1 /*- 2 * Copyright (c) 2005-2008 Daniel Braniss <danny@cs.huji.ac.il> 3 * All rights reserved. 4 * 5 * Redistribution and use in source and binary forms, with or without 6 * modification, are permitted provided that the following conditions 7 * are met: 8 * 1. Redistributions of source code must retain the above copyright 9 * notice, this list of conditions and the following disclaimer. 10 * 2. Redistributions in binary form must reproduce the above copyright 11 * notice, this list of conditions and the following disclaimer in the 12 * documentation and/or other materials provided with the distribution. 13 * 14 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND 15 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 16 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 17 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 18 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 19 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 20 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 21 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 22 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 23 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 24 * SUCH DAMAGE. 25 * 26 * $FreeBSD: src/sys/dev/iscsi/initiator/iscsi_subr.c,v 1.2 2008/11/25 07:17:11 scottl Exp $ 27 */ 28 /* 29 | $Id: iscsi_subr.c,v 1.17 2006/11/26 14:50:43 danny Exp danny $ 30 */ 31 32 #include "opt_iscsi_initiator.h" 33 34 #include <sys/param.h> 35 #include <sys/kernel.h> 36 #include <sys/callout.h> 37 #include <sys/malloc.h> 38 #include <sys/mbuf.h> 39 #include <sys/kthread.h> 40 #include <sys/lock.h> 41 #include <sys/uio.h> 42 #include <sys/sysctl.h> 43 #include <sys/systm.h> 44 #include <sys/globaldata.h> 45 46 #include <bus/cam/cam.h> 47 #include <bus/cam/cam_ccb.h> 48 #include <bus/cam/cam_sim.h> 49 #include <bus/cam/cam_xpt_sim.h> 50 #include <bus/cam/cam_periph.h> 51 #include <bus/cam/scsi/scsi_message.h> 52 #include <sys/eventhandler.h> 53 54 #include <dev/disk/iscsi/initiator/iscsi.h> 55 #include <dev/disk/iscsi/initiator/iscsivar.h> 56 57 /* 58 | Interface to the SCSI layer 59 */ 60 void 61 iscsi_r2t(isc_session_t *sp, pduq_t *opq, pduq_t *pq) 62 { 63 union ccb *ccb = opq->ccb; 64 struct ccb_scsiio *csio = &ccb->csio; 65 pdu_t *opp = &opq->pdu; 66 bhs_t *bhp = &opp->ipdu.bhs; 67 r2t_t *r2t = &pq->pdu.ipdu.r2t; 68 pduq_t *wpq; 69 int error; 70 71 debug_called(8); 72 sdebug(4, "itt=%x r2tSN=%d bo=%x ddtl=%x W=%d", ntohl(r2t->itt), 73 ntohl(r2t->r2tSN), ntohl(r2t->bo), ntohl(r2t->ddtl), opp->ipdu.scsi_req.W); 74 75 switch(bhp->opcode) { 76 case ISCSI_SCSI_CMD: 77 if(opp->ipdu.scsi_req.W) { 78 data_out_t *cmd; 79 u_int ddtl = ntohl(r2t->ddtl); 80 u_int edtl = ntohl(opp->ipdu.scsi_req.edtlen); 81 u_int bleft, bs, dsn, bo; 82 caddr_t bp = csio->data_ptr; 83 84 bo = ntohl(r2t->bo); 85 bleft = ddtl; 86 87 if(sp->opt.maxXmitDataSegmentLength > 0) // danny's RFC 88 bs = MIN(sp->opt.maxXmitDataSegmentLength, ddtl); 89 else 90 bs = ddtl; 91 dsn = 0; 92 sdebug(4, "edtl=%x ddtl=%x bo=%x dsn=%x bs=%x maxX=%x", 93 edtl, ddtl, bo, dsn, bs, sp->opt.maxXmitDataSegmentLength); 94 while(bleft > 0) { 95 wpq = pdu_alloc(sp->isc, M_NOWAIT); // testing ... 96 if(wpq == NULL) { 97 sdebug(3, "itt=%x r2tSN=%d bo=%x ddtl=%x W=%d", ntohl(r2t->itt), 98 ntohl(r2t->r2tSN), ntohl(r2t->bo), ntohl(r2t->ddtl), opp->ipdu.scsi_req.W); 99 sdebug(1, "npdu_max=%d npdu_alloc=%d", sp->isc->npdu_max, sp->isc->npdu_alloc); 100 101 while((wpq = pdu_alloc(sp->isc, M_NOWAIT)) == NULL) { 102 sdebug(2, "waiting..."); 103 tsleep(sp->isc, 0, "isc_r2t", 5*hz); 104 } 105 } 106 cmd = &wpq->pdu.ipdu.data_out; 107 cmd->opcode = ISCSI_WRITE_DATA; 108 cmd->lun[0] = r2t->lun[0]; 109 cmd->lun[1] = r2t->lun[1]; 110 cmd->ttt = r2t->ttt; 111 cmd->itt = r2t->itt; 112 113 cmd->dsn = htonl(dsn); 114 cmd->bo = htonl(bo); 115 116 cmd->F = (bs < bleft)? 0: 1; // is this the last one? 117 bs = MIN(bs, bleft); 118 119 wpq->pdu.ds_len = bs; 120 wpq->pdu.ds = bp; 121 122 error = isc_qout(sp, wpq); 123 sdebug(6, "bs=%x bo=%x bp=%p dsn=%x error=%d", bs, bo, bp, dsn, error); 124 if(error) 125 break; 126 bo += bs; 127 bp += bs; 128 bleft -= bs; 129 dsn++; 130 } 131 } 132 break; 133 134 default: 135 // XXX: should not happen ... 136 xdebug("huh? opcode=0x%x", bhp->opcode); 137 } 138 } 139 140 static int 141 getSenseData(u_int status, union ccb *ccb, pduq_t *pq) 142 { 143 pdu_t *pp = &pq->pdu; 144 struct ccb_scsiio *scsi = (struct ccb_scsiio *)ccb; 145 struct scsi_sense_data *sense = &scsi->sense_data; 146 struct mbuf *m = pq->mp; 147 scsi_rsp_t *cmd = &pp->ipdu.scsi_rsp; 148 caddr_t bp; 149 int sense_len, mustfree = 0; 150 151 bp = mtod(pq->mp, caddr_t); 152 if((sense_len = scsi_2btoul(bp)) == 0) 153 return 0; 154 debug(4, "sense_len=%d", sense_len); 155 /* 156 | according to the specs, the sense data cannot 157 | be larger than 252 ... 158 */ 159 if(sense_len > m->m_len) { 160 bp = kmalloc(sense_len, M_ISCSI, M_WAITOK); 161 debug(3, "calling i_mbufcopy(len=%d)", sense_len); 162 i_mbufcopy(pq->mp, bp, sense_len); 163 mustfree++; 164 } 165 scsi->scsi_status = status; 166 167 bcopy(bp+2, sense, min(sense_len, scsi->sense_len)); 168 scsi->sense_resid = 0; 169 if(cmd->flag & (BIT(1)|BIT(2))) 170 scsi->sense_resid = ntohl(pp->ipdu.scsi_rsp.rcnt); 171 debug(3, "sense_len=%d rcnt=%d sense_resid=%d dsl=%d error_code=%x flags=%x", 172 sense_len, 173 ntohl(pp->ipdu.scsi_rsp.rcnt), scsi->sense_resid, 174 pp->ds_len, sense->error_code, sense->flags); 175 176 if(mustfree) 177 kfree(bp, M_ISCSI); 178 179 return 1; 180 } 181 182 /* 183 | Some information is from SAM draft. 