projects / GitHub / mt8127 / android_kernel_alcatel_ttab.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
target: remove control CDB flags
[GitHub/mt8127/android_kernel_alcatel_ttab.git] / drivers / target / target_core_transport.c
CommitLineData
c66ac9db
NB		 1/*******************************************************************************
2 * Filename: target_core_transport.c
3 *
4 * This file contains the Generic Target Engine Core.
5 *
6 * Copyright (c) 2002, 2003, 2004, 2005 PyX Technologies, Inc.
7 * Copyright (c) 2005, 2006, 2007 SBE, Inc.
8 * Copyright (c) 2007-2010 Rising Tide Systems
9 * Copyright (c) 2008-2010 Linux-iSCSI.org
10 *
11 * Nicholas A. Bellinger <nab@kernel.org>
12 *
13 * This program is free software; you can redistribute it and/or modify
14 * it under the terms of the GNU General Public License as published by
15 * the Free Software Foundation; either version 2 of the License, or
16 * (at your option) any later version.
17 *
18 * This program is distributed in the hope that it will be useful,
19 * but WITHOUT ANY WARRANTY; without even the implied warranty of
20 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
21 * GNU General Public License for more details.
22 *
23 * You should have received a copy of the GNU General Public License
24 * along with this program; if not, write to the Free Software
25 * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
26 *
27 ******************************************************************************/
28
c66ac9db
NB		 29#include <linux/net.h>
30#include <linux/delay.h>
31#include <linux/string.h>
32#include <linux/timer.h>
33#include <linux/slab.h>
34#include <linux/blkdev.h>
35#include <linux/spinlock.h>
c66ac9db
NB		 36#include <linux/kthread.h>
37#include <linux/in.h>
38#include <linux/cdrom.h>
827509e3 39#include <linux/module.h>
015487b8 40#include <linux/ratelimit.h>
c66ac9db
NB		 41#include <asm/unaligned.h>
42#include <net/sock.h>
43#include <net/tcp.h>
44#include <scsi/scsi.h>
45#include <scsi/scsi_cmnd.h>
e66ecd50 46#include <scsi/scsi_tcq.h>
c66ac9db
NB		 47
48#include <target/target_core_base.h>
c4795fb2
CH		 49#include <target/target_core_backend.h>
50#include <target/target_core_fabric.h>
c66ac9db
NB		 51#include <target/target_core_configfs.h>
52
e26d99ae 53#include "target_core_internal.h"
c66ac9db 54#include "target_core_alua.h"
c66ac9db 55#include "target_core_pr.h"
c66ac9db
NB		 56#include "target_core_ua.h"
57
e3d6f909 58static int sub_api_initialized;
c66ac9db 59
35e0e757 60static struct workqueue_struct *target_completion_wq;
c66ac9db 61static struct kmem_cache *se_sess_cache;
c66ac9db 62struct kmem_cache *se_ua_cache;
c66ac9db
NB		 63struct kmem_cache *t10_pr_reg_cache;
64struct kmem_cache *t10_alua_lu_gp_cache;
65struct kmem_cache *t10_alua_lu_gp_mem_cache;
66struct kmem_cache *t10_alua_tg_pt_gp_cache;
67struct kmem_cache *t10_alua_tg_pt_gp_mem_cache;
68
c66ac9db 69static int transport_generic_write_pending(struct se_cmd *);
5951146d 70static int transport_processing_thread(void *param);
4d2300cc 71static int __transport_execute_tasks(struct se_device *dev, struct se_cmd *);
c66ac9db 72static void transport_complete_task_attr(struct se_cmd *cmd);
07bde79a 73static void transport_handle_queue_full(struct se_cmd *cmd,
e057f533 74 struct se_device *dev);
05d1c7c0 75static int transport_generic_get_mem(struct se_cmd *cmd);
39c05f32 76static void transport_put_cmd(struct se_cmd *cmd);
3df8d40b 77static void transport_remove_cmd_from_queue(struct se_cmd *cmd);
c66ac9db 78static int transport_set_sense_codes(struct se_cmd *cmd, u8 asc, u8 ascq);
35e0e757 79static void target_complete_ok_work(struct work_struct *work);
c66ac9db 80
e3d6f909 81int init_se_kmem_caches(void)
c66ac9db 82{
c66ac9db
NB		 83 se_sess_cache = kmem_cache_create("se_sess_cache",
84 sizeof(struct se_session), __alignof__(struct se_session),
85 0, NULL);
6708bb27
AG		 86 if (!se_sess_cache) {
87 pr_err("kmem_cache_create() for struct se_session"
c66ac9db 88 " failed\n");
c8e31f26 89 goto out;
c66ac9db
NB		 90 }
91 se_ua_cache = kmem_cache_create("se_ua_cache",
92 sizeof(struct se_ua), __alignof__(struct se_ua),
93 0, NULL);
6708bb27
AG		 94 if (!se_ua_cache) {
95 pr_err("kmem_cache_create() for struct se_ua failed\n");
35e0e757 96 goto out_free_sess_cache;
c66ac9db 97 }
c66ac9db
NB		 98 t10_pr_reg_cache = kmem_cache_create("t10_pr_reg_cache",
99 sizeof(struct t10_pr_registration),
100 __alignof__(struct t10_pr_registration), 0, NULL);
6708bb27
AG		 101 if (!t10_pr_reg_cache) {
102 pr_err("kmem_cache_create() for struct t10_pr_registration"
c66ac9db 103 " failed\n");
35e0e757 104 goto out_free_ua_cache;
c66ac9db
NB		 105 }
106 t10_alua_lu_gp_cache = kmem_cache_create("t10_alua_lu_gp_cache",
107 sizeof(struct t10_alua_lu_gp), __alignof__(struct t10_alua_lu_gp),
108 0, NULL);
6708bb27
AG		 109 if (!t10_alua_lu_gp_cache) {
110 pr_err("kmem_cache_create() for t10_alua_lu_gp_cache"
c66ac9db 111 " failed\n");
35e0e757 112 goto out_free_pr_reg_cache;
c66ac9db
NB		 113 }
114 t10_alua_lu_gp_mem_cache = kmem_cache_create("t10_alua_lu_gp_mem_cache",
115 sizeof(struct t10_alua_lu_gp_member),
116 __alignof__(struct t10_alua_lu_gp_member), 0, NULL);
6708bb27
AG		 117 if (!t10_alua_lu_gp_mem_cache) {
118 pr_err("kmem_cache_create() for t10_alua_lu_gp_mem_"
c66ac9db 119 "cache failed\n");
35e0e757 120 goto out_free_lu_gp_cache;
c66ac9db
NB		 121 }
122 t10_alua_tg_pt_gp_cache = kmem_cache_create("t10_alua_tg_pt_gp_cache",
123 sizeof(struct t10_alua_tg_pt_gp),
124 __alignof__(struct t10_alua_tg_pt_gp), 0, NULL);
6708bb27
AG		 125 if (!t10_alua_tg_pt_gp_cache) {
126 pr_err("kmem_cache_create() for t10_alua_tg_pt_gp_"
c66ac9db 127 "cache failed\n");
35e0e757 128 goto out_free_lu_gp_mem_cache;
c66ac9db
NB		 129 }
130 t10_alua_tg_pt_gp_mem_cache = kmem_cache_create(
131 "t10_alua_tg_pt_gp_mem_cache",
132 sizeof(struct t10_alua_tg_pt_gp_member),
133 __alignof__(struct t10_alua_tg_pt_gp_member),
134 0, NULL);
6708bb27
AG		 135 if (!t10_alua_tg_pt_gp_mem_cache) {
136 pr_err("kmem_cache_create() for t10_alua_tg_pt_gp_"
c66ac9db 137 "mem_t failed\n");
35e0e757 138 goto out_free_tg_pt_gp_cache;
c66ac9db
NB		 139 }
140
35e0e757
CH		 141 target_completion_wq = alloc_workqueue("target_completion",
142 WQ_MEM_RECLAIM, 0);
143 if (!target_completion_wq)
144 goto out_free_tg_pt_gp_mem_cache;
145
c66ac9db 146 return 0;
35e0e757
CH		 147
148out_free_tg_pt_gp_mem_cache:
149 kmem_cache_destroy(t10_alua_tg_pt_gp_mem_cache);
150out_free_tg_pt_gp_cache:
151 kmem_cache_destroy(t10_alua_tg_pt_gp_cache);
152out_free_lu_gp_mem_cache:
153 kmem_cache_destroy(t10_alua_lu_gp_mem_cache);
154out_free_lu_gp_cache:
155 kmem_cache_destroy(t10_alua_lu_gp_cache);
156out_free_pr_reg_cache:
157 kmem_cache_destroy(t10_pr_reg_cache);
158out_free_ua_cache:
159 kmem_cache_destroy(se_ua_cache);
160out_free_sess_cache:
161 kmem_cache_destroy(se_sess_cache);
c66ac9db 162out:
e3d6f909 163 return -ENOMEM;
c66ac9db
NB		 164}
165
e3d6f909 166void release_se_kmem_caches(void)
c66ac9db 167{
35e0e757 168 destroy_workqueue(target_completion_wq);
c66ac9db
NB		 169 kmem_cache_destroy(se_sess_cache);
170 kmem_cache_destroy(se_ua_cache);
c66ac9db
NB		 171 kmem_cache_destroy(t10_pr_reg_cache);
172 kmem_cache_destroy(t10_alua_lu_gp_cache);
173 kmem_cache_destroy(t10_alua_lu_gp_mem_cache);
174 kmem_cache_destroy(t10_alua_tg_pt_gp_cache);
175 kmem_cache_destroy(t10_alua_tg_pt_gp_mem_cache);
c66ac9db
NB		 176}
177
e3d6f909
AG		 178/* This code ensures unique mib indexes are handed out. */
179static DEFINE_SPINLOCK(scsi_mib_index_lock);
180static u32 scsi_mib_index[SCSI_INDEX_TYPE_MAX];
e89d15ee
NB		 181
182/*
183 * Allocate a new row index for the entry type specified
184 */
185u32 scsi_get_new_index(scsi_index_t type)
186{
187 u32 new_index;
188
e3d6f909 189 BUG_ON((type < 0) || (type >= SCSI_INDEX_TYPE_MAX));
e89d15ee 190
e3d6f909
AG		 191 spin_lock(&scsi_mib_index_lock);
192 new_index = ++scsi_mib_index[type];
193 spin_unlock(&scsi_mib_index_lock);
e89d15ee
NB		 194
195 return new_index;
196}
197
e26d99ae 198static void transport_init_queue_obj(struct se_queue_obj *qobj)
c66ac9db
NB		 199{
200 atomic_set(&qobj->queue_cnt, 0);
201 INIT_LIST_HEAD(&qobj->qobj_list);
202 init_waitqueue_head(&qobj->thread_wq);
203 spin_lock_init(&qobj->cmd_queue_lock);
204}
c66ac9db 205
dbc5623e 206void transport_subsystem_check_init(void)
c66ac9db
NB		 207{
208 int ret;
209
dbc5623e
NB		 210 if (sub_api_initialized)
211 return;
212
c66ac9db
NB		 213 ret = request_module("target_core_iblock");
214 if (ret != 0)
6708bb27 215 pr_err("Unable to load target_core_iblock\n");
c66ac9db
NB		 216
217 ret = request_module("target_core_file");
218 if (ret != 0)
6708bb27 219 pr_err("Unable to load target_core_file\n");
c66ac9db
NB		 220
221 ret = request_module("target_core_pscsi");
222 if (ret != 0)
6708bb27 223 pr_err("Unable to load target_core_pscsi\n");
c66ac9db
NB		 224
225 ret = request_module("target_core_stgt");
226 if (ret != 0)
6708bb27 227 pr_err("Unable to load target_core_stgt\n");
c66ac9db 228
e3d6f909 229 sub_api_initialized = 1;
dbc5623e 230 return;
c66ac9db
NB		 231}
232
233struct se_session *transport_init_session(void)
234{
235 struct se_session *se_sess;
236
237 se_sess = kmem_cache_zalloc(se_sess_cache, GFP_KERNEL);
6708bb27
AG		 238 if (!se_sess) {
239 pr_err("Unable to allocate struct se_session from"
c66ac9db
NB		 240 " se_sess_cache\n");
241 return ERR_PTR(-ENOMEM);
242 }
243 INIT_LIST_HEAD(&se_sess->sess_list);
244 INIT_LIST_HEAD(&se_sess->sess_acl_list);
a17f091d
NB		 245 INIT_LIST_HEAD(&se_sess->sess_cmd_list);
246 INIT_LIST_HEAD(&se_sess->sess_wait_list);
247 spin_lock_init(&se_sess->sess_cmd_lock);
41ac82b6 248 kref_init(&se_sess->sess_kref);
c66ac9db
NB		 249
250 return se_sess;
251}
252EXPORT_SYMBOL(transport_init_session);
253
254/*
140854cb 255 * Called with spin_lock_irqsave(&struct se_portal_group->session_lock called.
c66ac9db
NB		 256 */
257void __transport_register_session(
258 struct se_portal_group *se_tpg,
259 struct se_node_acl *se_nacl,
260 struct se_session *se_sess,
261 void *fabric_sess_ptr)
262{
263 unsigned char buf[PR_REG_ISID_LEN];
264
265 se_sess->se_tpg = se_tpg;
266 se_sess->fabric_sess_ptr = fabric_sess_ptr;
267 /*
268 * Used by struct se_node_acl's under ConfigFS to locate active se_session-t
269 *
270 * Only set for struct se_session's that will actually be moving I/O.
271 * eg: *NOT* discovery sessions.
272 */
273 if (se_nacl) {
274 /*
275 * If the fabric module supports an ISID based TransportID,
276 * save this value in binary from the fabric I_T Nexus now.
277 */
e3d6f909 278 if (se_tpg->se_tpg_tfo->sess_get_initiator_sid != NULL) {
c66ac9db 279 memset(&buf[0], 0, PR_REG_ISID_LEN);
e3d6f909 280 se_tpg->se_tpg_tfo->sess_get_initiator_sid(se_sess,
c66ac9db
NB		 281 &buf[0], PR_REG_ISID_LEN);
282 se_sess->sess_bin_isid = get_unaligned_be64(&buf[0]);
283 }
afb999ff
NB		 284 kref_get(&se_nacl->acl_kref);
285
c66ac9db
NB		 286 spin_lock_irq(&se_nacl->nacl_sess_lock);
287 /*
288 * The se_nacl->nacl_sess pointer will be set to the
289 * last active I_T Nexus for each struct se_node_acl.
290 */
291 se_nacl->nacl_sess = se_sess;
292
293 list_add_tail(&se_sess->sess_acl_list,
294 &se_nacl->acl_sess_list);
295 spin_unlock_irq(&se_nacl->nacl_sess_lock);
296 }
297 list_add_tail(&se_sess->sess_list, &se_tpg->tpg_sess_list);
298
6708bb27 299 pr_debug("TARGET_CORE[%s]: Registered fabric_sess_ptr: %p\n",
e3d6f909 300 se_tpg->se_tpg_tfo->get_fabric_name(), se_sess->fabric_sess_ptr);
c66ac9db
NB		 301}
302EXPORT_SYMBOL(__transport_register_session);
303
304void transport_register_session(
305 struct se_portal_group *se_tpg,
306 struct se_node_acl *se_nacl,
307 struct se_session *se_sess,
308 void *fabric_sess_ptr)
309{
140854cb
NB		 310 unsigned long flags;
311
312 spin_lock_irqsave(&se_tpg->session_lock, flags);
c66ac9db 313 __transport_register_session(se_tpg, se_nacl, se_sess, fabric_sess_ptr);
140854cb 314 spin_unlock_irqrestore(&se_tpg->session_lock, flags);
c66ac9db
NB		 315}
316EXPORT_SYMBOL(transport_register_session);
317
4149268e 318void target_release_session(struct kref *kref)
41ac82b6
NB		 319{
320 struct se_session *se_sess = container_of(kref,
321 struct se_session, sess_kref);
322 struct se_portal_group *se_tpg = se_sess->se_tpg;
323
324 se_tpg->se_tpg_tfo->close_session(se_sess);
325}
326
327void target_get_session(struct se_session *se_sess)
328{
329 kref_get(&se_sess->sess_kref);
330}
331EXPORT_SYMBOL(target_get_session);
332
33933a0e 333void target_put_session(struct se_session *se_sess)
41ac82b6 334{
4149268e
JE		 335 struct se_portal_group *tpg = se_sess->se_tpg;
336
337 if (tpg->se_tpg_tfo->put_session != NULL) {
338 tpg->se_tpg_tfo->put_session(se_sess);
339 return;
340 }
33933a0e 341 kref_put(&se_sess->sess_kref, target_release_session);
41ac82b6
NB		 342}
343EXPORT_SYMBOL(target_put_session);
344
afb999ff
NB		 345static void target_complete_nacl(struct kref *kref)
346{
347 struct se_node_acl *nacl = container_of(kref,
348 struct se_node_acl, acl_kref);
349
350 complete(&nacl->acl_free_comp);
351}
352
353void target_put_nacl(struct se_node_acl *nacl)
354{
355 kref_put(&nacl->acl_kref, target_complete_nacl);
356}
357
c66ac9db
NB		 358void transport_deregister_session_configfs(struct se_session *se_sess)
359{
360 struct se_node_acl *se_nacl;
23388864 361 unsigned long flags;
c66ac9db
NB		 362 /*
363 * Used by struct se_node_acl's under ConfigFS to locate active struct se_session
364 */
365 se_nacl = se_sess->se_node_acl;
6708bb27 366 if (se_nacl) {
23388864 367 spin_lock_irqsave(&se_nacl->nacl_sess_lock, flags);
337c0607
NB		 368 if (se_nacl->acl_stop == 0)
369 list_del(&se_sess->sess_acl_list);
c66ac9db
NB		 370 /*
371 * If the session list is empty, then clear the pointer.
372 * Otherwise, set the struct se_session pointer from the tail
373 * element of the per struct se_node_acl active session list.
374 */
375 if (list_empty(&se_nacl->acl_sess_list))
376 se_nacl->nacl_sess = NULL;
377 else {
378 se_nacl->nacl_sess = container_of(
379 se_nacl->acl_sess_list.prev,
380 struct se_session, sess_acl_list);
381 }
23388864 382 spin_unlock_irqrestore(&se_nacl->nacl_sess_lock, flags);
c66ac9db
NB		 383 }
384}
385EXPORT_SYMBOL(transport_deregister_session_configfs);
386
387void transport_free_session(struct se_session *se_sess)
388{
389 kmem_cache_free(se_sess_cache, se_sess);
390}
391EXPORT_SYMBOL(transport_free_session);
392
393void transport_deregister_session(struct se_session *se_sess)
394{
395 struct se_portal_group *se_tpg = se_sess->se_tpg;
01468346 396 struct target_core_fabric_ops *se_tfo;
c66ac9db 397 struct se_node_acl *se_nacl;
e63a8e19 398 unsigned long flags;
01468346 399 bool comp_nacl = true;
c66ac9db 400
6708bb27 401 if (!se_tpg) {
c66ac9db
NB		 402 transport_free_session(se_sess);
403 return;
404 }
01468346 405 se_tfo = se_tpg->se_tpg_tfo;
c66ac9db 406
e63a8e19 407 spin_lock_irqsave(&se_tpg->session_lock, flags);
c66ac9db
NB		 408 list_del(&se_sess->sess_list);
409 se_sess->se_tpg = NULL;
410 se_sess->fabric_sess_ptr = NULL;
e63a8e19 411 spin_unlock_irqrestore(&se_tpg->session_lock, flags);
c66ac9db
NB		 412
413 /*
414 * Determine if we need to do extra work for this initiator node's
415 * struct se_node_acl if it had been previously dynamically generated.
416 */
417 se_nacl = se_sess->se_node_acl;
01468346
NB		 418
419 spin_lock_irqsave(&se_tpg->acl_node_lock, flags);
420 if (se_nacl && se_nacl->dynamic_node_acl) {
421 if (!se_tfo->tpg_check_demo_mode_cache(se_tpg)) {
422 list_del(&se_nacl->acl_list);
423 se_tpg->num_node_acls--;
424 spin_unlock_irqrestore(&se_tpg->acl_node_lock, flags);
425 core_tpg_wait_for_nacl_pr_ref(se_nacl);
426 core_free_device_list_for_node(se_nacl, se_tpg);
427 se_tfo->tpg_release_fabric_acl(se_tpg, se_nacl);
428
429 comp_nacl = false;
430 spin_lock_irqsave(&se_tpg->acl_node_lock, flags);
c66ac9db 431 }
c66ac9db 432 }
01468346 433 spin_unlock_irqrestore(&se_tpg->acl_node_lock, flags);
c66ac9db 434
6708bb27 435 pr_debug("TARGET_CORE[%s]: Deregistered fabric_sess\n",
e3d6f909 436 se_tpg->se_tpg_tfo->get_fabric_name());
01468346 437 /*
afb999ff
NB		 438 * If last kref is dropping now for an explict NodeACL, awake sleeping
439 * ->acl_free_comp caller to wakeup configfs se_node_acl->acl_group
440 * removal context.
01468346
NB		 441 */
442 if (se_nacl && comp_nacl == true)
afb999ff 443 target_put_nacl(se_nacl);
01468346 444
afb999ff 445 transport_free_session(se_sess);
c66ac9db
NB		 446}
447EXPORT_SYMBOL(transport_deregister_session);
448
449/*
a1d8b49a 450 * Called with cmd->t_state_lock held.
c66ac9db 451 */
cf572a96 452static void target_remove_from_state_list(struct se_cmd *cmd)
c66ac9db 453{
42bf829e 454 struct se_device *dev = cmd->se_dev;
c66ac9db
NB		 455 unsigned long flags;
456
42bf829e
CH		 457 if (!dev)
458 return;
c66ac9db 459
cf572a96
CH		 460 if (cmd->transport_state & CMD_T_BUSY)
461 return;
c66ac9db 462
cf572a96
CH		 463 spin_lock_irqsave(&dev->execute_task_lock, flags);
464 if (cmd->state_active) {
465 list_del(&cmd->state_list);
cf572a96 466 cmd->state_active = false;
c66ac9db 467 }
cf572a96 468 spin_unlock_irqrestore(&dev->execute_task_lock, flags);
c66ac9db
NB		 469}
470
471/* transport_cmd_check_stop():
472 *
7d680f3b 473 * 'transport_off = 1' determines if CMD_T_ACTIVE should be cleared.
c66ac9db
NB		 474 * 'transport_off = 2' determines if task_dev_state should be removed.
475 *
476 * A non-zero u8 t_state sets cmd->t_state.
477 * Returns 1 when command is stopped, else 0.
478 */
479static int transport_cmd_check_stop(
480 struct se_cmd *cmd,
481 int transport_off,
482 u8 t_state)
483{
484 unsigned long flags;
485
a1d8b49a 486 spin_lock_irqsave(&cmd->t_state_lock, flags);
c66ac9db
NB		 487 /*
488 * Determine if IOCTL context caller in requesting the stopping of this
489 * command for LUN shutdown purposes.
490 */
7d680f3b
CH		 491 if (cmd->transport_state & CMD_T_LUN_STOP) {
492 pr_debug("%s:%d CMD_T_LUN_STOP for ITT: 0x%08x\n",
493 __func__, __LINE__, cmd->se_tfo->get_task_tag(cmd));
c66ac9db 494
7d680f3b 495 cmd->transport_state &= ~CMD_T_ACTIVE;
c66ac9db 496 if (transport_off == 2)
cf572a96 497 target_remove_from_state_list(cmd);
a1d8b49a 498 spin_unlock_irqrestore(&cmd->t_state_lock, flags);
c66ac9db 499
a1d8b49a 500 complete(&cmd->transport_lun_stop_comp);
c66ac9db
NB		 501 return 1;
502 }
503 /*
504 * Determine if frontend context caller is requesting the stopping of
e3d6f909 505 * this command for frontend exceptions.
c66ac9db 506 */
7d680f3b
CH		 507 if (cmd->transport_state & CMD_T_STOP) {
508 pr_debug("%s:%d CMD_T_STOP for ITT: 0x%08x\n",
509 __func__, __LINE__,
e3d6f909 510 cmd->se_tfo->get_task_tag(cmd));
c66ac9db 511
c66ac9db 512 if (transport_off == 2)
cf572a96 513 target_remove_from_state_list(cmd);
c66ac9db
NB		 514
515 /*
516 * Clear struct se_cmd->se_lun before the transport_off == 2 handoff
517 * to FE.
518 */
519 if (transport_off == 2)
520 cmd->se_lun = NULL;
a1d8b49a 521 spin_unlock_irqrestore(&cmd->t_state_lock, flags);
c66ac9db 522
a1d8b49a 523 complete(&cmd->t_transport_stop_comp);
c66ac9db
NB		 524 return 1;
525 }
526 if (transport_off) {
7d680f3b 527 cmd->transport_state &= ~CMD_T_ACTIVE;
c66ac9db 528 if (transport_off == 2) {
cf572a96 529 target_remove_from_state_list(cmd);
c66ac9db
NB		 530 /*
531 * Clear struct se_cmd->se_lun before the transport_off == 2
532 * handoff to fabric module.
533 */
534 cmd->se_lun = NULL;
535 /*
536 * Some fabric modules like tcm_loop can release
25985edc 537 * their internally allocated I/O reference now and
c66ac9db 538 * struct se_cmd now.
