1 /* 2 * CDDL HEADER START 3 * 4 * The contents of this file are subject to the terms of the 5 * Common Development and Distribution License (the "License"). 6 * You may not use this file except in compliance with the License. 7 * 8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE 9 * or http://www.opensolaris.org/os/licensing. 10 * See the License for the specific language governing permissions 11 * and limitations under the License. 12 * 13 * When distributing Covered Code, include this CDDL HEADER in each 14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE. 15 * If applicable, add the following below this CDDL HEADER, with the 16 * fields enclosed by brackets "[]" replaced with your own identifying 17 * information: Portions Copyright [yyyy] [name of copyright owner] 18 * 19 * CDDL HEADER END 20 */ 21 22 /* 23 * Copyright 2010 Sun Microsystems, Inc. All rights reserved. 24 * Use is subject to license terms. 25 */ 26 27 /* 28 * RDMA channel interface for Solaris SCSI RDMA Protocol Target (SRP) 29 * transport port provider module for the COMSTAR framework. 30 */ 31 32 #include <sys/cpuvar.h> 33 #include <sys/types.h> 34 #include <sys/conf.h> 35 #include <sys/stat.h> 36 #include <sys/file.h> 37 #include <sys/ddi.h> 38 #include <sys/sunddi.h> 39 #include <sys/modctl.h> 40 #include <sys/sysmacros.h> 41 #include <sys/sdt.h> 42 #include <sys/taskq.h> 43 #include <sys/scsi/scsi.h> 44 #include <sys/ib/ibtl/ibti.h> 45 46 #include <stmf.h> 47 #include <stmf_ioctl.h> 48 #include <portif.h> 49 50 #include "srp.h" 51 #include "srpt_impl.h" 52 #include "srpt_ioc.h" 53 #include "srpt_stp.h" 54 #include "srpt_ch.h" 55 56 extern srpt_ctxt_t *srpt_ctxt; 57 extern uint16_t srpt_send_msg_depth; 58 59 /* 60 * Prototypes. 61 */ 62 static void srpt_ch_scq_hdlr(ibt_cq_hdl_t cq_dhl, void *arg); 63 static void srpt_ch_rcq_hdlr(ibt_cq_hdl_t cq_dhl, void *arg); 64 static void srpt_ch_process_iu(srpt_channel_t *ch, srpt_iu_t *iu); 65 66 /* 67 * srpt_ch_alloc() 68 */ 69 srpt_channel_t * 70 srpt_ch_alloc(srpt_target_port_t *tgt, uint8_t port) 71 { 72 ibt_status_t status; 73 srpt_channel_t *ch; 74 ibt_cq_attr_t cq_attr; 75 ibt_rc_chan_alloc_args_t ch_args; 76 uint32_t cq_real_size; 77 srpt_ioc_t *ioc; 78 79 ASSERT(tgt != NULL); 80 ioc = tgt->tp_ioc; 81 ASSERT(ioc != NULL); 82 83 ch = kmem_zalloc(sizeof (*ch), KM_SLEEP); 84 rw_init(&ch->ch_rwlock, NULL, RW_DRIVER, NULL); 85 mutex_init(&ch->ch_reflock, NULL, MUTEX_DRIVER, NULL); 86 cv_init(&ch->ch_cv_complete, NULL, CV_DRIVER, NULL); 87 ch->ch_refcnt = 1; 88 ch->ch_cv_waiters = 0; 89 90 ch->ch_state = SRPT_CHANNEL_CONNECTING; 91 ch->ch_tgt = tgt; 92 ch->ch_req_lim_delta = 0; 93 ch->ch_ti_iu_len = 0; 94 95 cq_attr.cq_size = srpt_send_msg_depth * 2; 96 cq_attr.cq_sched = 0; 97 cq_attr.cq_flags = IBT_CQ_NO_FLAGS; 98 99 status = ibt_alloc_cq(ioc->ioc_ibt_hdl, &cq_attr, &ch->ch_scq_hdl, 100 &cq_real_size); 101 if (status != IBT_SUCCESS) { 102 SRPT_DPRINTF_L1("ch_alloc, send CQ alloc error (%d)", 103 status); 104 goto scq_alloc_err; 105 } 106 107 cq_attr.cq_size = srpt_send_msg_depth + 1; 108 cq_attr.cq_sched = 0; 109 cq_attr.cq_flags = IBT_CQ_NO_FLAGS; 110 111 status = ibt_alloc_cq(ioc->ioc_ibt_hdl, &cq_attr, &ch->ch_rcq_hdl, 112 &cq_real_size); 113 if (status != IBT_SUCCESS) { 114 SRPT_DPRINTF_L2("ch_alloc, receive CQ alloc error (%d)", 115 status); 116 goto rcq_alloc_err; 117 } 118 119 ibt_set_cq_handler(ch->ch_scq_hdl, srpt_ch_scq_hdlr, ch); 120 ibt_set_cq_handler(ch->ch_rcq_hdl, srpt_ch_rcq_hdlr, ch); 121 (void) ibt_enable_cq_notify(ch->ch_scq_hdl, IBT_NEXT_COMPLETION); 122 (void) ibt_enable_cq_notify(ch->ch_rcq_hdl, IBT_NEXT_COMPLETION); 123 124 ch_args.rc_flags = IBT_WR_SIGNALED; 125 126 /* Maker certain initiator can not read/write our memory */ 127 ch_args.rc_control = 0; 128 129 ch_args.rc_hca_port_num = port; 130 131 /* 132 * Any SRP IU can result in a number of STMF data buffer transfers 133 * and those transfers themselves could span multiple initiator 134 * buffers. Therefore, the number of send WQE's actually required 135 * can vary. Here we assume that on average an I/O will require 136 * no more than SRPT_MAX_OUT_IO_PER_CMD send WQE's. In practice 137 * this will prevent send work queue overrun, but we will also 138 * inform STMF to throttle I/O should the work queue become full. 139 * 140 * If the HCA tells us the max outstanding WRs for a channel is 141 * lower than our default, use the HCA value. 142 */ 143 ch_args.rc_sizes.cs_sq = min(ioc->ioc_attr.hca_max_chan_sz, 144 (srpt_send_msg_depth * SRPT_MAX_OUT_IO_PER_CMD)); 145 ch_args.rc_sizes.cs_rq = 0; 146 ch_args.rc_sizes.cs_sq_sgl = 2; 147 ch_args.rc_sizes.cs_rq_sgl = 0; 148 149 ch_args.rc_scq = ch->ch_scq_hdl; 150 ch_args.rc_rcq = ch->ch_rcq_hdl; 151 ch_args.rc_pd = ioc->ioc_pd_hdl; 152 ch_args.rc_clone_chan = NULL; 153 ch_args.rc_srq = ioc->ioc_srq_hdl; 154 155 status = ibt_alloc_rc_channel(ioc->ioc_ibt_hdl, IBT_ACHAN_USES_SRQ, 156 &ch_args, &ch->ch_chan_hdl, &ch->ch_sizes); 157 if (status != IBT_SUCCESS) { 158 SRPT_DPRINTF_L2("ch_alloc, IBT channel alloc error (%d)", 159 status); 160 goto qp_alloc_err; 161 } 162 163 /* 164 * Create pool of send WQE entries to map send wqe work IDs 165 * to various types (specifically in error cases where OP 166 * is not known). 