lun);
1298 pq_pdt = TYPE_WLUN; /* present, wlun */
1299 else if (sdebug_no_lun_0 && (devip->lun == SDEBUG_LUN_0_VAL))
1300 pq_pdt = 0x7f; /* not present, PQ=3, PDT=0x1f */
1302 pq_pdt = (sdebug_ptype & 0x1f);
1304 if (0x2 & cmd[1]) { /* CMDDT bit set */
1305 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 1, 1);
1307 return check_condition_result;
1308 } else if (0x1 & cmd[1]) { /* EVPD bit set */
1309 int lu_id_num, port_group_id, target_dev_id, len;
1311 int host_no = devip->sdbg_host->shost->host_no;
1313 port_group_id = (((host_no + 1) & 0x7f) << 8) +
1314 (devip->channel & 0x7f);
1315 if (sdebug_vpd_use_hostno == 0)
1317 lu_id_num = have_wlun ? -1 : (((host_no + 1) * 2000) +
1318 (devip->target * 1000) + devip->lun);
1319 target_dev_id = ((host_no + 1) * 2000) +
1320 (devip->target * 1000) - 3;
1321 len = scnprintf(lu_id_str, 6, "%d", lu_id_num);
1322 if (0 == cmd[2]) { /* supported vital product data pages */
1323 arr[1] = cmd[2]; /*sanity */
1325 arr[n++] = 0x0; /* this page */
1326 arr[n++] = 0x80; /* unit serial number */
1327 arr[n++] = 0x83; /* device identification */
1328 arr[n++] = 0x84; /* software interface ident. */
1329 arr[n++] = 0x85; /* management network addresses */
1330 arr[n++] = 0x86; /* extended inquiry */
1331 arr[n++] = 0x87; /* mode page policy */
1332 arr[n++] = 0x88; /* SCSI ports */
1333 if (is_disk) { /* SBC only */
1334 arr[n++] = 0x89; /* ATA information */
1335 arr[n++] = 0xb0; /* Block limits */
1336 arr[n++] = 0xb1; /* Block characteristics */
1337 arr[n++] = 0xb2; /* Logical Block Prov */
1339 arr[3] = n - 4; /* number of supported VPD pages */
1340 } else if (0x80 == cmd[2]) { /* unit serial number */
1341 arr[1] = cmd[2]; /*sanity */
1343 memcpy(&arr[4], lu_id_str, len);
1344 } else if (0x83 == cmd[2]) { /* device identification */
1345 arr[1] = cmd[2]; /*sanity */
1346 arr[3] = inquiry_vpd_83(&arr[4], port_group_id,
1347 target_dev_id, lu_id_num,
1350 } else if (0x84 == cmd[2]) { /* Software interface ident. */
1351 arr[1] = cmd[2]; /*sanity */
1352 arr[3] = inquiry_vpd_84(&arr[4]);
1353 } else if (0x85 == cmd[2]) { /* Management network addresses */
1354 arr[1] = cmd[2]; /*sanity */
1355 arr[3] = inquiry_vpd_85(&arr[4]);
1356 } else if (0x86 == cmd[2]) { /* extended inquiry */
1357 arr[1] = cmd[2]; /*sanity */
1358 arr[3] = 0x3c; /* number of following entries */
1359 if (sdebug_dif == T10_PI_TYPE3_PROTECTION)
1360 arr[4] = 0x4; /* SPT: GRD_CHK:1 */
1361 else if (have_dif_prot)
1362 arr[4] = 0x5; /* SPT: GRD_CHK:1, REF_CHK:1 */
1364 arr[4] = 0x0; /* no protection stuff */
1365 arr[5] = 0x7; /* head of q, ordered + simple q's */
1366 } else if (0x87 == cmd[2]) { /* mode page policy */
1367 arr[1] = cmd[2]; /*sanity */
1368 arr[3] = 0x8; /* number of following entries */
1369 arr[4] = 0x2; /* disconnect-reconnect mp */
1370 arr[6] = 0x80; /* mlus, shared */
1371 arr[8] = 0x18; /* protocol specific lu */
1372 arr[10] = 0x82; /* mlus, per initiator port */
1373 } else if (0x88 == cmd[2]) { /* SCSI Ports */
1374 arr[1] = cmd[2]; /*sanity */
1375 arr[3] = inquiry_vpd_88(&arr[4], target_dev_id);
1376 } else if (is_disk && 0x89 == cmd[2]) { /* ATA information */
1377 arr[1] = cmd[2]; /*sanity */
1378 n = inquiry_vpd_89(&arr[4]);
1379 put_unaligned_be16(n, arr + 2);
1380 } else if (is_disk && 0xb0 == cmd[2]) { /* Block limits */
1381 arr[1] = cmd[2]; /*sanity */
1382 arr[3] = inquiry_vpd_b0(&arr[4]);
1383 } else if (is_disk && 0xb1 == cmd[2]) { /* Block char. */
1384 arr[1] = cmd[2]; /*sanity */
1385 arr[3] = inquiry_vpd_b1(&arr[4]);
1386 } else if (is_disk && 0xb2 == cmd[2]) { /* LB Prov. */
1387 arr[1] = cmd[2]; /*sanity */
1388 arr[3] = inquiry_vpd_b2(&arr[4]);
1390 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 2, -1);
1392 return check_condition_result;
1394 len = min(get_unaligned_be16(arr + 2) + 4, alloc_len);
1395 ret = fill_from_dev_buffer(scp, arr,
1396 min(len, SDEBUG_MAX_INQ_ARR_SZ));
1400 /* drops through here for a standard inquiry */
1401 arr[1] = sdebug_removable ? 0x80 : 0; /* Removable disk */
1402 arr[2] = sdebug_scsi_level;
1403 arr[3] = 2; /* response_data_format==2 */
1404 arr[4] = SDEBUG_LONG_INQ_SZ - 5;
1405 arr[5] = (int)have_dif_prot; /* PROTECT bit */
1406 if (sdebug_vpd_use_hostno == 0)
1407 arr[5] |= 0x10; /* claim: implicit TPGS */
1408 arr[6] = 0x10; /* claim: MultiP */
1409 /* arr[6] |= 0x40; ... claim: EncServ (enclosure services) */
1410 arr[7] = 0xa; /* claim: LINKED + CMDQUE */
1411 memcpy(&arr[8], inq_vendor_id, 8);
1412 memcpy(&arr[16], inq_product_id, 16);
1413 memcpy(&arr[32], inq_product_rev, 4);
1414 /* version descriptors (2 bytes each) follow */
1415 put_unaligned_be16(0xc0, arr + 58); /* SAM-6 no version claimed */
1416 put_unaligned_be16(0x5c0, arr + 60); /* SPC-5 no version claimed */
1418 if (is_disk) { /* SBC-4 no version claimed */
1419 put_unaligned_be16(0x600, arr + n);
1421 } else if (sdebug_ptype == TYPE_TAPE) { /* SSC-4 rev 3 */
1422 put_unaligned_be16(0x525, arr + n);
1425 put_unaligned_be16(0x2100, arr + n); /* SPL-4 no version claimed */
1426 ret = fill_from_dev_buffer(scp, arr,
1427 min(alloc_len, SDEBUG_LONG_INQ_SZ));
1432 static unsigned char iec_m_pg[] = {0x1c, 0xa, 0x08, 0, 0, 0, 0, 0,
1435 static int resp_requests(struct scsi_cmnd * scp,
1436 struct sdebug_dev_info * devip)
1438 unsigned char * sbuff;
1439 unsigned char *cmd = scp->cmnd;
1440 unsigned char arr[SCSI_SENSE_BUFFERSIZE];
1444 memset(arr, 0, sizeof(arr));
1445 dsense = !!(cmd[1] & 1);
1446 sbuff = scp->sense_buffer;
1447 if ((iec_m_pg[2] & 0x4) && (6 == (iec_m_pg[3] & 0xf))) {
1450 arr[1] = 0x0; /* NO_SENSE in sense_key */
1451 arr[2] = THRESHOLD_EXCEEDED;
1452 arr[3] = 0xff; /* TEST set and MRIE==6 */
1456 arr[2] = 0x0; /* NO_SENSE in sense_key */
1457 arr[7] = 0xa; /* 18 byte sense buffer */
1458 arr[12] = THRESHOLD_EXCEEDED;
1459 arr[13] = 0xff; /* TEST set and MRIE==6 */
1462 memcpy(arr, sbuff, SCSI_SENSE_BUFFERSIZE);
1463 if (arr[0] >= 0x70 && dsense == sdebug_dsense)
1464 ; /* have sense and formats match */
1465 else if (arr[0] <= 0x70) {
1475 } else if (dsense) {
1478 arr[1] = sbuff[2]; /* sense key */
1479 arr[2] = sbuff[12]; /* asc */
1480 arr[3] = sbuff[13]; /* ascq */
1492 mk_sense_buffer(scp, 0, NO_ADDITIONAL_SENSE, 0);
1493 return fill_from_dev_buffer(scp, arr, len);
1496 static int resp_start_stop(struct scsi_cmnd * scp,
1497 struct sdebug_dev_info * devip)
1499 unsigned char *cmd = scp->cmnd;
1500 int power_cond, stop;
1502 power_cond = (cmd[4] & 0xf0) >> 4;
1504 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 4, 7);
1505 return check_condition_result;
1507 stop = !(cmd[4] & 1);
1508 atomic_xchg(&devip->stopped, stop);
1512 static sector_t get_sdebug_capacity(void)
1514 static const unsigned int gibibyte = 1073741824;
1516 if (sdebug_virtual_gb > 0)
1517 return (sector_t)sdebug_virtual_gb *
1518 (gibibyte / sdebug_sector_size);
1520 return sdebug_store_sectors;
1523 #define SDEBUG_READCAP_ARR_SZ 8
1524 static int resp_readcap(struct scsi_cmnd * scp,
1525 struct sdebug_dev_info * devip)
1527 unsigned char arr[SDEBUG_READCAP_ARR_SZ];
1530 /* following just in case virtual_gb changed */
1531 sdebug_capacity = get_sdebug_capacity();
1532 memset(arr, 0, SDEBUG_READCAP_ARR_SZ);
1533 if (sdebug_capacity < 0xffffffff) {
1534 capac = (unsigned int)sdebug_capacity - 1;
1535 put_unaligned_be32(capac, arr + 0);
1537 put_unaligned_be32(0xffffffff, arr + 0);
1538 put_unaligned_be16(sdebug_sector_size, arr + 6);
1539 return fill_from_dev_buffer(scp, arr, SDEBUG_READCAP_ARR_SZ);
1542 #define SDEBUG_READCAP16_ARR_SZ 32
1543 static int resp_readcap16(struct scsi_cmnd * scp,
1544 struct sdebug_dev_info * devip)
1546 unsigned char *cmd = scp->cmnd;
1547 unsigned char arr[SDEBUG_READCAP16_ARR_SZ];
1550 alloc_len = get_unaligned_be32(cmd + 10);
1551 /* following just in case virtual_gb changed */
1552 sdebug_capacity = get_sdebug_capacity();
1553 memset(arr, 0, SDEBUG_READCAP16_ARR_SZ);
1554 put_unaligned_be64((u64)(sdebug_capacity - 1), arr + 0);
1555 put_unaligned_be32(sdebug_sector_size, arr + 8);
1556 arr[13] = sdebug_physblk_exp & 0xf;
1557 arr[14] = (sdebug_lowest_aligned >> 8) & 0x3f;
1559 if (scsi_debug_lbp()) {
1560 arr[14] |= 0x80; /* LBPME */
1561 /* from sbc4r07, this LBPRZ field is 1 bit, but the LBPRZ in
1562 * the LB Provisioning VPD page is 3 bits. Note that lbprz=2
1563 * in the wider field maps to 0 in this field.
1565 if (sdebug_lbprz & 1) /* precisely what the draft requires */
1569 arr[15] = sdebug_lowest_aligned & 0xff;
1571 if (have_dif_prot) {
1572 arr[12] = (sdebug_dif - 1) << 1; /* P_TYPE */
1573 arr[12] |= 1; /* PROT_EN */
1576 return fill_from_dev_buffer(scp, arr,
1577 min(alloc_len, SDEBUG_READCAP16_ARR_SZ));
1580 #define SDEBUG_MAX_TGTPGS_ARR_SZ 1412
1582 static int resp_report_tgtpgs(struct scsi_cmnd * scp,
1583 struct sdebug_dev_info * devip)
1585 unsigned char *cmd = scp->cmnd;
1586 unsigned char * arr;
1587 int host_no = devip->sdbg_host->shost->host_no;
1588 int n, ret, alen, rlen;
1589 int port_group_a, port_group_b, port_a, port_b;
1591 alen = get_unaligned_be32(cmd + 6);
1592 arr = kzalloc(SDEBUG_MAX_TGTPGS_ARR_SZ, GFP_ATOMIC);
1594 return DID_REQUEUE << 16;
1596 * EVPD page 0x88 states we have two ports, one
1597 * real and a fake port with no device connected.
1598 * So we create two port groups with one port each
1599 * and set the group with port B to unavailable.
1601 port_a = 0x1; /* relative port A */
1602 port_b = 0x2; /* relative port B */
1603 port_group_a = (((host_no + 1) & 0x7f) << 8) +
1604 (devip->channel & 0x7f);
1605 port_group_b = (((host_no + 1) & 0x7f) << 8) +
1606 (devip->channel & 0x7f) + 0x80;
1609 * The asymmetric access state is cycled according to the host_id.
1612 if (sdebug_vpd_use_hostno == 0) {
1613 arr[n++] = host_no % 3; /* Asymm access state */
1614 arr[n++] = 0x0F; /* claim: all states are supported */
1616 arr[n++] = 0x0; /* Active/Optimized path */
1617 arr[n++] = 0x01; /* only support active/optimized paths */
1619 put_unaligned_be16(port_group_a, arr + n);
1621 arr[n++] = 0; /* Reserved */
1622 arr[n++] = 0; /* Status code */
1623 arr[n++] = 0; /* Vendor unique */
1624 arr[n++] = 0x1; /* One port per group */
1625 arr[n++] = 0; /* Reserved */
1626 arr[n++] = 0; /* Reserved */
1627 put_unaligned_be16(port_a, arr + n);
1629 arr[n++] = 3; /* Port unavailable */
1630 arr[n++] = 0x08; /* claim: only unavailalbe paths are supported */
1631 put_unaligned_be16(port_group_b, arr + n);
1633 arr[n++] = 0; /* Reserved */
1634 arr[n++] = 0; /* Status code */
1635 arr[n++] = 0; /* Vendor unique */
1636 arr[n++] = 0x1; /* One port per group */
1637 arr[n++] = 0; /* Reserved */
1638 arr[n++] = 0; /* Reserved */
1639 put_unaligned_be16(port_b, arr + n);
1643 put_unaligned_be32(rlen, arr + 0);
1646 * Return the smallest value of either
1647 * - The allocated length
1648 * - The constructed command length
1649 * - The maximum array size
1652 ret = fill_from_dev_buffer(scp, arr,
1653 min(rlen, SDEBUG_MAX_TGTPGS_ARR_SZ));
1658 static int resp_rsup_opcodes(struct scsi_cmnd *scp,
1659 struct sdebug_dev_info *devip)
1662 u8 reporting_opts, req_opcode, sdeb_i, supp;
1664 u32 alloc_len, a_len;
1665 int k, offset, len, errsts, count, bump, na;
1666 const struct opcode_info_t *oip;
1667 const struct opcode_info_t *r_oip;
1669 u8 *cmd = scp->cmnd;
1671 rctd = !!(cmd[2] & 0x80);
1672 reporting_opts = cmd[2] & 0x7;
1673 req_opcode = cmd[3];
1674 req_sa = get_unaligned_be16(cmd + 4);
1675 alloc_len = get_unaligned_be32(cmd + 6);
1676 if (alloc_len < 4 || alloc_len > 0xffff) {
1677 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 6, -1);
1678 return check_condition_result;
1680 if (alloc_len > 8192)
1684 arr = kzalloc((a_len < 256) ? 320 : a_len + 64, GFP_ATOMIC);
1686 mk_sense_buffer(scp, ILLEGAL_REQUEST, INSUFF_RES_ASC,
1688 return check_condition_result;
1690 switch (reporting_opts) {
1691 case 0: /* all commands */
1692 /* count number of commands */
1693 for (count = 0, oip = opcode_info_arr;
1694 oip->num_attached != 0xff; ++oip) {
1695 if (F_INV_OP & oip->flags)
1697 count += (oip->num_attached + 1);
1699 bump = rctd ? 20 : 8;
1700 put_unaligned_be32(count * bump, arr);
1701 for (offset = 4, oip = opcode_info_arr;
1702 oip->num_attached != 0xff && offset < a_len; ++oip) {
1703 if (F_INV_OP & oip->flags)
1705 na = oip->num_attached;
1706 arr[offset] = oip->opcode;
1707 put_unaligned_be16(oip->sa, arr + offset + 2);
1709 arr[offset + 5] |= 0x2;
1710 if (FF_SA & oip->flags)
1711 arr[offset + 5] |= 0x1;
1712 put_unaligned_be16(oip->len_mask[0], arr + offset + 6);
1714 put_unaligned_be16(0xa, arr + offset + 8);
1716 for (k = 0, oip = oip->arrp; k < na; ++k, ++oip) {
1717 if (F_INV_OP & oip->flags)
1720 arr[offset] = oip->opcode;
1721 put_unaligned_be16(oip->sa, arr + offset + 2);
1723 arr[offset + 5] |= 0x2;
1724 if (FF_SA & oip->flags)
1725 arr[offset + 5] |= 0x1;
1726 put_unaligned_be16(oip->len_mask[0],
1729 put_unaligned_be16(0xa,
1736 case 1: /* one command: opcode only */
1737 case 2: /* one command: opcode plus service action */
1738 case 3: /* one command: if sa==0 then opcode only else opcode+sa */
1739 sdeb_i = opcode_ind_arr[req_opcode];
1740 oip = &opcode_info_arr[sdeb_i];
1741 if (F_INV_OP & oip->flags) {
1745 if (1 == reporting_opts) {
1746 if (FF_SA & oip->flags) {
1747 mk_sense_invalid_fld(scp, SDEB_IN_CDB,
1750 return check_condition_result;
1753 } else if (2 == reporting_opts &&
1754 0 == (FF_SA & oip->flags)) {
1755 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 4, -1);
1756 kfree(arr); /* point at requested sa */
1757 return check_condition_result;
1759 if (0 == (FF_SA & oip->flags) &&
1760 req_opcode == oip->opcode)
1762 else if (0 == (FF_SA & oip->flags)) {
1763 na = oip->num_attached;
1764 for (k = 0, oip = oip->arrp; k < na;
1766 if (req_opcode == oip->opcode)
1769 supp = (k >= na) ? 1 : 3;
1770 } else if (req_sa != oip->sa) {
1771 na = oip->num_attached;
1772 for (k = 0, oip = oip->arrp; k < na;
1774 if (req_sa == oip->sa)
1777 supp = (k >= na) ? 1 : 3;
1781 u = oip->len_mask[0];
1782 put_unaligned_be16(u, arr + 2);
1783 arr[4] = oip->opcode;
1784 for (k = 1; k < u; ++k)
1785 arr[4 + k] = (k < 16) ?
