1 /*
2  * CDDL HEADER START
3  *
4  * The contents of this file are subject to the terms of the
5  * Common Development and Distribution License (the "License").
6  * You may not use this file except in compliance with the License.
7  *
8  * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9  * or http://www.opensolaris.org/os/licensing.
10  * See the License for the specific language governing permissions
11  * and limitations under the License.
12  *
13  * When distributing Covered Code, include this CDDL HEADER in each
14  * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15  * If applicable, add the following below this CDDL HEADER, with the
16  * fields enclosed by brackets "[]" replaced with your own identifying
17  * information: Portions Copyright [yyyy] [name of copyright owner]
18  *
19  * CDDL HEADER END
20  */
21 
22 /*
23  * Copyright (c) 2009, 2010, Oracle and/or its affiliates. All rights reserved.
24  */
25 
26 /*
27  * Copyright (c) 2000 to 2010, LSI Corporation.
28  * All rights reserved.
29  *
30  * Redistribution and use in source and binary forms of all code within
31  * this file that is exclusively owned by LSI, with or without
32  * modification, is permitted provided that, in addition to the CDDL 1.0
33  * License requirements, the following conditions are met:
34  *
35  *    Neither the name of the author nor the names of its contributors may be
36  *    used to endorse or promote products derived from this software without
37  *    specific prior written permission.
38  *
39  * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
40  * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
41  * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
42  * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
43  * COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
44  * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
45  * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS
46  * OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED
47  * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
48  * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
49  * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH
50  * DAMAGE.
51  */
52 
53 /*
54  * mptsas - This is a driver based on LSI Logic's MPT2.0 interface.
55  *
56  */
57 
58 #if defined(lint) || defined(DEBUG)
59 #define	MPTSAS_DEBUG
60 #endif
61 
62 /*
63  * standard header files.
64  */
65 #include <sys/note.h>
66 #include <sys/scsi/scsi.h>
67 #include <sys/pci.h>
68 #include <sys/file.h>
69 #include <sys/policy.h>
70 #include <sys/sysevent.h>
71 #include <sys/sysevent/eventdefs.h>
72 #include <sys/sysevent/dr.h>
73 #include <sys/sata/sata_defs.h>
74 #include <sys/scsi/generic/sas.h>
75 #include <sys/scsi/impl/scsi_sas.h>
76 
77 #pragma pack(1)
78 #include <sys/scsi/adapters/mpt_sas/mpi/mpi2_type.h>
79 #include <sys/scsi/adapters/mpt_sas/mpi/mpi2.h>
80 #include <sys/scsi/adapters/mpt_sas/mpi/mpi2_cnfg.h>
81 #include <sys/scsi/adapters/mpt_sas/mpi/mpi2_init.h>
82 #include <sys/scsi/adapters/mpt_sas/mpi/mpi2_ioc.h>
83 #include <sys/scsi/adapters/mpt_sas/mpi/mpi2_sas.h>
84 #include <sys/scsi/adapters/mpt_sas/mpi/mpi2_tool.h>
85 #include <sys/scsi/adapters/mpt_sas/mpi/mpi2_raid.h>
86 #pragma pack()
87 
88 /*
89  * private header files.
90  *
91  */
92 #include <sys/scsi/impl/scsi_reset_notify.h>
93 #include <sys/scsi/adapters/mpt_sas/mptsas_var.h>
94 #include <sys/scsi/adapters/mpt_sas/mptsas_ioctl.h>
95 #include <sys/scsi/adapters/mpt_sas/mptsas_smhba.h>
96 #include <sys/raidioctl.h>
97 
98 #include <sys/fs/dv_node.h>	/* devfs_clean */
99 
100 /*
101  * FMA header files
102  */
103 #include <sys/ddifm.h>
104 #include <sys/fm/protocol.h>
105 #include <sys/fm/util.h>
106 #include <sys/fm/io/ddi.h>
107 
108 /*
109  * autoconfiguration data and routines.
110  */
111 static int mptsas_attach(dev_info_t *dip, ddi_attach_cmd_t cmd);
112 static int mptsas_detach(dev_info_t *devi, ddi_detach_cmd_t cmd);
113 static int mptsas_power(dev_info_t *dip, int component, int level);
114 
115 /*
116  * cb_ops function
117  */
118 static int mptsas_ioctl(dev_t dev, int cmd, intptr_t data, int mode,
119 	cred_t *credp, int *rval);
120 #ifdef __sparc
121 static int mptsas_reset(dev_info_t *devi, ddi_reset_cmd_t cmd);
122 #else  /* __sparc */
123 static int mptsas_quiesce(dev_info_t *devi);
124 #endif	/* __sparc */
125 
126 /*
127  * Resource initilaization for hardware
128  */
129 static void mptsas_setup_cmd_reg(mptsas_t *mpt);
130 static void mptsas_disable_bus_master(mptsas_t *mpt);
131 static void mptsas_hba_fini(mptsas_t *mpt);
132 static void mptsas_cfg_fini(mptsas_t *mptsas_blkp);
133 static int mptsas_hba_setup(mptsas_t *mpt);
134 static void mptsas_hba_teardown(mptsas_t *mpt);
135 static int mptsas_config_space_init(mptsas_t *mpt);
136 static void mptsas_config_space_fini(mptsas_t *mpt);
137 static void mptsas_iport_register(mptsas_t *mpt);
138 static int mptsas_smp_setup(mptsas_t *mpt);
139 static void mptsas_smp_teardown(mptsas_t *mpt);
140 static int mptsas_cache_create(mptsas_t *mpt);
141 static void mptsas_cache_destroy(mptsas_t *mpt);
142 static int mptsas_alloc_request_frames(mptsas_t *mpt);
143 static int mptsas_alloc_reply_frames(mptsas_t *mpt);
144 static int mptsas_alloc_free_queue(mptsas_t *mpt);
145 static int mptsas_alloc_post_queue(mptsas_t *mpt);
146 static void mptsas_alloc_reply_args(mptsas_t *mpt);
147 static int mptsas_alloc_extra_sgl_frame(mptsas_t *mpt, mptsas_cmd_t *cmd);
148 static void mptsas_free_extra_sgl_frame(mptsas_t *mpt, mptsas_cmd_t *cmd);
149 static int mptsas_init_chip(mptsas_t *mpt, int first_time);
150 
151 /*
152  * SCSA function prototypes
153  */
154 static int mptsas_scsi_start(struct scsi_address *ap, struct scsi_pkt *pkt);
155 static int mptsas_scsi_reset(struct scsi_address *ap, int level);
156 static int mptsas_scsi_abort(struct scsi_address *ap, struct scsi_pkt *pkt);
157 static int mptsas_scsi_getcap(struct scsi_address *ap, char *cap, int tgtonly);
158 static int mptsas_scsi_setcap(struct scsi_address *ap, char *cap, int value,
159     int tgtonly);
160 static void mptsas_scsi_dmafree(struct scsi_address *ap, struct scsi_pkt *pkt);
161 static struct scsi_pkt *mptsas_scsi_init_pkt(struct scsi_address *ap,
162     struct scsi_pkt *pkt, struct buf *bp, int cmdlen, int statuslen,
163 	int tgtlen, int flags, int (*callback)(), caddr_t arg);
164 static void mptsas_scsi_sync_pkt(struct scsi_address *ap, struct scsi_pkt *pkt);
165 static void mptsas_scsi_destroy_pkt(struct scsi_address *ap,
166     struct scsi_pkt *pkt);
167 static int mptsas_scsi_tgt_init(dev_info_t *hba_dip, dev_info_t *tgt_dip,
168     scsi_hba_tran_t *hba_tran, struct scsi_device *sd);
169 static void mptsas_scsi_tgt_free(dev_info_t *hba_dip, dev_info_t *tgt_dip,
170     scsi_hba_tran_t *hba_tran, struct scsi_device *sd);
171 static int mptsas_scsi_reset_notify(struct scsi_address *ap, int flag,
172     void (*callback)(caddr_t), caddr_t arg);
173 static int mptsas_get_name(struct scsi_device *sd, char *name, int len);
174 static int mptsas_get_bus_addr(struct scsi_device *sd, char *name, int len);
175 static int mptsas_scsi_quiesce(dev_info_t *dip);
176 static int mptsas_scsi_unquiesce(dev_info_t *dip);
177 static int mptsas_bus_config(dev_info_t *pdip, uint_t flags,
178     ddi_bus_config_op_t op, void *arg, dev_info_t **childp);
179 
180 /*
181  * SMP functions
182  */
183 static int mptsas_smp_start(struct smp_pkt *smp_pkt);
184 
185 /*
186  * internal function prototypes.
187  */
188 static void mptsas_list_add(mptsas_t *mpt);
189 static void mptsas_list_del(mptsas_t *mpt);
190 
191 static int mptsas_quiesce_bus(mptsas_t *mpt);
192 static int mptsas_unquiesce_bus(mptsas_t *mpt);
193 
194 static int mptsas_alloc_handshake_msg(mptsas_t *mpt, size_t alloc_size);
195 static void mptsas_free_handshake_msg(mptsas_t *mpt);
196 
197 static void mptsas_ncmds_checkdrain(void *arg);
198 
199 static int mptsas_prepare_pkt(mptsas_cmd_t *cmd);
200 static int mptsas_accept_pkt(mptsas_t *mpt, mptsas_cmd_t *sp);
201 static int mptsas_accept_txwq_and_pkt(mptsas_t *mpt, mptsas_cmd_t *sp);
202 static void mptsas_accept_tx_waitq(mptsas_t *mpt);
203 
204 static int mptsas_do_detach(dev_info_t *dev);
205 static int mptsas_do_scsi_reset(mptsas_t *mpt, uint16_t devhdl);
206 static int mptsas_do_scsi_abort(mptsas_t *mpt, int target, int lun,
207     struct scsi_pkt *pkt);
208 static int mptsas_scsi_capchk(char *cap, int tgtonly, int *cidxp);
209 
210 static void mptsas_handle_qfull(mptsas_t *mpt, mptsas_cmd_t *cmd);
211 static void mptsas_handle_event(void *args);
212 static int mptsas_handle_event_sync(void *args);
213 static void mptsas_handle_dr(void *args);
214 static void mptsas_handle_topo_change(mptsas_topo_change_list_t *topo_node,
215     dev_info_t *pdip);
216 
217 static void mptsas_restart_cmd(void *);
218 
219 static void mptsas_flush_hba(mptsas_t *mpt);
220 static void mptsas_flush_target(mptsas_t *mpt, ushort_t target, int lun,
221 	uint8_t tasktype);
222 static void mptsas_set_pkt_reason(mptsas_t *mpt, mptsas_cmd_t *cmd,
223     uchar_t reason, uint_t stat);
224 
225 static uint_t mptsas_intr(caddr_t arg1, caddr_t arg2);
226 static void mptsas_process_intr(mptsas_t *mpt,
227     pMpi2ReplyDescriptorsUnion_t reply_desc_union);
228 static void mptsas_handle_scsi_io_success(mptsas_t *mpt,
229     pMpi2ReplyDescriptorsUnion_t reply_desc);
230 static void mptsas_handle_address_reply(mptsas_t *mpt,
231     pMpi2ReplyDescriptorsUnion_t reply_desc);
232 static int mptsas_wait_intr(mptsas_t *mpt, int polltime);
233 static void mptsas_sge_setup(mptsas_t *mpt, mptsas_cmd_t *cmd,
234     uint32_t *control, pMpi2SCSIIORequest_t frame, ddi_acc_handle_t acc_hdl);
235 
236 static void mptsas_watch(void *arg);
237 static void mptsas_watchsubr(mptsas_t *mpt);
238 static void mptsas_cmd_timeout(mptsas_t *mpt, uint16_t devhdl);
239 
240 static void mptsas_start_passthru(mptsas_t *mpt, mptsas_cmd_t *cmd);
241 static int mptsas_do_passthru(mptsas_t *mpt, uint8_t *request, uint8_t *reply,
242     uint8_t *data, uint32_t request_size, uint32_t reply_size,
243     uint32_t data_size, uint32_t direction, uint8_t *dataout,
244     uint32_t dataout_size, short timeout, int mode);
245 static int mptsas_free_devhdl(mptsas_t *mpt, uint16_t devhdl);
246 
247 static uint8_t mptsas_get_fw_diag_buffer_number(mptsas_t *mpt,
248     uint32_t unique_id);
249 static void mptsas_start_diag(mptsas_t *mpt, mptsas_cmd_t *cmd);
250 static int mptsas_post_fw_diag_buffer(mptsas_t *mpt,
251     mptsas_fw_diagnostic_buffer_t *pBuffer, uint32_t *return_code);
252 static int mptsas_release_fw_diag_buffer(mptsas_t *mpt,
253     mptsas_fw_diagnostic_buffer_t *pBuffer, uint32_t *return_code,
254     uint32_t diag_type);
255 static int mptsas_diag_register(mptsas_t *mpt,
256     mptsas_fw_diag_register_t *diag_register, uint32_t *return_code);
257 static int mptsas_diag_unregister(mptsas_t *mpt,
258     mptsas_fw_diag_unregister_t *diag_unregister, uint32_t *return_code);
259 static int mptsas_diag_query(mptsas_t *mpt, mptsas_fw_diag_query_t *diag_query,
260     uint32_t *return_code);
261 static int mptsas_diag_read_buffer(mptsas_t *mpt,
262     mptsas_diag_read_buffer_t *diag_read_buffer, uint8_t *ioctl_buf,
263     uint32_t *return_code, int ioctl_mode);
264 static int mptsas_diag_release(mptsas_t *mpt,
265     mptsas_fw_diag_release_t *diag_release, uint32_t *return_code);
266 static int mptsas_do_diag_action(mptsas_t *mpt, uint32_t action,
267     uint8_t *diag_action, uint32_t length, uint32_t *return_code,
268     int ioctl_mode);
269 static int mptsas_diag_action(mptsas_t *mpt, mptsas_diag_action_t *data,
270     int mode);
271 
272 static int mptsas_pkt_alloc_extern(mptsas_t *mpt, mptsas_cmd_t *cmd,
273     int cmdlen, int tgtlen, int statuslen, int kf);
274 static void mptsas_pkt_destroy_extern(mptsas_t *mpt, mptsas_cmd_t *cmd);
275 
276 static int mptsas_kmem_cache_constructor(void *buf, void *cdrarg, int kmflags);
277 static void mptsas_kmem_cache_destructor(void *buf, void *cdrarg);
278 
279 static int mptsas_cache_frames_constructor(void *buf, void *cdrarg,
280     int kmflags);
281 static void mptsas_cache_frames_destructor(void *buf, void *cdrarg);
282 
283 static void mptsas_check_scsi_io_error(mptsas_t *mpt, pMpi2SCSIIOReply_t reply,
284     mptsas_cmd_t *cmd);
285 static void mptsas_check_task_mgt(mptsas_t *mpt,
286     pMpi2SCSIManagementReply_t reply, mptsas_cmd_t *cmd);
287 static int mptsas_send_scsi_cmd(mptsas_t *mpt, struct scsi_address *ap,
288     mptsas_target_t *ptgt, uchar_t *cdb, int cdblen, struct buf *data_bp,
289     int *resid);
290 
291 static int mptsas_alloc_active_slots(mptsas_t *mpt, int flag);
292 static void mptsas_free_active_slots(mptsas_t *mpt);
293 static int mptsas_start_cmd(mptsas_t *mpt, mptsas_cmd_t *cmd);
294 
295 static void mptsas_restart_hba(mptsas_t *mpt);
296 static void mptsas_restart_waitq(mptsas_t *mpt);
297 
298 static void mptsas_deliver_doneq_thread(mptsas_t *mpt);
299 static void mptsas_doneq_add(mptsas_t *mpt, mptsas_cmd_t *cmd);
300 static void mptsas_doneq_mv(mptsas_t *mpt, uint64_t t);
301 
302 static mptsas_cmd_t *mptsas_doneq_thread_rm(mptsas_t *mpt, uint64_t t);
303 static void mptsas_doneq_empty(mptsas_t *mpt);
304 static void mptsas_doneq_thread(mptsas_doneq_thread_arg_t *arg);
305 
306 static mptsas_cmd_t *mptsas_waitq_rm(mptsas_t *mpt);
307 static void mptsas_waitq_delete(mptsas_t *mpt, mptsas_cmd_t *cmd);
308 static mptsas_cmd_t *mptsas_tx_waitq_rm(mptsas_t *mpt);
309 static void mptsas_tx_waitq_delete(mptsas_t *mpt, mptsas_cmd_t *cmd);
310 
311 
312 static void mptsas_start_watch_reset_delay();
313 static void mptsas_setup_bus_reset_delay(mptsas_t *mpt);
314 static void mptsas_watch_reset_delay(void *arg);
315 static int mptsas_watch_reset_delay_subr(mptsas_t *mpt);
316 
317 /*
318  * helper functions
319  */
320 static void mptsas_dump_cmd(mptsas_t *mpt, mptsas_cmd_t *cmd);
321 
322 static dev_info_t *mptsas_find_child(dev_info_t *pdip, char *name);
323 static dev_info_t *mptsas_find_child_phy(dev_info_t *pdip, uint8_t phy);
324 static dev_info_t *mptsas_find_child_addr(dev_info_t *pdip, uint64_t sasaddr,
325     int lun);
326 static mdi_pathinfo_t *mptsas_find_path_addr(dev_info_t *pdip, uint64_t sasaddr,
327     int lun);
328 static mdi_pathinfo_t *mptsas_find_path_phy(dev_info_t *pdip, uint8_t phy);
329 static dev_info_t *mptsas_find_smp_child(dev_info_t *pdip, char *str_wwn);
330 
331 static int mptsas_parse_address(char *name, uint64_t *wwid, uint8_t *phy,
332     int *lun);
333 static int mptsas_parse_smp_name(char *name, uint64_t *wwn);
334 
335 static mptsas_target_t *mptsas_phy_to_tgt(mptsas_t *mpt, int phymask,
336     uint8_t phy);
337 static mptsas_target_t *mptsas_wwid_to_ptgt(mptsas_t *mpt, int phymask,
338     uint64_t wwid);
339 static mptsas_smp_t *mptsas_wwid_to_psmp(mptsas_t *mpt, int phymask,
340     uint64_t wwid);
341 
342 static int mptsas_inquiry(mptsas_t *mpt, mptsas_target_t *ptgt, int lun,
343     uchar_t page, unsigned char *buf, int len, int *rlen, uchar_t evpd);
344 
345 static int mptsas_get_target_device_info(mptsas_t *mpt, uint32_t page_address,
346     uint16_t *handle, mptsas_target_t **pptgt);
347 static void mptsas_update_phymask(mptsas_t *mpt);
348 
349 static int mptsas_send_sep(mptsas_t *mpt, mptsas_target_t *ptgt,
350     uint32_t *status, uint8_t cmd);
351 static dev_info_t *mptsas_get_dip_from_dev(dev_t dev,
352     mptsas_phymask_t *phymask);
353 static mptsas_target_t *mptsas_addr_to_ptgt(mptsas_t *mpt, char *addr,
354     mptsas_phymask_t phymask);
355 static int mptsas_set_led_status(mptsas_t *mpt, mptsas_target_t *ptgt,
356     uint32_t slotstatus);
357 
358 
359 /*
360  * Enumeration / DR functions
361  */
362 static void mptsas_config_all(dev_info_t *pdip);
363 static int mptsas_config_one_addr(dev_info_t *pdip, uint64_t sasaddr, int lun,
364     dev_info_t **lundip);
365 static int mptsas_config_one_phy(dev_info_t *pdip, uint8_t phy, int lun,
366     dev_info_t **lundip);
367 
368 static int mptsas_config_target(dev_info_t *pdip, mptsas_target_t *ptgt);
369 static int mptsas_offline_target(dev_info_t *pdip, char *name);
370 
371 static int mptsas_config_raid(dev_info_t *pdip, uint16_t target,
372     dev_info_t **dip);
373 
374 static int mptsas_config_luns(dev_info_t *pdip, mptsas_target_t *ptgt);
375 static int mptsas_probe_lun(dev_info_t *pdip, int lun,
376     dev_info_t **dip, mptsas_target_t *ptgt);
377 
378 static int mptsas_create_lun(dev_info_t *pdip, struct scsi_inquiry *sd_inq,
379     dev_info_t **dip, mptsas_target_t *ptgt, int lun);
380 
381 static int mptsas_create_phys_lun(dev_info_t *pdip, struct scsi_inquiry *sd,
382     char *guid, dev_info_t **dip, mptsas_target_t *ptgt, int lun);
383 static int mptsas_create_virt_lun(dev_info_t *pdip, struct scsi_inquiry *sd,
384     char *guid, dev_info_t **dip, mdi_pathinfo_t **pip, mptsas_target_t *ptgt,
385     int lun);
386 
387 static void mptsas_offline_missed_luns(dev_info_t *pdip,
388     uint16_t *repluns, int lun_cnt, mptsas_target_t *ptgt);
389 static int mptsas_offline_lun(dev_info_t *pdip, dev_info_t *rdip,
390     mdi_pathinfo_t *rpip, uint_t flags);
391 
392 static int mptsas_config_smp(dev_info_t *pdip, uint64_t sas_wwn,
393     dev_info_t **smp_dip);
394 static int mptsas_offline_smp(dev_info_t *pdip, mptsas_smp_t *smp_node,
395     uint_t flags);
396 
397 static int mptsas_event_query(mptsas_t *mpt, mptsas_event_query_t *data,
398     int mode, int *rval);
399 static int mptsas_event_enable(mptsas_t *mpt, mptsas_event_enable_t *data,
400     int mode, int *rval);
401 static int mptsas_event_report(mptsas_t *mpt, mptsas_event_report_t *data,
402     int mode, int *rval);
403 static void mptsas_record_event(void *args);
404 static int mptsas_reg_access(mptsas_t *mpt, mptsas_reg_access_t *data,
405     int mode);
406 
407 static void mptsas_hash_init(mptsas_hash_table_t *hashtab);
408 static void mptsas_hash_uninit(mptsas_hash_table_t *hashtab, size_t datalen);
409 static void mptsas_hash_add(mptsas_hash_table_t *hashtab, void *data);
410 static void * mptsas_hash_rem(mptsas_hash_table_t *hashtab, uint64_t key1,
411     mptsas_phymask_t key2);
412 static void * mptsas_hash_search(mptsas_hash_table_t *hashtab, uint64_t key1,
413     mptsas_phymask_t key2);
414 static void * mptsas_hash_traverse(mptsas_hash_table_t *hashtab, int pos);
415 
416 mptsas_target_t *mptsas_tgt_alloc(mptsas_hash_table_t *, uint16_t, uint64_t,
417     uint32_t, mptsas_phymask_t, uint8_t);
418 static mptsas_smp_t *mptsas_smp_alloc(mptsas_hash_table_t *hashtab,
419     mptsas_smp_t *data);
420 static void mptsas_smp_free(mptsas_hash_table_t *hashtab, uint64_t wwid,
421     mptsas_phymask_t phymask);
422 static void mptsas_tgt_free(mptsas_hash_table_t *, uint64_t, mptsas_phymask_t);
423 static void * mptsas_search_by_devhdl(mptsas_hash_table_t *, uint16_t);
424 static int mptsas_online_smp(dev_info_t *pdip, mptsas_smp_t *smp_node,
425     dev_info_t **smp_dip);
426 
427 /*
428  * Power management functions
429  */
430 static int mptsas_get_pci_cap(mptsas_t *mpt);
431 static int mptsas_init_pm(mptsas_t *mpt);
432 
433 /*
434  * MPT MSI tunable:
435  *
436  * By default MSI is enabled on all supported platforms.
437  */
438 boolean_t mptsas_enable_msi = B_TRUE;
439 
440 static int mptsas_register_intrs(mptsas_t *);
441 static void mptsas_unregister_intrs(mptsas_t *);
442 static int mptsas_add_intrs(mptsas_t *, int);
443 static void mptsas_rem_intrs(mptsas_t *);
444 
445 /*
446  * FMA Prototypes
447  */
448 static void mptsas_fm_init(mptsas_t *mpt);
449 static void mptsas_fm_fini(mptsas_t *mpt);
450 static int mptsas_fm_error_cb(dev_info_t *, ddi_fm_error_t *, const void *);
451 
452 extern pri_t minclsyspri, maxclsyspri;
453 
454 /*
455  * This device is created by the SCSI pseudo nexus driver (SCSI vHCI).  It is
456  * under this device that the paths to a physical device are created when
457  * MPxIO is used.
458  */
459 extern dev_info_t	*scsi_vhci_dip;
460 
461 /*
462  * Tunable timeout value for Inquiry VPD page 0x83
463  * By default the value is 30 seconds.
464  */
465 int mptsas_inq83_retry_timeout = 30;
466 
467 /*
468  * This is used to allocate memory for message frame storage, not for
469  * data I/O DMA. All message frames must be stored in the first 4G of
470  * physical memory.
471  */
472 ddi_dma_attr_t mptsas_dma_attrs = {
473 	DMA_ATTR_V0,	/* attribute layout version		*/
474 	0x0ull,		/* address low - should be 0 (longlong)	*/
475 	0xffffffffull,	/* address high - 32-bit max range	*/
476 	0x00ffffffull,	/* count max - max DMA object size	*/
477 	4,		/* allocation alignment requirements	*/
478 	0x78,		/* burstsizes - binary encoded values	*/
479 	1,		/* minxfer - gran. of DMA engine	*/
480 	0x00ffffffull,	/* maxxfer - gran. of DMA engine	*/
481 	0xffffffffull,	/* max segment size (DMA boundary)	*/
482 	MPTSAS_MAX_DMA_SEGS, /* scatter/gather list length	*/
483 	512,		/* granularity - device transfer size	*/
484 	0		/* flags, set to 0			*/
485 };
486 
487 /*
488  * This is used for data I/O DMA memory allocation. (full 64-bit DMA
489  * physical addresses are supported.)
490  */
491 ddi_dma_attr_t mptsas_dma_attrs64 = {
492 	DMA_ATTR_V0,	/* attribute layout version		*/
493 	0x0ull,		/* address low - should be 0 (longlong)	*/
494 	0xffffffffffffffffull,	/* address high - 64-bit max	*/
495 	0x00ffffffull,	/* count max - max DMA object size	*/
496 	4,		/* allocation alignment requirements	*/
497 	0x78,		/* burstsizes - binary encoded values	*/
498 	1,		/* minxfer - gran. of DMA engine	*/
499 	0x00ffffffull,	/* maxxfer - gran. of DMA engine	*/
500 	0xffffffffull,	/* max segment size (DMA boundary)	*/
501 	MPTSAS_MAX_DMA_SEGS, /* scatter/gather list length	*/
502 	512,		/* granularity - device transfer size	*/
503 	DDI_DMA_RELAXED_ORDERING	/* flags, enable relaxed ordering */
504 };
505 
506 ddi_device_acc_attr_t mptsas_dev_attr = {
507 	DDI_DEVICE_ATTR_V1,
508 	DDI_STRUCTURE_LE_ACC,
509 	DDI_STRICTORDER_ACC,
510 	DDI_DEFAULT_ACC
511 };
512 
513 static struct cb_ops mptsas_cb_ops = {
514 	scsi_hba_open,		/* open */
515 	scsi_hba_close,		/* close */
516 	nodev,			/* strategy */
517 	nodev,			/* print */
518 	nodev,			/* dump */
519 	nodev,			/* read */
520 	nodev,			/* write */
521 	mptsas_ioctl,		/* ioctl */
522 	nodev,			/* devmap */
523 	nodev,			/* mmap */
524 	nodev,			/* segmap */
525 	nochpoll,		/* chpoll */
526 	ddi_prop_op,		/* cb_prop_op */
527 	NULL,			/* streamtab */
528 	D_MP,			/* cb_flag */
529 	CB_REV,			/* rev */
530 	nodev,			/* aread */
531 	nodev			/* awrite */
532 };
533 
534 static struct dev_ops mptsas_ops = {
535 	DEVO_REV,		/* devo_rev, */
536 	0,			/* refcnt  */
537 	ddi_no_info,		/* info */
538 	nulldev,		/* identify */
539 	nulldev,		/* probe */
540 	mptsas_attach,		/* attach */
541 	mptsas_detach,		/* detach */
542 #ifdef  __sparc
543 	mptsas_reset,
544 #else
545 	nodev,			/* reset */
546 #endif  /* __sparc */
547 	&mptsas_cb_ops,		/* driver operations */
548 	NULL,			/* bus operations */
549 	mptsas_power,		/* power management */
550 #ifdef	__sparc
551 	ddi_quiesce_not_needed
552 #else
553 	mptsas_quiesce		/* quiesce */
554 #endif	/* __sparc */
555 };
556 
557 
558 #define	MPTSAS_MOD_STRING "MPTSAS HBA Driver 00.00.00.24"
559 
560 static struct modldrv modldrv = {
561 	&mod_driverops,	/* Type of module. This one is a driver */
562 	MPTSAS_MOD_STRING, /* Name of the module. */
563 	&mptsas_ops,	/* driver ops */
564 };
565 
566 static struct modlinkage modlinkage = {
567 	MODREV_1, &modldrv, NULL
568 };
569 #define	TARGET_PROP	"target"
570 #define	LUN_PROP	"lun"
571 #define	LUN64_PROP	"lun64"
572 #define	SAS_PROP	"sas-mpt"
573 #define	MDI_GUID	"wwn"
574 #define	NDI_GUID	"guid"
575 #define	MPTSAS_DEV_GONE	"mptsas_dev_gone"
576 
577 /*
578  * Local static data
579  */
580 #if defined(MPTSAS_DEBUG)
581 uint32_t mptsas_debug_flags = 0;
582 #endif	/* defined(MPTSAS_DEBUG) */
583 uint32_t mptsas_debug_resets = 0;
584 
585 static kmutex_t		mptsas_global_mutex;
586 static void		*mptsas_state;		/* soft	state ptr */
587 static krwlock_t	mptsas_global_rwlock;
588 
589 static kmutex_t		mptsas_log_mutex;
590 static char		mptsas_log_buf[256];
591 _NOTE(MUTEX_PROTECTS_DATA(mptsas_log_mutex, mptsas_log_buf))
592 
593 static mptsas_t *mptsas_head, *mptsas_tail;
594 static clock_t mptsas_scsi_watchdog_tick;
595 static clock_t mptsas_tick;
596 static timeout_id_t mptsas_reset_watch;
597 static timeout_id_t mptsas_timeout_id;
598 static int mptsas_timeouts_enabled = 0;
599 /*
600  * warlock directives
601  */
602 _NOTE(SCHEME_PROTECTS_DATA("unique per pkt", scsi_pkt \
603 	mptsas_cmd NcrTableIndirect buf scsi_cdb scsi_status))
604 _NOTE(SCHEME_PROTECTS_DATA("unique per pkt", smp_pkt))
605 _NOTE(SCHEME_PROTECTS_DATA("stable data", scsi_device scsi_address))
606 _NOTE(SCHEME_PROTECTS_DATA("No Mutex Needed", mptsas_tgt_private))
607 _NOTE(SCHEME_PROTECTS_DATA("No Mutex Needed", scsi_hba_tran::tran_tgt_private))
608 
609 /*
610  * SM - HBA statics
611  */
612 char	*mptsas_driver_rev = MPTSAS_MOD_STRING;
613 
614 #ifdef MPTSAS_DEBUG
615 void debug_enter(char *);
616 #endif
617 
618 /*
619  * Notes:
620  *	- scsi_hba_init(9F) initializes SCSI HBA modules
621  *	- must call scsi_hba_fini(9F) if modload() fails
622  */
623 int
624 _init(void)
625 {
626 	int status;
627 	/* CONSTCOND */
628 	ASSERT(NO_COMPETING_THREADS);
629 
630 	NDBG0(("_init"));
631 
632 	status = ddi_soft_state_init(&mptsas_state, MPTSAS_SIZE,
633 	    MPTSAS_INITIAL_SOFT_SPACE);
634 	if (status != 0) {
635 		return (status);
636 	}
637 
638 	if ((status = scsi_hba_init(&modlinkage)) != 0) {
639 		ddi_soft_state_fini(&mptsas_state);
640 		return (status);
641 	}
642 
643 	mutex_init(&mptsas_global_mutex, NULL, MUTEX_DRIVER, NULL);
644 	rw_init(&mptsas_global_rwlock, NULL, RW_DRIVER, NULL);
645 	mutex_init(&mptsas_log_mutex, NULL, MUTEX_DRIVER, NULL);
646 
647 	if ((status = mod_install(&modlinkage)) != 0) {
648 		mutex_destroy(&mptsas_log_mutex);
649 		rw_destroy(&mptsas_global_rwlock);
650 		mutex_destroy(&mptsas_global_mutex);
651 		ddi_soft_state_fini(&mptsas_state);
652 		scsi_hba_fini(&modlinkage);
653 	}
654 
655 	return (status);
656 }
657 
658 /*
659  * Notes:
660  *	- scsi_hba_fini(9F) uninitializes SCSI HBA modules
661  */
662 int
663 _fini(void)
664 {
665 	int	status;
666 	/* CONSTCOND */
667 	ASSERT(NO_COMPETING_THREADS);
668 
669 	NDBG0(("_fini"));
670 
671 	if ((status = mod_remove(&modlinkage)) == 0) {
672 		ddi_soft_state_fini(&mptsas_state);
673 		scsi_hba_fini(&modlinkage);
674 		mutex_destroy(&mptsas_global_mutex);
675 		rw_destroy(&mptsas_global_rwlock);
676 		mutex_destroy(&mptsas_log_mutex);
677 	}
678 	return (status);
679 }
680 
681 /*
682  * The loadable-module _info(9E) entry point
683  */
684 int
685 _info(struct modinfo *modinfop)
686 {
687 	/* CONSTCOND */
688 	ASSERT(NO_COMPETING_THREADS);
689 	NDBG0(("mptsas _info"));
690 
691 	return (mod_info(&modlinkage, modinfop));
692 }
693 
694 
695 static int
696 mptsas_iport_attach(dev_info_t *dip, ddi_attach_cmd_t cmd)
697 {
698 	dev_info_t		*pdip;
699 	mptsas_t		*mpt;
700 	scsi_hba_tran_t		*hba_tran;
701 	char			*iport = NULL;
702 	char			phymask[MPTSAS_MAX_PHYS];
703 	mptsas_phymask_t	phy_mask = 0;
704 	int			dynamic_port = 0;
705 	uint32_t		page_address;
706 	char			initiator_wwnstr[MPTSAS_WWN_STRLEN];
707 	int			rval = DDI_FAILURE;
708 	int			i = 0;
709 	uint8_t			numphys = 0;
710 	uint8_t			phy_id;
711 	uint8_t			phy_port = 0;
712 	uint16_t		attached_devhdl = 0;
713 	uint32_t		dev_info;
714 	uint64_t		attached_sas_wwn;
715 	uint16_t		dev_hdl;
716 	uint16_t		pdev_hdl;
717 	uint16_t		bay_num, enclosure;
718 	char			attached_wwnstr[MPTSAS_WWN_STRLEN];
719 
720 	/* CONSTCOND */
721 	ASSERT(NO_COMPETING_THREADS);
722 
723 	switch (cmd) {
724 	case DDI_ATTACH:
725 		break;
726 
727 	case DDI_RESUME:
728 		/*
729 		 * If this a scsi-iport node, nothing to do here.
730 		 */
731 		return (DDI_SUCCESS);
732 
733 	default:
734 		return (DDI_FAILURE);
735 	}
736 
737 	pdip = ddi_get_parent(dip);
738 
739 	if ((hba_tran = ndi_flavorv_get(pdip, SCSA_FLAVOR_SCSI_DEVICE)) ==
740 	    NULL) {
741 		cmn_err(CE_WARN, "Failed attach iport because fail to "
742 		    "get tran vector for the HBA node");
743 		return (DDI_FAILURE);
744 	}
745 
746 	mpt = TRAN2MPT(hba_tran);
747 	ASSERT(mpt != NULL);
748 	if (mpt == NULL)
749 		return (DDI_FAILURE);
750 
751 	if ((hba_tran = ndi_flavorv_get(dip, SCSA_FLAVOR_SCSI_DEVICE)) ==
752 	    NULL) {
753 		mptsas_log(mpt, CE_WARN, "Failed attach iport because fail to "
754 		    "get tran vector for the iport node");
755 		return (DDI_FAILURE);
756 	}
757 
758 	/*
759 	 * Overwrite parent's tran_hba_private to iport's tran vector
760 	 */
761 	hba_tran->tran_hba_private = mpt;
762 
763 	ddi_report_dev(dip);
764 
765 	/*
766 	 * Get SAS address for initiator port according dev_handle
767 	 */
768 	iport = ddi_get_name_addr(dip);
769 	if (iport && strncmp(iport, "v0", 2) == 0) {
770 		if (ddi_prop_update_int(DDI_DEV_T_NONE, dip,
771 		    MPTSAS_VIRTUAL_PORT, 1) !=
772 		    DDI_PROP_SUCCESS) {
773 			(void) ddi_prop_remove(DDI_DEV_T_NONE, dip,
774 			    MPTSAS_VIRTUAL_PORT);
775 			mptsas_log(mpt, CE_WARN, "mptsas virtual port "
776 			    "prop update failed");
777 			return (DDI_FAILURE);
778 		}
779 		return (DDI_SUCCESS);
780 	}
781 
782 	mutex_enter(&mpt->m_mutex);
783 	for (i = 0; i < MPTSAS_MAX_PHYS; i++) {
784 		bzero(phymask, sizeof (phymask));
785 		(void) sprintf(phymask,
786 		    "%x", mpt->m_phy_info[i].phy_mask);
787 		if (strcmp(phymask, iport) == 0) {
788 			break;
789 		}
790 	}
791 
792 	if (i == MPTSAS_MAX_PHYS) {
793 		mptsas_log(mpt, CE_WARN, "Failed attach port %s because port"
794 		    "seems not exist", iport);
795 		mutex_exit(&mpt->m_mutex);
796 		return (DDI_FAILURE);
797 	}
798 
799 	phy_mask = mpt->m_phy_info[i].phy_mask;
800 
801 	if (mpt->m_phy_info[i].port_flags & AUTO_PORT_CONFIGURATION)
802 		dynamic_port = 1;
803 	else
804 		dynamic_port = 0;
805 
806 	/*
807 	 * Update PHY info for smhba
808 	 */
809 	if (mptsas_smhba_phy_init(mpt)) {
810 		mutex_exit(&mpt->m_mutex);
811 		mptsas_log(mpt, CE_WARN, "mptsas phy update "
812 		    "failed");
813 		return (DDI_FAILURE);
814 	}
815 
816 	mutex_exit(&mpt->m_mutex);
817 
818 	numphys = 0;
819 	for (i = 0; i < MPTSAS_MAX_PHYS; i++) {
820 		if ((phy_mask >> i) & 0x01) {
821 			numphys++;
822 		}
823 	}
824 
825 	bzero(initiator_wwnstr, sizeof (initiator_wwnstr));
826 	(void) sprintf(initiator_wwnstr, "w%016"PRIx64,
827 	    mpt->un.m_base_wwid);
828 
829 	if (ddi_prop_update_string(DDI_DEV_T_NONE, dip,
830 	    SCSI_ADDR_PROP_INITIATOR_PORT, initiator_wwnstr) !=
831 	    DDI_PROP_SUCCESS) {
832 		(void) ddi_prop_remove(DDI_DEV_T_NONE,
833 		    dip, SCSI_ADDR_PROP_INITIATOR_PORT);
834 		mptsas_log(mpt, CE_WARN, "mptsas Initiator port "
835 		    "prop update failed");
836 		return (DDI_FAILURE);
837 	}
838 	if (ddi_prop_update_int(DDI_DEV_T_NONE, dip,
839 	    MPTSAS_NUM_PHYS, numphys) !=
840 	    DDI_PROP_SUCCESS) {
841 		(void) ddi_prop_remove(DDI_DEV_T_NONE, dip, MPTSAS_NUM_PHYS);
842 		return (DDI_FAILURE);
843 	}
844 
845 	if (ddi_prop_update_int(DDI_DEV_T_NONE, dip,
846 	    "phymask", phy_mask) !=
847 	    DDI_PROP_SUCCESS) {
848 		(void) ddi_prop_remove(DDI_DEV_T_NONE, dip, "phymask");
849 		mptsas_log(mpt, CE_WARN, "mptsas phy mask "
850 		    "prop update failed");
851 		return (DDI_FAILURE);
852 	}
853 
854 	if (ddi_prop_update_int(DDI_DEV_T_NONE, dip,
855 	    "dynamic-port", dynamic_port) !=
856 	    DDI_PROP_SUCCESS) {
857 		(void) ddi_prop_remove(DDI_DEV_T_NONE, dip, "dynamic-port");
858 		mptsas_log(mpt, CE_WARN, "mptsas dynamic port "
859 		    "prop update failed");
860 		return (DDI_FAILURE);
861 	}
862 	if (ddi_prop_update_int(DDI_DEV_T_NONE, dip,
863 	    MPTSAS_VIRTUAL_PORT, 0) !=
864 	    DDI_PROP_SUCCESS) {
865 		(void) ddi_prop_remove(DDI_DEV_T_NONE, dip,
866 		    MPTSAS_VIRTUAL_PORT);
867 		mptsas_log(mpt, CE_WARN, "mptsas virtual port "
868 		    "prop update failed");
869 		return (DDI_FAILURE);
870 	}
871 	mptsas_smhba_set_phy_props(mpt,
872 	    iport, dip, numphys, &attached_devhdl);
873 
874 	mutex_enter(&mpt->m_mutex);
875 	page_address = (MPI2_SAS_DEVICE_PGAD_FORM_HANDLE &
876 	    MPI2_SAS_DEVICE_PGAD_FORM_MASK) | (uint32_t)attached_devhdl;
877 	rval = mptsas_get_sas_device_page0(mpt, page_address, &dev_hdl,
878 	    &attached_sas_wwn, &dev_info, &phy_port, &phy_id,
879 	    &pdev_hdl, &bay_num, &enclosure);
880 	if (rval != DDI_SUCCESS) {
881 		mptsas_log(mpt, CE_WARN,
882 		    "Failed to get device page0 for handle:%d",
883 		    attached_devhdl);
884 		mutex_exit(&mpt->m_mutex);
885 		return (DDI_FAILURE);
886 	}
887 
888 	for (i = 0; i < MPTSAS_MAX_PHYS; i++) {
889 		bzero(phymask, sizeof (phymask));
890 		(void) sprintf(phymask, "%x", mpt->m_phy_info[i].phy_mask);
891 		if (strcmp(phymask, iport) == 0) {
892 			(void) sprintf(&mpt->m_phy_info[i].smhba_info.path[0],
893 			    "%x",
894 			    mpt->m_phy_info[i].phy_mask);
895 		}
896 	}
897 	mutex_exit(&mpt->m_mutex);
898 
899 	bzero(attached_wwnstr, sizeof (attached_wwnstr));
900 	(void) sprintf(attached_wwnstr, "w%016"PRIx64,
901 	    attached_sas_wwn);
902 	if (ddi_prop_update_string(DDI_DEV_T_NONE, dip,
903 	    SCSI_ADDR_PROP_ATTACHED_PORT, attached_wwnstr) !=
904 	    DDI_PROP_SUCCESS) {
905 		(void) ddi_prop_remove(DDI_DEV_T_NONE,
906 		    dip, SCSI_ADDR_PROP_ATTACHED_PORT);
907 		return (DDI_FAILURE);
908 	}
909 
910 	/* Create kstats for each phy on this iport */
911 
912 	mptsas_create_phy_stats(mpt, iport, dip);
913 
914 	/*
915 	 * register sas hba iport with mdi (MPxIO/vhci)
916 	 */
917 	if (mdi_phci_register(MDI_HCI_CLASS_SCSI,
918 	    dip, 0) == MDI_SUCCESS) {
919 		mpt->m_mpxio_enable = TRUE;
920 	}
921 	return (DDI_SUCCESS);
922 }
923 
924 /*
925  * Notes:
926  *	Set up all device state and allocate data structures,
927  *	mutexes, condition variables, etc. for device operation.
928  *	Add interrupts needed.
929  *	Return DDI_SUCCESS if device is ready, else return DDI_FAILURE.
930  */
931 static int
932 mptsas_attach(dev_info_t *dip, ddi_attach_cmd_t cmd)
933 {
934 	mptsas_t		*mpt = NULL;
935 	int			instance, i, j;
936 	int			doneq_thread_num;
937 	char			intr_added = 0;
938 	char			map_setup = 0;
939 	char			config_setup = 0;
940 	char			hba_attach_setup = 0;
941 	char			smp_attach_setup = 0;
942 	char			mutex_init_done = 0;
943 	char			event_taskq_create = 0;
944 	char			dr_taskq_create = 0;
945 	char			doneq_thread_create = 0;
946 	scsi_hba_tran_t		*hba_tran;
947 	uint_t			mem_bar = MEM_SPACE;
948 	int			rval = DDI_FAILURE;
949 
950 	/* CONSTCOND */
951 	ASSERT(NO_COMPETING_THREADS);
952 
953 	if (scsi_hba_iport_unit_address(dip)) {
954 		return (mptsas_iport_attach(dip, cmd));
955 	}
956 
957 	switch (cmd) {
958 	case DDI_ATTACH:
959 		break;
960 
961 	case DDI_RESUME:
962 		if ((hba_tran = ddi_get_driver_private(dip)) == NULL)
963 			return (DDI_FAILURE);
964 
965 		mpt = TRAN2MPT(hba_tran);
966 
967 		if (!mpt) {
968 			return (DDI_FAILURE);
969 		}
970 
971 		/*
972 		 * Reset hardware and softc to "no outstanding commands"
973 		 * Note	that a check condition can result on first command
974 		 * to a	target.
975 		 */
976 		mutex_enter(&mpt->m_mutex);
977 
978 		/*
979 		 * raise power.
980 		 */
981 		if (mpt->m_options & MPTSAS_OPT_PM) {
982 			mutex_exit(&mpt->m_mutex);
983 			(void) pm_busy_component(dip, 0);
984 			rval = pm_power_has_changed(dip, 0, PM_LEVEL_D0);
985 			if (rval == DDI_SUCCESS) {
986 				mutex_enter(&mpt->m_mutex);
987 			} else {
988 				/*
989 				 * The pm_raise_power() call above failed,
990 				 * and that can only occur if we were unable
991 				 * to reset the hardware.  This is probably
992 				 * due to unhealty hardware, and because
993 				 * important filesystems(such as the root
994 				 * filesystem) could be on the attached disks,
995 				 * it would not be a good idea to continue,
996 				 * as we won't be entirely certain we are
997 				 * writing correct data.  So we panic() here
998 				 * to not only prevent possible data corruption,
999 				 * but to give developers or end users a hope
1000 				 * of identifying and correcting any problems.
1001 				 */
1002 				fm_panic("mptsas could not reset hardware "
1003 				    "during resume");
1004 			}
1005 		}
1006 
1007 		mpt->m_suspended = 0;
1008 
1009 		/*
1010 		 * Reinitialize ioc
1011 		 */
1012 		mpt->m_softstate |= MPTSAS_SS_MSG_UNIT_RESET;
1013 		if (mptsas_init_chip(mpt, FALSE) == DDI_FAILURE) {
1014 			mutex_exit(&mpt->m_mutex);
1015 			if (mpt->m_options & MPTSAS_OPT_PM) {
1016 				(void) pm_idle_component(dip, 0);
1017 			}
1018 			fm_panic("mptsas init chip fail during resume");
1019 		}
1020 		/*
1021 		 * mptsas_update_driver_data needs interrupts so enable them
1022 		 * first.
1023 		 */
1024 		MPTSAS_ENABLE_INTR(mpt);
1025 		mptsas_update_driver_data(mpt);
1026 
1027 		/* start requests, if possible */
1028 		mptsas_restart_hba(mpt);
1029 
1030 		mutex_exit(&mpt->m_mutex);
1031 
1032 		/*
1033 		 * Restart watch thread
1034 		 */
1035 		mutex_enter(&mptsas_global_mutex);
1036 		if (mptsas_timeout_id == 0) {
1037 			mptsas_timeout_id = timeout(mptsas_watch, NULL,
1038 			    mptsas_tick);
1039 			mptsas_timeouts_enabled = 1;
1040 		}
1041 		mutex_exit(&mptsas_global_mutex);
1042 
1043 		/* report idle status to pm framework */
1044 		if (mpt->m_options & MPTSAS_OPT_PM) {
1045 			(void) pm_idle_component(dip, 0);
1046 		}
1047 
1048 		return (DDI_SUCCESS);
1049 
1050 	default:
1051 		return (DDI_FAILURE);
1052 
1053 	}
1054 
1055 	instance = ddi_get_instance(dip);
1056 
1057 	/*
1058 	 * Allocate softc information.
1059 	 */
1060 	if (ddi_soft_state_zalloc(mptsas_state, instance) != DDI_SUCCESS) {
1061 		mptsas_log(NULL, CE_WARN,
1062 		    "mptsas%d: cannot allocate soft state", instance);
1063 		goto fail;
1064 	}
1065 
1066 	mpt = ddi_get_soft_state(mptsas_state, instance);
1067 
1068 	if (mpt == NULL) {
1069 		mptsas_log(NULL, CE_WARN,
1070 		    "mptsas%d: cannot get soft state", instance);
1071 		goto fail;
1072 	}
1073 
1074 	/* Indicate that we are 'sizeof (scsi_*(9S))' clean. */
1075 	scsi_size_clean(dip);
1076 
1077 	mpt->m_dip = dip;
1078 	mpt->m_instance = instance;
1079 
1080 	/* Make a per-instance copy of the structures */
1081 	mpt->m_io_dma_attr = mptsas_dma_attrs64;
1082 	mpt->m_msg_dma_attr = mptsas_dma_attrs;
1083 	mpt->m_reg_acc_attr = mptsas_dev_attr;
1084 	mpt->m_dev_acc_attr = mptsas_dev_attr;
1085 
1086 	/*
1087 	 * Initialize FMA
1088 	 */
1089 	mpt->m_fm_capabilities = ddi_getprop(DDI_DEV_T_ANY, mpt->m_dip,
1090 	    DDI_PROP_CANSLEEP | DDI_PROP_DONTPASS, "fm-capable",
1091 	    DDI_FM_EREPORT_CAPABLE | DDI_FM_ACCCHK_CAPABLE |
1092 	    DDI_FM_DMACHK_CAPABLE | DDI_FM_ERRCB_CAPABLE);
1093 
1094 	mptsas_fm_init(mpt);
1095 
1096 	if (mptsas_alloc_handshake_msg(mpt,
1097 	    sizeof (Mpi2SCSITaskManagementRequest_t)) == DDI_FAILURE) {
1098 		mptsas_log(mpt, CE_WARN, "cannot initialize handshake msg.");
1099 		goto fail;
1100 	}
1101 
1102 	/*
1103 	 * Setup configuration space
1104 	 */
1105 	if (mptsas_config_space_init(mpt) == FALSE) {
1106 		mptsas_log(mpt, CE_WARN, "mptsas_config_space_init failed");
1107 		goto fail;
1108 	}
1109 	config_setup++;
1110 
1111 	if (ddi_regs_map_setup(dip, mem_bar, (caddr_t *)&mpt->m_reg,
1112 	    0, 0, &mpt->m_reg_acc_attr, &mpt->m_datap) != DDI_SUCCESS) {
1113 		mptsas_log(mpt, CE_WARN, "map setup failed");
1114 		goto fail;
1115 	}
1116 	map_setup++;
1117 
1118 	/*
1119 	 * A taskq is created for dealing with the event handler
1120 	 */
1121 	if ((mpt->m_event_taskq = ddi_taskq_create(dip, "mptsas_event_taskq",
1122 	    1, TASKQ_DEFAULTPRI, 0)) == NULL) {
1123 		mptsas_log(mpt, CE_NOTE, "ddi_taskq_create failed");
1124 		goto fail;
1125 	}
1126 	event_taskq_create++;
1127 
1128 	/*
1129 	 * A taskq is created for dealing with dr events
1130 	 */
1131 	if ((mpt->m_dr_taskq = ddi_taskq_create(dip,
1132 	    "mptsas_dr_taskq",
1133 	    1, TASKQ_DEFAULTPRI, 0)) == NULL) {
1134 		mptsas_log(mpt, CE_NOTE, "ddi_taskq_create for discovery "
1135 		    "failed");
1136 		goto fail;
1137 	}
1138 	dr_taskq_create++;
1139 
1140 	mpt->m_doneq_thread_threshold = ddi_prop_get_int(DDI_DEV_T_ANY, dip,
1141 	    0, "mptsas_doneq_thread_threshold_prop", 10);
1142 	mpt->m_doneq_length_threshold = ddi_prop_get_int(DDI_DEV_T_ANY, dip,
1143 	    0, "mptsas_doneq_length_threshold_prop", 8);
1144 	mpt->m_doneq_thread_n = ddi_prop_get_int(DDI_DEV_T_ANY, dip,
1145 	    0, "mptsas_doneq_thread_n_prop", 8);
1146 
1147 	if (mpt->m_doneq_thread_n) {
1148 		cv_init(&mpt->m_doneq_thread_cv, NULL, CV_DRIVER, NULL);
1149 		mutex_init(&mpt->m_doneq_mutex, NULL, MUTEX_DRIVER, NULL);
1150 
1151 		mutex_enter(&mpt->m_doneq_mutex);
1152 		mpt->m_doneq_thread_id =
1153 		    kmem_zalloc(sizeof (mptsas_doneq_thread_list_t)
1154 		    * mpt->m_doneq_thread_n, KM_SLEEP);
1155 
1156 		for (j = 0; j < mpt->m_doneq_thread_n; j++) {
1157 			cv_init(&mpt->m_doneq_thread_id[j].cv, NULL,
1158 			    CV_DRIVER, NULL);
1159 			mutex_init(&mpt->m_doneq_thread_id[j].mutex, NULL,
1160 			    MUTEX_DRIVER, NULL);
1161 			mutex_enter(&mpt->m_doneq_thread_id[j].mutex);
1162 			mpt->m_doneq_thread_id[j].flag |=
1163 			    MPTSAS_DONEQ_THREAD_ACTIVE;
1164 			mpt->m_doneq_thread_id[j].arg.mpt = mpt;
1165 			mpt->m_doneq_thread_id[j].arg.t = j;
1166 			mpt->m_doneq_thread_id[j].threadp =
1167 			    thread_create(NULL, 0, mptsas_doneq_thread,
1168 			    &mpt->m_doneq_thread_id[j].arg,
1169 			    0, &p0, TS_RUN, minclsyspri);
1170 			mpt->m_doneq_thread_id[j].donetail =
1171 			    &mpt->m_doneq_thread_id[j].doneq;
1172 			mutex_exit(&mpt->m_doneq_thread_id[j].mutex);
1173 		}
1174 		mutex_exit(&mpt->m_doneq_mutex);
1175 		doneq_thread_create++;
1176 	}
1177 
1178 	/* Initialize mutex used in interrupt handler */
1179 	mutex_init(&mpt->m_mutex, NULL, MUTEX_DRIVER,
1180 	    DDI_INTR_PRI(mpt->m_intr_pri));
1181 	mutex_init(&mpt->m_passthru_mutex, NULL, MUTEX_DRIVER, NULL);
1182 	mutex_init(&mpt->m_tx_waitq_mutex, NULL, MUTEX_DRIVER,
1183 	    DDI_INTR_PRI(mpt->m_intr_pri));
1184 	for (i = 0; i < MPTSAS_MAX_PHYS; i++) {
1185 		mutex_init(&mpt->m_phy_info[i].smhba_info.phy_mutex,
1186 		    NULL, MUTEX_DRIVER,
1187 		    DDI_INTR_PRI(mpt->m_intr_pri));
1188 	}
1189 
1190 	cv_init(&mpt->m_cv, NULL, CV_DRIVER, NULL);
1191 	cv_init(&mpt->m_passthru_cv, NULL, CV_DRIVER, NULL);
1192 	cv_init(&mpt->m_fw_cv, NULL, CV_DRIVER, NULL);
1193 	cv_init(&mpt->m_config_cv, NULL, CV_DRIVER, NULL);
1194 	cv_init(&mpt->m_fw_diag_cv, NULL, CV_DRIVER, NULL);
1195 	mutex_init_done++;
1196 
1197 	/*
1198 	 * Disable hardware interrupt since we're not ready to
1199 	 * handle it yet.
