1 /*- 2 * Copyright (c) 2005-2008 Daniel Braniss <danny@cs.huji.ac.il> 3 * All rights reserved. 4 * 5 * Redistribution and use in source and binary forms, with or without 6 * modification, are permitted provided that the following conditions 7 * are met: 8 * 1. Redistributions of source code must retain the above copyright 9 * notice, this list of conditions and the following disclaimer. 10 * 2. Redistributions in binary form must reproduce the above copyright 11 * notice, this list of conditions and the following disclaimer in the 12 * documentation and/or other materials provided with the distribution. 13 * 14 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND 15 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 16 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 17 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 18 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 19 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 20 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 21 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 22 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 23 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 24 * SUCH DAMAGE. 25 * 26 * $FreeBSD: src/sys/dev/iscsi/initiator/iscsi_subr.c,v 1.2 2008/11/25 07:17:11 scottl Exp $ 27 */ 28 /* 29 | $Id: iscsi_subr.c,v 1.17 2006/11/26 14:50:43 danny Exp danny $ 30 */ 31 32 #include "opt_iscsi_initiator.h" 33 34 #include <sys/param.h> 35 #include <sys/kernel.h> 36 #include <sys/callout.h> 37 #include <sys/malloc.h> 38 #include <sys/mbuf.h> 39 #include <sys/kthread.h> 40 #include <sys/lock.h> 41 #include <sys/uio.h> 42 #include <sys/sysctl.h> 43 #include <sys/systm.h> 44 #include <sys/globaldata.h> 45 #include <sys/mutex.h> 46 47 #include <bus/cam/cam.h> 48 #include <bus/cam/cam_ccb.h> 49 #include <bus/cam/cam_sim.h> 50 #include <bus/cam/cam_xpt_sim.h> 51 #include <bus/cam/cam_periph.h> 52 #include <bus/cam/scsi/scsi_message.h> 53 #include <sys/eventhandler.h> 54 55 #include <sys/mutex2.h> 56 57 #include <dev/disk/iscsi/initiator/iscsi.h> 58 #include <dev/disk/iscsi/initiator/iscsivar.h> 59 60 /* 61 | Interface to the SCSI layer 62 */ 63 void 64 iscsi_r2t(isc_session_t *sp, pduq_t *opq, pduq_t *pq) 65 { 66 union ccb *ccb = opq->ccb; 67 struct ccb_scsiio *csio = &ccb->csio; 68 pdu_t *opp = &opq->pdu; 69 bhs_t *bhp = &opp->ipdu.bhs; 70 r2t_t *r2t = &pq->pdu.ipdu.r2t; 71 pduq_t *wpq; 72 int error; 73 74 debug_called(8); 75 sdebug(4, "itt=%x r2tSN=%d bo=%x ddtl=%x W=%d", ntohl(r2t->itt), 76 ntohl(r2t->r2tSN), ntohl(r2t->bo), ntohl(r2t->ddtl), opp->ipdu.scsi_req.W); 77 78 switch(bhp->opcode) { 79 case ISCSI_SCSI_CMD: 80 if(opp->ipdu.scsi_req.W) { 