1786 oip->len_mask[k] : 0xff;
1791 arr[1] = (rctd ? 0x80 : 0) | supp;
1793 put_unaligned_be16(0xa, arr + offset);
1798 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 2, 2);
1800 return check_condition_result;
1802 offset = (offset < a_len) ? offset : a_len;
1803 len = (offset < alloc_len) ? offset : alloc_len;
1804 errsts = fill_from_dev_buffer(scp, arr, len);
1809 static int resp_rsup_tmfs(struct scsi_cmnd *scp,
1810 struct sdebug_dev_info *devip)
1815 u8 *cmd = scp->cmnd;
1817 memset(arr, 0, sizeof(arr));
1818 repd = !!(cmd[2] & 0x80);
1819 alloc_len = get_unaligned_be32(cmd + 6);
1820 if (alloc_len < 4) {
1821 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 6, -1);
1822 return check_condition_result;
1824 arr[0] = 0xc8; /* ATS | ATSS | LURS */
1825 arr[1] = 0x1; /* ITNRS */
1832 len = (len < alloc_len) ? len : alloc_len;
1833 return fill_from_dev_buffer(scp, arr, len);
1836 /* <<Following mode page info copied from ST318451LW>> */
1838 static int resp_err_recov_pg(unsigned char * p, int pcontrol, int target)
1839 { /* Read-Write Error Recovery page for mode_sense */
1840 unsigned char err_recov_pg[] = {0x1, 0xa, 0xc0, 11, 240, 0, 0, 0,
1843 memcpy(p, err_recov_pg, sizeof(err_recov_pg));
1845 memset(p + 2, 0, sizeof(err_recov_pg) - 2);
1846 return sizeof(err_recov_pg);
1849 static int resp_disconnect_pg(unsigned char * p, int pcontrol, int target)
1850 { /* Disconnect-Reconnect page for mode_sense */
1851 unsigned char disconnect_pg[] = {0x2, 0xe, 128, 128, 0, 10, 0, 0,
1852 0, 0, 0, 0, 0, 0, 0, 0};
1854 memcpy(p, disconnect_pg, sizeof(disconnect_pg));
1856 memset(p + 2, 0, sizeof(disconnect_pg) - 2);
1857 return sizeof(disconnect_pg);
1860 static int resp_format_pg(unsigned char * p, int pcontrol, int target)
1861 { /* Format device page for mode_sense */
1862 unsigned char format_pg[] = {0x3, 0x16, 0, 0, 0, 0, 0, 0,
1863 0, 0, 0, 0, 0, 0, 0, 0,
1864 0, 0, 0, 0, 0x40, 0, 0, 0};
1866 memcpy(p, format_pg, sizeof(format_pg));
1867 put_unaligned_be16(sdebug_sectors_per, p + 10);
1868 put_unaligned_be16(sdebug_sector_size, p + 12);
1869 if (sdebug_removable)
1870 p[20] |= 0x20; /* should agree with INQUIRY */
1872 memset(p + 2, 0, sizeof(format_pg) - 2);
1873 return sizeof(format_pg);
1876 static unsigned char caching_pg[] = {0x8, 18, 0x14, 0, 0xff, 0xff, 0, 0,
1877 0xff, 0xff, 0xff, 0xff, 0x80, 0x14, 0, 0,
1880 static int resp_caching_pg(unsigned char * p, int pcontrol, int target)
1881 { /* Caching page for mode_sense */
1882 unsigned char ch_caching_pg[] = {/* 0x8, 18, */ 0x4, 0, 0, 0, 0, 0,
1883 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0};
1884 unsigned char d_caching_pg[] = {0x8, 18, 0x14, 0, 0xff, 0xff, 0, 0,
1885 0xff, 0xff, 0xff, 0xff, 0x80, 0x14, 0, 0, 0, 0, 0, 0};
1887 if (SDEBUG_OPT_N_WCE & sdebug_opts)
1888 caching_pg[2] &= ~0x4; /* set WCE=0 (default WCE=1) */
1889 memcpy(p, caching_pg, sizeof(caching_pg));
1891 memcpy(p + 2, ch_caching_pg, sizeof(ch_caching_pg));
1892 else if (2 == pcontrol)
1893 memcpy(p, d_caching_pg, sizeof(d_caching_pg));
1894 return sizeof(caching_pg);
1897 static unsigned char ctrl_m_pg[] = {0xa, 10, 2, 0, 0, 0, 0, 0,
1900 static int resp_ctrl_m_pg(unsigned char * p, int pcontrol, int target)
1901 { /* Control mode page for mode_sense */
1902 unsigned char ch_ctrl_m_pg[] = {/* 0xa, 10, */ 0x6, 0, 0, 0, 0, 0,
1904 unsigned char d_ctrl_m_pg[] = {0xa, 10, 2, 0, 0, 0, 0, 0,
1908 ctrl_m_pg[2] |= 0x4;
1910 ctrl_m_pg[2] &= ~0x4;
1913 ctrl_m_pg[5] |= 0x80; /* ATO=1 */
1915 memcpy(p, ctrl_m_pg, sizeof(ctrl_m_pg));
1917 memcpy(p + 2, ch_ctrl_m_pg, sizeof(ch_ctrl_m_pg));
1918 else if (2 == pcontrol)
1919 memcpy(p, d_ctrl_m_pg, sizeof(d_ctrl_m_pg));
1920 return sizeof(ctrl_m_pg);
1924 static int resp_iec_m_pg(unsigned char * p, int pcontrol, int target)
1925 { /* Informational Exceptions control mode page for mode_sense */
1926 unsigned char ch_iec_m_pg[] = {/* 0x1c, 0xa, */ 0x4, 0xf, 0, 0, 0, 0,
1928 unsigned char d_iec_m_pg[] = {0x1c, 0xa, 0x08, 0, 0, 0, 0, 0,
1931 memcpy(p, iec_m_pg, sizeof(iec_m_pg));
1933 memcpy(p + 2, ch_iec_m_pg, sizeof(ch_iec_m_pg));
1934 else if (2 == pcontrol)
1935 memcpy(p, d_iec_m_pg, sizeof(d_iec_m_pg));
1936 return sizeof(iec_m_pg);
1939 static int resp_sas_sf_m_pg(unsigned char * p, int pcontrol, int target)
1940 { /* SAS SSP mode page - short format for mode_sense */
1941 unsigned char sas_sf_m_pg[] = {0x19, 0x6,
1942 0x6, 0x0, 0x7, 0xd0, 0x0, 0x0};
1944 memcpy(p, sas_sf_m_pg, sizeof(sas_sf_m_pg));
1946 memset(p + 2, 0, sizeof(sas_sf_m_pg) - 2);
1947 return sizeof(sas_sf_m_pg);
1951 static int resp_sas_pcd_m_spg(unsigned char * p, int pcontrol, int target,
1953 { /* SAS phy control and discover mode page for mode_sense */
1954 unsigned char sas_pcd_m_pg[] = {0x59, 0x1, 0, 0x64, 0, 0x6, 0, 2,
1955 0, 0, 0, 0, 0x10, 0x9, 0x8, 0x0,
1956 0, 0, 0, 0, 0, 0, 0, 0, /* insert SAS addr */
1957 0, 0, 0, 0, 0, 0, 0, 0, /* insert SAS addr */
1958 0x2, 0, 0, 0, 0, 0, 0, 0,
1959 0x88, 0x99, 0, 0, 0, 0, 0, 0,
1960 0, 0, 0, 0, 0, 0, 0, 0,
1961 0, 1, 0, 0, 0x10, 0x9, 0x8, 0x0,
1962 0, 0, 0, 0, 0, 0, 0, 0, /* insert SAS addr */
1963 0, 0, 0, 0, 0, 0, 0, 0, /* insert SAS addr */
1964 0x3, 0, 0, 0, 0, 0, 0, 0,
1965 0x88, 0x99, 0, 0, 0, 0, 0, 0,
1966 0, 0, 0, 0, 0, 0, 0, 0,
1970 put_unaligned_be64(naa3_comp_a, sas_pcd_m_pg + 16);
1971 put_unaligned_be64(naa3_comp_c + 1, sas_pcd_m_pg + 24);
1972 put_unaligned_be64(naa3_comp_a, sas_pcd_m_pg + 64);
1973 put_unaligned_be64(naa3_comp_c + 1, sas_pcd_m_pg + 72);
1974 port_a = target_dev_id + 1;
1975 port_b = port_a + 1;
1976 memcpy(p, sas_pcd_m_pg, sizeof(sas_pcd_m_pg));
1977 put_unaligned_be32(port_a, p + 20);
1978 put_unaligned_be32(port_b, p + 48 + 20);
1980 memset(p + 4, 0, sizeof(sas_pcd_m_pg) - 4);
1981 return sizeof(sas_pcd_m_pg);
1984 static int resp_sas_sha_m_spg(unsigned char * p, int pcontrol)
1985 { /* SAS SSP shared protocol specific port mode subpage */
1986 unsigned char sas_sha_m_pg[] = {0x59, 0x2, 0, 0xc, 0, 0x6, 0x10, 0,
1987 0, 0, 0, 0, 0, 0, 0, 0,
1990 memcpy(p, sas_sha_m_pg, sizeof(sas_sha_m_pg));
1992 memset(p + 4, 0, sizeof(sas_sha_m_pg) - 4);
1993 return sizeof(sas_sha_m_pg);
1996 #define SDEBUG_MAX_MSENSE_SZ 256
1998 static int resp_mode_sense(struct scsi_cmnd *scp,
1999 struct sdebug_dev_info *devip)
2001 int pcontrol, pcode, subpcode, bd_len;
2002 unsigned char dev_spec;
2003 int alloc_len, offset, len, target_dev_id;
2004 int target = scp->device->id;
2006 unsigned char arr[SDEBUG_MAX_MSENSE_SZ];
2007 unsigned char *cmd = scp->cmnd;
2008 bool dbd, llbaa, msense_6, is_disk, bad_pcode;
2010 dbd = !!(cmd[1] & 0x8); /* disable block descriptors */
2011 pcontrol = (cmd[2] & 0xc0) >> 6;
2012 pcode = cmd[2] & 0x3f;
2014 msense_6 = (MODE_SENSE == cmd[0]);
2015 llbaa = msense_6 ? false : !!(cmd[1] & 0x10);
2016 is_disk = (sdebug_ptype == TYPE_DISK);
2017 if (is_disk && !dbd)
2018 bd_len = llbaa ? 16 : 8;
2021 alloc_len = msense_6 ? cmd[4] : get_unaligned_be16(cmd + 7);
2022 memset(arr, 0, SDEBUG_MAX_MSENSE_SZ);
2023 if (0x3 == pcontrol) { /* Saving values not supported */
2024 mk_sense_buffer(scp, ILLEGAL_REQUEST, SAVING_PARAMS_UNSUP, 0);
2025 return check_condition_result;
2027 target_dev_id = ((devip->sdbg_host->shost->host_no + 1) * 2000) +
2028 (devip->target * 1000) - 3;
2029 /* for disks set DPOFUA bit and clear write protect (WP) bit */
2031 dev_spec = 0x10; /* =0x90 if WP=1 implies read-only */
2041 arr[4] = 0x1; /* set LONGLBA bit */
2042 arr[7] = bd_len; /* assume 255 or less */
2046 if ((bd_len > 0) && (!sdebug_capacity))
2047 sdebug_capacity = get_sdebug_capacity();
2050 if (sdebug_capacity > 0xfffffffe)
2051 put_unaligned_be32(0xffffffff, ap + 0);
2053 put_unaligned_be32(sdebug_capacity, ap + 0);
2054 put_unaligned_be16(sdebug_sector_size, ap + 6);
2057 } else if (16 == bd_len) {
2058 put_unaligned_be64((u64)sdebug_capacity, ap + 0);
2059 put_unaligned_be32(sdebug_sector_size, ap + 12);
2064 if ((subpcode > 0x0) && (subpcode < 0xff) && (0x19 != pcode)) {
2065 /* TODO: Control Extension page */
2066 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 3, -1);
2067 return check_condition_result;
2072 case 0x1: /* Read-Write error recovery page, direct access */
2073 len = resp_err_recov_pg(ap, pcontrol, target);
2076 case 0x2: /* Disconnect-Reconnect page, all devices */
2077 len = resp_disconnect_pg(ap, pcontrol, target);
2080 case 0x3: /* Format device page, direct access */
2082 len = resp_format_pg(ap, pcontrol, target);
2087 case 0x8: /* Caching page, direct access */
2089 len = resp_caching_pg(ap, pcontrol, target);
2094 case 0xa: /* Control Mode page, all devices */
2095 len = resp_ctrl_m_pg(ap, pcontrol, target);
2098 case 0x19: /* if spc==1 then sas phy, control+discover */
2099 if ((subpcode > 0x2) && (subpcode < 0xff)) {
2100 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 3, -1);
2101 return check_condition_result;
2104 if ((0x0 == subpcode) || (0xff == subpcode))
2105 len += resp_sas_sf_m_pg(ap + len, pcontrol, target);
2106 if ((0x1 == subpcode) || (0xff == subpcode))
2107 len += resp_sas_pcd_m_spg(ap + len, pcontrol, target,
2109 if ((0x2 == subpcode) || (0xff == subpcode))
2110 len += resp_sas_sha_m_spg(ap + len, pcontrol);
2113 case 0x1c: /* Informational Exceptions Mode page, all devices */
2114 len = resp_iec_m_pg(ap, pcontrol, target);
2117 case 0x3f: /* Read all Mode pages */
2118 if ((0 == subpcode) || (0xff == subpcode)) {
2119 len = resp_err_recov_pg(ap, pcontrol, target);
2120 len += resp_disconnect_pg(ap + len, pcontrol, target);
2122 len += resp_format_pg(ap + len, pcontrol,
2124 len += resp_caching_pg(ap + len, pcontrol,
2127 len += resp_ctrl_m_pg(ap + len, pcontrol, target);
2128 len += resp_sas_sf_m_pg(ap + len, pcontrol, target);
2129 if (0xff == subpcode) {
2130 len += resp_sas_pcd_m_spg(ap + len, pcontrol,
2131 target, target_dev_id);
2132 len += resp_sas_sha_m_spg(ap + len, pcontrol);
2134 len += resp_iec_m_pg(ap + len, pcontrol, target);
2137 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 3, -1);
2138 return check_condition_result;
2146 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 2, 5);
2147 return check_condition_result;
2150 arr[0] = offset - 1;
2152 put_unaligned_be16((offset - 2), arr + 0);
2153 return fill_from_dev_buffer(scp, arr, min(alloc_len, offset));
2156 #define SDEBUG_MAX_MSELECT_SZ 512
2158 static int resp_mode_select(struct scsi_cmnd *scp,
2159 struct sdebug_dev_info *devip)
2161 int pf, sp, ps, md_len, bd_len, off, spf, pg_len;
2162 int param_len, res, mpage;
2163 unsigned char arr[SDEBUG_MAX_MSELECT_SZ];
2164 unsigned char *cmd = scp->cmnd;
2165 int mselect6 = (MODE_SELECT == cmd[0]);
2167 memset(arr, 0, sizeof(arr));
2170 param_len = mselect6 ? cmd[4] : get_unaligned_be16(cmd + 7);
2171 if ((0 == pf) || sp || (param_len > SDEBUG_MAX_MSELECT_SZ)) {
2172 mk_sense_invalid_fld(scp, SDEB_IN_CDB, mselect6 ? 4 : 7, -1);
2173 return check_condition_result;
2175 res = fetch_to_dev_buffer(scp, arr, param_len);
2177 return DID_ERROR << 16;
2178 else if (sdebug_verbose && (res < param_len))
2179 sdev_printk(KERN_INFO, scp->device,
2180 "%s: cdb indicated=%d, IO sent=%d bytes\n",
2181 __func__, param_len, res);
2182 md_len = mselect6 ? (arr[0] + 1) : (get_unaligned_be16(arr + 0) + 2);
2183 bd_len = mselect6 ? arr[3] : get_unaligned_be16(arr + 6);
2185 mk_sense_invalid_fld(scp, SDEB_IN_DATA, 0, -1);
2186 return check_condition_result;
2188 off = bd_len + (mselect6 ? 4 : 8);
2189 mpage = arr[off] & 0x3f;
2190 ps = !!(arr[off] & 0x80);
2192 mk_sense_invalid_fld(scp, SDEB_IN_DATA, off, 7);
2193 return check_condition_result;
2195 spf = !!(arr[off] & 0x40);
2196 pg_len = spf ? (get_unaligned_be16(arr + off + 2) + 4) :
2198 if ((pg_len + off) > param_len) {
2199 mk_sense_buffer(scp, ILLEGAL_REQUEST,
2200 PARAMETER_LIST_LENGTH_ERR, 0);
2201 return check_condition_result;
2204 case 0x8: /* Caching Mode page */
2205 if (caching_pg[1] == arr[off + 1]) {
2206 memcpy(caching_pg + 2, arr + off + 2,
2207 sizeof(caching_pg) - 2);
2208 goto set_mode_changed_ua;
2211 case 0xa: /* Control Mode page */
2212 if (ctrl_m_pg[1] == arr[off + 1]) {
2213 memcpy(ctrl_m_pg + 2, arr + off + 2,
2214 sizeof(ctrl_m_pg) - 2);
2215 sdebug_dsense = !!(ctrl_m_pg[2] & 0x4);
2216 goto set_mode_changed_ua;
2219 case 0x1c: /* Informational Exceptions Mode page */
2220 if (iec_m_pg[1] == arr[off + 1]) {
2221 memcpy(iec_m_pg + 2, arr + off + 2,
2222 sizeof(iec_m_pg) - 2);
2223 goto set_mode_changed_ua;
2229 mk_sense_invalid_fld(scp, SDEB_IN_DATA, off, 5);
2230 return check_condition_result;
2231 set_mode_changed_ua:
2232 set_bit(SDEBUG_UA_MODE_CHANGED, devip->uas_bm);
2236 static int resp_temp_l_pg(unsigned char * arr)