1200 	 */
1201 	MPTSAS_DISABLE_INTR(mpt);
1202 	if (mptsas_register_intrs(mpt) == FALSE)
1203 		goto fail;
1204 	intr_added++;
1205 
1206 	mutex_enter(&mpt->m_mutex);
1207 	/*
1208 	 * Initialize power management component
1209 	 */
1210 	if (mpt->m_options & MPTSAS_OPT_PM) {
1211 		if (mptsas_init_pm(mpt)) {
1212 			mutex_exit(&mpt->m_mutex);
1213 			mptsas_log(mpt, CE_WARN, "mptsas pm initialization "
1214 			    "failed");
1215 			goto fail;
1216 		}
1217 	}
1218 
1219 	/*
1220 	 * Initialize chip using Message Unit Reset, if allowed
1221 	 */
1222 	mpt->m_softstate |= MPTSAS_SS_MSG_UNIT_RESET;
1223 	if (mptsas_init_chip(mpt, TRUE) == DDI_FAILURE) {
1224 		mutex_exit(&mpt->m_mutex);
1225 		mptsas_log(mpt, CE_WARN, "mptsas chip initialization failed");
1226 		goto fail;
1227 	}
1228 
1229 	/*
1230 	 * Fill in the phy_info structure and get the base WWID
1231 	 */
1232 	if (mptsas_get_manufacture_page5(mpt) == DDI_FAILURE) {
1233 		mptsas_log(mpt, CE_WARN,
1234 		    "mptsas_get_manufacture_page5 failed!");
1235 		goto fail;
1236 	}
1237 
1238 	if (mptsas_get_sas_io_unit_page_hndshk(mpt)) {
1239 		mptsas_log(mpt, CE_WARN,
1240 		    "mptsas_get_sas_io_unit_page_hndshk failed!");
1241 		goto fail;
1242 	}
1243 
1244 	if (mptsas_get_manufacture_page0(mpt) == DDI_FAILURE) {
1245 		mptsas_log(mpt, CE_WARN,
1246 		    "mptsas_get_manufacture_page0 failed!");
1247 		goto fail;
1248 	}
1249 
1250 	mutex_exit(&mpt->m_mutex);
1251 
1252 	/*
1253 	 * Register the iport for multiple port HBA
1254 	 */
1255 	mptsas_iport_register(mpt);
1256 
1257 	/*
1258 	 * initialize SCSI HBA transport structure
1259 	 */
1260 	if (mptsas_hba_setup(mpt) == FALSE)
1261 		goto fail;
1262 	hba_attach_setup++;
1263 
1264 	if (mptsas_smp_setup(mpt) == FALSE)
1265 		goto fail;
1266 	smp_attach_setup++;
1267 
1268 	if (mptsas_cache_create(mpt) == FALSE)
1269 		goto fail;
1270 
1271 	mpt->m_scsi_reset_delay	= ddi_prop_get_int(DDI_DEV_T_ANY,
1272 	    dip, 0, "scsi-reset-delay",	SCSI_DEFAULT_RESET_DELAY);
1273 	if (mpt->m_scsi_reset_delay == 0) {
1274 		mptsas_log(mpt, CE_NOTE,
1275 		    "scsi_reset_delay of 0 is not recommended,"
1276 		    " resetting to SCSI_DEFAULT_RESET_DELAY\n");
1277 		mpt->m_scsi_reset_delay = SCSI_DEFAULT_RESET_DELAY;
1278 	}
1279 
1280 	/*
1281 	 * Initialize the wait and done FIFO queue
1282 	 */
1283 	mpt->m_donetail = &mpt->m_doneq;
1284 	mpt->m_waitqtail = &mpt->m_waitq;
1285 	mpt->m_tx_waitqtail = &mpt->m_tx_waitq;
1286 	mpt->m_tx_draining = 0;
1287 
1288 	/*
1289 	 * ioc cmd queue initialize
1290 	 */
1291 	mpt->m_ioc_event_cmdtail = &mpt->m_ioc_event_cmdq;
1292 	mpt->m_dev_handle = 0xFFFF;
1293 
1294 	MPTSAS_ENABLE_INTR(mpt);
1295 
1296 	/*
1297 	 * enable event notification
1298 	 */
1299 	mutex_enter(&mpt->m_mutex);
1300 	if (mptsas_ioc_enable_event_notification(mpt)) {
1301 		mutex_exit(&mpt->m_mutex);
1302 		goto fail;
1303 	}
1304 	mutex_exit(&mpt->m_mutex);
1305 
1306 	/*
1307 	 * Initialize PHY info for smhba
1308 	 */
1309 	if (mptsas_smhba_setup(mpt)) {
1310 		mptsas_log(mpt, CE_WARN, "mptsas phy initialization "
1311 		    "failed");
1312 		goto fail;
1313 	}
1314 
1315 	/* Check all dma handles allocated in attach */
1316 	if ((mptsas_check_dma_handle(mpt->m_dma_req_frame_hdl)
1317 	    != DDI_SUCCESS) ||
1318 	    (mptsas_check_dma_handle(mpt->m_dma_reply_frame_hdl)
1319 	    != DDI_SUCCESS) ||
1320 	    (mptsas_check_dma_handle(mpt->m_dma_free_queue_hdl)
1321 	    != DDI_SUCCESS) ||
1322 	    (mptsas_check_dma_handle(mpt->m_dma_post_queue_hdl)
1323 	    != DDI_SUCCESS) ||
1324 	    (mptsas_check_dma_handle(mpt->m_hshk_dma_hdl)
1325 	    != DDI_SUCCESS)) {
1326 		goto fail;
1327 	}
1328 
1329 	/* Check all acc handles allocated in attach */
1330 	if ((mptsas_check_acc_handle(mpt->m_datap) != DDI_SUCCESS) ||
1331 	    (mptsas_check_acc_handle(mpt->m_acc_req_frame_hdl)
1332 	    != DDI_SUCCESS) ||
1333 	    (mptsas_check_acc_handle(mpt->m_acc_reply_frame_hdl)
1334 	    != DDI_SUCCESS) ||
1335 	    (mptsas_check_acc_handle(mpt->m_acc_free_queue_hdl)
1336 	    != DDI_SUCCESS) ||
1337 	    (mptsas_check_acc_handle(mpt->m_acc_post_queue_hdl)
1338 	    != DDI_SUCCESS) ||
1339 	    (mptsas_check_acc_handle(mpt->m_hshk_acc_hdl)
1340 	    != DDI_SUCCESS) ||
1341 	    (mptsas_check_acc_handle(mpt->m_config_handle)
1342 	    != DDI_SUCCESS)) {
1343 		goto fail;
1344 	}
1345 
1346 	/*
1347 	 * After this point, we are not going to fail the attach.
1348 	 */
1349 	/*
1350 	 * used for mptsas_watch
1351 	 */
1352 	mptsas_list_add(mpt);
1353 
1354 	mutex_enter(&mptsas_global_mutex);
1355 	if (mptsas_timeouts_enabled == 0) {
1356 		mptsas_scsi_watchdog_tick = ddi_prop_get_int(DDI_DEV_T_ANY,
1357 		    dip, 0, "scsi-watchdog-tick", DEFAULT_WD_TICK);
1358 
1359 		mptsas_tick = mptsas_scsi_watchdog_tick *
1360 		    drv_usectohz((clock_t)1000000);
1361 
1362 		mptsas_timeout_id = timeout(mptsas_watch, NULL, mptsas_tick);
1363 		mptsas_timeouts_enabled = 1;
1364 	}
1365 	mutex_exit(&mptsas_global_mutex);
1366 
1367 	/* Print message of HBA present */
1368 	ddi_report_dev(dip);
1369 
1370 	/* report idle status to pm framework */
1371 	if (mpt->m_options & MPTSAS_OPT_PM) {
1372 		(void) pm_idle_component(dip, 0);
1373 	}
1374 
1375 	return (DDI_SUCCESS);
1376 
1377 fail:
1378 	mptsas_log(mpt, CE_WARN, "attach failed");
1379 	mptsas_fm_ereport(mpt, DDI_FM_DEVICE_NO_RESPONSE);
1380 	ddi_fm_service_impact(mpt->m_dip, DDI_SERVICE_LOST);
1381 	if (mpt) {
1382 		mutex_enter(&mptsas_global_mutex);
1383 
1384 		if (mptsas_timeout_id && (mptsas_head == NULL)) {
1385 			timeout_id_t tid = mptsas_timeout_id;
1386 			mptsas_timeouts_enabled = 0;
1387 			mptsas_timeout_id = 0;
1388 			mutex_exit(&mptsas_global_mutex);
1389 			(void) untimeout(tid);
1390 			mutex_enter(&mptsas_global_mutex);
1391 		}
1392 		mutex_exit(&mptsas_global_mutex);
1393 		/* deallocate in reverse order */
1394 		mptsas_cache_destroy(mpt);
1395 
1396 		if (smp_attach_setup) {
1397 			mptsas_smp_teardown(mpt);
1398 		}
1399 		if (hba_attach_setup) {
1400 			mptsas_hba_teardown(mpt);
1401 		}
1402 
1403 		if (mpt->m_active) {
1404 			mptsas_hash_uninit(&mpt->m_active->m_smptbl,
1405 			    sizeof (mptsas_smp_t));
1406 			mptsas_hash_uninit(&mpt->m_active->m_tgttbl,
1407 			    sizeof (mptsas_target_t));
1408 			mptsas_free_active_slots(mpt);
1409 		}
1410 		if (intr_added) {
1411 			mptsas_unregister_intrs(mpt);
1412 		}
1413 
1414 		if (doneq_thread_create) {
1415 			mutex_enter(&mpt->m_doneq_mutex);
1416 			doneq_thread_num = mpt->m_doneq_thread_n;
1417 			for (j = 0; j < mpt->m_doneq_thread_n; j++) {
1418 				mutex_enter(&mpt->m_doneq_thread_id[j].mutex);
1419 				mpt->m_doneq_thread_id[j].flag &=
1420 				    (~MPTSAS_DONEQ_THREAD_ACTIVE);
1421 				cv_signal(&mpt->m_doneq_thread_id[j].cv);
1422 				mutex_exit(&mpt->m_doneq_thread_id[j].mutex);
1423 			}
1424 			while (mpt->m_doneq_thread_n) {
1425 				cv_wait(&mpt->m_doneq_thread_cv,
1426 				    &mpt->m_doneq_mutex);
1427 			}
1428 			for (j = 0; j < doneq_thread_num; j++) {
1429 				cv_destroy(&mpt->m_doneq_thread_id[j].cv);
1430 				mutex_destroy(&mpt->m_doneq_thread_id[j].mutex);
1431 			}
1432 			kmem_free(mpt->m_doneq_thread_id,
1433 			    sizeof (mptsas_doneq_thread_list_t)
1434 			    * doneq_thread_num);
1435 			mutex_exit(&mpt->m_doneq_mutex);
1436 			cv_destroy(&mpt->m_doneq_thread_cv);
1437 			mutex_destroy(&mpt->m_doneq_mutex);
1438 		}
1439 		if (event_taskq_create) {
1440 			ddi_taskq_destroy(mpt->m_event_taskq);
1441 		}
1442 		if (dr_taskq_create) {
1443 			ddi_taskq_destroy(mpt->m_dr_taskq);
1444 		}
1445 		if (mutex_init_done) {
1446 			mutex_destroy(&mpt->m_tx_waitq_mutex);
1447 			mutex_destroy(&mpt->m_passthru_mutex);
1448 			mutex_destroy(&mpt->m_mutex);
1449 			for (i = 0; i < MPTSAS_MAX_PHYS; i++) {
1450 				mutex_destroy(
1451 				    &mpt->m_phy_info[i].smhba_info.phy_mutex);
1452 			}
1453 			cv_destroy(&mpt->m_cv);
1454 			cv_destroy(&mpt->m_passthru_cv);
1455 			cv_destroy(&mpt->m_fw_cv);
1456 			cv_destroy(&mpt->m_config_cv);
1457 			cv_destroy(&mpt->m_fw_diag_cv);
1458 		}
1459 
1460 		if (map_setup) {
1461 			mptsas_cfg_fini(mpt);
1462 		}
1463 		if (config_setup) {
1464 			mptsas_config_space_fini(mpt);
1465 		}
1466 		mptsas_free_handshake_msg(mpt);
1467 		mptsas_hba_fini(mpt);
1468 
1469 		mptsas_fm_fini(mpt);
1470 		ddi_soft_state_free(mptsas_state, instance);
1471 		ddi_prop_remove_all(dip);
1472 	}
1473 	return (DDI_FAILURE);
1474 }
1475 
1476 static int
1477 mptsas_suspend(dev_info_t *devi)
1478 {
1479 	mptsas_t	*mpt, *g;
1480 	scsi_hba_tran_t	*tran;
1481 
1482 	if (scsi_hba_iport_unit_address(devi)) {
1483 		return (DDI_SUCCESS);
1484 	}
1485 
1486 	if ((tran = ddi_get_driver_private(devi)) == NULL)
1487 		return (DDI_SUCCESS);
1488 
1489 	mpt = TRAN2MPT(tran);
1490 	if (!mpt) {
1491 		return (DDI_SUCCESS);
1492 	}
1493 
1494 	mutex_enter(&mpt->m_mutex);
1495 
1496 	if (mpt->m_suspended++) {
1497 		mutex_exit(&mpt->m_mutex);
1498 		return (DDI_SUCCESS);
1499 	}
1500 
1501 	/*
1502 	 * Cancel timeout threads for this mpt
1503 	 */
1504 	if (mpt->m_quiesce_timeid) {
1505 		timeout_id_t tid = mpt->m_quiesce_timeid;
1506 		mpt->m_quiesce_timeid = 0;
1507 		mutex_exit(&mpt->m_mutex);
1508 		(void) untimeout(tid);
1509 		mutex_enter(&mpt->m_mutex);
1510 	}
1511 
1512 	if (mpt->m_restart_cmd_timeid) {
1513 		timeout_id_t tid = mpt->m_restart_cmd_timeid;
1514 		mpt->m_restart_cmd_timeid = 0;
1515 		mutex_exit(&mpt->m_mutex);
1516 		(void) untimeout(tid);
1517 		mutex_enter(&mpt->m_mutex);
1518 	}
1519 
1520 	mutex_exit(&mpt->m_mutex);
1521 
1522 	(void) pm_idle_component(mpt->m_dip, 0);
1523 
1524 	/*
1525 	 * Cancel watch threads if all mpts suspended
1526 	 */
1527 	rw_enter(&mptsas_global_rwlock, RW_WRITER);
1528 	for (g = mptsas_head; g != NULL; g = g->m_next) {
1529 		if (!g->m_suspended)
1530 			break;
1531 	}
1532 	rw_exit(&mptsas_global_rwlock);
1533 
1534 	mutex_enter(&mptsas_global_mutex);
1535 	if (g == NULL) {
1536 		timeout_id_t tid;
1537 
1538 		mptsas_timeouts_enabled = 0;
1539 		if (mptsas_timeout_id) {
1540 			tid = mptsas_timeout_id;
1541 			mptsas_timeout_id = 0;
1542 			mutex_exit(&mptsas_global_mutex);
1543 			(void) untimeout(tid);
1544 			mutex_enter(&mptsas_global_mutex);
1545 		}
1546 		if (mptsas_reset_watch) {
1547 			tid = mptsas_reset_watch;
1548 			mptsas_reset_watch = 0;
1549 			mutex_exit(&mptsas_global_mutex);
1550 			(void) untimeout(tid);
1551 			mutex_enter(&mptsas_global_mutex);
1552 		}
1553 	}
1554 	mutex_exit(&mptsas_global_mutex);
1555 
1556 	mutex_enter(&mpt->m_mutex);
1557 
1558 	/*
1559 	 * If this mpt is not in full power(PM_LEVEL_D0), just return.
1560 	 */
1561 	if ((mpt->m_options & MPTSAS_OPT_PM) &&
1562 	    (mpt->m_power_level != PM_LEVEL_D0)) {
1563 		mutex_exit(&mpt->m_mutex);
1564 		return (DDI_SUCCESS);
1565 	}
1566 
1567 	/* Disable HBA interrupts in hardware */
1568 	MPTSAS_DISABLE_INTR(mpt);
1569 	/*
1570 	 * Send RAID action system shutdown to sync IR
1571 	 */
1572 	mptsas_raid_action_system_shutdown(mpt);
1573 
1574 	mutex_exit(&mpt->m_mutex);
1575 
1576 	/* drain the taskq */
1577 	ddi_taskq_wait(mpt->m_event_taskq);
1578 	ddi_taskq_wait(mpt->m_dr_taskq);
1579 
1580 	return (DDI_SUCCESS);
1581 }
1582 
1583 #ifdef	__sparc
1584 /*ARGSUSED*/
1585 static int
1586 mptsas_reset(dev_info_t *devi, ddi_reset_cmd_t cmd)
1587 {
1588 	mptsas_t	*mpt;
1589 	scsi_hba_tran_t *tran;
1590 
1591 	/*
1592 	 * If this call is for iport, just return.
1593 	 */
1594 	if (scsi_hba_iport_unit_address(devi))
1595 		return (DDI_SUCCESS);
1596 
1597 	if ((tran = ddi_get_driver_private(devi)) == NULL)
1598 		return (DDI_SUCCESS);
1599 
1600 	if ((mpt = TRAN2MPT(tran)) == NULL)
1601 		return (DDI_SUCCESS);
1602 
1603 	/*
1604 	 * Send RAID action system shutdown to sync IR.  Disable HBA
1605 	 * interrupts in hardware first.
1606 	 */
1607 	MPTSAS_DISABLE_INTR(mpt);
1608 	mptsas_raid_action_system_shutdown(mpt);
1609 
1610 	return (DDI_SUCCESS);
1611 }
1612 #else /* __sparc */
1613 /*
1614  * quiesce(9E) entry point.
1615  *
1616  * This function is called when the system is single-threaded at high
1617  * PIL with preemption disabled. Therefore, this function must not be
1618  * blocked.
1619  *
1620  * This function returns DDI_SUCCESS on success, or DDI_FAILURE on failure.
1621  * DDI_FAILURE indicates an error condition and should almost never happen.
1622  */
1623 static int
1624 mptsas_quiesce(dev_info_t *devi)
1625 {
1626 	mptsas_t	*mpt;
1627 	scsi_hba_tran_t *tran;
1628 
1629 	/*
1630 	 * If this call is for iport, just return.
1631 	 */
1632 	if (scsi_hba_iport_unit_address(devi))
1633 		return (DDI_SUCCESS);
1634 
1635 	if ((tran = ddi_get_driver_private(devi)) == NULL)
1636 		return (DDI_SUCCESS);
1637 
1638 	if ((mpt = TRAN2MPT(tran)) == NULL)
1639 		return (DDI_SUCCESS);
1640 
1641 	/* Disable HBA interrupts in hardware */
1642 	MPTSAS_DISABLE_INTR(mpt);
1643 	/* Send RAID action system shutdonw to sync IR */
1644 	mptsas_raid_action_system_shutdown(mpt);
1645 
1646 	return (DDI_SUCCESS);
1647 }
1648 #endif	/* __sparc */
1649 
1650 /*
1651  * detach(9E).	Remove all device allocations and system resources;
1652  * disable device interrupts.
1653  * Return DDI_SUCCESS if done; DDI_FAILURE if there's a problem.
1654  */
1655 static int
1656 mptsas_detach(dev_info_t *devi, ddi_detach_cmd_t cmd)
1657 {
1658 	/* CONSTCOND */
1659 	ASSERT(NO_COMPETING_THREADS);
1660 	NDBG0(("mptsas_detach: dip=0x%p cmd=0x%p", (void *)devi, (void *)cmd));
1661 
1662 	switch (cmd) {
1663 	case DDI_DETACH:
1664 		return (mptsas_do_detach(devi));
1665 
1666 	case DDI_SUSPEND:
1667 		return (mptsas_suspend(devi));
1668 
1669 	default:
1670 		return (DDI_FAILURE);
1671 	}
1672 	/* NOTREACHED */
1673 }
1674 
1675 static int
1676 mptsas_do_detach(dev_info_t *dip)
1677 {
1678 	mptsas_t	*mpt;
1679 	scsi_hba_tran_t	*tran;
1680 	int		circ = 0;
1681 	int		circ1 = 0;
1682 	mdi_pathinfo_t	*pip = NULL;
1683 	int		i;
1684 	int		doneq_thread_num = 0;
1685 
1686 	NDBG0(("mptsas_do_detach: dip=0x%p", (void *)dip));
1687 
1688 	if ((tran = ndi_flavorv_get(dip, SCSA_FLAVOR_SCSI_DEVICE)) == NULL)
1689 		return (DDI_FAILURE);
1690 
1691 	mpt = TRAN2MPT(tran);
1692 	if (!mpt) {
1693 		return (DDI_FAILURE);
1694 	}
1695 	/*
1696 	 * Still have pathinfo child, should not detach mpt driver
1697 	 */
1698 	if (scsi_hba_iport_unit_address(dip)) {
1699 		if (mpt->m_mpxio_enable) {
1700 			/*
1701 			 * MPxIO enabled for the iport
1702 			 */
1703 			ndi_devi_enter(scsi_vhci_dip, &circ1);
1704 			ndi_devi_enter(dip, &circ);
1705 			while (pip = mdi_get_next_client_path(dip, NULL)) {
1706 				if (mdi_pi_free(pip, 0) == MDI_SUCCESS) {
1707 					continue;
1708 				}
1709 				ndi_devi_exit(dip, circ);
1710 				ndi_devi_exit(scsi_vhci_dip, circ1);
1711 				NDBG12(("detach failed because of "
1712 				    "outstanding path info"));
1713 				return (DDI_FAILURE);
1714 			}
1715 			ndi_devi_exit(dip, circ);
1716 			ndi_devi_exit(scsi_vhci_dip, circ1);
1717 			(void) mdi_phci_unregister(dip, 0);
1718 		}
1719 
1720 		ddi_prop_remove_all(dip);
1721 
1722 		return (DDI_SUCCESS);
1723 	}
1724 
1725 	/* Make sure power level is D0 before accessing registers */
1726 	if (mpt->m_options & MPTSAS_OPT_PM) {
1727 		(void) pm_busy_component(dip, 0);
1728 		if (mpt->m_power_level != PM_LEVEL_D0) {
1729 			if (pm_raise_power(dip, 0, PM_LEVEL_D0) !=
1730 			    DDI_SUCCESS) {
1731 				mptsas_log(mpt, CE_WARN,
1732 				    "mptsas%d: Raise power request failed.",
1733 				    mpt->m_instance);
1734 				(void) pm_idle_component(dip, 0);
1735 				return (DDI_FAILURE);
1736 			}
1737 		}
1738 	}
1739 
1740 	/*
1741 	 * Send RAID action system shutdown to sync IR.  After action, send a
1742 	 * Message Unit Reset. Since after that DMA resource will be freed,
1743 	 * set ioc to READY state will avoid HBA initiated DMA operation.
1744 	 */
1745 	mutex_enter(&mpt->m_mutex);
1746 	MPTSAS_DISABLE_INTR(mpt);
1747 	mptsas_raid_action_system_shutdown(mpt);
1748 	mpt->m_softstate |= MPTSAS_SS_MSG_UNIT_RESET;
1749 	(void) mptsas_ioc_reset(mpt);
1750 	mutex_exit(&mpt->m_mutex);
1751 	mptsas_rem_intrs(mpt);
1752 	ddi_taskq_destroy(mpt->m_event_taskq);
1753 	ddi_taskq_destroy(mpt->m_dr_taskq);
1754 
1755 	if (mpt->m_doneq_thread_n) {
1756 		mutex_enter(&mpt->m_doneq_mutex);
1757 		doneq_thread_num = mpt->m_doneq_thread_n;
1758 		for (i = 0; i < mpt->m_doneq_thread_n; i++) {
1759 			mutex_enter(&mpt->m_doneq_thread_id[i].mutex);
1760 			mpt->m_doneq_thread_id[i].flag &=
1761 			    (~MPTSAS_DONEQ_THREAD_ACTIVE);
1762 			cv_signal(&mpt->m_doneq_thread_id[i].cv);
1763 			mutex_exit(&mpt->m_doneq_thread_id[i].mutex);
1764 		}
1765 		while (mpt->m_doneq_thread_n) {
1766 			cv_wait(&mpt->m_doneq_thread_cv,
1767 			    &mpt->m_doneq_mutex);
1768 		}
1769 		for (i = 0;  i < doneq_thread_num; i++) {
1770 			cv_destroy(&mpt->m_doneq_thread_id[i].cv);
1771 			mutex_destroy(&mpt->m_doneq_thread_id[i].mutex);
1772 		}
1773 		kmem_free(mpt->m_doneq_thread_id,
1774 		    sizeof (mptsas_doneq_thread_list_t)
1775 		    * doneq_thread_num);
1776 		mutex_exit(&mpt->m_doneq_mutex);
1777 		cv_destroy(&mpt->m_doneq_thread_cv);
1778 		mutex_destroy(&mpt->m_doneq_mutex);
1779 	}
1780 
1781 	scsi_hba_reset_notify_tear_down(mpt->m_reset_notify_listf);
1782 
1783 	mptsas_list_del(mpt);
1784 
1785 	/*
1786 	 * Cancel timeout threads for this mpt
1787 	 */
1788 	mutex_enter(&mpt->m_mutex);
1789 	if (mpt->m_quiesce_timeid) {
1790 		timeout_id_t tid = mpt->m_quiesce_timeid;
1791 		mpt->m_quiesce_timeid = 0;
1792 		mutex_exit(&mpt->m_mutex);
1793 		(void) untimeout(tid);
1794 		mutex_enter(&mpt->m_mutex);
1795 	}
1796 
1797 	if (mpt->m_restart_cmd_timeid) {
1798 		timeout_id_t tid = mpt->m_restart_cmd_timeid;
1799 		mpt->m_restart_cmd_timeid = 0;
1800 		mutex_exit(&mpt->m_mutex);
1801 		(void) untimeout(tid);
1802 		mutex_enter(&mpt->m_mutex);
1803 	}
1804 
1805 	mutex_exit(&mpt->m_mutex);
1806 
1807 	/*
1808 	 * last mpt? ... if active, CANCEL watch threads.
1809 	 */
1810 	mutex_enter(&mptsas_global_mutex);
1811 	if (mptsas_head == NULL) {
1812 		timeout_id_t tid;
1813 		/*
1814 		 * Clear mptsas_timeouts_enable so that the watch thread
1815 		 * gets restarted on DDI_ATTACH
1816 		 */
1817 		mptsas_timeouts_enabled = 0;
1818 		if (mptsas_timeout_id) {
1819 			tid = mptsas_timeout_id;
1820 			mptsas_timeout_id = 0;
1821 			mutex_exit(&mptsas_global_mutex);
1822 			(void) untimeout(tid);
1823 			mutex_enter(&mptsas_global_mutex);
1824 		}
1825 		if (mptsas_reset_watch) {
1826 			tid = mptsas_reset_watch;
1827 			mptsas_reset_watch = 0;
1828 			mutex_exit(&mptsas_global_mutex);
1829 			(void) untimeout(tid);
1830 			mutex_enter(&mptsas_global_mutex);
1831 		}
1832 	}
1833 	mutex_exit(&mptsas_global_mutex);
1834 
1835 	/*
1836 	 * Delete Phy stats
1837 	 */
1838 	mptsas_destroy_phy_stats(mpt);
1839 
1840 	/*
1841 	 * Delete nt_active.
1842 	 */
1843 	mutex_enter(&mpt->m_mutex);
1844 	mptsas_hash_uninit(&mpt->m_active->m_tgttbl, sizeof (mptsas_target_t));
1845 	mptsas_hash_uninit(&mpt->m_active->m_smptbl, sizeof (mptsas_smp_t));
1846 	mptsas_free_active_slots(mpt);
1847 	mutex_exit(&mpt->m_mutex);
1848 
1849 	/* deallocate everything that was allocated in mptsas_attach */
1850 	mptsas_cache_destroy(mpt);
1851 
1852 	mptsas_hba_fini(mpt);
1853 	mptsas_cfg_fini(mpt);
1854 
1855 	/* Lower the power informing PM Framework */
1856 	if (mpt->m_options & MPTSAS_OPT_PM) {
1857 		if (pm_lower_power(dip, 0, PM_LEVEL_D3) != DDI_SUCCESS)
1858 			mptsas_log(mpt, CE_WARN,
1859 			    "!mptsas%d: Lower power request failed "
1860 			    "during detach, ignoring.",
1861 			    mpt->m_instance);
1862 	}
1863 
1864 	mutex_destroy(&mpt->m_tx_waitq_mutex);
1865 	mutex_destroy(&mpt->m_passthru_mutex);
1866 	mutex_destroy(&mpt->m_mutex);
1867 	for (i = 0; i < MPTSAS_MAX_PHYS; i++) {
1868 		mutex_destroy(&mpt->m_phy_info[i].smhba_info.phy_mutex);
1869 	}
1870 	cv_destroy(&mpt->m_cv);
1871 	cv_destroy(&mpt->m_passthru_cv);
1872 	cv_destroy(&mpt->m_fw_cv);
1873 	cv_destroy(&mpt->m_config_cv);
1874 	cv_destroy(&mpt->m_fw_diag_cv);
1875 
1876 
1877 	mptsas_smp_teardown(mpt);
1878 	mptsas_hba_teardown(mpt);
1879 
1880 	mptsas_config_space_fini(mpt);
1881 
1882 	mptsas_free_handshake_msg(mpt);
1883 
1884 	mptsas_fm_fini(mpt);
1885 	ddi_soft_state_free(mptsas_state, ddi_get_instance(dip));
1886 	ddi_prop_remove_all(dip);
1887 
1888 	return (DDI_SUCCESS);
1889 }
1890 
1891 static void
1892 mptsas_list_add(mptsas_t *mpt)
1893 {
1894 	rw_enter(&mptsas_global_rwlock, RW_WRITER);
1895 
1896 	if (mptsas_head == NULL) {
1897 		mptsas_head = mpt;
1898 	} else {
1899 		mptsas_tail->m_next = mpt;
1900 	}
1901 	mptsas_tail = mpt;
1902 	rw_exit(&mptsas_global_rwlock);
1903 }
1904 
1905 static void
1906 mptsas_list_del(mptsas_t *mpt)
1907 {
1908 	mptsas_t *m;
1909 	/*
1910 	 * Remove device instance from the global linked list
1911 	 */
1912 	rw_enter(&mptsas_global_rwlock, RW_WRITER);
1913 	if (mptsas_head == mpt) {
1914 		m = mptsas_head = mpt->m_next;
1915 	} else {
1916 		for (m = mptsas_head; m != NULL; m = m->m_next) {
1917 			if (m->m_next == mpt) {
1918 				m->m_next = mpt->m_next;
1919 				break;
1920 			}
1921 		}
1922 		if (m == NULL) {
1923 			mptsas_log(mpt, CE_PANIC, "Not in softc list!");
1924 		}
1925 	}
1926 
1927 	if (mptsas_tail == mpt) {
1928 		mptsas_tail = m;
1929 	}
1930 	rw_exit(&mptsas_global_rwlock);
1931 }
1932 
1933 static int
1934 mptsas_alloc_handshake_msg(mptsas_t *mpt, size_t alloc_size)
1935 {
1936 	ddi_dma_attr_t	task_dma_attrs;
1937 
1938 	task_dma_attrs = mpt->m_msg_dma_attr;
1939 	task_dma_attrs.dma_attr_sgllen = 1;
1940 	task_dma_attrs.dma_attr_granular = (uint32_t)(alloc_size);
1941 
1942 	/* allocate Task Management ddi_dma resources */
1943 	if (mptsas_dma_addr_create(mpt, task_dma_attrs,
1944 	    &mpt->m_hshk_dma_hdl, &mpt->m_hshk_acc_hdl, &mpt->m_hshk_memp,
1945 	    alloc_size, NULL) == FALSE) {
1946 		return (DDI_FAILURE);
1947 	}
1948 	mpt->m_hshk_dma_size = alloc_size;
1949 
1950 	return (DDI_SUCCESS);
1951 }
1952 
1953 static void
1954 mptsas_free_handshake_msg(mptsas_t *mpt)
1955 {
1956 	mptsas_dma_addr_destroy(&mpt->m_hshk_dma_hdl, &mpt->m_hshk_acc_hdl);
1957 	mpt->m_hshk_dma_size = 0;
1958 }
1959 
1960 static int
1961 mptsas_hba_setup(mptsas_t *mpt)
1962 {
1963 	scsi_hba_tran_t		*hba_tran;
1964 	int			tran_flags;
1965 
1966 	/* Allocate a transport structure */
1967 	hba_tran = mpt->m_tran = scsi_hba_tran_alloc(mpt->m_dip,
1968 	    SCSI_HBA_CANSLEEP);
1969 	ASSERT(mpt->m_tran != NULL);
1970 
1971 	hba_tran->tran_hba_private	= mpt;
1972 	hba_tran->tran_tgt_private	= NULL;
1973 
1974 	hba_tran->tran_tgt_init		= mptsas_scsi_tgt_init;
1975 	hba_tran->tran_tgt_free		= mptsas_scsi_tgt_free;
1976 
1977 	hba_tran->tran_start		= mptsas_scsi_start;
1978 	hba_tran->tran_reset		= mptsas_scsi_reset;
1979 	hba_tran->tran_abort		= mptsas_scsi_abort;
1980 	hba_tran->tran_getcap		= mptsas_scsi_getcap;
1981 	hba_tran->tran_setcap		= mptsas_scsi_setcap;
1982 	hba_tran->tran_init_pkt		= mptsas_scsi_init_pkt;
1983 	hba_tran->tran_destroy_pkt	= mptsas_scsi_destroy_pkt;
1984 
1985 	hba_tran->tran_dmafree		= mptsas_scsi_dmafree;
1986 	hba_tran->tran_sync_pkt		= mptsas_scsi_sync_pkt;
1987 	hba_tran->tran_reset_notify	= mptsas_scsi_reset_notify;
1988 
1989 	hba_tran->tran_get_bus_addr	= mptsas_get_bus_addr;
1990 	hba_tran->tran_get_name		= mptsas_get_name;
1991 
1992 	hba_tran->tran_quiesce		= mptsas_scsi_quiesce;
1993 	hba_tran->tran_unquiesce	= mptsas_scsi_unquiesce;
1994 	hba_tran->tran_bus_reset	= NULL;
1995 
1996 	hba_tran->tran_add_eventcall	= NULL;
1997 	hba_tran->tran_get_eventcookie	= NULL;
1998 	hba_tran->tran_post_event	= NULL;
1999 	hba_tran->tran_remove_eventcall	= NULL;
2000 
2001 	hba_tran->tran_bus_config	= mptsas_bus_config;
2002 
2003 	hba_tran->tran_interconnect_type = INTERCONNECT_SAS;
2004 
2005 	/*
2006 	 * All children of the HBA are iports. We need tran was cloned.
2007 	 * So we pass the flags to SCSA. SCSI_HBA_TRAN_CLONE will be
2008 	 * inherited to iport's tran vector.
2009 	 */
2010 	tran_flags = (SCSI_HBA_HBA | SCSI_HBA_TRAN_CLONE);
2011 
2012 	if (scsi_hba_attach_setup(mpt->m_dip, &mpt->m_msg_dma_attr,
2013 	    hba_tran, tran_flags) != DDI_SUCCESS) {
2014 		mptsas_log(mpt, CE_WARN, "hba attach setup failed");
2015 		scsi_hba_tran_free(hba_tran);
2016 		mpt->m_tran = NULL;
2017 		return (FALSE);
2018 	}
2019 	return (TRUE);
2020 }
2021 
2022 static void
2023 mptsas_hba_teardown(mptsas_t *mpt)
2024 {
2025 	(void) scsi_hba_detach(mpt->m_dip);
2026 	if (mpt->m_tran != NULL) {
2027 		scsi_hba_tran_free(mpt->m_tran);
2028 		mpt->m_tran = NULL;
2029 	}
2030 }
2031 
2032 static void
2033 mptsas_iport_register(mptsas_t *mpt)
2034 {
2035 	int i, j;
2036 	mptsas_phymask_t	mask = 0x0;
2037 	/*
2038 	 * initial value of mask is 0
2039 	 */
2040 	mutex_enter(&mpt->m_mutex);
2041 	for (i = 0; i < mpt->m_num_phys; i++) {
2042 		mptsas_phymask_t phy_mask = 0x0;
2043 		char phy_mask_name[MPTSAS_MAX_PHYS];
2044 		uint8_t current_port;
2045 
2046 		if (mpt->m_phy_info[i].attached_devhdl == 0)
2047 			continue;
2048 
2049 		bzero(phy_mask_name, sizeof (phy_mask_name));
2050 
2051 		current_port = mpt->m_phy_info[i].port_num;
2052 
2053 		if ((mask & (1 << i)) != 0)
2054 			continue;
2055 
2056 		for (j = 0; j < mpt->m_num_phys; j++) {
2057 			if (mpt->m_phy_info[j].attached_devhdl &&
2058 			    (mpt->m_phy_info[j].port_num == current_port)) {
2059 				phy_mask |= (1 << j);
2060 			}
2061 		}
2062 		mask = mask | phy_mask;
2063 
2064 		for (j = 0; j < mpt->m_num_phys; j++) {
2065 			if ((phy_mask >> j) & 0x01) {
2066 				mpt->m_phy_info[j].phy_mask = phy_mask;
2067 			}
2068 		}
2069 
2070 		(void) sprintf(phy_mask_name, "%x", phy_mask);
2071 
2072 		mutex_exit(&mpt->m_mutex);
2073 		/*
2074 		 * register a iport
2075 		 */
2076 		(void) scsi_hba_iport_register(mpt->m_dip, phy_mask_name);
2077 		mutex_enter(&mpt->m_mutex);
2078 	}
2079 	mutex_exit(&mpt->m_mutex);
2080 	/*
2081 	 * register a virtual port for RAID volume always
2082 	 */
2083 	(void) scsi_hba_iport_register(mpt->m_dip, "v0");
2084 
2085 }
2086 
2087 static int
2088 mptsas_smp_setup(mptsas_t *mpt)
2089 {
2090 	mpt->m_smptran = smp_hba_tran_alloc(mpt->m_dip);
2091 	ASSERT(mpt->m_smptran != NULL);
2092 	mpt->m_smptran->smp_tran_hba_private = mpt;
2093 	mpt->m_smptran->smp_tran_start = mptsas_smp_start;
2094 	if (smp_hba_attach_setup(mpt->m_dip, mpt->m_smptran) != DDI_SUCCESS) {
2095 		mptsas_log(mpt, CE_WARN, "smp attach setup failed");
2096 		smp_hba_tran_free(mpt->m_smptran);
2097 		mpt->m_smptran = NULL;
2098 		return (FALSE);
2099 	}
2100 	/*
2101 	 * Initialize smp hash table
2102 	 */
2103 	mptsas_hash_init(&mpt->m_active->m_smptbl);
2104 	mpt->m_smp_devhdl = 0xFFFF;
2105 
2106 	return (TRUE);
2107 }
2108 
2109 static void
2110 mptsas_smp_teardown(mptsas_t *mpt)
2111 {
2112 	(void) smp_hba_detach(mpt->m_dip);
2113 	if (mpt->m_smptran != NULL) {
2114 		smp_hba_tran_free(mpt->m_smptran);
2115 		mpt->m_smptran = NULL;
2116 	}
2117 	mpt->m_smp_devhdl = 0;
2118 }
2119 
2120 static int
2121 mptsas_cache_create(mptsas_t *mpt)
2122 {
2123 	int instance = mpt->m_instance;
2124 	char buf[64];
2125 
2126 	/*
2127 	 * create kmem cache for packets
2128 	 */
2129 	(void) sprintf(buf, "mptsas%d_cache", instance);
2130 	mpt->m_kmem_cache = kmem_cache_create(buf,
2131 	    sizeof (struct mptsas_cmd) + scsi_pkt_size(), 8,
2132 	    mptsas_kmem_cache_constructor, mptsas_kmem_cache_destructor,
2133 	    NULL, (void *)mpt, NULL, 0);
2134 
2135 	if (mpt->m_kmem_cache == NULL) {
2136 		mptsas_log(mpt, CE_WARN, "creating kmem cache failed");
2137 		return (FALSE);
2138 	}
2139 
2140 	/*
2141 	 * create kmem cache for extra SGL frames if SGL cannot
2142 	 * be accomodated into main request frame.
2143 	 */
2144 	(void) sprintf(buf, "mptsas%d_cache_frames", instance);
2145 	mpt->m_cache_frames = kmem_cache_create(buf,
2146 	    sizeof (mptsas_cache_frames_t), 8,
2147 	    mptsas_cache_frames_constructor, mptsas_cache_frames_destructor,
2148 	    NULL, (void *)mpt, NULL, 0);
2149 
2150 	if (mpt->m_cache_frames == NULL) {
2151 		mptsas_log(mpt, CE_WARN, "creating cache for frames failed");
2152 		return (FALSE);
2153 	}
2154 
2155 	return (TRUE);
2156 }
2157 
2158 static void
2159 mptsas_cache_destroy(mptsas_t *mpt)
2160 {
2161 	/* deallocate in reverse order */
2162 	if (mpt->m_cache_frames) {
2163 		kmem_cache_destroy(mpt->m_cache_frames);
2164 		mpt->m_cache_frames = NULL;
2165 	}
2166 	if (mpt->m_kmem_cache) {
2167 		kmem_cache_destroy(mpt->m_kmem_cache);
2168 		mpt->m_kmem_cache = NULL;
2169 	}
2170 }
2171 
2172 static int
2173 mptsas_power(dev_info_t *dip, int component, int level)
2174 {
2175 #ifndef __lock_lint
2176 	_NOTE(ARGUNUSED(component))
2177 #endif
2178 	mptsas_t	*mpt;
2179 	int		rval = DDI_SUCCESS;
2180 	int		polls = 0;
2181 	uint32_t	ioc_status;
2182 
2183 	if (scsi_hba_iport_unit_address(dip) != 0)
2184 		return (DDI_SUCCESS);
2185 
2186 	mpt = ddi_get_soft_state(mptsas_state, ddi_get_instance(dip));
2187 	if (mpt == NULL) {
2188 		return (DDI_FAILURE);
2189 	}
2190 
2191 	mutex_enter(&mpt->m_mutex);
2192 
2193 	/*
2194 	 * If the device is busy, don't lower its power level
2195 	 */
2196 	if (mpt->m_busy && (mpt->m_power_level > level)) {
2197 		mutex_exit(&mpt->m_mutex);
2198 		return (DDI_FAILURE);
2199 	}
2200 	switch (level) {
2201 	case PM_LEVEL_D0:
2202 		NDBG11(("mptsas%d: turning power ON.", mpt->m_instance));
2203 		MPTSAS_POWER_ON(mpt);
2204 		/*
2205 		 * Wait up to 30 seconds for IOC to come out of reset.
2206 		 */
2207 		while (((ioc_status = ddi_get32(mpt->m_datap,
2208 		    &mpt->m_reg->Doorbell)) &
2209 		    MPI2_IOC_STATE_MASK) == MPI2_IOC_STATE_RESET) {
2210 			if (polls++ > 3000) {
2211 				break;
2212 			}
2213 			delay(drv_usectohz(10000));
2214 		}
2215 		/*
2216 		 * If IOC is not in operational state, try to hard reset it.
2217 		 */
2218 		if ((ioc_status & MPI2_IOC_STATE_MASK) !=
2219 		    MPI2_IOC_STATE_OPERATIONAL) {
2220 			mpt->m_softstate &= ~MPTSAS_SS_MSG_UNIT_RESET;
2221 			if (mptsas_restart_ioc(mpt) == DDI_FAILURE) {
2222 				mptsas_log(mpt, CE_WARN,
2223 				    "mptsas_power: hard reset failed");
2224 				mutex_exit(&mpt->m_mutex);
2225 				return (DDI_FAILURE);
2226 			}
2227 		}
2228 		mpt->m_power_level = PM_LEVEL_D0;
2229 		break;
2230 	case PM_LEVEL_D3:
2231 		NDBG11(("mptsas%d: turning power OFF.", mpt->m_instance));
2232 		MPTSAS_POWER_OFF(mpt);
2233 		break;
2234 	default:
2235 		mptsas_log(mpt, CE_WARN, "mptsas%d: unknown power level <%x>.",
2236 		    mpt->m_instance, level);
2237 		rval = DDI_FAILURE;
2238 		break;
2239 	}
2240 	mutex_exit(&mpt->m_mutex);
2241 	return (rval);
2242 }
2243 
2244 /*
2245  * Initialize configuration space and figure out which
2246  * chip and revison of the chip the mpt driver is using.
2247  */
2248 static int
2249 mptsas_config_space_init(mptsas_t *mpt)
2250 {
2251 	NDBG0(("mptsas_config_space_init"));
2252 
2253 	if (mpt->m_config_handle != NULL)
2254 		return (TRUE);
2255 
2256 	if (pci_config_setup(mpt->m_dip,
2257 	    &mpt->m_config_handle) != DDI_SUCCESS) {
2258 		mptsas_log(mpt, CE_WARN, "cannot map configuration space.");
2259 		return (FALSE);
2260 	}
2261 
2262 	/*
2263 	 * This is a workaround for a XMITS ASIC bug which does not
2264 	 * drive the CBE upper bits.
2265 	 */
2266 	if (pci_config_get16(mpt->m_config_handle, PCI_CONF_STAT) &
2267 	    PCI_STAT_PERROR) {
2268 		pci_config_put16(mpt->m_config_handle, PCI_CONF_STAT,
2269 		    PCI_STAT_PERROR);
2270 	}
2271 
2272 	mptsas_setup_cmd_reg(mpt);
2273 
2274 	/*
2275 	 * Get the chip device id:
2276 	 */
2277 	mpt->m_devid = pci_config_get16(mpt->m_config_handle, PCI_CONF_DEVID);
2278 
2279 	/*
2280 	 * Save the revision.
2281 	 */
2282 	mpt->m_revid = pci_config_get8(mpt->m_config_handle, PCI_CONF_REVID);
2283 
2284 	/*
2285 	 * Save the SubSystem Vendor and Device IDs
2286 	 */
2287 	mpt->m_svid = pci_config_get16(mpt->m_config_handle, PCI_CONF_SUBVENID);
2288 	mpt->m_ssid = pci_config_get16(mpt->m_config_handle, PCI_CONF_SUBSYSID);
2289 
2290 	/*
2291 	 * Set the latency timer to 0x40 as specified by the upa -> pci
2292 	 * bridge chip design team.  This may be done by the sparc pci
2293 	 * bus nexus driver, but the driver should make sure the latency
2294 	 * timer is correct for performance reasons.
2295 	 */
2296 	pci_config_put8(mpt->m_config_handle, PCI_CONF_LATENCY_TIMER,
2297 	    MPTSAS_LATENCY_TIMER);
2298 
2299 	(void) mptsas_get_pci_cap(mpt);
2300 	return (TRUE);
2301 }
2302 
2303 static void
2304 mptsas_config_space_fini(mptsas_t *mpt)
2305 {
2306 	if (mpt->m_config_handle != NULL) {
2307 		mptsas_disable_bus_master(mpt);
2308 		pci_config_teardown(&mpt->m_config_handle);
2309 		mpt->m_config_handle = NULL;
2310 	}
2311 }
2312 
2313 static void
2314 mptsas_setup_cmd_reg(mptsas_t *mpt)
2315 {
2316 	ushort_t	cmdreg;
2317 
2318 	/*
2319 	 * Set the command register to the needed values.
2320 	 */
2321 	cmdreg = pci_config_get16(mpt->m_config_handle, PCI_CONF_COMM);
2322 	cmdreg |= (PCI_COMM_ME | PCI_COMM_SERR_ENABLE |
2323 	    PCI_COMM_PARITY_DETECT | PCI_COMM_MAE);
2324 	cmdreg &= ~PCI_COMM_IO;
2325 	pci_config_put16(mpt->m_config_handle, PCI_CONF_COMM, cmdreg);
2326 }
2327 
2328 static void
2329 mptsas_disable_bus_master(mptsas_t *mpt)
2330 {
2331 	ushort_t	cmdreg;
2332 
2333 	/*
2334 	 * Clear the master enable bit in the PCI command register.
2335 	 * This prevents any bus mastering activity like DMA.
2336 	 */
2337 	cmdreg = pci_config_get16(mpt->m_config_handle, PCI_CONF_COMM);
2338 	cmdreg &= ~PCI_COMM_ME;
2339 	pci_config_put16(mpt->m_config_handle, PCI_CONF_COMM, cmdreg);
2340 }
2341 
2342 int
2343 mptsas_dma_alloc(mptsas_t *mpt, mptsas_dma_alloc_state_t *dma_statep)
2344 {
2345 	ddi_dma_attr_t	attrs;
2346 
2347 	attrs = mpt->m_io_dma_attr;
2348 	attrs.dma_attr_sgllen = 1;
2349 
2350 	ASSERT(dma_statep != NULL);
2351 
2352 	if (mptsas_dma_addr_create(mpt, attrs, &dma_statep->handle,
2353 	    &dma_statep->accessp, &dma_statep->memp, dma_statep->size,
2354 	    &dma_statep->cookie) == FALSE) {
2355 		return (DDI_FAILURE);
2356 	}
2357 
2358 	return (DDI_SUCCESS);
2359 }
2360 
2361 void
2362 mptsas_dma_free(mptsas_dma_alloc_state_t *dma_statep)
2363 {
2364 	ASSERT(dma_statep != NULL);
2365 	mptsas_dma_addr_destroy(&dma_statep->handle, &dma_statep->accessp);
2366 	dma_statep->size = 0;
2367 }
2368 
2369 int
2370 mptsas_do_dma(mptsas_t *mpt, uint32_t size, int var, int (*callback)())
2371 {
2372 	ddi_dma_attr_t		attrs;
2373 	ddi_dma_handle_t	dma_handle;
2374 	caddr_t			memp;
2375 	ddi_acc_handle_t	accessp;
2376 	int			rval;
2377 
2378 	ASSERT(mutex_owned(&mpt->m_mutex));
2379 
2380 	attrs = mpt->m_msg_dma_attr;
2381 	attrs.dma_attr_sgllen = 1;
2382 	attrs.dma_attr_granular = size;
2383 
2384 	if (mptsas_dma_addr_create(mpt, attrs, &dma_handle,
2385 	    &accessp, &memp, size, NULL) == FALSE) {
2386 		return (DDI_FAILURE);
2387 	}
2388 
2389 	rval = (*callback) (mpt, memp, var, accessp);
2390 
2391 	if ((mptsas_check_dma_handle(dma_handle) != DDI_SUCCESS) ||
2392 	    (mptsas_check_acc_handle(accessp) != DDI_SUCCESS)) {
2393 		ddi_fm_service_impact(mpt->m_dip, DDI_SERVICE_UNAFFECTED);
2394 		rval = DDI_FAILURE;
2395 	}
2396 
2397 	mptsas_dma_addr_destroy(&dma_handle, &accessp);
2398 	return (rval);
2399 
2400 }
2401 
2402 static int
2403 mptsas_alloc_request_frames(mptsas_t *mpt)
2404 {
2405 	ddi_dma_attr_t		frame_dma_attrs;
2406 	caddr_t			memp;
2407 	ddi_dma_cookie_t	cookie;
2408 	size_t			mem_size;
2409 
2410 	/*
2411 	 * re-alloc when it has already alloced
2412 	 */
2413 	mptsas_dma_addr_destroy(&mpt->m_dma_req_frame_hdl,
2414 	    &mpt->m_acc_req_frame_hdl);
2415 
2416 	/*
2417 	 * The size of the request frame pool is:
2418 	 *   Number of Request Frames * Request Frame Size
2419 	 */
2420 	mem_size = mpt->m_max_requests * mpt->m_req_frame_size;
2421 
2422 	/*
2423 	 * set the DMA attributes.  System Request Message Frames must be
2424 	 * aligned on a 16-byte boundry.