167 */ 168 ch->ch_num_swqe = ch->ch_sizes.cs_sq; 169 SRPT_DPRINTF_L2("ch_alloc, number of SWQEs = %u", ch->ch_num_swqe); 170 ch->ch_swqe = kmem_zalloc(sizeof (srpt_swqe_t) * ch->ch_num_swqe, 171 KM_SLEEP); 172 if (ch->ch_swqe == NULL) { 173 SRPT_DPRINTF_L2("ch_alloc, SWQE alloc error"); 174 (void) ibt_free_channel(ch->ch_chan_hdl); 175 goto qp_alloc_err; 176 } 177 mutex_init(&ch->ch_swqe_lock, NULL, MUTEX_DRIVER, NULL); 178 ch->ch_head = 1; 179 for (ch->ch_tail = 1; ch->ch_tail < ch->ch_num_swqe -1; ch->ch_tail++) { 180 ch->ch_swqe[ch->ch_tail].sw_next = ch->ch_tail + 1; 181 } 182 ch->ch_swqe[ch->ch_tail].sw_next = 0; 183 184 ibt_set_chan_private(ch->ch_chan_hdl, ch); 185 return (ch); 186 187 qp_alloc_err: 188 (void) ibt_free_cq(ch->ch_rcq_hdl); 189 190 rcq_alloc_err: 191 (void) ibt_free_cq(ch->ch_scq_hdl); 192 193 scq_alloc_err: 194 cv_destroy(&ch->ch_cv_complete); 195 mutex_destroy(&ch->ch_reflock); 196 rw_destroy(&ch->ch_rwlock); 197 kmem_free(ch, sizeof (*ch)); 198 199 return (NULL); 200 } 201 202 /* 203 * srpt_ch_add_ref() 204 */ 205 void 206 srpt_ch_add_ref(srpt_channel_t *ch) 207 { 208 mutex_enter(&ch->ch_reflock); 209 ch->ch_refcnt++; 210 SRPT_DPRINTF_L4("ch_add_ref, ch (%p), refcnt (%d)", 211 (void *)ch, ch->ch_refcnt); 212 ASSERT(ch->ch_refcnt != 0); 213 mutex_exit(&ch->ch_reflock); 214 } 215 216 /* 217 * srpt_ch_release_ref() 218 * 219 * A non-zero value for wait causes thread to block until all references 220 * to channel are released. 221 */ 222 void 223 srpt_ch_release_ref(srpt_channel_t *ch, uint_t wait) 224 { 225 mutex_enter(&ch->ch_reflock); 226 227 SRPT_DPRINTF_L4("ch_release_ref, ch (%p), refcnt (%d), wait (%d)", 228 (void *)ch, ch->ch_refcnt, wait); 229 230 ASSERT(ch->ch_refcnt != 0); 231 232 ch->ch_refcnt--; 233 234 if (ch->ch_refcnt != 0) { 235 if (wait) { 236 ch->ch_cv_waiters++; 237 while (ch->ch_refcnt != 0) { 238 cv_wait(&ch->ch_cv_complete, &ch->ch_reflock); 239 } 240 ch->ch_cv_waiters--; 241 } else { 242 mutex_exit(&ch->ch_reflock); 243 return; 244 } 245 } 246 247 /* 248 * Last thread out frees the IB resources, locks/conditions and memory 249 */ 250 if (ch->ch_cv_waiters > 0) { 251 /* we're not last, wake someone else up */ 252 cv_signal(&ch->ch_cv_complete); 253 mutex_exit(&ch->ch_reflock); 254 return; 255 } 256 257 SRPT_DPRINTF_L3("ch_release_ref - release resources"); 258 if (ch->ch_chan_hdl) { 259 SRPT_DPRINTF_L3("ch_release_ref - free channel"); 260 (void) ibt_free_channel(ch->ch_chan_hdl); 261 } 262 263 if (ch->ch_scq_hdl) { 264 (void) ibt_free_cq(ch->ch_scq_hdl); 265 } 266 267 if (ch->ch_rcq_hdl) { 268 (void) ibt_free_cq(ch->ch_rcq_hdl); 269 } 270 271 /* 272 * There should be no IU's associated with this 273 * channel on the SCSI session. 274 */ 275 if (ch->ch_session != NULL) { 276 ASSERT(list_is_empty(&ch->ch_session->ss_task_list)); 277 278 /* 279 * Currently only have one channel per session, we will 280 * need to release a reference when support is added 281 * for multi-channel target login. 282 */ 283 srpt_stp_free_session(ch->ch_session); 284 ch->ch_session = NULL; 285 } 286 287 kmem_free(ch->ch_swqe, sizeof (srpt_swqe_t) * ch->ch_num_swqe); 288 mutex_destroy(&ch->ch_swqe_lock); 289 mutex_exit(&ch->ch_reflock); 290 mutex_destroy(&ch->ch_reflock); 291 rw_destroy(&ch->ch_rwlock); 292 kmem_free(ch, sizeof (srpt_channel_t)); 293 } 294 295 /* 296 * srpt_ch_disconnect() 297 */ 298 void 299 srpt_ch_disconnect(srpt_channel_t *ch) 300 { 301 ibt_status_t status; 302 303 SRPT_DPRINTF_L3("ch_disconnect, invoked for ch (%p)", 304 (void *)ch); 305 306 rw_enter(&ch->ch_rwlock, RW_WRITER); 307 308 /* 309 * If we are already in the process of disconnecting then 310 * nothing need be done, CM will call-back into us when done. 311 */ 312 if (ch->ch_state == SRPT_CHANNEL_DISCONNECTING) { 313 SRPT_DPRINTF_L2("ch_disconnect, called when" 314 " disconnect in progress"); 315 rw_exit(&ch->ch_rwlock); 316 return; 317 } 318 ch->ch_state = SRPT_CHANNEL_DISCONNECTING; 319 rw_exit(&ch->ch_rwlock); 320 321 /* 322 * Initiate the sending of the CM DREQ message, the private data 323 * should be the SRP Target logout IU. We don't really care about 324 * the remote CM DREP message returned. We issue this in an 325 * asynchronous manner and will cleanup when called back by CM. 326 */ 327 status = ibt_close_rc_channel(ch->ch_chan_hdl, IBT_NONBLOCKING, 328 NULL, 0, NULL, NULL, 0); 329 330 if (status != IBT_SUCCESS) { 331 SRPT_DPRINTF_L2("ch_disconnect, close RC channel" 332 " err(%d)", status); 333 } 334 } 335 336 /* 337 * srpt_ch_cleanup() 338 */ 339 void 340 srpt_ch_cleanup(srpt_channel_t *ch) 341 { 342 srpt_iu_t *iu; 343 srpt_iu_t *next; 344 ibt_wc_t wc; 345 srpt_target_port_t *tgt; 346 srpt_channel_t *tgt_ch; 347 scsi_task_t *iutask; 348 349 SRPT_DPRINTF_L3("ch_cleanup, invoked for ch(%p), state(%d)", 350 (void *)ch, ch->ch_state); 351 352 /* add a ref for the channel until we're done */ 353 srpt_ch_add_ref(ch); 354 355 tgt = ch->ch_tgt; 356 ASSERT(tgt != NULL); 357 358 /* 359 * Make certain the channel is in the target ports list of 360 * known channels and remove it (releasing the target 361 * ports reference to the channel). 