2238 unsigned char temp_l_pg[] = {0x0, 0x0, 0x3, 0x2, 0x0, 38,
2239 0x0, 0x1, 0x3, 0x2, 0x0, 65,
2242 memcpy(arr, temp_l_pg, sizeof(temp_l_pg));
2243 return sizeof(temp_l_pg);
2246 static int resp_ie_l_pg(unsigned char * arr)
2248 unsigned char ie_l_pg[] = {0x0, 0x0, 0x3, 0x3, 0x0, 0x0, 38,
2251 memcpy(arr, ie_l_pg, sizeof(ie_l_pg));
2252 if (iec_m_pg[2] & 0x4) { /* TEST bit set */
2253 arr[4] = THRESHOLD_EXCEEDED;
2256 return sizeof(ie_l_pg);
2259 #define SDEBUG_MAX_LSENSE_SZ 512
2261 static int resp_log_sense(struct scsi_cmnd * scp,
2262 struct sdebug_dev_info * devip)
2264 int ppc, sp, pcontrol, pcode, subpcode, alloc_len, len, n;
2265 unsigned char arr[SDEBUG_MAX_LSENSE_SZ];
2266 unsigned char *cmd = scp->cmnd;
2268 memset(arr, 0, sizeof(arr));
2272 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 1, ppc ? 1 : 0);
2273 return check_condition_result;
2275 pcontrol = (cmd[2] & 0xc0) >> 6;
2276 pcode = cmd[2] & 0x3f;
2277 subpcode = cmd[3] & 0xff;
2278 alloc_len = get_unaligned_be16(cmd + 7);
2280 if (0 == subpcode) {
2282 case 0x0: /* Supported log pages log page */
2284 arr[n++] = 0x0; /* this page */
2285 arr[n++] = 0xd; /* Temperature */
2286 arr[n++] = 0x2f; /* Informational exceptions */
2289 case 0xd: /* Temperature log page */
2290 arr[3] = resp_temp_l_pg(arr + 4);
2292 case 0x2f: /* Informational exceptions log page */
2293 arr[3] = resp_ie_l_pg(arr + 4);
2296 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 2, 5);
2297 return check_condition_result;
2299 } else if (0xff == subpcode) {
2303 case 0x0: /* Supported log pages and subpages log page */
2306 arr[n++] = 0x0; /* 0,0 page */
2308 arr[n++] = 0xff; /* this page */
2310 arr[n++] = 0x0; /* Temperature */
2312 arr[n++] = 0x0; /* Informational exceptions */
2315 case 0xd: /* Temperature subpages */
2318 arr[n++] = 0x0; /* Temperature */
2321 case 0x2f: /* Informational exceptions subpages */
2324 arr[n++] = 0x0; /* Informational exceptions */
2328 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 2, 5);
2329 return check_condition_result;
2332 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 3, -1);
2333 return check_condition_result;
2335 len = min(get_unaligned_be16(arr + 2) + 4, alloc_len);
2336 return fill_from_dev_buffer(scp, arr,
2337 min(len, SDEBUG_MAX_INQ_ARR_SZ));
2340 static int check_device_access_params(struct scsi_cmnd *scp,
2341 unsigned long long lba, unsigned int num)
2343 if (lba + num > sdebug_capacity) {
2344 mk_sense_buffer(scp, ILLEGAL_REQUEST, LBA_OUT_OF_RANGE, 0);
2345 return check_condition_result;
2347 /* transfer length excessive (tie in to block limits VPD page) */
2348 if (num > sdebug_store_sectors) {
2349 /* needs work to find which cdb byte 'num' comes from */
2350 mk_sense_buffer(scp, ILLEGAL_REQUEST, INVALID_FIELD_IN_CDB, 0);
2351 return check_condition_result;
2356 /* Returns number of bytes copied or -1 if error. */
2357 static int do_device_access(struct scsi_cmnd *scmd, u64 lba, u32 num,
2361 u64 block, rest = 0;
2362 struct scsi_data_buffer *sdb;
2363 enum dma_data_direction dir;
2366 sdb = scsi_out(scmd);
2367 dir = DMA_TO_DEVICE;
2369 sdb = scsi_in(scmd);
2370 dir = DMA_FROM_DEVICE;
2375 if (!(scsi_bidi_cmnd(scmd) || scmd->sc_data_direction == dir))
2378 block = do_div(lba, sdebug_store_sectors);
2379 if (block + num > sdebug_store_sectors)
2380 rest = block + num - sdebug_store_sectors;
2382 ret = sg_copy_buffer(sdb->table.sgl, sdb->table.nents,
2383 fake_storep + (block * sdebug_sector_size),
2384 (num - rest) * sdebug_sector_size, 0, do_write);
2385 if (ret != (num - rest) * sdebug_sector_size)
2389 ret += sg_copy_buffer(sdb->table.sgl, sdb->table.nents,
2390 fake_storep, rest * sdebug_sector_size,
2391 (num - rest) * sdebug_sector_size, do_write);
2397 /* If fake_store(lba,num) compares equal to arr(num), then copy top half of
2398 * arr into fake_store(lba,num) and return true. If comparison fails then
2400 static bool comp_write_worker(u64 lba, u32 num, const u8 *arr)
2403 u64 block, rest = 0;
2404 u32 store_blks = sdebug_store_sectors;
2405 u32 lb_size = sdebug_sector_size;
2407 block = do_div(lba, store_blks);
2408 if (block + num > store_blks)
2409 rest = block + num - store_blks;
2411 res = !memcmp(fake_storep + (block * lb_size), arr,
2412 (num - rest) * lb_size);
2416 res = memcmp(fake_storep, arr + ((num - rest) * lb_size),
2420 arr += num * lb_size;
2421 memcpy(fake_storep + (block * lb_size), arr, (num - rest) * lb_size);
2423 memcpy(fake_storep, arr + ((num - rest) * lb_size),
2428 static __be16 dif_compute_csum(const void *buf, int len)
2433 csum = (__force __be16)ip_compute_csum(buf, len);
2435 csum = cpu_to_be16(crc_t10dif(buf, len));
2440 static int dif_verify(struct t10_pi_tuple *sdt, const void *data,
2441 sector_t sector, u32 ei_lba)
2443 __be16 csum = dif_compute_csum(data, sdebug_sector_size);
2445 if (sdt->guard_tag != csum) {
2446 pr_err("GUARD check failed on sector %lu rcvd 0x%04x, data 0x%04x\n",
2447 (unsigned long)sector,
2448 be16_to_cpu(sdt->guard_tag),
2452 if (sdebug_dif == T10_PI_TYPE1_PROTECTION &&
2453 be32_to_cpu(sdt->ref_tag) != (sector & 0xffffffff)) {
2454 pr_err("REF check failed on sector %lu\n",
2455 (unsigned long)sector);
2458 if (sdebug_dif == T10_PI_TYPE2_PROTECTION &&
2459 be32_to_cpu(sdt->ref_tag) != ei_lba) {
2460 pr_err("REF check failed on sector %lu\n",
2461 (unsigned long)sector);
2467 static void dif_copy_prot(struct scsi_cmnd *SCpnt, sector_t sector,
2468 unsigned int sectors, bool read)
2472 const void *dif_store_end = dif_storep + sdebug_store_sectors;
2473 struct sg_mapping_iter miter;
2475 /* Bytes of protection data to copy into sgl */
2476 resid = sectors * sizeof(*dif_storep);
2478 sg_miter_start(&miter, scsi_prot_sglist(SCpnt),
2479 scsi_prot_sg_count(SCpnt), SG_MITER_ATOMIC |
2480 (read ? SG_MITER_TO_SG : SG_MITER_FROM_SG));
2482 while (sg_miter_next(&miter) && resid > 0) {
2483 size_t len = min(miter.length, resid);
2484 void *start = dif_store(sector);
2487 if (dif_store_end < start + len)
2488 rest = start + len - dif_store_end;
2493 memcpy(paddr, start, len - rest);
2495 memcpy(start, paddr, len - rest);
2499 memcpy(paddr + len - rest, dif_storep, rest);
2501 memcpy(dif_storep, paddr + len - rest, rest);
2504 sector += len / sizeof(*dif_storep);
2507 sg_miter_stop(&miter);
2510 static int prot_verify_read(struct scsi_cmnd *SCpnt, sector_t start_sec,
2511 unsigned int sectors, u32 ei_lba)
2514 struct t10_pi_tuple *sdt;
2517 for (i = 0; i < sectors; i++, ei_lba++) {
2520 sector = start_sec + i;
2521 sdt = dif_store(sector);
2523 if (sdt->app_tag == cpu_to_be16(0xffff))
2526 ret = dif_verify(sdt, fake_store(sector), sector, ei_lba);
2533 dif_copy_prot(SCpnt, start_sec, sectors, true);
2539 static int resp_read_dt0(struct scsi_cmnd *scp, struct sdebug_dev_info *devip)
2541 u8 *cmd = scp->cmnd;
2542 struct sdebug_queued_cmd *sqcp;
2546 unsigned long iflags;
2553 lba = get_unaligned_be64(cmd + 2);
2554 num = get_unaligned_be32(cmd + 10);
2559 lba = get_unaligned_be32(cmd + 2);
2560 num = get_unaligned_be16(cmd + 7);
2565 lba = (u32)cmd[3] | (u32)cmd[2] << 8 |
2566 (u32)(cmd[1] & 0x1f) << 16;
2567 num = (0 == cmd[4]) ? 256 : cmd[4];
2572 lba = get_unaligned_be32(cmd + 2);
2573 num = get_unaligned_be32(cmd + 6);
2576 case XDWRITEREAD_10:
2578 lba = get_unaligned_be32(cmd + 2);
2579 num = get_unaligned_be16(cmd + 7);
2582 default: /* assume READ(32) */
2583 lba = get_unaligned_be64(cmd + 12);
2584 ei_lba = get_unaligned_be32(cmd + 20);
2585 num = get_unaligned_be32(cmd + 28);
2589 if (unlikely(have_dif_prot && check_prot)) {
2590 if (sdebug_dif == T10_PI_TYPE2_PROTECTION &&
2592 mk_sense_invalid_opcode(scp);
2593 return check_condition_result;
2595 if ((sdebug_dif == T10_PI_TYPE1_PROTECTION ||
2596 sdebug_dif == T10_PI_TYPE3_PROTECTION) &&
2597 (cmd[1] & 0xe0) == 0)
2598 sdev_printk(KERN_ERR, scp->device, "Unprotected RD "
2601 if (unlikely(sdebug_any_injecting_opt)) {
2602 sqcp = (struct sdebug_queued_cmd *)scp->host_scribble;
2605 if (sqcp->inj_short)
2611 /* inline check_device_access_params() */
2612 if (unlikely(lba + num > sdebug_capacity)) {
2613 mk_sense_buffer(scp, ILLEGAL_REQUEST, LBA_OUT_OF_RANGE, 0);
2614 return check_condition_result;
2616 /* transfer length excessive (tie in to block limits VPD page) */
2617 if (unlikely(num > sdebug_store_sectors)) {
2618 /* needs work to find which cdb byte 'num' comes from */
2619 mk_sense_buffer(scp, ILLEGAL_REQUEST, INVALID_FIELD_IN_CDB, 0);
2620 return check_condition_result;
2623 if (unlikely((SDEBUG_OPT_MEDIUM_ERR & sdebug_opts) &&
2624 (lba <= (OPT_MEDIUM_ERR_ADDR + OPT_MEDIUM_ERR_NUM - 1)) &&
2625 ((lba + num) > OPT_MEDIUM_ERR_ADDR))) {
2626 /* claim unrecoverable read error */
2627 mk_sense_buffer(scp, MEDIUM_ERROR, UNRECOVERED_READ_ERR, 0);
2628 /* set info field and valid bit for fixed descriptor */
2629 if (0x70 == (scp->sense_buffer[0] & 0x7f)) {
2630 scp->sense_buffer[0] |= 0x80; /* Valid bit */
2631 ret = (lba < OPT_MEDIUM_ERR_ADDR)
2632 ? OPT_MEDIUM_ERR_ADDR : (int)lba;
2633 put_unaligned_be32(ret, scp->sense_buffer + 3);
2635 scsi_set_resid(scp, scsi_bufflen(scp));
2636 return check_condition_result;
2639 read_lock_irqsave(&atomic_rw, iflags);
2642 if (unlikely(sdebug_dix && scsi_prot_sg_count(scp))) {
2643 int prot_ret = prot_verify_read(scp, lba, num, ei_lba);
2646 read_unlock_irqrestore(&atomic_rw, iflags);
2647 mk_sense_buffer(scp, ABORTED_COMMAND, 0x10, prot_ret);
2648 return illegal_condition_result;
2652 ret = do_device_access(scp, lba, num, false);
2653 read_unlock_irqrestore(&atomic_rw, iflags);
2654 if (unlikely(ret == -1))
2655 return DID_ERROR << 16;
2657 scsi_in(scp)->resid = scsi_bufflen(scp) - ret;
2659 if (unlikely(sqcp)) {
2660 if (sqcp->inj_recovered) {
2661 mk_sense_buffer(scp, RECOVERED_ERROR,
2662 THRESHOLD_EXCEEDED, 0);
2663 return check_condition_result;
2664 } else if (sqcp->inj_transport) {
2665 mk_sense_buffer(scp, ABORTED_COMMAND,
2666 TRANSPORT_PROBLEM, ACK_NAK_TO);
2667 return check_condition_result;
2668 } else if (sqcp->inj_dif) {
2669 /* Logical block guard check failed */
2670 mk_sense_buffer(scp, ABORTED_COMMAND, 0x10, 1);
2671 return illegal_condition_result;
2672 } else if (sqcp->inj_dix) {
2673 mk_sense_buffer(scp, ILLEGAL_REQUEST, 0x10, 1);
2674 return illegal_condition_result;
2680 static void dump_sector(unsigned char *buf, int len)
2684 pr_err(">>> Sector Dump <<<\n");
2685 for (i = 0 ; i < len ; i += 16) {
2688 for (j = 0, n = 0; j < 16; j++) {
2689 unsigned char c = buf[i+j];
2691 if (c >= 0x20 && c < 0x7e)
2692 n += scnprintf(b + n, sizeof(b) - n,
2695 n += scnprintf(b + n, sizeof(b) - n,
2698 pr_err("%04d: %s\n", i, b);
2702 static int prot_verify_write(struct scsi_cmnd *SCpnt, sector_t start_sec,
2703 unsigned int sectors, u32 ei_lba)
2706 struct t10_pi_tuple *sdt;
2708 sector_t sector = start_sec;
2711 struct sg_mapping_iter diter;
2712 struct sg_mapping_iter piter;
2714 BUG_ON(scsi_sg_count(SCpnt) == 0);
2715 BUG_ON(scsi_prot_sg_count(SCpnt) == 0);
2717 sg_miter_start(&piter, scsi_prot_sglist(SCpnt),
2718 scsi_prot_sg_count(SCpnt),
2719 SG_MITER_ATOMIC | SG_MITER_FROM_SG);
2720 sg_miter_start(&diter, scsi_sglist(SCpnt), scsi_sg_count(SCpnt),
2721 SG_MITER_ATOMIC | SG_MITER_FROM_SG);
2723 /* For each protection page */
2724 while (sg_miter_next(&piter)) {
2726 if (WARN_ON(!sg_miter_next(&diter))) {
2731 for (ppage_offset = 0; ppage_offset < piter.length;
2732 ppage_offset += sizeof(struct t10_pi_tuple)) {
2733 /* If we're at the end of the current
2734 * data page advance to the next one
2736 if (dpage_offset >= diter.length) {
2737 if (WARN_ON(!sg_miter_next(&diter))) {
2744 sdt = piter.addr + ppage_offset;
2745 daddr = diter.addr + dpage_offset;
2747 ret = dif_verify(sdt, daddr, sector, ei_lba);
2749 dump_sector(daddr, sdebug_sector_size);
2755 dpage_offset += sdebug_sector_size;
2757 diter.consumed = dpage_offset;
2758 sg_miter_stop(&diter);
2760 sg_miter_stop(&piter);
2762 dif_copy_prot(SCpnt, start_sec, sectors, false);
2769 sg_miter_stop(&diter);
2770 sg_miter_stop(&piter);
2774 static unsigned long lba_to_map_index(sector_t lba)
2776 if (sdebug_unmap_alignment)
2777 lba += sdebug_unmap_granularity - sdebug_unmap_alignment;
2778 sector_div(lba, sdebug_unmap_granularity);
2782 static sector_t map_index_to_lba(unsigned long index)
2784 sector_t lba = index * sdebug_unmap_granularity;
2786 if (sdebug_unmap_alignment)
2787 lba -= sdebug_unmap_granularity - sdebug_unmap_alignment;
2791 static unsigned int map_state(sector_t lba, unsigned int *num)
2794 unsigned int mapped;
2795 unsigned long index;
2798 index = lba_to_map_index(lba);
2799 mapped = test_bit(index, map_storep);
2802 next = find_next_zero_bit(map_storep, map_size, index);