2425 	 */
2426 	frame_dma_attrs = mpt->m_msg_dma_attr;
2427 	frame_dma_attrs.dma_attr_align = 16;
2428 	frame_dma_attrs.dma_attr_sgllen = 1;
2429 
2430 	/*
2431 	 * allocate the request frame pool.
2432 	 */
2433 	if (mptsas_dma_addr_create(mpt, frame_dma_attrs,
2434 	    &mpt->m_dma_req_frame_hdl, &mpt->m_acc_req_frame_hdl, &memp,
2435 	    mem_size, &cookie) == FALSE) {
2436 		return (DDI_FAILURE);
2437 	}
2438 
2439 	/*
2440 	 * Store the request frame memory address.  This chip uses this
2441 	 * address to dma to and from the driver's frame.  The second
2442 	 * address is the address mpt uses to fill in the frame.
2443 	 */
2444 	mpt->m_req_frame_dma_addr = cookie.dmac_laddress;
2445 	mpt->m_req_frame = memp;
2446 
2447 	/*
2448 	 * Clear the request frame pool.
2449 	 */
2450 	bzero(mpt->m_req_frame, mem_size);
2451 
2452 	return (DDI_SUCCESS);
2453 }
2454 
2455 static int
2456 mptsas_alloc_reply_frames(mptsas_t *mpt)
2457 {
2458 	ddi_dma_attr_t		frame_dma_attrs;
2459 	caddr_t			memp;
2460 	ddi_dma_cookie_t	cookie;
2461 	size_t			mem_size;
2462 
2463 	/*
2464 	 * re-alloc when it has already alloced
2465 	 */
2466 	mptsas_dma_addr_destroy(&mpt->m_dma_reply_frame_hdl,
2467 	    &mpt->m_acc_reply_frame_hdl);
2468 
2469 	/*
2470 	 * The size of the reply frame pool is:
2471 	 *   Number of Reply Frames * Reply Frame Size
2472 	 */
2473 	mem_size = mpt->m_max_replies * mpt->m_reply_frame_size;
2474 
2475 	/*
2476 	 * set the DMA attributes.   System Reply Message Frames must be
2477 	 * aligned on a 4-byte boundry.  This is the default.
2478 	 */
2479 	frame_dma_attrs = mpt->m_msg_dma_attr;
2480 	frame_dma_attrs.dma_attr_sgllen = 1;
2481 
2482 	/*
2483 	 * allocate the reply frame pool
2484 	 */
2485 	if (mptsas_dma_addr_create(mpt, frame_dma_attrs,
2486 	    &mpt->m_dma_reply_frame_hdl, &mpt->m_acc_reply_frame_hdl, &memp,
2487 	    mem_size, &cookie) == FALSE) {
2488 		return (DDI_FAILURE);
2489 	}
2490 
2491 	/*
2492 	 * Store the reply frame memory address.  This chip uses this
2493 	 * address to dma to and from the driver's frame.  The second
2494 	 * address is the address mpt uses to process the frame.
2495 	 */
2496 	mpt->m_reply_frame_dma_addr = cookie.dmac_laddress;
2497 	mpt->m_reply_frame = memp;
2498 
2499 	/*
2500 	 * Clear the reply frame pool.
2501 	 */
2502 	bzero(mpt->m_reply_frame, mem_size);
2503 
2504 	return (DDI_SUCCESS);
2505 }
2506 
2507 static int
2508 mptsas_alloc_free_queue(mptsas_t *mpt)
2509 {
2510 	ddi_dma_attr_t		frame_dma_attrs;
2511 	caddr_t			memp;
2512 	ddi_dma_cookie_t	cookie;
2513 	size_t			mem_size;
2514 
2515 	/*
2516 	 * re-alloc when it has already alloced
2517 	 */
2518 	mptsas_dma_addr_destroy(&mpt->m_dma_free_queue_hdl,
2519 	    &mpt->m_acc_free_queue_hdl);
2520 
2521 	/*
2522 	 * The reply free queue size is:
2523 	 *   Reply Free Queue Depth * 4
2524 	 * The "4" is the size of one 32 bit address (low part of 64-bit
2525 	 *   address)
2526 	 */
2527 	mem_size = mpt->m_free_queue_depth * 4;
2528 
2529 	/*
2530 	 * set the DMA attributes  The Reply Free Queue must be aligned on a
2531 	 * 16-byte boundry.
2532 	 */
2533 	frame_dma_attrs = mpt->m_msg_dma_attr;
2534 	frame_dma_attrs.dma_attr_align = 16;
2535 	frame_dma_attrs.dma_attr_sgllen = 1;
2536 
2537 	/*
2538 	 * allocate the reply free queue
2539 	 */
2540 	if (mptsas_dma_addr_create(mpt, frame_dma_attrs,
2541 	    &mpt->m_dma_free_queue_hdl, &mpt->m_acc_free_queue_hdl, &memp,
2542 	    mem_size, &cookie) == FALSE) {
2543 		return (DDI_FAILURE);
2544 	}
2545 
2546 	/*
2547 	 * Store the reply free queue memory address.  This chip uses this
2548 	 * address to read from the reply free queue.  The second address
2549 	 * is the address mpt uses to manage the queue.
2550 	 */
2551 	mpt->m_free_queue_dma_addr = cookie.dmac_laddress;
2552 	mpt->m_free_queue = memp;
2553 
2554 	/*
2555 	 * Clear the reply free queue memory.
2556 	 */
2557 	bzero(mpt->m_free_queue, mem_size);
2558 
2559 	return (DDI_SUCCESS);
2560 }
2561 
2562 static int
2563 mptsas_alloc_post_queue(mptsas_t *mpt)
2564 {
2565 	ddi_dma_attr_t		frame_dma_attrs;
2566 	caddr_t			memp;
2567 	ddi_dma_cookie_t	cookie;
2568 	size_t			mem_size;
2569 
2570 	/*
2571 	 * re-alloc when it has already alloced
2572 	 */
2573 	mptsas_dma_addr_destroy(&mpt->m_dma_post_queue_hdl,
2574 	    &mpt->m_acc_post_queue_hdl);
2575 
2576 	/*
2577 	 * The reply descriptor post queue size is:
2578 	 *   Reply Descriptor Post Queue Depth * 8
2579 	 * The "8" is the size of each descriptor (8 bytes or 64 bits).
2580 	 */
2581 	mem_size = mpt->m_post_queue_depth * 8;
2582 
2583 	/*
2584 	 * set the DMA attributes.  The Reply Descriptor Post Queue must be
2585 	 * aligned on a 16-byte boundry.
2586 	 */
2587 	frame_dma_attrs = mpt->m_msg_dma_attr;
2588 	frame_dma_attrs.dma_attr_align = 16;
2589 	frame_dma_attrs.dma_attr_sgllen = 1;
2590 
2591 	/*
2592 	 * allocate the reply post queue
2593 	 */
2594 	if (mptsas_dma_addr_create(mpt, frame_dma_attrs,
2595 	    &mpt->m_dma_post_queue_hdl, &mpt->m_acc_post_queue_hdl, &memp,
2596 	    mem_size, &cookie) == FALSE) {
2597 		return (DDI_FAILURE);
2598 	}
2599 
2600 	/*
2601 	 * Store the reply descriptor post queue memory address.  This chip
2602 	 * uses this address to write to the reply descriptor post queue.  The
2603 	 * second address is the address mpt uses to manage the queue.
2604 	 */
2605 	mpt->m_post_queue_dma_addr = cookie.dmac_laddress;
2606 	mpt->m_post_queue = memp;
2607 
2608 	/*
2609 	 * Clear the reply post queue memory.
2610 	 */
2611 	bzero(mpt->m_post_queue, mem_size);
2612 
2613 	return (DDI_SUCCESS);
2614 }
2615 
2616 static void
2617 mptsas_alloc_reply_args(mptsas_t *mpt)
2618 {
2619 	if (mpt->m_replyh_args != NULL) {
2620 		kmem_free(mpt->m_replyh_args, sizeof (m_replyh_arg_t)
2621 		    * mpt->m_max_replies);
2622 		mpt->m_replyh_args = NULL;
2623 	}
2624 	mpt->m_replyh_args = kmem_zalloc(sizeof (m_replyh_arg_t) *
2625 	    mpt->m_max_replies, KM_SLEEP);
2626 }
2627 
2628 static int
2629 mptsas_alloc_extra_sgl_frame(mptsas_t *mpt, mptsas_cmd_t *cmd)
2630 {
2631 	mptsas_cache_frames_t	*frames = NULL;
2632 	if (cmd->cmd_extra_frames == NULL) {
2633 		frames = kmem_cache_alloc(mpt->m_cache_frames, KM_NOSLEEP);
2634 		if (frames == NULL) {
2635 			return (DDI_FAILURE);
2636 		}
2637 		cmd->cmd_extra_frames = frames;
2638 	}
2639 	return (DDI_SUCCESS);
2640 }
2641 
2642 static void
2643 mptsas_free_extra_sgl_frame(mptsas_t *mpt, mptsas_cmd_t *cmd)
2644 {
2645 	if (cmd->cmd_extra_frames) {
2646 		kmem_cache_free(mpt->m_cache_frames,
2647 		    (void *)cmd->cmd_extra_frames);
2648 		cmd->cmd_extra_frames = NULL;
2649 	}
2650 }
2651 
2652 static void
2653 mptsas_cfg_fini(mptsas_t *mpt)
2654 {
2655 	NDBG0(("mptsas_cfg_fini"));
2656 	ddi_regs_map_free(&mpt->m_datap);
2657 }
2658 
2659 static void
2660 mptsas_hba_fini(mptsas_t *mpt)
2661 {
2662 	NDBG0(("mptsas_hba_fini"));
2663 
2664 	/*
2665 	 * Free up any allocated memory
2666 	 */
2667 	mptsas_dma_addr_destroy(&mpt->m_dma_req_frame_hdl,
2668 	    &mpt->m_acc_req_frame_hdl);
2669 
2670 	mptsas_dma_addr_destroy(&mpt->m_dma_reply_frame_hdl,
2671 	    &mpt->m_acc_reply_frame_hdl);
2672 
2673 	mptsas_dma_addr_destroy(&mpt->m_dma_free_queue_hdl,
2674 	    &mpt->m_acc_free_queue_hdl);
2675 
2676 	mptsas_dma_addr_destroy(&mpt->m_dma_post_queue_hdl,
2677 	    &mpt->m_acc_post_queue_hdl);
2678 
2679 	if (mpt->m_replyh_args != NULL) {
2680 		kmem_free(mpt->m_replyh_args, sizeof (m_replyh_arg_t)
2681 		    * mpt->m_max_replies);
2682 	}
2683 }
2684 
2685 static int
2686 mptsas_name_child(dev_info_t *lun_dip, char *name, int len)
2687 {
2688 	int		lun = 0;
2689 	char		*sas_wwn = NULL;
2690 	int		phynum = -1;
2691 	int		reallen = 0;
2692 
2693 	/* Get the target num */
2694 	lun = ddi_prop_get_int(DDI_DEV_T_ANY, lun_dip, DDI_PROP_DONTPASS,
2695 	    LUN_PROP, 0);
2696 
2697 	if ((phynum = ddi_prop_get_int(DDI_DEV_T_ANY, lun_dip,
2698 	    DDI_PROP_DONTPASS, "sata-phy", -1)) != -1) {
2699 		/*
2700 		 * Stick in the address of form "pPHY,LUN"
2701 		 */
2702 		reallen = snprintf(name, len, "p%x,%x", phynum, lun);
2703 	} else if (ddi_prop_lookup_string(DDI_DEV_T_ANY, lun_dip,
2704 	    DDI_PROP_DONTPASS, SCSI_ADDR_PROP_TARGET_PORT, &sas_wwn)
2705 	    == DDI_PROP_SUCCESS) {
2706 		/*
2707 		 * Stick in the address of the form "wWWN,LUN"
2708 		 */
2709 		reallen = snprintf(name, len, "%s,%x", sas_wwn, lun);
2710 		ddi_prop_free(sas_wwn);
2711 	} else {
2712 		return (DDI_FAILURE);
2713 	}
2714 
2715 	ASSERT(reallen < len);
2716 	if (reallen >= len) {
2717 		mptsas_log(0, CE_WARN, "!mptsas_get_name: name parameter "
2718 		    "length too small, it needs to be %d bytes", reallen + 1);
2719 	}
2720 	return (DDI_SUCCESS);
2721 }
2722 
2723 /*
2724  * tran_tgt_init(9E) - target device instance initialization
2725  */
2726 static int
2727 mptsas_scsi_tgt_init(dev_info_t *hba_dip, dev_info_t *tgt_dip,
2728     scsi_hba_tran_t *hba_tran, struct scsi_device *sd)
2729 {
2730 #ifndef __lock_lint
2731 	_NOTE(ARGUNUSED(hba_tran))
2732 #endif
2733 
2734 	/*
2735 	 * At this point, the scsi_device structure already exists
2736 	 * and has been initialized.
2737 	 *
2738 	 * Use this function to allocate target-private data structures,
2739 	 * if needed by this HBA.  Add revised flow-control and queue
2740 	 * properties for child here, if desired and if you can tell they
2741 	 * support tagged queueing by now.
2742 	 */
2743 	mptsas_t		*mpt;
2744 	int			lun = sd->sd_address.a_lun;
2745 	mdi_pathinfo_t		*pip = NULL;
2746 	mptsas_tgt_private_t	*tgt_private = NULL;
2747 	mptsas_target_t		*ptgt = NULL;
2748 	char			*psas_wwn = NULL;
2749 	int			phymask = 0;
2750 	uint64_t		sas_wwn = 0;
2751 	mpt = SDEV2MPT(sd);
2752 
2753 	ASSERT(scsi_hba_iport_unit_address(hba_dip) != 0);
2754 
2755 	NDBG0(("mptsas_scsi_tgt_init: hbadip=0x%p tgtdip=0x%p lun=%d",
2756 	    (void *)hba_dip, (void *)tgt_dip, lun));
2757 
2758 	if (ndi_dev_is_persistent_node(tgt_dip) == 0) {
2759 		(void) ndi_merge_node(tgt_dip, mptsas_name_child);
2760 		ddi_set_name_addr(tgt_dip, NULL);
2761 		return (DDI_FAILURE);
2762 	}
2763 	/*
2764 	 * phymask is 0 means the virtual port for RAID
2765 	 */
2766 	phymask = ddi_prop_get_int(DDI_DEV_T_ANY, hba_dip, 0,
2767 	    "phymask", 0);
2768 	if (mdi_component_is_client(tgt_dip, NULL) == MDI_SUCCESS) {
2769 		if ((pip = (void *)(sd->sd_private)) == NULL) {
2770 			/*
2771 			 * Very bad news if this occurs. Somehow scsi_vhci has
2772 			 * lost the pathinfo node for this target.
2773 			 */
2774 			return (DDI_NOT_WELL_FORMED);
2775 		}
2776 
2777 		if (mdi_prop_lookup_int(pip, LUN_PROP, &lun) !=
2778 		    DDI_PROP_SUCCESS) {
2779 			mptsas_log(mpt, CE_WARN, "Get lun property failed\n");
2780 			return (DDI_FAILURE);
2781 		}
2782 
2783 		if (mdi_prop_lookup_string(pip, SCSI_ADDR_PROP_TARGET_PORT,
2784 		    &psas_wwn) == MDI_SUCCESS) {
2785 			if (scsi_wwnstr_to_wwn(psas_wwn, &sas_wwn)) {
2786 				sas_wwn = 0;
2787 			}
2788 			(void) mdi_prop_free(psas_wwn);
2789 		}
2790 	} else {
2791 		lun = ddi_prop_get_int(DDI_DEV_T_ANY, tgt_dip,
2792 		    DDI_PROP_DONTPASS, LUN_PROP, 0);
2793 		if (ddi_prop_lookup_string(DDI_DEV_T_ANY, tgt_dip,
2794 		    DDI_PROP_DONTPASS, SCSI_ADDR_PROP_TARGET_PORT, &psas_wwn) ==
2795 		    DDI_PROP_SUCCESS) {
2796 			if (scsi_wwnstr_to_wwn(psas_wwn, &sas_wwn)) {
2797 				sas_wwn = 0;
2798 			}
2799 			ddi_prop_free(psas_wwn);
2800 		} else {
2801 			sas_wwn = 0;
2802 		}
2803 	}
2804 	ASSERT((sas_wwn != 0) || (phymask != 0));
2805 	mutex_enter(&mpt->m_mutex);
2806 	ptgt = mptsas_hash_search(&mpt->m_active->m_tgttbl, sas_wwn, phymask);
2807 	mutex_exit(&mpt->m_mutex);
2808 	if (ptgt == NULL) {
2809 		mptsas_log(mpt, CE_WARN, "!tgt_init: target doesn't exist or "
2810 		    "gone already! phymask:%x, saswwn %"PRIx64, phymask,
2811 		    sas_wwn);
2812 		return (DDI_FAILURE);
2813 	}
2814 	if (hba_tran->tran_tgt_private == NULL) {
2815 		tgt_private = kmem_zalloc(sizeof (mptsas_tgt_private_t),
2816 		    KM_SLEEP);
2817 		tgt_private->t_lun = lun;
2818 		tgt_private->t_private = ptgt;
2819 		hba_tran->tran_tgt_private = tgt_private;
2820 	}
2821 
2822 	if (mdi_component_is_client(tgt_dip, NULL) == MDI_SUCCESS) {
2823 		return (DDI_SUCCESS);
2824 	}
2825 	mutex_enter(&mpt->m_mutex);
2826 
2827 	if (ptgt->m_deviceinfo &
2828 	    (MPI2_SAS_DEVICE_INFO_SATA_DEVICE |
2829 	    MPI2_SAS_DEVICE_INFO_ATAPI_DEVICE)) {
2830 		uchar_t *inq89 = NULL;
2831 		int inq89_len = 0x238;
2832 		int reallen = 0;
2833 		int rval = 0;
2834 		struct sata_id *sid = NULL;
2835 		char model[SATA_ID_MODEL_LEN + 1];
2836 		char fw[SATA_ID_FW_LEN + 1];
2837 		char *vid, *pid;
2838 		int i;
2839 
2840 		mutex_exit(&mpt->m_mutex);
2841 		/*
2842 		 * According SCSI/ATA Translation -2 (SAT-2) revision 01a
2843 		 * chapter 12.4.2 VPD page 89h includes 512 bytes ATA IDENTIFY
2844 		 * DEVICE data or ATA IDENTIFY PACKET DEVICE data.
2845 		 */
2846 		inq89 = kmem_zalloc(inq89_len, KM_SLEEP);
2847 		rval = mptsas_inquiry(mpt, ptgt, 0, 0x89,
2848 		    inq89, inq89_len, &reallen, 1);
2849 
2850 		if (rval != 0) {
2851 			if (inq89 != NULL) {
2852 				kmem_free(inq89, inq89_len);
2853 			}
2854 
2855 			mptsas_log(mpt, CE_WARN, "!mptsas request inquiry page "
2856 			    "0x89 for SATA target:%x failed!", ptgt->m_devhdl);
2857 			return (DDI_SUCCESS);
2858 		}
2859 		sid = (void *)(&inq89[60]);
2860 
2861 		swab(sid->ai_model, model, SATA_ID_MODEL_LEN);
2862 		swab(sid->ai_fw, fw, SATA_ID_FW_LEN);
2863 
2864 		model[SATA_ID_MODEL_LEN] = 0;
2865 		fw[SATA_ID_FW_LEN] = 0;
2866 
2867 		/*
2868 		 * split model into into vid/pid
2869 		 */
2870 		for (i = 0, pid = model; i < SATA_ID_MODEL_LEN; i++, pid++)
2871 			if ((*pid == ' ') || (*pid == '\t'))
2872 				break;
2873 		if (i < SATA_ID_MODEL_LEN) {
2874 			vid = model;
2875 			/*
2876 			 * terminate vid, establish pid
2877 			 */
2878 			*pid++ = 0;
2879 		} else {
2880 			/*
2881 			 * vid will stay "ATA     ", the rule is same
2882 			 * as sata framework implementation.
2883 			 */
2884 			vid = NULL;
2885 			/*
2886 			 * model is all pid
2887 			 */
2888 			pid = model;
2889 		}
2890 
2891 		/*
2892 		 * override SCSA "inquiry-*" properties
2893 		 */
2894 		if (vid)
2895 			(void) scsi_device_prop_update_inqstring(sd,
2896 			    INQUIRY_VENDOR_ID, vid, strlen(vid));
2897 		if (pid)
2898 			(void) scsi_device_prop_update_inqstring(sd,
2899 			    INQUIRY_PRODUCT_ID, pid, strlen(pid));
2900 		(void) scsi_device_prop_update_inqstring(sd,
2901 		    INQUIRY_REVISION_ID, fw, strlen(fw));
2902 
2903 		if (inq89 != NULL) {
2904 			kmem_free(inq89, inq89_len);
2905 		}
2906 	} else {
2907 		mutex_exit(&mpt->m_mutex);
2908 	}
2909 
2910 	return (DDI_SUCCESS);
2911 }
2912 /*
2913  * tran_tgt_free(9E) - target device instance deallocation
2914  */
2915 static void
2916 mptsas_scsi_tgt_free(dev_info_t *hba_dip, dev_info_t *tgt_dip,
2917     scsi_hba_tran_t *hba_tran, struct scsi_device *sd)
2918 {
2919 #ifndef __lock_lint
2920 	_NOTE(ARGUNUSED(hba_dip, tgt_dip, hba_tran, sd))
2921 #endif
2922 
2923 	mptsas_tgt_private_t	*tgt_private = hba_tran->tran_tgt_private;
2924 
2925 	if (tgt_private != NULL) {
2926 		kmem_free(tgt_private, sizeof (mptsas_tgt_private_t));
2927 		hba_tran->tran_tgt_private = NULL;
2928 	}
2929 }
2930 
2931 /*
2932  * scsi_pkt handling
2933  *
2934  * Visible to the external world via the transport structure.
2935  */
2936 
2937 /*
2938  * Notes:
2939  *	- transport the command to the addressed SCSI target/lun device
2940  *	- normal operation is to schedule the command to be transported,
2941  *	  and return TRAN_ACCEPT if this is successful.
2942  *	- if NO_INTR, tran_start must poll device for command completion
2943  */
2944 static int
2945 mptsas_scsi_start(struct scsi_address *ap, struct scsi_pkt *pkt)
2946 {
2947 #ifndef __lock_lint
2948 	_NOTE(ARGUNUSED(ap))
2949 #endif
2950 	mptsas_t	*mpt = PKT2MPT(pkt);
2951 	mptsas_cmd_t	*cmd = PKT2CMD(pkt);
2952 	int		rval;
2953 	mptsas_target_t	*ptgt = cmd->cmd_tgt_addr;
2954 
2955 	NDBG1(("mptsas_scsi_start: pkt=0x%p", (void *)pkt));
2956 	ASSERT(ptgt);
2957 	if (ptgt == NULL)
2958 		return (TRAN_FATAL_ERROR);
2959 
2960 	/*
2961 	 * prepare the pkt before taking mutex.
2962 	 */
2963 	rval = mptsas_prepare_pkt(cmd);
2964 	if (rval != TRAN_ACCEPT) {
2965 		return (rval);
2966 	}
2967 
2968 	/*
2969 	 * Send the command to target/lun, however your HBA requires it.
2970 	 * If busy, return TRAN_BUSY; if there's some other formatting error
2971 	 * in the packet, return TRAN_BADPKT; otherwise, fall through to the
2972 	 * return of TRAN_ACCEPT.
2973 	 *
2974 	 * Remember that access to shared resources, including the mptsas_t
2975 	 * data structure and the HBA hardware registers, must be protected
2976 	 * with mutexes, here and everywhere.
2977 	 *
2978 	 * Also remember that at interrupt time, you'll get an argument
2979 	 * to the interrupt handler which is a pointer to your mptsas_t
2980 	 * structure; you'll have to remember which commands are outstanding
2981 	 * and which scsi_pkt is the currently-running command so the
2982 	 * interrupt handler can refer to the pkt to set completion
2983 	 * status, call the target driver back through pkt_comp, etc.
2984 	 *
2985 	 * If the instance lock is held by other thread, don't spin to wait
2986 	 * for it. Instead, queue the cmd and next time when the instance lock
2987 	 * is not held, accept all the queued cmd. A extra tx_waitq is
2988 	 * introduced to protect the queue.
2989 	 *
2990 	 * The polled cmd will not be queud and accepted as usual.
2991 	 *
2992 	 * Under the tx_waitq mutex, record whether a thread is draining
2993 	 * the tx_waitq.  An IO requesting thread that finds the instance
2994 	 * mutex contended appends to the tx_waitq and while holding the
2995 	 * tx_wait mutex, if the draining flag is not set, sets it and then
2996 	 * proceeds to spin for the instance mutex. This scheme ensures that
2997 	 * the last cmd in a burst be processed.
2998 	 *
2999 	 * we enable this feature only when the helper threads are enabled,
3000 	 * at which we think the loads are heavy.
3001 	 *
3002 	 * per instance mutex m_tx_waitq_mutex is introduced to protect the
3003 	 * m_tx_waitqtail, m_tx_waitq, m_tx_draining.
3004 	 */
3005 
3006 	if (mpt->m_doneq_thread_n) {
3007 		if (mutex_tryenter(&mpt->m_mutex) != 0) {
3008 			rval = mptsas_accept_txwq_and_pkt(mpt, cmd);
3009 			mutex_exit(&mpt->m_mutex);
3010 		} else if (cmd->cmd_pkt_flags & FLAG_NOINTR) {
3011 			mutex_enter(&mpt->m_mutex);
3012 			rval = mptsas_accept_txwq_and_pkt(mpt, cmd);
3013 			mutex_exit(&mpt->m_mutex);
3014 		} else {
3015 			mutex_enter(&mpt->m_tx_waitq_mutex);
3016 			/*
3017 			 * ptgt->m_dr_flag is protected by m_mutex or
3018 			 * m_tx_waitq_mutex. In this case, m_tx_waitq_mutex
3019 			 * is acquired.
3020 			 */
3021 			if (ptgt->m_dr_flag == MPTSAS_DR_INTRANSITION) {
3022 				if (cmd->cmd_pkt_flags & FLAG_NOQUEUE) {
3023 					/*
3024 					 * The command should be allowed to
3025 					 * retry by returning TRAN_BUSY to
3026 					 * to stall the I/O's which come from
3027 					 * scsi_vhci since the device/path is
3028 					 * in unstable state now.
3029 					 */
3030 					mutex_exit(&mpt->m_tx_waitq_mutex);
3031 					return (TRAN_BUSY);
3032 				} else {
3033 					/*
3034 					 * The device is offline, just fail the
3035 					 * command by returning
3036 					 * TRAN_FATAL_ERROR.
3037 					 */
3038 					mutex_exit(&mpt->m_tx_waitq_mutex);
3039 					return (TRAN_FATAL_ERROR);
3040 				}
3041 			}
3042 			if (mpt->m_tx_draining) {
3043 				cmd->cmd_flags |= CFLAG_TXQ;
3044 				*mpt->m_tx_waitqtail = cmd;
3045 				mpt->m_tx_waitqtail = &cmd->cmd_linkp;
3046 				mutex_exit(&mpt->m_tx_waitq_mutex);
3047 			} else { /* drain the queue */
3048 				mpt->m_tx_draining = 1;
3049 				mutex_exit(&mpt->m_tx_waitq_mutex);
3050 				mutex_enter(&mpt->m_mutex);
3051 				rval = mptsas_accept_txwq_and_pkt(mpt, cmd);
3052 				mutex_exit(&mpt->m_mutex);
3053 			}
3054 		}
3055 	} else {
3056 		mutex_enter(&mpt->m_mutex);
3057 		/*
3058 		 * ptgt->m_dr_flag is protected by m_mutex or m_tx_waitq_mutex
3059 		 * in this case, m_mutex is acquired.
3060 		 */
3061 		if (ptgt->m_dr_flag == MPTSAS_DR_INTRANSITION) {
3062 			if (cmd->cmd_pkt_flags & FLAG_NOQUEUE) {
3063 				/*
3064 				 * commands should be allowed to retry by
3065 				 * returning TRAN_BUSY to stall the I/O's
3066 				 * which come from scsi_vhci since the device/
3067 				 * path is in unstable state now.
3068 				 */
3069 				mutex_exit(&mpt->m_mutex);
3070 				return (TRAN_BUSY);
3071 			} else {
3072 				/*
3073 				 * The device is offline, just fail the
3074 				 * command by returning TRAN_FATAL_ERROR.
3075 				 */
3076 				mutex_exit(&mpt->m_mutex);
3077 				return (TRAN_FATAL_ERROR);
3078 			}
3079 		}
3080 		rval = mptsas_accept_pkt(mpt, cmd);
3081 		mutex_exit(&mpt->m_mutex);
3082 	}
3083 
3084 	return (rval);
3085 }
3086 
3087 /*
3088  * Accept all the queued cmds(if any) before accept the current one.
3089  */
3090 static int
3091 mptsas_accept_txwq_and_pkt(mptsas_t *mpt, mptsas_cmd_t *cmd)
3092 {
3093 	int rval;
3094 	mptsas_target_t	*ptgt = cmd->cmd_tgt_addr;
3095 
3096 	ASSERT(mutex_owned(&mpt->m_mutex));
3097 	/*
3098 	 * The call to mptsas_accept_tx_waitq() must always be performed
3099 	 * because that is where mpt->m_tx_draining is cleared.
3100 	 */
3101 	mutex_enter(&mpt->m_tx_waitq_mutex);
3102 	mptsas_accept_tx_waitq(mpt);
3103 	mutex_exit(&mpt->m_tx_waitq_mutex);
3104 	/*
3105 	 * ptgt->m_dr_flag is protected by m_mutex or m_tx_waitq_mutex
3106 	 * in this case, m_mutex is acquired.
3107 	 */
3108 	if (ptgt->m_dr_flag == MPTSAS_DR_INTRANSITION) {
3109 		if (cmd->cmd_pkt_flags & FLAG_NOQUEUE) {
3110 			/*
3111 			 * The command should be allowed to retry by returning
3112 			 * TRAN_BUSY to stall the I/O's which come from
3113 			 * scsi_vhci since the device/path is in unstable state
3114 			 * now.
3115 			 */
3116 			return (TRAN_BUSY);
3117 		} else {
3118 			/*
3119 			 * The device is offline, just fail the command by
3120 			 * return TRAN_FATAL_ERROR.
3121 			 */
3122 			return (TRAN_FATAL_ERROR);
3123 		}
3124 	}
3125 	rval = mptsas_accept_pkt(mpt, cmd);
3126 
3127 	return (rval);
3128 }
3129 
3130 static int
3131 mptsas_accept_pkt(mptsas_t *mpt, mptsas_cmd_t *cmd)
3132 {
3133 	int		rval = TRAN_ACCEPT;
3134 	mptsas_target_t	*ptgt = cmd->cmd_tgt_addr;
3135 
3136 	NDBG1(("mptsas_accept_pkt: cmd=0x%p", (void *)cmd));
3137 
3138 	ASSERT(mutex_owned(&mpt->m_mutex));
3139 
3140 	if ((cmd->cmd_flags & CFLAG_PREPARED) == 0) {
3141 		rval = mptsas_prepare_pkt(cmd);
3142 		if (rval != TRAN_ACCEPT) {
3143 			cmd->cmd_flags &= ~CFLAG_TRANFLAG;
3144 			return (rval);
3145 		}
3146 	}
3147 
3148 	/*
3149 	 * reset the throttle if we were draining
3150 	 */
3151 	if ((ptgt->m_t_ncmds == 0) &&
3152 	    (ptgt->m_t_throttle == DRAIN_THROTTLE)) {
3153 		NDBG23(("reset throttle"));
3154 		ASSERT(ptgt->m_reset_delay == 0);
3155 		mptsas_set_throttle(mpt, ptgt, MAX_THROTTLE);
3156 	}
3157 
3158 	/*
3159 	 * If HBA is being reset, the DevHandles are being re-initialized,
3160 	 * which means that they could be invalid even if the target is still
3161 	 * attached.  Check if being reset and if DevHandle is being
3162 	 * re-initialized.  If this is the case, return BUSY so the I/O can be
3163 	 * retried later.
3164 	 */
3165 	if ((ptgt->m_devhdl == MPTSAS_INVALID_DEVHDL) && mpt->m_in_reset) {
3166 		mptsas_set_pkt_reason(mpt, cmd, CMD_RESET, STAT_BUS_RESET);
3167 		if (cmd->cmd_flags & CFLAG_TXQ) {
3168 			mptsas_doneq_add(mpt, cmd);
3169 			mptsas_doneq_empty(mpt);
3170 			return (rval);
3171 		} else {
3172 			return (TRAN_BUSY);
3173 		}
3174 	}
3175 
3176 	/*
3177 	 * If device handle has already been invalidated, just
3178 	 * fail the command. In theory, command from scsi_vhci
3179 	 * client is impossible send down command with invalid
3180 	 * devhdl since devhdl is set after path offline, target
3181 	 * driver is not suppose to select a offlined path.
3182 	 */
3183 	if (ptgt->m_devhdl == MPTSAS_INVALID_DEVHDL) {
3184 		NDBG20(("rejecting command, it might because invalid devhdl "
3185 		    "request."));
3186 		mptsas_set_pkt_reason(mpt, cmd, CMD_DEV_GONE, STAT_TERMINATED);
3187 		if (cmd->cmd_flags & CFLAG_TXQ) {
3188 			mptsas_doneq_add(mpt, cmd);
3189 			mptsas_doneq_empty(mpt);
3190 			return (rval);
3191 		} else {
3192 			return (TRAN_FATAL_ERROR);
3193 		}
3194 	}
3195 	/*
3196 	 * The first case is the normal case.  mpt gets a command from the
3197 	 * target driver and starts it.
3198 	 * Since SMID 0 is reserved and the TM slot is reserved, the actual max
3199 	 * commands is m_max_requests - 2.
3200 	 */
3201 	if ((mpt->m_ncmds <= (mpt->m_max_requests - 2)) &&
3202 	    (ptgt->m_t_throttle > HOLD_THROTTLE) &&
3203 	    (ptgt->m_t_ncmds < ptgt->m_t_throttle) &&
3204 	    (ptgt->m_reset_delay == 0) &&
3205 	    (ptgt->m_t_nwait == 0) &&
3206 	    ((cmd->cmd_pkt_flags & FLAG_NOINTR) == 0)) {
3207 		if (mptsas_save_cmd(mpt, cmd) == TRUE) {
3208 			(void) mptsas_start_cmd(mpt, cmd);
3209 		} else {
3210 			mptsas_waitq_add(mpt, cmd);
3211 		}
3212 	} else {
3213 		/*
3214 		 * Add this pkt to the work queue
3215 		 */
3216 		mptsas_waitq_add(mpt, cmd);
3217 
3218 		if (cmd->cmd_pkt_flags & FLAG_NOINTR) {
3219 			(void) mptsas_poll(mpt, cmd, MPTSAS_POLL_TIME);
3220 
3221 			/*
3222 			 * Only flush the doneq if this is not a TM
3223 			 * cmd.  For TM cmds the flushing of the
3224 			 * doneq will be done in those routines.
3225 			 */
3226 			if ((cmd->cmd_flags & CFLAG_TM_CMD) == 0) {
3227 				mptsas_doneq_empty(mpt);
3228 			}
3229 		}
3230 	}
3231 	return (rval);
3232 }
3233 
3234 int
3235 mptsas_save_cmd(mptsas_t *mpt, mptsas_cmd_t *cmd)
3236 {
3237 	mptsas_slots_t	*slots;
3238 	int		slot;
3239 	mptsas_target_t	*ptgt = cmd->cmd_tgt_addr;
3240 
3241 	ASSERT(mutex_owned(&mpt->m_mutex));
3242 	slots = mpt->m_active;
3243 
3244 	/*
3245 	 * Account for reserved TM request slot and reserved SMID of 0.
3246 	 */
3247 	ASSERT(slots->m_n_slots == (mpt->m_max_requests - 2));
3248 
3249 	/*
3250 	 * m_tags is equivalent to the SMID when sending requests.  Since the
3251 	 * SMID cannot be 0, start out at one if rolling over past the size
3252 	 * of the request queue depth.  Also, don't use the last SMID, which is
3253 	 * reserved for TM requests.
3254 	 */
3255 	slot = (slots->m_tags)++;
3256 	if (slots->m_tags > slots->m_n_slots) {
3257 		slots->m_tags = 1;
3258 	}
3259 
3260 alloc_tag:
3261 	/* Validate tag, should never fail. */
3262 	if (slots->m_slot[slot] == NULL) {
3263 		/*
3264 		 * Make sure SMID is not using reserved value of 0
3265 		 * and the TM request slot.
3266 		 */
3267 		ASSERT((slot > 0) && (slot <= slots->m_n_slots));
3268 		cmd->cmd_slot = slot;
3269 		slots->m_slot[slot] = cmd;
3270 		mpt->m_ncmds++;
3271 
3272 		/*
3273 		 * only increment per target ncmds if this is not a
3274 		 * command that has no target associated with it (i.e. a
3275 		 * event acknoledgment)
3276 		 */
3277 		if ((cmd->cmd_flags & CFLAG_CMDIOC) == 0) {
3278 			ptgt->m_t_ncmds++;
3279 		}
3280 		cmd->cmd_active_timeout = cmd->cmd_pkt->pkt_time;
3281 
3282 		/*
3283 		 * If initial timout is less than or equal to one tick, bump
3284 		 * the timeout by a tick so that command doesn't timeout before
3285 		 * its allotted time.
3286 		 */
3287 		if (cmd->cmd_active_timeout <= mptsas_scsi_watchdog_tick) {
3288 			cmd->cmd_active_timeout += mptsas_scsi_watchdog_tick;
3289 		}
3290 		return (TRUE);
3291 	} else {
3292 		int i;
3293 
3294 		/*
3295 		 * If slot in use, scan until a free one is found. Don't use 0
3296 		 * or final slot, which is reserved for TM requests.
3297 		 */
3298 		for (i = 0; i < slots->m_n_slots; i++) {
3299 			slot = slots->m_tags;
3300 			if (++(slots->m_tags) > slots->m_n_slots) {
3301 				slots->m_tags = 1;
3302 			}
3303 			if (slots->m_slot[slot] == NULL) {
3304 				NDBG22(("found free slot %d", slot));
3305 				goto alloc_tag;
3306 			}
3307 		}
3308 	}
3309 	return (FALSE);
3310 }
3311 
3312 /*
3313  * prepare the pkt:
3314  * the pkt may have been resubmitted or just reused so
3315  * initialize some fields and do some checks.
3316  */
3317 static int
3318 mptsas_prepare_pkt(mptsas_cmd_t *cmd)
3319 {
3320 	struct scsi_pkt	*pkt = CMD2PKT(cmd);
3321 
3322 	NDBG1(("mptsas_prepare_pkt: cmd=0x%p", (void *)cmd));
3323 
3324 	/*
3325 	 * Reinitialize some fields that need it; the packet may
3326 	 * have been resubmitted
3327 	 */
3328 	pkt->pkt_reason = CMD_CMPLT;
3329 	pkt->pkt_state = 0;
3330 	pkt->pkt_statistics = 0;
3331 	pkt->pkt_resid = 0;
3332 	cmd->cmd_age = 0;
3333 	cmd->cmd_pkt_flags = pkt->pkt_flags;
3334 
3335 	/*
3336 	 * zero status byte.
3337 	 */
3338 	*(pkt->pkt_scbp) = 0;
3339 
3340 	if (cmd->cmd_flags & CFLAG_DMAVALID) {
3341 		pkt->pkt_resid = cmd->cmd_dmacount;
3342 
3343 		/*
3344 		 * consistent packets need to be sync'ed first
3345 		 * (only for data going out)
3346 		 */
3347 		if ((cmd->cmd_flags & CFLAG_CMDIOPB) &&
3348 		    (cmd->cmd_flags & CFLAG_DMASEND)) {
3349 			(void) ddi_dma_sync(cmd->cmd_dmahandle, 0, 0,
3350 			    DDI_DMA_SYNC_FORDEV);
3351 		}
3352 	}
3353 
3354 	cmd->cmd_flags =
3355 	    (cmd->cmd_flags & ~(CFLAG_TRANFLAG)) |
3356 	    CFLAG_PREPARED | CFLAG_IN_TRANSPORT;
3357 
3358 	return (TRAN_ACCEPT);
3359 }
3360 
3361 /*
3362  * tran_init_pkt(9E) - allocate scsi_pkt(9S) for command
3363  *
3364  * One of three possibilities:
3365  *	- allocate scsi_pkt
3366  *	- allocate scsi_pkt and DMA resources
3367  *	- allocate DMA resources to an already-allocated pkt
3368  */
3369 static struct scsi_pkt *
3370 mptsas_scsi_init_pkt(struct scsi_address *ap, struct scsi_pkt *pkt,
3371     struct buf *bp, int cmdlen, int statuslen, int tgtlen, int flags,
3372     int (*callback)(), caddr_t arg)
3373 {
3374 	mptsas_cmd_t		*cmd, *new_cmd;
3375 	mptsas_t		*mpt = ADDR2MPT(ap);
3376 	int			failure = 1;
3377 	uint_t			oldcookiec;
3378 	mptsas_target_t		*ptgt = NULL;
3379 	int			rval;
3380 	mptsas_tgt_private_t	*tgt_private;
3381 	int			kf;
3382 
3383 	kf = (callback == SLEEP_FUNC)? KM_SLEEP: KM_NOSLEEP;
3384 
3385 	tgt_private = (mptsas_tgt_private_t *)ap->a_hba_tran->
3386 	    tran_tgt_private;
3387 	ASSERT(tgt_private != NULL);
3388 	if (tgt_private == NULL) {
3389 		return (NULL);
3390 	}
3391 	ptgt = tgt_private->t_private;
3392 	ASSERT(ptgt != NULL);
3393 	if (ptgt == NULL)
3394 		return (NULL);
3395 	ap->a_target = ptgt->m_devhdl;
3396 	ap->a_lun = tgt_private->t_lun;
3397 
3398 	ASSERT(callback == NULL_FUNC || callback == SLEEP_FUNC);
3399 #ifdef MPTSAS_TEST_EXTRN_ALLOC
3400 	statuslen *= 100; tgtlen *= 4;
3401 #endif
3402 	NDBG3(("mptsas_scsi_init_pkt:\n"
3403 	    "\ttgt=%d in=0x%p bp=0x%p clen=%d slen=%d tlen=%d flags=%x",
3404 	    ap->a_target, (void *)pkt, (void *)bp,
3405 	    cmdlen, statuslen, tgtlen, flags));
3406 
3407 	/*
3408 	 * Allocate the new packet.
3409 	 */
3410 	if (pkt == NULL) {
3411 		ddi_dma_handle_t	save_dma_handle;
3412 		ddi_dma_handle_t	save_arq_dma_handle;
3413 		struct buf		*save_arq_bp;
3414 		ddi_dma_cookie_t	save_arqcookie;
3415 
3416 		cmd = kmem_cache_alloc(mpt->m_kmem_cache, kf);
3417 
3418 		if (cmd) {
3419 			save_dma_handle = cmd->cmd_dmahandle;
3420 			save_arq_dma_handle = cmd->cmd_arqhandle;
3421 			save_arq_bp = cmd->cmd_arq_buf;
3422 			save_arqcookie = cmd->cmd_arqcookie;
3423 			bzero(cmd, sizeof (*cmd) + scsi_pkt_size());
3424 			cmd->cmd_dmahandle = save_dma_handle;
3425 			cmd->cmd_arqhandle = save_arq_dma_handle;
3426 			cmd->cmd_arq_buf = save_arq_bp;
3427 			cmd->cmd_arqcookie = save_arqcookie;
3428 
3429 			pkt = (void *)((uchar_t *)cmd +
3430 			    sizeof (struct mptsas_cmd));
3431 			pkt->pkt_ha_private = (opaque_t)cmd;
3432 			pkt->pkt_address = *ap;
3433 			pkt->pkt_private = (opaque_t)cmd->cmd_pkt_private;
3434 			pkt->pkt_scbp = (opaque_t)&cmd->cmd_scb;
3435 			pkt->pkt_cdbp = (opaque_t)&cmd->cmd_cdb;
3436 			cmd->cmd_pkt = (struct scsi_pkt *)pkt;
3437 			cmd->cmd_cdblen = (uchar_t)cmdlen;
3438 			cmd->cmd_scblen = statuslen;
3439 			cmd->cmd_rqslen = SENSE_LENGTH;
3440 			cmd->cmd_tgt_addr = ptgt;
3441 			failure = 0;
3442 		}
3443 
3444 		if (failure || (cmdlen > sizeof (cmd->cmd_cdb)) ||
3445 		    (tgtlen > PKT_PRIV_LEN) ||
3446 		    (statuslen > EXTCMDS_STATUS_SIZE)) {
3447 			if (failure == 0) {
3448 				/*
3449 				 * if extern alloc fails, all will be
3450 				 * deallocated, including cmd
3451 				 */
3452 				failure = mptsas_pkt_alloc_extern(mpt, cmd,
3453 				    cmdlen, tgtlen, statuslen, kf);
3454 			}
3455 			if (failure) {
3456 				/*
3457 				 * if extern allocation fails, it will
3458 				 * deallocate the new pkt as well
3459 				 */
3460 				return (NULL);
3461 			}
3462 		}
3463 		new_cmd = cmd;
3464 
3465 	} else {
3466 		cmd = PKT2CMD(pkt);
3467 		new_cmd = NULL;
3468 	}
3469 
3470 
3471 	/* grab cmd->cmd_cookiec here as oldcookiec */
3472 
3473 	oldcookiec = cmd->cmd_cookiec;
3474 
3475 	/*
3476 	 * If the dma was broken up into PARTIAL transfers cmd_nwin will be
3477 	 * greater than 0 and we'll need to grab the next dma window
3478 	 */
3479 	/*
3480 	 * SLM-not doing extra command frame right now; may add later
3481 	 */
3482 
3483 	if (cmd->cmd_nwin > 0) {
3484 
3485 		/*
3486 		 * Make sure we havn't gone past the the total number
3487 		 * of windows
3488 		 */
3489 		if (++cmd->cmd_winindex >= cmd->cmd_nwin) {
3490 			return (NULL);
3491 		}
3492 		if (ddi_dma_getwin(cmd->cmd_dmahandle, cmd->cmd_winindex,
3493 		    &cmd->cmd_dma_offset, &cmd->cmd_dma_len,
3494 		    &cmd->cmd_cookie, &cmd->cmd_cookiec) == DDI_FAILURE) {
3495 			return (NULL);
3496 		}
3497 		goto get_dma_cookies;
3498 	}
3499 
3500 
3501 	if (flags & PKT_XARQ) {
3502 		cmd->cmd_flags |= CFLAG_XARQ;
3503 	}
3504 
3505 	/*
3506 	 * DMA resource allocation.  This version assumes your
3507 	 * HBA has some sort of bus-mastering or onboard DMA capability, with a
3508 	 * scatter-gather list of length MPTSAS_MAX_DMA_SEGS, as given in the
3509 	 * ddi_dma_attr_t structure and passed to scsi_impl_dmaget.
3510 	 */
3511 	if (bp && (bp->b_bcount != 0) &&
3512 	    (cmd->cmd_flags & CFLAG_DMAVALID) == 0) {
3513 
3514 		int	cnt, dma_flags;
3515 		mptti_t	*dmap;		/* ptr to the S/G list */
3516 
3517 		/*
3518 		 * Set up DMA memory and position to the next DMA segment.
3519 		 */
3520 		ASSERT(cmd->cmd_dmahandle != NULL);
3521 
3522 		if (bp->b_flags & B_READ) {
3523 			dma_flags = DDI_DMA_READ;
3524 			cmd->cmd_flags &= ~CFLAG_DMASEND;
3525 		} else {
3526 			dma_flags = DDI_DMA_WRITE;
3527 			cmd->cmd_flags |= CFLAG_DMASEND;
3528 		}
3529 		if (flags & PKT_CONSISTENT) {
3530 			cmd->cmd_flags |= CFLAG_CMDIOPB;
3531 			dma_flags |= DDI_DMA_CONSISTENT;
3532 		}
3533 
3534 		if (flags & PKT_DMA_PARTIAL) {
3535 			dma_flags |= DDI_DMA_PARTIAL;
3536 		}
3537 
3538 		/*
3539 		 * workaround for byte hole issue on psycho and
3540 		 * schizo pre 2.1
3541 		 */
3542 		if ((bp->b_flags & B_READ) && ((bp->b_flags &
3543 		    (B_PAGEIO|B_REMAPPED)) != B_PAGEIO) &&
3544 		    ((uintptr_t)bp->b_un.b_addr & 0x7)) {
3545 			dma_flags |= DDI_DMA_CONSISTENT;
3546 		}
3547 
3548 		rval = ddi_dma_buf_bind_handle(cmd->cmd_dmahandle, bp,
3549 		    dma_flags, callback, arg,
3550 		    &cmd->cmd_cookie, &cmd->cmd_cookiec);
3551 		if (rval == DDI_DMA_PARTIAL_MAP) {
3552 			(void) ddi_dma_numwin(cmd->cmd_dmahandle,
3553 			    &cmd->cmd_nwin);
3554 			cmd->cmd_winindex = 0;
3555 			(void) ddi_dma_getwin(cmd->cmd_dmahandle,
3556 			    cmd->cmd_winindex, &cmd->cmd_dma_offset,
3557 			    &cmd->cmd_dma_len, &cmd->cmd_cookie,
3558 			    &cmd->cmd_cookiec);
3559 		} else if (rval && (rval != DDI_DMA_MAPPED)) {
3560 			switch (rval) {
3561 			case DDI_DMA_NORESOURCES:
3562 				bioerror(bp, 0);
3563 				break;
3564 			case DDI_DMA_BADATTR:
3565 			case DDI_DMA_NOMAPPING:
3566 				bioerror(bp, EFAULT);
3567 				break;
3568 			case DDI_DMA_TOOBIG:
3569 			default:
3570 				bioerror(bp, EINVAL);
3571 				break;
3572 			}
3573 			cmd->cmd_flags &= ~CFLAG_DMAVALID;
3574 			if (new_cmd) {
3575 				mptsas_scsi_destroy_pkt(ap, pkt);
3576 			}
3577 			return ((struct scsi_pkt *)NULL);
3578 		}
3579 
3580 get_dma_cookies:
3581 		cmd->cmd_flags |= CFLAG_DMAVALID;
3582 		ASSERT(cmd->cmd_cookiec > 0);
3583 
3584 		if (cmd->cmd_cookiec > MPTSAS_MAX_CMD_SEGS) {
3585 			mptsas_log(mpt, CE_NOTE, "large cookiec received %d\n",
3586 			    cmd->cmd_cookiec);
3587 			bioerror(bp, EINVAL);
3588 			if (new_cmd) {
3589 				mptsas_scsi_destroy_pkt(ap, pkt);
3590 			}
3591 			return ((struct scsi_pkt *)NULL);
3592 		}
3593 
3594 		/*
3595 		 * Allocate extra SGL buffer if needed.
3596 		 */
3597 		if ((cmd->cmd_cookiec > MPTSAS_MAX_FRAME_SGES64(mpt)) &&
3598 		    (cmd->cmd_extra_frames == NULL)) {
3599 			if (mptsas_alloc_extra_sgl_frame(mpt, cmd) ==
3600 			    DDI_FAILURE) {
3601 				mptsas_log(mpt, CE_WARN, "MPT SGL mem alloc "
3602 				    "failed");
3603 				bioerror(bp, ENOMEM);
3604 				if (new_cmd) {
3605 					mptsas_scsi_destroy_pkt(ap, pkt);
3606 				}
3607 				return ((struct scsi_pkt *)NULL);
3608 			}
3609 		}
3610 
3611 		/*
3612 		 * Always use scatter-gather transfer
3613 		 * Use the loop below to store physical addresses of
3614 		 * DMA segments, from the DMA cookies, into your HBA's
3615 		 * scatter-gather list.
3616 		 * We need to ensure we have enough kmem alloc'd
3617 		 * for the sg entries since we are no longer using an
3618 		 * array inside mptsas_cmd_t.