88dd9e26
NB		 539 *
540 * Fabric modules are expected to return '1' here if the
541 * se_cmd being passed is released at this point,
542 * or zero if not being released.
c66ac9db 543 */
e3d6f909 544 if (cmd->se_tfo->check_stop_free != NULL) {
c66ac9db 545 spin_unlock_irqrestore(
a1d8b49a 546 &cmd->t_state_lock, flags);
c66ac9db 547
88dd9e26 548 return cmd->se_tfo->check_stop_free(cmd);
c66ac9db
NB		 549 }
550 }
a1d8b49a 551 spin_unlock_irqrestore(&cmd->t_state_lock, flags);
c66ac9db
NB		 552
553 return 0;
554 } else if (t_state)
555 cmd->t_state = t_state;
a1d8b49a 556 spin_unlock_irqrestore(&cmd->t_state_lock, flags);
c66ac9db
NB		 557
558 return 0;
559}
560
561static int transport_cmd_check_stop_to_fabric(struct se_cmd *cmd)
562{
563 return transport_cmd_check_stop(cmd, 2, 0);
564}
565
566static void transport_lun_remove_cmd(struct se_cmd *cmd)
567{
e3d6f909 568 struct se_lun *lun = cmd->se_lun;
c66ac9db
NB		 569 unsigned long flags;
570
571 if (!lun)
572 return;
573
a1d8b49a 574 spin_lock_irqsave(&cmd->t_state_lock, flags);
7d680f3b
CH		 575 if (cmd->transport_state & CMD_T_DEV_ACTIVE) {
576 cmd->transport_state &= ~CMD_T_DEV_ACTIVE;
cf572a96 577 target_remove_from_state_list(cmd);
c66ac9db 578 }
a1d8b49a 579 spin_unlock_irqrestore(&cmd->t_state_lock, flags);
c66ac9db 580
c66ac9db 581 spin_lock_irqsave(&lun->lun_cmd_lock, flags);
3d26fea0
CH		 582 if (!list_empty(&cmd->se_lun_node))
583 list_del_init(&cmd->se_lun_node);
c66ac9db
NB		 584 spin_unlock_irqrestore(&lun->lun_cmd_lock, flags);
585}
586
587void transport_cmd_finish_abort(struct se_cmd *cmd, int remove)
588{
c8e31f26 589 if (!(cmd->se_cmd_flags & SCF_SCSI_TMR_CDB))
8dc52b54 590 transport_lun_remove_cmd(cmd);
c66ac9db
NB		 591
592 if (transport_cmd_check_stop_to_fabric(cmd))
593 return;
77039d1e 594 if (remove) {
3df8d40b 595 transport_remove_cmd_from_queue(cmd);
e6a2573f 596 transport_put_cmd(cmd);
77039d1e 597 }
c66ac9db
NB		 598}
599
f7a5cc0b
CH		 600static void transport_add_cmd_to_queue(struct se_cmd *cmd, int t_state,
601 bool at_head)
c66ac9db
NB		 602{
603 struct se_device *dev = cmd->se_dev;
e3d6f909 604 struct se_queue_obj *qobj = &dev->dev_queue_obj;
c66ac9db
NB		 605 unsigned long flags;
606
c66ac9db 607 if (t_state) {
a1d8b49a 608 spin_lock_irqsave(&cmd->t_state_lock, flags);
c66ac9db 609 cmd->t_state = t_state;
7d680f3b 610 cmd->transport_state |= CMD_T_ACTIVE;
a1d8b49a 611 spin_unlock_irqrestore(&cmd->t_state_lock, flags);
c66ac9db
NB		 612 }
613
614 spin_lock_irqsave(&qobj->cmd_queue_lock, flags);
79a7fef2
RD		 615
616 /* If the cmd is already on the list, remove it before we add it */
617 if (!list_empty(&cmd->se_queue_node))
618 list_del(&cmd->se_queue_node);
619 else
620 atomic_inc(&qobj->queue_cnt);
621
f7a5cc0b 622 if (at_head)
07bde79a 623 list_add(&cmd->se_queue_node, &qobj->qobj_list);
f7a5cc0b 624 else
07bde79a 625 list_add_tail(&cmd->se_queue_node, &qobj->qobj_list);
7d680f3b 626 cmd->transport_state |= CMD_T_QUEUED;
c66ac9db
NB		 627 spin_unlock_irqrestore(&qobj->cmd_queue_lock, flags);
628
c66ac9db 629 wake_up_interruptible(&qobj->thread_wq);
c66ac9db
NB		 630}
631
5951146d
AG		 632static struct se_cmd *
633transport_get_cmd_from_queue(struct se_queue_obj *qobj)
c66ac9db 634{
5951146d 635 struct se_cmd *cmd;
c66ac9db
NB		 636 unsigned long flags;
637
638 spin_lock_irqsave(&qobj->cmd_queue_lock, flags);
639 if (list_empty(&qobj->qobj_list)) {
640 spin_unlock_irqrestore(&qobj->cmd_queue_lock, flags);
641 return NULL;
642 }
5951146d 643 cmd = list_first_entry(&qobj->qobj_list, struct se_cmd, se_queue_node);
c66ac9db 644
7d680f3b 645 cmd->transport_state &= ~CMD_T_QUEUED;
79a7fef2 646 list_del_init(&cmd->se_queue_node);
c66ac9db
NB		 647 atomic_dec(&qobj->queue_cnt);
648 spin_unlock_irqrestore(&qobj->cmd_queue_lock, flags);
649
5951146d 650 return cmd;
c66ac9db
NB		 651}
652
3df8d40b 653static void transport_remove_cmd_from_queue(struct se_cmd *cmd)
c66ac9db 654{
3df8d40b 655 struct se_queue_obj *qobj = &cmd->se_dev->dev_queue_obj;
c66ac9db
NB		 656 unsigned long flags;
657
658 spin_lock_irqsave(&qobj->cmd_queue_lock, flags);
7d680f3b 659 if (!(cmd->transport_state & CMD_T_QUEUED)) {
c66ac9db
NB		 660 spin_unlock_irqrestore(&qobj->cmd_queue_lock, flags);
661 return;
662 }
7d680f3b 663 cmd->transport_state &= ~CMD_T_QUEUED;
79a7fef2
RD		 664 atomic_dec(&qobj->queue_cnt);
665 list_del_init(&cmd->se_queue_node);
c66ac9db 666 spin_unlock_irqrestore(&qobj->cmd_queue_lock, flags);
c66ac9db
NB		 667}
668
35e0e757
CH		 669static void target_complete_failure_work(struct work_struct *work)
670{
671 struct se_cmd *cmd = container_of(work, struct se_cmd, work);
672
03e98c9e 673 transport_generic_request_failure(cmd);
35e0e757
CH		 674}
675
5787cacd 676void target_complete_cmd(struct se_cmd *cmd, u8 scsi_status)
c66ac9db 677{
42bf829e 678 struct se_device *dev = cmd->se_dev;
5787cacd 679 int success = scsi_status == GOOD;
c66ac9db 680 unsigned long flags;
c66ac9db 681
5787cacd
CH		 682 cmd->scsi_status = scsi_status;
683
684
a1d8b49a 685 spin_lock_irqsave(&cmd->t_state_lock, flags);
cf572a96 686 cmd->transport_state &= ~CMD_T_BUSY;
c66ac9db 687
c66ac9db 688 if (dev && dev->transport->transport_complete) {
5787cacd
CH		 689 if (dev->transport->transport_complete(cmd,
690 cmd->t_data_sg) != 0) {
c66ac9db 691 cmd->se_cmd_flags |= SCF_TRANSPORT_TASK_SENSE;
c66ac9db
NB		 692 success = 1;
693 }
694 }
695
696 /*
5787cacd 697 * See if we are waiting to complete for an exception condition.
c66ac9db 698 */
cf572a96 699 if (cmd->transport_state & CMD_T_REQUEST_STOP) {
a1d8b49a 700 spin_unlock_irqrestore(&cmd->t_state_lock, flags);
cf572a96 701 complete(&cmd->task_stop_comp);
c66ac9db
NB		 702 return;
703 }
2235007c
CH		 704
705 if (!success)
7d680f3b 706 cmd->transport_state |= CMD_T_FAILED;
2235007c 707
3d28934a
NB		 708 /*
709 * Check for case where an explict ABORT_TASK has been received
710 * and transport_wait_for_tasks() will be waiting for completion..
711 */
712 if (cmd->transport_state & CMD_T_ABORTED &&
713 cmd->transport_state & CMD_T_STOP) {
714 spin_unlock_irqrestore(&cmd->t_state_lock, flags);
715 complete(&cmd->t_transport_stop_comp);
716 return;
717 } else if (cmd->transport_state & CMD_T_FAILED) {
41e16e98 718 cmd->scsi_sense_reason = TCM_LOGICAL_UNIT_COMMUNICATION_FAILURE;
35e0e757 719 INIT_WORK(&cmd->work, target_complete_failure_work);
c66ac9db 720 } else {
35e0e757 721 INIT_WORK(&cmd->work, target_complete_ok_work);
c66ac9db 722 }
35e0e757 723
35e0e757 724 cmd->t_state = TRANSPORT_COMPLETE;
3d28934a 725 cmd->transport_state |= (CMD_T_COMPLETE | CMD_T_ACTIVE);
a1d8b49a 726 spin_unlock_irqrestore(&cmd->t_state_lock, flags);
c66ac9db 727
35e0e757 728 queue_work(target_completion_wq, &cmd->work);
c66ac9db 729}
6bb35e00
CH		 730EXPORT_SYMBOL(target_complete_cmd);
731
cf572a96 732static void target_add_to_state_list(struct se_cmd *cmd)
c66ac9db 733{
cf572a96
CH		 734 struct se_device *dev = cmd->se_dev;
735 unsigned long flags;
c66ac9db 736
cf572a96
CH		 737 spin_lock_irqsave(&dev->execute_task_lock, flags);
738 if (!cmd->state_active) {
739 list_add_tail(&cmd->state_list, &dev->state_list);
740 cmd->state_active = true;
c66ac9db 741 }
cf572a96 742 spin_unlock_irqrestore(&dev->execute_task_lock, flags);
c66ac9db
NB		 743}
744
cf572a96 745static void __target_add_to_execute_list(struct se_cmd *cmd)
c66ac9db 746{
cf572a96
CH		 747 struct se_device *dev = cmd->se_dev;
748 bool head_of_queue = false;
c66ac9db 749
cf572a96 750 if (!list_empty(&cmd->execute_list))
c66ac9db 751 return;
c66ac9db 752
cf572a96
CH		 753 if (dev->dev_task_attr_type == SAM_TASK_ATTR_EMULATED &&
754 cmd->sam_task_attr == MSG_HEAD_TAG)
755 head_of_queue = true;
c66ac9db 756
cf572a96
CH		 757 if (head_of_queue)
758 list_add(&cmd->execute_list, &dev->execute_list);
759 else
760 list_add_tail(&cmd->execute_list, &dev->execute_list);
785fdf70 761
cf572a96 762 atomic_inc(&dev->execute_tasks);
1880807a 763
cf572a96
CH		 764 if (cmd->state_active)
765 return;
c66ac9db 766
cf572a96
CH		 767 if (head_of_queue)
768 list_add(&cmd->state_list, &dev->state_list);
769 else
770 list_add_tail(&cmd->state_list, &dev->state_list);
c66ac9db 771
cf572a96 772 cmd->state_active = true;
4d2300cc
NB		 773}
774
cf572a96 775static void target_add_to_execute_list(struct se_cmd *cmd)
4d2300cc
NB		 776{
777 unsigned long flags;
778 struct se_device *dev = cmd->se_dev;
779
780 spin_lock_irqsave(&dev->execute_task_lock, flags);
cf572a96 781 __target_add_to_execute_list(cmd);
c66ac9db 782 spin_unlock_irqrestore(&dev->execute_task_lock, flags);
c66ac9db
NB		 783}
784
cf572a96 785void __target_remove_from_execute_list(struct se_cmd *cmd)
04629b7b 786{
cf572a96
CH		 787 list_del_init(&cmd->execute_list);
788 atomic_dec(&cmd->se_dev->execute_tasks);
04629b7b
CH		 789}
790
cf572a96 791static void target_remove_from_execute_list(struct se_cmd *cmd)
c66ac9db 792{
cf572a96 793 struct se_device *dev = cmd->se_dev;
c66ac9db
NB		 794 unsigned long flags;
795
cf572a96 796 if (WARN_ON(list_empty(&cmd->execute_list)))
af57c3ac 797 return;
af57c3ac 798
c66ac9db 799 spin_lock_irqsave(&dev->execute_task_lock, flags);
cf572a96 800 __target_remove_from_execute_list(cmd);
c66ac9db
NB		 801 spin_unlock_irqrestore(&dev->execute_task_lock, flags);
802}
803
07bde79a 804/*
f147abb4 805 * Handle QUEUE_FULL / -EAGAIN and -ENOMEM status
07bde79a
NB		 806 */
807
808static void target_qf_do_work(struct work_struct *work)
809{
810 struct se_device *dev = container_of(work, struct se_device,
811 qf_work_queue);
bcac364a 812 LIST_HEAD(qf_cmd_list);
07bde79a
NB		 813 struct se_cmd *cmd, *cmd_tmp;
814
815 spin_lock_irq(&dev->qf_cmd_lock);
bcac364a
RD		 816 list_splice_init(&dev->qf_cmd_list, &qf_cmd_list);
817 spin_unlock_irq(&dev->qf_cmd_lock);
07bde79a 818
bcac364a 819 list_for_each_entry_safe(cmd, cmd_tmp, &qf_cmd_list, se_qf_node) {
07bde79a
NB		 820 list_del(&cmd->se_qf_node);
821 atomic_dec(&dev->dev_qf_count);
822 smp_mb__after_atomic_dec();
07bde79a 823
6708bb27 824 pr_debug("Processing %s cmd: %p QUEUE_FULL in work queue"
07bde79a 825 " context: %s\n", cmd->se_tfo->get_fabric_name(), cmd,
e057f533 826 (cmd->t_state == TRANSPORT_COMPLETE_QF_OK) ? "COMPLETE_OK" :
07bde79a
NB		 827 (cmd->t_state == TRANSPORT_COMPLETE_QF_WP) ? "WRITE_PENDING"
828 : "UNKNOWN");
f7a5cc0b
CH		 829
830 transport_add_cmd_to_queue(cmd, cmd->t_state, true);
07bde79a 831 }
07bde79a
NB		 832}
833
c66ac9db
NB		 834unsigned char *transport_dump_cmd_direction(struct se_cmd *cmd)
835{
836 switch (cmd->data_direction) {
837 case DMA_NONE:
838 return "NONE";
839 case DMA_FROM_DEVICE:
840 return "READ";
841 case DMA_TO_DEVICE:
842 return "WRITE";
843 case DMA_BIDIRECTIONAL:
844 return "BIDI";
845 default:
846 break;
847 }
848
849 return "UNKNOWN";
850}
851
852void transport_dump_dev_state(
853 struct se_device *dev,
854 char *b,
855 int *bl)
856{
857 *bl += sprintf(b + *bl, "Status: ");
858 switch (dev->dev_status) {
859 case TRANSPORT_DEVICE_ACTIVATED:
860 *bl += sprintf(b + *bl, "ACTIVATED");
861 break;
862 case TRANSPORT_DEVICE_DEACTIVATED:
863 *bl += sprintf(b + *bl, "DEACTIVATED");
864 break;
865 case TRANSPORT_DEVICE_SHUTDOWN:
866 *bl += sprintf(b + *bl, "SHUTDOWN");
867 break;
868 case TRANSPORT_DEVICE_OFFLINE_ACTIVATED:
869 case TRANSPORT_DEVICE_OFFLINE_DEACTIVATED:
870 *bl += sprintf(b + *bl, "OFFLINE");
871 break;
872 default:
873 *bl += sprintf(b + *bl, "UNKNOWN=%d", dev->dev_status);
874 break;
875 }
876
65586d51
NB		 877 *bl += sprintf(b + *bl, " Execute/Max Queue Depth: %d/%d",
878 atomic_read(&dev->execute_tasks), dev->queue_depth);
11e764bd
NB		 879 *bl += sprintf(b + *bl, " SectorSize: %u HwMaxSectors: %u\n",
880 dev->se_sub_dev->se_dev_attrib.block_size,
881 dev->se_sub_dev->se_dev_attrib.hw_max_sectors);
c66ac9db
NB		 882 *bl += sprintf(b + *bl, " ");
883}
884
c66ac9db
NB		 885void transport_dump_vpd_proto_id(
886 struct t10_vpd *vpd,
887 unsigned char *p_buf,
888 int p_buf_len)
889{
890 unsigned char buf[VPD_TMP_BUF_SIZE];
891 int len;
892
893 memset(buf, 0, VPD_TMP_BUF_SIZE);
894 len = sprintf(buf, "T10 VPD Protocol Identifier: ");
895
896 switch (vpd->protocol_identifier) {
897 case 0x00:
898 sprintf(buf+len, "Fibre Channel\n");
899 break;
900 case 0x10:
901 sprintf(buf+len, "Parallel SCSI\n");
902 break;
903 case 0x20:
904 sprintf(buf+len, "SSA\n");
905 break;
906 case 0x30:
907 sprintf(buf+len, "IEEE 1394\n");
908 break;
909 case 0x40:
910 sprintf(buf+len, "SCSI Remote Direct Memory Access"
911 " Protocol\n");
912 break;
913 case 0x50:
914 sprintf(buf+len, "Internet SCSI (iSCSI)\n");
915 break;
916 case 0x60:
917 sprintf(buf+len, "SAS Serial SCSI Protocol\n");
918 break;
919 case 0x70:
920 sprintf(buf+len, "Automation/Drive Interface Transport"
921 " Protocol\n");
922 break;
923 case 0x80:
924 sprintf(buf+len, "AT Attachment Interface ATA/ATAPI\n");
925 break;
926 default:
927 sprintf(buf+len, "Unknown 0x%02x\n",
928 vpd->protocol_identifier);
929 break;
930 }
931
932 if (p_buf)
933 strncpy(p_buf, buf, p_buf_len);
934 else
6708bb27 935 pr_debug("%s", buf);
c66ac9db
NB		 936}
937
938void
939transport_set_vpd_proto_id(struct t10_vpd *vpd, unsigned char *page_83)
940{
941 /*
942 * Check if the Protocol Identifier Valid (PIV) bit is set..
943 *
944 * from spc3r23.pdf section 7.5.1
945 */
946 if (page_83[1] & 0x80) {
947 vpd->protocol_identifier = (page_83[0] & 0xf0);
948 vpd->protocol_identifier_set = 1;
949 transport_dump_vpd_proto_id(vpd, NULL, 0);
950 }
951}
952EXPORT_SYMBOL(transport_set_vpd_proto_id);
953
954int transport_dump_vpd_assoc(
955 struct t10_vpd *vpd,
956 unsigned char *p_buf,
957 int p_buf_len)
958{
959 unsigned char buf[VPD_TMP_BUF_SIZE];
e3d6f909
AG		 960 int ret = 0;
961 int len;
c66ac9db
NB		 962
963 memset(buf, 0, VPD_TMP_BUF_SIZE);
964 len = sprintf(buf, "T10 VPD Identifier Association: ");
965
966 switch (vpd->association) {
967 case 0x00:
968 sprintf(buf+len, "addressed logical unit\n");
969 break;
970 case 0x10:
971 sprintf(buf+len, "target port\n");
972 break;
973 case 0x20:
974 sprintf(buf+len, "SCSI target device\n");
975 break;
976 default:
977 sprintf(buf+len, "Unknown 0x%02x\n", vpd->association);
e3d6f909 978 ret = -EINVAL;
c66ac9db
NB		 979 break;
980 }
981
982 if (p_buf)
983 strncpy(p_buf, buf, p_buf_len);
984 else
6708bb27 985 pr_debug("%s", buf);
c66ac9db
NB		 986
987 return ret;
988}
989
990int transport_set_vpd_assoc(struct t10_vpd *vpd, unsigned char *page_83)
991{
992 /*
993 * The VPD identification association..
994 *
995 * from spc3r23.pdf Section 7.6.3.1 Table 297
996 */
997 vpd->association = (page_83[1] & 0x30);
998 return transport_dump_vpd_assoc(vpd, NULL, 0);
999}
1000EXPORT_SYMBOL(transport_set_vpd_assoc);
1001
1002int transport_dump_vpd_ident_type(
1003 struct t10_vpd *vpd,
1004 unsigned char *p_buf,
1005 int p_buf_len)
1006{
1007 unsigned char buf[VPD_TMP_BUF_SIZE];
e3d6f909
AG		 1008 int ret = 0;
1009 int len;
c66ac9db
NB		 1010
1011 memset(buf, 0, VPD_TMP_BUF_SIZE);
1012 len = sprintf(buf, "T10 VPD Identifier Type: ");
1013
1014 switch (vpd->device_identifier_type) {
1015 case 0x00:
1016 sprintf(buf+len, "Vendor specific\n");
1017 break;
1018 case 0x01:
1019 sprintf(buf+len, "T10 Vendor ID based\n");
1020 break;
1021 case 0x02:
1022 sprintf(buf+len, "EUI-64 based\n");
1023 break;
1024 case 0x03:
1025 sprintf(buf+len, "NAA\n");
1026 break;
1027 case 0x04:
1028 sprintf(buf+len, "Relative target port identifier\n");
1029 break;
1030 case 0x08:
1031 sprintf(buf+len, "SCSI name string\n");
1032 break;
1033 default:
1034 sprintf(buf+len, "Unsupported: 0x%02x\n",
1035 vpd->device_identifier_type);
e3d6f909 1036 ret = -EINVAL;
c66ac9db
NB		 1037 break;
1038 }
1039
e3d6f909
AG		 1040 if (p_buf) {
1041 if (p_buf_len < strlen(buf)+1)
1042 return -EINVAL;
c66ac9db 1043 strncpy(p_buf, buf, p_buf_len);
e3d6f909 1044 } else {
6708bb27 1045 pr_debug("%s", buf);
e3d6f909 1046 }
c66ac9db
NB		 1047
1048 return ret;
1049}
1050
1051int transport_set_vpd_ident_type(struct t10_vpd *vpd, unsigned char *page_83)
1052{
1053 /*
1054 * The VPD identifier type..
1055 *
1056 * from spc3r23.pdf Section 7.6.3.1 Table 298
1057 */
1058 vpd->device_identifier_type = (page_83[1] & 0x0f);
1059 return transport_dump_vpd_ident_type(vpd, NULL, 0);
1060}
1061EXPORT_SYMBOL(transport_set_vpd_ident_type);
1062
1063int transport_dump_vpd_ident(
1064 struct t10_vpd *vpd,
1065 unsigned char *p_buf,
1066 int p_buf_len)
1067{
1068 unsigned char buf[VPD_TMP_BUF_SIZE];
1069 int ret = 0;
1070
1071 memset(buf, 0, VPD_TMP_BUF_SIZE);
1072
1073 switch (vpd->device_identifier_code_set) {
1074 case 0x01: /* Binary */
1075 sprintf(buf, "T10 VPD Binary Device Identifier: %s\n",
1076 &vpd->device_identifier[0]);
1077 break;
1078 case 0x02: /* ASCII */
1079 sprintf(buf, "T10 VPD ASCII Device Identifier: %s\n",
1080 &vpd->device_identifier[0]);
1081 break;
1082 case 0x03: /* UTF-8 */
1083 sprintf(buf, "T10 VPD UTF-8 Device Identifier: %s\n",
1084 &vpd->device_identifier[0]);
1085 break;
1086 default:
1087 sprintf(buf, "T10 VPD Device Identifier encoding unsupported:"
1088 " 0x%02x", vpd->device_identifier_code_set);
e3d6f909 1089 ret = -EINVAL;
c66ac9db
NB		 1090 break;
1091 }
1092
1093 if (p_buf)
1094 strncpy(p_buf, buf, p_buf_len);
1095 else
6708bb27 1096 pr_debug("%s", buf);
c66ac9db
NB		 1097
1098 return ret;
1099}
1100
1101int
1102transport_set_vpd_ident(struct t10_vpd *vpd, unsigned char *page_83)
1103{
1104 static const char hex_str[] = "0123456789abcdef";
1105 int j = 0, i = 4; /* offset to start of the identifer */
1106
1107 /*
1108 * The VPD Code Set (encoding)
1109 *
1110 * from spc3r23.pdf Section 7.6.3.1 Table 296
1111 */
1112 vpd->device_identifier_code_set = (page_83[0] & 0x0f);
1113 switch (vpd->device_identifier_code_set) {
1114 case 0x01: /* Binary */
1115 vpd->device_identifier[j++] =
1116 hex_str[vpd->device_identifier_type];
1117 while (i < (4 + page_83[3])) {
1118 vpd->device_identifier[j++] =
1119 hex_str[(page_83[i] & 0xf0) >> 4];
1120 vpd->device_identifier[j++] =
1121 hex_str[page_83[i] & 0x0f];
1122 i++;
1123 }
1124 break;
1125 case 0x02: /* ASCII */
1126 case 0x03: /* UTF-8 */
1127 while (i < (4 + page_83[3]))
1128 vpd->device_identifier[j++] = page_83[i++];
1129 break;
1130 default:
1131 break;
1132 }
1133
1134 return transport_dump_vpd_ident(vpd, NULL, 0);
1135}
1136EXPORT_SYMBOL(transport_set_vpd_ident);
1137
1138static void core_setup_task_attr_emulation(struct se_device *dev)
1139{
1140 /*
1141 * If this device is from Target_Core_Mod/pSCSI, disable the
1142 * SAM Task Attribute emulation.
1143 *
1144 * This is currently not available in upsream Linux/SCSI Target
1145 * mode code, and is assumed to be disabled while using TCM/pSCSI.