2804 next = find_next_bit(map_storep, map_size, index);
2806 end = min_t(sector_t, sdebug_store_sectors, map_index_to_lba(next));
2811 static void map_region(sector_t lba, unsigned int len)
2813 sector_t end = lba + len;
2816 unsigned long index = lba_to_map_index(lba);
2818 if (index < map_size)
2819 set_bit(index, map_storep);
2821 lba = map_index_to_lba(index + 1);
2825 static void unmap_region(sector_t lba, unsigned int len)
2827 sector_t end = lba + len;
2830 unsigned long index = lba_to_map_index(lba);
2832 if (lba == map_index_to_lba(index) &&
2833 lba + sdebug_unmap_granularity <= end &&
2835 clear_bit(index, map_storep);
2836 if (sdebug_lbprz) { /* for LBPRZ=2 return 0xff_s */
2837 memset(fake_storep +
2838 lba * sdebug_sector_size,
2839 (sdebug_lbprz & 1) ? 0 : 0xff,
2840 sdebug_sector_size *
2841 sdebug_unmap_granularity);
2844 memset(dif_storep + lba, 0xff,
2845 sizeof(*dif_storep) *
2846 sdebug_unmap_granularity);
2849 lba = map_index_to_lba(index + 1);
2853 static int resp_write_dt0(struct scsi_cmnd *scp, struct sdebug_dev_info *devip)
2855 u8 *cmd = scp->cmnd;
2859 unsigned long iflags;
2866 lba = get_unaligned_be64(cmd + 2);
2867 num = get_unaligned_be32(cmd + 10);
2872 lba = get_unaligned_be32(cmd + 2);
2873 num = get_unaligned_be16(cmd + 7);
2878 lba = (u32)cmd[3] | (u32)cmd[2] << 8 |
2879 (u32)(cmd[1] & 0x1f) << 16;
2880 num = (0 == cmd[4]) ? 256 : cmd[4];
2885 lba = get_unaligned_be32(cmd + 2);
2886 num = get_unaligned_be32(cmd + 6);
2889 case 0x53: /* XDWRITEREAD(10) */
2891 lba = get_unaligned_be32(cmd + 2);
2892 num = get_unaligned_be16(cmd + 7);
2895 default: /* assume WRITE(32) */
2896 lba = get_unaligned_be64(cmd + 12);
2897 ei_lba = get_unaligned_be32(cmd + 20);
2898 num = get_unaligned_be32(cmd + 28);
2902 if (unlikely(have_dif_prot && check_prot)) {
2903 if (sdebug_dif == T10_PI_TYPE2_PROTECTION &&
2905 mk_sense_invalid_opcode(scp);
2906 return check_condition_result;
2908 if ((sdebug_dif == T10_PI_TYPE1_PROTECTION ||
2909 sdebug_dif == T10_PI_TYPE3_PROTECTION) &&
2910 (cmd[1] & 0xe0) == 0)
2911 sdev_printk(KERN_ERR, scp->device, "Unprotected WR "
2915 /* inline check_device_access_params() */
2916 if (unlikely(lba + num > sdebug_capacity)) {
2917 mk_sense_buffer(scp, ILLEGAL_REQUEST, LBA_OUT_OF_RANGE, 0);
2918 return check_condition_result;
2920 /* transfer length excessive (tie in to block limits VPD page) */
2921 if (unlikely(num > sdebug_store_sectors)) {
2922 /* needs work to find which cdb byte 'num' comes from */
2923 mk_sense_buffer(scp, ILLEGAL_REQUEST, INVALID_FIELD_IN_CDB, 0);
2924 return check_condition_result;
2927 write_lock_irqsave(&atomic_rw, iflags);
2930 if (unlikely(sdebug_dix && scsi_prot_sg_count(scp))) {
2931 int prot_ret = prot_verify_write(scp, lba, num, ei_lba);
2934 write_unlock_irqrestore(&atomic_rw, iflags);
2935 mk_sense_buffer(scp, ILLEGAL_REQUEST, 0x10, prot_ret);
2936 return illegal_condition_result;
2940 ret = do_device_access(scp, lba, num, true);
2941 if (unlikely(scsi_debug_lbp()))
2942 map_region(lba, num);
2943 write_unlock_irqrestore(&atomic_rw, iflags);
2944 if (unlikely(-1 == ret))
2945 return DID_ERROR << 16;
2946 else if (unlikely(sdebug_verbose &&
2947 (ret < (num * sdebug_sector_size))))
2948 sdev_printk(KERN_INFO, scp->device,
2949 "%s: write: cdb indicated=%u, IO sent=%d bytes\n",
2950 my_name, num * sdebug_sector_size, ret);
2952 if (unlikely(sdebug_any_injecting_opt)) {
2953 struct sdebug_queued_cmd *sqcp =
2954 (struct sdebug_queued_cmd *)scp->host_scribble;
2957 if (sqcp->inj_recovered) {
2958 mk_sense_buffer(scp, RECOVERED_ERROR,
2959 THRESHOLD_EXCEEDED, 0);
2960 return check_condition_result;
2961 } else if (sqcp->inj_dif) {
2962 /* Logical block guard check failed */
2963 mk_sense_buffer(scp, ABORTED_COMMAND, 0x10, 1);
2964 return illegal_condition_result;
2965 } else if (sqcp->inj_dix) {
2966 mk_sense_buffer(scp, ILLEGAL_REQUEST, 0x10, 1);
2967 return illegal_condition_result;
2974 static int resp_write_same(struct scsi_cmnd *scp, u64 lba, u32 num,
2975 u32 ei_lba, bool unmap, bool ndob)
2977 unsigned long iflags;
2978 unsigned long long i;
2982 ret = check_device_access_params(scp, lba, num);
2986 write_lock_irqsave(&atomic_rw, iflags);
2988 if (unmap && scsi_debug_lbp()) {
2989 unmap_region(lba, num);
2993 lba_off = lba * sdebug_sector_size;
2994 /* if ndob then zero 1 logical block, else fetch 1 logical block */
2996 memset(fake_storep + lba_off, 0, sdebug_sector_size);
2999 ret = fetch_to_dev_buffer(scp, fake_storep + lba_off,
3000 sdebug_sector_size);
3003 write_unlock_irqrestore(&atomic_rw, iflags);
3004 return DID_ERROR << 16;
3005 } else if (sdebug_verbose && (ret < (num * sdebug_sector_size)))
3006 sdev_printk(KERN_INFO, scp->device,
3007 "%s: %s: cdb indicated=%u, IO sent=%d bytes\n",
3008 my_name, "write same",
3009 num * sdebug_sector_size, ret);
3011 /* Copy first sector to remaining blocks */
3012 for (i = 1 ; i < num ; i++)
3013 memcpy(fake_storep + ((lba + i) * sdebug_sector_size),
3014 fake_storep + lba_off,
3015 sdebug_sector_size);
3017 if (scsi_debug_lbp())
3018 map_region(lba, num);
3020 write_unlock_irqrestore(&atomic_rw, iflags);
3025 static int resp_write_same_10(struct scsi_cmnd *scp,
3026 struct sdebug_dev_info *devip)
3028 u8 *cmd = scp->cmnd;
3035 if (sdebug_lbpws10 == 0) {
3036 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 1, 3);
3037 return check_condition_result;
3041 lba = get_unaligned_be32(cmd + 2);
3042 num = get_unaligned_be16(cmd + 7);
3043 if (num > sdebug_write_same_length) {
3044 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 7, -1);
3045 return check_condition_result;
3047 return resp_write_same(scp, lba, num, ei_lba, unmap, false);
3050 static int resp_write_same_16(struct scsi_cmnd *scp,
3051 struct sdebug_dev_info *devip)
3053 u8 *cmd = scp->cmnd;
3060 if (cmd[1] & 0x8) { /* UNMAP */
3061 if (sdebug_lbpws == 0) {
3062 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 1, 3);
3063 return check_condition_result;
3067 if (cmd[1] & 0x1) /* NDOB (no data-out buffer, assumes zeroes) */
3069 lba = get_unaligned_be64(cmd + 2);
3070 num = get_unaligned_be32(cmd + 10);
3071 if (num > sdebug_write_same_length) {
3072 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 10, -1);
3073 return check_condition_result;
3075 return resp_write_same(scp, lba, num, ei_lba, unmap, ndob);
3078 /* Note the mode field is in the same position as the (lower) service action
3079 * field. For the Report supported operation codes command, SPC-4 suggests
3080 * each mode of this command should be reported separately; for future. */
3081 static int resp_write_buffer(struct scsi_cmnd *scp,
3082 struct sdebug_dev_info *devip)
3084 u8 *cmd = scp->cmnd;
3085 struct scsi_device *sdp = scp->device;
3086 struct sdebug_dev_info *dp;
3089 mode = cmd[1] & 0x1f;
3091 case 0x4: /* download microcode (MC) and activate (ACT) */
3092 /* set UAs on this device only */
3093 set_bit(SDEBUG_UA_BUS_RESET, devip->uas_bm);
3094 set_bit(SDEBUG_UA_MICROCODE_CHANGED, devip->uas_bm);
3096 case 0x5: /* download MC, save and ACT */
3097 set_bit(SDEBUG_UA_MICROCODE_CHANGED_WO_RESET, devip->uas_bm);
3099 case 0x6: /* download MC with offsets and ACT */
3100 /* set UAs on most devices (LUs) in this target */
3101 list_for_each_entry(dp,
3102 &devip->sdbg_host->dev_info_list,
3104 if (dp->target == sdp->id) {
3105 set_bit(SDEBUG_UA_BUS_RESET, dp->uas_bm);
3107 set_bit(SDEBUG_UA_MICROCODE_CHANGED,
3111 case 0x7: /* download MC with offsets, save, and ACT */
3112 /* set UA on all devices (LUs) in this target */
3113 list_for_each_entry(dp,
3114 &devip->sdbg_host->dev_info_list,
3116 if (dp->target == sdp->id)
3117 set_bit(SDEBUG_UA_MICROCODE_CHANGED_WO_RESET,
3121 /* do nothing for this command for other mode values */
3127 static int resp_comp_write(struct scsi_cmnd *scp,
3128 struct sdebug_dev_info *devip)
3130 u8 *cmd = scp->cmnd;
3132 u8 *fake_storep_hold;
3135 u32 lb_size = sdebug_sector_size;
3137 unsigned long iflags;
3141 lba = get_unaligned_be64(cmd + 2);
3142 num = cmd[13]; /* 1 to a maximum of 255 logical blocks */
3144 return 0; /* degenerate case, not an error */
3145 if (sdebug_dif == T10_PI_TYPE2_PROTECTION &&
3147 mk_sense_invalid_opcode(scp);
3148 return check_condition_result;
3150 if ((sdebug_dif == T10_PI_TYPE1_PROTECTION ||
3151 sdebug_dif == T10_PI_TYPE3_PROTECTION) &&
3152 (cmd[1] & 0xe0) == 0)
3153 sdev_printk(KERN_ERR, scp->device, "Unprotected WR "
3156 /* inline check_device_access_params() */
3157 if (lba + num > sdebug_capacity) {
3158 mk_sense_buffer(scp, ILLEGAL_REQUEST, LBA_OUT_OF_RANGE, 0);
3159 return check_condition_result;
3161 /* transfer length excessive (tie in to block limits VPD page) */
3162 if (num > sdebug_store_sectors) {
3163 /* needs work to find which cdb byte 'num' comes from */
3164 mk_sense_buffer(scp, ILLEGAL_REQUEST, INVALID_FIELD_IN_CDB, 0);
3165 return check_condition_result;
3168 arr = kzalloc(dnum * lb_size, GFP_ATOMIC);
3170 mk_sense_buffer(scp, ILLEGAL_REQUEST, INSUFF_RES_ASC,
3172 return check_condition_result;
3175 write_lock_irqsave(&atomic_rw, iflags);
3177 /* trick do_device_access() to fetch both compare and write buffers
3178 * from data-in into arr. Safe (atomic) since write_lock held. */
3179 fake_storep_hold = fake_storep;
3181 ret = do_device_access(scp, 0, dnum, true);
3182 fake_storep = fake_storep_hold;
3184 retval = DID_ERROR << 16;
3186 } else if (sdebug_verbose && (ret < (dnum * lb_size)))
3187 sdev_printk(KERN_INFO, scp->device, "%s: compare_write: cdb "
3188 "indicated=%u, IO sent=%d bytes\n", my_name,
3189 dnum * lb_size, ret);
3190 if (!comp_write_worker(lba, num, arr)) {
3191 mk_sense_buffer(scp, MISCOMPARE, MISCOMPARE_VERIFY_ASC, 0);
3192 retval = check_condition_result;
3195 if (scsi_debug_lbp())
3196 map_region(lba, num);
3198 write_unlock_irqrestore(&atomic_rw, iflags);
3203 struct unmap_block_desc {
3209 static int resp_unmap(struct scsi_cmnd *scp, struct sdebug_dev_info *devip)
3212 struct unmap_block_desc *desc;
3213 unsigned int i, payload_len, descriptors;
3215 unsigned long iflags;
3218 if (!scsi_debug_lbp())
3219 return 0; /* fib and say its done */
3220 payload_len = get_unaligned_be16(scp->cmnd + 7);
3221 BUG_ON(scsi_bufflen(scp) != payload_len);
3223 descriptors = (payload_len - 8) / 16;
3224 if (descriptors > sdebug_unmap_max_desc) {
3225 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 7, -1);
3226 return check_condition_result;
3229 buf = kzalloc(scsi_bufflen(scp), GFP_ATOMIC);
3231 mk_sense_buffer(scp, ILLEGAL_REQUEST, INSUFF_RES_ASC,
3233 return check_condition_result;
3236 scsi_sg_copy_to_buffer(scp, buf, scsi_bufflen(scp));
3238 BUG_ON(get_unaligned_be16(&buf[0]) != payload_len - 2);
3239 BUG_ON(get_unaligned_be16(&buf[2]) != descriptors * 16);
3241 desc = (void *)&buf[8];
3243 write_lock_irqsave(&atomic_rw, iflags);
3245 for (i = 0 ; i < descriptors ; i++) {
3246 unsigned long long lba = get_unaligned_be64(&desc[i].lba);
3247 unsigned int num = get_unaligned_be32(&desc[i].blocks);
3249 ret = check_device_access_params(scp, lba, num);
3253 unmap_region(lba, num);
3259 write_unlock_irqrestore(&atomic_rw, iflags);
3265 #define SDEBUG_GET_LBA_STATUS_LEN 32
3267 static int resp_get_lba_status(struct scsi_cmnd *scp,
3268 struct sdebug_dev_info *devip)
3270 u8 *cmd = scp->cmnd;
3272 u32 alloc_len, mapped, num;
3273 u8 arr[SDEBUG_GET_LBA_STATUS_LEN];
3276 lba = get_unaligned_be64(cmd + 2);
3277 alloc_len = get_unaligned_be32(cmd + 10);
3282 ret = check_device_access_params(scp, lba, 1);
3286 if (scsi_debug_lbp())
3287 mapped = map_state(lba, &num);
3290 /* following just in case virtual_gb changed */
3291 sdebug_capacity = get_sdebug_capacity();
3292 if (sdebug_capacity - lba <= 0xffffffff)
3293 num = sdebug_capacity - lba;
3298 memset(arr, 0, SDEBUG_GET_LBA_STATUS_LEN);
3299 put_unaligned_be32(20, arr); /* Parameter Data Length */
3300 put_unaligned_be64(lba, arr + 8); /* LBA */
3301 put_unaligned_be32(num, arr + 16); /* Number of blocks */
3302 arr[20] = !mapped; /* prov_stat=0: mapped; 1: dealloc */
3304 return fill_from_dev_buffer(scp, arr, SDEBUG_GET_LBA_STATUS_LEN);
3307 #define RL_BUCKET_ELEMS 8
3309 /* Even though each pseudo target has a REPORT LUNS "well known logical unit"
3310 * (W-LUN), the normal Linux scanning logic does not associate it with a
3311 * device (e.g. /dev/sg7). The following magic will make that association:
3312 * "cd /sys/class/scsi_host/host<n> ; echo '- - 49409' > scan"
3313 * where <n> is a host number. If there are multiple targets in a host then
3314 * the above will associate a W-LUN to each target. To only get a W-LUN
3315 * for target 2, then use "echo '- 2 49409' > scan" .