3619 		 *
3620 		 * We check cmd->cmd_cookiec against oldcookiec so
3621 		 * the scatter-gather list is correctly allocated
3622 		 */
3623 
3624 		if (oldcookiec != cmd->cmd_cookiec) {
3625 			if (cmd->cmd_sg != (mptti_t *)NULL) {
3626 				kmem_free(cmd->cmd_sg, sizeof (mptti_t) *
3627 				    oldcookiec);
3628 				cmd->cmd_sg = NULL;
3629 			}
3630 		}
3631 
3632 		if (cmd->cmd_sg == (mptti_t *)NULL) {
3633 			cmd->cmd_sg = kmem_alloc((size_t)(sizeof (mptti_t)*
3634 			    cmd->cmd_cookiec), kf);
3635 
3636 			if (cmd->cmd_sg == (mptti_t *)NULL) {
3637 				mptsas_log(mpt, CE_WARN,
3638 				    "unable to kmem_alloc enough memory "
3639 				    "for scatter/gather list");
3640 		/*
3641 		 * if we have an ENOMEM condition we need to behave
3642 		 * the same way as the rest of this routine
3643 		 */
3644 
3645 				bioerror(bp, ENOMEM);
3646 				if (new_cmd) {
3647 					mptsas_scsi_destroy_pkt(ap, pkt);
3648 				}
3649 				return ((struct scsi_pkt *)NULL);
3650 			}
3651 		}
3652 
3653 		dmap = cmd->cmd_sg;
3654 
3655 		ASSERT(cmd->cmd_cookie.dmac_size != 0);
3656 
3657 		/*
3658 		 * store the first segment into the S/G list
3659 		 */
3660 		dmap->count = cmd->cmd_cookie.dmac_size;
3661 		dmap->addr.address64.Low = (uint32_t)
3662 		    (cmd->cmd_cookie.dmac_laddress & 0xffffffffull);
3663 		dmap->addr.address64.High = (uint32_t)
3664 		    (cmd->cmd_cookie.dmac_laddress >> 32);
3665 
3666 		/*
3667 		 * dmacount counts the size of the dma for this window
3668 		 * (if partial dma is being used).  totaldmacount
3669 		 * keeps track of the total amount of dma we have
3670 		 * transferred for all the windows (needed to calculate
3671 		 * the resid value below).
3672 		 */
3673 		cmd->cmd_dmacount = cmd->cmd_cookie.dmac_size;
3674 		cmd->cmd_totaldmacount += cmd->cmd_cookie.dmac_size;
3675 
3676 		/*
3677 		 * We already stored the first DMA scatter gather segment,
3678 		 * start at 1 if we need to store more.
3679 		 */
3680 		for (cnt = 1; cnt < cmd->cmd_cookiec; cnt++) {
3681 			/*
3682 			 * Get next DMA cookie
3683 			 */
3684 			ddi_dma_nextcookie(cmd->cmd_dmahandle,
3685 			    &cmd->cmd_cookie);
3686 			dmap++;
3687 
3688 			cmd->cmd_dmacount += cmd->cmd_cookie.dmac_size;
3689 			cmd->cmd_totaldmacount += cmd->cmd_cookie.dmac_size;
3690 
3691 			/*
3692 			 * store the segment parms into the S/G list
3693 			 */
3694 			dmap->count = cmd->cmd_cookie.dmac_size;
3695 			dmap->addr.address64.Low = (uint32_t)
3696 			    (cmd->cmd_cookie.dmac_laddress & 0xffffffffull);
3697 			dmap->addr.address64.High = (uint32_t)
3698 			    (cmd->cmd_cookie.dmac_laddress >> 32);
3699 		}
3700 
3701 		/*
3702 		 * If this was partially allocated we set the resid
3703 		 * the amount of data NOT transferred in this window
3704 		 * If there is only one window, the resid will be 0
3705 		 */
3706 		pkt->pkt_resid = (bp->b_bcount - cmd->cmd_totaldmacount);
3707 		NDBG16(("mptsas_dmaget: cmd_dmacount=%d.", cmd->cmd_dmacount));
3708 	}
3709 	return (pkt);
3710 }
3711 
3712 /*
3713  * tran_destroy_pkt(9E) - scsi_pkt(9s) deallocation
3714  *
3715  * Notes:
3716  *	- also frees DMA resources if allocated
3717  *	- implicit DMA synchonization
3718  */
3719 static void
3720 mptsas_scsi_destroy_pkt(struct scsi_address *ap, struct scsi_pkt *pkt)
3721 {
3722 	mptsas_cmd_t	*cmd = PKT2CMD(pkt);
3723 	mptsas_t	*mpt = ADDR2MPT(ap);
3724 
3725 	NDBG3(("mptsas_scsi_destroy_pkt: target=%d pkt=0x%p",
3726 	    ap->a_target, (void *)pkt));
3727 
3728 	if (cmd->cmd_flags & CFLAG_DMAVALID) {
3729 		(void) ddi_dma_unbind_handle(cmd->cmd_dmahandle);
3730 		cmd->cmd_flags &= ~CFLAG_DMAVALID;
3731 	}
3732 
3733 	if (cmd->cmd_sg) {
3734 		kmem_free(cmd->cmd_sg, sizeof (mptti_t) * cmd->cmd_cookiec);
3735 		cmd->cmd_sg = NULL;
3736 	}
3737 
3738 	mptsas_free_extra_sgl_frame(mpt, cmd);
3739 
3740 	if ((cmd->cmd_flags &
3741 	    (CFLAG_FREE | CFLAG_CDBEXTERN | CFLAG_PRIVEXTERN |
3742 	    CFLAG_SCBEXTERN)) == 0) {
3743 		cmd->cmd_flags = CFLAG_FREE;
3744 		kmem_cache_free(mpt->m_kmem_cache, (void *)cmd);
3745 	} else {
3746 		mptsas_pkt_destroy_extern(mpt, cmd);
3747 	}
3748 }
3749 
3750 /*
3751  * kmem cache constructor and destructor:
3752  * When constructing, we bzero the cmd and allocate the dma handle
3753  * When destructing, just free the dma handle
3754  */
3755 static int
3756 mptsas_kmem_cache_constructor(void *buf, void *cdrarg, int kmflags)
3757 {
3758 	mptsas_cmd_t		*cmd = buf;
3759 	mptsas_t		*mpt  = cdrarg;
3760 	struct scsi_address	ap;
3761 	uint_t			cookiec;
3762 	ddi_dma_attr_t		arq_dma_attr;
3763 	int			(*callback)(caddr_t);
3764 
3765 	callback = (kmflags == KM_SLEEP)? DDI_DMA_SLEEP: DDI_DMA_DONTWAIT;
3766 
3767 	NDBG4(("mptsas_kmem_cache_constructor"));
3768 
3769 	ap.a_hba_tran = mpt->m_tran;
3770 	ap.a_target = 0;
3771 	ap.a_lun = 0;
3772 
3773 	/*
3774 	 * allocate a dma handle
3775 	 */
3776 	if ((ddi_dma_alloc_handle(mpt->m_dip, &mpt->m_io_dma_attr, callback,
3777 	    NULL, &cmd->cmd_dmahandle)) != DDI_SUCCESS) {
3778 		cmd->cmd_dmahandle = NULL;
3779 		return (-1);
3780 	}
3781 
3782 	cmd->cmd_arq_buf = scsi_alloc_consistent_buf(&ap, (struct buf *)NULL,
3783 	    SENSE_LENGTH, B_READ, callback, NULL);
3784 	if (cmd->cmd_arq_buf == NULL) {
3785 		ddi_dma_free_handle(&cmd->cmd_dmahandle);
3786 		cmd->cmd_dmahandle = NULL;
3787 		return (-1);
3788 	}
3789 
3790 	/*
3791 	 * allocate a arq handle
3792 	 */
3793 	arq_dma_attr = mpt->m_msg_dma_attr;
3794 	arq_dma_attr.dma_attr_sgllen = 1;
3795 	if ((ddi_dma_alloc_handle(mpt->m_dip, &arq_dma_attr, callback,
3796 	    NULL, &cmd->cmd_arqhandle)) != DDI_SUCCESS) {
3797 		ddi_dma_free_handle(&cmd->cmd_dmahandle);
3798 		scsi_free_consistent_buf(cmd->cmd_arq_buf);
3799 		cmd->cmd_dmahandle = NULL;
3800 		cmd->cmd_arqhandle = NULL;
3801 		return (-1);
3802 	}
3803 
3804 	if (ddi_dma_buf_bind_handle(cmd->cmd_arqhandle,
3805 	    cmd->cmd_arq_buf, (DDI_DMA_READ | DDI_DMA_CONSISTENT),
3806 	    callback, NULL, &cmd->cmd_arqcookie, &cookiec) != DDI_SUCCESS) {
3807 		ddi_dma_free_handle(&cmd->cmd_dmahandle);
3808 		ddi_dma_free_handle(&cmd->cmd_arqhandle);
3809 		scsi_free_consistent_buf(cmd->cmd_arq_buf);
3810 		cmd->cmd_dmahandle = NULL;
3811 		cmd->cmd_arqhandle = NULL;
3812 		cmd->cmd_arq_buf = NULL;
3813 		return (-1);
3814 	}
3815 
3816 	return (0);
3817 }
3818 
3819 static void
3820 mptsas_kmem_cache_destructor(void *buf, void *cdrarg)
3821 {
3822 #ifndef __lock_lint
3823 	_NOTE(ARGUNUSED(cdrarg))
3824 #endif
3825 	mptsas_cmd_t	*cmd = buf;
3826 
3827 	NDBG4(("mptsas_kmem_cache_destructor"));
3828 
3829 	if (cmd->cmd_arqhandle) {
3830 		(void) ddi_dma_unbind_handle(cmd->cmd_arqhandle);
3831 		ddi_dma_free_handle(&cmd->cmd_arqhandle);
3832 		cmd->cmd_arqhandle = NULL;
3833 	}
3834 	if (cmd->cmd_arq_buf) {
3835 		scsi_free_consistent_buf(cmd->cmd_arq_buf);
3836 		cmd->cmd_arq_buf = NULL;
3837 	}
3838 	if (cmd->cmd_dmahandle) {
3839 		ddi_dma_free_handle(&cmd->cmd_dmahandle);
3840 		cmd->cmd_dmahandle = NULL;
3841 	}
3842 }
3843 
3844 static int
3845 mptsas_cache_frames_constructor(void *buf, void *cdrarg, int kmflags)
3846 {
3847 	mptsas_cache_frames_t	*p = buf;
3848 	mptsas_t		*mpt = cdrarg;
3849 	ddi_dma_attr_t		frame_dma_attr;
3850 	size_t			mem_size, alloc_len;
3851 	ddi_dma_cookie_t	cookie;
3852 	uint_t			ncookie;
3853 	int (*callback)(caddr_t) = (kmflags == KM_SLEEP)
3854 	    ? DDI_DMA_SLEEP: DDI_DMA_DONTWAIT;
3855 
3856 	frame_dma_attr = mpt->m_msg_dma_attr;
3857 	frame_dma_attr.dma_attr_align = 0x10;
3858 	frame_dma_attr.dma_attr_sgllen = 1;
3859 
3860 	if (ddi_dma_alloc_handle(mpt->m_dip, &frame_dma_attr, callback, NULL,
3861 	    &p->m_dma_hdl) != DDI_SUCCESS) {
3862 		mptsas_log(mpt, CE_WARN, "Unable to allocate dma handle for"
3863 		    " extra SGL.");
3864 		return (DDI_FAILURE);
3865 	}
3866 
3867 	mem_size = (mpt->m_max_request_frames - 1) * mpt->m_req_frame_size;
3868 
3869 	if (ddi_dma_mem_alloc(p->m_dma_hdl, mem_size, &mpt->m_dev_acc_attr,
3870 	    DDI_DMA_CONSISTENT, callback, NULL, (caddr_t *)&p->m_frames_addr,
3871 	    &alloc_len, &p->m_acc_hdl) != DDI_SUCCESS) {
3872 		ddi_dma_free_handle(&p->m_dma_hdl);
3873 		p->m_dma_hdl = NULL;
3874 		mptsas_log(mpt, CE_WARN, "Unable to allocate dma memory for"
3875 		    " extra SGL.");
3876 		return (DDI_FAILURE);
3877 	}
3878 
3879 	if (ddi_dma_addr_bind_handle(p->m_dma_hdl, NULL, p->m_frames_addr,
3880 	    alloc_len, DDI_DMA_RDWR | DDI_DMA_CONSISTENT, callback, NULL,
3881 	    &cookie, &ncookie) != DDI_DMA_MAPPED) {
3882 		(void) ddi_dma_mem_free(&p->m_acc_hdl);
3883 		ddi_dma_free_handle(&p->m_dma_hdl);
3884 		p->m_dma_hdl = NULL;
3885 		mptsas_log(mpt, CE_WARN, "Unable to bind DMA resources for"
3886 		    " extra SGL");
3887 		return (DDI_FAILURE);
3888 	}
3889 
3890 	/*
3891 	 * Store the SGL memory address.  This chip uses this
3892 	 * address to dma to and from the driver.  The second
3893 	 * address is the address mpt uses to fill in the SGL.
3894 	 */
3895 	p->m_phys_addr = cookie.dmac_address;
3896 
3897 	return (DDI_SUCCESS);
3898 }
3899 
3900 static void
3901 mptsas_cache_frames_destructor(void *buf, void *cdrarg)
3902 {
3903 #ifndef __lock_lint
3904 	_NOTE(ARGUNUSED(cdrarg))
3905 #endif
3906 	mptsas_cache_frames_t	*p = buf;
3907 	if (p->m_dma_hdl != NULL) {
3908 		(void) ddi_dma_unbind_handle(p->m_dma_hdl);
3909 		(void) ddi_dma_mem_free(&p->m_acc_hdl);
3910 		ddi_dma_free_handle(&p->m_dma_hdl);
3911 		p->m_phys_addr = NULL;
3912 		p->m_frames_addr = NULL;
3913 		p->m_dma_hdl = NULL;
3914 		p->m_acc_hdl = NULL;
3915 	}
3916 
3917 }
3918 
3919 /*
3920  * allocate and deallocate external pkt space (ie. not part of mptsas_cmd)
3921  * for non-standard length cdb, pkt_private, status areas
3922  * if allocation fails, then deallocate all external space and the pkt
3923  */
3924 /* ARGSUSED */
3925 static int
3926 mptsas_pkt_alloc_extern(mptsas_t *mpt, mptsas_cmd_t *cmd,
3927     int cmdlen, int tgtlen, int statuslen, int kf)
3928 {
3929 	caddr_t			cdbp, scbp, tgt;
3930 	int			(*callback)(caddr_t) = (kf == KM_SLEEP) ?
3931 	    DDI_DMA_SLEEP : DDI_DMA_DONTWAIT;
3932 	struct scsi_address	ap;
3933 	size_t			senselength;
3934 	ddi_dma_attr_t		ext_arq_dma_attr;
3935 	uint_t			cookiec;
3936 
3937 	NDBG3(("mptsas_pkt_alloc_extern: "
3938 	    "cmd=0x%p cmdlen=%d tgtlen=%d statuslen=%d kf=%x",
3939 	    (void *)cmd, cmdlen, tgtlen, statuslen, kf));
3940 
3941 	tgt = cdbp = scbp = NULL;
3942 	cmd->cmd_scblen		= statuslen;
3943 	cmd->cmd_privlen	= (uchar_t)tgtlen;
3944 
3945 	if (cmdlen > sizeof (cmd->cmd_cdb)) {
3946 		if ((cdbp = kmem_zalloc((size_t)cmdlen, kf)) == NULL) {
3947 			goto fail;
3948 		}
3949 		cmd->cmd_pkt->pkt_cdbp = (opaque_t)cdbp;
3950 		cmd->cmd_flags |= CFLAG_CDBEXTERN;
3951 	}
3952 	if (tgtlen > PKT_PRIV_LEN) {
3953 		if ((tgt = kmem_zalloc((size_t)tgtlen, kf)) == NULL) {
3954 			goto fail;
3955 		}
3956 		cmd->cmd_flags |= CFLAG_PRIVEXTERN;
3957 		cmd->cmd_pkt->pkt_private = tgt;
3958 	}
3959 	if (statuslen > EXTCMDS_STATUS_SIZE) {
3960 		if ((scbp = kmem_zalloc((size_t)statuslen, kf)) == NULL) {
3961 			goto fail;
3962 		}
3963 		cmd->cmd_flags |= CFLAG_SCBEXTERN;
3964 		cmd->cmd_pkt->pkt_scbp = (opaque_t)scbp;
3965 
3966 		/* allocate sense data buf for DMA */
3967 
3968 		senselength = statuslen - MPTSAS_GET_ITEM_OFF(
3969 		    struct scsi_arq_status, sts_sensedata);
3970 		cmd->cmd_rqslen = (uchar_t)senselength;
3971 
3972 		ap.a_hba_tran = mpt->m_tran;
3973 		ap.a_target = 0;
3974 		ap.a_lun = 0;
3975 
3976 		cmd->cmd_ext_arq_buf = scsi_alloc_consistent_buf(&ap,
3977 		    (struct buf *)NULL, senselength, B_READ,
3978 		    callback, NULL);
3979 
3980 		if (cmd->cmd_ext_arq_buf == NULL) {
3981 			goto fail;
3982 		}
3983 		/*
3984 		 * allocate a extern arq handle and bind the buf
3985 		 */
3986 		ext_arq_dma_attr = mpt->m_msg_dma_attr;
3987 		ext_arq_dma_attr.dma_attr_sgllen = 1;
3988 		if ((ddi_dma_alloc_handle(mpt->m_dip,
3989 		    &ext_arq_dma_attr, callback,
3990 		    NULL, &cmd->cmd_ext_arqhandle)) != DDI_SUCCESS) {
3991 			goto fail;
3992 		}
3993 
3994 		if (ddi_dma_buf_bind_handle(cmd->cmd_ext_arqhandle,
3995 		    cmd->cmd_ext_arq_buf, (DDI_DMA_READ | DDI_DMA_CONSISTENT),
3996 		    callback, NULL, &cmd->cmd_ext_arqcookie,
3997 		    &cookiec)
3998 		    != DDI_SUCCESS) {
3999 			goto fail;
4000 		}
4001 		cmd->cmd_flags |= CFLAG_EXTARQBUFVALID;
4002 	}
4003 	return (0);
4004 fail:
4005 	mptsas_pkt_destroy_extern(mpt, cmd);
4006 	return (1);
4007 }
4008 
4009 /*
4010  * deallocate external pkt space and deallocate the pkt
4011  */
4012 static void
4013 mptsas_pkt_destroy_extern(mptsas_t *mpt, mptsas_cmd_t *cmd)
4014 {
4015 	NDBG3(("mptsas_pkt_destroy_extern: cmd=0x%p", (void *)cmd));
4016 
4017 	if (cmd->cmd_flags & CFLAG_FREE) {
4018 		mptsas_log(mpt, CE_PANIC,
4019 		    "mptsas_pkt_destroy_extern: freeing free packet");
4020 		_NOTE(NOT_REACHED)
4021 		/* NOTREACHED */
4022 	}
4023 	if (cmd->cmd_flags & CFLAG_CDBEXTERN) {
4024 		kmem_free(cmd->cmd_pkt->pkt_cdbp, (size_t)cmd->cmd_cdblen);
4025 	}
4026 	if (cmd->cmd_flags & CFLAG_SCBEXTERN) {
4027 		kmem_free(cmd->cmd_pkt->pkt_scbp, (size_t)cmd->cmd_scblen);
4028 		if (cmd->cmd_flags & CFLAG_EXTARQBUFVALID) {
4029 			(void) ddi_dma_unbind_handle(cmd->cmd_ext_arqhandle);
4030 		}
4031 		if (cmd->cmd_ext_arqhandle) {
4032 			ddi_dma_free_handle(&cmd->cmd_ext_arqhandle);
4033 			cmd->cmd_ext_arqhandle = NULL;
4034 		}
4035 		if (cmd->cmd_ext_arq_buf)
4036 			scsi_free_consistent_buf(cmd->cmd_ext_arq_buf);
4037 	}
4038 	if (cmd->cmd_flags & CFLAG_PRIVEXTERN) {
4039 		kmem_free(cmd->cmd_pkt->pkt_private, (size_t)cmd->cmd_privlen);
4040 	}
4041 	cmd->cmd_flags = CFLAG_FREE;
4042 	kmem_cache_free(mpt->m_kmem_cache, (void *)cmd);
4043 }
4044 
4045 /*
4046  * tran_sync_pkt(9E) - explicit DMA synchronization
4047  */
4048 /*ARGSUSED*/
4049 static void
4050 mptsas_scsi_sync_pkt(struct scsi_address *ap, struct scsi_pkt *pkt)
4051 {
4052 	mptsas_cmd_t	*cmd = PKT2CMD(pkt);
4053 
4054 	NDBG3(("mptsas_scsi_sync_pkt: target=%d, pkt=0x%p",
4055 	    ap->a_target, (void *)pkt));
4056 
4057 	if (cmd->cmd_dmahandle) {
4058 		(void) ddi_dma_sync(cmd->cmd_dmahandle, 0, 0,
4059 		    (cmd->cmd_flags & CFLAG_DMASEND) ?
4060 		    DDI_DMA_SYNC_FORDEV : DDI_DMA_SYNC_FORCPU);
4061 	}
4062 }
4063 
4064 /*
4065  * tran_dmafree(9E) - deallocate DMA resources allocated for command
4066  */
4067 /*ARGSUSED*/
4068 static void
4069 mptsas_scsi_dmafree(struct scsi_address *ap, struct scsi_pkt *pkt)
4070 {
4071 	mptsas_cmd_t	*cmd = PKT2CMD(pkt);
4072 	mptsas_t	*mpt = ADDR2MPT(ap);
4073 
4074 	NDBG3(("mptsas_scsi_dmafree: target=%d pkt=0x%p",
4075 	    ap->a_target, (void *)pkt));
4076 
4077 	if (cmd->cmd_flags & CFLAG_DMAVALID) {
4078 		(void) ddi_dma_unbind_handle(cmd->cmd_dmahandle);
4079 		cmd->cmd_flags &= ~CFLAG_DMAVALID;
4080 	}
4081 
4082 	if (cmd->cmd_flags & CFLAG_EXTARQBUFVALID) {
4083 		(void) ddi_dma_unbind_handle(cmd->cmd_ext_arqhandle);
4084 		cmd->cmd_flags &= ~CFLAG_EXTARQBUFVALID;
4085 	}
4086 
4087 	mptsas_free_extra_sgl_frame(mpt, cmd);
4088 }
4089 
4090 static void
4091 mptsas_pkt_comp(struct scsi_pkt *pkt, mptsas_cmd_t *cmd)
4092 {
4093 	if ((cmd->cmd_flags & CFLAG_CMDIOPB) &&
4094 	    (!(cmd->cmd_flags & CFLAG_DMASEND))) {
4095 		(void) ddi_dma_sync(cmd->cmd_dmahandle, 0, 0,
4096 		    DDI_DMA_SYNC_FORCPU);
4097 	}
4098 	(*pkt->pkt_comp)(pkt);
4099 }
4100 
4101 static void
4102 mptsas_sge_setup(mptsas_t *mpt, mptsas_cmd_t *cmd, uint32_t *control,
4103 	pMpi2SCSIIORequest_t frame, ddi_acc_handle_t acc_hdl)
4104 {
4105 	uint_t			cookiec;
4106 	mptti_t			*dmap;
4107 	uint32_t		flags;
4108 	pMpi2SGESimple64_t	sge;
4109 	pMpi2SGEChain64_t	sgechain;
4110 	ASSERT(cmd->cmd_flags & CFLAG_DMAVALID);
4111 
4112 	/*
4113 	 * Save the number of entries in the DMA
4114 	 * Scatter/Gather list
4115 	 */
4116 	cookiec = cmd->cmd_cookiec;
4117 
4118 	NDBG1(("mptsas_sge_setup: cookiec=%d", cookiec));
4119 
4120 	/*
4121 	 * Set read/write bit in control.
4122 	 */
4123 	if (cmd->cmd_flags & CFLAG_DMASEND) {
4124 		*control |= MPI2_SCSIIO_CONTROL_WRITE;
4125 	} else {
4126 		*control |= MPI2_SCSIIO_CONTROL_READ;
4127 	}
4128 
4129 	ddi_put32(acc_hdl, &frame->DataLength, cmd->cmd_dmacount);
4130 
4131 	/*
4132 	 * We have 2 cases here.  First where we can fit all the
4133 	 * SG elements into the main frame, and the case
4134 	 * where we can't.
4135 	 * If we have more cookies than we can attach to a frame
4136 	 * we will need to use a chain element to point
4137 	 * a location of memory where the rest of the S/G
4138 	 * elements reside.
4139 	 */
4140 	if (cookiec <= MPTSAS_MAX_FRAME_SGES64(mpt)) {
4141 		dmap = cmd->cmd_sg;
4142 		sge = (pMpi2SGESimple64_t)(&frame->SGL);
4143 		while (cookiec--) {
4144 			ddi_put32(acc_hdl,
4145 			    &sge->Address.Low, dmap->addr.address64.Low);
4146 			ddi_put32(acc_hdl,
4147 			    &sge->Address.High, dmap->addr.address64.High);
4148 			ddi_put32(acc_hdl, &sge->FlagsLength,
4149 			    dmap->count);
4150 			flags = ddi_get32(acc_hdl, &sge->FlagsLength);
4151 			flags |= ((uint32_t)
4152 			    (MPI2_SGE_FLAGS_SIMPLE_ELEMENT |
4153 			    MPI2_SGE_FLAGS_SYSTEM_ADDRESS |
4154 			    MPI2_SGE_FLAGS_64_BIT_ADDRESSING) <<
4155 			    MPI2_SGE_FLAGS_SHIFT);
4156 
4157 			/*
4158 			 * If this is the last cookie, we set the flags
4159 			 * to indicate so
4160 			 */
4161 			if (cookiec == 0) {
4162 				flags |=
4163 				    ((uint32_t)(MPI2_SGE_FLAGS_LAST_ELEMENT
4164 				    | MPI2_SGE_FLAGS_END_OF_BUFFER
4165 				    | MPI2_SGE_FLAGS_END_OF_LIST) <<
4166 				    MPI2_SGE_FLAGS_SHIFT);
4167 			}
4168 			if (cmd->cmd_flags & CFLAG_DMASEND) {
4169 				flags |= (MPI2_SGE_FLAGS_HOST_TO_IOC <<
4170 				    MPI2_SGE_FLAGS_SHIFT);
4171 			} else {
4172 				flags |= (MPI2_SGE_FLAGS_IOC_TO_HOST <<
4173 				    MPI2_SGE_FLAGS_SHIFT);
4174 			}
4175 			ddi_put32(acc_hdl, &sge->FlagsLength, flags);
4176 			dmap++;
4177 			sge++;
4178 		}
4179 	} else {
4180 		/*
4181 		 * Hereby we start to deal with multiple frames.
4182 		 * The process is as follows:
4183 		 * 1. Determine how many frames are needed for SGL element
4184 		 *    storage; Note that all frames are stored in contiguous
4185 		 *    memory space and in 64-bit DMA mode each element is
4186 		 *    3 double-words (12 bytes) long.
4187 		 * 2. Fill up the main frame. We need to do this separately
4188 		 *    since it contains the SCSI IO request header and needs
4189 		 *    dedicated processing. Note that the last 4 double-words
4190 		 *    of the SCSI IO header is for SGL element storage
4191 		 *    (MPI2_SGE_IO_UNION).
4192 		 * 3. Fill the chain element in the main frame, so the DMA
4193 		 *    engine can use the following frames.
4194 		 * 4. Enter a loop to fill the remaining frames. Note that the
4195 		 *    last frame contains no chain element.  The remaining
4196 		 *    frames go into the mpt SGL buffer allocated on the fly,
4197 		 *    not immediately following the main message frame, as in
4198 		 *    Gen1.
4199 		 * Some restrictions:
4200 		 * 1. For 64-bit DMA, the simple element and chain element
4201 		 *    are both of 3 double-words (12 bytes) in size, even
4202 		 *    though all frames are stored in the first 4G of mem
4203 		 *    range and the higher 32-bits of the address are always 0.
4204 		 * 2. On some controllers (like the 1064/1068), a frame can
4205 		 *    hold SGL elements with the last 1 or 2 double-words
4206 		 *    (4 or 8 bytes) un-used. On these controllers, we should
4207 		 *    recognize that there's not enough room for another SGL
4208 		 *    element and move the sge pointer to the next frame.
4209 		 */
4210 		int		i, j, k, l, frames, sgemax;
4211 		int		temp;
4212 		uint8_t		chainflags;
4213 		uint16_t	chainlength;
4214 		mptsas_cache_frames_t *p;
4215 
4216 		/*
4217 		 * Sgemax is the number of SGE's that will fit
4218 		 * each extra frame and frames is total
4219 		 * number of frames we'll need.  1 sge entry per
4220 		 * frame is reseverd for the chain element thus the -1 below.
4221 		 */
4222 		sgemax = ((mpt->m_req_frame_size / sizeof (MPI2_SGE_SIMPLE64))
4223 		    - 1);
4224 		temp = (cookiec - (MPTSAS_MAX_FRAME_SGES64(mpt) - 1)) / sgemax;
4225 
4226 		/*
4227 		 * A little check to see if we need to round up the number
4228 		 * of frames we need
4229 		 */
4230 		if ((cookiec - (MPTSAS_MAX_FRAME_SGES64(mpt) - 1)) - (temp *
4231 		    sgemax) > 1) {
4232 			frames = (temp + 1);
4233 		} else {
4234 			frames = temp;
4235 		}
4236 		dmap = cmd->cmd_sg;
4237 		sge = (pMpi2SGESimple64_t)(&frame->SGL);
4238 
4239 		/*
4240 		 * First fill in the main frame
4241 		 */
4242 		for (j = 1; j < MPTSAS_MAX_FRAME_SGES64(mpt); j++) {
4243 			ddi_put32(acc_hdl, &sge->Address.Low,
4244 			    dmap->addr.address64.Low);
4245 			ddi_put32(acc_hdl, &sge->Address.High,
4246 			    dmap->addr.address64.High);
4247 			ddi_put32(acc_hdl, &sge->FlagsLength, dmap->count);
4248 			flags = ddi_get32(acc_hdl, &sge->FlagsLength);
4249 			flags |= ((uint32_t)(MPI2_SGE_FLAGS_SIMPLE_ELEMENT |
4250 			    MPI2_SGE_FLAGS_SYSTEM_ADDRESS |
4251 			    MPI2_SGE_FLAGS_64_BIT_ADDRESSING) <<
4252 			    MPI2_SGE_FLAGS_SHIFT);
4253 
4254 			/*
4255 			 * If this is the last SGE of this frame
4256 			 * we set the end of list flag
4257 			 */
4258 			if (j == (MPTSAS_MAX_FRAME_SGES64(mpt) - 1)) {
4259 				flags |= ((uint32_t)
4260 				    (MPI2_SGE_FLAGS_LAST_ELEMENT) <<
4261 				    MPI2_SGE_FLAGS_SHIFT);
4262 			}
4263 			if (cmd->cmd_flags & CFLAG_DMASEND) {
4264 				flags |=
4265 				    (MPI2_SGE_FLAGS_HOST_TO_IOC <<
4266 				    MPI2_SGE_FLAGS_SHIFT);
4267 			} else {
4268 				flags |=
4269 				    (MPI2_SGE_FLAGS_IOC_TO_HOST <<
4270 				    MPI2_SGE_FLAGS_SHIFT);
4271 			}
4272 			ddi_put32(acc_hdl, &sge->FlagsLength, flags);
4273 			dmap++;
4274 			sge++;
4275 		}
4276 
4277 		/*
4278 		 * Fill in the chain element in the main frame.
4279 		 * About calculation on ChainOffset:
4280 		 * 1. Struct msg_scsi_io_request has 4 double-words (16 bytes)
4281 		 *    in the end reserved for SGL element storage
4282 		 *    (MPI2_SGE_IO_UNION); we should count it in our
4283 		 *    calculation.  See its definition in the header file.
4284 		 * 2. Constant j is the counter of the current SGL element
4285 		 *    that will be processed, and (j - 1) is the number of
4286 		 *    SGL elements that have been processed (stored in the
4287 		 *    main frame).
4288 		 * 3. ChainOffset value should be in units of double-words (4
4289 		 *    bytes) so the last value should be divided by 4.
4290 		 */
4291 		ddi_put8(acc_hdl, &frame->ChainOffset,
4292 		    (sizeof (MPI2_SCSI_IO_REQUEST) -
4293 		    sizeof (MPI2_SGE_IO_UNION) +
4294 		    (j - 1) * sizeof (MPI2_SGE_SIMPLE64)) >> 2);
4295 		sgechain = (pMpi2SGEChain64_t)sge;
4296 		chainflags = (MPI2_SGE_FLAGS_CHAIN_ELEMENT |
4297 		    MPI2_SGE_FLAGS_SYSTEM_ADDRESS |
4298 		    MPI2_SGE_FLAGS_64_BIT_ADDRESSING);
4299 		ddi_put8(acc_hdl, &sgechain->Flags, chainflags);
4300 
4301 		/*
4302 		 * The size of the next frame is the accurate size of space
4303 		 * (in bytes) used to store the SGL elements. j is the counter
4304 		 * of SGL elements. (j - 1) is the number of SGL elements that
4305 		 * have been processed (stored in frames).
4306 		 */
4307 		if (frames >= 2) {
4308 			chainlength = mpt->m_req_frame_size /
4309 			    sizeof (MPI2_SGE_SIMPLE64) *
4310 			    sizeof (MPI2_SGE_SIMPLE64);
4311 		} else {
4312 			chainlength = ((cookiec - (j - 1)) *
4313 			    sizeof (MPI2_SGE_SIMPLE64));
4314 		}
4315 
4316 		p = cmd->cmd_extra_frames;
4317 
4318 		ddi_put16(acc_hdl, &sgechain->Length, chainlength);
4319 		ddi_put32(acc_hdl, &sgechain->Address.Low,
4320 		    p->m_phys_addr);
4321 		/* SGL is allocated in the first 4G mem range */
4322 		ddi_put32(acc_hdl, &sgechain->Address.High, 0);
4323 
4324 		/*
4325 		 * If there are more than 2 frames left we have to
4326 		 * fill in the next chain offset to the location of
4327 		 * the chain element in the next frame.
4328 		 * sgemax is the number of simple elements in an extra
4329 		 * frame. Note that the value NextChainOffset should be
4330 		 * in double-words (4 bytes).
4331 		 */
4332 		if (frames >= 2) {
4333 			ddi_put8(acc_hdl, &sgechain->NextChainOffset,
4334 			    (sgemax * sizeof (MPI2_SGE_SIMPLE64)) >> 2);
4335 		} else {
4336 			ddi_put8(acc_hdl, &sgechain->NextChainOffset, 0);
4337 		}
4338 
4339 		/*
4340 		 * Jump to next frame;
4341 		 * Starting here, chain buffers go into the per command SGL.
4342 		 * This buffer is allocated when chain buffers are needed.
4343 		 */
4344 		sge = (pMpi2SGESimple64_t)p->m_frames_addr;
4345 		i = cookiec;
4346 
4347 		/*
4348 		 * Start filling in frames with SGE's.  If we
4349 		 * reach the end of frame and still have SGE's
4350 		 * to fill we need to add a chain element and
4351 		 * use another frame.  j will be our counter
4352 		 * for what cookie we are at and i will be
4353 		 * the total cookiec. k is the current frame
4354 		 */
4355 		for (k = 1; k <= frames; k++) {
4356 			for (l = 1; (l <= (sgemax + 1)) && (j <= i); j++, l++) {
4357 
4358 				/*
4359 				 * If we have reached the end of frame
4360 				 * and we have more SGE's to fill in
4361 				 * we have to fill the final entry
4362 				 * with a chain element and then
4363 				 * continue to the next frame
4364 				 */
4365 				if ((l == (sgemax + 1)) && (k != frames)) {
4366 					sgechain = (pMpi2SGEChain64_t)sge;
4367 					j--;
4368 					chainflags = (
4369 					    MPI2_SGE_FLAGS_CHAIN_ELEMENT |
4370 					    MPI2_SGE_FLAGS_SYSTEM_ADDRESS |
4371 					    MPI2_SGE_FLAGS_64_BIT_ADDRESSING);
4372 					ddi_put8(p->m_acc_hdl,
4373 					    &sgechain->Flags, chainflags);
4374 					/*
4375 					 * k is the frame counter and (k + 1)
4376 					 * is the number of the next frame.
4377 					 * Note that frames are in contiguous
4378 					 * memory space.
4379 					 */
4380 					ddi_put32(p->m_acc_hdl,
4381 					    &sgechain->Address.Low,
4382 					    (p->m_phys_addr +
4383 					    (mpt->m_req_frame_size * k)));
4384 					ddi_put32(p->m_acc_hdl,
4385 					    &sgechain->Address.High, 0);
4386 
4387 					/*
4388 					 * If there are more than 2 frames left
4389 					 * we have to next chain offset to
4390 					 * the location of the chain element
4391 					 * in the next frame and fill in the
4392 					 * length of the next chain
4393 					 */
4394 					if ((frames - k) >= 2) {
4395 						ddi_put8(p->m_acc_hdl,
4396 						    &sgechain->NextChainOffset,
4397 						    (sgemax *
4398 						    sizeof (MPI2_SGE_SIMPLE64))
4399 						    >> 2);
4400 						ddi_put16(p->m_acc_hdl,
4401 						    &sgechain->Length,
4402 						    mpt->m_req_frame_size /
4403 						    sizeof (MPI2_SGE_SIMPLE64) *
4404 						    sizeof (MPI2_SGE_SIMPLE64));
4405 					} else {
4406 						/*
4407 						 * This is the last frame. Set
4408 						 * the NextChainOffset to 0 and
4409 						 * Length is the total size of
4410 						 * all remaining simple elements
4411 						 */
4412 						ddi_put8(p->m_acc_hdl,
4413 						    &sgechain->NextChainOffset,
4414 						    0);
4415 						ddi_put16(p->m_acc_hdl,
4416 						    &sgechain->Length,
4417 						    (cookiec - j) *
4418 						    sizeof (MPI2_SGE_SIMPLE64));
4419 					}
4420 
4421 					/* Jump to the next frame */
4422 					sge = (pMpi2SGESimple64_t)
4423 					    ((char *)p->m_frames_addr +
4424 					    (int)mpt->m_req_frame_size * k);
4425 
4426 					continue;
4427 				}
4428 
4429 				ddi_put32(p->m_acc_hdl,
4430 				    &sge->Address.Low,
4431 				    dmap->addr.address64.Low);
4432 				ddi_put32(p->m_acc_hdl,
4433 				    &sge->Address.High,
4434 				    dmap->addr.address64.High);
4435 				ddi_put32(p->m_acc_hdl,
4436 				    &sge->FlagsLength, dmap->count);
4437 				flags = ddi_get32(p->m_acc_hdl,
4438 				    &sge->FlagsLength);
4439 				flags |= ((uint32_t)(
4440 				    MPI2_SGE_FLAGS_SIMPLE_ELEMENT |
4441 				    MPI2_SGE_FLAGS_SYSTEM_ADDRESS |
4442 				    MPI2_SGE_FLAGS_64_BIT_ADDRESSING) <<
4443 				    MPI2_SGE_FLAGS_SHIFT);
4444 
4445 				/*
4446 				 * If we are at the end of the frame and
4447 				 * there is another frame to fill in
4448 				 * we set the last simple element as last
4449 				 * element
4450 				 */
4451 				if ((l == sgemax) && (k != frames)) {
4452 					flags |= ((uint32_t)
4453 					    (MPI2_SGE_FLAGS_LAST_ELEMENT) <<
4454 					    MPI2_SGE_FLAGS_SHIFT);
4455 				}
4456 
4457 				/*
4458 				 * If this is the final cookie we
4459 				 * indicate it by setting the flags
4460 				 */
4461 				if (j == i) {
4462 					flags |= ((uint32_t)
4463 					    (MPI2_SGE_FLAGS_LAST_ELEMENT |
4464 					    MPI2_SGE_FLAGS_END_OF_BUFFER |
4465 					    MPI2_SGE_FLAGS_END_OF_LIST) <<
4466 					    MPI2_SGE_FLAGS_SHIFT);
4467 				}
4468 				if (cmd->cmd_flags & CFLAG_DMASEND) {
4469 					flags |=
4470 					    (MPI2_SGE_FLAGS_HOST_TO_IOC <<
4471 					    MPI2_SGE_FLAGS_SHIFT);
4472 				} else {
4473 					flags |=
4474 					    (MPI2_SGE_FLAGS_IOC_TO_HOST <<
4475 					    MPI2_SGE_FLAGS_SHIFT);
4476 				}
4477 				ddi_put32(p->m_acc_hdl,
4478 				    &sge->FlagsLength, flags);
4479 				dmap++;
4480 				sge++;
4481 			}
4482 		}
4483 
4484 		/*
4485 		 * Sync DMA with the chain buffers that were just created
4486 		 */
4487 		(void) ddi_dma_sync(p->m_dma_hdl, 0, 0, DDI_DMA_SYNC_FORDEV);
4488 	}
4489 }
4490 
4491 /*
4492  * Interrupt handling
4493  * Utility routine.  Poll for status of a command sent to HBA
4494  * without interrupts (a FLAG_NOINTR command).
4495  */
4496 int
4497 mptsas_poll(mptsas_t *mpt, mptsas_cmd_t *poll_cmd, int polltime)
4498 {
4499 	int	rval = TRUE;
4500 
4501 	NDBG5(("mptsas_poll: cmd=0x%p", (void *)poll_cmd));
4502 
4503 	if ((poll_cmd->cmd_flags & CFLAG_TM_CMD) == 0) {
4504 		mptsas_restart_hba(mpt);
4505 	}
4506 
4507 	/*
4508 	 * Wait, using drv_usecwait(), long enough for the command to
4509 	 * reasonably return from the target if the target isn't
4510 	 * "dead".  A polled command may well be sent from scsi_poll, and
4511 	 * there are retries built in to scsi_poll if the transport
4512 	 * accepted the packet (TRAN_ACCEPT).  scsi_poll waits 1 second
4513 	 * and retries the transport up to scsi_poll_busycnt times
4514 	 * (currently 60) if
4515 	 * 1. pkt_reason is CMD_INCOMPLETE and pkt_state is 0, or
4516 	 * 2. pkt_reason is CMD_CMPLT and *pkt_scbp has STATUS_BUSY
4517 	 *
4518 	 * limit the waiting to avoid a hang in the event that the
4519 	 * cmd never gets started but we are still receiving interrupts
4520 	 */
4521 	while (!(poll_cmd->cmd_flags & CFLAG_FINISHED)) {
4522 		if (mptsas_wait_intr(mpt, polltime) == FALSE) {
4523 			NDBG5(("mptsas_poll: command incomplete"));
4524 			rval = FALSE;
4525 			break;
4526 		}
4527 	}
4528 
4529 	if (rval == FALSE) {
4530 
4531 		/*
4532 		 * this isn't supposed to happen, the hba must be wedged
4533 		 * Mark this cmd as a timeout.
4534 		 */
4535 		mptsas_set_pkt_reason(mpt, poll_cmd, CMD_TIMEOUT,
4536 		    (STAT_TIMEOUT|STAT_ABORTED));
4537 
4538 		if (poll_cmd->cmd_queued == FALSE) {
4539 
4540 			NDBG5(("mptsas_poll: not on waitq"));
4541 
4542 			poll_cmd->cmd_pkt->pkt_state |=
4543 			    (STATE_GOT_BUS|STATE_GOT_TARGET|STATE_SENT_CMD);
4544 		} else {
4545 
4546 			/* find and remove it from the waitq */
4547 			NDBG5(("mptsas_poll: delete from waitq"));
4548 			mptsas_waitq_delete(mpt, poll_cmd);
4549 		}
4550 
4551 	}
4552 	mptsas_fma_check(mpt, poll_cmd);
4553 	NDBG5(("mptsas_poll: done"));
4554 	return (rval);
4555 }
4556 
4557 /*
4558  * Used for polling cmds and TM function
4559  */
4560 static int
4561 mptsas_wait_intr(mptsas_t *mpt, int polltime)
4562 {
4563 	int				cnt;
4564 	pMpi2ReplyDescriptorsUnion_t	reply_desc_union;
4565 	uint32_t			int_mask;
4566 
4567 	NDBG5(("mptsas_wait_intr"));
4568 
4569 	mpt->m_polled_intr = 1;
4570 
4571 	/*
4572 	 * Get the current interrupt mask and disable interrupts.  When
4573 	 * re-enabling ints, set mask to saved value.
4574 	 */
4575 	int_mask = ddi_get32(mpt->m_datap, &mpt->m_reg->HostInterruptMask);
4576 	MPTSAS_DISABLE_INTR(mpt);
4577 
4578 	/*
4579 	 * Keep polling for at least (polltime * 1000) seconds
4580 	 */
4581 	for (cnt = 0; cnt < polltime; cnt++) {
4582 		(void) ddi_dma_sync(mpt->m_dma_post_queue_hdl, 0, 0,
4583 		    DDI_DMA_SYNC_FORCPU);
4584 
4585 		reply_desc_union = (pMpi2ReplyDescriptorsUnion_t)
4586 		    MPTSAS_GET_NEXT_REPLY(mpt, mpt->m_post_index);
4587 
4588 		if (ddi_get32(mpt->m_acc_post_queue_hdl,
4589 		    &reply_desc_union->Words.Low) == 0xFFFFFFFF ||
4590 		    ddi_get32(mpt->m_acc_post_queue_hdl,
4591 		    &reply_desc_union->Words.High) == 0xFFFFFFFF) {
4592 			drv_usecwait(1000);
4593 			continue;
4594 		}
4595 
4596 		/*
4597 		 * The reply is valid, process it according to its
4598 		 * type.
4599 		 */
4600 		mptsas_process_intr(mpt, reply_desc_union);
4601 
4602 		if (++mpt->m_post_index == mpt->m_post_queue_depth) {
4603 			mpt->m_post_index = 0;
4604 		}
4605 
4606 		/*
4607 		 * Update the global reply index
4608 		 */
4609 		ddi_put32(mpt->m_datap,
4610 		    &mpt->m_reg->ReplyPostHostIndex, mpt->m_post_index);
4611 		mpt->m_polled_intr = 0;
4612 
4613 		/*
4614 		 * Re-enable interrupts and quit.
4615 		 */
4616 		ddi_put32(mpt->m_datap, &mpt->m_reg->HostInterruptMask,
4617 		    int_mask);
4618 		return (TRUE);
4619 
4620 	}
4621 
4622 	/*
4623 	 * Clear polling flag, re-enable interrupts and quit.
4624 	 */
4625 	mpt->m_polled_intr = 0;
4626 	ddi_put32(mpt->m_datap, &mpt->m_reg->HostInterruptMask, int_mask);
4627 	return (FALSE);
4628 }
4629 
4630 static void
4631 mptsas_handle_scsi_io_success(mptsas_t *mpt,
4632     pMpi2ReplyDescriptorsUnion_t reply_desc)
4633 {
4634 	pMpi2SCSIIOSuccessReplyDescriptor_t	scsi_io_success;
4635 	uint16_t				SMID;
4636 	mptsas_slots_t				*slots = mpt->m_active;
4637 	mptsas_cmd_t				*cmd = NULL;
4638 	struct scsi_pkt				*pkt;
4639 
4640 	ASSERT(mutex_owned(&mpt->m_mutex));
4641 
4642 	scsi_io_success = (pMpi2SCSIIOSuccessReplyDescriptor_t)reply_desc;
4643 	SMID = ddi_get16(mpt->m_acc_post_queue_hdl, &scsi_io_success->SMID);
4644 
4645 	/*
4646 	 * This is a success reply so just complete the IO.  First, do a sanity
4647 	 * check on the SMID.  The final slot is used for TM requests, which
4648 	 * would not come into this reply handler.
4649 	 */
4650 	if ((SMID == 0) || (SMID > slots->m_n_slots)) {
4651 		mptsas_log(mpt, CE_WARN, "?Received invalid SMID of %d\n",
4652 		    SMID);
4653 		ddi_fm_service_impact(mpt->m_dip, DDI_SERVICE_UNAFFECTED);
4654 		return;
4655 	}
4656 
4657 	cmd = slots->m_slot[SMID];
4658 
4659 	/*
4660 	 * print warning and return if the slot is empty
4661 	 */
4662 	if (cmd == NULL) {
4663 		mptsas_log(mpt, CE_WARN, "?NULL command for successful SCSI IO "
4664 		    "in slot %d", SMID);
4665 		return;
4666 	}
4667 
4668 	pkt = CMD2PKT(cmd);
4669 	pkt->pkt_state |= (STATE_GOT_BUS | STATE_GOT_TARGET | STATE_SENT_CMD |
4670 	    STATE_GOT_STATUS);
4671 	if (cmd->cmd_flags & CFLAG_DMAVALID) {
4672 		pkt->pkt_state |= STATE_XFERRED_DATA;
4673 	}
4674 	pkt->pkt_resid = 0;
4675 
4676 	if (cmd->cmd_flags & CFLAG_PASSTHRU) {
4677 		cmd->cmd_flags |= CFLAG_FINISHED;
4678 		cv_broadcast(&mpt->m_passthru_cv);
4679 		return;
4680 	} else {
4681 		mptsas_remove_cmd(mpt, cmd);
4682 	}
4683 
4684 	if (cmd->cmd_flags & CFLAG_RETRY) {
4685 		/*
4686 		 * The target returned QFULL or busy, do not add tihs
4687 		 * pkt to the doneq since the hba will retry
4688 		 * this cmd.
4689 		 *
4690 		 * The pkt has already been resubmitted in
4691 		 * mptsas_handle_qfull() or in mptsas_check_scsi_io_error().
4692 		 * Remove this cmd_flag here.
4693 		 */
4694 		cmd->cmd_flags &= ~CFLAG_RETRY;
4695 	} else {
4696 		mptsas_doneq_add(mpt, cmd);
4697 	}
4698 }
4699 
4700 static void
4701 mptsas_handle_address_reply(mptsas_t *mpt,
4702     pMpi2ReplyDescriptorsUnion_t reply_desc)
4703 {
4704 	pMpi2AddressReplyDescriptor_t	address_reply;
4705 	pMPI2DefaultReply_t		reply;
4706 	mptsas_fw_diagnostic_buffer_t	*pBuffer;
4707 	uint32_t			reply_addr;
4708 	uint16_t			SMID, iocstatus;
4709 	mptsas_slots_t			*slots = mpt->m_active;
4710 	mptsas_cmd_t			*cmd = NULL;
4711 	uint8_t				function, buffer_type;
4712 	m_replyh_arg_t			*args;
4713 	int				reply_frame_no;
4714 
4715 	ASSERT(mutex_owned(&mpt->m_mutex));
4716 
4717 	address_reply = (pMpi2AddressReplyDescriptor_t)reply_desc;
4718 	reply_addr = ddi_get32(mpt->m_acc_post_queue_hdl,
4719 	    &address_reply->ReplyFrameAddress);
4720 	SMID = ddi_get16(mpt->m_acc_post_queue_hdl, &address_reply->SMID);
4721 
4722 	/*
4723 	 * If reply frame is not in the proper range we should ignore this
4724 	 * message and exit the interrupt handler.
4725 	 */
4726 	if ((reply_addr < mpt->m_reply_frame_dma_addr) ||
4727 	    (reply_addr >= (mpt->m_reply_frame_dma_addr +
4728 	    (mpt->m_reply_frame_size * mpt->m_max_replies))) ||
4729 	    ((reply_addr - mpt->m_reply_frame_dma_addr) %
4730 	    mpt->m_reply_frame_size != 0)) {
4731 		mptsas_log(mpt, CE_WARN, "?Received invalid reply frame "
4732 		    "address 0x%x\n", reply_addr);
4733 		ddi_fm_service_impact(mpt->m_dip, DDI_SERVICE_UNAFFECTED);
4734 		return;
4735 	}
4736 
4737 	(void) ddi_dma_sync(mpt->m_dma_reply_frame_hdl, 0, 0,
4738 	    DDI_DMA_SYNC_FORCPU);
4739 	reply = (pMPI2DefaultReply_t)(mpt->m_reply_frame + (reply_addr -
4740 	    mpt->m_reply_frame_dma_addr));
4741 	function = ddi_get8(mpt->m_acc_reply_frame_hdl, &reply->Function);
4742 
4743 	/*
4744 	 * don't get slot information and command for events since these values
4745 	 * don't exist
4746 	 */
4747 	if ((function != MPI2_FUNCTION_EVENT_NOTIFICATION) &&
4748 	    (function != MPI2_FUNCTION_DIAG_BUFFER_POST)) {
4749 		/*
4750 		 * This could be a TM reply, which use the last allocated SMID,
4751 		 * so allow for that.
4752 		 */
4753 		if ((SMID == 0) || (SMID > (slots->m_n_slots + 1))) {
4754 			mptsas_log(mpt, CE_WARN, "?Received invalid SMID of "
4755 			    "%d\n", SMID);
4756 			ddi_fm_service_impact(mpt->m_dip,
4757 			    DDI_SERVICE_UNAFFECTED);
4758 			return;
4759 		}
4760 
4761 		cmd = slots->m_slot[SMID];
4762 
4763 		/*
4764 		 * print warning and return if the slot is empty
4765 		 */
4766 		if (cmd == NULL) {
4767 			mptsas_log(mpt, CE_WARN, "?NULL command for address "
4768 			    "reply in slot %d", SMID);
4769 			return;
4770 		}
4771 		if ((cmd->cmd_flags & CFLAG_PASSTHRU) ||
4772 		    (cmd->cmd_flags & CFLAG_CONFIG) ||
4773 		    (cmd->cmd_flags & CFLAG_FW_DIAG)) {
4774 			cmd->cmd_rfm = reply_addr;
4775 			cmd->cmd_flags |= CFLAG_FINISHED;
4776 			cv_broadcast(&mpt->m_passthru_cv);
4777 			cv_broadcast(&mpt->m_config_cv);
4778 			cv_broadcast(&mpt->m_fw_diag_cv);
4779 			return;
4780 		} else if (!(cmd->cmd_flags & CFLAG_FW_CMD)) {
4781 			mptsas_remove_cmd(mpt, cmd);
4782 		}
4783 		NDBG31(("\t\tmptsas_process_intr: slot=%d", SMID));
4784 	}
4785 	/*
4786 	 * Depending on the function, we need to handle
4787 	 * the reply frame (and cmd) differently.