184 */ 185 static void 186 _scsi_done(struct isc_softc *isp, u_int response, u_int status, union ccb *ccb, pduq_t *pq) 187 { 188 struct ccb_hdr *ccb_h = &ccb->ccb_h; 189 190 debug_called(8); 191 192 if(status || response) { 193 debug(3, "response=%x status=%x ccb=%p pq=%p", response, status, ccb, pq); 194 if(pq != NULL) 195 debug(3, "mp=%p buf=%p len=%d", pq->mp, pq->buf, pq->len); 196 } 197 ccb_h->status = 0; 198 switch(response) { 199 case 0: // Command Completed at Target 200 switch(status) { 201 case 0: // Good, all is ok 202 ccb_h->status = CAM_REQ_CMP; 203 break; 204 205 case 0x02: // Check Condition 206 if((pq != NULL) && (pq->mp != NULL) && getSenseData(status, ccb, pq)) 207 ccb_h->status |= CAM_AUTOSNS_VALID; 208 209 case 0x14: // Intermediate-Condition Met 210 case 0x10: // Intermediate 211 case 0x04: // Condition Met 212 ccb_h->status |= CAM_SCSI_STATUS_ERROR; 213 break; 214 215 case 0x08: 216 ccb_h->status = CAM_BUSY; 217 break; 218 219 case 0x18: // Reservation Conflict 220 case 0x28: // Task Set Full 221 ccb_h->status = CAM_REQUEUE_REQ; 222 break; 223 default: 224 //case 0x22: // Command Terminated 225 //case 0x30: // ACA Active 226 //case 0x40: // Task Aborted 227 ccb_h->status = CAM_REQ_CMP_ERR; //CAM_REQ_ABORTED; 228 } 229 break; 230 231 default: 232 if((response >= 0x80) && (response <= 0xFF)) { 233 // Vendor specific ... 234 } 235 case 1: // target failure 236 ccb_h->status = CAM_REQ_CMP_ERR; //CAM_REQ_ABORTED; 237 break; 238 } 239 debug(5, "ccb_h->status=%x", ccb_h->status); 240 241 XPT_DONE(isp, ccb); 242 } 243 244 /* 245 | returns the lowest cmdseq that was not acked 246 */ 247 int 248 iscsi_requeue(isc_session_t *sp) 249 { 250 pduq_t *pq; 251 u_int i, n, last; 252 253 debug_called(8); 254 last = -1; 255 i = 0; 256 sp->flags |= ISC_HOLD; 257 while((pq = i_dqueue_hld(sp)) != NULL) { 258 i++; 259 _scsi_done(sp->isc, 0, 0x28, pq->ccb, NULL); 260 n = ntohl(pq->pdu.ipdu.bhs.CmdSN); 261 if(last > n) 262 last = n; 263 sdebug(2, "last=%x n=%x", last, n); 264 pdu_free(sp->isc, pq); 265 } 266 sp->flags &= ~ISC_HOLD; 267 return i? last: sp->sn.cmd; 268 } 269 270 int 271 i_pdu_flush(isc_session_t *sp) 272 { 273 int n = 0; 274 pduq_t *pq; 275 276 debug_called(8); 277 while((pq = i_dqueue_rsp(sp)) != NULL) { 278 pdu_free(sp->isc, pq); 279 n++; 280 } 281 while((pq = i_dqueue_rsv(sp)) != NULL) { 282 