3317 static int resp_report_luns(struct scsi_cmnd *scp,
3318 struct sdebug_dev_info *devip)
3320 unsigned char *cmd = scp->cmnd;
3321 unsigned int alloc_len;
3322 unsigned char select_report;
3324 struct scsi_lun *lun_p;
3325 u8 arr[RL_BUCKET_ELEMS * sizeof(struct scsi_lun)];
3326 unsigned int lun_cnt; /* normal LUN count (max: 256) */
3327 unsigned int wlun_cnt; /* report luns W-LUN count */
3328 unsigned int tlun_cnt; /* total LUN count */
3329 unsigned int rlen; /* response length (in bytes) */
3331 unsigned int off_rsp = 0;
3332 const int sz_lun = sizeof(struct scsi_lun);
3334 clear_luns_changed_on_target(devip);
3336 select_report = cmd[2];
3337 alloc_len = get_unaligned_be32(cmd + 6);
3339 if (alloc_len < 4) {
3340 pr_err("alloc len too small %d\n", alloc_len);
3341 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 6, -1);
3342 return check_condition_result;
3345 switch (select_report) {
3346 case 0: /* all LUNs apart from W-LUNs */
3347 lun_cnt = sdebug_max_luns;
3350 case 1: /* only W-LUNs */
3354 case 2: /* all LUNs */
3355 lun_cnt = sdebug_max_luns;
3358 case 0x10: /* only administrative LUs */
3359 case 0x11: /* see SPC-5 */
3360 case 0x12: /* only subsiduary LUs owned by referenced LU */
3362 pr_debug("select report invalid %d\n", select_report);
3363 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 2, -1);
3364 return check_condition_result;
3367 if (sdebug_no_lun_0 && (lun_cnt > 0))
3370 tlun_cnt = lun_cnt + wlun_cnt;
3371 rlen = tlun_cnt * sz_lun; /* excluding 8 byte header */
3372 scsi_set_resid(scp, scsi_bufflen(scp));
3373 pr_debug("select_report %d luns = %d wluns = %d no_lun0 %d\n",
3374 select_report, lun_cnt, wlun_cnt, sdebug_no_lun_0);
3376 /* loops rely on sizeof response header same as sizeof lun (both 8) */
3377 lun = sdebug_no_lun_0 ? 1 : 0;
3378 for (k = 0, j = 0, res = 0; true; ++k, j = 0) {
3379 memset(arr, 0, sizeof(arr));
3380 lun_p = (struct scsi_lun *)&arr[0];
3382 put_unaligned_be32(rlen, &arr[0]);
3386 for ( ; j < RL_BUCKET_ELEMS; ++j, ++lun_p) {
3387 if ((k * RL_BUCKET_ELEMS) + j > lun_cnt)
3389 int_to_scsilun(lun++, lun_p);
3391 if (j < RL_BUCKET_ELEMS)
3394 res = p_fill_from_dev_buffer(scp, arr, n, off_rsp);
3400 int_to_scsilun(SCSI_W_LUN_REPORT_LUNS, lun_p);
3404 res = p_fill_from_dev_buffer(scp, arr, j * sz_lun, off_rsp);
3408 static int resp_xdwriteread(struct scsi_cmnd *scp, unsigned long long lba,
3409 unsigned int num, struct sdebug_dev_info *devip)
3412 unsigned char *kaddr, *buf;
3413 unsigned int offset;
3414 struct scsi_data_buffer *sdb = scsi_in(scp);
3415 struct sg_mapping_iter miter;
3417 /* better not to use temporary buffer. */
3418 buf = kzalloc(scsi_bufflen(scp), GFP_ATOMIC);
3420 mk_sense_buffer(scp, ILLEGAL_REQUEST, INSUFF_RES_ASC,
3422 return check_condition_result;
3425 scsi_sg_copy_to_buffer(scp, buf, scsi_bufflen(scp));
3428 sg_miter_start(&miter, sdb->table.sgl, sdb->table.nents,
3429 SG_MITER_ATOMIC | SG_MITER_TO_SG);
3431 while (sg_miter_next(&miter)) {
3433 for (j = 0; j < miter.length; j++)
3434 *(kaddr + j) ^= *(buf + offset + j);
3436 offset += miter.length;
3438 sg_miter_stop(&miter);
3444 static int resp_xdwriteread_10(struct scsi_cmnd *scp,
3445 struct sdebug_dev_info *devip)
3447 u8 *cmd = scp->cmnd;
3452 if (!scsi_bidi_cmnd(scp)) {
3453 mk_sense_buffer(scp, ILLEGAL_REQUEST, INSUFF_RES_ASC,
3455 return check_condition_result;
3457 errsts = resp_read_dt0(scp, devip);
3460 if (!(cmd[1] & 0x4)) { /* DISABLE_WRITE is not set */
3461 errsts = resp_write_dt0(scp, devip);
3465 lba = get_unaligned_be32(cmd + 2);
3466 num = get_unaligned_be16(cmd + 7);
3467 return resp_xdwriteread(scp, lba, num, devip);
3470 static struct sdebug_queue *get_queue(struct scsi_cmnd *cmnd)
3472 struct sdebug_queue *sqp = sdebug_q_arr;
3474 if (sdebug_mq_active) {
3475 u32 tag = blk_mq_unique_tag(cmnd->request);
3476 u16 hwq = blk_mq_unique_tag_to_hwq(tag);
3478 if (unlikely(hwq >= submit_queues)) {
3479 pr_warn("Unexpected hwq=%d, apply modulo\n", hwq);
3480 hwq %= submit_queues;
3482 pr_debug("tag=%u, hwq=%d\n", tag, hwq);
3488 /* Queued (deferred) command completions converge here. */
3489 static void sdebug_q_cmd_complete(struct sdebug_defer *sd_dp)
3493 unsigned long iflags;
3494 struct sdebug_queue *sqp;
3495 struct sdebug_queued_cmd *sqcp;
3496 struct scsi_cmnd *scp;
3497 struct sdebug_dev_info *devip;
3499 qc_idx = sd_dp->qc_idx;
3500 sqp = sdebug_q_arr + sd_dp->sqa_idx;
3501 if (sdebug_statistics) {
3502 atomic_inc(&sdebug_completions);
3503 if (raw_smp_processor_id() != sd_dp->issuing_cpu)
3504 atomic_inc(&sdebug_miss_cpus);
3506 if (unlikely((qc_idx < 0) || (qc_idx >= SDEBUG_CANQUEUE))) {
3507 pr_err("wild qc_idx=%d\n", qc_idx);
3510 spin_lock_irqsave(&sqp->qc_lock, iflags);
3511 sqcp = &sqp->qc_arr[qc_idx];
3513 if (unlikely(scp == NULL)) {
3514 spin_unlock_irqrestore(&sqp->qc_lock, iflags);
3515 pr_err("scp is NULL, sqa_idx=%d, qc_idx=%d\n",
3516 sd_dp->sqa_idx, qc_idx);
3519 devip = (struct sdebug_dev_info *)scp->device->hostdata;
3521 atomic_dec(&devip->num_in_q);
3523 pr_err("devip=NULL\n");
3524 if (unlikely(atomic_read(&retired_max_queue) > 0))
3527 sqcp->a_cmnd = NULL;
3528 if (unlikely(!test_and_clear_bit(qc_idx, sqp->in_use_bm))) {
3529 spin_unlock_irqrestore(&sqp->qc_lock, iflags);
3530 pr_err("Unexpected completion\n");
3534 if (unlikely(retiring)) { /* user has reduced max_queue */
3537 retval = atomic_read(&retired_max_queue);
3538 if (qc_idx >= retval) {
3539 spin_unlock_irqrestore(&sqp->qc_lock, iflags);
3540 pr_err("index %d too large\n", retval);
3543 k = find_last_bit(sqp->in_use_bm, retval);
3544 if ((k < sdebug_max_queue) || (k == retval))
3545 atomic_set(&retired_max_queue, 0);
3547 atomic_set(&retired_max_queue, k + 1);
3549 spin_unlock_irqrestore(&sqp->qc_lock, iflags);
3550 scp->scsi_done(scp); /* callback to mid level */
3553 /* When high resolution timer goes off this function is called. */
3554 static enum hrtimer_restart sdebug_q_cmd_hrt_complete(struct hrtimer *timer)
3556 struct sdebug_defer *sd_dp = container_of(timer, struct sdebug_defer,
3558 sdebug_q_cmd_complete(sd_dp);
3559 return HRTIMER_NORESTART;
3562 /* When work queue schedules work, it calls this function. */
3563 static void sdebug_q_cmd_wq_complete(struct work_struct *work)
3565 struct sdebug_defer *sd_dp = container_of(work, struct sdebug_defer,
3567 sdebug_q_cmd_complete(sd_dp);
3570 static bool got_shared_uuid;
3571 static uuid_be shared_uuid;
3573 static struct sdebug_dev_info *sdebug_device_create(
3574 struct sdebug_host_info *sdbg_host, gfp_t flags)
3576 struct sdebug_dev_info *devip;
3578 devip = kzalloc(sizeof(*devip), flags);
3580 if (sdebug_uuid_ctl == 1)
3581 uuid_be_gen(&devip->lu_name);
3582 else if (sdebug_uuid_ctl == 2) {
3583 if (got_shared_uuid)
3584 devip->lu_name = shared_uuid;
3586 uuid_be_gen(&shared_uuid);
3587 got_shared_uuid = true;
3588 devip->lu_name = shared_uuid;
3591 devip->sdbg_host = sdbg_host;
3592 list_add_tail(&devip->dev_list, &sdbg_host->dev_info_list);
3597 static struct sdebug_dev_info *find_build_dev_info(struct scsi_device *sdev)
3599 struct sdebug_host_info *sdbg_host;
3600 struct sdebug_dev_info *open_devip = NULL;
3601 struct sdebug_dev_info *devip;
3603 sdbg_host = *(struct sdebug_host_info **)shost_priv(sdev->host);
3605 pr_err("Host info NULL\n");
3608 list_for_each_entry(devip, &sdbg_host->dev_info_list, dev_list) {
3609 if ((devip->used) && (devip->channel == sdev->channel) &&
3610 (devip->target == sdev->id) &&
3611 (devip->lun == sdev->lun))
3614 if ((!devip->used) && (!open_devip))
3618 if (!open_devip) { /* try and make a new one */
3619 open_devip = sdebug_device_create(sdbg_host, GFP_ATOMIC);
3621 pr_err("out of memory at line %d\n", __LINE__);
3626 open_devip->channel = sdev->channel;
3627 open_devip->target = sdev->id;
3628 open_devip->lun = sdev->lun;
3629 open_devip->sdbg_host = sdbg_host;
3630 atomic_set(&open_devip->num_in_q, 0);
3631 set_bit(SDEBUG_UA_POR, open_devip->uas_bm);
3632 open_devip->used = true;
3636 static int scsi_debug_slave_alloc(struct scsi_device *sdp)
3639 pr_info("slave_alloc <%u %u %u %llu>\n",
3640 sdp->host->host_no, sdp->channel, sdp->id, sdp->lun);
3641 queue_flag_set_unlocked(QUEUE_FLAG_BIDI, sdp->request_queue);
3645 static int scsi_debug_slave_configure(struct scsi_device *sdp)
3647 struct sdebug_dev_info *devip =
3648 (struct sdebug_dev_info *)sdp->hostdata;
3651 pr_info("slave_configure <%u %u %u %llu>\n",
3652 sdp->host->host_no, sdp->channel, sdp->id, sdp->lun);
3653 if (sdp->host->max_cmd_len != SDEBUG_MAX_CMD_LEN)
3654 sdp->host->max_cmd_len = SDEBUG_MAX_CMD_LEN;
3655 if (devip == NULL) {
3656 devip = find_build_dev_info(sdp);
3658 return 1; /* no resources, will be marked offline */
3660 sdp->hostdata = devip;
3661 blk_queue_max_segment_size(sdp->request_queue, -1U);
3663 sdp->no_uld_attach = 1;
3667 static void scsi_debug_slave_destroy(struct scsi_device *sdp)
3669 struct sdebug_dev_info *devip =
3670 (struct sdebug_dev_info *)sdp->hostdata;
3673 pr_info("slave_destroy <%u %u %u %llu>\n",
3674 sdp->host->host_no, sdp->channel, sdp->id, sdp->lun);
3676 /* make this slot available for re-use */
3677 devip->used = false;
3678 sdp->hostdata = NULL;
3682 static void stop_qc_helper(struct sdebug_defer *sd_dp)
3686 if ((sdebug_jdelay > 0) || (sdebug_ndelay > 0))
3687 hrtimer_cancel(&sd_dp->hrt);
3688 else if (sdebug_jdelay < 0)
3689 cancel_work_sync(&sd_dp->ew.work);
3692 /* If @cmnd found deletes its timer or work queue and returns true; else
3694 static bool stop_queued_cmnd(struct scsi_cmnd *cmnd)
3696 unsigned long iflags;
3697 int j, k, qmax, r_qmax;
3698 struct sdebug_queue *sqp;
3699 struct sdebug_queued_cmd *sqcp;
3700 struct sdebug_dev_info *devip;
3701 struct sdebug_defer *sd_dp;
3703 for (j = 0, sqp = sdebug_q_arr; j < submit_queues; ++j, ++sqp) {
3704 spin_lock_irqsave(&sqp->qc_lock, iflags);
3705 qmax = sdebug_max_queue;
3706 r_qmax = atomic_read(&retired_max_queue);
3709 for (k = 0; k < qmax; ++k) {
3710 if (test_bit(k, sqp->in_use_bm)) {
3711 sqcp = &sqp->qc_arr[k];
3712 if (cmnd != sqcp->a_cmnd)
3715 devip = (struct sdebug_dev_info *)
3716 cmnd->device->hostdata;
3718 atomic_dec(&devip->num_in_q);
3719 sqcp->a_cmnd = NULL;
3720 sd_dp = sqcp->sd_dp;
3721 spin_unlock_irqrestore(&sqp->qc_lock, iflags);
3722 stop_qc_helper(sd_dp);
3723 clear_bit(k, sqp->in_use_bm);
3727 spin_unlock_irqrestore(&sqp->qc_lock, iflags);
3732 /* Deletes (stops) timers or work queues of all queued commands */
3733 static void stop_all_queued(void)
3735 unsigned long iflags;
3737 struct sdebug_queue *sqp;
3738 struct sdebug_queued_cmd *sqcp;
3739 struct sdebug_dev_info *devip;
3740 struct sdebug_defer *sd_dp;
3742 for (j = 0, sqp = sdebug_q_arr; j < submit_queues; ++j, ++sqp) {
3743 spin_lock_irqsave(&sqp->qc_lock, iflags);
3744 for (k = 0; k < SDEBUG_CANQUEUE; ++k) {
3745 if (test_bit(k, sqp->in_use_bm)) {
3746 sqcp = &sqp->qc_arr[k];
3747 if (sqcp->a_cmnd == NULL)
3749 devip = (struct sdebug_dev_info *)
3750 sqcp->a_cmnd->device->hostdata;
3752 atomic_dec(&devip->num_in_q);
3753 sqcp->a_cmnd = NULL;
3754 sd_dp = sqcp->sd_dp;
3755 spin_unlock_irqrestore(&sqp->qc_lock, iflags);
3756 stop_qc_helper(sd_dp);
3757 clear_bit(k, sqp->in_use_bm);
3758 spin_lock_irqsave(&sqp->qc_lock, iflags);
3761 spin_unlock_irqrestore(&sqp->qc_lock, iflags);
3765 /* Free queued command memory on heap */
3766 static void free_all_queued(void)
3769 struct sdebug_queue *sqp;
3770 struct sdebug_queued_cmd *sqcp;
3772 for (j = 0, sqp = sdebug_q_arr; j < submit_queues; ++j, ++sqp) {
3773 for (k = 0; k < SDEBUG_CANQUEUE; ++k) {
3774 sqcp = &sqp->qc_arr[k];
3781 static int scsi_debug_abort(struct scsi_cmnd *SCpnt)
3787 ok = stop_queued_cmnd(SCpnt);
3788 if (SCpnt->device && (SDEBUG_OPT_ALL_NOISE & sdebug_opts))
3789 sdev_printk(KERN_INFO, SCpnt->device,
3790 "%s: command%s found\n", __func__,
3796 static int scsi_debug_device_reset(struct scsi_cmnd * SCpnt)
3799 if (SCpnt && SCpnt->device) {
3800 struct scsi_device *sdp = SCpnt->device;
3801 struct sdebug_dev_info *devip =
3802 (struct sdebug_dev_info *)sdp->hostdata;
3804 if (SDEBUG_OPT_ALL_NOISE & sdebug_opts)
3805 sdev_printk(KERN_INFO, sdp, "%s\n", __func__);
3807 set_bit(SDEBUG_UA_POR, devip->uas_bm);
3812 static int scsi_debug_target_reset(struct scsi_cmnd *SCpnt)
3814 struct sdebug_host_info *sdbg_host;
3815 struct sdebug_dev_info *devip;
3816 struct scsi_device *sdp;
3817 struct Scsi_Host *hp;
3820 ++num_target_resets;
3823 sdp = SCpnt->device;
3826 if (SDEBUG_OPT_ALL_NOISE & sdebug_opts)
3827 sdev_printk(KERN_INFO, sdp, "%s\n", __func__);
3831 sdbg_host = *(struct sdebug_host_info **)shost_priv(hp);
3833 list_for_each_entry(devip,
3834 &sdbg_host->dev_info_list,
3836 if (devip->target == sdp->id) {
3837 set_bit(SDEBUG_UA_BUS_RESET, devip->uas_bm);
3841 if (SDEBUG_OPT_RESET_NOISE & sdebug_opts)
3842 sdev_printk(KERN_INFO, sdp,
3843 "%s: %d device(s) found in target\n", __func__, k);
3848 static int scsi_debug_bus_reset(struct scsi_cmnd * SCpnt)
3850 struct sdebug_host_info *sdbg_host;
3851 struct sdebug_dev_info *devip;
3852 struct scsi_device * sdp;
3853 struct Scsi_Host * hp;
3857 if (!(SCpnt && SCpnt->device))
3859 sdp = SCpnt->device;
3860 if (SDEBUG_OPT_ALL_NOISE & sdebug_opts)
3861 sdev_printk(KERN_INFO, sdp, "%s\n", __func__);
3864 sdbg_host = *(struct sdebug_host_info **)shost_priv(hp);
3866 list_for_each_entry(devip,
3867 &sdbg_host->dev_info_list,
3869 set_bit(SDEBUG_UA_BUS_RESET, devip->uas_bm);
3874 if (SDEBUG_OPT_RESET_NOISE & sdebug_opts)
3875 sdev_printk(KERN_INFO, sdp,
3876 "%s: %d device(s) found in host\n", __func__, k);
3881 static int scsi_debug_host_reset(struct scsi_cmnd * SCpnt)
3883 struct sdebug_host_info * sdbg_host;
3884 struct sdebug_dev_info *devip;
3888 if ((SCpnt->device) && (SDEBUG_OPT_ALL_NOISE & sdebug_opts))
3889 sdev_printk(KERN_INFO, SCpnt->device, "%s\n", __func__);
3890 spin_lock(&sdebug_host_list_lock);
3891 list_for_each_entry(sdbg_host, &sdebug_host_list, host_list) {
3892 list_for_each_entry(devip, &sdbg_host->dev_info_list,
3894 set_bit(SDEBUG_UA_BUS_RESET, devip->uas_bm);
3898 spin_unlock(&sdebug_host_list_lock);
3900 if (SDEBUG_OPT_RESET_NOISE & sdebug_opts)
3901 sdev_printk(KERN_INFO, SCpnt->device,
3902 "%s: %d device(s) found\n", __func__, k);
3906 static void __init sdebug_build_parts(unsigned char *ramp,
3907 unsigned long store_size)
3909 struct partition * pp;
3910 int starts[SDEBUG_MAX_PARTS + 2];
3911 int sectors_per_part, num_sectors, k;
3912 int heads_by_sects, start_sec, end_sec;
3914 /* assume partition table already zeroed */
3915 if ((sdebug_num_parts < 1) || (store_size < 1048576))
3917 if (sdebug_num_parts > SDEBUG_MAX_PARTS) {
3918 sdebug_num_parts = SDEBUG_MAX_PARTS;
3919 pr_warn("reducing partitions to %d\n", SDEBUG_MAX_PARTS);
3921 num_sectors = (int)sdebug_store_sectors;
3922 sectors_per_part = (num_sectors - sdebug_sectors_per)
3924 heads_by_sects = sdebug_heads * sdebug_sectors_per;
3925 starts[0] = sdebug_sectors_per;
3926 for (k = 1; k < sdebug_num_parts; ++k)
3927 starts[k] = ((k * sectors_per_part) / heads_by_sects)
3929 starts[sdebug_num_parts] = num_sectors;
3930 starts[sdebug_num_parts + 1] = 0;
3932 ramp[510] = 0x55; /* magic partition markings */
3934 pp = (struct partition *)(ramp + 0x1be);
3935 for (k = 0; starts[k + 1]; ++k, ++pp) {
3936 start_sec = starts[k];
3937 end_sec = starts[k + 1] - 1;
3940 pp->cyl = start_sec / heads_by_sects;
3941 pp->head = (start_sec - (pp->cyl * heads_by_sects))
3942 / sdebug_sectors_per;
3943 pp->sector = (start_sec % sdebug_sectors_per) + 1;
3945 pp->end_cyl = end_sec / heads_by_sects;
3946 pp->end_head = (end_sec - (pp->end_cyl * heads_by_sects))
3947 / sdebug_sectors_per;
3948 pp->end_sector = (end_sec % sdebug_sectors_per) + 1;
3950 pp->start_sect = cpu_to_le32(start_sec);
3951 pp->nr_sects = cpu_to_le32(end_sec - start_sec + 1);
3952 pp->sys_ind = 0x83; /* plain Linux partition */
3956 static void block_unblock_all_queues(bool block)
3959 struct sdebug_queue *sqp;
3961 for (j = 0, sqp = sdebug_q_arr; j < submit_queues; ++j, ++sqp)
3962 atomic_set(&sqp->blocked, (int)block);
3965 /* Adjust (by rounding down) the sdebug_cmnd_count so abs(every_nth)-1
3966 * commands will be processed normally before triggers occur.
3968 static void tweak_cmnd_count(void)
3972 modulo = abs(sdebug_every_nth);
3975 block_unblock_all_queues(true);
3976 count = atomic_read(&sdebug_cmnd_count);
3977 atomic_set(&sdebug_cmnd_count, (count / modulo) * modulo);
3978 block_unblock_all_queues(false);
3981 static void clear_queue_stats(void)
3983 atomic_set(&sdebug_cmnd_count, 0);
3984 atomic_set(&sdebug_completions, 0);
3985 atomic_set(&sdebug_miss_cpus, 0);
3986 atomic_set(&sdebug_a_tsf, 0);
3989 static void setup_inject(struct sdebug_queue *sqp,
3990 struct sdebug_queued_cmd *sqcp)
3992 if ((atomic_read(&sdebug_cmnd_count) % abs(sdebug_every_nth)) > 0)
3994 sqcp->inj_recovered = !!(SDEBUG_OPT_RECOVERED_ERR & sdebug_opts);
3995 sqcp->inj_transport = !!(SDEBUG_OPT_TRANSPORT_ERR & sdebug_opts);
3996 sqcp->inj_dif = !!(SDEBUG_OPT_DIF_ERR & sdebug_opts);
3997 sqcp->inj_dix = !!(SDEBUG_OPT_DIX_ERR & sdebug_opts);
3998 sqcp->inj_short = !!(SDEBUG_OPT_SHORT_TRANSFER & sdebug_opts);
4001 /* Complete the processing of the thread that queued a SCSI command to this
4002 * driver. It either completes the command by calling cmnd_done() or
4003 * schedules a hr timer or work queue then returns 0. Returns
4004 * SCSI_MLQUEUE_HOST_BUSY if temporarily out of resources.