4788 	 */
4789 	switch (function) {
4790 	case MPI2_FUNCTION_SCSI_IO_REQUEST:
4791 		mptsas_check_scsi_io_error(mpt, (pMpi2SCSIIOReply_t)reply, cmd);
4792 		break;
4793 	case MPI2_FUNCTION_SCSI_TASK_MGMT:
4794 		cmd->cmd_rfm = reply_addr;
4795 		mptsas_check_task_mgt(mpt, (pMpi2SCSIManagementReply_t)reply,
4796 		    cmd);
4797 		break;
4798 	case MPI2_FUNCTION_FW_DOWNLOAD:
4799 		cmd->cmd_flags |= CFLAG_FINISHED;
4800 		cv_signal(&mpt->m_fw_cv);
4801 		break;
4802 	case MPI2_FUNCTION_EVENT_NOTIFICATION:
4803 		reply_frame_no = (reply_addr - mpt->m_reply_frame_dma_addr) /
4804 		    mpt->m_reply_frame_size;
4805 		args = &mpt->m_replyh_args[reply_frame_no];
4806 		args->mpt = (void *)mpt;
4807 		args->rfm = reply_addr;
4808 
4809 		/*
4810 		 * Record the event if its type is enabled in
4811 		 * this mpt instance by ioctl.
4812 		 */
4813 		mptsas_record_event(args);
4814 
4815 		/*
4816 		 * Handle time critical events
4817 		 * NOT_RESPONDING/ADDED only now
4818 		 */
4819 		if (mptsas_handle_event_sync(args) == DDI_SUCCESS) {
4820 			/*
4821 			 * Would not return main process,
4822 			 * just let taskq resolve ack action
4823 			 * and ack would be sent in taskq thread
4824 			 */
4825 			NDBG20(("send mptsas_handle_event_sync success"));
4826 		}
4827 		if ((ddi_taskq_dispatch(mpt->m_event_taskq, mptsas_handle_event,
4828 		    (void *)args, DDI_NOSLEEP)) != DDI_SUCCESS) {
4829 			mptsas_log(mpt, CE_WARN, "No memory available"
4830 			"for dispatch taskq");
4831 			/*
4832 			 * Return the reply frame to the free queue.
4833 			 */
4834 			ddi_put32(mpt->m_acc_free_queue_hdl,
4835 			    &((uint32_t *)(void *)
4836 			    mpt->m_free_queue)[mpt->m_free_index], reply_addr);
4837 			(void) ddi_dma_sync(mpt->m_dma_free_queue_hdl, 0, 0,
4838 			    DDI_DMA_SYNC_FORDEV);
4839 			if (++mpt->m_free_index == mpt->m_free_queue_depth) {
4840 				mpt->m_free_index = 0;
4841 			}
4842 
4843 			ddi_put32(mpt->m_datap,
4844 			    &mpt->m_reg->ReplyFreeHostIndex, mpt->m_free_index);
4845 		}
4846 		return;
4847 	case MPI2_FUNCTION_DIAG_BUFFER_POST:
4848 		/*
4849 		 * If SMID is 0, this implies that the reply is due to a
4850 		 * release function with a status that the buffer has been
4851 		 * released.  Set the buffer flags accordingly.
4852 		 */
4853 		if (SMID == 0) {
4854 			iocstatus = ddi_get16(mpt->m_acc_reply_frame_hdl,
4855 			    &reply->IOCStatus);
4856 			buffer_type = ddi_get8(mpt->m_acc_reply_frame_hdl,
4857 			    &(((pMpi2DiagBufferPostReply_t)reply)->BufferType));
4858 			if (iocstatus == MPI2_IOCSTATUS_DIAGNOSTIC_RELEASED) {
4859 				pBuffer =
4860 				    &mpt->m_fw_diag_buffer_list[buffer_type];
4861 				pBuffer->valid_data = TRUE;
4862 				pBuffer->owned_by_firmware = FALSE;
4863 				pBuffer->immediate = FALSE;
4864 			}
4865 		} else {
4866 			/*
4867 			 * Normal handling of diag post reply with SMID.
4868 			 */
4869 			cmd = slots->m_slot[SMID];
4870 
4871 			/*
4872 			 * print warning and return if the slot is empty
4873 			 */
4874 			if (cmd == NULL) {
4875 				mptsas_log(mpt, CE_WARN, "?NULL command for "
4876 				    "address reply in slot %d", SMID);
4877 				return;
4878 			}
4879 			cmd->cmd_rfm = reply_addr;
4880 			cmd->cmd_flags |= CFLAG_FINISHED;
4881 			cv_broadcast(&mpt->m_fw_diag_cv);
4882 		}
4883 		return;
4884 	default:
4885 		mptsas_log(mpt, CE_WARN, "Unknown function 0x%x ", function);
4886 		break;
4887 	}
4888 
4889 	/*
4890 	 * Return the reply frame to the free queue.
4891 	 */
4892 	ddi_put32(mpt->m_acc_free_queue_hdl,
4893 	    &((uint32_t *)(void *)mpt->m_free_queue)[mpt->m_free_index],
4894 	    reply_addr);
4895 	(void) ddi_dma_sync(mpt->m_dma_free_queue_hdl, 0, 0,
4896 	    DDI_DMA_SYNC_FORDEV);
4897 	if (++mpt->m_free_index == mpt->m_free_queue_depth) {
4898 		mpt->m_free_index = 0;
4899 	}
4900 	ddi_put32(mpt->m_datap, &mpt->m_reg->ReplyFreeHostIndex,
4901 	    mpt->m_free_index);
4902 
4903 	if (cmd->cmd_flags & CFLAG_FW_CMD)
4904 		return;
4905 
4906 	if (cmd->cmd_flags & CFLAG_RETRY) {
4907 		/*
4908 		 * The target returned QFULL or busy, do not add tihs
4909 		 * pkt to the doneq since the hba will retry
4910 		 * this cmd.
4911 		 *
4912 		 * The pkt has already been resubmitted in
4913 		 * mptsas_handle_qfull() or in mptsas_check_scsi_io_error().
4914 		 * Remove this cmd_flag here.
4915 		 */
4916 		cmd->cmd_flags &= ~CFLAG_RETRY;
4917 	} else {
4918 		mptsas_doneq_add(mpt, cmd);
4919 	}
4920 }
4921 
4922 static void
4923 mptsas_check_scsi_io_error(mptsas_t *mpt, pMpi2SCSIIOReply_t reply,
4924     mptsas_cmd_t *cmd)
4925 {
4926 	uint8_t			scsi_status, scsi_state;
4927 	uint16_t		ioc_status;
4928 	uint32_t		xferred, sensecount, responsedata, loginfo = 0;
4929 	struct scsi_pkt		*pkt;
4930 	struct scsi_arq_status	*arqstat;
4931 	struct buf		*bp;
4932 	mptsas_target_t		*ptgt = cmd->cmd_tgt_addr;
4933 	uint8_t			*sensedata = NULL;
4934 
4935 	if ((cmd->cmd_flags & (CFLAG_SCBEXTERN | CFLAG_EXTARQBUFVALID)) ==
4936 	    (CFLAG_SCBEXTERN | CFLAG_EXTARQBUFVALID)) {
4937 		bp = cmd->cmd_ext_arq_buf;
4938 	} else {
4939 		bp = cmd->cmd_arq_buf;
4940 	}
4941 
4942 	scsi_status = ddi_get8(mpt->m_acc_reply_frame_hdl, &reply->SCSIStatus);
4943 	ioc_status = ddi_get16(mpt->m_acc_reply_frame_hdl, &reply->IOCStatus);
4944 	scsi_state = ddi_get8(mpt->m_acc_reply_frame_hdl, &reply->SCSIState);
4945 	xferred = ddi_get32(mpt->m_acc_reply_frame_hdl, &reply->TransferCount);
4946 	sensecount = ddi_get32(mpt->m_acc_reply_frame_hdl, &reply->SenseCount);
4947 	responsedata = ddi_get32(mpt->m_acc_reply_frame_hdl,
4948 	    &reply->ResponseInfo);
4949 
4950 	if (ioc_status & MPI2_IOCSTATUS_FLAG_LOG_INFO_AVAILABLE) {
4951 		loginfo = ddi_get32(mpt->m_acc_reply_frame_hdl,
4952 		    &reply->IOCLogInfo);
4953 		mptsas_log(mpt, CE_NOTE,
4954 		    "?Log info 0x%x received for target %d.\n"
4955 		    "\tscsi_status=0x%x, ioc_status=0x%x, scsi_state=0x%x",
4956 		    loginfo, Tgt(cmd), scsi_status, ioc_status,
4957 		    scsi_state);
4958 	}
4959 
4960 	NDBG31(("\t\tscsi_status=0x%x, ioc_status=0x%x, scsi_state=0x%x",
4961 	    scsi_status, ioc_status, scsi_state));
4962 
4963 	pkt = CMD2PKT(cmd);
4964 	*(pkt->pkt_scbp) = scsi_status;
4965 
4966 	if (loginfo == 0x31170000) {
4967 		/*
4968 		 * if loginfo PL_LOGINFO_CODE_IO_DEVICE_MISSING_DELAY_RETRY
4969 		 * 0x31170000 comes, that means the device missing delay
4970 		 * is in progressing, the command need retry later.
4971 		 */
4972 		*(pkt->pkt_scbp) = STATUS_BUSY;
4973 		return;
4974 	}
4975 
4976 	if ((scsi_state & MPI2_SCSI_STATE_NO_SCSI_STATUS) &&
4977 	    ((ioc_status & MPI2_IOCSTATUS_MASK) ==
4978 	    MPI2_IOCSTATUS_SCSI_DEVICE_NOT_THERE)) {
4979 		pkt->pkt_reason = CMD_INCOMPLETE;
4980 		pkt->pkt_state |= STATE_GOT_BUS;
4981 		if (ptgt->m_reset_delay == 0) {
4982 			mptsas_set_throttle(mpt, ptgt,
4983 			    DRAIN_THROTTLE);
4984 		}
4985 		return;
4986 	}
4987 
4988 	if (scsi_state & MPI2_SCSI_STATE_RESPONSE_INFO_VALID) {
4989 		responsedata &= 0x000000FF;
4990 		if (responsedata & MPTSAS_SCSI_RESPONSE_CODE_TLR_OFF) {
4991 			mptsas_log(mpt, CE_NOTE, "Do not support the TLR\n");
4992 			pkt->pkt_reason = CMD_TLR_OFF;
4993 			return;
4994 		}
4995 	}
4996 
4997 
4998 	switch (scsi_status) {
4999 	case MPI2_SCSI_STATUS_CHECK_CONDITION:
5000 		pkt->pkt_resid = (cmd->cmd_dmacount - xferred);
5001 		arqstat = (void*)(pkt->pkt_scbp);
5002 		arqstat->sts_rqpkt_status = *((struct scsi_status *)
5003 		    (pkt->pkt_scbp));
5004 		pkt->pkt_state |= (STATE_GOT_BUS | STATE_GOT_TARGET |
5005 		    STATE_SENT_CMD | STATE_GOT_STATUS | STATE_ARQ_DONE);
5006 		if (cmd->cmd_flags & CFLAG_XARQ) {
5007 			pkt->pkt_state |= STATE_XARQ_DONE;
5008 		}
5009 		if (pkt->pkt_resid != cmd->cmd_dmacount) {
5010 			pkt->pkt_state |= STATE_XFERRED_DATA;
5011 		}
5012 		arqstat->sts_rqpkt_reason = pkt->pkt_reason;
5013 		arqstat->sts_rqpkt_state  = pkt->pkt_state;
5014 		arqstat->sts_rqpkt_state |= STATE_XFERRED_DATA;
5015 		arqstat->sts_rqpkt_statistics = pkt->pkt_statistics;
5016 		sensedata = (uint8_t *)&arqstat->sts_sensedata;
5017 
5018 		bcopy((uchar_t *)bp->b_un.b_addr, sensedata,
5019 		    ((cmd->cmd_rqslen >= sensecount) ? sensecount :
5020 		    cmd->cmd_rqslen));
5021 		arqstat->sts_rqpkt_resid = (cmd->cmd_rqslen - sensecount);
5022 		cmd->cmd_flags |= CFLAG_CMDARQ;
5023 		/*
5024 		 * Set proper status for pkt if autosense was valid
5025 		 */
5026 		if (scsi_state & MPI2_SCSI_STATE_AUTOSENSE_VALID) {
5027 			struct scsi_status zero_status = { 0 };
5028 			arqstat->sts_rqpkt_status = zero_status;
5029 		}
5030 
5031 		/*
5032 		 * ASC=0x47 is parity error
5033 		 * ASC=0x48 is initiator detected error received
5034 		 */
5035 		if ((scsi_sense_key(sensedata) == KEY_ABORTED_COMMAND) &&
5036 		    ((scsi_sense_asc(sensedata) == 0x47) ||
5037 		    (scsi_sense_asc(sensedata) == 0x48))) {
5038 			mptsas_log(mpt, CE_NOTE, "Aborted_command!");
5039 		}
5040 
5041 		/*
5042 		 * ASC/ASCQ=0x3F/0x0E means report_luns data changed
5043 		 * ASC/ASCQ=0x25/0x00 means invalid lun
5044 		 */
5045 		if (((scsi_sense_key(sensedata) == KEY_UNIT_ATTENTION) &&
5046 		    (scsi_sense_asc(sensedata) == 0x3F) &&
5047 		    (scsi_sense_ascq(sensedata) == 0x0E)) ||
5048 		    ((scsi_sense_key(sensedata) == KEY_ILLEGAL_REQUEST) &&
5049 		    (scsi_sense_asc(sensedata) == 0x25) &&
5050 		    (scsi_sense_ascq(sensedata) == 0x00))) {
5051 			mptsas_topo_change_list_t *topo_node = NULL;
5052 
5053 			topo_node = kmem_zalloc(
5054 			    sizeof (mptsas_topo_change_list_t),
5055 			    KM_NOSLEEP);
5056 			if (topo_node == NULL) {
5057 				mptsas_log(mpt, CE_NOTE, "No memory"
5058 				    "resource for handle SAS dynamic"
5059 				    "reconfigure.\n");
5060 				break;
5061 			}
5062 			topo_node->mpt = mpt;
5063 			topo_node->event = MPTSAS_DR_EVENT_RECONFIG_TARGET;
5064 			topo_node->un.phymask = ptgt->m_phymask;
5065 			topo_node->devhdl = ptgt->m_devhdl;
5066 			topo_node->object = (void *)ptgt;
5067 			topo_node->flags = MPTSAS_TOPO_FLAG_LUN_ASSOCIATED;
5068 
5069 			if ((ddi_taskq_dispatch(mpt->m_dr_taskq,
5070 			    mptsas_handle_dr,
5071 			    (void *)topo_node,
5072 			    DDI_NOSLEEP)) != DDI_SUCCESS) {
5073 				mptsas_log(mpt, CE_NOTE, "mptsas start taskq"
5074 				    "for handle SAS dynamic reconfigure"
5075 				    "failed. \n");
5076 			}
5077 		}
5078 		break;
5079 	case MPI2_SCSI_STATUS_GOOD:
5080 		switch (ioc_status & MPI2_IOCSTATUS_MASK) {
5081 		case MPI2_IOCSTATUS_SCSI_DEVICE_NOT_THERE:
5082 			pkt->pkt_reason = CMD_DEV_GONE;
5083 			pkt->pkt_state |= STATE_GOT_BUS;
5084 			if (ptgt->m_reset_delay == 0) {
5085 				mptsas_set_throttle(mpt, ptgt, DRAIN_THROTTLE);
5086 			}
5087 			NDBG31(("lost disk for target%d, command:%x",
5088 			    Tgt(cmd), pkt->pkt_cdbp[0]));
5089 			break;
5090 		case MPI2_IOCSTATUS_SCSI_DATA_OVERRUN:
5091 			NDBG31(("data overrun: xferred=%d", xferred));
5092 			NDBG31(("dmacount=%d", cmd->cmd_dmacount));
5093 			pkt->pkt_reason = CMD_DATA_OVR;
5094 			pkt->pkt_state |= (STATE_GOT_BUS | STATE_GOT_TARGET
5095 			    | STATE_SENT_CMD | STATE_GOT_STATUS
5096 			    | STATE_XFERRED_DATA);
5097 			pkt->pkt_resid = 0;
5098 			break;
5099 		case MPI2_IOCSTATUS_SCSI_RESIDUAL_MISMATCH:
5100 		case MPI2_IOCSTATUS_SCSI_DATA_UNDERRUN:
5101 			NDBG31(("data underrun: xferred=%d", xferred));
5102 			NDBG31(("dmacount=%d", cmd->cmd_dmacount));
5103 			pkt->pkt_state |= (STATE_GOT_BUS | STATE_GOT_TARGET
5104 			    | STATE_SENT_CMD | STATE_GOT_STATUS);
5105 			pkt->pkt_resid = (cmd->cmd_dmacount - xferred);
5106 			if (pkt->pkt_resid != cmd->cmd_dmacount) {
5107 				pkt->pkt_state |= STATE_XFERRED_DATA;
5108 			}
5109 			break;
5110 		case MPI2_IOCSTATUS_SCSI_TASK_TERMINATED:
5111 			mptsas_set_pkt_reason(mpt,
5112 			    cmd, CMD_RESET, STAT_BUS_RESET);
5113 			break;
5114 		case MPI2_IOCSTATUS_SCSI_IOC_TERMINATED:
5115 		case MPI2_IOCSTATUS_SCSI_EXT_TERMINATED:
5116 			mptsas_set_pkt_reason(mpt,
5117 			    cmd, CMD_RESET, STAT_DEV_RESET);
5118 			break;
5119 		case MPI2_IOCSTATUS_SCSI_IO_DATA_ERROR:
5120 		case MPI2_IOCSTATUS_SCSI_PROTOCOL_ERROR:
5121 			pkt->pkt_state |= (STATE_GOT_BUS | STATE_GOT_TARGET);
5122 			mptsas_set_pkt_reason(mpt,
5123 			    cmd, CMD_TERMINATED, STAT_TERMINATED);
5124 			break;
5125 		case MPI2_IOCSTATUS_INSUFFICIENT_RESOURCES:
5126 		case MPI2_IOCSTATUS_BUSY:
5127 			/*
5128 			 * set throttles to drain
5129 			 */
5130 			ptgt = (mptsas_target_t *)mptsas_hash_traverse(
5131 			    &mpt->m_active->m_tgttbl, MPTSAS_HASH_FIRST);
5132 			while (ptgt != NULL) {
5133 				mptsas_set_throttle(mpt, ptgt, DRAIN_THROTTLE);
5134 
5135 				ptgt = (mptsas_target_t *)mptsas_hash_traverse(
5136 				    &mpt->m_active->m_tgttbl, MPTSAS_HASH_NEXT);
5137 			}
5138 
5139 			/*
5140 			 * retry command
5141 			 */
5142 			cmd->cmd_flags |= CFLAG_RETRY;
5143 			cmd->cmd_pkt_flags |= FLAG_HEAD;
5144 
5145 			(void) mptsas_accept_pkt(mpt, cmd);
5146 			break;
5147 		default:
5148 			mptsas_log(mpt, CE_WARN,
5149 			    "unknown ioc_status = %x\n", ioc_status);
5150 			mptsas_log(mpt, CE_CONT, "scsi_state = %x, transfer "
5151 			    "count = %x, scsi_status = %x", scsi_state,
5152 			    xferred, scsi_status);
5153 			break;
5154 		}
5155 		break;
5156 	case MPI2_SCSI_STATUS_TASK_SET_FULL:
5157 		mptsas_handle_qfull(mpt, cmd);
5158 		break;
5159 	case MPI2_SCSI_STATUS_BUSY:
5160 		NDBG31(("scsi_status busy received"));
5161 		break;
5162 	case MPI2_SCSI_STATUS_RESERVATION_CONFLICT:
5163 		NDBG31(("scsi_status reservation conflict received"));
5164 		break;
5165 	default:
5166 		mptsas_log(mpt, CE_WARN, "scsi_status=%x, ioc_status=%x\n",
5167 		    scsi_status, ioc_status);
5168 		mptsas_log(mpt, CE_WARN,
5169 		    "mptsas_process_intr: invalid scsi status\n");
5170 		break;
5171 	}
5172 }
5173 
5174 static void
5175 mptsas_check_task_mgt(mptsas_t *mpt, pMpi2SCSIManagementReply_t reply,
5176 	mptsas_cmd_t *cmd)
5177 {
5178 	uint8_t		task_type;
5179 	uint16_t	ioc_status;
5180 	uint32_t	log_info;
5181 	uint16_t	dev_handle;
5182 	struct scsi_pkt *pkt = CMD2PKT(cmd);
5183 
5184 	task_type = ddi_get8(mpt->m_acc_reply_frame_hdl, &reply->TaskType);
5185 	ioc_status = ddi_get16(mpt->m_acc_reply_frame_hdl, &reply->IOCStatus);
5186 	log_info = ddi_get32(mpt->m_acc_reply_frame_hdl, &reply->IOCLogInfo);
5187 	dev_handle = ddi_get16(mpt->m_acc_reply_frame_hdl, &reply->DevHandle);
5188 
5189 	if (ioc_status != MPI2_IOCSTATUS_SUCCESS) {
5190 		mptsas_log(mpt, CE_WARN, "mptsas_check_task_mgt: Task 0x%x "
5191 		    "failed. IOCStatus=0x%x IOCLogInfo=0x%x target=%d\n",
5192 		    task_type, ioc_status, log_info, dev_handle);
5193 		pkt->pkt_reason = CMD_INCOMPLETE;
5194 		return;
5195 	}
5196 
5197 	switch (task_type) {
5198 	case MPI2_SCSITASKMGMT_TASKTYPE_ABORT_TASK:
5199 	case MPI2_SCSITASKMGMT_TASKTYPE_CLEAR_TASK_SET:
5200 	case MPI2_SCSITASKMGMT_TASKTYPE_QUERY_TASK:
5201 	case MPI2_SCSITASKMGMT_TASKTYPE_CLR_ACA:
5202 	case MPI2_SCSITASKMGMT_TASKTYPE_QRY_TASK_SET:
5203 	case MPI2_SCSITASKMGMT_TASKTYPE_QRY_UNIT_ATTENTION:
5204 		break;
5205 	case MPI2_SCSITASKMGMT_TASKTYPE_ABRT_TASK_SET:
5206 	case MPI2_SCSITASKMGMT_TASKTYPE_LOGICAL_UNIT_RESET:
5207 	case MPI2_SCSITASKMGMT_TASKTYPE_TARGET_RESET:
5208 		/*
5209 		 * Check for invalid DevHandle of 0 in case application
5210 		 * sends bad command.  DevHandle of 0 could cause problems.
5211 		 */
5212 		if (dev_handle == 0) {
5213 			mptsas_log(mpt, CE_WARN, "!Can't flush target with"
5214 			    " DevHandle of 0.");
5215 		} else {
5216 			mptsas_flush_target(mpt, dev_handle, Lun(cmd),
5217 			    task_type);
5218 		}
5219 		break;
5220 	default:
5221 		mptsas_log(mpt, CE_WARN, "Unknown task management type %d.",
5222 		    task_type);
5223 		mptsas_log(mpt, CE_WARN, "ioc status = %x", ioc_status);
5224 		break;
5225 	}
5226 }
5227 
5228 static void
5229 mptsas_doneq_thread(mptsas_doneq_thread_arg_t *arg)
5230 {
5231 	mptsas_t			*mpt = arg->mpt;
5232 	uint64_t			t = arg->t;
5233 	mptsas_cmd_t			*cmd;
5234 	struct scsi_pkt			*pkt;
5235 	mptsas_doneq_thread_list_t	*item = &mpt->m_doneq_thread_id[t];
5236 
5237 	mutex_enter(&item->mutex);
5238 	while (item->flag & MPTSAS_DONEQ_THREAD_ACTIVE) {
5239 		if (!item->doneq) {
5240 			cv_wait(&item->cv, &item->mutex);
5241 		}
5242 		pkt = NULL;
5243 		if ((cmd = mptsas_doneq_thread_rm(mpt, t)) != NULL) {
5244 			cmd->cmd_flags |= CFLAG_COMPLETED;
5245 			pkt = CMD2PKT(cmd);
5246 		}
5247 		mutex_exit(&item->mutex);
5248 		if (pkt) {
5249 			mptsas_pkt_comp(pkt, cmd);
5250 		}
5251 		mutex_enter(&item->mutex);
5252 	}
5253 	mutex_exit(&item->mutex);
5254 	mutex_enter(&mpt->m_doneq_mutex);
5255 	mpt->m_doneq_thread_n--;
5256 	cv_broadcast(&mpt->m_doneq_thread_cv);
5257 	mutex_exit(&mpt->m_doneq_mutex);
5258 }
5259 
5260 
5261 /*
5262  * mpt interrupt handler.
5263  */
5264 static uint_t
5265 mptsas_intr(caddr_t arg1, caddr_t arg2)
5266 {
5267 	mptsas_t			*mpt = (void *)arg1;
5268 	pMpi2ReplyDescriptorsUnion_t	reply_desc_union;
5269 	uchar_t				did_reply = FALSE;
5270 
5271 	NDBG1(("mptsas_intr: arg1 0x%p arg2 0x%p", (void *)arg1, (void *)arg2));
5272 
5273 	mutex_enter(&mpt->m_mutex);
5274 
5275 	/*
5276 	 * If interrupts are shared by two channels then check whether this
5277 	 * interrupt is genuinely for this channel by making sure first the
5278 	 * chip is in high power state.
5279 	 */
5280 	if ((mpt->m_options & MPTSAS_OPT_PM) &&
5281 	    (mpt->m_power_level != PM_LEVEL_D0)) {
5282 		mutex_exit(&mpt->m_mutex);
5283 		return (DDI_INTR_UNCLAIMED);
5284 	}
5285 
5286 	/*
5287 	 * If polling, interrupt was triggered by some shared interrupt because
5288 	 * IOC interrupts are disabled during polling, so polling routine will
5289 	 * handle any replies.  Considering this, if polling is happening,
5290 	 * return with interrupt unclaimed.
5291 	 */
5292 	if (mpt->m_polled_intr) {
5293 		mutex_exit(&mpt->m_mutex);
5294 		mptsas_log(mpt, CE_WARN, "mpt_sas: Unclaimed interrupt");
5295 		return (DDI_INTR_UNCLAIMED);
5296 	}
5297 
5298 	/*
5299 	 * Read the istat register.
5300 	 */
5301 	if ((INTPENDING(mpt)) != 0) {
5302 		/*
5303 		 * read fifo until empty.
5304 		 */
5305 #ifndef __lock_lint
5306 		_NOTE(CONSTCOND)
5307 #endif
5308 		while (TRUE) {
5309 			(void) ddi_dma_sync(mpt->m_dma_post_queue_hdl, 0, 0,
5310 			    DDI_DMA_SYNC_FORCPU);
5311 			reply_desc_union = (pMpi2ReplyDescriptorsUnion_t)
5312 			    MPTSAS_GET_NEXT_REPLY(mpt, mpt->m_post_index);
5313 
5314 			if (ddi_get32(mpt->m_acc_post_queue_hdl,
5315 			    &reply_desc_union->Words.Low) == 0xFFFFFFFF ||
5316 			    ddi_get32(mpt->m_acc_post_queue_hdl,
5317 			    &reply_desc_union->Words.High) == 0xFFFFFFFF) {
5318 				break;
5319 			}
5320 
5321 			/*
5322 			 * The reply is valid, process it according to its
5323 			 * type.  Also, set a flag for updating the reply index
5324 			 * after they've all been processed.
5325 			 */
5326 			did_reply = TRUE;
5327 
5328 			mptsas_process_intr(mpt, reply_desc_union);
5329 
5330 			/*
5331 			 * Increment post index and roll over if needed.
5332 			 */
5333 			if (++mpt->m_post_index == mpt->m_post_queue_depth) {
5334 				mpt->m_post_index = 0;
5335 			}
5336 		}
5337 
5338 		/*
5339 		 * Update the global reply index if at least one reply was
5340 		 * processed.
5341 		 */
5342 		if (did_reply) {
5343 			ddi_put32(mpt->m_datap,
5344 			    &mpt->m_reg->ReplyPostHostIndex, mpt->m_post_index);
5345 		}
5346 	} else {
5347 		mutex_exit(&mpt->m_mutex);
5348 		return (DDI_INTR_UNCLAIMED);
5349 	}
5350 	NDBG1(("mptsas_intr complete"));
5351 
5352 	/*
5353 	 * If no helper threads are created, process the doneq in ISR. If
5354 	 * helpers are created, use the doneq length as a metric to measure the
5355 	 * load on the interrupt CPU. If it is long enough, which indicates the
5356 	 * load is heavy, then we deliver the IO completions to the helpers.
5357 	 * This measurement has some limitations, although it is simple and
5358 	 * straightforward and works well for most of the cases at present.
5359 	 */
5360 	if (!mpt->m_doneq_thread_n ||
5361 	    (mpt->m_doneq_len <= mpt->m_doneq_length_threshold)) {
5362 		mptsas_doneq_empty(mpt);
5363 	} else {
5364 		mptsas_deliver_doneq_thread(mpt);
5365 	}
5366 
5367 	/*
5368 	 * If there are queued cmd, start them now.
5369 	 */
5370 	if (mpt->m_waitq != NULL) {
5371 		mptsas_restart_waitq(mpt);
5372 	}
5373 
5374 	mutex_exit(&mpt->m_mutex);
5375 	return (DDI_INTR_CLAIMED);
5376 }
5377 
5378 static void
5379 mptsas_process_intr(mptsas_t *mpt,
5380     pMpi2ReplyDescriptorsUnion_t reply_desc_union)
5381 {
5382 	uint8_t	reply_type;
5383 
5384 	ASSERT(mutex_owned(&mpt->m_mutex));
5385 
5386 	/*
5387 	 * The reply is valid, process it according to its
5388 	 * type.  Also, set a flag for updated the reply index
5389 	 * after they've all been processed.
5390 	 */
5391 	reply_type = ddi_get8(mpt->m_acc_post_queue_hdl,
5392 	    &reply_desc_union->Default.ReplyFlags);
5393 	reply_type &= MPI2_RPY_DESCRIPT_FLAGS_TYPE_MASK;
5394 	if (reply_type == MPI2_RPY_DESCRIPT_FLAGS_SCSI_IO_SUCCESS) {
5395 		mptsas_handle_scsi_io_success(mpt, reply_desc_union);
5396 	} else if (reply_type == MPI2_RPY_DESCRIPT_FLAGS_ADDRESS_REPLY) {
5397 		mptsas_handle_address_reply(mpt, reply_desc_union);
5398 	} else {
5399 		mptsas_log(mpt, CE_WARN, "?Bad reply type %x", reply_type);
5400 		ddi_fm_service_impact(mpt->m_dip, DDI_SERVICE_UNAFFECTED);
5401 	}
5402 
5403 	/*
5404 	 * Clear the reply descriptor for re-use and increment
5405 	 * index.
5406 	 */
5407 	ddi_put64(mpt->m_acc_post_queue_hdl,
5408 	    &((uint64_t *)(void *)mpt->m_post_queue)[mpt->m_post_index],
5409 	    0xFFFFFFFFFFFFFFFF);
5410 	(void) ddi_dma_sync(mpt->m_dma_post_queue_hdl, 0, 0,
5411 	    DDI_DMA_SYNC_FORDEV);
5412 }
5413 
5414 /*
5415  * handle qfull condition
5416  */
5417 static void
5418 mptsas_handle_qfull(mptsas_t *mpt, mptsas_cmd_t *cmd)
5419 {
5420 	mptsas_target_t	*ptgt = cmd->cmd_tgt_addr;
5421 
5422 	if ((++cmd->cmd_qfull_retries > ptgt->m_qfull_retries) ||
5423 	    (ptgt->m_qfull_retries == 0)) {
5424 		/*
5425 		 * We have exhausted the retries on QFULL, or,
5426 		 * the target driver has indicated that it
5427 		 * wants to handle QFULL itself by setting
5428 		 * qfull-retries capability to 0. In either case
5429 		 * we want the target driver's QFULL handling
5430 		 * to kick in. We do this by having pkt_reason
5431 		 * as CMD_CMPLT and pkt_scbp as STATUS_QFULL.
5432 		 */
5433 		mptsas_set_throttle(mpt, ptgt, DRAIN_THROTTLE);
5434 	} else {
5435 		if (ptgt->m_reset_delay == 0) {
5436 			ptgt->m_t_throttle =
5437 			    max((ptgt->m_t_ncmds - 2), 0);
5438 		}
5439 
5440 		cmd->cmd_pkt_flags |= FLAG_HEAD;
5441 		cmd->cmd_flags &= ~(CFLAG_TRANFLAG);
5442 		cmd->cmd_flags |= CFLAG_RETRY;
5443 
5444 		(void) mptsas_accept_pkt(mpt, cmd);
5445 
5446 		/*
5447 		 * when target gives queue full status with no commands
5448 		 * outstanding (m_t_ncmds == 0), throttle is set to 0
5449 		 * (HOLD_THROTTLE), and the queue full handling start
5450 		 * (see psarc/1994/313); if there are commands outstanding,
5451 		 * throttle is set to (m_t_ncmds - 2)
5452 		 */
5453 		if (ptgt->m_t_throttle == HOLD_THROTTLE) {
5454 			/*
5455 			 * By setting throttle to QFULL_THROTTLE, we
5456 			 * avoid submitting new commands and in
5457 			 * mptsas_restart_cmd find out slots which need
5458 			 * their throttles to be cleared.
5459 			 */
5460 			mptsas_set_throttle(mpt, ptgt, QFULL_THROTTLE);
5461 			if (mpt->m_restart_cmd_timeid == 0) {
5462 				mpt->m_restart_cmd_timeid =
5463 				    timeout(mptsas_restart_cmd, mpt,
5464 				    ptgt->m_qfull_retry_interval);
5465 			}
5466 		}
5467 	}
5468 }
5469 
5470 mptsas_phymask_t
5471 mptsas_physport_to_phymask(mptsas_t *mpt, uint8_t physport)
5472 {
5473 	mptsas_phymask_t	phy_mask = 0;
5474 	uint8_t			i = 0;
5475 
5476 	NDBG20(("mptsas%d physport_to_phymask enter", mpt->m_instance));
5477 
5478 	ASSERT(mutex_owned(&mpt->m_mutex));
5479 
5480 	/*
5481 	 * If physport is 0xFF, this is a RAID volume.  Use phymask of 0.
5482 	 */
5483 	if (physport == 0xFF) {
5484 		return (0);
5485 	}
5486 
5487 	for (i = 0; i < MPTSAS_MAX_PHYS; i++) {
5488 		if (mpt->m_phy_info[i].attached_devhdl &&
5489 		    (mpt->m_phy_info[i].phy_mask != 0) &&
5490 		    (mpt->m_phy_info[i].port_num == physport)) {
5491 			phy_mask = mpt->m_phy_info[i].phy_mask;
5492 			break;
5493 		}
5494 	}
5495 	NDBG20(("mptsas%d physport_to_phymask:physport :%x phymask :%x, ",
5496 	    mpt->m_instance, physport, phy_mask));
5497 	return (phy_mask);
5498 }
5499 
5500 /*
5501  * mpt free device handle after device gone, by use of passthrough
5502  */
5503 static int
5504 mptsas_free_devhdl(mptsas_t *mpt, uint16_t devhdl)
5505 {
5506 	Mpi2SasIoUnitControlRequest_t	req;
5507 	Mpi2SasIoUnitControlReply_t	rep;
5508 	int				ret;
5509 
5510 	ASSERT(mutex_owned(&mpt->m_mutex));
5511 
5512 	/*
5513 	 * Need to compose a SAS IO Unit Control request message
5514 	 * and call mptsas_do_passthru() function
5515 	 */
5516 	bzero(&req, sizeof (req));
5517 	bzero(&rep, sizeof (rep));
5518 
5519 	req.Function = MPI2_FUNCTION_SAS_IO_UNIT_CONTROL;
5520 	req.Operation = MPI2_SAS_OP_REMOVE_DEVICE;
5521 	req.DevHandle = LE_16(devhdl);
5522 
5523 	ret = mptsas_do_passthru(mpt, (uint8_t *)&req, (uint8_t *)&rep, NULL,
5524 	    sizeof (req), sizeof (rep), NULL, 0, NULL, 0, 60, FKIOCTL);
5525 	if (ret != 0) {
5526 		cmn_err(CE_WARN, "mptsas_free_devhdl: passthru SAS IO Unit "
5527 		    "Control error %d", ret);
5528 		return (DDI_FAILURE);
5529 	}
5530 
5531 	/* do passthrough success, check the ioc status */
5532 	if (LE_16(rep.IOCStatus) != MPI2_IOCSTATUS_SUCCESS) {
5533 		cmn_err(CE_WARN, "mptsas_free_devhdl: passthru SAS IO Unit "
5534 		    "Control IOCStatus %d", LE_16(rep.IOCStatus));
5535 		return (DDI_FAILURE);
5536 	}
5537 
5538 	return (DDI_SUCCESS);
5539 }
5540 
5541 static void
5542 mptsas_update_phymask(mptsas_t *mpt)
5543 {
5544 	mptsas_phymask_t mask = 0, phy_mask;
5545 	char		*phy_mask_name;
5546 	uint8_t		current_port;
5547 	int		i, j;
5548 
5549 	NDBG20(("mptsas%d update phymask ", mpt->m_instance));
5550 
5551 	ASSERT(mutex_owned(&mpt->m_mutex));
5552 
5553 	(void) mptsas_get_sas_io_unit_page(mpt);
5554 
5555 	phy_mask_name = kmem_zalloc(MPTSAS_MAX_PHYS, KM_SLEEP);
5556 
5557 	for (i = 0; i < mpt->m_num_phys; i++) {
5558 		phy_mask = 0x00;
5559 
5560 		if (mpt->m_phy_info[i].attached_devhdl == 0)
5561 			continue;
5562 
5563 		bzero(phy_mask_name, sizeof (phy_mask_name));
5564 
5565 		current_port = mpt->m_phy_info[i].port_num;
5566 
5567 		if ((mask & (1 << i)) != 0)
5568 			continue;
5569 
5570 		for (j = 0; j < mpt->m_num_phys; j++) {
5571 			if (mpt->m_phy_info[j].attached_devhdl &&
5572 			    (mpt->m_phy_info[j].port_num == current_port)) {
5573 				phy_mask |= (1 << j);
5574 			}
5575 		}
5576 		mask = mask | phy_mask;
5577 
5578 		for (j = 0; j < mpt->m_num_phys; j++) {
5579 			if ((phy_mask >> j) & 0x01) {
5580 				mpt->m_phy_info[j].phy_mask = phy_mask;
5581 			}
5582 		}
5583 
5584 		(void) sprintf(phy_mask_name, "%x", phy_mask);
5585 
5586 		mutex_exit(&mpt->m_mutex);
5587 		/*
5588 		 * register a iport, if the port has already been existed
5589 		 * SCSA will do nothing and just return.
5590 		 */
5591 		(void) scsi_hba_iport_register(mpt->m_dip, phy_mask_name);
5592 		mutex_enter(&mpt->m_mutex);
5593 	}
5594 	kmem_free(phy_mask_name, MPTSAS_MAX_PHYS);
5595 	NDBG20(("mptsas%d update phymask return", mpt->m_instance));
5596 }
5597 
5598 /*
5599  * mptsas_handle_dr is a task handler for DR, the DR action includes:
5600  * 1. Directly attched Device Added/Removed.
5601  * 2. Expander Device Added/Removed.
5602  * 3. Indirectly Attached Device Added/Expander.
5603  * 4. LUNs of a existing device status change.
5604  * 5. RAID volume created/deleted.
5605  * 6. Member of RAID volume is released because of RAID deletion.
5606  * 7. Physical disks are removed because of RAID creation.
5607  */
5608 static void
5609 mptsas_handle_dr(void *args) {
5610 	mptsas_topo_change_list_t	*topo_node = NULL;
5611 	mptsas_topo_change_list_t	*save_node = NULL;
5612 	mptsas_t			*mpt;
5613 	dev_info_t			*parent = NULL;
5614 	mptsas_phymask_t		phymask = 0;
5615 	char				*phy_mask_name;
5616 	uint8_t				flags = 0, physport = 0xff;
5617 	uint8_t				port_update = 0;
5618 	uint_t				event;
5619 
5620 	topo_node = (mptsas_topo_change_list_t *)args;
5621 
5622 	mpt = topo_node->mpt;
5623 	event = topo_node->event;
5624 	flags = topo_node->flags;
5625 
5626 	phy_mask_name = kmem_zalloc(MPTSAS_MAX_PHYS, KM_SLEEP);
5627 
5628 	NDBG20(("mptsas%d handle_dr enter", mpt->m_instance));
5629 
5630 	switch (event) {
5631 	case MPTSAS_DR_EVENT_RECONFIG_TARGET:
5632 		if ((flags == MPTSAS_TOPO_FLAG_DIRECT_ATTACHED_DEVICE) ||
5633 		    (flags == MPTSAS_TOPO_FLAG_EXPANDER_ATTACHED_DEVICE) ||
5634 		    (flags == MPTSAS_TOPO_FLAG_RAID_PHYSDRV_ASSOCIATED)) {
5635 			/*
5636 			 * Direct attached or expander attached device added
5637 			 * into system or a Phys Disk that is being unhidden.
5638 			 */
5639 			port_update = 1;
5640 		}
5641 		break;
5642 	case MPTSAS_DR_EVENT_RECONFIG_SMP:
5643 		/*
5644 		 * New expander added into system, it must be the head
5645 		 * of topo_change_list_t
5646 		 */
5647 		port_update = 1;
5648 		break;
5649 	default:
5650 		port_update = 0;
5651 		break;
5652 	}
5653 	/*
5654 	 * All cases port_update == 1 may cause initiator port form change
5655 	 */
5656 	mutex_enter(&mpt->m_mutex);
5657 	if (mpt->m_port_chng && port_update) {
5658 		/*
5659 		 * mpt->m_port_chng flag indicates some PHYs of initiator
5660 		 * port have changed to online. So when expander added or
5661 		 * directly attached device online event come, we force to
5662 		 * update port information by issueing SAS IO Unit Page and
5663 		 * update PHYMASKs.
5664 		 */
5665 		(void) mptsas_update_phymask(mpt);
5666 		mpt->m_port_chng = 0;
5667 
5668 	}
5669 	mutex_exit(&mpt->m_mutex);
5670 	while (topo_node) {
5671 		phymask = 0;
5672 		if (parent == NULL) {
5673 			physport = topo_node->un.physport;
5674 			event = topo_node->event;
5675 			flags = topo_node->flags;
5676 			if (event & (MPTSAS_DR_EVENT_OFFLINE_TARGET |
5677 			    MPTSAS_DR_EVENT_OFFLINE_SMP)) {
5678 				/*
5679 				 * For all offline events, phymask is known
5680 				 */
5681 				phymask = topo_node->un.phymask;
5682 				goto find_parent;
5683 			}
5684 			if (event & MPTSAS_TOPO_FLAG_REMOVE_HANDLE) {
5685 				goto handle_topo_change;
5686 			}
5687 			if (flags & MPTSAS_TOPO_FLAG_LUN_ASSOCIATED) {
5688 				phymask = topo_node->un.phymask;
5689 				goto find_parent;
5690 			}
5691 
5692 			if ((flags ==
5693 			    MPTSAS_TOPO_FLAG_RAID_PHYSDRV_ASSOCIATED) &&
5694 			    (event == MPTSAS_DR_EVENT_RECONFIG_TARGET)) {
5695 				/*
5696 				 * There is no any field in IR_CONFIG_CHANGE
5697 				 * event indicate physport/phynum, let's get
5698 				 * parent after SAS Device Page0 request.
5699 				 */
5700 				goto handle_topo_change;
5701 			}
5702 
5703 			mutex_enter(&mpt->m_mutex);
5704 			if (flags == MPTSAS_TOPO_FLAG_DIRECT_ATTACHED_DEVICE) {
5705 				/*
5706 				 * If the direct attached device added or a
5707 				 * phys disk is being unhidden, argument
5708 				 * physport actually is PHY#, so we have to get
5709 				 * phymask according PHY#.
5710 				 */
5711 				physport = mpt->m_phy_info[physport].port_num;
5712 			}
5713 
5714 			/*
5715 			 * Translate physport to phymask so that we can search
5716 			 * parent dip.
5717 			 */
5718 			phymask = mptsas_physport_to_phymask(mpt,
5719 			    physport);
5720 			mutex_exit(&mpt->m_mutex);
5721 
5722 find_parent:
5723 			bzero(phy_mask_name, MPTSAS_MAX_PHYS);
5724 			/*
5725 			 * For RAID topology change node, write the iport name
5726 			 * as v0.
5727 			 */
5728 			if (flags & MPTSAS_TOPO_FLAG_RAID_ASSOCIATED) {
5729 				(void) sprintf(phy_mask_name, "v0");
5730 			} else {
5731 				/*
5732 				 * phymask can bo 0 if the drive has been
5733 				 * pulled by the time an add event is
5734 				 * processed.  If phymask is 0, just skip this
5735 				 * event and continue.
5736 				 */
5737 				if (phymask == 0) {
5738 					mutex_enter(&mpt->m_mutex);
5739 					save_node = topo_node;
5740 					topo_node = topo_node->next;
5741 					ASSERT(save_node);
5742 					kmem_free(save_node,
5743 					    sizeof (mptsas_topo_change_list_t));
5744 					mutex_exit(&mpt->m_mutex);
5745 
5746 					parent = NULL;
5747 					continue;
5748 				}
5749 				(void) sprintf(phy_mask_name, "%x", phymask);
5750 			}
5751 			parent = scsi_hba_iport_find(mpt->m_dip,
5752 			    phy_mask_name);
5753 			if (parent == NULL) {
5754 				mptsas_log(mpt, CE_WARN, "Failed to find an "
5755 				    "iport, should not happen!");
5756 				goto out;
5757 			}
5758 
5759 		}
5760 		ASSERT(parent);
5761 handle_topo_change:
5762 
5763 		mutex_enter(&mpt->m_mutex);
5764 
5765 		mptsas_handle_topo_change(topo_node, parent);
5766 		save_node = topo_node;
5767 		topo_node = topo_node->next;
5768 		ASSERT(save_node);
5769 		kmem_free(save_node, sizeof (mptsas_topo_change_list_t));
5770 		mutex_exit(&mpt->m_mutex);
5771 
5772 		if ((flags == MPTSAS_TOPO_FLAG_DIRECT_ATTACHED_DEVICE) ||
5773 		    (flags == MPTSAS_TOPO_FLAG_RAID_PHYSDRV_ASSOCIATED) ||
5774 		    (flags == MPTSAS_TOPO_FLAG_RAID_ASSOCIATED)) {
5775 			/*
5776 			 * If direct attached device associated, make sure
5777 			 * reset the parent before start the next one. But
5778 			 * all devices associated with expander shares the
5779 			 * parent.  Also, reset parent if this is for RAID.
5780 			 */
5781 			parent = NULL;
5782 		}
5783 	}
5784 out:
5785 	kmem_free(phy_mask_name, MPTSAS_MAX_PHYS);
5786 }
5787 
5788 static void
5789 mptsas_handle_topo_change(mptsas_topo_change_list_t *topo_node,
5790     dev_info_t *parent)
5791 {
5792 	mptsas_target_t	*ptgt = NULL;
5793 	mptsas_smp_t	*psmp = NULL;
5794 	mptsas_t	*mpt = (void *)topo_node->mpt;
5795 	uint16_t	devhdl;
5796 	uint16_t	attached_devhdl;
5797 	uint64_t	sas_wwn = 0;
5798 	int		rval = 0;
5799 	uint32_t	page_address;
5800 	uint8_t		phy, flags;
5801 	char		*addr = NULL;
5802 	dev_info_t	*lundip;
5803 	int		circ = 0, circ1 = 0;
5804 	char		attached_wwnstr[MPTSAS_WWN_STRLEN];
5805 
5806 	NDBG20(("mptsas%d handle_topo_change enter", mpt->m_instance));
5807 
5808 	ASSERT(mutex_owned(&mpt->m_mutex));
5809 
5810 	switch (topo_node->event) {
5811 	case MPTSAS_DR_EVENT_RECONFIG_TARGET:
5812 	{
5813 		char *phy_mask_name;
5814 		mptsas_phymask_t phymask = 0;
5815 
5816 		if (topo_node->flags == MPTSAS_TOPO_FLAG_RAID_ASSOCIATED) {
5817 			/*
5818 			 * Get latest RAID info.
5819 			 */
5820 			(void) mptsas_get_raid_info(mpt);
5821 			ptgt = mptsas_search_by_devhdl(
5822 			    &mpt->m_active->m_tgttbl, topo_node->devhdl);
5823 			if (ptgt == NULL)
5824 				break;
5825 		} else {
5826 			ptgt = (void *)topo_node->object;
5827 		}
5828 
5829 		if (ptgt == NULL) {
5830 			/*
5831 			 * If a Phys Disk was deleted, RAID info needs to be
5832 			 * updated to reflect the new topology.
5833 			 */
5834 			(void) mptsas_get_raid_info(mpt);
5835 
5836 			/*
5837 			 * Get sas device page 0 by DevHandle to make sure if
5838 			 * SSP/SATA end device exist.
5839 			 */
5840 			page_address = (MPI2_SAS_DEVICE_PGAD_FORM_HANDLE &
5841 			    MPI2_SAS_DEVICE_PGAD_FORM_MASK) |
5842 			    topo_node->devhdl;
5843 
5844 			rval = mptsas_get_target_device_info(mpt, page_address,
5845 			    &devhdl, &ptgt);
5846 			if (rval == DEV_INFO_WRONG_DEVICE_TYPE) {
5847 				mptsas_log(mpt, CE_NOTE,
5848 				    "mptsas_handle_topo_change: target %d is "
5849 				    "not a SAS/SATA device. \n",
5850 				    topo_node->devhdl);
5851 			} else if (rval == DEV_INFO_FAIL_ALLOC) {
5852 				mptsas_log(mpt, CE_NOTE,
5853 				    "mptsas_handle_topo_change: could not "
5854 				    "allocate memory. \n");
5855 			}
5856 			/*
5857 			 * If rval is DEV_INFO_PHYS_DISK than there is nothing
5858 			 * else to do, just leave.
