]> git.proxmox.com Git - mirror_ubuntu-jammy-kernel.git/blob - drivers/scsi/scsi_debug.c
projects / mirror_ubuntu-jammy-kernel.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Merge tag 'seccomp-v5.7-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/kees...
[mirror_ubuntu-jammy-kernel.git] / drivers / scsi / scsi_debug.c
1 // SPDX-License-Identifier: GPL-2.0-or-later
2 /*
3 * vvvvvvvvvvvvvvvvvvvvvvv Original vvvvvvvvvvvvvvvvvvvvvvvvvvvvvvv
4 * Copyright (C) 1992 Eric Youngdale
5 * Simulate a host adapter with 2 disks attached. Do a lot of checking
6 * to make sure that we are not getting blocks mixed up, and PANIC if
7 * anything out of the ordinary is seen.
8 * ^^^^^^^^^^^^^^^^^^^^^^^ Original ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
9 *
10 * Copyright (C) 2001 - 2018 Douglas Gilbert
11 *
12 * For documentation see http://sg.danny.cz/sg/sdebug26.html
13 */
14
15
16 #define pr_fmt(fmt) KBUILD_MODNAME ":%s: " fmt, __func__
17
18 #include <linux/module.h>
19
20 #include <linux/kernel.h>
21 #include <linux/errno.h>
22 #include <linux/jiffies.h>
23 #include <linux/slab.h>
24 #include <linux/types.h>
25 #include <linux/string.h>
26 #include <linux/genhd.h>
27 #include <linux/fs.h>
28 #include <linux/init.h>
29 #include <linux/proc_fs.h>
30 #include <linux/vmalloc.h>
31 #include <linux/moduleparam.h>
32 #include <linux/scatterlist.h>
33 #include <linux/blkdev.h>
34 #include <linux/crc-t10dif.h>
35 #include <linux/spinlock.h>
36 #include <linux/interrupt.h>
37 #include <linux/atomic.h>
38 #include <linux/hrtimer.h>
39 #include <linux/uuid.h>
40 #include <linux/t10-pi.h>
41 #include <linux/msdos_partition.h>
42
43 #include <net/checksum.h>
44
45 #include <asm/unaligned.h>
46
47 #include <scsi/scsi.h>
48 #include <scsi/scsi_cmnd.h>
49 #include <scsi/scsi_device.h>
50 #include <scsi/scsi_host.h>
51 #include <scsi/scsicam.h>
52 #include <scsi/scsi_eh.h>
53 #include <scsi/scsi_tcq.h>
54 #include <scsi/scsi_dbg.h>
55
56 #include "sd.h"
57 #include "scsi_logging.h"
58
59 /* make sure inq_product_rev string corresponds to this version */
60 #define SDEBUG_VERSION "0188" /* format to fit INQUIRY revision field */
61 static const char *sdebug_version_date = "20190125";
62
63 #define MY_NAME "scsi_debug"
64
65 /* Additional Sense Code (ASC) */
66 #define NO_ADDITIONAL_SENSE 0x0
67 #define LOGICAL_UNIT_NOT_READY 0x4
68 #define LOGICAL_UNIT_COMMUNICATION_FAILURE 0x8
69 #define UNRECOVERED_READ_ERR 0x11
70 #define PARAMETER_LIST_LENGTH_ERR 0x1a
71 #define INVALID_OPCODE 0x20
72 #define LBA_OUT_OF_RANGE 0x21
73 #define INVALID_FIELD_IN_CDB 0x24
74 #define INVALID_FIELD_IN_PARAM_LIST 0x26
75 #define WRITE_PROTECTED 0x27
76 #define UA_RESET_ASC 0x29
77 #define UA_CHANGED_ASC 0x2a
78 #define TARGET_CHANGED_ASC 0x3f
79 #define LUNS_CHANGED_ASCQ 0x0e
80 #define INSUFF_RES_ASC 0x55
81 #define INSUFF_RES_ASCQ 0x3
82 #define POWER_ON_RESET_ASCQ 0x0
83 #define BUS_RESET_ASCQ 0x2 /* scsi bus reset occurred */
84 #define MODE_CHANGED_ASCQ 0x1 /* mode parameters changed */
85 #define CAPACITY_CHANGED_ASCQ 0x9
86 #define SAVING_PARAMS_UNSUP 0x39
87 #define TRANSPORT_PROBLEM 0x4b
88 #define THRESHOLD_EXCEEDED 0x5d
89 #define LOW_POWER_COND_ON 0x5e
90 #define MISCOMPARE_VERIFY_ASC 0x1d
91 #define MICROCODE_CHANGED_ASCQ 0x1 /* with TARGET_CHANGED_ASC */
92 #define MICROCODE_CHANGED_WO_RESET_ASCQ 0x16
93 #define WRITE_ERROR_ASC 0xc
94
95 /* Additional Sense Code Qualifier (ASCQ) */
96 #define ACK_NAK_TO 0x3
97
98 /* Default values for driver parameters */
99 #define DEF_NUM_HOST 1
100 #define DEF_NUM_TGTS 1
101 #define DEF_MAX_LUNS 1
102 /* With these defaults, this driver will make 1 host with 1 target
103 * (id 0) containing 1 logical unit (lun 0). That is 1 device.
104 */
105 #define DEF_ATO 1
106 #define DEF_CDB_LEN 10
107 #define DEF_JDELAY 1 /* if > 0 unit is a jiffy */
108 #define DEF_DEV_SIZE_MB 8
109 #define DEF_DIF 0
110 #define DEF_DIX 0
111 #define DEF_D_SENSE 0
112 #define DEF_EVERY_NTH 0
113 #define DEF_FAKE_RW 0
114 #define DEF_GUARD 0
115 #define DEF_HOST_LOCK 0
116 #define DEF_LBPU 0
117 #define DEF_LBPWS 0
118 #define DEF_LBPWS10 0
119 #define DEF_LBPRZ 1
120 #define DEF_LOWEST_ALIGNED 0
121 #define DEF_NDELAY 0 /* if > 0 unit is a nanosecond */
122 #define DEF_NO_LUN_0 0
123 #define DEF_NUM_PARTS 0
124 #define DEF_OPTS 0
125 #define DEF_OPT_BLKS 1024
126 #define DEF_PHYSBLK_EXP 0
127 #define DEF_OPT_XFERLEN_EXP 0
128 #define DEF_PTYPE TYPE_DISK
129 #define DEF_REMOVABLE false
130 #define DEF_SCSI_LEVEL 7 /* INQUIRY, byte2 [6->SPC-4; 7->SPC-5] */
131 #define DEF_SECTOR_SIZE 512
132 #define DEF_UNMAP_ALIGNMENT 0
133 #define DEF_UNMAP_GRANULARITY 1
134 #define DEF_UNMAP_MAX_BLOCKS 0xFFFFFFFF
135 #define DEF_UNMAP_MAX_DESC 256
136 #define DEF_VIRTUAL_GB 0
137 #define DEF_VPD_USE_HOSTNO 1
138 #define DEF_WRITESAME_LENGTH 0xFFFF
139 #define DEF_STRICT 0
140 #define DEF_STATISTICS false
141 #define DEF_SUBMIT_QUEUES 1
142 #define DEF_UUID_CTL 0
143 #define JDELAY_OVERRIDDEN -9999
144
145 #define SDEBUG_LUN_0_VAL 0
146
147 /* bit mask values for sdebug_opts */
148 #define SDEBUG_OPT_NOISE 1
149 #define SDEBUG_OPT_MEDIUM_ERR 2
150 #define SDEBUG_OPT_TIMEOUT 4
151 #define SDEBUG_OPT_RECOVERED_ERR 8
152 #define SDEBUG_OPT_TRANSPORT_ERR 16
153 #define SDEBUG_OPT_DIF_ERR 32
154 #define SDEBUG_OPT_DIX_ERR 64
155 #define SDEBUG_OPT_MAC_TIMEOUT 128
156 #define SDEBUG_OPT_SHORT_TRANSFER 0x100
157 #define SDEBUG_OPT_Q_NOISE 0x200
158 #define SDEBUG_OPT_ALL_TSF 0x400
159 #define SDEBUG_OPT_RARE_TSF 0x800
160 #define SDEBUG_OPT_N_WCE 0x1000
161 #define SDEBUG_OPT_RESET_NOISE 0x2000
162 #define SDEBUG_OPT_NO_CDB_NOISE 0x4000
163 #define SDEBUG_OPT_HOST_BUSY 0x8000
164 #define SDEBUG_OPT_CMD_ABORT 0x10000
165 #define SDEBUG_OPT_ALL_NOISE (SDEBUG_OPT_NOISE | SDEBUG_OPT_Q_NOISE | \
166 SDEBUG_OPT_RESET_NOISE)
167 #define SDEBUG_OPT_ALL_INJECTING (SDEBUG_OPT_RECOVERED_ERR | \
168 SDEBUG_OPT_TRANSPORT_ERR | \
169 SDEBUG_OPT_DIF_ERR | SDEBUG_OPT_DIX_ERR | \
170 SDEBUG_OPT_SHORT_TRANSFER | \
171 SDEBUG_OPT_HOST_BUSY | \
172 SDEBUG_OPT_CMD_ABORT)
173 /* When "every_nth" > 0 then modulo "every_nth" commands:
174 * - a missing response is simulated if SDEBUG_OPT_TIMEOUT is set
175 * - a RECOVERED_ERROR is simulated on successful read and write
176 * commands if SDEBUG_OPT_RECOVERED_ERR is set.
177 * - a TRANSPORT_ERROR is simulated on successful read and write
178 * commands if SDEBUG_OPT_TRANSPORT_ERR is set.
179 * - similarly for DIF_ERR, DIX_ERR, SHORT_TRANSFER, HOST_BUSY and
180 * CMD_ABORT
181 *
182 * When "every_nth" < 0 then after "- every_nth" commands the selected
183 * error will be injected. The error will be injected on every subsequent
184 * command until some other action occurs; for example, the user writing
185 * a new value (other than -1 or 1) to every_nth:
186 * echo 0 > /sys/bus/pseudo/drivers/scsi_debug/every_nth
187 */
188
189 /* As indicated in SAM-5 and SPC-4 Unit Attentions (UAs) are returned in
190 * priority order. In the subset implemented here lower numbers have higher
191 * priority. The UA numbers should be a sequence starting from 0 with
192 * SDEBUG_NUM_UAS being 1 higher than the highest numbered UA. */
193 #define SDEBUG_UA_POR 0 /* Power on, reset, or bus device reset */
194 #define SDEBUG_UA_BUS_RESET 1
195 #define SDEBUG_UA_MODE_CHANGED 2
196 #define SDEBUG_UA_CAPACITY_CHANGED 3
197 #define SDEBUG_UA_LUNS_CHANGED 4
198 #define SDEBUG_UA_MICROCODE_CHANGED 5 /* simulate firmware change */
199 #define SDEBUG_UA_MICROCODE_CHANGED_WO_RESET 6
200 #define SDEBUG_NUM_UAS 7
201
202 /* when 1==SDEBUG_OPT_MEDIUM_ERR, a medium error is simulated at this
203 * sector on read commands: */
204 #define OPT_MEDIUM_ERR_ADDR 0x1234 /* that's sector 4660 in decimal */
205 #define OPT_MEDIUM_ERR_NUM 10 /* number of consecutive medium errs */
206
207 /* If REPORT LUNS has luns >= 256 it can choose "flat space" (value 1)
208 * or "peripheral device" addressing (value 0) */
209 #define SAM2_LUN_ADDRESS_METHOD 0
210
211 /* SDEBUG_CANQUEUE is the maximum number of commands that can be queued
212 * (for response) per submit queue at one time. Can be reduced by max_queue
213 * option. Command responses are not queued when jdelay=0 and ndelay=0. The
214 * per-device DEF_CMD_PER_LUN can be changed via sysfs:
215 * /sys/class/scsi_device/<h:c:t:l>/device/queue_depth
216 * but cannot exceed SDEBUG_CANQUEUE .
217 */
218 #define SDEBUG_CANQUEUE_WORDS 3 /* a WORD is bits in a long */
219 #define SDEBUG_CANQUEUE (SDEBUG_CANQUEUE_WORDS * BITS_PER_LONG)
220 #define DEF_CMD_PER_LUN 255
221
222 #define F_D_IN 1
223 #define F_D_OUT 2
224 #define F_D_OUT_MAYBE 4 /* WRITE SAME, NDOB bit */
225 #define F_D_UNKN 8
226 #define F_RL_WLUN_OK 0x10
227 #define F_SKIP_UA 0x20
228 #define F_DELAY_OVERR 0x40
229 #define F_SA_LOW 0x80 /* cdb byte 1, bits 4 to 0 */
230 #define F_SA_HIGH 0x100 /* as used by variable length cdbs */
231 #define F_INV_OP 0x200
232 #define F_FAKE_RW 0x400
233 #define F_M_ACCESS 0x800 /* media access */
234 #define F_SSU_DELAY 0x1000
235 #define F_SYNC_DELAY 0x2000
236
237 #define FF_RESPOND (F_RL_WLUN_OK | F_SKIP_UA | F_DELAY_OVERR)
238 #define FF_MEDIA_IO (F_M_ACCESS | F_FAKE_RW)
239 #define FF_SA (F_SA_HIGH | F_SA_LOW)
240 #define F_LONG_DELAY (F_SSU_DELAY | F_SYNC_DELAY)
241
242 #define SDEBUG_MAX_PARTS 4
243
244 #define SDEBUG_MAX_CMD_LEN 32
245
246
247 struct sdebug_dev_info {
248 struct list_head dev_list;
249 unsigned int channel;
250 unsigned int target;
251 u64 lun;
252 uuid_t lu_name;
253 struct sdebug_host_info *sdbg_host;
254 unsigned long uas_bm[1];
255 atomic_t num_in_q;
256 atomic_t stopped;
257 bool used;
258 };
259
260 struct sdebug_host_info {
261 struct list_head host_list;
262 struct Scsi_Host *shost;
263 struct device dev;
264 struct list_head dev_info_list;
265 };
266
267 #define to_sdebug_host(d) \
268 container_of(d, struct sdebug_host_info, dev)
269
270 enum sdeb_defer_type {SDEB_DEFER_NONE = 0, SDEB_DEFER_HRT = 1,
271 SDEB_DEFER_WQ = 2};
272
273 struct sdebug_defer {
274 struct hrtimer hrt;
275 struct execute_work ew;
276 int sqa_idx; /* index of sdebug_queue array */
277 int qc_idx; /* index of sdebug_queued_cmd array within sqa_idx */
278 int issuing_cpu;
279 bool init_hrt;
280 bool init_wq;
281 bool aborted; /* true when blk_abort_request() already called */
282 enum sdeb_defer_type defer_t;
283 };
284
285 struct sdebug_queued_cmd {
286 /* corresponding bit set in in_use_bm[] in owning struct sdebug_queue
287 * instance indicates this slot is in use.
288 */
289 struct sdebug_defer *sd_dp;
290 struct scsi_cmnd *a_cmnd;
291 unsigned int inj_recovered:1;
292 unsigned int inj_transport:1;
293 unsigned int inj_dif:1;
294 unsigned int inj_dix:1;
295 unsigned int inj_short:1;
296 unsigned int inj_host_busy:1;
297 unsigned int inj_cmd_abort:1;
298 };
299
300 struct sdebug_queue {
301 struct sdebug_queued_cmd qc_arr[SDEBUG_CANQUEUE];
302 unsigned long in_use_bm[SDEBUG_CANQUEUE_WORDS];
303 spinlock_t qc_lock;
304 atomic_t blocked; /* to temporarily stop more being queued */
305 };
306
307 static atomic_t sdebug_cmnd_count; /* number of incoming commands */
308 static atomic_t sdebug_completions; /* count of deferred completions */
309 static atomic_t sdebug_miss_cpus; /* submission + completion cpus differ */
310 static atomic_t sdebug_a_tsf; /* 'almost task set full' counter */
311
312 struct opcode_info_t {
313 u8 num_attached; /* 0 if this is it (i.e. a leaf); use 0xff */
314 /* for terminating element */
315 u8 opcode; /* if num_attached > 0, preferred */
316 u16 sa; /* service action */
317 u32 flags; /* OR-ed set of SDEB_F_* */
318 int (*pfp)(struct scsi_cmnd *, struct sdebug_dev_info *);
319 const struct opcode_info_t *arrp; /* num_attached elements or NULL */
320 u8 len_mask[16]; /* len_mask[0]-->cdb_len, then mask for cdb */
321 /* 1 to min(cdb_len, 15); ignore cdb[15...] */
322 };
323
324 /* SCSI opcodes (first byte of cdb) of interest mapped onto these indexes */
325 enum sdeb_opcode_index {
326 SDEB_I_INVALID_OPCODE = 0,
327 SDEB_I_INQUIRY = 1,
328 SDEB_I_REPORT_LUNS = 2,
329 SDEB_I_REQUEST_SENSE = 3,
330 SDEB_I_TEST_UNIT_READY = 4,
331 SDEB_I_MODE_SENSE = 5, /* 6, 10 */
332 SDEB_I_MODE_SELECT = 6, /* 6, 10 */
333 SDEB_I_LOG_SENSE = 7,
334 SDEB_I_READ_CAPACITY = 8, /* 10; 16 is in SA_IN(16) */
335 SDEB_I_READ = 9, /* 6, 10, 12, 16 */
336 SDEB_I_WRITE = 10, /* 6, 10, 12, 16 */
337 SDEB_I_START_STOP = 11,
338 SDEB_I_SERV_ACT_IN_16 = 12, /* add ...SERV_ACT_IN_12 if needed */
339 SDEB_I_SERV_ACT_OUT_16 = 13, /* add ...SERV_ACT_OUT_12 if needed */
340 SDEB_I_MAINT_IN = 14,
341 SDEB_I_MAINT_OUT = 15,
342 SDEB_I_VERIFY = 16, /* 10 only */
343 SDEB_I_VARIABLE_LEN = 17, /* READ(32), WRITE(32), WR_SCAT(32) */
344 SDEB_I_RESERVE = 18, /* 6, 10 */
345 SDEB_I_RELEASE = 19, /* 6, 10 */
346 SDEB_I_ALLOW_REMOVAL = 20, /* PREVENT ALLOW MEDIUM REMOVAL */
347 SDEB_I_REZERO_UNIT = 21, /* REWIND in SSC */
348 SDEB_I_ATA_PT = 22, /* 12, 16 */
349 SDEB_I_SEND_DIAG = 23,
350 SDEB_I_UNMAP = 24,
351 SDEB_I_WRITE_BUFFER = 25,
352 SDEB_I_WRITE_SAME = 26, /* 10, 16 */
353 SDEB_I_SYNC_CACHE = 27, /* 10, 16 */
354 SDEB_I_COMP_WRITE = 28,
355 SDEB_I_LAST_ELEMENT = 29, /* keep this last (previous + 1) */
356 };
357
358
359 static const unsigned char opcode_ind_arr[256] = {
360 /* 0x0; 0x0->0x1f: 6 byte cdbs */
361 SDEB_I_TEST_UNIT_READY, SDEB_I_REZERO_UNIT, 0, SDEB_I_REQUEST_SENSE,
362 0, 0, 0, 0,
363 SDEB_I_READ, 0, SDEB_I_WRITE, 0, 0, 0, 0, 0,
364 0, 0, SDEB_I_INQUIRY, 0, 0, SDEB_I_MODE_SELECT, SDEB_I_RESERVE,
365 SDEB_I_RELEASE,
366 0, 0, SDEB_I_MODE_SENSE, SDEB_I_START_STOP, 0, SDEB_I_SEND_DIAG,
367 SDEB_I_ALLOW_REMOVAL, 0,
368 /* 0x20; 0x20->0x3f: 10 byte cdbs */
369 0, 0, 0, 0, 0, SDEB_I_READ_CAPACITY, 0, 0,
370 SDEB_I_READ, 0, SDEB_I_WRITE, 0, 0, 0, 0, SDEB_I_VERIFY,
371 0, 0, 0, 0, 0, SDEB_I_SYNC_CACHE, 0, 0,
372 0, 0, 0, SDEB_I_WRITE_BUFFER, 0, 0, 0, 0,
373 /* 0x40; 0x40->0x5f: 10 byte cdbs */
374 0, SDEB_I_WRITE_SAME, SDEB_I_UNMAP, 0, 0, 0, 0, 0,
375 0, 0, 0, 0, 0, SDEB_I_LOG_SENSE, 0, 0,
376 0, 0, 0, 0, 0, SDEB_I_MODE_SELECT, SDEB_I_RESERVE,
377 SDEB_I_RELEASE,
378 0, 0, SDEB_I_MODE_SENSE, 0, 0, 0, 0, 0,
379 /* 0x60; 0x60->0x7d are reserved, 0x7e is "extended cdb" */
380 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
381 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
382 0, SDEB_I_VARIABLE_LEN,
383 /* 0x80; 0x80->0x9f: 16 byte cdbs */
384 0, 0, 0, 0, 0, SDEB_I_ATA_PT, 0, 0,
385 SDEB_I_READ, SDEB_I_COMP_WRITE, SDEB_I_WRITE, 0, 0, 0, 0, 0,
386 0, SDEB_I_SYNC_CACHE, 0, SDEB_I_WRITE_SAME, 0, 0, 0, 0,
387 0, 0, 0, 0, 0, 0, SDEB_I_SERV_ACT_IN_16, SDEB_I_SERV_ACT_OUT_16,
388 /* 0xa0; 0xa0->0xbf: 12 byte cdbs */
389 SDEB_I_REPORT_LUNS, SDEB_I_ATA_PT, 0, SDEB_I_MAINT_IN,
390 SDEB_I_MAINT_OUT, 0, 0, 0,
391 SDEB_I_READ, 0 /* SDEB_I_SERV_ACT_OUT_12 */, SDEB_I_WRITE,
392 0 /* SDEB_I_SERV_ACT_IN_12 */, 0, 0, 0, 0,
393 0, 0, 0, 0, 0, 0, 0, 0,
394 0, 0, 0, 0, 0, 0, 0, 0,
395 /* 0xc0; 0xc0->0xff: vendor specific */
396 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
397 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
398 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
399 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
400 };
401
402 /*
403 * The following "response" functions return the SCSI mid-level's 4 byte
404 * tuple-in-an-int. To handle commands with an IMMED bit, for a faster
405 * command completion, they can mask their return value with
406 * SDEG_RES_IMMED_MASK .
407 */
408 #define SDEG_RES_IMMED_MASK 0x40000000
409
410 static int resp_inquiry(struct scsi_cmnd *, struct sdebug_dev_info *);
411 static int resp_report_luns(struct scsi_cmnd *, struct sdebug_dev_info *);
412 static int resp_requests(struct scsi_cmnd *, struct sdebug_dev_info *);
413 static int resp_mode_sense(struct scsi_cmnd *, struct sdebug_dev_info *);
414 static int resp_mode_select(struct scsi_cmnd *, struct sdebug_dev_info *);
415 static int resp_log_sense(struct scsi_cmnd *, struct sdebug_dev_info *);
416 static int resp_readcap(struct scsi_cmnd *, struct sdebug_dev_info *);
417 static int resp_read_dt0(struct scsi_cmnd *, struct sdebug_dev_info *);
418 static int resp_write_dt0(struct scsi_cmnd *, struct sdebug_dev_info *);
419 static int resp_write_scat(struct scsi_cmnd *, struct sdebug_dev_info *);
420 static int resp_start_stop(struct scsi_cmnd *, struct sdebug_dev_info *);
421 static int resp_readcap16(struct scsi_cmnd *, struct sdebug_dev_info *);
422 static int resp_get_lba_status(struct scsi_cmnd *, struct sdebug_dev_info *);
423 static int resp_report_tgtpgs(struct scsi_cmnd *, struct sdebug_dev_info *);
424 static int resp_unmap(struct scsi_cmnd *, struct sdebug_dev_info *);
425 static int resp_rsup_opcodes(struct scsi_cmnd *, struct sdebug_dev_info *);
426 static int resp_rsup_tmfs(struct scsi_cmnd *, struct sdebug_dev_info *);
427 static int resp_write_same_10(struct scsi_cmnd *, struct sdebug_dev_info *);
428 static int resp_write_same_16(struct scsi_cmnd *, struct sdebug_dev_info *);
429 static int resp_comp_write(struct scsi_cmnd *, struct sdebug_dev_info *);
430 static int resp_write_buffer(struct scsi_cmnd *, struct sdebug_dev_info *);
431 static int resp_sync_cache(struct scsi_cmnd *, struct sdebug_dev_info *);
432
433 /*
434 * The following are overflow arrays for cdbs that "hit" the same index in
435 * the opcode_info_arr array. The most time sensitive (or commonly used) cdb
436 * should be placed in opcode_info_arr[], the others should be placed here.