1146 */
e3d6f909 1147 if (dev->transport->transport_type == TRANSPORT_PLUGIN_PHBA_PDEV) {
c66ac9db
NB		 1148 dev->dev_task_attr_type = SAM_TASK_ATTR_PASSTHROUGH;
1149 return;
1150 }
1151
1152 dev->dev_task_attr_type = SAM_TASK_ATTR_EMULATED;
6708bb27 1153 pr_debug("%s: Using SAM_TASK_ATTR_EMULATED for SPC: 0x%02x"
e3d6f909
AG		 1154 " device\n", dev->transport->name,
1155 dev->transport->get_device_rev(dev));
c66ac9db
NB		 1156}
1157
1158static void scsi_dump_inquiry(struct se_device *dev)
1159{
e3d6f909 1160 struct t10_wwn *wwn = &dev->se_sub_dev->t10_wwn;
e59a41b6 1161 char buf[17];
c66ac9db
NB		 1162 int i, device_type;
1163 /*
1164 * Print Linux/SCSI style INQUIRY formatting to the kernel ring buffer
1165 */
c66ac9db
NB		 1166 for (i = 0; i < 8; i++)
1167 if (wwn->vendor[i] >= 0x20)
e59a41b6 1168 buf[i] = wwn->vendor[i];
c66ac9db 1169 else
e59a41b6
SAS		 1170 buf[i] = ' ';
1171 buf[i] = '\0';
1172 pr_debug(" Vendor: %s\n", buf);
c66ac9db 1173
c66ac9db
NB		 1174 for (i = 0; i < 16; i++)
1175 if (wwn->model[i] >= 0x20)
e59a41b6 1176 buf[i] = wwn->model[i];
c66ac9db 1177 else
e59a41b6
SAS		 1178 buf[i] = ' ';
1179 buf[i] = '\0';
1180 pr_debug(" Model: %s\n", buf);
c66ac9db 1181
c66ac9db
NB		 1182 for (i = 0; i < 4; i++)
1183 if (wwn->revision[i] >= 0x20)
e59a41b6 1184 buf[i] = wwn->revision[i];
c66ac9db 1185 else
e59a41b6
SAS		 1186 buf[i] = ' ';
1187 buf[i] = '\0';
1188 pr_debug(" Revision: %s\n", buf);
c66ac9db 1189
e3d6f909 1190 device_type = dev->transport->get_device_type(dev);
6708bb27
AG		 1191 pr_debug(" Type: %s ", scsi_device_type(device_type));
1192 pr_debug(" ANSI SCSI revision: %02x\n",
e3d6f909 1193 dev->transport->get_device_rev(dev));
c66ac9db
NB		 1194}
1195
1196struct se_device *transport_add_device_to_core_hba(
1197 struct se_hba *hba,
1198 struct se_subsystem_api *transport,
1199 struct se_subsystem_dev *se_dev,
1200 u32 device_flags,
1201 void *transport_dev,
1202 struct se_dev_limits *dev_limits,
1203 const char *inquiry_prod,
1204 const char *inquiry_rev)
1205{
12a18bdc 1206 int force_pt;
c66ac9db
NB		 1207 struct se_device *dev;
1208
1209 dev = kzalloc(sizeof(struct se_device), GFP_KERNEL);
6708bb27
AG		 1210 if (!dev) {
1211 pr_err("Unable to allocate memory for se_dev_t\n");
c66ac9db
NB		 1212 return NULL;
1213 }
c66ac9db 1214
e3d6f909 1215 transport_init_queue_obj(&dev->dev_queue_obj);
c66ac9db
NB		 1216 dev->dev_flags = device_flags;
1217 dev->dev_status |= TRANSPORT_DEVICE_DEACTIVATED;
5951146d 1218 dev->dev_ptr = transport_dev;
c66ac9db
NB		 1219 dev->se_hba = hba;
1220 dev->se_sub_dev = se_dev;
1221 dev->transport = transport;
c66ac9db
NB		 1222 INIT_LIST_HEAD(&dev->dev_list);
1223 INIT_LIST_HEAD(&dev->dev_sep_list);
1224 INIT_LIST_HEAD(&dev->dev_tmr_list);
cf572a96 1225 INIT_LIST_HEAD(&dev->execute_list);
c66ac9db 1226 INIT_LIST_HEAD(&dev->delayed_cmd_list);
cf572a96 1227 INIT_LIST_HEAD(&dev->state_list);
07bde79a 1228 INIT_LIST_HEAD(&dev->qf_cmd_list);
c66ac9db
NB		 1229 spin_lock_init(&dev->execute_task_lock);
1230 spin_lock_init(&dev->delayed_cmd_lock);
c66ac9db
NB		 1231 spin_lock_init(&dev->dev_reservation_lock);
1232 spin_lock_init(&dev->dev_status_lock);
c66ac9db
NB		 1233 spin_lock_init(&dev->se_port_lock);
1234 spin_lock_init(&dev->se_tmr_lock);
07bde79a 1235 spin_lock_init(&dev->qf_cmd_lock);
c66ac9db
NB		 1236 atomic_set(&dev->dev_ordered_id, 0);
1237
1238 se_dev_set_default_attribs(dev, dev_limits);
1239
1240 dev->dev_index = scsi_get_new_index(SCSI_DEVICE_INDEX);
1241 dev->creation_time = get_jiffies_64();
1242 spin_lock_init(&dev->stats_lock);
1243
1244 spin_lock(&hba->device_lock);
1245 list_add_tail(&dev->dev_list, &hba->hba_dev_list);
1246 hba->dev_count++;
1247 spin_unlock(&hba->device_lock);
1248 /*
1249 * Setup the SAM Task Attribute emulation for struct se_device
1250 */
1251 core_setup_task_attr_emulation(dev);
1252 /*
1253 * Force PR and ALUA passthrough emulation with internal object use.
1254 */
1255 force_pt = (hba->hba_flags & HBA_FLAGS_INTERNAL_USE);
1256 /*
1257 * Setup the Reservations infrastructure for struct se_device
1258 */
1259 core_setup_reservations(dev, force_pt);
1260 /*
1261 * Setup the Asymmetric Logical Unit Assignment for struct se_device
1262 */
1263 if (core_setup_alua(dev, force_pt) < 0)
1264 goto out;
1265
1266 /*
1267 * Startup the struct se_device processing thread
1268 */
1269 dev->process_thread = kthread_run(transport_processing_thread, dev,
e3d6f909 1270 "LIO_%s", dev->transport->name);
c66ac9db 1271 if (IS_ERR(dev->process_thread)) {
6708bb27 1272 pr_err("Unable to create kthread: LIO_%s\n",
e3d6f909 1273 dev->transport->name);
c66ac9db
NB		 1274 goto out;
1275 }
07bde79a
NB		 1276 /*
1277 * Setup work_queue for QUEUE_FULL
1278 */
1279 INIT_WORK(&dev->qf_work_queue, target_qf_do_work);
c66ac9db
NB		 1280 /*
1281 * Preload the initial INQUIRY const values if we are doing
1282 * anything virtual (IBLOCK, FILEIO, RAMDISK), but not for TCM/pSCSI
1283 * passthrough because this is being provided by the backend LLD.
1284 * This is required so that transport_get_inquiry() copies these
1285 * originals once back into DEV_T10_WWN(dev) for the virtual device
1286 * setup.
1287 */
e3d6f909 1288 if (dev->transport->transport_type != TRANSPORT_PLUGIN_PHBA_PDEV) {
f22c1196 1289 if (!inquiry_prod || !inquiry_rev) {
6708bb27 1290 pr_err("All non TCM/pSCSI plugins require"
c66ac9db
NB		 1291 " INQUIRY consts\n");
1292 goto out;
1293 }
1294
e3d6f909
AG		 1295 strncpy(&dev->se_sub_dev->t10_wwn.vendor[0], "LIO-ORG", 8);
1296 strncpy(&dev->se_sub_dev->t10_wwn.model[0], inquiry_prod, 16);
1297 strncpy(&dev->se_sub_dev->t10_wwn.revision[0], inquiry_rev, 4);
c66ac9db
NB		 1298 }
1299 scsi_dump_inquiry(dev);
1300
12a18bdc 1301 return dev;
c66ac9db 1302out:
c66ac9db
NB		 1303 kthread_stop(dev->process_thread);
1304
1305 spin_lock(&hba->device_lock);
1306 list_del(&dev->dev_list);
1307 hba->dev_count--;
1308 spin_unlock(&hba->device_lock);
1309
1310 se_release_vpd_for_dev(dev);
1311
c66ac9db
NB		 1312 kfree(dev);
1313
1314 return NULL;
1315}
1316EXPORT_SYMBOL(transport_add_device_to_core_hba);
1317
1318/* transport_generic_prepare_cdb():
1319 *
1320 * Since the Initiator sees iSCSI devices as LUNs, the SCSI CDB will
1321 * contain the iSCSI LUN in bits 7-5 of byte 1 as per SAM-2.
1322 * The point of this is since we are mapping iSCSI LUNs to
1323 * SCSI Target IDs having a non-zero LUN in the CDB will throw the
1324 * devices and HBAs for a loop.
1325 */
1326static inline void transport_generic_prepare_cdb(
1327 unsigned char *cdb)
1328{
1329 switch (cdb[0]) {
1330 case READ_10: /* SBC - RDProtect */
1331 case READ_12: /* SBC - RDProtect */
1332 case READ_16: /* SBC - RDProtect */
1333 case SEND_DIAGNOSTIC: /* SPC - SELF-TEST Code */
1334 case VERIFY: /* SBC - VRProtect */
1335 case VERIFY_16: /* SBC - VRProtect */
1336 case WRITE_VERIFY: /* SBC - VRProtect */
1337 case WRITE_VERIFY_12: /* SBC - VRProtect */
ba539743 1338 case MAINTENANCE_IN: /* SPC - Parameter Data Format for SA RTPG */
c66ac9db
NB		 1339 break;
1340 default:
1341 cdb[1] &= 0x1f; /* clear logical unit number */
1342 break;
1343 }
1344}
1345
c66ac9db
NB		 1346static int transport_generic_cmd_sequencer(struct se_cmd *, unsigned char *);
1347
c66ac9db
NB		 1348/*
1349 * Used by fabric modules containing a local struct se_cmd within their
1350 * fabric dependent per I/O descriptor.
1351 */
1352void transport_init_se_cmd(
1353 struct se_cmd *cmd,
1354 struct target_core_fabric_ops *tfo,
1355 struct se_session *se_sess,
1356 u32 data_length,
1357 int data_direction,
1358 int task_attr,
1359 unsigned char *sense_buffer)
1360{
5951146d
AG		 1361 INIT_LIST_HEAD(&cmd->se_lun_node);
1362 INIT_LIST_HEAD(&cmd->se_delayed_node);
07bde79a 1363 INIT_LIST_HEAD(&cmd->se_qf_node);
79a7fef2 1364 INIT_LIST_HEAD(&cmd->se_queue_node);
a17f091d 1365 INIT_LIST_HEAD(&cmd->se_cmd_list);
cf572a96
CH		 1366 INIT_LIST_HEAD(&cmd->execute_list);
1367 INIT_LIST_HEAD(&cmd->state_list);
a1d8b49a
AG		 1368 init_completion(&cmd->transport_lun_fe_stop_comp);
1369 init_completion(&cmd->transport_lun_stop_comp);
1370 init_completion(&cmd->t_transport_stop_comp);
a17f091d 1371 init_completion(&cmd->cmd_wait_comp);
cf572a96 1372 init_completion(&cmd->task_stop_comp);
a1d8b49a 1373 spin_lock_init(&cmd->t_state_lock);
7d680f3b 1374 cmd->transport_state = CMD_T_DEV_ACTIVE;
c66ac9db
NB		 1375
1376 cmd->se_tfo = tfo;
1377 cmd->se_sess = se_sess;
1378 cmd->data_length = data_length;
1379 cmd->data_direction = data_direction;
1380 cmd->sam_task_attr = task_attr;
1381 cmd->sense_buffer = sense_buffer;
cf572a96
CH		 1382
1383 cmd->state_active = false;
c66ac9db
NB		 1384}
1385EXPORT_SYMBOL(transport_init_se_cmd);
1386
1387static int transport_check_alloc_task_attr(struct se_cmd *cmd)
1388{
1389 /*
1390 * Check if SAM Task Attribute emulation is enabled for this
1391 * struct se_device storage object
1392 */
5951146d 1393 if (cmd->se_dev->dev_task_attr_type != SAM_TASK_ATTR_EMULATED)
c66ac9db
NB		 1394 return 0;
1395
e66ecd50 1396 if (cmd->sam_task_attr == MSG_ACA_TAG) {
6708bb27 1397 pr_debug("SAM Task Attribute ACA"
c66ac9db 1398 " emulation is not supported\n");
e3d6f909 1399 return -EINVAL;
c66ac9db
NB		 1400 }
1401 /*
1402 * Used to determine when ORDERED commands should go from
1403 * Dormant to Active status.
1404 */
5951146d 1405 cmd->se_ordered_id = atomic_inc_return(&cmd->se_dev->dev_ordered_id);
c66ac9db 1406 smp_mb__after_atomic_inc();
6708bb27 1407 pr_debug("Allocated se_ordered_id: %u for Task Attr: 0x%02x on %s\n",
c66ac9db 1408 cmd->se_ordered_id, cmd->sam_task_attr,
6708bb27 1409 cmd->se_dev->transport->name);
c66ac9db
NB		 1410 return 0;
1411}
1412
a12f41f8 1413/* target_setup_cmd_from_cdb():
c66ac9db
NB		 1414 *
1415 * Called from fabric RX Thread.
1416 */
a12f41f8 1417int target_setup_cmd_from_cdb(
c66ac9db
NB		 1418 struct se_cmd *cmd,
1419 unsigned char *cdb)
1420{
cb4f4d3c
CH		 1421 struct se_subsystem_dev *su_dev = cmd->se_dev->se_sub_dev;
1422 u32 pr_reg_type = 0;
1423 u8 alua_ascq = 0;
1424 unsigned long flags;
c66ac9db
NB		 1425 int ret;
1426
1427 transport_generic_prepare_cdb(cdb);
c66ac9db
NB		 1428 /*
1429 * Ensure that the received CDB is less than the max (252 + 8) bytes
1430 * for VARIABLE_LENGTH_CMD
1431 */
1432 if (scsi_command_size(cdb) > SCSI_MAX_VARLEN_CDB_SIZE) {
6708bb27 1433 pr_err("Received SCSI CDB with command_size: %d that"
c66ac9db
NB		 1434 " exceeds SCSI_MAX_VARLEN_CDB_SIZE: %d\n",
1435 scsi_command_size(cdb), SCSI_MAX_VARLEN_CDB_SIZE);
03e98c9e
NB		 1436 cmd->se_cmd_flags |= SCF_SCSI_CDB_EXCEPTION;
1437 cmd->scsi_sense_reason = TCM_INVALID_CDB_FIELD;
e3d6f909 1438 return -EINVAL;
c66ac9db
NB		 1439 }
1440 /*
1441 * If the received CDB is larger than TCM_MAX_COMMAND_SIZE,
1442 * allocate the additional extended CDB buffer now.. Otherwise
1443 * setup the pointer from __t_task_cdb to t_task_cdb.
1444 */
a1d8b49a
AG		 1445 if (scsi_command_size(cdb) > sizeof(cmd->__t_task_cdb)) {
1446 cmd->t_task_cdb = kzalloc(scsi_command_size(cdb),
c66ac9db 1447 GFP_KERNEL);
6708bb27
AG		 1448 if (!cmd->t_task_cdb) {
1449 pr_err("Unable to allocate cmd->t_task_cdb"
a1d8b49a 1450 " %u > sizeof(cmd->__t_task_cdb): %lu ops\n",
c66ac9db 1451 scsi_command_size(cdb),
a1d8b49a 1452 (unsigned long)sizeof(cmd->__t_task_cdb));
03e98c9e
NB		 1453 cmd->se_cmd_flags |= SCF_SCSI_CDB_EXCEPTION;
1454 cmd->scsi_sense_reason =
1455 TCM_LOGICAL_UNIT_COMMUNICATION_FAILURE;
e3d6f909 1456 return -ENOMEM;
c66ac9db
NB		 1457 }
1458 } else
a1d8b49a 1459 cmd->t_task_cdb = &cmd->__t_task_cdb[0];
c66ac9db 1460 /*
a1d8b49a 1461 * Copy the original CDB into cmd->
c66ac9db 1462 */
a1d8b49a 1463 memcpy(cmd->t_task_cdb, cdb, scsi_command_size(cdb));
cb4f4d3c
CH		 1464
1465 /*
1466 * Check for an existing UNIT ATTENTION condition
1467 */
1468 if (core_scsi3_ua_check(cmd, cdb) < 0) {
1469 cmd->se_cmd_flags |= SCF_SCSI_CDB_EXCEPTION;
1470 cmd->scsi_sense_reason = TCM_CHECK_CONDITION_UNIT_ATTENTION;
1471 return -EINVAL;
1472 }
1473
1474 ret = su_dev->t10_alua.alua_state_check(cmd, cdb, &alua_ascq);
1475 if (ret != 0) {
1476 /*
1477 * Set SCSI additional sense code (ASC) to 'LUN Not Accessible';
1478 * The ALUA additional sense code qualifier (ASCQ) is determined
1479 * by the ALUA primary or secondary access state..
1480 */
1481 if (ret > 0) {
1482 pr_debug("[%s]: ALUA TG Port not available, "
1483 "SenseKey: NOT_READY, ASC/ASCQ: "
1484 "0x04/0x%02x\n",
1485 cmd->se_tfo->get_fabric_name(), alua_ascq);
1486
1487 transport_set_sense_codes(cmd, 0x04, alua_ascq);
1488 cmd->se_cmd_flags |= SCF_SCSI_CDB_EXCEPTION;
1489 cmd->scsi_sense_reason = TCM_CHECK_CONDITION_NOT_READY;
1490 return -EINVAL;
1491 }
1492 cmd->se_cmd_flags |= SCF_SCSI_CDB_EXCEPTION;
1493 cmd->scsi_sense_reason = TCM_INVALID_CDB_FIELD;
1494 return -EINVAL;
1495 }
1496
1497 /*
1498 * Check status for SPC-3 Persistent Reservations
1499 */
1500 if (su_dev->t10_pr.pr_ops.t10_reservation_check(cmd, &pr_reg_type)) {
1501 if (su_dev->t10_pr.pr_ops.t10_seq_non_holder(
1502 cmd, cdb, pr_reg_type) != 0) {
1503 cmd->se_cmd_flags |= SCF_SCSI_CDB_EXCEPTION;
1504 cmd->se_cmd_flags |= SCF_SCSI_RESERVATION_CONFLICT;
1505 cmd->scsi_status = SAM_STAT_RESERVATION_CONFLICT;
1506 cmd->scsi_sense_reason = TCM_RESERVATION_CONFLICT;
1507 return -EBUSY;
1508 }
1509 /*
1510 * This means the CDB is allowed for the SCSI Initiator port
1511 * when said port is *NOT* holding the legacy SPC-2 or
1512 * SPC-3 Persistent Reservation.
1513 */
1514 }
1515
c66ac9db
NB		 1516 /*
1517 * Setup the received CDB based on SCSI defined opcodes and
1518 * perform unit attention, persistent reservations and ALUA
a1d8b49a 1519 * checks for virtual device backends. The cmd->t_task_cdb
c66ac9db
NB		 1520 * pointer is expected to be setup before we reach this point.
1521 */
1522 ret = transport_generic_cmd_sequencer(cmd, cdb);
1523 if (ret < 0)
1524 return ret;
cb4f4d3c
CH		 1525
1526 spin_lock_irqsave(&cmd->t_state_lock, flags);
1527 cmd->se_cmd_flags |= SCF_SUPPORTED_SAM_OPCODE;
1528 spin_unlock_irqrestore(&cmd->t_state_lock, flags);
1529
c66ac9db
NB		 1530 /*
1531 * Check for SAM Task Attribute Emulation
1532 */
1533 if (transport_check_alloc_task_attr(cmd) < 0) {
1534 cmd->se_cmd_flags |= SCF_SCSI_CDB_EXCEPTION;
1535 cmd->scsi_sense_reason = TCM_INVALID_CDB_FIELD;
5951146d 1536 return -EINVAL;
c66ac9db
NB		 1537 }
1538 spin_lock(&cmd->se_lun->lun_sep_lock);
1539 if (cmd->se_lun->lun_sep)
1540 cmd->se_lun->lun_sep->sep_stats.cmd_pdus++;
1541 spin_unlock(&cmd->se_lun->lun_sep_lock);
1542 return 0;
1543}
a12f41f8 1544EXPORT_SYMBOL(target_setup_cmd_from_cdb);
c66ac9db 1545
695434e1
NB		 1546/*
1547 * Used by fabric module frontends to queue tasks directly.
1548 * Many only be used from process context only
1549 */
1550int transport_handle_cdb_direct(
1551 struct se_cmd *cmd)
1552{
dd8ae59d
NB		 1553 int ret;
1554
695434e1
NB		 1555 if (!cmd->se_lun) {
1556 dump_stack();
6708bb27 1557 pr_err("cmd->se_lun is NULL\n");
695434e1
NB		 1558 return -EINVAL;
1559 }
1560 if (in_interrupt()) {
1561 dump_stack();
6708bb27 1562 pr_err("transport_generic_handle_cdb cannot be called"
695434e1
NB		 1563 " from interrupt context\n");
1564 return -EINVAL;
1565 }
dd8ae59d 1566 /*
7d680f3b 1567 * Set TRANSPORT_NEW_CMD state and CMD_T_ACTIVE following
dd8ae59d
NB		 1568 * transport_generic_handle_cdb*() -> transport_add_cmd_to_queue()
1569 * in existing usage to ensure that outstanding descriptors are handled
d14921d6 1570 * correctly during shutdown via transport_wait_for_tasks()
dd8ae59d
NB		 1571 *
1572 * Also, we don't take cmd->t_state_lock here as we only expect
1573 * this to be called for initial descriptor submission.
1574 */
1575 cmd->t_state = TRANSPORT_NEW_CMD;
7d680f3b
CH		 1576 cmd->transport_state |= CMD_T_ACTIVE;
1577
dd8ae59d
NB		 1578 /*
1579 * transport_generic_new_cmd() is already handling QUEUE_FULL,
1580 * so follow TRANSPORT_NEW_CMD processing thread context usage
1581 * and call transport_generic_request_failure() if necessary..
1582 */
1583 ret = transport_generic_new_cmd(cmd);
03e98c9e
NB		 1584 if (ret < 0)
1585 transport_generic_request_failure(cmd);
1586
dd8ae59d 1587 return 0;
695434e1
NB		 1588}
1589EXPORT_SYMBOL(transport_handle_cdb_direct);
1590
a6360785
NB		 1591/**
1592 * target_submit_cmd - lookup unpacked lun and submit uninitialized se_cmd
1593 *
1594 * @se_cmd: command descriptor to submit
1595 * @se_sess: associated se_sess for endpoint
1596 * @cdb: pointer to SCSI CDB
1597 * @sense: pointer to SCSI sense buffer
1598 * @unpacked_lun: unpacked LUN to reference for struct se_lun
1599 * @data_length: fabric expected data transfer length
1600 * @task_addr: SAM task attribute
1601 * @data_dir: DMA data direction
1602 * @flags: flags for command submission from target_sc_flags_tables
1603 *
1604 * This may only be called from process context, and also currently
1605 * assumes internal allocation of fabric payload buffer by target-core.
1606 **/
1edcdb49 1607void target_submit_cmd(struct se_cmd *se_cmd, struct se_session *se_sess,
a6360785
NB		 1608 unsigned char *cdb, unsigned char *sense, u32 unpacked_lun,
1609 u32 data_length, int task_attr, int data_dir, int flags)
1610{
1611 struct se_portal_group *se_tpg;
1612 int rc;
1613
1614 se_tpg = se_sess->se_tpg;
1615 BUG_ON(!se_tpg);
1616 BUG_ON(se_cmd->se_tfo || se_cmd->se_sess);
1617 BUG_ON(in_interrupt());
1618 /*
1619 * Initialize se_cmd for target operation. From this point
1620 * exceptions are handled by sending exception status via
1621 * target_core_fabric_ops->queue_status() callback
1622 */
1623 transport_init_se_cmd(se_cmd, se_tpg->se_tpg_tfo, se_sess,
1624 data_length, data_dir, task_attr, sense);
b0d79946
SAS		 1625 if (flags & TARGET_SCF_UNKNOWN_SIZE)
1626 se_cmd->unknown_data_length = 1;
a6360785
NB		 1627 /*
1628 * Obtain struct se_cmd->cmd_kref reference and add new cmd to
1629 * se_sess->sess_cmd_list. A second kref_get here is necessary
1630 * for fabrics using TARGET_SCF_ACK_KREF that expect a second
1631 * kref_put() to happen during fabric packet acknowledgement.
1632 */
1633 target_get_sess_cmd(se_sess, se_cmd, (flags & TARGET_SCF_ACK_KREF));
1634 /*
1635 * Signal bidirectional data payloads to target-core
1636 */
1637 if (flags & TARGET_SCF_BIDI_OP)
1638 se_cmd->se_cmd_flags |= SCF_BIDI;
1639 /*
1640 * Locate se_lun pointer and attach it to struct se_cmd
1641 */
735703ca
NB		 1642 if (transport_lookup_cmd_lun(se_cmd, unpacked_lun) < 0) {
1643 transport_send_check_condition_and_sense(se_cmd,
1644 se_cmd->scsi_sense_reason, 0);
1645 target_put_sess_cmd(se_sess, se_cmd);
1646 return;
1647 }
a6360785
NB		 1648 /*
1649 * Sanitize CDBs via transport_generic_cmd_sequencer() and
1650 * allocate the necessary tasks to complete the received CDB+data
1651 */
a12f41f8 1652 rc = target_setup_cmd_from_cdb(se_cmd, cdb);
735703ca
NB		 1653 if (rc != 0) {
1654 transport_generic_request_failure(se_cmd);
1655 return;
1656 }
11e319ed
AG		 1657
1658 /*
1659 * Check if we need to delay processing because of ALUA
1660 * Active/NonOptimized primary access state..
1661 */
1662 core_alua_check_nonop_delay(se_cmd);
1663
a6360785
NB		 1664 /*
1665 * Dispatch se_cmd descriptor to se_lun->lun_se_dev backend
1666 * for immediate execution of READs, otherwise wait for
1667 * transport_generic_handle_data() to be called for WRITEs
1668 * when fabric has filled the incoming buffer.
1669 */
1670 transport_handle_cdb_direct(se_cmd);
1edcdb49 1671 return;
a6360785
NB		 1672}
1673EXPORT_SYMBOL(target_submit_cmd);
1674
9f0d05c2
NB		 1675static void target_complete_tmr_failure(struct work_struct *work)
1676{
1677 struct se_cmd *se_cmd = container_of(work, struct se_cmd, work);
1678
1679 se_cmd->se_tmr_req->response = TMR_LUN_DOES_NOT_EXIST;
1680 se_cmd->se_tfo->queue_tm_rsp(se_cmd);
1681 transport_generic_free_cmd(se_cmd, 0);
1682}
1683
ea98d7f9
AG		 1684/**
1685 * target_submit_tmr - lookup unpacked lun and submit uninitialized se_cmd
1686 * for TMR CDBs
1687 *
1688 * @se_cmd: command descriptor to submit
1689 * @se_sess: associated se_sess for endpoint
1690 * @sense: pointer to SCSI sense buffer
1691 * @unpacked_lun: unpacked LUN to reference for struct se_lun
1692 * @fabric_context: fabric context for TMR req
1693 * @tm_type: Type of TM request
c0974f89
NB		 1694 * @gfp: gfp type for caller
1695 * @tag: referenced task tag for TMR_ABORT_TASK
c7042cae 1696 * @flags: submit cmd flags
ea98d7f9
AG		 1697 *
1698 * Callable from all contexts.
1699 **/
1700
c7042cae 1701int target_submit_tmr(struct se_cmd *se_cmd, struct se_session *se_sess,
ea98d7f9 1702 unsigned char *sense, u32 unpacked_lun,
c0974f89
NB		 1703 void *fabric_tmr_ptr, unsigned char tm_type,
1704 gfp_t gfp, unsigned int tag, int flags)
ea98d7f9
AG		 1705{
1706 struct se_portal_group *se_tpg;
1707 int ret;
1708
1709 se_tpg = se_sess->se_tpg;
1710 BUG_ON(!se_tpg);
1711
1712 transport_init_se_cmd(se_cmd, se_tpg->se_tpg_tfo, se_sess,
1713 0, DMA_NONE, MSG_SIMPLE_TAG, sense);
c7042cae
NB		 1714 /*
1715 * FIXME: Currently expect caller to handle se_cmd->se_tmr_req
1716 * allocation failure.