5859 			 */
5860 			if (rval != DEV_INFO_SUCCESS) {
5861 				return;
5862 			}
5863 		}
5864 
5865 		ASSERT(ptgt->m_devhdl == topo_node->devhdl);
5866 
5867 		mutex_exit(&mpt->m_mutex);
5868 		flags = topo_node->flags;
5869 
5870 		if (flags == MPTSAS_TOPO_FLAG_RAID_PHYSDRV_ASSOCIATED) {
5871 			phymask = ptgt->m_phymask;
5872 			phy_mask_name = kmem_zalloc(MPTSAS_MAX_PHYS, KM_SLEEP);
5873 			(void) sprintf(phy_mask_name, "%x", phymask);
5874 			parent = scsi_hba_iport_find(mpt->m_dip,
5875 			    phy_mask_name);
5876 			kmem_free(phy_mask_name, MPTSAS_MAX_PHYS);
5877 			if (parent == NULL) {
5878 				mptsas_log(mpt, CE_WARN, "Failed to find a "
5879 				    "iport for PD, should not happen!");
5880 				mutex_enter(&mpt->m_mutex);
5881 				break;
5882 			}
5883 		}
5884 
5885 		if (flags == MPTSAS_TOPO_FLAG_RAID_ASSOCIATED) {
5886 			ndi_devi_enter(parent, &circ1);
5887 			(void) mptsas_config_raid(parent, topo_node->devhdl,
5888 			    &lundip);
5889 			ndi_devi_exit(parent, circ1);
5890 		} else {
5891 			/*
5892 			 * hold nexus for bus configure
5893 			 */
5894 			ndi_devi_enter(scsi_vhci_dip, &circ);
5895 			ndi_devi_enter(parent, &circ1);
5896 			rval = mptsas_config_target(parent, ptgt);
5897 			/*
5898 			 * release nexus for bus configure
5899 			 */
5900 			ndi_devi_exit(parent, circ1);
5901 			ndi_devi_exit(scsi_vhci_dip, circ);
5902 
5903 			/*
5904 			 * Add parent's props for SMHBA support
5905 			 */
5906 			if (flags == MPTSAS_TOPO_FLAG_DIRECT_ATTACHED_DEVICE) {
5907 				bzero(attached_wwnstr,
5908 				    sizeof (attached_wwnstr));
5909 				(void) sprintf(attached_wwnstr, "w%016"PRIx64,
5910 				    ptgt->m_sas_wwn);
5911 				if (ddi_prop_update_string(DDI_DEV_T_NONE,
5912 				    parent,
5913 				    SCSI_ADDR_PROP_ATTACHED_PORT,
5914 				    attached_wwnstr)
5915 				    != DDI_PROP_SUCCESS) {
5916 					(void) ddi_prop_remove(DDI_DEV_T_NONE,
5917 					    parent,
5918 					    SCSI_ADDR_PROP_ATTACHED_PORT);
5919 					mptsas_log(mpt, CE_WARN, "Failed to"
5920 					    "attached-port props");
5921 					return;
5922 				}
5923 				if (ddi_prop_update_int(DDI_DEV_T_NONE, parent,
5924 				    MPTSAS_NUM_PHYS, 1) !=
5925 				    DDI_PROP_SUCCESS) {
5926 					(void) ddi_prop_remove(DDI_DEV_T_NONE,
5927 					    parent, MPTSAS_NUM_PHYS);
5928 					mptsas_log(mpt, CE_WARN, "Failed to"
5929 					    " create num-phys props");
5930 					return;
5931 				}
5932 
5933 				/*
5934 				 * Update PHY info for smhba
5935 				 */
5936 				mutex_enter(&mpt->m_mutex);
5937 				if (mptsas_smhba_phy_init(mpt)) {
5938 					mutex_exit(&mpt->m_mutex);
5939 					mptsas_log(mpt, CE_WARN, "mptsas phy"
5940 					    " update failed");
5941 					return;
5942 				}
5943 				mutex_exit(&mpt->m_mutex);
5944 				mptsas_smhba_set_phy_props(mpt,
5945 				    ddi_get_name_addr(parent), parent,
5946 				    1, &attached_devhdl);
5947 				if (ddi_prop_update_int(DDI_DEV_T_NONE, parent,
5948 				    MPTSAS_VIRTUAL_PORT, 0) !=
5949 				    DDI_PROP_SUCCESS) {
5950 					(void) ddi_prop_remove(DDI_DEV_T_NONE,
5951 					    parent, MPTSAS_VIRTUAL_PORT);
5952 					mptsas_log(mpt, CE_WARN,
5953 					    "mptsas virtual-port"
5954 					    "port prop update failed");
5955 					return;
5956 				}
5957 			}
5958 		}
5959 		mutex_enter(&mpt->m_mutex);
5960 
5961 		NDBG20(("mptsas%d handle_topo_change to online devhdl:%x, "
5962 		    "phymask:%x.", mpt->m_instance, ptgt->m_devhdl,
5963 		    ptgt->m_phymask));
5964 		break;
5965 	}
5966 	case MPTSAS_DR_EVENT_OFFLINE_TARGET:
5967 	{
5968 		mptsas_hash_table_t *tgttbl = &mpt->m_active->m_tgttbl;
5969 		devhdl = topo_node->devhdl;
5970 		ptgt = mptsas_search_by_devhdl(tgttbl, devhdl);
5971 		if (ptgt == NULL)
5972 			break;
5973 
5974 		sas_wwn = ptgt->m_sas_wwn;
5975 		phy = ptgt->m_phynum;
5976 
5977 		addr = kmem_zalloc(SCSI_MAXNAMELEN, KM_SLEEP);
5978 
5979 		if (sas_wwn) {
5980 			(void) sprintf(addr, "w%016"PRIx64, sas_wwn);
5981 		} else {
5982 			(void) sprintf(addr, "p%x", phy);
5983 		}
5984 		ASSERT(ptgt->m_devhdl == devhdl);
5985 
5986 		if ((topo_node->flags == MPTSAS_TOPO_FLAG_RAID_ASSOCIATED) ||
5987 		    (topo_node->flags ==
5988 		    MPTSAS_TOPO_FLAG_RAID_PHYSDRV_ASSOCIATED)) {
5989 			/*
5990 			 * Get latest RAID info if RAID volume status changes
5991 			 * or Phys Disk status changes
5992 			 */
5993 			(void) mptsas_get_raid_info(mpt);
5994 		}
5995 		/*
5996 		 * Abort all outstanding command on the device
5997 		 */
5998 		rval = mptsas_do_scsi_reset(mpt, devhdl);
5999 		if (rval) {
6000 			NDBG20(("mptsas%d handle_topo_change to reset target "
6001 			    "before offline devhdl:%x, phymask:%x, rval:%x",
6002 			    mpt->m_instance, ptgt->m_devhdl, ptgt->m_phymask,
6003 			    rval));
6004 		}
6005 
6006 		mutex_exit(&mpt->m_mutex);
6007 
6008 		ndi_devi_enter(scsi_vhci_dip, &circ);
6009 		ndi_devi_enter(parent, &circ1);
6010 		rval = mptsas_offline_target(parent, addr);
6011 		ndi_devi_exit(parent, circ1);
6012 		ndi_devi_exit(scsi_vhci_dip, circ);
6013 		NDBG20(("mptsas%d handle_topo_change to offline devhdl:%x, "
6014 		    "phymask:%x, rval:%x", mpt->m_instance,
6015 		    ptgt->m_devhdl, ptgt->m_phymask, rval));
6016 
6017 		kmem_free(addr, SCSI_MAXNAMELEN);
6018 
6019 		/*
6020 		 * Clear parent's props for SMHBA support
6021 		 */
6022 		flags = topo_node->flags;
6023 		if (flags == MPTSAS_TOPO_FLAG_DIRECT_ATTACHED_DEVICE) {
6024 			bzero(attached_wwnstr, sizeof (attached_wwnstr));
6025 			if (ddi_prop_update_string(DDI_DEV_T_NONE, parent,
6026 			    SCSI_ADDR_PROP_ATTACHED_PORT, attached_wwnstr) !=
6027 			    DDI_PROP_SUCCESS) {
6028 				(void) ddi_prop_remove(DDI_DEV_T_NONE, parent,
6029 				    SCSI_ADDR_PROP_ATTACHED_PORT);
6030 				mptsas_log(mpt, CE_WARN, "mptsas attached port "
6031 				    "prop update failed");
6032 				break;
6033 			}
6034 			if (ddi_prop_update_int(DDI_DEV_T_NONE, parent,
6035 			    MPTSAS_NUM_PHYS, 0) !=
6036 			    DDI_PROP_SUCCESS) {
6037 				(void) ddi_prop_remove(DDI_DEV_T_NONE, parent,
6038 				    MPTSAS_NUM_PHYS);
6039 				mptsas_log(mpt, CE_WARN, "mptsas num phys "
6040 				    "prop update failed");
6041 				break;
6042 			}
6043 			if (ddi_prop_update_int(DDI_DEV_T_NONE, parent,
6044 			    MPTSAS_VIRTUAL_PORT, 1) !=
6045 			    DDI_PROP_SUCCESS) {
6046 				(void) ddi_prop_remove(DDI_DEV_T_NONE, parent,
6047 				    MPTSAS_VIRTUAL_PORT);
6048 				mptsas_log(mpt, CE_WARN, "mptsas virtual port "
6049 				    "prop update failed");
6050 				break;
6051 			}
6052 		}
6053 
6054 		mutex_enter(&mpt->m_mutex);
6055 		if (rval == DDI_SUCCESS) {
6056 			mptsas_tgt_free(&mpt->m_active->m_tgttbl,
6057 			    ptgt->m_sas_wwn, ptgt->m_phymask);
6058 			ptgt = NULL;
6059 		} else {
6060 			/*
6061 			 * clean DR_INTRANSITION flag to allow I/O down to
6062 			 * PHCI driver since failover finished.
6063 			 * Invalidate the devhdl
6064 			 */
6065 			ptgt->m_devhdl = MPTSAS_INVALID_DEVHDL;
6066 			ptgt->m_tgt_unconfigured = 0;
6067 			mutex_enter(&mpt->m_tx_waitq_mutex);
6068 			ptgt->m_dr_flag = MPTSAS_DR_INACTIVE;
6069 			mutex_exit(&mpt->m_tx_waitq_mutex);
6070 		}
6071 
6072 		/*
6073 		 * Send SAS IO Unit Control to free the dev handle
6074 		 */
6075 		if ((flags == MPTSAS_TOPO_FLAG_DIRECT_ATTACHED_DEVICE) ||
6076 		    (flags == MPTSAS_TOPO_FLAG_EXPANDER_ATTACHED_DEVICE)) {
6077 			rval = mptsas_free_devhdl(mpt, devhdl);
6078 
6079 			NDBG20(("mptsas%d handle_topo_change to remove "
6080 			    "devhdl:%x, rval:%x", mpt->m_instance, devhdl,
6081 			    rval));
6082 		}
6083 
6084 		break;
6085 	}
6086 	case MPTSAS_TOPO_FLAG_REMOVE_HANDLE:
6087 	{
6088 		devhdl = topo_node->devhdl;
6089 		/*
6090 		 * If this is the remove handle event, do a reset first.
6091 		 */
6092 		if (topo_node->event == MPTSAS_TOPO_FLAG_REMOVE_HANDLE) {
6093 			rval = mptsas_do_scsi_reset(mpt, devhdl);
6094 			if (rval) {
6095 				NDBG20(("mpt%d reset target before remove "
6096 				    "devhdl:%x, rval:%x", mpt->m_instance,
6097 				    devhdl, rval));
6098 			}
6099 		}
6100 
6101 		/*
6102 		 * Send SAS IO Unit Control to free the dev handle
6103 		 */
6104 		rval = mptsas_free_devhdl(mpt, devhdl);
6105 		NDBG20(("mptsas%d handle_topo_change to remove "
6106 		    "devhdl:%x, rval:%x", mpt->m_instance, devhdl,
6107 		    rval));
6108 		break;
6109 	}
6110 	case MPTSAS_DR_EVENT_RECONFIG_SMP:
6111 	{
6112 		mptsas_smp_t smp;
6113 		dev_info_t *smpdip;
6114 		mptsas_hash_table_t *smptbl = &mpt->m_active->m_smptbl;
6115 
6116 		devhdl = topo_node->devhdl;
6117 
6118 		page_address = (MPI2_SAS_EXPAND_PGAD_FORM_HNDL &
6119 		    MPI2_SAS_EXPAND_PGAD_FORM_MASK) | (uint32_t)devhdl;
6120 		rval = mptsas_get_sas_expander_page0(mpt, page_address, &smp);
6121 		if (rval != DDI_SUCCESS) {
6122 			mptsas_log(mpt, CE_WARN, "failed to online smp, "
6123 			    "handle %x", devhdl);
6124 			return;
6125 		}
6126 
6127 		psmp = mptsas_smp_alloc(smptbl, &smp);
6128 		if (psmp == NULL) {
6129 			return;
6130 		}
6131 
6132 		mutex_exit(&mpt->m_mutex);
6133 		ndi_devi_enter(parent, &circ1);
6134 		(void) mptsas_online_smp(parent, psmp, &smpdip);
6135 		ndi_devi_exit(parent, circ1);
6136 
6137 		mutex_enter(&mpt->m_mutex);
6138 		break;
6139 	}
6140 	case MPTSAS_DR_EVENT_OFFLINE_SMP:
6141 	{
6142 		mptsas_hash_table_t *smptbl = &mpt->m_active->m_smptbl;
6143 		devhdl = topo_node->devhdl;
6144 		uint32_t dev_info;
6145 
6146 		psmp = mptsas_search_by_devhdl(smptbl, devhdl);
6147 		if (psmp == NULL)
6148 			break;
6149 		/*
6150 		 * The mptsas_smp_t data is released only if the dip is offlined
6151 		 * successfully.
6152 		 */
6153 		mutex_exit(&mpt->m_mutex);
6154 
6155 		ndi_devi_enter(parent, &circ1);
6156 		rval = mptsas_offline_smp(parent, psmp, NDI_DEVI_REMOVE);
6157 		ndi_devi_exit(parent, circ1);
6158 
6159 		dev_info = psmp->m_deviceinfo;
6160 		if ((dev_info & DEVINFO_DIRECT_ATTACHED) ==
6161 		    DEVINFO_DIRECT_ATTACHED) {
6162 			if (ddi_prop_update_int(DDI_DEV_T_NONE, parent,
6163 			    MPTSAS_VIRTUAL_PORT, 1) !=
6164 			    DDI_PROP_SUCCESS) {
6165 				(void) ddi_prop_remove(DDI_DEV_T_NONE, parent,
6166 				    MPTSAS_VIRTUAL_PORT);
6167 				mptsas_log(mpt, CE_WARN, "mptsas virtual port "
6168 				    "prop update failed");
6169 				return;
6170 			}
6171 			/*
6172 			 * Check whether the smp connected to the iport,
6173 			 */
6174 			if (ddi_prop_update_int(DDI_DEV_T_NONE, parent,
6175 			    MPTSAS_NUM_PHYS, 0) !=
6176 			    DDI_PROP_SUCCESS) {
6177 				(void) ddi_prop_remove(DDI_DEV_T_NONE, parent,
6178 				    MPTSAS_NUM_PHYS);
6179 				mptsas_log(mpt, CE_WARN, "mptsas num phys"
6180 				    "prop update failed");
6181 				return;
6182 			}
6183 			/*
6184 			 * Clear parent's attached-port props
6185 			 */
6186 			bzero(attached_wwnstr, sizeof (attached_wwnstr));
6187 			if (ddi_prop_update_string(DDI_DEV_T_NONE, parent,
6188 			    SCSI_ADDR_PROP_ATTACHED_PORT, attached_wwnstr) !=
6189 			    DDI_PROP_SUCCESS) {
6190 				(void) ddi_prop_remove(DDI_DEV_T_NONE, parent,
6191 				    SCSI_ADDR_PROP_ATTACHED_PORT);
6192 				mptsas_log(mpt, CE_WARN, "mptsas attached port "
6193 				    "prop update failed");
6194 				return;
6195 			}
6196 		}
6197 
6198 		mutex_enter(&mpt->m_mutex);
6199 		NDBG20(("mptsas%d handle_topo_change to remove devhdl:%x, "
6200 		    "rval:%x", mpt->m_instance, psmp->m_devhdl, rval));
6201 		if (rval == DDI_SUCCESS) {
6202 			mptsas_smp_free(smptbl, psmp->m_sasaddr,
6203 			    psmp->m_phymask);
6204 		} else {
6205 			psmp->m_devhdl = MPTSAS_INVALID_DEVHDL;
6206 		}
6207 
6208 		bzero(attached_wwnstr, sizeof (attached_wwnstr));
6209 
6210 		break;
6211 	}
6212 	default:
6213 		return;
6214 	}
6215 }
6216 
6217 /*
6218  * Record the event if its type is enabled in mpt instance by ioctl.
6219  */
6220 static void
6221 mptsas_record_event(void *args)
6222 {
6223 	m_replyh_arg_t			*replyh_arg;
6224 	pMpi2EventNotificationReply_t	eventreply;
6225 	uint32_t			event, rfm;
6226 	mptsas_t			*mpt;
6227 	int				i, j;
6228 	uint16_t			event_data_len;
6229 	boolean_t			sendAEN = FALSE;
6230 
6231 	replyh_arg = (m_replyh_arg_t *)args;
6232 	rfm = replyh_arg->rfm;
6233 	mpt = replyh_arg->mpt;
6234 
6235 	eventreply = (pMpi2EventNotificationReply_t)
6236 	    (mpt->m_reply_frame + (rfm - mpt->m_reply_frame_dma_addr));
6237 	event = ddi_get16(mpt->m_acc_reply_frame_hdl, &eventreply->Event);
6238 
6239 
6240 	/*
6241 	 * Generate a system event to let anyone who cares know that a
6242 	 * LOG_ENTRY_ADDED event has occurred.  This is sent no matter what the
6243 	 * event mask is set to.
6244 	 */
6245 	if (event == MPI2_EVENT_LOG_ENTRY_ADDED) {
6246 		sendAEN = TRUE;
6247 	}
6248 
6249 	/*
6250 	 * Record the event only if it is not masked.  Determine which dword
6251 	 * and bit of event mask to test.
6252 	 */
6253 	i = (uint8_t)(event / 32);
6254 	j = (uint8_t)(event % 32);
6255 	if ((i < 4) && ((1 << j) & mpt->m_event_mask[i])) {
6256 		i = mpt->m_event_index;
6257 		mpt->m_events[i].Type = event;
6258 		mpt->m_events[i].Number = ++mpt->m_event_number;
6259 		bzero(mpt->m_events[i].Data, MPTSAS_MAX_EVENT_DATA_LENGTH * 4);
6260 		event_data_len = ddi_get16(mpt->m_acc_reply_frame_hdl,
6261 		    &eventreply->EventDataLength);
6262 
6263 		if (event_data_len > 0) {
6264 			/*
6265 			 * Limit data to size in m_event entry
6266 			 */
6267 			if (event_data_len > MPTSAS_MAX_EVENT_DATA_LENGTH) {
6268 				event_data_len = MPTSAS_MAX_EVENT_DATA_LENGTH;
6269 			}
6270 			for (j = 0; j < event_data_len; j++) {
6271 				mpt->m_events[i].Data[j] =
6272 				    ddi_get32(mpt->m_acc_reply_frame_hdl,
6273 				    &(eventreply->EventData[j]));
6274 			}
6275 
6276 			/*
6277 			 * check for index wrap-around
6278 			 */
6279 			if (++i == MPTSAS_EVENT_QUEUE_SIZE) {
6280 				i = 0;
6281 			}
6282 			mpt->m_event_index = (uint8_t)i;
6283 
6284 			/*
6285 			 * Set flag to send the event.
6286 			 */
6287 			sendAEN = TRUE;
6288 		}
6289 	}
6290 
6291 	/*
6292 	 * Generate a system event if flag is set to let anyone who cares know
6293 	 * that an event has occurred.
6294 	 */
6295 	if (sendAEN) {
6296 		(void) ddi_log_sysevent(mpt->m_dip, DDI_VENDOR_LSI, "MPT_SAS",
6297 		    "SAS", NULL, NULL, DDI_NOSLEEP);
6298 	}
6299 }
6300 
6301 #define	SMP_RESET_IN_PROGRESS MPI2_EVENT_SAS_TOPO_LR_SMP_RESET_IN_PROGRESS
6302 /*
6303  * handle sync events from ioc in interrupt
6304  * return value:
6305  * DDI_SUCCESS: The event is handled by this func
6306  * DDI_FAILURE: Event is not handled
6307  */
6308 static int
6309 mptsas_handle_event_sync(void *args)
6310 {
6311 	m_replyh_arg_t			*replyh_arg;
6312 	pMpi2EventNotificationReply_t	eventreply;
6313 	uint32_t			event, rfm;
6314 	mptsas_t			*mpt;
6315 	uint_t				iocstatus;
6316 
6317 	replyh_arg = (m_replyh_arg_t *)args;
6318 	rfm = replyh_arg->rfm;
6319 	mpt = replyh_arg->mpt;
6320 
6321 	ASSERT(mutex_owned(&mpt->m_mutex));
6322 
6323 	eventreply = (pMpi2EventNotificationReply_t)
6324 	    (mpt->m_reply_frame + (rfm - mpt->m_reply_frame_dma_addr));
6325 	event = ddi_get16(mpt->m_acc_reply_frame_hdl, &eventreply->Event);
6326 
6327 	if (iocstatus = ddi_get16(mpt->m_acc_reply_frame_hdl,
6328 	    &eventreply->IOCStatus)) {
6329 		if (iocstatus == MPI2_IOCSTATUS_FLAG_LOG_INFO_AVAILABLE) {
6330 			mptsas_log(mpt, CE_WARN,
6331 			    "!mptsas_handle_event_sync: IOCStatus=0x%x, "
6332 			    "IOCLogInfo=0x%x", iocstatus,
6333 			    ddi_get32(mpt->m_acc_reply_frame_hdl,
6334 			    &eventreply->IOCLogInfo));
6335 		} else {
6336 			mptsas_log(mpt, CE_WARN,
6337 			    "mptsas_handle_event_sync: IOCStatus=0x%x, "
6338 			    "IOCLogInfo=0x%x", iocstatus,
6339 			    ddi_get32(mpt->m_acc_reply_frame_hdl,
6340 			    &eventreply->IOCLogInfo));
6341 		}
6342 	}
6343 
6344 	/*
6345 	 * figure out what kind of event we got and handle accordingly
6346 	 */
6347 	switch (event) {
6348 	case MPI2_EVENT_SAS_TOPOLOGY_CHANGE_LIST:
6349 	{
6350 		pMpi2EventDataSasTopologyChangeList_t	sas_topo_change_list;
6351 		uint8_t				num_entries, expstatus, phy;
6352 		uint8_t				phystatus, physport, state, i;
6353 		uint8_t				start_phy_num, link_rate;
6354 		uint16_t			dev_handle, reason_code;
6355 		uint16_t			enc_handle, expd_handle;
6356 		char				string[80], curr[80], prev[80];
6357 		mptsas_topo_change_list_t	*topo_head = NULL;
6358 		mptsas_topo_change_list_t	*topo_tail = NULL;
6359 		mptsas_topo_change_list_t	*topo_node = NULL;
6360 		mptsas_target_t			*ptgt;
6361 		mptsas_smp_t			*psmp;
6362 		mptsas_hash_table_t		*tgttbl, *smptbl;
6363 		uint8_t				flags = 0, exp_flag;
6364 		smhba_info_t			*pSmhba = NULL;
6365 
6366 		NDBG20(("mptsas_handle_event_sync: SAS topology change"));
6367 
6368 		tgttbl = &mpt->m_active->m_tgttbl;
6369 		smptbl = &mpt->m_active->m_smptbl;
6370 
6371 		sas_topo_change_list = (pMpi2EventDataSasTopologyChangeList_t)
6372 		    eventreply->EventData;
6373 
6374 		enc_handle = ddi_get16(mpt->m_acc_reply_frame_hdl,
6375 		    &sas_topo_change_list->EnclosureHandle);
6376 		expd_handle = ddi_get16(mpt->m_acc_reply_frame_hdl,
6377 		    &sas_topo_change_list->ExpanderDevHandle);
6378 		num_entries = ddi_get8(mpt->m_acc_reply_frame_hdl,
6379 		    &sas_topo_change_list->NumEntries);
6380 		start_phy_num = ddi_get8(mpt->m_acc_reply_frame_hdl,
6381 		    &sas_topo_change_list->StartPhyNum);
6382 		expstatus = ddi_get8(mpt->m_acc_reply_frame_hdl,
6383 		    &sas_topo_change_list->ExpStatus);
6384 		physport = ddi_get8(mpt->m_acc_reply_frame_hdl,
6385 		    &sas_topo_change_list->PhysicalPort);
6386 
6387 		string[0] = 0;
6388 		if (expd_handle) {
6389 			flags = MPTSAS_TOPO_FLAG_EXPANDER_ASSOCIATED;
6390 			switch (expstatus) {
6391 			case MPI2_EVENT_SAS_TOPO_ES_ADDED:
6392 				(void) sprintf(string, " added");
6393 				/*
6394 				 * New expander device added
6395 				 */
6396 				mpt->m_port_chng = 1;
6397 				topo_node = kmem_zalloc(
6398 				    sizeof (mptsas_topo_change_list_t),
6399 				    KM_SLEEP);
6400 				topo_node->mpt = mpt;
6401 				topo_node->event = MPTSAS_DR_EVENT_RECONFIG_SMP;
6402 				topo_node->un.physport = physport;
6403 				topo_node->devhdl = expd_handle;
6404 				topo_node->flags = flags;
6405 				topo_node->object = NULL;
6406 				if (topo_head == NULL) {
6407 					topo_head = topo_tail = topo_node;
6408 				} else {
6409 					topo_tail->next = topo_node;
6410 					topo_tail = topo_node;
6411 				}
6412 				break;
6413 			case MPI2_EVENT_SAS_TOPO_ES_NOT_RESPONDING:
6414 				(void) sprintf(string, " not responding, "
6415 				    "removed");
6416 				psmp = mptsas_search_by_devhdl(smptbl,
6417 				    expd_handle);
6418 				if (psmp == NULL)
6419 					break;
6420 
6421 				topo_node = kmem_zalloc(
6422 				    sizeof (mptsas_topo_change_list_t),
6423 				    KM_SLEEP);
6424 				topo_node->mpt = mpt;
6425 				topo_node->un.phymask = psmp->m_phymask;
6426 				topo_node->event = MPTSAS_DR_EVENT_OFFLINE_SMP;
6427 				topo_node->devhdl = expd_handle;
6428 				topo_node->flags = flags;
6429 				topo_node->object = NULL;
6430 				if (topo_head == NULL) {
6431 					topo_head = topo_tail = topo_node;
6432 				} else {
6433 					topo_tail->next = topo_node;
6434 					topo_tail = topo_node;
6435 				}
6436 				break;
6437 			case MPI2_EVENT_SAS_TOPO_ES_RESPONDING:
6438 				break;
6439 			case MPI2_EVENT_SAS_TOPO_ES_DELAY_NOT_RESPONDING:
6440 				(void) sprintf(string, " not responding, "
6441 				    "delaying removal");
6442 				break;
6443 			default:
6444 				break;
6445 			}
6446 		} else {
6447 			flags = MPTSAS_TOPO_FLAG_DIRECT_ATTACHED_DEVICE;
6448 		}
6449 
6450 		NDBG20(("SAS TOPOLOGY CHANGE for enclosure %x expander %x%s\n",
6451 		    enc_handle, expd_handle, string));
6452 		for (i = 0; i < num_entries; i++) {
6453 			phy = i + start_phy_num;
6454 			phystatus = ddi_get8(mpt->m_acc_reply_frame_hdl,
6455 			    &sas_topo_change_list->PHY[i].PhyStatus);
6456 			dev_handle = ddi_get16(mpt->m_acc_reply_frame_hdl,
6457 			    &sas_topo_change_list->PHY[i].AttachedDevHandle);
6458 			reason_code = phystatus & MPI2_EVENT_SAS_TOPO_RC_MASK;
6459 			/*
6460 			 * Filter out processing of Phy Vacant Status unless
6461 			 * the reason code is "Not Responding".  Process all
6462 			 * other combinations of Phy Status and Reason Codes.
6463 			 */
6464 			if ((phystatus &
6465 			    MPI2_EVENT_SAS_TOPO_PHYSTATUS_VACANT) &&
6466 			    (reason_code !=
6467 			    MPI2_EVENT_SAS_TOPO_RC_TARG_NOT_RESPONDING)) {
6468 				continue;
6469 			}
6470 			curr[0] = 0;
6471 			prev[0] = 0;
6472 			string[0] = 0;
6473 			switch (reason_code) {
6474 			case MPI2_EVENT_SAS_TOPO_RC_TARG_ADDED:
6475 			{
6476 				NDBG20(("mptsas%d phy %d physical_port %d "
6477 				    "dev_handle %d added", mpt->m_instance, phy,
6478 				    physport, dev_handle));
6479 				link_rate = ddi_get8(mpt->m_acc_reply_frame_hdl,
6480 				    &sas_topo_change_list->PHY[i].LinkRate);
6481 				state = (link_rate &
6482 				    MPI2_EVENT_SAS_TOPO_LR_CURRENT_MASK) >>
6483 				    MPI2_EVENT_SAS_TOPO_LR_CURRENT_SHIFT;
6484 				switch (state) {
6485 				case MPI2_EVENT_SAS_TOPO_LR_PHY_DISABLED:
6486 					(void) sprintf(curr, "is disabled");
6487 					break;
6488 				case MPI2_EVENT_SAS_TOPO_LR_NEGOTIATION_FAILED:
6489 					(void) sprintf(curr, "is offline, "
6490 					    "failed speed negotiation");
6491 					break;
6492 				case MPI2_EVENT_SAS_TOPO_LR_SATA_OOB_COMPLETE:
6493 					(void) sprintf(curr, "SATA OOB "
6494 					    "complete");
6495 					break;
6496 				case SMP_RESET_IN_PROGRESS:
6497 					(void) sprintf(curr, "SMP reset in "
6498 					    "progress");
6499 					break;
6500 				case MPI2_EVENT_SAS_TOPO_LR_RATE_1_5:
6501 					(void) sprintf(curr, "is online at "
6502 					    "1.5 Gbps");
6503 					break;
6504 				case MPI2_EVENT_SAS_TOPO_LR_RATE_3_0:
6505 					(void) sprintf(curr, "is online at 3.0 "
6506 					    "Gbps");
6507 					break;
6508 				case MPI2_EVENT_SAS_TOPO_LR_RATE_6_0:
6509 					(void) sprintf(curr, "is online at 6.0 "
6510 					    "Gbps");
6511 					break;
6512 				default:
6513 					(void) sprintf(curr, "state is "
6514 					    "unknown");
6515 					break;
6516 				}
6517 				/*
6518 				 * New target device added into the system.
6519 				 * Set association flag according to if an
6520 				 * expander is used or not.
6521 				 */
6522 				exp_flag =
6523 				    MPTSAS_TOPO_FLAG_EXPANDER_ATTACHED_DEVICE;
6524 				if (flags ==
6525 				    MPTSAS_TOPO_FLAG_EXPANDER_ASSOCIATED) {
6526 					flags = exp_flag;
6527 				}
6528 				topo_node = kmem_zalloc(
6529 				    sizeof (mptsas_topo_change_list_t),
6530 				    KM_SLEEP);
6531 				topo_node->mpt = mpt;
6532 				topo_node->event =
6533 				    MPTSAS_DR_EVENT_RECONFIG_TARGET;
6534 				if (expd_handle == 0) {
6535 					/*
6536 					 * Per MPI 2, if expander dev handle
6537 					 * is 0, it's a directly attached
6538 					 * device. So driver use PHY to decide
6539 					 * which iport is associated
6540 					 */
6541 					physport = phy;
6542 					mpt->m_port_chng = 1;
6543 				}
6544 				topo_node->un.physport = physport;
6545 				topo_node->devhdl = dev_handle;
6546 				topo_node->flags = flags;
6547 				topo_node->object = NULL;
6548 				if (topo_head == NULL) {
6549 					topo_head = topo_tail = topo_node;
6550 				} else {
6551 					topo_tail->next = topo_node;
6552 					topo_tail = topo_node;
6553 				}
6554 				break;
6555 			}
6556 			case MPI2_EVENT_SAS_TOPO_RC_TARG_NOT_RESPONDING:
6557 			{
6558 				NDBG20(("mptsas%d phy %d physical_port %d "
6559 				    "dev_handle %d removed", mpt->m_instance,
6560 				    phy, physport, dev_handle));
6561 				/*
6562 				 * Set association flag according to if an
6563 				 * expander is used or not.
6564 				 */
6565 				exp_flag =
6566 				    MPTSAS_TOPO_FLAG_EXPANDER_ATTACHED_DEVICE;
6567 				if (flags ==
6568 				    MPTSAS_TOPO_FLAG_EXPANDER_ASSOCIATED) {
6569 					flags = exp_flag;
6570 				}
6571 				/*
6572 				 * Target device is removed from the system
6573 				 * Before the device is really offline from
6574 				 * from system.
6575 				 */
6576 				ptgt = mptsas_search_by_devhdl(tgttbl,
6577 				    dev_handle);
6578 				/*
6579 				 * If ptgt is NULL here, it means that the
6580 				 * DevHandle is not in the hash table.  This is
6581 				 * reasonable sometimes.  For example, if a
6582 				 * disk was pulled, then added, then pulled
6583 				 * again, the disk will not have been put into
6584 				 * the hash table because the add event will
6585 				 * have an invalid phymask.  BUT, this does not
6586 				 * mean that the DevHandle is invalid.  The
6587 				 * controller will still have a valid DevHandle
6588 				 * that must be removed.  To do this, use the
6589 				 * MPTSAS_TOPO_FLAG_REMOVE_HANDLE event.
6590 				 */
6591 				if (ptgt == NULL) {
6592 					topo_node = kmem_zalloc(
6593 					    sizeof (mptsas_topo_change_list_t),
6594 					    KM_SLEEP);
6595 					topo_node->mpt = mpt;
6596 					topo_node->un.phymask = 0;
6597 					topo_node->event =
6598 					    MPTSAS_TOPO_FLAG_REMOVE_HANDLE;
6599 					topo_node->devhdl = dev_handle;
6600 					topo_node->flags = flags;
6601 					topo_node->object = NULL;
6602 					if (topo_head == NULL) {
6603 						topo_head = topo_tail =
6604 						    topo_node;
6605 					} else {
6606 						topo_tail->next = topo_node;
6607 						topo_tail = topo_node;
6608 					}
6609 					break;
6610 				}
6611 
6612 				/*
6613 				 * Update DR flag immediately avoid I/O failure
6614 				 * before failover finish. Pay attention to the
6615 				 * mutex protect, we need grab m_tx_waitq_mutex
6616 				 * during set m_dr_flag because we won't add
6617 				 * the following command into waitq, instead,
6618 				 * we need return TRAN_BUSY in the tran_start
6619 				 * context.
6620 				 */
6621 				mutex_enter(&mpt->m_tx_waitq_mutex);
6622 				ptgt->m_dr_flag = MPTSAS_DR_INTRANSITION;
6623 				mutex_exit(&mpt->m_tx_waitq_mutex);
6624 
6625 				topo_node = kmem_zalloc(
6626 				    sizeof (mptsas_topo_change_list_t),
6627 				    KM_SLEEP);
6628 				topo_node->mpt = mpt;
6629 				topo_node->un.phymask = ptgt->m_phymask;
6630 				topo_node->event =
6631 				    MPTSAS_DR_EVENT_OFFLINE_TARGET;
6632 				topo_node->devhdl = dev_handle;
6633 				topo_node->flags = flags;
6634 				topo_node->object = NULL;
6635 				if (topo_head == NULL) {
6636 					topo_head = topo_tail = topo_node;
6637 				} else {
6638 					topo_tail->next = topo_node;
6639 					topo_tail = topo_node;
6640 				}
6641 				break;
6642 			}
6643 			case MPI2_EVENT_SAS_TOPO_RC_PHY_CHANGED:
6644 				link_rate = ddi_get8(mpt->m_acc_reply_frame_hdl,
6645 				    &sas_topo_change_list->PHY[i].LinkRate);
6646 				state = (link_rate &
6647 				    MPI2_EVENT_SAS_TOPO_LR_CURRENT_MASK) >>
6648 				    MPI2_EVENT_SAS_TOPO_LR_CURRENT_SHIFT;
6649 				pSmhba = &mpt->m_phy_info[i].smhba_info;
6650 				pSmhba->negotiated_link_rate = state;
6651 				switch (state) {
6652 				case MPI2_EVENT_SAS_TOPO_LR_PHY_DISABLED:
6653 					(void) sprintf(curr, "is disabled");
6654 					mptsas_smhba_log_sysevent(mpt,
6655 					    ESC_SAS_PHY_EVENT,
6656 					    SAS_PHY_REMOVE,
6657 					    &mpt->m_phy_info[i].smhba_info);
6658 					mpt->m_phy_info[i].smhba_info.
6659 					    negotiated_link_rate
6660 					    = 0x1;
6661 					break;
6662 				case MPI2_EVENT_SAS_TOPO_LR_NEGOTIATION_FAILED:
6663 					(void) sprintf(curr, "is offline, "
6664 					    "failed speed negotiation");
6665 					mptsas_smhba_log_sysevent(mpt,
6666 					    ESC_SAS_PHY_EVENT,
6667 					    SAS_PHY_OFFLINE,
6668 					    &mpt->m_phy_info[i].smhba_info);
6669 					break;
6670 				case MPI2_EVENT_SAS_TOPO_LR_SATA_OOB_COMPLETE:
6671 					(void) sprintf(curr, "SATA OOB "
6672 					    "complete");
6673 					break;
6674 				case SMP_RESET_IN_PROGRESS:
6675 					(void) sprintf(curr, "SMP reset in "
6676 					    "progress");
6677 					break;
6678 				case MPI2_EVENT_SAS_TOPO_LR_RATE_1_5:
6679 					(void) sprintf(curr, "is online at "
6680 					    "1.5 Gbps");
6681 					if ((expd_handle == 0) &&
6682 					    (enc_handle == 1)) {
6683 						mpt->m_port_chng = 1;
6684 					}
6685 					mptsas_smhba_log_sysevent(mpt,
6686 					    ESC_SAS_PHY_EVENT,
6687 					    SAS_PHY_ONLINE,
6688 					    &mpt->m_phy_info[i].smhba_info);
6689 					break;
6690 				case MPI2_EVENT_SAS_TOPO_LR_RATE_3_0:
6691 					(void) sprintf(curr, "is online at 3.0 "
6692 					    "Gbps");
6693 					if ((expd_handle == 0) &&
6694 					    (enc_handle == 1)) {
6695 						mpt->m_port_chng = 1;
6696 					}
6697 					mptsas_smhba_log_sysevent(mpt,
6698 					    ESC_SAS_PHY_EVENT,
6699 					    SAS_PHY_ONLINE,
6700 					    &mpt->m_phy_info[i].smhba_info);
6701 					break;
6702 				case MPI2_EVENT_SAS_TOPO_LR_RATE_6_0:
6703 					(void) sprintf(curr, "is online at "
6704 					    "6.0 Gbps");
6705 					if ((expd_handle == 0) &&
6706 					    (enc_handle == 1)) {
6707 						mpt->m_port_chng = 1;
6708 					}
6709 					mptsas_smhba_log_sysevent(mpt,
6710 					    ESC_SAS_PHY_EVENT,
6711 					    SAS_PHY_ONLINE,
6712 					    &mpt->m_phy_info[i].smhba_info);
6713 					break;
6714 				default:
6715 					(void) sprintf(curr, "state is "
6716 					    "unknown");
6717 					break;
6718 				}
6719 
6720 				state = (link_rate &
6721 				    MPI2_EVENT_SAS_TOPO_LR_PREV_MASK) >>
6722 				    MPI2_EVENT_SAS_TOPO_LR_PREV_SHIFT;
6723 				switch (state) {
6724 				case MPI2_EVENT_SAS_TOPO_LR_PHY_DISABLED:
6725 					(void) sprintf(prev, ", was disabled");
6726 					break;
6727 				case MPI2_EVENT_SAS_TOPO_LR_NEGOTIATION_FAILED:
6728 					(void) sprintf(prev, ", was offline, "
6729 					    "failed speed negotiation");
6730 					break;
6731 				case MPI2_EVENT_SAS_TOPO_LR_SATA_OOB_COMPLETE:
6732 					(void) sprintf(prev, ", was SATA OOB "
6733 					    "complete");
6734 					break;
6735 				case SMP_RESET_IN_PROGRESS:
6736 					(void) sprintf(prev, ", was SMP reset "
6737 					    "in progress");
6738 					break;
6739 				case MPI2_EVENT_SAS_TOPO_LR_RATE_1_5:
6740 					(void) sprintf(prev, ", was online at "
6741 					    "1.5 Gbps");
6742 					break;
6743 				case MPI2_EVENT_SAS_TOPO_LR_RATE_3_0:
6744 					(void) sprintf(prev, ", was online at "
6745 					    "3.0 Gbps");
6746 					break;
6747 				case MPI2_EVENT_SAS_TOPO_LR_RATE_6_0:
6748 					(void) sprintf(prev, ", was online at "
6749 					    "6.0 Gbps");
6750 					break;
6751 				default:
6752 				break;
6753 				}
6754 				(void) sprintf(&string[strlen(string)], "link "
6755 				    "changed, ");
6756 				break;
6757 			case MPI2_EVENT_SAS_TOPO_RC_NO_CHANGE:
6758 				continue;
6759 			case MPI2_EVENT_SAS_TOPO_RC_DELAY_NOT_RESPONDING:
6760 				(void) sprintf(&string[strlen(string)],
6761 				    "target not responding, delaying "
6762 				    "removal");
6763 				break;
6764 			}
6765 			NDBG20(("mptsas%d phy %d DevHandle %x, %s%s%s\n",
6766 			    mpt->m_instance, phy, dev_handle, string, curr,
6767 			    prev));
6768 		}
6769 		if (topo_head != NULL) {
6770 			/*
6771 			 * Launch DR taskq to handle topology change
6772 			 */
6773 			if ((ddi_taskq_dispatch(mpt->m_dr_taskq,
6774 			    mptsas_handle_dr, (void *)topo_head,
6775 			    DDI_NOSLEEP)) != DDI_SUCCESS) {
6776 				mptsas_log(mpt, CE_NOTE, "mptsas start taskq "
6777 				    "for handle SAS DR event failed. \n");
6778 			}
6779 		}
6780 		break;
6781 	}
6782 	case MPI2_EVENT_IR_CONFIGURATION_CHANGE_LIST:
6783 	{
6784 		Mpi2EventDataIrConfigChangeList_t	*irChangeList;
6785 		mptsas_topo_change_list_t		*topo_head = NULL;
6786 		mptsas_topo_change_list_t		*topo_tail = NULL;
6787 		mptsas_topo_change_list_t		*topo_node = NULL;
6788 		mptsas_target_t				*ptgt;
6789 		mptsas_hash_table_t			*tgttbl;
6790 		uint8_t					num_entries, i, reason;
6791 		uint16_t				volhandle, diskhandle;
6792 
6793 		irChangeList = (pMpi2EventDataIrConfigChangeList_t)
6794 		    eventreply->EventData;
6795 		num_entries = ddi_get8(mpt->m_acc_reply_frame_hdl,
6796 		    &irChangeList->NumElements);
6797 
6798 		tgttbl = &mpt->m_active->m_tgttbl;
6799 
6800 		NDBG20(("mptsas%d IR_CONFIGURATION_CHANGE_LIST event received",
6801 		    mpt->m_instance));
6802 
6803 		for (i = 0; i < num_entries; i++) {
6804 			reason = ddi_get8(mpt->m_acc_reply_frame_hdl,
6805 			    &irChangeList->ConfigElement[i].ReasonCode);
6806 			volhandle = ddi_get16(mpt->m_acc_reply_frame_hdl,
6807 			    &irChangeList->ConfigElement[i].VolDevHandle);
6808 			diskhandle = ddi_get16(mpt->m_acc_reply_frame_hdl,
6809 			    &irChangeList->ConfigElement[i].PhysDiskDevHandle);
6810 
6811 			switch (reason) {
6812 			case MPI2_EVENT_IR_CHANGE_RC_ADDED:
6813 			case MPI2_EVENT_IR_CHANGE_RC_VOLUME_CREATED:
6814 			{
6815 				NDBG20(("mptsas %d volume added\n",
6816 				    mpt->m_instance));
6817 
6818 				topo_node = kmem_zalloc(
6819 				    sizeof (mptsas_topo_change_list_t),
6820 				    KM_SLEEP);
6821 
6822 				topo_node->mpt = mpt;
6823 				topo_node->event =
6824 				    MPTSAS_DR_EVENT_RECONFIG_TARGET;
6825 				topo_node->un.physport = 0xff;
6826 				topo_node->devhdl = volhandle;
6827 				topo_node->flags =
6828 				    MPTSAS_TOPO_FLAG_RAID_ASSOCIATED;
6829 				topo_node->object = NULL;
6830 				if (topo_head == NULL) {
6831 					topo_head = topo_tail = topo_node;
6832 				} else {
6833 					topo_tail->next = topo_node;
6834 					topo_tail = topo_node;
6835 				}
6836 				break;
6837 			}
6838 			case MPI2_EVENT_IR_CHANGE_RC_REMOVED:
6839 			case MPI2_EVENT_IR_CHANGE_RC_VOLUME_DELETED:
6840 			{
6841 				NDBG20(("mptsas %d volume deleted\n",
6842 				    mpt->m_instance));
6843 				ptgt = mptsas_search_by_devhdl(tgttbl,
6844 				    volhandle);
6845 				if (ptgt == NULL)
6846 					break;
6847 
6848 				/*
6849 				 * Clear any flags related to volume
6850 				 */
6851 				(void) mptsas_delete_volume(mpt, volhandle);
6852 
6853 				/*
6854 				 * Update DR flag immediately avoid I/O failure
6855 				 */
6856 				mutex_enter(&mpt->m_tx_waitq_mutex);
6857 				ptgt->m_dr_flag = MPTSAS_DR_INTRANSITION;
6858 				mutex_exit(&mpt->m_tx_waitq_mutex);
6859 
6860 				topo_node = kmem_zalloc(
6861 				    sizeof (mptsas_topo_change_list_t),
6862 				    KM_SLEEP);
6863 				topo_node->mpt = mpt;
6864 				topo_node->un.phymask = ptgt->m_phymask;
6865 				topo_node->event =
6866 				    MPTSAS_DR_EVENT_OFFLINE_TARGET;
6867 				topo_node->devhdl = volhandle;
6868 				topo_node->flags =
6869 				    MPTSAS_TOPO_FLAG_RAID_ASSOCIATED;
6870 				topo_node->object = (void *)ptgt;
6871 				if (topo_head == NULL) {
6872 					topo_head = topo_tail = topo_node;
6873 				} else {
6874 					topo_tail->next = topo_node;
6875 					topo_tail = topo_node;
6876 				}
6877 				break;
6878 			}
6879 			case MPI2_EVENT_IR_CHANGE_RC_PD_CREATED:
6880 			case MPI2_EVENT_IR_CHANGE_RC_HIDE:
6881 			{
6882 				ptgt = mptsas_search_by_devhdl(tgttbl,
6883 				    diskhandle);
6884 				if (ptgt == NULL)
6885 					break;
6886 
6887 				/*
6888 				 * Update DR flag immediately avoid I/O failure
6889 				 */
6890 				mutex_enter(&mpt->m_tx_waitq_mutex);
6891 				ptgt->m_dr_flag = MPTSAS_DR_INTRANSITION;
6892 				mutex_exit(&mpt->m_tx_waitq_mutex);
6893 
6894 				topo_node = kmem_zalloc(
6895 				    sizeof (mptsas_topo_change_list_t),
6896 				    KM_SLEEP);
6897 				topo_node->mpt = mpt;
6898 				topo_node->un.phymask = ptgt->m_phymask;
6899 				topo_node->event =
6900 				    MPTSAS_DR_EVENT_OFFLINE_TARGET;
6901 				topo_node->devhdl = diskhandle;
6902 				topo_node->flags =
6903 				    MPTSAS_TOPO_FLAG_RAID_PHYSDRV_ASSOCIATED;
6904 				topo_node->object = (void *)ptgt;
6905 				if (topo_head == NULL) {
6906 					topo_head = topo_tail = topo_node;
6907 				} else {
6908 					topo_tail->next = topo_node;
6909 					topo_tail = topo_node;
6910 				}
6911 				break;
6912 			}
6913 			case MPI2_EVENT_IR_CHANGE_RC_UNHIDE:
6914 			case MPI2_EVENT_IR_CHANGE_RC_PD_DELETED:
6915 			{
6916 				/*
6917 				 * The physical drive is released by a IR
6918 				 * volume. But we cannot get the the physport
6919 				 * or phynum from the event data, so we only
6920 				 * can get the physport/phynum after SAS
6921 				 * Device Page0 request for the devhdl.
6922 				 */
6923 				topo_node = kmem_zalloc(
6924 				    sizeof (mptsas_topo_change_list_t),
6925 				    KM_SLEEP);
6926 				topo_node->mpt = mpt;
6927 				topo_node->un.phymask = 0;
6928 				topo_node->event =
6929 				    MPTSAS_DR_EVENT_RECONFIG_TARGET;
6930 				topo_node->devhdl = diskhandle;
6931 				topo_node->flags =
6932 				    MPTSAS_TOPO_FLAG_RAID_PHYSDRV_ASSOCIATED;
6933 				topo_node->object = NULL;
6934 				mpt->m_port_chng = 1;
6935 				if (topo_head == NULL) {
6936 					topo_head = topo_tail = topo_node;
6937 				} else {
6938 					topo_tail->next = topo_node;
6939 					topo_tail = topo_node;
6940 				}
6941 				break;
6942 			}
6943 			default:
6944 				break;
6945 			}
6946 		}
6947 
6948 		if (topo_head != NULL) {
6949 			/*
6950 			 * Launch DR taskq to handle topology change
6951 			 */
6952 			if ((ddi_taskq_dispatch(mpt->m_dr_taskq,
6953 			    mptsas_handle_dr, (void *)topo_head,
6954 			    DDI_NOSLEEP)) != DDI_SUCCESS) {
6955 				mptsas_log(mpt, CE_NOTE, "mptsas start taskq "
6956 				    "for handle SAS DR event failed. \n");
6957 			}
6958 		}
6959 		break;
6960 	}
6961 	default:
6962 		return (DDI_FAILURE);
6963 	}
6964 
6965 	return (DDI_SUCCESS);
6966 }
6967 
6968 /*
6969  * handle events from ioc
6970  */
6971 static void
6972 mptsas_handle_event(void *args)
6973 {
6974 	m_replyh_arg_t			*replyh_arg;
6975 	pMpi2EventNotificationReply_t	eventreply;
6976 	uint32_t			event, iocloginfo, rfm;
6977 	uint32_t			status;
6978 	uint8_t				port;
6979 	mptsas_t			*mpt;
6980 	uint_t				iocstatus;
6981 
6982 	replyh_arg = (m_replyh_arg_t *)args;
6983 	rfm = replyh_arg->rfm;
6984 	mpt = replyh_arg->mpt;
6985 
6986 	mutex_enter(&mpt->m_mutex);
6987 
6988 	eventreply = (pMpi2EventNotificationReply_t)
6989 	    (mpt->m_reply_frame + (rfm - mpt->m_reply_frame_dma_addr));
6990 	event = ddi_get16(mpt->m_acc_reply_frame_hdl, &eventreply->Event);
6991 
6992 	if (iocstatus = ddi_get16(mpt->m_acc_reply_frame_hdl,
6993 	    &eventreply->IOCStatus)) {
6994 		if (iocstatus == MPI2_IOCSTATUS_FLAG_LOG_INFO_AVAILABLE) {
6995 			mptsas_log(mpt, CE_WARN,
6996 			    "!mptsas_handle_event: IOCStatus=0x%x, "
6997 			    "IOCLogInfo=0x%x", iocstatus,
6998 			    ddi_get32(mpt->m_acc_reply_frame_hdl,
6999 			    &eventreply->IOCLogInfo));
7000 		} else {
7001 			mptsas_log(mpt, CE_WARN,
7002 			    "mptsas_handle_event: IOCStatus=0x%x, "
7003 			    "IOCLogInfo=0x%x", iocstatus,
7004 			    ddi_get32(mpt->m_acc_reply_frame_hdl,
7005 			    &eventreply->IOCLogInfo));
7006 		}
7007 	}
7008 
7009 	/*
7010 	 * figure out what kind of event we got and handle accordingly
7011 	 */
7012 	switch (event) {
7013 	case MPI2_EVENT_LOG_ENTRY_ADDED:
7014 		break;
7015 	case MPI2_EVENT_LOG_DATA:
7016 		iocloginfo = ddi_get32(mpt->m_acc_reply_frame_hdl,
7017 		    &eventreply->IOCLogInfo);
7018 		NDBG20(("mptsas %d log info %x received.\n", mpt->m_instance,
7019 		    iocloginfo));
7020 		break;
7021 	case MPI2_EVENT_STATE_CHANGE:
7022 		NDBG20(("mptsas%d state change.", mpt->m_instance));
7023 		break;
7024 	case MPI2_EVENT_HARD_RESET_RECEIVED:
7025 		NDBG20(("mptsas%d event change.", mpt->m_instance));
7026 		break;
7027 	case MPI2_EVENT_SAS_DISCOVERY:
7028 	{
7029 		MPI2_EVENT_DATA_SAS_DISCOVERY	*sasdiscovery;
7030 		char				string[80];
7031 		uint8_t				rc;
7032 
7033 		sasdiscovery =
7034 		    (pMpi2EventDataSasDiscovery_t)eventreply->EventData;
7035 
7036 		rc = ddi_get8(mpt->m_acc_reply_frame_hdl,
7037 		    &sasdiscovery->ReasonCode);
7038 		port = ddi_get8(mpt->m_acc_reply_frame_hdl,
7039 		    &sasdiscovery->PhysicalPort);
7040 		status = ddi_get32(mpt->m_acc_reply_frame_hdl,
7041 		    &sasdiscovery->DiscoveryStatus);
7042 
7043 		string[0] = 0;
7044 		switch (rc) {
7045 		case MPI2_EVENT_SAS_DISC_RC_STARTED:
7046 			(void) sprintf(string, "STARTING");
7047 			break;
7048 		case MPI2_EVENT_SAS_DISC_RC_COMPLETED:
7049 			(void) sprintf(string, "COMPLETED");
7050 			break;
7051 		default:
7052 			(void) sprintf(string, "UNKNOWN");
7053 			break;
7054 		}
7055 
7056 		NDBG20(("SAS DISCOVERY is %s for port %d, status %x", string,
7057 		    port, status));
7058 
7059 		break;
7060 	}
7061 	case MPI2_EVENT_EVENT_CHANGE:
7062 		NDBG20(("mptsas%d event change.", mpt->m_instance));
7063 		break;
7064 	case MPI2_EVENT_TASK_SET_FULL:
7065 	{
7066 		pMpi2EventDataTaskSetFull_t	taskfull;
7067 
7068 		taskfull = (pMpi2EventDataTaskSetFull_t)eventreply->EventData;
7069 
7070 		NDBG20(("TASK_SET_FULL received for mptsas%d, depth %d\n",
7071 		    mpt->m_instance,  ddi_get16(mpt->m_acc_reply_frame_hdl,
7072 		    &taskfull->CurrentDepth)));
7073 		break;
7074 	}
7075 	case MPI2_EVENT_SAS_TOPOLOGY_CHANGE_LIST:
7076 	{
7077 		/*
7078 		 * SAS TOPOLOGY CHANGE LIST Event has already been handled
7079 		 * in mptsas_handle_event_sync() of interrupt context
7080 		 */
7081 		break;
7082 	}
7083 	case MPI2_EVENT_SAS_ENCL_DEVICE_STATUS_CHANGE:
7084 	{
7085 		pMpi2EventDataSasEnclDevStatusChange_t	encstatus;
7086 		uint8_t					rc;
7087 		char					string[80];
7088 
7089 		encstatus = (pMpi2EventDataSasEnclDevStatusChange_t)
7090 		    eventreply->EventData;
7091 
7092 		rc = ddi_get8(mpt->m_acc_reply_frame_hdl,
7093 		    &encstatus->ReasonCode);
7094 		switch (rc) {
7095 		case MPI2_EVENT_SAS_ENCL_RC_ADDED:
7096 			(void) sprintf(string, "added");
7097 			break;
7098 		case MPI2_EVENT_SAS_ENCL_RC_NOT_RESPONDING:
7099 			(void) sprintf(string, ", not responding");
7100 			break;
7101 		default:
7102 		break;
7103 		}
7104 		NDBG20(("mptsas%d ENCLOSURE STATUS CHANGE for enclosure %x%s\n",
7105 		    mpt->m_instance, ddi_get16(mpt->m_acc_reply_frame_hdl,
7106 		    &encstatus->EnclosureHandle), string));
7107 		break;
7108 	}
7109 
7110 	/*
7111 	 * MPI2_EVENT_SAS_DEVICE_STATUS_CHANGE is handled by
7112 	 * mptsas_handle_event_sync,in here just send ack message.