362 */ 363 mutex_enter(&tgt->tp_ch_list_lock); 364 tgt_ch = list_head(&tgt->tp_ch_list); 365 while (tgt_ch != NULL) { 366 if (tgt_ch == ch) { 367 list_remove(&tgt->tp_ch_list, tgt_ch); 368 srpt_ch_release_ref(tgt_ch, 0); 369 break; 370 } 371 tgt_ch = list_next(&tgt->tp_ch_list, tgt_ch); 372 } 373 mutex_exit(&tgt->tp_ch_list_lock); 374 375 if (tgt_ch == NULL) { 376 SRPT_DPRINTF_L2("ch_cleanup, target channel no" 377 "longer known to target"); 378 srpt_ch_release_ref(ch, 0); 379 return; 380 } 381 382 rw_enter(&ch->ch_rwlock, RW_WRITER); 383 ch->ch_state = SRPT_CHANNEL_DISCONNECTING; 384 rw_exit(&ch->ch_rwlock); 385 386 /* 387 * Don't accept any further incoming requests, and clean 388 * up the receive queue. The send queue is left alone 389 * so tasks can finish and clean up (whether normally 390 * or via abort). 391 */ 392 if (ch->ch_rcq_hdl) { 393 ibt_set_cq_handler(ch->ch_rcq_hdl, NULL, NULL); 394 395 while (ibt_poll_cq(ch->ch_rcq_hdl, &wc, 1, NULL) == 396 IBT_SUCCESS) { 397 iu = (srpt_iu_t *)(uintptr_t)wc.wc_id; 398 SRPT_DPRINTF_L4("ch_cleanup, recovering" 399 " outstanding RX iu(%p)", (void *)iu); 400 mutex_enter(&iu->iu_lock); 401 srpt_ioc_repost_recv_iu(iu->iu_ioc, iu); 402 /* 403 * Channel reference has not yet been added for this 404 * IU, so do not decrement. 405 */ 406 mutex_exit(&iu->iu_lock); 407 } 408 } 409 410 /* 411 * Go through the list of outstanding IU for the channel's SCSI 412 * session and for each either abort or complete an abort. 413 */ 414 rw_enter(&ch->ch_rwlock, RW_READER); 415 if (ch->ch_session != NULL) { 416 rw_enter(&ch->ch_session->ss_rwlock, RW_READER); 417 iu = list_head(&ch->ch_session->ss_task_list); 418 while (iu != NULL) { 419 next = list_next(&ch->ch_session->ss_task_list, iu); 420 421 mutex_enter(&iu->iu_lock); 422 if (ch == iu->iu_ch) { 423 if (iu->iu_stmf_task == NULL) { 424 cmn_err(CE_NOTE, 425 "ch_cleanup, NULL stmf task"); 426 ASSERT(0); 427 } 428 iutask = iu->iu_stmf_task; 429 } else { 430 iutask = NULL; 431 } 432 mutex_exit(&iu->iu_lock); 433 434 if (iutask != NULL) { 435 SRPT_DPRINTF_L4("ch_cleanup, aborting " 436 "task(%p)", (void *)iutask); 437 stmf_abort(STMF_QUEUE_TASK_ABORT, iutask, 438 STMF_ABORTED, NULL); 439 } 440 iu = next; 441 } 442 rw_exit(&ch->ch_session->ss_rwlock); 443 } 444 rw_exit(&ch->ch_rwlock); 445 446 srpt_ch_release_ref(ch, 0); 447 } 448 449 /* 450 * srpt_ch_rsp_comp() 451 * 452 * Process a completion for an IB SEND message. A SEND completion 453 * is for a SRP response packet sent back to the initiator. It 454 * will not have a STMF SCSI task associated with it if it was 455 * sent for a rejected IU, or was a task management abort response. 456 */ 457 static void 458 srpt_ch_rsp_comp(srpt_channel_t *ch, srpt_iu_t *iu, 459 ibt_wc_status_t wc_status) 460 { 461 stmf_status_t st = STMF_SUCCESS; 462 463 ASSERT(iu->iu_ch == ch); 464 465 /* 466 * Process the completion regardless whether it's a failure or 467 * success. At this point, we've processed as far as we can and 468 * just need to complete the associated task. 469 */ 470 471 if (wc_status != IBT_SUCCESS) { 472 SRPT_DPRINTF_L2("ch_rsp_comp, WC status err(%d)", 473 wc_status); 474 475 st = STMF_FAILURE; 476 477 if (wc_status != IBT_WC_WR_FLUSHED_ERR) { 478 srpt_ch_disconnect(ch); 479 } 480 } 481 482 /* 483 * If the IU response completion is not associated with 484 * with a SCSI task, release the IU to return the resource 485 * and the reference to the channel it holds. 486 */ 487 mutex_enter(&iu->iu_lock); 488 atomic_dec_32(&iu->iu_sq_posted_cnt); 489 490 if (iu->iu_stmf_task == NULL) { 491 srpt_ioc_repost_recv_iu(iu->iu_ioc, iu); 492 mutex_exit(&iu->iu_lock); 493 srpt_ch_release_ref(ch, 0); 494 return; 495 } 496 497 /* 498 * We should not get a SEND completion where the task has already 499 * completed aborting and STMF has been informed. 500 */ 501 ASSERT((iu->iu_flags & SRPT_IU_ABORTED) == 0); 502 503 /* 504 * Let STMF know we are done. 505 */ 506 mutex_exit(&iu->iu_lock); 507 508 stmf_send_status_done(iu->iu_stmf_task, st, STMF_IOF_LPORT_DONE); 509 } 510 511 /* 512 * srpt_ch_data_comp() 513 * 514 * Process an IB completion for a RDMA operation. This completion 515 * should be associated with the last RDMA operation for any 516 * data buffer transfer. 517 */ 518 static void 519 srpt_ch_data_comp(srpt_channel_t *ch, stmf_data_buf_t *stmf_dbuf, 520 ibt_wc_status_t wc_status) 521 { 522 srpt_ds_dbuf_t *dbuf; 523 srpt_iu_t *iu; 524 stmf_status_t status; 525 526 ASSERT(stmf_dbuf != NULL); 527 528 dbuf = (srpt_ds_dbuf_t *)stmf_dbuf->db_port_private; 529 530 ASSERT(dbuf != NULL); 531 532 iu = dbuf->db_iu; 533 534 ASSERT(iu != NULL); 535 ASSERT(iu->iu_ch == ch); 536 537 /* 538 * If work completion indicates non-flush failure, then 539 * start a channel disconnect (asynchronous) and release 540 * the reference to the IU. The task will be cleaned 541 * up with STMF during channel shutdown processing. 542 */ 543 if (wc_status != IBT_SUCCESS) { 544 SRPT_DPRINTF_L2("ch_data_comp, WC status err(%d)", 545 wc_status); 546 if (wc_status != IBT_WC_WR_FLUSHED_ERR) { 547 srpt_ch_disconnect(ch); 548 } 549 atomic_dec_32(&iu->iu_sq_posted_cnt); 550 return; 551 } 552 553 /* 554 * If STMF has requested this task be aborted, then if this is the 555 * last I/O operation outstanding, notify STMF the task has been 556 * aborted and ignore the completion. 