pdu_free(sp->isc, pq); 283 n++; 284 } 285 while((pq = i_dqueue_snd(sp, -1)) != NULL) { 286 pdu_free(sp->isc, pq); 287 n++; 288 } 289 while((pq = i_dqueue_hld(sp)) != NULL) { 290 pdu_free(sp->isc, pq); 291 n++; 292 } 293 while((pq = i_dqueue_wsnd(sp)) != NULL) { 294 pdu_free(sp->isc, pq); 295 n++; 296 } 297 if(n != 0) 298 xdebug("%d pdus recovered, should have been ZERO!", n); 299 return n; 300 } 301 /* 302 | called from ism_destroy. 303 */ 304 void 305 iscsi_cleanup(isc_session_t *sp) 306 { 307 pduq_t *pq, *pqtmp; 308 309 debug_called(8); 310 311 TAILQ_FOREACH_MUTABLE(pq, &sp->hld, pq_link, pqtmp) { 312 sdebug(3, "hld pq=%p", pq); 313 if(pq->ccb) 314 _scsi_done(sp->isc, 1, 0x40, pq->ccb, NULL); 315 TAILQ_REMOVE(&sp->hld, pq, pq_link); 316 pdu_free(sp->isc, pq); 317 } 318 while((pq = i_dqueue_snd(sp, BIT(0)|BIT(1)|BIT(2))) != NULL) { 319 sdebug(3, "pq=%p", pq); 320 if(pq->ccb) 321 _scsi_done(sp->isc, 1, 0x40, pq->ccb, NULL); 322 pdu_free(sp->isc, pq); 323 } 324 325 wakeup(&sp->rsp); 326 } 327 328 void 329 iscsi_done(isc_session_t *sp, pduq_t *opq, pduq_t *pq) 330 { 331 pdu_t *pp = &pq->pdu; 332 scsi_rsp_t *cmd = &pp->ipdu.scsi_rsp; 333 334 debug_called(8); 335 336 _scsi_done(sp->isc, cmd->response, cmd->status, opq->ccb, pq); 337 338 pdu_free(sp->isc, opq); 339 } 340 341 // see RFC 3720, 10.9.1 page 146 342 /* 343 | NOTE: 344 | the call to isc_stop_receiver is a kludge, 345 | instead, it should be handled by the userland controller, 346 | but that means that there should be a better way, other than 347 | sending a signal. Somehow, this packet should be supplied to 348 | the userland via read. 349 */ 350 void 351 iscsi_async(isc_session_t *sp, pduq_t *pq) 352 { 353 pdu_t *pp = &pq->pdu; 354 async_t *cmd = &pp->ipdu.async; 355 356 debug_called(8); 357 358 sdebug(3, "asyncevent=0x%x asyncVCode=0x%0x", cmd->asyncEvent, cmd->asyncVCode); 359 switch(cmd->asyncEvent) { 360 case 0: // check status ... 361 break; 362 363 case 1: // target request logout 364 isc_stop_receiver(sp); // XXX: temporary solution 365 break; 366 367 case 2: // target indicates it wants to drop connection 368 isc_stop_receiver(sp); // XXX: temporary solution 369 break; 370 371 case 3: // target indicates it will drop all connections. 372 isc_stop_receiver(sp); // XXX: temporary solution 373 break; 374 375 case 4: // target request parameter negotiation 376 break; 377 378 default: 379 break; 380 } 381 } 382 383 void 384 iscsi_reject(isc_session_t *sp, pduq_t *opq, pduq_t *pq) 385 { 386 union ccb *ccb = opq->ccb; 387 //reject_t *reject = &pq->pdu.ipdu.reject; 388 389 debug_called(8); 390 //XXX: check RFC 10.17.1 (page 176) 391 ccb->ccb_h.status = CAM_REQ_ABORTED; 392 XPT_DONE(sp->isc, ccb); 393 394 pdu_free(sp->isc, opq); 395 } 396 397 /* 398 | deal with lun 399 */ 400 static int 401 dwl(isc_session_t *sp, int lun, u_char *lp) 402 { 403 int i; 404 405 debug_called(8); 406 407 /* 408 | mapping LUN to iSCSI LUN 409 | check the SAM-2 specs 410 | hint: maxLUNS is a small number, cam's LUN is 32bits 411 | iSCSI is 64bits, scsi is ? 