1717 */
c0974f89 1718 ret = core_tmr_alloc_req(se_cmd, fabric_tmr_ptr, tm_type, gfp);
c7042cae
NB		 1719 if (ret < 0)
1720 return -ENOMEM;
ea98d7f9 1721
c0974f89
NB		 1722 if (tm_type == TMR_ABORT_TASK)
1723 se_cmd->se_tmr_req->ref_task_tag = tag;
1724
ea98d7f9
AG		 1725 /* See target_submit_cmd for commentary */
1726 target_get_sess_cmd(se_sess, se_cmd, (flags & TARGET_SCF_ACK_KREF));
1727
ea98d7f9
AG		 1728 ret = transport_lookup_tmr_lun(se_cmd, unpacked_lun);
1729 if (ret) {
9f0d05c2
NB		 1730 /*
1731 * For callback during failure handling, push this work off
1732 * to process context with TMR_LUN_DOES_NOT_EXIST status.
1733 */
1734 INIT_WORK(&se_cmd->work, target_complete_tmr_failure);
1735 schedule_work(&se_cmd->work);
c7042cae 1736 return 0;
ea98d7f9
AG		 1737 }
1738 transport_generic_handle_tmr(se_cmd);
c7042cae 1739 return 0;
ea98d7f9
AG		 1740}
1741EXPORT_SYMBOL(target_submit_tmr);
1742
c66ac9db
NB		 1743/*
1744 * Used by fabric module frontends defining a TFO->new_cmd_map() caller
1745 * to queue up a newly setup se_cmd w/ TRANSPORT_NEW_CMD_MAP in order to
1746 * complete setup in TCM process context w/ TFO->new_cmd_map().
1747 */
1748int transport_generic_handle_cdb_map(
1749 struct se_cmd *cmd)
1750{
e3d6f909 1751 if (!cmd->se_lun) {
c66ac9db 1752 dump_stack();
6708bb27 1753 pr_err("cmd->se_lun is NULL\n");
e3d6f909 1754 return -EINVAL;
c66ac9db
NB		 1755 }
1756
f7a5cc0b 1757 transport_add_cmd_to_queue(cmd, TRANSPORT_NEW_CMD_MAP, false);
c66ac9db
NB		 1758 return 0;
1759}
1760EXPORT_SYMBOL(transport_generic_handle_cdb_map);
1761
1762/* transport_generic_handle_data():
1763 *
1764 *
1765 */
1766int transport_generic_handle_data(
1767 struct se_cmd *cmd)
1768{
1769 /*
1770 * For the software fabric case, then we assume the nexus is being
1771 * failed/shutdown when signals are pending from the kthread context
1772 * caller, so we return a failure. For the HW target mode case running
1773 * in interrupt code, the signal_pending() check is skipped.
1774 */
1775 if (!in_interrupt() && signal_pending(current))
e3d6f909 1776 return -EPERM;
c66ac9db
NB		 1777 /*
1778 * If the received CDB has aleady been ABORTED by the generic
1779 * target engine, we now call transport_check_aborted_status()
1780 * to queue any delated TASK_ABORTED status for the received CDB to the
25985edc 1781 * fabric module as we are expecting no further incoming DATA OUT
c66ac9db
NB		 1782 * sequences at this point.
1783 */
1784 if (transport_check_aborted_status(cmd, 1) != 0)
1785 return 0;
1786
f7a5cc0b 1787 transport_add_cmd_to_queue(cmd, TRANSPORT_PROCESS_WRITE, false);
c66ac9db
NB		 1788 return 0;
1789}
1790EXPORT_SYMBOL(transport_generic_handle_data);
1791
1792/* transport_generic_handle_tmr():
1793 *
1794 *
1795 */
1796int transport_generic_handle_tmr(
1797 struct se_cmd *cmd)
1798{
f7a5cc0b 1799 transport_add_cmd_to_queue(cmd, TRANSPORT_PROCESS_TMR, false);
c66ac9db
NB		 1800 return 0;
1801}
1802EXPORT_SYMBOL(transport_generic_handle_tmr);
1803
cdbb70bb 1804/*
cf572a96 1805 * If the cmd is active, request it to be stopped and sleep until it
cdbb70bb
CH		 1806 * has completed.
1807 */
cf572a96 1808bool target_stop_cmd(struct se_cmd *cmd, unsigned long *flags)
cdbb70bb 1809{
cdbb70bb
CH		 1810 bool was_active = false;
1811
cf572a96
CH		 1812 if (cmd->transport_state & CMD_T_BUSY) {
1813 cmd->transport_state |= CMD_T_REQUEST_STOP;
cdbb70bb
CH		 1814 spin_unlock_irqrestore(&cmd->t_state_lock, *flags);
1815
cf572a96
CH		 1816 pr_debug("cmd %p waiting to complete\n", cmd);
1817 wait_for_completion(&cmd->task_stop_comp);
1818 pr_debug("cmd %p stopped successfully\n", cmd);
cdbb70bb
CH		 1819
1820 spin_lock_irqsave(&cmd->t_state_lock, *flags);
cf572a96
CH		 1821 cmd->transport_state &= ~CMD_T_REQUEST_STOP;
1822 cmd->transport_state &= ~CMD_T_BUSY;
cdbb70bb
CH		 1823 was_active = true;
1824 }
1825
cdbb70bb
CH		 1826 return was_active;
1827}
1828
c66ac9db
NB		 1829/*
1830 * Handle SAM-esque emulation for generic transport request failures.
1831 */
2fbff127 1832void transport_generic_request_failure(struct se_cmd *cmd)
c66ac9db 1833{
07bde79a
NB		 1834 int ret = 0;
1835
6708bb27 1836 pr_debug("-----[ Storage Engine Exception for cmd: %p ITT: 0x%08x"
e3d6f909 1837 " CDB: 0x%02x\n", cmd, cmd->se_tfo->get_task_tag(cmd),
a1d8b49a 1838 cmd->t_task_cdb[0]);
03e98c9e 1839 pr_debug("-----[ i_state: %d t_state: %d scsi_sense_reason: %d\n",
e3d6f909 1840 cmd->se_tfo->get_cmd_state(cmd),
03e98c9e 1841 cmd->t_state, cmd->scsi_sense_reason);
d43d6aea 1842 pr_debug("-----[ CMD_T_ACTIVE: %d CMD_T_STOP: %d CMD_T_SENT: %d\n",
7d680f3b
CH		 1843 (cmd->transport_state & CMD_T_ACTIVE) != 0,
1844 (cmd->transport_state & CMD_T_STOP) != 0,
1845 (cmd->transport_state & CMD_T_SENT) != 0);
c66ac9db 1846
c66ac9db
NB		 1847 /*
1848 * For SAM Task Attribute emulation for failed struct se_cmd
1849 */
1850 if (cmd->se_dev->dev_task_attr_type == SAM_TASK_ATTR_EMULATED)
1851 transport_complete_task_attr(cmd);
1852
03e98c9e
NB		 1853 switch (cmd->scsi_sense_reason) {
1854 case TCM_NON_EXISTENT_LUN:
1855 case TCM_UNSUPPORTED_SCSI_OPCODE:
1856 case TCM_INVALID_CDB_FIELD:
1857 case TCM_INVALID_PARAMETER_LIST:
1858 case TCM_LOGICAL_UNIT_COMMUNICATION_FAILURE:
1859 case TCM_UNKNOWN_MODE_PAGE:
1860 case TCM_WRITE_PROTECTED:
1861 case TCM_CHECK_CONDITION_ABORT_CMD:
1862 case TCM_CHECK_CONDITION_UNIT_ATTENTION:
1863 case TCM_CHECK_CONDITION_NOT_READY:
c66ac9db 1864 break;
03e98c9e 1865 case TCM_RESERVATION_CONFLICT:
c66ac9db
NB		 1866 /*
1867 * No SENSE Data payload for this case, set SCSI Status
1868 * and queue the response to $FABRIC_MOD.
1869 *
1870 * Uses linux/include/scsi/scsi.h SAM status codes defs
1871 */
1872 cmd->scsi_status = SAM_STAT_RESERVATION_CONFLICT;
1873 /*
1874 * For UA Interlock Code 11b, a RESERVATION CONFLICT will
1875 * establish a UNIT ATTENTION with PREVIOUS RESERVATION
1876 * CONFLICT STATUS.
1877 *
1878 * See spc4r17, section 7.4.6 Control Mode Page, Table 349
1879 */
e3d6f909
AG		 1880 if (cmd->se_sess &&
1881 cmd->se_dev->se_sub_dev->se_dev_attrib.emulate_ua_intlck_ctrl == 2)
1882 core_scsi3_ua_allocate(cmd->se_sess->se_node_acl,
c66ac9db
NB		 1883 cmd->orig_fe_lun, 0x2C,
1884 ASCQ_2CH_PREVIOUS_RESERVATION_CONFLICT_STATUS);
1885
07bde79a 1886 ret = cmd->se_tfo->queue_status(cmd);
f147abb4 1887 if (ret == -EAGAIN || ret == -ENOMEM)
07bde79a 1888 goto queue_full;
c66ac9db 1889 goto check_stop;
c66ac9db 1890 default:
6708bb27 1891 pr_err("Unknown transport error for CDB 0x%02x: %d\n",
03e98c9e 1892 cmd->t_task_cdb[0], cmd->scsi_sense_reason);
c66ac9db
NB		 1893 cmd->scsi_sense_reason = TCM_UNSUPPORTED_SCSI_OPCODE;
1894 break;
1895 }
16ab8e60
NB		 1896 /*
1897 * If a fabric does not define a cmd->se_tfo->new_cmd_map caller,
1898 * make the call to transport_send_check_condition_and_sense()
1899 * directly. Otherwise expect the fabric to make the call to
1900 * transport_send_check_condition_and_sense() after handling
1901 * possible unsoliticied write data payloads.
1902 */
03e98c9e
NB		 1903 ret = transport_send_check_condition_and_sense(cmd,
1904 cmd->scsi_sense_reason, 0);
1905 if (ret == -EAGAIN || ret == -ENOMEM)
1906 goto queue_full;
07bde79a 1907
c66ac9db
NB		 1908check_stop:
1909 transport_lun_remove_cmd(cmd);
6708bb27 1910 if (!transport_cmd_check_stop_to_fabric(cmd))
c66ac9db 1911 ;
07bde79a
NB		 1912 return;
1913
1914queue_full:
e057f533
CH		 1915 cmd->t_state = TRANSPORT_COMPLETE_QF_OK;
1916 transport_handle_queue_full(cmd, cmd->se_dev);
c66ac9db 1917}
2fbff127 1918EXPORT_SYMBOL(transport_generic_request_failure);
c66ac9db 1919
c66ac9db
NB		 1920static inline u32 transport_lba_21(unsigned char *cdb)
1921{
1922 return ((cdb[1] & 0x1f) << 16) | (cdb[2] << 8) | cdb[3];
1923}
1924
1925static inline u32 transport_lba_32(unsigned char *cdb)
1926{
1927 return (cdb[2] << 24) | (cdb[3] << 16) | (cdb[4] << 8) | cdb[5];
1928}
1929
1930static inline unsigned long long transport_lba_64(unsigned char *cdb)
1931{
1932 unsigned int __v1, __v2;
1933
1934 __v1 = (cdb[2] << 24) | (cdb[3] << 16) | (cdb[4] << 8) | cdb[5];
1935 __v2 = (cdb[6] << 24) | (cdb[7] << 16) | (cdb[8] << 8) | cdb[9];
1936
1937 return ((unsigned long long)__v2) | (unsigned long long)__v1 << 32;
1938}
1939
1940/*
1941 * For VARIABLE_LENGTH_CDB w/ 32 byte extended CDBs
1942 */
1943static inline unsigned long long transport_lba_64_ext(unsigned char *cdb)
1944{
1945 unsigned int __v1, __v2;
1946
1947 __v1 = (cdb[12] << 24) | (cdb[13] << 16) | (cdb[14] << 8) | cdb[15];
1948 __v2 = (cdb[16] << 24) | (cdb[17] << 16) | (cdb[18] << 8) | cdb[19];
1949
1950 return ((unsigned long long)__v2) | (unsigned long long)__v1 << 32;
1951}
1952
c66ac9db
NB		 1953/*
1954 * Called from Fabric Module context from transport_execute_tasks()
1955 *
1956 * The return of this function determins if the tasks from struct se_cmd
1957 * get added to the execution queue in transport_execute_tasks(),
1958 * or are added to the delayed or ordered lists here.
1959 */
1960static inline int transport_execute_task_attr(struct se_cmd *cmd)
1961{
5951146d 1962 if (cmd->se_dev->dev_task_attr_type != SAM_TASK_ATTR_EMULATED)
c66ac9db
NB		 1963 return 1;
1964 /*
25985edc 1965 * Check for the existence of HEAD_OF_QUEUE, and if true return 1
c66ac9db
NB		 1966 * to allow the passed struct se_cmd list of tasks to the front of the list.
1967 */
e66ecd50 1968 if (cmd->sam_task_attr == MSG_HEAD_TAG) {
6708bb27 1969 pr_debug("Added HEAD_OF_QUEUE for CDB:"
c66ac9db 1970 " 0x%02x, se_ordered_id: %u\n",
6708bb27 1971 cmd->t_task_cdb[0],
c66ac9db
NB		 1972 cmd->se_ordered_id);
1973 return 1;
e66ecd50 1974 } else if (cmd->sam_task_attr == MSG_ORDERED_TAG) {
5951146d 1975 atomic_inc(&cmd->se_dev->dev_ordered_sync);
c66ac9db
NB		 1976 smp_mb__after_atomic_inc();
1977
6708bb27 1978 pr_debug("Added ORDERED for CDB: 0x%02x to ordered"
c66ac9db 1979 " list, se_ordered_id: %u\n",
a1d8b49a 1980 cmd->t_task_cdb[0],
c66ac9db
NB		 1981 cmd->se_ordered_id);
1982 /*
1983 * Add ORDERED command to tail of execution queue if
1984 * no other older commands exist that need to be
1985 * completed first.
1986 */
6708bb27 1987 if (!atomic_read(&cmd->se_dev->simple_cmds))
c66ac9db
NB		 1988 return 1;
1989 } else {
1990 /*
1991 * For SIMPLE and UNTAGGED Task Attribute commands
1992 */
5951146d 1993 atomic_inc(&cmd->se_dev->simple_cmds);
c66ac9db
NB		 1994 smp_mb__after_atomic_inc();
1995 }
1996 /*
1997 * Otherwise if one or more outstanding ORDERED task attribute exist,
1998 * add the dormant task(s) built for the passed struct se_cmd to the
1999 * execution queue and become in Active state for this struct se_device.
2000 */
5951146d 2001 if (atomic_read(&cmd->se_dev->dev_ordered_sync) != 0) {
c66ac9db
NB		 2002 /*
2003 * Otherwise, add cmd w/ tasks to delayed cmd queue that
25985edc 2004 * will be drained upon completion of HEAD_OF_QUEUE task.
c66ac9db 2005 */
5951146d 2006 spin_lock(&cmd->se_dev->delayed_cmd_lock);
c66ac9db 2007 cmd->se_cmd_flags |= SCF_DELAYED_CMD_FROM_SAM_ATTR;
5951146d
AG		 2008 list_add_tail(&cmd->se_delayed_node,
2009 &cmd->se_dev->delayed_cmd_list);
2010 spin_unlock(&cmd->se_dev->delayed_cmd_lock);
c66ac9db 2011
6708bb27 2012 pr_debug("Added CDB: 0x%02x Task Attr: 0x%02x to"
c66ac9db 2013 " delayed CMD list, se_ordered_id: %u\n",
a1d8b49a 2014 cmd->t_task_cdb[0], cmd->sam_task_attr,
c66ac9db
NB		 2015 cmd->se_ordered_id);
2016 /*
2017 * Return zero to let transport_execute_tasks() know
2018 * not to add the delayed tasks to the execution list.
2019 */
2020 return 0;
2021 }
2022 /*
2023 * Otherwise, no ORDERED task attributes exist..
2024 */
2025 return 1;
2026}
2027
2028/*
2029 * Called from fabric module context in transport_generic_new_cmd() and
2030 * transport_generic_process_write()
2031 */
d28d96dc 2032static void transport_execute_tasks(struct se_cmd *cmd)
c66ac9db
NB		 2033{
2034 int add_tasks;
40be67f4 2035 struct se_device *se_dev = cmd->se_dev;
c66ac9db
NB		 2036 /*
2037 * Call transport_cmd_check_stop() to see if a fabric exception
25985edc 2038 * has occurred that prevents execution.
c66ac9db 2039 */
6708bb27 2040 if (!transport_cmd_check_stop(cmd, 0, TRANSPORT_PROCESSING)) {
c66ac9db
NB		 2041 /*
2042 * Check for SAM Task Attribute emulation and HEAD_OF_QUEUE
2043 * attribute for the tasks of the received struct se_cmd CDB
2044 */
2045 add_tasks = transport_execute_task_attr(cmd);
d28d96dc
JE		 2046 if (add_tasks) {
2047 __transport_execute_tasks(se_dev, cmd);
2048 return;
2049 }
c66ac9db 2050 }
4d2300cc 2051 __transport_execute_tasks(se_dev, NULL);
c66ac9db
NB		 2052}
2053
4d2300cc 2054static int __transport_execute_tasks(struct se_device *dev, struct se_cmd *new_cmd)
c66ac9db
NB		 2055{
2056 int error;
2057 struct se_cmd *cmd = NULL;
c66ac9db
NB		 2058 unsigned long flags;
2059
c66ac9db 2060check_depth:
e3d6f909 2061 spin_lock_irq(&dev->execute_task_lock);
4d2300cc 2062 if (new_cmd != NULL)
cf572a96 2063 __target_add_to_execute_list(new_cmd);
4d2300cc 2064
cf572a96 2065 if (list_empty(&dev->execute_list)) {
e3d6f909 2066 spin_unlock_irq(&dev->execute_task_lock);
c66ac9db
NB		 2067 return 0;
2068 }
cf572a96
CH		 2069 cmd = list_first_entry(&dev->execute_list, struct se_cmd, execute_list);
2070 __target_remove_from_execute_list(cmd);
e3d6f909 2071 spin_unlock_irq(&dev->execute_task_lock);
c66ac9db 2072
a1d8b49a 2073 spin_lock_irqsave(&cmd->t_state_lock, flags);
cf572a96 2074 cmd->transport_state |= CMD_T_BUSY;
785fdf70 2075 cmd->transport_state |= CMD_T_SENT;
c66ac9db 2076
a1d8b49a 2077 spin_unlock_irqrestore(&cmd->t_state_lock, flags);
c66ac9db 2078
6bb35e00
CH		 2079 if (cmd->execute_cmd)
2080 error = cmd->execute_cmd(cmd);
5787cacd
CH		 2081 else {
2082 error = dev->transport->execute_cmd(cmd, cmd->t_data_sg,
2083 cmd->t_data_nents, cmd->data_direction);
2084 }
cf572a96 2085
d29a5b6a 2086 if (error != 0) {
d29a5b6a 2087 spin_lock_irqsave(&cmd->t_state_lock, flags);
cf572a96 2088 cmd->transport_state &= ~CMD_T_BUSY;
7d680f3b 2089 cmd->transport_state &= ~CMD_T_SENT;
d29a5b6a 2090 spin_unlock_irqrestore(&cmd->t_state_lock, flags);
7d680f3b 2091
03e98c9e 2092 transport_generic_request_failure(cmd);
c66ac9db
NB		 2093 }
2094
4d2300cc 2095 new_cmd = NULL;
c66ac9db
NB		 2096 goto check_depth;
2097
2098 return 0;
2099}
2100
c66ac9db
NB		 2101static inline u32 transport_get_sectors_6(
2102 unsigned char *cdb,
2103 struct se_cmd *cmd,
2104 int *ret)
2105{
5951146d 2106 struct se_device *dev = cmd->se_dev;
c66ac9db
NB		 2107
2108 /*
2109 * Assume TYPE_DISK for non struct se_device objects.
2110 * Use 8-bit sector value.
2111 */
2112 if (!dev)
2113 goto type_disk;
2114
2115 /*
2116 * Use 24-bit allocation length for TYPE_TAPE.
2117 */
e3d6f909 2118 if (dev->transport->get_device_type(dev) == TYPE_TAPE)
c66ac9db
NB		 2119 return (u32)(cdb[2] << 16) + (cdb[3] << 8) + cdb[4];
2120
2121 /*
2122 * Everything else assume TYPE_DISK Sector CDB location.
9b5cd7f3
RD		 2123 * Use 8-bit sector value. SBC-3 says:
2124 *
2125 * A TRANSFER LENGTH field set to zero specifies that 256
2126 * logical blocks shall be written. Any other value
2127 * specifies the number of logical blocks that shall be
2128 * written.
c66ac9db
NB		 2129 */
2130type_disk:
9b5cd7f3 2131 return cdb[4] ? : 256;
c66ac9db
NB		 2132}
2133
2134static inline u32 transport_get_sectors_10(
2135 unsigned char *cdb,
2136 struct se_cmd *cmd,
2137 int *ret)
2138{
5951146d 2139 struct se_device *dev = cmd->se_dev;
c66ac9db
NB		 2140
2141 /*
2142 * Assume TYPE_DISK for non struct se_device objects.
2143 * Use 16-bit sector value.
2144 */
2145 if (!dev)
2146 goto type_disk;
2147
2148 /*
2149 * XXX_10 is not defined in SSC, throw an exception
2150 */
e3d6f909
AG		 2151 if (dev->transport->get_device_type(dev) == TYPE_TAPE) {
2152 *ret = -EINVAL;
c66ac9db
NB		 2153 return 0;
2154 }
2155
2156 /*
2157 * Everything else assume TYPE_DISK Sector CDB location.
2158 * Use 16-bit sector value.
2159 */
2160type_disk:
2161 return (u32)(cdb[7] << 8) + cdb[8];
2162}
2163
2164static inline u32 transport_get_sectors_12(
2165 unsigned char *cdb,
2166 struct se_cmd *cmd,
2167 int *ret)
2168{
5951146d 2169 struct se_device *dev = cmd->se_dev;
c66ac9db
NB		 2170
2171 /*
2172 * Assume TYPE_DISK for non struct se_device objects.
2173 * Use 32-bit sector value.
2174 */
2175 if (!dev)
2176 goto type_disk;
2177
2178 /*
2179 * XXX_12 is not defined in SSC, throw an exception
2180 */
e3d6f909
AG		 2181 if (dev->transport->get_device_type(dev) == TYPE_TAPE) {
2182 *ret = -EINVAL;
c66ac9db
NB		 2183 return 0;
2184 }
2185
2186 /*
2187 * Everything else assume TYPE_DISK Sector CDB location.
2188 * Use 32-bit sector value.
2189 */
2190type_disk:
2191 return (u32)(cdb[6] << 24) + (cdb[7] << 16) + (cdb[8] << 8) + cdb[9];
2192}
2193
2194static inline u32 transport_get_sectors_16(
2195 unsigned char *cdb,
2196 struct se_cmd *cmd,
2197 int *ret)
2198{
5951146d 2199 struct se_device *dev = cmd->se_dev;
c66ac9db
NB		 2200
2201 /*
2202 * Assume TYPE_DISK for non struct se_device objects.
2203 * Use 32-bit sector value.
2204 */
2205 if (!dev)
2206 goto type_disk;
2207
2208 /*
2209 * Use 24-bit allocation length for TYPE_TAPE.
2210 */
e3d6f909 2211 if (dev->transport->get_device_type(dev) == TYPE_TAPE)
c66ac9db
NB		 2212 return (u32)(cdb[12] << 16) + (cdb[13] << 8) + cdb[14];
2213
2214type_disk:
2215 return (u32)(cdb[10] << 24) + (cdb[11] << 16) +
2216 (cdb[12] << 8) + cdb[13];
2217}
2218
2219/*
2220 * Used for VARIABLE_LENGTH_CDB WRITE_32 and READ_32 variants
2221 */
2222static inline u32 transport_get_sectors_32(
2223 unsigned char *cdb,
2224 struct se_cmd *cmd,
2225 int *ret)
2226{
2227 /*
2228 * Assume TYPE_DISK for non struct se_device objects.
2229 * Use 32-bit sector value.
2230 */
2231 return (u32)(cdb[28] << 24) + (cdb[29] << 16) +
2232 (cdb[30] << 8) + cdb[31];
2233
2234}
2235
2236static inline u32 transport_get_size(
2237 u32 sectors,
2238 unsigned char *cdb,
2239 struct se_cmd *cmd)
2240{
5951146d 2241 struct se_device *dev = cmd->se_dev;
c66ac9db 2242
e3d6f909 2243 if (dev->transport->get_device_type(dev) == TYPE_TAPE) {
c66ac9db 2244 if (cdb[1] & 1) { /* sectors */
e3d6f909 2245 return dev->se_sub_dev->se_dev_attrib.block_size * sectors;
c66ac9db
NB		 2246 } else /* bytes */
2247 return sectors;
2248 }
8b1e1244 2249
6708bb27 2250 pr_debug("Returning block_size: %u, sectors: %u == %u for"
8b1e1244
AG		 2251 " %s object\n", dev->se_sub_dev->se_dev_attrib.block_size,
2252 sectors, dev->se_sub_dev->se_dev_attrib.block_size * sectors,
2253 dev->transport->name);
2254
e3d6f909 2255 return dev->se_sub_dev->se_dev_attrib.block_size * sectors;
c66ac9db
NB		 2256}
2257
c66ac9db
NB		 2258static void transport_xor_callback(struct se_cmd *cmd)
2259{
2260 unsigned char *buf, *addr;
ec98f782 2261 struct scatterlist *sg;
c66ac9db
NB		 2262 unsigned int offset;
2263 int i;
ec98f782 2264 int count;
c66ac9db
NB		 2265 /*
2266 * From sbc3r22.pdf section 5.48 XDWRITEREAD (10) command
2267 *
2268 * 1) read the specified logical block(s);
2269 * 2) transfer logical blocks from the data-out buffer;
2270 * 3) XOR the logical blocks transferred from the data-out buffer with
2271 * the logical blocks read, storing the resulting XOR data in a buffer;
2272 * 4) if the DISABLE WRITE bit is set to zero, then write the logical
2273 * blocks transferred from the data-out buffer; and
2274 * 5) transfer the resulting XOR data to the data-in buffer.