557 */ 558 mutex_enter(&iu->iu_lock); 559 atomic_dec_32(&iu->iu_sq_posted_cnt); 560 561 if ((iu->iu_flags & SRPT_IU_STMF_ABORTING) != 0) { 562 scsi_task_t *abort_task = iu->iu_stmf_task; 563 564 mutex_exit(&iu->iu_lock); 565 stmf_abort(STMF_REQUEUE_TASK_ABORT_LPORT, abort_task, 566 STMF_ABORTED, NULL); 567 return; 568 } 569 570 /* 571 * We should not get an RDMA completion where the task has already 572 * completed aborting and STMF has been informed. 573 */ 574 ASSERT((iu->iu_flags & SRPT_IU_ABORTED) == 0); 575 576 /* 577 * Good completion for last RDMA op associated with a data buffer 578 * I/O, if specified initiate status otherwise let STMF know we are 579 * done. 580 */ 581 stmf_dbuf->db_xfer_status = STMF_SUCCESS; 582 mutex_exit(&iu->iu_lock); 583 584 DTRACE_SRP_8(xfer__done, srpt_channel_t, ch, 585 ibt_wr_ds_t, &(dbuf->db_sge), srpt_iu_t, iu, 586 ibt_send_wr_t, 0, uint32_t, stmf_dbuf->db_data_size, 587 uint32_t, 0, uint32_t, 0, 588 uint32_t, (stmf_dbuf->db_flags & DB_DIRECTION_TO_RPORT) ? 1 : 0); 589 590 if ((stmf_dbuf->db_flags & DB_SEND_STATUS_GOOD) != 0) { 591 status = srpt_stp_send_status(dbuf->db_iu->iu_stmf_task, 0); 592 if (status == STMF_SUCCESS) { 593 return; 594 } 595 stmf_dbuf->db_xfer_status = STMF_FAILURE; 596 } 597 stmf_data_xfer_done(dbuf->db_iu->iu_stmf_task, stmf_dbuf, 0); 598 } 599 600 /* 601 * srpt_ch_scq_hdlr() 602 */ 603 static void 604 srpt_ch_scq_hdlr(ibt_cq_hdl_t cq_hdl, void *arg) 605 { 606 ibt_status_t status; 607 srpt_channel_t *ch = arg; 608 ibt_wc_t wc[SRPT_SEND_WC_POLL_SIZE]; 609 ibt_wc_t *wcp; 610 int i; 611 uint32_t cq_rearmed = 0; 612 uint32_t entries; 613 srpt_swqe_t *swqe; 614 615 ASSERT(ch != NULL); 616 617 /* Reference channel for the duration of this call */ 618 srpt_ch_add_ref(ch); 619 620 for (;;) { 621 status = ibt_poll_cq(cq_hdl, &wc[0], SRPT_SEND_WC_POLL_SIZE, 622 &entries); 623 624 if (status != IBT_SUCCESS) { 625 if (status != IBT_CQ_EMPTY) { 626 /* 627 * This error should not happen. It indicates 628 * something abnormal has gone wrong and means 629 * either a hardware or programming logic error. 630 */ 631 SRPT_DPRINTF_L2( 632 "ch_scq_hdlr, unexpected CQ err(%d)", 633 status); 634 srpt_ch_disconnect(ch); 635 } 636 637 /* 638 * If we have not rearmed the CQ do so now and poll to 639 * eliminate race; otherwise we are done. 640 */ 641 if (cq_rearmed == 0) { 642 (void) ibt_enable_cq_notify(ch->ch_scq_hdl, 643 IBT_NEXT_COMPLETION); 644 cq_rearmed = 1; 645 continue; 646 } else { 647 break; 648 } 649 } 650 651 for (wcp = wc, i = 0; i < entries; i++, wcp++) { 652 653 /* 654 * A zero work ID indicates this CQE is associated 655 * with an intermediate post of a RDMA data transfer 656 * operation. Since intermediate data requests are 657 * unsignaled, we should only get these if there was 658 * an error. No action is required. 659 */ 660 if (wcp->wc_id == 0) { 661 continue; 662 } 663 swqe = ch->ch_swqe + wcp->wc_id; 664 665 switch (swqe->sw_type) { 666 case SRPT_SWQE_TYPE_RESP: 667 srpt_ch_rsp_comp(ch, (srpt_iu_t *) 668 swqe->sw_addr, wcp->wc_status); 669 break; 670 671 case SRPT_SWQE_TYPE_DATA: 672 srpt_ch_data_comp(ch, (stmf_data_buf_t *) 673 swqe->sw_addr, wcp->wc_status); 674 break; 675 676 default: 677 SRPT_DPRINTF_L2("ch_scq_hdlr, bad type(%d)", 678 swqe->sw_type); 679 ASSERT(0); 680 } 681 682 srpt_ch_free_swqe_wrid(ch, wcp->wc_id); 683 } 684 } 685 686 srpt_ch_release_ref(ch, 0); 687 } 688 689 /* 690 * srpt_ch_rcq_hdlr() 691 */ 692 static void 693 srpt_ch_rcq_hdlr(ibt_cq_hdl_t cq_hdl, void *arg) 694 { 695 ibt_status_t status; 696 srpt_channel_t *ch = arg; 697 ibt_wc_t wc[SRPT_RECV_WC_POLL_SIZE]; 698 ibt_wc_t *wcp; 699 int i; 700 uint32_t entries; 701 srpt_iu_t *iu; 702 uint_t cq_rearmed = 0; 703 704 /* 705 * The channel object will exists while the CQ handler call-back 706 * is installed. 707 */ 708 ASSERT(ch != NULL); 709 srpt_ch_add_ref(ch); 710 711 /* 712 * If we know a channel disconnect has started do nothing 713 * and let channel cleanup code recover resources from the CQ. 714 * We are not concerned about races with the state transition 715 * since the code will do the correct thing either way. This 716 * is simply to circumvent rearming the CQ, and it will 717 * catch the state next time. 718 */ 719 rw_enter(&ch->ch_rwlock, RW_READER); 720 if (ch->ch_state == SRPT_CHANNEL_DISCONNECTING) { 721 SRPT_DPRINTF_L2("ch_rcq_hdlr, channel disconnecting"); 722 rw_exit(&ch->ch_rwlock); 723 srpt_ch_release_ref(ch, 0); 724 return; 725 } 726 rw_exit(&ch->ch_rwlock); 727 728 for (;;) { 729 status = ibt_poll_cq(cq_hdl, &wc[0], SRPT_RECV_WC_POLL_SIZE, 730 &entries); 731 732 if (status != IBT_SUCCESS) { 733 if (status != IBT_CQ_EMPTY) { 734 /* 735 * This error should not happen. It indicates 736 * something abnormal has gone wrong and means 737 * either a hardware or programming logic error. 