412 */ 413 // XXX: check if this will pass the endian test 414 if(lun < 256) { 415 lp[0] = 0; 416 lp[1] = lun; 417 } else 418 if(lun < 16384) { 419 lp[0] = (1 << 5) | ((lun >> 8) & 0x3f); 420 lp[1] = lun & 0xff; 421 } 422 else { 423 xdebug("lun %d: is unsupported!", lun); 424 return -1; 425 } 426 427 for(i = 0; i < sp->target_nluns; i++) 428 if(sp->target_lun[i] == lun) 429 return 0; 430 if(sp->target_nluns < ISCSI_MAX_LUNS) 431 sp->target_lun[sp->target_nluns++] = lun; 432 433 sdebug(3, "nluns=%d lun=%d", sp->target_nluns, lun); 434 435 return 0; 436 } 437 438 /* 439 | encapsulate the scsi command and 440 */ 441 int 442 scsi_encap(struct cam_sim *sim, union ccb *ccb) 443 { 444 struct isc_softc *isp = (struct isc_softc *)cam_sim_softc(sim); 445 isc_session_t *sp; 446 struct ccb_scsiio *csio = &ccb->csio; 447 struct ccb_hdr *ccb_h = &ccb->ccb_h; 448 pduq_t *pq; 449 scsi_req_t *cmd; 450 451 debug_called(8); 452 453 debug(4, "ccb->sp=%p", ccb_h->spriv_ptr0); 454 sp = ccb_h->spriv_ptr0; 455 456 if((pq = pdu_alloc(isp, M_NOWAIT)) == NULL) { 457 debug(2, "ccb->sp=%p", ccb_h->spriv_ptr0); 458 sdebug(1, "pdu_alloc failed sc->npdu_max=%d npdu_alloc=%d", 459 sp->isc->npdu_max, sp->isc->npdu_alloc); 460 while((pq = pdu_alloc(sp->isc, M_NOWAIT)) == NULL) { 461 sdebug(3, "waiting..."); 462 tsleep(sp->isc, 0, "isc_encap", 5*hz); 463 } 464 #if 0 465 sdebug(3, "freezing"); 466 ccb->ccb_h.status = CAM_REQUEUE_REQ; 467 ic_freeze(sp); 468 return 0; 469 #endif 470 } 471 472 #if 0 473 if((sp->flags & ISC_FFPHASE) == 0) { 474 ccb->ccb_h.status = CAM_DEV_NOT_THERE; // CAM_NO_NEXUS; 475 sdebug(3, "no active session with target %d", ccb_h->target_id); 476 goto bad; 477 } 478 #endif 479 cmd = &pq->pdu.ipdu.scsi_req; 480 cmd->opcode = ISCSI_SCSI_CMD; 481 cmd->F = 1; 482 /* 483 | map tag option, default is UNTAGGED 484 */ 485 switch(csio->tag_action) { 486 case MSG_SIMPLE_Q_TAG: cmd->attr = iSCSI_TASK_SIMPLE; break; 487 case MSG_HEAD_OF_Q_TAG: cmd->attr = iSCSI_TASK_ORDER; break; 488 case MSG_ORDERED_Q_TAG: cmd->attr = iSCSI_TASK_HOFQ; break; 489 case MSG_ACA_TASK: cmd->attr = iSCSI_TASK_ACA; break; 490 } 491 492 dwl(sp, ccb_h->target_lun, (u_char *)&cmd->lun); 493 494 if((ccb_h->flags & CAM_CDB_POINTER) != 0) { 495 if((ccb_h->flags & CAM_CDB_PHYS) == 