2 * vvvvvvvvvvvvvvvvvvvvvvv Original vvvvvvvvvvvvvvvvvvvvvvvvvvvvvvv
3 * Copyright (C) 1992 Eric Youngdale
4 * Simulate a host adapter with 2 disks attached. Do a lot of checking
5 * to make sure that we are not getting blocks mixed up, and PANIC if
6 * anything out of the ordinary is seen.
7 * ^^^^^^^^^^^^^^^^^^^^^^^ Original ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
9 * This version is more generic, simulating a variable number of disk
10 * (or disk like devices) sharing a common amount of RAM. To be more
11 * realistic, the simulated devices have the transport attributes of
15 * For documentation see http://sg.danny.cz/sg/sdebug26.html
17 * D. Gilbert (dpg) work for Magneto-Optical device test [20010421]
18 * dpg: work for devfs large number of disks [20010809]
19 * forked for lk 2.5 series [20011216, 20020101]
20 * use vmalloc() more inquiry+mode_sense [20020302]
21 * add timers for delayed responses [20020721]
22 * Patrick Mansfield <patmans@us.ibm.com> max_luns+scsi_level [20021031]
23 * Mike Anderson <andmike@us.ibm.com> sysfs work [20021118]
24 * dpg: change style of boot options to "scsi_debug.num_tgts=2" and
25 * module options to "modprobe scsi_debug num_tgts=2" [20021221]
28 #include <linux/module.h>
30 #include <linux/kernel.h>
31 #include <linux/errno.h>
32 #include <linux/timer.h>
33 #include <linux/slab.h>
34 #include <linux/types.h>
35 #include <linux/string.h>
36 #include <linux/genhd.h>
38 #include <linux/init.h>
39 #include <linux/proc_fs.h>
40 #include <linux/vmalloc.h>
41 #include <linux/moduleparam.h>
42 #include <linux/scatterlist.h>
43 #include <linux/blkdev.h>
44 #include <linux/crc-t10dif.h>
45 #include <linux/spinlock.h>
46 #include <linux/interrupt.h>
47 #include <linux/atomic.h>
48 #include <linux/hrtimer.h>
50 #include <net/checksum.h>
52 #include <asm/unaligned.h>
54 #include <scsi/scsi.h>
55 #include <scsi/scsi_cmnd.h>
56 #include <scsi/scsi_device.h>
57 #include <scsi/scsi_host.h>
58 #include <scsi/scsicam.h>
59 #include <scsi/scsi_eh.h>
60 #include <scsi/scsi_tcq.h>
61 #include <scsi/scsi_dbg.h>
64 #include "scsi_logging.h"
66 #define SCSI_DEBUG_VERSION "1.85"
67 static const char *scsi_debug_version_date = "20141022";
69 #define MY_NAME "scsi_debug"
71 /* Additional Sense Code (ASC) */
72 #define NO_ADDITIONAL_SENSE 0x0
73 #define LOGICAL_UNIT_NOT_READY 0x4
74 #define LOGICAL_UNIT_COMMUNICATION_FAILURE 0x8
75 #define UNRECOVERED_READ_ERR 0x11
76 #define PARAMETER_LIST_LENGTH_ERR 0x1a
77 #define INVALID_OPCODE 0x20
78 #define LBA_OUT_OF_RANGE 0x21
79 #define INVALID_FIELD_IN_CDB 0x24
80 #define INVALID_FIELD_IN_PARAM_LIST 0x26
81 #define UA_RESET_ASC 0x29
82 #define UA_CHANGED_ASC 0x2a
83 #define TARGET_CHANGED_ASC 0x3f
84 #define LUNS_CHANGED_ASCQ 0x0e
85 #define INSUFF_RES_ASC 0x55
86 #define INSUFF_RES_ASCQ 0x3
87 #define POWER_ON_RESET_ASCQ 0x0
88 #define BUS_RESET_ASCQ 0x2 /* scsi bus reset occurred */
89 #define MODE_CHANGED_ASCQ 0x1 /* mode parameters changed */
90 #define CAPACITY_CHANGED_ASCQ 0x9
91 #define SAVING_PARAMS_UNSUP 0x39
92 #define TRANSPORT_PROBLEM 0x4b
93 #define THRESHOLD_EXCEEDED 0x5d
94 #define LOW_POWER_COND_ON 0x5e
95 #define MISCOMPARE_VERIFY_ASC 0x1d
96 #define MICROCODE_CHANGED_ASCQ 0x1 /* with TARGET_CHANGED_ASC */
97 #define MICROCODE_CHANGED_WO_RESET_ASCQ 0x16
99 /* Additional Sense Code Qualifier (ASCQ) */
100 #define ACK_NAK_TO 0x3
103 /* Default values for driver parameters */
104 #define DEF_NUM_HOST 1
105 #define DEF_NUM_TGTS 1
106 #define DEF_MAX_LUNS 1
107 /* With these defaults, this driver will make 1 host with 1 target
108 * (id 0) containing 1 logical unit (lun 0). That is 1 device.
111 #define DEF_DELAY 1 /* if > 0 unit is a jiffy */
112 #define DEF_DEV_SIZE_MB 8
115 #define DEF_D_SENSE 0
116 #define DEF_EVERY_NTH 0
117 #define DEF_FAKE_RW 0
119 #define DEF_HOST_LOCK 0
122 #define DEF_LBPWS10 0
124 #define DEF_LOWEST_ALIGNED 0
125 #define DEF_NDELAY 0 /* if > 0 unit is a nanosecond */
126 #define DEF_NO_LUN_0 0
127 #define DEF_NUM_PARTS 0
129 #define DEF_OPT_BLKS 64
130 #define DEF_PHYSBLK_EXP 0
132 #define DEF_REMOVABLE false
133 #define DEF_SCSI_LEVEL 6 /* INQUIRY, byte2 [6->SPC-4] */
134 #define DEF_SECTOR_SIZE 512
135 #define DEF_UNMAP_ALIGNMENT 0
136 #define DEF_UNMAP_GRANULARITY 1
137 #define DEF_UNMAP_MAX_BLOCKS 0xFFFFFFFF
138 #define DEF_UNMAP_MAX_DESC 256
139 #define DEF_VIRTUAL_GB 0
140 #define DEF_VPD_USE_HOSTNO 1
141 #define DEF_WRITESAME_LENGTH 0xFFFF
143 #define DELAY_OVERRIDDEN -9999
145 /* bit mask values for scsi_debug_opts */
146 #define SCSI_DEBUG_OPT_NOISE 1
147 #define SCSI_DEBUG_OPT_MEDIUM_ERR 2
148 #define SCSI_DEBUG_OPT_TIMEOUT 4
149 #define SCSI_DEBUG_OPT_RECOVERED_ERR 8
150 #define SCSI_DEBUG_OPT_TRANSPORT_ERR 16
151 #define SCSI_DEBUG_OPT_DIF_ERR 32
152 #define SCSI_DEBUG_OPT_DIX_ERR 64
153 #define SCSI_DEBUG_OPT_MAC_TIMEOUT 128
154 #define SCSI_DEBUG_OPT_SHORT_TRANSFER 0x100
155 #define SCSI_DEBUG_OPT_Q_NOISE 0x200
156 #define SCSI_DEBUG_OPT_ALL_TSF 0x400
157 #define SCSI_DEBUG_OPT_RARE_TSF 0x800
158 #define SCSI_DEBUG_OPT_N_WCE 0x1000
159 #define SCSI_DEBUG_OPT_RESET_NOISE 0x2000
160 #define SCSI_DEBUG_OPT_NO_CDB_NOISE 0x4000
161 #define SCSI_DEBUG_OPT_ALL_NOISE (0x1 | 0x200 | 0x2000)
162 /* When "every_nth" > 0 then modulo "every_nth" commands:
163 * - a no response is simulated if SCSI_DEBUG_OPT_TIMEOUT is set
164 * - a RECOVERED_ERROR is simulated on successful read and write
165 * commands if SCSI_DEBUG_OPT_RECOVERED_ERR is set.
166 * - a TRANSPORT_ERROR is simulated on successful read and write
167 * commands if SCSI_DEBUG_OPT_TRANSPORT_ERR is set.
169 * When "every_nth" < 0 then after "- every_nth" commands:
170 * - a no response is simulated if SCSI_DEBUG_OPT_TIMEOUT is set
171 * - a RECOVERED_ERROR is simulated on successful read and write
172 * commands if SCSI_DEBUG_OPT_RECOVERED_ERR is set.
173 * - a TRANSPORT_ERROR is simulated on successful read and write
174 * commands if SCSI_DEBUG_OPT_TRANSPORT_ERR is set.
175 * This will continue until some other action occurs (e.g. the user
176 * writing a new value (other than -1 or 1) to every_nth via sysfs).
179 /* As indicated in SAM-5 and SPC-4 Unit Attentions (UAs)are returned in
180 * priority order. In the subset implemented here lower numbers have higher
181 * priority. The UA numbers should be a sequence starting from 0 with
182 * SDEBUG_NUM_UAS being 1 higher than the highest numbered UA. */
183 #define SDEBUG_UA_POR 0 /* Power on, reset, or bus device reset */
184 #define SDEBUG_UA_BUS_RESET 1
185 #define SDEBUG_UA_MODE_CHANGED 2
186 #define SDEBUG_UA_CAPACITY_CHANGED 3
187 #define SDEBUG_UA_LUNS_CHANGED 4
188 #define SDEBUG_UA_MICROCODE_CHANGED 5 /* simulate firmware change */
189 #define SDEBUG_UA_MICROCODE_CHANGED_WO_RESET 6
190 #define SDEBUG_NUM_UAS 7
192 /* for check_readiness() */
193 #define UAS_ONLY 1 /* check for UAs only */
194 #define UAS_TUR 0 /* if no UAs then check if media access possible */
196 /* when 1==SCSI_DEBUG_OPT_MEDIUM_ERR, a medium error is simulated at this
197 * sector on read commands: */
198 #define OPT_MEDIUM_ERR_ADDR 0x1234 /* that's sector 4660 in decimal */
199 #define OPT_MEDIUM_ERR_NUM 10 /* number of consecutive medium errs */
201 /* If REPORT LUNS has luns >= 256 it can choose "flat space" (value 1)
202 * or "peripheral device" addressing (value 0) */
203 #define SAM2_LUN_ADDRESS_METHOD 0
204 #define SAM2_WLUN_REPORT_LUNS 0xc101
206 /* SCSI_DEBUG_CANQUEUE is the maximum number of commands that can be queued
207 * (for response) at one time. Can be reduced by max_queue option. Command
208 * responses are not queued when delay=0 and ndelay=0. The per-device
209 * DEF_CMD_PER_LUN can be changed via sysfs:
210 * /sys/class/scsi_device/<h:c:t:l>/device/queue_depth but cannot exceed
211 * SCSI_DEBUG_CANQUEUE. */
212 #define SCSI_DEBUG_CANQUEUE_WORDS 9 /* a WORD is bits in a long */
213 #define SCSI_DEBUG_CANQUEUE (SCSI_DEBUG_CANQUEUE_WORDS * BITS_PER_LONG)
214 #define DEF_CMD_PER_LUN 255
216 #if DEF_CMD_PER_LUN > SCSI_DEBUG_CANQUEUE
217 #warning "Expect DEF_CMD_PER_LUN <= SCSI_DEBUG_CANQUEUE"
220 /* SCSI opcodes (first byte of cdb) mapped onto these indexes */
221 enum sdeb_opcode_index {
222 SDEB_I_INVALID_OPCODE = 0,
224 SDEB_I_REPORT_LUNS = 2,
225 SDEB_I_REQUEST_SENSE = 3,
226 SDEB_I_TEST_UNIT_READY = 4,
227 SDEB_I_MODE_SENSE = 5, /* 6, 10 */
228 SDEB_I_MODE_SELECT = 6, /* 6, 10 */
229 SDEB_I_LOG_SENSE = 7,
230 SDEB_I_READ_CAPACITY = 8, /* 10; 16 is in SA_IN(16) */
231 SDEB_I_READ = 9, /* 6, 10, 12, 16 */
232 SDEB_I_WRITE = 10, /* 6, 10, 12, 16 */
233 SDEB_I_START_STOP = 11,
234 SDEB_I_SERV_ACT_IN = 12, /* 12, 16 */
235 SDEB_I_SERV_ACT_OUT = 13, /* 12, 16 */
236 SDEB_I_MAINT_IN = 14,
237 SDEB_I_MAINT_OUT = 15,
238 SDEB_I_VERIFY = 16, /* 10 only */
239 SDEB_I_VARIABLE_LEN = 17,
240 SDEB_I_RESERVE = 18, /* 6, 10 */
241 SDEB_I_RELEASE = 19, /* 6, 10 */
242 SDEB_I_ALLOW_REMOVAL = 20, /* PREVENT ALLOW MEDIUM REMOVAL */
243 SDEB_I_REZERO_UNIT = 21, /* REWIND in SSC */
244 SDEB_I_ATA_PT = 22, /* 12, 16 */
245 SDEB_I_SEND_DIAG = 23,
247 SDEB_I_XDWRITEREAD = 25, /* 10 only */
248 SDEB_I_WRITE_BUFFER = 26,
249 SDEB_I_WRITE_SAME = 27, /* 10, 16 */
250 SDEB_I_SYNC_CACHE = 28, /* 10 only */
251 SDEB_I_COMP_WRITE = 29,
252 SDEB_I_LAST_ELEMENT = 30, /* keep this last */
255 static const unsigned char opcode_ind_arr[256] = {
256 /* 0x0; 0x0->0x1f: 6 byte cdbs */
257 SDEB_I_TEST_UNIT_READY, SDEB_I_REZERO_UNIT, 0, SDEB_I_REQUEST_SENSE,
259 SDEB_I_READ, 0, SDEB_I_WRITE, 0, 0, 0, 0, 0,
260 0, 0, SDEB_I_INQUIRY, 0, 0, SDEB_I_MODE_SELECT, SDEB_I_RESERVE,
262 0, 0, SDEB_I_MODE_SENSE, SDEB_I_START_STOP, 0, SDEB_I_SEND_DIAG,
263 SDEB_I_ALLOW_REMOVAL, 0,
264 /* 0x20; 0x20->0x3f: 10 byte cdbs */
265 0, 0, 0, 0, 0, SDEB_I_READ_CAPACITY, 0, 0,
266 SDEB_I_READ, 0, SDEB_I_WRITE, 0, 0, 0, 0, SDEB_I_VERIFY,
267 0, 0, 0, 0, 0, SDEB_I_SYNC_CACHE, 0, 0,
268 0, 0, 0, SDEB_I_WRITE_BUFFER, 0, 0, 0, 0,
269 /* 0x40; 0x40->0x5f: 10 byte cdbs */
270 0, SDEB_I_WRITE_SAME, SDEB_I_UNMAP, 0, 0, 0, 0, 0,
271 0, 0, 0, 0, 0, SDEB_I_LOG_SENSE, 0, 0,
272 0, 0, 0, SDEB_I_XDWRITEREAD, 0, SDEB_I_MODE_SELECT, SDEB_I_RESERVE,
274 0, 0, SDEB_I_MODE_SENSE, 0, 0, 0, 0, 0,
275 /* 0x60; 0x60->0x7d are reserved */
276 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
277 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
278 0, SDEB_I_VARIABLE_LEN,
279 /* 0x80; 0x80->0x9f: 16 byte cdbs */
280 0, 0, 0, 0, 0, SDEB_I_ATA_PT, 0, 0,
281 SDEB_I_READ, SDEB_I_COMP_WRITE, SDEB_I_WRITE, 0, 0, 0, 0, 0,
282 0, 0, 0, SDEB_I_WRITE_SAME, 0, 0, 0, 0,
283 0, 0, 0, 0, 0, 0, SDEB_I_SERV_ACT_IN, SDEB_I_SERV_ACT_OUT,
284 /* 0xa0; 0xa0->0xbf: 12 byte cdbs */
285 SDEB_I_REPORT_LUNS, SDEB_I_ATA_PT, 0, SDEB_I_MAINT_IN,
286 SDEB_I_MAINT_OUT, 0, 0, 0,
287 SDEB_I_READ, SDEB_I_SERV_ACT_OUT, SDEB_I_WRITE, SDEB_I_SERV_ACT_IN,
289 0, 0, 0, 0, 0, 0, 0, 0,
290 0, 0, 0, 0, 0, 0, 0, 0,
291 /* 0xc0; 0xc0->0xff: vendor specific */
292 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
293 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
294 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
295 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
300 #define F_D_OUT_MAYBE 4 /* WRITE SAME, NDOB bit */
302 #define F_RL_WLUN_OK 0x10
303 #define F_SKIP_UA 0x20
304 #define F_DELAY_OVERR 0x40
305 #define F_SA_LOW 0x80 /* cdb byte 1, bits 4 to 0 */
306 #define F_SA_HIGH 0x100 /* as used by variable length cdbs */
307 #define F_INV_OP 0x200
308 #define F_FAKE_RW 0x400
309 #define F_M_ACCESS 0x800 /* media access */
311 #define FF_RESPOND (F_RL_WLUN_OK | F_SKIP_UA | F_DELAY_OVERR)
312 #define FF_DIRECT_IO (F_M_ACCESS | F_FAKE_RW)
313 #define FF_SA (F_SA_HIGH | F_SA_LOW)
315 struct sdebug_dev_info;
316 static int resp_inquiry(struct scsi_cmnd *, struct sdebug_dev_info *);
317 static int resp_report_luns(struct scsi_cmnd *, struct sdebug_dev_info *);
318 static int resp_requests(struct scsi_cmnd *, struct sdebug_dev_info *);
319 static int resp_mode_sense(struct scsi_cmnd *, struct sdebug_dev_info *);
320 static int resp_mode_select(struct scsi_cmnd *, struct sdebug_dev_info *);
321 static int resp_log_sense(struct scsi_cmnd *, struct sdebug_dev_info *);
322 static int resp_readcap(struct scsi_cmnd *, struct sdebug_dev_info *);
323 static int resp_read_dt0(struct scsi_cmnd *, struct sdebug_dev_info *);
324 static int resp_write_dt0(struct scsi_cmnd *, struct sdebug_dev_info *);
325 static int resp_start_stop(struct scsi_cmnd *, struct sdebug_dev_info *);
326 static int resp_readcap16(struct scsi_cmnd *, struct sdebug_dev_info *);
327 static int resp_get_lba_status(struct scsi_cmnd *, struct sdebug_dev_info *);
328 static int resp_report_tgtpgs(struct scsi_cmnd *, struct sdebug_dev_info *);
329 static int resp_unmap(struct scsi_cmnd *, struct sdebug_dev_info *);
330 static int resp_rsup_opcodes(struct scsi_cmnd *, struct sdebug_dev_info *);
331 static int resp_rsup_tmfs(struct scsi_cmnd *, struct sdebug_dev_info *);
332 static int resp_write_same_10(struct scsi_cmnd *, struct sdebug_dev_info *);
333 static int resp_write_same_16(struct scsi_cmnd *, struct sdebug_dev_info *);
334 static int resp_xdwriteread_10(struct scsi_cmnd *, struct sdebug_dev_info *);
335 static int resp_comp_write(struct scsi_cmnd *, struct sdebug_dev_info *);
336 static int resp_write_buffer(struct scsi_cmnd *, struct sdebug_dev_info *);
338 struct opcode_info_t {
339 u8 num_attached; /* 0 if this is it (i.e. a leaf); use 0xff
340 * for terminating element */
341 u8 opcode; /* if num_attached > 0, preferred */
342 u16 sa; /* service action */
343 u32 flags; /* OR-ed set of SDEB_F_* */
344 int (*pfp)(struct scsi_cmnd *, struct sdebug_dev_info *);
345 const struct opcode_info_t *arrp; /* num_attached elements or NULL */
346 u8 len_mask[16]; /* len=len_mask[0], then mask for cdb[1]... */
347 /* ignore cdb bytes after position 15 */
350 static const struct opcode_info_t msense_iarr[1] = {
351 {0, 0x1a, 0, F_D_IN, NULL, NULL,
352 {6, 0xe8, 0xff, 0xff, 0xff, 0xc7, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} },
355 static const struct opcode_info_t mselect_iarr[1] = {
356 {0, 0x15, 0, F_D_OUT, NULL, NULL,
357 {6, 0xf1, 0, 0, 0xff, 0xc7, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} },
360 static const struct opcode_info_t read_iarr[3] = {
361 {0, 0x28, 0, F_D_IN | FF_DIRECT_IO, resp_read_dt0, NULL,/* READ(10) */
362 {10, 0xff, 0xff, 0xff, 0xff, 0xff, 0x1f, 0xff, 0xff, 0xc7, 0, 0,
364 {0, 0x8, 0, F_D_IN | FF_DIRECT_IO, resp_read_dt0, NULL, /* READ(6) */
365 {6, 0xff, 0xff, 0xff, 0xff, 0xc7, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} },
366 {0, 0xa8, 0, F_D_IN | FF_DIRECT_IO, resp_read_dt0, NULL,/* READ(12) */
367 {12, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0x9f,
371 static const struct opcode_info_t write_iarr[3] = {
372 {0, 0x2a, 0, F_D_OUT | FF_DIRECT_IO, resp_write_dt0, NULL, /* 10 */
373 {10, 0xfb, 0xff, 0xff, 0xff, 0xff, 0x1f, 0xff, 0xff, 0xc7, 0, 0,
375 {0, 0xa, 0, F_D_OUT | FF_DIRECT_IO, resp_write_dt0, NULL, /* 6 */
376 {6, 0xff, 0xff, 0xff, 0xff, 0xc7, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} },
377 {0, 0xaa, 0, F_D_OUT | FF_DIRECT_IO, resp_write_dt0, NULL, /* 12 */
378 {12, 0xfb, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0x9f,
382 static const struct opcode_info_t sa_in_iarr[1] = {
383 {0, 0x9e, 0x12, F_SA_LOW | F_D_IN, resp_get_lba_status, NULL,
384 {16, 0x12, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
385 0xff, 0xff, 0xff, 0, 0xc7} },
388 static const struct opcode_info_t vl_iarr[1] = { /* VARIABLE LENGTH */
389 {0, 0x7f, 0xb, F_SA_HIGH | F_D_OUT | FF_DIRECT_IO, resp_write_dt0,
390 NULL, {32, 0xc7, 0, 0, 0, 0, 0x1f, 0x18, 0x0, 0xb, 0xfa,
391 0, 0xff, 0xff, 0xff, 0xff} }, /* WRITE(32) */
394 static const struct opcode_info_t maint_in_iarr[2] = {
395 {0, 0xa3, 0xc, F_SA_LOW | F_D_IN, resp_rsup_opcodes, NULL,
396 {12, 0xc, 0x87, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0,
398 {0, 0xa3, 0xd, F_SA_LOW | F_D_IN, resp_rsup_tmfs, NULL,