4006 static int schedule_resp(struct scsi_cmnd *cmnd, struct sdebug_dev_info *devip,
4007 int scsi_result, int delta_jiff)
4009 unsigned long iflags;
4010 int k, num_in_q, qdepth, inject;
4011 struct sdebug_queue *sqp;
4012 struct sdebug_queued_cmd *sqcp;
4013 struct scsi_device *sdp;
4014 struct sdebug_defer *sd_dp;
4016 if (unlikely(devip == NULL)) {
4017 if (scsi_result == 0)
4018 scsi_result = DID_NO_CONNECT << 16;
4019 goto respond_in_thread;
4023 if (unlikely(sdebug_verbose && scsi_result))
4024 sdev_printk(KERN_INFO, sdp, "%s: non-zero result=0x%x\n",
4025 __func__, scsi_result);
4026 if (delta_jiff == 0)
4027 goto respond_in_thread;
4029 /* schedule the response at a later time if resources permit */
4030 sqp = get_queue(cmnd);
4031 spin_lock_irqsave(&sqp->qc_lock, iflags);
4032 if (unlikely(atomic_read(&sqp->blocked))) {
4033 spin_unlock_irqrestore(&sqp->qc_lock, iflags);
4034 return SCSI_MLQUEUE_HOST_BUSY;
4036 num_in_q = atomic_read(&devip->num_in_q);
4037 qdepth = cmnd->device->queue_depth;
4039 if (unlikely((qdepth > 0) && (num_in_q >= qdepth))) {
4041 spin_unlock_irqrestore(&sqp->qc_lock, iflags);
4042 goto respond_in_thread;
4044 scsi_result = device_qfull_result;
4045 } else if (unlikely(sdebug_every_nth &&
4046 (SDEBUG_OPT_RARE_TSF & sdebug_opts) &&
4047 (scsi_result == 0))) {
4048 if ((num_in_q == (qdepth - 1)) &&
4049 (atomic_inc_return(&sdebug_a_tsf) >=
4050 abs(sdebug_every_nth))) {
4051 atomic_set(&sdebug_a_tsf, 0);
4053 scsi_result = device_qfull_result;
4057 k = find_first_zero_bit(sqp->in_use_bm, sdebug_max_queue);
4058 if (unlikely(k >= sdebug_max_queue)) {
4059 spin_unlock_irqrestore(&sqp->qc_lock, iflags);
4061 goto respond_in_thread;
4062 else if (SDEBUG_OPT_ALL_TSF & sdebug_opts)
4063 scsi_result = device_qfull_result;
4064 if (SDEBUG_OPT_Q_NOISE & sdebug_opts)
4065 sdev_printk(KERN_INFO, sdp,
4066 "%s: max_queue=%d exceeded, %s\n",
4067 __func__, sdebug_max_queue,
4068 (scsi_result ? "status: TASK SET FULL" :
4069 "report: host busy"));
4071 goto respond_in_thread;
4073 return SCSI_MLQUEUE_HOST_BUSY;
4075 __set_bit(k, sqp->in_use_bm);
4076 atomic_inc(&devip->num_in_q);
4077 sqcp = &sqp->qc_arr[k];
4078 sqcp->a_cmnd = cmnd;
4079 cmnd->host_scribble = (unsigned char *)sqcp;
4080 cmnd->result = scsi_result;
4081 sd_dp = sqcp->sd_dp;
4082 spin_unlock_irqrestore(&sqp->qc_lock, iflags);
4083 if (unlikely(sdebug_every_nth && sdebug_any_injecting_opt))
4084 setup_inject(sqp, sqcp);
4085 if (delta_jiff > 0 || sdebug_ndelay > 0) {
4088 if (delta_jiff > 0) {
4091 jiffies_to_timespec(delta_jiff, &ts);
4092 kt = ktime_set(ts.tv_sec, ts.tv_nsec);
4095 if (NULL == sd_dp) {
4096 sd_dp = kzalloc(sizeof(*sd_dp), GFP_ATOMIC);
4098 return SCSI_MLQUEUE_HOST_BUSY;
4099 sqcp->sd_dp = sd_dp;
4100 hrtimer_init(&sd_dp->hrt, CLOCK_MONOTONIC,
4101 HRTIMER_MODE_REL_PINNED);
4102 sd_dp->hrt.function = sdebug_q_cmd_hrt_complete;
4103 sd_dp->sqa_idx = sqp - sdebug_q_arr;
4106 if (sdebug_statistics)
4107 sd_dp->issuing_cpu = raw_smp_processor_id();
4108 hrtimer_start(&sd_dp->hrt, kt, HRTIMER_MODE_REL_PINNED);
4109 } else { /* jdelay < 0, use work queue */
4110 if (NULL == sd_dp) {
4111 sd_dp = kzalloc(sizeof(*sqcp->sd_dp), GFP_ATOMIC);
4113 return SCSI_MLQUEUE_HOST_BUSY;
4114 sqcp->sd_dp = sd_dp;
4115 sd_dp->sqa_idx = sqp - sdebug_q_arr;
4117 INIT_WORK(&sd_dp->ew.work, sdebug_q_cmd_wq_complete);
4119 if (sdebug_statistics)
4120 sd_dp->issuing_cpu = raw_smp_processor_id();
4121 schedule_work(&sd_dp->ew.work);
4123 if (unlikely((SDEBUG_OPT_Q_NOISE & sdebug_opts) &&
4124 (scsi_result == device_qfull_result)))
4125 sdev_printk(KERN_INFO, sdp,
4126 "%s: num_in_q=%d +1, %s%s\n", __func__,
4127 num_in_q, (inject ? "<inject> " : ""),
4128 "status: TASK SET FULL");
4131 respond_in_thread: /* call back to mid-layer using invocation thread */
4132 cmnd->result = scsi_result;
4133 cmnd->scsi_done(cmnd);
4137 /* Note: The following macros create attribute files in the
4138 /sys/module/scsi_debug/parameters directory. Unfortunately this
4139 driver is unaware of a change and cannot trigger auxiliary actions
4140 as it can when the corresponding attribute in the
4141 /sys/bus/pseudo/drivers/scsi_debug directory is changed.
4143 module_param_named(add_host, sdebug_add_host, int, S_IRUGO | S_IWUSR);
4144 module_param_named(ato, sdebug_ato, int, S_IRUGO);
4145 module_param_named(clustering, sdebug_clustering, bool, S_IRUGO | S_IWUSR);
4146 module_param_named(delay, sdebug_jdelay, int, S_IRUGO | S_IWUSR);
4147 module_param_named(dev_size_mb, sdebug_dev_size_mb, int, S_IRUGO);
4148 module_param_named(dif, sdebug_dif, int, S_IRUGO);
4149 module_param_named(dix, sdebug_dix, int, S_IRUGO);
4150 module_param_named(dsense, sdebug_dsense, int, S_IRUGO | S_IWUSR);
4151 module_param_named(every_nth, sdebug_every_nth, int, S_IRUGO | S_IWUSR);
4152 module_param_named(fake_rw, sdebug_fake_rw, int, S_IRUGO | S_IWUSR);
4153 module_param_named(guard, sdebug_guard, uint, S_IRUGO);
4154 module_param_named(host_lock, sdebug_host_lock, bool, S_IRUGO | S_IWUSR);
4155 module_param_named(lbpu, sdebug_lbpu, int, S_IRUGO);
4156 module_param_named(lbpws, sdebug_lbpws, int, S_IRUGO);
4157 module_param_named(lbpws10, sdebug_lbpws10, int, S_IRUGO);
4158 module_param_named(lbprz, sdebug_lbprz, int, S_IRUGO);
4159 module_param_named(lowest_aligned, sdebug_lowest_aligned, int, S_IRUGO);
4160 module_param_named(max_luns, sdebug_max_luns, int, S_IRUGO | S_IWUSR);
4161 module_param_named(max_queue, sdebug_max_queue, int, S_IRUGO | S_IWUSR);
4162 module_param_named(ndelay, sdebug_ndelay, int, S_IRUGO | S_IWUSR);
4163 module_param_named(no_lun_0, sdebug_no_lun_0, int, S_IRUGO | S_IWUSR);
4164 module_param_named(no_uld, sdebug_no_uld, int, S_IRUGO);
4165 module_param_named(num_parts, sdebug_num_parts, int, S_IRUGO);
4166 module_param_named(num_tgts, sdebug_num_tgts, int, S_IRUGO | S_IWUSR);
4167 module_param_named(opt_blks, sdebug_opt_blks, int, S_IRUGO);
4168 module_param_named(opts, sdebug_opts, int, S_IRUGO | S_IWUSR);
4169 module_param_named(physblk_exp, sdebug_physblk_exp, int, S_IRUGO);
4170 module_param_named(opt_xferlen_exp, sdebug_opt_xferlen_exp, int, S_IRUGO);
4171 module_param_named(ptype, sdebug_ptype, int, S_IRUGO | S_IWUSR);
4172 module_param_named(removable, sdebug_removable, bool, S_IRUGO | S_IWUSR);
4173 module_param_named(scsi_level, sdebug_scsi_level, int, S_IRUGO);
4174 module_param_named(sector_size, sdebug_sector_size, int, S_IRUGO);
4175 module_param_named(statistics, sdebug_statistics, bool, S_IRUGO | S_IWUSR);
4176 module_param_named(strict, sdebug_strict, bool, S_IRUGO | S_IWUSR);
4177 module_param_named(submit_queues, submit_queues, int, S_IRUGO);
4178 module_param_named(unmap_alignment, sdebug_unmap_alignment, int, S_IRUGO);
4179 module_param_named(unmap_granularity, sdebug_unmap_granularity, int, S_IRUGO);
4180 module_param_named(unmap_max_blocks, sdebug_unmap_max_blocks, int, S_IRUGO);
4181 module_param_named(unmap_max_desc, sdebug_unmap_max_desc, int, S_IRUGO);
4182 module_param_named(virtual_gb, sdebug_virtual_gb, int, S_IRUGO | S_IWUSR);
4183 module_param_named(uuid_ctl, sdebug_uuid_ctl, int, S_IRUGO);
4184 module_param_named(vpd_use_hostno, sdebug_vpd_use_hostno, int,
4186 module_param_named(write_same_length, sdebug_write_same_length, int,
4189 MODULE_AUTHOR("Eric Youngdale + Douglas Gilbert");
4190 MODULE_DESCRIPTION("SCSI debug adapter driver");
4191 MODULE_LICENSE("GPL");
4192 MODULE_VERSION(SDEBUG_VERSION);
4194 MODULE_PARM_DESC(add_host, "0..127 hosts allowed(def=1)");
4195 MODULE_PARM_DESC(ato, "application tag ownership: 0=disk 1=host (def=1)");
4196 MODULE_PARM_DESC(clustering, "when set enables larger transfers (def=0)");
4197 MODULE_PARM_DESC(delay, "response delay (def=1 jiffy); 0:imm, -1,-2:tiny");
4198 MODULE_PARM_DESC(dev_size_mb, "size in MiB of ram shared by devs(def=8)");
4199 MODULE_PARM_DESC(dif, "data integrity field type: 0-3 (def=0)");
4200 MODULE_PARM_DESC(dix, "data integrity extensions mask (def=0)");
4201 MODULE_PARM_DESC(dsense, "use descriptor sense format(def=0 -> fixed)");
4202 MODULE_PARM_DESC(every_nth, "timeout every nth command(def=0)");
4203 MODULE_PARM_DESC(fake_rw, "fake reads/writes instead of copying (def=0)");
4204 MODULE_PARM_DESC(guard, "protection checksum: 0=crc, 1=ip (def=0)");
4205 MODULE_PARM_DESC(host_lock, "host_lock is ignored (def=0)");
4206 MODULE_PARM_DESC(lbpu, "enable LBP, support UNMAP command (def=0)");
4207 MODULE_PARM_DESC(lbpws, "enable LBP, support WRITE SAME(16) with UNMAP bit (def=0)");
4208 MODULE_PARM_DESC(lbpws10, "enable LBP, support WRITE SAME(10) with UNMAP bit (def=0)");
4209 MODULE_PARM_DESC(lbprz,
4210 "on read unmapped LBs return 0 when 1 (def), return 0xff when 2");
4211 MODULE_PARM_DESC(lowest_aligned, "lowest aligned lba (def=0)");
4212 MODULE_PARM_DESC(max_luns, "number of LUNs per target to simulate(def=1)");
4213 MODULE_PARM_DESC(max_queue, "max number of queued commands (1 to max(def))");
4214 MODULE_PARM_DESC(ndelay, "response delay in nanoseconds (def=0 -> ignore)");
4215 MODULE_PARM_DESC(no_lun_0, "no LU number 0 (def=0 -> have lun 0)");
4216 MODULE_PARM_DESC(no_uld, "stop ULD (e.g. sd driver) attaching (def=0))");
4217 MODULE_PARM_DESC(num_parts, "number of partitions(def=0)");
4218 MODULE_PARM_DESC(num_tgts, "number of targets per host to simulate(def=1)");
4219 MODULE_PARM_DESC(opt_blks, "optimal transfer length in blocks (def=1024)");
4220 MODULE_PARM_DESC(opts, "1->noise, 2->medium_err, 4->timeout, 8->recovered_err... (def=0)");
4221 MODULE_PARM_DESC(physblk_exp, "physical block exponent (def=0)");
4222 MODULE_PARM_DESC(opt_xferlen_exp, "optimal transfer length granularity exponent (def=physblk_exp)");
4223 MODULE_PARM_DESC(ptype, "SCSI peripheral type(def=0[disk])");
4224 MODULE_PARM_DESC(removable, "claim to have removable media (def=0)");
4225 MODULE_PARM_DESC(scsi_level, "SCSI level to simulate(def=7[SPC-5])");
4226 MODULE_PARM_DESC(sector_size, "logical block size in bytes (def=512)");
4227 MODULE_PARM_DESC(statistics, "collect statistics on commands, queues (def=0)");
4228 MODULE_PARM_DESC(strict, "stricter checks: reserved field in cdb (def=0)");
4229 MODULE_PARM_DESC(submit_queues, "support for block multi-queue (def=1)");
4230 MODULE_PARM_DESC(unmap_alignment, "lowest aligned thin provisioning lba (def=0)");
4231 MODULE_PARM_DESC(unmap_granularity, "thin provisioning granularity in blocks (def=1)");
4232 MODULE_PARM_DESC(unmap_max_blocks, "max # of blocks can be unmapped in one cmd (def=0xffffffff)");
4233 MODULE_PARM_DESC(unmap_max_desc, "max # of ranges that can be unmapped in one cmd (def=256)");
4234 MODULE_PARM_DESC(uuid_ctl,
4235 "1->use uuid for lu name, 0->don't, 2->all use same (def=0)");
4236 MODULE_PARM_DESC(virtual_gb, "virtual gigabyte (GiB) size (def=0 -> use dev_size_mb)");
4237 MODULE_PARM_DESC(vpd_use_hostno, "0 -> dev ids ignore hostno (def=1 -> unique dev ids)");
4238 MODULE_PARM_DESC(write_same_length, "Maximum blocks per WRITE SAME cmd (def=0xffff)");
4240 #define SDEBUG_INFO_LEN 256
4241 static char sdebug_info[SDEBUG_INFO_LEN];
4243 static const char * scsi_debug_info(struct Scsi_Host * shp)
4247 k = scnprintf(sdebug_info, SDEBUG_INFO_LEN, "%s: version %s [%s]\n",
4248 my_name, SDEBUG_VERSION, sdebug_version_date);
4249 if (k >= (SDEBUG_INFO_LEN - 1))
4251 scnprintf(sdebug_info + k, SDEBUG_INFO_LEN - k,
4252 " dev_size_mb=%d, opts=0x%x, submit_queues=%d, %s=%d",
4253 sdebug_dev_size_mb, sdebug_opts, submit_queues,
4254 "statistics", (int)sdebug_statistics);
4258 /* 'echo <val> > /proc/scsi/scsi_debug/<host_id>' writes to opts */
4259 static int scsi_debug_write_info(struct Scsi_Host *host, char *buffer,
4264 int minLen = length > 15 ? 15 : length;
4266 if (!capable(CAP_SYS_ADMIN) || !capable(CAP_SYS_RAWIO))
4268 memcpy(arr, buffer, minLen);
4270 if (1 != sscanf(arr, "%d", &opts))
4273 sdebug_verbose = !!(SDEBUG_OPT_NOISE & opts);
4274 sdebug_any_injecting_opt = !!(SDEBUG_OPT_ALL_INJECTING & opts);
4275 if (sdebug_every_nth != 0)
4280 /* Output seen with 'cat /proc/scsi/scsi_debug/<host_id>'. It will be the
4281 * same for each scsi_debug host (if more than one). Some of the counters
4282 * output are not atomics so might be inaccurate in a busy system. */
4283 static int scsi_debug_show_info(struct seq_file *m, struct Scsi_Host *host)
4286 struct sdebug_queue *sqp;
4288 seq_printf(m, "scsi_debug adapter driver, version %s [%s]\n",
4289 SDEBUG_VERSION, sdebug_version_date);
4290 seq_printf(m, "num_tgts=%d, %ssize=%d MB, opts=0x%x, every_nth=%d\n",
4291 sdebug_num_tgts, "shared (ram) ", sdebug_dev_size_mb,
4292 sdebug_opts, sdebug_every_nth);
4293 seq_printf(m, "delay=%d, ndelay=%d, max_luns=%d, sector_size=%d %s\n",
4294 sdebug_jdelay, sdebug_ndelay, sdebug_max_luns,
4295 sdebug_sector_size, "bytes");
4296 seq_printf(m, "cylinders=%d, heads=%d, sectors=%d, command aborts=%d\n",
4297 sdebug_cylinders_per, sdebug_heads, sdebug_sectors_per,
4299 seq_printf(m, "RESETs: device=%d, target=%d, bus=%d, host=%d\n",
4300 num_dev_resets, num_target_resets, num_bus_resets,
4302 seq_printf(m, "dix_reads=%d, dix_writes=%d, dif_errors=%d\n",
4303 dix_reads, dix_writes, dif_errors);
4304 seq_printf(m, "usec_in_jiffy=%lu, %s=%d, mq_active=%d\n",
4305 TICK_NSEC / 1000, "statistics", sdebug_statistics,
4307 seq_printf(m, "cmnd_count=%d, completions=%d, %s=%d, a_tsf=%d\n",
4308 atomic_read(&sdebug_cmnd_count),
4309 atomic_read(&sdebug_completions),
4310 "miss_cpus", atomic_read(&sdebug_miss_cpus),
4311 atomic_read(&sdebug_a_tsf));
4313 seq_printf(m, "submit_queues=%d\n", submit_queues);
4314 for (j = 0, sqp = sdebug_q_arr; j < submit_queues; ++j, ++sqp) {
4315 seq_printf(m, " queue %d:\n", j);
4316 f = find_first_bit(sqp->in_use_bm, sdebug_max_queue);
4317 if (f != sdebug_max_queue) {
4318 l = find_last_bit(sqp->in_use_bm, sdebug_max_queue);
4319 seq_printf(m, " in_use_bm BUSY: %s: %d,%d\n",
4320 "first,last bits", f, l);
4326 static ssize_t delay_show(struct device_driver *ddp, char *buf)
4328 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_jdelay);
4330 /* Returns -EBUSY if jdelay is being changed and commands are queued. The unit
4331 * of delay is jiffies.