738 */ 739 SRPT_DPRINTF_L2( 740 "ch_rcq_hdlr, unexpected CQ err(%d)", 741 status); 742 srpt_ch_disconnect(ch); 743 break; 744 } 745 746 /* 747 * If we have not rearmed the CQ do so now and poll to 748 * eliminate race; otherwise we are done. 749 */ 750 if (cq_rearmed == 0) { 751 (void) ibt_enable_cq_notify(ch->ch_rcq_hdl, 752 IBT_NEXT_COMPLETION); 753 cq_rearmed = 1; 754 continue; 755 } else { 756 break; 757 } 758 } 759 760 for (wcp = wc, i = 0; i < entries; i++, wcp++) { 761 762 /* 763 * Check wc_status before proceeding. If the 764 * status indicates a channel problem, stop processing. 765 */ 766 if (wcp->wc_status != IBT_WC_SUCCESS) { 767 if (wcp->wc_status == IBT_WC_WR_FLUSHED_ERR) { 768 SRPT_DPRINTF_L2( 769 "ch_rcq, unexpected" 770 " wc_status err(%d)", 771 wcp->wc_status); 772 srpt_ch_disconnect(ch); 773 goto done; 774 } else { 775 /* skip IUs with errors */ 776 SRPT_DPRINTF_L2( 777 "ch_rcq, ERROR comp(%d)", 778 wcp->wc_status); 779 /* XXX - verify not leaking IUs */ 780 continue; 781 } 782 } 783 784 iu = (srpt_iu_t *)(uintptr_t)wcp->wc_id; 785 ASSERT(iu != NULL); 786 787 /* 788 * Process the IU. 789 */ 790 ASSERT(wcp->wc_type == IBT_WRC_RECV); 791 srpt_ch_process_iu(ch, iu); 792 } 793 } 794 795 done: 796 srpt_ch_release_ref(ch, 0); 797 } 798 799 /* 800 * srpt_ch_srp_cmd() 801 */ 802 static int 803 srpt_ch_srp_cmd(srpt_channel_t *ch, srpt_iu_t *iu) 804 { 805 srp_cmd_req_t *cmd = (srp_cmd_req_t *)iu->iu_buf; 806 srp_indirect_desc_t *i_desc; 807 uint_t i_di_cnt; 808 uint_t i_do_cnt; 809 uint8_t do_fmt; 810 uint8_t di_fmt; 811 uint32_t *cur_desc_off; 812 int i; 813 ibt_status_t status; 814 uint8_t addlen; 815 816 817 DTRACE_SRP_2(task__command, srpt_channel_t, ch, srp_cmd_req_t, cmd); 818 iu->iu_ch = ch; 819 iu->iu_tag = cmd->cr_tag; 820 821 /* 822 * The SRP specification and SAM require support for bi-directional 823 * data transfer, so we create a single buffer descriptor list that 824 * in the IU buffer that covers the data-in and data-out buffers. 825 * In practice we will just see unidirectional transfers with either 826 * data-in or data out descriptors. If we were to take that as fact, 827 * we could reduce overhead slightly. 828 */ 829 830 /* 831 * additional length is a 6-bit number in 4-byte words, so multiply by 4 832 * to get bytes. 833 */ 834 addlen = cmd->cr_add_cdb_len & 0x3f; /* mask off 6 bits */ 835 836 cur_desc_off = (uint32_t *)(void *)&cmd->cr_add_data; 837 cur_desc_off += addlen; /* 32-bit arithmetic */ 838 iu->iu_num_rdescs = 0; 839 iu->iu_rdescs = (srp_direct_desc_t *)(void *)cur_desc_off; 840 841 /* 842 * Examine buffer description for Data In (i.e. data flows 843 * to the initiator). 844 */ 845 i_do_cnt = i_di_cnt = 0; 846 di_fmt = cmd->cr_buf_fmt >> 4; 847 if (di_fmt == SRP_DATA_DESC_DIRECT) { 848 iu->iu_num_rdescs = 1; 849 cur_desc_off = (uint32_t *)(void *)&iu->iu_rdescs[1]; 850 } else if (di_fmt == SRP_DATA_DESC_INDIRECT) { 851 i_desc = (srp_indirect_desc_t *)iu->iu_rdescs; 852 i_di_cnt = b2h32(i_desc->id_table.dd_len) / 853 sizeof (srp_direct_desc_t); 854 855 /* 856 * Some initiators like OFED occasionally use the wrong counts, 857 * so check total to allow for this. NOTE: we do not support 858 * reading of the descriptor table from the initiator, so if 859 * not all descriptors are in the IU we drop the task. 860 */ 861 if (i_di_cnt > (cmd->cr_dicnt + cmd->cr_docnt)) { 862 SRPT_DPRINTF_L2("ch_srp_cmd, remote RDMA of" 863 " descriptors not supported"); 864 SRPT_DPRINTF_L2("ch_srp_cmd, sizeof entry (%d)," 865 " i_di_cnt(%d), cr_dicnt(%d)", 866 (uint_t)sizeof (srp_direct_desc_t), 867 i_di_cnt, cmd->cr_dicnt); 868 iu->iu_rdescs = NULL; 869 return (1); 870 } 871 bcopy(&i_desc->id_desc[0], iu->iu_rdescs, 872 sizeof (srp_direct_desc_t) * i_di_cnt); 873 iu->iu_num_rdescs += i_di_cnt; 874 cur_desc_off = (uint32_t *)(void *)&i_desc->id_desc[i_di_cnt]; 875 } 876 877 /* 878 * Examine buffer description for Data Out (i.e. data flows 879 * from the initiator). 880 */ 881 do_fmt = cmd->cr_buf_fmt & 0x0F; 882 if (do_fmt == SRP_DATA_DESC_DIRECT) { 883 if (di_fmt == SRP_DATA_DESC_DIRECT) { 884 bcopy(cur_desc_off, &iu->iu_rdescs[iu->iu_num_rdescs], 885 sizeof (srp_direct_desc_t)); 886 } 887 iu->iu_num_rdescs++; 888 } else if (do_fmt == SRP_DATA_DESC_INDIRECT) { 889 i_desc = (srp_indirect_desc_t *)cur_desc_off; 890 i_do_cnt = b2h32(i_desc->id_table.dd_len) / 891 sizeof (srp_direct_desc_t); 892 893 /* 894 * Some initiators like OFED occasionally use the wrong counts, 895 * so check total to allow for this. NOTE: we do not support 896 * reading of the descriptor table from the initiator, so if 897 * not all descriptors are in the IU we drop the task. 898 */ 899 if ((i_di_cnt + i_do_cnt) > (cmd->cr_dicnt + cmd->cr_docnt)) { 900 SRPT_DPRINTF_L2("ch_srp_cmd, remote RDMA of" 901 " descriptors not supported"); 902 SRPT_DPRINTF_L2("ch_srp_cmd, sizeof entry (%d)," 903 " i_do_cnt(%d), cr_docnt(%d)", 904 (uint_t)sizeof (srp_direct_desc_t), 905 i_do_cnt, cmd->cr_docnt); 906 iu->iu_rdescs = 0; 907 return (1); 908 } 909 bcopy(&i_desc->id_desc[0], &iu->iu_rdescs[iu->iu_num_rdescs], 910 sizeof (srp_direct_desc_t) * i_do_cnt); 911 iu->iu_num_rdescs += i_do_cnt; 912 } 913 914 iu->iu_tot_xfer_len = 0; 915 for (i = 0; i < iu->iu_num_rdescs; i++) { 916 iu->iu_rdescs[i].dd_vaddr = b2h64(iu->iu_rdescs[i].dd_vaddr); 917 