399 {12, 0xd, 0x80, 0, 0, 0, 0xff, 0xff, 0xff, 0xff, 0, 0xc7, 0, 0,
403 static const struct opcode_info_t write_same_iarr[1] = {
404 {0, 0x93, 0, F_D_OUT_MAYBE | FF_DIRECT_IO, resp_write_same_16, NULL,
405 {16, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
406 0xff, 0xff, 0xff, 0x1f, 0xc7} },
409 static const struct opcode_info_t reserve_iarr[1] = {
410 {0, 0x16, 0, F_D_OUT, NULL, NULL, /* RESERVE(6) */
411 {6, 0x1f, 0xff, 0xff, 0xff, 0xc7, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} },
414 static const struct opcode_info_t release_iarr[1] = {
415 {0, 0x17, 0, F_D_OUT, NULL, NULL, /* RELEASE(6) */
416 {6, 0x1f, 0xff, 0, 0, 0xc7, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} },
420 /* This array is accessed via SDEB_I_* values. Make sure all are mapped,
421 * plus the terminating elements for logic that scans this table such as
422 * REPORT SUPPORTED OPERATION CODES. */
423 static const struct opcode_info_t opcode_info_arr[SDEB_I_LAST_ELEMENT + 1] = {
425 {0, 0, 0, F_INV_OP | FF_RESPOND, NULL, NULL,
426 {0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} },
427 {0, 0x12, 0, FF_RESPOND | F_D_IN, resp_inquiry, NULL,
428 {6, 0xe3, 0xff, 0xff, 0xff, 0xc7, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} },
429 {0, 0xa0, 0, FF_RESPOND | F_D_IN, resp_report_luns, NULL,
430 {12, 0xe3, 0xff, 0, 0, 0, 0xff, 0xff, 0xff, 0xff, 0, 0xc7, 0, 0,
432 {0, 0x3, 0, FF_RESPOND | F_D_IN, resp_requests, NULL,
433 {6, 0xe1, 0, 0, 0xff, 0xc7, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} },
434 {0, 0x0, 0, F_M_ACCESS | F_RL_WLUN_OK, NULL, NULL,/* TEST UNIT READY */
435 {6, 0, 0, 0, 0, 0xc7, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} },
436 {1, 0x5a, 0, F_D_IN, resp_mode_sense, msense_iarr,
437 {10, 0xf8, 0xff, 0xff, 0, 0, 0, 0xff, 0xff, 0xc7, 0, 0, 0, 0, 0,
439 {1, 0x55, 0, F_D_OUT, resp_mode_select, mselect_iarr,
440 {10, 0xf1, 0, 0, 0, 0, 0, 0xff, 0xff, 0xc7, 0, 0, 0, 0, 0, 0} },
441 {0, 0x4d, 0, F_D_IN, resp_log_sense, NULL,
442 {10, 0xe3, 0xff, 0xff, 0, 0xff, 0xff, 0xff, 0xff, 0xc7, 0, 0, 0,
444 {0, 0x25, 0, F_D_IN, resp_readcap, NULL,
445 {10, 0xe1, 0xff, 0xff, 0xff, 0xff, 0, 0, 0x1, 0xc7, 0, 0, 0, 0,
447 {3, 0x88, 0, F_D_IN | FF_DIRECT_IO, resp_read_dt0, read_iarr,
448 {16, 0xfe, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
449 0xff, 0xff, 0xff, 0x9f, 0xc7} }, /* READ(16) */
451 {3, 0x8a, 0, F_D_OUT | FF_DIRECT_IO, resp_write_dt0, write_iarr,
452 {16, 0xfa, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
453 0xff, 0xff, 0xff, 0x9f, 0xc7} }, /* WRITE(16) */
454 {0, 0x1b, 0, 0, resp_start_stop, NULL, /* START STOP UNIT */
455 {6, 0x1, 0, 0xf, 0xf7, 0xc7, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} },
456 {1, 0x9e, 0x10, F_SA_LOW | F_D_IN, resp_readcap16, sa_in_iarr,
457 {16, 0x10, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
458 0xff, 0xff, 0xff, 0x1, 0xc7} }, /* READ CAPACITY(16) */
459 {0, 0, 0, F_INV_OP | FF_RESPOND, NULL, NULL, /* SA OUT */
460 {0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} },
461 {2, 0xa3, 0xa, F_SA_LOW | F_D_IN, resp_report_tgtpgs, maint_in_iarr,
462 {12, 0xea, 0, 0, 0, 0, 0xff, 0xff, 0xff, 0xff, 0, 0xc7, 0, 0, 0,
464 {0, 0, 0, F_INV_OP | FF_RESPOND, NULL, NULL, /* MAINT OUT */
465 {0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} },
466 {0, 0, 0, F_INV_OP | FF_RESPOND, NULL, NULL, /* VERIFY */
467 {0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} },
468 {1, 0x7f, 0x9, F_SA_HIGH | F_D_IN | FF_DIRECT_IO, resp_read_dt0,
469 vl_iarr, {32, 0xc7, 0, 0, 0, 0, 0x1f, 0x18, 0x0, 0x9, 0xfe, 0,
470 0xff, 0xff, 0xff, 0xff} },/* VARIABLE LENGTH, READ(32) */
471 {1, 0x56, 0, F_D_OUT, NULL, reserve_iarr, /* RESERVE(10) */
472 {10, 0xff, 0xff, 0xff, 0, 0, 0, 0xff, 0xff, 0xc7, 0, 0, 0, 0, 0,
474 {1, 0x57, 0, F_D_OUT, NULL, release_iarr, /* RELEASE(10) */
475 {10, 0x13, 0xff, 0xff, 0, 0, 0, 0xff, 0xff, 0xc7, 0, 0, 0, 0, 0,
478 {0, 0, 0, F_INV_OP | FF_RESPOND, NULL, NULL, /* ALLOW REMOVAL */
479 {0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} },
480 {0, 0x1, 0, 0, resp_start_stop, NULL, /* REWIND ?? */
481 {6, 0x1, 0, 0, 0, 0xc7, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} },
482 {0, 0, 0, F_INV_OP | FF_RESPOND, NULL, NULL, /* ATA_PT */
483 {0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} },
484 {0, 0x1d, F_D_OUT, 0, NULL, NULL, /* SEND DIAGNOSTIC */
485 {6, 0xf7, 0, 0xff, 0xff, 0xc7, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} },
486 {0, 0x42, 0, F_D_OUT | FF_DIRECT_IO, resp_unmap, NULL, /* UNMAP */
487 {10, 0x1, 0, 0, 0, 0, 0x1f, 0xff, 0xff, 0xc7, 0, 0, 0, 0, 0, 0} },
488 {0, 0x53, 0, F_D_IN | F_D_OUT | FF_DIRECT_IO, resp_xdwriteread_10,
489 NULL, {10, 0xff, 0xff, 0xff, 0xff, 0xff, 0x1f, 0xff, 0xff, 0xc7,
491 {0, 0x3b, 0, F_D_OUT_MAYBE, resp_write_buffer, NULL,
492 {10, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xc7, 0, 0,
493 0, 0, 0, 0} }, /* WRITE_BUFFER */
494 {1, 0x41, 0, F_D_OUT_MAYBE | FF_DIRECT_IO, resp_write_same_10,
495 write_same_iarr, {10, 0xff, 0xff, 0xff, 0xff, 0xff, 0x1f, 0xff,
496 0xff, 0xc7, 0, 0, 0, 0, 0, 0} },
497 {0, 0x35, 0, F_DELAY_OVERR | FF_DIRECT_IO, NULL, NULL, /* SYNC_CACHE */
498 {10, 0x7, 0xff, 0xff, 0xff, 0xff, 0x1f, 0xff, 0xff, 0xc7, 0, 0,
500 {0, 0x89, 0, F_D_OUT | FF_DIRECT_IO, resp_comp_write, NULL,
501 {16, 0xf8, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0, 0,
502 0, 0xff, 0x1f, 0xc7} }, /* COMPARE AND WRITE */
505 {0xff, 0, 0, 0, NULL, NULL, /* terminating element */
506 {0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} },
509 struct sdebug_scmd_extra_t {
517 static int scsi_debug_add_host = DEF_NUM_HOST;
518 static int scsi_debug_ato = DEF_ATO;
519 static int scsi_debug_delay = DEF_DELAY;
520 static int scsi_debug_dev_size_mb = DEF_DEV_SIZE_MB;
521 static int scsi_debug_dif = DEF_DIF;
522 static int scsi_debug_dix = DEF_DIX;
523 static int scsi_debug_dsense = DEF_D_SENSE;
524 static int scsi_debug_every_nth = DEF_EVERY_NTH;
525 static int scsi_debug_fake_rw = DEF_FAKE_RW;
526 static unsigned int scsi_debug_guard = DEF_GUARD;
527 static int scsi_debug_lowest_aligned = DEF_LOWEST_ALIGNED;
528 static int scsi_debug_max_luns = DEF_MAX_LUNS;
529 static int scsi_debug_max_queue = SCSI_DEBUG_CANQUEUE;
530 static atomic_t retired_max_queue; /* if > 0 then was prior max_queue */
531 static int scsi_debug_ndelay = DEF_NDELAY;
532 static int scsi_debug_no_lun_0 = DEF_NO_LUN_0;
533 static int scsi_debug_no_uld = 0;
534 static int scsi_debug_num_parts = DEF_NUM_PARTS;
535 static int scsi_debug_num_tgts = DEF_NUM_TGTS; /* targets per host */
536 static int scsi_debug_opt_blks = DEF_OPT_BLKS;
537 static int scsi_debug_opts = DEF_OPTS;
538 static int scsi_debug_physblk_exp = DEF_PHYSBLK_EXP;
539 static int scsi_debug_ptype = DEF_PTYPE; /* SCSI peripheral type (0==disk) */
540 static int scsi_debug_scsi_level = DEF_SCSI_LEVEL;
541 static int scsi_debug_sector_size = DEF_SECTOR_SIZE;
542 static int scsi_debug_virtual_gb = DEF_VIRTUAL_GB;
543 static int scsi_debug_vpd_use_hostno = DEF_VPD_USE_HOSTNO;
544 static unsigned int scsi_debug_lbpu = DEF_LBPU;
545 static unsigned int scsi_debug_lbpws = DEF_LBPWS;
546 static unsigned int scsi_debug_lbpws10 = DEF_LBPWS10;
547 static unsigned int scsi_debug_lbprz = DEF_LBPRZ;
548 static unsigned int scsi_debug_unmap_alignment = DEF_UNMAP_ALIGNMENT;
549 static unsigned int scsi_debug_unmap_granularity = DEF_UNMAP_GRANULARITY;
550 static unsigned int scsi_debug_unmap_max_blocks = DEF_UNMAP_MAX_BLOCKS;
551 static unsigned int scsi_debug_unmap_max_desc = DEF_UNMAP_MAX_DESC;
552 static unsigned int scsi_debug_write_same_length = DEF_WRITESAME_LENGTH;
553 static bool scsi_debug_removable = DEF_REMOVABLE;
554 static bool scsi_debug_clustering;
555 static bool scsi_debug_host_lock = DEF_HOST_LOCK;
556 static bool scsi_debug_strict = DEF_STRICT;
557 static bool sdebug_any_injecting_opt;
559 static atomic_t sdebug_cmnd_count;
560 static atomic_t sdebug_completions;
561 static atomic_t sdebug_a_tsf; /* counter of 'almost' TSFs */
563 #define DEV_READONLY(TGT) (0)
565 static unsigned int sdebug_store_sectors;
566 static sector_t sdebug_capacity; /* in sectors */
568 /* old BIOS stuff, kernel may get rid of them but some mode sense pages
569 may still need them */
570 static int sdebug_heads; /* heads per disk */
571 static int sdebug_cylinders_per; /* cylinders per surface */
572 static int sdebug_sectors_per; /* sectors per cylinder */
574 #define SDEBUG_MAX_PARTS 4
576 #define SCSI_DEBUG_MAX_CMD_LEN 32
578 static unsigned int scsi_debug_lbp(void)
580 return ((0 == scsi_debug_fake_rw) &&
581 (scsi_debug_lbpu | scsi_debug_lbpws | scsi_debug_lbpws10));
584 struct sdebug_dev_info {
585 struct list_head dev_list;
586 unsigned int channel;
589 struct sdebug_host_info *sdbg_host;
590 unsigned long uas_bm[1];
592 char stopped; /* TODO: should be atomic */
596 struct sdebug_host_info {
597 struct list_head host_list;
598 struct Scsi_Host *shost;
600 struct list_head dev_info_list;
603 #define to_sdebug_host(d) \
604 container_of(d, struct sdebug_host_info, dev)
606 static LIST_HEAD(sdebug_host_list);
607 static DEFINE_SPINLOCK(sdebug_host_list_lock);
610 struct sdebug_hrtimer { /* ... is derived from hrtimer */
611 struct hrtimer hrt; /* must be first element */
615 struct sdebug_queued_cmd {
616 /* in_use flagged by a bit in queued_in_use_bm[] */
617 struct timer_list *cmnd_timerp;
618 struct tasklet_struct *tletp;
619 struct sdebug_hrtimer *sd_hrtp;
620 struct scsi_cmnd * a_cmnd;
622 static struct sdebug_queued_cmd queued_arr[SCSI_DEBUG_CANQUEUE];
623 static unsigned long queued_in_use_bm[SCSI_DEBUG_CANQUEUE_WORDS];
626 static unsigned char * fake_storep; /* ramdisk storage */
627 static struct sd_dif_tuple *dif_storep; /* protection info */
628 static void *map_storep; /* provisioning map */
630 static unsigned long map_size;
631 static int num_aborts;
632 static int num_dev_resets;
633 static int num_target_resets;
634 static int num_bus_resets;
635 static int num_host_resets;
636 static int dix_writes;
637 static int dix_reads;
638 static int dif_errors;
640 static DEFINE_SPINLOCK(queued_arr_lock);
641 static DEFINE_RWLOCK(atomic_rw);
643 static char sdebug_proc_name[] = MY_NAME;
644 static const char *my_name = MY_NAME;
646 static struct bus_type pseudo_lld_bus;
648 static struct device_driver sdebug_driverfs_driver = {
649 .name = sdebug_proc_name,
650 .bus = &pseudo_lld_bus,
653 static const int check_condition_result =
654 (DRIVER_SENSE << 24) | SAM_STAT_CHECK_CONDITION;
656 static const int illegal_condition_result =
657 (DRIVER_SENSE << 24) | (DID_ABORT << 16) | SAM_STAT_CHECK_CONDITION;
659 static const int device_qfull_result =
660 (DID_OK << 16) | (COMMAND_COMPLETE << 8) | SAM_STAT_TASK_SET_FULL;
662 static unsigned char caching_pg[] = {0x8, 18, 0x14, 0, 0xff, 0xff, 0, 0,
663 0xff, 0xff, 0xff, 0xff, 0x80, 0x14, 0, 0,
665 static unsigned char ctrl_m_pg[] = {0xa, 10, 2, 0, 0, 0, 0, 0,
667 static unsigned char iec_m_pg[] = {0x1c, 0xa, 0x08, 0, 0, 0, 0, 0,
670 static void *fake_store(unsigned long long lba)
672 lba = do_div(lba, sdebug_store_sectors);
674 return fake_storep + lba * scsi_debug_sector_size;
677 static struct sd_dif_tuple *dif_store(sector_t sector)
679 sector = do_div(sector, sdebug_store_sectors);
681 return dif_storep + sector;
684 static int sdebug_add_adapter(void);
685 static void sdebug_remove_adapter(void);
687 static void sdebug_max_tgts_luns(void)
689 struct sdebug_host_info *sdbg_host;
690 struct Scsi_Host *hpnt;
692 spin_lock(&sdebug_host_list_lock);
693 list_for_each_entry(sdbg_host, &sdebug_host_list, host_list) {
694 hpnt = sdbg_host->shost;
695 if ((hpnt->this_id >= 0) &&
696 (scsi_debug_num_tgts > hpnt->this_id))
697 hpnt->max_id = scsi_debug_num_tgts + 1;
699 hpnt->max_id = scsi_debug_num_tgts;
700 /* scsi_debug_max_luns; */
701 hpnt->max_lun = SAM2_WLUN_REPORT_LUNS;
703 spin_unlock(&sdebug_host_list_lock);
706 enum sdeb_cmd_data {SDEB_IN_DATA = 0, SDEB_IN_CDB = 1};
708 /* Set in_bit to -1 to indicate no bit position of invalid field */
710 mk_sense_invalid_fld(struct scsi_cmnd *scp, enum sdeb_cmd_data c_d,
711 int in_byte, int in_bit)
713 unsigned char *sbuff;
717 sbuff = scp->sense_buffer;
719 sdev_printk(KERN_ERR, scp->device,
720 "%s: sense_buffer is NULL\n", __func__);
723 asc = c_d ? INVALID_FIELD_IN_CDB : INVALID_FIELD_IN_PARAM_LIST;
724 memset(sbuff, 0, SCSI_SENSE_BUFFERSIZE);
725 scsi_build_sense_buffer(scsi_debug_dsense, sbuff, ILLEGAL_REQUEST,
727 memset(sks, 0, sizeof(sks));
733 sks[0] |= 0x7 & in_bit;
735 put_unaligned_be16(in_byte, sks + 1);
736 if (scsi_debug_dsense) {
741 memcpy(sbuff + sl + 4, sks, 3);
743 memcpy(sbuff + 15, sks, 3);
744 if (SCSI_DEBUG_OPT_NOISE & scsi_debug_opts)
745 sdev_printk(KERN_INFO, scp->device, "%s: [sense_key,asc,ascq"
746 "]: [0x5,0x%x,0x0] %c byte=%d, bit=%d\n",
747 my_name, asc, c_d ? 'C' : 'D', in_byte, in_bit);
750 static void mk_sense_buffer(struct scsi_cmnd *scp, int key, int asc, int asq)
752 unsigned char *sbuff;
754 sbuff = scp->sense_buffer;
756 sdev_printk(KERN_ERR, scp->device,
757 "%s: sense_buffer is NULL\n", __func__);
760 memset(sbuff, 0, SCSI_SENSE_BUFFERSIZE);
762 scsi_build_sense_buffer(scsi_debug_dsense, sbuff, key, asc, asq);
764 if (SCSI_DEBUG_OPT_NOISE & scsi_debug_opts)
765 sdev_printk(KERN_INFO, scp->device,
766 "%s: [sense_key,asc,ascq]: [0x%x,0x%x,0x%x]\n",
767 my_name, key, asc, asq);
771 mk_sense_invalid_opcode(struct scsi_cmnd *scp)
773 mk_sense_buffer(scp, ILLEGAL_REQUEST, INVALID_OPCODE, 0);
776 static int scsi_debug_ioctl(struct scsi_device *dev, int cmd, void __user *arg)
778 if (SCSI_DEBUG_OPT_NOISE & scsi_debug_opts) {
780 sdev_printk(KERN_INFO, dev,
781 "%s: BLKFLSBUF [0x1261]\n", __func__);
782 else if (0x5331 == cmd)
783 sdev_printk(KERN_INFO, dev,
784 "%s: CDROM_GET_CAPABILITY [0x5331]\n",
787 sdev_printk(KERN_INFO, dev, "%s: cmd=0x%x\n",
791 /* return -ENOTTY; // correct return but upsets fdisk */
794 static void clear_luns_changed_on_target(struct sdebug_dev_info *devip)
796 struct sdebug_host_info *sdhp;
797 struct sdebug_dev_info *dp;
799 spin_lock(&sdebug_host_list_lock);
800 list_for_each_entry(sdhp, &sdebug_host_list, host_list) {
801 list_for_each_entry(dp, &sdhp->dev_info_list, dev_list) {
802 if ((devip->sdbg_host == dp->sdbg_host) &&
803 (devip->target == dp->target))
804 clear_bit(SDEBUG_UA_LUNS_CHANGED, dp->uas_bm);
807 spin_unlock(&sdebug_host_list_lock);
810 static int check_readiness(struct scsi_cmnd *SCpnt, int uas_only,
811 struct sdebug_dev_info * devip)
814 bool debug = !!(SCSI_DEBUG_OPT_NOISE & scsi_debug_opts);
816 k = find_first_bit(devip->uas_bm, SDEBUG_NUM_UAS);
817 if (k != SDEBUG_NUM_UAS) {
818 const char *cp = NULL;
822 mk_sense_buffer(SCpnt, UNIT_ATTENTION,
823 UA_RESET_ASC, POWER_ON_RESET_ASCQ);
825 cp = "power on reset";
827 case SDEBUG_UA_BUS_RESET:
828 mk_sense_buffer(SCpnt, UNIT_ATTENTION,
829 UA_RESET_ASC, BUS_RESET_ASCQ);
833 case SDEBUG_UA_MODE_CHANGED:
834 mk_sense_buffer(SCpnt, UNIT_ATTENTION,
835 UA_CHANGED_ASC, MODE_CHANGED_ASCQ);
837 cp = "mode parameters changed";
839 case SDEBUG_UA_CAPACITY_CHANGED:
840 mk_sense_buffer(SCpnt, UNIT_ATTENTION,
841 UA_CHANGED_ASC, CAPACITY_CHANGED_ASCQ);
843 cp = "capacity data changed";
845 case SDEBUG_UA_MICROCODE_CHANGED:
846 mk_sense_buffer(SCpnt, UNIT_ATTENTION,
847 TARGET_CHANGED_ASC, MICROCODE_CHANGED_ASCQ);
849 cp = "microcode has been changed";
851 case SDEBUG_UA_MICROCODE_CHANGED_WO_RESET:
852 mk_sense_buffer(SCpnt, UNIT_ATTENTION,
854 MICROCODE_CHANGED_WO_RESET_ASCQ);
856 cp = "microcode has been changed without reset";
858 case SDEBUG_UA_LUNS_CHANGED:
860 * SPC-3 behavior is to report a UNIT ATTENTION with
861 * ASC/ASCQ REPORTED LUNS DATA HAS CHANGED on every LUN
862 * on the target, until a REPORT LUNS command is
863 * received. SPC-4 behavior is to report it only once.
864 * NOTE: scsi_debug_scsi_level does not use the same
865 * values as struct scsi_device->scsi_level.