81 data_out_t *cmd; 82 u_int ddtl = ntohl(r2t->ddtl); 83 u_int edtl = ntohl(opp->ipdu.scsi_req.edtlen); 84 u_int bleft, bs, dsn, bo; 85 caddr_t bp = csio->data_ptr; 86 87 bo = ntohl(r2t->bo); 88 bleft = ddtl; 89 90 if(sp->opt.maxXmitDataSegmentLength > 0) // danny's RFC 91 bs = MIN(sp->opt.maxXmitDataSegmentLength, ddtl); 92 else 93 bs = ddtl; 94 dsn = 0; 95 sdebug(4, "edtl=%x ddtl=%x bo=%x dsn=%x bs=%x maxX=%x", 96 edtl, ddtl, bo, dsn, bs, sp->opt.maxXmitDataSegmentLength); 97 while(bleft > 0) { 98 wpq = pdu_alloc(sp->isc, M_NOWAIT); // testing ... 99 if(wpq == NULL) { 100 sdebug(3, "itt=%x r2tSN=%d bo=%x ddtl=%x W=%d", ntohl(r2t->itt), 101 ntohl(r2t->r2tSN), ntohl(r2t->bo), ntohl(r2t->ddtl), opp->ipdu.scsi_req.W); 102 sdebug(1, "npdu_max=%d npdu_alloc=%d", sp->isc->npdu_max, sp->isc->npdu_alloc); 103 104 while((wpq = pdu_alloc(sp->isc, M_NOWAIT)) == NULL) { 105 sdebug(2, "waiting..."); 106 #if __FreeBSD_version >= 700000 107 pause("isc_r2t", 5*hz); 108 #else 109 tsleep(sp->isc, 0, "isc_r2t", 5*hz); 110 #endif 111 } 112 } 113 cmd = &wpq->pdu.ipdu.data_out; 114 cmd->opcode = ISCSI_WRITE_DATA; 115 cmd->lun[0] = r2t->lun[0]; 116 cmd->lun[1] = r2t->lun[1]; 117 cmd->ttt = r2t->ttt; 118 cmd->itt = r2t->itt; 119 120 cmd->dsn = htonl(dsn); 121 cmd->bo = htonl(bo); 122 123 cmd->F = (bs < bleft)? 0: 1; // is this the last one? 124 bs = MIN(bs, bleft); 125 126 wpq->pdu.ds_len = bs; 127 wpq->pdu.ds = bp; 128 129 error = isc_qout(sp, wpq); 130 sdebug(6, "bs=%x bo=%x bp=%p dsn=%x error=%d", bs, bo, bp, dsn, error); 131 if(error) 132 break; 133 bo += bs; 134 bp += bs; 135 bleft -= bs; 136 dsn++; 137 } 138 } 139 break; 140 141 default: 142 // XXX: should not happen ... 143 xdebug("huh? opcode=0x%x", bhp->opcode); 144 } 145 } 146 147 static int 148 getSenseData(u_int status, union ccb *ccb, pduq_t *pq) 149 { 150 pdu_t *pp = &pq->pdu; 151 struct ccb_scsiio *scsi = (struct ccb_scsiio *)ccb; 152 struct scsi_sense_data *sense = &scsi->sense_data; 153 struct mbuf *m = pq->mp; 154 scsi_rsp_t *cmd = &pp->ipdu.scsi_rsp; 155 caddr_t bp; 156 int sense_len, mustfree = 0; 157 158 bp = mtod(pq->mp, caddr_t); 159 if((sense_len = scsi_2btoul(bp)) == 0) 160 return 0; 161 debug(4, "sense_len=%d", sense_len); 162 /* 163 | according to the specs, the sense data cannot 164 | be larger than 252 ... 165 */ 166 if(sense_len > m->m_len) { 167 bp = kmalloc(sense_len, M_ISCSI, M_WAITOK); 168 debug(3, "calling i_mbufcopy(len=%d)", sense_len); 169 i_mbufcopy(pq->mp, bp, sense_len); 170 mustfree++; 171 } 172 scsi->scsi_status = status; 173 174 bcopy(bp+2, sense, min(sense_len, scsi->sense_len)); 175 scsi->sense_resid = 0; 176 if(cmd->flag & (BIT(1)|BIT(2))) 177 scsi->sense_resid = ntohl(pp->ipdu.scsi_rsp.rcnt); 178 debug(3, "sense_len=%d rcnt=%d sense_resid=%d dsl=%d error_code=%x flags=%x", 179 sense_len, 180 ntohl(pp->ipdu.scsi_rsp.rcnt), scsi->sense_resid, 181 pp->ds_len, sense->error_code, sense->flags); 182 183 if(mustfree) 184 kfree(bp, M_ISCSI); 185 186 return 1; 187 } 188 189 /* 190 | Some information is from SAM draft. 