437 */
438 static const struct opcode_info_t msense_iarr[] = {
439 {0, 0x1a, 0, F_D_IN, NULL, NULL,
440 {6, 0xe8, 0xff, 0xff, 0xff, 0xc7, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} },
441 };
442
443 static const struct opcode_info_t mselect_iarr[] = {
444 {0, 0x15, 0, F_D_OUT, NULL, NULL,
445 {6, 0xf1, 0, 0, 0xff, 0xc7, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} },
446 };
447
448 static const struct opcode_info_t read_iarr[] = {
449 {0, 0x28, 0, F_D_IN | FF_MEDIA_IO, resp_read_dt0, NULL,/* READ(10) */
450 {10, 0xff, 0xff, 0xff, 0xff, 0xff, 0x3f, 0xff, 0xff, 0xc7, 0, 0,
451 0, 0, 0, 0} },
452 {0, 0x8, 0, F_D_IN | FF_MEDIA_IO, resp_read_dt0, NULL, /* READ(6) */
453 {6, 0xff, 0xff, 0xff, 0xff, 0xc7, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} },
454 {0, 0xa8, 0, F_D_IN | FF_MEDIA_IO, resp_read_dt0, NULL,/* READ(12) */
455 {12, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xbf,
456 0xc7, 0, 0, 0, 0} },
457 };
458
459 static const struct opcode_info_t write_iarr[] = {
460 {0, 0x2a, 0, F_D_OUT | FF_MEDIA_IO, resp_write_dt0, /* WRITE(10) */
461 NULL, {10, 0xfb, 0xff, 0xff, 0xff, 0xff, 0x3f, 0xff, 0xff, 0xc7,
462 0, 0, 0, 0, 0, 0} },
463 {0, 0xa, 0, F_D_OUT | FF_MEDIA_IO, resp_write_dt0, /* WRITE(6) */
464 NULL, {6, 0xff, 0xff, 0xff, 0xff, 0xc7, 0, 0, 0, 0, 0, 0, 0,
465 0, 0, 0} },
466 {0, 0xaa, 0, F_D_OUT | FF_MEDIA_IO, resp_write_dt0, /* WRITE(12) */
467 NULL, {12, 0xfb, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
468 0xbf, 0xc7, 0, 0, 0, 0} },
469 };
470
471 static const struct opcode_info_t sa_in_16_iarr[] = {
472 {0, 0x9e, 0x12, F_SA_LOW | F_D_IN, resp_get_lba_status, NULL,
473 {16, 0x12, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
474 0xff, 0xff, 0xff, 0, 0xc7} }, /* GET LBA STATUS(16) */
475 };
476
477 static const struct opcode_info_t vl_iarr[] = { /* VARIABLE LENGTH */
478 {0, 0x7f, 0xb, F_SA_HIGH | F_D_OUT | FF_MEDIA_IO, resp_write_dt0,
479 NULL, {32, 0xc7, 0, 0, 0, 0, 0x3f, 0x18, 0x0, 0xb, 0xfa,
480 0, 0xff, 0xff, 0xff, 0xff} }, /* WRITE(32) */
481 {0, 0x7f, 0x11, F_SA_HIGH | F_D_OUT | FF_MEDIA_IO, resp_write_scat,
482 NULL, {32, 0xc7, 0, 0, 0, 0, 0x3f, 0x18, 0x0, 0x11, 0xf8,
483 0, 0xff, 0xff, 0x0, 0x0} }, /* WRITE SCATTERED(32) */
484 };
485
486 static const struct opcode_info_t maint_in_iarr[] = { /* MAINT IN */
487 {0, 0xa3, 0xc, F_SA_LOW | F_D_IN, resp_rsup_opcodes, NULL,
488 {12, 0xc, 0x87, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0,
489 0xc7, 0, 0, 0, 0} }, /* REPORT SUPPORTED OPERATION CODES */
490 {0, 0xa3, 0xd, F_SA_LOW | F_D_IN, resp_rsup_tmfs, NULL,
491 {12, 0xd, 0x80, 0, 0, 0, 0xff, 0xff, 0xff, 0xff, 0, 0xc7, 0, 0,
492 0, 0} }, /* REPORTED SUPPORTED TASK MANAGEMENT FUNCTIONS */
493 };
494
495 static const struct opcode_info_t write_same_iarr[] = {
496 {0, 0x93, 0, F_D_OUT_MAYBE | FF_MEDIA_IO, resp_write_same_16, NULL,
497 {16, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
498 0xff, 0xff, 0xff, 0x3f, 0xc7} }, /* WRITE SAME(16) */
499 };
500
501 static const struct opcode_info_t reserve_iarr[] = {
502 {0, 0x16, 0, F_D_OUT, NULL, NULL, /* RESERVE(6) */
503 {6, 0x1f, 0xff, 0xff, 0xff, 0xc7, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} },
504 };
505
506 static const struct opcode_info_t release_iarr[] = {
507 {0, 0x17, 0, F_D_OUT, NULL, NULL, /* RELEASE(6) */
508 {6, 0x1f, 0xff, 0, 0, 0xc7, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} },
509 };
510
511 static const struct opcode_info_t sync_cache_iarr[] = {
512 {0, 0x91, 0, F_SYNC_DELAY | F_M_ACCESS, resp_sync_cache, NULL,
513 {16, 0x6, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
514 0xff, 0xff, 0xff, 0xff, 0x3f, 0xc7} }, /* SYNC_CACHE (16) */
515 };
516
517
518 /* This array is accessed via SDEB_I_* values. Make sure all are mapped,
519 * plus the terminating elements for logic that scans this table such as
520 * REPORT SUPPORTED OPERATION CODES. */
521 static const struct opcode_info_t opcode_info_arr[SDEB_I_LAST_ELEMENT + 1] = {
522 /* 0 */
523 {0, 0, 0, F_INV_OP | FF_RESPOND, NULL, NULL, /* unknown opcodes */
524 {0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} },
525 {0, 0x12, 0, FF_RESPOND | F_D_IN, resp_inquiry, NULL, /* INQUIRY */
526 {6, 0xe3, 0xff, 0xff, 0xff, 0xc7, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} },
527 {0, 0xa0, 0, FF_RESPOND | F_D_IN, resp_report_luns, NULL,
528 {12, 0xe3, 0xff, 0, 0, 0, 0xff, 0xff, 0xff, 0xff, 0, 0xc7, 0, 0,
529 0, 0} }, /* REPORT LUNS */
530 {0, 0x3, 0, FF_RESPOND | F_D_IN, resp_requests, NULL,
531 {6, 0xe1, 0, 0, 0xff, 0xc7, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} },
532 {0, 0x0, 0, F_M_ACCESS | F_RL_WLUN_OK, NULL, NULL,/* TEST UNIT READY */
533 {6, 0, 0, 0, 0, 0xc7, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} },
534 /* 5 */
535 {ARRAY_SIZE(msense_iarr), 0x5a, 0, F_D_IN, /* MODE SENSE(10) */
536 resp_mode_sense, msense_iarr, {10, 0xf8, 0xff, 0xff, 0, 0, 0,
537 0xff, 0xff, 0xc7, 0, 0, 0, 0, 0, 0} },
538 {ARRAY_SIZE(mselect_iarr), 0x55, 0, F_D_OUT, /* MODE SELECT(10) */
539 resp_mode_select, mselect_iarr, {10, 0xf1, 0, 0, 0, 0, 0, 0xff,
540 0xff, 0xc7, 0, 0, 0, 0, 0, 0} },
541 {0, 0x4d, 0, F_D_IN, resp_log_sense, NULL, /* LOG SENSE */
542 {10, 0xe3, 0xff, 0xff, 0, 0xff, 0xff, 0xff, 0xff, 0xc7, 0, 0, 0,
543 0, 0, 0} },
544 {0, 0x25, 0, F_D_IN, resp_readcap, NULL, /* READ CAPACITY(10) */
545 {10, 0xe1, 0xff, 0xff, 0xff, 0xff, 0, 0, 0x1, 0xc7, 0, 0, 0, 0,
546 0, 0} },
547 {ARRAY_SIZE(read_iarr), 0x88, 0, F_D_IN | FF_MEDIA_IO, /* READ(16) */
548 resp_read_dt0, read_iarr, {16, 0xfe, 0xff, 0xff, 0xff, 0xff,
549 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xc7} },
550 /* 10 */
551 {ARRAY_SIZE(write_iarr), 0x8a, 0, F_D_OUT | FF_MEDIA_IO,
552 resp_write_dt0, write_iarr, /* WRITE(16) */
553 {16, 0xfa, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
554 0xff, 0xff, 0xff, 0xff, 0xff, 0xc7} },
555 {0, 0x1b, 0, F_SSU_DELAY, resp_start_stop, NULL,/* START STOP UNIT */
556 {6, 0x1, 0, 0xf, 0xf7, 0xc7, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} },
557 {ARRAY_SIZE(sa_in_16_iarr), 0x9e, 0x10, F_SA_LOW | F_D_IN,
558 resp_readcap16, sa_in_16_iarr, /* SA_IN(16), READ CAPACITY(16) */
559 {16, 0x10, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
560 0xff, 0xff, 0xff, 0xff, 0x1, 0xc7} },
561 {0, 0x9f, 0x12, F_SA_LOW | F_D_OUT | FF_MEDIA_IO, resp_write_scat,
562 NULL, {16, 0x12, 0xf9, 0x0, 0xff, 0xff, 0, 0, 0xff, 0xff, 0xff,
563 0xff, 0xff, 0xff, 0xff, 0xc7} }, /* SA_OUT(16), WRITE SCAT(16) */
564 {ARRAY_SIZE(maint_in_iarr), 0xa3, 0xa, F_SA_LOW | F_D_IN,
565 resp_report_tgtpgs, /* MAINT IN, REPORT TARGET PORT GROUPS */
566 maint_in_iarr, {12, 0xea, 0, 0, 0, 0, 0xff, 0xff, 0xff,
567 0xff, 0, 0xc7, 0, 0, 0, 0} },
568 /* 15 */
569 {0, 0, 0, F_INV_OP | FF_RESPOND, NULL, NULL, /* MAINT OUT */
570 {0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} },
571 {0, 0x2f, 0, F_D_OUT_MAYBE | FF_MEDIA_IO, NULL, NULL, /* VERIFY(10) */
572 {10, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xc7,
573 0, 0, 0, 0, 0, 0} },
574 {ARRAY_SIZE(vl_iarr), 0x7f, 0x9, F_SA_HIGH | F_D_IN | FF_MEDIA_IO,
575 resp_read_dt0, vl_iarr, /* VARIABLE LENGTH, READ(32) */
576 {32, 0xc7, 0, 0, 0, 0, 0x3f, 0x18, 0x0, 0x9, 0xfe, 0, 0xff, 0xff,
577 0xff, 0xff} },
578 {ARRAY_SIZE(reserve_iarr), 0x56, 0, F_D_OUT,
579 NULL, reserve_iarr, /* RESERVE(10) <no response function> */
580 {10, 0xff, 0xff, 0xff, 0, 0, 0, 0xff, 0xff, 0xc7, 0, 0, 0, 0, 0,
581 0} },
582 {ARRAY_SIZE(release_iarr), 0x57, 0, F_D_OUT,
583 NULL, release_iarr, /* RELEASE(10) <no response function> */
584 {10, 0x13, 0xff, 0xff, 0, 0, 0, 0xff, 0xff, 0xc7, 0, 0, 0, 0, 0,
585 0} },
586 /* 20 */
587 {0, 0x1e, 0, 0, NULL, NULL, /* ALLOW REMOVAL */
588 {6, 0, 0, 0, 0x3, 0xc7, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} },
589 {0, 0x1, 0, 0, resp_start_stop, NULL, /* REWIND ?? */
590 {6, 0x1, 0, 0, 0, 0xc7, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} },
591 {0, 0, 0, F_INV_OP | FF_RESPOND, NULL, NULL, /* ATA_PT */
592 {0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} },
593 {0, 0x1d, F_D_OUT, 0, NULL, NULL, /* SEND DIAGNOSTIC */
594 {6, 0xf7, 0, 0xff, 0xff, 0xc7, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} },
595 {0, 0x42, 0, F_D_OUT | FF_MEDIA_IO, resp_unmap, NULL, /* UNMAP */
596 {10, 0x1, 0, 0, 0, 0, 0x3f, 0xff, 0xff, 0xc7, 0, 0, 0, 0, 0, 0} },
597 /* 25 */
598 {0, 0x3b, 0, F_D_OUT_MAYBE, resp_write_buffer, NULL,
599 {10, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xc7, 0, 0,
600 0, 0, 0, 0} }, /* WRITE_BUFFER */
601 {ARRAY_SIZE(write_same_iarr), 0x41, 0, F_D_OUT_MAYBE | FF_MEDIA_IO,
602 resp_write_same_10, write_same_iarr, /* WRITE SAME(10) */
603 {10, 0xff, 0xff, 0xff, 0xff, 0xff, 0x3f, 0xff, 0xff, 0xc7, 0,
604 0, 0, 0, 0, 0} },
605 {ARRAY_SIZE(sync_cache_iarr), 0x35, 0, F_SYNC_DELAY | F_M_ACCESS,
606 resp_sync_cache, sync_cache_iarr,
607 {10, 0x7, 0xff, 0xff, 0xff, 0xff, 0x3f, 0xff, 0xff, 0xc7, 0, 0,
608 0, 0, 0, 0} }, /* SYNC_CACHE (10) */
609 {0, 0x89, 0, F_D_OUT | FF_MEDIA_IO, resp_comp_write, NULL,
610 {16, 0xf8, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0, 0,
611 0, 0xff, 0x3f, 0xc7} }, /* COMPARE AND WRITE */
612
613 /* 29 */
614 {0xff, 0, 0, 0, NULL, NULL, /* terminating element */
615 {0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} },
616 };
617
618 static int sdebug_add_host = DEF_NUM_HOST;
619 static int sdebug_ato = DEF_ATO;
620 static int sdebug_cdb_len = DEF_CDB_LEN;
621 static int sdebug_jdelay = DEF_JDELAY; /* if > 0 then unit is jiffies */
622 static int sdebug_dev_size_mb = DEF_DEV_SIZE_MB;
623 static int sdebug_dif = DEF_DIF;
624 static int sdebug_dix = DEF_DIX;
625 static int sdebug_dsense = DEF_D_SENSE;
626 static int sdebug_every_nth = DEF_EVERY_NTH;
627 static int sdebug_fake_rw = DEF_FAKE_RW;
628 static unsigned int sdebug_guard = DEF_GUARD;
629 static int sdebug_lowest_aligned = DEF_LOWEST_ALIGNED;
630 static int sdebug_max_luns = DEF_MAX_LUNS;
631 static int sdebug_max_queue = SDEBUG_CANQUEUE; /* per submit queue */
632 static unsigned int sdebug_medium_error_start = OPT_MEDIUM_ERR_ADDR;
633 static int sdebug_medium_error_count = OPT_MEDIUM_ERR_NUM;
634 static atomic_t retired_max_queue; /* if > 0 then was prior max_queue */
635 static int sdebug_ndelay = DEF_NDELAY; /* if > 0 then unit is nanoseconds */
636 static int sdebug_no_lun_0 = DEF_NO_LUN_0;
637 static int sdebug_no_uld;
638 static int sdebug_num_parts = DEF_NUM_PARTS;
639 static int sdebug_num_tgts = DEF_NUM_TGTS; /* targets per host */
640 static int sdebug_opt_blks = DEF_OPT_BLKS;
641 static int sdebug_opts = DEF_OPTS;
642 static int sdebug_physblk_exp = DEF_PHYSBLK_EXP;
643 static int sdebug_opt_xferlen_exp = DEF_OPT_XFERLEN_EXP;
644 static int sdebug_ptype = DEF_PTYPE; /* SCSI peripheral device type */
645 static int sdebug_scsi_level = DEF_SCSI_LEVEL;
646 static int sdebug_sector_size = DEF_SECTOR_SIZE;
647 static int sdebug_virtual_gb = DEF_VIRTUAL_GB;
648 static int sdebug_vpd_use_hostno = DEF_VPD_USE_HOSTNO;
649 static unsigned int sdebug_lbpu = DEF_LBPU;
650 static unsigned int sdebug_lbpws = DEF_LBPWS;
651 static unsigned int sdebug_lbpws10 = DEF_LBPWS10;
652 static unsigned int sdebug_lbprz = DEF_LBPRZ;
653 static unsigned int sdebug_unmap_alignment = DEF_UNMAP_ALIGNMENT;
654 static unsigned int sdebug_unmap_granularity = DEF_UNMAP_GRANULARITY;
655 static unsigned int sdebug_unmap_max_blocks = DEF_UNMAP_MAX_BLOCKS;
656 static unsigned int sdebug_unmap_max_desc = DEF_UNMAP_MAX_DESC;
657 static unsigned int sdebug_write_same_length = DEF_WRITESAME_LENGTH;
658 static int sdebug_uuid_ctl = DEF_UUID_CTL;
659 static bool sdebug_removable = DEF_REMOVABLE;
660 static bool sdebug_clustering;
661 static bool sdebug_host_lock = DEF_HOST_LOCK;
662 static bool sdebug_strict = DEF_STRICT;
663 static bool sdebug_any_injecting_opt;
664 static bool sdebug_verbose;
665 static bool have_dif_prot;
666 static bool write_since_sync;
667 static bool sdebug_statistics = DEF_STATISTICS;
668 static bool sdebug_wp;
669
670 static unsigned int sdebug_store_sectors;
671 static sector_t sdebug_capacity; /* in sectors */
672
673 /* old BIOS stuff, kernel may get rid of them but some mode sense pages
674 may still need them */
675 static int sdebug_heads; /* heads per disk */
676 static int sdebug_cylinders_per; /* cylinders per surface */
677 static int sdebug_sectors_per; /* sectors per cylinder */
678
679 static LIST_HEAD(sdebug_host_list);
680 static DEFINE_SPINLOCK(sdebug_host_list_lock);
681
682 static unsigned char *fake_storep; /* ramdisk storage */
683 static struct t10_pi_tuple *dif_storep; /* protection info */
684 static void *map_storep; /* provisioning map */
685
686 static unsigned long map_size;
687 static int num_aborts;
688 static int num_dev_resets;
689 static int num_target_resets;
690 static int num_bus_resets;
691 static int num_host_resets;
692 static int dix_writes;
693 static int dix_reads;
694 static int dif_errors;
695
696 static int submit_queues = DEF_SUBMIT_QUEUES; /* > 1 for multi-queue (mq) */
697 static struct sdebug_queue *sdebug_q_arr; /* ptr to array of submit queues */
698
699 static DEFINE_RWLOCK(atomic_rw);
700
701 static char sdebug_proc_name[] = MY_NAME;
702 static const char *my_name = MY_NAME;
703
704 static struct bus_type pseudo_lld_bus;
705
706 static struct device_driver sdebug_driverfs_driver = {
707 .name = sdebug_proc_name,
708 .bus = &pseudo_lld_bus,
709 };
710
711 static const int check_condition_result =
712 (DRIVER_SENSE << 24) | SAM_STAT_CHECK_CONDITION;
713
714 static const int illegal_condition_result =
715 (DRIVER_SENSE << 24) | (DID_ABORT << 16) | SAM_STAT_CHECK_CONDITION;
716
717 static const int device_qfull_result =
718 (DID_OK << 16) | (COMMAND_COMPLETE << 8) | SAM_STAT_TASK_SET_FULL;
719
720
721 /* Only do the extra work involved in logical block provisioning if one or
722 * more of the lbpu, lbpws or lbpws10 parameters are given and we are doing
723 * real reads and writes (i.e. not skipping them for speed).
724 */
725 static inline bool scsi_debug_lbp(void)
726 {
727 return 0 == sdebug_fake_rw &&
728 (sdebug_lbpu || sdebug_lbpws || sdebug_lbpws10);
729 }
730
731 static void *lba2fake_store(unsigned long long lba)
732 {
733 lba = do_div(lba, sdebug_store_sectors);
734
735 return fake_storep + lba * sdebug_sector_size;
736 }
737
738 static struct t10_pi_tuple *dif_store(sector_t sector)
739 {
740 sector = sector_div(sector, sdebug_store_sectors);
741
742 return dif_storep + sector;
743 }
744
745 static void sdebug_max_tgts_luns(void)
746 {
747 struct sdebug_host_info *sdbg_host;
748 struct Scsi_Host *hpnt;
749
750 spin_lock(&sdebug_host_list_lock);
751 list_for_each_entry(sdbg_host, &sdebug_host_list, host_list) {
752 hpnt = sdbg_host->shost;
753 if ((hpnt->this_id >= 0) &&
754 (sdebug_num_tgts > hpnt->this_id))
755 hpnt->max_id = sdebug_num_tgts + 1;
756 else
757 hpnt->max_id = sdebug_num_tgts;
758 /* sdebug_max_luns; */
759 hpnt->max_lun = SCSI_W_LUN_REPORT_LUNS + 1;
760 }
761 spin_unlock(&sdebug_host_list_lock);
762 }
763
764 enum sdeb_cmd_data {SDEB_IN_DATA = 0, SDEB_IN_CDB = 1};
765
766 /* Set in_bit to -1 to indicate no bit position of invalid field */
767 static void mk_sense_invalid_fld(struct scsi_cmnd *scp,
768 enum sdeb_cmd_data c_d,
769 int in_byte, int in_bit)
770 {
771 unsigned char *sbuff;
772 u8 sks[4];
773 int sl, asc;
774
775 sbuff = scp->sense_buffer;
776 if (!sbuff) {
777 sdev_printk(KERN_ERR, scp->device,
778 "%s: sense_buffer is NULL\n", __func__);
779 return;
780 }
781 asc = c_d ? INVALID_FIELD_IN_CDB : INVALID_FIELD_IN_PARAM_LIST;
782 memset(sbuff, 0, SCSI_SENSE_BUFFERSIZE);
783 scsi_build_sense_buffer(sdebug_dsense, sbuff, ILLEGAL_REQUEST, asc, 0);
784 memset(sks, 0, sizeof(sks));
785 sks[0] = 0x80;
786 if (c_d)
787 sks[0] |= 0x40;
788 if (in_bit >= 0) {
789 sks[0] |= 0x8;
790 sks[0] |= 0x7 & in_bit;
791 }
792 put_unaligned_be16(in_byte, sks + 1);
793 if (sdebug_dsense) {
794 sl = sbuff[7] + 8;
795 sbuff[7] = sl;
796 sbuff[sl] = 0x2;
797 sbuff[sl + 1] = 0x6;
798 memcpy(sbuff + sl + 4, sks, 3);
799 } else
800 memcpy(sbuff + 15, sks, 3);
801 if (sdebug_verbose)
802 sdev_printk(KERN_INFO, scp->device, "%s: [sense_key,asc,ascq"
803 "]: [0x5,0x%x,0x0] %c byte=%d, bit=%d\n",
804 my_name, asc, c_d ? 'C' : 'D', in_byte, in_bit);
805 }
806
807 static void mk_sense_buffer(struct scsi_cmnd *scp, int key, int asc, int asq)
808 {
809 unsigned char *sbuff;
810
811 sbuff = scp->sense_buffer;
812 if (!sbuff) {
813 sdev_printk(KERN_ERR, scp->device,
814 "%s: sense_buffer is NULL\n", __func__);
815 return;
816 }
817 memset(sbuff, 0, SCSI_SENSE_BUFFERSIZE);
818
819 scsi_build_sense_buffer(sdebug_dsense, sbuff, key, asc, asq);
820
821 if (sdebug_verbose)
822 sdev_printk(KERN_INFO, scp->device,
823 "%s: [sense_key,asc,ascq]: [0x%x,0x%x,0x%x]\n",
824 my_name, key, asc, asq);
825 }
826
827 static void mk_sense_invalid_opcode(struct scsi_cmnd *scp)
828 {
829 mk_sense_buffer(scp, ILLEGAL_REQUEST, INVALID_OPCODE, 0);
830 }
831
832 static int scsi_debug_ioctl(struct scsi_device *dev, unsigned int cmd,
833 void __user *arg)
834 {
835 if (sdebug_verbose) {
836 if (0x1261 == cmd)
837 sdev_printk(KERN_INFO, dev,
838 "%s: BLKFLSBUF [0x1261]\n", __func__);
839 else if (0x5331 == cmd)
840 sdev_printk(KERN_INFO, dev,
841 "%s: CDROM_GET_CAPABILITY [0x5331]\n",
842 __func__);
843 else
844 sdev_printk(KERN_INFO, dev, "%s: cmd=0x%x\n",
845 __func__, cmd);
846 }
847 return -EINVAL;
848 /* return -ENOTTY; // correct return but upsets fdisk */
849 }
850
851 static void config_cdb_len(struct scsi_device *sdev)
852 {
853 switch (sdebug_cdb_len) {
854 case 6: /* suggest 6 byte READ, WRITE and MODE SENSE/SELECT */
855 sdev->use_10_for_rw = false;
856 sdev->use_16_for_rw = false;
857 sdev->use_10_for_ms = false;
858 break;
859 case 10: /* suggest 10 byte RWs and 6 byte MODE SENSE/SELECT */
860 sdev->use_10_for_rw = true;
861 sdev->use_16_for_rw = false;
862 sdev->use_10_for_ms = false;
863 break;
864 case 12: /* suggest 10 byte RWs and 10 byte MODE SENSE/SELECT */
865 sdev->use_10_for_rw = true;
866 sdev->use_16_for_rw = false;
867 sdev->use_10_for_ms = true;
868 break;
869 case 16:
870 sdev->use_10_for_rw = false;
871 sdev->use_16_for_rw = true;
872 sdev->use_10_for_ms = true;
873 break;
874 case 32: /* No knobs to suggest this so same as 16 for now */
875 sdev->use_10_for_rw = false;
876 sdev->use_16_for_rw = true;
877 sdev->use_10_for_ms = true;
878 break;
879 default:
880 pr_warn("unexpected cdb_len=%d, force to 10\n",
881 sdebug_cdb_len);
882 sdev->use_10_for_rw = true;
883 sdev->use_16_for_rw = false;
884 sdev->use_10_for_ms = false;
885 sdebug_cdb_len = 10;
886 break;
887 }
888 }
889
890 static void all_config_cdb_len(void)
891 {
892 struct sdebug_host_info *sdbg_host;
893 struct Scsi_Host *shost;
894 struct scsi_device *sdev;
895
896 spin_lock(&sdebug_host_list_lock);
897 list_for_each_entry(sdbg_host, &sdebug_host_list, host_list) {
898 shost = sdbg_host->shost;
899 shost_for_each_device(sdev, shost) {
900 config_cdb_len(sdev);
901 }
902 }
903 spin_unlock(&sdebug_host_list_lock);
904 }
905
906 static void clear_luns_changed_on_target(struct sdebug_dev_info *devip)
907 {
908 struct sdebug_host_info *sdhp;
909 struct sdebug_dev_info *dp;
910
911 spin_lock(&sdebug_host_list_lock);
912 list_for_each_entry(sdhp, &sdebug_host_list, host_list) {
913 list_for_each_entry(dp, &sdhp->dev_info_list, dev_list) {
914 if ((devip->sdbg_host == dp->sdbg_host) &&
915 (devip->target == dp->target))
916 clear_bit(SDEBUG_UA_LUNS_CHANGED, dp->uas_bm);
917 }
918 }
919 spin_unlock(&sdebug_host_list_lock);
920 }
921
922 static int make_ua(struct scsi_cmnd *scp, struct sdebug_dev_info *devip)
923 {
924 int k;
925
926 k = find_first_bit(devip->uas_bm, SDEBUG_NUM_UAS);
927 if (k != SDEBUG_NUM_UAS) {
928 const char *cp = NULL;
929
930 switch (k) {
931 case SDEBUG_UA_POR:
932 mk_sense_buffer(scp, UNIT_ATTENTION, UA_RESET_ASC,
933 POWER_ON_RESET_ASCQ);
934 if (sdebug_verbose)
935 cp = "power on reset";
936 break;
937 case SDEBUG_UA_BUS_RESET:
938 mk_sense_buffer(scp, UNIT_ATTENTION, UA_RESET_ASC,
939 BUS_RESET_ASCQ);
940 if (sdebug_verbose)
941 cp = "bus reset";
942 break;
943 case SDEBUG_UA_MODE_CHANGED:
944 mk_sense_buffer(scp, UNIT_ATTENTION, UA_CHANGED_ASC,
945 MODE_CHANGED_ASCQ);
946 if (sdebug_verbose)
947 cp = "mode parameters changed";
948 break;
949 case SDEBUG_UA_CAPACITY_CHANGED:
950 mk_sense_buffer(scp, UNIT_ATTENTION, UA_CHANGED_ASC,
951 CAPACITY_CHANGED_ASCQ);
952 if (sdebug_verbose)
953 cp = "capacity data changed";
954 break;
955 case SDEBUG_UA_MICROCODE_CHANGED:
956 mk_sense_buffer(scp, UNIT_ATTENTION,
957 TARGET_CHANGED_ASC,
958 MICROCODE_CHANGED_ASCQ);
959 if (sdebug_verbose)
960 cp = "microcode has been changed";
961 break;
962 case SDEBUG_UA_MICROCODE_CHANGED_WO_RESET:
963 mk_sense_buffer(scp, UNIT_ATTENTION,
964 TARGET_CHANGED_ASC,
965 MICROCODE_CHANGED_WO_RESET_ASCQ);
966 if (sdebug_verbose)
967 cp = "microcode has been changed without reset";
968 break;
969 case SDEBUG_UA_LUNS_CHANGED:
970 /*
971 * SPC-3 behavior is to report a UNIT ATTENTION with
972 * ASC/ASCQ REPORTED LUNS DATA HAS CHANGED on every LUN
973 * on the target, until a REPORT LUNS command is
974 * received. SPC-4 behavior is to report it only once.
975 * NOTE: sdebug_scsi_level does not use the same
976 * values as struct scsi_device->scsi_level.
977 */
978 if (sdebug_scsi_level >= 6) /* SPC-4 and above */
979 clear_luns_changed_on_target(devip);
980 mk_sense_buffer(scp, UNIT_ATTENTION,
981 TARGET_CHANGED_ASC,
982 LUNS_CHANGED_ASCQ);
983 if (sdebug_verbose)
984 cp = "reported luns data has changed";
985 break;
986 default:
987 pr_warn("unexpected unit attention code=%d\n", k);
988 if (sdebug_verbose)
989 cp = "unknown";
990 break;
991 }
992 clear_bit(k, devip->uas_bm);
993 if (sdebug_verbose)
994 sdev_printk(KERN_INFO, scp->device,
995 "%s reports: Unit attention: %s\n",
996 my_name, cp);
997 return check_condition_result;
998 }
999 return 0;
1000 }
1001
1002 /* Build SCSI "data-in" buffer. Returns 0 if ok else (DID_ERROR << 16). */
1003 static int fill_from_dev_buffer(struct scsi_cmnd *scp, unsigned char *arr,
1004 int arr_len)
1005 {
1006 int act_len;
1007 struct scsi_data_buffer *sdb = &scp->sdb;
1008
1009 if (!sdb->length)
1010 return 0;
1011 if (scp->sc_data_direction != DMA_FROM_DEVICE)
1012 return DID_ERROR << 16;
1013
1014 act_len = sg_copy_from_buffer(sdb->table.sgl, sdb->table.nents,
1015 arr, arr_len);
1016 scsi_set_resid(scp, scsi_bufflen(scp) - act_len);
1017
1018 return 0;
1019 }
1020
1021 /* Partial build of SCSI "data-in" buffer. Returns 0 if ok else
1022 * (DID_ERROR << 16). Can write to offset in data-in buffer. If multiple
1023 * calls, not required to write in ascending offset order. Assumes resid
1024 * set to scsi_bufflen() prior to any calls.
1025 */
1026 static int p_fill_from_dev_buffer(struct scsi_cmnd *scp, const void *arr,
1027 int arr_len, unsigned int off_dst)
1028 {
1029 unsigned int act_len, n;
1030 struct scsi_data_buffer *sdb = &scp->sdb;
1031 off_t skip = off_dst;
1032
1033 if (sdb->length <= off_dst)
1034 return 0;
1035 if (scp->sc_data_direction != DMA_FROM_DEVICE)
1036 return DID_ERROR << 16;
1037
1038 act_len = sg_pcopy_from_buffer(sdb->table.sgl, sdb->table.nents,
1039 arr, arr_len, skip);
1040 pr_debug("%s: off_dst=%u, scsi_bufflen=%u, act_len=%u, resid=%d\n",
1041 __func__, off_dst, scsi_bufflen(scp), act_len,
1042 scsi_get_resid(scp));
1043 n = scsi_bufflen(scp) - (off_dst + act_len);
1044 scsi_set_resid(scp, min(scsi_get_resid(scp), n));
1045 return 0;
1046 }
1047
1048 /* Fetches from SCSI "data-out" buffer. Returns number of bytes fetched into
1049 * 'arr' or -1 if error.