867 if (scsi_debug_scsi_level >= 6) /* SPC-4 and above */
868 clear_luns_changed_on_target(devip);
869 mk_sense_buffer(SCpnt, UNIT_ATTENTION,
873 cp = "reported luns data has changed";
876 pr_warn("%s: unexpected unit attention code=%d\n",
882 clear_bit(k, devip->uas_bm);
884 sdev_printk(KERN_INFO, SCpnt->device,
885 "%s reports: Unit attention: %s\n",
887 return check_condition_result;
889 if ((UAS_TUR == uas_only) && devip->stopped) {
890 mk_sense_buffer(SCpnt, NOT_READY, LOGICAL_UNIT_NOT_READY,
893 sdev_printk(KERN_INFO, SCpnt->device,
894 "%s reports: Not ready: %s\n", my_name,
895 "initializing command required");
896 return check_condition_result;
901 /* Returns 0 if ok else (DID_ERROR << 16). Sets scp->resid . */
902 static int fill_from_dev_buffer(struct scsi_cmnd *scp, unsigned char *arr,
906 struct scsi_data_buffer *sdb = scsi_in(scp);
910 if (!(scsi_bidi_cmnd(scp) || scp->sc_data_direction == DMA_FROM_DEVICE))
911 return (DID_ERROR << 16);
913 act_len = sg_copy_from_buffer(sdb->table.sgl, sdb->table.nents,
915 sdb->resid = scsi_bufflen(scp) - act_len;
920 /* Returns number of bytes fetched into 'arr' or -1 if error. */
921 static int fetch_to_dev_buffer(struct scsi_cmnd *scp, unsigned char *arr,
924 if (!scsi_bufflen(scp))
926 if (!(scsi_bidi_cmnd(scp) || scp->sc_data_direction == DMA_TO_DEVICE))
929 return scsi_sg_copy_to_buffer(scp, arr, arr_len);
933 static const char * inq_vendor_id = "Linux ";
934 static const char * inq_product_id = "scsi_debug ";
935 static const char *inq_product_rev = "0184"; /* version less '.' */
937 /* Device identification VPD page. Returns number of bytes placed in arr */
938 static int inquiry_evpd_83(unsigned char * arr, int port_group_id,
939 int target_dev_id, int dev_id_num,
940 const char * dev_id_str,
946 port_a = target_dev_id + 1;
947 /* T10 vendor identifier field format (faked) */
948 arr[0] = 0x2; /* ASCII */
951 memcpy(&arr[4], inq_vendor_id, 8);
952 memcpy(&arr[12], inq_product_id, 16);
953 memcpy(&arr[28], dev_id_str, dev_id_str_len);
954 num = 8 + 16 + dev_id_str_len;
957 if (dev_id_num >= 0) {
958 /* NAA-5, Logical unit identifier (binary) */
959 arr[num++] = 0x1; /* binary (not necessarily sas) */
960 arr[num++] = 0x3; /* PIV=0, lu, naa */
963 arr[num++] = 0x53; /* naa-5 ieee company id=0x333333 (fake) */
967 arr[num++] = (dev_id_num >> 24);
968 arr[num++] = (dev_id_num >> 16) & 0xff;
969 arr[num++] = (dev_id_num >> 8) & 0xff;
970 arr[num++] = dev_id_num & 0xff;
971 /* Target relative port number */
972 arr[num++] = 0x61; /* proto=sas, binary */
973 arr[num++] = 0x94; /* PIV=1, target port, rel port */
974 arr[num++] = 0x0; /* reserved */
975 arr[num++] = 0x4; /* length */
976 arr[num++] = 0x0; /* reserved */
977 arr[num++] = 0x0; /* reserved */
979 arr[num++] = 0x1; /* relative port A */
981 /* NAA-5, Target port identifier */
982 arr[num++] = 0x61; /* proto=sas, binary */
983 arr[num++] = 0x93; /* piv=1, target port, naa */
986 arr[num++] = 0x52; /* naa-5, company id=0x222222 (fake) */
990 arr[num++] = (port_a >> 24);
991 arr[num++] = (port_a >> 16) & 0xff;
992 arr[num++] = (port_a >> 8) & 0xff;
993 arr[num++] = port_a & 0xff;
994 /* NAA-5, Target port group identifier */
995 arr[num++] = 0x61; /* proto=sas, binary */
996 arr[num++] = 0x95; /* piv=1, target port group id */
1001 arr[num++] = (port_group_id >> 8) & 0xff;
1002 arr[num++] = port_group_id & 0xff;
1003 /* NAA-5, Target device identifier */
1004 arr[num++] = 0x61; /* proto=sas, binary */
1005 arr[num++] = 0xa3; /* piv=1, target device, naa */
1008 arr[num++] = 0x52; /* naa-5, company id=0x222222 (fake) */
1012 arr[num++] = (target_dev_id >> 24);
1013 arr[num++] = (target_dev_id >> 16) & 0xff;
1014 arr[num++] = (target_dev_id >> 8) & 0xff;
1015 arr[num++] = target_dev_id & 0xff;
1016 /* SCSI name string: Target device identifier */
1017 arr[num++] = 0x63; /* proto=sas, UTF-8 */
1018 arr[num++] = 0xa8; /* piv=1, target device, SCSI name string */
1021 memcpy(arr + num, "naa.52222220", 12);
1023 snprintf(b, sizeof(b), "%08X", target_dev_id);
1024 memcpy(arr + num, b, 8);
1026 memset(arr + num, 0, 4);
1032 static unsigned char vpd84_data[] = {
1033 /* from 4th byte */ 0x22,0x22,0x22,0x0,0xbb,0x0,
1034 0x22,0x22,0x22,0x0,0xbb,0x1,
1035 0x22,0x22,0x22,0x0,0xbb,0x2,
1038 /* Software interface identification VPD page */
1039 static int inquiry_evpd_84(unsigned char * arr)
1041 memcpy(arr, vpd84_data, sizeof(vpd84_data));
1042 return sizeof(vpd84_data);
1045 /* Management network addresses VPD page */
1046 static int inquiry_evpd_85(unsigned char * arr)
1049 const char * na1 = "https://www.kernel.org/config";
1050 const char * na2 = "http://www.kernel.org/log";
1053 arr[num++] = 0x1; /* lu, storage config */
1054 arr[num++] = 0x0; /* reserved */
1059 plen = ((plen / 4) + 1) * 4;
1060 arr[num++] = plen; /* length, null termianted, padded */
1061 memcpy(arr + num, na1, olen);
1062 memset(arr + num + olen, 0, plen - olen);
1065 arr[num++] = 0x4; /* lu, logging */
1066 arr[num++] = 0x0; /* reserved */
1071 plen = ((plen / 4) + 1) * 4;
1072 arr[num++] = plen; /* length, null terminated, padded */
1073 memcpy(arr + num, na2, olen);
1074 memset(arr + num + olen, 0, plen - olen);
1080 /* SCSI ports VPD page */
1081 static int inquiry_evpd_88(unsigned char * arr, int target_dev_id)
1086 port_a = target_dev_id + 1;
1087 port_b = port_a + 1;
1088 arr[num++] = 0x0; /* reserved */
1089 arr[num++] = 0x0; /* reserved */
1091 arr[num++] = 0x1; /* relative port 1 (primary) */
1092 memset(arr + num, 0, 6);
1095 arr[num++] = 12; /* length tp descriptor */
1096 /* naa-5 target port identifier (A) */
1097 arr[num++] = 0x61; /* proto=sas, binary */
1098 arr[num++] = 0x93; /* PIV=1, target port, NAA */
1099 arr[num++] = 0x0; /* reserved */
1100 arr[num++] = 0x8; /* length */
1101 arr[num++] = 0x52; /* NAA-5, company_id=0x222222 (fake) */
1105 arr[num++] = (port_a >> 24);
1106 arr[num++] = (port_a >> 16) & 0xff;
1107 arr[num++] = (port_a >> 8) & 0xff;
1108 arr[num++] = port_a & 0xff;
1110 arr[num++] = 0x0; /* reserved */
1111 arr[num++] = 0x0; /* reserved */
1113 arr[num++] = 0x2; /* relative port 2 (secondary) */
1114 memset(arr + num, 0, 6);
1117 arr[num++] = 12; /* length tp descriptor */
1118 /* naa-5 target port identifier (B) */
1119 arr[num++] = 0x61; /* proto=sas, binary */
1120 arr[num++] = 0x93; /* PIV=1, target port, NAA */
1121 arr[num++] = 0x0; /* reserved */
1122 arr[num++] = 0x8; /* length */
1123 arr[num++] = 0x52; /* NAA-5, company_id=0x222222 (fake) */
1127 arr[num++] = (port_b >> 24);
1128 arr[num++] = (port_b >> 16) & 0xff;
1129 arr[num++] = (port_b >> 8) & 0xff;
1130 arr[num++] = port_b & 0xff;
1136 static unsigned char vpd89_data[] = {
1137 /* from 4th byte */ 0,0,0,0,
1138 'l','i','n','u','x',' ',' ',' ',
1139 'S','A','T',' ','s','c','s','i','_','d','e','b','u','g',' ',' ',
1141 0x34,0,0,0,1,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,
1143 0x5a,0xc,0xff,0x3f,0x37,0xc8,0x10,0,0,0,0,0,0x3f,0,0,0,
1144 0,0,0,0,0x58,0x58,0x58,0x58,0x58,0x58,0x58,0x58,0x20,0x20,0x20,0x20,
1145 0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,0,0,0,0x40,0x4,0,0x2e,0x33,
1146 0x38,0x31,0x20,0x20,0x20,0x20,0x54,0x53,0x38,0x33,0x30,0x30,0x33,0x31,
1148 0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,
1150 0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,
1152 0,0,0,0x2f,0,0,0,0x2,0,0x2,0x7,0,0xff,0xff,0x1,0,
1153 0x3f,0,0xc1,0xff,0x3e,0,0x10,0x1,0xb0,0xf8,0x50,0x9,0,0,0x7,0,
1154 0x3,0,0x78,0,0x78,0,0xf0,0,0x78,0,0,0,0,0,0,0,
1155 0,0,0,0,0,0,0,0,0x2,0,0,0,0,0,0,0,
1156 0x7e,0,0x1b,0,0x6b,0x34,0x1,0x7d,0x3,0x40,0x69,0x34,0x1,0x3c,0x3,0x40,
1157 0x7f,0x40,0,0,0,0,0xfe,0xfe,0,0,0,0,0,0xfe,0,0,
1158 0,0,0,0,0,0,0,0,0xb0,0xf8,0x50,0x9,0,0,0,0,
1159 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
1160 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
1161 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
1162 0x1,0,0xb0,0xf8,0x50,0x9,0xb0,0xf8,0x50,0x9,0x20,0x20,0x2,0,0xb6,0x42,
1163 0,0x80,0x8a,0,0x6,0x3c,0xa,0x3c,0xff,0xff,0xc6,0x7,0,0x1,0,0x8,
1164 0xf0,0xf,0,0x10,0x2,0,0x30,0,0,0,0,0,0,0,0x6,0xfe,
1165 0,0,0x2,0,0x50,0,0x8a,0,0x4f,0x95,0,0,0x21,0,0xb,0,
1166 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
1167 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
1168 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
1169 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
1170 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
1171 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
1172 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
1173 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
1174 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
1175 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
1176 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
1177 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0xa5,0x51,
1180 /* ATA Information VPD page */
1181 static int inquiry_evpd_89(unsigned char * arr)
1183 memcpy(arr, vpd89_data, sizeof(vpd89_data));
1184 return sizeof(vpd89_data);
1188 static unsigned char vpdb0_data[] = {
1189 /* from 4th byte */ 0,0,0,4, 0,0,0x4,0, 0,0,0,64,
1190 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
1191 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
1192 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
1195 /* Block limits VPD page (SBC-3) */
1196 static int inquiry_evpd_b0(unsigned char * arr)
1200 memcpy(arr, vpdb0_data, sizeof(vpdb0_data));
1202 /* Optimal transfer length granularity */
1203 gran = 1 << scsi_debug_physblk_exp;
1204 arr[2] = (gran >> 8) & 0xff;
1205 arr[3] = gran & 0xff;
1207 /* Maximum Transfer Length */
1208 if (sdebug_store_sectors > 0x400) {
1209 arr[4] = (sdebug_store_sectors >> 24) & 0xff;
1210 arr[5] = (sdebug_store_sectors >> 16) & 0xff;
1211 arr[6] = (sdebug_store_sectors >> 8) & 0xff;
1212 arr[7] = sdebug_store_sectors & 0xff;
1215 /* Optimal Transfer Length */
1216 put_unaligned_be32(scsi_debug_opt_blks, &arr[8]);
1218 if (scsi_debug_lbpu) {
1219 /* Maximum Unmap LBA Count */
1220 put_unaligned_be32(scsi_debug_unmap_max_blocks, &arr[16]);
1222 /* Maximum Unmap Block Descriptor Count */
1223 put_unaligned_be32(scsi_debug_unmap_max_desc, &arr[20]);
1226 /* Unmap Granularity Alignment */
1227 if (scsi_debug_unmap_alignment) {
1228 put_unaligned_be32(scsi_debug_unmap_alignment, &arr[28]);
1229 arr[28] |= 0x80; /* UGAVALID */
1232 /* Optimal Unmap Granularity */
1233 put_unaligned_be32(scsi_debug_unmap_granularity, &arr[24]);
1235 /* Maximum WRITE SAME Length */
1236 put_unaligned_be64(scsi_debug_write_same_length, &arr[32]);
1238 return 0x3c; /* Mandatory page length for Logical Block Provisioning */
1240 return sizeof(vpdb0_data);
1243 /* Block device characteristics VPD page (SBC-3) */
1244 static int inquiry_evpd_b1(unsigned char *arr)
1246 memset(arr, 0, 0x3c);
1248 arr[1] = 1; /* non rotating medium (e.g. solid state) */
1250 arr[3] = 5; /* less than 1.8" */
1255 /* Logical block provisioning VPD page (SBC-3) */
1256 static int inquiry_evpd_b2(unsigned char *arr)
1258 memset(arr, 0, 0x4);
1259 arr[0] = 0; /* threshold exponent */
1261 if (scsi_debug_lbpu)
1264 if (scsi_debug_lbpws)
1267 if (scsi_debug_lbpws10)
1270 if (scsi_debug_lbprz)
1276 #define SDEBUG_LONG_INQ_SZ 96
1277 #define SDEBUG_MAX_INQ_ARR_SZ 584
1279 static int resp_inquiry(struct scsi_cmnd *scp, struct sdebug_dev_info *devip)
1281 unsigned char pq_pdt;
1282 unsigned char * arr;
1283 unsigned char *cmd = scp->cmnd;
1284 int alloc_len, n, ret;
1287 alloc_len = (cmd[3] << 8) + cmd[4];
1288 arr = kzalloc(SDEBUG_MAX_INQ_ARR_SZ, GFP_ATOMIC);
1290 return DID_REQUEUE << 16;
1291 have_wlun = (scp->device->lun == SAM2_WLUN_REPORT_LUNS);
1293 pq_pdt = 0x1e; /* present, wlun */
1294 else if (scsi_debug_no_lun_0 && (0 == devip->lun))
1295 pq_pdt = 0x7f; /* not present, no device type */
1297 pq_pdt = (scsi_debug_ptype & 0x1f);
1299 if (0x2 & cmd[1]) { /* CMDDT bit set */
1300 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 1, 1);
1302 return check_condition_result;
1303 } else if (0x1 & cmd[1]) { /* EVPD bit set */
1304 int lu_id_num, port_group_id, target_dev_id, len;
1306 int host_no = devip->sdbg_host->shost->host_no;
1308 port_group_id = (((host_no + 1) & 0x7f) << 8) +
1309 (devip->channel & 0x7f);
1310 if (0 == scsi_debug_vpd_use_hostno)
1312 lu_id_num = have_wlun ? -1 : (((host_no + 1) * 2000) +
1313 (devip->target * 1000) + devip->lun);
1314 target_dev_id = ((host_no + 1) * 2000) +
1315 (devip->target * 1000) - 3;
1316 len = scnprintf(lu_id_str, 6, "%d", lu_id_num);
1317 if (0 == cmd[2]) { /* supported vital product data pages */
1318 arr[1] = cmd[2]; /*sanity */
1320 arr[n++] = 0x0; /* this page */
1321 arr[n++] = 0x80; /* unit serial number */
1322 arr[n++] = 0x83; /* device identification */
1323 arr[n++] = 0x84; /* software interface ident. */
1324 arr[n++] = 0x85; /* management network addresses */
1325 arr[n++] = 0x86; /* extended inquiry */
1326 arr[n++] = 0x87; /* mode page policy */
1327 arr[n++] = 0x88; /* SCSI ports */
1328 arr[n++] = 0x89; /* ATA information */
1329 arr[n++] = 0xb0; /* Block limits (SBC) */
1330 arr[n++] = 0xb1; /* Block characteristics (SBC) */
1331 if (scsi_debug_lbp()) /* Logical Block Prov. (SBC) */
1333 arr[3] = n - 4; /* number of supported VPD pages */
1334 } else if (0x80 == cmd[2]) { /* unit serial number */
1335 arr[1] = cmd[2]; /*sanity */
1337 memcpy(&arr[4], lu_id_str, len);
1338 } else if (0x83 == cmd[2]) { /* device identification */
1339 arr[1] = cmd[2]; /*sanity */
1340 arr[3] = inquiry_evpd_83(&arr[4], port_group_id,
1341 target_dev_id, lu_id_num,
1343 } else if (0x84 == cmd[2]) { /* Software interface ident. */
1344 arr[1] = cmd[2]; /*sanity */
1345 arr[3] = inquiry_evpd_84(&arr[4]);
1346 } else if (0x85 == cmd[2]) { /* Management network addresses */
1347 arr[1] = cmd[2]; /*sanity */
1348 arr[3] = inquiry_evpd_85(&arr[4]);
1349 } else if (0x86 == cmd[2]) { /* extended inquiry */
1350 arr[1] = cmd[2]; /*sanity */
1351 arr[3] = 0x3c; /* number of following entries */
1352 if (scsi_debug_dif == SD_DIF_TYPE3_PROTECTION)
1353 arr[4] = 0x4; /* SPT: GRD_CHK:1 */
1354 else if (scsi_debug_dif)
1355 arr[4] = 0x5; /* SPT: GRD_CHK:1, REF_CHK:1 */
1357 arr[4] = 0x0; /* no protection stuff */
1358 arr[5] = 0x7; /* head of q, ordered + simple q's */
1359 } else if (0x87 == cmd[2]) { /* mode page policy */
1360 arr[1] = cmd[2]; /*sanity */
1361 arr[3] = 0x8; /* number of following entries */
1362 arr[4] = 0x2; /* disconnect-reconnect mp */
1363 arr[6] = 0x80; /* mlus, shared */
1364 arr[8] = 0x18; /* protocol specific lu */
1365 arr[10] = 0x82; /* mlus, per initiator port */
1366 } else if (0x88 == cmd[2]) { /* SCSI Ports */
1367 arr[1] = cmd[2]; /*sanity */
1368 arr[3] = inquiry_evpd_88(&arr[4], target_dev_id);
1369 } else if (0x89 == cmd[2]) { /* ATA information */
1370 arr[1] = cmd[2]; /*sanity */
1371 n = inquiry_evpd_89(&arr[4]);
1373 arr[3] = (n & 0xff);
1374 } else if (0xb0 == cmd[2]) { /* Block limits (SBC) */
1375 arr[1] = cmd[2]; /*sanity */
1376 arr[3] = inquiry_evpd_b0(&arr[4]);
1377 } else if (0xb1 == cmd[2]) { /* Block characteristics (SBC) */
1378 arr[1] = cmd[2]; /*sanity */
1379 arr[3] = inquiry_evpd_b1(&arr[4]);
1380 } else if (0xb2 == cmd[2]) { /* Logical Block Prov. (SBC) */
1381 arr[1] = cmd[2]; /*sanity */
1382 arr[3] = inquiry_evpd_b2(&arr[4]);
1384 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 2, -1);
1386 return check_condition_result;
1388 len = min(((arr[2] << 8) + arr[3]) + 4, alloc_len);
1389 ret = fill_from_dev_buffer(scp, arr,
1390 min(len, SDEBUG_MAX_INQ_ARR_SZ));
1394 /* drops through here for a standard inquiry */
1395 arr[1] = scsi_debug_removable ? 0x80 : 0; /* Removable disk */
1396 arr[2] = scsi_debug_scsi_level;
1397 arr[3] = 2; /* response_data_format==2 */
1398 arr[4] = SDEBUG_LONG_INQ_SZ - 5;
1399 arr[5] = scsi_debug_dif ? 1 : 0; /* PROTECT bit */
1400 if (0 == scsi_debug_vpd_use_hostno)
1401 arr[5] = 0x10; /* claim: implicit TGPS */
1402 arr[6] = 0x10; /* claim: MultiP */
1403 /* arr[6] |= 0x40; ... claim: EncServ (enclosure services) */
1404 arr[7] = 0xa; /* claim: LINKED + CMDQUE */
1405 memcpy(&arr[8], inq_vendor_id, 8);
1406 memcpy(&arr[16], inq_product_id, 16);
1407 memcpy(&arr[32], inq_product_rev, 4);
1408 /* version descriptors (2 bytes each) follow */
1409 arr[58] = 0x0; arr[59] = 0xa2; /* SAM-5 rev 4 */
1410 arr[60] = 0x4; arr[61] = 0x68; /* SPC-4 rev 37 */
1412 if (scsi_debug_ptype == 0) {
1413 arr[n++] = 0x4; arr[n++] = 0xc5; /* SBC-4 rev 36 */
1414 } else if (scsi_debug_ptype == 1) {
1415 arr[n++] = 0x5; arr[n++] = 0x25; /* SSC-4 rev 3 */
1417 arr[n++] = 0x20; arr[n++] = 0xe6; /* SPL-3 rev 7 */
1418 ret = fill_from_dev_buffer(scp, arr,
1419 min(alloc_len, SDEBUG_LONG_INQ_SZ));
1424 static int resp_requests(struct scsi_cmnd * scp,
1425 struct sdebug_dev_info * devip)
1427 unsigned char * sbuff;
1428 unsigned char *cmd = scp->cmnd;
1429 unsigned char arr[SCSI_SENSE_BUFFERSIZE];
1430 bool dsense, want_dsense;
1433 memset(arr, 0, sizeof(arr));
1434 dsense = !!(cmd[1] & 1);
1435 want_dsense = dsense || scsi_debug_dsense;
1436 sbuff = scp->sense_buffer;
1437 if ((iec_m_pg[2] & 0x4) && (6 == (iec_m_pg[3] & 0xf))) {
1440 arr[1] = 0x0; /* NO_SENSE in sense_key */
1441 arr[2] = THRESHOLD_EXCEEDED;
1442 arr[3] = 0xff; /* TEST set and MRIE==6 */
1446 arr[2] = 0x0; /* NO_SENSE in sense_key */
1447 arr[7] = 0xa; /* 18 byte sense buffer */
1448 arr[12] = THRESHOLD_EXCEEDED;
1449 arr[13] = 0xff; /* TEST set and MRIE==6 */
1452 memcpy(arr, sbuff, SCSI_SENSE_BUFFERSIZE);
1453 if (arr[0] >= 0x70 && dsense == scsi_debug_dsense)
1454 ; /* have sense and formats match */
1455 else if (arr[0] <= 0x70) {
1465 } else if (dsense) {
1468 arr[1] = sbuff[2]; /* sense key */
1469 arr[2] = sbuff[12]; /* asc */
1470 arr[3] = sbuff[13]; /* ascq */
1482 mk_sense_buffer(scp, 0, NO_ADDITIONAL_SENSE, 0);
1483 return fill_from_dev_buffer(scp, arr, len);
1486 static int resp_start_stop(struct scsi_cmnd * scp,
1487 struct sdebug_dev_info * devip)
1489 unsigned char *cmd = scp->cmnd;
1490 int power_cond, start;
1492 power_cond = (cmd[4] & 0xf0) >> 4;
1494 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 4, 7);
1495 return check_condition_result;
1498 if (start == devip->stopped)
1499 devip->stopped = !start;
1503 static sector_t get_sdebug_capacity(void)
1505 if (scsi_debug_virtual_gb > 0)
1506 return (sector_t)scsi_debug_virtual_gb *
1507 (1073741824 / scsi_debug_sector_size);
1509 return sdebug_store_sectors;
1512 #define SDEBUG_READCAP_ARR_SZ 8
1513 static int resp_readcap(struct scsi_cmnd * scp,
1514 struct sdebug_dev_info * devip)
1516 unsigned char arr[SDEBUG_READCAP_ARR_SZ];
1519 /* following just in case virtual_gb changed */
1520 sdebug_capacity = get_sdebug_capacity();
1521 memset(arr, 0, SDEBUG_READCAP_ARR_SZ);
1522 if (sdebug_capacity < 0xffffffff) {
1523 capac = (unsigned int)sdebug_capacity - 1;
1524 arr[0] = (capac >> 24);
1525 arr[1] = (capac >> 16) & 0xff;
1526 arr[2] = (capac >> 8) & 0xff;
1527 arr[3] = capac & 0xff;
1534 arr[6] = (scsi_debug_sector_size >> 8) & 0xff;
1535 arr[7] = scsi_debug_sector_size & 0xff;
1536 return fill_from_dev_buffer(scp, arr, SDEBUG_READCAP_ARR_SZ);
1539 #define SDEBUG_READCAP16_ARR_SZ 32
1540 static int resp_readcap16(struct scsi_cmnd * scp,
1541 struct sdebug_dev_info * devip)
1543 unsigned char *cmd = scp->cmnd;
1544 unsigned char arr[SDEBUG_READCAP16_ARR_SZ];
1545 unsigned long long capac;
1548 alloc_len = ((cmd[10] << 24) + (cmd[11] << 16) + (cmd[12] << 8)
1550 /* following just in case virtual_gb changed */
1551 sdebug_capacity = get_sdebug_capacity();
1552 memset(arr, 0, SDEBUG_READCAP16_ARR_SZ);
1553 capac = sdebug_capacity - 1;
1554 for (k = 0; k < 8; ++k, capac >>= 8)
1555 arr[7 - k] = capac & 0xff;
1556 arr[8] = (scsi_debug_sector_size >> 24) & 0xff;
1557 arr[9] = (scsi_debug_sector_size >> 16) & 0xff;
1558 arr[10] = (scsi_debug_sector_size >> 8) & 0xff;
1559 arr[11] = scsi_debug_sector_size & 0xff;
1560 arr[13] = scsi_debug_physblk_exp & 0xf;
1561 arr[14] = (scsi_debug_lowest_aligned >> 8) & 0x3f;
1563 if (scsi_debug_lbp()) {
1564 arr[14] |= 0x80; /* LBPME */
1565 if (scsi_debug_lbprz)
1566 arr[14] |= 0x40; /* LBPRZ */
1569 arr[15] = scsi_debug_lowest_aligned & 0xff;
1571 if (scsi_debug_dif) {
1572 arr[12] = (scsi_debug_dif - 1) << 1; /* P_TYPE */
1573 arr[12] |= 1; /* PROT_EN */
1576 return fill_from_dev_buffer(scp, arr,
1577 min(alloc_len, SDEBUG_READCAP16_ARR_SZ));
1580 #define SDEBUG_MAX_TGTPGS_ARR_SZ 1412
1582 static int resp_report_tgtpgs(struct scsi_cmnd * scp,
1583 struct sdebug_dev_info * devip)
1585 unsigned char *cmd = scp->cmnd;
1586 unsigned char * arr;
1587 int host_no = devip->sdbg_host->shost->host_no;
1588 int n, ret, alen, rlen;
1589 int port_group_a, port_group_b, port_a, port_b;
1591 alen = ((cmd[6] << 24) + (cmd[7] << 16) + (cmd[8] << 8)
1594 arr = kzalloc(SDEBUG_MAX_TGTPGS_ARR_SZ, GFP_ATOMIC);
1596 return DID_REQUEUE << 16;
1598 * EVPD page 0x88 states we have two ports, one
1599 * real and a fake port with no device connected.
1600 * So we create two port groups with one port each
1601 * and set the group with port B to unavailable.
1603 port_a = 0x1; /* relative port A */
1604 port_b = 0x2; /* relative port B */
1605 port_group_a = (((host_no + 1) & 0x7f) << 8) +
1606 (devip->channel & 0x7f);
1607 port_group_b = (((host_no + 1) & 0x7f) << 8) +
1608 (devip->channel & 0x7f) + 0x80;
1611 * The asymmetric access state is cycled according to the host_id.
1614 if (0 == scsi_debug_vpd_use_hostno) {
1615 arr[n++] = host_no % 3; /* Asymm access state */
1616 arr[n++] = 0x0F; /* claim: all states are supported */
1618 arr[n++] = 0x0; /* Active/Optimized path */
1619 arr[n++] = 0x01; /* claim: only support active/optimized paths */
1621 arr[n++] = (port_group_a >> 8) & 0xff;
1622 arr[n++] = port_group_a & 0xff;
1623 arr[n++] = 0; /* Reserved */
1624 arr[n++] = 0; /* Status code */
1625 arr[n++] = 0; /* Vendor unique */
1626 arr[n++] = 0x1; /* One port per group */
1627 arr[n++] = 0; /* Reserved */
1628 arr[n++] = 0; /* Reserved */
1629 arr[n++] = (port_a >> 8) & 0xff;
1630 arr[n++] = port_a & 0xff;
1631 arr[n++] = 3; /* Port unavailable */
1632 arr[n++] = 0x08; /* claim: only unavailalbe paths are supported */
1633 arr[n++] = (port_group_b >> 8) & 0xff;
1634 arr[n++] = port_group_b & 0xff;
1635 arr[n++] = 0; /* Reserved */
1636 arr[n++] = 0; /* Status code */
1637 arr[n++] = 0; /* Vendor unique */
1638 arr[n++] = 0x1; /* One port per group */
1639 arr[n++] = 0; /* Reserved */
1640 arr[n++] = 0; /* Reserved */
1641 arr[n++] = (port_b >> 8) & 0xff;
1642 arr[n++] = port_b & 0xff;
1645 arr[0] = (rlen >> 24) & 0xff;
1646 arr[1] = (rlen >> 16) & 0xff;
1647 arr[2] = (rlen >> 8) & 0xff;
1648 arr[3] = rlen & 0xff;
1651 * Return the smallest value of either
1652 * - The allocated length
1653 * - The constructed command length
1654 * - The maximum array size
1657 ret = fill_from_dev_buffer(scp, arr,
1658 min(rlen, SDEBUG_MAX_TGTPGS_ARR_SZ));
1664 resp_rsup_opcodes(struct scsi_cmnd *scp, struct sdebug_dev_info *devip)
1667 u8 reporting_opts, req_opcode, sdeb_i, supp;
1669 u32 alloc_len, a_len;
1670 int k, offset, len, errsts, count, bump, na;
1671 const struct opcode_info_t *oip;
1672 const struct opcode_info_t *r_oip;
1674 u8 *cmd = scp->cmnd;
1676 rctd = !!(cmd[2] & 0x80);
1677 reporting_opts = cmd[2] & 0x7;
1678 req_opcode = cmd[3];
1679 req_sa = get_unaligned_be16(cmd + 4);
1680 alloc_len = get_unaligned_be32(cmd + 6);
1681 if (alloc_len < 4 || alloc_len > 0xffff) {
1682 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 6, -1);
1683 return check_condition_result;
1685 if (alloc_len > 8192)
1689 arr = kzalloc((a_len < 256) ? 320 : a_len + 64, GFP_ATOMIC);
1691 mk_sense_buffer(scp, ILLEGAL_REQUEST, INSUFF_RES_ASC,
1693 return check_condition_result;
1695 switch (reporting_opts) {
1696 case 0: /* all commands */
1697 /* count number of commands */
1698 for (count = 0, oip = opcode_info_arr;
1699 oip->num_attached != 0xff; ++oip) {
1700 if (F_INV_OP & oip->flags)
1702 count += (oip->num_attached + 1);
1704 bump = rctd ? 20 : 8;
1705 put_unaligned_be32(count * bump, arr);
1706 for (offset = 4, oip = opcode_info_arr;
1707 oip->num_attached != 0xff && offset < a_len; ++oip) {
1708 if (F_INV_OP & oip->flags)
1710 na = oip->num_attached;
1711 arr[offset] = oip->opcode;
1712 put_unaligned_be16(oip->sa, arr + offset + 2);
1714 arr[offset + 5] |= 0x2;
1715 if (FF_SA & oip->flags)
1716 arr[offset + 5] |= 0x1;
1717 put_unaligned_be16(oip->len_mask[0], arr + offset + 6);
1719 put_unaligned_be16(0xa, arr + offset + 8);
1721 for (k = 0, oip = oip->arrp; k < na; ++k, ++oip) {
1722 if (F_INV_OP & oip->flags)
1725 arr[offset] = oip->opcode;
1726 put_unaligned_be16(oip->sa, arr + offset + 2);
1728 arr[offset + 5] |= 0x2;
1729 if (FF_SA & oip->flags)
1730 arr[offset + 5] |= 0x1;
1731 put_unaligned_be16(oip->len_mask[0],
1734 put_unaligned_be16(0xa,
1741 case 1: /* one command: opcode only */
1742 case 2: /* one command: opcode plus service action */
1743 case 3: /* one command: if sa==0 then opcode only else opcode+sa */
1744 sdeb_i = opcode_ind_arr[req_opcode];
1745 oip = &opcode_info_arr[sdeb_i];
1746 if (F_INV_OP & oip->flags) {
1750 if (1 == reporting_opts) {
1751 if (FF_SA & oip->flags) {
1752 mk_sense_invalid_fld(scp, SDEB_IN_CDB,
1755 return check_condition_result;
1758 } else if (2 == reporting_opts &&
1759 0 == (FF_SA & oip->flags)) {
1760 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 4, -1);
1761 kfree(arr); /* point at requested sa */
1762 return check_condition_result;
1764 if (0 == (FF_SA & oip->flags) &&
1765 req_opcode == oip->opcode)
1767 else if (0 == (FF_SA & oip->flags)) {
1768 na = oip->num_attached;
1769 for (k = 0, oip = oip->arrp; k < na;
1771 if (req_opcode == oip->opcode)
1774 supp = (k >= na) ? 1 : 3;
1775 } else if (req_sa != oip->sa) {
1776 na = oip->num_attached;
1777 for (k = 0, oip = oip->arrp; k < na;
1779 if (req_sa == oip->sa)
1782 supp = (k >= na) ? 1 : 3;
1786 u = oip->len_mask[0];
1787 put_unaligned_be16(u, arr + 2);
1788 arr[4] = oip->opcode;
1789 for (k = 1; k < u; ++k)
1790 arr[4 + k] = (k < 16) ?