191 */ 192 static void 193 _scsi_done(struct isc_softc *isp, u_int response, u_int status, union ccb *ccb, pduq_t *pq) 194 { 195 struct ccb_hdr *ccb_h = &ccb->ccb_h; 196 197 debug_called(8); 198 199 if(status || response) { 200 debug(3, "response=%x status=%x ccb=%p pq=%p", response, status, ccb, pq); 201 if(pq != NULL) 202 debug(3, "mp=%p buf=%p len=%d", pq->mp, pq->buf, pq->len); 203 } 204 ccb_h->status = 0; 205 switch(response) { 206 case 0: // Command Completed at Target 207 switch(status) { 208 case 0: // Good, all is ok 209 ccb_h->status = CAM_REQ_CMP; 210 break; 211 212 case 0x02: // Check Condition 213 if((pq != NULL) && (pq->mp != NULL) && getSenseData(status, ccb, pq)) 214 ccb_h->status |= CAM_AUTOSNS_VALID; 215 216 case 0x14: // Intermediate-Condition Met 217 case 0x10: // Intermediate 218 case 0x04: // Condition Met 219 ccb_h->status |= CAM_SCSI_STATUS_ERROR; 220 break; 221 222 case 0x08: 223 ccb_h->status = CAM_BUSY; 224 break; 225 226 case 0x18: // Reservation Conflict 227 case 0x28: // Task Set Full 228 ccb_h->status = CAM_REQUEUE_REQ; 229 break; 230 default: 231 //case 0x22: // Command Terminated 232 //case 0x30: // ACA Active 233 //case 0x40: // Task Aborted 234 ccb_h->status = CAM_REQ_CMP_ERR; //CAM_REQ_ABORTED; 235 } 236 break; 237 238 default: 239 if((response >= 0x80) && (response <= 0xFF)) { 240 // Vendor specific ... 241 } 242 case 1: // target failure 243 ccb_h->status = CAM_REQ_CMP_ERR; //CAM_REQ_ABORTED; 244 break; 245 } 246 debug(5, "ccb_h->status=%x", ccb_h->status); 247 248 XPT_DONE(isp, ccb); 249 } 250 251 /* 252 | returns the lowest cmdseq that was not acked 253 */ 254 int 255 iscsi_requeue(isc_session_t *sp) 256 { 257 pduq_t *pq; 258 u_int i, n, last; 259 260 debug_called(8); 261 last = -1; 262 i = 0; 263 sp->flags |= ISC_HOLD; 264 while((pq = i_dqueue_hld(sp)) != NULL) { 265 i++; 266 _scsi_done(sp->isc, 0, 0x28, pq->ccb, NULL); 267 n = ntohl(pq->pdu.ipdu.bhs.CmdSN); 268 if(last > n) 269 last = n; 270 sdebug(2, "last=%x n=%x", last, n); 271 pdu_free(sp->isc, pq); 272 } 273 sp->flags &= ~ISC_HOLD; 274 return i? last: sp->sn.cmd; 275 } 276 277 int 278 i_pdu_flush(isc_session_t *sp) 279 { 280 int n = 0; 281 pduq_t *pq; 282 283 debug_called(8); 284 while((pq = i_dqueue_rsp(sp)) != NULL) { 285 pdu_free(sp->isc, pq); 286 n++; 287 } 288 while((pq = i_dqueue_rsv(sp)) != NULL) { 289 pdu_free(sp->isc, pq); 290 n++; 291 } 292 while((pq = i_dqueue_snd(sp, -1)) != NULL) { 293 pdu_free(sp->isc, pq); 294 n++; 295 } 296 while((pq = i_dqueue_hld(sp)) != NULL) { 297 pdu_free(sp->isc, pq); 298 n++; 299 } 300 while((pq = i_dqueue_wsnd(sp)) != NULL) { 301 pdu_free(sp->isc, pq); 302 n++; 303 } 304 if(n != 0) 305 xdebug("%d pdus recovered, should have been ZERO!", n); 306 return n; 307 } 308 /* 309 | called from ism_destroy. 310 */ 311 void 312 iscsi_cleanup(isc_session_t *sp) 313 { 314 pduq_t *pq, *pqtmp; 315 316 debug_called(8); 317 318 TAILQ_FOREACH_MUTABLE(pq, &sp->hld, pq_link, pqtmp) { 319 sdebug(3, "hld pq=%p", pq); 320 if(pq->ccb) 321 _scsi_done(sp->isc, 1, 0x40, pq->ccb, NULL); 322 TAILQ_REMOVE(&sp->hld, pq, pq_link); 323 pdu_free(sp->isc, pq); 324 } 325 while((pq = i_dqueue_snd(sp, BIT(0)|BIT(1)|BIT(2))) != NULL) { 326 sdebug(3, "pq=%p", pq); 327 if(pq->ccb) 328 _scsi_done(sp->isc, 1, 0x40, pq->ccb, NULL); 329 pdu_free(sp->isc, pq); 330 } 331 332 wakeup(&sp->rsp); 333 } 334 335 void 336 iscsi_done(isc_session_t *sp, pduq_t *opq, pduq_t *pq) 337 { 338 pdu_t *pp = &pq->pdu; 339 scsi_rsp_t *cmd = &pp->ipdu.scsi_rsp; 340 341 debug_called(8); 342 343 _scsi_done(sp->isc, cmd->response, cmd->status, opq->ccb, pq); 344 345 pdu_free(sp->isc, opq); 346 } 347 348 // see RFC 3720, 10.9.1 page 146 349 /* 350 | NOTE: 351 | the call to isc_stop_receiver is a kludge, 352 | instead, it should be handled by the userland controller, 353 | but that means that there should be a better way, other than 354 | sending a signal. Somehow, this packet should be supplied to 355 | the userland via read. 356 */ 357 void 358 iscsi_async(isc_session_t *sp, pduq_t *pq) 359 { 360 pdu_t *pp = &pq->pdu; 361 async_t *cmd = &pp->ipdu.async; 362 363 debug_called(8); 364 365 sdebug(3, "asyncevent=0x%x asyncVCode=0x%0x", cmd->asyncEvent, cmd->asyncVCode); 366 switch(cmd->asyncEvent) { 367 case 0: // check status ... 368 break; 369 370 case 1: // target request logout 371 isc_stop_receiver(sp); // XXX: temporary solution 372 break; 373 374 case 2: // target indicates it wants to drop connection 375 isc_stop_receiver(sp); // XXX: temporary solution 376 break; 377 378 case 3: // target indicates it will drop all connections. 379 isc_stop_receiver(sp); // XXX: temporary solution 380 break; 381 382 case 4: // target request parameter negotiation 383 break; 384 385 default: 386 break; 387 } 388 } 389 390 void 391 iscsi_reject(isc_session_t *sp, pduq_t *opq, pduq_t *pq) 392 { 393 union ccb *ccb = opq->ccb; 394 //reject_t *reject = &pq->pdu.ipdu.reject; 395 396 debug_called(8); 397 //XXX: check RFC 10.17.1 (page 176) 398 ccb->ccb_h.status = CAM_REQ_ABORTED; 399 XPT_DONE(sp->isc, ccb); 400 401 pdu_free(sp->isc, opq); 402 } 403 404 /* 405 | deal with lun 406 */ 407 static int 408 dwl(isc_session_t *sp, int lun, u_char *lp) 409 { 410 int i; 411 412 debug_called(8); 413 414 /* 415 | mapping LUN to iSCSI LUN 416 | check the SAM-2 specs 417 | hint: maxLUNS is a small number, cam's LUN is 32bits 418 | iSCSI is 64bits, scsi is ? 