1050 */
1051 static int fetch_to_dev_buffer(struct scsi_cmnd *scp, unsigned char *arr,
1052 int arr_len)
1053 {
1054 if (!scsi_bufflen(scp))
1055 return 0;
1056 if (scp->sc_data_direction != DMA_TO_DEVICE)
1057 return -1;
1058
1059 return scsi_sg_copy_to_buffer(scp, arr, arr_len);
1060 }
1061
1062
1063 static char sdebug_inq_vendor_id[9] = "Linux ";
1064 static char sdebug_inq_product_id[17] = "scsi_debug ";
1065 static char sdebug_inq_product_rev[5] = SDEBUG_VERSION;
1066 /* Use some locally assigned NAAs for SAS addresses. */
1067 static const u64 naa3_comp_a = 0x3222222000000000ULL;
1068 static const u64 naa3_comp_b = 0x3333333000000000ULL;
1069 static const u64 naa3_comp_c = 0x3111111000000000ULL;
1070
1071 /* Device identification VPD page. Returns number of bytes placed in arr */
1072 static int inquiry_vpd_83(unsigned char *arr, int port_group_id,
1073 int target_dev_id, int dev_id_num,
1074 const char *dev_id_str, int dev_id_str_len,
1075 const uuid_t *lu_name)
1076 {
1077 int num, port_a;
1078 char b[32];
1079
1080 port_a = target_dev_id + 1;
1081 /* T10 vendor identifier field format (faked) */
1082 arr[0] = 0x2; /* ASCII */
1083 arr[1] = 0x1;
1084 arr[2] = 0x0;
1085 memcpy(&arr[4], sdebug_inq_vendor_id, 8);
1086 memcpy(&arr[12], sdebug_inq_product_id, 16);
1087 memcpy(&arr[28], dev_id_str, dev_id_str_len);
1088 num = 8 + 16 + dev_id_str_len;
1089 arr[3] = num;
1090 num += 4;
1091 if (dev_id_num >= 0) {
1092 if (sdebug_uuid_ctl) {
1093 /* Locally assigned UUID */
1094 arr[num++] = 0x1; /* binary (not necessarily sas) */
1095 arr[num++] = 0xa; /* PIV=0, lu, naa */
1096 arr[num++] = 0x0;
1097 arr[num++] = 0x12;
1098 arr[num++] = 0x10; /* uuid type=1, locally assigned */
1099 arr[num++] = 0x0;
1100 memcpy(arr + num, lu_name, 16);
1101 num += 16;
1102 } else {
1103 /* NAA-3, Logical unit identifier (binary) */
1104 arr[num++] = 0x1; /* binary (not necessarily sas) */
1105 arr[num++] = 0x3; /* PIV=0, lu, naa */
1106 arr[num++] = 0x0;
1107 arr[num++] = 0x8;
1108 put_unaligned_be64(naa3_comp_b + dev_id_num, arr + num);
1109 num += 8;
1110 }
1111 /* Target relative port number */
1112 arr[num++] = 0x61; /* proto=sas, binary */
1113 arr[num++] = 0x94; /* PIV=1, target port, rel port */
1114 arr[num++] = 0x0; /* reserved */
1115 arr[num++] = 0x4; /* length */
1116 arr[num++] = 0x0; /* reserved */
1117 arr[num++] = 0x0; /* reserved */
1118 arr[num++] = 0x0;
1119 arr[num++] = 0x1; /* relative port A */
1120 }
1121 /* NAA-3, Target port identifier */
1122 arr[num++] = 0x61; /* proto=sas, binary */
1123 arr[num++] = 0x93; /* piv=1, target port, naa */
1124 arr[num++] = 0x0;
1125 arr[num++] = 0x8;
1126 put_unaligned_be64(naa3_comp_a + port_a, arr + num);
1127 num += 8;
1128 /* NAA-3, Target port group identifier */
1129 arr[num++] = 0x61; /* proto=sas, binary */
1130 arr[num++] = 0x95; /* piv=1, target port group id */
1131 arr[num++] = 0x0;
1132 arr[num++] = 0x4;
1133 arr[num++] = 0;
1134 arr[num++] = 0;
1135 put_unaligned_be16(port_group_id, arr + num);
1136 num += 2;
1137 /* NAA-3, Target device identifier */
1138 arr[num++] = 0x61; /* proto=sas, binary */
1139 arr[num++] = 0xa3; /* piv=1, target device, naa */
1140 arr[num++] = 0x0;
1141 arr[num++] = 0x8;
1142 put_unaligned_be64(naa3_comp_a + target_dev_id, arr + num);
1143 num += 8;
1144 /* SCSI name string: Target device identifier */
1145 arr[num++] = 0x63; /* proto=sas, UTF-8 */
1146 arr[num++] = 0xa8; /* piv=1, target device, SCSI name string */
1147 arr[num++] = 0x0;
1148 arr[num++] = 24;
1149 memcpy(arr + num, "naa.32222220", 12);
1150 num += 12;
1151 snprintf(b, sizeof(b), "%08X", target_dev_id);
1152 memcpy(arr + num, b, 8);
1153 num += 8;
1154 memset(arr + num, 0, 4);
1155 num += 4;
1156 return num;
1157 }
1158
1159 static unsigned char vpd84_data[] = {
1160 /* from 4th byte */ 0x22,0x22,0x22,0x0,0xbb,0x0,
1161 0x22,0x22,0x22,0x0,0xbb,0x1,
1162 0x22,0x22,0x22,0x0,0xbb,0x2,
1163 };
1164
1165 /* Software interface identification VPD page */
1166 static int inquiry_vpd_84(unsigned char *arr)
1167 {
1168 memcpy(arr, vpd84_data, sizeof(vpd84_data));
1169 return sizeof(vpd84_data);
1170 }
1171
1172 /* Management network addresses VPD page */
1173 static int inquiry_vpd_85(unsigned char *arr)
1174 {
1175 int num = 0;
1176 const char *na1 = "https://www.kernel.org/config";
1177 const char *na2 = "http://www.kernel.org/log";
1178 int plen, olen;
1179
1180 arr[num++] = 0x1; /* lu, storage config */
1181 arr[num++] = 0x0; /* reserved */
1182 arr[num++] = 0x0;
1183 olen = strlen(na1);
1184 plen = olen + 1;
1185 if (plen % 4)
1186 plen = ((plen / 4) + 1) * 4;
1187 arr[num++] = plen; /* length, null termianted, padded */
1188 memcpy(arr + num, na1, olen);
1189 memset(arr + num + olen, 0, plen - olen);
1190 num += plen;
1191
1192 arr[num++] = 0x4; /* lu, logging */
1193 arr[num++] = 0x0; /* reserved */
1194 arr[num++] = 0x0;
1195 olen = strlen(na2);
1196 plen = olen + 1;
1197 if (plen % 4)
1198 plen = ((plen / 4) + 1) * 4;
1199 arr[num++] = plen; /* length, null terminated, padded */
1200 memcpy(arr + num, na2, olen);
1201 memset(arr + num + olen, 0, plen - olen);
1202 num += plen;
1203
1204 return num;
1205 }
1206
1207 /* SCSI ports VPD page */
1208 static int inquiry_vpd_88(unsigned char *arr, int target_dev_id)
1209 {
1210 int num = 0;
1211 int port_a, port_b;
1212
1213 port_a = target_dev_id + 1;
1214 port_b = port_a + 1;
1215 arr[num++] = 0x0; /* reserved */
1216 arr[num++] = 0x0; /* reserved */
1217 arr[num++] = 0x0;
1218 arr[num++] = 0x1; /* relative port 1 (primary) */
1219 memset(arr + num, 0, 6);
1220 num += 6;
1221 arr[num++] = 0x0;
1222 arr[num++] = 12; /* length tp descriptor */
1223 /* naa-5 target port identifier (A) */
1224 arr[num++] = 0x61; /* proto=sas, binary */
1225 arr[num++] = 0x93; /* PIV=1, target port, NAA */
1226 arr[num++] = 0x0; /* reserved */
1227 arr[num++] = 0x8; /* length */
1228 put_unaligned_be64(naa3_comp_a + port_a, arr + num);
1229 num += 8;
1230 arr[num++] = 0x0; /* reserved */
1231 arr[num++] = 0x0; /* reserved */
1232 arr[num++] = 0x0;
1233 arr[num++] = 0x2; /* relative port 2 (secondary) */
1234 memset(arr + num, 0, 6);
1235 num += 6;
1236 arr[num++] = 0x0;
1237 arr[num++] = 12; /* length tp descriptor */
1238 /* naa-5 target port identifier (B) */
1239 arr[num++] = 0x61; /* proto=sas, binary */
1240 arr[num++] = 0x93; /* PIV=1, target port, NAA */
1241 arr[num++] = 0x0; /* reserved */
1242 arr[num++] = 0x8; /* length */
1243 put_unaligned_be64(naa3_comp_a + port_b, arr + num);
1244 num += 8;
1245
1246 return num;
1247 }
1248
1249
1250 static unsigned char vpd89_data[] = {
1251 /* from 4th byte */ 0,0,0,0,
1252 'l','i','n','u','x',' ',' ',' ',
1253 'S','A','T',' ','s','c','s','i','_','d','e','b','u','g',' ',' ',
1254 '1','2','3','4',
1255 0x34,0,0,0,1,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,
1256 0xec,0,0,0,
1257 0x5a,0xc,0xff,0x3f,0x37,0xc8,0x10,0,0,0,0,0,0x3f,0,0,0,
1258 0,0,0,0,0x58,0x58,0x58,0x58,0x58,0x58,0x58,0x58,0x20,0x20,0x20,0x20,
1259 0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,0,0,0,0x40,0x4,0,0x2e,0x33,
1260 0x38,0x31,0x20,0x20,0x20,0x20,0x54,0x53,0x38,0x33,0x30,0x30,0x33,0x31,
1261 0x53,0x41,
1262 0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,
1263 0x20,0x20,
1264 0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,
1265 0x10,0x80,
1266 0,0,0,0x2f,0,0,0,0x2,0,0x2,0x7,0,0xff,0xff,0x1,0,
1267 0x3f,0,0xc1,0xff,0x3e,0,0x10,0x1,0xb0,0xf8,0x50,0x9,0,0,0x7,0,
1268 0x3,0,0x78,0,0x78,0,0xf0,0,0x78,0,0,0,0,0,0,0,
1269 0,0,0,0,0,0,0,0,0x2,0,0,0,0,0,0,0,
1270 0x7e,0,0x1b,0,0x6b,0x34,0x1,0x7d,0x3,0x40,0x69,0x34,0x1,0x3c,0x3,0x40,
1271 0x7f,0x40,0,0,0,0,0xfe,0xfe,0,0,0,0,0,0xfe,0,0,
1272 0,0,0,0,0,0,0,0,0xb0,0xf8,0x50,0x9,0,0,0,0,
1273 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
1274 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
1275 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
1276 0x1,0,0xb0,0xf8,0x50,0x9,0xb0,0xf8,0x50,0x9,0x20,0x20,0x2,0,0xb6,0x42,
1277 0,0x80,0x8a,0,0x6,0x3c,0xa,0x3c,0xff,0xff,0xc6,0x7,0,0x1,0,0x8,
1278 0xf0,0xf,0,0x10,0x2,0,0x30,0,0,0,0,0,0,0,0x6,0xfe,
1279 0,0,0x2,0,0x50,0,0x8a,0,0x4f,0x95,0,0,0x21,0,0xb,0,
1280 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
1281 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
1282 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
1283 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
1284 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
1285 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
1286 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
1287 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
1288 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
1289 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
1290 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
1291 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0xa5,0x51,
1292 };
1293
1294 /* ATA Information VPD page */
1295 static int inquiry_vpd_89(unsigned char *arr)
1296 {
1297 memcpy(arr, vpd89_data, sizeof(vpd89_data));
1298 return sizeof(vpd89_data);
1299 }
1300
1301
1302 static unsigned char vpdb0_data[] = {
1303 /* from 4th byte */ 0,0,0,4, 0,0,0x4,0, 0,0,0,64,
1304 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
1305 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
1306 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
1307 };
1308
1309 /* Block limits VPD page (SBC-3) */
1310 static int inquiry_vpd_b0(unsigned char *arr)
1311 {
1312 unsigned int gran;
1313
1314 memcpy(arr, vpdb0_data, sizeof(vpdb0_data));
1315
1316 /* Optimal transfer length granularity */
1317 if (sdebug_opt_xferlen_exp != 0 &&
1318 sdebug_physblk_exp < sdebug_opt_xferlen_exp)
1319 gran = 1 << sdebug_opt_xferlen_exp;
1320 else
1321 gran = 1 << sdebug_physblk_exp;
1322 put_unaligned_be16(gran, arr + 2);
1323
1324 /* Maximum Transfer Length */
1325 if (sdebug_store_sectors > 0x400)
1326 put_unaligned_be32(sdebug_store_sectors, arr + 4);
1327
1328 /* Optimal Transfer Length */
1329 put_unaligned_be32(sdebug_opt_blks, &arr[8]);
1330
1331 if (sdebug_lbpu) {
1332 /* Maximum Unmap LBA Count */
1333 put_unaligned_be32(sdebug_unmap_max_blocks, &arr[16]);
1334
1335 /* Maximum Unmap Block Descriptor Count */
1336 put_unaligned_be32(sdebug_unmap_max_desc, &arr[20]);
1337 }
1338
1339 /* Unmap Granularity Alignment */
1340 if (sdebug_unmap_alignment) {
1341 put_unaligned_be32(sdebug_unmap_alignment, &arr[28]);
1342 arr[28] |= 0x80; /* UGAVALID */
1343 }
1344
1345 /* Optimal Unmap Granularity */
1346 put_unaligned_be32(sdebug_unmap_granularity, &arr[24]);
1347
1348 /* Maximum WRITE SAME Length */
1349 put_unaligned_be64(sdebug_write_same_length, &arr[32]);
1350
1351 return 0x3c; /* Mandatory page length for Logical Block Provisioning */
1352
1353 return sizeof(vpdb0_data);
1354 }
1355
1356 /* Block device characteristics VPD page (SBC-3) */
1357 static int inquiry_vpd_b1(unsigned char *arr)
1358 {
1359 memset(arr, 0, 0x3c);
1360 arr[0] = 0;
1361 arr[1] = 1; /* non rotating medium (e.g. solid state) */
1362 arr[2] = 0;
1363 arr[3] = 5; /* less than 1.8" */
1364
1365 return 0x3c;
1366 }
1367
1368 /* Logical block provisioning VPD page (SBC-4) */
1369 static int inquiry_vpd_b2(unsigned char *arr)
1370 {
1371 memset(arr, 0, 0x4);
1372 arr[0] = 0; /* threshold exponent */
1373 if (sdebug_lbpu)
1374 arr[1] = 1 << 7;
1375 if (sdebug_lbpws)
1376 arr[1] |= 1 << 6;
1377 if (sdebug_lbpws10)
1378 arr[1] |= 1 << 5;
1379 if (sdebug_lbprz && scsi_debug_lbp())
1380 arr[1] |= (sdebug_lbprz & 0x7) << 2; /* sbc4r07 and later */
1381 /* anc_sup=0; dp=0 (no provisioning group descriptor) */
1382 /* minimum_percentage=0; provisioning_type=0 (unknown) */
1383 /* threshold_percentage=0 */
1384 return 0x4;
1385 }
1386
1387 #define SDEBUG_LONG_INQ_SZ 96
1388 #define SDEBUG_MAX_INQ_ARR_SZ 584
1389
1390 static int resp_inquiry(struct scsi_cmnd *scp, struct sdebug_dev_info *devip)
1391 {
1392 unsigned char pq_pdt;
1393 unsigned char *arr;
1394 unsigned char *cmd = scp->cmnd;
1395 int alloc_len, n, ret;
1396 bool have_wlun, is_disk;
1397
1398 alloc_len = get_unaligned_be16(cmd + 3);
1399 arr = kzalloc(SDEBUG_MAX_INQ_ARR_SZ, GFP_ATOMIC);
1400 if (! arr)
1401 return DID_REQUEUE << 16;
1402 is_disk = (sdebug_ptype == TYPE_DISK);
1403 have_wlun = scsi_is_wlun(scp->device->lun);
1404 if (have_wlun)
1405 pq_pdt = TYPE_WLUN; /* present, wlun */
1406 else if (sdebug_no_lun_0 && (devip->lun == SDEBUG_LUN_0_VAL))
1407 pq_pdt = 0x7f; /* not present, PQ=3, PDT=0x1f */
1408 else
1409 pq_pdt = (sdebug_ptype & 0x1f);
1410 arr[0] = pq_pdt;
1411 if (0x2 & cmd[1]) { /* CMDDT bit set */
1412 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 1, 1);
1413 kfree(arr);
1414 return check_condition_result;
1415 } else if (0x1 & cmd[1]) { /* EVPD bit set */
1416 int lu_id_num, port_group_id, target_dev_id, len;
1417 char lu_id_str[6];
1418 int host_no = devip->sdbg_host->shost->host_no;
1419
1420 port_group_id = (((host_no + 1) & 0x7f) << 8) +
1421 (devip->channel & 0x7f);
1422 if (sdebug_vpd_use_hostno == 0)
1423 host_no = 0;
1424 lu_id_num = have_wlun ? -1 : (((host_no + 1) * 2000) +
1425 (devip->target * 1000) + devip->lun);
1426 target_dev_id = ((host_no + 1) * 2000) +
1427 (devip->target * 1000) - 3;
1428 len = scnprintf(lu_id_str, 6, "%d", lu_id_num);
1429 if (0 == cmd[2]) { /* supported vital product data pages */
1430 arr[1] = cmd[2]; /*sanity */
1431 n = 4;
1432 arr[n++] = 0x0; /* this page */
1433 arr[n++] = 0x80; /* unit serial number */
1434 arr[n++] = 0x83; /* device identification */
1435 arr[n++] = 0x84; /* software interface ident. */
1436 arr[n++] = 0x85; /* management network addresses */
1437 arr[n++] = 0x86; /* extended inquiry */
1438 arr[n++] = 0x87; /* mode page policy */
1439 arr[n++] = 0x88; /* SCSI ports */
1440 if (is_disk) { /* SBC only */
1441 arr[n++] = 0x89; /* ATA information */
1442 arr[n++] = 0xb0; /* Block limits */
1443 arr[n++] = 0xb1; /* Block characteristics */
1444 arr[n++] = 0xb2; /* Logical Block Prov */
1445 }
1446 arr[3] = n - 4; /* number of supported VPD pages */
1447 } else if (0x80 == cmd[2]) { /* unit serial number */
1448 arr[1] = cmd[2]; /*sanity */
1449 arr[3] = len;
1450 memcpy(&arr[4], lu_id_str, len);
1451 } else if (0x83 == cmd[2]) { /* device identification */
1452 arr[1] = cmd[2]; /*sanity */
1453 arr[3] = inquiry_vpd_83(&arr[4], port_group_id,
1454 target_dev_id, lu_id_num,
1455 lu_id_str, len,
1456 &devip->lu_name);
1457 } else if (0x84 == cmd[2]) { /* Software interface ident. */
1458 arr[1] = cmd[2]; /*sanity */
1459 arr[3] = inquiry_vpd_84(&arr[4]);
1460 } else if (0x85 == cmd[2]) { /* Management network addresses */
1461 arr[1] = cmd[2]; /*sanity */
1462 arr[3] = inquiry_vpd_85(&arr[4]);
1463 } else if (0x86 == cmd[2]) { /* extended inquiry */
1464 arr[1] = cmd[2]; /*sanity */
1465 arr[3] = 0x3c; /* number of following entries */
1466 if (sdebug_dif == T10_PI_TYPE3_PROTECTION)
1467 arr[4] = 0x4; /* SPT: GRD_CHK:1 */
1468 else if (have_dif_prot)
1469 arr[4] = 0x5; /* SPT: GRD_CHK:1, REF_CHK:1 */
1470 else
1471 arr[4] = 0x0; /* no protection stuff */
1472 arr[5] = 0x7; /* head of q, ordered + simple q's */
1473 } else if (0x87 == cmd[2]) { /* mode page policy */
1474 arr[1] = cmd[2]; /*sanity */
1475 arr[3] = 0x8; /* number of following entries */
1476 arr[4] = 0x2; /* disconnect-reconnect mp */
1477 arr[6] = 0x80; /* mlus, shared */
1478 arr[8] = 0x18; /* protocol specific lu */
1479 arr[10] = 0x82; /* mlus, per initiator port */
1480 } else if (0x88 == cmd[2]) { /* SCSI Ports */
1481 arr[1] = cmd[2]; /*sanity */
1482 arr[3] = inquiry_vpd_88(&arr[4], target_dev_id);
1483 } else if (is_disk && 0x89 == cmd[2]) { /* ATA information */
1484 arr[1] = cmd[2]; /*sanity */
1485 n = inquiry_vpd_89(&arr[4]);
1486 put_unaligned_be16(n, arr + 2);
1487 } else if (is_disk && 0xb0 == cmd[2]) { /* Block limits */
1488 arr[1] = cmd[2]; /*sanity */
1489 arr[3] = inquiry_vpd_b0(&arr[4]);
1490 } else if (is_disk && 0xb1 == cmd[2]) { /* Block char. */
1491 arr[1] = cmd[2]; /*sanity */
1492 arr[3] = inquiry_vpd_b1(&arr[4]);
1493 } else if (is_disk && 0xb2 == cmd[2]) { /* LB Prov. */
1494 arr[1] = cmd[2]; /*sanity */
1495 arr[3] = inquiry_vpd_b2(&arr[4]);
1496 } else {
1497 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 2, -1);
1498 kfree(arr);
1499 return check_condition_result;
1500 }
1501 len = min(get_unaligned_be16(arr + 2) + 4, alloc_len);
1502 ret = fill_from_dev_buffer(scp, arr,
1503 min(len, SDEBUG_MAX_INQ_ARR_SZ));
1504 kfree(arr);
1505 return ret;
1506 }
1507 /* drops through here for a standard inquiry */
1508 arr[1] = sdebug_removable ? 0x80 : 0; /* Removable disk */
1509 arr[2] = sdebug_scsi_level;
1510 arr[3] = 2; /* response_data_format==2 */
1511 arr[4] = SDEBUG_LONG_INQ_SZ - 5;
1512 arr[5] = (int)have_dif_prot; /* PROTECT bit */
1513 if (sdebug_vpd_use_hostno == 0)
1514 arr[5] |= 0x10; /* claim: implicit TPGS */
1515 arr[6] = 0x10; /* claim: MultiP */
1516 /* arr[6] |= 0x40; ... claim: EncServ (enclosure services) */
1517 arr[7] = 0xa; /* claim: LINKED + CMDQUE */
1518 memcpy(&arr[8], sdebug_inq_vendor_id, 8);
1519 memcpy(&arr[16], sdebug_inq_product_id, 16);
1520 memcpy(&arr[32], sdebug_inq_product_rev, 4);
1521 /* Use Vendor Specific area to place driver date in ASCII hex */
1522 memcpy(&arr[36], sdebug_version_date, 8);
1523 /* version descriptors (2 bytes each) follow */
1524 put_unaligned_be16(0xc0, arr + 58); /* SAM-6 no version claimed */
1525 put_unaligned_be16(0x5c0, arr + 60); /* SPC-5 no version claimed */
1526 n = 62;
1527 if (is_disk) { /* SBC-4 no version claimed */
1528 put_unaligned_be16(0x600, arr + n);
1529 n += 2;
1530 } else if (sdebug_ptype == TYPE_TAPE) { /* SSC-4 rev 3 */
1531 put_unaligned_be16(0x525, arr + n);
1532 n += 2;
1533 }
1534 put_unaligned_be16(0x2100, arr + n); /* SPL-4 no version claimed */
1535 ret = fill_from_dev_buffer(scp, arr,
1536 min(alloc_len, SDEBUG_LONG_INQ_SZ));
1537 kfree(arr);
1538 return ret;
1539 }
1540
1541 static unsigned char iec_m_pg[] = {0x1c, 0xa, 0x08, 0, 0, 0, 0, 0,
1542 0, 0, 0x0, 0x0};
1543
1544 static int resp_requests(struct scsi_cmnd *scp,
1545 struct sdebug_dev_info *devip)
1546 {
1547 unsigned char *sbuff;
1548 unsigned char *cmd = scp->cmnd;
1549 unsigned char arr[SCSI_SENSE_BUFFERSIZE];
1550 bool dsense;
1551 int len = 18;
1552
1553 memset(arr, 0, sizeof(arr));
1554 dsense = !!(cmd[1] & 1);
1555 sbuff = scp->sense_buffer;
1556 if ((iec_m_pg[2] & 0x4) && (6 == (iec_m_pg[3] & 0xf))) {
1557 if (dsense) {
1558 arr[0] = 0x72;
1559 arr[1] = 0x0; /* NO_SENSE in sense_key */
1560 arr[2] = THRESHOLD_EXCEEDED;
1561 arr[3] = 0xff; /* TEST set and MRIE==6 */
1562 len = 8;
1563 } else {
1564 arr[0] = 0x70;
1565 arr[2] = 0x0; /* NO_SENSE in sense_key */
1566 arr[7] = 0xa; /* 18 byte sense buffer */
1567 arr[12] = THRESHOLD_EXCEEDED;
1568 arr[13] = 0xff; /* TEST set and MRIE==6 */
1569 }
1570 } else {
1571 memcpy(arr, sbuff, SCSI_SENSE_BUFFERSIZE);
1572 if (arr[0] >= 0x70 && dsense == sdebug_dsense)
1573 ; /* have sense and formats match */
1574 else if (arr[0] <= 0x70) {
1575 if (dsense) {
1576 memset(arr, 0, 8);
1577 arr[0] = 0x72;
1578 len = 8;
1579 } else {
1580 memset(arr, 0, 18);
1581 arr[0] = 0x70;
1582 arr[7] = 0xa;
1583 }
1584 } else if (dsense) {
1585 memset(arr, 0, 8);
1586 arr[0] = 0x72;
1587 arr[1] = sbuff[2]; /* sense key */
1588 arr[2] = sbuff[12]; /* asc */
1589 arr[3] = sbuff[13]; /* ascq */
1590 len = 8;
1591 } else {
1592 memset(arr, 0, 18);
1593 arr[0] = 0x70;
1594 arr[2] = sbuff[1];
1595 arr[7] = 0xa;
1596 arr[12] = sbuff[1];
1597 arr[13] = sbuff[3];
1598 }
1599
1600 }
1601 mk_sense_buffer(scp, 0, NO_ADDITIONAL_SENSE, 0);
1602 return fill_from_dev_buffer(scp, arr, len);
1603 }
1604
1605 static int resp_start_stop(struct scsi_cmnd *scp,
1606 struct sdebug_dev_info *devip)
1607 {
1608 unsigned char *cmd = scp->cmnd;
1609 int power_cond, stop;
1610 bool changing;
1611
1612 power_cond = (cmd[4] & 0xf0) >> 4;
1613 if (power_cond) {
1614 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 4, 7);
1615 return check_condition_result;
1616 }
1617 stop = !(cmd[4] & 1);
1618 changing = atomic_read(&devip->stopped) == !stop;
1619 atomic_xchg(&devip->stopped, stop);
1620 if (!changing || cmd[1] & 0x1) /* state unchanged or IMMED set */
1621 return SDEG_RES_IMMED_MASK;
1622 else
1623 return 0;
1624 }
1625
1626 static sector_t get_sdebug_capacity(void)
1627 {
1628 static const unsigned int gibibyte = 1073741824;
1629
1630 if (sdebug_virtual_gb > 0)
1631 return (sector_t)sdebug_virtual_gb *
1632 (gibibyte / sdebug_sector_size);
1633 else
1634 return sdebug_store_sectors;
1635 }
1636
1637 #define SDEBUG_READCAP_ARR_SZ 8
1638 static int resp_readcap(struct scsi_cmnd *scp,
1639 struct sdebug_dev_info *devip)
1640 {
1641 unsigned char arr[SDEBUG_READCAP_ARR_SZ];
1642 unsigned int capac;
1643
1644 /* following just in case virtual_gb changed */
1645 sdebug_capacity = get_sdebug_capacity();
1646 memset(arr, 0, SDEBUG_READCAP_ARR_SZ);
1647 if (sdebug_capacity < 0xffffffff) {
1648 capac = (unsigned int)sdebug_capacity - 1;
1649 put_unaligned_be32(capac, arr + 0);
1650 } else
1651 put_unaligned_be32(0xffffffff, arr + 0);
1652 put_unaligned_be16(sdebug_sector_size, arr + 6);
1653 return fill_from_dev_buffer(scp, arr, SDEBUG_READCAP_ARR_SZ);
1654 }
1655
1656 #define SDEBUG_READCAP16_ARR_SZ 32
1657 static int resp_readcap16(struct scsi_cmnd *scp,
1658 struct sdebug_dev_info *devip)
1659 {
1660 unsigned char *cmd = scp->cmnd;
1661 unsigned char arr[SDEBUG_READCAP16_ARR_SZ];
1662 int alloc_len;
1663
1664 alloc_len = get_unaligned_be32(cmd + 10);
1665 /* following just in case virtual_gb changed */
1666 sdebug_capacity = get_sdebug_capacity();
1667 memset(arr, 0, SDEBUG_READCAP16_ARR_SZ);
1668 put_unaligned_be64((u64)(sdebug_capacity - 1), arr + 0);
1669 put_unaligned_be32(sdebug_sector_size, arr + 8);
1670 arr[13] = sdebug_physblk_exp & 0xf;
1671 arr[14] = (sdebug_lowest_aligned >> 8) & 0x3f;
1672
1673 if (scsi_debug_lbp()) {
1674 arr[14] |= 0x80; /* LBPME */
1675 /* from sbc4r07, this LBPRZ field is 1 bit, but the LBPRZ in
1676 * the LB Provisioning VPD page is 3 bits. Note that lbprz=2
1677 * in the wider field maps to 0 in this field.
1678 */
1679 if (sdebug_lbprz & 1) /* precisely what the draft requires */
1680 arr[14] |= 0x40;
1681 }
1682
1683 arr[15] = sdebug_lowest_aligned & 0xff;
1684
1685 if (have_dif_prot) {
1686 arr[12] = (sdebug_dif - 1) << 1; /* P_TYPE */
1687 arr[12] |= 1; /* PROT_EN */
1688 }
1689
1690 return fill_from_dev_buffer(scp, arr,
1691 min(alloc_len, SDEBUG_READCAP16_ARR_SZ));
1692 }
1693
1694 #define SDEBUG_MAX_TGTPGS_ARR_SZ 1412
1695
1696 static int resp_report_tgtpgs(struct scsi_cmnd *scp,
1697 struct sdebug_dev_info *devip)
1698 {
1699 unsigned char *cmd = scp->cmnd;
1700 unsigned char *arr;
1701 int host_no = devip->sdbg_host->shost->host_no;
1702 int n, ret, alen, rlen;
1703 int port_group_a, port_group_b, port_a, port_b;
1704
1705 alen = get_unaligned_be32(cmd + 6);
1706 arr = kzalloc(SDEBUG_MAX_TGTPGS_ARR_SZ, GFP_ATOMIC);
1707 if (! arr)
1708 return DID_REQUEUE << 16;
1709 /*
1710 * EVPD page 0x88 states we have two ports, one
1711 * real and a fake port with no device connected.
1712 * So we create two port groups with one port each
1713 * and set the group with port B to unavailable.
1714 */
1715 port_a = 0x1; /* relative port A */
1716 port_b = 0x2; /* relative port B */
1717 port_group_a = (((host_no + 1) & 0x7f) << 8) +
1718 (devip->channel & 0x7f);
1719 port_group_b = (((host_no + 1) & 0x7f) << 8) +
1720 (devip->channel & 0x7f) + 0x80;
1721
1722 /*
1723 * The asymmetric access state is cycled according to the host_id.
1724 */
1725 n = 4;
1726 if (sdebug_vpd_use_hostno == 0) {
1727 arr[n++] = host_no % 3; /* Asymm access state */
1728 arr[n++] = 0x0F; /* claim: all states are supported */
1729 } else {
1730 arr[n++] = 0x0; /* Active/Optimized path */
1731 arr[n++] = 0x01; /* only support active/optimized paths */
1732 }
1733 put_unaligned_be16(port_group_a, arr + n);
1734 n += 2;
1735 arr[n++] = 0; /* Reserved */
1736 arr[n++] = 0; /* Status code */
1737 arr[n++] = 0; /* Vendor unique */
1738 arr[n++] = 0x1; /* One port per group */
1739 arr[n++] = 0; /* Reserved */
1740 arr[n++] = 0; /* Reserved */
1741 put_unaligned_be16(port_a, arr + n);
1742 n += 2;
1743 arr[n++] = 3; /* Port unavailable */
1744 arr[n++] = 0x08; /* claim: only unavailalbe paths are supported */
1745 put_unaligned_be16(port_group_b, arr + n);
1746 n += 2;
1747 arr[n++] = 0; /* Reserved */
1748 arr[n++] = 0; /* Status code */
1749 arr[n++] = 0; /* Vendor unique */
1750 arr[n++] = 0x1; /* One port per group */
1751 arr[n++] = 0; /* Reserved */
1752 arr[n++] = 0; /* Reserved */
1753 put_unaligned_be16(port_b, arr + n);
1754 n += 2;
1755
1756 rlen = n - 4;
1757 put_unaligned_be32(rlen, arr + 0);
1758
1759 /*
1760 * Return the smallest value of either
1761 * - The allocated length
1762 * - The constructed command length
1763 * - The maximum array size
1764 */
1765 rlen = min(alen,n);
1766 ret = fill_from_dev_buffer(scp, arr,
1767 min(rlen, SDEBUG_MAX_TGTPGS_ARR_SZ));
1768 kfree(arr);
1769 return ret;
1770 }
1771
1772 static int resp_rsup_opcodes(struct scsi_cmnd *scp,
1773 struct sdebug_dev_info *devip)
1774 {
1775 bool rctd;
1776 u8 reporting_opts, req_opcode, sdeb_i, supp;
1777 u16 req_sa, u;
1778 u32 alloc_len, a_len;
1779 int k, offset, len, errsts, count, bump, na;
1780 const struct opcode_info_t *oip;
1781 const struct opcode_info_t *r_oip;
1782 u8 *arr;
1783 u8 *cmd = scp->cmnd;
1784
1785 rctd = !!(cmd[2] & 0x80);
1786 reporting_opts = cmd[2] & 0x7;
1787 req_opcode = cmd[3];
1788 req_sa = get_unaligned_be16(cmd + 4);
1789 alloc_len = get_unaligned_be32(cmd + 6);
1790 if (alloc_len < 4 || alloc_len > 0xffff) {
1791 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 6, -1);
1792 return check_condition_result;
1793 }
1794 if (alloc_len > 8192)
1795 a_len = 8192;
1796 else
1797 a_len = alloc_len;
1798 arr = kzalloc((a_len < 256) ? 320 : a_len + 64, GFP_ATOMIC);
1799 if (NULL == arr) {
1800 mk_sense_buffer(scp, ILLEGAL_REQUEST, INSUFF_RES_ASC,
1801 INSUFF_RES_ASCQ);
1802 return check_condition_result;
1803 }
1804 switch (reporting_opts) {
1805 case 0: /* all commands */
1806 /* count number of commands */
1807 for (count = 0, oip = opcode_info_arr;
1808 oip->num_attached != 0xff; ++oip) {
1809 if (F_INV_OP & oip->flags)
1810 continue;
1811 count += (oip->num_attached + 1);
1812 }
1813 bump = rctd ? 20 : 8;
1814 put_unaligned_be32(count * bump, arr);
1815 for (offset = 4, oip = opcode_info_arr;
1816 oip->num_attached != 0xff && offset < a_len; ++oip) {
1817 if (F_INV_OP & oip->flags)
1818 continue;
1819 na = oip->num_attached;
1820 arr[offset] = oip->opcode;
1821 put_unaligned_be16(oip->sa, arr + offset + 2);
1822 if (rctd)
1823 arr[offset + 5] |= 0x2;
1824 if (FF_SA & oip->flags)
1825 arr[offset + 5] |= 0x1;
1826 put_unaligned_be16(oip->len_mask[0], arr + offset + 6);
1827 if (rctd)
1828 put_unaligned_be16(0xa, arr + offset + 8);
1829 r_oip = oip;
1830 for (k = 0, oip = oip->arrp; k < na; ++k, ++oip) {
1831 if (F_INV_OP & oip->flags)
1832 continue;
1833 offset += bump;
1834 arr[offset] = oip->opcode;
1835 put_unaligned_be16(oip->sa, arr + offset + 2);
1836 if (rctd)
1837 arr[offset + 5] |= 0x2;
1838 if (FF_SA & oip->flags)
1839 arr[offset + 5] |= 0x1;
1840 put_unaligned_be16(oip->len_mask[0],
1841 arr + offset + 6);
1842 if (rctd)
1843 put_unaligned_be16(0xa,
1844 arr + offset + 8);
1845 }
1846 oip = r_oip;
1847 offset += bump;
1848 }
1849 break;
1850 case 1: /* one command: opcode only */
1851 case 2: /* one command: opcode plus service action */
1852 case 3: /* one command: if sa==0 then opcode only else opcode+sa */
1853 sdeb_i = opcode_ind_arr[req_opcode];
1854 oip = &opcode_info_arr[sdeb_i];
1855 if (F_INV_OP & oip->flags) {
1856 supp = 1;
1857 offset = 4;
1858 } else {
1859 if (1 == reporting_opts) {
1860 if (FF_SA & oip->flags) {
1861 mk_sense_invalid_fld(scp, SDEB_IN_CDB,
1862 2, 2);
1863 kfree(arr);
1864 return check_condition_result;
1865 }
1866 req_sa = 0;
1867 } else if (2 == reporting_opts &&
1868 0 == (FF_SA & oip->flags)) {
1869 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 4, -1);
1870 kfree(arr); /* point at requested sa */
1871 return check_condition_result;
1872 }
1873 if (0 == (FF_SA & oip->flags) &&
1874 req_opcode == oip->opcode)
1875 supp = 3;
1876 else if (0 == (FF_SA & oip->flags)) {
1877 na = oip->num_attached;
1878 for (k = 0, oip = oip->arrp; k < na;
1879 ++k, ++oip) {
1880 if (req_opcode == oip->opcode)
1881 break;
1882 }
1883 supp = (k >= na) ? 1 : 3;
1884 } else if (req_sa != oip->sa) {
1885 na = oip->num_attached;
1886 for (k = 0, oip = oip->arrp; k < na;
1887 ++k, ++oip) {
1888 if (req_sa == oip->sa)
1889 break;
1890 }
1891 supp = (k >= na) ? 1 : 3;
1892 } else
1893 supp = 3;
1894 if (3 == supp) {
1895 u = oip->len_mask[0];
1896 put_unaligned_be16(u, arr + 2);
1897 arr[4] = oip->opcode;
1898 for (k = 1; k < u; ++k)
1899 arr[4 + k] = (k < 16) ?