1791 oip->len_mask[k] : 0xff;
1796 arr[1] = (rctd ? 0x80 : 0) | supp;
1798 put_unaligned_be16(0xa, arr + offset);
1803 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 2, 2);
1805 return check_condition_result;
1807 offset = (offset < a_len) ? offset : a_len;
1808 len = (offset < alloc_len) ? offset : alloc_len;
1809 errsts = fill_from_dev_buffer(scp, arr, len);
1815 resp_rsup_tmfs(struct scsi_cmnd *scp, struct sdebug_dev_info *devip)
1820 u8 *cmd = scp->cmnd;
1822 memset(arr, 0, sizeof(arr));
1823 repd = !!(cmd[2] & 0x80);
1824 alloc_len = get_unaligned_be32(cmd + 6);
1825 if (alloc_len < 4) {
1826 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 6, -1);
1827 return check_condition_result;
1829 arr[0] = 0xc8; /* ATS | ATSS | LURS */
1830 arr[1] = 0x1; /* ITNRS */
1837 len = (len < alloc_len) ? len : alloc_len;
1838 return fill_from_dev_buffer(scp, arr, len);
1841 /* <<Following mode page info copied from ST318451LW>> */
1843 static int resp_err_recov_pg(unsigned char * p, int pcontrol, int target)
1844 { /* Read-Write Error Recovery page for mode_sense */
1845 unsigned char err_recov_pg[] = {0x1, 0xa, 0xc0, 11, 240, 0, 0, 0,
1848 memcpy(p, err_recov_pg, sizeof(err_recov_pg));
1850 memset(p + 2, 0, sizeof(err_recov_pg) - 2);
1851 return sizeof(err_recov_pg);
1854 static int resp_disconnect_pg(unsigned char * p, int pcontrol, int target)
1855 { /* Disconnect-Reconnect page for mode_sense */
1856 unsigned char disconnect_pg[] = {0x2, 0xe, 128, 128, 0, 10, 0, 0,
1857 0, 0, 0, 0, 0, 0, 0, 0};
1859 memcpy(p, disconnect_pg, sizeof(disconnect_pg));
1861 memset(p + 2, 0, sizeof(disconnect_pg) - 2);
1862 return sizeof(disconnect_pg);
1865 static int resp_format_pg(unsigned char * p, int pcontrol, int target)
1866 { /* Format device page for mode_sense */
1867 unsigned char format_pg[] = {0x3, 0x16, 0, 0, 0, 0, 0, 0,
1868 0, 0, 0, 0, 0, 0, 0, 0,
1869 0, 0, 0, 0, 0x40, 0, 0, 0};
1871 memcpy(p, format_pg, sizeof(format_pg));
1872 p[10] = (sdebug_sectors_per >> 8) & 0xff;
1873 p[11] = sdebug_sectors_per & 0xff;
1874 p[12] = (scsi_debug_sector_size >> 8) & 0xff;
1875 p[13] = scsi_debug_sector_size & 0xff;
1876 if (scsi_debug_removable)
1877 p[20] |= 0x20; /* should agree with INQUIRY */
1879 memset(p + 2, 0, sizeof(format_pg) - 2);
1880 return sizeof(format_pg);
1883 static int resp_caching_pg(unsigned char * p, int pcontrol, int target)
1884 { /* Caching page for mode_sense */
1885 unsigned char ch_caching_pg[] = {/* 0x8, 18, */ 0x4, 0, 0, 0, 0, 0,
1886 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0};
1887 unsigned char d_caching_pg[] = {0x8, 18, 0x14, 0, 0xff, 0xff, 0, 0,
1888 0xff, 0xff, 0xff, 0xff, 0x80, 0x14, 0, 0, 0, 0, 0, 0};
1890 if (SCSI_DEBUG_OPT_N_WCE & scsi_debug_opts)
1891 caching_pg[2] &= ~0x4; /* set WCE=0 (default WCE=1) */
1892 memcpy(p, caching_pg, sizeof(caching_pg));
1894 memcpy(p + 2, ch_caching_pg, sizeof(ch_caching_pg));
1895 else if (2 == pcontrol)
1896 memcpy(p, d_caching_pg, sizeof(d_caching_pg));
1897 return sizeof(caching_pg);
1900 static int resp_ctrl_m_pg(unsigned char * p, int pcontrol, int target)
1901 { /* Control mode page for mode_sense */
1902 unsigned char ch_ctrl_m_pg[] = {/* 0xa, 10, */ 0x6, 0, 0, 0, 0, 0,
1904 unsigned char d_ctrl_m_pg[] = {0xa, 10, 2, 0, 0, 0, 0, 0,
1907 if (scsi_debug_dsense)
1908 ctrl_m_pg[2] |= 0x4;
1910 ctrl_m_pg[2] &= ~0x4;
1913 ctrl_m_pg[5] |= 0x80; /* ATO=1 */
1915 memcpy(p, ctrl_m_pg, sizeof(ctrl_m_pg));
1917 memcpy(p + 2, ch_ctrl_m_pg, sizeof(ch_ctrl_m_pg));
1918 else if (2 == pcontrol)
1919 memcpy(p, d_ctrl_m_pg, sizeof(d_ctrl_m_pg));
1920 return sizeof(ctrl_m_pg);
1924 static int resp_iec_m_pg(unsigned char * p, int pcontrol, int target)
1925 { /* Informational Exceptions control mode page for mode_sense */
1926 unsigned char ch_iec_m_pg[] = {/* 0x1c, 0xa, */ 0x4, 0xf, 0, 0, 0, 0,
1928 unsigned char d_iec_m_pg[] = {0x1c, 0xa, 0x08, 0, 0, 0, 0, 0,
1931 memcpy(p, iec_m_pg, sizeof(iec_m_pg));
1933 memcpy(p + 2, ch_iec_m_pg, sizeof(ch_iec_m_pg));
1934 else if (2 == pcontrol)
1935 memcpy(p, d_iec_m_pg, sizeof(d_iec_m_pg));
1936 return sizeof(iec_m_pg);
1939 static int resp_sas_sf_m_pg(unsigned char * p, int pcontrol, int target)
1940 { /* SAS SSP mode page - short format for mode_sense */
1941 unsigned char sas_sf_m_pg[] = {0x19, 0x6,
1942 0x6, 0x0, 0x7, 0xd0, 0x0, 0x0};
1944 memcpy(p, sas_sf_m_pg, sizeof(sas_sf_m_pg));
1946 memset(p + 2, 0, sizeof(sas_sf_m_pg) - 2);
1947 return sizeof(sas_sf_m_pg);
1951 static int resp_sas_pcd_m_spg(unsigned char * p, int pcontrol, int target,
1953 { /* SAS phy control and discover mode page for mode_sense */
1954 unsigned char sas_pcd_m_pg[] = {0x59, 0x1, 0, 0x64, 0, 0x6, 0, 2,
1955 0, 0, 0, 0, 0x10, 0x9, 0x8, 0x0,
1956 0x52, 0x22, 0x22, 0x20, 0x0, 0x0, 0x0, 0x0,
1957 0x51, 0x11, 0x11, 0x10, 0x0, 0x0, 0x0, 0x1,
1958 0x2, 0, 0, 0, 0, 0, 0, 0,
1959 0x88, 0x99, 0, 0, 0, 0, 0, 0,
1960 0, 0, 0, 0, 0, 0, 0, 0,
1961 0, 1, 0, 0, 0x10, 0x9, 0x8, 0x0,
1962 0x52, 0x22, 0x22, 0x20, 0x0, 0x0, 0x0, 0x0,
1963 0x51, 0x11, 0x11, 0x10, 0x0, 0x0, 0x0, 0x1,
1964 0x3, 0, 0, 0, 0, 0, 0, 0,
1965 0x88, 0x99, 0, 0, 0, 0, 0, 0,
1966 0, 0, 0, 0, 0, 0, 0, 0,
1970 port_a = target_dev_id + 1;
1971 port_b = port_a + 1;
1972 memcpy(p, sas_pcd_m_pg, sizeof(sas_pcd_m_pg));
1973 p[20] = (port_a >> 24);
1974 p[21] = (port_a >> 16) & 0xff;
1975 p[22] = (port_a >> 8) & 0xff;
1976 p[23] = port_a & 0xff;
1977 p[48 + 20] = (port_b >> 24);
1978 p[48 + 21] = (port_b >> 16) & 0xff;
1979 p[48 + 22] = (port_b >> 8) & 0xff;
1980 p[48 + 23] = port_b & 0xff;
1982 memset(p + 4, 0, sizeof(sas_pcd_m_pg) - 4);
1983 return sizeof(sas_pcd_m_pg);
1986 static int resp_sas_sha_m_spg(unsigned char * p, int pcontrol)
1987 { /* SAS SSP shared protocol specific port mode subpage */
1988 unsigned char sas_sha_m_pg[] = {0x59, 0x2, 0, 0xc, 0, 0x6, 0x10, 0,
1989 0, 0, 0, 0, 0, 0, 0, 0,
1992 memcpy(p, sas_sha_m_pg, sizeof(sas_sha_m_pg));
1994 memset(p + 4, 0, sizeof(sas_sha_m_pg) - 4);
1995 return sizeof(sas_sha_m_pg);
1998 #define SDEBUG_MAX_MSENSE_SZ 256
2001 resp_mode_sense(struct scsi_cmnd *scp, struct sdebug_dev_info *devip)
2003 unsigned char dbd, llbaa;
2004 int pcontrol, pcode, subpcode, bd_len;
2005 unsigned char dev_spec;
2006 int k, alloc_len, msense_6, offset, len, target_dev_id;
2007 int target = scp->device->id;
2009 unsigned char arr[SDEBUG_MAX_MSENSE_SZ];
2010 unsigned char *cmd = scp->cmnd;
2012 dbd = !!(cmd[1] & 0x8);
2013 pcontrol = (cmd[2] & 0xc0) >> 6;
2014 pcode = cmd[2] & 0x3f;
2016 msense_6 = (MODE_SENSE == cmd[0]);
2017 llbaa = msense_6 ? 0 : !!(cmd[1] & 0x10);
2018 if ((0 == scsi_debug_ptype) && (0 == dbd))
2019 bd_len = llbaa ? 16 : 8;
2022 alloc_len = msense_6 ? cmd[4] : ((cmd[7] << 8) | cmd[8]);
2023 memset(arr, 0, SDEBUG_MAX_MSENSE_SZ);
2024 if (0x3 == pcontrol) { /* Saving values not supported */
2025 mk_sense_buffer(scp, ILLEGAL_REQUEST, SAVING_PARAMS_UNSUP, 0);
2026 return check_condition_result;
2028 target_dev_id = ((devip->sdbg_host->shost->host_no + 1) * 2000) +
2029 (devip->target * 1000) - 3;
2030 /* set DPOFUA bit for disks */
2031 if (0 == scsi_debug_ptype)
2032 dev_spec = (DEV_READONLY(target) ? 0x80 : 0x0) | 0x10;
2042 arr[4] = 0x1; /* set LONGLBA bit */
2043 arr[7] = bd_len; /* assume 255 or less */
2047 if ((bd_len > 0) && (!sdebug_capacity))
2048 sdebug_capacity = get_sdebug_capacity();
2051 if (sdebug_capacity > 0xfffffffe) {
2057 ap[0] = (sdebug_capacity >> 24) & 0xff;
2058 ap[1] = (sdebug_capacity >> 16) & 0xff;
2059 ap[2] = (sdebug_capacity >> 8) & 0xff;
2060 ap[3] = sdebug_capacity & 0xff;
2062 ap[6] = (scsi_debug_sector_size >> 8) & 0xff;
2063 ap[7] = scsi_debug_sector_size & 0xff;
2066 } else if (16 == bd_len) {
2067 unsigned long long capac = sdebug_capacity;
2069 for (k = 0; k < 8; ++k, capac >>= 8)
2070 ap[7 - k] = capac & 0xff;
2071 ap[12] = (scsi_debug_sector_size >> 24) & 0xff;
2072 ap[13] = (scsi_debug_sector_size >> 16) & 0xff;
2073 ap[14] = (scsi_debug_sector_size >> 8) & 0xff;
2074 ap[15] = scsi_debug_sector_size & 0xff;
2079 if ((subpcode > 0x0) && (subpcode < 0xff) && (0x19 != pcode)) {
2080 /* TODO: Control Extension page */
2081 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 3, -1);
2082 return check_condition_result;
2085 case 0x1: /* Read-Write error recovery page, direct access */
2086 len = resp_err_recov_pg(ap, pcontrol, target);
2089 case 0x2: /* Disconnect-Reconnect page, all devices */
2090 len = resp_disconnect_pg(ap, pcontrol, target);
2093 case 0x3: /* Format device page, direct access */
2094 len = resp_format_pg(ap, pcontrol, target);
2097 case 0x8: /* Caching page, direct access */
2098 len = resp_caching_pg(ap, pcontrol, target);
2101 case 0xa: /* Control Mode page, all devices */
2102 len = resp_ctrl_m_pg(ap, pcontrol, target);
2105 case 0x19: /* if spc==1 then sas phy, control+discover */
2106 if ((subpcode > 0x2) && (subpcode < 0xff)) {
2107 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 3, -1);
2108 return check_condition_result;
2111 if ((0x0 == subpcode) || (0xff == subpcode))
2112 len += resp_sas_sf_m_pg(ap + len, pcontrol, target);
2113 if ((0x1 == subpcode) || (0xff == subpcode))
2114 len += resp_sas_pcd_m_spg(ap + len, pcontrol, target,
2116 if ((0x2 == subpcode) || (0xff == subpcode))
2117 len += resp_sas_sha_m_spg(ap + len, pcontrol);
2120 case 0x1c: /* Informational Exceptions Mode page, all devices */
2121 len = resp_iec_m_pg(ap, pcontrol, target);
2124 case 0x3f: /* Read all Mode pages */
2125 if ((0 == subpcode) || (0xff == subpcode)) {
2126 len = resp_err_recov_pg(ap, pcontrol, target);
2127 len += resp_disconnect_pg(ap + len, pcontrol, target);
2128 len += resp_format_pg(ap + len, pcontrol, target);
2129 len += resp_caching_pg(ap + len, pcontrol, target);
2130 len += resp_ctrl_m_pg(ap + len, pcontrol, target);
2131 len += resp_sas_sf_m_pg(ap + len, pcontrol, target);
2132 if (0xff == subpcode) {
2133 len += resp_sas_pcd_m_spg(ap + len, pcontrol,
2134 target, target_dev_id);
2135 len += resp_sas_sha_m_spg(ap + len, pcontrol);
2137 len += resp_iec_m_pg(ap + len, pcontrol, target);
2139 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 3, -1);
2140 return check_condition_result;
2145 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 2, 5);
2146 return check_condition_result;
2149 arr[0] = offset - 1;
2151 arr[0] = ((offset - 2) >> 8) & 0xff;
2152 arr[1] = (offset - 2) & 0xff;
2154 return fill_from_dev_buffer(scp, arr, min(alloc_len, offset));
2157 #define SDEBUG_MAX_MSELECT_SZ 512
2160 resp_mode_select(struct scsi_cmnd *scp, struct sdebug_dev_info *devip)
2162 int pf, sp, ps, md_len, bd_len, off, spf, pg_len;
2163 int param_len, res, mpage;
2164 unsigned char arr[SDEBUG_MAX_MSELECT_SZ];
2165 unsigned char *cmd = scp->cmnd;
2166 int mselect6 = (MODE_SELECT == cmd[0]);
2168 memset(arr, 0, sizeof(arr));
2171 param_len = mselect6 ? cmd[4] : ((cmd[7] << 8) + cmd[8]);
2172 if ((0 == pf) || sp || (param_len > SDEBUG_MAX_MSELECT_SZ)) {
2173 mk_sense_invalid_fld(scp, SDEB_IN_CDB, mselect6 ? 4 : 7, -1);
2174 return check_condition_result;
2176 res = fetch_to_dev_buffer(scp, arr, param_len);
2178 return (DID_ERROR << 16);
2179 else if ((res < param_len) &&
2180 (SCSI_DEBUG_OPT_NOISE & scsi_debug_opts))
2181 sdev_printk(KERN_INFO, scp->device,
2182 "%s: cdb indicated=%d, IO sent=%d bytes\n",
2183 __func__, param_len, res);
2184 md_len = mselect6 ? (arr[0] + 1) : ((arr[0] << 8) + arr[1] + 2);
2185 bd_len = mselect6 ? arr[3] : ((arr[6] << 8) + arr[7]);
2187 mk_sense_invalid_fld(scp, SDEB_IN_DATA, 0, -1);
2188 return check_condition_result;
2190 off = bd_len + (mselect6 ? 4 : 8);
2191 mpage = arr[off] & 0x3f;
2192 ps = !!(arr[off] & 0x80);
2194 mk_sense_invalid_fld(scp, SDEB_IN_DATA, off, 7);
2195 return check_condition_result;
2197 spf = !!(arr[off] & 0x40);
2198 pg_len = spf ? ((arr[off + 2] << 8) + arr[off + 3] + 4) :
2200 if ((pg_len + off) > param_len) {
2201 mk_sense_buffer(scp, ILLEGAL_REQUEST,
2202 PARAMETER_LIST_LENGTH_ERR, 0);
2203 return check_condition_result;
2206 case 0x8: /* Caching Mode page */
2207 if (caching_pg[1] == arr[off + 1]) {
2208 memcpy(caching_pg + 2, arr + off + 2,
2209 sizeof(caching_pg) - 2);
2210 goto set_mode_changed_ua;
2213 case 0xa: /* Control Mode page */
2214 if (ctrl_m_pg[1] == arr[off + 1]) {
2215 memcpy(ctrl_m_pg + 2, arr + off + 2,
2216 sizeof(ctrl_m_pg) - 2);
2217 scsi_debug_dsense = !!(ctrl_m_pg[2] & 0x4);
2218 goto set_mode_changed_ua;
2221 case 0x1c: /* Informational Exceptions Mode page */
2222 if (iec_m_pg[1] == arr[off + 1]) {
2223 memcpy(iec_m_pg + 2, arr + off + 2,
2224 sizeof(iec_m_pg) - 2);
2225 goto set_mode_changed_ua;
2231 mk_sense_invalid_fld(scp, SDEB_IN_DATA, off, 5);
2232 return check_condition_result;
2233 set_mode_changed_ua:
2234 set_bit(SDEBUG_UA_MODE_CHANGED, devip->uas_bm);
2238 static int resp_temp_l_pg(unsigned char * arr)
2240 unsigned char temp_l_pg[] = {0x0, 0x0, 0x3, 0x2, 0x0, 38,
2241 0x0, 0x1, 0x3, 0x2, 0x0, 65,
2244 memcpy(arr, temp_l_pg, sizeof(temp_l_pg));
2245 return sizeof(temp_l_pg);
2248 static int resp_ie_l_pg(unsigned char * arr)
2250 unsigned char ie_l_pg[] = {0x0, 0x0, 0x3, 0x3, 0x0, 0x0, 38,
2253 memcpy(arr, ie_l_pg, sizeof(ie_l_pg));
2254 if (iec_m_pg[2] & 0x4) { /* TEST bit set */
2255 arr[4] = THRESHOLD_EXCEEDED;
2258 return sizeof(ie_l_pg);
2261 #define SDEBUG_MAX_LSENSE_SZ 512
2263 static int resp_log_sense(struct scsi_cmnd * scp,
2264 struct sdebug_dev_info * devip)
2266 int ppc, sp, pcontrol, pcode, subpcode, alloc_len, len, n;
2267 unsigned char arr[SDEBUG_MAX_LSENSE_SZ];
2268 unsigned char *cmd = scp->cmnd;
2270 memset(arr, 0, sizeof(arr));
2274 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 1, ppc ? 1 : 0);
2275 return check_condition_result;
2277 pcontrol = (cmd[2] & 0xc0) >> 6;
2278 pcode = cmd[2] & 0x3f;
2279 subpcode = cmd[3] & 0xff;
2280 alloc_len = (cmd[7] << 8) + cmd[8];
2282 if (0 == subpcode) {
2284 case 0x0: /* Supported log pages log page */
2286 arr[n++] = 0x0; /* this page */
2287 arr[n++] = 0xd; /* Temperature */
2288 arr[n++] = 0x2f; /* Informational exceptions */
2291 case 0xd: /* Temperature log page */
2292 arr[3] = resp_temp_l_pg(arr + 4);
2294 case 0x2f: /* Informational exceptions log page */
2295 arr[3] = resp_ie_l_pg(arr + 4);
2298 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 2, 5);
2299 return check_condition_result;
2301 } else if (0xff == subpcode) {
2305 case 0x0: /* Supported log pages and subpages log page */
2308 arr[n++] = 0x0; /* 0,0 page */
2310 arr[n++] = 0xff; /* this page */
2312 arr[n++] = 0x0; /* Temperature */
2314 arr[n++] = 0x0; /* Informational exceptions */
2317 case 0xd: /* Temperature subpages */
2320 arr[n++] = 0x0; /* Temperature */
2323 case 0x2f: /* Informational exceptions subpages */
2326 arr[n++] = 0x0; /* Informational exceptions */
2330 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 2, 5);
2331 return check_condition_result;
2334 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 3, -1);
2335 return check_condition_result;
2337 len = min(((arr[2] << 8) + arr[3]) + 4, alloc_len);
2338 return fill_from_dev_buffer(scp, arr,
2339 min(len, SDEBUG_MAX_INQ_ARR_SZ));
2342 static int check_device_access_params(struct scsi_cmnd *scp,
2343 unsigned long long lba, unsigned int num)
2345 if (lba + num > sdebug_capacity) {
2346 mk_sense_buffer(scp, ILLEGAL_REQUEST, LBA_OUT_OF_RANGE, 0);
2347 return check_condition_result;
2349 /* transfer length excessive (tie in to block limits VPD page) */
2350 if (num > sdebug_store_sectors) {
2351 /* needs work to find which cdb byte 'num' comes from */
2352 mk_sense_buffer(scp, ILLEGAL_REQUEST, INVALID_FIELD_IN_CDB, 0);
2353 return check_condition_result;
2358 /* Returns number of bytes copied or -1 if error. */
2360 do_device_access(struct scsi_cmnd *scmd, u64 lba, u32 num, bool do_write)
2363 u64 block, rest = 0;
2364 struct scsi_data_buffer *sdb;
2365 enum dma_data_direction dir;
2366 size_t (*func)(struct scatterlist *, unsigned int, void *, size_t,
2370 sdb = scsi_out(scmd);
2371 dir = DMA_TO_DEVICE;
2372 func = sg_pcopy_to_buffer;
2374 sdb = scsi_in(scmd);
2375 dir = DMA_FROM_DEVICE;
2376 func = sg_pcopy_from_buffer;
2381 if (!(scsi_bidi_cmnd(scmd) || scmd->sc_data_direction == dir))
2384 block = do_div(lba, sdebug_store_sectors);
2385 if (block + num > sdebug_store_sectors)
2386 rest = block + num - sdebug_store_sectors;
2388 ret = func(sdb->table.sgl, sdb->table.nents,
2389 fake_storep + (block * scsi_debug_sector_size),
2390 (num - rest) * scsi_debug_sector_size, 0);
2391 if (ret != (num - rest) * scsi_debug_sector_size)
2395 ret += func(sdb->table.sgl, sdb->table.nents,
2396 fake_storep, rest * scsi_debug_sector_size,
2397 (num - rest) * scsi_debug_sector_size);
2403 /* If fake_store(lba,num) compares equal to arr(num), then copy top half of
2404 * arr into fake_store(lba,num) and return true. If comparison fails then
2407 comp_write_worker(u64 lba, u32 num, const u8 *arr)
2410 u64 block, rest = 0;
2411 u32 store_blks = sdebug_store_sectors;
2412 u32 lb_size = scsi_debug_sector_size;
2414 block = do_div(lba, store_blks);
2415 if (block + num > store_blks)
2416 rest = block + num - store_blks;
2418 res = !memcmp(fake_storep + (block * lb_size), arr,
2419 (num - rest) * lb_size);
2423 res = memcmp(fake_storep, arr + ((num - rest) * lb_size),
2427 arr += num * lb_size;
2428 memcpy(fake_storep + (block * lb_size), arr, (num - rest) * lb_size);
2430 memcpy(fake_storep, arr + ((num - rest) * lb_size),
2435 static __be16 dif_compute_csum(const void *buf, int len)
2439 if (scsi_debug_guard)
2440 csum = (__force __be16)ip_compute_csum(buf, len);
2442 csum = cpu_to_be16(crc_t10dif(buf, len));
2447 static int dif_verify(struct sd_dif_tuple *sdt, const void *data,
2448 sector_t sector, u32 ei_lba)
2450 __be16 csum = dif_compute_csum(data, scsi_debug_sector_size);
2452 if (sdt->guard_tag != csum) {
2453 pr_err("%s: GUARD check failed on sector %lu rcvd 0x%04x, data 0x%04x\n",
2455 (unsigned long)sector,
2456 be16_to_cpu(sdt->guard_tag),
2460 if (scsi_debug_dif == SD_DIF_TYPE1_PROTECTION &&
2461 be32_to_cpu(sdt->ref_tag) != (sector & 0xffffffff)) {
2462 pr_err("%s: REF check failed on sector %lu\n",
2463 __func__, (unsigned long)sector);
2466 if (scsi_debug_dif == SD_DIF_TYPE2_PROTECTION &&
2467 be32_to_cpu(sdt->ref_tag) != ei_lba) {
2468 pr_err("%s: REF check failed on sector %lu\n",
2469 __func__, (unsigned long)sector);
2475 static void dif_copy_prot(struct scsi_cmnd *SCpnt, sector_t sector,
2476 unsigned int sectors, bool read)
2480 const void *dif_store_end = dif_storep + sdebug_store_sectors;
2481 struct sg_mapping_iter miter;
2483 /* Bytes of protection data to copy into sgl */
2484 resid = sectors * sizeof(*dif_storep);
2486 sg_miter_start(&miter, scsi_prot_sglist(SCpnt),
2487 scsi_prot_sg_count(SCpnt), SG_MITER_ATOMIC |
2488 (read ? SG_MITER_TO_SG : SG_MITER_FROM_SG));
2490 while (sg_miter_next(&miter) && resid > 0) {
2491 size_t len = min(miter.length, resid);
2492 void *start = dif_store(sector);
2495 if (dif_store_end < start + len)
2496 rest = start + len - dif_store_end;
2501 memcpy(paddr, start, len - rest);
2503 memcpy(start, paddr, len - rest);
2507 memcpy(paddr + len - rest, dif_storep, rest);