419 */ 420 // XXX: check if this will pass the endian test 421 if(lun < 256) { 422 lp[0] = 0; 423 lp[1] = lun; 424 } else 425 if(lun < 16384) { 426 lp[0] = (1 << 5) | ((lun >> 8) & 0x3f); 427 lp[1] = lun & 0xff; 428 } 429 else { 430 xdebug("lun %d: is unsupported!", lun); 431 return -1; 432 } 433 434 for(i = 0; i < sp->target_nluns; i++) 435 if(sp->target_lun[i] == lun) 436 return 0; 437 if(sp->target_nluns < ISCSI_MAX_LUNS) 438 sp->target_lun[sp->target_nluns++] = lun; 439 440 sdebug(3, "nluns=%d lun=%d", sp->target_nluns, lun); 441 442 return 0; 443 } 444 445 /* 446 | encapsulate the scsi command and 447 */ 448 int 449 scsi_encap(struct cam_sim *sim, union ccb *ccb) 450 { 451 struct isc_softc *isp = (struct isc_softc *)cam_sim_softc(sim); 452 isc_session_t *sp; 453 struct ccb_scsiio *csio = &ccb->csio; 454 struct ccb_hdr *ccb_h = &ccb->ccb_h; 455 pduq_t *pq; 456 scsi_req_t *cmd; 457 458 debug_called(8); 459 460 debug(4, "ccb->sp=%p", ccb_h->spriv_ptr0); 461 sp = ccb_h->spriv_ptr0; 462 463 if((pq = pdu_alloc(isp, M_NOWAIT)) == NULL) { 464 debug(2, "ccb->sp=%p", ccb_h->spriv_ptr0); 465 sdebug(1, "pdu_alloc failed sc->npdu_max=%d npdu_alloc=%d", 466 sp->isc->npdu_max, sp->isc->npdu_alloc); 467 while((pq = pdu_alloc(sp->isc, M_NOWAIT)) == NULL) { 468 sdebug(3, "waiting..."); 469 #if __FreeBSD_version >= 700000 470 pause("isc_encap", 5*hz); 471 #else 472 tsleep(sp->isc, 0, "isc_encap", 5*hz); 473 #endif 474 } 475 #if 0 476 sdebug(3, "freezing"); 477 ccb->ccb_h.status = CAM_REQUEUE_REQ; 478 ic_freeze(sp); 479 return 0; 480 #endif 481 } 482 483 #if 0 484 if((sp->flags & ISC_FFPHASE) == 0) { 485 ccb->ccb_h.status = CAM_DEV_NOT_THERE; // CAM_NO_NEXUS; 486 sdebug(3, "no active session with target %d", ccb_h->target_id); 487 goto bad; 488 } 489 #endif 490 cmd = &pq->pdu.ipdu.scsi_req; 491 cmd->opcode = ISCSI_SCSI_CMD; 492 cmd->F = 1; 493 /* 494 | map tag option, default is UNTAGGED 495 */ 496 switch(csio->tag_action) { 497 case MSG_SIMPLE_Q_TAG: cmd->attr = iSCSI_TASK_SIMPLE; break; 498 case MSG_HEAD_OF_Q_TAG: cmd->attr = iSCSI_TASK_ORDER; break; 499 case MSG_ORDERED_Q_TAG: cmd->attr = iSCSI_TASK_HOFQ; break; 500 case MSG_ACA_TASK: cmd->attr = iSCSI_TASK_ACA; break; 501 } 502 503 dwl(sp, ccb_h->target_lun, (u_char *)&cmd->lun); 504 505 if((ccb_h->flags & CAM_CDB_POINTER) != 