2275 */
2276 buf = kmalloc(cmd->data_length, GFP_KERNEL);
6708bb27
AG		 2277 if (!buf) {
2278 pr_err("Unable to allocate xor_callback buf\n");
c66ac9db
NB		 2279 return;
2280 }
2281 /*
ec98f782 2282 * Copy the scatterlist WRITE buffer located at cmd->t_data_sg
c66ac9db
NB		 2283 * into the locally allocated *buf
2284 */
ec98f782
AG		 2285 sg_copy_to_buffer(cmd->t_data_sg,
2286 cmd->t_data_nents,
2287 buf,
2288 cmd->data_length);
2289
c66ac9db
NB		 2290 /*
2291 * Now perform the XOR against the BIDI read memory located at
a1d8b49a 2292 * cmd->t_mem_bidi_list
c66ac9db
NB		 2293 */
2294
2295 offset = 0;
ec98f782 2296 for_each_sg(cmd->t_bidi_data_sg, sg, cmd->t_bidi_data_nents, count) {
ca747d61 2297 addr = kmap_atomic(sg_page(sg));
ec98f782 2298 if (!addr)
c66ac9db
NB		 2299 goto out;
2300
ec98f782
AG		 2301 for (i = 0; i < sg->length; i++)
2302 *(addr + sg->offset + i) ^= *(buf + offset + i);
c66ac9db 2303
ec98f782 2304 offset += sg->length;
ca747d61 2305 kunmap_atomic(addr);
c66ac9db 2306 }
ec98f782 2307
c66ac9db
NB		 2308out:
2309 kfree(buf);
2310}
2311
2312/*
2313 * Used to obtain Sense Data from underlying Linux/SCSI struct scsi_cmnd
2314 */
2315static int transport_get_sense_data(struct se_cmd *cmd)
2316{
2317 unsigned char *buffer = cmd->sense_buffer, *sense_buffer = NULL;
42bf829e 2318 struct se_device *dev = cmd->se_dev;
c66ac9db
NB		 2319 unsigned long flags;
2320 u32 offset = 0;
2321
e3d6f909
AG		 2322 WARN_ON(!cmd->se_lun);
2323
42bf829e
CH		 2324 if (!dev)
2325 return 0;
2326
a1d8b49a 2327 spin_lock_irqsave(&cmd->t_state_lock, flags);
c66ac9db 2328 if (cmd->se_cmd_flags & SCF_SENT_CHECK_CONDITION) {
a1d8b49a 2329 spin_unlock_irqrestore(&cmd->t_state_lock, flags);
c66ac9db
NB		 2330 return 0;
2331 }
2332
cf572a96
CH		 2333 if (!(cmd->se_cmd_flags & SCF_TRANSPORT_TASK_SENSE))
2334 goto out;
c66ac9db 2335
cf572a96
CH		 2336 if (!dev->transport->get_sense_buffer) {
2337 pr_err("dev->transport->get_sense_buffer is NULL\n");
2338 goto out;
2339 }
c66ac9db 2340
5787cacd 2341 sense_buffer = dev->transport->get_sense_buffer(cmd);
cf572a96 2342 if (!sense_buffer) {
5787cacd 2343 pr_err("ITT 0x%08x cmd %p: Unable to locate"
cf572a96 2344 " sense buffer for task with sense\n",
5787cacd 2345 cmd->se_tfo->get_task_tag(cmd), cmd);
cf572a96 2346 goto out;
c66ac9db 2347 }
5787cacd 2348
cf572a96
CH		 2349 spin_unlock_irqrestore(&cmd->t_state_lock, flags);
2350
2351 offset = cmd->se_tfo->set_fabric_sense_len(cmd, TRANSPORT_SENSE_BUFFER);
2352
2353 memcpy(&buffer[offset], sense_buffer, TRANSPORT_SENSE_BUFFER);
cf572a96
CH		 2354
2355 /* Automatically padded */
2356 cmd->scsi_sense_length = TRANSPORT_SENSE_BUFFER + offset;
2357
2358 pr_debug("HBA_[%u]_PLUG[%s]: Set SAM STATUS: 0x%02x and sense\n",
2359 dev->se_hba->hba_id, dev->transport->name, cmd->scsi_status);
2360 return 0;
2361
785fdf70 2362out:
a1d8b49a 2363 spin_unlock_irqrestore(&cmd->t_state_lock, flags);
c66ac9db
NB		 2364 return -1;
2365}
2366
ec98f782
AG		 2367static inline long long transport_dev_end_lba(struct se_device *dev)
2368{
2369 return dev->transport->get_blocks(dev) + 1;
2370}
2371
2372static int transport_cmd_get_valid_sectors(struct se_cmd *cmd)
2373{
2374 struct se_device *dev = cmd->se_dev;
2375 u32 sectors;
2376
2377 if (dev->transport->get_device_type(dev) != TYPE_DISK)
2378 return 0;
2379
2380 sectors = (cmd->data_length / dev->se_sub_dev->se_dev_attrib.block_size);
2381
6708bb27
AG		 2382 if ((cmd->t_task_lba + sectors) > transport_dev_end_lba(dev)) {
2383 pr_err("LBA: %llu Sectors: %u exceeds"
ec98f782
AG		 2384 " transport_dev_end_lba(): %llu\n",
2385 cmd->t_task_lba, sectors,
2386 transport_dev_end_lba(dev));
7abbe7f3 2387 return -EINVAL;
ec98f782
AG		 2388 }
2389
7abbe7f3 2390 return 0;
ec98f782
AG		 2391}
2392
706d5860
NB		 2393static int target_check_write_same_discard(unsigned char *flags, struct se_device *dev)
2394{
2395 /*
2396 * Determine if the received WRITE_SAME is used to for direct
2397 * passthrough into Linux/SCSI with struct request via TCM/pSCSI
2398 * or we are signaling the use of internal WRITE_SAME + UNMAP=1
2399 * emulation for -> Linux/BLOCK disbard with TCM/IBLOCK code.
2400 */
2401 int passthrough = (dev->transport->transport_type ==
2402 TRANSPORT_PLUGIN_PHBA_PDEV);
2403
2404 if (!passthrough) {
2405 if ((flags[0] & 0x04) || (flags[0] & 0x02)) {
2406 pr_err("WRITE_SAME PBDATA and LBDATA"
2407 " bits not supported for Block Discard"
2408 " Emulation\n");
2409 return -ENOSYS;
2410 }
2411 /*
2412 * Currently for the emulated case we only accept
2413 * tpws with the UNMAP=1 bit set.
2414 */
2415 if (!(flags[0] & 0x08)) {
2416 pr_err("WRITE_SAME w/o UNMAP bit not"
2417 " supported for Block Discard Emulation\n");
2418 return -ENOSYS;
2419 }
2420 }
2421
2422 return 0;
2423}
2424
c66ac9db
NB		 2425static int transport_generic_cmd_sequencer(
2426 struct se_cmd *cmd,
2427 unsigned char *cdb)
2428{
5951146d 2429 struct se_device *dev = cmd->se_dev;
c66ac9db 2430 struct se_subsystem_dev *su_dev = dev->se_sub_dev;
cb4f4d3c
CH		 2431 int sector_ret = 0, passthrough;
2432 u32 sectors = 0, size = 0;
c66ac9db 2433 u16 service_action;
c66ac9db 2434
5bda90c8
CH		 2435 /*
2436 * If we operate in passthrough mode we skip most CDB emulation and
2437 * instead hand the commands down to the physical SCSI device.
2438 */
2439 passthrough =
2440 (dev->transport->transport_type == TRANSPORT_PLUGIN_PHBA_PDEV);
2441
c66ac9db
NB		 2442 switch (cdb[0]) {
2443 case READ_6:
2444 sectors = transport_get_sectors_6(cdb, cmd, &sector_ret);
2445 if (sector_ret)
2446 goto out_unsupported_cdb;
2447 size = transport_get_size(sectors, cdb, cmd);
a1d8b49a 2448 cmd->t_task_lba = transport_lba_21(cdb);
64f1db38 2449 cmd->se_cmd_flags |= SCF_SCSI_DATA_CDB;
c66ac9db
NB		 2450 break;
2451 case READ_10:
2452 sectors = transport_get_sectors_10(cdb, cmd, &sector_ret);
2453 if (sector_ret)
2454 goto out_unsupported_cdb;
2455 size = transport_get_size(sectors, cdb, cmd);
a1d8b49a 2456 cmd->t_task_lba = transport_lba_32(cdb);
64f1db38 2457 cmd->se_cmd_flags |= SCF_SCSI_DATA_CDB;
c66ac9db
NB		 2458 break;
2459 case READ_12:
2460 sectors = transport_get_sectors_12(cdb, cmd, &sector_ret);
2461 if (sector_ret)
2462 goto out_unsupported_cdb;
2463 size = transport_get_size(sectors, cdb, cmd);
a1d8b49a 2464 cmd->t_task_lba = transport_lba_32(cdb);
64f1db38 2465 cmd->se_cmd_flags |= SCF_SCSI_DATA_CDB;
c66ac9db
NB		 2466 break;
2467 case READ_16:
2468 sectors = transport_get_sectors_16(cdb, cmd, &sector_ret);
2469 if (sector_ret)
2470 goto out_unsupported_cdb;
2471 size = transport_get_size(sectors, cdb, cmd);
a1d8b49a 2472 cmd->t_task_lba = transport_lba_64(cdb);
64f1db38 2473 cmd->se_cmd_flags |= SCF_SCSI_DATA_CDB;
c66ac9db
NB		 2474 break;
2475 case WRITE_6:
2476 sectors = transport_get_sectors_6(cdb, cmd, &sector_ret);
2477 if (sector_ret)
2478 goto out_unsupported_cdb;
2479 size = transport_get_size(sectors, cdb, cmd);
a1d8b49a 2480 cmd->t_task_lba = transport_lba_21(cdb);
64f1db38 2481 cmd->se_cmd_flags |= SCF_SCSI_DATA_CDB;
c66ac9db
NB		 2482 break;
2483 case WRITE_10:
66246617 2484 case WRITE_VERIFY:
c66ac9db
NB		 2485 sectors = transport_get_sectors_10(cdb, cmd, &sector_ret);
2486 if (sector_ret)
2487 goto out_unsupported_cdb;
2488 size = transport_get_size(sectors, cdb, cmd);
a1d8b49a 2489 cmd->t_task_lba = transport_lba_32(cdb);
2d3a4b51
CH		 2490 if (cdb[1] & 0x8)
2491 cmd->se_cmd_flags |= SCF_FUA;
64f1db38 2492 cmd->se_cmd_flags |= SCF_SCSI_DATA_CDB;
c66ac9db
NB		 2493 break;
2494 case WRITE_12:
2495 sectors = transport_get_sectors_12(cdb, cmd, &sector_ret);
2496 if (sector_ret)
2497 goto out_unsupported_cdb;
2498 size = transport_get_size(sectors, cdb, cmd);
a1d8b49a 2499 cmd->t_task_lba = transport_lba_32(cdb);
2d3a4b51
CH		 2500 if (cdb[1] & 0x8)
2501 cmd->se_cmd_flags |= SCF_FUA;
64f1db38 2502 cmd->se_cmd_flags |= SCF_SCSI_DATA_CDB;
c66ac9db
NB		 2503 break;
2504 case WRITE_16:
2505 sectors = transport_get_sectors_16(cdb, cmd, &sector_ret);
2506 if (sector_ret)
2507 goto out_unsupported_cdb;
2508 size = transport_get_size(sectors, cdb, cmd);
a1d8b49a 2509 cmd->t_task_lba = transport_lba_64(cdb);
2d3a4b51
CH		 2510 if (cdb[1] & 0x8)
2511 cmd->se_cmd_flags |= SCF_FUA;
64f1db38 2512 cmd->se_cmd_flags |= SCF_SCSI_DATA_CDB;
c66ac9db
NB		 2513 break;
2514 case XDWRITEREAD_10:
2515 if ((cmd->data_direction != DMA_TO_DEVICE) ||
33c3fafc 2516 !(cmd->se_cmd_flags & SCF_BIDI))
c66ac9db
NB		 2517 goto out_invalid_cdb_field;
2518 sectors = transport_get_sectors_10(cdb, cmd, &sector_ret);
2519 if (sector_ret)
2520 goto out_unsupported_cdb;
2521 size = transport_get_size(sectors, cdb, cmd);
a1d8b49a 2522 cmd->t_task_lba = transport_lba_32(cdb);
64f1db38 2523 cmd->se_cmd_flags |= SCF_SCSI_DATA_CDB;
7c1c6af3 2524
5bda90c8
CH		 2525 /*
2526 * Do now allow BIDI commands for passthrough mode.
2527 */
2528 if (passthrough)
7c1c6af3 2529 goto out_unsupported_cdb;
5bda90c8 2530
c66ac9db 2531 /*
35e0e757 2532 * Setup BIDI XOR callback to be run after I/O completion.
c66ac9db
NB		 2533 */
2534 cmd->transport_complete_callback = &transport_xor_callback;
2d3a4b51
CH		 2535 if (cdb[1] & 0x8)
2536 cmd->se_cmd_flags |= SCF_FUA;
c66ac9db
NB		 2537 break;
2538 case VARIABLE_LENGTH_CMD:
2539 service_action = get_unaligned_be16(&cdb[8]);
c66ac9db
NB		 2540 switch (service_action) {
2541 case XDWRITEREAD_32:
2542 sectors = transport_get_sectors_32(cdb, cmd, &sector_ret);
2543 if (sector_ret)
2544 goto out_unsupported_cdb;
2545 size = transport_get_size(sectors, cdb, cmd);
2546 /*
2547 * Use WRITE_32 and READ_32 opcodes for the emulated
2548 * XDWRITE_READ_32 logic.
2549 */
a1d8b49a 2550 cmd->t_task_lba = transport_lba_64_ext(cdb);
64f1db38 2551 cmd->se_cmd_flags |= SCF_SCSI_DATA_CDB;
c66ac9db 2552
5bda90c8
CH		 2553 /*
2554 * Do now allow BIDI commands for passthrough mode.
2555 */
c66ac9db 2556 if (passthrough)
7c1c6af3 2557 goto out_unsupported_cdb;
5bda90c8 2558
c66ac9db 2559 /*
35e0e757
CH		 2560 * Setup BIDI XOR callback to be run during after I/O
2561 * completion.
c66ac9db
NB		 2562 */
2563 cmd->transport_complete_callback = &transport_xor_callback;
2d3a4b51
CH		 2564 if (cdb[1] & 0x8)
2565 cmd->se_cmd_flags |= SCF_FUA;
c66ac9db
NB		 2566 break;
2567 case WRITE_SAME_32:
2568 sectors = transport_get_sectors_32(cdb, cmd, &sector_ret);
2569 if (sector_ret)
2570 goto out_unsupported_cdb;
dd3a5ad8 2571
6708bb27 2572 if (sectors)
12850626 2573 size = transport_get_size(1, cdb, cmd);
6708bb27
AG		 2574 else {
2575 pr_err("WSNZ=1, WRITE_SAME w/sectors=0 not"
2576 " supported\n");
2577 goto out_invalid_cdb_field;
2578 }
dd3a5ad8 2579
a1d8b49a 2580 cmd->t_task_lba = get_unaligned_be64(&cdb[12]);
c66ac9db 2581
706d5860 2582 if (target_check_write_same_discard(&cdb[10], dev) < 0)
67236c44 2583 goto out_unsupported_cdb;
5bda90c8 2584 if (!passthrough)
6bb35e00 2585 cmd->execute_cmd = target_emulate_write_same;
c66ac9db
NB		 2586 break;
2587 default:
6708bb27 2588 pr_err("VARIABLE_LENGTH_CMD service action"
c66ac9db
NB		 2589 " 0x%04x not supported\n", service_action);
2590 goto out_unsupported_cdb;
2591 }
2592 break;
e434f1f1 2593 case MAINTENANCE_IN:
e3d6f909 2594 if (dev->transport->get_device_type(dev) != TYPE_ROM) {
c66ac9db
NB		 2595 /* MAINTENANCE_IN from SCC-2 */
2596 /*
2597 * Check for emulated MI_REPORT_TARGET_PGS.
2598 */
ba539743 2599 if ((cdb[1] & 0x1f) == MI_REPORT_TARGET_PGS &&
e76a35d6 2600 su_dev->t10_alua.alua_type == SPC3_ALUA_EMULATED) {
6bb35e00 2601 cmd->execute_cmd =
e76a35d6 2602 target_emulate_report_target_port_groups;
c66ac9db
NB		 2603 }
2604 size = (cdb[6] << 24) | (cdb[7] << 16) |
2605 (cdb[8] << 8) | cdb[9];
2606 } else {
2607 /* GPCMD_SEND_KEY from multi media commands */
2608 size = (cdb[8] << 8) + cdb[9];
2609 }
c66ac9db
NB		 2610 break;
2611 case MODE_SELECT:
2612 size = cdb[4];
c66ac9db
NB		 2613 break;
2614 case MODE_SELECT_10:
2615 size = (cdb[7] << 8) + cdb[8];
c66ac9db
NB		 2616 break;
2617 case MODE_SENSE:
2618 size = cdb[4];
5bda90c8 2619 if (!passthrough)
6bb35e00 2620 cmd->execute_cmd = target_emulate_modesense;
c66ac9db
NB		 2621 break;
2622 case MODE_SENSE_10:
5bda90c8 2623 size = (cdb[7] << 8) + cdb[8];
5bda90c8 2624 if (!passthrough)
6bb35e00 2625 cmd->execute_cmd = target_emulate_modesense;
5bda90c8 2626 break;
c66ac9db
NB		 2627 case GPCMD_READ_BUFFER_CAPACITY:
2628 case GPCMD_SEND_OPC:
2629 case LOG_SELECT:
2630 case LOG_SENSE:
2631 size = (cdb[7] << 8) + cdb[8];
c66ac9db
NB		 2632 break;
2633 case READ_BLOCK_LIMITS:
2634 size = READ_BLOCK_LEN;
c66ac9db
NB		 2635 break;
2636 case GPCMD_GET_CONFIGURATION:
2637 case GPCMD_READ_FORMAT_CAPACITIES:
2638 case GPCMD_READ_DISC_INFO:
2639 case GPCMD_READ_TRACK_RZONE_INFO:
2640 size = (cdb[7] << 8) + cdb[8];
c66ac9db
NB		 2641 break;
2642 case PERSISTENT_RESERVE_IN:
617c0e06 2643 if (su_dev->t10_pr.res_type == SPC3_PERSISTENT_RESERVATIONS)
6bb35e00 2644 cmd->execute_cmd = target_scsi3_emulate_pr_in;
617c0e06 2645 size = (cdb[7] << 8) + cdb[8];
617c0e06 2646 break;
c66ac9db 2647 case PERSISTENT_RESERVE_OUT:
617c0e06 2648 if (su_dev->t10_pr.res_type == SPC3_PERSISTENT_RESERVATIONS)
6bb35e00 2649 cmd->execute_cmd = target_scsi3_emulate_pr_out;
c66ac9db 2650 size = (cdb[7] << 8) + cdb[8];
c66ac9db
NB		 2651 break;
2652 case GPCMD_MECHANISM_STATUS:
2653 case GPCMD_READ_DVD_STRUCTURE:
2654 size = (cdb[8] << 8) + cdb[9];
c66ac9db
NB		 2655 break;
2656 case READ_POSITION:
2657 size = READ_POSITION_LEN;
c66ac9db 2658 break;
e434f1f1 2659 case MAINTENANCE_OUT:
e3d6f909 2660 if (dev->transport->get_device_type(dev) != TYPE_ROM) {
c66ac9db
NB		 2661 /* MAINTENANCE_OUT from SCC-2
2662 *
2663 * Check for emulated MO_SET_TARGET_PGS.
2664 */
e76a35d6
CH		 2665 if (cdb[1] == MO_SET_TARGET_PGS &&
2666 su_dev->t10_alua.alua_type == SPC3_ALUA_EMULATED) {
6bb35e00 2667 cmd->execute_cmd =
e76a35d6 2668 target_emulate_set_target_port_groups;
c66ac9db
NB		 2669 }
2670
2671 size = (cdb[6] << 24) | (cdb[7] << 16) |
2672 (cdb[8] << 8) | cdb[9];
2673 } else {
2674 /* GPCMD_REPORT_KEY from multi media commands */
2675 size = (cdb[8] << 8) + cdb[9];
2676 }
c66ac9db
NB		 2677 break;
2678 case INQUIRY:
2679 size = (cdb[3] << 8) + cdb[4];
2680 /*
2681 * Do implict HEAD_OF_QUEUE processing for INQUIRY.
2682 * See spc4r17 section 5.3
2683 */
5951146d 2684 if (cmd->se_dev->dev_task_attr_type == SAM_TASK_ATTR_EMULATED)
e66ecd50 2685 cmd->sam_task_attr = MSG_HEAD_TAG;
5bda90c8 2686 if (!passthrough)
6bb35e00 2687 cmd->execute_cmd = target_emulate_inquiry;
c66ac9db
NB		 2688 break;
2689 case READ_BUFFER:
2690 size = (cdb[6] << 16) + (cdb[7] << 8) + cdb[8];
c66ac9db
NB		 2691 break;
2692 case READ_CAPACITY:
2693 size = READ_CAP_LEN;
5bda90c8 2694 if (!passthrough)
6bb35e00 2695 cmd->execute_cmd = target_emulate_readcapacity;
c66ac9db
NB		 2696 break;
2697 case READ_MEDIA_SERIAL_NUMBER:
2698 case SECURITY_PROTOCOL_IN:
2699 case SECURITY_PROTOCOL_OUT:
2700 size = (cdb[6] << 24) | (cdb[7] << 16) | (cdb[8] << 8) | cdb[9];
c66ac9db
NB		 2701 break;
2702 case SERVICE_ACTION_IN:
5bda90c8
CH		 2703 switch (cmd->t_task_cdb[1] & 0x1f) {
2704 case SAI_READ_CAPACITY_16:
2705 if (!passthrough)
6bb35e00 2706 cmd->execute_cmd =
5bda90c8
CH		 2707 target_emulate_readcapacity_16;
2708 break;
2709 default:
2710 if (passthrough)
2711 break;
2712
2713 pr_err("Unsupported SA: 0x%02x\n",
2714 cmd->t_task_cdb[1] & 0x1f);
b168fe8c 2715 goto out_invalid_cdb_field;
5bda90c8
CH		 2716 }
2717 /*FALLTHROUGH*/
c66ac9db
NB		 2718 case ACCESS_CONTROL_IN:
2719 case ACCESS_CONTROL_OUT:
2720 case EXTENDED_COPY:
2721 case READ_ATTRIBUTE:
2722 case RECEIVE_COPY_RESULTS:
2723 case WRITE_ATTRIBUTE:
2724 size = (cdb[10] << 24) | (cdb[11] << 16) |
2725 (cdb[12] << 8) | cdb[13];
c66ac9db
NB		 2726 break;
2727 case RECEIVE_DIAGNOSTIC:
2728 case SEND_DIAGNOSTIC:
2729 size = (cdb[3] << 8) | cdb[4];
c66ac9db
NB		 2730 break;
2731/* #warning FIXME: Figure out correct GPCMD_READ_CD blocksize. */
2732#if 0
2733 case GPCMD_READ_CD:
2734 sectors = (cdb[6] << 16) + (cdb[7] << 8) + cdb[8];
2735 size = (2336 * sectors);
c66ac9db
NB		 2736 break;
2737#endif
2738 case READ_TOC:
2739 size = cdb[8];
c66ac9db
NB		 2740 break;
2741 case REQUEST_SENSE:
2742 size = cdb[4];
5bda90c8 2743 if (!passthrough)
6bb35e00 2744 cmd->execute_cmd = target_emulate_request_sense;
c66ac9db
NB		 2745 break;
2746 case READ_ELEMENT_STATUS:
2747 size = 65536 * cdb[7] + 256 * cdb[8] + cdb[9];
c66ac9db
NB		 2748 break;
2749 case WRITE_BUFFER:
2750 size = (cdb[6] << 16) + (cdb[7] << 8) + cdb[8];
c66ac9db
NB		 2751 break;
2752 case RESERVE:
2753 case RESERVE_10:
2754 /*
2755 * The SPC-2 RESERVE does not contain a size in the SCSI CDB.
2756 * Assume the passthrough or $FABRIC_MOD will tell us about it.
2757 */
2758 if (cdb[0] == RESERVE_10)
2759 size = (cdb[7] << 8) | cdb[8];
2760 else
2761 size = cmd->data_length;
2762
2763 /*
2764 * Setup the legacy emulated handler for SPC-2 and
2765 * >= SPC-3 compatible reservation handling (CRH=1)
2766 * Otherwise, we assume the underlying SCSI logic is
2767 * is running in SPC_PASSTHROUGH, and wants reservations
2768 * emulation disabled.
2769 */
e76a35d6 2770 if (su_dev->t10_pr.res_type != SPC_PASSTHROUGH)
6bb35e00 2771 cmd->execute_cmd = target_scsi2_reservation_reserve;
c66ac9db
NB		 2772 break;
2773 case RELEASE:
2774 case RELEASE_10:
2775 /*
2776 * The SPC-2 RELEASE does not contain a size in the SCSI CDB.
2777 * Assume the passthrough or $FABRIC_MOD will tell us about it.