1900 oip->len_mask[k] : 0xff;
1901 offset = 4 + u;
1902 } else
1903 offset = 4;
1904 }
1905 arr[1] = (rctd ? 0x80 : 0) | supp;
1906 if (rctd) {
1907 put_unaligned_be16(0xa, arr + offset);
1908 offset += 12;
1909 }
1910 break;
1911 default:
1912 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 2, 2);
1913 kfree(arr);
1914 return check_condition_result;
1915 }
1916 offset = (offset < a_len) ? offset : a_len;
1917 len = (offset < alloc_len) ? offset : alloc_len;
1918 errsts = fill_from_dev_buffer(scp, arr, len);
1919 kfree(arr);
1920 return errsts;
1921 }
1922
1923 static int resp_rsup_tmfs(struct scsi_cmnd *scp,
1924 struct sdebug_dev_info *devip)
1925 {
1926 bool repd;
1927 u32 alloc_len, len;
1928 u8 arr[16];
1929 u8 *cmd = scp->cmnd;
1930
1931 memset(arr, 0, sizeof(arr));
1932 repd = !!(cmd[2] & 0x80);
1933 alloc_len = get_unaligned_be32(cmd + 6);
1934 if (alloc_len < 4) {
1935 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 6, -1);
1936 return check_condition_result;
1937 }
1938 arr[0] = 0xc8; /* ATS | ATSS | LURS */
1939 arr[1] = 0x1; /* ITNRS */
1940 if (repd) {
1941 arr[3] = 0xc;
1942 len = 16;
1943 } else
1944 len = 4;
1945
1946 len = (len < alloc_len) ? len : alloc_len;
1947 return fill_from_dev_buffer(scp, arr, len);
1948 }
1949
1950 /* <<Following mode page info copied from ST318451LW>> */
1951
1952 static int resp_err_recov_pg(unsigned char *p, int pcontrol, int target)
1953 { /* Read-Write Error Recovery page for mode_sense */
1954 unsigned char err_recov_pg[] = {0x1, 0xa, 0xc0, 11, 240, 0, 0, 0,
1955 5, 0, 0xff, 0xff};
1956
1957 memcpy(p, err_recov_pg, sizeof(err_recov_pg));
1958 if (1 == pcontrol)
1959 memset(p + 2, 0, sizeof(err_recov_pg) - 2);
1960 return sizeof(err_recov_pg);
1961 }
1962
1963 static int resp_disconnect_pg(unsigned char *p, int pcontrol, int target)
1964 { /* Disconnect-Reconnect page for mode_sense */
1965 unsigned char disconnect_pg[] = {0x2, 0xe, 128, 128, 0, 10, 0, 0,
1966 0, 0, 0, 0, 0, 0, 0, 0};
1967
1968 memcpy(p, disconnect_pg, sizeof(disconnect_pg));
1969 if (1 == pcontrol)
1970 memset(p + 2, 0, sizeof(disconnect_pg) - 2);
1971 return sizeof(disconnect_pg);
1972 }
1973
1974 static int resp_format_pg(unsigned char *p, int pcontrol, int target)
1975 { /* Format device page for mode_sense */
1976 unsigned char format_pg[] = {0x3, 0x16, 0, 0, 0, 0, 0, 0,
1977 0, 0, 0, 0, 0, 0, 0, 0,
1978 0, 0, 0, 0, 0x40, 0, 0, 0};
1979
1980 memcpy(p, format_pg, sizeof(format_pg));
1981 put_unaligned_be16(sdebug_sectors_per, p + 10);
1982 put_unaligned_be16(sdebug_sector_size, p + 12);
1983 if (sdebug_removable)
1984 p[20] |= 0x20; /* should agree with INQUIRY */
1985 if (1 == pcontrol)
1986 memset(p + 2, 0, sizeof(format_pg) - 2);
1987 return sizeof(format_pg);
1988 }
1989
1990 static unsigned char caching_pg[] = {0x8, 18, 0x14, 0, 0xff, 0xff, 0, 0,
1991 0xff, 0xff, 0xff, 0xff, 0x80, 0x14, 0, 0,
1992 0, 0, 0, 0};
1993
1994 static int resp_caching_pg(unsigned char *p, int pcontrol, int target)
1995 { /* Caching page for mode_sense */
1996 unsigned char ch_caching_pg[] = {/* 0x8, 18, */ 0x4, 0, 0, 0, 0, 0,
1997 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0};
1998 unsigned char d_caching_pg[] = {0x8, 18, 0x14, 0, 0xff, 0xff, 0, 0,
1999 0xff, 0xff, 0xff, 0xff, 0x80, 0x14, 0, 0, 0, 0, 0, 0};
2000
2001 if (SDEBUG_OPT_N_WCE & sdebug_opts)
2002 caching_pg[2] &= ~0x4; /* set WCE=0 (default WCE=1) */
2003 memcpy(p, caching_pg, sizeof(caching_pg));
2004 if (1 == pcontrol)
2005 memcpy(p + 2, ch_caching_pg, sizeof(ch_caching_pg));
2006 else if (2 == pcontrol)
2007 memcpy(p, d_caching_pg, sizeof(d_caching_pg));
2008 return sizeof(caching_pg);
2009 }
2010
2011 static unsigned char ctrl_m_pg[] = {0xa, 10, 2, 0, 0, 0, 0, 0,
2012 0, 0, 0x2, 0x4b};
2013
2014 static int resp_ctrl_m_pg(unsigned char *p, int pcontrol, int target)
2015 { /* Control mode page for mode_sense */
2016 unsigned char ch_ctrl_m_pg[] = {/* 0xa, 10, */ 0x6, 0, 0, 0, 0, 0,
2017 0, 0, 0, 0};
2018 unsigned char d_ctrl_m_pg[] = {0xa, 10, 2, 0, 0, 0, 0, 0,
2019 0, 0, 0x2, 0x4b};
2020
2021 if (sdebug_dsense)
2022 ctrl_m_pg[2] |= 0x4;
2023 else
2024 ctrl_m_pg[2] &= ~0x4;
2025
2026 if (sdebug_ato)
2027 ctrl_m_pg[5] |= 0x80; /* ATO=1 */
2028
2029 memcpy(p, ctrl_m_pg, sizeof(ctrl_m_pg));
2030 if (1 == pcontrol)
2031 memcpy(p + 2, ch_ctrl_m_pg, sizeof(ch_ctrl_m_pg));
2032 else if (2 == pcontrol)
2033 memcpy(p, d_ctrl_m_pg, sizeof(d_ctrl_m_pg));
2034 return sizeof(ctrl_m_pg);
2035 }
2036
2037
2038 static int resp_iec_m_pg(unsigned char *p, int pcontrol, int target)
2039 { /* Informational Exceptions control mode page for mode_sense */
2040 unsigned char ch_iec_m_pg[] = {/* 0x1c, 0xa, */ 0x4, 0xf, 0, 0, 0, 0,
2041 0, 0, 0x0, 0x0};
2042 unsigned char d_iec_m_pg[] = {0x1c, 0xa, 0x08, 0, 0, 0, 0, 0,
2043 0, 0, 0x0, 0x0};
2044
2045 memcpy(p, iec_m_pg, sizeof(iec_m_pg));
2046 if (1 == pcontrol)
2047 memcpy(p + 2, ch_iec_m_pg, sizeof(ch_iec_m_pg));
2048 else if (2 == pcontrol)
2049 memcpy(p, d_iec_m_pg, sizeof(d_iec_m_pg));
2050 return sizeof(iec_m_pg);
2051 }
2052
2053 static int resp_sas_sf_m_pg(unsigned char *p, int pcontrol, int target)
2054 { /* SAS SSP mode page - short format for mode_sense */
2055 unsigned char sas_sf_m_pg[] = {0x19, 0x6,
2056 0x6, 0x0, 0x7, 0xd0, 0x0, 0x0};
2057
2058 memcpy(p, sas_sf_m_pg, sizeof(sas_sf_m_pg));
2059 if (1 == pcontrol)
2060 memset(p + 2, 0, sizeof(sas_sf_m_pg) - 2);
2061 return sizeof(sas_sf_m_pg);
2062 }
2063
2064
2065 static int resp_sas_pcd_m_spg(unsigned char *p, int pcontrol, int target,
2066 int target_dev_id)
2067 { /* SAS phy control and discover mode page for mode_sense */
2068 unsigned char sas_pcd_m_pg[] = {0x59, 0x1, 0, 0x64, 0, 0x6, 0, 2,
2069 0, 0, 0, 0, 0x10, 0x9, 0x8, 0x0,
2070 0, 0, 0, 0, 0, 0, 0, 0, /* insert SAS addr */
2071 0, 0, 0, 0, 0, 0, 0, 0, /* insert SAS addr */
2072 0x2, 0, 0, 0, 0, 0, 0, 0,
2073 0x88, 0x99, 0, 0, 0, 0, 0, 0,
2074 0, 0, 0, 0, 0, 0, 0, 0,
2075 0, 1, 0, 0, 0x10, 0x9, 0x8, 0x0,
2076 0, 0, 0, 0, 0, 0, 0, 0, /* insert SAS addr */
2077 0, 0, 0, 0, 0, 0, 0, 0, /* insert SAS addr */
2078 0x3, 0, 0, 0, 0, 0, 0, 0,
2079 0x88, 0x99, 0, 0, 0, 0, 0, 0,
2080 0, 0, 0, 0, 0, 0, 0, 0,
2081 };
2082 int port_a, port_b;
2083
2084 put_unaligned_be64(naa3_comp_a, sas_pcd_m_pg + 16);
2085 put_unaligned_be64(naa3_comp_c + 1, sas_pcd_m_pg + 24);
2086 put_unaligned_be64(naa3_comp_a, sas_pcd_m_pg + 64);
2087 put_unaligned_be64(naa3_comp_c + 1, sas_pcd_m_pg + 72);
2088 port_a = target_dev_id + 1;
2089 port_b = port_a + 1;
2090 memcpy(p, sas_pcd_m_pg, sizeof(sas_pcd_m_pg));
2091 put_unaligned_be32(port_a, p + 20);
2092 put_unaligned_be32(port_b, p + 48 + 20);
2093 if (1 == pcontrol)
2094 memset(p + 4, 0, sizeof(sas_pcd_m_pg) - 4);
2095 return sizeof(sas_pcd_m_pg);
2096 }
2097
2098 static int resp_sas_sha_m_spg(unsigned char *p, int pcontrol)
2099 { /* SAS SSP shared protocol specific port mode subpage */
2100 unsigned char sas_sha_m_pg[] = {0x59, 0x2, 0, 0xc, 0, 0x6, 0x10, 0,
2101 0, 0, 0, 0, 0, 0, 0, 0,
2102 };
2103
2104 memcpy(p, sas_sha_m_pg, sizeof(sas_sha_m_pg));
2105 if (1 == pcontrol)
2106 memset(p + 4, 0, sizeof(sas_sha_m_pg) - 4);
2107 return sizeof(sas_sha_m_pg);
2108 }
2109
2110 #define SDEBUG_MAX_MSENSE_SZ 256
2111
2112 static int resp_mode_sense(struct scsi_cmnd *scp,
2113 struct sdebug_dev_info *devip)
2114 {
2115 int pcontrol, pcode, subpcode, bd_len;
2116 unsigned char dev_spec;
2117 int alloc_len, offset, len, target_dev_id;
2118 int target = scp->device->id;
2119 unsigned char *ap;
2120 unsigned char arr[SDEBUG_MAX_MSENSE_SZ];
2121 unsigned char *cmd = scp->cmnd;
2122 bool dbd, llbaa, msense_6, is_disk, bad_pcode;
2123
2124 dbd = !!(cmd[1] & 0x8); /* disable block descriptors */
2125 pcontrol = (cmd[2] & 0xc0) >> 6;
2126 pcode = cmd[2] & 0x3f;
2127 subpcode = cmd[3];
2128 msense_6 = (MODE_SENSE == cmd[0]);
2129 llbaa = msense_6 ? false : !!(cmd[1] & 0x10);
2130 is_disk = (sdebug_ptype == TYPE_DISK);
2131 if (is_disk && !dbd)
2132 bd_len = llbaa ? 16 : 8;
2133 else
2134 bd_len = 0;
2135 alloc_len = msense_6 ? cmd[4] : get_unaligned_be16(cmd + 7);
2136 memset(arr, 0, SDEBUG_MAX_MSENSE_SZ);
2137 if (0x3 == pcontrol) { /* Saving values not supported */
2138 mk_sense_buffer(scp, ILLEGAL_REQUEST, SAVING_PARAMS_UNSUP, 0);
2139 return check_condition_result;
2140 }
2141 target_dev_id = ((devip->sdbg_host->shost->host_no + 1) * 2000) +
2142 (devip->target * 1000) - 3;
2143 /* for disks set DPOFUA bit and clear write protect (WP) bit */
2144 if (is_disk) {
2145 dev_spec = 0x10; /* =0x90 if WP=1 implies read-only */
2146 if (sdebug_wp)
2147 dev_spec |= 0x80;
2148 } else
2149 dev_spec = 0x0;
2150 if (msense_6) {
2151 arr[2] = dev_spec;
2152 arr[3] = bd_len;
2153 offset = 4;
2154 } else {
2155 arr[3] = dev_spec;
2156 if (16 == bd_len)
2157 arr[4] = 0x1; /* set LONGLBA bit */
2158 arr[7] = bd_len; /* assume 255 or less */
2159 offset = 8;
2160 }
2161 ap = arr + offset;
2162 if ((bd_len > 0) && (!sdebug_capacity))
2163 sdebug_capacity = get_sdebug_capacity();
2164
2165 if (8 == bd_len) {
2166 if (sdebug_capacity > 0xfffffffe)
2167 put_unaligned_be32(0xffffffff, ap + 0);
2168 else
2169 put_unaligned_be32(sdebug_capacity, ap + 0);
2170 put_unaligned_be16(sdebug_sector_size, ap + 6);
2171 offset += bd_len;
2172 ap = arr + offset;
2173 } else if (16 == bd_len) {
2174 put_unaligned_be64((u64)sdebug_capacity, ap + 0);
2175 put_unaligned_be32(sdebug_sector_size, ap + 12);
2176 offset += bd_len;
2177 ap = arr + offset;
2178 }
2179
2180 if ((subpcode > 0x0) && (subpcode < 0xff) && (0x19 != pcode)) {
2181 /* TODO: Control Extension page */
2182 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 3, -1);
2183 return check_condition_result;
2184 }
2185 bad_pcode = false;
2186
2187 switch (pcode) {
2188 case 0x1: /* Read-Write error recovery page, direct access */
2189 len = resp_err_recov_pg(ap, pcontrol, target);
2190 offset += len;
2191 break;
2192 case 0x2: /* Disconnect-Reconnect page, all devices */
2193 len = resp_disconnect_pg(ap, pcontrol, target);
2194 offset += len;
2195 break;
2196 case 0x3: /* Format device page, direct access */
2197 if (is_disk) {
2198 len = resp_format_pg(ap, pcontrol, target);
2199 offset += len;
2200 } else
2201 bad_pcode = true;
2202 break;
2203 case 0x8: /* Caching page, direct access */
2204 if (is_disk) {
2205 len = resp_caching_pg(ap, pcontrol, target);
2206 offset += len;
2207 } else
2208 bad_pcode = true;
2209 break;
2210 case 0xa: /* Control Mode page, all devices */
2211 len = resp_ctrl_m_pg(ap, pcontrol, target);
2212 offset += len;
2213 break;
2214 case 0x19: /* if spc==1 then sas phy, control+discover */
2215 if ((subpcode > 0x2) && (subpcode < 0xff)) {
2216 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 3, -1);
2217 return check_condition_result;
2218 }
2219 len = 0;
2220 if ((0x0 == subpcode) || (0xff == subpcode))
2221 len += resp_sas_sf_m_pg(ap + len, pcontrol, target);
2222 if ((0x1 == subpcode) || (0xff == subpcode))
2223 len += resp_sas_pcd_m_spg(ap + len, pcontrol, target,
2224 target_dev_id);
2225 if ((0x2 == subpcode) || (0xff == subpcode))
2226 len += resp_sas_sha_m_spg(ap + len, pcontrol);
2227 offset += len;
2228 break;
2229 case 0x1c: /* Informational Exceptions Mode page, all devices */
2230 len = resp_iec_m_pg(ap, pcontrol, target);
2231 offset += len;
2232 break;
2233 case 0x3f: /* Read all Mode pages */
2234 if ((0 == subpcode) || (0xff == subpcode)) {
2235 len = resp_err_recov_pg(ap, pcontrol, target);
2236 len += resp_disconnect_pg(ap + len, pcontrol, target);
2237 if (is_disk) {
2238 len += resp_format_pg(ap + len, pcontrol,
2239 target);
2240 len += resp_caching_pg(ap + len, pcontrol,
2241 target);
2242 }
2243 len += resp_ctrl_m_pg(ap + len, pcontrol, target);
2244 len += resp_sas_sf_m_pg(ap + len, pcontrol, target);
2245 if (0xff == subpcode) {
2246 len += resp_sas_pcd_m_spg(ap + len, pcontrol,
2247 target, target_dev_id);
2248 len += resp_sas_sha_m_spg(ap + len, pcontrol);
2249 }
2250 len += resp_iec_m_pg(ap + len, pcontrol, target);
2251 offset += len;
2252 } else {
2253 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 3, -1);
2254 return check_condition_result;
2255 }
2256 break;
2257 default:
2258 bad_pcode = true;
2259 break;
2260 }
2261 if (bad_pcode) {
2262 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 2, 5);
2263 return check_condition_result;
2264 }
2265 if (msense_6)
2266 arr[0] = offset - 1;
2267 else
2268 put_unaligned_be16((offset - 2), arr + 0);
2269 return fill_from_dev_buffer(scp, arr, min(alloc_len, offset));
2270 }
2271
2272 #define SDEBUG_MAX_MSELECT_SZ 512
2273
2274 static int resp_mode_select(struct scsi_cmnd *scp,
2275 struct sdebug_dev_info *devip)
2276 {
2277 int pf, sp, ps, md_len, bd_len, off, spf, pg_len;
2278 int param_len, res, mpage;
2279 unsigned char arr[SDEBUG_MAX_MSELECT_SZ];
2280 unsigned char *cmd = scp->cmnd;
2281 int mselect6 = (MODE_SELECT == cmd[0]);
2282
2283 memset(arr, 0, sizeof(arr));
2284 pf = cmd[1] & 0x10;
2285 sp = cmd[1] & 0x1;
2286 param_len = mselect6 ? cmd[4] : get_unaligned_be16(cmd + 7);
2287 if ((0 == pf) || sp || (param_len > SDEBUG_MAX_MSELECT_SZ)) {
2288 mk_sense_invalid_fld(scp, SDEB_IN_CDB, mselect6 ? 4 : 7, -1);
2289 return check_condition_result;
2290 }
2291 res = fetch_to_dev_buffer(scp, arr, param_len);
2292 if (-1 == res)
2293 return DID_ERROR << 16;
2294 else if (sdebug_verbose && (res < param_len))
2295 sdev_printk(KERN_INFO, scp->device,
2296 "%s: cdb indicated=%d, IO sent=%d bytes\n",
2297 __func__, param_len, res);
2298 md_len = mselect6 ? (arr[0] + 1) : (get_unaligned_be16(arr + 0) + 2);
2299 bd_len = mselect6 ? arr[3] : get_unaligned_be16(arr + 6);
2300 if (md_len > 2) {
2301 mk_sense_invalid_fld(scp, SDEB_IN_DATA, 0, -1);
2302 return check_condition_result;
2303 }
2304 off = bd_len + (mselect6 ? 4 : 8);
2305 mpage = arr[off] & 0x3f;
2306 ps = !!(arr[off] & 0x80);
2307 if (ps) {
2308 mk_sense_invalid_fld(scp, SDEB_IN_DATA, off, 7);
2309 return check_condition_result;
2310 }
2311 spf = !!(arr[off] & 0x40);
2312 pg_len = spf ? (get_unaligned_be16(arr + off + 2) + 4) :
2313 (arr[off + 1] + 2);
2314 if ((pg_len + off) > param_len) {
2315 mk_sense_buffer(scp, ILLEGAL_REQUEST,
2316 PARAMETER_LIST_LENGTH_ERR, 0);
2317 return check_condition_result;
2318 }
2319 switch (mpage) {
2320 case 0x8: /* Caching Mode page */
2321 if (caching_pg[1] == arr[off + 1]) {
2322 memcpy(caching_pg + 2, arr + off + 2,
2323 sizeof(caching_pg) - 2);
2324 goto set_mode_changed_ua;
2325 }
2326 break;
2327 case 0xa: /* Control Mode page */
2328 if (ctrl_m_pg[1] == arr[off + 1]) {
2329 memcpy(ctrl_m_pg + 2, arr + off + 2,
2330 sizeof(ctrl_m_pg) - 2);
2331 if (ctrl_m_pg[4] & 0x8)
2332 sdebug_wp = true;
2333 else
2334 sdebug_wp = false;
2335 sdebug_dsense = !!(ctrl_m_pg[2] & 0x4);
2336 goto set_mode_changed_ua;
2337 }
2338 break;
2339 case 0x1c: /* Informational Exceptions Mode page */
2340 if (iec_m_pg[1] == arr[off + 1]) {
2341 memcpy(iec_m_pg + 2, arr + off + 2,
2342 sizeof(iec_m_pg) - 2);
2343 goto set_mode_changed_ua;
2344 }
2345 break;
2346 default:
2347 break;
2348 }
2349 mk_sense_invalid_fld(scp, SDEB_IN_DATA, off, 5);
2350 return check_condition_result;
2351 set_mode_changed_ua:
2352 set_bit(SDEBUG_UA_MODE_CHANGED, devip->uas_bm);
2353 return 0;
2354 }
2355
2356 static int resp_temp_l_pg(unsigned char *arr)
2357 {
2358 unsigned char temp_l_pg[] = {0x0, 0x0, 0x3, 0x2, 0x0, 38,
2359 0x0, 0x1, 0x3, 0x2, 0x0, 65,
2360 };
2361
2362 memcpy(arr, temp_l_pg, sizeof(temp_l_pg));
2363 return sizeof(temp_l_pg);
2364 }
2365
2366 static int resp_ie_l_pg(unsigned char *arr)
2367 {
2368 unsigned char ie_l_pg[] = {0x0, 0x0, 0x3, 0x3, 0x0, 0x0, 38,
2369 };
2370
2371 memcpy(arr, ie_l_pg, sizeof(ie_l_pg));
2372 if (iec_m_pg[2] & 0x4) { /* TEST bit set */
2373 arr[4] = THRESHOLD_EXCEEDED;
2374 arr[5] = 0xff;
2375 }
2376 return sizeof(ie_l_pg);
2377 }
2378
2379 #define SDEBUG_MAX_LSENSE_SZ 512
2380
2381 static int resp_log_sense(struct scsi_cmnd *scp,
2382 struct sdebug_dev_info *devip)
2383 {
2384 int ppc, sp, pcode, subpcode, alloc_len, len, n;
2385 unsigned char arr[SDEBUG_MAX_LSENSE_SZ];
2386 unsigned char *cmd = scp->cmnd;
2387
2388 memset(arr, 0, sizeof(arr));
2389 ppc = cmd[1] & 0x2;
2390 sp = cmd[1] & 0x1;
2391 if (ppc || sp) {
2392 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 1, ppc ? 1 : 0);
2393 return check_condition_result;
2394 }
2395 pcode = cmd[2] & 0x3f;
2396 subpcode = cmd[3] & 0xff;
2397 alloc_len = get_unaligned_be16(cmd + 7);
2398 arr[0] = pcode;
2399 if (0 == subpcode) {
2400 switch (pcode) {
2401 case 0x0: /* Supported log pages log page */
2402 n = 4;
2403 arr[n++] = 0x0; /* this page */
2404 arr[n++] = 0xd; /* Temperature */
2405 arr[n++] = 0x2f; /* Informational exceptions */
2406 arr[3] = n - 4;
2407 break;
2408 case 0xd: /* Temperature log page */
2409 arr[3] = resp_temp_l_pg(arr + 4);
2410 break;
2411 case 0x2f: /* Informational exceptions log page */
2412 arr[3] = resp_ie_l_pg(arr + 4);
2413 break;
2414 default:
2415 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 2, 5);
2416 return check_condition_result;
2417 }
2418 } else if (0xff == subpcode) {
2419 arr[0] |= 0x40;
2420 arr[1] = subpcode;
2421 switch (pcode) {
2422 case 0x0: /* Supported log pages and subpages log page */
2423 n = 4;
2424 arr[n++] = 0x0;
2425 arr[n++] = 0x0; /* 0,0 page */
2426 arr[n++] = 0x0;
2427 arr[n++] = 0xff; /* this page */
2428 arr[n++] = 0xd;
2429 arr[n++] = 0x0; /* Temperature */
2430 arr[n++] = 0x2f;
2431 arr[n++] = 0x0; /* Informational exceptions */
2432 arr[3] = n - 4;
2433 break;
2434 case 0xd: /* Temperature subpages */
2435 n = 4;
2436 arr[n++] = 0xd;
2437 arr[n++] = 0x0; /* Temperature */
2438 arr[3] = n - 4;
2439 break;
2440 case 0x2f: /* Informational exceptions subpages */
2441 n = 4;
2442 arr[n++] = 0x2f;
2443 arr[n++] = 0x0; /* Informational exceptions */
2444 arr[3] = n - 4;
2445 break;
2446 default:
2447 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 2, 5);
2448 return check_condition_result;
2449 }
2450 } else {
2451 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 3, -1);
2452 return check_condition_result;
2453 }
2454 len = min(get_unaligned_be16(arr + 2) + 4, alloc_len);
2455 return fill_from_dev_buffer(scp, arr,
2456 min(len, SDEBUG_MAX_INQ_ARR_SZ));
2457 }
2458
2459 static inline int check_device_access_params(struct scsi_cmnd *scp,
2460 unsigned long long lba, unsigned int num, bool write)
2461 {
2462 if (lba + num > sdebug_capacity) {
2463 mk_sense_buffer(scp, ILLEGAL_REQUEST, LBA_OUT_OF_RANGE, 0);
2464 return check_condition_result;
2465 }
2466 /* transfer length excessive (tie in to block limits VPD page) */
2467 if (num > sdebug_store_sectors) {
2468 /* needs work to find which cdb byte 'num' comes from */
2469 mk_sense_buffer(scp, ILLEGAL_REQUEST, INVALID_FIELD_IN_CDB, 0);
2470 return check_condition_result;
2471 }
2472 if (write && unlikely(sdebug_wp)) {
2473 mk_sense_buffer(scp, DATA_PROTECT, WRITE_PROTECTED, 0x2);
2474 return check_condition_result;
2475 }
2476 return 0;
2477 }
2478
2479 /* Returns number of bytes copied or -1 if error. */
2480 static int do_device_access(struct scsi_cmnd *scmd, u32 sg_skip, u64 lba,
2481 u32 num, bool do_write)
2482 {
2483 int ret;
2484 u64 block, rest = 0;
2485 struct scsi_data_buffer *sdb = &scmd->sdb;
2486 enum dma_data_direction dir;
2487
2488 if (do_write) {
2489 dir = DMA_TO_DEVICE;
2490 write_since_sync = true;
2491 } else {
2492 dir = DMA_FROM_DEVICE;
2493 }
2494
2495 if (!sdb->length)
2496 return 0;
2497 if (scmd->sc_data_direction != dir)
2498 return -1;
2499
2500 block = do_div(lba, sdebug_store_sectors);
2501 if (block + num > sdebug_store_sectors)
2502 rest = block + num - sdebug_store_sectors;
2503
2504 ret = sg_copy_buffer(sdb->table.sgl, sdb->table.nents,
2505 fake_storep + (block * sdebug_sector_size),
2506 (num - rest) * sdebug_sector_size, sg_skip, do_write);
2507 if (ret != (num - rest) * sdebug_sector_size)
2508 return ret;
2509
2510 if (rest) {
2511 ret += sg_copy_buffer(sdb->table.sgl, sdb->table.nents,
2512 fake_storep, rest * sdebug_sector_size,
2513 sg_skip + ((num - rest) * sdebug_sector_size),
2514 do_write);
2515 }
2516
2517 return ret;
2518 }
2519
2520 /* If lba2fake_store(lba,num) compares equal to arr(num), then copy top half of
2521 * arr into lba2fake_store(lba,num) and return true. If comparison fails then
2522 * return false. */
2523 static bool comp_write_worker(u64 lba, u32 num, const u8 *arr)
2524 {
2525 bool res;
2526 u64 block, rest = 0;
2527 u32 store_blks = sdebug_store_sectors;
2528 u32 lb_size = sdebug_sector_size;
2529
2530 block = do_div(lba, store_blks);
2531 if (block + num > store_blks)
2532 rest = block + num - store_blks;
2533
2534 res = !memcmp(fake_storep + (block * lb_size), arr,
2535 (num - rest) * lb_size);
2536 if (!res)
2537 return res;
2538 if (rest)
2539 res = memcmp(fake_storep, arr + ((num - rest) * lb_size),
2540 rest * lb_size);
2541 if (!res)
2542 return res;
2543 arr += num * lb_size;
2544 memcpy(fake_storep + (block * lb_size), arr, (num - rest) * lb_size);
2545 if (rest)
2546 memcpy(fake_storep, arr + ((num - rest) * lb_size),
2547 rest * lb_size);
2548 return res;
2549 }
2550
2551 static __be16 dif_compute_csum(const void *buf, int len)
2552 {
2553 __be16 csum;
2554
2555 if (sdebug_guard)
2556 csum = (__force __be16)ip_compute_csum(buf, len);
2557 else
2558 csum = cpu_to_be16(crc_t10dif(buf, len));
2559
2560 return csum;
2561 }
2562
2563 static int dif_verify(struct t10_pi_tuple *sdt, const void *data,
2564 sector_t sector, u32 ei_lba)
2565 {
2566 __be16 csum = dif_compute_csum(data, sdebug_sector_size);
2567
2568 if (sdt->guard_tag != csum) {
2569 pr_err("GUARD check failed on sector %lu rcvd 0x%04x, data 0x%04x\n",
2570 (unsigned long)sector,
2571 be16_to_cpu(sdt->guard_tag),
2572 be16_to_cpu(csum));
2573 return 0x01;
2574 }
2575 if (sdebug_dif == T10_PI_TYPE1_PROTECTION &&
2576 be32_to_cpu(sdt->ref_tag) != (sector & 0xffffffff)) {
2577 pr_err("REF check failed on sector %lu\n",
2578 (unsigned long)sector);
2579 return 0x03;
2580 }
2581 if (sdebug_dif == T10_PI_TYPE2_PROTECTION &&
2582 be32_to_cpu(sdt->ref_tag) != ei_lba) {
2583 pr_err("REF check failed on sector %lu\n",
2584 (unsigned long)sector);
2585 return 0x03;
2586 }
2587 return 0;
2588 }
2589
2590 static void dif_copy_prot(struct scsi_cmnd *SCpnt, sector_t sector,
2591 unsigned int sectors, bool read)
2592 {
2593 size_t resid;
2594 void *paddr;
2595 const void *dif_store_end = dif_storep + sdebug_store_sectors;
2596 struct sg_mapping_iter miter;
2597
2598 /* Bytes of protection data to copy into sgl */
2599 resid = sectors * sizeof(*dif_storep);
2600
2601 sg_miter_start(&miter, scsi_prot_sglist(SCpnt),
2602 scsi_prot_sg_count(SCpnt), SG_MITER_ATOMIC |
2603 (read ? SG_MITER_TO_SG : SG_MITER_FROM_SG));
2604
2605 while (sg_miter_next(&miter) && resid > 0) {
2606 size_t len = min(miter.length, resid);
2607 void *start = dif_store(sector);
2608 size_t rest = 0;
2609
2610 if (dif_store_end < start + len)
2611 rest = start + len - dif_store_end;
2612
2613 paddr = miter.addr;
2614
2615 if (read)
2616 memcpy(paddr, start, len - rest);
2617 else
2618 memcpy(start, paddr, len - rest);
2619
2620 if (rest) {
2621 if (read)
2622 memcpy(paddr + len - rest, dif_storep, rest);
2623 else
2624 memcpy(dif_storep, paddr + len - rest, rest);
2625 }
2626
2627 sector += len / sizeof(*dif_storep);
2628 resid -= len;
2629 }
2630 sg_miter_stop(&miter);
2631 }
2632
2633 static int prot_verify_read(struct scsi_cmnd *SCpnt, sector_t start_sec,
2634 unsigned int sectors, u32 ei_lba)
2635 {
2636 unsigned int i;
2637 struct t10_pi_tuple *sdt;
2638 sector_t sector;
2639
2640 for (i = 0; i < sectors; i++, ei_lba++) {
2641 int ret;
2642
2643 sector = start_sec + i;
2644 sdt = dif_store(sector);
2645
2646 if (sdt->app_tag == cpu_to_be16(0xffff))
2647 continue;
2648
2649 ret = dif_verify(sdt, lba2fake_store(sector), sector, ei_lba);
2650 if (ret) {
2651 dif_errors++;
2652 return ret;
2653 }
2654 }
2655
2656 dif_copy_prot(SCpnt, start_sec, sectors, true);
2657 dix_reads++;
2658
2659 return 0;
2660 }
2661
2662 static int resp_read_dt0(struct scsi_cmnd *scp, struct sdebug_dev_info *devip)
2663 {
2664 u8 *cmd = scp->cmnd;
2665 struct sdebug_queued_cmd *sqcp;
2666 u64 lba;
2667 u32 num;
2668 u32 ei_lba;
2669 unsigned long iflags;
2670 int ret;
2671 bool check_prot;
2672
2673 switch (cmd[0]) {
2674 case READ_16:
2675 ei_lba = 0;
2676 lba = get_unaligned_be64(cmd + 2);
2677 num = get_unaligned_be32(cmd + 10);
2678 check_prot = true;
2679 break;
2680 case READ_10:
2681 ei_lba = 0;
2682 lba = get_unaligned_be32(cmd + 2);
2683 num = get_unaligned_be16(cmd + 7);
2684 check_prot = true;
2685 break;
2686 case READ_6:
2687 ei_lba = 0;
2688 lba = (u32)cmd[3] | (u32)cmd[2] << 8 |
2689 (u32)(cmd[1] & 0x1f) << 16;
2690 num = (0 == cmd[4]) ? 256 : cmd[4];
2691 check_prot = true;
2692 break;
2693 case READ_12:
2694 ei_lba = 0;
2695 lba = get_unaligned_be32(cmd + 2);
2696 num = get_unaligned_be32(cmd + 6);
2697 check_prot = true;
2698 break;
2699 case XDWRITEREAD_10:
2700 ei_lba = 0;
2701 lba = get_unaligned_be32(cmd + 2);
2702 num = get_unaligned_be16(cmd + 7);
2703 check_prot = false;
2704 break;
2705 default: /* assume READ(32) */
2706 lba = get_unaligned_be64(cmd + 12);
2707 ei_lba = get_unaligned_be32(cmd + 20);
2708 num = get_unaligned_be32(cmd + 28);
2709 check_prot = false;
2710 break;
2711 }
2712 if (unlikely(have_dif_prot && check_prot)) {
2713 if (sdebug_dif == T10_PI_TYPE2_PROTECTION &&
2714 (cmd[1] & 0xe0)) {
2715 mk_sense_invalid_opcode(scp);
2716 return check_condition_result;
2717 }
2718 if ((sdebug_dif == T10_PI_TYPE1_PROTECTION ||
2719 sdebug_dif == T10_PI_TYPE3_PROTECTION) &&
2720 (cmd[1] & 0xe0) == 0)
2721 sdev_printk(KERN_ERR, scp->device, "Unprotected RD "
2722 "to DIF device\n");
2723 }
2724 if (unlikely(sdebug_any_injecting_opt)) {
2725 sqcp = (struct sdebug_queued_cmd *)scp->host_scribble;
2726
2727 if (sqcp) {
2728 if (sqcp->inj_short)
2729 num /= 2;
2730 }
2731 } else
2732 sqcp = NULL;
2733
2734 ret = check_device_access_params(scp, lba, num, false);