4333 static ssize_t delay_store(struct device_driver *ddp, const char *buf,
4338 if (count > 0 && sscanf(buf, "%d", &jdelay) == 1) {
4340 if (sdebug_jdelay != jdelay) {
4342 struct sdebug_queue *sqp;
4344 block_unblock_all_queues(true);
4345 for (j = 0, sqp = sdebug_q_arr; j < submit_queues;
4347 k = find_first_bit(sqp->in_use_bm,
4349 if (k != sdebug_max_queue) {
4350 res = -EBUSY; /* queued commands */
4355 /* make sure sdebug_defer instances get
4356 * re-allocated for new delay variant */
4358 sdebug_jdelay = jdelay;
4361 block_unblock_all_queues(false);
4367 static DRIVER_ATTR_RW(delay);
4369 static ssize_t ndelay_show(struct device_driver *ddp, char *buf)
4371 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_ndelay);
4373 /* Returns -EBUSY if ndelay is being changed and commands are queued */
4374 /* If > 0 and accepted then sdebug_jdelay is set to JDELAY_OVERRIDDEN */
4375 static ssize_t ndelay_store(struct device_driver *ddp, const char *buf,
4380 if ((count > 0) && (1 == sscanf(buf, "%d", &ndelay)) &&
4381 (ndelay >= 0) && (ndelay < (1000 * 1000 * 1000))) {
4383 if (sdebug_ndelay != ndelay) {
4385 struct sdebug_queue *sqp;
4387 block_unblock_all_queues(true);
4388 for (j = 0, sqp = sdebug_q_arr; j < submit_queues;
4390 k = find_first_bit(sqp->in_use_bm,
4392 if (k != sdebug_max_queue) {
4393 res = -EBUSY; /* queued commands */
4398 /* make sure sdebug_defer instances get
4399 * re-allocated for new delay variant */
4401 sdebug_ndelay = ndelay;
4402 sdebug_jdelay = ndelay ? JDELAY_OVERRIDDEN
4405 block_unblock_all_queues(false);
4411 static DRIVER_ATTR_RW(ndelay);
4413 static ssize_t opts_show(struct device_driver *ddp, char *buf)
4415 return scnprintf(buf, PAGE_SIZE, "0x%x\n", sdebug_opts);
4418 static ssize_t opts_store(struct device_driver *ddp, const char *buf,
4424 if (1 == sscanf(buf, "%10s", work)) {
4425 if (0 == strncasecmp(work,"0x", 2)) {
4426 if (1 == sscanf(&work[2], "%x", &opts))
4429 if (1 == sscanf(work, "%d", &opts))
4436 sdebug_verbose = !!(SDEBUG_OPT_NOISE & opts);
4437 sdebug_any_injecting_opt = !!(SDEBUG_OPT_ALL_INJECTING & opts);
4441 static DRIVER_ATTR_RW(opts);
4443 static ssize_t ptype_show(struct device_driver *ddp, char *buf)
4445 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_ptype);
4447 static ssize_t ptype_store(struct device_driver *ddp, const char *buf,
4452 if ((count > 0) && (1 == sscanf(buf, "%d", &n)) && (n >= 0)) {
4458 static DRIVER_ATTR_RW(ptype);
4460 static ssize_t dsense_show(struct device_driver *ddp, char *buf)
4462 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_dsense);
4464 static ssize_t dsense_store(struct device_driver *ddp, const char *buf,
4469 if ((count > 0) && (1 == sscanf(buf, "%d", &n)) && (n >= 0)) {
4475 static DRIVER_ATTR_RW(dsense);
4477 static ssize_t fake_rw_show(struct device_driver *ddp, char *buf)
4479 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_fake_rw);
4481 static ssize_t fake_rw_store(struct device_driver *ddp, const char *buf,
4486 if ((count > 0) && (1 == sscanf(buf, "%d", &n)) && (n >= 0)) {
4488 sdebug_fake_rw = (sdebug_fake_rw > 0);
4489 if (sdebug_fake_rw != n) {
4490 if ((0 == n) && (NULL == fake_storep)) {
4492 (unsigned long)sdebug_dev_size_mb *
4495 fake_storep = vmalloc(sz);
4496 if (NULL == fake_storep) {
4497 pr_err("out of memory, 9\n");
4500 memset(fake_storep, 0, sz);
4508 static DRIVER_ATTR_RW(fake_rw);
4510 static ssize_t no_lun_0_show(struct device_driver *ddp, char *buf)
4512 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_no_lun_0);
4514 static ssize_t no_lun_0_store(struct device_driver *ddp, const char *buf,
4519 if ((count > 0) && (1 == sscanf(buf, "%d", &n)) && (n >= 0)) {
4520 sdebug_no_lun_0 = n;
4525 static DRIVER_ATTR_RW(no_lun_0);
4527 static ssize_t num_tgts_show(struct device_driver *ddp, char *buf)
4529 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_num_tgts);
4531 static ssize_t num_tgts_store(struct device_driver *ddp, const char *buf,
4536 if ((count > 0) && (1 == sscanf(buf, "%d", &n)) && (n >= 0)) {
4537 sdebug_num_tgts = n;
4538 sdebug_max_tgts_luns();
4543 static DRIVER_ATTR_RW(num_tgts);
4545 static ssize_t dev_size_mb_show(struct device_driver *ddp, char *buf)
4547 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_dev_size_mb);
4549 static DRIVER_ATTR_RO(dev_size_mb);
4551 static ssize_t num_parts_show(struct device_driver *ddp, char *buf)
4553 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_num_parts);
4555 static DRIVER_ATTR_RO(num_parts);
4557 static ssize_t every_nth_show(struct device_driver *ddp, char *buf)
4559 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_every_nth);
4561 static ssize_t every_nth_store(struct device_driver *ddp, const char *buf,
4566 if ((count > 0) && (1 == sscanf(buf, "%d", &nth))) {
4567 sdebug_every_nth = nth;
4568 if (nth && !sdebug_statistics) {
4569 pr_info("every_nth needs statistics=1, set it\n");
4570 sdebug_statistics = true;
4577 static DRIVER_ATTR_RW(every_nth);
4579 static ssize_t max_luns_show(struct device_driver *ddp, char *buf)
4581 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_max_luns);
4583 static ssize_t max_luns_store(struct device_driver *ddp, const char *buf,
4589 if ((count > 0) && (1 == sscanf(buf, "%d", &n)) && (n >= 0)) {
4591 pr_warn("max_luns can be no more than 256\n");
4594 changed = (sdebug_max_luns != n);
4595 sdebug_max_luns = n;
4596 sdebug_max_tgts_luns();
4597 if (changed && (sdebug_scsi_level >= 5)) { /* >= SPC-3 */
4598 struct sdebug_host_info *sdhp;
4599 struct sdebug_dev_info *dp;
4601 spin_lock(&sdebug_host_list_lock);
4602 list_for_each_entry(sdhp, &sdebug_host_list,
4604 list_for_each_entry(dp, &sdhp->dev_info_list,
4606 set_bit(SDEBUG_UA_LUNS_CHANGED,
4610 spin_unlock(&sdebug_host_list_lock);
4616 static DRIVER_ATTR_RW(max_luns);
4618 static ssize_t max_queue_show(struct device_driver *ddp, char *buf)
4620 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_max_queue);
4622 /* N.B. max_queue can be changed while there are queued commands. In flight
4623 * commands beyond the new max_queue will be completed. */
4624 static ssize_t max_queue_store(struct device_driver *ddp, const char *buf,
4628 struct sdebug_queue *sqp;
4630 if ((count > 0) && (1 == sscanf(buf, "%d", &n)) && (n > 0) &&
4631 (n <= SDEBUG_CANQUEUE)) {
4632 block_unblock_all_queues(true);
4634 for (j = 0, sqp = sdebug_q_arr; j < submit_queues;
4636 a = find_last_bit(sqp->in_use_bm, SDEBUG_CANQUEUE);
4640 sdebug_max_queue = n;
4641 if (k == SDEBUG_CANQUEUE)
4642 atomic_set(&retired_max_queue, 0);
4644 atomic_set(&retired_max_queue, k + 1);
4646 atomic_set(&retired_max_queue, 0);
4647 block_unblock_all_queues(false);
4652 static DRIVER_ATTR_RW(max_queue);
4654 static ssize_t no_uld_show(struct device_driver *ddp, char *buf)
4656 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_no_uld);
4658 static DRIVER_ATTR_RO(no_uld);
4660 static ssize_t scsi_level_show(struct device_driver *ddp, char *buf)
4662 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_scsi_level);
4664 static DRIVER_ATTR_RO(scsi_level);
4666 static ssize_t virtual_gb_show(struct device_driver *ddp, char *buf)
4668 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_virtual_gb);
4670 static ssize_t virtual_gb_store(struct device_driver *ddp, const char *buf,
4676 if ((count > 0) && (1 == sscanf(buf, "%d", &n)) && (n >= 0)) {
4677 changed = (sdebug_virtual_gb != n);
4678 sdebug_virtual_gb = n;
4679 sdebug_capacity = get_sdebug_capacity();
4681 struct sdebug_host_info *sdhp;
4682 struct sdebug_dev_info *dp;
4684 spin_lock(&sdebug_host_list_lock);
4685 list_for_each_entry(sdhp, &sdebug_host_list,
4687 list_for_each_entry(dp, &sdhp->dev_info_list,
4689 set_bit(SDEBUG_UA_CAPACITY_CHANGED,
4693 spin_unlock(&sdebug_host_list_lock);
4699 static DRIVER_ATTR_RW(virtual_gb);
4701 static ssize_t add_host_show(struct device_driver *ddp, char *buf)
4703 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_add_host);
4706 static int sdebug_add_adapter(void);
4707 static void sdebug_remove_adapter(void);
4709 static ssize_t add_host_store(struct device_driver *ddp, const char *buf,
4714 if (sscanf(buf, "%d", &delta_hosts) != 1)
4716 if (delta_hosts > 0) {
4718 sdebug_add_adapter();
4719 } while (--delta_hosts);
4720 } else if (delta_hosts < 0) {
4722 sdebug_remove_adapter();
4723 } while (++delta_hosts);
4727 static DRIVER_ATTR_RW(add_host);
4729 static ssize_t vpd_use_hostno_show(struct device_driver *ddp, char *buf)
4731 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_vpd_use_hostno);
4733 static ssize_t vpd_use_hostno_store(struct device_driver *ddp, const char *buf,
4738 if ((count > 0) && (1 == sscanf(buf, "%d", &n)) && (n >= 0)) {
4739 sdebug_vpd_use_hostno = n;
4744 static DRIVER_ATTR_RW(vpd_use_hostno);
4746 static ssize_t statistics_show(struct device_driver *ddp, char *buf)
4748 return scnprintf(buf, PAGE_SIZE, "%d\n", (int)sdebug_statistics);
4750 static ssize_t statistics_store(struct device_driver *ddp, const char *buf,
4755 if ((count > 0) && (sscanf(buf, "%d", &n) == 1) && (n >= 0)) {
4757 sdebug_statistics = true;
4759 clear_queue_stats();
4760 sdebug_statistics = false;
4766 static DRIVER_ATTR_RW(statistics);
4768 static ssize_t sector_size_show(struct device_driver *ddp, char *buf)
4770 return scnprintf(buf, PAGE_SIZE, "%u\n", sdebug_sector_size);
4772 static DRIVER_ATTR_RO(sector_size);
4774 static ssize_t submit_queues_show(struct device_driver *ddp, char *buf)
4776 return scnprintf(buf, PAGE_SIZE, "%d\n", submit_queues);
4778 static DRIVER_ATTR_RO(submit_queues);
4780 static ssize_t dix_show(struct device_driver *ddp, char *buf)
4782 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_dix);
4784 static DRIVER_ATTR_RO(dix);
4786 static ssize_t dif_show(struct device_driver *ddp, char *buf)
4788 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_dif);
4790 static DRIVER_ATTR_RO(dif);
4792 static ssize_t guard_show(struct device_driver *ddp, char *buf)
4794 return scnprintf(buf, PAGE_SIZE, "%u\n", sdebug_guard);
4796 static DRIVER_ATTR_RO(guard);
4798 static ssize_t ato_show(struct device_driver *ddp, char *buf)
4800 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_ato);
4802 static DRIVER_ATTR_RO(ato);
4804 static ssize_t map_show(struct device_driver *ddp, char *buf)
4808 if (!scsi_debug_lbp())
4809 return scnprintf(buf, PAGE_SIZE, "0-%u\n",
4810 sdebug_store_sectors);
4812 count = scnprintf(buf, PAGE_SIZE - 1, "%*pbl",
4813 (int)map_size, map_storep);
4814 buf[count++] = '\n';
4819 static DRIVER_ATTR_RO(map);
4821 static ssize_t removable_show(struct device_driver *ddp, char *buf)
4823 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_removable ? 1 : 0);
4825 static ssize_t removable_store(struct device_driver *ddp, const char *buf,
4830 if ((count > 0) && (1 == sscanf(buf, "%d", &n)) && (n >= 0)) {
4831 sdebug_removable = (n > 0);
4836 static DRIVER_ATTR_RW(removable);
4838 static ssize_t host_lock_show(struct device_driver *ddp, char *buf)
4840 return scnprintf(buf, PAGE_SIZE, "%d\n", !!sdebug_host_lock);
4842 /* N.B. sdebug_host_lock does nothing, kept for backward compatibility */
4843 static ssize_t host_lock_store(struct device_driver *ddp, const char *buf,
4848 if ((count > 0) && (1 == sscanf(buf, "%d", &n)) && (n >= 0)) {
4849 sdebug_host_lock = (n > 0);
4854 static DRIVER_ATTR_RW(host_lock);
4856 static ssize_t strict_show(struct device_driver *ddp, char *buf)
4858 return scnprintf(buf, PAGE_SIZE, "%d\n", !!sdebug_strict);
4860 static ssize_t strict_store(struct device_driver *ddp, const char *buf,
4865 if ((count > 0) && (1 == sscanf(buf, "%d", &n)) && (n >= 0)) {
4866 sdebug_strict = (n > 0);
4871 static DRIVER_ATTR_RW(strict);
4873 static ssize_t uuid_ctl_show(struct device_driver *ddp, char *buf)
4875 return scnprintf(buf, PAGE_SIZE, "%d\n", !!sdebug_uuid_ctl);
4877 static DRIVER_ATTR_RO(uuid_ctl);
4880 /* Note: The following array creates attribute files in the
4881 /sys/bus/pseudo/drivers/scsi_debug directory. The advantage of these
4882 files (over those found in the /sys/module/scsi_debug/parameters
4883 directory) is that auxiliary actions can be triggered when an attribute
4884 is changed. For example see: sdebug_add_host_store() above.