2509 memcpy(dif_storep, paddr + len - rest, rest);
2512 sector += len / sizeof(*dif_storep);
2515 sg_miter_stop(&miter);
2518 static int prot_verify_read(struct scsi_cmnd *SCpnt, sector_t start_sec,
2519 unsigned int sectors, u32 ei_lba)
2522 struct sd_dif_tuple *sdt;
2525 for (i = 0; i < sectors; i++, ei_lba++) {
2528 sector = start_sec + i;
2529 sdt = dif_store(sector);
2531 if (sdt->app_tag == cpu_to_be16(0xffff))
2534 ret = dif_verify(sdt, fake_store(sector), sector, ei_lba);
2541 dif_copy_prot(SCpnt, start_sec, sectors, true);
2548 resp_read_dt0(struct scsi_cmnd *scp, struct sdebug_dev_info *devip)
2550 u8 *cmd = scp->cmnd;
2554 unsigned long iflags;
2561 lba = get_unaligned_be64(cmd + 2);
2562 num = get_unaligned_be32(cmd + 10);
2567 lba = get_unaligned_be32(cmd + 2);
2568 num = get_unaligned_be16(cmd + 7);
2573 lba = (u32)cmd[3] | (u32)cmd[2] << 8 |
2574 (u32)(cmd[1] & 0x1f) << 16;
2575 num = (0 == cmd[4]) ? 256 : cmd[4];
2580 lba = get_unaligned_be32(cmd + 2);
2581 num = get_unaligned_be32(cmd + 6);
2584 case XDWRITEREAD_10:
2586 lba = get_unaligned_be32(cmd + 2);
2587 num = get_unaligned_be16(cmd + 7);
2590 default: /* assume READ(32) */
2591 lba = get_unaligned_be64(cmd + 12);
2592 ei_lba = get_unaligned_be32(cmd + 20);
2593 num = get_unaligned_be32(cmd + 28);
2598 if (scsi_debug_dif == SD_DIF_TYPE2_PROTECTION &&
2600 mk_sense_invalid_opcode(scp);
2601 return check_condition_result;
2603 if ((scsi_debug_dif == SD_DIF_TYPE1_PROTECTION ||
2604 scsi_debug_dif == SD_DIF_TYPE3_PROTECTION) &&
2605 (cmd[1] & 0xe0) == 0)
2606 sdev_printk(KERN_ERR, scp->device, "Unprotected RD "
2609 if (sdebug_any_injecting_opt) {
2610 struct sdebug_scmd_extra_t *ep = scsi_cmd_priv(scp);
2616 /* inline check_device_access_params() */
2617 if (lba + num > sdebug_capacity) {
2618 mk_sense_buffer(scp, ILLEGAL_REQUEST, LBA_OUT_OF_RANGE, 0);
2619 return check_condition_result;
2621 /* transfer length excessive (tie in to block limits VPD page) */
2622 if (num > sdebug_store_sectors) {
2623 /* needs work to find which cdb byte 'num' comes from */
2624 mk_sense_buffer(scp, ILLEGAL_REQUEST, INVALID_FIELD_IN_CDB, 0);
2625 return check_condition_result;
2628 if ((SCSI_DEBUG_OPT_MEDIUM_ERR & scsi_debug_opts) &&
2629 (lba <= (OPT_MEDIUM_ERR_ADDR + OPT_MEDIUM_ERR_NUM - 1)) &&
2630 ((lba + num) > OPT_MEDIUM_ERR_ADDR)) {
2631 /* claim unrecoverable read error */
2632 mk_sense_buffer(scp, MEDIUM_ERROR, UNRECOVERED_READ_ERR, 0);
2633 /* set info field and valid bit for fixed descriptor */
2634 if (0x70 == (scp->sense_buffer[0] & 0x7f)) {
2635 scp->sense_buffer[0] |= 0x80; /* Valid bit */
2636 ret = (lba < OPT_MEDIUM_ERR_ADDR)
2637 ? OPT_MEDIUM_ERR_ADDR : (int)lba;
2638 put_unaligned_be32(ret, scp->sense_buffer + 3);
2640 scsi_set_resid(scp, scsi_bufflen(scp));
2641 return check_condition_result;
2644 read_lock_irqsave(&atomic_rw, iflags);
2647 if (scsi_debug_dix && scsi_prot_sg_count(scp)) {
2648 int prot_ret = prot_verify_read(scp, lba, num, ei_lba);
2651 read_unlock_irqrestore(&atomic_rw, iflags);
2652 mk_sense_buffer(scp, ABORTED_COMMAND, 0x10, prot_ret);
2653 return illegal_condition_result;
2657 ret = do_device_access(scp, lba, num, false);
2658 read_unlock_irqrestore(&atomic_rw, iflags);
2660 return DID_ERROR << 16;
2662 scsi_in(scp)->resid = scsi_bufflen(scp) - ret;
2664 if (sdebug_any_injecting_opt) {
2665 struct sdebug_scmd_extra_t *ep = scsi_cmd_priv(scp);
2667 if (ep->inj_recovered) {
2668 mk_sense_buffer(scp, RECOVERED_ERROR,
2669 THRESHOLD_EXCEEDED, 0);
2670 return check_condition_result;
2671 } else if (ep->inj_transport) {
2672 mk_sense_buffer(scp, ABORTED_COMMAND,
2673 TRANSPORT_PROBLEM, ACK_NAK_TO);
2674 return check_condition_result;
2675 } else if (ep->inj_dif) {
2676 /* Logical block guard check failed */
2677 mk_sense_buffer(scp, ABORTED_COMMAND, 0x10, 1);
2678 return illegal_condition_result;
2679 } else if (ep->inj_dix) {
2680 mk_sense_buffer(scp, ILLEGAL_REQUEST, 0x10, 1);
2681 return illegal_condition_result;
2687 void dump_sector(unsigned char *buf, int len)
2691 pr_err(">>> Sector Dump <<<\n");
2692 for (i = 0 ; i < len ; i += 16) {
2695 for (j = 0, n = 0; j < 16; j++) {
2696 unsigned char c = buf[i+j];
2698 if (c >= 0x20 && c < 0x7e)
2699 n += scnprintf(b + n, sizeof(b) - n,
2702 n += scnprintf(b + n, sizeof(b) - n,
2705 pr_err("%04d: %s\n", i, b);
2709 static int prot_verify_write(struct scsi_cmnd *SCpnt, sector_t start_sec,
2710 unsigned int sectors, u32 ei_lba)
2713 struct sd_dif_tuple *sdt;
2715 sector_t sector = start_sec;
2718 struct sg_mapping_iter diter;
2719 struct sg_mapping_iter piter;
2721 BUG_ON(scsi_sg_count(SCpnt) == 0);
2722 BUG_ON(scsi_prot_sg_count(SCpnt) == 0);
2724 sg_miter_start(&piter, scsi_prot_sglist(SCpnt),
2725 scsi_prot_sg_count(SCpnt),
2726 SG_MITER_ATOMIC | SG_MITER_FROM_SG);
2727 sg_miter_start(&diter, scsi_sglist(SCpnt), scsi_sg_count(SCpnt),
2728 SG_MITER_ATOMIC | SG_MITER_FROM_SG);
2730 /* For each protection page */
2731 while (sg_miter_next(&piter)) {
2733 if (WARN_ON(!sg_miter_next(&diter))) {
2738 for (ppage_offset = 0; ppage_offset < piter.length;
2739 ppage_offset += sizeof(struct sd_dif_tuple)) {
2740 /* If we're at the end of the current
2741 * data page advance to the next one
2743 if (dpage_offset >= diter.length) {
2744 if (WARN_ON(!sg_miter_next(&diter))) {
2751 sdt = piter.addr + ppage_offset;
2752 daddr = diter.addr + dpage_offset;
2754 ret = dif_verify(sdt, daddr, sector, ei_lba);
2756 dump_sector(daddr, scsi_debug_sector_size);
2762 dpage_offset += scsi_debug_sector_size;
2764 diter.consumed = dpage_offset;
2765 sg_miter_stop(&diter);
2767 sg_miter_stop(&piter);
2769 dif_copy_prot(SCpnt, start_sec, sectors, false);
2776 sg_miter_stop(&diter);
2777 sg_miter_stop(&piter);
2781 static unsigned long lba_to_map_index(sector_t lba)
2783 if (scsi_debug_unmap_alignment) {
2784 lba += scsi_debug_unmap_granularity -
2785 scsi_debug_unmap_alignment;
2787 do_div(lba, scsi_debug_unmap_granularity);
2792 static sector_t map_index_to_lba(unsigned long index)
2794 sector_t lba = index * scsi_debug_unmap_granularity;
2796 if (scsi_debug_unmap_alignment) {
2797 lba -= scsi_debug_unmap_granularity -
2798 scsi_debug_unmap_alignment;
2804 static unsigned int map_state(sector_t lba, unsigned int *num)
2807 unsigned int mapped;
2808 unsigned long index;
2811 index = lba_to_map_index(lba);
2812 mapped = test_bit(index, map_storep);
2815 next = find_next_zero_bit(map_storep, map_size, index);
2817 next = find_next_bit(map_storep, map_size, index);
2819 end = min_t(sector_t, sdebug_store_sectors, map_index_to_lba(next));
2825 static void map_region(sector_t lba, unsigned int len)
2827 sector_t end = lba + len;
2830 unsigned long index = lba_to_map_index(lba);
2832 if (index < map_size)
2833 set_bit(index, map_storep);
2835 lba = map_index_to_lba(index + 1);
2839 static void unmap_region(sector_t lba, unsigned int len)
2841 sector_t end = lba + len;
2844 unsigned long index = lba_to_map_index(lba);
2846 if (lba == map_index_to_lba(index) &&
2847 lba + scsi_debug_unmap_granularity <= end &&
2849 clear_bit(index, map_storep);
2850 if (scsi_debug_lbprz) {
2851 memset(fake_storep +
2852 lba * scsi_debug_sector_size, 0,
2853 scsi_debug_sector_size *
2854 scsi_debug_unmap_granularity);
2857 memset(dif_storep + lba, 0xff,
2858 sizeof(*dif_storep) *
2859 scsi_debug_unmap_granularity);
2862 lba = map_index_to_lba(index + 1);
2867 resp_write_dt0(struct scsi_cmnd *scp, struct sdebug_dev_info *devip)
2869 u8 *cmd = scp->cmnd;
2873 unsigned long iflags;
2880 lba = get_unaligned_be64(cmd + 2);
2881 num = get_unaligned_be32(cmd + 10);
2886 lba = get_unaligned_be32(cmd + 2);
2887 num = get_unaligned_be16(cmd + 7);
2892 lba = (u32)cmd[3] | (u32)cmd[2] << 8 |
2893 (u32)(cmd[1] & 0x1f) << 16;
2894 num = (0 == cmd[4]) ? 256 : cmd[4];
2899 lba = get_unaligned_be32(cmd + 2);
2900 num = get_unaligned_be32(cmd + 6);
2903 case 0x53: /* XDWRITEREAD(10) */
2905 lba = get_unaligned_be32(cmd + 2);
2906 num = get_unaligned_be16(cmd + 7);
2909 default: /* assume WRITE(32) */
2910 lba = get_unaligned_be64(cmd + 12);
2911 ei_lba = get_unaligned_be32(cmd + 20);
2912 num = get_unaligned_be32(cmd + 28);
2917 if (scsi_debug_dif == SD_DIF_TYPE2_PROTECTION &&
2919 mk_sense_invalid_opcode(scp);
2920 return check_condition_result;
2922 if ((scsi_debug_dif == SD_DIF_TYPE1_PROTECTION ||
2923 scsi_debug_dif == SD_DIF_TYPE3_PROTECTION) &&
2924 (cmd[1] & 0xe0) == 0)
2925 sdev_printk(KERN_ERR, scp->device, "Unprotected WR "
2929 /* inline check_device_access_params() */
2930 if (lba + num > sdebug_capacity) {
2931 mk_sense_buffer(scp, ILLEGAL_REQUEST, LBA_OUT_OF_RANGE, 0);
2932 return check_condition_result;
2934 /* transfer length excessive (tie in to block limits VPD page) */
2935 if (num > sdebug_store_sectors) {
2936 /* needs work to find which cdb byte 'num' comes from */
2937 mk_sense_buffer(scp, ILLEGAL_REQUEST, INVALID_FIELD_IN_CDB, 0);
2938 return check_condition_result;
2941 write_lock_irqsave(&atomic_rw, iflags);
2944 if (scsi_debug_dix && scsi_prot_sg_count(scp)) {
2945 int prot_ret = prot_verify_write(scp, lba, num, ei_lba);
2948 write_unlock_irqrestore(&atomic_rw, iflags);
2949 mk_sense_buffer(scp, ILLEGAL_REQUEST, 0x10, prot_ret);
2950 return illegal_condition_result;
2954 ret = do_device_access(scp, lba, num, true);
2955 if (scsi_debug_lbp())
2956 map_region(lba, num);
2957 write_unlock_irqrestore(&atomic_rw, iflags);
2959 return (DID_ERROR << 16);
2960 else if ((ret < (num * scsi_debug_sector_size)) &&
2961 (SCSI_DEBUG_OPT_NOISE & scsi_debug_opts))
2962 sdev_printk(KERN_INFO, scp->device,
2963 "%s: write: cdb indicated=%u, IO sent=%d bytes\n",
2964 my_name, num * scsi_debug_sector_size, ret);
2966 if (sdebug_any_injecting_opt) {
2967 struct sdebug_scmd_extra_t *ep = scsi_cmd_priv(scp);
2969 if (ep->inj_recovered) {
2970 mk_sense_buffer(scp, RECOVERED_ERROR,
2971 THRESHOLD_EXCEEDED, 0);
2972 return check_condition_result;
2973 } else if (ep->inj_dif) {
2974 /* Logical block guard check failed */
2975 mk_sense_buffer(scp, ABORTED_COMMAND, 0x10, 1);
2976 return illegal_condition_result;
2977 } else if (ep->inj_dix) {
2978 mk_sense_buffer(scp, ILLEGAL_REQUEST, 0x10, 1);
2979 return illegal_condition_result;
2986 resp_write_same(struct scsi_cmnd *scp, u64 lba, u32 num, u32 ei_lba,
2987 bool unmap, bool ndob)
2989 unsigned long iflags;
2990 unsigned long long i;
2993 ret = check_device_access_params(scp, lba, num);
2997 write_lock_irqsave(&atomic_rw, iflags);
2999 if (unmap && scsi_debug_lbp()) {
3000 unmap_region(lba, num);
3004 /* if ndob then zero 1 logical block, else fetch 1 logical block */
3006 memset(fake_storep + (lba * scsi_debug_sector_size), 0,
3007 scsi_debug_sector_size);
3010 ret = fetch_to_dev_buffer(scp, fake_storep +
3011 (lba * scsi_debug_sector_size),
3012 scsi_debug_sector_size);
3015 write_unlock_irqrestore(&atomic_rw, iflags);
3016 return (DID_ERROR << 16);
3017 } else if ((ret < (num * scsi_debug_sector_size)) &&
3018 (SCSI_DEBUG_OPT_NOISE & scsi_debug_opts))
3019 sdev_printk(KERN_INFO, scp->device,
3020 "%s: %s: cdb indicated=%u, IO sent=%d bytes\n",
3021 my_name, "write same",
3022 num * scsi_debug_sector_size, ret);
3024 /* Copy first sector to remaining blocks */
3025 for (i = 1 ; i < num ; i++)
3026 memcpy(fake_storep + ((lba + i) * scsi_debug_sector_size),
3027 fake_storep + (lba * scsi_debug_sector_size),
3028 scsi_debug_sector_size);
3030 if (scsi_debug_lbp())
3031 map_region(lba, num);
3033 write_unlock_irqrestore(&atomic_rw, iflags);
3039 resp_write_same_10(struct scsi_cmnd *scp, struct sdebug_dev_info *devip)
3041 u8 *cmd = scp->cmnd;
3048 if (scsi_debug_lbpws10 == 0) {
3049 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 1, 3);
3050 return check_condition_result;
3054 lba = get_unaligned_be32(cmd + 2);
3055 num = get_unaligned_be16(cmd + 7);
3056 if (num > scsi_debug_write_same_length) {
3057 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 7, -1);
3058 return check_condition_result;
3060 return resp_write_same(scp, lba, num, ei_lba, unmap, false);
3064 resp_write_same_16(struct scsi_cmnd *scp, struct sdebug_dev_info *devip)
3066 u8 *cmd = scp->cmnd;
3073 if (cmd[1] & 0x8) { /* UNMAP */
3074 if (scsi_debug_lbpws == 0) {
3075 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 1, 3);
3076 return check_condition_result;
3080 if (cmd[1] & 0x1) /* NDOB (no data-out buffer, assumes zeroes) */
3082 lba = get_unaligned_be64(cmd + 2);
3083 num = get_unaligned_be32(cmd + 10);
3084 if (num > scsi_debug_write_same_length) {
3085 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 10, -1);
3086 return check_condition_result;
3088 return resp_write_same(scp, lba, num, ei_lba, unmap, ndob);
3091 /* Note the mode field is in the same position as the (lower) service action
3092 * field. For the Report supported operation codes command, SPC-4 suggests
3093 * each mode of this command should be reported separately; for future. */
3095 resp_write_buffer(struct scsi_cmnd *scp, struct sdebug_dev_info *devip)
3097 u8 *cmd = scp->cmnd;
3098 struct scsi_device *sdp = scp->device;
3099 struct sdebug_dev_info *dp;
3102 mode = cmd[1] & 0x1f;
3104 case 0x4: /* download microcode (MC) and activate (ACT) */
3105 /* set UAs on this device only */
3106 set_bit(SDEBUG_UA_BUS_RESET, devip->uas_bm);
3107 set_bit(SDEBUG_UA_MICROCODE_CHANGED, devip->uas_bm);
3109 case 0x5: /* download MC, save and ACT */
3110 set_bit(SDEBUG_UA_MICROCODE_CHANGED_WO_RESET, devip->uas_bm);
3112 case 0x6: /* download MC with offsets and ACT */
3113 /* set UAs on most devices (LUs) in this target */
3114 list_for_each_entry(dp,
3115 &devip->sdbg_host->dev_info_list,
3117 if (dp->target == sdp->id) {
3118 set_bit(SDEBUG_UA_BUS_RESET, dp->uas_bm);
3120 set_bit(SDEBUG_UA_MICROCODE_CHANGED,
3124 case 0x7: /* download MC with offsets, save, and ACT */
3125 /* set UA on all devices (LUs) in this target */
3126 list_for_each_entry(dp,
3127 &devip->sdbg_host->dev_info_list,
3129 if (dp->target == sdp->id)
3130 set_bit(SDEBUG_UA_MICROCODE_CHANGED_WO_RESET,
3134 /* do nothing for this command for other mode values */
3141 resp_comp_write(struct scsi_cmnd *scp, struct sdebug_dev_info *devip)
3143 u8 *cmd = scp->cmnd;
3145 u8 *fake_storep_hold;
3148 u32 lb_size = scsi_debug_sector_size;
3150 unsigned long iflags;
3154 lba = get_unaligned_be64(cmd + 2);
3155 num = cmd[13]; /* 1 to a maximum of 255 logical blocks */
3157 return 0; /* degenerate case, not an error */
3158 if (scsi_debug_dif == SD_DIF_TYPE2_PROTECTION &&
3160 mk_sense_invalid_opcode(scp);
3161 return check_condition_result;
3163 if ((scsi_debug_dif == SD_DIF_TYPE1_PROTECTION ||
3164 scsi_debug_dif == SD_DIF_TYPE3_PROTECTION) &&
3165 (cmd[1] & 0xe0) == 0)
3166 sdev_printk(KERN_ERR, scp->device, "Unprotected WR "
3169 /* inline check_device_access_params() */
3170 if (lba + num > sdebug_capacity) {
3171 mk_sense_buffer(scp, ILLEGAL_REQUEST, LBA_OUT_OF_RANGE, 0);
3172 return check_condition_result;
3174 /* transfer length excessive (tie in to block limits VPD page) */
3175 if (num > sdebug_store_sectors) {
3176 /* needs work to find which cdb byte 'num' comes from */
3177 mk_sense_buffer(scp, ILLEGAL_REQUEST, INVALID_FIELD_IN_CDB, 0);
3178 return check_condition_result;
3181 arr = kzalloc(dnum * lb_size, GFP_ATOMIC);
3183 mk_sense_buffer(scp, ILLEGAL_REQUEST, INSUFF_RES_ASC,
3185 return check_condition_result;
3188 write_lock_irqsave(&atomic_rw, iflags);
3190 /* trick do_device_access() to fetch both compare and write buffers
3191 * from data-in into arr. Safe (atomic) since write_lock held. */
3192 fake_storep_hold = fake_storep;
3194 ret = do_device_access(scp, 0, dnum, true);
3195 fake_storep = fake_storep_hold;
3197 retval = DID_ERROR << 16;
3199 } else if ((ret < (dnum * lb_size)) &&
3200 (SCSI_DEBUG_OPT_NOISE & scsi_debug_opts))
3201 sdev_printk(KERN_INFO, scp->device, "%s: compare_write: cdb "
3202 "indicated=%u, IO sent=%d bytes\n", my_name,
3203 dnum * lb_size, ret);
3204 if (!comp_write_worker(lba, num, arr)) {
3205 mk_sense_buffer(scp, MISCOMPARE, MISCOMPARE_VERIFY_ASC, 0);
3206 retval = check_condition_result;
3209 if (scsi_debug_lbp())
3210 map_region(lba, num);
3212 write_unlock_irqrestore(&atomic_rw, iflags);
3217 struct unmap_block_desc {
3224 resp_unmap(struct scsi_cmnd *scp, struct sdebug_dev_info *devip)
3227 struct unmap_block_desc *desc;
3228 unsigned int i, payload_len, descriptors;
3230 unsigned long iflags;
3233 if (!scsi_debug_lbp())
3234 return 0; /* fib and say its done */
3235 payload_len = get_unaligned_be16(scp->cmnd + 7);
3236 BUG_ON(scsi_bufflen(scp) != payload_len);
3238 descriptors = (payload_len - 8) / 16;
3239 if (descriptors > scsi_debug_unmap_max_desc) {
3240 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 7, -1);
3241 return check_condition_result;
3244 buf = kmalloc(scsi_bufflen(scp), GFP_ATOMIC);
3246 mk_sense_buffer(scp, ILLEGAL_REQUEST, INSUFF_RES_ASC,
3248 return check_condition_result;
3251 scsi_sg_copy_to_buffer(scp, buf, scsi_bufflen(scp));
3253 BUG_ON(get_unaligned_be16(&buf[0]) != payload_len - 2);
3254 BUG_ON(get_unaligned_be16(&buf[2]) != descriptors * 16);
3256 desc = (void *)&buf[8];
3258 write_lock_irqsave(&atomic_rw, iflags);
3260 for (i = 0 ; i < descriptors ; i++) {
3261 unsigned long long lba = get_unaligned_be64(&desc[i].lba);
3262 unsigned int num = get_unaligned_be32(&desc[i].blocks);
3264 ret = check_device_access_params(scp, lba, num);
3268 unmap_region(lba, num);
3274 write_unlock_irqrestore(&atomic_rw, iflags);
3280 #define SDEBUG_GET_LBA_STATUS_LEN 32
3283 resp_get_lba_status(struct scsi_cmnd *scp, struct sdebug_dev_info *devip)
3285 u8 *cmd = scp->cmnd;
3287 u32 alloc_len, mapped, num;
3288 u8 arr[SDEBUG_GET_LBA_STATUS_LEN];
3291 lba = get_unaligned_be64(cmd + 2);
3292 alloc_len = get_unaligned_be32(cmd + 10);
3297 ret = check_device_access_params(scp, lba, 1);
3301 if (scsi_debug_lbp())
3302 mapped = map_state(lba, &num);
3305 /* following just in case virtual_gb changed */
3306 sdebug_capacity = get_sdebug_capacity();
3307 if (sdebug_capacity - lba <= 0xffffffff)
3308 num = sdebug_capacity - lba;
3313 memset(arr, 0, SDEBUG_GET_LBA_STATUS_LEN);
3314 put_unaligned_be32(20, arr); /* Parameter Data Length */
3315 put_unaligned_be64(lba, arr + 8); /* LBA */
3316 put_unaligned_be32(num, arr + 16); /* Number of blocks */
3317 arr[20] = !mapped; /* prov_stat=0: mapped; 1: dealloc */
3319 return fill_from_dev_buffer(scp, arr, SDEBUG_GET_LBA_STATUS_LEN);
3322 #define SDEBUG_RLUN_ARR_SZ 256
3324 static int resp_report_luns(struct scsi_cmnd * scp,
3325 struct sdebug_dev_info * devip)
3327 unsigned int alloc_len;
3328 int lun_cnt, i, upper, num, n, want_wlun, shortish;
3330 unsigned char *cmd = scp->cmnd;
3331 int select_report = (int)cmd[2];
3332 struct scsi_lun *one_lun;
3333 unsigned char arr[SDEBUG_RLUN_ARR_SZ];
3334 unsigned char * max_addr;
3336 clear_luns_changed_on_target(devip);
3337 alloc_len = cmd[9] + (cmd[8] << 8) + (cmd[7] << 16) + (cmd[6] << 24);
3338 shortish = (alloc_len < 4);
3339 if (shortish || (select_report > 2)) {
3340 mk_sense_invalid_fld(scp, SDEB_IN_CDB, shortish ? 6 : 2, -1);
3341 return check_condition_result;
3343 /* can produce response with up to 16k luns (lun 0 to lun 16383) */