0) { 506 if((ccb_h->flags & CAM_CDB_PHYS) == 0) { 507 if(csio->cdb_len > 16) { 508 sdebug(3, "oversize cdb %d > 16", csio->cdb_len); 509 goto invalid; 510 } 511 } 512 else { 513 sdebug(3, "not phys"); 514 goto invalid; 515 } 516 } 517 518 if(csio->cdb_len > sizeof(cmd->cdb)) 519 xdebug("guevalt! %d > %ld", csio->cdb_len, (long)sizeof(cmd->cdb)); 520 521 memcpy(cmd->cdb, 522 ccb_h->flags & CAM_CDB_POINTER? csio->cdb_io.cdb_ptr: csio->cdb_io.cdb_bytes, 523 csio->cdb_len); 524 525 cmd->W = (ccb->ccb_h.flags & CAM_DIR_MASK) == CAM_DIR_OUT; 526 cmd->R = (ccb->ccb_h.flags & CAM_DIR_MASK) == CAM_DIR_IN; 527 cmd->edtlen = htonl(csio->dxfer_len); 528 529 pq->ccb = ccb; 530 /* 531 | place it in the out queue 532 */ 533 if(isc_qout(sp, pq) == 0) 534 return 1; 535 invalid: 536 ccb->ccb_h.status = CAM_REQ_INVALID; 537 pdu_free(isp, pq); 538 return 0; 539 } 540 541 int 542 scsi_decap(isc_session_t *sp, pduq_t *opq, pduq_t *pq) 543 { 544 union ccb *ccb = opq->ccb; 545 struct ccb_scsiio *csio = &ccb->csio; 546 pdu_t *opp = &opq->pdu; 547 bhs_t *bhp = &opp->ipdu.bhs; 548 549 debug_called(8); 550 sdebug(6, "pq=%p opq=%p bhp->opcode=0x%x len=%d", 551 pq, opq, bhp->opcode, pq->pdu.ds_len); 552 if(ccb == NULL) { 553 sdebug(1, "itt=0x%x pq=%p opq=%p bhp->opcode=0x%x len=%d", 554 ntohl(pq->pdu.ipdu.bhs.itt), 555 pq, opq, bhp->opcode, pq->pdu.ds_len); 556 xdebug("%d] ccb == NULL!", sp->sid); 557 return 0; 558 } 559 if(pq->pdu.ds_len != 0) { 560 switch(bhp->opcode) { 561 case ISCSI_SCSI_CMD: { 562 scsi_req_t *cmd = &opp->ipdu.scsi_req; 563 sdebug(5, "itt=0x%x opcode=%x R=%d", 564 ntohl(pq->pdu.ipdu.bhs.itt), 565 pq->pdu.ipdu.bhs.opcode, cmd->R); 566 567 switch(pq->pdu.ipdu.bhs.opcode) { 568 case ISCSI_READ_DATA: // SCSI Data in 569 { 570 caddr_t bp = NULL; // = mtod(pq->mp, caddr_t); 571 data_in_t *rcmd = &pq->pdu.ipdu.data_in; 572 573 if(cmd->R) { 574 sdebug(5, "copy to=%p from=%p l1=%d l2=%d mp@%p", 575 csio->data_ptr, bp? mtod(pq->mp, caddr_t): 0, 576 ntohl(cmd->edtlen), pq->pdu.ds_len, pq->mp); 577 if(ntohl(cmd->edtlen) >= pq->pdu.ds_len) { 578 int offset, len = pq->pdu.ds_len; 579 580 if(pq->mp != NULL) { 581 caddr_t dp; 582 583 offset = ntohl(rcmd->bo); 584 dp = csio->data_ptr + offset; 585 i_mbufcopy(pq->mp, dp, len); 586 } 587 } 588 else { 589 xdebug("edtlen=%d < ds_len=%d", 590 ntohl(cmd->edtlen), pq->pdu.ds_len); 591 } 592 } 593 if(rcmd->S) { 594 /* 595 | contains also the SCSI Status 596 */ 597 _scsi_done(sp->isc, 0, rcmd->status, opq->ccb, NULL); 598 return 0; 599 } else 600 return 1; 601 } 602 break; 603 } 604 } 605 default: 606 sdebug(3, "opcode=%02x", bhp->opcode); 607 break; 608 } 609 } 610 /* 611 | XXX: error ... 612 */ 613 return 1; 614 } 615