2735 if (ret)
2736 return ret;
2737 if (unlikely((SDEBUG_OPT_MEDIUM_ERR & sdebug_opts) &&
2738 (lba <= (sdebug_medium_error_start + sdebug_medium_error_count - 1)) &&
2739 ((lba + num) > sdebug_medium_error_start))) {
2740 /* claim unrecoverable read error */
2741 mk_sense_buffer(scp, MEDIUM_ERROR, UNRECOVERED_READ_ERR, 0);
2742 /* set info field and valid bit for fixed descriptor */
2743 if (0x70 == (scp->sense_buffer[0] & 0x7f)) {
2744 scp->sense_buffer[0] |= 0x80; /* Valid bit */
2745 ret = (lba < OPT_MEDIUM_ERR_ADDR)
2746 ? OPT_MEDIUM_ERR_ADDR : (int)lba;
2747 put_unaligned_be32(ret, scp->sense_buffer + 3);
2748 }
2749 scsi_set_resid(scp, scsi_bufflen(scp));
2750 return check_condition_result;
2751 }
2752
2753 read_lock_irqsave(&atomic_rw, iflags);
2754
2755 /* DIX + T10 DIF */
2756 if (unlikely(sdebug_dix && scsi_prot_sg_count(scp))) {
2757 int prot_ret = prot_verify_read(scp, lba, num, ei_lba);
2758
2759 if (prot_ret) {
2760 read_unlock_irqrestore(&atomic_rw, iflags);
2761 mk_sense_buffer(scp, ABORTED_COMMAND, 0x10, prot_ret);
2762 return illegal_condition_result;
2763 }
2764 }
2765
2766 ret = do_device_access(scp, 0, lba, num, false);
2767 read_unlock_irqrestore(&atomic_rw, iflags);
2768 if (unlikely(ret == -1))
2769 return DID_ERROR << 16;
2770
2771 scsi_set_resid(scp, scsi_bufflen(scp) - ret);
2772
2773 if (unlikely(sqcp)) {
2774 if (sqcp->inj_recovered) {
2775 mk_sense_buffer(scp, RECOVERED_ERROR,
2776 THRESHOLD_EXCEEDED, 0);
2777 return check_condition_result;
2778 } else if (sqcp->inj_transport) {
2779 mk_sense_buffer(scp, ABORTED_COMMAND,
2780 TRANSPORT_PROBLEM, ACK_NAK_TO);
2781 return check_condition_result;
2782 } else if (sqcp->inj_dif) {
2783 /* Logical block guard check failed */
2784 mk_sense_buffer(scp, ABORTED_COMMAND, 0x10, 1);
2785 return illegal_condition_result;
2786 } else if (sqcp->inj_dix) {
2787 mk_sense_buffer(scp, ILLEGAL_REQUEST, 0x10, 1);
2788 return illegal_condition_result;
2789 }
2790 }
2791 return 0;
2792 }
2793
2794 static void dump_sector(unsigned char *buf, int len)
2795 {
2796 int i, j, n;
2797
2798 pr_err(">>> Sector Dump <<<\n");
2799 for (i = 0 ; i < len ; i += 16) {
2800 char b[128];
2801
2802 for (j = 0, n = 0; j < 16; j++) {
2803 unsigned char c = buf[i+j];
2804
2805 if (c >= 0x20 && c < 0x7e)
2806 n += scnprintf(b + n, sizeof(b) - n,
2807 " %c ", buf[i+j]);
2808 else
2809 n += scnprintf(b + n, sizeof(b) - n,
2810 "%02x ", buf[i+j]);
2811 }
2812 pr_err("%04d: %s\n", i, b);
2813 }
2814 }
2815
2816 static int prot_verify_write(struct scsi_cmnd *SCpnt, sector_t start_sec,
2817 unsigned int sectors, u32 ei_lba)
2818 {
2819 int ret;
2820 struct t10_pi_tuple *sdt;
2821 void *daddr;
2822 sector_t sector = start_sec;
2823 int ppage_offset;
2824 int dpage_offset;
2825 struct sg_mapping_iter diter;
2826 struct sg_mapping_iter piter;
2827
2828 BUG_ON(scsi_sg_count(SCpnt) == 0);
2829 BUG_ON(scsi_prot_sg_count(SCpnt) == 0);
2830
2831 sg_miter_start(&piter, scsi_prot_sglist(SCpnt),
2832 scsi_prot_sg_count(SCpnt),
2833 SG_MITER_ATOMIC | SG_MITER_FROM_SG);
2834 sg_miter_start(&diter, scsi_sglist(SCpnt), scsi_sg_count(SCpnt),
2835 SG_MITER_ATOMIC | SG_MITER_FROM_SG);
2836
2837 /* For each protection page */
2838 while (sg_miter_next(&piter)) {
2839 dpage_offset = 0;
2840 if (WARN_ON(!sg_miter_next(&diter))) {
2841 ret = 0x01;
2842 goto out;
2843 }
2844
2845 for (ppage_offset = 0; ppage_offset < piter.length;
2846 ppage_offset += sizeof(struct t10_pi_tuple)) {
2847 /* If we're at the end of the current
2848 * data page advance to the next one
2849 */
2850 if (dpage_offset >= diter.length) {
2851 if (WARN_ON(!sg_miter_next(&diter))) {
2852 ret = 0x01;
2853 goto out;
2854 }
2855 dpage_offset = 0;
2856 }
2857
2858 sdt = piter.addr + ppage_offset;
2859 daddr = diter.addr + dpage_offset;
2860
2861 ret = dif_verify(sdt, daddr, sector, ei_lba);
2862 if (ret) {
2863 dump_sector(daddr, sdebug_sector_size);
2864 goto out;
2865 }
2866
2867 sector++;
2868 ei_lba++;
2869 dpage_offset += sdebug_sector_size;
2870 }
2871 diter.consumed = dpage_offset;
2872 sg_miter_stop(&diter);
2873 }
2874 sg_miter_stop(&piter);
2875
2876 dif_copy_prot(SCpnt, start_sec, sectors, false);
2877 dix_writes++;
2878
2879 return 0;
2880
2881 out:
2882 dif_errors++;
2883 sg_miter_stop(&diter);
2884 sg_miter_stop(&piter);
2885 return ret;
2886 }
2887
2888 static unsigned long lba_to_map_index(sector_t lba)
2889 {
2890 if (sdebug_unmap_alignment)
2891 lba += sdebug_unmap_granularity - sdebug_unmap_alignment;
2892 sector_div(lba, sdebug_unmap_granularity);
2893 return lba;
2894 }
2895
2896 static sector_t map_index_to_lba(unsigned long index)
2897 {
2898 sector_t lba = index * sdebug_unmap_granularity;
2899
2900 if (sdebug_unmap_alignment)
2901 lba -= sdebug_unmap_granularity - sdebug_unmap_alignment;
2902 return lba;
2903 }
2904
2905 static unsigned int map_state(sector_t lba, unsigned int *num)
2906 {
2907 sector_t end;
2908 unsigned int mapped;
2909 unsigned long index;
2910 unsigned long next;
2911
2912 index = lba_to_map_index(lba);
2913 mapped = test_bit(index, map_storep);
2914
2915 if (mapped)
2916 next = find_next_zero_bit(map_storep, map_size, index);
2917 else
2918 next = find_next_bit(map_storep, map_size, index);
2919
2920 end = min_t(sector_t, sdebug_store_sectors, map_index_to_lba(next));
2921 *num = end - lba;
2922 return mapped;
2923 }
2924
2925 static void map_region(sector_t lba, unsigned int len)
2926 {
2927 sector_t end = lba + len;
2928
2929 while (lba < end) {
2930 unsigned long index = lba_to_map_index(lba);
2931
2932 if (index < map_size)
2933 set_bit(index, map_storep);
2934
2935 lba = map_index_to_lba(index + 1);
2936 }
2937 }
2938
2939 static void unmap_region(sector_t lba, unsigned int len)
2940 {
2941 sector_t end = lba + len;
2942
2943 while (lba < end) {
2944 unsigned long index = lba_to_map_index(lba);
2945
2946 if (lba == map_index_to_lba(index) &&
2947 lba + sdebug_unmap_granularity <= end &&
2948 index < map_size) {
2949 clear_bit(index, map_storep);
2950 if (sdebug_lbprz) { /* for LBPRZ=2 return 0xff_s */
2951 memset(fake_storep +
2952 lba * sdebug_sector_size,
2953 (sdebug_lbprz & 1) ? 0 : 0xff,
2954 sdebug_sector_size *
2955 sdebug_unmap_granularity);
2956 }
2957 if (dif_storep) {
2958 memset(dif_storep + lba, 0xff,
2959 sizeof(*dif_storep) *
2960 sdebug_unmap_granularity);
2961 }
2962 }
2963 lba = map_index_to_lba(index + 1);
2964 }
2965 }
2966
2967 static int resp_write_dt0(struct scsi_cmnd *scp, struct sdebug_dev_info *devip)
2968 {
2969 u8 *cmd = scp->cmnd;
2970 u64 lba;
2971 u32 num;
2972 u32 ei_lba;
2973 unsigned long iflags;
2974 int ret;
2975 bool check_prot;
2976
2977 switch (cmd[0]) {
2978 case WRITE_16:
2979 ei_lba = 0;
2980 lba = get_unaligned_be64(cmd + 2);
2981 num = get_unaligned_be32(cmd + 10);
2982 check_prot = true;
2983 break;
2984 case WRITE_10:
2985 ei_lba = 0;
2986 lba = get_unaligned_be32(cmd + 2);
2987 num = get_unaligned_be16(cmd + 7);
2988 check_prot = true;
2989 break;
2990 case WRITE_6:
2991 ei_lba = 0;
2992 lba = (u32)cmd[3] | (u32)cmd[2] << 8 |
2993 (u32)(cmd[1] & 0x1f) << 16;
2994 num = (0 == cmd[4]) ? 256 : cmd[4];
2995 check_prot = true;
2996 break;
2997 case WRITE_12:
2998 ei_lba = 0;
2999 lba = get_unaligned_be32(cmd + 2);
3000 num = get_unaligned_be32(cmd + 6);
3001 check_prot = true;
3002 break;
3003 case 0x53: /* XDWRITEREAD(10) */
3004 ei_lba = 0;
3005 lba = get_unaligned_be32(cmd + 2);
3006 num = get_unaligned_be16(cmd + 7);
3007 check_prot = false;
3008 break;
3009 default: /* assume WRITE(32) */
3010 lba = get_unaligned_be64(cmd + 12);
3011 ei_lba = get_unaligned_be32(cmd + 20);
3012 num = get_unaligned_be32(cmd + 28);
3013 check_prot = false;
3014 break;
3015 }
3016 if (unlikely(have_dif_prot && check_prot)) {
3017 if (sdebug_dif == T10_PI_TYPE2_PROTECTION &&
3018 (cmd[1] & 0xe0)) {
3019 mk_sense_invalid_opcode(scp);
3020 return check_condition_result;
3021 }
3022 if ((sdebug_dif == T10_PI_TYPE1_PROTECTION ||
3023 sdebug_dif == T10_PI_TYPE3_PROTECTION) &&
3024 (cmd[1] & 0xe0) == 0)
3025 sdev_printk(KERN_ERR, scp->device, "Unprotected WR "
3026 "to DIF device\n");
3027 }
3028 ret = check_device_access_params(scp, lba, num, true);
3029 if (ret)
3030 return ret;
3031 write_lock_irqsave(&atomic_rw, iflags);
3032
3033 /* DIX + T10 DIF */
3034 if (unlikely(sdebug_dix && scsi_prot_sg_count(scp))) {
3035 int prot_ret = prot_verify_write(scp, lba, num, ei_lba);
3036
3037 if (prot_ret) {
3038 write_unlock_irqrestore(&atomic_rw, iflags);
3039 mk_sense_buffer(scp, ILLEGAL_REQUEST, 0x10, prot_ret);
3040 return illegal_condition_result;
3041 }
3042 }
3043
3044 ret = do_device_access(scp, 0, lba, num, true);
3045 if (unlikely(scsi_debug_lbp()))
3046 map_region(lba, num);
3047 write_unlock_irqrestore(&atomic_rw, iflags);
3048 if (unlikely(-1 == ret))
3049 return DID_ERROR << 16;
3050 else if (unlikely(sdebug_verbose &&
3051 (ret < (num * sdebug_sector_size))))
3052 sdev_printk(KERN_INFO, scp->device,
3053 "%s: write: cdb indicated=%u, IO sent=%d bytes\n",
3054 my_name, num * sdebug_sector_size, ret);
3055
3056 if (unlikely(sdebug_any_injecting_opt)) {
3057 struct sdebug_queued_cmd *sqcp =
3058 (struct sdebug_queued_cmd *)scp->host_scribble;
3059
3060 if (sqcp) {
3061 if (sqcp->inj_recovered) {
3062 mk_sense_buffer(scp, RECOVERED_ERROR,
3063 THRESHOLD_EXCEEDED, 0);
3064 return check_condition_result;
3065 } else if (sqcp->inj_dif) {
3066 /* Logical block guard check failed */
3067 mk_sense_buffer(scp, ABORTED_COMMAND, 0x10, 1);
3068 return illegal_condition_result;
3069 } else if (sqcp->inj_dix) {
3070 mk_sense_buffer(scp, ILLEGAL_REQUEST, 0x10, 1);
3071 return illegal_condition_result;
3072 }
3073 }
3074 }
3075 return 0;
3076 }
3077
3078 /*
3079 * T10 has only specified WRITE SCATTERED(16) and WRITE SCATTERED(32).
3080 * No READ GATHERED yet (requires bidi or long cdb holding gather list).
3081 */
3082 static int resp_write_scat(struct scsi_cmnd *scp,
3083 struct sdebug_dev_info *devip)
3084 {
3085 u8 *cmd = scp->cmnd;
3086 u8 *lrdp = NULL;
3087 u8 *up;
3088 u8 wrprotect;
3089 u16 lbdof, num_lrd, k;
3090 u32 num, num_by, bt_len, lbdof_blen, sg_off, cum_lb;
3091 u32 lb_size = sdebug_sector_size;
3092 u32 ei_lba;
3093 u64 lba;
3094 unsigned long iflags;
3095 int ret, res;
3096 bool is_16;
3097 static const u32 lrd_size = 32; /* + parameter list header size */
3098
3099 if (cmd[0] == VARIABLE_LENGTH_CMD) {
3100 is_16 = false;
3101 wrprotect = (cmd[10] >> 5) & 0x7;
3102 lbdof = get_unaligned_be16(cmd + 12);
3103 num_lrd = get_unaligned_be16(cmd + 16);
3104 bt_len = get_unaligned_be32(cmd + 28);
3105 } else { /* that leaves WRITE SCATTERED(16) */
3106 is_16 = true;
3107 wrprotect = (cmd[2] >> 5) & 0x7;
3108 lbdof = get_unaligned_be16(cmd + 4);
3109 num_lrd = get_unaligned_be16(cmd + 8);
3110 bt_len = get_unaligned_be32(cmd + 10);
3111 if (unlikely(have_dif_prot)) {
3112 if (sdebug_dif == T10_PI_TYPE2_PROTECTION &&
3113 wrprotect) {
3114 mk_sense_invalid_opcode(scp);
3115 return illegal_condition_result;
3116 }
3117 if ((sdebug_dif == T10_PI_TYPE1_PROTECTION ||
3118 sdebug_dif == T10_PI_TYPE3_PROTECTION) &&
3119 wrprotect == 0)
3120 sdev_printk(KERN_ERR, scp->device,
3121 "Unprotected WR to DIF device\n");
3122 }
3123 }
3124 if ((num_lrd == 0) || (bt_len == 0))
3125 return 0; /* T10 says these do-nothings are not errors */
3126 if (lbdof == 0) {
3127 if (sdebug_verbose)
3128 sdev_printk(KERN_INFO, scp->device,
3129 "%s: %s: LB Data Offset field bad\n",
3130 my_name, __func__);
3131 mk_sense_buffer(scp, ILLEGAL_REQUEST, INVALID_FIELD_IN_CDB, 0);
3132 return illegal_condition_result;
3133 }
3134 lbdof_blen = lbdof * lb_size;
3135 if ((lrd_size + (num_lrd * lrd_size)) > lbdof_blen) {
3136 if (sdebug_verbose)
3137 sdev_printk(KERN_INFO, scp->device,
3138 "%s: %s: LBA range descriptors don't fit\n",
3139 my_name, __func__);
3140 mk_sense_buffer(scp, ILLEGAL_REQUEST, INVALID_FIELD_IN_CDB, 0);
3141 return illegal_condition_result;
3142 }
3143 lrdp = kzalloc(lbdof_blen, GFP_ATOMIC);
3144 if (lrdp == NULL)
3145 return SCSI_MLQUEUE_HOST_BUSY;
3146 if (sdebug_verbose)
3147 sdev_printk(KERN_INFO, scp->device,
3148 "%s: %s: Fetch header+scatter_list, lbdof_blen=%u\n",
3149 my_name, __func__, lbdof_blen);
3150 res = fetch_to_dev_buffer(scp, lrdp, lbdof_blen);
3151 if (res == -1) {
3152 ret = DID_ERROR << 16;
3153 goto err_out;
3154 }
3155
3156 write_lock_irqsave(&atomic_rw, iflags);
3157 sg_off = lbdof_blen;
3158 /* Spec says Buffer xfer Length field in number of LBs in dout */
3159 cum_lb = 0;
3160 for (k = 0, up = lrdp + lrd_size; k < num_lrd; ++k, up += lrd_size) {
3161 lba = get_unaligned_be64(up + 0);
3162 num = get_unaligned_be32(up + 8);
3163 if (sdebug_verbose)
3164 sdev_printk(KERN_INFO, scp->device,
3165 "%s: %s: k=%d LBA=0x%llx num=%u sg_off=%u\n",
3166 my_name, __func__, k, lba, num, sg_off);
3167 if (num == 0)
3168 continue;
3169 ret = check_device_access_params(scp, lba, num, true);
3170 if (ret)
3171 goto err_out_unlock;
3172 num_by = num * lb_size;
3173 ei_lba = is_16 ? 0 : get_unaligned_be32(up + 12);
3174
3175 if ((cum_lb + num) > bt_len) {
3176 if (sdebug_verbose)
3177 sdev_printk(KERN_INFO, scp->device,
3178 "%s: %s: sum of blocks > data provided\n",
3179 my_name, __func__);
3180 mk_sense_buffer(scp, ILLEGAL_REQUEST, WRITE_ERROR_ASC,
3181 0);
3182 ret = illegal_condition_result;
3183 goto err_out_unlock;
3184 }
3185
3186 /* DIX + T10 DIF */
3187 if (unlikely(sdebug_dix && scsi_prot_sg_count(scp))) {
3188 int prot_ret = prot_verify_write(scp, lba, num,
3189 ei_lba);
3190
3191 if (prot_ret) {
3192 mk_sense_buffer(scp, ILLEGAL_REQUEST, 0x10,
3193 prot_ret);
3194 ret = illegal_condition_result;
3195 goto err_out_unlock;
3196 }
3197 }
3198
3199 ret = do_device_access(scp, sg_off, lba, num, true);
3200 if (unlikely(scsi_debug_lbp()))
3201 map_region(lba, num);
3202 if (unlikely(-1 == ret)) {
3203 ret = DID_ERROR << 16;
3204 goto err_out_unlock;
3205 } else if (unlikely(sdebug_verbose && (ret < num_by)))
3206 sdev_printk(KERN_INFO, scp->device,
3207 "%s: write: cdb indicated=%u, IO sent=%d bytes\n",
3208 my_name, num_by, ret);
3209
3210 if (unlikely(sdebug_any_injecting_opt)) {
3211 struct sdebug_queued_cmd *sqcp =
3212 (struct sdebug_queued_cmd *)scp->host_scribble;
3213
3214 if (sqcp) {
3215 if (sqcp->inj_recovered) {
3216 mk_sense_buffer(scp, RECOVERED_ERROR,
3217 THRESHOLD_EXCEEDED, 0);
3218 ret = illegal_condition_result;
3219 goto err_out_unlock;
3220 } else if (sqcp->inj_dif) {
3221 /* Logical block guard check failed */
3222 mk_sense_buffer(scp, ABORTED_COMMAND,
3223 0x10, 1);
3224 ret = illegal_condition_result;
3225 goto err_out_unlock;
3226 } else if (sqcp->inj_dix) {
3227 mk_sense_buffer(scp, ILLEGAL_REQUEST,
3228 0x10, 1);
3229 ret = illegal_condition_result;
3230 goto err_out_unlock;
3231 }
3232 }
3233 }
3234 sg_off += num_by;
3235 cum_lb += num;
3236 }
3237 ret = 0;
3238 err_out_unlock:
3239 write_unlock_irqrestore(&atomic_rw, iflags);
3240 err_out:
3241 kfree(lrdp);
3242 return ret;
3243 }
3244
3245 static int resp_write_same(struct scsi_cmnd *scp, u64 lba, u32 num,
3246 u32 ei_lba, bool unmap, bool ndob)
3247 {
3248 int ret;
3249 unsigned long iflags;
3250 unsigned long long i;
3251 u32 lb_size = sdebug_sector_size;
3252 u64 block, lbaa;
3253 u8 *fs1p;
3254
3255 ret = check_device_access_params(scp, lba, num, true);
3256 if (ret)
3257 return ret;
3258
3259 write_lock_irqsave(&atomic_rw, iflags);
3260
3261 if (unmap && scsi_debug_lbp()) {
3262 unmap_region(lba, num);
3263 goto out;
3264 }
3265 lbaa = lba;
3266 block = do_div(lbaa, sdebug_store_sectors);
3267 /* if ndob then zero 1 logical block, else fetch 1 logical block */
3268 fs1p = fake_storep + (block * lb_size);
3269 if (ndob) {
3270 memset(fs1p, 0, lb_size);
3271 ret = 0;
3272 } else
3273 ret = fetch_to_dev_buffer(scp, fs1p, lb_size);
3274
3275 if (-1 == ret) {
3276 write_unlock_irqrestore(&atomic_rw, iflags);
3277 return DID_ERROR << 16;
3278 } else if (sdebug_verbose && !ndob && (ret < lb_size))
3279 sdev_printk(KERN_INFO, scp->device,
3280 "%s: %s: lb size=%u, IO sent=%d bytes\n",
3281 my_name, "write same", lb_size, ret);
3282
3283 /* Copy first sector to remaining blocks */
3284 for (i = 1 ; i < num ; i++) {
3285 lbaa = lba + i;
3286 block = do_div(lbaa, sdebug_store_sectors);
3287 memmove(fake_storep + (block * lb_size), fs1p, lb_size);
3288 }
3289 if (scsi_debug_lbp())
3290 map_region(lba, num);
3291 out:
3292 write_unlock_irqrestore(&atomic_rw, iflags);
3293
3294 return 0;
3295 }
3296
3297 static int resp_write_same_10(struct scsi_cmnd *scp,
3298 struct sdebug_dev_info *devip)
3299 {
3300 u8 *cmd = scp->cmnd;
3301 u32 lba;
3302 u16 num;
3303 u32 ei_lba = 0;
3304 bool unmap = false;
3305
3306 if (cmd[1] & 0x8) {
3307 if (sdebug_lbpws10 == 0) {
3308 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 1, 3);
3309 return check_condition_result;
3310 } else
3311 unmap = true;
3312 }
3313 lba = get_unaligned_be32(cmd + 2);
3314 num = get_unaligned_be16(cmd + 7);
3315 if (num > sdebug_write_same_length) {
3316 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 7, -1);
3317 return check_condition_result;
3318 }
3319 return resp_write_same(scp, lba, num, ei_lba, unmap, false);
3320 }
3321
3322 static int resp_write_same_16(struct scsi_cmnd *scp,
3323 struct sdebug_dev_info *devip)
3324 {
3325 u8 *cmd = scp->cmnd;
3326 u64 lba;
3327 u32 num;
3328 u32 ei_lba = 0;
3329 bool unmap = false;
3330 bool ndob = false;
3331
3332 if (cmd[1] & 0x8) { /* UNMAP */
3333 if (sdebug_lbpws == 0) {
3334 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 1, 3);
3335 return check_condition_result;
3336 } else
3337 unmap = true;
3338 }
3339 if (cmd[1] & 0x1) /* NDOB (no data-out buffer, assumes zeroes) */
3340 ndob = true;
3341 lba = get_unaligned_be64(cmd + 2);
3342 num = get_unaligned_be32(cmd + 10);
3343 if (num > sdebug_write_same_length) {
3344 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 10, -1);
3345 return check_condition_result;
3346 }
3347 return resp_write_same(scp, lba, num, ei_lba, unmap, ndob);
3348 }
3349
3350 /* Note the mode field is in the same position as the (lower) service action
3351 * field. For the Report supported operation codes command, SPC-4 suggests
3352 * each mode of this command should be reported separately; for future. */
3353 static int resp_write_buffer(struct scsi_cmnd *scp,
3354 struct sdebug_dev_info *devip)
3355 {
3356 u8 *cmd = scp->cmnd;
3357 struct scsi_device *sdp = scp->device;
3358 struct sdebug_dev_info *dp;
3359 u8 mode;
3360
3361 mode = cmd[1] & 0x1f;
3362 switch (mode) {
3363 case 0x4: /* download microcode (MC) and activate (ACT) */
3364 /* set UAs on this device only */
3365 set_bit(SDEBUG_UA_BUS_RESET, devip->uas_bm);
3366 set_bit(SDEBUG_UA_MICROCODE_CHANGED, devip->uas_bm);
3367 break;
3368 case 0x5: /* download MC, save and ACT */
3369 set_bit(SDEBUG_UA_MICROCODE_CHANGED_WO_RESET, devip->uas_bm);
3370 break;
3371 case 0x6: /* download MC with offsets and ACT */
3372 /* set UAs on most devices (LUs) in this target */
3373 list_for_each_entry(dp,
3374 &devip->sdbg_host->dev_info_list,
3375 dev_list)
3376 if (dp->target == sdp->id) {
3377 set_bit(SDEBUG_UA_BUS_RESET, dp->uas_bm);
3378 if (devip != dp)
3379 set_bit(SDEBUG_UA_MICROCODE_CHANGED,
3380 dp->uas_bm);
3381 }
3382 break;
3383 case 0x7: /* download MC with offsets, save, and ACT */
3384 /* set UA on all devices (LUs) in this target */
3385 list_for_each_entry(dp,
3386 &devip->sdbg_host->dev_info_list,
3387 dev_list)
3388 if (dp->target == sdp->id)
3389 set_bit(SDEBUG_UA_MICROCODE_CHANGED_WO_RESET,
3390 dp->uas_bm);
3391 break;
3392 default:
3393 /* do nothing for this command for other mode values */
3394 break;
3395 }
3396 return 0;
3397 }
3398
3399 static int resp_comp_write(struct scsi_cmnd *scp,
3400 struct sdebug_dev_info *devip)
3401 {
3402 u8 *cmd = scp->cmnd;
3403 u8 *arr;
3404 u8 *fake_storep_hold;
3405 u64 lba;
3406 u32 dnum;
3407 u32 lb_size = sdebug_sector_size;
3408 u8 num;
3409 unsigned long iflags;
3410 int ret;
3411 int retval = 0;
3412
3413 lba = get_unaligned_be64(cmd + 2);
3414 num = cmd[13]; /* 1 to a maximum of 255 logical blocks */
3415 if (0 == num)
3416 return 0; /* degenerate case, not an error */
3417 if (sdebug_dif == T10_PI_TYPE2_PROTECTION &&
3418 (cmd[1] & 0xe0)) {
3419 mk_sense_invalid_opcode(scp);
3420 return check_condition_result;
3421 }
3422 if ((sdebug_dif == T10_PI_TYPE1_PROTECTION ||
3423 sdebug_dif == T10_PI_TYPE3_PROTECTION) &&
3424 (cmd[1] & 0xe0) == 0)
3425 sdev_printk(KERN_ERR, scp->device, "Unprotected WR "
3426 "to DIF device\n");
3427 ret = check_device_access_params(scp, lba, num, false);
3428 if (ret)
3429 return ret;
3430 dnum = 2 * num;
3431 arr = kcalloc(lb_size, dnum, GFP_ATOMIC);
3432 if (NULL == arr) {
3433 mk_sense_buffer(scp, ILLEGAL_REQUEST, INSUFF_RES_ASC,
3434 INSUFF_RES_ASCQ);
3435 return check_condition_result;
3436 }
3437
3438 write_lock_irqsave(&atomic_rw, iflags);
3439
3440 /* trick do_device_access() to fetch both compare and write buffers
3441 * from data-in into arr. Safe (atomic) since write_lock held. */
3442 fake_storep_hold = fake_storep;
3443 fake_storep = arr;
3444 ret = do_device_access(scp, 0, 0, dnum, true);
3445 fake_storep = fake_storep_hold;
3446 if (ret == -1) {
3447 retval = DID_ERROR << 16;
3448 goto cleanup;
3449 } else if (sdebug_verbose && (ret < (dnum * lb_size)))
3450 sdev_printk(KERN_INFO, scp->device, "%s: compare_write: cdb "
3451 "indicated=%u, IO sent=%d bytes\n", my_name,
3452 dnum * lb_size, ret);
3453 if (!comp_write_worker(lba, num, arr)) {
3454 mk_sense_buffer(scp, MISCOMPARE, MISCOMPARE_VERIFY_ASC, 0);
3455 retval = check_condition_result;
3456 goto cleanup;
3457 }
3458 if (scsi_debug_lbp())
3459 map_region(lba, num);
3460 cleanup:
3461 write_unlock_irqrestore(&atomic_rw, iflags);
3462 kfree(arr);
3463 return retval;
3464 }
3465
3466 struct unmap_block_desc {
3467 __be64 lba;
3468 __be32 blocks;
3469 __be32 __reserved;
3470 };
3471
3472 static int resp_unmap(struct scsi_cmnd *scp, struct sdebug_dev_info *devip)
3473 {
3474 unsigned char *buf;
3475 struct unmap_block_desc *desc;
3476 unsigned int i, payload_len, descriptors;
3477 int ret;
3478 unsigned long iflags;
3479
3480
3481 if (!scsi_debug_lbp())
3482 return 0; /* fib and say its done */
3483 payload_len = get_unaligned_be16(scp->cmnd + 7);
3484 BUG_ON(scsi_bufflen(scp) != payload_len);
3485
3486 descriptors = (payload_len - 8) / 16;
3487 if (descriptors > sdebug_unmap_max_desc) {
3488 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 7, -1);
3489 return check_condition_result;
3490 }
3491
3492 buf = kzalloc(scsi_bufflen(scp), GFP_ATOMIC);
3493 if (!buf) {
3494 mk_sense_buffer(scp, ILLEGAL_REQUEST, INSUFF_RES_ASC,
3495 INSUFF_RES_ASCQ);
3496 return check_condition_result;
3497 }
3498
3499 scsi_sg_copy_to_buffer(scp, buf, scsi_bufflen(scp));
3500
3501 BUG_ON(get_unaligned_be16(&buf[0]) != payload_len - 2);
3502 BUG_ON(get_unaligned_be16(&buf[2]) != descriptors * 16);
3503
3504 desc = (void *)&buf[8];
3505
3506 write_lock_irqsave(&atomic_rw, iflags);
3507
3508 for (i = 0 ; i < descriptors ; i++) {
3509 unsigned long long lba = get_unaligned_be64(&desc[i].lba);
3510 unsigned int num = get_unaligned_be32(&desc[i].blocks);
3511
3512 ret = check_device_access_params(scp, lba, num, true);
3513 if (ret)
3514 goto out;
3515
3516 unmap_region(lba, num);
3517 }
3518
3519 ret = 0;
3520
3521 out:
3522 write_unlock_irqrestore(&atomic_rw, iflags);
3523 kfree(buf);
3524
3525 return ret;
3526 }
3527
3528 #define SDEBUG_GET_LBA_STATUS_LEN 32
3529
3530 static int resp_get_lba_status(struct scsi_cmnd *scp,
3531 struct sdebug_dev_info *devip)
3532 {
3533 u8 *cmd = scp->cmnd;
3534 u64 lba;
3535 u32 alloc_len, mapped, num;
3536 u8 arr[SDEBUG_GET_LBA_STATUS_LEN];
3537 int ret;
3538
3539 lba = get_unaligned_be64(cmd + 2);
3540 alloc_len = get_unaligned_be32(cmd + 10);
3541
3542 if (alloc_len < 24)
3543 return 0;
3544
3545 ret = check_device_access_params(scp, lba, 1, false);
3546 if (ret)
3547 return ret;
3548
3549 if (scsi_debug_lbp())
3550 mapped = map_state(lba, &num);
3551 else {
3552 mapped = 1;
3553 /* following just in case virtual_gb changed */
3554 sdebug_capacity = get_sdebug_capacity();
3555 if (sdebug_capacity - lba <= 0xffffffff)
3556 num = sdebug_capacity - lba;
3557 else
3558 num = 0xffffffff;
3559 }
3560
3561 memset(arr, 0, SDEBUG_GET_LBA_STATUS_LEN);
3562 put_unaligned_be32(20, arr); /* Parameter Data Length */
3563 put_unaligned_be64(lba, arr + 8); /* LBA */
3564 put_unaligned_be32(num, arr + 16); /* Number of blocks */
3565 arr[20] = !mapped; /* prov_stat=0: mapped; 1: dealloc */
3566
3567 return fill_from_dev_buffer(scp, arr, SDEBUG_GET_LBA_STATUS_LEN);
3568 }
3569
3570 static int resp_sync_cache(struct scsi_cmnd *scp,
3571 struct sdebug_dev_info *devip)
3572 {
3573 int res = 0;
3574 u64 lba;
3575 u32 num_blocks;
3576 u8 *cmd = scp->cmnd;
3577
3578 if (cmd[0] == SYNCHRONIZE_CACHE) { /* 10 byte cdb */
3579 lba = get_unaligned_be32(cmd + 2);
3580 num_blocks = get_unaligned_be16(cmd + 7);
3581 } else { /* SYNCHRONIZE_CACHE(16) */
3582 lba = get_unaligned_be64(cmd + 2);
3583 num_blocks = get_unaligned_be32(cmd + 10);
3584 }
3585 if (lba + num_blocks > sdebug_capacity) {
3586 mk_sense_buffer(scp, ILLEGAL_REQUEST, LBA_OUT_OF_RANGE, 0);
3587 return check_condition_result;
3588 }
3589 if (!write_since_sync || cmd[1] & 0x2)
3590 res = SDEG_RES_IMMED_MASK;
3591 else /* delay if write_since_sync and IMMED clear */
3592 write_since_sync = false;
3593 return res;
3594 }
3595
3596 #define RL_BUCKET_ELEMS 8
3597
3598 /* Even though each pseudo target has a REPORT LUNS "well known logical unit"
3599 * (W-LUN), the normal Linux scanning logic does not associate it with a
3600 * device (e.g. /dev/sg7). The following magic will make that association:
3601 * "cd /sys/class/scsi_host/host<n> ; echo '- - 49409' > scan"
3602 * where <n> is a host number. If there are multiple targets in a host then
3603 * the above will associate a W-LUN to each target. To only get a W-LUN
3604 * for target 2, then use "echo '- 2 49409' > scan" .