3344 memset(arr, 0, SDEBUG_RLUN_ARR_SZ);
3345 lun_cnt = scsi_debug_max_luns;
3346 if (1 == select_report)
3348 else if (scsi_debug_no_lun_0 && (lun_cnt > 0))
3350 want_wlun = (select_report > 0) ? 1 : 0;
3351 num = lun_cnt + want_wlun;
3352 arr[2] = ((sizeof(struct scsi_lun) * num) >> 8) & 0xff;
3353 arr[3] = (sizeof(struct scsi_lun) * num) & 0xff;
3354 n = min((int)((SDEBUG_RLUN_ARR_SZ - 8) /
3355 sizeof(struct scsi_lun)), num);
3360 one_lun = (struct scsi_lun *) &arr[8];
3361 max_addr = arr + SDEBUG_RLUN_ARR_SZ;
3362 for (i = 0, lun = (scsi_debug_no_lun_0 ? 1 : 0);
3363 ((i < lun_cnt) && ((unsigned char *)(one_lun + i) < max_addr));
3365 upper = (lun >> 8) & 0x3f;
3367 one_lun[i].scsi_lun[0] =
3368 (upper | (SAM2_LUN_ADDRESS_METHOD << 6));
3369 one_lun[i].scsi_lun[1] = lun & 0xff;
3372 one_lun[i].scsi_lun[0] = (SAM2_WLUN_REPORT_LUNS >> 8) & 0xff;
3373 one_lun[i].scsi_lun[1] = SAM2_WLUN_REPORT_LUNS & 0xff;
3376 alloc_len = (unsigned char *)(one_lun + i) - arr;
3377 return fill_from_dev_buffer(scp, arr,
3378 min((int)alloc_len, SDEBUG_RLUN_ARR_SZ));
3381 static int resp_xdwriteread(struct scsi_cmnd *scp, unsigned long long lba,
3382 unsigned int num, struct sdebug_dev_info *devip)
3385 unsigned char *kaddr, *buf;
3386 unsigned int offset;
3387 struct scsi_data_buffer *sdb = scsi_in(scp);
3388 struct sg_mapping_iter miter;
3390 /* better not to use temporary buffer. */
3391 buf = kmalloc(scsi_bufflen(scp), GFP_ATOMIC);
3393 mk_sense_buffer(scp, ILLEGAL_REQUEST, INSUFF_RES_ASC,
3395 return check_condition_result;
3398 scsi_sg_copy_to_buffer(scp, buf, scsi_bufflen(scp));
3401 sg_miter_start(&miter, sdb->table.sgl, sdb->table.nents,
3402 SG_MITER_ATOMIC | SG_MITER_TO_SG);
3404 while (sg_miter_next(&miter)) {
3406 for (j = 0; j < miter.length; j++)
3407 *(kaddr + j) ^= *(buf + offset + j);
3409 offset += miter.length;
3411 sg_miter_stop(&miter);
3418 resp_xdwriteread_10(struct scsi_cmnd *scp, struct sdebug_dev_info *devip)
3420 u8 *cmd = scp->cmnd;
3425 if (!scsi_bidi_cmnd(scp)) {
3426 mk_sense_buffer(scp, ILLEGAL_REQUEST, INSUFF_RES_ASC,
3428 return check_condition_result;
3430 errsts = resp_read_dt0(scp, devip);
3433 if (!(cmd[1] & 0x4)) { /* DISABLE_WRITE is not set */
3434 errsts = resp_write_dt0(scp, devip);
3438 lba = get_unaligned_be32(cmd + 2);
3439 num = get_unaligned_be16(cmd + 7);
3440 return resp_xdwriteread(scp, lba, num, devip);
3443 /* When timer or tasklet goes off this function is called. */
3444 static void sdebug_q_cmd_complete(unsigned long indx)
3448 unsigned long iflags;
3449 struct sdebug_queued_cmd *sqcp;
3450 struct scsi_cmnd *scp;
3451 struct sdebug_dev_info *devip;
3453 atomic_inc(&sdebug_completions);
3455 if ((qa_indx < 0) || (qa_indx >= SCSI_DEBUG_CANQUEUE)) {
3456 pr_err("%s: wild qa_indx=%d\n", __func__, qa_indx);
3459 spin_lock_irqsave(&queued_arr_lock, iflags);
3460 sqcp = &queued_arr[qa_indx];
3463 spin_unlock_irqrestore(&queued_arr_lock, iflags);
3464 pr_err("%s: scp is NULL\n", __func__);
3467 devip = (struct sdebug_dev_info *)scp->device->hostdata;
3469 atomic_dec(&devip->num_in_q);
3471 pr_err("%s: devip=NULL\n", __func__);
3472 if (atomic_read(&retired_max_queue) > 0)
3475 sqcp->a_cmnd = NULL;
3476 if (!test_and_clear_bit(qa_indx, queued_in_use_bm)) {
3477 spin_unlock_irqrestore(&queued_arr_lock, iflags);
3478 pr_err("%s: Unexpected completion\n", __func__);
3482 if (unlikely(retiring)) { /* user has reduced max_queue */
3485 retval = atomic_read(&retired_max_queue);
3486 if (qa_indx >= retval) {
3487 spin_unlock_irqrestore(&queued_arr_lock, iflags);
3488 pr_err("%s: index %d too large\n", __func__, retval);
3491 k = find_last_bit(queued_in_use_bm, retval);
3492 if ((k < scsi_debug_max_queue) || (k == retval))
3493 atomic_set(&retired_max_queue, 0);
3495 atomic_set(&retired_max_queue, k + 1);
3497 spin_unlock_irqrestore(&queued_arr_lock, iflags);
3498 scp->scsi_done(scp); /* callback to mid level */
3501 /* When high resolution timer goes off this function is called. */
3502 static enum hrtimer_restart
3503 sdebug_q_cmd_hrt_complete(struct hrtimer *timer)
3507 unsigned long iflags;
3508 struct sdebug_hrtimer *sd_hrtp = (struct sdebug_hrtimer *)timer;
3509 struct sdebug_queued_cmd *sqcp;
3510 struct scsi_cmnd *scp;
3511 struct sdebug_dev_info *devip;
3513 atomic_inc(&sdebug_completions);
3514 qa_indx = sd_hrtp->qa_indx;
3515 if ((qa_indx < 0) || (qa_indx >= SCSI_DEBUG_CANQUEUE)) {
3516 pr_err("%s: wild qa_indx=%d\n", __func__, qa_indx);
3519 spin_lock_irqsave(&queued_arr_lock, iflags);
3520 sqcp = &queued_arr[qa_indx];
3523 spin_unlock_irqrestore(&queued_arr_lock, iflags);
3524 pr_err("%s: scp is NULL\n", __func__);
3527 devip = (struct sdebug_dev_info *)scp->device->hostdata;
3529 atomic_dec(&devip->num_in_q);
3531 pr_err("%s: devip=NULL\n", __func__);
3532 if (atomic_read(&retired_max_queue) > 0)
3535 sqcp->a_cmnd = NULL;
3536 if (!test_and_clear_bit(qa_indx, queued_in_use_bm)) {
3537 spin_unlock_irqrestore(&queued_arr_lock, iflags);
3538 pr_err("%s: Unexpected completion\n", __func__);
3542 if (unlikely(retiring)) { /* user has reduced max_queue */
3545 retval = atomic_read(&retired_max_queue);
3546 if (qa_indx >= retval) {
3547 spin_unlock_irqrestore(&queued_arr_lock, iflags);
3548 pr_err("%s: index %d too large\n", __func__, retval);
3551 k = find_last_bit(queued_in_use_bm, retval);
3552 if ((k < scsi_debug_max_queue) || (k == retval))
3553 atomic_set(&retired_max_queue, 0);
3555 atomic_set(&retired_max_queue, k + 1);
3557 spin_unlock_irqrestore(&queued_arr_lock, iflags);
3558 scp->scsi_done(scp); /* callback to mid level */
3560 return HRTIMER_NORESTART;
3563 static struct sdebug_dev_info *
3564 sdebug_device_create(struct sdebug_host_info *sdbg_host, gfp_t flags)
3566 struct sdebug_dev_info *devip;
3568 devip = kzalloc(sizeof(*devip), flags);
3570 devip->sdbg_host = sdbg_host;
3571 list_add_tail(&devip->dev_list, &sdbg_host->dev_info_list);
3576 static struct sdebug_dev_info * devInfoReg(struct scsi_device * sdev)
3578 struct sdebug_host_info * sdbg_host;
3579 struct sdebug_dev_info * open_devip = NULL;
3580 struct sdebug_dev_info * devip =
3581 (struct sdebug_dev_info *)sdev->hostdata;
3585 sdbg_host = *(struct sdebug_host_info **)shost_priv(sdev->host);
3587 pr_err("%s: Host info NULL\n", __func__);
3590 list_for_each_entry(devip, &sdbg_host->dev_info_list, dev_list) {
3591 if ((devip->used) && (devip->channel == sdev->channel) &&
3592 (devip->target == sdev->id) &&
3593 (devip->lun == sdev->lun))
3596 if ((!devip->used) && (!open_devip))
3600 if (!open_devip) { /* try and make a new one */
3601 open_devip = sdebug_device_create(sdbg_host, GFP_ATOMIC);
3603 printk(KERN_ERR "%s: out of memory at line %d\n",
3604 __func__, __LINE__);
3609 open_devip->channel = sdev->channel;
3610 open_devip->target = sdev->id;
3611 open_devip->lun = sdev->lun;
3612 open_devip->sdbg_host = sdbg_host;
3613 atomic_set(&open_devip->num_in_q, 0);
3614 set_bit(SDEBUG_UA_POR, open_devip->uas_bm);
3615 open_devip->used = true;
3619 static int scsi_debug_slave_alloc(struct scsi_device *sdp)
3621 if (SCSI_DEBUG_OPT_NOISE & scsi_debug_opts)
3622 printk(KERN_INFO "scsi_debug: slave_alloc <%u %u %u %llu>\n",
3623 sdp->host->host_no, sdp->channel, sdp->id, sdp->lun);
3624 queue_flag_set_unlocked(QUEUE_FLAG_BIDI, sdp->request_queue);
3628 static int scsi_debug_slave_configure(struct scsi_device *sdp)
3630 struct sdebug_dev_info *devip;
3632 if (SCSI_DEBUG_OPT_NOISE & scsi_debug_opts)
3633 printk(KERN_INFO "scsi_debug: slave_configure <%u %u %u %llu>\n",
3634 sdp->host->host_no, sdp->channel, sdp->id, sdp->lun);
3635 if (sdp->host->max_cmd_len != SCSI_DEBUG_MAX_CMD_LEN)
3636 sdp->host->max_cmd_len = SCSI_DEBUG_MAX_CMD_LEN;
3637 devip = devInfoReg(sdp);
3639 return 1; /* no resources, will be marked offline */
3640 sdp->hostdata = devip;
3641 blk_queue_max_segment_size(sdp->request_queue, -1U);
3642 if (scsi_debug_no_uld)
3643 sdp->no_uld_attach = 1;
3647 static void scsi_debug_slave_destroy(struct scsi_device *sdp)
3649 struct sdebug_dev_info *devip =
3650 (struct sdebug_dev_info *)sdp->hostdata;
3652 if (SCSI_DEBUG_OPT_NOISE & scsi_debug_opts)
3653 printk(KERN_INFO "scsi_debug: slave_destroy <%u %u %u %llu>\n",
3654 sdp->host->host_no, sdp->channel, sdp->id, sdp->lun);
3656 /* make this slot available for re-use */
3657 devip->used = false;
3658 sdp->hostdata = NULL;
3662 /* Returns 1 if cmnd found (deletes its timer or tasklet), else returns 0 */
3663 static int stop_queued_cmnd(struct scsi_cmnd *cmnd)
3665 unsigned long iflags;
3666 int k, qmax, r_qmax;
3667 struct sdebug_queued_cmd *sqcp;
3668 struct sdebug_dev_info *devip;
3670 spin_lock_irqsave(&queued_arr_lock, iflags);
3671 qmax = scsi_debug_max_queue;
3672 r_qmax = atomic_read(&retired_max_queue);
3675 for (k = 0; k < qmax; ++k) {
3676 if (test_bit(k, queued_in_use_bm)) {
3677 sqcp = &queued_arr[k];
3678 if (cmnd == sqcp->a_cmnd) {
3679 devip = (struct sdebug_dev_info *)
3680 cmnd->device->hostdata;
3682 atomic_dec(&devip->num_in_q);
3683 sqcp->a_cmnd = NULL;
3684 spin_unlock_irqrestore(&queued_arr_lock,
3686 if (scsi_debug_ndelay > 0) {
3689 &sqcp->sd_hrtp->hrt);
3690 } else if (scsi_debug_delay > 0) {
3691 if (sqcp->cmnd_timerp)
3694 } else if (scsi_debug_delay < 0) {
3696 tasklet_kill(sqcp->tletp);
3698 clear_bit(k, queued_in_use_bm);
3703 spin_unlock_irqrestore(&queued_arr_lock, iflags);
3707 /* Deletes (stops) timers or tasklets of all queued commands */
3708 static void stop_all_queued(void)
3710 unsigned long iflags;
3712 struct sdebug_queued_cmd *sqcp;
3713 struct sdebug_dev_info *devip;
3715 spin_lock_irqsave(&queued_arr_lock, iflags);
3716 for (k = 0; k < SCSI_DEBUG_CANQUEUE; ++k) {
3717 if (test_bit(k, queued_in_use_bm)) {
3718 sqcp = &queued_arr[k];
3720 devip = (struct sdebug_dev_info *)
3721 sqcp->a_cmnd->device->hostdata;
3723 atomic_dec(&devip->num_in_q);
3724 sqcp->a_cmnd = NULL;
3725 spin_unlock_irqrestore(&queued_arr_lock,
3727 if (scsi_debug_ndelay > 0) {
3730 &sqcp->sd_hrtp->hrt);
3731 } else if (scsi_debug_delay > 0) {
3732 if (sqcp->cmnd_timerp)
3735 } else if (scsi_debug_delay < 0) {
3737 tasklet_kill(sqcp->tletp);
3739 clear_bit(k, queued_in_use_bm);
3740 spin_lock_irqsave(&queued_arr_lock, iflags);
3744 spin_unlock_irqrestore(&queued_arr_lock, iflags);
3747 /* Free queued command memory on heap */
3748 static void free_all_queued(void)
3750 unsigned long iflags;
3752 struct sdebug_queued_cmd *sqcp;
3754 spin_lock_irqsave(&queued_arr_lock, iflags);
3755 for (k = 0; k < SCSI_DEBUG_CANQUEUE; ++k) {
3756 sqcp = &queued_arr[k];
3757 kfree(sqcp->cmnd_timerp);
3758 sqcp->cmnd_timerp = NULL;
3761 kfree(sqcp->sd_hrtp);
3762 sqcp->sd_hrtp = NULL;
3764 spin_unlock_irqrestore(&queued_arr_lock, iflags);
3767 static int scsi_debug_abort(struct scsi_cmnd *SCpnt)
3771 if (SCpnt->device &&
3772 (SCSI_DEBUG_OPT_ALL_NOISE & scsi_debug_opts))
3773 sdev_printk(KERN_INFO, SCpnt->device, "%s\n",
3775 stop_queued_cmnd(SCpnt);
3780 static int scsi_debug_device_reset(struct scsi_cmnd * SCpnt)
3782 struct sdebug_dev_info * devip;
3785 if (SCpnt && SCpnt->device) {
3786 struct scsi_device *sdp = SCpnt->device;
3788 if (SCSI_DEBUG_OPT_ALL_NOISE & scsi_debug_opts)
3789 sdev_printk(KERN_INFO, sdp, "%s\n", __func__);
3790 devip = devInfoReg(sdp);
3792 set_bit(SDEBUG_UA_POR, devip->uas_bm);
3797 static int scsi_debug_target_reset(struct scsi_cmnd *SCpnt)
3799 struct sdebug_host_info *sdbg_host;
3800 struct sdebug_dev_info *devip;
3801 struct scsi_device *sdp;
3802 struct Scsi_Host *hp;
3805 ++num_target_resets;
3808 sdp = SCpnt->device;
3811 if (SCSI_DEBUG_OPT_ALL_NOISE & scsi_debug_opts)
3812 sdev_printk(KERN_INFO, sdp, "%s\n", __func__);
3816 sdbg_host = *(struct sdebug_host_info **)shost_priv(hp);
3818 list_for_each_entry(devip,
3819 &sdbg_host->dev_info_list,
3821 if (devip->target == sdp->id) {
3822 set_bit(SDEBUG_UA_BUS_RESET, devip->uas_bm);
3826 if (SCSI_DEBUG_OPT_RESET_NOISE & scsi_debug_opts)
3827 sdev_printk(KERN_INFO, sdp,
3828 "%s: %d device(s) found in target\n", __func__, k);
3833 static int scsi_debug_bus_reset(struct scsi_cmnd * SCpnt)
3835 struct sdebug_host_info *sdbg_host;
3836 struct sdebug_dev_info *devip;
3837 struct scsi_device * sdp;
3838 struct Scsi_Host * hp;
3842 if (!(SCpnt && SCpnt->device))
3844 sdp = SCpnt->device;
3845 if (SCSI_DEBUG_OPT_ALL_NOISE & scsi_debug_opts)
3846 sdev_printk(KERN_INFO, sdp, "%s\n", __func__);
3849 sdbg_host = *(struct sdebug_host_info **)shost_priv(hp);
3851 list_for_each_entry(devip,
3852 &sdbg_host->dev_info_list,
3854 set_bit(SDEBUG_UA_BUS_RESET, devip->uas_bm);
3859 if (SCSI_DEBUG_OPT_RESET_NOISE & scsi_debug_opts)
3860 sdev_printk(KERN_INFO, sdp,
3861 "%s: %d device(s) found in host\n", __func__, k);
3866 static int scsi_debug_host_reset(struct scsi_cmnd * SCpnt)
3868 struct sdebug_host_info * sdbg_host;
3869 struct sdebug_dev_info *devip;
3873 if ((SCpnt->device) && (SCSI_DEBUG_OPT_ALL_NOISE & scsi_debug_opts))
3874 sdev_printk(KERN_INFO, SCpnt->device, "%s\n", __func__);
3875 spin_lock(&sdebug_host_list_lock);
3876 list_for_each_entry(sdbg_host, &sdebug_host_list, host_list) {
3877 list_for_each_entry(devip, &sdbg_host->dev_info_list,
3879 set_bit(SDEBUG_UA_BUS_RESET, devip->uas_bm);
3883 spin_unlock(&sdebug_host_list_lock);
3885 if (SCSI_DEBUG_OPT_RESET_NOISE & scsi_debug_opts)
3886 sdev_printk(KERN_INFO, SCpnt->device,
3887 "%s: %d device(s) found\n", __func__, k);
3891 static void __init sdebug_build_parts(unsigned char *ramp,
3892 unsigned long store_size)
3894 struct partition * pp;
3895 int starts[SDEBUG_MAX_PARTS + 2];
3896 int sectors_per_part, num_sectors, k;
3897 int heads_by_sects, start_sec, end_sec;
3899 /* assume partition table already zeroed */
3900 if ((scsi_debug_num_parts < 1) || (store_size < 1048576))
3902 if (scsi_debug_num_parts > SDEBUG_MAX_PARTS) {
3903 scsi_debug_num_parts = SDEBUG_MAX_PARTS;
3904 pr_warn("%s: reducing partitions to %d\n", __func__,
3907 num_sectors = (int)sdebug_store_sectors;
3908 sectors_per_part = (num_sectors - sdebug_sectors_per)
3909 / scsi_debug_num_parts;
3910 heads_by_sects = sdebug_heads * sdebug_sectors_per;
3911 starts[0] = sdebug_sectors_per;
3912 for (k = 1; k < scsi_debug_num_parts; ++k)
3913 starts[k] = ((k * sectors_per_part) / heads_by_sects)
3915 starts[scsi_debug_num_parts] = num_sectors;
3916 starts[scsi_debug_num_parts + 1] = 0;
3918 ramp[510] = 0x55; /* magic partition markings */
3920 pp = (struct partition *)(ramp + 0x1be);
3921 for (k = 0; starts[k + 1]; ++k, ++pp) {
3922 start_sec = starts[k];
3923 end_sec = starts[k + 1] - 1;
3926 pp->cyl = start_sec / heads_by_sects;
3927 pp->head = (start_sec - (pp->cyl * heads_by_sects))
3928 / sdebug_sectors_per;
3929 pp->sector = (start_sec % sdebug_sectors_per) + 1;
3931 pp->end_cyl = end_sec / heads_by_sects;
3932 pp->end_head = (end_sec - (pp->end_cyl * heads_by_sects))
3933 / sdebug_sectors_per;
3934 pp->end_sector = (end_sec % sdebug_sectors_per) + 1;
3936 pp->start_sect = cpu_to_le32(start_sec);
3937 pp->nr_sects = cpu_to_le32(end_sec - start_sec + 1);
3938 pp->sys_ind = 0x83; /* plain Linux partition */
3943 schedule_resp(struct scsi_cmnd *cmnd, struct sdebug_dev_info *devip,
3944 int scsi_result, int delta_jiff)
3946 unsigned long iflags;
3947 int k, num_in_q, qdepth, inject;
3948 struct sdebug_queued_cmd *sqcp = NULL;
3949 struct scsi_device *sdp = cmnd->device;
3951 if (NULL == cmnd || NULL == devip) {
3952 pr_warn("%s: called with NULL cmnd or devip pointer\n",
3954 /* no particularly good error to report back */
3955 return SCSI_MLQUEUE_HOST_BUSY;
3957 if ((scsi_result) && (SCSI_DEBUG_OPT_NOISE & scsi_debug_opts))
3958 sdev_printk(KERN_INFO, sdp, "%s: non-zero result=0x%x\n",
3959 __func__, scsi_result);
3960 if (delta_jiff == 0)
3961 goto respond_in_thread;
3963 /* schedule the response at a later time if resources permit */
3964 spin_lock_irqsave(&queued_arr_lock, iflags);
3965 num_in_q = atomic_read(&devip->num_in_q);
3966 qdepth = cmnd->device->queue_depth;
3968 if ((qdepth > 0) && (num_in_q >= qdepth)) {
3970 spin_unlock_irqrestore(&queued_arr_lock, iflags);
3971 goto respond_in_thread;
3973 scsi_result = device_qfull_result;
3974 } else if ((scsi_debug_every_nth != 0) &&
3975 (SCSI_DEBUG_OPT_RARE_TSF & scsi_debug_opts) &&
3976 (scsi_result == 0)) {
3977 if ((num_in_q == (qdepth - 1)) &&
3978 (atomic_inc_return(&sdebug_a_tsf) >=
3979 abs(scsi_debug_every_nth))) {
3980 atomic_set(&sdebug_a_tsf, 0);
3982 scsi_result = device_qfull_result;
3986 k = find_first_zero_bit(queued_in_use_bm, scsi_debug_max_queue);
3987 if (k >= scsi_debug_max_queue) {
3988 spin_unlock_irqrestore(&queued_arr_lock, iflags);
3990 goto respond_in_thread;
3991 else if (SCSI_DEBUG_OPT_ALL_TSF & scsi_debug_opts)
3992 scsi_result = device_qfull_result;
3993 if (SCSI_DEBUG_OPT_Q_NOISE & scsi_debug_opts)
3994 sdev_printk(KERN_INFO, sdp,
3995 "%s: max_queue=%d exceeded, %s\n",
3996 __func__, scsi_debug_max_queue,
3997 (scsi_result ? "status: TASK SET FULL" :
3998 "report: host busy"));
4000 goto respond_in_thread;
4002 return SCSI_MLQUEUE_HOST_BUSY;
4004 __set_bit(k, queued_in_use_bm);
4005 atomic_inc(&devip->num_in_q);
4006 sqcp = &queued_arr[k];
4007 sqcp->a_cmnd = cmnd;
4008 cmnd->result = scsi_result;
4009 spin_unlock_irqrestore(&queued_arr_lock, iflags);
4010 if (delta_jiff > 0) {
4011 if (NULL == sqcp->cmnd_timerp) {
4012 sqcp->cmnd_timerp = kmalloc(sizeof(struct timer_list),
4014 if (NULL == sqcp->cmnd_timerp)
4015 return SCSI_MLQUEUE_HOST_BUSY;
4016 init_timer(sqcp->cmnd_timerp);
4018 sqcp->cmnd_timerp->function = sdebug_q_cmd_complete;
4019 sqcp->cmnd_timerp->data = k;
4020 sqcp->cmnd_timerp->expires = get_jiffies_64() + delta_jiff;
4021 add_timer(sqcp->cmnd_timerp);
4022 } else if (scsi_debug_ndelay > 0) {
4023 ktime_t kt = ktime_set(0, scsi_debug_ndelay);
4024 struct sdebug_hrtimer *sd_hp = sqcp->sd_hrtp;
4026 if (NULL == sd_hp) {
4027 sd_hp = kmalloc(sizeof(*sd_hp), GFP_ATOMIC);
4029 return SCSI_MLQUEUE_HOST_BUSY;
4030 sqcp->sd_hrtp = sd_hp;
4031 hrtimer_init(&sd_hp->hrt, CLOCK_MONOTONIC,
4033 sd_hp->hrt.function = sdebug_q_cmd_hrt_complete;
4036 hrtimer_start(&sd_hp->hrt, kt, HRTIMER_MODE_REL);
4037 } else { /* delay < 0 */
4038 if (NULL == sqcp->tletp) {
4039 sqcp->tletp = kmalloc(sizeof(*sqcp->tletp),
4041 if (NULL == sqcp->tletp)
4042 return SCSI_MLQUEUE_HOST_BUSY;
4043 tasklet_init(sqcp->tletp,
4044 sdebug_q_cmd_complete, k);
4046 if (-1 == delta_jiff)
4047 tasklet_hi_schedule(sqcp->tletp);
4049 tasklet_schedule(sqcp->tletp);
4051 if ((SCSI_DEBUG_OPT_Q_NOISE & scsi_debug_opts) &&
4052 (scsi_result == device_qfull_result))
4053 sdev_printk(KERN_INFO, sdp,
4054 "%s: num_in_q=%d +1, %s%s\n", __func__,
4055 num_in_q, (inject ? "<inject> " : ""),
4056 "status: TASK SET FULL");
4059 respond_in_thread: /* call back to mid-layer using invocation thread */
4060 cmnd->result = scsi_result;
4061 cmnd->scsi_done(cmnd);
4065 /* Note: The following macros create attribute files in the
4066 /sys/module/scsi_debug/parameters directory. Unfortunately this
4067 driver is unaware of a change and cannot trigger auxiliary actions
4068 as it can when the corresponding attribute in the
4069 /sys/bus/pseudo/drivers/scsi_debug directory is changed.