2778 */
2779 if (cdb[0] == RELEASE_10)
2780 size = (cdb[7] << 8) | cdb[8];
2781 else
2782 size = cmd->data_length;
2783
e76a35d6 2784 if (su_dev->t10_pr.res_type != SPC_PASSTHROUGH)
6bb35e00 2785 cmd->execute_cmd = target_scsi2_reservation_release;
c66ac9db
NB		 2786 break;
2787 case SYNCHRONIZE_CACHE:
8e94b8db 2788 case SYNCHRONIZE_CACHE_16:
c66ac9db
NB		 2789 /*
2790 * Extract LBA and range to be flushed for emulated SYNCHRONIZE_CACHE
2791 */
2792 if (cdb[0] == SYNCHRONIZE_CACHE) {
2793 sectors = transport_get_sectors_10(cdb, cmd, &sector_ret);
a1d8b49a 2794 cmd->t_task_lba = transport_lba_32(cdb);
c66ac9db
NB		 2795 } else {
2796 sectors = transport_get_sectors_16(cdb, cmd, &sector_ret);
a1d8b49a 2797 cmd->t_task_lba = transport_lba_64(cdb);
c66ac9db
NB		 2798 }
2799 if (sector_ret)
2800 goto out_unsupported_cdb;
2801
2802 size = transport_get_size(sectors, cdb, cmd);
c66ac9db 2803
5bda90c8 2804 if (passthrough)
c66ac9db 2805 break;
5bda90c8 2806
c66ac9db
NB		 2807 /*
2808 * Check to ensure that LBA + Range does not exceed past end of
7abbe7f3 2809 * device for IBLOCK and FILEIO ->do_sync_cache() backend calls
c66ac9db 2810 */
7abbe7f3
NB		 2811 if ((cmd->t_task_lba != 0) || (sectors != 0)) {
2812 if (transport_cmd_get_valid_sectors(cmd) < 0)
2813 goto out_invalid_cdb_field;
2814 }
6bb35e00 2815 cmd->execute_cmd = target_emulate_synchronize_cache;
c66ac9db
NB		 2816 break;
2817 case UNMAP:
2818 size = get_unaligned_be16(&cdb[7]);
5bda90c8 2819 if (!passthrough)
6bb35e00 2820 cmd->execute_cmd = target_emulate_unmap;
c66ac9db
NB		 2821 break;
2822 case WRITE_SAME_16:
2823 sectors = transport_get_sectors_16(cdb, cmd, &sector_ret);
2824 if (sector_ret)
2825 goto out_unsupported_cdb;
dd3a5ad8 2826
6708bb27 2827 if (sectors)
12850626 2828 size = transport_get_size(1, cdb, cmd);
6708bb27
AG		 2829 else {
2830 pr_err("WSNZ=1, WRITE_SAME w/sectors=0 not supported\n");
2831 goto out_invalid_cdb_field;
2832 }
dd3a5ad8 2833
5db0753b 2834 cmd->t_task_lba = get_unaligned_be64(&cdb[2]);
706d5860
NB		 2835
2836 if (target_check_write_same_discard(&cdb[1], dev) < 0)
67236c44 2837 goto out_unsupported_cdb;
5bda90c8 2838 if (!passthrough)
6bb35e00 2839 cmd->execute_cmd = target_emulate_write_same;
706d5860
NB		 2840 break;
2841 case WRITE_SAME:
2842 sectors = transport_get_sectors_10(cdb, cmd, &sector_ret);
2843 if (sector_ret)
2844 goto out_unsupported_cdb;
2845
2846 if (sectors)
12850626 2847 size = transport_get_size(1, cdb, cmd);
706d5860
NB		 2848 else {
2849 pr_err("WSNZ=1, WRITE_SAME w/sectors=0 not supported\n");
2850 goto out_invalid_cdb_field;
c66ac9db 2851 }
706d5860
NB		 2852
2853 cmd->t_task_lba = get_unaligned_be32(&cdb[2]);
706d5860
NB		 2854 /*
2855 * Follow sbcr26 with WRITE_SAME (10) and check for the existence
2856 * of byte 1 bit 3 UNMAP instead of original reserved field
2857 */
2858 if (target_check_write_same_discard(&cdb[1], dev) < 0)
67236c44 2859 goto out_unsupported_cdb;
5bda90c8 2860 if (!passthrough)
6bb35e00 2861 cmd->execute_cmd = target_emulate_write_same;
c66ac9db
NB		 2862 break;
2863 case ALLOW_MEDIUM_REMOVAL:
c66ac9db 2864 case ERASE:
c66ac9db
NB		 2865 case REZERO_UNIT:
2866 case SEEK_10:
c66ac9db
NB		 2867 case SPACE:
2868 case START_STOP:
2869 case TEST_UNIT_READY:
2870 case VERIFY:
2871 case WRITE_FILEMARKS:
5bda90c8 2872 if (!passthrough)
6bb35e00 2873 cmd->execute_cmd = target_emulate_noop;
5bda90c8
CH		 2874 break;
2875 case GPCMD_CLOSE_TRACK:
2876 case INITIALIZE_ELEMENT_STATUS:
2877 case GPCMD_LOAD_UNLOAD:
2878 case GPCMD_SET_SPEED:
c66ac9db 2879 case MOVE_MEDIUM:
c66ac9db
NB		 2880 break;
2881 case REPORT_LUNS:
6bb35e00 2882 cmd->execute_cmd = target_report_luns;
c66ac9db
NB		 2883 size = (cdb[6] << 24) | (cdb[7] << 16) | (cdb[8] << 8) | cdb[9];
2884 /*
2885 * Do implict HEAD_OF_QUEUE processing for REPORT_LUNS
2886 * See spc4r17 section 5.3
2887 */
5951146d 2888 if (cmd->se_dev->dev_task_attr_type == SAM_TASK_ATTR_EMULATED)
e66ecd50 2889 cmd->sam_task_attr = MSG_HEAD_TAG;
c66ac9db 2890 break;
ed0b2144
SH		 2891 case GET_EVENT_STATUS_NOTIFICATION:
2892 size = (cdb[7] << 8) | cdb[8];
8da10935 2893 break;
2894 case ATA_16:
2895 /* Only support ATA passthrough to pSCSI backends.. */
2896 if (!passthrough)
2897 goto out_unsupported_cdb;
2898
2899 /* T_LENGTH */
2900 switch (cdb[2] & 0x3) {
2901 case 0x0:
2902 sectors = 0;
2903 break;
2904 case 0x1:
2905 sectors = (((cdb[1] & 0x1) ? cdb[3] : 0) << 8) | cdb[4];
2906 break;
2907 case 0x2:
2908 sectors = (((cdb[1] & 0x1) ? cdb[5] : 0) << 8) | cdb[6];
2909 break;
2910 case 0x3:
2911 pr_err("T_LENGTH=0x3 not supported for ATA_16\n");
2912 goto out_invalid_cdb_field;
2913 }
2914
2915 /* BYTE_BLOCK */
2916 if (cdb[2] & 0x4) {
2917 /* BLOCK T_TYPE: 512 or sector */
2918 size = sectors * ((cdb[2] & 0x10) ?
2919 dev->se_sub_dev->se_dev_attrib.block_size : 512);
2920 } else {
2921 /* BYTE */
2922 size = sectors;
2923 }
ed0b2144 2924 break;
c66ac9db 2925 default:
6708bb27 2926 pr_warn("TARGET_CORE[%s]: Unsupported SCSI Opcode"
c66ac9db 2927 " 0x%02x, sending CHECK_CONDITION.\n",
e3d6f909 2928 cmd->se_tfo->get_fabric_name(), cdb[0]);
c66ac9db
NB		 2929 goto out_unsupported_cdb;
2930 }
2931
b0d79946
SAS		 2932 if (cmd->unknown_data_length)
2933 cmd->data_length = size;
2934
c66ac9db 2935 if (size != cmd->data_length) {
6708bb27 2936 pr_warn("TARGET_CORE[%s]: Expected Transfer Length:"
c66ac9db 2937 " %u does not match SCSI CDB Length: %u for SAM Opcode:"
e3d6f909 2938 " 0x%02x\n", cmd->se_tfo->get_fabric_name(),
c66ac9db
NB		 2939 cmd->data_length, size, cdb[0]);
2940
2941 cmd->cmd_spdtl = size;
2942
2943 if (cmd->data_direction == DMA_TO_DEVICE) {
6708bb27 2944 pr_err("Rejecting underflow/overflow"
c66ac9db
NB		 2945 " WRITE data\n");
2946 goto out_invalid_cdb_field;
2947 }
2948 /*
2949 * Reject READ_* or WRITE_* with overflow/underflow for
64f1db38 2950 * type SCF_SCSI_DATA_CDB.
c66ac9db 2951 */
cb4f4d3c 2952 if (dev->se_sub_dev->se_dev_attrib.block_size != 512) {
6708bb27 2953 pr_err("Failing OVERFLOW/UNDERFLOW for LBA op"
c66ac9db 2954 " CDB on non 512-byte sector setup subsystem"
e3d6f909 2955 " plugin: %s\n", dev->transport->name);
c66ac9db
NB		 2956 /* Returns CHECK_CONDITION + INVALID_CDB_FIELD */
2957 goto out_invalid_cdb_field;
2958 }
2959
2960 if (size > cmd->data_length) {
2961 cmd->se_cmd_flags |= SCF_OVERFLOW_BIT;
2962 cmd->residual_count = (size - cmd->data_length);
2963 } else {
2964 cmd->se_cmd_flags |= SCF_UNDERFLOW_BIT;
2965 cmd->residual_count = (cmd->data_length - size);
2966 }
2967 cmd->data_length = size;
2968 }
2969
64f1db38 2970 if (cmd->se_cmd_flags & SCF_SCSI_DATA_CDB) {
7b4deef5
NB		 2971 if (sectors > su_dev->se_dev_attrib.fabric_max_sectors) {
2972 printk_ratelimited(KERN_ERR "SCSI OP %02xh with too"
2973 " big sectors %u exceeds fabric_max_sectors:"
2974 " %u\n", cdb[0], sectors,
2975 su_dev->se_dev_attrib.fabric_max_sectors);
2976 goto out_invalid_cdb_field;
2977 }
2978 if (sectors > su_dev->se_dev_attrib.hw_max_sectors) {
2979 printk_ratelimited(KERN_ERR "SCSI OP %02xh with too"
2980 " big sectors %u exceeds backend hw_max_sectors:"
2981 " %u\n", cdb[0], sectors,
2982 su_dev->se_dev_attrib.hw_max_sectors);
2983 goto out_invalid_cdb_field;
2984 }
015487b8
RD		 2985 }
2986
5bda90c8 2987 /* reject any command that we don't have a handler for */
6bb35e00 2988 if (!(passthrough || cmd->execute_cmd ||
64f1db38 2989 (cmd->se_cmd_flags & SCF_SCSI_DATA_CDB)))
5bda90c8
CH		 2990 goto out_unsupported_cdb;
2991
cb4f4d3c 2992 return 0;
c66ac9db
NB		 2993
2994out_unsupported_cdb:
2995 cmd->se_cmd_flags |= SCF_SCSI_CDB_EXCEPTION;
2996 cmd->scsi_sense_reason = TCM_UNSUPPORTED_SCSI_OPCODE;
5951146d 2997 return -EINVAL;
c66ac9db
NB		 2998out_invalid_cdb_field:
2999 cmd->se_cmd_flags |= SCF_SCSI_CDB_EXCEPTION;
3000 cmd->scsi_sense_reason = TCM_INVALID_CDB_FIELD;
5951146d 3001 return -EINVAL;
c66ac9db
NB		 3002}
3003
c66ac9db 3004/*
35e0e757 3005 * Called from I/O completion to determine which dormant/delayed
c66ac9db
NB		 3006 * and ordered cmds need to have their tasks added to the execution queue.
3007 */
3008static void transport_complete_task_attr(struct se_cmd *cmd)
3009{
5951146d 3010 struct se_device *dev = cmd->se_dev;
c66ac9db
NB		 3011 struct se_cmd *cmd_p, *cmd_tmp;
3012 int new_active_tasks = 0;
3013
e66ecd50 3014 if (cmd->sam_task_attr == MSG_SIMPLE_TAG) {
c66ac9db
NB		 3015 atomic_dec(&dev->simple_cmds);
3016 smp_mb__after_atomic_dec();
3017 dev->dev_cur_ordered_id++;
6708bb27 3018 pr_debug("Incremented dev->dev_cur_ordered_id: %u for"
c66ac9db
NB		 3019 " SIMPLE: %u\n", dev->dev_cur_ordered_id,
3020 cmd->se_ordered_id);
e66ecd50 3021 } else if (cmd->sam_task_attr == MSG_HEAD_TAG) {
c66ac9db 3022 dev->dev_cur_ordered_id++;
6708bb27 3023 pr_debug("Incremented dev_cur_ordered_id: %u for"
c66ac9db
NB		 3024 " HEAD_OF_QUEUE: %u\n", dev->dev_cur_ordered_id,
3025 cmd->se_ordered_id);
e66ecd50 3026 } else if (cmd->sam_task_attr == MSG_ORDERED_TAG) {
c66ac9db
NB		 3027 atomic_dec(&dev->dev_ordered_sync);
3028 smp_mb__after_atomic_dec();
c66ac9db
NB		 3029
3030 dev->dev_cur_ordered_id++;
6708bb27 3031 pr_debug("Incremented dev_cur_ordered_id: %u for ORDERED:"
c66ac9db
NB		 3032 " %u\n", dev->dev_cur_ordered_id, cmd->se_ordered_id);
3033 }
3034 /*
3035 * Process all commands up to the last received
3036 * ORDERED task attribute which requires another blocking
3037 * boundary
3038 */
3039 spin_lock(&dev->delayed_cmd_lock);
3040 list_for_each_entry_safe(cmd_p, cmd_tmp,
5951146d 3041 &dev->delayed_cmd_list, se_delayed_node) {
c66ac9db 3042
5951146d 3043 list_del(&cmd_p->se_delayed_node);
c66ac9db
NB		 3044 spin_unlock(&dev->delayed_cmd_lock);
3045
6708bb27 3046 pr_debug("Calling add_tasks() for"
c66ac9db
NB		 3047 " cmd_p: 0x%02x Task Attr: 0x%02x"
3048 " Dormant -> Active, se_ordered_id: %u\n",
6708bb27 3049 cmd_p->t_task_cdb[0],
c66ac9db
NB		 3050 cmd_p->sam_task_attr, cmd_p->se_ordered_id);
3051
cf572a96 3052 target_add_to_execute_list(cmd_p);
c66ac9db
NB		 3053 new_active_tasks++;
3054
3055 spin_lock(&dev->delayed_cmd_lock);
e66ecd50 3056 if (cmd_p->sam_task_attr == MSG_ORDERED_TAG)
c66ac9db
NB		 3057 break;
3058 }
3059 spin_unlock(&dev->delayed_cmd_lock);
3060 /*
3061 * If new tasks have become active, wake up the transport thread
3062 * to do the processing of the Active tasks.
3063 */
3064 if (new_active_tasks != 0)
e3d6f909 3065 wake_up_interruptible(&dev->dev_queue_obj.thread_wq);
c66ac9db
NB		 3066}
3067
e057f533 3068static void transport_complete_qf(struct se_cmd *cmd)
07bde79a
NB		 3069{
3070 int ret = 0;
3071
e057f533
CH		 3072 if (cmd->se_dev->dev_task_attr_type == SAM_TASK_ATTR_EMULATED)
3073 transport_complete_task_attr(cmd);
3074
3075 if (cmd->se_cmd_flags & SCF_TRANSPORT_TASK_SENSE) {
3076 ret = cmd->se_tfo->queue_status(cmd);
3077 if (ret)
3078 goto out;
3079 }
07bde79a
NB		 3080
3081 switch (cmd->data_direction) {
3082 case DMA_FROM_DEVICE:
3083 ret = cmd->se_tfo->queue_data_in(cmd);
3084 break;
3085 case DMA_TO_DEVICE:
ec98f782 3086 if (cmd->t_bidi_data_sg) {
07bde79a
NB		 3087 ret = cmd->se_tfo->queue_data_in(cmd);
3088 if (ret < 0)
e057f533 3089 break;
07bde79a
NB		 3090 }
3091 /* Fall through for DMA_TO_DEVICE */
3092 case DMA_NONE:
3093 ret = cmd->se_tfo->queue_status(cmd);
3094 break;
3095 default:
3096 break;
3097 }
3098
e057f533
CH		 3099out:
3100 if (ret < 0) {
3101 transport_handle_queue_full(cmd, cmd->se_dev);
3102 return;
3103 }
3104 transport_lun_remove_cmd(cmd);
3105 transport_cmd_check_stop_to_fabric(cmd);
07bde79a
NB		 3106}
3107
3108static void transport_handle_queue_full(
3109 struct se_cmd *cmd,
e057f533 3110 struct se_device *dev)
07bde79a
NB		 3111{
3112 spin_lock_irq(&dev->qf_cmd_lock);
07bde79a
NB		 3113 list_add_tail(&cmd->se_qf_node, &cmd->se_dev->qf_cmd_list);
3114 atomic_inc(&dev->dev_qf_count);
3115 smp_mb__after_atomic_inc();
3116 spin_unlock_irq(&cmd->se_dev->qf_cmd_lock);
3117
3118 schedule_work(&cmd->se_dev->qf_work_queue);
3119}
3120
35e0e757 3121static void target_complete_ok_work(struct work_struct *work)
c66ac9db 3122{
35e0e757 3123 struct se_cmd *cmd = container_of(work, struct se_cmd, work);
07bde79a 3124 int reason = 0, ret;
35e0e757 3125
c66ac9db
NB		 3126 /*
3127 * Check if we need to move delayed/dormant tasks from cmds on the
3128 * delayed execution list after a HEAD_OF_QUEUE or ORDERED Task
3129 * Attribute.
3130 */
5951146d 3131 if (cmd->se_dev->dev_task_attr_type == SAM_TASK_ATTR_EMULATED)
c66ac9db 3132 transport_complete_task_attr(cmd);
07bde79a
NB		 3133 /*
3134 * Check to schedule QUEUE_FULL work, or execute an existing
3135 * cmd->transport_qf_callback()
3136 */
3137 if (atomic_read(&cmd->se_dev->dev_qf_count) != 0)
3138 schedule_work(&cmd->se_dev->qf_work_queue);
3139
c66ac9db
NB		 3140 /*
3141 * Check if we need to retrieve a sense buffer from
3142 * the struct se_cmd in question.
3143 */
3144 if (cmd->se_cmd_flags & SCF_TRANSPORT_TASK_SENSE) {
3145 if (transport_get_sense_data(cmd) < 0)
3146 reason = TCM_NON_EXISTENT_LUN;
3147
c66ac9db 3148 if (cmd->scsi_status) {
07bde79a 3149 ret = transport_send_check_condition_and_sense(
c66ac9db 3150 cmd, reason, 1);
f147abb4 3151 if (ret == -EAGAIN || ret == -ENOMEM)
07bde79a
NB		 3152 goto queue_full;
3153
c66ac9db
NB		 3154 transport_lun_remove_cmd(cmd);
3155 transport_cmd_check_stop_to_fabric(cmd);
3156 return;
3157 }
3158 }
3159 /*
25985edc 3160 * Check for a callback, used by amongst other things
c66ac9db
NB		 3161 * XDWRITE_READ_10 emulation.
3162 */
3163 if (cmd->transport_complete_callback)
3164 cmd->transport_complete_callback(cmd);
3165
3166 switch (cmd->data_direction) {
3167 case DMA_FROM_DEVICE:
3168 spin_lock(&cmd->se_lun->lun_sep_lock);
e3d6f909
AG		 3169 if (cmd->se_lun->lun_sep) {
3170 cmd->se_lun->lun_sep->sep_stats.tx_data_octets +=
c66ac9db
NB		 3171 cmd->data_length;
3172 }
3173 spin_unlock(&cmd->se_lun->lun_sep_lock);
c66ac9db 3174
07bde79a 3175 ret = cmd->se_tfo->queue_data_in(cmd);
f147abb4 3176 if (ret == -EAGAIN || ret == -ENOMEM)
07bde79a 3177 goto queue_full;
c66ac9db
NB		 3178 break;
3179 case DMA_TO_DEVICE:
3180 spin_lock(&cmd->se_lun->lun_sep_lock);
e3d6f909
AG		 3181 if (cmd->se_lun->lun_sep) {
3182 cmd->se_lun->lun_sep->sep_stats.rx_data_octets +=
c66ac9db
NB		 3183 cmd->data_length;
3184 }
3185 spin_unlock(&cmd->se_lun->lun_sep_lock);
3186 /*
3187 * Check if we need to send READ payload for BIDI-COMMAND
3188 */
ec98f782 3189 if (cmd->t_bidi_data_sg) {
c66ac9db 3190 spin_lock(&cmd->se_lun->lun_sep_lock);
e3d6f909
AG		 3191 if (cmd->se_lun->lun_sep) {
3192 cmd->se_lun->lun_sep->sep_stats.tx_data_octets +=
c66ac9db
NB		 3193 cmd->data_length;
3194 }
3195 spin_unlock(&cmd->se_lun->lun_sep_lock);
07bde79a 3196 ret = cmd->se_tfo->queue_data_in(cmd);
f147abb4 3197 if (ret == -EAGAIN || ret == -ENOMEM)
07bde79a 3198 goto queue_full;
c66ac9db
NB		 3199 break;
3200 }
3201 /* Fall through for DMA_TO_DEVICE */
3202 case DMA_NONE:
07bde79a 3203 ret = cmd->se_tfo->queue_status(cmd);
f147abb4 3204 if (ret == -EAGAIN || ret == -ENOMEM)
07bde79a 3205 goto queue_full;
c66ac9db
NB		 3206 break;
3207 default:
3208 break;
3209 }
3210
3211 transport_lun_remove_cmd(cmd);
3212 transport_cmd_check_stop_to_fabric(cmd);
07bde79a
NB		 3213 return;
3214
3215queue_full:
6708bb27 3216 pr_debug("Handling complete_ok QUEUE_FULL: se_cmd: %p,"
07bde79a 3217 " data_direction: %d\n", cmd, cmd->data_direction);
e057f533
CH		 3218 cmd->t_state = TRANSPORT_COMPLETE_QF_OK;
3219 transport_handle_queue_full(cmd, cmd->se_dev);
c66ac9db
NB		 3220}
3221
6708bb27 3222static inline void transport_free_sgl(struct scatterlist *sgl, int nents)
c66ac9db 3223{
ec98f782 3224 struct scatterlist *sg;
ec98f782 3225 int count;
c66ac9db 3226
6708bb27
AG		 3227 for_each_sg(sgl, sg, nents, count)
3228 __free_page(sg_page(sg));
c66ac9db 3229
6708bb27
AG		 3230 kfree(sgl);
3231}
c66ac9db 3232
6708bb27
AG		 3233static inline void transport_free_pages(struct se_cmd *cmd)
3234{
3235 if (cmd->se_cmd_flags & SCF_PASSTHROUGH_SG_TO_MEM_NOALLOC)
3236 return;
3237
3238 transport_free_sgl(cmd->t_data_sg, cmd->t_data_nents);
ec98f782
AG		 3239 cmd->t_data_sg = NULL;
3240 cmd->t_data_nents = 0;
c66ac9db 3241
6708bb27 3242 transport_free_sgl(cmd->t_bidi_data_sg, cmd->t_bidi_data_nents);
ec98f782
AG		 3243 cmd->t_bidi_data_sg = NULL;
3244 cmd->t_bidi_data_nents = 0;
c66ac9db
NB		 3245}
3246
e26d99ae
CH		 3247/**
3248 * transport_release_cmd - free a command
3249 * @cmd: command to free
3250 *
3251 * This routine unconditionally frees a command, and reference counting
3252 * or list removal must be done in the caller.
3253 */
3254static void transport_release_cmd(struct se_cmd *cmd)
3255{
3256 BUG_ON(!cmd->se_tfo);
3257
c8e31f26 3258 if (cmd->se_cmd_flags & SCF_SCSI_TMR_CDB)
e26d99ae
CH		 3259 core_tmr_release_req(cmd->se_tmr_req);
3260 if (cmd->t_task_cdb != cmd->__t_task_cdb)
3261 kfree(cmd->t_task_cdb);
3262 /*
7481deb4
NB		 3263 * If this cmd has been setup with target_get_sess_cmd(), drop
3264 * the kref and call ->release_cmd() in kref callback.
e26d99ae 3265 */
7481deb4
NB		 3266 if (cmd->check_release != 0) {
3267 target_put_sess_cmd(cmd->se_sess, cmd);
3268 return;
3269 }
e26d99ae
CH		 3270 cmd->se_tfo->release_cmd(cmd);
3271}
3272
d3df7825
CH		 3273/**
3274 * transport_put_cmd - release a reference to a command
3275 * @cmd: command to release
3276 *
3277 * This routine releases our reference to the command and frees it if possible.
3278 */
39c05f32 3279static void transport_put_cmd(struct se_cmd *cmd)
c66ac9db
NB		 3280{
3281 unsigned long flags;
c66ac9db 3282
a1d8b49a 3283 spin_lock_irqsave(&cmd->t_state_lock, flags);
4911e3cc
CH		 3284 if (atomic_read(&cmd->t_fe_count)) {
3285 if (!atomic_dec_and_test(&cmd->t_fe_count))
3286 goto out_busy;
3287 }
3288
7d680f3b
CH		 3289 if (cmd->transport_state & CMD_T_DEV_ACTIVE) {
3290 cmd->transport_state &= ~CMD_T_DEV_ACTIVE;
cf572a96 3291 target_remove_from_state_list(cmd);
c66ac9db 3292 }
a1d8b49a 3293 spin_unlock_irqrestore(&cmd->t_state_lock, flags);
c66ac9db 3294
c66ac9db 3295 transport_free_pages(cmd);
31afc39c 3296 transport_release_cmd(cmd);
39c05f32 3297 return;
4911e3cc
CH		 3298out_busy:
3299 spin_unlock_irqrestore(&cmd->t_state_lock, flags);
c66ac9db
NB		 3300}
3301
c66ac9db 3302/*
ec98f782
AG		 3303 * transport_generic_map_mem_to_cmd - Use fabric-alloced pages instead of
3304 * allocating in the core.
c66ac9db
NB		 3305 * @cmd: Associated se_cmd descriptor
3306 * @mem: SGL style memory for TCM WRITE / READ
3307 * @sg_mem_num: Number of SGL elements
3308 * @mem_bidi_in: SGL style memory for TCM BIDI READ
3309 * @sg_mem_bidi_num: Number of BIDI READ SGL elements
3310 *
3311 * Return: nonzero return cmd was rejected for -ENOMEM or inproper usage
3312 * of parameters.
3313 */
3314int transport_generic_map_mem_to_cmd(
3315 struct se_cmd *cmd,
5951146d
AG		 3316 struct scatterlist *sgl,
3317 u32 sgl_count,
3318 struct scatterlist *sgl_bidi,
3319 u32 sgl_bidi_count)
c66ac9db 3320{
5951146d 3321 if (!sgl || !sgl_count)
c66ac9db 3322 return 0;
c66ac9db 3323
64f1db38
CH		 3324 /*
3325 * Reject SCSI data overflow with map_mem_to_cmd() as incoming
3326 * scatterlists already have been set to follow what the fabric
3327 * passes for the original expected data transfer length.