4887 static struct attribute *sdebug_drv_attrs[] = {
4888 &driver_attr_delay.attr,
4889 &driver_attr_opts.attr,
4890 &driver_attr_ptype.attr,
4891 &driver_attr_dsense.attr,
4892 &driver_attr_fake_rw.attr,
4893 &driver_attr_no_lun_0.attr,
4894 &driver_attr_num_tgts.attr,
4895 &driver_attr_dev_size_mb.attr,
4896 &driver_attr_num_parts.attr,
4897 &driver_attr_every_nth.attr,
4898 &driver_attr_max_luns.attr,
4899 &driver_attr_max_queue.attr,
4900 &driver_attr_no_uld.attr,
4901 &driver_attr_scsi_level.attr,
4902 &driver_attr_virtual_gb.attr,
4903 &driver_attr_add_host.attr,
4904 &driver_attr_vpd_use_hostno.attr,
4905 &driver_attr_sector_size.attr,
4906 &driver_attr_statistics.attr,
4907 &driver_attr_submit_queues.attr,
4908 &driver_attr_dix.attr,
4909 &driver_attr_dif.attr,
4910 &driver_attr_guard.attr,
4911 &driver_attr_ato.attr,
4912 &driver_attr_map.attr,
4913 &driver_attr_removable.attr,
4914 &driver_attr_host_lock.attr,
4915 &driver_attr_ndelay.attr,
4916 &driver_attr_strict.attr,
4917 &driver_attr_uuid_ctl.attr,
4920 ATTRIBUTE_GROUPS(sdebug_drv);
4922 static struct device *pseudo_primary;
4924 static int __init scsi_debug_init(void)
4931 atomic_set(&retired_max_queue, 0);
4933 if (sdebug_ndelay >= 1000 * 1000 * 1000) {
4934 pr_warn("ndelay must be less than 1 second, ignored\n");
4936 } else if (sdebug_ndelay > 0)
4937 sdebug_jdelay = JDELAY_OVERRIDDEN;
4939 switch (sdebug_sector_size) {
4946 pr_err("invalid sector_size %d\n", sdebug_sector_size);
4950 switch (sdebug_dif) {
4951 case T10_PI_TYPE0_PROTECTION:
4953 case T10_PI_TYPE1_PROTECTION:
4954 case T10_PI_TYPE2_PROTECTION:
4955 case T10_PI_TYPE3_PROTECTION:
4956 have_dif_prot = true;
4960 pr_err("dif must be 0, 1, 2 or 3\n");
4964 if (sdebug_guard > 1) {
4965 pr_err("guard must be 0 or 1\n");
4969 if (sdebug_ato > 1) {
4970 pr_err("ato must be 0 or 1\n");
4974 if (sdebug_physblk_exp > 15) {
4975 pr_err("invalid physblk_exp %u\n", sdebug_physblk_exp);
4978 if (sdebug_max_luns > 256) {
4979 pr_warn("max_luns can be no more than 256, use default\n");
4980 sdebug_max_luns = DEF_MAX_LUNS;
4983 if (sdebug_lowest_aligned > 0x3fff) {
4984 pr_err("lowest_aligned too big: %u\n", sdebug_lowest_aligned);
4988 if (submit_queues < 1) {
4989 pr_err("submit_queues must be 1 or more\n");
4992 sdebug_q_arr = kcalloc(submit_queues, sizeof(struct sdebug_queue),
4994 if (sdebug_q_arr == NULL)
4996 for (k = 0; k < submit_queues; ++k)
4997 spin_lock_init(&sdebug_q_arr[k].qc_lock);
4999 if (sdebug_dev_size_mb < 1)
5000 sdebug_dev_size_mb = 1; /* force minimum 1 MB ramdisk */
5001 sz = (unsigned long)sdebug_dev_size_mb * 1048576;
5002 sdebug_store_sectors = sz / sdebug_sector_size;
5003 sdebug_capacity = get_sdebug_capacity();
5005 /* play around with geometry, don't waste too much on track 0 */
5007 sdebug_sectors_per = 32;
5008 if (sdebug_dev_size_mb >= 256)
5010 else if (sdebug_dev_size_mb >= 16)
5012 sdebug_cylinders_per = (unsigned long)sdebug_capacity /
5013 (sdebug_sectors_per * sdebug_heads);
5014 if (sdebug_cylinders_per >= 1024) {
5015 /* other LLDs do this; implies >= 1GB ram disk ... */
5017 sdebug_sectors_per = 63;
5018 sdebug_cylinders_per = (unsigned long)sdebug_capacity /
5019 (sdebug_sectors_per * sdebug_heads);
5022 if (sdebug_fake_rw == 0) {
5023 fake_storep = vmalloc(sz);
5024 if (NULL == fake_storep) {
5025 pr_err("out of memory, 1\n");
5029 memset(fake_storep, 0, sz);
5030 if (sdebug_num_parts > 0)
5031 sdebug_build_parts(fake_storep, sz);
5037 dif_size = sdebug_store_sectors * sizeof(struct t10_pi_tuple);
5038 dif_storep = vmalloc(dif_size);
5040 pr_err("dif_storep %u bytes @ %p\n", dif_size, dif_storep);
5042 if (dif_storep == NULL) {
5043 pr_err("out of mem. (DIX)\n");
5048 memset(dif_storep, 0xff, dif_size);
5051 /* Logical Block Provisioning */
5052 if (scsi_debug_lbp()) {
5053 sdebug_unmap_max_blocks =
5054 clamp(sdebug_unmap_max_blocks, 0U, 0xffffffffU);
5056 sdebug_unmap_max_desc =
5057 clamp(sdebug_unmap_max_desc, 0U, 256U);
5059 sdebug_unmap_granularity =
5060 clamp(sdebug_unmap_granularity, 1U, 0xffffffffU);
5062 if (sdebug_unmap_alignment &&
5063 sdebug_unmap_granularity <=
5064 sdebug_unmap_alignment) {
5065 pr_err("ERR: unmap_granularity <= unmap_alignment\n");
5070 map_size = lba_to_map_index(sdebug_store_sectors - 1) + 1;
5071 map_storep = vmalloc(BITS_TO_LONGS(map_size) * sizeof(long));
5073 pr_info("%lu provisioning blocks\n", map_size);
5075 if (map_storep == NULL) {
5076 pr_err("out of mem. (MAP)\n");
5081 bitmap_zero(map_storep, map_size);
5083 /* Map first 1KB for partition table */
5084 if (sdebug_num_parts)
5088 pseudo_primary = root_device_register("pseudo_0");
5089 if (IS_ERR(pseudo_primary)) {
5090 pr_warn("root_device_register() error\n");
5091 ret = PTR_ERR(pseudo_primary);
5094 ret = bus_register(&pseudo_lld_bus);
5096 pr_warn("bus_register error: %d\n", ret);
5099 ret = driver_register(&sdebug_driverfs_driver);
5101 pr_warn("driver_register error: %d\n", ret);
5105 host_to_add = sdebug_add_host;
5106 sdebug_add_host = 0;
5108 for (k = 0; k < host_to_add; k++) {
5109 if (sdebug_add_adapter()) {
5110 pr_err("sdebug_add_adapter failed k=%d\n", k);
5116 pr_info("built %d host(s)\n", sdebug_add_host);
5121 bus_unregister(&pseudo_lld_bus);
5123 root_device_unregister(pseudo_primary);
5129 kfree(sdebug_q_arr);
5133 static void __exit scsi_debug_exit(void)
5135 int k = sdebug_add_host;
5140 sdebug_remove_adapter();
5141 driver_unregister(&sdebug_driverfs_driver);
5142 bus_unregister(&pseudo_lld_bus);
5143 root_device_unregister(pseudo_primary);
5148 kfree(sdebug_q_arr);
5151 device_initcall(scsi_debug_init);
5152 module_exit(scsi_debug_exit);
5154 static void sdebug_release_adapter(struct device * dev)
5156 struct sdebug_host_info *sdbg_host;
5158 sdbg_host = to_sdebug_host(dev);
5162 static int sdebug_add_adapter(void)
5164 int k, devs_per_host;
5166 struct sdebug_host_info *sdbg_host;
5167 struct sdebug_dev_info *sdbg_devinfo, *tmp;
5169 sdbg_host = kzalloc(sizeof(*sdbg_host),GFP_KERNEL);
5170 if (NULL == sdbg_host) {
5171 pr_err("out of memory at line %d\n", __LINE__);
5175 INIT_LIST_HEAD(&sdbg_host->dev_info_list);
5177 devs_per_host = sdebug_num_tgts * sdebug_max_luns;
5178 for (k = 0; k < devs_per_host; k++) {
5179 sdbg_devinfo = sdebug_device_create(sdbg_host, GFP_KERNEL);
5180 if (!sdbg_devinfo) {
5181 pr_err("out of memory at line %d\n", __LINE__);
5187 spin_lock(&sdebug_host_list_lock);
5188 list_add_tail(&sdbg_host->host_list, &sdebug_host_list);
5189 spin_unlock(&sdebug_host_list_lock);
5191 sdbg_host->dev.bus = &pseudo_lld_bus;
5192 sdbg_host->dev.parent = pseudo_primary;
5193 sdbg_host->dev.release = &sdebug_release_adapter;
5194 dev_set_name(&sdbg_host->dev, "adapter%d", sdebug_add_host);
5196 error = device_register(&sdbg_host->dev);
5205 list_for_each_entry_safe(sdbg_devinfo, tmp, &sdbg_host->dev_info_list,
5207 list_del(&sdbg_devinfo->dev_list);
5208 kfree(sdbg_devinfo);
5215 static void sdebug_remove_adapter(void)
5217 struct sdebug_host_info * sdbg_host = NULL;
5219 spin_lock(&sdebug_host_list_lock);
5220 if (!list_empty(&sdebug_host_list)) {
5221 sdbg_host = list_entry(sdebug_host_list.prev,
5222 struct sdebug_host_info, host_list);
5223 list_del(&sdbg_host->host_list);
5225 spin_unlock(&sdebug_host_list_lock);
5230 device_unregister(&sdbg_host->dev);
5234 static int sdebug_change_qdepth(struct scsi_device *sdev, int qdepth)
5237 struct sdebug_dev_info *devip;
5239 block_unblock_all_queues(true);
5240 devip = (struct sdebug_dev_info *)sdev->hostdata;
5241 if (NULL == devip) {
5242 block_unblock_all_queues(false);
5245 num_in_q = atomic_read(&devip->num_in_q);
5249 /* allow to exceed max host qc_arr elements for testing */
5250 if (qdepth > SDEBUG_CANQUEUE + 10)
5251 qdepth = SDEBUG_CANQUEUE + 10;
5252 scsi_change_queue_depth(sdev, qdepth);
5254 if (SDEBUG_OPT_Q_NOISE & sdebug_opts) {
5255 sdev_printk(KERN_INFO, sdev, "%s: qdepth=%d, num_in_q=%d\n",
5256 __func__, qdepth, num_in_q);
5258 block_unblock_all_queues(false);
5259 return sdev->queue_depth;
5262 static bool fake_timeout(struct scsi_cmnd *scp)
5264 if (0 == (atomic_read(&sdebug_cmnd_count) % abs(sdebug_every_nth))) {
5265 if (sdebug_every_nth < -1)
5266 sdebug_every_nth = -1;
5267 if (SDEBUG_OPT_TIMEOUT & sdebug_opts)
5268 return true; /* ignore command causing timeout */
5269 else if (SDEBUG_OPT_MAC_TIMEOUT & sdebug_opts &&
5270 scsi_medium_access_command(scp))
5271 return true; /* time out reads and writes */
5276 static int scsi_debug_queuecommand(struct Scsi_Host *shost,
5277 struct scsi_cmnd *scp)
5280 struct scsi_device *sdp = scp->device;
5281 const struct opcode_info_t *oip;
5282 const struct opcode_info_t *r_oip;
5283 struct sdebug_dev_info *devip;
5284 u8 *cmd = scp->cmnd;
5285 int (*r_pfp)(struct scsi_cmnd *, struct sdebug_dev_info *);
5293 scsi_set_resid(scp, 0);
5294 if (sdebug_statistics)
5295 atomic_inc(&sdebug_cmnd_count);
5296 if (unlikely(sdebug_verbose &&
5297 !(SDEBUG_OPT_NO_CDB_NOISE & sdebug_opts))) {
5302 sb = (int)sizeof(b);
5304 strcpy(b, "too long, over 32 bytes");
5306 for (k = 0, n = 0; k < len && n < sb; ++k)
5307 n += scnprintf(b + n, sb - n, "%02x ",
5310 if (sdebug_mq_active)
5311 sdev_printk(KERN_INFO, sdp, "%s: tag=%u, cmd %s\n",
5312 my_name, blk_mq_unique_tag(scp->request),
5315 sdev_printk(KERN_INFO, sdp, "%s: cmd %s\n", my_name,
5318 has_wlun_rl = (sdp->lun == SCSI_W_LUN_REPORT_LUNS);
5319 if (unlikely((sdp->lun >= sdebug_max_luns) && !has_wlun_rl))
5322 sdeb_i = opcode_ind_arr[opcode]; /* fully mapped */
5323 oip = &opcode_info_arr[sdeb_i]; /* safe if table consistent */
5324 devip = (struct sdebug_dev_info *)sdp->hostdata;
5325 if (unlikely(!devip)) {
5326 devip = find_build_dev_info(sdp);
5330 na = oip->num_attached;
5332 if (na) { /* multiple commands with this opcode */
5334 if (FF_SA & r_oip->flags) {
5335 if (F_SA_LOW & oip->flags)
5338 sa = get_unaligned_be16(cmd + 8);
5339 for (k = 0; k <= na; oip = r_oip->arrp + k++) {
5340 if (opcode == oip->opcode && sa == oip->sa)
5343 } else { /* since no service action only check opcode */
5344 for (k = 0; k <= na; oip = r_oip->arrp + k++) {
5345 if (opcode == oip->opcode)
5350 if (F_SA_LOW & r_oip->flags)
5351 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 1, 4);
5352 else if (F_SA_HIGH & r_oip->flags)
5353 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 8, 7);
5355 mk_sense_invalid_opcode(scp);
5358 } /* else (when na==0) we assume the oip is a match */
5360 if (unlikely(F_INV_OP & flags)) {
5361 mk_sense_invalid_opcode(scp);
5364 if (unlikely(has_wlun_rl && !(F_RL_WLUN_OK & flags))) {
5366 sdev_printk(KERN_INFO, sdp, "%s: Opcode 0x%x not%s\n",
5367 my_name, opcode, " supported for wlun");
5368 mk_sense_invalid_opcode(scp);
5371 if (unlikely(sdebug_strict)) { /* check cdb against mask */
5375 for (k = 1; k < oip->len_mask[0] && k < 16; ++k) {
5376 rem = ~oip->len_mask[k] & cmd[k];
5378 for (j = 7; j >= 0; --j, rem <<= 1) {
5382 mk_sense_invalid_fld(scp, SDEB_IN_CDB, k, j);
5387 if (unlikely(!(F_SKIP_UA & flags) &&
5388 find_first_bit(devip->uas_bm,
5389 SDEBUG_NUM_UAS) != SDEBUG_NUM_UAS)) {
5390 errsts = make_ua(scp, devip);
5394 if (unlikely((F_M_ACCESS & flags) && atomic_read(&devip->stopped))) {
5395 mk_sense_buffer(scp, NOT_READY, LOGICAL_UNIT_NOT_READY, 0x2);
5397 sdev_printk(KERN_INFO, sdp, "%s reports: Not ready: "
5398 "%s\n", my_name, "initializing command "
5400 errsts = check_condition_result;
5403 if (sdebug_fake_rw && (F_FAKE_RW & flags))
5405 if (unlikely(sdebug_every_nth)) {
5406 if (fake_timeout(scp))
5407 return 0; /* ignore command: make trouble */
5409 if (likely(oip->pfp))
5410 errsts = oip->pfp(scp, devip); /* calls a resp_* function */
5411 else if (r_pfp) /* if leaf function ptr NULL, try the root's */
5412 errsts = r_pfp(scp, devip);
5415 return schedule_resp(scp, devip, errsts,
5416 ((F_DELAY_OVERR & flags) ? 0 : sdebug_jdelay));
5418 return schedule_resp(scp, devip, check_condition_result, 0);
5420 return schedule_resp(scp, NULL, DID_NO_CONNECT << 16, 0);
5423 static struct scsi_host_template sdebug_driver_template = {
5424 .show_info = scsi_debug_show_info,
5425 .write_info = scsi_debug_write_info,
5426 .proc_name = sdebug_proc_name,
5427 .name = "SCSI DEBUG",
5428 .info = scsi_debug_info,
5429 .slave_alloc = scsi_debug_slave_alloc,
5430 .slave_configure = scsi_debug_slave_configure,
5431 .slave_destroy = scsi_debug_slave_destroy,
5432 .ioctl = scsi_debug_ioctl,
5433 .queuecommand = scsi_debug_queuecommand,
5434 .change_queue_depth = sdebug_change_qdepth,
5435 .eh_abort_handler = scsi_debug_abort,
5436 .eh_device_reset_handler = scsi_debug_device_reset,
5437 .eh_target_reset_handler = scsi_debug_target_reset,
5438 .eh_bus_reset_handler = scsi_debug_bus_reset,
5439 .eh_host_reset_handler = scsi_debug_host_reset,
5440 .can_queue = SDEBUG_CANQUEUE,
5442 .sg_tablesize = SG_MAX_SEGMENTS,
5443 .cmd_per_lun = DEF_CMD_PER_LUN,
5445 .use_clustering = DISABLE_CLUSTERING,
5446 .module = THIS_MODULE,
5447 .track_queue_depth = 1,
5450 static int sdebug_driver_probe(struct device * dev)
5453 struct sdebug_host_info *sdbg_host;
5454 struct Scsi_Host *hpnt;
5457 sdbg_host = to_sdebug_host(dev);
5459 sdebug_driver_template.can_queue = sdebug_max_queue;
5460 if (sdebug_clustering)
5461 sdebug_driver_template.use_clustering = ENABLE_CLUSTERING;
5462 hpnt = scsi_host_alloc(&sdebug_driver_template, sizeof(sdbg_host));
5464 pr_err("scsi_host_alloc failed\n");
5468 if (submit_queues > nr_cpu_ids) {
5469 pr_warn("%s: trim submit_queues (was %d) to nr_cpu_ids=%d\n",
5470 my_name, submit_queues, nr_cpu_ids);
5471 submit_queues = nr_cpu_ids;
5473 /* Decide whether to tell scsi subsystem that we want mq */
5474 /* Following should give the same answer for each host */
5475 sdebug_mq_active = shost_use_blk_mq(hpnt) && (submit_queues > 1);
5476 if (sdebug_mq_active)
5477 hpnt->nr_hw_queues = submit_queues;
5479 sdbg_host->shost = hpnt;
5480 *((struct sdebug_host_info **)hpnt->hostdata) = sdbg_host;
5481 if ((hpnt->this_id >= 0) && (sdebug_num_tgts > hpnt->this_id))
5482 hpnt->max_id = sdebug_num_tgts + 1;
5484 hpnt->max_id = sdebug_num_tgts;
5485 /* = sdebug_max_luns; */
5486 hpnt->max_lun = SCSI_W_LUN_REPORT_LUNS + 1;
5490 switch (sdebug_dif) {
5492 case T10_PI_TYPE1_PROTECTION:
5493 hprot = SHOST_DIF_TYPE1_PROTECTION;
5495 hprot |= SHOST_DIX_TYPE1_PROTECTION;
5498 case T10_PI_TYPE2_PROTECTION:
5499 hprot = SHOST_DIF_TYPE2_PROTECTION;
5501 hprot |= SHOST_DIX_TYPE2_PROTECTION;
5504 case T10_PI_TYPE3_PROTECTION:
5505 hprot = SHOST_DIF_TYPE3_PROTECTION;
5507 hprot |= SHOST_DIX_TYPE3_PROTECTION;
5512 hprot |= SHOST_DIX_TYPE0_PROTECTION;
5516 scsi_host_set_prot(hpnt, hprot);
5518 if (have_dif_prot || sdebug_dix)
5519 pr_info("host protection%s%s%s%s%s%s%s\n",
5520 (hprot & SHOST_DIF_TYPE1_PROTECTION) ? " DIF1" : "",
5521 (hprot & SHOST_DIF_TYPE2_PROTECTION) ? " DIF2" : "",
5522 (hprot & SHOST_DIF_TYPE3_PROTECTION) ? " DIF3" : "",
5523 (hprot & SHOST_DIX_TYPE0_PROTECTION) ? " DIX0" : "",
5524 (hprot & SHOST_DIX_TYPE1_PROTECTION) ? " DIX1" : "",
5525 (hprot & SHOST_DIX_TYPE2_PROTECTION) ? " DIX2" : "",
5526 (hprot & SHOST_DIX_TYPE3_PROTECTION) ? " DIX3" : "");
5528 if (sdebug_guard == 1)
5529 scsi_host_set_guard(hpnt, SHOST_DIX_GUARD_IP);
5531 scsi_host_set_guard(hpnt, SHOST_DIX_GUARD_CRC);
5533 sdebug_verbose = !!(SDEBUG_OPT_NOISE & sdebug_opts);
5534 sdebug_any_injecting_opt = !!(SDEBUG_OPT_ALL_INJECTING & sdebug_opts);
5535 if (sdebug_every_nth) /* need stats counters for every_nth */
5536 sdebug_statistics = true;
5537 error = scsi_add_host(hpnt, &sdbg_host->dev);
5539 pr_err("scsi_add_host failed\n");
5541 scsi_host_put(hpnt);
5543 scsi_scan_host(hpnt);
5548 static int sdebug_driver_remove(struct device * dev)
5550 struct sdebug_host_info *sdbg_host;
5551 struct sdebug_dev_info *sdbg_devinfo, *tmp;
5553 sdbg_host = to_sdebug_host(dev);
5556 pr_err("Unable to locate host info\n");
5560 scsi_remove_host(sdbg_host->shost);
5562 list_for_each_entry_safe(sdbg_devinfo, tmp, &sdbg_host->dev_info_list,
5564 list_del(&sdbg_devinfo->dev_list);
5565 kfree(sdbg_devinfo);
5568 scsi_host_put(sdbg_host->shost);
5572 static int pseudo_lld_bus_match(struct device *dev,
5573 struct device_driver *dev_driver)
5578 static struct bus_type pseudo_lld_bus = {
5580 .match = pseudo_lld_bus_match,
5581 .probe = sdebug_driver_probe,
5582 .remove = sdebug_driver_remove,
5583 .drv_groups = sdebug_drv_groups,
git.samba.org / sfrench / cifs-2.6.git / blob