0) { 496 if(csio->cdb_len > 16) { 497 sdebug(3, "oversize cdb %d > 16", csio->cdb_len); 498 goto invalid; 499 } 500 } 501 else { 502 sdebug(3, "not phys"); 503 goto invalid; 504 } 505 } 506 507 if(csio->cdb_len > sizeof(cmd->cdb)) 508 xdebug("guevalt! %d > %ld", csio->cdb_len, (long)sizeof(cmd->cdb)); 509 510 memcpy(cmd->cdb, 511 ccb_h->flags & CAM_CDB_POINTER? csio->cdb_io.cdb_ptr: csio->cdb_io.cdb_bytes, 512 csio->cdb_len); 513 514 cmd->W = (ccb->ccb_h.flags & CAM_DIR_MASK) == CAM_DIR_OUT; 515 cmd->R = (ccb->ccb_h.flags & CAM_DIR_MASK) == CAM_DIR_IN; 516 cmd->edtlen = htonl(csio->dxfer_len); 517 518 pq->ccb = ccb; 519 /* 520 | place it in the out queue 521 */ 522 if(isc_qout(sp, pq) == 0) 523 return 1; 524 invalid: 525 ccb->ccb_h.status = CAM_REQ_INVALID; 526 pdu_free(isp, pq); 527 return 0; 528 } 529 530 int 531 scsi_decap(isc_session_t *sp, pduq_t *opq, pduq_t *pq) 532 { 533 union ccb *ccb = opq->ccb; 534 struct ccb_scsiio *csio = &ccb->csio; 535 pdu_t *opp = &opq->pdu; 536 bhs_t *bhp = &opp->ipdu.bhs; 537 538 debug_called(8); 539 sdebug(6, "pq=%p opq=%p bhp->opcode=0x%x len=%d", 540 pq, opq, bhp->opcode, pq->pdu.ds_len); 541 if(ccb == NULL) { 542 sdebug(1, "itt=0x%x pq=%p opq=%p bhp->opcode=0x%x len=%d", 543 ntohl(pq->pdu.ipdu.bhs.itt), 544 pq, opq, bhp->opcode, pq->pdu.ds_len); 545 xdebug("%d] ccb == NULL!", sp->sid); 546 return 0; 547 } 548 if(pq->pdu.ds_len != 0) { 549 switch(bhp->opcode) { 550 case ISCSI_SCSI_CMD: { 551 scsi_req_t *cmd = &opp->ipdu.scsi_req; 552 sdebug(5, "itt=0x%x opcode=%x R=%d", 553 ntohl(pq->pdu.ipdu.bhs.itt), 554 pq->pdu.ipdu.bhs.opcode, cmd->R); 555 556 switch(pq->pdu.ipdu.bhs.opcode) { 557 case ISCSI_READ_DATA: // SCSI Data in 558 { 559 caddr_t bp = NULL; // = mtod(pq->mp, caddr_t); 560 data_in_t *rcmd = &pq->pdu.ipdu.data_in; 561 562 if(cmd->R) { 563 sdebug(5, "copy to=%p from=%p l1=%d l2=%d mp@%p", 564 csio->data_ptr, bp? mtod(pq->mp, caddr_t): 0, 565 ntohl(cmd->edtlen), pq->pdu.ds_len, pq->mp); 566 if(ntohl(cmd->edtlen) >= pq->pdu.ds_len) { 567 int offset, len = pq->pdu.ds_len; 568 569 if(pq->mp != NULL) { 570 caddr_t dp; 571 572 offset = ntohl(rcmd->bo); 573 dp = csio->data_ptr + offset; 574 i_mbufcopy(pq->mp, dp, len); 575 } 576 } 577 else { 578 xdebug("edtlen=%d < ds_len=%d", 579 ntohl(cmd->edtlen), pq->pdu.ds_len); 580 } 581 } 582 if(rcmd->S) { 583 /* 584 | contains also the SCSI Status 585 */ 586 _scsi_done(sp->isc, 0, rcmd->status, opq->ccb, NULL); 587 return 0; 588 } else 589 return 1; 590 } 591 break; 592 } 593 } 594 default: 595 sdebug(3, "opcode=%02x", bhp->opcode); 596 break; 597 } 598 } 599 /* 600 | XXX: error ... 601 */ 602 return 1; 603 } 604