7113 	 */
7114 	case MPI2_EVENT_SAS_DEVICE_STATUS_CHANGE:
7115 	{
7116 		pMpi2EventDataSasDeviceStatusChange_t	statuschange;
7117 		uint8_t					rc;
7118 		uint16_t				devhdl;
7119 		uint64_t				wwn = 0;
7120 		uint32_t				wwn_lo, wwn_hi;
7121 
7122 		statuschange = (pMpi2EventDataSasDeviceStatusChange_t)
7123 		    eventreply->EventData;
7124 		rc = ddi_get8(mpt->m_acc_reply_frame_hdl,
7125 		    &statuschange->ReasonCode);
7126 		wwn_lo = ddi_get32(mpt->m_acc_reply_frame_hdl,
7127 		    (uint32_t *)(void *)&statuschange->SASAddress);
7128 		wwn_hi = ddi_get32(mpt->m_acc_reply_frame_hdl,
7129 		    (uint32_t *)(void *)&statuschange->SASAddress + 1);
7130 		wwn = ((uint64_t)wwn_hi << 32) | wwn_lo;
7131 		devhdl =  ddi_get16(mpt->m_acc_reply_frame_hdl,
7132 		    &statuschange->DevHandle);
7133 
7134 		NDBG13(("MPI2_EVENT_SAS_DEVICE_STATUS_CHANGE wwn is %"PRIx64,
7135 		    wwn));
7136 
7137 		switch (rc) {
7138 		case MPI2_EVENT_SAS_DEV_STAT_RC_SMART_DATA:
7139 			NDBG20(("SMART data received, ASC/ASCQ = %02x/%02x",
7140 			    ddi_get8(mpt->m_acc_reply_frame_hdl,
7141 			    &statuschange->ASC),
7142 			    ddi_get8(mpt->m_acc_reply_frame_hdl,
7143 			    &statuschange->ASCQ)));
7144 			break;
7145 
7146 		case MPI2_EVENT_SAS_DEV_STAT_RC_UNSUPPORTED:
7147 			NDBG20(("Device not supported"));
7148 			break;
7149 
7150 		case MPI2_EVENT_SAS_DEV_STAT_RC_INTERNAL_DEVICE_RESET:
7151 			NDBG20(("IOC internally generated the Target Reset "
7152 			    "for devhdl:%x", devhdl));
7153 			break;
7154 
7155 		case MPI2_EVENT_SAS_DEV_STAT_RC_CMP_INTERNAL_DEV_RESET:
7156 			NDBG20(("IOC's internally generated Target Reset "
7157 			    "completed for devhdl:%x", devhdl));
7158 			break;
7159 
7160 		case MPI2_EVENT_SAS_DEV_STAT_RC_TASK_ABORT_INTERNAL:
7161 			NDBG20(("IOC internally generated Abort Task"));
7162 			break;
7163 
7164 		case MPI2_EVENT_SAS_DEV_STAT_RC_CMP_TASK_ABORT_INTERNAL:
7165 			NDBG20(("IOC's internally generated Abort Task "
7166 			    "completed"));
7167 			break;
7168 
7169 		case MPI2_EVENT_SAS_DEV_STAT_RC_ABORT_TASK_SET_INTERNAL:
7170 			NDBG20(("IOC internally generated Abort Task Set"));
7171 			break;
7172 
7173 		case MPI2_EVENT_SAS_DEV_STAT_RC_CLEAR_TASK_SET_INTERNAL:
7174 			NDBG20(("IOC internally generated Clear Task Set"));
7175 			break;
7176 
7177 		case MPI2_EVENT_SAS_DEV_STAT_RC_QUERY_TASK_INTERNAL:
7178 			NDBG20(("IOC internally generated Query Task"));
7179 			break;
7180 
7181 		case MPI2_EVENT_SAS_DEV_STAT_RC_ASYNC_NOTIFICATION:
7182 			NDBG20(("Device sent an Asynchronous Notification"));
7183 			break;
7184 
7185 		default:
7186 			break;
7187 		}
7188 		break;
7189 	}
7190 	case MPI2_EVENT_IR_CONFIGURATION_CHANGE_LIST:
7191 	{
7192 		/*
7193 		 * IR TOPOLOGY CHANGE LIST Event has already been handled
7194 		 * in mpt_handle_event_sync() of interrupt context
7195 		 */
7196 		break;
7197 	}
7198 	case MPI2_EVENT_IR_OPERATION_STATUS:
7199 	{
7200 		Mpi2EventDataIrOperationStatus_t	*irOpStatus;
7201 		char					reason_str[80];
7202 		uint8_t					rc, percent;
7203 		uint16_t				handle;
7204 
7205 		irOpStatus = (pMpi2EventDataIrOperationStatus_t)
7206 		    eventreply->EventData;
7207 		rc = ddi_get8(mpt->m_acc_reply_frame_hdl,
7208 		    &irOpStatus->RAIDOperation);
7209 		percent = ddi_get8(mpt->m_acc_reply_frame_hdl,
7210 		    &irOpStatus->PercentComplete);
7211 		handle = ddi_get16(mpt->m_acc_reply_frame_hdl,
7212 		    &irOpStatus->VolDevHandle);
7213 
7214 		switch (rc) {
7215 			case MPI2_EVENT_IR_RAIDOP_RESYNC:
7216 				(void) sprintf(reason_str, "resync");
7217 				break;
7218 			case MPI2_EVENT_IR_RAIDOP_ONLINE_CAP_EXPANSION:
7219 				(void) sprintf(reason_str, "online capacity "
7220 				    "expansion");
7221 				break;
7222 			case MPI2_EVENT_IR_RAIDOP_CONSISTENCY_CHECK:
7223 				(void) sprintf(reason_str, "consistency check");
7224 				break;
7225 			default:
7226 				(void) sprintf(reason_str, "unknown reason %x",
7227 				    rc);
7228 		}
7229 
7230 		NDBG20(("mptsas%d raid operational status: (%s)"
7231 		    "\thandle(0x%04x), percent complete(%d)\n",
7232 		    mpt->m_instance, reason_str, handle, percent));
7233 		break;
7234 	}
7235 	case MPI2_EVENT_SAS_BROADCAST_PRIMITIVE:
7236 	{
7237 		pMpi2EventDataSasBroadcastPrimitive_t	sas_broadcast;
7238 		uint8_t					phy_num;
7239 		uint8_t					primitive;
7240 
7241 		sas_broadcast = (pMpi2EventDataSasBroadcastPrimitive_t)
7242 		    eventreply->EventData;
7243 
7244 		phy_num = ddi_get8(mpt->m_acc_reply_frame_hdl,
7245 		    &sas_broadcast->PhyNum);
7246 		primitive = ddi_get8(mpt->m_acc_reply_frame_hdl,
7247 		    &sas_broadcast->Primitive);
7248 
7249 		switch (primitive) {
7250 		case MPI2_EVENT_PRIMITIVE_CHANGE:
7251 			mptsas_smhba_log_sysevent(mpt,
7252 			    ESC_SAS_HBA_PORT_BROADCAST,
7253 			    SAS_PORT_BROADCAST_CHANGE,
7254 			    &mpt->m_phy_info[phy_num].smhba_info);
7255 			break;
7256 		case MPI2_EVENT_PRIMITIVE_SES:
7257 			mptsas_smhba_log_sysevent(mpt,
7258 			    ESC_SAS_HBA_PORT_BROADCAST,
7259 			    SAS_PORT_BROADCAST_SES,
7260 			    &mpt->m_phy_info[phy_num].smhba_info);
7261 			break;
7262 		case MPI2_EVENT_PRIMITIVE_EXPANDER:
7263 			mptsas_smhba_log_sysevent(mpt,
7264 			    ESC_SAS_HBA_PORT_BROADCAST,
7265 			    SAS_PORT_BROADCAST_D01_4,
7266 			    &mpt->m_phy_info[phy_num].smhba_info);
7267 			break;
7268 		case MPI2_EVENT_PRIMITIVE_ASYNCHRONOUS_EVENT:
7269 			mptsas_smhba_log_sysevent(mpt,
7270 			    ESC_SAS_HBA_PORT_BROADCAST,
7271 			    SAS_PORT_BROADCAST_D04_7,
7272 			    &mpt->m_phy_info[phy_num].smhba_info);
7273 			break;
7274 		case MPI2_EVENT_PRIMITIVE_RESERVED3:
7275 			mptsas_smhba_log_sysevent(mpt,
7276 			    ESC_SAS_HBA_PORT_BROADCAST,
7277 			    SAS_PORT_BROADCAST_D16_7,
7278 			    &mpt->m_phy_info[phy_num].smhba_info);
7279 			break;
7280 		case MPI2_EVENT_PRIMITIVE_RESERVED4:
7281 			mptsas_smhba_log_sysevent(mpt,
7282 			    ESC_SAS_HBA_PORT_BROADCAST,
7283 			    SAS_PORT_BROADCAST_D29_7,
7284 			    &mpt->m_phy_info[phy_num].smhba_info);
7285 			break;
7286 		case MPI2_EVENT_PRIMITIVE_CHANGE0_RESERVED:
7287 			mptsas_smhba_log_sysevent(mpt,
7288 			    ESC_SAS_HBA_PORT_BROADCAST,
7289 			    SAS_PORT_BROADCAST_D24_0,
7290 			    &mpt->m_phy_info[phy_num].smhba_info);
7291 			break;
7292 		case MPI2_EVENT_PRIMITIVE_CHANGE1_RESERVED:
7293 			mptsas_smhba_log_sysevent(mpt,
7294 			    ESC_SAS_HBA_PORT_BROADCAST,
7295 			    SAS_PORT_BROADCAST_D27_4,
7296 			    &mpt->m_phy_info[phy_num].smhba_info);
7297 			break;
7298 		default:
7299 			NDBG20(("mptsas%d: unknown BROADCAST PRIMITIVE"
7300 			    " %x received",
7301 			    mpt->m_instance, primitive));
7302 			break;
7303 		}
7304 		NDBG20(("mptsas%d sas broadcast primitive: "
7305 		    "\tprimitive(0x%04x), phy(%d) complete\n",
7306 		    mpt->m_instance, primitive, phy_num));
7307 		break;
7308 	}
7309 	case MPI2_EVENT_IR_VOLUME:
7310 	{
7311 		Mpi2EventDataIrVolume_t		*irVolume;
7312 		uint16_t			devhandle;
7313 		uint32_t			state;
7314 		int				config, vol;
7315 		mptsas_slots_t			*slots = mpt->m_active;
7316 		uint8_t				found = FALSE;
7317 
7318 		irVolume = (pMpi2EventDataIrVolume_t)eventreply->EventData;
7319 		state = ddi_get32(mpt->m_acc_reply_frame_hdl,
7320 		    &irVolume->NewValue);
7321 		devhandle = ddi_get16(mpt->m_acc_reply_frame_hdl,
7322 		    &irVolume->VolDevHandle);
7323 
7324 		NDBG20(("EVENT_IR_VOLUME event is received"));
7325 
7326 		/*
7327 		 * Get latest RAID info and then find the DevHandle for this
7328 		 * event in the configuration.  If the DevHandle is not found
7329 		 * just exit the event.
7330 		 */
7331 		(void) mptsas_get_raid_info(mpt);
7332 		for (config = 0; (config < slots->m_num_raid_configs) &&
7333 		    (!found); config++) {
7334 			for (vol = 0; vol < MPTSAS_MAX_RAIDVOLS; vol++) {
7335 				if (slots->m_raidconfig[config].m_raidvol[vol].
7336 				    m_raidhandle == devhandle) {
7337 					found = TRUE;
7338 					break;
7339 				}
7340 			}
7341 		}
7342 		if (!found) {
7343 			break;
7344 		}
7345 
7346 		switch (irVolume->ReasonCode) {
7347 		case MPI2_EVENT_IR_VOLUME_RC_SETTINGS_CHANGED:
7348 		{
7349 			uint32_t i;
7350 			slots->m_raidconfig[config].m_raidvol[vol].m_settings =
7351 			    state;
7352 
7353 			i = state & MPI2_RAIDVOL0_SETTING_MASK_WRITE_CACHING;
7354 			mptsas_log(mpt, CE_NOTE, " Volume %d settings changed"
7355 			    ", auto-config of hot-swap drives is %s"
7356 			    ", write caching is %s"
7357 			    ", hot-spare pool mask is %02x\n",
7358 			    vol, state &
7359 			    MPI2_RAIDVOL0_SETTING_AUTO_CONFIG_HSWAP_DISABLE
7360 			    ? "disabled" : "enabled",
7361 			    i == MPI2_RAIDVOL0_SETTING_UNCHANGED
7362 			    ? "controlled by member disks" :
7363 			    i == MPI2_RAIDVOL0_SETTING_DISABLE_WRITE_CACHING
7364 			    ? "disabled" :
7365 			    i == MPI2_RAIDVOL0_SETTING_ENABLE_WRITE_CACHING
7366 			    ? "enabled" :
7367 			    "incorrectly set",
7368 			    (state >> 16) & 0xff);
7369 				break;
7370 		}
7371 		case MPI2_EVENT_IR_VOLUME_RC_STATE_CHANGED:
7372 		{
7373 			slots->m_raidconfig[config].m_raidvol[vol].m_state =
7374 			    (uint8_t)state;
7375 
7376 			mptsas_log(mpt, CE_NOTE,
7377 			    "Volume %d is now %s\n", vol,
7378 			    state == MPI2_RAID_VOL_STATE_OPTIMAL
7379 			    ? "optimal" :
7380 			    state == MPI2_RAID_VOL_STATE_DEGRADED
7381 			    ? "degraded" :
7382 			    state == MPI2_RAID_VOL_STATE_ONLINE
7383 			    ? "online" :
7384 			    state == MPI2_RAID_VOL_STATE_INITIALIZING
7385 			    ? "initializing" :
7386 			    state == MPI2_RAID_VOL_STATE_FAILED
7387 			    ? "failed" :
7388 			    state == MPI2_RAID_VOL_STATE_MISSING
7389 			    ? "missing" :
7390 			    "state unknown");
7391 			break;
7392 		}
7393 		case MPI2_EVENT_IR_VOLUME_RC_STATUS_FLAGS_CHANGED:
7394 		{
7395 			slots->m_raidconfig[config].m_raidvol[vol].
7396 			    m_statusflags = state;
7397 
7398 			mptsas_log(mpt, CE_NOTE,
7399 			    " Volume %d is now %s%s%s%s%s%s%s%s%s\n",
7400 			    vol,
7401 			    state & MPI2_RAIDVOL0_STATUS_FLAG_ENABLED
7402 			    ? ", enabled" : ", disabled",
7403 			    state & MPI2_RAIDVOL0_STATUS_FLAG_QUIESCED
7404 			    ? ", quiesced" : "",
7405 			    state & MPI2_RAIDVOL0_STATUS_FLAG_VOLUME_INACTIVE
7406 			    ? ", inactive" : ", active",
7407 			    state &
7408 			    MPI2_RAIDVOL0_STATUS_FLAG_BAD_BLOCK_TABLE_FULL
7409 			    ? ", bad block table is full" : "",
7410 			    state &
7411 			    MPI2_RAIDVOL0_STATUS_FLAG_RESYNC_IN_PROGRESS
7412 			    ? ", resync in progress" : "",
7413 			    state & MPI2_RAIDVOL0_STATUS_FLAG_BACKGROUND_INIT
7414 			    ? ", background initialization in progress" : "",
7415 			    state &
7416 			    MPI2_RAIDVOL0_STATUS_FLAG_CAPACITY_EXPANSION
7417 			    ? ", capacity expansion in progress" : "",
7418 			    state &
7419 			    MPI2_RAIDVOL0_STATUS_FLAG_CONSISTENCY_CHECK
7420 			    ? ", consistency check in progress" : "",
7421 			    state & MPI2_RAIDVOL0_STATUS_FLAG_DATA_SCRUB
7422 			    ? ", data scrub in progress" : "");
7423 			break;
7424 		}
7425 		default:
7426 			break;
7427 		}
7428 		break;
7429 	}
7430 	case MPI2_EVENT_IR_PHYSICAL_DISK:
7431 	{
7432 		Mpi2EventDataIrPhysicalDisk_t	*irPhysDisk;
7433 		uint16_t			devhandle, enchandle, slot;
7434 		uint32_t			status, state;
7435 		uint8_t				physdisknum, reason;
7436 
7437 		irPhysDisk = (Mpi2EventDataIrPhysicalDisk_t *)
7438 		    eventreply->EventData;
7439 		physdisknum = ddi_get8(mpt->m_acc_reply_frame_hdl,
7440 		    &irPhysDisk->PhysDiskNum);
7441 		devhandle = ddi_get16(mpt->m_acc_reply_frame_hdl,
7442 		    &irPhysDisk->PhysDiskDevHandle);
7443 		enchandle = ddi_get16(mpt->m_acc_reply_frame_hdl,
7444 		    &irPhysDisk->EnclosureHandle);
7445 		slot = ddi_get16(mpt->m_acc_reply_frame_hdl,
7446 		    &irPhysDisk->Slot);
7447 		state = ddi_get32(mpt->m_acc_reply_frame_hdl,
7448 		    &irPhysDisk->NewValue);
7449 		reason = ddi_get8(mpt->m_acc_reply_frame_hdl,
7450 		    &irPhysDisk->ReasonCode);
7451 
7452 		NDBG20(("EVENT_IR_PHYSICAL_DISK event is received"));
7453 
7454 		switch (reason) {
7455 		case MPI2_EVENT_IR_PHYSDISK_RC_SETTINGS_CHANGED:
7456 			mptsas_log(mpt, CE_NOTE,
7457 			    " PhysDiskNum %d with DevHandle 0x%x in slot %d "
7458 			    "for enclosure with handle 0x%x is now in hot "
7459 			    "spare pool %d",
7460 			    physdisknum, devhandle, slot, enchandle,
7461 			    (state >> 16) & 0xff);
7462 			break;
7463 
7464 		case MPI2_EVENT_IR_PHYSDISK_RC_STATUS_FLAGS_CHANGED:
7465 			status = state;
7466 			mptsas_log(mpt, CE_NOTE,
7467 			    " PhysDiskNum %d with DevHandle 0x%x in slot %d "
7468 			    "for enclosure with handle 0x%x is now "
7469 			    "%s%s%s%s%s\n", physdisknum, devhandle, slot,
7470 			    enchandle,
7471 			    status & MPI2_PHYSDISK0_STATUS_FLAG_INACTIVE_VOLUME
7472 			    ? ", inactive" : ", active",
7473 			    status & MPI2_PHYSDISK0_STATUS_FLAG_OUT_OF_SYNC
7474 			    ? ", out of sync" : "",
7475 			    status & MPI2_PHYSDISK0_STATUS_FLAG_QUIESCED
7476 			    ? ", quiesced" : "",
7477 			    status &
7478 			    MPI2_PHYSDISK0_STATUS_FLAG_WRITE_CACHE_ENABLED
7479 			    ? ", write cache enabled" : "",
7480 			    status & MPI2_PHYSDISK0_STATUS_FLAG_OCE_TARGET
7481 			    ? ", capacity expansion target" : "");
7482 			break;
7483 
7484 		case MPI2_EVENT_IR_PHYSDISK_RC_STATE_CHANGED:
7485 			mptsas_log(mpt, CE_NOTE,
7486 			    " PhysDiskNum %d with DevHandle 0x%x in slot %d "
7487 			    "for enclosure with handle 0x%x is now %s\n",
7488 			    physdisknum, devhandle, slot, enchandle,
7489 			    state == MPI2_RAID_PD_STATE_OPTIMAL
7490 			    ? "optimal" :
7491 			    state == MPI2_RAID_PD_STATE_REBUILDING
7492 			    ? "rebuilding" :
7493 			    state == MPI2_RAID_PD_STATE_DEGRADED
7494 			    ? "degraded" :
7495 			    state == MPI2_RAID_PD_STATE_HOT_SPARE
7496 			    ? "a hot spare" :
7497 			    state == MPI2_RAID_PD_STATE_ONLINE
7498 			    ? "online" :
7499 			    state == MPI2_RAID_PD_STATE_OFFLINE
7500 			    ? "offline" :
7501 			    state == MPI2_RAID_PD_STATE_NOT_COMPATIBLE
7502 			    ? "not compatible" :
7503 			    state == MPI2_RAID_PD_STATE_NOT_CONFIGURED
7504 			    ? "not configured" :
7505 			    "state unknown");
7506 			break;
7507 		}
7508 		break;
7509 	}
7510 	default:
7511 		NDBG20(("mptsas%d: unknown event %x received",
7512 		    mpt->m_instance, event));
7513 		break;
7514 	}
7515 
7516 	/*
7517 	 * Return the reply frame to the free queue.
7518 	 */
7519 	ddi_put32(mpt->m_acc_free_queue_hdl,
7520 	    &((uint32_t *)(void *)mpt->m_free_queue)[mpt->m_free_index], rfm);
7521 	(void) ddi_dma_sync(mpt->m_dma_free_queue_hdl, 0, 0,
7522 	    DDI_DMA_SYNC_FORDEV);
7523 	if (++mpt->m_free_index == mpt->m_free_queue_depth) {
7524 		mpt->m_free_index = 0;
7525 	}
7526 	ddi_put32(mpt->m_datap, &mpt->m_reg->ReplyFreeHostIndex,
7527 	    mpt->m_free_index);
7528 	mutex_exit(&mpt->m_mutex);
7529 }
7530 
7531 /*
7532  * invoked from timeout() to restart qfull cmds with throttle == 0
7533  */
7534 static void
7535 mptsas_restart_cmd(void *arg)
7536 {
7537 	mptsas_t	*mpt = arg;
7538 	mptsas_target_t	*ptgt = NULL;
7539 
7540 	mutex_enter(&mpt->m_mutex);
7541 
7542 	mpt->m_restart_cmd_timeid = 0;
7543 
7544 	ptgt = (mptsas_target_t *)mptsas_hash_traverse(&mpt->m_active->m_tgttbl,
7545 	    MPTSAS_HASH_FIRST);
7546 	while (ptgt != NULL) {
7547 		if (ptgt->m_reset_delay == 0) {
7548 			if (ptgt->m_t_throttle == QFULL_THROTTLE) {
7549 				mptsas_set_throttle(mpt, ptgt,
7550 				    MAX_THROTTLE);
7551 			}
7552 		}
7553 
7554 		ptgt = (mptsas_target_t *)mptsas_hash_traverse(
7555 		    &mpt->m_active->m_tgttbl, MPTSAS_HASH_NEXT);
7556 	}
7557 	mptsas_restart_hba(mpt);
7558 	mutex_exit(&mpt->m_mutex);
7559 }
7560 
7561 void
7562 mptsas_remove_cmd(mptsas_t *mpt, mptsas_cmd_t *cmd)
7563 {
7564 	int		slot;
7565 	mptsas_slots_t	*slots = mpt->m_active;
7566 	int		t;
7567 	mptsas_target_t	*ptgt = cmd->cmd_tgt_addr;
7568 
7569 	ASSERT(cmd != NULL);
7570 	ASSERT(cmd->cmd_queued == FALSE);
7571 
7572 	/*
7573 	 * Task Management cmds are removed in their own routines.  Also,
7574 	 * we don't want to modify timeout based on TM cmds.
7575 	 */
7576 	if (cmd->cmd_flags & CFLAG_TM_CMD) {
7577 		return;
7578 	}
7579 
7580 	t = Tgt(cmd);
7581 	slot = cmd->cmd_slot;
7582 
7583 	/*
7584 	 * remove the cmd.
7585 	 */
7586 	if (cmd == slots->m_slot[slot]) {
7587 		NDBG31(("mptsas_remove_cmd: removing cmd=0x%p", (void *)cmd));
7588 		slots->m_slot[slot] = NULL;
7589 		mpt->m_ncmds--;
7590 
7591 		/*
7592 		 * only decrement per target ncmds if command
7593 		 * has a target associated with it.
7594 		 */
7595 		if ((cmd->cmd_flags & CFLAG_CMDIOC) == 0) {
7596 			ptgt->m_t_ncmds--;
7597 			/*
7598 			 * reset throttle if we just ran an untagged command
7599 			 * to a tagged target
7600 			 */
7601 			if ((ptgt->m_t_ncmds == 0) &&
7602 			    ((cmd->cmd_pkt_flags & FLAG_TAGMASK) == 0)) {
7603 				mptsas_set_throttle(mpt, ptgt, MAX_THROTTLE);
7604 			}
7605 		}
7606 
7607 	}
7608 
7609 	/*
7610 	 * This is all we need to do for ioc commands.
7611 	 */
7612 	if (cmd->cmd_flags & CFLAG_CMDIOC) {
7613 		mptsas_return_to_pool(mpt, cmd);
7614 		return;
7615 	}
7616 
7617 	/*
7618 	 * Figure out what to set tag Q timeout for...
7619 	 *
7620 	 * Optimize: If we have duplicate's of same timeout
7621 	 * we're using, then we'll use it again until we run
7622 	 * out of duplicates.  This should be the normal case
7623 	 * for block and raw I/O.
7624 	 * If no duplicates, we have to scan through tag que and
7625 	 * find the longest timeout value and use it.  This is
7626 	 * going to take a while...
7627 	 * Add 1 to m_n_slots to account for TM request.
7628 	 */
7629 	if (cmd->cmd_pkt->pkt_time == ptgt->m_timebase) {
7630 		if (--(ptgt->m_dups) == 0) {
7631 			if (ptgt->m_t_ncmds) {
7632 				mptsas_cmd_t *ssp;
7633 				uint_t n = 0;
7634 				ushort_t nslots = (slots->m_n_slots + 1);
7635 				ushort_t i;
7636 				/*
7637 				 * This crude check assumes we don't do
7638 				 * this too often which seems reasonable
7639 				 * for block and raw I/O.
7640 				 */
7641 				for (i = 0; i < nslots; i++) {
7642 					ssp = slots->m_slot[i];
7643 					if (ssp && (Tgt(ssp) == t) &&
7644 					    (ssp->cmd_pkt->pkt_time > n)) {
7645 						n = ssp->cmd_pkt->pkt_time;
7646 						ptgt->m_dups = 1;
7647 					} else if (ssp && (Tgt(ssp) == t) &&
7648 					    (ssp->cmd_pkt->pkt_time == n)) {
7649 						ptgt->m_dups++;
7650 					}
7651 				}
7652 				ptgt->m_timebase = n;
7653 			} else {
7654 				ptgt->m_dups = 0;
7655 				ptgt->m_timebase = 0;
7656 			}
7657 		}
7658 	}
7659 	ptgt->m_timeout = ptgt->m_timebase;
7660 
7661 	ASSERT(cmd != slots->m_slot[cmd->cmd_slot]);
7662 }
7663 
7664 /*
7665  * accept all cmds on the tx_waitq if any and then
7666  * start a fresh request from the top of the device queue.
7667  *
7668  * since there are always cmds queued on the tx_waitq, and rare cmds on
7669  * the instance waitq, so this function should not be invoked in the ISR,
7670  * the mptsas_restart_waitq() is invoked in the ISR instead. otherwise, the
7671  * burden belongs to the IO dispatch CPUs is moved the interrupt CPU.
7672  */
7673 static void
7674 mptsas_restart_hba(mptsas_t *mpt)
7675 {
7676 	ASSERT(mutex_owned(&mpt->m_mutex));
7677 
7678 	mutex_enter(&mpt->m_tx_waitq_mutex);
7679 	if (mpt->m_tx_waitq) {
7680 		mptsas_accept_tx_waitq(mpt);
7681 	}
7682 	mutex_exit(&mpt->m_tx_waitq_mutex);
7683 	mptsas_restart_waitq(mpt);
7684 }
7685 
7686 /*
7687  * start a fresh request from the top of the device queue
7688  */
7689 static void
7690 mptsas_restart_waitq(mptsas_t *mpt)
7691 {
7692 	mptsas_cmd_t	*cmd, *next_cmd;
7693 	mptsas_target_t *ptgt = NULL;
7694 
7695 	NDBG1(("mptsas_restart_waitq: mpt=0x%p", (void *)mpt));
7696 
7697 	ASSERT(mutex_owned(&mpt->m_mutex));
7698 
7699 	/*
7700 	 * If there is a reset delay, don't start any cmds.  Otherwise, start
7701 	 * as many cmds as possible.
7702 	 * Since SMID 0 is reserved and the TM slot is reserved, the actual max
7703 	 * commands is m_max_requests - 2.
7704 	 */
7705 	cmd = mpt->m_waitq;
7706 
7707 	while (cmd != NULL) {
7708 		next_cmd = cmd->cmd_linkp;
7709 		if (cmd->cmd_flags & CFLAG_PASSTHRU) {
7710 			if (mptsas_save_cmd(mpt, cmd) == TRUE) {
7711 				/*
7712 				 * passthru command get slot need
7713 				 * set CFLAG_PREPARED.
7714 				 */
7715 				cmd->cmd_flags |= CFLAG_PREPARED;
7716 				mptsas_waitq_delete(mpt, cmd);
7717 				mptsas_start_passthru(mpt, cmd);
7718 			}
7719 			cmd = next_cmd;
7720 			continue;
7721 		}
7722 		if (cmd->cmd_flags & CFLAG_CONFIG) {
7723 			if (mptsas_save_cmd(mpt, cmd) == TRUE) {
7724 				/*
7725 				 * Send the config page request and delete it
7726 				 * from the waitq.
7727 				 */
7728 				cmd->cmd_flags |= CFLAG_PREPARED;
7729 				mptsas_waitq_delete(mpt, cmd);
7730 				mptsas_start_config_page_access(mpt, cmd);
7731 			}
7732 			cmd = next_cmd;
7733 			continue;
7734 		}
7735 		if (cmd->cmd_flags & CFLAG_FW_DIAG) {
7736 			if (mptsas_save_cmd(mpt, cmd) == TRUE) {
7737 				/*
7738 				 * Send the FW Diag request and delete if from
7739 				 * the waitq.
7740 				 */
7741 				cmd->cmd_flags |= CFLAG_PREPARED;
7742 				mptsas_waitq_delete(mpt, cmd);
7743 				mptsas_start_diag(mpt, cmd);
7744 			}
7745 			cmd = next_cmd;
7746 			continue;
7747 		}
7748 
7749 		ptgt = cmd->cmd_tgt_addr;
7750 		if (ptgt && (ptgt->m_t_throttle == DRAIN_THROTTLE) &&
7751 		    (ptgt->m_t_ncmds == 0)) {
7752 			mptsas_set_throttle(mpt, ptgt, MAX_THROTTLE);
7753 		}
7754 		if ((mpt->m_ncmds <= (mpt->m_max_requests - 2)) &&
7755 		    (ptgt && (ptgt->m_reset_delay == 0)) &&
7756 		    (ptgt && (ptgt->m_t_ncmds <
7757 		    ptgt->m_t_throttle))) {
7758 			if (mptsas_save_cmd(mpt, cmd) == TRUE) {
7759 				mptsas_waitq_delete(mpt, cmd);
7760 				(void) mptsas_start_cmd(mpt, cmd);
7761 			}
7762 		}
7763 		cmd = next_cmd;
7764 	}
7765 }
7766 /*
7767  * Cmds are queued if tran_start() doesn't get the m_mutexlock(no wait).
7768  * Accept all those queued cmds before new cmd is accept so that the
7769  * cmds are sent in order.
7770  */
7771 static void
7772 mptsas_accept_tx_waitq(mptsas_t *mpt)
7773 {
7774 	mptsas_cmd_t *cmd;
7775 
7776 	ASSERT(mutex_owned(&mpt->m_mutex));
7777 	ASSERT(mutex_owned(&mpt->m_tx_waitq_mutex));
7778 
7779 	/*
7780 	 * A Bus Reset could occur at any time and flush the tx_waitq,
7781 	 * so we cannot count on the tx_waitq to contain even one cmd.
7782 	 * And when the m_tx_waitq_mutex is released and run
7783 	 * mptsas_accept_pkt(), the tx_waitq may be flushed.
7784 	 */
7785 	cmd = mpt->m_tx_waitq;
7786 	for (;;) {
7787 		if ((cmd = mpt->m_tx_waitq) == NULL) {
7788 			mpt->m_tx_draining = 0;
7789 			break;
7790 		}
7791 		if ((mpt->m_tx_waitq = cmd->cmd_linkp) == NULL) {
7792 			mpt->m_tx_waitqtail = &mpt->m_tx_waitq;
7793 		}
7794 		cmd->cmd_linkp = NULL;
7795 		mutex_exit(&mpt->m_tx_waitq_mutex);
7796 		if (mptsas_accept_pkt(mpt, cmd) != TRAN_ACCEPT)
7797 			cmn_err(CE_WARN, "mpt: mptsas_accept_tx_waitq: failed "
7798 			    "to accept cmd on queue\n");
7799 		mutex_enter(&mpt->m_tx_waitq_mutex);
7800 	}
7801 }
7802 
7803 
7804 /*
7805  * mpt tag type lookup
7806  */
7807 static char mptsas_tag_lookup[] =
7808 	{0, MSG_HEAD_QTAG, MSG_ORDERED_QTAG, 0, MSG_SIMPLE_QTAG};
7809 
7810 static int
7811 mptsas_start_cmd(mptsas_t *mpt, mptsas_cmd_t *cmd)
7812 {
7813 	struct scsi_pkt		*pkt = CMD2PKT(cmd);
7814 	uint32_t		control = 0;
7815 	int			n;
7816 	caddr_t			mem;
7817 	pMpi2SCSIIORequest_t	io_request;
7818 	ddi_dma_handle_t	dma_hdl = mpt->m_dma_req_frame_hdl;
7819 	ddi_acc_handle_t	acc_hdl = mpt->m_acc_req_frame_hdl;
7820 	mptsas_target_t		*ptgt = cmd->cmd_tgt_addr;
7821 	uint16_t		SMID, io_flags = 0;
7822 	uint32_t		request_desc_low, request_desc_high;
7823 
7824 	NDBG1(("mptsas_start_cmd: cmd=0x%p", (void *)cmd));
7825 
7826 	/*
7827 	 * Set SMID and increment index.  Rollover to 1 instead of 0 if index
7828 	 * is at the max.  0 is an invalid SMID, so we call the first index 1.
7829 	 */
7830 	SMID = cmd->cmd_slot;
7831 
7832 	/*
7833 	 * It is possible for back to back device reset to
7834 	 * happen before the reset delay has expired.  That's
7835 	 * ok, just let the device reset go out on the bus.
7836 	 */
7837 	if ((cmd->cmd_pkt_flags & FLAG_NOINTR) == 0) {
7838 		ASSERT(ptgt->m_reset_delay == 0);
7839 	}
7840 
7841 	/*
7842 	 * if a non-tagged cmd is submitted to an active tagged target
7843 	 * then drain before submitting this cmd; SCSI-2 allows RQSENSE
7844 	 * to be untagged
7845 	 */
7846 	if (((cmd->cmd_pkt_flags & FLAG_TAGMASK) == 0) &&
7847 	    (ptgt->m_t_ncmds > 1) &&
7848 	    ((cmd->cmd_flags & CFLAG_TM_CMD) == 0) &&
7849 	    (*(cmd->cmd_pkt->pkt_cdbp) != SCMD_REQUEST_SENSE)) {
7850 		if ((cmd->cmd_pkt_flags & FLAG_NOINTR) == 0) {
7851 			NDBG23(("target=%d, untagged cmd, start draining\n",
7852 			    ptgt->m_devhdl));
7853 
7854 			if (ptgt->m_reset_delay == 0) {
7855 				mptsas_set_throttle(mpt, ptgt, DRAIN_THROTTLE);
7856 			}
7857 
7858 			mptsas_remove_cmd(mpt, cmd);
7859 			cmd->cmd_pkt_flags |= FLAG_HEAD;
7860 			mptsas_waitq_add(mpt, cmd);
7861 		}
7862 		return (DDI_FAILURE);
7863 	}
7864 
7865 	/*
7866 	 * Set correct tag bits.
7867 	 */
7868 	if (cmd->cmd_pkt_flags & FLAG_TAGMASK) {
7869 		switch (mptsas_tag_lookup[((cmd->cmd_pkt_flags &
7870 		    FLAG_TAGMASK) >> 12)]) {
7871 		case MSG_SIMPLE_QTAG:
7872 			control |= MPI2_SCSIIO_CONTROL_SIMPLEQ;
7873 			break;
7874 		case MSG_HEAD_QTAG:
7875 			control |= MPI2_SCSIIO_CONTROL_HEADOFQ;
7876 			break;
7877 		case MSG_ORDERED_QTAG:
7878 			control |= MPI2_SCSIIO_CONTROL_ORDEREDQ;
7879 			break;
7880 		default:
7881 			mptsas_log(mpt, CE_WARN, "mpt: Invalid tag type\n");
7882 			break;
7883 		}
7884 	} else {
7885 		if (*(cmd->cmd_pkt->pkt_cdbp) != SCMD_REQUEST_SENSE) {
7886 				ptgt->m_t_throttle = 1;
7887 		}
7888 		control |= MPI2_SCSIIO_CONTROL_SIMPLEQ;
7889 	}
7890 
7891 	if (cmd->cmd_pkt_flags & FLAG_TLR) {
7892 		control |= MPI2_SCSIIO_CONTROL_TLR_ON;
7893 	}
7894 
7895 	mem = mpt->m_req_frame + (mpt->m_req_frame_size * SMID);
7896 	io_request = (pMpi2SCSIIORequest_t)mem;
7897 
7898 	bzero(io_request, sizeof (Mpi2SCSIIORequest_t));
7899 	ddi_put8(acc_hdl, &io_request->SGLOffset0, offsetof
7900 	    (MPI2_SCSI_IO_REQUEST, SGL) / 4);
7901 	mptsas_init_std_hdr(acc_hdl, io_request, ptgt->m_devhdl, Lun(cmd), 0,
7902 	    MPI2_FUNCTION_SCSI_IO_REQUEST);
7903 
7904 	(void) ddi_rep_put8(acc_hdl, (uint8_t *)pkt->pkt_cdbp,
7905 	    io_request->CDB.CDB32, cmd->cmd_cdblen, DDI_DEV_AUTOINCR);
7906 
7907 	io_flags = cmd->cmd_cdblen;
7908 	ddi_put16(acc_hdl, &io_request->IoFlags, io_flags);
7909 	/*
7910 	 * setup the Scatter/Gather DMA list for this request
7911 	 */
7912 	if (cmd->cmd_cookiec > 0) {
7913 		mptsas_sge_setup(mpt, cmd, &control, io_request, acc_hdl);
7914 	} else {
7915 		ddi_put32(acc_hdl, &io_request->SGL.MpiSimple.FlagsLength,
7916 		    ((uint32_t)MPI2_SGE_FLAGS_LAST_ELEMENT |
7917 		    MPI2_SGE_FLAGS_END_OF_BUFFER |
7918 		    MPI2_SGE_FLAGS_SIMPLE_ELEMENT |
7919 		    MPI2_SGE_FLAGS_END_OF_LIST) << MPI2_SGE_FLAGS_SHIFT);
7920 	}
7921 
7922 	/*
7923 	 * save ARQ information
7924 	 */
7925 	ddi_put8(acc_hdl, &io_request->SenseBufferLength, cmd->cmd_rqslen);
7926 	if ((cmd->cmd_flags & (CFLAG_SCBEXTERN | CFLAG_EXTARQBUFVALID)) ==
7927 	    (CFLAG_SCBEXTERN | CFLAG_EXTARQBUFVALID)) {
7928 		ddi_put32(acc_hdl, &io_request->SenseBufferLowAddress,
7929 		    cmd->cmd_ext_arqcookie.dmac_address);
7930 	} else {
7931 		ddi_put32(acc_hdl, &io_request->SenseBufferLowAddress,
7932 		    cmd->cmd_arqcookie.dmac_address);
7933 	}
7934 
7935 	ddi_put32(acc_hdl, &io_request->Control, control);
7936 
7937 	NDBG31(("starting message=0x%p, with cmd=0x%p",
7938 	    (void *)(uintptr_t)mpt->m_req_frame_dma_addr, (void *)cmd));
7939 
7940 	(void) ddi_dma_sync(dma_hdl, 0, 0, DDI_DMA_SYNC_FORDEV);
7941 
7942 	/*
7943 	 * Build request descriptor and write it to the request desc post reg.
7944 	 */
7945 	request_desc_low = (SMID << 16) + MPI2_REQ_DESCRIPT_FLAGS_SCSI_IO;
7946 	request_desc_high = ptgt->m_devhdl << 16;
7947 	MPTSAS_START_CMD(mpt, request_desc_low, request_desc_high);
7948 
7949 	/*
7950 	 * Start timeout.
7951 	 */
7952 #ifdef MPTSAS_TEST
7953 	/*
7954 	 * Temporarily set timebase = 0;  needed for
7955 	 * timeout torture test.
7956 	 */
7957 	if (mptsas_test_timeouts) {
7958 		ptgt->m_timebase = 0;
7959 	}
7960 #endif
7961 	n = pkt->pkt_time - ptgt->m_timebase;
7962 
7963 	if (n == 0) {
7964 		(ptgt->m_dups)++;
7965 		ptgt->m_timeout = ptgt->m_timebase;
7966 	} else if (n > 0) {
7967 		ptgt->m_timeout =
7968 		    ptgt->m_timebase = pkt->pkt_time;
7969 		ptgt->m_dups = 1;
7970 	} else if (n < 0) {
7971 		ptgt->m_timeout = ptgt->m_timebase;
7972 	}
7973 #ifdef MPTSAS_TEST
7974 	/*
7975 	 * Set back to a number higher than
7976 	 * mptsas_scsi_watchdog_tick
7977 	 * so timeouts will happen in mptsas_watchsubr
7978 	 */
7979 	if (mptsas_test_timeouts) {
7980 		ptgt->m_timebase = 60;
7981 	}
7982 #endif
7983 
7984 	if ((mptsas_check_dma_handle(dma_hdl) != DDI_SUCCESS) ||
7985 	    (mptsas_check_acc_handle(acc_hdl) != DDI_SUCCESS)) {
7986 		ddi_fm_service_impact(mpt->m_dip, DDI_SERVICE_UNAFFECTED);
7987 		return (DDI_FAILURE);
7988 	}
7989 	return (DDI_SUCCESS);
7990 }
7991 
7992 /*
7993  * Select a helper thread to handle current doneq
7994  */
7995 static void
7996 mptsas_deliver_doneq_thread(mptsas_t *mpt)
7997 {
7998 	uint64_t			t, i;
7999 	uint32_t			min = 0xffffffff;
8000 	mptsas_doneq_thread_list_t	*item;
8001 
8002 	for (i = 0; i < mpt->m_doneq_thread_n; i++) {
8003 		item = &mpt->m_doneq_thread_id[i];
8004 		/*
8005 		 * If the completed command on help thread[i] less than
8006 		 * doneq_thread_threshold, then pick the thread[i]. Otherwise
8007 		 * pick a thread which has least completed command.
8008 		 */
8009 
8010 		mutex_enter(&item->mutex);
8011 		if (item->len < mpt->m_doneq_thread_threshold) {
8012 			t = i;
8013 			mutex_exit(&item->mutex);
8014 			break;
8015 		}
8016 		if (item->len < min) {
8017 			min = item->len;
8018 			t = i;
8019 		}
8020 		mutex_exit(&item->mutex);
8021 	}
8022 	mutex_enter(&mpt->m_doneq_thread_id[t].mutex);
8023 	mptsas_doneq_mv(mpt, t);
8024 	cv_signal(&mpt->m_doneq_thread_id[t].cv);
8025 	mutex_exit(&mpt->m_doneq_thread_id[t].mutex);
8026 }
8027 
8028 /*
8029  * move the current global doneq to the doneq of thead[t]
8030  */
8031 static void
8032 mptsas_doneq_mv(mptsas_t *mpt, uint64_t t)
8033 {
8034 	mptsas_cmd_t			*cmd;
8035 	mptsas_doneq_thread_list_t	*item = &mpt->m_doneq_thread_id[t];
8036 
8037 	ASSERT(mutex_owned(&item->mutex));
8038 	while ((cmd = mpt->m_doneq) != NULL) {
8039 		if ((mpt->m_doneq = cmd->cmd_linkp) == NULL) {
8040 			mpt->m_donetail = &mpt->m_doneq;
8041 		}
8042 		cmd->cmd_linkp = NULL;
8043 		*item->donetail = cmd;
8044 		item->donetail = &cmd->cmd_linkp;
8045 		mpt->m_doneq_len--;
8046 		item->len++;
8047 	}
8048 }
8049 
8050 void
8051 mptsas_fma_check(mptsas_t *mpt, mptsas_cmd_t *cmd)
8052 {
8053 	struct scsi_pkt	*pkt = CMD2PKT(cmd);
8054 
8055 	/* Check all acc and dma handles */
8056 	if ((mptsas_check_acc_handle(mpt->m_datap) !=
8057 	    DDI_SUCCESS) ||
8058 	    (mptsas_check_acc_handle(mpt->m_acc_req_frame_hdl) !=
8059 	    DDI_SUCCESS) ||
8060 	    (mptsas_check_acc_handle(mpt->m_acc_reply_frame_hdl) !=
8061 	    DDI_SUCCESS) ||
8062 	    (mptsas_check_acc_handle(mpt->m_acc_free_queue_hdl) !=
8063 	    DDI_SUCCESS) ||
8064 	    (mptsas_check_acc_handle(mpt->m_acc_post_queue_hdl) !=
8065 	    DDI_SUCCESS) ||
8066 	    (mptsas_check_acc_handle(mpt->m_hshk_acc_hdl) !=
8067 	    DDI_SUCCESS) ||
8068 	    (mptsas_check_acc_handle(mpt->m_config_handle) !=
8069 	    DDI_SUCCESS)) {
8070 		ddi_fm_service_impact(mpt->m_dip,
8071 		    DDI_SERVICE_UNAFFECTED);
8072 		ddi_fm_acc_err_clear(mpt->m_config_handle,
8073 		    DDI_FME_VER0);
8074 		pkt->pkt_reason = CMD_TRAN_ERR;
8075 		pkt->pkt_statistics = 0;
8076 	}
8077 	if ((mptsas_check_dma_handle(mpt->m_dma_req_frame_hdl) !=
8078 	    DDI_SUCCESS) ||
8079 	    (mptsas_check_dma_handle(mpt->m_dma_reply_frame_hdl) !=
8080 	    DDI_SUCCESS) ||
8081 	    (mptsas_check_dma_handle(mpt->m_dma_free_queue_hdl) !=
8082 	    DDI_SUCCESS) ||
8083 	    (mptsas_check_dma_handle(mpt->m_dma_post_queue_hdl) !=
8084 	    DDI_SUCCESS) ||
8085 	    (mptsas_check_dma_handle(mpt->m_hshk_dma_hdl) !=
8086 	    DDI_SUCCESS)) {
8087 		ddi_fm_service_impact(mpt->m_dip,
8088 		    DDI_SERVICE_UNAFFECTED);
8089 		pkt->pkt_reason = CMD_TRAN_ERR;
8090 		pkt->pkt_statistics = 0;
8091 	}
8092 	if (cmd->cmd_dmahandle &&
8093 	    (mptsas_check_dma_handle(cmd->cmd_dmahandle) != DDI_SUCCESS)) {
8094 		ddi_fm_service_impact(mpt->m_dip, DDI_SERVICE_UNAFFECTED);
8095 		pkt->pkt_reason = CMD_TRAN_ERR;
8096 		pkt->pkt_statistics = 0;
8097 	}
8098 	if ((cmd->cmd_extra_frames &&
8099 	    ((mptsas_check_dma_handle(cmd->cmd_extra_frames->m_dma_hdl) !=
8100 	    DDI_SUCCESS) ||
8101 	    (mptsas_check_acc_handle(cmd->cmd_extra_frames->m_acc_hdl) !=
8102 	    DDI_SUCCESS)))) {
8103 		ddi_fm_service_impact(mpt->m_dip, DDI_SERVICE_UNAFFECTED);
8104 		pkt->pkt_reason = CMD_TRAN_ERR;
8105 		pkt->pkt_statistics = 0;
8106 	}
8107 	if (cmd->cmd_arqhandle &&
8108 	    (mptsas_check_dma_handle(cmd->cmd_arqhandle) != DDI_SUCCESS)) {
8109 		ddi_fm_service_impact(mpt->m_dip, DDI_SERVICE_UNAFFECTED);
8110 		pkt->pkt_reason = CMD_TRAN_ERR;
8111 		pkt->pkt_statistics = 0;
8112 	}
8113 	if (cmd->cmd_ext_arqhandle &&
8114 	    (mptsas_check_dma_handle(cmd->cmd_ext_arqhandle) != DDI_SUCCESS)) {
8115 		ddi_fm_service_impact(mpt->m_dip, DDI_SERVICE_UNAFFECTED);
8116 		pkt->pkt_reason = CMD_TRAN_ERR;
8117 		pkt->pkt_statistics = 0;
8118 	}
8119 }
8120 
8121 /*
8122  * These routines manipulate the queue of commands that
8123  * are waiting for their completion routines to be called.
8124  * The queue is usually in FIFO order but on an MP system
8125  * it's possible for the completion routines to get out
8126  * of order. If that's a problem you need to add a global
8127  * mutex around the code that calls the completion routine
8128  * in the interrupt handler.
8129  */
8130 static void
8131 mptsas_doneq_add(mptsas_t *mpt, mptsas_cmd_t *cmd)
8132 {
8133 	struct scsi_pkt	*pkt = CMD2PKT(cmd);
8134 
8135 	NDBG31(("mptsas_doneq_add: cmd=0x%p", (void *)cmd));
8136 
8137 	ASSERT((cmd->cmd_flags & CFLAG_COMPLETED) == 0);
8138 	cmd->cmd_linkp = NULL;
8139 	cmd->cmd_flags |= CFLAG_FINISHED;
8140 	cmd->cmd_flags &= ~CFLAG_IN_TRANSPORT;
8141 
8142 	mptsas_fma_check(mpt, cmd);
8143 
8144 	/*
8145 	 * only add scsi pkts that have completion routines to
8146 	 * the doneq.  no intr cmds do not have callbacks.
8147 	 */
8148 	if (pkt && (pkt->pkt_comp)) {
8149 		*mpt->m_donetail = cmd;
8150 		mpt->m_donetail = &cmd->cmd_linkp;
8151 		mpt->m_doneq_len++;
8152 	}
8153 }
8154 
8155 static mptsas_cmd_t *
8156 mptsas_doneq_thread_rm(mptsas_t *mpt, uint64_t t)
8157 {
8158 	mptsas_cmd_t			*cmd;
8159 	mptsas_doneq_thread_list_t	*item = &mpt->m_doneq_thread_id[t];
8160 
8161 	/* pop one off the done queue */
8162 	if ((cmd = item->doneq) != NULL) {
8163 		/* if the queue is now empty fix the tail pointer */
8164 		NDBG31(("mptsas_doneq_thread_rm: cmd=0x%p", (void *)cmd));
8165 		if ((item->doneq = cmd->cmd_linkp) == NULL) {
8166 			item->donetail = &item->doneq;
8167 		}
8168 		cmd->cmd_linkp = NULL;
8169 		item->len--;
8170 	}
8171 	return (cmd);
8172 }
8173 
8174 static void
8175 mptsas_doneq_empty(mptsas_t *mpt)
8176 {
8177 	if (mpt->m_doneq && !mpt->m_in_callback) {
8178 		mptsas_cmd_t	*cmd, *next;
8179 		struct scsi_pkt *pkt;
8180 
8181 		mpt->m_in_callback = 1;
8182 		cmd = mpt->m_doneq;
8183 		mpt->m_doneq = NULL;
8184 		mpt->m_donetail = &mpt->m_doneq;
8185 		mpt->m_doneq_len = 0;
8186 
8187 		mutex_exit(&mpt->m_mutex);
8188 		/*
8189 		 * run the completion routines of all the
8190 		 * completed commands
8191 		 */
8192 		while (cmd != NULL) {
8193 			next = cmd->cmd_linkp;
8194 			cmd->cmd_linkp = NULL;
8195 			/* run this command's completion routine */
8196 			cmd->cmd_flags |= CFLAG_COMPLETED;
8197 			pkt = CMD2PKT(cmd);
8198 			mptsas_pkt_comp(pkt, cmd);
8199 			cmd = next;
8200 		}
8201 		mutex_enter(&mpt->m_mutex);
8202 		mpt->m_in_callback = 0;
8203 	}
8204 }
8205 
8206 /*
8207  * These routines manipulate the target's queue of pending requests
8208  */
8209 void
8210 mptsas_waitq_add(mptsas_t *mpt, mptsas_cmd_t *cmd)
8211 {
8212 	NDBG7(("mptsas_waitq_add: cmd=0x%p", (void *)cmd));
8213 	mptsas_target_t *ptgt = cmd->cmd_tgt_addr;
8214 	cmd->cmd_queued = TRUE;
8215 	if (ptgt)
8216 		ptgt->m_t_nwait++;
8217 	if (cmd->cmd_pkt_flags & FLAG_HEAD) {
8218 		if ((cmd->cmd_linkp = mpt->m_waitq) == NULL) {
8219 			mpt->m_waitqtail = &cmd->cmd_linkp;
8220 		}
8221 		mpt->m_waitq = cmd;
8222 	} else {
8223 		cmd->cmd_linkp = NULL;
8224 		*(mpt->m_waitqtail) = cmd;
8225 		mpt->m_waitqtail = &cmd->cmd_linkp;
8226 	}
8227 }
8228 
8229 static mptsas_cmd_t *
8230 mptsas_waitq_rm(mptsas_t *mpt)
8231 {
8232 	mptsas_cmd_t	*cmd;
8233 	mptsas_target_t *ptgt;
8234 	NDBG7(("mptsas_waitq_rm"));
8235 
8236 	MPTSAS_WAITQ_RM(mpt, cmd);
8237 
8238 	NDBG7(("mptsas_waitq_rm: cmd=0x%p", (void *)cmd));
8239 	if (cmd) {
8240 		ptgt = cmd->cmd_tgt_addr;
8241 		if (ptgt) {
8242 			ptgt->m_t_nwait--;
8243 			ASSERT(ptgt->m_t_nwait >= 0);
8244 		}
8245 	}
8246 	return (cmd);
8247 }
8248 
8249 /*
8250  * remove specified cmd from the middle of the wait queue.