iu->iu_rdescs[i].dd_hdl = b2h32(iu->iu_rdescs[i].dd_hdl); 918 iu->iu_rdescs[i].dd_len = b2h32(iu->iu_rdescs[i].dd_len); 919 iu->iu_tot_xfer_len += iu->iu_rdescs[i].dd_len; 920 } 921 922 #ifdef DEBUG 923 if (srpt_errlevel >= SRPT_LOG_L4) { 924 SRPT_DPRINTF_L4("ch_srp_cmd, iu->iu_tot_xfer_len (%d)", 925 iu->iu_tot_xfer_len); 926 for (i = 0; i < iu->iu_num_rdescs; i++) { 927 SRPT_DPRINTF_L4("ch_srp_cmd, rdescs[%d].dd_vaddr" 928 " (0x%08llx)", 929 i, (u_longlong_t)iu->iu_rdescs[i].dd_vaddr); 930 SRPT_DPRINTF_L4("ch_srp_cmd, rdescs[%d].dd_hdl" 931 " (0x%08x)", i, iu->iu_rdescs[i].dd_hdl); 932 SRPT_DPRINTF_L4("ch_srp_cmd, rdescs[%d].dd_len (%d)", 933 i, iu->iu_rdescs[i].dd_len); 934 } 935 SRPT_DPRINTF_L4("ch_srp_cmd, LUN (0x%08lx)", 936 (unsigned long int) *((uint64_t *)(void *) cmd->cr_lun)); 937 } 938 #endif 939 rw_enter(&ch->ch_rwlock, RW_READER); 940 941 if (ch->ch_state == SRPT_CHANNEL_DISCONNECTING) { 942 /* 943 * The channel has begun disconnecting, so ignore the 944 * the command returning the IU resources. 945 */ 946 rw_exit(&ch->ch_rwlock); 947 return (1); 948 } 949 950 /* 951 * Once a SCSI task is allocated and assigned to the IU, it 952 * owns those IU resources, which will be held until STMF 953 * is notified the task is done (from a lport perspective). 954 */ 955 iu->iu_stmf_task = stmf_task_alloc(ch->ch_tgt->tp_lport, 956 ch->ch_session->ss_ss, cmd->cr_lun, 957 SRP_CDB_SIZE + (addlen * 4), 0); 958 if (iu->iu_stmf_task == NULL) { 959 /* 960 * Could not allocate, return status to the initiator 961 * indicating that we are temporarily unable to process 962 * commands. If unable to send, immediately return IU 963 * resource. 964 */ 965 SRPT_DPRINTF_L2("ch_srp_cmd, SCSI task allocation failure"); 966 rw_exit(&ch->ch_rwlock); 967 mutex_enter(&iu->iu_lock); 968 status = srpt_stp_send_response(iu, STATUS_BUSY, 0, 0, 0, 969 NULL, SRPT_NO_FENCE_SEND); 970 mutex_exit(&iu->iu_lock); 971 if (status != IBT_SUCCESS) { 972 SRPT_DPRINTF_L2("ch_srp_cmd, error(%d) posting error" 973 " response", status); 974 return (1); 975 } else { 976 return (0); 977 } 978 } 979 980 iu->iu_stmf_task->task_port_private = iu; 981 iu->iu_stmf_task->task_flags = 0; 982 983 if (di_fmt != 0) { 984 iu->iu_stmf_task->task_flags |= TF_WRITE_DATA; 985 } 986 if (do_fmt != 0) { 987 iu->iu_stmf_task->task_flags |= TF_READ_DATA; 988 } 989 990 switch (cmd->cr_task_attr) { 991 case SRP_TSK_ATTR_QTYPE_SIMPLE: 992 iu->iu_stmf_task->task_flags |= TF_ATTR_SIMPLE_QUEUE; 993 break; 994 995 case SRP_TSK_ATTR_QTYPE_HEAD_OF_Q: 996 iu->iu_stmf_task->task_flags |= TF_ATTR_HEAD_OF_QUEUE; 997 break; 998 999 case SRP_TSK_ATTR_QTYPE_ORDERED: 1000 iu->iu_stmf_task->task_flags |= TF_ATTR_ORDERED_QUEUE; 1001 break; 1002 1003 case SRP_TSK_ATTR_QTYPE_ACA_Q_TAG: 1004 iu->iu_stmf_task->task_flags |= TF_ATTR_ACA; 1005 break; 1006 1007 default: 1008 SRPT_DPRINTF_L2("ch_srp_cmd, reserved task attr (%d)", 1009 cmd->cr_task_attr); 1010 iu->iu_stmf_task->task_flags |= TF_ATTR_ORDERED_QUEUE; 1011 break; 1012 } 1013 iu->iu_stmf_task->task_additional_flags = 0; 1014 iu->iu_stmf_task->task_priority = 0; 1015 iu->iu_stmf_task->task_mgmt_function = TM_NONE; 1016 iu->iu_stmf_task->task_max_nbufs = STMF_BUFS_MAX; 1017 iu->iu_stmf_task->task_expected_xfer_length = iu->iu_tot_xfer_len; 1018 iu->iu_stmf_task->task_csn_size = 0; 1019 1020 bcopy(cmd->cr_cdb, iu->iu_stmf_task->task_cdb, 1021 SRP_CDB_SIZE); 1022 if (addlen != 0) { 1023 bcopy(&cmd->cr_add_data, 1024 iu->iu_stmf_task->task_cdb + SRP_CDB_SIZE, 1025 addlen * 4); 1026 } 1027 1028 /* 1029 * Add the IU/task to the session and post to STMF. The task will 1030 * remain in the session's list until STMF is informed by SRP that 1031 * it is done with the task. 1032 */ 1033 DTRACE_SRP_3(scsi__command, srpt_channel_t, iu->iu_ch, 1034 scsi_task_t, iu->iu_stmf_task, srp_cmd_req_t, cmd); 1035 srpt_stp_add_task(ch->ch_session, iu); 1036 1037 SRPT_DPRINTF_L3("ch_srp_cmd, new task (%p) posted", 1038 (void *)iu->iu_stmf_task); 1039 stmf_post_task(iu->iu_stmf_task, NULL); 1040 rw_exit(&ch->ch_rwlock); 1041 1042 return (0); 1043 } 1044 1045 /* 1046 * srpt_ch_task_mgmt_abort() 1047 * 1048 * Returns 0 on success, indicating we've sent a management response. 1049 * Returns !0 to indicate failure; the IU should be reposted. 1050 */ 1051 static ibt_status_t 1052 srpt_ch_task_mgmt_abort(srpt_channel_t *ch, srpt_iu_t *iu, 1053 uint64_t tag_to_abort) 1054 { 1055 srpt_session_t *session = ch->ch_session; 1056 srpt_iu_t *ss_iu; 1057 ibt_status_t status; 1058 1059 /* 1060 * Locate the associated task (tag_to_abort) in the 1061 * session's active task list. 1062 */ 1063 rw_enter(&session->ss_rwlock, RW_READER); 1064 ss_iu = list_head(&session->ss_task_list); 1065 while (ss_iu != NULL) { 1066 mutex_enter(&ss_iu->iu_lock); 1067 if ((tag_to_abort == ss_iu->iu_tag)) { 1068 mutex_exit(&ss_iu->iu_lock); 1069 break; 1070 } 1071 mutex_exit(&ss_iu->iu_lock); 1072 ss_iu = list_next(&session->ss_task_list, ss_iu); 1073 } 1074 rw_exit(&session->ss_rwlock); 1075 1076 /* 1077 * Take appropriate action based on state of task 1078 * to be aborted: 1079 * 1) No longer exists - do nothing. 1080 * 2) Previously aborted or status queued - do nothing. 