3605 */
3606 static int resp_report_luns(struct scsi_cmnd *scp,
3607 struct sdebug_dev_info *devip)
3608 {
3609 unsigned char *cmd = scp->cmnd;
3610 unsigned int alloc_len;
3611 unsigned char select_report;
3612 u64 lun;
3613 struct scsi_lun *lun_p;
3614 u8 arr[RL_BUCKET_ELEMS * sizeof(struct scsi_lun)];
3615 unsigned int lun_cnt; /* normal LUN count (max: 256) */
3616 unsigned int wlun_cnt; /* report luns W-LUN count */
3617 unsigned int tlun_cnt; /* total LUN count */
3618 unsigned int rlen; /* response length (in bytes) */
3619 int k, j, n, res;
3620 unsigned int off_rsp = 0;
3621 const int sz_lun = sizeof(struct scsi_lun);
3622
3623 clear_luns_changed_on_target(devip);
3624
3625 select_report = cmd[2];
3626 alloc_len = get_unaligned_be32(cmd + 6);
3627
3628 if (alloc_len < 4) {
3629 pr_err("alloc len too small %d\n", alloc_len);
3630 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 6, -1);
3631 return check_condition_result;
3632 }
3633
3634 switch (select_report) {
3635 case 0: /* all LUNs apart from W-LUNs */
3636 lun_cnt = sdebug_max_luns;
3637 wlun_cnt = 0;
3638 break;
3639 case 1: /* only W-LUNs */
3640 lun_cnt = 0;
3641 wlun_cnt = 1;
3642 break;
3643 case 2: /* all LUNs */
3644 lun_cnt = sdebug_max_luns;
3645 wlun_cnt = 1;
3646 break;
3647 case 0x10: /* only administrative LUs */
3648 case 0x11: /* see SPC-5 */
3649 case 0x12: /* only subsiduary LUs owned by referenced LU */
3650 default:
3651 pr_debug("select report invalid %d\n", select_report);
3652 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 2, -1);
3653 return check_condition_result;
3654 }
3655
3656 if (sdebug_no_lun_0 && (lun_cnt > 0))
3657 --lun_cnt;
3658
3659 tlun_cnt = lun_cnt + wlun_cnt;
3660 rlen = tlun_cnt * sz_lun; /* excluding 8 byte header */
3661 scsi_set_resid(scp, scsi_bufflen(scp));
3662 pr_debug("select_report %d luns = %d wluns = %d no_lun0 %d\n",
3663 select_report, lun_cnt, wlun_cnt, sdebug_no_lun_0);
3664
3665 /* loops rely on sizeof response header same as sizeof lun (both 8) */
3666 lun = sdebug_no_lun_0 ? 1 : 0;
3667 for (k = 0, j = 0, res = 0; true; ++k, j = 0) {
3668 memset(arr, 0, sizeof(arr));
3669 lun_p = (struct scsi_lun *)&arr[0];
3670 if (k == 0) {
3671 put_unaligned_be32(rlen, &arr[0]);
3672 ++lun_p;
3673 j = 1;
3674 }
3675 for ( ; j < RL_BUCKET_ELEMS; ++j, ++lun_p) {
3676 if ((k * RL_BUCKET_ELEMS) + j > lun_cnt)
3677 break;
3678 int_to_scsilun(lun++, lun_p);
3679 }
3680 if (j < RL_BUCKET_ELEMS)
3681 break;
3682 n = j * sz_lun;
3683 res = p_fill_from_dev_buffer(scp, arr, n, off_rsp);
3684 if (res)
3685 return res;
3686 off_rsp += n;
3687 }
3688 if (wlun_cnt) {
3689 int_to_scsilun(SCSI_W_LUN_REPORT_LUNS, lun_p);
3690 ++j;
3691 }
3692 if (j > 0)
3693 res = p_fill_from_dev_buffer(scp, arr, j * sz_lun, off_rsp);
3694 return res;
3695 }
3696
3697 static struct sdebug_queue *get_queue(struct scsi_cmnd *cmnd)
3698 {
3699 u32 tag = blk_mq_unique_tag(cmnd->request);
3700 u16 hwq = blk_mq_unique_tag_to_hwq(tag);
3701
3702 pr_debug("tag=%#x, hwq=%d\n", tag, hwq);
3703 if (WARN_ON_ONCE(hwq >= submit_queues))
3704 hwq = 0;
3705 return sdebug_q_arr + hwq;
3706 }
3707
3708 /* Queued (deferred) command completions converge here. */
3709 static void sdebug_q_cmd_complete(struct sdebug_defer *sd_dp)
3710 {
3711 bool aborted = sd_dp->aborted;
3712 int qc_idx;
3713 int retiring = 0;
3714 unsigned long iflags;
3715 struct sdebug_queue *sqp;
3716 struct sdebug_queued_cmd *sqcp;
3717 struct scsi_cmnd *scp;
3718 struct sdebug_dev_info *devip;
3719
3720 sd_dp->defer_t = SDEB_DEFER_NONE;
3721 if (unlikely(aborted))
3722 sd_dp->aborted = false;
3723 qc_idx = sd_dp->qc_idx;
3724 sqp = sdebug_q_arr + sd_dp->sqa_idx;
3725 if (sdebug_statistics) {
3726 atomic_inc(&sdebug_completions);
3727 if (raw_smp_processor_id() != sd_dp->issuing_cpu)
3728 atomic_inc(&sdebug_miss_cpus);
3729 }
3730 if (unlikely((qc_idx < 0) || (qc_idx >= SDEBUG_CANQUEUE))) {
3731 pr_err("wild qc_idx=%d\n", qc_idx);
3732 return;
3733 }
3734 spin_lock_irqsave(&sqp->qc_lock, iflags);
3735 sqcp = &sqp->qc_arr[qc_idx];
3736 scp = sqcp->a_cmnd;
3737 if (unlikely(scp == NULL)) {
3738 spin_unlock_irqrestore(&sqp->qc_lock, iflags);
3739 pr_err("scp is NULL, sqa_idx=%d, qc_idx=%d\n",
3740 sd_dp->sqa_idx, qc_idx);
3741 return;
3742 }
3743 devip = (struct sdebug_dev_info *)scp->device->hostdata;
3744 if (likely(devip))
3745 atomic_dec(&devip->num_in_q);
3746 else
3747 pr_err("devip=NULL\n");
3748 if (unlikely(atomic_read(&retired_max_queue) > 0))
3749 retiring = 1;
3750
3751 sqcp->a_cmnd = NULL;
3752 if (unlikely(!test_and_clear_bit(qc_idx, sqp->in_use_bm))) {
3753 spin_unlock_irqrestore(&sqp->qc_lock, iflags);
3754 pr_err("Unexpected completion\n");
3755 return;
3756 }
3757
3758 if (unlikely(retiring)) { /* user has reduced max_queue */
3759 int k, retval;
3760
3761 retval = atomic_read(&retired_max_queue);
3762 if (qc_idx >= retval) {
3763 spin_unlock_irqrestore(&sqp->qc_lock, iflags);
3764 pr_err("index %d too large\n", retval);
3765 return;
3766 }
3767 k = find_last_bit(sqp->in_use_bm, retval);
3768 if ((k < sdebug_max_queue) || (k == retval))
3769 atomic_set(&retired_max_queue, 0);
3770 else
3771 atomic_set(&retired_max_queue, k + 1);
3772 }
3773 spin_unlock_irqrestore(&sqp->qc_lock, iflags);
3774 if (unlikely(aborted)) {
3775 if (sdebug_verbose)
3776 pr_info("bypassing scsi_done() due to aborted cmd\n");
3777 return;
3778 }
3779 scp->scsi_done(scp); /* callback to mid level */
3780 }
3781
3782 /* When high resolution timer goes off this function is called. */
3783 static enum hrtimer_restart sdebug_q_cmd_hrt_complete(struct hrtimer *timer)
3784 {
3785 struct sdebug_defer *sd_dp = container_of(timer, struct sdebug_defer,
3786 hrt);
3787 sdebug_q_cmd_complete(sd_dp);
3788 return HRTIMER_NORESTART;
3789 }
3790
3791 /* When work queue schedules work, it calls this function. */
3792 static void sdebug_q_cmd_wq_complete(struct work_struct *work)
3793 {
3794 struct sdebug_defer *sd_dp = container_of(work, struct sdebug_defer,
3795 ew.work);
3796 sdebug_q_cmd_complete(sd_dp);
3797 }
3798
3799 static bool got_shared_uuid;
3800 static uuid_t shared_uuid;
3801
3802 static struct sdebug_dev_info *sdebug_device_create(
3803 struct sdebug_host_info *sdbg_host, gfp_t flags)
3804 {
3805 struct sdebug_dev_info *devip;
3806
3807 devip = kzalloc(sizeof(*devip), flags);
3808 if (devip) {
3809 if (sdebug_uuid_ctl == 1)
3810 uuid_gen(&devip->lu_name);
3811 else if (sdebug_uuid_ctl == 2) {
3812 if (got_shared_uuid)
3813 devip->lu_name = shared_uuid;
3814 else {
3815 uuid_gen(&shared_uuid);
3816 got_shared_uuid = true;
3817 devip->lu_name = shared_uuid;
3818 }
3819 }
3820 devip->sdbg_host = sdbg_host;
3821 list_add_tail(&devip->dev_list, &sdbg_host->dev_info_list);
3822 }
3823 return devip;
3824 }
3825
3826 static struct sdebug_dev_info *find_build_dev_info(struct scsi_device *sdev)
3827 {
3828 struct sdebug_host_info *sdbg_host;
3829 struct sdebug_dev_info *open_devip = NULL;
3830 struct sdebug_dev_info *devip;
3831
3832 sdbg_host = *(struct sdebug_host_info **)shost_priv(sdev->host);
3833 if (!sdbg_host) {
3834 pr_err("Host info NULL\n");
3835 return NULL;
3836 }
3837 list_for_each_entry(devip, &sdbg_host->dev_info_list, dev_list) {
3838 if ((devip->used) && (devip->channel == sdev->channel) &&
3839 (devip->target == sdev->id) &&
3840 (devip->lun == sdev->lun))
3841 return devip;
3842 else {
3843 if ((!devip->used) && (!open_devip))
3844 open_devip = devip;
3845 }
3846 }
3847 if (!open_devip) { /* try and make a new one */
3848 open_devip = sdebug_device_create(sdbg_host, GFP_ATOMIC);
3849 if (!open_devip) {
3850 pr_err("out of memory at line %d\n", __LINE__);
3851 return NULL;
3852 }
3853 }
3854
3855 open_devip->channel = sdev->channel;
3856 open_devip->target = sdev->id;
3857 open_devip->lun = sdev->lun;
3858 open_devip->sdbg_host = sdbg_host;
3859 atomic_set(&open_devip->num_in_q, 0);
3860 set_bit(SDEBUG_UA_POR, open_devip->uas_bm);
3861 open_devip->used = true;
3862 return open_devip;
3863 }
3864
3865 static int scsi_debug_slave_alloc(struct scsi_device *sdp)
3866 {
3867 if (sdebug_verbose)
3868 pr_info("slave_alloc <%u %u %u %llu>\n",
3869 sdp->host->host_no, sdp->channel, sdp->id, sdp->lun);
3870 return 0;
3871 }
3872
3873 static int scsi_debug_slave_configure(struct scsi_device *sdp)
3874 {
3875 struct sdebug_dev_info *devip =
3876 (struct sdebug_dev_info *)sdp->hostdata;
3877
3878 if (sdebug_verbose)
3879 pr_info("slave_configure <%u %u %u %llu>\n",
3880 sdp->host->host_no, sdp->channel, sdp->id, sdp->lun);
3881 if (sdp->host->max_cmd_len != SDEBUG_MAX_CMD_LEN)
3882 sdp->host->max_cmd_len = SDEBUG_MAX_CMD_LEN;
3883 if (devip == NULL) {
3884 devip = find_build_dev_info(sdp);
3885 if (devip == NULL)
3886 return 1; /* no resources, will be marked offline */
3887 }
3888 sdp->hostdata = devip;
3889 if (sdebug_no_uld)
3890 sdp->no_uld_attach = 1;
3891 config_cdb_len(sdp);
3892 return 0;
3893 }
3894
3895 static void scsi_debug_slave_destroy(struct scsi_device *sdp)
3896 {
3897 struct sdebug_dev_info *devip =
3898 (struct sdebug_dev_info *)sdp->hostdata;
3899
3900 if (sdebug_verbose)
3901 pr_info("slave_destroy <%u %u %u %llu>\n",
3902 sdp->host->host_no, sdp->channel, sdp->id, sdp->lun);
3903 if (devip) {
3904 /* make this slot available for re-use */
3905 devip->used = false;
3906 sdp->hostdata = NULL;
3907 }
3908 }
3909
3910 static void stop_qc_helper(struct sdebug_defer *sd_dp,
3911 enum sdeb_defer_type defer_t)
3912 {
3913 if (!sd_dp)
3914 return;
3915 if (defer_t == SDEB_DEFER_HRT)
3916 hrtimer_cancel(&sd_dp->hrt);
3917 else if (defer_t == SDEB_DEFER_WQ)
3918 cancel_work_sync(&sd_dp->ew.work);
3919 }
3920
3921 /* If @cmnd found deletes its timer or work queue and returns true; else
3922 returns false */
3923 static bool stop_queued_cmnd(struct scsi_cmnd *cmnd)
3924 {
3925 unsigned long iflags;
3926 int j, k, qmax, r_qmax;
3927 enum sdeb_defer_type l_defer_t;
3928 struct sdebug_queue *sqp;
3929 struct sdebug_queued_cmd *sqcp;
3930 struct sdebug_dev_info *devip;
3931 struct sdebug_defer *sd_dp;
3932
3933 for (j = 0, sqp = sdebug_q_arr; j < submit_queues; ++j, ++sqp) {
3934 spin_lock_irqsave(&sqp->qc_lock, iflags);
3935 qmax = sdebug_max_queue;
3936 r_qmax = atomic_read(&retired_max_queue);
3937 if (r_qmax > qmax)
3938 qmax = r_qmax;
3939 for (k = 0; k < qmax; ++k) {
3940 if (test_bit(k, sqp->in_use_bm)) {
3941 sqcp = &sqp->qc_arr[k];
3942 if (cmnd != sqcp->a_cmnd)
3943 continue;
3944 /* found */
3945 devip = (struct sdebug_dev_info *)
3946 cmnd->device->hostdata;
3947 if (devip)
3948 atomic_dec(&devip->num_in_q);
3949 sqcp->a_cmnd = NULL;
3950 sd_dp = sqcp->sd_dp;
3951 if (sd_dp) {
3952 l_defer_t = sd_dp->defer_t;
3953 sd_dp->defer_t = SDEB_DEFER_NONE;
3954 } else
3955 l_defer_t = SDEB_DEFER_NONE;
3956 spin_unlock_irqrestore(&sqp->qc_lock, iflags);
3957 stop_qc_helper(sd_dp, l_defer_t);
3958 clear_bit(k, sqp->in_use_bm);
3959 return true;
3960 }
3961 }
3962 spin_unlock_irqrestore(&sqp->qc_lock, iflags);
3963 }
3964 return false;
3965 }
3966
3967 /* Deletes (stops) timers or work queues of all queued commands */
3968 static void stop_all_queued(void)
3969 {
3970 unsigned long iflags;
3971 int j, k;
3972 enum sdeb_defer_type l_defer_t;
3973 struct sdebug_queue *sqp;
3974 struct sdebug_queued_cmd *sqcp;
3975 struct sdebug_dev_info *devip;
3976 struct sdebug_defer *sd_dp;
3977
3978 for (j = 0, sqp = sdebug_q_arr; j < submit_queues; ++j, ++sqp) {
3979 spin_lock_irqsave(&sqp->qc_lock, iflags);
3980 for (k = 0; k < SDEBUG_CANQUEUE; ++k) {
3981 if (test_bit(k, sqp->in_use_bm)) {
3982 sqcp = &sqp->qc_arr[k];
3983 if (sqcp->a_cmnd == NULL)
3984 continue;
3985 devip = (struct sdebug_dev_info *)
3986 sqcp->a_cmnd->device->hostdata;
3987 if (devip)
3988 atomic_dec(&devip->num_in_q);
3989 sqcp->a_cmnd = NULL;
3990 sd_dp = sqcp->sd_dp;
3991 if (sd_dp) {
3992 l_defer_t = sd_dp->defer_t;
3993 sd_dp->defer_t = SDEB_DEFER_NONE;
3994 } else
3995 l_defer_t = SDEB_DEFER_NONE;
3996 spin_unlock_irqrestore(&sqp->qc_lock, iflags);
3997 stop_qc_helper(sd_dp, l_defer_t);
3998 clear_bit(k, sqp->in_use_bm);
3999 spin_lock_irqsave(&sqp->qc_lock, iflags);
4000 }
4001 }
4002 spin_unlock_irqrestore(&sqp->qc_lock, iflags);
4003 }
4004 }
4005
4006 /* Free queued command memory on heap */
4007 static void free_all_queued(void)
4008 {
4009 int j, k;
4010 struct sdebug_queue *sqp;
4011 struct sdebug_queued_cmd *sqcp;
4012
4013 for (j = 0, sqp = sdebug_q_arr; j < submit_queues; ++j, ++sqp) {
4014 for (k = 0; k < SDEBUG_CANQUEUE; ++k) {
4015 sqcp = &sqp->qc_arr[k];
4016 kfree(sqcp->sd_dp);
4017 sqcp->sd_dp = NULL;
4018 }
4019 }
4020 }
4021
4022 static int scsi_debug_abort(struct scsi_cmnd *SCpnt)
4023 {
4024 bool ok;
4025
4026 ++num_aborts;
4027 if (SCpnt) {
4028 ok = stop_queued_cmnd(SCpnt);
4029 if (SCpnt->device && (SDEBUG_OPT_ALL_NOISE & sdebug_opts))
4030 sdev_printk(KERN_INFO, SCpnt->device,
4031 "%s: command%s found\n", __func__,
4032 ok ? "" : " not");
4033 }
4034 return SUCCESS;
4035 }
4036
4037 static int scsi_debug_device_reset(struct scsi_cmnd *SCpnt)
4038 {
4039 ++num_dev_resets;
4040 if (SCpnt && SCpnt->device) {
4041 struct scsi_device *sdp = SCpnt->device;
4042 struct sdebug_dev_info *devip =
4043 (struct sdebug_dev_info *)sdp->hostdata;
4044
4045 if (SDEBUG_OPT_ALL_NOISE & sdebug_opts)
4046 sdev_printk(KERN_INFO, sdp, "%s\n", __func__);
4047 if (devip)
4048 set_bit(SDEBUG_UA_POR, devip->uas_bm);
4049 }
4050 return SUCCESS;
4051 }
4052
4053 static int scsi_debug_target_reset(struct scsi_cmnd *SCpnt)
4054 {
4055 struct sdebug_host_info *sdbg_host;
4056 struct sdebug_dev_info *devip;
4057 struct scsi_device *sdp;
4058 struct Scsi_Host *hp;
4059 int k = 0;
4060
4061 ++num_target_resets;
4062 if (!SCpnt)
4063 goto lie;
4064 sdp = SCpnt->device;
4065 if (!sdp)
4066 goto lie;
4067 if (SDEBUG_OPT_ALL_NOISE & sdebug_opts)
4068 sdev_printk(KERN_INFO, sdp, "%s\n", __func__);
4069 hp = sdp->host;
4070 if (!hp)
4071 goto lie;
4072 sdbg_host = *(struct sdebug_host_info **)shost_priv(hp);
4073 if (sdbg_host) {
4074 list_for_each_entry(devip,
4075 &sdbg_host->dev_info_list,
4076 dev_list)
4077 if (devip->target == sdp->id) {
4078 set_bit(SDEBUG_UA_BUS_RESET, devip->uas_bm);
4079 ++k;
4080 }
4081 }
4082 if (SDEBUG_OPT_RESET_NOISE & sdebug_opts)
4083 sdev_printk(KERN_INFO, sdp,
4084 "%s: %d device(s) found in target\n", __func__, k);
4085 lie:
4086 return SUCCESS;
4087 }
4088
4089 static int scsi_debug_bus_reset(struct scsi_cmnd *SCpnt)
4090 {
4091 struct sdebug_host_info *sdbg_host;
4092 struct sdebug_dev_info *devip;
4093 struct scsi_device *sdp;
4094 struct Scsi_Host *hp;
4095 int k = 0;
4096
4097 ++num_bus_resets;
4098 if (!(SCpnt && SCpnt->device))
4099 goto lie;
4100 sdp = SCpnt->device;
4101 if (SDEBUG_OPT_ALL_NOISE & sdebug_opts)
4102 sdev_printk(KERN_INFO, sdp, "%s\n", __func__);
4103 hp = sdp->host;
4104 if (hp) {
4105 sdbg_host = *(struct sdebug_host_info **)shost_priv(hp);
4106 if (sdbg_host) {
4107 list_for_each_entry(devip,
4108 &sdbg_host->dev_info_list,
4109 dev_list) {
4110 set_bit(SDEBUG_UA_BUS_RESET, devip->uas_bm);
4111 ++k;
4112 }
4113 }
4114 }
4115 if (SDEBUG_OPT_RESET_NOISE & sdebug_opts)
4116 sdev_printk(KERN_INFO, sdp,
4117 "%s: %d device(s) found in host\n", __func__, k);
4118 lie:
4119 return SUCCESS;
4120 }
4121
4122 static int scsi_debug_host_reset(struct scsi_cmnd *SCpnt)
4123 {
4124 struct sdebug_host_info *sdbg_host;
4125 struct sdebug_dev_info *devip;
4126 int k = 0;
4127
4128 ++num_host_resets;
4129 if ((SCpnt->device) && (SDEBUG_OPT_ALL_NOISE & sdebug_opts))
4130 sdev_printk(KERN_INFO, SCpnt->device, "%s\n", __func__);
4131 spin_lock(&sdebug_host_list_lock);
4132 list_for_each_entry(sdbg_host, &sdebug_host_list, host_list) {
4133 list_for_each_entry(devip, &sdbg_host->dev_info_list,
4134 dev_list) {
4135 set_bit(SDEBUG_UA_BUS_RESET, devip->uas_bm);
4136 ++k;
4137 }
4138 }
4139 spin_unlock(&sdebug_host_list_lock);
4140 stop_all_queued();
4141 if (SDEBUG_OPT_RESET_NOISE & sdebug_opts)
4142 sdev_printk(KERN_INFO, SCpnt->device,
4143 "%s: %d device(s) found\n", __func__, k);
4144 return SUCCESS;
4145 }
4146
4147 static void __init sdebug_build_parts(unsigned char *ramp,
4148 unsigned long store_size)
4149 {
4150 struct msdos_partition *pp;
4151 int starts[SDEBUG_MAX_PARTS + 2];
4152 int sectors_per_part, num_sectors, k;
4153 int heads_by_sects, start_sec, end_sec;
4154
4155 /* assume partition table already zeroed */
4156 if ((sdebug_num_parts < 1) || (store_size < 1048576))
4157 return;
4158 if (sdebug_num_parts > SDEBUG_MAX_PARTS) {
4159 sdebug_num_parts = SDEBUG_MAX_PARTS;
4160 pr_warn("reducing partitions to %d\n", SDEBUG_MAX_PARTS);
4161 }
4162 num_sectors = (int)sdebug_store_sectors;
4163 sectors_per_part = (num_sectors - sdebug_sectors_per)
4164 / sdebug_num_parts;
4165 heads_by_sects = sdebug_heads * sdebug_sectors_per;
4166 starts[0] = sdebug_sectors_per;
4167 for (k = 1; k < sdebug_num_parts; ++k)
4168 starts[k] = ((k * sectors_per_part) / heads_by_sects)
4169 * heads_by_sects;
4170 starts[sdebug_num_parts] = num_sectors;
4171 starts[sdebug_num_parts + 1] = 0;
4172
4173 ramp[510] = 0x55; /* magic partition markings */
4174 ramp[511] = 0xAA;
4175 pp = (struct msdos_partition *)(ramp + 0x1be);
4176 for (k = 0; starts[k + 1]; ++k, ++pp) {
4177 start_sec = starts[k];
4178 end_sec = starts[k + 1] - 1;
4179 pp->boot_ind = 0;
4180
4181 pp->cyl = start_sec / heads_by_sects;
4182 pp->head = (start_sec - (pp->cyl * heads_by_sects))
4183 / sdebug_sectors_per;
4184 pp->sector = (start_sec % sdebug_sectors_per) + 1;
4185
4186 pp->end_cyl = end_sec / heads_by_sects;
4187 pp->end_head = (end_sec - (pp->end_cyl * heads_by_sects))
4188 / sdebug_sectors_per;
4189 pp->end_sector = (end_sec % sdebug_sectors_per) + 1;
4190
4191 pp->start_sect = cpu_to_le32(start_sec);
4192 pp->nr_sects = cpu_to_le32(end_sec - start_sec + 1);
4193 pp->sys_ind = 0x83; /* plain Linux partition */
4194 }
4195 }
4196
4197 static void block_unblock_all_queues(bool block)
4198 {
4199 int j;
4200 struct sdebug_queue *sqp;
4201
4202 for (j = 0, sqp = sdebug_q_arr; j < submit_queues; ++j, ++sqp)
4203 atomic_set(&sqp->blocked, (int)block);
4204 }
4205
4206 /* Adjust (by rounding down) the sdebug_cmnd_count so abs(every_nth)-1
4207 * commands will be processed normally before triggers occur.
4208 */
4209 static void tweak_cmnd_count(void)
4210 {
4211 int count, modulo;
4212
4213 modulo = abs(sdebug_every_nth);
4214 if (modulo < 2)
4215 return;
4216 block_unblock_all_queues(true);
4217 count = atomic_read(&sdebug_cmnd_count);
4218 atomic_set(&sdebug_cmnd_count, (count / modulo) * modulo);
4219 block_unblock_all_queues(false);
4220 }
4221
4222 static void clear_queue_stats(void)
4223 {
4224 atomic_set(&sdebug_cmnd_count, 0);
4225 atomic_set(&sdebug_completions, 0);
4226 atomic_set(&sdebug_miss_cpus, 0);
4227 atomic_set(&sdebug_a_tsf, 0);
4228 }
4229
4230 static void setup_inject(struct sdebug_queue *sqp,
4231 struct sdebug_queued_cmd *sqcp)
4232 {
4233 if ((atomic_read(&sdebug_cmnd_count) % abs(sdebug_every_nth)) > 0) {
4234 if (sdebug_every_nth > 0)
4235 sqcp->inj_recovered = sqcp->inj_transport
4236 = sqcp->inj_dif
4237 = sqcp->inj_dix = sqcp->inj_short
4238 = sqcp->inj_host_busy = sqcp->inj_cmd_abort = 0;
4239 return;
4240 }
4241 sqcp->inj_recovered = !!(SDEBUG_OPT_RECOVERED_ERR & sdebug_opts);
4242 sqcp->inj_transport = !!(SDEBUG_OPT_TRANSPORT_ERR & sdebug_opts);
4243 sqcp->inj_dif = !!(SDEBUG_OPT_DIF_ERR & sdebug_opts);
4244 sqcp->inj_dix = !!(SDEBUG_OPT_DIX_ERR & sdebug_opts);
4245 sqcp->inj_short = !!(SDEBUG_OPT_SHORT_TRANSFER & sdebug_opts);
4246 sqcp->inj_host_busy = !!(SDEBUG_OPT_HOST_BUSY & sdebug_opts);
4247 sqcp->inj_cmd_abort = !!(SDEBUG_OPT_CMD_ABORT & sdebug_opts);
4248 }
4249
4250 /* Complete the processing of the thread that queued a SCSI command to this
4251 * driver. It either completes the command by calling cmnd_done() or
4252 * schedules a hr timer or work queue then returns 0. Returns
4253 * SCSI_MLQUEUE_HOST_BUSY if temporarily out of resources.
4254 */
4255 static int schedule_resp(struct scsi_cmnd *cmnd, struct sdebug_dev_info *devip,
4256 int scsi_result,
4257 int (*pfp)(struct scsi_cmnd *,
4258 struct sdebug_dev_info *),
4259 int delta_jiff, int ndelay)
4260 {
4261 unsigned long iflags;
4262 int k, num_in_q, qdepth, inject;
4263 struct sdebug_queue *sqp;
4264 struct sdebug_queued_cmd *sqcp;
4265 struct scsi_device *sdp;
4266 struct sdebug_defer *sd_dp;
4267
4268 if (unlikely(devip == NULL)) {
4269 if (scsi_result == 0)
4270 scsi_result = DID_NO_CONNECT << 16;
4271 goto respond_in_thread;
4272 }
4273 sdp = cmnd->device;
4274
4275 if (delta_jiff == 0)
4276 goto respond_in_thread;
4277
4278 /* schedule the response at a later time if resources permit */
4279 sqp = get_queue(cmnd);
4280 spin_lock_irqsave(&sqp->qc_lock, iflags);
4281 if (unlikely(atomic_read(&sqp->blocked))) {
4282 spin_unlock_irqrestore(&sqp->qc_lock, iflags);
4283 return SCSI_MLQUEUE_HOST_BUSY;
4284 }
4285 num_in_q = atomic_read(&devip->num_in_q);
4286 qdepth = cmnd->device->queue_depth;
4287 inject = 0;
4288 if (unlikely((qdepth > 0) && (num_in_q >= qdepth))) {
4289 if (scsi_result) {
4290 spin_unlock_irqrestore(&sqp->qc_lock, iflags);
4291 goto respond_in_thread;
4292 } else
4293 scsi_result = device_qfull_result;
4294 } else if (unlikely(sdebug_every_nth &&
4295 (SDEBUG_OPT_RARE_TSF & sdebug_opts) &&
4296 (scsi_result == 0))) {
4297 if ((num_in_q == (qdepth - 1)) &&
4298 (atomic_inc_return(&sdebug_a_tsf) >=
4299 abs(sdebug_every_nth))) {
4300 atomic_set(&sdebug_a_tsf, 0);
4301 inject = 1;
4302 scsi_result = device_qfull_result;
4303 }
4304 }
4305
4306 k = find_first_zero_bit(sqp->in_use_bm, sdebug_max_queue);
4307 if (unlikely(k >= sdebug_max_queue)) {
4308 spin_unlock_irqrestore(&sqp->qc_lock, iflags);
4309 if (scsi_result)
4310 goto respond_in_thread;
4311 else if (SDEBUG_OPT_ALL_TSF & sdebug_opts)
4312 scsi_result = device_qfull_result;
4313 if (SDEBUG_OPT_Q_NOISE & sdebug_opts)
4314 sdev_printk(KERN_INFO, sdp,
4315 "%s: max_queue=%d exceeded, %s\n",
4316 __func__, sdebug_max_queue,
4317 (scsi_result ? "status: TASK SET FULL" :
4318 "report: host busy"));
4319 if (scsi_result)
4320 goto respond_in_thread;
4321 else
4322 return SCSI_MLQUEUE_HOST_BUSY;
4323 }
4324 __set_bit(k, sqp->in_use_bm);
4325 atomic_inc(&devip->num_in_q);
4326 sqcp = &sqp->qc_arr[k];
4327 sqcp->a_cmnd = cmnd;
4328 cmnd->host_scribble = (unsigned char *)sqcp;
4329 sd_dp = sqcp->sd_dp;
4330 spin_unlock_irqrestore(&sqp->qc_lock, iflags);
4331 if (unlikely(sdebug_every_nth && sdebug_any_injecting_opt))
4332 setup_inject(sqp, sqcp);
4333 if (sd_dp == NULL) {
4334 sd_dp = kzalloc(sizeof(*sd_dp), GFP_ATOMIC);
4335 if (sd_dp == NULL)
4336 return SCSI_MLQUEUE_HOST_BUSY;
4337 }
4338
4339 cmnd->result = pfp != NULL ? pfp(cmnd, devip) : 0;
4340 if (cmnd->result & SDEG_RES_IMMED_MASK) {
4341 /*
4342 * This is the F_DELAY_OVERR case. No delay.