3328 */
3329 if (cmd->se_cmd_flags & SCF_OVERFLOW_BIT) {
3330 pr_warn("Rejecting SCSI DATA overflow for fabric using"
3331 " SCF_PASSTHROUGH_SG_TO_MEM_NOALLOC\n");
3332 cmd->se_cmd_flags |= SCF_SCSI_CDB_EXCEPTION;
3333 cmd->scsi_sense_reason = TCM_INVALID_CDB_FIELD;
3334 return -EINVAL;
3335 }
c66ac9db 3336
64f1db38
CH		 3337 cmd->t_data_sg = sgl;
3338 cmd->t_data_nents = sgl_count;
c66ac9db 3339
64f1db38
CH		 3340 if (sgl_bidi && sgl_bidi_count) {
3341 cmd->t_bidi_data_sg = sgl_bidi;
3342 cmd->t_bidi_data_nents = sgl_bidi_count;
c66ac9db 3343 }
64f1db38 3344 cmd->se_cmd_flags |= SCF_PASSTHROUGH_SG_TO_MEM_NOALLOC;
c66ac9db
NB		 3345 return 0;
3346}
3347EXPORT_SYMBOL(transport_generic_map_mem_to_cmd);
3348
4949314c 3349void *transport_kmap_data_sg(struct se_cmd *cmd)
05d1c7c0 3350{
ec98f782 3351 struct scatterlist *sg = cmd->t_data_sg;
4949314c
AG		 3352 struct page **pages;
3353 int i;
05d1c7c0 3354
ec98f782 3355 BUG_ON(!sg);
05d1c7c0 3356 /*
ec98f782
AG		 3357 * We need to take into account a possible offset here for fabrics like
3358 * tcm_loop who may be using a contig buffer from the SCSI midlayer for
3359 * control CDBs passed as SGLs via transport_generic_map_mem_to_cmd()
05d1c7c0 3360 */
4949314c
AG		 3361 if (!cmd->t_data_nents)
3362 return NULL;
3363 else if (cmd->t_data_nents == 1)
3364 return kmap(sg_page(sg)) + sg->offset;
3365
3366 /* >1 page. use vmap */
3367 pages = kmalloc(sizeof(*pages) * cmd->t_data_nents, GFP_KERNEL);
3368 if (!pages)
3369 return NULL;
3370
3371 /* convert sg[] to pages[] */
3372 for_each_sg(cmd->t_data_sg, sg, cmd->t_data_nents, i) {
3373 pages[i] = sg_page(sg);
3374 }
3375
3376 cmd->t_data_vmap = vmap(pages, cmd->t_data_nents, VM_MAP, PAGE_KERNEL);
3377 kfree(pages);
3378 if (!cmd->t_data_vmap)
3379 return NULL;
3380
3381 return cmd->t_data_vmap + cmd->t_data_sg[0].offset;
05d1c7c0 3382}
4949314c 3383EXPORT_SYMBOL(transport_kmap_data_sg);
05d1c7c0 3384
4949314c 3385void transport_kunmap_data_sg(struct se_cmd *cmd)
05d1c7c0 3386{
a1edf9cf 3387 if (!cmd->t_data_nents) {
4949314c 3388 return;
a1edf9cf 3389 } else if (cmd->t_data_nents == 1) {
4949314c 3390 kunmap(sg_page(cmd->t_data_sg));
a1edf9cf
AG		 3391 return;
3392 }
4949314c
AG		 3393
3394 vunmap(cmd->t_data_vmap);
3395 cmd->t_data_vmap = NULL;
05d1c7c0 3396}
4949314c 3397EXPORT_SYMBOL(transport_kunmap_data_sg);
05d1c7c0 3398
c66ac9db 3399static int
05d1c7c0 3400transport_generic_get_mem(struct se_cmd *cmd)
c66ac9db 3401{
ec98f782
AG		 3402 u32 length = cmd->data_length;
3403 unsigned int nents;
3404 struct page *page;
9db9da33 3405 gfp_t zero_flag;
ec98f782 3406 int i = 0;
c66ac9db 3407
ec98f782
AG		 3408 nents = DIV_ROUND_UP(length, PAGE_SIZE);
3409 cmd->t_data_sg = kmalloc(sizeof(struct scatterlist) * nents, GFP_KERNEL);
3410 if (!cmd->t_data_sg)
3411 return -ENOMEM;
c66ac9db 3412
ec98f782
AG		 3413 cmd->t_data_nents = nents;
3414 sg_init_table(cmd->t_data_sg, nents);
c66ac9db 3415
64f1db38 3416 zero_flag = cmd->se_cmd_flags & SCF_SCSI_DATA_CDB ? 0 : __GFP_ZERO;
9db9da33 3417
ec98f782
AG		 3418 while (length) {
3419 u32 page_len = min_t(u32, length, PAGE_SIZE);
9db9da33 3420 page = alloc_page(GFP_KERNEL | zero_flag);
ec98f782
AG		 3421 if (!page)
3422 goto out;
c66ac9db 3423
ec98f782
AG		 3424 sg_set_page(&cmd->t_data_sg[i], page, page_len, 0);
3425 length -= page_len;
3426 i++;
c66ac9db 3427 }
c66ac9db 3428 return 0;
c66ac9db 3429
ec98f782
AG		 3430out:
3431 while (i >= 0) {
3432 __free_page(sg_page(&cmd->t_data_sg[i]));
3433 i--;
c66ac9db 3434 }
ec98f782
AG		 3435 kfree(cmd->t_data_sg);
3436 cmd->t_data_sg = NULL;
3437 return -ENOMEM;
c66ac9db
NB		 3438}
3439
da0f7619 3440/*
b16a35b0
AG		 3441 * Allocate any required resources to execute the command. For writes we
3442 * might not have the payload yet, so notify the fabric via a call to
3443 * ->write_pending instead. Otherwise place it on the execution queue.
c66ac9db 3444 */
a1d8b49a 3445int transport_generic_new_cmd(struct se_cmd *cmd)
c66ac9db 3446{
da0f7619 3447 struct se_device *dev = cmd->se_dev;
c66ac9db
NB		 3448 int ret = 0;
3449
3450 /*
3451 * Determine is the TCM fabric module has already allocated physical
3452 * memory, and is directly calling transport_generic_map_mem_to_cmd()
ec98f782 3453 * beforehand.
c66ac9db 3454 */
ec98f782
AG		 3455 if (!(cmd->se_cmd_flags & SCF_PASSTHROUGH_SG_TO_MEM_NOALLOC) &&
3456 cmd->data_length) {
05d1c7c0 3457 ret = transport_generic_get_mem(cmd);
c66ac9db 3458 if (ret < 0)
03e98c9e 3459 goto out_fail;
c66ac9db 3460 }
da0f7619 3461
4101f0a8 3462 /* Workaround for handling zero-length control CDBs */
64f1db38 3463 if (!(cmd->se_cmd_flags & SCF_SCSI_DATA_CDB) && !cmd->data_length) {
7d680f3b 3464 spin_lock_irq(&cmd->t_state_lock);
410f6702 3465 cmd->t_state = TRANSPORT_COMPLETE;
7d680f3b
CH		 3466 cmd->transport_state |= CMD_T_ACTIVE;
3467 spin_unlock_irq(&cmd->t_state_lock);
91ec1d35
NB		 3468
3469 if (cmd->t_task_cdb[0] == REQUEST_SENSE) {
3470 u8 ua_asc = 0, ua_ascq = 0;
3471
3472 core_scsi3_ua_clear_for_request_sense(cmd,
3473 &ua_asc, &ua_ascq);
3474 }
3475
410f6702
RD		 3476 INIT_WORK(&cmd->work, target_complete_ok_work);
3477 queue_work(target_completion_wq, &cmd->work);
3478 return 0;
3479 }
da0f7619 3480
64f1db38 3481 if (cmd->se_cmd_flags & SCF_SCSI_DATA_CDB) {
4101f0a8
CH		 3482 struct se_dev_attrib *attr = &dev->se_sub_dev->se_dev_attrib;
3483
3484 if (transport_cmd_get_valid_sectors(cmd) < 0)
3485 return -EINVAL;
3486
3487 BUG_ON(cmd->data_length % attr->block_size);
3488 BUG_ON(DIV_ROUND_UP(cmd->data_length, attr->block_size) >
11e764bd 3489 attr->hw_max_sectors);
da0f7619
CH		 3490 }
3491
4101f0a8 3492 atomic_inc(&cmd->t_fe_count);
4101f0a8 3493
c66ac9db 3494 /*
5787cacd
CH		 3495 * For WRITEs, let the fabric know its buffer is ready.
3496 *
3497 * The command will be added to the execution queue after its write
3498 * data has arrived.
c66ac9db
NB		 3499 */
3500 if (cmd->data_direction == DMA_TO_DEVICE) {
cf572a96 3501 target_add_to_state_list(cmd);
c66ac9db
NB		 3502 return transport_generic_write_pending(cmd);
3503 }
3504 /*
5787cacd 3505 * Everything else but a WRITE, add the command to the execution queue.
c66ac9db
NB		 3506 */
3507 transport_execute_tasks(cmd);
3508 return 0;
da0f7619
CH		 3509
3510out_fail:
3511 cmd->se_cmd_flags |= SCF_SCSI_CDB_EXCEPTION;
3512 cmd->scsi_sense_reason = TCM_LOGICAL_UNIT_COMMUNICATION_FAILURE;
3513 return -EINVAL;
c66ac9db 3514}
a1d8b49a 3515EXPORT_SYMBOL(transport_generic_new_cmd);
c66ac9db
NB		 3516
3517/* transport_generic_process_write():
3518 *
3519 *
3520 */
3521void transport_generic_process_write(struct se_cmd *cmd)
3522{
c66ac9db
NB		 3523 transport_execute_tasks(cmd);
3524}
3525EXPORT_SYMBOL(transport_generic_process_write);
3526
e057f533 3527static void transport_write_pending_qf(struct se_cmd *cmd)
07bde79a 3528{
f147abb4
NB		 3529 int ret;
3530
3531 ret = cmd->se_tfo->write_pending(cmd);
3532 if (ret == -EAGAIN || ret == -ENOMEM) {
e057f533
CH		 3533 pr_debug("Handling write_pending QUEUE__FULL: se_cmd: %p\n",
3534 cmd);
3535 transport_handle_queue_full(cmd, cmd->se_dev);
3536 }
07bde79a
NB		 3537}
3538
c66ac9db
NB		 3539static int transport_generic_write_pending(struct se_cmd *cmd)
3540{
3541 unsigned long flags;
3542 int ret;
3543
a1d8b49a 3544 spin_lock_irqsave(&cmd->t_state_lock, flags);
c66ac9db 3545 cmd->t_state = TRANSPORT_WRITE_PENDING;
a1d8b49a 3546 spin_unlock_irqrestore(&cmd->t_state_lock, flags);
07bde79a 3547
c66ac9db
NB		 3548 /*
3549 * Clear the se_cmd for WRITE_PENDING status in order to set
7d680f3b
CH		 3550 * CMD_T_ACTIVE so that transport_generic_handle_data can be called
3551 * from HW target mode interrupt code. This is safe to be called
3552 * with transport_off=1 before the cmd->se_tfo->write_pending
c66ac9db
NB		 3553 * because the se_cmd->se_lun pointer is not being cleared.
3554 */
3555 transport_cmd_check_stop(cmd, 1, 0);
3556
3557 /*
3558 * Call the fabric write_pending function here to let the
3559 * frontend know that WRITE buffers are ready.
3560 */
e3d6f909 3561 ret = cmd->se_tfo->write_pending(cmd);
f147abb4 3562 if (ret == -EAGAIN || ret == -ENOMEM)
07bde79a
NB		 3563 goto queue_full;
3564 else if (ret < 0)
c66ac9db
NB		 3565 return ret;
3566
03e98c9e 3567 return 1;
07bde79a
NB		 3568
3569queue_full:
6708bb27 3570 pr_debug("Handling write_pending QUEUE__FULL: se_cmd: %p\n", cmd);
07bde79a 3571 cmd->t_state = TRANSPORT_COMPLETE_QF_WP;
e057f533 3572 transport_handle_queue_full(cmd, cmd->se_dev);
f147abb4 3573 return 0;
c66ac9db
NB		 3574}
3575
39c05f32 3576void transport_generic_free_cmd(struct se_cmd *cmd, int wait_for_tasks)
c66ac9db 3577{
d14921d6 3578 if (!(cmd->se_cmd_flags & SCF_SE_LUN_CMD)) {
c8e31f26 3579 if (wait_for_tasks && (cmd->se_cmd_flags & SCF_SCSI_TMR_CDB))
d14921d6
NB		 3580 transport_wait_for_tasks(cmd);
3581
35462975 3582 transport_release_cmd(cmd);
d14921d6
NB		 3583 } else {
3584 if (wait_for_tasks)
3585 transport_wait_for_tasks(cmd);
3586
c66ac9db
NB		 3587 core_dec_lacl_count(cmd->se_sess->se_node_acl, cmd);
3588
82f1c8a4 3589 if (cmd->se_lun)
c66ac9db 3590 transport_lun_remove_cmd(cmd);
c66ac9db 3591
39c05f32 3592 transport_put_cmd(cmd);
c66ac9db
NB		 3593 }
3594}
3595EXPORT_SYMBOL(transport_generic_free_cmd);
3596
a17f091d
NB		 3597/* target_get_sess_cmd - Add command to active ->sess_cmd_list
3598 * @se_sess: session to reference
3599 * @se_cmd: command descriptor to add
a6360785 3600 * @ack_kref: Signal that fabric will perform an ack target_put_sess_cmd()
a17f091d 3601 */
a6360785
NB		 3602void target_get_sess_cmd(struct se_session *se_sess, struct se_cmd *se_cmd,
3603 bool ack_kref)
a17f091d
NB		 3604{
3605 unsigned long flags;
3606
7481deb4 3607 kref_init(&se_cmd->cmd_kref);
a6360785
NB		 3608 /*
3609 * Add a second kref if the fabric caller is expecting to handle
3610 * fabric acknowledgement that requires two target_put_sess_cmd()
3611 * invocations before se_cmd descriptor release.
3612 */
86715569 3613 if (ack_kref == true) {
a6360785 3614 kref_get(&se_cmd->cmd_kref);
86715569
NB		 3615 se_cmd->se_cmd_flags |= SCF_ACK_KREF;
3616 }
7481deb4 3617
a17f091d
NB		 3618 spin_lock_irqsave(&se_sess->sess_cmd_lock, flags);
3619 list_add_tail(&se_cmd->se_cmd_list, &se_sess->sess_cmd_list);
3620 se_cmd->check_release = 1;
3621 spin_unlock_irqrestore(&se_sess->sess_cmd_lock, flags);
3622}
3623EXPORT_SYMBOL(target_get_sess_cmd);
3624
7481deb4 3625static void target_release_cmd_kref(struct kref *kref)
a17f091d 3626{
7481deb4
NB		 3627 struct se_cmd *se_cmd = container_of(kref, struct se_cmd, cmd_kref);
3628 struct se_session *se_sess = se_cmd->se_sess;
a17f091d
NB		 3629 unsigned long flags;
3630
3631 spin_lock_irqsave(&se_sess->sess_cmd_lock, flags);
3632 if (list_empty(&se_cmd->se_cmd_list)) {
3633 spin_unlock_irqrestore(&se_sess->sess_cmd_lock, flags);
ffc32d52 3634 se_cmd->se_tfo->release_cmd(se_cmd);
7481deb4 3635 return;
a17f091d 3636 }
a17f091d
NB		 3637 if (se_sess->sess_tearing_down && se_cmd->cmd_wait_set) {
3638 spin_unlock_irqrestore(&se_sess->sess_cmd_lock, flags);
3639 complete(&se_cmd->cmd_wait_comp);
7481deb4 3640 return;
a17f091d
NB		 3641 }
3642 list_del(&se_cmd->se_cmd_list);
3643 spin_unlock_irqrestore(&se_sess->sess_cmd_lock, flags);
3644
7481deb4
NB		 3645 se_cmd->se_tfo->release_cmd(se_cmd);
3646}
3647
3648/* target_put_sess_cmd - Check for active I/O shutdown via kref_put
3649 * @se_sess: session to reference
3650 * @se_cmd: command descriptor to drop
3651 */
3652int target_put_sess_cmd(struct se_session *se_sess, struct se_cmd *se_cmd)
3653{
3654 return kref_put(&se_cmd->cmd_kref, target_release_cmd_kref);
a17f091d
NB		 3655}
3656EXPORT_SYMBOL(target_put_sess_cmd);
3657
3658/* target_splice_sess_cmd_list - Split active cmds into sess_wait_list
3659 * @se_sess: session to split
3660 */
3661void target_splice_sess_cmd_list(struct se_session *se_sess)
3662{
3663 struct se_cmd *se_cmd;
3664 unsigned long flags;
3665
3666 WARN_ON(!list_empty(&se_sess->sess_wait_list));
3667 INIT_LIST_HEAD(&se_sess->sess_wait_list);
3668
3669 spin_lock_irqsave(&se_sess->sess_cmd_lock, flags);
3670 se_sess->sess_tearing_down = 1;
3671
3672 list_splice_init(&se_sess->sess_cmd_list, &se_sess->sess_wait_list);
3673
3674 list_for_each_entry(se_cmd, &se_sess->sess_wait_list, se_cmd_list)
3675 se_cmd->cmd_wait_set = 1;
3676
3677 spin_unlock_irqrestore(&se_sess->sess_cmd_lock, flags);
3678}
3679EXPORT_SYMBOL(target_splice_sess_cmd_list);
3680
3681/* target_wait_for_sess_cmds - Wait for outstanding descriptors
3682 * @se_sess: session to wait for active I/O
3683 * @wait_for_tasks: Make extra transport_wait_for_tasks call
3684 */
3685void target_wait_for_sess_cmds(
3686 struct se_session *se_sess,
3687 int wait_for_tasks)
3688{
3689 struct se_cmd *se_cmd, *tmp_cmd;
3690 bool rc = false;
3691
3692 list_for_each_entry_safe(se_cmd, tmp_cmd,
3693 &se_sess->sess_wait_list, se_cmd_list) {
3694 list_del(&se_cmd->se_cmd_list);
3695
3696 pr_debug("Waiting for se_cmd: %p t_state: %d, fabric state:"
3697 " %d\n", se_cmd, se_cmd->t_state,
3698 se_cmd->se_tfo->get_cmd_state(se_cmd));
3699
3700 if (wait_for_tasks) {
3701 pr_debug("Calling transport_wait_for_tasks se_cmd: %p t_state: %d,"
3702 " fabric state: %d\n", se_cmd, se_cmd->t_state,
3703 se_cmd->se_tfo->get_cmd_state(se_cmd));
3704
3705 rc = transport_wait_for_tasks(se_cmd);
3706
3707 pr_debug("After transport_wait_for_tasks se_cmd: %p t_state: %d,"
3708 " fabric state: %d\n", se_cmd, se_cmd->t_state,
3709 se_cmd->se_tfo->get_cmd_state(se_cmd));
3710 }
3711
3712 if (!rc) {
3713 wait_for_completion(&se_cmd->cmd_wait_comp);
3714 pr_debug("After cmd_wait_comp: se_cmd: %p t_state: %d"
3715 " fabric state: %d\n", se_cmd, se_cmd->t_state,
3716 se_cmd->se_tfo->get_cmd_state(se_cmd));
3717 }
3718
3719 se_cmd->se_tfo->release_cmd(se_cmd);
3720 }
3721}
3722EXPORT_SYMBOL(target_wait_for_sess_cmds);
3723
c66ac9db
NB		 3724/* transport_lun_wait_for_tasks():
3725 *
3726 * Called from ConfigFS context to stop the passed struct se_cmd to allow
3727 * an struct se_lun to be successfully shutdown.
3728 */
3729static int transport_lun_wait_for_tasks(struct se_cmd *cmd, struct se_lun *lun)
3730{
3731 unsigned long flags;
cf572a96
CH		 3732 int ret = 0;
3733
c66ac9db
NB		 3734 /*
3735 * If the frontend has already requested this struct se_cmd to
3736 * be stopped, we can safely ignore this struct se_cmd.
3737 */
a1d8b49a 3738 spin_lock_irqsave(&cmd->t_state_lock, flags);
7d680f3b
CH		 3739 if (cmd->transport_state & CMD_T_STOP) {
3740 cmd->transport_state &= ~CMD_T_LUN_STOP;
3741
3742 pr_debug("ConfigFS ITT[0x%08x] - CMD_T_STOP, skipping\n",
3743 cmd->se_tfo->get_task_tag(cmd));
a1d8b49a 3744 spin_unlock_irqrestore(&cmd->t_state_lock, flags);
c66ac9db 3745 transport_cmd_check_stop(cmd, 1, 0);
e3d6f909 3746 return -EPERM;
c66ac9db 3747 }
7d680f3b 3748 cmd->transport_state |= CMD_T_LUN_FE_STOP;
a1d8b49a 3749 spin_unlock_irqrestore(&cmd->t_state_lock, flags);
c66ac9db 3750
5951146d 3751 wake_up_interruptible(&cmd->se_dev->dev_queue_obj.thread_wq);
c66ac9db 3752
cf572a96
CH		 3753 // XXX: audit task_flags checks.
3754 spin_lock_irqsave(&cmd->t_state_lock, flags);
3755 if ((cmd->transport_state & CMD_T_BUSY) &&
3756 (cmd->transport_state & CMD_T_SENT)) {
3757 if (!target_stop_cmd(cmd, &flags))
3758 ret++;
23019170 3759 spin_unlock_irqrestore(&cmd->t_state_lock, flags);
cf572a96
CH		 3760 } else {
3761 spin_unlock_irqrestore(&cmd->t_state_lock,
3762 flags);
3763 target_remove_from_execute_list(cmd);
3764 }
c66ac9db 3765
785fdf70
CH		 3766 pr_debug("ConfigFS: cmd: %p stop tasks ret:"
3767 " %d\n", cmd, ret);
c66ac9db 3768 if (!ret) {
6708bb27 3769 pr_debug("ConfigFS: ITT[0x%08x] - stopping cmd....\n",
e3d6f909 3770 cmd->se_tfo->get_task_tag(cmd));
a1d8b49a 3771 wait_for_completion(&cmd->transport_lun_stop_comp);
6708bb27 3772 pr_debug("ConfigFS: ITT[0x%08x] - stopped cmd....\n",
e3d6f909 3773 cmd->se_tfo->get_task_tag(cmd));
c66ac9db 3774 }
3df8d40b 3775 transport_remove_cmd_from_queue(cmd);
c66ac9db
NB		 3776
3777 return 0;
3778}
3779
c66ac9db
NB		 3780static void __transport_clear_lun_from_sessions(struct se_lun *lun)
3781{
3782 struct se_cmd *cmd = NULL;
3783 unsigned long lun_flags, cmd_flags;
3784 /*
3785 * Do exception processing and return CHECK_CONDITION status to the
3786 * Initiator Port.
3787 */
3788 spin_lock_irqsave(&lun->lun_cmd_lock, lun_flags);
5951146d
AG		 3789 while (!list_empty(&lun->lun_cmd_list)) {
3790 cmd = list_first_entry(&lun->lun_cmd_list,
3791 struct se_cmd, se_lun_node);
3d26fea0 3792 list_del_init(&cmd->se_lun_node);
5951146d 3793
c66ac9db
NB		 3794 /*
3795 * This will notify iscsi_target_transport.c:
3796 * transport_cmd_check_stop() that a LUN shutdown is in
3797 * progress for the iscsi_cmd_t.
3798 */
a1d8b49a 3799 spin_lock(&cmd->t_state_lock);
6708bb27 3800 pr_debug("SE_LUN[%d] - Setting cmd->transport"
c66ac9db 3801 "_lun_stop for ITT: 0x%08x\n",
e3d6f909
AG		 3802 cmd->se_lun->unpacked_lun,
3803 cmd->se_tfo->get_task_tag(cmd));
7d680f3b 3804 cmd->transport_state |= CMD_T_LUN_STOP;
a1d8b49a 3805 spin_unlock(&cmd->t_state_lock);
c66ac9db
NB		 3806
3807 spin_unlock_irqrestore(&lun->lun_cmd_lock, lun_flags);
3808
6708bb27
AG		 3809 if (!cmd->se_lun) {
3810 pr_err("ITT: 0x%08x, [i,t]_state: %u/%u\n",
e3d6f909
AG		 3811 cmd->se_tfo->get_task_tag(cmd),
3812 cmd->se_tfo->get_cmd_state(cmd), cmd->t_state);
c66ac9db
NB		 3813 BUG();
3814 }
3815 /*
3816 * If the Storage engine still owns the iscsi_cmd_t, determine
3817 * and/or stop its context.
3818 */
6708bb27 3819 pr_debug("SE_LUN[%d] - ITT: 0x%08x before transport"
e3d6f909
AG		 3820 "_lun_wait_for_tasks()\n", cmd->se_lun->unpacked_lun,
3821 cmd->se_tfo->get_task_tag(cmd));
c66ac9db 3822
e3d6f909 3823 if (transport_lun_wait_for_tasks(cmd, cmd->se_lun) < 0) {
c66ac9db
NB		 3824 spin_lock_irqsave(&lun->lun_cmd_lock, lun_flags);
3825 continue;
3826 }
3827
6708bb27 3828 pr_debug("SE_LUN[%d] - ITT: 0x%08x after transport_lun"
c66ac9db 3829 "_wait_for_tasks(): SUCCESS\n",
e3d6f909
AG		 3830 cmd->se_lun->unpacked_lun,
3831 cmd->se_tfo->get_task_tag(cmd));
c66ac9db 3832
a1d8b49a 3833 spin_lock_irqsave(&cmd->t_state_lock, cmd_flags);
7d680f3b 3834 if (!(cmd->transport_state & CMD_T_DEV_ACTIVE)) {
a1d8b49a 3835 spin_unlock_irqrestore(&cmd->t_state_lock, cmd_flags);
c66ac9db
NB		 3836 goto check_cond;
3837 }
7d680f3b 3838 cmd->transport_state &= ~CMD_T_DEV_ACTIVE;
cf572a96 3839 target_remove_from_state_list(cmd);
a1d8b49a 3840 spin_unlock_irqrestore(&cmd->t_state_lock, cmd_flags);
c66ac9db 3841
c66ac9db
NB		 3842 /*
3843 * The Storage engine stopped this struct se_cmd before it was
3844 * send to the fabric frontend for delivery back to the
3845 * Initiator Node. Return this SCSI CDB back with an
3846 * CHECK_CONDITION status.
3847 */
3848check_cond:
3849 transport_send_check_condition_and_sense(cmd,
3850 TCM_NON_EXISTENT_LUN, 0);
3851 /*
3852 * If the fabric frontend is waiting for this iscsi_cmd_t to
3853 * be released, notify the waiting thread now that LU has
3854 * finished accessing it.