1081 * 3) Otherwise - initiate abort. 1082 */ 1083 if (ss_iu == NULL) { 1084 goto send_mgmt_resp; 1085 } 1086 1087 mutex_enter(&ss_iu->iu_lock); 1088 if ((ss_iu->iu_flags & (SRPT_IU_STMF_ABORTING | 1089 SRPT_IU_ABORTED | SRPT_IU_RESP_SENT)) != 0) { 1090 mutex_exit(&ss_iu->iu_lock); 1091 goto send_mgmt_resp; 1092 } 1093 1094 /* 1095 * Set aborting flag and notify STMF of abort request. No 1096 * additional I/O will be queued for this IU. 1097 */ 1098 SRPT_DPRINTF_L3("ch_task_mgmt_abort, task found"); 1099 ss_iu->iu_flags |= SRPT_IU_SRP_ABORTING; 1100 mutex_exit(&ss_iu->iu_lock); 1101 stmf_abort(STMF_QUEUE_TASK_ABORT, 1102 ss_iu->iu_stmf_task, STMF_ABORTED, NULL); 1103 1104 send_mgmt_resp: 1105 mutex_enter(&iu->iu_lock); 1106 status = srpt_stp_send_mgmt_response(iu, SRP_TM_SUCCESS, 1107 SRPT_FENCE_SEND); 1108 mutex_exit(&iu->iu_lock); 1109 1110 if (status != IBT_SUCCESS) { 1111 SRPT_DPRINTF_L2("ch_task_mgmt_abort, err(%d)" 1112 " posting abort response", status); 1113 } 1114 1115 return (status); 1116 } 1117 1118 /* 1119 * srpt_ch_srp_task_mgmt() 1120 */ 1121 static int 1122 srpt_ch_srp_task_mgmt(srpt_channel_t *ch, srpt_iu_t *iu) 1123 { 1124 srp_tsk_mgmt_t *tsk = (srp_tsk_mgmt_t *)iu->iu_buf; 1125 uint8_t tm_fn; 1126 ibt_status_t status; 1127 1128 SRPT_DPRINTF_L3("ch_srp_task_mgmt, SRP TASK MGMT func(%d)", 1129 tsk->tm_function); 1130 1131 /* 1132 * Both tag and lun fileds have the same corresponding offsets 1133 * in both srp_tsk_mgmt_t and srp_cmd_req_t structures. The 1134 * casting will allow us to use the same dtrace translator. 1135 */ 1136 DTRACE_SRP_2(task__command, srpt_channel_t, ch, 1137 srp_cmd_req_t, (srp_cmd_req_t *)tsk); 1138 1139 iu->iu_ch = ch; 1140 iu->iu_tag = tsk->tm_tag; 1141 1142 /* 1143 * Task management aborts are processed directly by the SRP driver; 1144 * all other task management requests are handed off to STMF. 1145 */ 1146 switch (tsk->tm_function) { 1147 case SRP_TSK_MGMT_ABORT_TASK: 1148 /* 1149 * Initiate SCSI transport protocol specific task abort 1150 * logic. 1151 */ 1152 status = srpt_ch_task_mgmt_abort(ch, iu, tsk->tm_task_tag); 1153 if (status != IBT_SUCCESS) { 1154 /* repost this IU */ 1155 return (1); 1156 } else { 1157 return (0); 1158 } 1159 1160 case SRP_TSK_MGMT_ABORT_TASK_SET: 1161 tm_fn = TM_ABORT_TASK_SET; 1162 break; 1163 1164 case SRP_TSK_MGMT_CLEAR_TASK_SET: 1165 tm_fn = TM_CLEAR_TASK_SET; 1166 break; 1167 1168 case SRP_TSK_MGMT_LUN_RESET: 1169 tm_fn = TM_LUN_RESET; 1170 break; 1171 1172 case SRP_TSK_MGMT_CLEAR_ACA: 1173 tm_fn = TM_CLEAR_ACA; 1174 break; 1175 1176 default: 1177 /* 1178 * SRP does not support the requested task management 1179 * function; return a not supported status in the response. 1180 */ 1181 SRPT_DPRINTF_L2("ch_srp_task_mgmt, SRP task mgmt fn(%d)" 1182 " not supported", tsk->tm_function); 1183 mutex_enter(&iu->iu_lock); 1184 status = srpt_stp_send_mgmt_response(iu, 1185 SRP_TM_NOT_SUPPORTED, SRPT_NO_FENCE_SEND); 1186 mutex_exit(&iu->iu_lock); 1187 if (status != IBT_SUCCESS) { 1188 SRPT_DPRINTF_L2("ch_srp_task_mgmt, err(%d) posting" 1189 " response", status); 1190 return (1); 1191 } 1192 return (0); 1193 } 1194 1195 rw_enter(&ch->ch_rwlock, RW_READER); 1196 if (ch->ch_state == SRPT_CHANNEL_DISCONNECTING) { 1197 /* 1198 * The channel has begun disconnecting, so ignore the 1199 * the command returning the IU resources. 1200 */ 1201 rw_exit(&ch->ch_rwlock); 1202 return (1); 1203 } 1204 1205 /* 1206 * Once a SCSI mgmt task is allocated and assigned to the IU, it 1207 * owns those IU resources, which will be held until we inform 1208 * STMF that we are done with the task (from an lports perspective). 1209 */ 1210 iu->iu_stmf_task = stmf_task_alloc(ch->ch_tgt->tp_lport, 1211 ch->ch_session->ss_ss, tsk->tm_lun, 0, STMF_TASK_EXT_NONE); 1212 if (iu->iu_stmf_task == NULL) { 1213 /* 1214 * Could not allocate, return status to the initiator 1215 * indicating that we are temporarily unable to process 1216 * commands. If unable to send, immediately return IU 1217 * resource. 1218 */ 1219 SRPT_DPRINTF_L2("ch_srp_task_mgmt, SCSI task allocation" 1220 " failure"); 1221 rw_exit(&ch->ch_rwlock); 1222 mutex_enter(&iu->iu_lock); 1223 status = srpt_stp_send_response(iu, STATUS_BUSY, 0, 0, 0, 1224 NULL, SRPT_NO_FENCE_SEND); 1225 mutex_exit(&iu->iu_lock); 1226 if (status != IBT_SUCCESS) { 1227 SRPT_DPRINTF_L2("ch_srp_task_mgmt, err(%d) posting" 1228 "busy response", status); 1229 /* repost the IU */ 1230 return (1); 1231 } 1232 return (0); 1233 } 1234 1235 iu->iu_stmf_task->task_port_private = iu; 1236 iu->iu_stmf_task->task_flags = 0; 1237 iu->iu_stmf_task->task_additional_flags = 1238 TASK_AF_NO_EXPECTED_XFER_LENGTH; 1239 iu->iu_stmf_task->task_priority = 0; 1240 iu->iu_stmf_task->task_mgmt_function = tm_fn; 1241 iu->iu_stmf_task->task_max_nbufs = STMF_BUFS_MAX; 1242 iu->iu_stmf_task->task_expected_xfer_length = 0; 1243 iu->iu_stmf_task->task_csn_size = 0; 1244 1245 /* 1246 * Add the IU/task to the session and post to STMF. The task will 1247 * remain in the session's list until STMF is informed by SRP that 1248 * it is done with the task. 1249 */ 1250 srpt_stp_add_task(ch->ch_session, iu); 1251 1252 SRPT_DPRINTF_L3("ch_srp_task_mgmt, new