4343 */
4344 cmnd->result &= ~SDEG_RES_IMMED_MASK;
4345 delta_jiff = ndelay = 0;
4346 }
4347 if (cmnd->result == 0 && scsi_result != 0)
4348 cmnd->result = scsi_result;
4349
4350 if (unlikely(sdebug_verbose && cmnd->result))
4351 sdev_printk(KERN_INFO, sdp, "%s: non-zero result=0x%x\n",
4352 __func__, cmnd->result);
4353
4354 if (delta_jiff > 0 || ndelay > 0) {
4355 ktime_t kt;
4356
4357 if (delta_jiff > 0) {
4358 kt = ns_to_ktime((u64)delta_jiff * (NSEC_PER_SEC / HZ));
4359 } else
4360 kt = ndelay;
4361 if (!sd_dp->init_hrt) {
4362 sd_dp->init_hrt = true;
4363 sqcp->sd_dp = sd_dp;
4364 hrtimer_init(&sd_dp->hrt, CLOCK_MONOTONIC,
4365 HRTIMER_MODE_REL_PINNED);
4366 sd_dp->hrt.function = sdebug_q_cmd_hrt_complete;
4367 sd_dp->sqa_idx = sqp - sdebug_q_arr;
4368 sd_dp->qc_idx = k;
4369 }
4370 if (sdebug_statistics)
4371 sd_dp->issuing_cpu = raw_smp_processor_id();
4372 sd_dp->defer_t = SDEB_DEFER_HRT;
4373 hrtimer_start(&sd_dp->hrt, kt, HRTIMER_MODE_REL_PINNED);
4374 } else { /* jdelay < 0, use work queue */
4375 if (!sd_dp->init_wq) {
4376 sd_dp->init_wq = true;
4377 sqcp->sd_dp = sd_dp;
4378 sd_dp->sqa_idx = sqp - sdebug_q_arr;
4379 sd_dp->qc_idx = k;
4380 INIT_WORK(&sd_dp->ew.work, sdebug_q_cmd_wq_complete);
4381 }
4382 if (sdebug_statistics)
4383 sd_dp->issuing_cpu = raw_smp_processor_id();
4384 sd_dp->defer_t = SDEB_DEFER_WQ;
4385 if (unlikely(sqcp->inj_cmd_abort))
4386 sd_dp->aborted = true;
4387 schedule_work(&sd_dp->ew.work);
4388 if (unlikely(sqcp->inj_cmd_abort)) {
4389 sdev_printk(KERN_INFO, sdp, "abort request tag %d\n",
4390 cmnd->request->tag);
4391 blk_abort_request(cmnd->request);
4392 }
4393 }
4394 if (unlikely((SDEBUG_OPT_Q_NOISE & sdebug_opts) &&
4395 (scsi_result == device_qfull_result)))
4396 sdev_printk(KERN_INFO, sdp,
4397 "%s: num_in_q=%d +1, %s%s\n", __func__,
4398 num_in_q, (inject ? "<inject> " : ""),
4399 "status: TASK SET FULL");
4400 return 0;
4401
4402 respond_in_thread: /* call back to mid-layer using invocation thread */
4403 cmnd->result = pfp != NULL ? pfp(cmnd, devip) : 0;
4404 cmnd->result &= ~SDEG_RES_IMMED_MASK;
4405 if (cmnd->result == 0 && scsi_result != 0)
4406 cmnd->result = scsi_result;
4407 cmnd->scsi_done(cmnd);
4408 return 0;
4409 }
4410
4411 /* Note: The following macros create attribute files in the
4412 /sys/module/scsi_debug/parameters directory. Unfortunately this
4413 driver is unaware of a change and cannot trigger auxiliary actions
4414 as it can when the corresponding attribute in the
4415 /sys/bus/pseudo/drivers/scsi_debug directory is changed.
4416 */
4417 module_param_named(add_host, sdebug_add_host, int, S_IRUGO | S_IWUSR);
4418 module_param_named(ato, sdebug_ato, int, S_IRUGO);
4419 module_param_named(cdb_len, sdebug_cdb_len, int, 0644);
4420 module_param_named(clustering, sdebug_clustering, bool, S_IRUGO | S_IWUSR);
4421 module_param_named(delay, sdebug_jdelay, int, S_IRUGO | S_IWUSR);
4422 module_param_named(dev_size_mb, sdebug_dev_size_mb, int, S_IRUGO);
4423 module_param_named(dif, sdebug_dif, int, S_IRUGO);
4424 module_param_named(dix, sdebug_dix, int, S_IRUGO);
4425 module_param_named(dsense, sdebug_dsense, int, S_IRUGO | S_IWUSR);
4426 module_param_named(every_nth, sdebug_every_nth, int, S_IRUGO | S_IWUSR);
4427 module_param_named(fake_rw, sdebug_fake_rw, int, S_IRUGO | S_IWUSR);
4428 module_param_named(guard, sdebug_guard, uint, S_IRUGO);
4429 module_param_named(host_lock, sdebug_host_lock, bool, S_IRUGO | S_IWUSR);
4430 module_param_string(inq_vendor, sdebug_inq_vendor_id,
4431 sizeof(sdebug_inq_vendor_id), S_IRUGO|S_IWUSR);
4432 module_param_string(inq_product, sdebug_inq_product_id,
4433 sizeof(sdebug_inq_product_id), S_IRUGO|S_IWUSR);
4434 module_param_string(inq_rev, sdebug_inq_product_rev,
4435 sizeof(sdebug_inq_product_rev), S_IRUGO|S_IWUSR);
4436 module_param_named(lbpu, sdebug_lbpu, int, S_IRUGO);
4437 module_param_named(lbpws, sdebug_lbpws, int, S_IRUGO);
4438 module_param_named(lbpws10, sdebug_lbpws10, int, S_IRUGO);
4439 module_param_named(lbprz, sdebug_lbprz, int, S_IRUGO);
4440 module_param_named(lowest_aligned, sdebug_lowest_aligned, int, S_IRUGO);
4441 module_param_named(max_luns, sdebug_max_luns, int, S_IRUGO | S_IWUSR);
4442 module_param_named(max_queue, sdebug_max_queue, int, S_IRUGO | S_IWUSR);
4443 module_param_named(medium_error_start, sdebug_medium_error_start, int, S_IRUGO | S_IWUSR);
4444 module_param_named(medium_error_count, sdebug_medium_error_count, int, S_IRUGO | S_IWUSR);
4445 module_param_named(ndelay, sdebug_ndelay, int, S_IRUGO | S_IWUSR);
4446 module_param_named(no_lun_0, sdebug_no_lun_0, int, S_IRUGO | S_IWUSR);
4447 module_param_named(no_uld, sdebug_no_uld, int, S_IRUGO);
4448 module_param_named(num_parts, sdebug_num_parts, int, S_IRUGO);
4449 module_param_named(num_tgts, sdebug_num_tgts, int, S_IRUGO | S_IWUSR);
4450 module_param_named(opt_blks, sdebug_opt_blks, int, S_IRUGO);
4451 module_param_named(opts, sdebug_opts, int, S_IRUGO | S_IWUSR);
4452 module_param_named(physblk_exp, sdebug_physblk_exp, int, S_IRUGO);
4453 module_param_named(opt_xferlen_exp, sdebug_opt_xferlen_exp, int, S_IRUGO);
4454 module_param_named(ptype, sdebug_ptype, int, S_IRUGO | S_IWUSR);
4455 module_param_named(removable, sdebug_removable, bool, S_IRUGO | S_IWUSR);
4456 module_param_named(scsi_level, sdebug_scsi_level, int, S_IRUGO);
4457 module_param_named(sector_size, sdebug_sector_size, int, S_IRUGO);
4458 module_param_named(statistics, sdebug_statistics, bool, S_IRUGO | S_IWUSR);
4459 module_param_named(strict, sdebug_strict, bool, S_IRUGO | S_IWUSR);
4460 module_param_named(submit_queues, submit_queues, int, S_IRUGO);
4461 module_param_named(unmap_alignment, sdebug_unmap_alignment, int, S_IRUGO);
4462 module_param_named(unmap_granularity, sdebug_unmap_granularity, int, S_IRUGO);
4463 module_param_named(unmap_max_blocks, sdebug_unmap_max_blocks, int, S_IRUGO);
4464 module_param_named(unmap_max_desc, sdebug_unmap_max_desc, int, S_IRUGO);
4465 module_param_named(virtual_gb, sdebug_virtual_gb, int, S_IRUGO | S_IWUSR);
4466 module_param_named(uuid_ctl, sdebug_uuid_ctl, int, S_IRUGO);
4467 module_param_named(vpd_use_hostno, sdebug_vpd_use_hostno, int,
4468 S_IRUGO | S_IWUSR);
4469 module_param_named(wp, sdebug_wp, bool, S_IRUGO | S_IWUSR);
4470 module_param_named(write_same_length, sdebug_write_same_length, int,
4471 S_IRUGO | S_IWUSR);
4472
4473 MODULE_AUTHOR("Eric Youngdale + Douglas Gilbert");
4474 MODULE_DESCRIPTION("SCSI debug adapter driver");
4475 MODULE_LICENSE("GPL");
4476 MODULE_VERSION(SDEBUG_VERSION);
4477
4478 MODULE_PARM_DESC(add_host, "0..127 hosts allowed(def=1)");
4479 MODULE_PARM_DESC(ato, "application tag ownership: 0=disk 1=host (def=1)");
4480 MODULE_PARM_DESC(cdb_len, "suggest CDB lengths to drivers (def=10)");
4481 MODULE_PARM_DESC(clustering, "when set enables larger transfers (def=0)");
4482 MODULE_PARM_DESC(delay, "response delay (def=1 jiffy); 0:imm, -1,-2:tiny");
4483 MODULE_PARM_DESC(dev_size_mb, "size in MiB of ram shared by devs(def=8)");
4484 MODULE_PARM_DESC(dif, "data integrity field type: 0-3 (def=0)");
4485 MODULE_PARM_DESC(dix, "data integrity extensions mask (def=0)");
4486 MODULE_PARM_DESC(dsense, "use descriptor sense format(def=0 -> fixed)");
4487 MODULE_PARM_DESC(every_nth, "timeout every nth command(def=0)");
4488 MODULE_PARM_DESC(fake_rw, "fake reads/writes instead of copying (def=0)");
4489 MODULE_PARM_DESC(guard, "protection checksum: 0=crc, 1=ip (def=0)");
4490 MODULE_PARM_DESC(host_lock, "host_lock is ignored (def=0)");
4491 MODULE_PARM_DESC(inq_vendor, "SCSI INQUIRY vendor string (def=\"Linux\")");
4492 MODULE_PARM_DESC(inq_product, "SCSI INQUIRY product string (def=\"scsi_debug\")");
4493 MODULE_PARM_DESC(inq_rev, "SCSI INQUIRY revision string (def=\""
4494 SDEBUG_VERSION "\")");
4495 MODULE_PARM_DESC(lbpu, "enable LBP, support UNMAP command (def=0)");
4496 MODULE_PARM_DESC(lbpws, "enable LBP, support WRITE SAME(16) with UNMAP bit (def=0)");
4497 MODULE_PARM_DESC(lbpws10, "enable LBP, support WRITE SAME(10) with UNMAP bit (def=0)");
4498 MODULE_PARM_DESC(lbprz,
4499 "on read unmapped LBs return 0 when 1 (def), return 0xff when 2");
4500 MODULE_PARM_DESC(lowest_aligned, "lowest aligned lba (def=0)");
4501 MODULE_PARM_DESC(max_luns, "number of LUNs per target to simulate(def=1)");
4502 MODULE_PARM_DESC(max_queue, "max number of queued commands (1 to max(def))");
4503 MODULE_PARM_DESC(medium_error_start, "starting sector number to return MEDIUM error");
4504 MODULE_PARM_DESC(medium_error_count, "count of sectors to return follow on MEDIUM error");
4505 MODULE_PARM_DESC(ndelay, "response delay in nanoseconds (def=0 -> ignore)");
4506 MODULE_PARM_DESC(no_lun_0, "no LU number 0 (def=0 -> have lun 0)");
4507 MODULE_PARM_DESC(no_uld, "stop ULD (e.g. sd driver) attaching (def=0))");
4508 MODULE_PARM_DESC(num_parts, "number of partitions(def=0)");
4509 MODULE_PARM_DESC(num_tgts, "number of targets per host to simulate(def=1)");
4510 MODULE_PARM_DESC(opt_blks, "optimal transfer length in blocks (def=1024)");
4511 MODULE_PARM_DESC(opts, "1->noise, 2->medium_err, 4->timeout, 8->recovered_err... (def=0)");
4512 MODULE_PARM_DESC(physblk_exp, "physical block exponent (def=0)");
4513 MODULE_PARM_DESC(opt_xferlen_exp, "optimal transfer length granularity exponent (def=physblk_exp)");
4514 MODULE_PARM_DESC(ptype, "SCSI peripheral type(def=0[disk])");
4515 MODULE_PARM_DESC(removable, "claim to have removable media (def=0)");
4516 MODULE_PARM_DESC(scsi_level, "SCSI level to simulate(def=7[SPC-5])");
4517 MODULE_PARM_DESC(sector_size, "logical block size in bytes (def=512)");
4518 MODULE_PARM_DESC(statistics, "collect statistics on commands, queues (def=0)");
4519 MODULE_PARM_DESC(strict, "stricter checks: reserved field in cdb (def=0)");
4520 MODULE_PARM_DESC(submit_queues, "support for block multi-queue (def=1)");
4521 MODULE_PARM_DESC(unmap_alignment, "lowest aligned thin provisioning lba (def=0)");
4522 MODULE_PARM_DESC(unmap_granularity, "thin provisioning granularity in blocks (def=1)");
4523 MODULE_PARM_DESC(unmap_max_blocks, "max # of blocks can be unmapped in one cmd (def=0xffffffff)");
4524 MODULE_PARM_DESC(unmap_max_desc, "max # of ranges that can be unmapped in one cmd (def=256)");
4525 MODULE_PARM_DESC(uuid_ctl,
4526 "1->use uuid for lu name, 0->don't, 2->all use same (def=0)");
4527 MODULE_PARM_DESC(virtual_gb, "virtual gigabyte (GiB) size (def=0 -> use dev_size_mb)");
4528 MODULE_PARM_DESC(vpd_use_hostno, "0 -> dev ids ignore hostno (def=1 -> unique dev ids)");
4529 MODULE_PARM_DESC(wp, "Write Protect (def=0)");
4530 MODULE_PARM_DESC(write_same_length, "Maximum blocks per WRITE SAME cmd (def=0xffff)");
4531
4532 #define SDEBUG_INFO_LEN 256
4533 static char sdebug_info[SDEBUG_INFO_LEN];
4534
4535 static const char *scsi_debug_info(struct Scsi_Host *shp)
4536 {
4537 int k;
4538
4539 k = scnprintf(sdebug_info, SDEBUG_INFO_LEN, "%s: version %s [%s]\n",
4540 my_name, SDEBUG_VERSION, sdebug_version_date);
4541 if (k >= (SDEBUG_INFO_LEN - 1))
4542 return sdebug_info;
4543 scnprintf(sdebug_info + k, SDEBUG_INFO_LEN - k,
4544 " dev_size_mb=%d, opts=0x%x, submit_queues=%d, %s=%d",
4545 sdebug_dev_size_mb, sdebug_opts, submit_queues,
4546 "statistics", (int)sdebug_statistics);
4547 return sdebug_info;
4548 }
4549
4550 /* 'echo <val> > /proc/scsi/scsi_debug/<host_id>' writes to opts */
4551 static int scsi_debug_write_info(struct Scsi_Host *host, char *buffer,
4552 int length)
4553 {
4554 char arr[16];
4555 int opts;
4556 int minLen = length > 15 ? 15 : length;
4557
4558 if (!capable(CAP_SYS_ADMIN) || !capable(CAP_SYS_RAWIO))
4559 return -EACCES;
4560 memcpy(arr, buffer, minLen);
4561 arr[minLen] = '\0';
4562 if (1 != sscanf(arr, "%d", &opts))
4563 return -EINVAL;
4564 sdebug_opts = opts;
4565 sdebug_verbose = !!(SDEBUG_OPT_NOISE & opts);
4566 sdebug_any_injecting_opt = !!(SDEBUG_OPT_ALL_INJECTING & opts);
4567 if (sdebug_every_nth != 0)
4568 tweak_cmnd_count();
4569 return length;
4570 }
4571
4572 /* Output seen with 'cat /proc/scsi/scsi_debug/<host_id>'. It will be the
4573 * same for each scsi_debug host (if more than one). Some of the counters
4574 * output are not atomics so might be inaccurate in a busy system. */
4575 static int scsi_debug_show_info(struct seq_file *m, struct Scsi_Host *host)
4576 {
4577 int f, j, l;
4578 struct sdebug_queue *sqp;
4579
4580 seq_printf(m, "scsi_debug adapter driver, version %s [%s]\n",
4581 SDEBUG_VERSION, sdebug_version_date);
4582 seq_printf(m, "num_tgts=%d, %ssize=%d MB, opts=0x%x, every_nth=%d\n",
4583 sdebug_num_tgts, "shared (ram) ", sdebug_dev_size_mb,
4584 sdebug_opts, sdebug_every_nth);
4585 seq_printf(m, "delay=%d, ndelay=%d, max_luns=%d, sector_size=%d %s\n",
4586 sdebug_jdelay, sdebug_ndelay, sdebug_max_luns,
4587 sdebug_sector_size, "bytes");
4588 seq_printf(m, "cylinders=%d, heads=%d, sectors=%d, command aborts=%d\n",
4589 sdebug_cylinders_per, sdebug_heads, sdebug_sectors_per,
4590 num_aborts);
4591 seq_printf(m, "RESETs: device=%d, target=%d, bus=%d, host=%d\n",
4592 num_dev_resets, num_target_resets, num_bus_resets,
4593 num_host_resets);
4594 seq_printf(m, "dix_reads=%d, dix_writes=%d, dif_errors=%d\n",
4595 dix_reads, dix_writes, dif_errors);
4596 seq_printf(m, "usec_in_jiffy=%lu, statistics=%d\n", TICK_NSEC / 1000,
4597 sdebug_statistics);
4598 seq_printf(m, "cmnd_count=%d, completions=%d, %s=%d, a_tsf=%d\n",
4599 atomic_read(&sdebug_cmnd_count),
4600 atomic_read(&sdebug_completions),
4601 "miss_cpus", atomic_read(&sdebug_miss_cpus),
4602 atomic_read(&sdebug_a_tsf));
4603
4604 seq_printf(m, "submit_queues=%d\n", submit_queues);
4605 for (j = 0, sqp = sdebug_q_arr; j < submit_queues; ++j, ++sqp) {
4606 seq_printf(m, " queue %d:\n", j);
4607 f = find_first_bit(sqp->in_use_bm, sdebug_max_queue);
4608 if (f != sdebug_max_queue) {
4609 l = find_last_bit(sqp->in_use_bm, sdebug_max_queue);
4610 seq_printf(m, " in_use_bm BUSY: %s: %d,%d\n",
4611 "first,last bits", f, l);
4612 }
4613 }
4614 return 0;
4615 }
4616
4617 static ssize_t delay_show(struct device_driver *ddp, char *buf)
4618 {
4619 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_jdelay);
4620 }
4621 /* Returns -EBUSY if jdelay is being changed and commands are queued. The unit
4622 * of delay is jiffies.
4623 */
4624 static ssize_t delay_store(struct device_driver *ddp, const char *buf,
4625 size_t count)
4626 {
4627 int jdelay, res;
4628
4629 if (count > 0 && sscanf(buf, "%d", &jdelay) == 1) {
4630 res = count;
4631 if (sdebug_jdelay != jdelay) {
4632 int j, k;
4633 struct sdebug_queue *sqp;
4634
4635 block_unblock_all_queues(true);
4636 for (j = 0, sqp = sdebug_q_arr; j < submit_queues;
4637 ++j, ++sqp) {
4638 k = find_first_bit(sqp->in_use_bm,
4639 sdebug_max_queue);
4640 if (k != sdebug_max_queue) {
4641 res = -EBUSY; /* queued commands */
4642 break;
4643 }
4644 }
4645 if (res > 0) {
4646 sdebug_jdelay = jdelay;
4647 sdebug_ndelay = 0;
4648 }
4649 block_unblock_all_queues(false);
4650 }
4651 return res;
4652 }
4653 return -EINVAL;
4654 }
4655 static DRIVER_ATTR_RW(delay);
4656
4657 static ssize_t ndelay_show(struct device_driver *ddp, char *buf)
4658 {
4659 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_ndelay);
4660 }
4661 /* Returns -EBUSY if ndelay is being changed and commands are queued */
4662 /* If > 0 and accepted then sdebug_jdelay is set to JDELAY_OVERRIDDEN */
4663 static ssize_t ndelay_store(struct device_driver *ddp, const char *buf,
4664 size_t count)
4665 {
4666 int ndelay, res;
4667
4668 if ((count > 0) && (1 == sscanf(buf, "%d", &ndelay)) &&
4669 (ndelay >= 0) && (ndelay < (1000 * 1000 * 1000))) {
4670 res = count;
4671 if (sdebug_ndelay != ndelay) {
4672 int j, k;
4673 struct sdebug_queue *sqp;
4674
4675 block_unblock_all_queues(true);
4676 for (j = 0, sqp = sdebug_q_arr; j < submit_queues;
4677 ++j, ++sqp) {
4678 k = find_first_bit(sqp->in_use_bm,
4679 sdebug_max_queue);
4680 if (k != sdebug_max_queue) {
4681 res = -EBUSY; /* queued commands */
4682 break;
4683 }
4684 }
4685 if (res > 0) {
4686 sdebug_ndelay = ndelay;
4687 sdebug_jdelay = ndelay ? JDELAY_OVERRIDDEN
4688 : DEF_JDELAY;
4689 }
4690 block_unblock_all_queues(false);
4691 }
4692 return res;
4693 }
4694 return -EINVAL;
4695 }
4696 static DRIVER_ATTR_RW(ndelay);
4697
4698 static ssize_t opts_show(struct device_driver *ddp, char *buf)
4699 {
4700 return scnprintf(buf, PAGE_SIZE, "0x%x\n", sdebug_opts);
4701 }
4702
4703 static ssize_t opts_store(struct device_driver *ddp, const char *buf,
4704 size_t count)
4705 {
4706 int opts;
4707 char work[20];
4708
4709 if (sscanf(buf, "%10s", work) == 1) {
4710 if (strncasecmp(work, "0x", 2) == 0) {
4711 if (kstrtoint(work + 2, 16, &opts) == 0)
4712 goto opts_done;
4713 } else {
4714 if (kstrtoint(work, 10, &opts) == 0)
4715 goto opts_done;
4716 }
4717 }
4718 return -EINVAL;
4719 opts_done:
4720 sdebug_opts = opts;
4721 sdebug_verbose = !!(SDEBUG_OPT_NOISE & opts);
4722 sdebug_any_injecting_opt = !!(SDEBUG_OPT_ALL_INJECTING & opts);
4723 tweak_cmnd_count();
4724 return count;
4725 }
4726 static DRIVER_ATTR_RW(opts);
4727
4728 static ssize_t ptype_show(struct device_driver *ddp, char *buf)
4729 {
4730 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_ptype);
4731 }
4732 static ssize_t ptype_store(struct device_driver *ddp, const char *buf,
4733 size_t count)
4734 {
4735 int n;
4736
4737 if ((count > 0) && (1 == sscanf(buf, "%d", &n)) && (n >= 0)) {
4738 sdebug_ptype = n;
4739 return count;
4740 }
4741 return -EINVAL;
4742 }
4743 static DRIVER_ATTR_RW(ptype);
4744
4745 static ssize_t dsense_show(struct device_driver *ddp, char *buf)
4746 {
4747 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_dsense);
4748 }
4749 static ssize_t dsense_store(struct device_driver *ddp, const char *buf,
4750 size_t count)
4751 {
4752 int n;
4753
4754 if ((count > 0) && (1 == sscanf(buf, "%d", &n)) && (n >= 0)) {
4755 sdebug_dsense = n;
4756 return count;
4757 }
4758 return -EINVAL;
4759 }
4760 static DRIVER_ATTR_RW(dsense);
4761
4762 static ssize_t fake_rw_show(struct device_driver *ddp, char *buf)
4763 {
4764 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_fake_rw);
4765 }
4766 static ssize_t fake_rw_store(struct device_driver *ddp, const char *buf,
4767 size_t count)
4768 {
4769 int n;
4770
4771 if ((count > 0) && (1 == sscanf(buf, "%d", &n)) && (n >= 0)) {
4772 n = (n > 0);
4773 sdebug_fake_rw = (sdebug_fake_rw > 0);
4774 if (sdebug_fake_rw != n) {
4775 if ((0 == n) && (NULL == fake_storep)) {
4776 unsigned long sz =
4777 (unsigned long)sdebug_dev_size_mb *
4778 1048576;
4779
4780 fake_storep = vzalloc(sz);
4781 if (NULL == fake_storep) {
4782 pr_err("out of memory, 9\n");
4783 return -ENOMEM;
4784 }
4785 }
4786 sdebug_fake_rw = n;
4787 }
4788 return count;
4789 }
4790 return -EINVAL;
4791 }
4792 static DRIVER_ATTR_RW(fake_rw);
4793
4794 static ssize_t no_lun_0_show(struct device_driver *ddp, char *buf)
4795 {
4796 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_no_lun_0);
4797 }
4798 static ssize_t no_lun_0_store(struct device_driver *ddp, const char *buf,
4799 size_t count)
4800 {
4801 int n;
4802
4803 if ((count > 0) && (1 == sscanf(buf, "%d", &n)) && (n >= 0)) {
4804 sdebug_no_lun_0 = n;
4805 return count;
4806 }
4807 return -EINVAL;
4808 }
4809 static DRIVER_ATTR_RW(no_lun_0);
4810
4811 static ssize_t num_tgts_show(struct device_driver *ddp, char *buf)
4812 {
4813 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_num_tgts);
4814 }
4815 static ssize_t num_tgts_store(struct device_driver *ddp, const char *buf,
4816 size_t count)
4817 {
4818 int n;
4819
4820 if ((count > 0) && (1 == sscanf(buf, "%d", &n)) && (n >= 0)) {
4821 sdebug_num_tgts = n;
4822 sdebug_max_tgts_luns();
4823 return count;
4824 }
4825 return -EINVAL;
4826 }
4827 static DRIVER_ATTR_RW(num_tgts);
4828
4829 static ssize_t dev_size_mb_show(struct device_driver *ddp, char *buf)
4830 {
4831 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_dev_size_mb);
4832 }
4833 static DRIVER_ATTR_RO(dev_size_mb);
4834
4835 static ssize_t num_parts_show(struct device_driver *ddp, char *buf)
4836 {
4837 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_num_parts);
4838 }
4839 static DRIVER_ATTR_RO(num_parts);
4840
4841 static ssize_t every_nth_show(struct device_driver *ddp, char *buf)
4842 {
4843 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_every_nth);
4844 }
4845 static ssize_t every_nth_store(struct device_driver *ddp, const char *buf,
4846 size_t count)
4847 {
4848 int nth;
4849
4850 if ((count > 0) && (1 == sscanf(buf, "%d", &nth))) {
4851 sdebug_every_nth = nth;
4852 if (nth && !sdebug_statistics) {
4853 pr_info("every_nth needs statistics=1, set it\n");
4854 sdebug_statistics = true;
4855 }
4856 tweak_cmnd_count();
4857 return count;
4858 }
4859 return -EINVAL;
4860 }
4861 static DRIVER_ATTR_RW(every_nth);
4862
4863 static ssize_t max_luns_show(struct device_driver *ddp, char *buf)
4864 {
4865 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_max_luns);
4866 }
4867 static ssize_t max_luns_store(struct device_driver *ddp, const char *buf,
4868 size_t count)
4869 {
4870 int n;
4871 bool changed;
4872
4873 if ((count > 0) && (1 == sscanf(buf, "%d", &n)) && (n >= 0)) {
4874 if (n > 256) {
4875 pr_warn("max_luns can be no more than 256\n");
4876 return -EINVAL;
4877 }
4878 changed = (sdebug_max_luns != n);
4879 sdebug_max_luns = n;
4880 sdebug_max_tgts_luns();
4881 if (changed && (sdebug_scsi_level >= 5)) { /* >= SPC-3 */
4882 struct sdebug_host_info *sdhp;
4883 struct sdebug_dev_info *dp;
4884
4885 spin_lock(&sdebug_host_list_lock);
4886 list_for_each_entry(sdhp, &sdebug_host_list,
4887 host_list) {
4888 list_for_each_entry(dp, &sdhp->dev_info_list,
4889 dev_list) {
4890 set_bit(SDEBUG_UA_LUNS_CHANGED,
4891 dp->uas_bm);
4892 }
4893 }
4894 spin_unlock(&sdebug_host_list_lock);
4895 }
4896 return count;
4897 }
4898 return -EINVAL;
4899 }
4900 static DRIVER_ATTR_RW(max_luns);
4901
4902 static ssize_t max_queue_show(struct device_driver *ddp, char *buf)
4903 {
4904 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_max_queue);
4905 }
4906 /* N.B. max_queue can be changed while there are queued commands. In flight
4907 * commands beyond the new max_queue will be completed. */
4908 static ssize_t max_queue_store(struct device_driver *ddp, const char *buf,
4909 size_t count)
4910 {
4911 int j, n, k, a;
4912 struct sdebug_queue *sqp;
4913
4914 if ((count > 0) && (1 == sscanf(buf, "%d", &n)) && (n > 0) &&
4915 (n <= SDEBUG_CANQUEUE)) {
4916 block_unblock_all_queues(true);
4917 k = 0;
4918 for (j = 0, sqp = sdebug_q_arr; j < submit_queues;
4919 ++j, ++sqp) {
4920 a = find_last_bit(sqp->in_use_bm, SDEBUG_CANQUEUE);
4921 if (a > k)
4922 k = a;
4923 }
4924 sdebug_max_queue = n;
4925 if (k == SDEBUG_CANQUEUE)
4926 atomic_set(&retired_max_queue, 0);
4927 else if (k >= n)
4928 atomic_set(&retired_max_queue, k + 1);
4929 else
4930 atomic_set(&retired_max_queue, 0);
4931 block_unblock_all_queues(false);
4932 return count;
4933 }
4934 return -EINVAL;
4935 }
4936 static DRIVER_ATTR_RW(max_queue);
4937
4938 static ssize_t no_uld_show(struct device_driver *ddp, char *buf)
4939 {
4940 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_no_uld);
4941 }
4942 static DRIVER_ATTR_RO(no_uld);
4943
4944 static ssize_t scsi_level_show(struct device_driver *ddp, char *buf)
4945 {
4946 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_scsi_level);
4947 }
4948 static DRIVER_ATTR_RO(scsi_level);
4949
4950 static ssize_t virtual_gb_show(struct device_driver *ddp, char *buf)
4951 {
4952 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_virtual_gb);
4953 }
4954 static ssize_t virtual_gb_store(struct device_driver *ddp, const char *buf,
4955 size_t count)
4956 {
4957 int n;
4958 bool changed;
4959
4960 if ((count > 0) && (1 == sscanf(buf, "%d", &n)) && (n >= 0)) {
4961 changed = (sdebug_virtual_gb != n);
4962 sdebug_virtual_gb = n;
4963 sdebug_capacity = get_sdebug_capacity();
4964 if (changed) {
4965 struct sdebug_host_info *sdhp;
4966 struct sdebug_dev_info *dp;
4967
4968 spin_lock(&sdebug_host_list_lock);
4969 list_for_each_entry(sdhp, &sdebug_host_list,
4970 host_list) {
4971 list_for_each_entry(dp, &sdhp->dev_info_list,
4972 dev_list) {
4973 set_bit(SDEBUG_UA_CAPACITY_CHANGED,
4974 dp->uas_bm);
4975 }
4976 }
4977 spin_unlock(&sdebug_host_list_lock);
4978 }
4979 return count;
4980 }
4981 return -EINVAL;
4982 }
4983 static DRIVER_ATTR_RW(virtual_gb);
4984
4985 static ssize_t add_host_show(struct device_driver *ddp, char *buf)
4986 {
4987 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_add_host);
4988 }
4989
4990 static int sdebug_add_adapter(void);
4991 static void sdebug_remove_adapter(void);
4992
4993 static ssize_t add_host_store(struct device_driver *ddp, const char *buf,
4994 size_t count)
4995 {
4996 int delta_hosts;
4997
4998 if (sscanf(buf, "%d", &delta_hosts) != 1)
4999 return -EINVAL;
5000 if (delta_hosts > 0) {
5001 do {
5002 sdebug_add_adapter();
5003 } while (--delta_hosts);
5004 } else if (delta_hosts < 0) {
5005 do {
5006 sdebug_remove_adapter();
5007 } while (++delta_hosts);
5008 }
5009 return count;
5010 }
5011 static DRIVER_ATTR_RW(add_host);
5012
5013 static ssize_t vpd_use_hostno_show(struct device_driver *ddp, char *buf)
5014 {
5015 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_vpd_use_hostno);
5016 }
5017 static ssize_t vpd_use_hostno_store(struct device_driver *ddp, const char *buf,
5018 size_t count)
5019 {
5020 int n;
5021
5022 if ((count > 0) && (1 == sscanf(buf, "%d", &n)) && (n >= 0)) {
5023 sdebug_vpd_use_hostno = n;
5024 return count;
5025 }
5026 return -EINVAL;
5027 }
5028 static DRIVER_ATTR_RW(vpd_use_hostno);
5029
5030 static ssize_t statistics_show(struct device_driver *ddp, char *buf)
5031 {
5032 return scnprintf(buf, PAGE_SIZE, "%d\n", (int)sdebug_statistics);
5033 }
5034 static ssize_t statistics_store(struct device_driver *ddp, const char *buf,
5035 size_t count)
5036 {
5037 int n;
5038
5039 if ((count > 0) && (sscanf(buf, "%d", &n) == 1) && (n >= 0)) {
5040 if (n > 0)
5041 sdebug_statistics = true;
5042 else {
5043 clear_queue_stats();
5044 sdebug_statistics = false;
5045 }
5046 return count;
5047 }
5048 return -EINVAL;
5049 }
5050 static DRIVER_ATTR_RW(statistics);
5051
5052 static ssize_t sector_size_show(struct device_driver *ddp, char *buf)
5053 {
5054 return scnprintf(buf, PAGE_SIZE, "%u\n", sdebug_sector_size);
5055 }
5056 static DRIVER_ATTR_RO(sector_size);
5057
5058 static ssize_t submit_queues_show(struct device_driver *ddp, char *buf)
5059 {
5060 return scnprintf(buf, PAGE_SIZE, "%d\n", submit_queues);
5061 }
5062 static DRIVER_ATTR_RO(submit_queues);
5063
5064 static ssize_t dix_show(struct device_driver *ddp, char *buf)
5065 {
5066 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_dix);
5067 }
5068 static DRIVER_ATTR_RO(dix);
5069
5070 static ssize_t dif_show(struct device_driver *ddp, char *buf)
5071 {
5072 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_dif);
5073 }
5074 static DRIVER_ATTR_RO(dif);
5075
5076 static ssize_t guard_show(struct device_driver *ddp, char *buf)
5077 {
5078 return scnprintf(buf, PAGE_SIZE, "%u\n", sdebug_guard);
5079 }
5080 static DRIVER_ATTR_RO(guard);
5081
5082 static ssize_t ato_show(struct device_driver *ddp, char *buf)
5083 {
5084 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_ato);
5085 }
5086 static DRIVER_ATTR_RO(ato);
5087
5088 static ssize_t map_show(struct device_driver *ddp, char *buf)
5089 {
5090 ssize_t count;
5091
5092 if (!scsi_debug_lbp())
5093 return scnprintf(buf, PAGE_SIZE, "0-%u\n",
5094 sdebug_store_sectors);
5095
5096 count = scnprintf(buf, PAGE_SIZE - 1, "%*pbl",
5097 (int)map_size, map_storep);
5098 buf[count++] = '\n';
5099 buf[count] = '\0';
5100
5101 return count;
5102 }
5103 static DRIVER_ATTR_RO(map);
5104
5105 static ssize_t removable_show(struct device_driver *ddp, char *buf)
5106 {
5107 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_removable ? 1 : 0);
5108 }
5109 static ssize_t removable_store(struct device_driver *ddp, const char *buf,
5110 size_t count)
5111 {
5112 int n;
5113
5114 if ((count > 0) && (1 == sscanf(buf, "%d", &n)) && (n >= 0)) {
5115 sdebug_removable = (n > 0);
5116 return count;
5117 }
5118 return -EINVAL;
5119 }
5120 static DRIVER_ATTR_RW(removable);
5121
5122 static ssize_t host_lock_show(struct device_driver *ddp, char *buf)
5123 {
5124 return scnprintf(buf, PAGE_SIZE, "%d\n", !!sdebug_host_lock);
5125 }
5126 /* N.B. sdebug_host_lock does nothing, kept for backward compatibility */
5127 static ssize_t host_lock_store(struct device_driver *ddp, const char *buf,
5128 size_t count)
5129 {
5130 int n;
5131
5132 if ((count > 0) && (1 == sscanf(buf, "%d", &n)) && (n >= 0)) {
5133 sdebug_host_lock = (n > 0);
5134 return count;
5135 }
5136 return -EINVAL;
5137 }
5138 static DRIVER_ATTR_RW(host_lock);
5139
5140 static ssize_t strict_show(struct device_driver *ddp, char *buf)
5141 {
5142 return scnprintf(buf, PAGE_SIZE, "%d\n", !!sdebug_strict);
5143 }
5144 static ssize_t strict_store(struct device_driver *ddp, const char *buf,
5145 size_t count)
5146 {
5147 int n;
5148
5149 if ((count > 0) && (1 == sscanf(buf, "%d", &n)) && (n >= 0)) {
5150 sdebug_strict = (n > 0);
5151 return count;
5152 }
5153 return -EINVAL;
5154 }
5155 static DRIVER_ATTR_RW(strict);
5156
5157 static ssize_t uuid_ctl_show(struct device_driver *ddp, char *buf)
5158 {
5159 return scnprintf(buf, PAGE_SIZE, "%d\n", !!sdebug_uuid_ctl);
5160 }
5161 static DRIVER_ATTR_RO(uuid_ctl);
5162
5163 static ssize_t cdb_len_show(struct device_driver *ddp, char *buf)
5164 {
5165 return scnprintf(buf, PAGE_SIZE, "%d\n", sdebug_cdb_len);
5166 }
5167 static ssize_t cdb_len_store(struct device_driver *ddp, const char *buf,
5168 size_t count)
5169 {
5170 int ret, n;
5171
5172 ret = kstrtoint(buf, 0, &n);
5173 if (ret)
5174 return ret;
5175 sdebug_cdb_len = n;
5176 all_config_cdb_len();
5177 return count;
5178 }
5179 static DRIVER_ATTR_RW(cdb_len);
5180
5181
5182 /* Note: The following array creates attribute files in the
5183 /sys/bus/pseudo/drivers/scsi_debug directory. The advantage of these
5184 files (over those found in the /sys/module/scsi_debug/parameters
5185 directory) is that auxiliary actions can be triggered when an attribute
5186 is changed. For example see: sdebug_add_host_store() above.