4071 module_param_named(add_host, scsi_debug_add_host, int, S_IRUGO | S_IWUSR);
4072 module_param_named(ato, scsi_debug_ato, int, S_IRUGO);
4073 module_param_named(clustering, scsi_debug_clustering, bool, S_IRUGO | S_IWUSR);
4074 module_param_named(delay, scsi_debug_delay, int, S_IRUGO | S_IWUSR);
4075 module_param_named(dev_size_mb, scsi_debug_dev_size_mb, int, S_IRUGO);
4076 module_param_named(dif, scsi_debug_dif, int, S_IRUGO);
4077 module_param_named(dix, scsi_debug_dix, int, S_IRUGO);
4078 module_param_named(dsense, scsi_debug_dsense, int, S_IRUGO | S_IWUSR);
4079 module_param_named(every_nth, scsi_debug_every_nth, int, S_IRUGO | S_IWUSR);
4080 module_param_named(fake_rw, scsi_debug_fake_rw, int, S_IRUGO | S_IWUSR);
4081 module_param_named(guard, scsi_debug_guard, uint, S_IRUGO);
4082 module_param_named(host_lock, scsi_debug_host_lock, bool, S_IRUGO | S_IWUSR);
4083 module_param_named(lbpu, scsi_debug_lbpu, int, S_IRUGO);
4084 module_param_named(lbpws, scsi_debug_lbpws, int, S_IRUGO);
4085 module_param_named(lbpws10, scsi_debug_lbpws10, int, S_IRUGO);
4086 module_param_named(lbprz, scsi_debug_lbprz, int, S_IRUGO);
4087 module_param_named(lowest_aligned, scsi_debug_lowest_aligned, int, S_IRUGO);
4088 module_param_named(max_luns, scsi_debug_max_luns, int, S_IRUGO | S_IWUSR);
4089 module_param_named(max_queue, scsi_debug_max_queue, int, S_IRUGO | S_IWUSR);
4090 module_param_named(ndelay, scsi_debug_ndelay, int, S_IRUGO | S_IWUSR);
4091 module_param_named(no_lun_0, scsi_debug_no_lun_0, int, S_IRUGO | S_IWUSR);
4092 module_param_named(no_uld, scsi_debug_no_uld, int, S_IRUGO);
4093 module_param_named(num_parts, scsi_debug_num_parts, int, S_IRUGO);
4094 module_param_named(num_tgts, scsi_debug_num_tgts, int, S_IRUGO | S_IWUSR);
4095 module_param_named(opt_blks, scsi_debug_opt_blks, int, S_IRUGO);
4096 module_param_named(opts, scsi_debug_opts, int, S_IRUGO | S_IWUSR);
4097 module_param_named(physblk_exp, scsi_debug_physblk_exp, int, S_IRUGO);
4098 module_param_named(ptype, scsi_debug_ptype, int, S_IRUGO | S_IWUSR);
4099 module_param_named(removable, scsi_debug_removable, bool, S_IRUGO | S_IWUSR);
4100 module_param_named(scsi_level, scsi_debug_scsi_level, int, S_IRUGO);
4101 module_param_named(sector_size, scsi_debug_sector_size, int, S_IRUGO);
4102 module_param_named(strict, scsi_debug_strict, bool, S_IRUGO | S_IWUSR);
4103 module_param_named(unmap_alignment, scsi_debug_unmap_alignment, int, S_IRUGO);
4104 module_param_named(unmap_granularity, scsi_debug_unmap_granularity, int, S_IRUGO);
4105 module_param_named(unmap_max_blocks, scsi_debug_unmap_max_blocks, int, S_IRUGO);
4106 module_param_named(unmap_max_desc, scsi_debug_unmap_max_desc, int, S_IRUGO);
4107 module_param_named(virtual_gb, scsi_debug_virtual_gb, int, S_IRUGO | S_IWUSR);
4108 module_param_named(vpd_use_hostno, scsi_debug_vpd_use_hostno, int,
4110 module_param_named(write_same_length, scsi_debug_write_same_length, int,
4113 MODULE_AUTHOR("Eric Youngdale + Douglas Gilbert");
4114 MODULE_DESCRIPTION("SCSI debug adapter driver");
4115 MODULE_LICENSE("GPL");
4116 MODULE_VERSION(SCSI_DEBUG_VERSION);
4118 MODULE_PARM_DESC(add_host, "0..127 hosts allowed(def=1)");
4119 MODULE_PARM_DESC(ato, "application tag ownership: 0=disk 1=host (def=1)");
4120 MODULE_PARM_DESC(clustering, "when set enables larger transfers (def=0)");
4121 MODULE_PARM_DESC(delay, "response delay (def=1 jiffy); 0:imm, -1,-2:tiny");
4122 MODULE_PARM_DESC(dev_size_mb, "size in MiB of ram shared by devs(def=8)");
4123 MODULE_PARM_DESC(dif, "data integrity field type: 0-3 (def=0)");
4124 MODULE_PARM_DESC(dix, "data integrity extensions mask (def=0)");
4125 MODULE_PARM_DESC(dsense, "use descriptor sense format(def=0 -> fixed)");
4126 MODULE_PARM_DESC(every_nth, "timeout every nth command(def=0)");
4127 MODULE_PARM_DESC(fake_rw, "fake reads/writes instead of copying (def=0)");
4128 MODULE_PARM_DESC(guard, "protection checksum: 0=crc, 1=ip (def=0)");
4129 MODULE_PARM_DESC(host_lock, "use host_lock around all commands (def=0)");
4130 MODULE_PARM_DESC(lbpu, "enable LBP, support UNMAP command (def=0)");
4131 MODULE_PARM_DESC(lbpws, "enable LBP, support WRITE SAME(16) with UNMAP bit (def=0)");
4132 MODULE_PARM_DESC(lbpws10, "enable LBP, support WRITE SAME(10) with UNMAP bit (def=0)");
4133 MODULE_PARM_DESC(lbprz, "unmapped blocks return 0 on read (def=1)");
4134 MODULE_PARM_DESC(lowest_aligned, "lowest aligned lba (def=0)");
4135 MODULE_PARM_DESC(max_luns, "number of LUNs per target to simulate(def=1)");
4136 MODULE_PARM_DESC(max_queue, "max number of queued commands (1 to max(def))");
4137 MODULE_PARM_DESC(ndelay, "response delay in nanoseconds (def=0 -> ignore)");
4138 MODULE_PARM_DESC(no_lun_0, "no LU number 0 (def=0 -> have lun 0)");
4139 MODULE_PARM_DESC(no_uld, "stop ULD (e.g. sd driver) attaching (def=0))");
4140 MODULE_PARM_DESC(num_parts, "number of partitions(def=0)");
4141 MODULE_PARM_DESC(num_tgts, "number of targets per host to simulate(def=1)");
4142 MODULE_PARM_DESC(opt_blks, "optimal transfer length in block (def=64)");
4143 MODULE_PARM_DESC(opts, "1->noise, 2->medium_err, 4->timeout, 8->recovered_err... (def=0)");
4144 MODULE_PARM_DESC(physblk_exp, "physical block exponent (def=0)");
4145 MODULE_PARM_DESC(ptype, "SCSI peripheral type(def=0[disk])");
4146 MODULE_PARM_DESC(removable, "claim to have removable media (def=0)");
4147 MODULE_PARM_DESC(scsi_level, "SCSI level to simulate(def=6[SPC-4])");
4148 MODULE_PARM_DESC(sector_size, "logical block size in bytes (def=512)");
4149 MODULE_PARM_DESC(strict, "stricter checks: reserved field in cdb (def=0)");
4150 MODULE_PARM_DESC(unmap_alignment, "lowest aligned thin provisioning lba (def=0)");
4151 MODULE_PARM_DESC(unmap_granularity, "thin provisioning granularity in blocks (def=1)");
4152 MODULE_PARM_DESC(unmap_max_blocks, "max # of blocks can be unmapped in one cmd (def=0xffffffff)");
4153 MODULE_PARM_DESC(unmap_max_desc, "max # of ranges that can be unmapped in one cmd (def=256)");
4154 MODULE_PARM_DESC(virtual_gb, "virtual gigabyte (GiB) size (def=0 -> use dev_size_mb)");
4155 MODULE_PARM_DESC(vpd_use_hostno, "0 -> dev ids ignore hostno (def=1 -> unique dev ids)");
4156 MODULE_PARM_DESC(write_same_length, "Maximum blocks per WRITE SAME cmd (def=0xffff)");
4158 static char sdebug_info[256];
4160 static const char * scsi_debug_info(struct Scsi_Host * shp)
4162 sprintf(sdebug_info, "scsi_debug, version %s [%s], "
4163 "dev_size_mb=%d, opts=0x%x", SCSI_DEBUG_VERSION,
4164 scsi_debug_version_date, scsi_debug_dev_size_mb,
4169 /* 'echo <val> > /proc/scsi/scsi_debug/<host_id>' writes to opts */
4170 static int scsi_debug_write_info(struct Scsi_Host *host, char *buffer, int length)
4174 int minLen = length > 15 ? 15 : length;
4176 if (!capable(CAP_SYS_ADMIN) || !capable(CAP_SYS_RAWIO))
4178 memcpy(arr, buffer, minLen);
4180 if (1 != sscanf(arr, "%d", &opts))
4182 scsi_debug_opts = opts;
4183 if (scsi_debug_every_nth != 0)
4184 atomic_set(&sdebug_cmnd_count, 0);
4188 /* Output seen with 'cat /proc/scsi/scsi_debug/<host_id>'. It will be the
4189 * same for each scsi_debug host (if more than one). Some of the counters
4190 * output are not atomics so might be inaccurate in a busy system. */
4191 static int scsi_debug_show_info(struct seq_file *m, struct Scsi_Host *host)
4196 if (scsi_debug_every_nth > 0)
4197 snprintf(b, sizeof(b), " (curr:%d)",
4198 ((SCSI_DEBUG_OPT_RARE_TSF & scsi_debug_opts) ?
4199 atomic_read(&sdebug_a_tsf) :
4200 atomic_read(&sdebug_cmnd_count)));
4204 seq_printf(m, "scsi_debug adapter driver, version %s [%s]\n"
4205 "num_tgts=%d, shared (ram) size=%d MB, opts=0x%x, "
4207 "delay=%d, ndelay=%d, max_luns=%d, q_completions=%d\n"
4208 "sector_size=%d bytes, cylinders=%d, heads=%d, sectors=%d\n"
4209 "command aborts=%d; RESETs: device=%d, target=%d, bus=%d, "
4210 "host=%d\ndix_reads=%d dix_writes=%d dif_errors=%d "
4211 "usec_in_jiffy=%lu\n",
4212 SCSI_DEBUG_VERSION, scsi_debug_version_date,
4213 scsi_debug_num_tgts, scsi_debug_dev_size_mb, scsi_debug_opts,
4214 scsi_debug_every_nth, b, scsi_debug_delay, scsi_debug_ndelay,
4215 scsi_debug_max_luns, atomic_read(&sdebug_completions),
4216 scsi_debug_sector_size, sdebug_cylinders_per, sdebug_heads,
4217 sdebug_sectors_per, num_aborts, num_dev_resets,
4218 num_target_resets, num_bus_resets, num_host_resets,
4219 dix_reads, dix_writes, dif_errors, TICK_NSEC / 1000);
4221 f = find_first_bit(queued_in_use_bm, scsi_debug_max_queue);
4222 if (f != scsi_debug_max_queue) {
4223 l = find_last_bit(queued_in_use_bm, scsi_debug_max_queue);
4224 seq_printf(m, " %s BUSY: first,last bits set: %d,%d\n",
4225 "queued_in_use_bm", f, l);
4230 static ssize_t delay_show(struct device_driver *ddp, char *buf)
4232 return scnprintf(buf, PAGE_SIZE, "%d\n", scsi_debug_delay);
4234 /* Returns -EBUSY if delay is being changed and commands are queued */
4235 static ssize_t delay_store(struct device_driver *ddp, const char *buf,
4240 if ((count > 0) && (1 == sscanf(buf, "%d", &delay))) {
4242 if (scsi_debug_delay != delay) {
4243 unsigned long iflags;
4246 spin_lock_irqsave(&queued_arr_lock, iflags);
4247 k = find_first_bit(queued_in_use_bm,
4248 scsi_debug_max_queue);
4249 if (k != scsi_debug_max_queue)
4250 res = -EBUSY; /* have queued commands */
4252 scsi_debug_delay = delay;
4253 scsi_debug_ndelay = 0;
4255 spin_unlock_irqrestore(&queued_arr_lock, iflags);
4261 static DRIVER_ATTR_RW(delay);
4263 static ssize_t ndelay_show(struct device_driver *ddp, char *buf)
4265 return scnprintf(buf, PAGE_SIZE, "%d\n", scsi_debug_ndelay);
4267 /* Returns -EBUSY if ndelay is being changed and commands are queued */
4268 /* If > 0 and accepted then scsi_debug_delay is set to DELAY_OVERRIDDEN */
4269 static ssize_t ndelay_store(struct device_driver *ddp, const char *buf,
4272 unsigned long iflags;
4275 if ((count > 0) && (1 == sscanf(buf, "%d", &ndelay)) &&
4276 (ndelay >= 0) && (ndelay < 1000000000)) {
4278 if (scsi_debug_ndelay != ndelay) {
4279 spin_lock_irqsave(&queued_arr_lock, iflags);
4280 k = find_first_bit(queued_in_use_bm,
4281 scsi_debug_max_queue);
4282 if (k != scsi_debug_max_queue)
4283 res = -EBUSY; /* have queued commands */
4285 scsi_debug_ndelay = ndelay;
4286 scsi_debug_delay = ndelay ? DELAY_OVERRIDDEN
4289 spin_unlock_irqrestore(&queued_arr_lock, iflags);
4295 static DRIVER_ATTR_RW(ndelay);
4297 static ssize_t opts_show(struct device_driver *ddp, char *buf)
4299 return scnprintf(buf, PAGE_SIZE, "0x%x\n", scsi_debug_opts);
4302 static ssize_t opts_store(struct device_driver *ddp, const char *buf,
4308 if (1 == sscanf(buf, "%10s", work)) {
4309 if (0 == strncasecmp(work,"0x", 2)) {
4310 if (1 == sscanf(&work[2], "%x", &opts))
4313 if (1 == sscanf(work, "%d", &opts))
4319 scsi_debug_opts = opts;
4320 if (SCSI_DEBUG_OPT_RECOVERED_ERR & opts)
4321 sdebug_any_injecting_opt = true;
4322 else if (SCSI_DEBUG_OPT_TRANSPORT_ERR & opts)
4323 sdebug_any_injecting_opt = true;
4324 else if (SCSI_DEBUG_OPT_DIF_ERR & opts)
4325 sdebug_any_injecting_opt = true;
4326 else if (SCSI_DEBUG_OPT_DIX_ERR & opts)
4327 sdebug_any_injecting_opt = true;
4328 else if (SCSI_DEBUG_OPT_SHORT_TRANSFER & opts)
4329 sdebug_any_injecting_opt = true;
4330 atomic_set(&sdebug_cmnd_count, 0);
4331 atomic_set(&sdebug_a_tsf, 0);
4334 static DRIVER_ATTR_RW(opts);
4336 static ssize_t ptype_show(struct device_driver *ddp, char *buf)
4338 return scnprintf(buf, PAGE_SIZE, "%d\n", scsi_debug_ptype);
4340 static ssize_t ptype_store(struct device_driver *ddp, const char *buf,
4345 if ((count > 0) && (1 == sscanf(buf, "%d", &n)) && (n >= 0)) {
4346 scsi_debug_ptype = n;
4351 static DRIVER_ATTR_RW(ptype);
4353 static ssize_t dsense_show(struct device_driver *ddp, char *buf)
4355 return scnprintf(buf, PAGE_SIZE, "%d\n", scsi_debug_dsense);
4357 static ssize_t dsense_store(struct device_driver *ddp, const char *buf,
4362 if ((count > 0) && (1 == sscanf(buf, "%d", &n)) && (n >= 0)) {
4363 scsi_debug_dsense = n;
4368 static DRIVER_ATTR_RW(dsense);
4370 static ssize_t fake_rw_show(struct device_driver *ddp, char *buf)
4372 return scnprintf(buf, PAGE_SIZE, "%d\n", scsi_debug_fake_rw);
4374 static ssize_t fake_rw_store(struct device_driver *ddp, const char *buf,
4379 if ((count > 0) && (1 == sscanf(buf, "%d", &n)) && (n >= 0)) {
4381 scsi_debug_fake_rw = (scsi_debug_fake_rw > 0);
4382 if (scsi_debug_fake_rw != n) {
4383 if ((0 == n) && (NULL == fake_storep)) {
4385 (unsigned long)scsi_debug_dev_size_mb *
4388 fake_storep = vmalloc(sz);
4389 if (NULL == fake_storep) {
4390 pr_err("%s: out of memory, 9\n",
4394 memset(fake_storep, 0, sz);
4396 scsi_debug_fake_rw = n;
4402 static DRIVER_ATTR_RW(fake_rw);
4404 static ssize_t no_lun_0_show(struct device_driver *ddp, char *buf)
4406 return scnprintf(buf, PAGE_SIZE, "%d\n", scsi_debug_no_lun_0);
4408 static ssize_t no_lun_0_store(struct device_driver *ddp, const char *buf,
4413 if ((count > 0) && (1 == sscanf(buf, "%d", &n)) && (n >= 0)) {
4414 scsi_debug_no_lun_0 = n;
4419 static DRIVER_ATTR_RW(no_lun_0);
4421 static ssize_t num_tgts_show(struct device_driver *ddp, char *buf)
4423 return scnprintf(buf, PAGE_SIZE, "%d\n", scsi_debug_num_tgts);
4425 static ssize_t num_tgts_store(struct device_driver *ddp, const char *buf,
4430 if ((count > 0) && (1 == sscanf(buf, "%d", &n)) && (n >= 0)) {
4431 scsi_debug_num_tgts = n;
4432 sdebug_max_tgts_luns();
4437 static DRIVER_ATTR_RW(num_tgts);
4439 static ssize_t dev_size_mb_show(struct device_driver *ddp, char *buf)
4441 return scnprintf(buf, PAGE_SIZE, "%d\n", scsi_debug_dev_size_mb);
4443 static DRIVER_ATTR_RO(dev_size_mb);
4445 static ssize_t num_parts_show(struct device_driver *ddp, char *buf)
4447 return scnprintf(buf, PAGE_SIZE, "%d\n", scsi_debug_num_parts);
4449 static DRIVER_ATTR_RO(num_parts);
4451 static ssize_t every_nth_show(struct device_driver *ddp, char *buf)
4453 return scnprintf(buf, PAGE_SIZE, "%d\n", scsi_debug_every_nth);
4455 static ssize_t every_nth_store(struct device_driver *ddp, const char *buf,
4460 if ((count > 0) && (1 == sscanf(buf, "%d", &nth))) {
4461 scsi_debug_every_nth = nth;
4462 atomic_set(&sdebug_cmnd_count, 0);
4467 static DRIVER_ATTR_RW(every_nth);
4469 static ssize_t max_luns_show(struct device_driver *ddp, char *buf)
4471 return scnprintf(buf, PAGE_SIZE, "%d\n", scsi_debug_max_luns);
4473 static ssize_t max_luns_store(struct device_driver *ddp, const char *buf,
4479 if ((count > 0) && (1 == sscanf(buf, "%d", &n)) && (n >= 0)) {
4480 changed = (scsi_debug_max_luns != n);
4481 scsi_debug_max_luns = n;
4482 sdebug_max_tgts_luns();
4483 if (changed && (scsi_debug_scsi_level >= 5)) { /* >= SPC-3 */
4484 struct sdebug_host_info *sdhp;
4485 struct sdebug_dev_info *dp;
4487 spin_lock(&sdebug_host_list_lock);
4488 list_for_each_entry(sdhp, &sdebug_host_list,
4490 list_for_each_entry(dp, &sdhp->dev_info_list,
4492 set_bit(SDEBUG_UA_LUNS_CHANGED,
4496 spin_unlock(&sdebug_host_list_lock);
4502 static DRIVER_ATTR_RW(max_luns);
4504 static ssize_t max_queue_show(struct device_driver *ddp, char *buf)
4506 return scnprintf(buf, PAGE_SIZE, "%d\n", scsi_debug_max_queue);
4508 /* N.B. max_queue can be changed while there are queued commands. In flight
4509 * commands beyond the new max_queue will be completed. */
4510 static ssize_t max_queue_store(struct device_driver *ddp, const char *buf,
4513 unsigned long iflags;
4516 if ((count > 0) && (1 == sscanf(buf, "%d", &n)) && (n > 0) &&
4517 (n <= SCSI_DEBUG_CANQUEUE)) {
4518 spin_lock_irqsave(&queued_arr_lock, iflags);
4519 k = find_last_bit(queued_in_use_bm, SCSI_DEBUG_CANQUEUE);
4520 scsi_debug_max_queue = n;
4521 if (SCSI_DEBUG_CANQUEUE == k)
4522 atomic_set(&retired_max_queue, 0);
4524 atomic_set(&retired_max_queue, k + 1);
4526 atomic_set(&retired_max_queue, 0);
4527 spin_unlock_irqrestore(&queued_arr_lock, iflags);
4532 static DRIVER_ATTR_RW(max_queue);
4534 static ssize_t no_uld_show(struct device_driver *ddp, char *buf)
4536 return scnprintf(buf, PAGE_SIZE, "%d\n", scsi_debug_no_uld);
4538 static DRIVER_ATTR_RO(no_uld);
4540 static ssize_t scsi_level_show(struct device_driver *ddp, char *buf)
4542 return scnprintf(buf, PAGE_SIZE, "%d\n", scsi_debug_scsi_level);
4544 static DRIVER_ATTR_RO(scsi_level);
4546 static ssize_t virtual_gb_show(struct device_driver *ddp, char *buf)
4548 return scnprintf(buf, PAGE_SIZE, "%d\n", scsi_debug_virtual_gb);
4550 static ssize_t virtual_gb_store(struct device_driver *ddp, const char *buf,
4556 if ((count > 0) && (1 == sscanf(buf, "%d", &n)) && (n >= 0)) {
4557 changed = (scsi_debug_virtual_gb != n);
4558 scsi_debug_virtual_gb = n;
4559 sdebug_capacity = get_sdebug_capacity();
4561 struct sdebug_host_info *sdhp;
4562 struct sdebug_dev_info *dp;
4564 spin_lock(&sdebug_host_list_lock);
4565 list_for_each_entry(sdhp, &sdebug_host_list,
4567 list_for_each_entry(dp, &sdhp->dev_info_list,
4569 set_bit(SDEBUG_UA_CAPACITY_CHANGED,
4573 spin_unlock(&sdebug_host_list_lock);
4579 static DRIVER_ATTR_RW(virtual_gb);
4581 static ssize_t add_host_show(struct device_driver *ddp, char *buf)
4583 return scnprintf(buf, PAGE_SIZE, "%d\n", scsi_debug_add_host);
4586 static ssize_t add_host_store(struct device_driver *ddp, const char *buf,
4591 if (sscanf(buf, "%d", &delta_hosts) != 1)
4593 if (delta_hosts > 0) {
4595 sdebug_add_adapter();
4596 } while (--delta_hosts);
4597 } else if (delta_hosts < 0) {
4599 sdebug_remove_adapter();
4600 } while (++delta_hosts);
4604 static DRIVER_ATTR_RW(add_host);
4606 static ssize_t vpd_use_hostno_show(struct device_driver *ddp, char *buf)
4608 return scnprintf(buf, PAGE_SIZE, "%d\n", scsi_debug_vpd_use_hostno);
4610 static ssize_t vpd_use_hostno_store(struct device_driver *ddp, const char *buf,
4615 if ((count > 0) && (1 == sscanf(buf, "%d", &n)) && (n >= 0)) {
4616 scsi_debug_vpd_use_hostno = n;
4621 static DRIVER_ATTR_RW(vpd_use_hostno);
4623 static ssize_t sector_size_show(struct device_driver *ddp, char *buf)
4625 return scnprintf(buf, PAGE_SIZE, "%u\n", scsi_debug_sector_size);
4627 static DRIVER_ATTR_RO(sector_size);
4629 static ssize_t dix_show(struct device_driver *ddp, char *buf)
4631 return scnprintf(buf, PAGE_SIZE, "%d\n", scsi_debug_dix);
4633 static DRIVER_ATTR_RO(dix);
4635 static ssize_t dif_show(struct device_driver *ddp, char *buf)
4637 return scnprintf(buf, PAGE_SIZE, "%d\n", scsi_debug_dif);
4639 static DRIVER_ATTR_RO(dif);
4641 static ssize_t guard_show(struct device_driver *ddp, char *buf)
4643 return scnprintf(buf, PAGE_SIZE, "%u\n", scsi_debug_guard);
4645 static DRIVER_ATTR_RO(guard);
4647 static ssize_t ato_show(struct device_driver *ddp, char *buf)
4649 return scnprintf(buf, PAGE_SIZE, "%d\n", scsi_debug_ato);
4651 static DRIVER_ATTR_RO(ato);
4653 static ssize_t map_show(struct device_driver *ddp, char *buf)
4657 if (!scsi_debug_lbp())
4658 return scnprintf(buf, PAGE_SIZE, "0-%u\n",
4659 sdebug_store_sectors);
4661 count = scnprintf(buf, PAGE_SIZE - 1, "%*pbl",
4662 (int)map_size, map_storep);
4663 buf[count++] = '\n';
4668 static DRIVER_ATTR_RO(map);
4670 static ssize_t removable_show(struct device_driver *ddp, char *buf)
4672 return scnprintf(buf, PAGE_SIZE, "%d\n", scsi_debug_removable ? 1 : 0);
4674 static ssize_t removable_store(struct device_driver *ddp, const char *buf,
4679 if ((count > 0) && (1 == sscanf(buf, "%d", &n)) && (n >= 0)) {
4680 scsi_debug_removable = (n > 0);
4685 static DRIVER_ATTR_RW(removable);
4687 static ssize_t host_lock_show(struct device_driver *ddp, char *buf)
4689 return scnprintf(buf, PAGE_SIZE, "%d\n", !!scsi_debug_host_lock);
4691 /* Returns -EBUSY if host_lock is being changed and commands are queued */
4692 static ssize_t host_lock_store(struct device_driver *ddp, const char *buf,
4697 if ((count > 0) && (1 == sscanf(buf, "%d", &n)) && (n >= 0)) {
4698 bool new_host_lock = (n > 0);
4701 if (new_host_lock != scsi_debug_host_lock) {
4702 unsigned long iflags;
4705 spin_lock_irqsave(&queued_arr_lock, iflags);
4706 k = find_first_bit(queued_in_use_bm,
4707 scsi_debug_max_queue);
4708 if (k != scsi_debug_max_queue)
4709 res = -EBUSY; /* have queued commands */
4711 scsi_debug_host_lock = new_host_lock;
4712 spin_unlock_irqrestore(&queued_arr_lock, iflags);
4718 static DRIVER_ATTR_RW(host_lock);
4720 static ssize_t strict_show(struct device_driver *ddp, char *buf)
4722 return scnprintf(buf, PAGE_SIZE, "%d\n", !!scsi_debug_strict);
4724 static ssize_t strict_store(struct device_driver *ddp, const char *buf,
4729 if ((count > 0) && (1 == sscanf(buf, "%d", &n)) && (n >= 0)) {
4730 scsi_debug_strict = (n > 0);
4735 static DRIVER_ATTR_RW(strict);
4738 /* Note: The following array creates attribute files in the
4739 /sys/bus/pseudo/drivers/scsi_debug directory. The advantage of these
4740 files (over those found in the /sys/module/scsi_debug/parameters
4741 directory) is that auxiliary actions can be triggered when an attribute
4742 is changed. For example see: sdebug_add_host_store() above.