3855 */
a1d8b49a 3856 spin_lock_irqsave(&cmd->t_state_lock, cmd_flags);
7d680f3b 3857 if (cmd->transport_state & CMD_T_LUN_FE_STOP) {
6708bb27 3858 pr_debug("SE_LUN[%d] - Detected FE stop for"
c66ac9db
NB		 3859 " struct se_cmd: %p ITT: 0x%08x\n",
3860 lun->unpacked_lun,
e3d6f909 3861 cmd, cmd->se_tfo->get_task_tag(cmd));
c66ac9db 3862
a1d8b49a 3863 spin_unlock_irqrestore(&cmd->t_state_lock,
c66ac9db
NB		 3864 cmd_flags);
3865 transport_cmd_check_stop(cmd, 1, 0);
a1d8b49a 3866 complete(&cmd->transport_lun_fe_stop_comp);
c66ac9db
NB		 3867 spin_lock_irqsave(&lun->lun_cmd_lock, lun_flags);
3868 continue;
3869 }
6708bb27 3870 pr_debug("SE_LUN[%d] - ITT: 0x%08x finished processing\n",
e3d6f909 3871 lun->unpacked_lun, cmd->se_tfo->get_task_tag(cmd));
c66ac9db 3872
a1d8b49a 3873 spin_unlock_irqrestore(&cmd->t_state_lock, cmd_flags);
c66ac9db
NB		 3874 spin_lock_irqsave(&lun->lun_cmd_lock, lun_flags);
3875 }
3876 spin_unlock_irqrestore(&lun->lun_cmd_lock, lun_flags);
3877}
3878
3879static int transport_clear_lun_thread(void *p)
3880{
8359cf43 3881 struct se_lun *lun = p;
c66ac9db
NB		 3882
3883 __transport_clear_lun_from_sessions(lun);
3884 complete(&lun->lun_shutdown_comp);
3885
3886 return 0;
3887}
3888
3889int transport_clear_lun_from_sessions(struct se_lun *lun)
3890{
3891 struct task_struct *kt;
3892
5951146d 3893 kt = kthread_run(transport_clear_lun_thread, lun,
c66ac9db
NB		 3894 "tcm_cl_%u", lun->unpacked_lun);
3895 if (IS_ERR(kt)) {
6708bb27 3896 pr_err("Unable to start clear_lun thread\n");
e3d6f909 3897 return PTR_ERR(kt);
c66ac9db
NB		 3898 }
3899 wait_for_completion(&lun->lun_shutdown_comp);
3900
3901 return 0;
3902}
3903
d14921d6
NB		 3904/**
3905 * transport_wait_for_tasks - wait for completion to occur
3906 * @cmd: command to wait
c66ac9db 3907 *
d14921d6
NB		 3908 * Called from frontend fabric context to wait for storage engine
3909 * to pause and/or release frontend generated struct se_cmd.
c66ac9db 3910 */
a17f091d 3911bool transport_wait_for_tasks(struct se_cmd *cmd)
c66ac9db
NB		 3912{
3913 unsigned long flags;
3914
a1d8b49a 3915 spin_lock_irqsave(&cmd->t_state_lock, flags);
c8e31f26
AG		 3916 if (!(cmd->se_cmd_flags & SCF_SE_LUN_CMD) &&
3917 !(cmd->se_cmd_flags & SCF_SCSI_TMR_CDB)) {
d14921d6 3918 spin_unlock_irqrestore(&cmd->t_state_lock, flags);
a17f091d 3919 return false;
d14921d6 3920 }
cb4f4d3c 3921
c8e31f26
AG		 3922 if (!(cmd->se_cmd_flags & SCF_SUPPORTED_SAM_OPCODE) &&
3923 !(cmd->se_cmd_flags & SCF_SCSI_TMR_CDB)) {
d14921d6 3924 spin_unlock_irqrestore(&cmd->t_state_lock, flags);
a17f091d 3925 return false;
d14921d6 3926 }
c66ac9db
NB		 3927 /*
3928 * If we are already stopped due to an external event (ie: LUN shutdown)
3929 * sleep until the connection can have the passed struct se_cmd back.
a1d8b49a 3930 * The cmd->transport_lun_stopped_sem will be upped by
c66ac9db
NB		 3931 * transport_clear_lun_from_sessions() once the ConfigFS context caller
3932 * has completed its operation on the struct se_cmd.
3933 */
7d680f3b 3934 if (cmd->transport_state & CMD_T_LUN_STOP) {
6708bb27 3935 pr_debug("wait_for_tasks: Stopping"
e3d6f909 3936 " wait_for_completion(&cmd->t_tasktransport_lun_fe"
c66ac9db 3937 "_stop_comp); for ITT: 0x%08x\n",
e3d6f909 3938 cmd->se_tfo->get_task_tag(cmd));
c66ac9db
NB		 3939 /*
3940 * There is a special case for WRITES where a FE exception +
3941 * LUN shutdown means ConfigFS context is still sleeping on
3942 * transport_lun_stop_comp in transport_lun_wait_for_tasks().
3943 * We go ahead and up transport_lun_stop_comp just to be sure
3944 * here.
3945 */
a1d8b49a
AG		 3946 spin_unlock_irqrestore(&cmd->t_state_lock, flags);
3947 complete(&cmd->transport_lun_stop_comp);
3948 wait_for_completion(&cmd->transport_lun_fe_stop_comp);
3949 spin_lock_irqsave(&cmd->t_state_lock, flags);
c66ac9db 3950
cf572a96 3951 target_remove_from_state_list(cmd);
c66ac9db
NB		 3952 /*
3953 * At this point, the frontend who was the originator of this
3954 * struct se_cmd, now owns the structure and can be released through
3955 * normal means below.
3956 */
6708bb27 3957 pr_debug("wait_for_tasks: Stopped"
e3d6f909 3958 " wait_for_completion(&cmd->t_tasktransport_lun_fe_"
c66ac9db 3959 "stop_comp); for ITT: 0x%08x\n",
e3d6f909 3960 cmd->se_tfo->get_task_tag(cmd));
c66ac9db 3961
7d680f3b 3962 cmd->transport_state &= ~CMD_T_LUN_STOP;
c66ac9db 3963 }
7d680f3b 3964
3d28934a 3965 if (!(cmd->transport_state & CMD_T_ACTIVE)) {
d14921d6 3966 spin_unlock_irqrestore(&cmd->t_state_lock, flags);
a17f091d 3967 return false;
d14921d6 3968 }
c66ac9db 3969
7d680f3b 3970 cmd->transport_state |= CMD_T_STOP;
c66ac9db 3971
6708bb27 3972 pr_debug("wait_for_tasks: Stopping %p ITT: 0x%08x"
7d680f3b 3973 " i_state: %d, t_state: %d, CMD_T_STOP\n",
f2da9dbd
CH		 3974 cmd, cmd->se_tfo->get_task_tag(cmd),
3975 cmd->se_tfo->get_cmd_state(cmd), cmd->t_state);
c66ac9db 3976
a1d8b49a 3977 spin_unlock_irqrestore(&cmd->t_state_lock, flags);
c66ac9db 3978
5951146d 3979 wake_up_interruptible(&cmd->se_dev->dev_queue_obj.thread_wq);
c66ac9db 3980
a1d8b49a 3981 wait_for_completion(&cmd->t_transport_stop_comp);
c66ac9db 3982
a1d8b49a 3983 spin_lock_irqsave(&cmd->t_state_lock, flags);
7d680f3b 3984 cmd->transport_state &= ~(CMD_T_ACTIVE | CMD_T_STOP);
c66ac9db 3985
6708bb27 3986 pr_debug("wait_for_tasks: Stopped wait_for_compltion("
a1d8b49a 3987 "&cmd->t_transport_stop_comp) for ITT: 0x%08x\n",
e3d6f909 3988 cmd->se_tfo->get_task_tag(cmd));
c66ac9db 3989
d14921d6 3990 spin_unlock_irqrestore(&cmd->t_state_lock, flags);
a17f091d
NB		 3991
3992 return true;
c66ac9db 3993}
d14921d6 3994EXPORT_SYMBOL(transport_wait_for_tasks);
c66ac9db
NB		 3995
3996static int transport_get_sense_codes(
3997 struct se_cmd *cmd,
3998 u8 *asc,
3999 u8 *ascq)
4000{
4001 *asc = cmd->scsi_asc;
4002 *ascq = cmd->scsi_ascq;
4003
4004 return 0;
4005}
4006
4007static int transport_set_sense_codes(
4008 struct se_cmd *cmd,
4009 u8 asc,
4010 u8 ascq)
4011{
4012 cmd->scsi_asc = asc;
4013 cmd->scsi_ascq = ascq;
4014
4015 return 0;
4016}
4017
4018int transport_send_check_condition_and_sense(
4019 struct se_cmd *cmd,
4020 u8 reason,
4021 int from_transport)
4022{
4023 unsigned char *buffer = cmd->sense_buffer;
4024 unsigned long flags;
4025 int offset;
4026 u8 asc = 0, ascq = 0;
4027
a1d8b49a 4028 spin_lock_irqsave(&cmd->t_state_lock, flags);
c66ac9db 4029 if (cmd->se_cmd_flags & SCF_SENT_CHECK_CONDITION) {
a1d8b49a 4030 spin_unlock_irqrestore(&cmd->t_state_lock, flags);
c66ac9db
NB		 4031 return 0;
4032 }
4033 cmd->se_cmd_flags |= SCF_SENT_CHECK_CONDITION;
a1d8b49a 4034 spin_unlock_irqrestore(&cmd->t_state_lock, flags);
c66ac9db
NB		 4035
4036 if (!reason && from_transport)
4037 goto after_reason;
4038
4039 if (!from_transport)
4040 cmd->se_cmd_flags |= SCF_EMULATED_TASK_SENSE;
4041 /*
4042 * Data Segment and SenseLength of the fabric response PDU.
4043 *
4044 * TRANSPORT_SENSE_BUFFER is now set to SCSI_SENSE_BUFFERSIZE
4045 * from include/scsi/scsi_cmnd.h
4046 */
e3d6f909 4047 offset = cmd->se_tfo->set_fabric_sense_len(cmd,
c66ac9db
NB		 4048 TRANSPORT_SENSE_BUFFER);
4049 /*
4050 * Actual SENSE DATA, see SPC-3 7.23.2 SPC_SENSE_KEY_OFFSET uses
4051 * SENSE KEY values from include/scsi/scsi.h
4052 */
4053 switch (reason) {
4054 case TCM_NON_EXISTENT_LUN:
eb39d340
NB		 4055 /* CURRENT ERROR */
4056 buffer[offset] = 0x70;
895f3022 4057 buffer[offset+SPC_ADD_SENSE_LEN_OFFSET] = 10;
eb39d340
NB		 4058 /* ILLEGAL REQUEST */
4059 buffer[offset+SPC_SENSE_KEY_OFFSET] = ILLEGAL_REQUEST;
4060 /* LOGICAL UNIT NOT SUPPORTED */
4061 buffer[offset+SPC_ASC_KEY_OFFSET] = 0x25;
4062 break;
c66ac9db
NB		 4063 case TCM_UNSUPPORTED_SCSI_OPCODE:
4064 case TCM_SECTOR_COUNT_TOO_MANY:
4065 /* CURRENT ERROR */
4066 buffer[offset] = 0x70;
895f3022 4067 buffer[offset+SPC_ADD_SENSE_LEN_OFFSET] = 10;
c66ac9db
NB		 4068 /* ILLEGAL REQUEST */
4069 buffer[offset+SPC_SENSE_KEY_OFFSET] = ILLEGAL_REQUEST;
4070 /* INVALID COMMAND OPERATION CODE */
4071 buffer[offset+SPC_ASC_KEY_OFFSET] = 0x20;
4072 break;
4073 case TCM_UNKNOWN_MODE_PAGE:
4074 /* CURRENT ERROR */
4075 buffer[offset] = 0x70;
895f3022 4076 buffer[offset+SPC_ADD_SENSE_LEN_OFFSET] = 10;
c66ac9db
NB		 4077 /* ILLEGAL REQUEST */
4078 buffer[offset+SPC_SENSE_KEY_OFFSET] = ILLEGAL_REQUEST;
4079 /* INVALID FIELD IN CDB */
4080 buffer[offset+SPC_ASC_KEY_OFFSET] = 0x24;
4081 break;
4082 case TCM_CHECK_CONDITION_ABORT_CMD:
4083 /* CURRENT ERROR */
4084 buffer[offset] = 0x70;
895f3022 4085 buffer[offset+SPC_ADD_SENSE_LEN_OFFSET] = 10;
c66ac9db
NB		 4086 /* ABORTED COMMAND */
4087 buffer[offset+SPC_SENSE_KEY_OFFSET] = ABORTED_COMMAND;
4088 /* BUS DEVICE RESET FUNCTION OCCURRED */
4089 buffer[offset+SPC_ASC_KEY_OFFSET] = 0x29;
4090 buffer[offset+SPC_ASCQ_KEY_OFFSET] = 0x03;
4091 break;
4092 case TCM_INCORRECT_AMOUNT_OF_DATA:
4093 /* CURRENT ERROR */
4094 buffer[offset] = 0x70;
895f3022 4095 buffer[offset+SPC_ADD_SENSE_LEN_OFFSET] = 10;
c66ac9db
NB		 4096 /* ABORTED COMMAND */
4097 buffer[offset+SPC_SENSE_KEY_OFFSET] = ABORTED_COMMAND;
4098 /* WRITE ERROR */
4099 buffer[offset+SPC_ASC_KEY_OFFSET] = 0x0c;
4100 /* NOT ENOUGH UNSOLICITED DATA */
4101 buffer[offset+SPC_ASCQ_KEY_OFFSET] = 0x0d;
4102 break;
4103 case TCM_INVALID_CDB_FIELD:
4104 /* CURRENT ERROR */
4105 buffer[offset] = 0x70;
895f3022 4106 buffer[offset+SPC_ADD_SENSE_LEN_OFFSET] = 10;
9fbc8909
RD		 4107 /* ILLEGAL REQUEST */
4108 buffer[offset+SPC_SENSE_KEY_OFFSET] = ILLEGAL_REQUEST;
c66ac9db
NB		 4109 /* INVALID FIELD IN CDB */
4110 buffer[offset+SPC_ASC_KEY_OFFSET] = 0x24;
4111 break;
4112 case TCM_INVALID_PARAMETER_LIST:
4113 /* CURRENT ERROR */
4114 buffer[offset] = 0x70;
895f3022 4115 buffer[offset+SPC_ADD_SENSE_LEN_OFFSET] = 10;
9fbc8909
RD		 4116 /* ILLEGAL REQUEST */
4117 buffer[offset+SPC_SENSE_KEY_OFFSET] = ILLEGAL_REQUEST;
c66ac9db
NB		 4118 /* INVALID FIELD IN PARAMETER LIST */
4119 buffer[offset+SPC_ASC_KEY_OFFSET] = 0x26;
4120 break;
4121 case TCM_UNEXPECTED_UNSOLICITED_DATA:
4122 /* CURRENT ERROR */
4123 buffer[offset] = 0x70;
895f3022 4124 buffer[offset+SPC_ADD_SENSE_LEN_OFFSET] = 10;
c66ac9db
NB		 4125 /* ABORTED COMMAND */
4126 buffer[offset+SPC_SENSE_KEY_OFFSET] = ABORTED_COMMAND;
4127 /* WRITE ERROR */
4128 buffer[offset+SPC_ASC_KEY_OFFSET] = 0x0c;
4129 /* UNEXPECTED_UNSOLICITED_DATA */
4130 buffer[offset+SPC_ASCQ_KEY_OFFSET] = 0x0c;
4131 break;
4132 case TCM_SERVICE_CRC_ERROR:
4133 /* CURRENT ERROR */
4134 buffer[offset] = 0x70;
895f3022 4135 buffer[offset+SPC_ADD_SENSE_LEN_OFFSET] = 10;
c66ac9db
NB		 4136 /* ABORTED COMMAND */
4137 buffer[offset+SPC_SENSE_KEY_OFFSET] = ABORTED_COMMAND;
4138 /* PROTOCOL SERVICE CRC ERROR */
4139 buffer[offset+SPC_ASC_KEY_OFFSET] = 0x47;
4140 /* N/A */
4141 buffer[offset+SPC_ASCQ_KEY_OFFSET] = 0x05;
4142 break;
4143 case TCM_SNACK_REJECTED:
4144 /* CURRENT ERROR */
4145 buffer[offset] = 0x70;
895f3022 4146 buffer[offset+SPC_ADD_SENSE_LEN_OFFSET] = 10;
c66ac9db
NB		 4147 /* ABORTED COMMAND */
4148 buffer[offset+SPC_SENSE_KEY_OFFSET] = ABORTED_COMMAND;
4149 /* READ ERROR */
4150 buffer[offset+SPC_ASC_KEY_OFFSET] = 0x11;
4151 /* FAILED RETRANSMISSION REQUEST */
4152 buffer[offset+SPC_ASCQ_KEY_OFFSET] = 0x13;
4153 break;
4154 case TCM_WRITE_PROTECTED:
4155 /* CURRENT ERROR */
4156 buffer[offset] = 0x70;
895f3022 4157 buffer[offset+SPC_ADD_SENSE_LEN_OFFSET] = 10;
c66ac9db
NB		 4158 /* DATA PROTECT */
4159 buffer[offset+SPC_SENSE_KEY_OFFSET] = DATA_PROTECT;
4160 /* WRITE PROTECTED */
4161 buffer[offset+SPC_ASC_KEY_OFFSET] = 0x27;
4162 break;
4163 case TCM_CHECK_CONDITION_UNIT_ATTENTION:
4164 /* CURRENT ERROR */
4165 buffer[offset] = 0x70;
895f3022 4166 buffer[offset+SPC_ADD_SENSE_LEN_OFFSET] = 10;
c66ac9db
NB		 4167 /* UNIT ATTENTION */
4168 buffer[offset+SPC_SENSE_KEY_OFFSET] = UNIT_ATTENTION;
4169 core_scsi3_ua_for_check_condition(cmd, &asc, &ascq);
4170 buffer[offset+SPC_ASC_KEY_OFFSET] = asc;
4171 buffer[offset+SPC_ASCQ_KEY_OFFSET] = ascq;
4172 break;
4173 case TCM_CHECK_CONDITION_NOT_READY:
4174 /* CURRENT ERROR */
4175 buffer[offset] = 0x70;
895f3022 4176 buffer[offset+SPC_ADD_SENSE_LEN_OFFSET] = 10;
c66ac9db
NB		 4177 /* Not Ready */
4178 buffer[offset+SPC_SENSE_KEY_OFFSET] = NOT_READY;
4179 transport_get_sense_codes(cmd, &asc, &ascq);
4180 buffer[offset+SPC_ASC_KEY_OFFSET] = asc;
4181 buffer[offset+SPC_ASCQ_KEY_OFFSET] = ascq;
4182 break;
4183 case TCM_LOGICAL_UNIT_COMMUNICATION_FAILURE:
4184 default:
4185 /* CURRENT ERROR */
4186 buffer[offset] = 0x70;
895f3022 4187 buffer[offset+SPC_ADD_SENSE_LEN_OFFSET] = 10;
c66ac9db
NB		 4188 /* ILLEGAL REQUEST */
4189 buffer[offset+SPC_SENSE_KEY_OFFSET] = ILLEGAL_REQUEST;
4190 /* LOGICAL UNIT COMMUNICATION FAILURE */
4191 buffer[offset+SPC_ASC_KEY_OFFSET] = 0x80;
4192 break;
4193 }
4194 /*
4195 * This code uses linux/include/scsi/scsi.h SAM status codes!
4196 */
4197 cmd->scsi_status = SAM_STAT_CHECK_CONDITION;
4198 /*
4199 * Automatically padded, this value is encoded in the fabric's
4200 * data_length response PDU containing the SCSI defined sense data.
4201 */
4202 cmd->scsi_sense_length = TRANSPORT_SENSE_BUFFER + offset;
4203
4204after_reason:
07bde79a 4205 return cmd->se_tfo->queue_status(cmd);
c66ac9db
NB		 4206}
4207EXPORT_SYMBOL(transport_send_check_condition_and_sense);
4208
4209int transport_check_aborted_status(struct se_cmd *cmd, int send_status)
4210{
4211 int ret = 0;
4212
7d680f3b 4213 if (cmd->transport_state & CMD_T_ABORTED) {
6708bb27 4214 if (!send_status ||
c66ac9db
NB		 4215 (cmd->se_cmd_flags & SCF_SENT_DELAYED_TAS))
4216 return 1;
8b1e1244 4217
6708bb27 4218 pr_debug("Sending delayed SAM_STAT_TASK_ABORTED"
c66ac9db 4219 " status for CDB: 0x%02x ITT: 0x%08x\n",
a1d8b49a 4220 cmd->t_task_cdb[0],
e3d6f909 4221 cmd->se_tfo->get_task_tag(cmd));
8b1e1244 4222
c66ac9db 4223 cmd->se_cmd_flags |= SCF_SENT_DELAYED_TAS;
e3d6f909 4224 cmd->se_tfo->queue_status(cmd);
c66ac9db
NB		 4225 ret = 1;
4226 }
4227 return ret;
4228}
4229EXPORT_SYMBOL(transport_check_aborted_status);
4230
4231void transport_send_task_abort(struct se_cmd *cmd)
4232{
c252f003
NB		 4233 unsigned long flags;
4234
4235 spin_lock_irqsave(&cmd->t_state_lock, flags);
4236 if (cmd->se_cmd_flags & SCF_SENT_CHECK_CONDITION) {
4237 spin_unlock_irqrestore(&cmd->t_state_lock, flags);
4238 return;
4239 }
4240 spin_unlock_irqrestore(&cmd->t_state_lock, flags);
4241
c66ac9db
NB		 4242 /*
4243 * If there are still expected incoming fabric WRITEs, we wait
4244 * until until they have completed before sending a TASK_ABORTED
4245 * response. This response with TASK_ABORTED status will be
4246 * queued back to fabric module by transport_check_aborted_status().
4247 */
4248 if (cmd->data_direction == DMA_TO_DEVICE) {
e3d6f909 4249 if (cmd->se_tfo->write_pending_status(cmd) != 0) {
7d680f3b 4250 cmd->transport_state |= CMD_T_ABORTED;
c66ac9db 4251 smp_mb__after_atomic_inc();
c66ac9db
NB		 4252 }
4253 }
4254 cmd->scsi_status = SAM_STAT_TASK_ABORTED;
8b1e1244 4255
6708bb27 4256 pr_debug("Setting SAM_STAT_TASK_ABORTED status for CDB: 0x%02x,"
a1d8b49a 4257 " ITT: 0x%08x\n", cmd->t_task_cdb[0],
e3d6f909 4258 cmd->se_tfo->get_task_tag(cmd));
8b1e1244 4259
e3d6f909 4260 cmd->se_tfo->queue_status(cmd);
c66ac9db
NB		 4261}
4262
e26d99ae 4263static int transport_generic_do_tmr(struct se_cmd *cmd)
c66ac9db 4264{
5951146d 4265 struct se_device *dev = cmd->se_dev;
c66ac9db
NB		 4266 struct se_tmr_req *tmr = cmd->se_tmr_req;
4267 int ret;
4268
4269 switch (tmr->function) {
5c6cd613 4270 case TMR_ABORT_TASK:
3d28934a 4271 core_tmr_abort_task(dev, tmr, cmd->se_sess);
c66ac9db 4272 break;
5c6cd613
NB		 4273 case TMR_ABORT_TASK_SET:
4274 case TMR_CLEAR_ACA:
4275 case TMR_CLEAR_TASK_SET:
c66ac9db
NB		 4276 tmr->response = TMR_TASK_MGMT_FUNCTION_NOT_SUPPORTED;
4277 break;
5c6cd613 4278 case TMR_LUN_RESET:
c66ac9db
NB		 4279 ret = core_tmr_lun_reset(dev, tmr, NULL, NULL);
4280 tmr->response = (!ret) ? TMR_FUNCTION_COMPLETE :
4281 TMR_FUNCTION_REJECTED;
4282 break;
5c6cd613 4283 case TMR_TARGET_WARM_RESET:
c66ac9db
NB		 4284 tmr->response = TMR_FUNCTION_REJECTED;
4285 break;
5c6cd613 4286 case TMR_TARGET_COLD_RESET:
c66ac9db
NB		 4287 tmr->response = TMR_FUNCTION_REJECTED;
4288 break;
c66ac9db 4289 default:
6708bb27 4290 pr_err("Uknown TMR function: 0x%02x.\n",
c66ac9db
NB		 4291 tmr->function);
4292 tmr->response = TMR_FUNCTION_REJECTED;
4293 break;
4294 }
4295
4296 cmd->t_state = TRANSPORT_ISTATE_PROCESSING;
e3d6f909 4297 cmd->se_tfo->queue_tm_rsp(cmd);
c66ac9db 4298
b7b8bef7 4299 transport_cmd_check_stop_to_fabric(cmd);
c66ac9db
NB		 4300 return 0;
4301}
4302
c66ac9db
NB		 4303/* transport_processing_thread():
4304 *
4305 *
4306 */
4307static int transport_processing_thread(void *param)
4308{
5951146d 4309 int ret;
c66ac9db 4310 struct se_cmd *cmd;
8359cf43 4311 struct se_device *dev = param;
c66ac9db 4312
c66ac9db 4313 while (!kthread_should_stop()) {
e3d6f909
AG		 4314 ret = wait_event_interruptible(dev->dev_queue_obj.thread_wq,
4315 atomic_read(&dev->dev_queue_obj.queue_cnt) ||
c66ac9db
NB		 4316 kthread_should_stop());
4317 if (ret < 0)
4318 goto out;
4319
c66ac9db 4320get_cmd:
5951146d
AG		 4321 cmd = transport_get_cmd_from_queue(&dev->dev_queue_obj);
4322 if (!cmd)
c66ac9db
NB		 4323 continue;
4324
5951146d 4325 switch (cmd->t_state) {
680b73c5
CH		 4326 case TRANSPORT_NEW_CMD:
4327 BUG();
4328 break;
c66ac9db 4329 case TRANSPORT_NEW_CMD_MAP:
6708bb27
AG		 4330 if (!cmd->se_tfo->new_cmd_map) {
4331 pr_err("cmd->se_tfo->new_cmd_map is"
c66ac9db
NB		 4332 " NULL for TRANSPORT_NEW_CMD_MAP\n");
4333 BUG();
4334 }
e3d6f909 4335 ret = cmd->se_tfo->new_cmd_map(cmd);
c66ac9db 4336 if (ret < 0) {
03e98c9e 4337 transport_generic_request_failure(cmd);
c66ac9db
NB		 4338 break;
4339 }
c66ac9db 4340 ret = transport_generic_new_cmd(cmd);
f147abb4 4341 if (ret < 0) {
03e98c9e
NB		 4342 transport_generic_request_failure(cmd);
4343 break;
c66ac9db
NB		 4344 }
4345 break;
4346 case TRANSPORT_PROCESS_WRITE:
4347 transport_generic_process_write(cmd);
4348 break;
c66ac9db
NB		 4349 case TRANSPORT_PROCESS_TMR:
4350 transport_generic_do_tmr(cmd);
4351 break;
07bde79a 4352 case TRANSPORT_COMPLETE_QF_WP:
e057f533
CH		 4353 transport_write_pending_qf(cmd);
4354 break;
4355 case TRANSPORT_COMPLETE_QF_OK:
4356 transport_complete_qf(cmd);
07bde79a 4357 break;
c66ac9db 4358 default:
f2da9dbd
CH		 4359 pr_err("Unknown t_state: %d for ITT: 0x%08x "
4360 "i_state: %d on SE LUN: %u\n",
4361 cmd->t_state,
e3d6f909
AG		 4362 cmd->se_tfo->get_task_tag(cmd),
4363 cmd->se_tfo->get_cmd_state(cmd),
4364 cmd->se_lun->unpacked_lun);
c66ac9db
NB		 4365 BUG();
4366 }
4367
4368 goto get_cmd;
4369 }
4370
4371out:
cf572a96 4372 WARN_ON(!list_empty(&dev->state_list));
ce8762f6 4373 WARN_ON(!list_empty(&dev->dev_queue_obj.qobj_list));
c66ac9db
NB		 4374 dev->process_thread = NULL;
4375 return 0;
4376}
kernel source for telekom puls (alcatel/mediatek)