5187 */
5188
5189 static struct attribute *sdebug_drv_attrs[] = {
5190 &driver_attr_delay.attr,
5191 &driver_attr_opts.attr,
5192 &driver_attr_ptype.attr,
5193 &driver_attr_dsense.attr,
5194 &driver_attr_fake_rw.attr,
5195 &driver_attr_no_lun_0.attr,
5196 &driver_attr_num_tgts.attr,
5197 &driver_attr_dev_size_mb.attr,
5198 &driver_attr_num_parts.attr,
5199 &driver_attr_every_nth.attr,
5200 &driver_attr_max_luns.attr,
5201 &driver_attr_max_queue.attr,
5202 &driver_attr_no_uld.attr,
5203 &driver_attr_scsi_level.attr,
5204 &driver_attr_virtual_gb.attr,
5205 &driver_attr_add_host.attr,
5206 &driver_attr_vpd_use_hostno.attr,
5207 &driver_attr_sector_size.attr,
5208 &driver_attr_statistics.attr,
5209 &driver_attr_submit_queues.attr,
5210 &driver_attr_dix.attr,
5211 &driver_attr_dif.attr,
5212 &driver_attr_guard.attr,
5213 &driver_attr_ato.attr,
5214 &driver_attr_map.attr,
5215 &driver_attr_removable.attr,
5216 &driver_attr_host_lock.attr,
5217 &driver_attr_ndelay.attr,
5218 &driver_attr_strict.attr,
5219 &driver_attr_uuid_ctl.attr,
5220 &driver_attr_cdb_len.attr,
5221 NULL,
5222 };
5223 ATTRIBUTE_GROUPS(sdebug_drv);
5224
5225 static struct device *pseudo_primary;
5226
5227 static int __init scsi_debug_init(void)
5228 {
5229 unsigned long sz;
5230 int host_to_add;
5231 int k;
5232 int ret;
5233
5234 atomic_set(&retired_max_queue, 0);
5235
5236 if (sdebug_ndelay >= 1000 * 1000 * 1000) {
5237 pr_warn("ndelay must be less than 1 second, ignored\n");
5238 sdebug_ndelay = 0;
5239 } else if (sdebug_ndelay > 0)
5240 sdebug_jdelay = JDELAY_OVERRIDDEN;
5241
5242 switch (sdebug_sector_size) {
5243 case 512:
5244 case 1024:
5245 case 2048:
5246 case 4096:
5247 break;
5248 default:
5249 pr_err("invalid sector_size %d\n", sdebug_sector_size);
5250 return -EINVAL;
5251 }
5252
5253 switch (sdebug_dif) {
5254 case T10_PI_TYPE0_PROTECTION:
5255 break;
5256 case T10_PI_TYPE1_PROTECTION:
5257 case T10_PI_TYPE2_PROTECTION:
5258 case T10_PI_TYPE3_PROTECTION:
5259 have_dif_prot = true;
5260 break;
5261
5262 default:
5263 pr_err("dif must be 0, 1, 2 or 3\n");
5264 return -EINVAL;
5265 }
5266
5267 if (sdebug_num_tgts < 0) {
5268 pr_err("num_tgts must be >= 0\n");
5269 return -EINVAL;
5270 }
5271
5272 if (sdebug_guard > 1) {
5273 pr_err("guard must be 0 or 1\n");
5274 return -EINVAL;
5275 }
5276
5277 if (sdebug_ato > 1) {
5278 pr_err("ato must be 0 or 1\n");
5279 return -EINVAL;
5280 }
5281
5282 if (sdebug_physblk_exp > 15) {
5283 pr_err("invalid physblk_exp %u\n", sdebug_physblk_exp);
5284 return -EINVAL;
5285 }
5286 if (sdebug_max_luns > 256) {
5287 pr_warn("max_luns can be no more than 256, use default\n");
5288 sdebug_max_luns = DEF_MAX_LUNS;
5289 }
5290
5291 if (sdebug_lowest_aligned > 0x3fff) {
5292 pr_err("lowest_aligned too big: %u\n", sdebug_lowest_aligned);
5293 return -EINVAL;
5294 }
5295
5296 if (submit_queues < 1) {
5297 pr_err("submit_queues must be 1 or more\n");
5298 return -EINVAL;
5299 }
5300 sdebug_q_arr = kcalloc(submit_queues, sizeof(struct sdebug_queue),
5301 GFP_KERNEL);
5302 if (sdebug_q_arr == NULL)
5303 return -ENOMEM;
5304 for (k = 0; k < submit_queues; ++k)
5305 spin_lock_init(&sdebug_q_arr[k].qc_lock);
5306
5307 if (sdebug_dev_size_mb < 1)
5308 sdebug_dev_size_mb = 1; /* force minimum 1 MB ramdisk */
5309 sz = (unsigned long)sdebug_dev_size_mb * 1048576;
5310 sdebug_store_sectors = sz / sdebug_sector_size;
5311 sdebug_capacity = get_sdebug_capacity();
5312
5313 /* play around with geometry, don't waste too much on track 0 */
5314 sdebug_heads = 8;
5315 sdebug_sectors_per = 32;
5316 if (sdebug_dev_size_mb >= 256)
5317 sdebug_heads = 64;
5318 else if (sdebug_dev_size_mb >= 16)
5319 sdebug_heads = 32;
5320 sdebug_cylinders_per = (unsigned long)sdebug_capacity /
5321 (sdebug_sectors_per * sdebug_heads);
5322 if (sdebug_cylinders_per >= 1024) {
5323 /* other LLDs do this; implies >= 1GB ram disk ... */
5324 sdebug_heads = 255;
5325 sdebug_sectors_per = 63;
5326 sdebug_cylinders_per = (unsigned long)sdebug_capacity /
5327 (sdebug_sectors_per * sdebug_heads);
5328 }
5329
5330 if (sdebug_fake_rw == 0) {
5331 fake_storep = vzalloc(sz);
5332 if (NULL == fake_storep) {
5333 pr_err("out of memory, 1\n");
5334 ret = -ENOMEM;
5335 goto free_q_arr;
5336 }
5337 if (sdebug_num_parts > 0)
5338 sdebug_build_parts(fake_storep, sz);
5339 }
5340
5341 if (sdebug_dix) {
5342 int dif_size;
5343
5344 dif_size = sdebug_store_sectors * sizeof(struct t10_pi_tuple);
5345 dif_storep = vmalloc(dif_size);
5346
5347 pr_err("dif_storep %u bytes @ %p\n", dif_size, dif_storep);
5348
5349 if (dif_storep == NULL) {
5350 pr_err("out of mem. (DIX)\n");
5351 ret = -ENOMEM;
5352 goto free_vm;
5353 }
5354
5355 memset(dif_storep, 0xff, dif_size);
5356 }
5357
5358 /* Logical Block Provisioning */
5359 if (scsi_debug_lbp()) {
5360 sdebug_unmap_max_blocks =
5361 clamp(sdebug_unmap_max_blocks, 0U, 0xffffffffU);
5362
5363 sdebug_unmap_max_desc =
5364 clamp(sdebug_unmap_max_desc, 0U, 256U);
5365
5366 sdebug_unmap_granularity =
5367 clamp(sdebug_unmap_granularity, 1U, 0xffffffffU);
5368
5369 if (sdebug_unmap_alignment &&
5370 sdebug_unmap_granularity <=
5371 sdebug_unmap_alignment) {
5372 pr_err("ERR: unmap_granularity <= unmap_alignment\n");
5373 ret = -EINVAL;
5374 goto free_vm;
5375 }
5376
5377 map_size = lba_to_map_index(sdebug_store_sectors - 1) + 1;
5378 map_storep = vmalloc(array_size(sizeof(long),
5379 BITS_TO_LONGS(map_size)));
5380
5381 pr_info("%lu provisioning blocks\n", map_size);
5382
5383 if (map_storep == NULL) {
5384 pr_err("out of mem. (MAP)\n");
5385 ret = -ENOMEM;
5386 goto free_vm;
5387 }
5388
5389 bitmap_zero(map_storep, map_size);
5390
5391 /* Map first 1KB for partition table */
5392 if (sdebug_num_parts)
5393 map_region(0, 2);
5394 }
5395
5396 pseudo_primary = root_device_register("pseudo_0");
5397 if (IS_ERR(pseudo_primary)) {
5398 pr_warn("root_device_register() error\n");
5399 ret = PTR_ERR(pseudo_primary);
5400 goto free_vm;
5401 }
5402 ret = bus_register(&pseudo_lld_bus);
5403 if (ret < 0) {
5404 pr_warn("bus_register error: %d\n", ret);
5405 goto dev_unreg;
5406 }
5407 ret = driver_register(&sdebug_driverfs_driver);
5408 if (ret < 0) {
5409 pr_warn("driver_register error: %d\n", ret);
5410 goto bus_unreg;
5411 }
5412
5413 host_to_add = sdebug_add_host;
5414 sdebug_add_host = 0;
5415
5416 for (k = 0; k < host_to_add; k++) {
5417 if (sdebug_add_adapter()) {
5418 pr_err("sdebug_add_adapter failed k=%d\n", k);
5419 break;
5420 }
5421 }
5422
5423 if (sdebug_verbose)
5424 pr_info("built %d host(s)\n", sdebug_add_host);
5425
5426 return 0;
5427
5428 bus_unreg:
5429 bus_unregister(&pseudo_lld_bus);
5430 dev_unreg:
5431 root_device_unregister(pseudo_primary);
5432 free_vm:
5433 vfree(map_storep);
5434 vfree(dif_storep);
5435 vfree(fake_storep);
5436 free_q_arr:
5437 kfree(sdebug_q_arr);
5438 return ret;
5439 }
5440
5441 static void __exit scsi_debug_exit(void)
5442 {
5443 int k = sdebug_add_host;
5444
5445 stop_all_queued();
5446 for (; k; k--)
5447 sdebug_remove_adapter();
5448 free_all_queued();
5449 driver_unregister(&sdebug_driverfs_driver);
5450 bus_unregister(&pseudo_lld_bus);
5451 root_device_unregister(pseudo_primary);
5452
5453 vfree(map_storep);
5454 vfree(dif_storep);
5455 vfree(fake_storep);
5456 kfree(sdebug_q_arr);
5457 }
5458
5459 device_initcall(scsi_debug_init);
5460 module_exit(scsi_debug_exit);
5461
5462 static void sdebug_release_adapter(struct device *dev)
5463 {
5464 struct sdebug_host_info *sdbg_host;
5465
5466 sdbg_host = to_sdebug_host(dev);
5467 kfree(sdbg_host);
5468 }
5469
5470 static int sdebug_add_adapter(void)
5471 {
5472 int k, devs_per_host;
5473 int error = 0;
5474 struct sdebug_host_info *sdbg_host;
5475 struct sdebug_dev_info *sdbg_devinfo, *tmp;
5476
5477 sdbg_host = kzalloc(sizeof(*sdbg_host), GFP_KERNEL);
5478 if (sdbg_host == NULL) {
5479 pr_err("out of memory at line %d\n", __LINE__);
5480 return -ENOMEM;
5481 }
5482
5483 INIT_LIST_HEAD(&sdbg_host->dev_info_list);
5484
5485 devs_per_host = sdebug_num_tgts * sdebug_max_luns;
5486 for (k = 0; k < devs_per_host; k++) {
5487 sdbg_devinfo = sdebug_device_create(sdbg_host, GFP_KERNEL);
5488 if (!sdbg_devinfo) {
5489 pr_err("out of memory at line %d\n", __LINE__);
5490 error = -ENOMEM;
5491 goto clean;
5492 }
5493 }
5494
5495 spin_lock(&sdebug_host_list_lock);
5496 list_add_tail(&sdbg_host->host_list, &sdebug_host_list);
5497 spin_unlock(&sdebug_host_list_lock);
5498
5499 sdbg_host->dev.bus = &pseudo_lld_bus;
5500 sdbg_host->dev.parent = pseudo_primary;
5501 sdbg_host->dev.release = &sdebug_release_adapter;
5502 dev_set_name(&sdbg_host->dev, "adapter%d", sdebug_add_host);
5503
5504 error = device_register(&sdbg_host->dev);
5505
5506 if (error)
5507 goto clean;
5508
5509 ++sdebug_add_host;
5510 return error;
5511
5512 clean:
5513 list_for_each_entry_safe(sdbg_devinfo, tmp, &sdbg_host->dev_info_list,
5514 dev_list) {
5515 list_del(&sdbg_devinfo->dev_list);
5516 kfree(sdbg_devinfo);
5517 }
5518
5519 kfree(sdbg_host);
5520 return error;
5521 }
5522
5523 static void sdebug_remove_adapter(void)
5524 {
5525 struct sdebug_host_info *sdbg_host = NULL;
5526
5527 spin_lock(&sdebug_host_list_lock);
5528 if (!list_empty(&sdebug_host_list)) {
5529 sdbg_host = list_entry(sdebug_host_list.prev,
5530 struct sdebug_host_info, host_list);
5531 list_del(&sdbg_host->host_list);
5532 }
5533 spin_unlock(&sdebug_host_list_lock);
5534
5535 if (!sdbg_host)
5536 return;
5537
5538 device_unregister(&sdbg_host->dev);
5539 --sdebug_add_host;
5540 }
5541
5542 static int sdebug_change_qdepth(struct scsi_device *sdev, int qdepth)
5543 {
5544 int num_in_q = 0;
5545 struct sdebug_dev_info *devip;
5546
5547 block_unblock_all_queues(true);
5548 devip = (struct sdebug_dev_info *)sdev->hostdata;
5549 if (NULL == devip) {
5550 block_unblock_all_queues(false);
5551 return -ENODEV;
5552 }
5553 num_in_q = atomic_read(&devip->num_in_q);
5554
5555 if (qdepth < 1)
5556 qdepth = 1;
5557 /* allow to exceed max host qc_arr elements for testing */
5558 if (qdepth > SDEBUG_CANQUEUE + 10)
5559 qdepth = SDEBUG_CANQUEUE + 10;
5560 scsi_change_queue_depth(sdev, qdepth);
5561
5562 if (SDEBUG_OPT_Q_NOISE & sdebug_opts) {
5563 sdev_printk(KERN_INFO, sdev, "%s: qdepth=%d, num_in_q=%d\n",
5564 __func__, qdepth, num_in_q);
5565 }
5566 block_unblock_all_queues(false);
5567 return sdev->queue_depth;
5568 }
5569
5570 static bool fake_timeout(struct scsi_cmnd *scp)
5571 {
5572 if (0 == (atomic_read(&sdebug_cmnd_count) % abs(sdebug_every_nth))) {
5573 if (sdebug_every_nth < -1)
5574 sdebug_every_nth = -1;
5575 if (SDEBUG_OPT_TIMEOUT & sdebug_opts)
5576 return true; /* ignore command causing timeout */
5577 else if (SDEBUG_OPT_MAC_TIMEOUT & sdebug_opts &&
5578 scsi_medium_access_command(scp))
5579 return true; /* time out reads and writes */
5580 }
5581 return false;
5582 }
5583
5584 static bool fake_host_busy(struct scsi_cmnd *scp)
5585 {
5586 return (sdebug_opts & SDEBUG_OPT_HOST_BUSY) &&
5587 (atomic_read(&sdebug_cmnd_count) % abs(sdebug_every_nth)) == 0;
5588 }
5589
5590 static int scsi_debug_queuecommand(struct Scsi_Host *shost,
5591 struct scsi_cmnd *scp)
5592 {
5593 u8 sdeb_i;
5594 struct scsi_device *sdp = scp->device;
5595 const struct opcode_info_t *oip;
5596 const struct opcode_info_t *r_oip;
5597 struct sdebug_dev_info *devip;
5598 u8 *cmd = scp->cmnd;
5599 int (*r_pfp)(struct scsi_cmnd *, struct sdebug_dev_info *);
5600 int (*pfp)(struct scsi_cmnd *, struct sdebug_dev_info *) = NULL;
5601 int k, na;
5602 int errsts = 0;
5603 u32 flags;
5604 u16 sa;
5605 u8 opcode = cmd[0];
5606 bool has_wlun_rl;
5607
5608 scsi_set_resid(scp, 0);
5609 if (sdebug_statistics)
5610 atomic_inc(&sdebug_cmnd_count);
5611 if (unlikely(sdebug_verbose &&
5612 !(SDEBUG_OPT_NO_CDB_NOISE & sdebug_opts))) {
5613 char b[120];
5614 int n, len, sb;
5615
5616 len = scp->cmd_len;
5617 sb = (int)sizeof(b);
5618 if (len > 32)
5619 strcpy(b, "too long, over 32 bytes");
5620 else {
5621 for (k = 0, n = 0; k < len && n < sb; ++k)
5622 n += scnprintf(b + n, sb - n, "%02x ",
5623 (u32)cmd[k]);
5624 }
5625 sdev_printk(KERN_INFO, sdp, "%s: tag=%#x, cmd %s\n", my_name,
5626 blk_mq_unique_tag(scp->request), b);
5627 }
5628 if (fake_host_busy(scp))
5629 return SCSI_MLQUEUE_HOST_BUSY;
5630 has_wlun_rl = (sdp->lun == SCSI_W_LUN_REPORT_LUNS);
5631 if (unlikely((sdp->lun >= sdebug_max_luns) && !has_wlun_rl))
5632 goto err_out;
5633
5634 sdeb_i = opcode_ind_arr[opcode]; /* fully mapped */
5635 oip = &opcode_info_arr[sdeb_i]; /* safe if table consistent */
5636 devip = (struct sdebug_dev_info *)sdp->hostdata;
5637 if (unlikely(!devip)) {
5638 devip = find_build_dev_info(sdp);
5639 if (NULL == devip)
5640 goto err_out;
5641 }
5642 na = oip->num_attached;
5643 r_pfp = oip->pfp;
5644 if (na) { /* multiple commands with this opcode */
5645 r_oip = oip;
5646 if (FF_SA & r_oip->flags) {
5647 if (F_SA_LOW & oip->flags)
5648 sa = 0x1f & cmd[1];
5649 else
5650 sa = get_unaligned_be16(cmd + 8);
5651 for (k = 0; k <= na; oip = r_oip->arrp + k++) {
5652 if (opcode == oip->opcode && sa == oip->sa)
5653 break;
5654 }
5655 } else { /* since no service action only check opcode */
5656 for (k = 0; k <= na; oip = r_oip->arrp + k++) {
5657 if (opcode == oip->opcode)
5658 break;
5659 }
5660 }
5661 if (k > na) {
5662 if (F_SA_LOW & r_oip->flags)
5663 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 1, 4);
5664 else if (F_SA_HIGH & r_oip->flags)
5665 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 8, 7);
5666 else
5667 mk_sense_invalid_opcode(scp);
5668 goto check_cond;
5669 }
5670 } /* else (when na==0) we assume the oip is a match */
5671 flags = oip->flags;
5672 if (unlikely(F_INV_OP & flags)) {
5673 mk_sense_invalid_opcode(scp);
5674 goto check_cond;
5675 }
5676 if (unlikely(has_wlun_rl && !(F_RL_WLUN_OK & flags))) {
5677 if (sdebug_verbose)
5678 sdev_printk(KERN_INFO, sdp, "%s: Opcode 0x%x not%s\n",
5679 my_name, opcode, " supported for wlun");
5680 mk_sense_invalid_opcode(scp);
5681 goto check_cond;
5682 }
5683 if (unlikely(sdebug_strict)) { /* check cdb against mask */
5684 u8 rem;
5685 int j;
5686
5687 for (k = 1; k < oip->len_mask[0] && k < 16; ++k) {
5688 rem = ~oip->len_mask[k] & cmd[k];
5689 if (rem) {
5690 for (j = 7; j >= 0; --j, rem <<= 1) {
5691 if (0x80 & rem)
5692 break;
5693 }
5694 mk_sense_invalid_fld(scp, SDEB_IN_CDB, k, j);
5695 goto check_cond;
5696 }
5697 }
5698 }
5699 if (unlikely(!(F_SKIP_UA & flags) &&
5700 find_first_bit(devip->uas_bm,
5701 SDEBUG_NUM_UAS) != SDEBUG_NUM_UAS)) {
5702 errsts = make_ua(scp, devip);
5703 if (errsts)
5704 goto check_cond;
5705 }
5706 if (unlikely((F_M_ACCESS & flags) && atomic_read(&devip->stopped))) {
5707 mk_sense_buffer(scp, NOT_READY, LOGICAL_UNIT_NOT_READY, 0x2);
5708 if (sdebug_verbose)
5709 sdev_printk(KERN_INFO, sdp, "%s reports: Not ready: "
5710 "%s\n", my_name, "initializing command "
5711 "required");
5712 errsts = check_condition_result;
5713 goto fini;
5714 }
5715 if (sdebug_fake_rw && (F_FAKE_RW & flags))
5716 goto fini;
5717 if (unlikely(sdebug_every_nth)) {
5718 if (fake_timeout(scp))
5719 return 0; /* ignore command: make trouble */
5720 }
5721 if (likely(oip->pfp))
5722 pfp = oip->pfp; /* calls a resp_* function */
5723 else
5724 pfp = r_pfp; /* if leaf function ptr NULL, try the root's */
5725
5726 fini:
5727 if (F_DELAY_OVERR & flags)
5728 return schedule_resp(scp, devip, errsts, pfp, 0, 0);
5729 else if ((flags & F_LONG_DELAY) && (sdebug_jdelay > 0 ||
5730 sdebug_ndelay > 10000)) {
5731 /*
5732 * Skip long delays if ndelay <= 10 microseconds. Otherwise
5733 * for Start Stop Unit (SSU) want at least 1 second delay and
5734 * if sdebug_jdelay>1 want a long delay of that many seconds.
5735 * For Synchronize Cache want 1/20 of SSU's delay.
5736 */
5737 int jdelay = (sdebug_jdelay < 2) ? 1 : sdebug_jdelay;
5738 int denom = (flags & F_SYNC_DELAY) ? 20 : 1;
5739
5740 jdelay = mult_frac(USER_HZ * jdelay, HZ, denom * USER_HZ);
5741 return schedule_resp(scp, devip, errsts, pfp, jdelay, 0);
5742 } else
5743 return schedule_resp(scp, devip, errsts, pfp, sdebug_jdelay,
5744 sdebug_ndelay);
5745 check_cond:
5746 return schedule_resp(scp, devip, check_condition_result, NULL, 0, 0);
5747 err_out:
5748 return schedule_resp(scp, NULL, DID_NO_CONNECT << 16, NULL, 0, 0);
5749 }
5750
5751 static struct scsi_host_template sdebug_driver_template = {
5752 .show_info = scsi_debug_show_info,
5753 .write_info = scsi_debug_write_info,
5754 .proc_name = sdebug_proc_name,
5755 .name = "SCSI DEBUG",
5756 .info = scsi_debug_info,
5757 .slave_alloc = scsi_debug_slave_alloc,
5758 .slave_configure = scsi_debug_slave_configure,
5759 .slave_destroy = scsi_debug_slave_destroy,
5760 .ioctl = scsi_debug_ioctl,
5761 .queuecommand = scsi_debug_queuecommand,
5762 .change_queue_depth = sdebug_change_qdepth,
5763 .eh_abort_handler = scsi_debug_abort,
5764 .eh_device_reset_handler = scsi_debug_device_reset,
5765 .eh_target_reset_handler = scsi_debug_target_reset,
5766 .eh_bus_reset_handler = scsi_debug_bus_reset,
5767 .eh_host_reset_handler = scsi_debug_host_reset,
5768 .can_queue = SDEBUG_CANQUEUE,
5769 .this_id = 7,
5770 .sg_tablesize = SG_MAX_SEGMENTS,
5771 .cmd_per_lun = DEF_CMD_PER_LUN,
5772 .max_sectors = -1U,
5773 .max_segment_size = -1U,
5774 .module = THIS_MODULE,
5775 .track_queue_depth = 1,
5776 };
5777
5778 static int sdebug_driver_probe(struct device *dev)
5779 {
5780 int error = 0;
5781 struct sdebug_host_info *sdbg_host;
5782 struct Scsi_Host *hpnt;
5783 int hprot;
5784
5785 sdbg_host = to_sdebug_host(dev);
5786
5787 sdebug_driver_template.can_queue = sdebug_max_queue;
5788 if (!sdebug_clustering)
5789 sdebug_driver_template.dma_boundary = PAGE_SIZE - 1;
5790
5791 hpnt = scsi_host_alloc(&sdebug_driver_template, sizeof(sdbg_host));
5792 if (NULL == hpnt) {
5793 pr_err("scsi_host_alloc failed\n");
5794 error = -ENODEV;
5795 return error;
5796 }
5797 if (submit_queues > nr_cpu_ids) {
5798 pr_warn("%s: trim submit_queues (was %d) to nr_cpu_ids=%u\n",
5799 my_name, submit_queues, nr_cpu_ids);
5800 submit_queues = nr_cpu_ids;
5801 }
5802 /* Decide whether to tell scsi subsystem that we want mq */
5803 /* Following should give the same answer for each host */
5804 hpnt->nr_hw_queues = submit_queues;
5805
5806 sdbg_host->shost = hpnt;
5807 *((struct sdebug_host_info **)hpnt->hostdata) = sdbg_host;
5808 if ((hpnt->this_id >= 0) && (sdebug_num_tgts > hpnt->this_id))
5809 hpnt->max_id = sdebug_num_tgts + 1;
5810 else
5811 hpnt->max_id = sdebug_num_tgts;
5812 /* = sdebug_max_luns; */
5813 hpnt->max_lun = SCSI_W_LUN_REPORT_LUNS + 1;
5814
5815 hprot = 0;
5816
5817 switch (sdebug_dif) {
5818
5819 case T10_PI_TYPE1_PROTECTION:
5820 hprot = SHOST_DIF_TYPE1_PROTECTION;
5821 if (sdebug_dix)
5822 hprot |= SHOST_DIX_TYPE1_PROTECTION;
5823 break;
5824
5825 case T10_PI_TYPE2_PROTECTION:
5826 hprot = SHOST_DIF_TYPE2_PROTECTION;
5827 if (sdebug_dix)
5828 hprot |= SHOST_DIX_TYPE2_PROTECTION;
5829 break;
5830
5831 case T10_PI_TYPE3_PROTECTION:
5832 hprot = SHOST_DIF_TYPE3_PROTECTION;
5833 if (sdebug_dix)
5834 hprot |= SHOST_DIX_TYPE3_PROTECTION;
5835 break;
5836
5837 default:
5838 if (sdebug_dix)
5839 hprot |= SHOST_DIX_TYPE0_PROTECTION;
5840 break;
5841 }
5842
5843 scsi_host_set_prot(hpnt, hprot);
5844
5845 if (have_dif_prot || sdebug_dix)
5846 pr_info("host protection%s%s%s%s%s%s%s\n",
5847 (hprot & SHOST_DIF_TYPE1_PROTECTION) ? " DIF1" : "",
5848 (hprot & SHOST_DIF_TYPE2_PROTECTION) ? " DIF2" : "",
5849 (hprot & SHOST_DIF_TYPE3_PROTECTION) ? " DIF3" : "",
5850 (hprot & SHOST_DIX_TYPE0_PROTECTION) ? " DIX0" : "",
5851 (hprot & SHOST_DIX_TYPE1_PROTECTION) ? " DIX1" : "",
5852 (hprot & SHOST_DIX_TYPE2_PROTECTION) ? " DIX2" : "",
5853 (hprot & SHOST_DIX_TYPE3_PROTECTION) ? " DIX3" : "");
5854
5855 if (sdebug_guard == 1)
5856 scsi_host_set_guard(hpnt, SHOST_DIX_GUARD_IP);
5857 else
5858 scsi_host_set_guard(hpnt, SHOST_DIX_GUARD_CRC);
5859
5860 sdebug_verbose = !!(SDEBUG_OPT_NOISE & sdebug_opts);
5861 sdebug_any_injecting_opt = !!(SDEBUG_OPT_ALL_INJECTING & sdebug_opts);
5862 if (sdebug_every_nth) /* need stats counters for every_nth */
5863 sdebug_statistics = true;
5864 error = scsi_add_host(hpnt, &sdbg_host->dev);
5865 if (error) {
5866 pr_err("scsi_add_host failed\n");
5867 error = -ENODEV;
5868 scsi_host_put(hpnt);
5869 } else
5870 scsi_scan_host(hpnt);
5871
5872 return error;
5873 }
5874
5875 static int sdebug_driver_remove(struct device *dev)
5876 {
5877 struct sdebug_host_info *sdbg_host;
5878 struct sdebug_dev_info *sdbg_devinfo, *tmp;
5879
5880 sdbg_host = to_sdebug_host(dev);
5881
5882 if (!sdbg_host) {
5883 pr_err("Unable to locate host info\n");
5884 return -ENODEV;
5885 }
5886
5887 scsi_remove_host(sdbg_host->shost);
5888
5889 list_for_each_entry_safe(sdbg_devinfo, tmp, &sdbg_host->dev_info_list,
5890 dev_list) {
5891 list_del(&sdbg_devinfo->dev_list);
5892 kfree(sdbg_devinfo);
5893 }
5894
5895 scsi_host_put(sdbg_host->shost);
5896 return 0;
5897 }
5898
5899 static int pseudo_lld_bus_match(struct device *dev,
5900 struct device_driver *dev_driver)
5901 {
5902 return 1;
5903 }
5904
5905 static struct bus_type pseudo_lld_bus = {
5906 .name = "pseudo",
5907 .match = pseudo_lld_bus_match,
5908 .probe = sdebug_driver_probe,
5909 .remove = sdebug_driver_remove,
5910 .drv_groups = sdebug_drv_groups,
5911 };
Ubuntu Jammy Linux kernel mirror