mgmt task(%p) posted", 1253 (void *)iu->iu_stmf_task); 1254 stmf_post_task(iu->iu_stmf_task, NULL); 1255 rw_exit(&ch->ch_rwlock); 1256 1257 return (0); 1258 } 1259 1260 /* 1261 * srpt_ch_process_iu() 1262 */ 1263 static void 1264 srpt_ch_process_iu(srpt_channel_t *ch, srpt_iu_t *iu) 1265 { 1266 srpt_iu_data_t *iud; 1267 int status = 1; 1268 1269 /* 1270 * IU adds reference to channel which will represent a 1271 * a reference by STMF. If for whatever reason the IU 1272 * is not handed off to STMF, then this reference will be 1273 * released. Otherwise, the reference will be released when 1274 * SRP informs STMF that the associated SCSI task is done. 1275 */ 1276 srpt_ch_add_ref(ch); 1277 1278 /* 1279 * Validate login RC channel state. Normally active, if 1280 * not active then we need to handle a possible race between the 1281 * receipt of a implied RTU and CM calling back to notify of the 1282 * state transition. 1283 */ 1284 rw_enter(&ch->ch_rwlock, RW_READER); 1285 if (ch->ch_state == SRPT_CHANNEL_DISCONNECTING) { 1286 rw_exit(&ch->ch_rwlock); 1287 goto repost_iu; 1288 } 1289 rw_exit(&ch->ch_rwlock); 1290 1291 iud = iu->iu_buf; 1292 1293 switch (iud->rx_iu.srp_op) { 1294 case SRP_IU_CMD: 1295 status = srpt_ch_srp_cmd(ch, iu); 1296 break; 1297 1298 case SRP_IU_TASK_MGMT: 1299 status = srpt_ch_srp_task_mgmt(ch, iu); 1300 return; 1301 1302 case SRP_IU_I_LOGOUT: 1303 SRPT_DPRINTF_L3("ch_process_iu, SRP INITIATOR LOGOUT"); 1304 /* 1305 * Initiators should logout by issuing a CM disconnect 1306 * request (DREQ) with the logout IU in the private data; 1307 * however some initiators have been known to send the 1308 * IU in-band, if this happens just initiate the logout. 1309 * Note that we do not return a response as per the 1310 * specification. 1311 */ 1312 srpt_stp_logout(ch); 1313 break; 1314 1315 case SRP_IU_AER_RSP: 1316 case SRP_IU_CRED_RSP: 1317 default: 1318 /* 1319 * We don't send asynchronous events or ask for credit 1320 * adjustments, so nothing need be done. Log we got an 1321 * unexpected IU but then just repost the IU to the SRQ. 1322 */ 1323 SRPT_DPRINTF_L2("ch_process_iu, invalid IU from initiator," 1324 " IU opcode(%d)", iud->rx_iu.srp_op); 1325 break; 1326 } 1327 1328 if (status == 0) { 1329 return; 1330 } 1331 1332 repost_iu: 1333 SRPT_DPRINTF_L4("process_iu: reposting iu %p", (void *)iu); 1334 mutex_enter(&iu->iu_lock); 1335 srpt_ioc_repost_recv_iu(iu->iu_ioc, iu); 1336 mutex_exit(&iu->iu_lock); 1337 srpt_ch_release_ref(ch, 0); 1338 } 1339 1340 /* 1341 * srpt_ch_post_send 1342 */ 1343 ibt_status_t 1344 srpt_ch_post_send(srpt_channel_t *ch, srpt_iu_t *iu, uint32_t len, 1345 uint_t fence) 1346 { 1347 ibt_status_t status; 1348 ibt_send_wr_t wr; 1349 ibt_wr_ds_t ds; 1350 uint_t posted; 1351 1352 ASSERT(ch != NULL); 1353 ASSERT(iu != NULL); 1354 ASSERT(mutex_owned(&iu->iu_lock)); 1355 1356 rw_enter(&ch->ch_rwlock, RW_READER); 1357 if (ch->ch_state == SRPT_CHANNEL_DISCONNECTING) { 1358 rw_exit(&ch->ch_rwlock); 1359 SRPT_DPRINTF_L2("ch_post_send, bad ch state (%d)", 1360 ch->ch_state); 1361 return (IBT_FAILURE); 1362 } 1363 rw_exit(&ch->ch_rwlock); 1364 1365 wr.wr_id = srpt_ch_alloc_swqe_wrid(ch, SRPT_SWQE_TYPE_RESP, 1366 (void *)iu); 1367 if (wr.wr_id == 0) { 1368 SRPT_DPRINTF_L2("ch_post_send, queue full"); 1369 return (IBT_FAILURE); 1370 } 1371 1372 atomic_inc_32(&iu->iu_sq_posted_cnt); 1373 1374 wr.wr_flags = IBT_WR_SEND_SIGNAL; 1375 if (fence == SRPT_FENCE_SEND) { 1376 wr.wr_flags |= IBT_WR_SEND_FENCE; 1377 } 1378 wr.wr_opcode = IBT_WRC_SEND; 1379 wr.wr_trans = IBT_RC_SRV; 1380 wr.wr_nds = 1; 1381 wr.wr_sgl = &ds; 1382 1383 ds.ds_va = iu->iu_sge.ds_va; 1384 ds.ds_key = iu->iu_sge.ds_key; 1385 ds.ds_len = len; 1386 1387 SRPT_DPRINTF_L4("ch_post_send, posting SRP response to channel" 1388 " ds.ds_va (0x%16llx), ds.ds_key (0x%08x), " 1389 " ds.ds_len (%d)", 1390 (u_longlong_t)ds.ds_va, ds.ds_key, ds.ds_len); 1391 1392 status = ibt_post_send(ch->ch_chan_hdl, &wr, 1, &posted); 1393 if (status != IBT_SUCCESS) { 1394 SRPT_DPRINTF_L2("ch_post_send, post_send failed (%d)", 1395 status); 1396 atomic_dec_32(&iu->iu_sq_posted_cnt); 1397 srpt_ch_free_swqe_wrid(ch, wr.wr_id); 1398 return (status); 1399 } 1400 1401 return (IBT_SUCCESS); 1402 } 1403 1404 /* 1405 * srpt_ch_alloc_swqe_wrid() 1406 */ 1407 ibt_wrid_t 1408 srpt_ch_alloc_swqe_wrid(srpt_channel_t *ch, 1409 srpt_swqe_type_t wqe_type, void *addr) 1410 { 1411 ibt_wrid_t wrid; 1412 1413 mutex_enter(&ch->ch_swqe_lock); 1414 if (ch->ch_head == ch->ch_tail) { 1415 mutex_exit(&ch->ch_swqe_lock); 1416 return ((ibt_wrid_t)0); 1417 } 1418 wrid = (ibt_wrid_t)ch->ch_head; 1419 ch->ch_swqe[ch->ch_head].sw_type = wqe_type; 1420 ch->ch_swqe[ch->ch_head].sw_addr = addr; 1421 ch->ch_head = ch->ch_swqe[ch->ch_head].sw_next; 1422 ch->ch_swqe_posted++; 1423 mutex_exit(&ch->ch_swqe_lock); 1424 return (wrid); 1425 } 1426 1427 /* 1428 * srpt_ch_free_swqe_wrid() 1429 */ 1430 void 1431 srpt_ch_free_swqe_wrid(srpt_channel_t *ch, ibt_wrid_t id) 1432 { 1433 mutex_enter(&ch->ch_swqe_lock); 1434 ch->ch_swqe[ch->ch_tail].sw_next = id; 1435 ch->ch_tail = (uint32_t)id; 1436 ch->ch_swqe_posted--; 1437 mutex_exit(&ch->ch_swqe_lock); 1438 } 1439