4745 static struct attribute *sdebug_drv_attrs[] = {
4746 &driver_attr_delay.attr,
4747 &driver_attr_opts.attr,
4748 &driver_attr_ptype.attr,
4749 &driver_attr_dsense.attr,
4750 &driver_attr_fake_rw.attr,
4751 &driver_attr_no_lun_0.attr,
4752 &driver_attr_num_tgts.attr,
4753 &driver_attr_dev_size_mb.attr,
4754 &driver_attr_num_parts.attr,
4755 &driver_attr_every_nth.attr,
4756 &driver_attr_max_luns.attr,
4757 &driver_attr_max_queue.attr,
4758 &driver_attr_no_uld.attr,
4759 &driver_attr_scsi_level.attr,
4760 &driver_attr_virtual_gb.attr,
4761 &driver_attr_add_host.attr,
4762 &driver_attr_vpd_use_hostno.attr,
4763 &driver_attr_sector_size.attr,
4764 &driver_attr_dix.attr,
4765 &driver_attr_dif.attr,
4766 &driver_attr_guard.attr,
4767 &driver_attr_ato.attr,
4768 &driver_attr_map.attr,
4769 &driver_attr_removable.attr,
4770 &driver_attr_host_lock.attr,
4771 &driver_attr_ndelay.attr,
4772 &driver_attr_strict.attr,
4775 ATTRIBUTE_GROUPS(sdebug_drv);
4777 static struct device *pseudo_primary;
4779 static int __init scsi_debug_init(void)
4786 atomic_set(&sdebug_cmnd_count, 0);
4787 atomic_set(&sdebug_completions, 0);
4788 atomic_set(&retired_max_queue, 0);
4790 if (scsi_debug_ndelay >= 1000000000) {
4791 pr_warn("%s: ndelay must be less than 1 second, ignored\n",
4793 scsi_debug_ndelay = 0;
4794 } else if (scsi_debug_ndelay > 0)
4795 scsi_debug_delay = DELAY_OVERRIDDEN;
4797 switch (scsi_debug_sector_size) {
4804 pr_err("%s: invalid sector_size %d\n", __func__,
4805 scsi_debug_sector_size);
4809 switch (scsi_debug_dif) {
4811 case SD_DIF_TYPE0_PROTECTION:
4812 case SD_DIF_TYPE1_PROTECTION:
4813 case SD_DIF_TYPE2_PROTECTION:
4814 case SD_DIF_TYPE3_PROTECTION:
4818 pr_err("%s: dif must be 0, 1, 2 or 3\n", __func__);
4822 if (scsi_debug_guard > 1) {
4823 pr_err("%s: guard must be 0 or 1\n", __func__);
4827 if (scsi_debug_ato > 1) {
4828 pr_err("%s: ato must be 0 or 1\n", __func__);
4832 if (scsi_debug_physblk_exp > 15) {
4833 pr_err("%s: invalid physblk_exp %u\n", __func__,
4834 scsi_debug_physblk_exp);
4838 if (scsi_debug_lowest_aligned > 0x3fff) {
4839 pr_err("%s: lowest_aligned too big: %u\n", __func__,
4840 scsi_debug_lowest_aligned);
4844 if (scsi_debug_dev_size_mb < 1)
4845 scsi_debug_dev_size_mb = 1; /* force minimum 1 MB ramdisk */
4846 sz = (unsigned long)scsi_debug_dev_size_mb * 1048576;
4847 sdebug_store_sectors = sz / scsi_debug_sector_size;
4848 sdebug_capacity = get_sdebug_capacity();
4850 /* play around with geometry, don't waste too much on track 0 */
4852 sdebug_sectors_per = 32;
4853 if (scsi_debug_dev_size_mb >= 16)
4855 else if (scsi_debug_dev_size_mb >= 256)
4857 sdebug_cylinders_per = (unsigned long)sdebug_capacity /
4858 (sdebug_sectors_per * sdebug_heads);
4859 if (sdebug_cylinders_per >= 1024) {
4860 /* other LLDs do this; implies >= 1GB ram disk ... */
4862 sdebug_sectors_per = 63;
4863 sdebug_cylinders_per = (unsigned long)sdebug_capacity /
4864 (sdebug_sectors_per * sdebug_heads);
4867 if (0 == scsi_debug_fake_rw) {
4868 fake_storep = vmalloc(sz);
4869 if (NULL == fake_storep) {
4870 pr_err("%s: out of memory, 1\n", __func__);
4873 memset(fake_storep, 0, sz);
4874 if (scsi_debug_num_parts > 0)
4875 sdebug_build_parts(fake_storep, sz);
4878 if (scsi_debug_dix) {
4881 dif_size = sdebug_store_sectors * sizeof(struct sd_dif_tuple);
4882 dif_storep = vmalloc(dif_size);
4884 pr_err("%s: dif_storep %u bytes @ %p\n", __func__, dif_size,
4887 if (dif_storep == NULL) {
4888 pr_err("%s: out of mem. (DIX)\n", __func__);
4893 memset(dif_storep, 0xff, dif_size);
4896 /* Logical Block Provisioning */
4897 if (scsi_debug_lbp()) {
4898 scsi_debug_unmap_max_blocks =
4899 clamp(scsi_debug_unmap_max_blocks, 0U, 0xffffffffU);
4901 scsi_debug_unmap_max_desc =
4902 clamp(scsi_debug_unmap_max_desc, 0U, 256U);
4904 scsi_debug_unmap_granularity =
4905 clamp(scsi_debug_unmap_granularity, 1U, 0xffffffffU);
4907 if (scsi_debug_unmap_alignment &&
4908 scsi_debug_unmap_granularity <=
4909 scsi_debug_unmap_alignment) {
4910 pr_err("%s: ERR: unmap_granularity <= unmap_alignment\n",
4915 map_size = lba_to_map_index(sdebug_store_sectors - 1) + 1;
4916 map_storep = vmalloc(BITS_TO_LONGS(map_size) * sizeof(long));
4918 pr_info("%s: %lu provisioning blocks\n", __func__, map_size);
4920 if (map_storep == NULL) {
4921 pr_err("%s: out of mem. (MAP)\n", __func__);
4926 bitmap_zero(map_storep, map_size);
4928 /* Map first 1KB for partition table */
4929 if (scsi_debug_num_parts)
4933 pseudo_primary = root_device_register("pseudo_0");
4934 if (IS_ERR(pseudo_primary)) {
4935 pr_warn("%s: root_device_register() error\n", __func__);
4936 ret = PTR_ERR(pseudo_primary);
4939 ret = bus_register(&pseudo_lld_bus);
4941 pr_warn("%s: bus_register error: %d\n", __func__, ret);
4944 ret = driver_register(&sdebug_driverfs_driver);
4946 pr_warn("%s: driver_register error: %d\n", __func__, ret);
4950 host_to_add = scsi_debug_add_host;
4951 scsi_debug_add_host = 0;
4953 for (k = 0; k < host_to_add; k++) {
4954 if (sdebug_add_adapter()) {
4955 pr_err("%s: sdebug_add_adapter failed k=%d\n",
4961 if (SCSI_DEBUG_OPT_NOISE & scsi_debug_opts) {
4962 pr_info("%s: built %d host(s)\n", __func__,
4963 scsi_debug_add_host);
4968 bus_unregister(&pseudo_lld_bus);
4970 root_device_unregister(pseudo_primary);
4981 static void __exit scsi_debug_exit(void)
4983 int k = scsi_debug_add_host;
4988 sdebug_remove_adapter();
4989 driver_unregister(&sdebug_driverfs_driver);
4990 bus_unregister(&pseudo_lld_bus);
4991 root_device_unregister(pseudo_primary);
4999 device_initcall(scsi_debug_init);
5000 module_exit(scsi_debug_exit);
5002 static void sdebug_release_adapter(struct device * dev)
5004 struct sdebug_host_info *sdbg_host;
5006 sdbg_host = to_sdebug_host(dev);
5010 static int sdebug_add_adapter(void)
5012 int k, devs_per_host;
5014 struct sdebug_host_info *sdbg_host;
5015 struct sdebug_dev_info *sdbg_devinfo, *tmp;
5017 sdbg_host = kzalloc(sizeof(*sdbg_host),GFP_KERNEL);
5018 if (NULL == sdbg_host) {
5019 printk(KERN_ERR "%s: out of memory at line %d\n",
5020 __func__, __LINE__);
5024 INIT_LIST_HEAD(&sdbg_host->dev_info_list);
5026 devs_per_host = scsi_debug_num_tgts * scsi_debug_max_luns;
5027 for (k = 0; k < devs_per_host; k++) {
5028 sdbg_devinfo = sdebug_device_create(sdbg_host, GFP_KERNEL);
5029 if (!sdbg_devinfo) {
5030 printk(KERN_ERR "%s: out of memory at line %d\n",
5031 __func__, __LINE__);
5037 spin_lock(&sdebug_host_list_lock);
5038 list_add_tail(&sdbg_host->host_list, &sdebug_host_list);
5039 spin_unlock(&sdebug_host_list_lock);
5041 sdbg_host->dev.bus = &pseudo_lld_bus;
5042 sdbg_host->dev.parent = pseudo_primary;
5043 sdbg_host->dev.release = &sdebug_release_adapter;
5044 dev_set_name(&sdbg_host->dev, "adapter%d", scsi_debug_add_host);
5046 error = device_register(&sdbg_host->dev);
5051 ++scsi_debug_add_host;
5055 list_for_each_entry_safe(sdbg_devinfo, tmp, &sdbg_host->dev_info_list,
5057 list_del(&sdbg_devinfo->dev_list);
5058 kfree(sdbg_devinfo);
5065 static void sdebug_remove_adapter(void)
5067 struct sdebug_host_info * sdbg_host = NULL;
5069 spin_lock(&sdebug_host_list_lock);
5070 if (!list_empty(&sdebug_host_list)) {
5071 sdbg_host = list_entry(sdebug_host_list.prev,
5072 struct sdebug_host_info, host_list);
5073 list_del(&sdbg_host->host_list);
5075 spin_unlock(&sdebug_host_list_lock);
5080 device_unregister(&sdbg_host->dev);
5081 --scsi_debug_add_host;
5085 sdebug_change_qdepth(struct scsi_device *sdev, int qdepth)
5088 unsigned long iflags;
5089 struct sdebug_dev_info *devip;
5091 spin_lock_irqsave(&queued_arr_lock, iflags);
5092 devip = (struct sdebug_dev_info *)sdev->hostdata;
5093 if (NULL == devip) {
5094 spin_unlock_irqrestore(&queued_arr_lock, iflags);
5097 num_in_q = atomic_read(&devip->num_in_q);
5098 spin_unlock_irqrestore(&queued_arr_lock, iflags);
5102 /* allow to exceed max host queued_arr elements for testing */
5103 if (qdepth > SCSI_DEBUG_CANQUEUE + 10)
5104 qdepth = SCSI_DEBUG_CANQUEUE + 10;
5105 scsi_change_queue_depth(sdev, qdepth);
5107 if (SCSI_DEBUG_OPT_Q_NOISE & scsi_debug_opts) {
5108 sdev_printk(KERN_INFO, sdev,
5109 "%s: qdepth=%d, num_in_q=%d\n",
5110 __func__, qdepth, num_in_q);
5112 return sdev->queue_depth;
5116 check_inject(struct scsi_cmnd *scp)
5118 struct sdebug_scmd_extra_t *ep = scsi_cmd_priv(scp);
5120 memset(ep, 0, sizeof(struct sdebug_scmd_extra_t));
5122 if (atomic_inc_return(&sdebug_cmnd_count) >=
5123 abs(scsi_debug_every_nth)) {
5124 atomic_set(&sdebug_cmnd_count, 0);
5125 if (scsi_debug_every_nth < -1)
5126 scsi_debug_every_nth = -1;
5127 if (SCSI_DEBUG_OPT_TIMEOUT & scsi_debug_opts)
5128 return 1; /* ignore command causing timeout */
5129 else if (SCSI_DEBUG_OPT_MAC_TIMEOUT & scsi_debug_opts &&
5130 scsi_medium_access_command(scp))
5131 return 1; /* time out reads and writes */
5132 if (sdebug_any_injecting_opt) {
5133 int opts = scsi_debug_opts;
5135 if (SCSI_DEBUG_OPT_RECOVERED_ERR & opts)
5136 ep->inj_recovered = true;
5137 else if (SCSI_DEBUG_OPT_TRANSPORT_ERR & opts)
5138 ep->inj_transport = true;
5139 else if (SCSI_DEBUG_OPT_DIF_ERR & opts)
5141 else if (SCSI_DEBUG_OPT_DIX_ERR & opts)
5143 else if (SCSI_DEBUG_OPT_SHORT_TRANSFER & opts)
5144 ep->inj_short = true;
5151 scsi_debug_queuecommand(struct scsi_cmnd *scp)
5154 struct scsi_device *sdp = scp->device;
5155 const struct opcode_info_t *oip;
5156 const struct opcode_info_t *r_oip;
5157 struct sdebug_dev_info *devip;
5158 u8 *cmd = scp->cmnd;
5159 int (*r_pfp)(struct scsi_cmnd *, struct sdebug_dev_info *);
5162 int errsts_no_connect = DID_NO_CONNECT << 16;
5167 bool debug = !!(SCSI_DEBUG_OPT_NOISE & scsi_debug_opts);
5169 scsi_set_resid(scp, 0);
5170 if (debug && !(SCSI_DEBUG_OPT_NO_CDB_NOISE & scsi_debug_opts)) {
5175 sb = (int)sizeof(b);
5177 strcpy(b, "too long, over 32 bytes");
5179 for (k = 0, n = 0; k < len && n < sb; ++k)
5180 n += scnprintf(b + n, sb - n, "%02x ",
5183 sdev_printk(KERN_INFO, sdp, "%s: cmd %s\n", my_name, b);
5185 has_wlun_rl = (sdp->lun == SAM2_WLUN_REPORT_LUNS);
5186 if ((sdp->lun >= scsi_debug_max_luns) && !has_wlun_rl)
5187 return schedule_resp(scp, NULL, errsts_no_connect, 0);
5189 sdeb_i = opcode_ind_arr[opcode]; /* fully mapped */
5190 oip = &opcode_info_arr[sdeb_i]; /* safe if table consistent */
5191 devip = (struct sdebug_dev_info *)sdp->hostdata;
5193 devip = devInfoReg(sdp);
5195 return schedule_resp(scp, NULL, errsts_no_connect, 0);
5197 na = oip->num_attached;
5199 if (na) { /* multiple commands with this opcode */
5201 if (FF_SA & r_oip->flags) {
5202 if (F_SA_LOW & oip->flags)
5205 sa = get_unaligned_be16(cmd + 8);
5206 for (k = 0; k <= na; oip = r_oip->arrp + k++) {
5207 if (opcode == oip->opcode && sa == oip->sa)
5210 } else { /* since no service action only check opcode */
5211 for (k = 0; k <= na; oip = r_oip->arrp + k++) {
5212 if (opcode == oip->opcode)
5217 if (F_SA_LOW & r_oip->flags)
5218 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 1, 4);
5219 else if (F_SA_HIGH & r_oip->flags)
5220 mk_sense_invalid_fld(scp, SDEB_IN_CDB, 8, 7);
5222 mk_sense_invalid_opcode(scp);
5225 } /* else (when na==0) we assume the oip is a match */
5227 if (F_INV_OP & flags) {
5228 mk_sense_invalid_opcode(scp);
5231 if (has_wlun_rl && !(F_RL_WLUN_OK & flags)) {
5233 sdev_printk(KERN_INFO, sdp, "scsi_debug: Opcode: "
5234 "0x%x not supported for wlun\n", opcode);
5235 mk_sense_invalid_opcode(scp);
5238 if (scsi_debug_strict) { /* check cdb against mask */
5242 for (k = 1; k < oip->len_mask[0] && k < 16; ++k) {
5243 rem = ~oip->len_mask[k] & cmd[k];
5245 for (j = 7; j >= 0; --j, rem <<= 1) {
5249 mk_sense_invalid_fld(scp, SDEB_IN_CDB, k, j);
5254 if (!(F_SKIP_UA & flags) &&
5255 SDEBUG_NUM_UAS != find_first_bit(devip->uas_bm, SDEBUG_NUM_UAS)) {
5256 errsts = check_readiness(scp, UAS_ONLY, devip);
5260 if ((F_M_ACCESS & flags) && devip->stopped) {
5261 mk_sense_buffer(scp, NOT_READY, LOGICAL_UNIT_NOT_READY, 0x2);
5263 sdev_printk(KERN_INFO, sdp, "%s reports: Not ready: "
5264 "%s\n", my_name, "initializing command "
5266 errsts = check_condition_result;
5269 if (scsi_debug_fake_rw && (F_FAKE_RW & flags))
5271 if (scsi_debug_every_nth) {
5272 if (check_inject(scp))
5273 return 0; /* ignore command: make trouble */
5275 if (oip->pfp) /* if this command has a resp_* function, call it */
5276 errsts = oip->pfp(scp, devip);
5277 else if (r_pfp) /* if leaf function ptr NULL, try the root's */
5278 errsts = r_pfp(scp, devip);
5281 return schedule_resp(scp, devip, errsts,
5282 ((F_DELAY_OVERR & flags) ? 0 : scsi_debug_delay));
5284 return schedule_resp(scp, devip, check_condition_result, 0);
5288 sdebug_queuecommand_lock_or_not(struct Scsi_Host *shost, struct scsi_cmnd *cmd)
5290 if (scsi_debug_host_lock) {
5291 unsigned long iflags;
5294 spin_lock_irqsave(shost->host_lock, iflags);
5295 rc = scsi_debug_queuecommand(cmd);
5296 spin_unlock_irqrestore(shost->host_lock, iflags);
5299 return scsi_debug_queuecommand(cmd);
5302 static struct scsi_host_template sdebug_driver_template = {
5303 .show_info = scsi_debug_show_info,
5304 .write_info = scsi_debug_write_info,
5305 .proc_name = sdebug_proc_name,
5306 .name = "SCSI DEBUG",
5307 .info = scsi_debug_info,
5308 .slave_alloc = scsi_debug_slave_alloc,
5309 .slave_configure = scsi_debug_slave_configure,
5310 .slave_destroy = scsi_debug_slave_destroy,
5311 .ioctl = scsi_debug_ioctl,
5312 .queuecommand = sdebug_queuecommand_lock_or_not,
5313 .change_queue_depth = sdebug_change_qdepth,
5314 .eh_abort_handler = scsi_debug_abort,
5315 .eh_device_reset_handler = scsi_debug_device_reset,
5316 .eh_target_reset_handler = scsi_debug_target_reset,
5317 .eh_bus_reset_handler = scsi_debug_bus_reset,
5318 .eh_host_reset_handler = scsi_debug_host_reset,
5319 .can_queue = SCSI_DEBUG_CANQUEUE,
5321 .sg_tablesize = SCSI_MAX_SG_CHAIN_SEGMENTS,
5322 .cmd_per_lun = DEF_CMD_PER_LUN,
5324 .use_clustering = DISABLE_CLUSTERING,
5325 .module = THIS_MODULE,
5326 .track_queue_depth = 1,
5327 .cmd_size = sizeof(struct sdebug_scmd_extra_t),
5330 static int sdebug_driver_probe(struct device * dev)
5334 struct sdebug_host_info *sdbg_host;
5335 struct Scsi_Host *hpnt;
5338 sdbg_host = to_sdebug_host(dev);
5340 sdebug_driver_template.can_queue = scsi_debug_max_queue;
5341 if (scsi_debug_clustering)
5342 sdebug_driver_template.use_clustering = ENABLE_CLUSTERING;
5343 hpnt = scsi_host_alloc(&sdebug_driver_template, sizeof(sdbg_host));
5345 pr_err("%s: scsi_host_alloc failed\n", __func__);
5350 sdbg_host->shost = hpnt;
5351 *((struct sdebug_host_info **)hpnt->hostdata) = sdbg_host;
5352 if ((hpnt->this_id >= 0) && (scsi_debug_num_tgts > hpnt->this_id))
5353 hpnt->max_id = scsi_debug_num_tgts + 1;
5355 hpnt->max_id = scsi_debug_num_tgts;
5356 hpnt->max_lun = SAM2_WLUN_REPORT_LUNS; /* = scsi_debug_max_luns; */
5360 switch (scsi_debug_dif) {
5362 case SD_DIF_TYPE1_PROTECTION:
5363 host_prot = SHOST_DIF_TYPE1_PROTECTION;
5365 host_prot |= SHOST_DIX_TYPE1_PROTECTION;
5368 case SD_DIF_TYPE2_PROTECTION:
5369 host_prot = SHOST_DIF_TYPE2_PROTECTION;
5371 host_prot |= SHOST_DIX_TYPE2_PROTECTION;
5374 case SD_DIF_TYPE3_PROTECTION:
5375 host_prot = SHOST_DIF_TYPE3_PROTECTION;
5377 host_prot |= SHOST_DIX_TYPE3_PROTECTION;
5382 host_prot |= SHOST_DIX_TYPE0_PROTECTION;
5386 scsi_host_set_prot(hpnt, host_prot);
5388 printk(KERN_INFO "scsi_debug: host protection%s%s%s%s%s%s%s\n",
5389 (host_prot & SHOST_DIF_TYPE1_PROTECTION) ? " DIF1" : "",
5390 (host_prot & SHOST_DIF_TYPE2_PROTECTION) ? " DIF2" : "",
5391 (host_prot & SHOST_DIF_TYPE3_PROTECTION) ? " DIF3" : "",
5392 (host_prot & SHOST_DIX_TYPE0_PROTECTION) ? " DIX0" : "",
5393 (host_prot & SHOST_DIX_TYPE1_PROTECTION) ? " DIX1" : "",
5394 (host_prot & SHOST_DIX_TYPE2_PROTECTION) ? " DIX2" : "",
5395 (host_prot & SHOST_DIX_TYPE3_PROTECTION) ? " DIX3" : "");
5397 if (scsi_debug_guard == 1)
5398 scsi_host_set_guard(hpnt, SHOST_DIX_GUARD_IP);
5400 scsi_host_set_guard(hpnt, SHOST_DIX_GUARD_CRC);
5402 opts = scsi_debug_opts;
5403 if (SCSI_DEBUG_OPT_RECOVERED_ERR & opts)
5404 sdebug_any_injecting_opt = true;
5405 else if (SCSI_DEBUG_OPT_TRANSPORT_ERR & opts)
5406 sdebug_any_injecting_opt = true;
5407 else if (SCSI_DEBUG_OPT_DIF_ERR & opts)
5408 sdebug_any_injecting_opt = true;
5409 else if (SCSI_DEBUG_OPT_DIX_ERR & opts)
5410 sdebug_any_injecting_opt = true;
5411 else if (SCSI_DEBUG_OPT_SHORT_TRANSFER & opts)
5412 sdebug_any_injecting_opt = true;
5414 error = scsi_add_host(hpnt, &sdbg_host->dev);
5416 printk(KERN_ERR "%s: scsi_add_host failed\n", __func__);
5418 scsi_host_put(hpnt);
5420 scsi_scan_host(hpnt);
5425 static int sdebug_driver_remove(struct device * dev)
5427 struct sdebug_host_info *sdbg_host;
5428 struct sdebug_dev_info *sdbg_devinfo, *tmp;
5430 sdbg_host = to_sdebug_host(dev);
5433 printk(KERN_ERR "%s: Unable to locate host info\n",
5438 scsi_remove_host(sdbg_host->shost);
5440 list_for_each_entry_safe(sdbg_devinfo, tmp, &sdbg_host->dev_info_list,
5442 list_del(&sdbg_devinfo->dev_list);
5443 kfree(sdbg_devinfo);
5446 scsi_host_put(sdbg_host->shost);
5450 static int pseudo_lld_bus_match(struct device *dev,
5451 struct device_driver *dev_driver)
5456 static struct bus_type pseudo_lld_bus = {
5458 .match = pseudo_lld_bus_match,
5459 .probe = sdebug_driver_probe,
5460 .remove = sdebug_driver_remove,
5461 .drv_groups = sdebug_drv_groups,
Code Review / kvmfornfv.git / blob