8251  */
8252 static void
8253 mptsas_waitq_delete(mptsas_t *mpt, mptsas_cmd_t *cmd)
8254 {
8255 	mptsas_cmd_t	*prevp = mpt->m_waitq;
8256 	mptsas_target_t *ptgt = cmd->cmd_tgt_addr;
8257 
8258 	NDBG7(("mptsas_waitq_delete: mpt=0x%p cmd=0x%p",
8259 	    (void *)mpt, (void *)cmd));
8260 	if (ptgt) {
8261 		ptgt->m_t_nwait--;
8262 		ASSERT(ptgt->m_t_nwait >= 0);
8263 	}
8264 
8265 	if (prevp == cmd) {
8266 		if ((mpt->m_waitq = cmd->cmd_linkp) == NULL)
8267 			mpt->m_waitqtail = &mpt->m_waitq;
8268 
8269 		cmd->cmd_linkp = NULL;
8270 		cmd->cmd_queued = FALSE;
8271 		NDBG7(("mptsas_waitq_delete: mpt=0x%p cmd=0x%p",
8272 		    (void *)mpt, (void *)cmd));
8273 		return;
8274 	}
8275 
8276 	while (prevp != NULL) {
8277 		if (prevp->cmd_linkp == cmd) {
8278 			if ((prevp->cmd_linkp = cmd->cmd_linkp) == NULL)
8279 				mpt->m_waitqtail = &prevp->cmd_linkp;
8280 
8281 			cmd->cmd_linkp = NULL;
8282 			cmd->cmd_queued = FALSE;
8283 			NDBG7(("mptsas_waitq_delete: mpt=0x%p cmd=0x%p",
8284 			    (void *)mpt, (void *)cmd));
8285 			return;
8286 		}
8287 		prevp = prevp->cmd_linkp;
8288 	}
8289 	cmn_err(CE_PANIC, "mpt: mptsas_waitq_delete: queue botch");
8290 }
8291 
8292 static mptsas_cmd_t *
8293 mptsas_tx_waitq_rm(mptsas_t *mpt)
8294 {
8295 	mptsas_cmd_t *cmd;
8296 	NDBG7(("mptsas_tx_waitq_rm"));
8297 
8298 	MPTSAS_TX_WAITQ_RM(mpt, cmd);
8299 
8300 	NDBG7(("mptsas_tx_waitq_rm: cmd=0x%p", (void *)cmd));
8301 
8302 	return (cmd);
8303 }
8304 
8305 /*
8306  * remove specified cmd from the middle of the tx_waitq.
8307  */
8308 static void
8309 mptsas_tx_waitq_delete(mptsas_t *mpt, mptsas_cmd_t *cmd)
8310 {
8311 	mptsas_cmd_t *prevp = mpt->m_tx_waitq;
8312 
8313 	NDBG7(("mptsas_tx_waitq_delete: mpt=0x%p cmd=0x%p",
8314 	    (void *)mpt, (void *)cmd));
8315 
8316 	if (prevp == cmd) {
8317 		if ((mpt->m_tx_waitq = cmd->cmd_linkp) == NULL)
8318 			mpt->m_tx_waitqtail = &mpt->m_tx_waitq;
8319 
8320 		cmd->cmd_linkp = NULL;
8321 		cmd->cmd_queued = FALSE;
8322 		NDBG7(("mptsas_tx_waitq_delete: mpt=0x%p cmd=0x%p",
8323 		    (void *)mpt, (void *)cmd));
8324 		return;
8325 	}
8326 
8327 	while (prevp != NULL) {
8328 		if (prevp->cmd_linkp == cmd) {
8329 			if ((prevp->cmd_linkp = cmd->cmd_linkp) == NULL)
8330 				mpt->m_tx_waitqtail = &prevp->cmd_linkp;
8331 
8332 			cmd->cmd_linkp = NULL;
8333 			cmd->cmd_queued = FALSE;
8334 			NDBG7(("mptsas_tx_waitq_delete: mpt=0x%p cmd=0x%p",
8335 			    (void *)mpt, (void *)cmd));
8336 			return;
8337 		}
8338 		prevp = prevp->cmd_linkp;
8339 	}
8340 	cmn_err(CE_PANIC, "mpt: mptsas_tx_waitq_delete: queue botch");
8341 }
8342 
8343 /*
8344  * device and bus reset handling
8345  *
8346  * Notes:
8347  *	- RESET_ALL:	reset the controller
8348  *	- RESET_TARGET:	reset the target specified in scsi_address
8349  */
8350 static int
8351 mptsas_scsi_reset(struct scsi_address *ap, int level)
8352 {
8353 	mptsas_t		*mpt = ADDR2MPT(ap);
8354 	int			rval;
8355 	mptsas_tgt_private_t	*tgt_private;
8356 	mptsas_target_t		*ptgt = NULL;
8357 
8358 	tgt_private = (mptsas_tgt_private_t *)ap->a_hba_tran->tran_tgt_private;
8359 	ptgt = tgt_private->t_private;
8360 	if (ptgt == NULL) {
8361 		return (FALSE);
8362 	}
8363 	NDBG22(("mptsas_scsi_reset: target=%d level=%d", ptgt->m_devhdl,
8364 	    level));
8365 
8366 	mutex_enter(&mpt->m_mutex);
8367 	/*
8368 	 * if we are not in panic set up a reset delay for this target
8369 	 */
8370 	if (!ddi_in_panic()) {
8371 		mptsas_setup_bus_reset_delay(mpt);
8372 	} else {
8373 		drv_usecwait(mpt->m_scsi_reset_delay * 1000);
8374 	}
8375 	rval = mptsas_do_scsi_reset(mpt, ptgt->m_devhdl);
8376 	mutex_exit(&mpt->m_mutex);
8377 
8378 	/*
8379 	 * The transport layer expect to only see TRUE and
8380 	 * FALSE. Therefore, we will adjust the return value
8381 	 * if mptsas_do_scsi_reset returns FAILED.
8382 	 */
8383 	if (rval == FAILED)
8384 		rval = FALSE;
8385 	return (rval);
8386 }
8387 
8388 static int
8389 mptsas_do_scsi_reset(mptsas_t *mpt, uint16_t devhdl)
8390 {
8391 	int		rval = FALSE;
8392 	uint8_t		config, disk;
8393 	mptsas_slots_t	*slots = mpt->m_active;
8394 
8395 	ASSERT(mutex_owned(&mpt->m_mutex));
8396 
8397 	if (mptsas_debug_resets) {
8398 		mptsas_log(mpt, CE_WARN, "mptsas_do_scsi_reset: target=%d",
8399 		    devhdl);
8400 	}
8401 
8402 	/*
8403 	 * Issue a Target Reset message to the target specified but not to a
8404 	 * disk making up a raid volume.  Just look through the RAID config
8405 	 * Phys Disk list of DevHandles.  If the target's DevHandle is in this
8406 	 * list, then don't reset this target.
8407 	 */
8408 	for (config = 0; config < slots->m_num_raid_configs; config++) {
8409 		for (disk = 0; disk < MPTSAS_MAX_DISKS_IN_CONFIG; disk++) {
8410 			if (devhdl == slots->m_raidconfig[config].
8411 			    m_physdisk_devhdl[disk]) {
8412 				return (TRUE);
8413 			}
8414 		}
8415 	}
8416 
8417 	rval = mptsas_ioc_task_management(mpt,
8418 	    MPI2_SCSITASKMGMT_TASKTYPE_TARGET_RESET, devhdl, 0, NULL, 0, 0);
8419 
8420 	mptsas_doneq_empty(mpt);
8421 	return (rval);
8422 }
8423 
8424 static int
8425 mptsas_scsi_reset_notify(struct scsi_address *ap, int flag,
8426 	void (*callback)(caddr_t), caddr_t arg)
8427 {
8428 	mptsas_t	*mpt = ADDR2MPT(ap);
8429 
8430 	NDBG22(("mptsas_scsi_reset_notify: tgt=%d", ap->a_target));
8431 
8432 	return (scsi_hba_reset_notify_setup(ap, flag, callback, arg,
8433 	    &mpt->m_mutex, &mpt->m_reset_notify_listf));
8434 }
8435 
8436 static int
8437 mptsas_get_name(struct scsi_device *sd, char *name, int len)
8438 {
8439 	dev_info_t	*lun_dip = NULL;
8440 
8441 	ASSERT(sd != NULL);
8442 	ASSERT(name != NULL);
8443 	lun_dip = sd->sd_dev;
8444 	ASSERT(lun_dip != NULL);
8445 
8446 	if (mptsas_name_child(lun_dip, name, len) == DDI_SUCCESS) {
8447 		return (1);
8448 	} else {
8449 		return (0);
8450 	}
8451 }
8452 
8453 static int
8454 mptsas_get_bus_addr(struct scsi_device *sd, char *name, int len)
8455 {
8456 	return (mptsas_get_name(sd, name, len));
8457 }
8458 
8459 void
8460 mptsas_set_throttle(mptsas_t *mpt, mptsas_target_t *ptgt, int what)
8461 {
8462 
8463 	NDBG25(("mptsas_set_throttle: throttle=%x", what));
8464 
8465 	/*
8466 	 * if the bus is draining/quiesced, no changes to the throttles
8467 	 * are allowed. Not allowing change of throttles during draining
8468 	 * limits error recovery but will reduce draining time
8469 	 *
8470 	 * all throttles should have been set to HOLD_THROTTLE
8471 	 */
8472 	if (mpt->m_softstate & (MPTSAS_SS_QUIESCED | MPTSAS_SS_DRAINING)) {
8473 		return;
8474 	}
8475 
8476 	if (what == HOLD_THROTTLE) {
8477 		ptgt->m_t_throttle = HOLD_THROTTLE;
8478 	} else if (ptgt->m_reset_delay == 0) {
8479 		ptgt->m_t_throttle = what;
8480 	}
8481 }
8482 
8483 /*
8484  * Clean up from a device reset.
8485  * For the case of target reset, this function clears the waitq of all
8486  * commands for a particular target.   For the case of abort task set, this
8487  * function clears the waitq of all commonds for a particular target/lun.
8488  */
8489 static void
8490 mptsas_flush_target(mptsas_t *mpt, ushort_t target, int lun, uint8_t tasktype)
8491 {
8492 	mptsas_slots_t	*slots = mpt->m_active;
8493 	mptsas_cmd_t	*cmd, *next_cmd;
8494 	int		slot;
8495 	uchar_t		reason;
8496 	uint_t		stat;
8497 
8498 	NDBG25(("mptsas_flush_target: target=%d lun=%d", target, lun));
8499 
8500 	/*
8501 	 * Make sure the I/O Controller has flushed all cmds
8502 	 * that are associated with this target for a target reset
8503 	 * and target/lun for abort task set.
8504 	 * Account for TM requests, which use the last SMID.
8505 	 */
8506 	for (slot = 0; slot <= mpt->m_active->m_n_slots; slot++) {
8507 		if ((cmd = slots->m_slot[slot]) == NULL)
8508 			continue;
8509 		reason = CMD_RESET;
8510 		stat = STAT_DEV_RESET;
8511 		switch (tasktype) {
8512 		case MPI2_SCSITASKMGMT_TASKTYPE_TARGET_RESET:
8513 			if (Tgt(cmd) == target) {
8514 				NDBG25(("mptsas_flush_target discovered non-"
8515 				    "NULL cmd in slot %d, tasktype 0x%x", slot,
8516 				    tasktype));
8517 				mptsas_dump_cmd(mpt, cmd);
8518 				mptsas_remove_cmd(mpt, cmd);
8519 				mptsas_set_pkt_reason(mpt, cmd, reason, stat);
8520 				mptsas_doneq_add(mpt, cmd);
8521 			}
8522 			break;
8523 		case MPI2_SCSITASKMGMT_TASKTYPE_ABRT_TASK_SET:
8524 			reason = CMD_ABORTED;
8525 			stat = STAT_ABORTED;
8526 			/*FALLTHROUGH*/
8527 		case MPI2_SCSITASKMGMT_TASKTYPE_LOGICAL_UNIT_RESET:
8528 			if ((Tgt(cmd) == target) && (Lun(cmd) == lun)) {
8529 
8530 				NDBG25(("mptsas_flush_target discovered non-"
8531 				    "NULL cmd in slot %d, tasktype 0x%x", slot,
8532 				    tasktype));
8533 				mptsas_dump_cmd(mpt, cmd);
8534 				mptsas_remove_cmd(mpt, cmd);
8535 				mptsas_set_pkt_reason(mpt, cmd, reason,
8536 				    stat);
8537 				mptsas_doneq_add(mpt, cmd);
8538 			}
8539 			break;
8540 		default:
8541 			break;
8542 		}
8543 	}
8544 
8545 	/*
8546 	 * Flush the waitq and tx_waitq of this target's cmds
8547 	 */
8548 	cmd = mpt->m_waitq;
8549 
8550 	reason = CMD_RESET;
8551 	stat = STAT_DEV_RESET;
8552 
8553 	switch (tasktype) {
8554 	case MPI2_SCSITASKMGMT_TASKTYPE_TARGET_RESET:
8555 		while (cmd != NULL) {
8556 			next_cmd = cmd->cmd_linkp;
8557 			if (Tgt(cmd) == target) {
8558 				mptsas_waitq_delete(mpt, cmd);
8559 				mptsas_set_pkt_reason(mpt, cmd,
8560 				    reason, stat);
8561 				mptsas_doneq_add(mpt, cmd);
8562 			}
8563 			cmd = next_cmd;
8564 		}
8565 		mutex_enter(&mpt->m_tx_waitq_mutex);
8566 		cmd = mpt->m_tx_waitq;
8567 		while (cmd != NULL) {
8568 			next_cmd = cmd->cmd_linkp;
8569 			if (Tgt(cmd) == target) {
8570 				mptsas_tx_waitq_delete(mpt, cmd);
8571 				mutex_exit(&mpt->m_tx_waitq_mutex);
8572 				mptsas_set_pkt_reason(mpt, cmd,
8573 				    reason, stat);
8574 				mptsas_doneq_add(mpt, cmd);
8575 				mutex_enter(&mpt->m_tx_waitq_mutex);
8576 			}
8577 			cmd = next_cmd;
8578 		}
8579 		mutex_exit(&mpt->m_tx_waitq_mutex);
8580 		break;
8581 	case MPI2_SCSITASKMGMT_TASKTYPE_ABRT_TASK_SET:
8582 		reason = CMD_ABORTED;
8583 		stat =  STAT_ABORTED;
8584 		/*FALLTHROUGH*/
8585 	case MPI2_SCSITASKMGMT_TASKTYPE_LOGICAL_UNIT_RESET:
8586 		while (cmd != NULL) {
8587 			next_cmd = cmd->cmd_linkp;
8588 			if ((Tgt(cmd) == target) && (Lun(cmd) == lun)) {
8589 				mptsas_waitq_delete(mpt, cmd);
8590 				mptsas_set_pkt_reason(mpt, cmd,
8591 				    reason, stat);
8592 				mptsas_doneq_add(mpt, cmd);
8593 			}
8594 			cmd = next_cmd;
8595 		}
8596 		mutex_enter(&mpt->m_tx_waitq_mutex);
8597 		cmd = mpt->m_tx_waitq;
8598 		while (cmd != NULL) {
8599 			next_cmd = cmd->cmd_linkp;
8600 			if ((Tgt(cmd) == target) && (Lun(cmd) == lun)) {
8601 				mptsas_tx_waitq_delete(mpt, cmd);
8602 				mutex_exit(&mpt->m_tx_waitq_mutex);
8603 				mptsas_set_pkt_reason(mpt, cmd,
8604 				    reason, stat);
8605 				mptsas_doneq_add(mpt, cmd);
8606 				mutex_enter(&mpt->m_tx_waitq_mutex);
8607 			}
8608 			cmd = next_cmd;
8609 		}
8610 		mutex_exit(&mpt->m_tx_waitq_mutex);
8611 		break;
8612 	default:
8613 		mptsas_log(mpt, CE_WARN, "Unknown task management type %d.",
8614 		    tasktype);
8615 		break;
8616 	}
8617 }
8618 
8619 /*
8620  * Clean up hba state, abort all outstanding command and commands in waitq
8621  * reset timeout of all targets.
8622  */
8623 static void
8624 mptsas_flush_hba(mptsas_t *mpt)
8625 {
8626 	mptsas_slots_t	*slots = mpt->m_active;
8627 	mptsas_cmd_t	*cmd;
8628 	int		slot;
8629 
8630 	NDBG25(("mptsas_flush_hba"));
8631 
8632 	/*
8633 	 * The I/O Controller should have already sent back
8634 	 * all commands via the scsi I/O reply frame.  Make
8635 	 * sure all commands have been flushed.
8636 	 * Account for TM request, which use the last SMID.
8637 	 */
8638 	for (slot = 0; slot <= mpt->m_active->m_n_slots; slot++) {
8639 		if ((cmd = slots->m_slot[slot]) == NULL)
8640 			continue;
8641 
8642 		if (cmd->cmd_flags & CFLAG_CMDIOC) {
8643 			/*
8644 			 * Need to make sure to tell everyone that might be
8645 			 * waiting on this command that it's going to fail.  If
8646 			 * we get here, this command will never timeout because
8647 			 * the active command table is going to be re-allocated,
8648 			 * so there will be nothing to check against a time out.
8649 			 * Instead, mark the command as failed due to reset.
8650 			 */
8651 			mptsas_set_pkt_reason(mpt, cmd, CMD_RESET,
8652 			    STAT_BUS_RESET);
8653 			if ((cmd->cmd_flags & CFLAG_PASSTHRU) ||
8654 			    (cmd->cmd_flags & CFLAG_CONFIG) ||
8655 			    (cmd->cmd_flags & CFLAG_FW_DIAG)) {
8656 				cmd->cmd_flags |= CFLAG_FINISHED;
8657 				cv_broadcast(&mpt->m_passthru_cv);
8658 				cv_broadcast(&mpt->m_config_cv);
8659 				cv_broadcast(&mpt->m_fw_diag_cv);
8660 			}
8661 			continue;
8662 		}
8663 
8664 		NDBG25(("mptsas_flush_hba discovered non-NULL cmd in slot %d",
8665 		    slot));
8666 		mptsas_dump_cmd(mpt, cmd);
8667 
8668 		mptsas_remove_cmd(mpt, cmd);
8669 		mptsas_set_pkt_reason(mpt, cmd, CMD_RESET, STAT_BUS_RESET);
8670 		mptsas_doneq_add(mpt, cmd);
8671 	}
8672 
8673 	/*
8674 	 * Flush the waitq.
8675 	 */
8676 	while ((cmd = mptsas_waitq_rm(mpt)) != NULL) {
8677 		mptsas_set_pkt_reason(mpt, cmd, CMD_RESET, STAT_BUS_RESET);
8678 		if ((cmd->cmd_flags & CFLAG_PASSTHRU) ||
8679 		    (cmd->cmd_flags & CFLAG_CONFIG) ||
8680 		    (cmd->cmd_flags & CFLAG_FW_DIAG)) {
8681 			cmd->cmd_flags |= CFLAG_FINISHED;
8682 			cv_broadcast(&mpt->m_passthru_cv);
8683 			cv_broadcast(&mpt->m_config_cv);
8684 			cv_broadcast(&mpt->m_fw_diag_cv);
8685 		} else {
8686 			mptsas_doneq_add(mpt, cmd);
8687 		}
8688 	}
8689 
8690 	/*
8691 	 * Flush the tx_waitq
8692 	 */
8693 	mutex_enter(&mpt->m_tx_waitq_mutex);
8694 	while ((cmd = mptsas_tx_waitq_rm(mpt)) != NULL) {
8695 		mutex_exit(&mpt->m_tx_waitq_mutex);
8696 		mptsas_set_pkt_reason(mpt, cmd, CMD_RESET, STAT_BUS_RESET);
8697 		mptsas_doneq_add(mpt, cmd);
8698 		mutex_enter(&mpt->m_tx_waitq_mutex);
8699 	}
8700 	mutex_exit(&mpt->m_tx_waitq_mutex);
8701 }
8702 
8703 /*
8704  * set pkt_reason and OR in pkt_statistics flag
8705  */
8706 static void
8707 mptsas_set_pkt_reason(mptsas_t *mpt, mptsas_cmd_t *cmd, uchar_t reason,
8708     uint_t stat)
8709 {
8710 #ifndef __lock_lint
8711 	_NOTE(ARGUNUSED(mpt))
8712 #endif
8713 
8714 	NDBG25(("mptsas_set_pkt_reason: cmd=0x%p reason=%x stat=%x",
8715 	    (void *)cmd, reason, stat));
8716 
8717 	if (cmd) {
8718 		if (cmd->cmd_pkt->pkt_reason == CMD_CMPLT) {
8719 			cmd->cmd_pkt->pkt_reason = reason;
8720 		}
8721 		cmd->cmd_pkt->pkt_statistics |= stat;
8722 	}
8723 }
8724 
8725 static void
8726 mptsas_start_watch_reset_delay()
8727 {
8728 	NDBG22(("mptsas_start_watch_reset_delay"));
8729 
8730 	mutex_enter(&mptsas_global_mutex);
8731 	if (mptsas_reset_watch == NULL && mptsas_timeouts_enabled) {
8732 		mptsas_reset_watch = timeout(mptsas_watch_reset_delay, NULL,
8733 		    drv_usectohz((clock_t)
8734 		    MPTSAS_WATCH_RESET_DELAY_TICK * 1000));
8735 		ASSERT(mptsas_reset_watch != NULL);
8736 	}
8737 	mutex_exit(&mptsas_global_mutex);
8738 }
8739 
8740 static void
8741 mptsas_setup_bus_reset_delay(mptsas_t *mpt)
8742 {
8743 	mptsas_target_t	*ptgt = NULL;
8744 
8745 	NDBG22(("mptsas_setup_bus_reset_delay"));
8746 	ptgt = (mptsas_target_t *)mptsas_hash_traverse(&mpt->m_active->m_tgttbl,
8747 	    MPTSAS_HASH_FIRST);
8748 	while (ptgt != NULL) {
8749 		mptsas_set_throttle(mpt, ptgt, HOLD_THROTTLE);
8750 		ptgt->m_reset_delay = mpt->m_scsi_reset_delay;
8751 
8752 		ptgt = (mptsas_target_t *)mptsas_hash_traverse(
8753 		    &mpt->m_active->m_tgttbl, MPTSAS_HASH_NEXT);
8754 	}
8755 
8756 	mptsas_start_watch_reset_delay();
8757 }
8758 
8759 /*
8760  * mptsas_watch_reset_delay(_subr) is invoked by timeout() and checks every
8761  * mpt instance for active reset delays
8762  */
8763 static void
8764 mptsas_watch_reset_delay(void *arg)
8765 {
8766 #ifndef __lock_lint
8767 	_NOTE(ARGUNUSED(arg))
8768 #endif
8769 
8770 	mptsas_t	*mpt;
8771 	int		not_done = 0;
8772 
8773 	NDBG22(("mptsas_watch_reset_delay"));
8774 
8775 	mutex_enter(&mptsas_global_mutex);
8776 	mptsas_reset_watch = 0;
8777 	mutex_exit(&mptsas_global_mutex);
8778 	rw_enter(&mptsas_global_rwlock, RW_READER);
8779 	for (mpt = mptsas_head; mpt != NULL; mpt = mpt->m_next) {
8780 		if (mpt->m_tran == 0) {
8781 			continue;
8782 		}
8783 		mutex_enter(&mpt->m_mutex);
8784 		not_done += mptsas_watch_reset_delay_subr(mpt);
8785 		mutex_exit(&mpt->m_mutex);
8786 	}
8787 	rw_exit(&mptsas_global_rwlock);
8788 
8789 	if (not_done) {
8790 		mptsas_start_watch_reset_delay();
8791 	}
8792 }
8793 
8794 static int
8795 mptsas_watch_reset_delay_subr(mptsas_t *mpt)
8796 {
8797 	int		done = 0;
8798 	int		restart = 0;
8799 	mptsas_target_t	*ptgt = NULL;
8800 
8801 	NDBG22(("mptsas_watch_reset_delay_subr: mpt=0x%p", (void *)mpt));
8802 
8803 	ASSERT(mutex_owned(&mpt->m_mutex));
8804 
8805 	ptgt = (mptsas_target_t *)mptsas_hash_traverse(&mpt->m_active->m_tgttbl,
8806 	    MPTSAS_HASH_FIRST);
8807 	while (ptgt != NULL) {
8808 		if (ptgt->m_reset_delay != 0) {
8809 			ptgt->m_reset_delay -=
8810 			    MPTSAS_WATCH_RESET_DELAY_TICK;
8811 			if (ptgt->m_reset_delay <= 0) {
8812 				ptgt->m_reset_delay = 0;
8813 				mptsas_set_throttle(mpt, ptgt,
8814 				    MAX_THROTTLE);
8815 				restart++;
8816 			} else {
8817 				done = -1;
8818 			}
8819 		}
8820 
8821 		ptgt = (mptsas_target_t *)mptsas_hash_traverse(
8822 		    &mpt->m_active->m_tgttbl, MPTSAS_HASH_NEXT);
8823 	}
8824 
8825 	if (restart > 0) {
8826 		mptsas_restart_hba(mpt);
8827 	}
8828 	return (done);
8829 }
8830 
8831 #ifdef MPTSAS_TEST
8832 static void
8833 mptsas_test_reset(mptsas_t *mpt, int target)
8834 {
8835 	mptsas_target_t    *ptgt = NULL;
8836 
8837 	if (mptsas_rtest == target) {
8838 		if (mptsas_do_scsi_reset(mpt, target) == TRUE) {
8839 			mptsas_rtest = -1;
8840 		}
8841 		if (mptsas_rtest == -1) {
8842 			NDBG22(("mptsas_test_reset success"));
8843 		}
8844 	}
8845 }
8846 #endif
8847 
8848 /*
8849  * abort handling:
8850  *
8851  * Notes:
8852  *	- if pkt is not NULL, abort just that command
8853  *	- if pkt is NULL, abort all outstanding commands for target
8854  */
8855 static int
8856 mptsas_scsi_abort(struct scsi_address *ap, struct scsi_pkt *pkt)
8857 {
8858 	mptsas_t		*mpt = ADDR2MPT(ap);
8859 	int			rval;
8860 	mptsas_tgt_private_t	*tgt_private;
8861 	int			target, lun;
8862 
8863 	tgt_private = (mptsas_tgt_private_t *)ap->a_hba_tran->
8864 	    tran_tgt_private;
8865 	ASSERT(tgt_private != NULL);
8866 	target = tgt_private->t_private->m_devhdl;
8867 	lun = tgt_private->t_lun;
8868 
8869 	NDBG23(("mptsas_scsi_abort: target=%d.%d", target, lun));
8870 
8871 	mutex_enter(&mpt->m_mutex);
8872 	rval = mptsas_do_scsi_abort(mpt, target, lun, pkt);
8873 	mutex_exit(&mpt->m_mutex);
8874 	return (rval);
8875 }
8876 
8877 static int
8878 mptsas_do_scsi_abort(mptsas_t *mpt, int target, int lun, struct scsi_pkt *pkt)
8879 {
8880 	mptsas_cmd_t	*sp = NULL;
8881 	mptsas_slots_t	*slots = mpt->m_active;
8882 	int		rval = FALSE;
8883 
8884 	ASSERT(mutex_owned(&mpt->m_mutex));
8885 
8886 	/*
8887 	 * Abort the command pkt on the target/lun in ap.  If pkt is
8888 	 * NULL, abort all outstanding commands on that target/lun.
8889 	 * If you can abort them, return 1, else return 0.
8890 	 * Each packet that's aborted should be sent back to the target
8891 	 * driver through the callback routine, with pkt_reason set to
8892 	 * CMD_ABORTED.
8893 	 *
8894 	 * abort cmd pkt on HBA hardware; clean out of outstanding
8895 	 * command lists, etc.
8896 	 */
8897 	if (pkt != NULL) {
8898 		/* abort the specified packet */
8899 		sp = PKT2CMD(pkt);
8900 
8901 		if (sp->cmd_queued) {
8902 			NDBG23(("mptsas_do_scsi_abort: queued sp=0x%p aborted",
8903 			    (void *)sp));
8904 			mptsas_waitq_delete(mpt, sp);
8905 			mptsas_set_pkt_reason(mpt, sp, CMD_ABORTED,
8906 			    STAT_ABORTED);
8907 			mptsas_doneq_add(mpt, sp);
8908 			rval = TRUE;
8909 			goto done;
8910 		}
8911 
8912 		/*
8913 		 * Have mpt firmware abort this command
8914 		 */
8915 
8916 		if (slots->m_slot[sp->cmd_slot] != NULL) {
8917 			rval = mptsas_ioc_task_management(mpt,
8918 			    MPI2_SCSITASKMGMT_TASKTYPE_ABORT_TASK, target,
8919 			    lun, NULL, 0, 0);
8920 
8921 			/*
8922 			 * The transport layer expects only TRUE and FALSE.
8923 			 * Therefore, if mptsas_ioc_task_management returns
8924 			 * FAILED we will return FALSE.
8925 			 */
8926 			if (rval == FAILED)
8927 				rval = FALSE;
8928 			goto done;
8929 		}
8930 	}
8931 
8932 	/*
8933 	 * If pkt is NULL then abort task set
8934 	 */
8935 	rval = mptsas_ioc_task_management(mpt,
8936 	    MPI2_SCSITASKMGMT_TASKTYPE_ABRT_TASK_SET, target, lun, NULL, 0, 0);
8937 
8938 	/*
8939 	 * The transport layer expects only TRUE and FALSE.
8940 	 * Therefore, if mptsas_ioc_task_management returns
8941 	 * FAILED we will return FALSE.
8942 	 */
8943 	if (rval == FAILED)
8944 		rval = FALSE;
8945 
8946 #ifdef MPTSAS_TEST
8947 	if (rval && mptsas_test_stop) {
8948 		debug_enter("mptsas_do_scsi_abort");
8949 	}
8950 #endif
8951 
8952 done:
8953 	mptsas_doneq_empty(mpt);
8954 	return (rval);
8955 }
8956 
8957 /*
8958  * capability handling:
8959  * (*tran_getcap).  Get the capability named, and return its value.
8960  */
8961 static int
8962 mptsas_scsi_getcap(struct scsi_address *ap, char *cap, int tgtonly)
8963 {
8964 	mptsas_t	*mpt = ADDR2MPT(ap);
8965 	int		ckey;
8966 	int		rval = FALSE;
8967 
8968 	NDBG24(("mptsas_scsi_getcap: target=%d, cap=%s tgtonly=%x",
8969 	    ap->a_target, cap, tgtonly));
8970 
8971 	mutex_enter(&mpt->m_mutex);
8972 
8973 	if ((mptsas_scsi_capchk(cap, tgtonly, &ckey)) != TRUE) {
8974 		mutex_exit(&mpt->m_mutex);
8975 		return (UNDEFINED);
8976 	}
8977 
8978 	switch (ckey) {
8979 	case SCSI_CAP_DMA_MAX:
8980 		rval = (int)mpt->m_msg_dma_attr.dma_attr_maxxfer;
8981 		break;
8982 	case SCSI_CAP_ARQ:
8983 		rval = TRUE;
8984 		break;
8985 	case SCSI_CAP_MSG_OUT:
8986 	case SCSI_CAP_PARITY:
8987 	case SCSI_CAP_UNTAGGED_QING:
8988 		rval = TRUE;
8989 		break;
8990 	case SCSI_CAP_TAGGED_QING:
8991 		rval = TRUE;
8992 		break;
8993 	case SCSI_CAP_RESET_NOTIFICATION:
8994 		rval = TRUE;
8995 		break;
8996 	case SCSI_CAP_LINKED_CMDS:
8997 		rval = FALSE;
8998 		break;
8999 	case SCSI_CAP_QFULL_RETRIES:
9000 		rval = ((mptsas_tgt_private_t *)(ap->a_hba_tran->
9001 		    tran_tgt_private))->t_private->m_qfull_retries;
9002 		break;
9003 	case SCSI_CAP_QFULL_RETRY_INTERVAL:
9004 		rval = drv_hztousec(((mptsas_tgt_private_t *)
9005 		    (ap->a_hba_tran->tran_tgt_private))->
9006 		    t_private->m_qfull_retry_interval) / 1000;
9007 		break;
9008 	case SCSI_CAP_CDB_LEN:
9009 		rval = CDB_GROUP4;
9010 		break;
9011 	case SCSI_CAP_INTERCONNECT_TYPE:
9012 		rval = INTERCONNECT_SAS;
9013 		break;
9014 	case SCSI_CAP_TRAN_LAYER_RETRIES:
9015 		if (mpt->m_ioc_capabilities &
9016 		    MPI2_IOCFACTS_CAPABILITY_TLR)
9017 			rval = TRUE;
9018 		else
9019 			rval = FALSE;
9020 		break;
9021 	default:
9022 		rval = UNDEFINED;
9023 		break;
9024 	}
9025 
9026 	NDBG24(("mptsas_scsi_getcap: %s, rval=%x", cap, rval));
9027 
9028 	mutex_exit(&mpt->m_mutex);
9029 	return (rval);
9030 }
9031 
9032 /*
9033  * (*tran_setcap).  Set the capability named to the value given.
9034  */
9035 static int
9036 mptsas_scsi_setcap(struct scsi_address *ap, char *cap, int value, int tgtonly)
9037 {
9038 	mptsas_t	*mpt = ADDR2MPT(ap);
9039 	int		ckey;
9040 	int		rval = FALSE;
9041 
9042 	NDBG24(("mptsas_scsi_setcap: target=%d, cap=%s value=%x tgtonly=%x",
9043 	    ap->a_target, cap, value, tgtonly));
9044 
9045 	if (!tgtonly) {
9046 		return (rval);
9047 	}
9048 
9049 	mutex_enter(&mpt->m_mutex);
9050 
9051 	if ((mptsas_scsi_capchk(cap, tgtonly, &ckey)) != TRUE) {
9052 		mutex_exit(&mpt->m_mutex);
9053 		return (UNDEFINED);
9054 	}
9055 
9056 	switch (ckey) {
9057 	case SCSI_CAP_DMA_MAX:
9058 	case SCSI_CAP_MSG_OUT:
9059 	case SCSI_CAP_PARITY:
9060 	case SCSI_CAP_INITIATOR_ID:
9061 	case SCSI_CAP_LINKED_CMDS:
9062 	case SCSI_CAP_UNTAGGED_QING:
9063 	case SCSI_CAP_RESET_NOTIFICATION:
9064 		/*
9065 		 * None of these are settable via
9066 		 * the capability interface.
9067 		 */
9068 		break;
9069 	case SCSI_CAP_ARQ:
9070 		/*
9071 		 * We cannot turn off arq so return false if asked to
9072 		 */
9073 		if (value) {
9074 			rval = TRUE;
9075 		} else {
9076 			rval = FALSE;
9077 		}
9078 		break;
9079 	case SCSI_CAP_TAGGED_QING:
9080 		mptsas_set_throttle(mpt, ((mptsas_tgt_private_t *)
9081 		    (ap->a_hba_tran->tran_tgt_private))->t_private,
9082 		    MAX_THROTTLE);
9083 		rval = TRUE;
9084 		break;
9085 	case SCSI_CAP_QFULL_RETRIES:
9086 		((mptsas_tgt_private_t *)(ap->a_hba_tran->tran_tgt_private))->
9087 		    t_private->m_qfull_retries = (uchar_t)value;
9088 		rval = TRUE;
9089 		break;
9090 	case SCSI_CAP_QFULL_RETRY_INTERVAL:
9091 		((mptsas_tgt_private_t *)(ap->a_hba_tran->tran_tgt_private))->
9092 		    t_private->m_qfull_retry_interval =
9093 		    drv_usectohz(value * 1000);
9094 		rval = TRUE;
9095 		break;
9096 	default:
9097 		rval = UNDEFINED;
9098 		break;
9099 	}
9100 	mutex_exit(&mpt->m_mutex);
9101 	return (rval);
9102 }
9103 
9104 /*
9105  * Utility routine for mptsas_ifsetcap/ifgetcap
9106  */
9107 /*ARGSUSED*/
9108 static int
9109 mptsas_scsi_capchk(char *cap, int tgtonly, int *cidxp)
9110 {
9111 	NDBG24(("mptsas_scsi_capchk: cap=%s", cap));
9112 
9113 	if (!cap)
9114 		return (FALSE);
9115 
9116 	*cidxp = scsi_hba_lookup_capstr(cap);
9117 	return (TRUE);
9118 }
9119 
9120 static int
9121 mptsas_alloc_active_slots(mptsas_t *mpt, int flag)
9122 {
9123 	mptsas_slots_t	*old_active = mpt->m_active;
9124 	mptsas_slots_t	*new_active;
9125 	size_t		size;
9126 	int		rval = -1, i;
9127 
9128 	/*
9129 	 * if there are active commands, then we cannot
9130 	 * change size of active slots array.
9131 	 */
9132 	ASSERT(mpt->m_ncmds == 0);
9133 
9134 	size = MPTSAS_SLOTS_SIZE(mpt);
9135 	new_active = kmem_zalloc(size, flag);
9136 	if (new_active == NULL) {
9137 		NDBG1(("new active alloc failed"));
9138 		return (rval);
9139 	}
9140 	/*
9141 	 * Since SMID 0 is reserved and the TM slot is reserved, the
9142 	 * number of slots that can be used at any one time is
9143 	 * m_max_requests - 2.
9144 	 */
9145 	new_active->m_n_slots = (mpt->m_max_requests - 2);
9146 	new_active->m_size = size;
9147 	new_active->m_tags = 1;
9148 	if (old_active) {
9149 		new_active->m_tgttbl = old_active->m_tgttbl;
9150 		new_active->m_smptbl = old_active->m_smptbl;
9151 		new_active->m_num_raid_configs =
9152 		    old_active->m_num_raid_configs;
9153 		for (i = 0; i < new_active->m_num_raid_configs; i++) {
9154 			new_active->m_raidconfig[i] =
9155 			    old_active->m_raidconfig[i];
9156 		}
9157 		mptsas_free_active_slots(mpt);
9158 	}
9159 	mpt->m_active = new_active;
9160 	rval = 0;
9161 
9162 	return (rval);
9163 }
9164 
9165 static void
9166 mptsas_free_active_slots(mptsas_t *mpt)
9167 {
9168 	mptsas_slots_t	*active = mpt->m_active;
9169 	size_t		size;
9170 
9171 	if (active == NULL)
9172 		return;
9173 	size = active->m_size;
9174 	kmem_free(active, size);
9175 	mpt->m_active = NULL;
9176 }
9177 
9178 /*
9179  * Error logging, printing, and debug print routines.
9180  */
9181 static char *mptsas_label = "mpt_sas";
9182 
9183 /*PRINTFLIKE3*/
9184 void
9185 mptsas_log(mptsas_t *mpt, int level, char *fmt, ...)
9186 {
9187 	dev_info_t	*dev;
9188 	va_list		ap;
9189 
9190 	if (mpt) {
9191 		dev = mpt->m_dip;
9192 	} else {
9193 		dev = 0;
9194 	}
9195 
9196 	mutex_enter(&mptsas_log_mutex);
9197 
9198 	va_start(ap, fmt);
9199 	(void) vsprintf(mptsas_log_buf, fmt, ap);
9200 	va_end(ap);
9201 
9202 	if (level == CE_CONT) {
9203 		scsi_log(dev, mptsas_label, level, "%s\n", mptsas_log_buf);
9204 	} else {
9205 		scsi_log(dev, mptsas_label, level, "%s", mptsas_log_buf);
9206 	}
9207 
9208 	mutex_exit(&mptsas_log_mutex);
9209 }
9210 
9211 #ifdef MPTSAS_DEBUG
9212 /*PRINTFLIKE1*/
9213 void
9214 mptsas_printf(char *fmt, ...)
9215 {
9216 	dev_info_t	*dev = 0;
9217 	va_list		ap;
9218 
9219 	mutex_enter(&mptsas_log_mutex);
9220 
9221 	va_start(ap, fmt);
9222 	(void) vsprintf(mptsas_log_buf, fmt, ap);
9223 	va_end(ap);
9224 
9225 #ifdef PROM_PRINTF
9226 	prom_printf("%s:\t%s\n", mptsas_label, mptsas_log_buf);
9227 #else
9228 	scsi_log(dev, mptsas_label, SCSI_DEBUG, "%s\n", mptsas_log_buf);
9229 #endif
9230 	mutex_exit(&mptsas_log_mutex);
9231 }
9232 #endif
9233 
9234 /*
9235  * timeout handling
9236  */
9237 static void
9238 mptsas_watch(void *arg)
9239 {
9240 #ifndef __lock_lint
9241 	_NOTE(ARGUNUSED(arg))
9242 #endif
9243 
9244 	mptsas_t	*mpt;
9245 	uint32_t	doorbell;
9246 
9247 	NDBG30(("mptsas_watch"));
9248 
9249 	rw_enter(&mptsas_global_rwlock, RW_READER);
9250 	for (mpt = mptsas_head; mpt != (mptsas_t *)NULL; mpt = mpt->m_next) {
9251 
9252 		mutex_enter(&mpt->m_mutex);
9253 
9254 		/* Skip device if not powered on */
9255 		if (mpt->m_options & MPTSAS_OPT_PM) {
9256 			if (mpt->m_power_level == PM_LEVEL_D0) {
9257 				(void) pm_busy_component(mpt->m_dip, 0);
9258 				mpt->m_busy = 1;
9259 			} else {
9260 				mutex_exit(&mpt->m_mutex);
9261 				continue;
9262 			}
9263 		}
9264 
9265 		/*
9266 		 * Check if controller is in a FAULT state. If so, reset it.
9267 		 */
9268 		doorbell = ddi_get32(mpt->m_datap, &mpt->m_reg->Doorbell);
9269 		if ((doorbell & MPI2_IOC_STATE_MASK) == MPI2_IOC_STATE_FAULT) {
9270 			doorbell &= MPI2_DOORBELL_DATA_MASK;
9271 			mptsas_log(mpt, CE_WARN, "MPT Firmware Fault, "
9272 			    "code: %04x", doorbell);
9273 			mpt->m_softstate &= ~MPTSAS_SS_MSG_UNIT_RESET;
9274 			if ((mptsas_restart_ioc(mpt)) == DDI_FAILURE) {
9275 				mptsas_log(mpt, CE_WARN, "Reset failed"
9276 				    "after fault was detected");
9277 			}
9278 		}
9279 
9280 		/*
9281 		 * For now, always call mptsas_watchsubr.
9282 		 */
9283 		mptsas_watchsubr(mpt);
9284 
9285 		if (mpt->m_options & MPTSAS_OPT_PM) {
9286 			mpt->m_busy = 0;
9287 			(void) pm_idle_component(mpt->m_dip, 0);
9288 		}
9289 
9290 		mutex_exit(&mpt->m_mutex);
9291 	}
9292 	rw_exit(&mptsas_global_rwlock);
9293 
9294 	mutex_enter(&mptsas_global_mutex);
9295 	if (mptsas_timeouts_enabled)
9296 		mptsas_timeout_id = timeout(mptsas_watch, NULL, mptsas_tick);
9297 	mutex_exit(&mptsas_global_mutex);
9298 }
9299 
9300 static void
9301 mptsas_watchsubr(mptsas_t *mpt)
9302 {
9303 	int		i;
9304 	mptsas_cmd_t	*cmd;
9305 	mptsas_target_t	*ptgt = NULL;
9306 
9307 	NDBG30(("mptsas_watchsubr: mpt=0x%p", (void *)mpt));
9308 
9309 #ifdef MPTSAS_TEST
9310 	if (mptsas_enable_untagged) {
9311 		mptsas_test_untagged++;
9312 	}
9313 #endif
9314 
9315 	/*
9316 	 * Check for commands stuck in active slot
9317 	 * Account for TM requests, which use the last SMID.
9318 	 */
9319 	for (i = 0; i <= mpt->m_active->m_n_slots; i++) {
9320 		if ((cmd = mpt->m_active->m_slot[i]) != NULL) {
9321 			if ((cmd->cmd_flags & CFLAG_CMDIOC) == 0) {
9322 				cmd->cmd_active_timeout -=
9323 				    mptsas_scsi_watchdog_tick;
9324 				if (cmd->cmd_active_timeout <= 0) {
9325 					/*
9326 					 * There seems to be a command stuck
9327 					 * in the active slot.  Drain throttle.
9328 					 */
9329 					mptsas_set_throttle(mpt,
9330 					    cmd->cmd_tgt_addr,
9331 					    DRAIN_THROTTLE);
9332 				}
9333 			}
9334 			if ((cmd->cmd_flags & CFLAG_PASSTHRU) ||
9335 			    (cmd->cmd_flags & CFLAG_CONFIG) ||
9336 			    (cmd->cmd_flags & CFLAG_FW_DIAG)) {
9337 				cmd->cmd_active_timeout -=
9338 				    mptsas_scsi_watchdog_tick;
9339 				if (cmd->cmd_active_timeout <= 0) {
9340 					/*
9341 					 * passthrough command timeout
9342 					 */
9343 					cmd->cmd_flags |= (CFLAG_FINISHED |
9344 					    CFLAG_TIMEOUT);
9345 					cv_broadcast(&mpt->m_passthru_cv);
9346 					cv_broadcast(&mpt->m_config_cv);
9347 					cv_broadcast(&mpt->m_fw_diag_cv);
9348 				}
9349 			}
9350 		}
9351 	}
9352 
9353 	ptgt = (mptsas_target_t *)mptsas_hash_traverse(&mpt->m_active->m_tgttbl,
9354 	    MPTSAS_HASH_FIRST);
9355 	while (ptgt != NULL) {
9356 		/*
9357 		 * If we were draining due to a qfull condition,
9358 		 * go back to full throttle.
9359 		 */
9360 		if ((ptgt->m_t_throttle < MAX_THROTTLE) &&
9361 		    (ptgt->m_t_throttle > HOLD_THROTTLE) &&
9362 		    (ptgt->m_t_ncmds < ptgt->m_t_throttle)) {
9363 			mptsas_set_throttle(mpt, ptgt, MAX_THROTTLE);
9364 			mptsas_restart_hba(mpt);
9365 		}
9366 
9367 		if ((ptgt->m_t_ncmds > 0) &&
9368 		    (ptgt->m_timebase)) {
9369 
9370 			if (ptgt->m_timebase <=
9371 			    mptsas_scsi_watchdog_tick) {
9372 				ptgt->m_timebase +=
9373 				    mptsas_scsi_watchdog_tick;
9374 				ptgt = (mptsas_target_t *)mptsas_hash_traverse(
9375 				    &mpt->m_active->m_tgttbl, MPTSAS_HASH_NEXT);
9376 				continue;
9377 			}
9378 
9379 			ptgt->m_timeout -= mptsas_scsi_watchdog_tick;
9380 
9381 			if (ptgt->m_timeout < 0) {
9382 				mptsas_cmd_timeout(mpt, ptgt->m_devhdl);
9383 				ptgt = (mptsas_target_t *)mptsas_hash_traverse(
9384 				    &mpt->m_active->m_tgttbl, MPTSAS_HASH_NEXT);
9385 				continue;
9386 			}
9387 
9388 			if ((ptgt->m_timeout) <=
9389 			    mptsas_scsi_watchdog_tick) {
9390 				NDBG23(("pending timeout"));
9391 				mptsas_set_throttle(mpt, ptgt,
9392 				    DRAIN_THROTTLE);
9393 			}
9394 		}
9395 
9396 		ptgt = (mptsas_target_t *)mptsas_hash_traverse(
9397 		    &mpt->m_active->m_tgttbl, MPTSAS_HASH_NEXT);
9398 	}
9399 }
9400 
9401 /*
9402  * timeout recovery
9403  */
9404 static void
9405 mptsas_cmd_timeout(mptsas_t *mpt, uint16_t devhdl)
9406 {
9407 
9408 	NDBG29(("mptsas_cmd_timeout: target=%d", devhdl));
9409 	mptsas_log(mpt, CE_WARN, "Disconnected command timeout for "
9410 	    "Target %d", devhdl);
9411 
9412 	/*
9413 	 * If the current target is not the target passed in,
9414 	 * try to reset that target.
9415 	 */
9416 	NDBG29(("mptsas_cmd_timeout: device reset"));
9417 	if (mptsas_do_scsi_reset(mpt, devhdl) != TRUE) {
9418 		mptsas_log(mpt, CE_WARN, "Target %d reset for command timeout "
9419 		    "recovery failed!", devhdl);
9420 	}
9421 }
9422 
9423 /*
9424  * Device / Hotplug control
9425  */
9426 static int
9427 mptsas_scsi_quiesce(dev_info_t *dip)
9428 {
9429 	mptsas_t	*mpt;
9430 	scsi_hba_tran_t	*tran;
9431 
9432 	tran = ddi_get_driver_private(dip);
9433 	if (tran == NULL || (mpt = TRAN2MPT(tran)) == NULL)
9434 		return (-1);
9435 
9436 	return (mptsas_quiesce_bus(mpt));
9437 }
9438 
9439 static int
9440 mptsas_scsi_unquiesce(dev_info_t *dip)
9441 {
9442 	mptsas_t		*mpt;
9443 	scsi_hba_tran_t	*tran;
9444 
9445 	tran = ddi_get_driver_private(dip);
9446 	if (tran == NULL || (mpt = TRAN2MPT(tran)) == NULL)
9447 		return (-1);
9448 
9449 	return (mptsas_unquiesce_bus(mpt));
9450 }
9451 
9452 static int
9453 mptsas_quiesce_bus(mptsas_t *mpt)
9454 {
9455 	mptsas_target_t	*ptgt = NULL;
9456 
9457 	NDBG28(("mptsas_quiesce_bus"));
9458 	mutex_enter(&mpt->m_mutex);
9459 
9460 	/* Set all the throttles to zero */
9461 	ptgt = (mptsas_target_t *)mptsas_hash_traverse(&mpt->m_active->m_tgttbl,
9462 	    MPTSAS_HASH_FIRST);
9463 	while (ptgt != NULL) {
9464 		mptsas_set_throttle(mpt, ptgt, HOLD_THROTTLE);
9465 
9466 		ptgt = (mptsas_target_t *)mptsas_hash_traverse(
9467 		    &mpt->m_active->m_tgttbl, MPTSAS_HASH_NEXT);
9468 	}
9469 
9470 	/* If there are any outstanding commands in the queue */
9471 	if (mpt->m_ncmds) {
9472 		mpt->m_softstate |= MPTSAS_SS_DRAINING;
9473 		mpt->m_quiesce_timeid = timeout(mptsas_ncmds_checkdrain,
9474 		    mpt, (MPTSAS_QUIESCE_TIMEOUT * drv_usectohz(1000000)));
9475 		if (cv_wait_sig(&mpt->m_cv, &mpt->m_mutex) == 0) {
9476 			/*
9477 			 * Quiesce has been interrupted
9478 			 */
9479 			mpt->m_softstate &= ~MPTSAS_SS_DRAINING;
9480 			ptgt = (mptsas_target_t *)mptsas_hash_traverse(
9481 			    &mpt->m_active->m_tgttbl, MPTSAS_HASH_FIRST);
9482 			while (ptgt != NULL) {
9483 				mptsas_set_throttle(mpt, ptgt, MAX_THROTTLE);
9484 
9485 				ptgt = (mptsas_target_t *)mptsas_hash_traverse(
9486 				    &mpt->m_active->m_tgttbl, MPTSAS_HASH_NEXT);
9487 			}
9488 			mptsas_restart_hba(mpt);
9489 			if (mpt->m_quiesce_timeid != 0) {
9490 				timeout_id_t tid = mpt->m_quiesce_timeid;
9491 				mpt->m_quiesce_timeid = 0;
9492 				mutex_exit(&mpt->m_mutex);
9493 				(void) untimeout(tid);
9494 				return (-1);
9495 			}
9496 			mutex_exit(&mpt->m_mutex);
9497 			return (-1);
9498 		} else {
9499 			/* Bus has been quiesced */
9500 			ASSERT(mpt->m_quiesce_timeid == 0);
9501 			mpt->m_softstate &= ~MPTSAS_SS_DRAINING;
9502 			mpt->m_softstate |= MPTSAS_SS_QUIESCED;
9503 			mutex_exit(&mpt->m_mutex);
9504 			return (0);
9505 		}
9506 	}
9507 	/* Bus was not busy - QUIESCED */
9508 	mutex_exit(&mpt->m_mutex);
9509 
9510 	return (0);
9511 }
9512 
9513 static int
9514 mptsas_unquiesce_bus(mptsas_t *mpt)
9515 {
9516 	mptsas_target_t	*ptgt = NULL;
9517 
9518 	NDBG28(("mptsas_unquiesce_bus"));
9519 	mutex_enter(&mpt->m_mutex);
9520 	mpt->m_softstate &= ~MPTSAS_SS_QUIESCED;
9521 	ptgt = (mptsas_target_t *)mptsas_hash_traverse(&mpt->m_active->m_tgttbl,
9522 	    MPTSAS_HASH_FIRST);
9523 	while (ptgt != NULL) {
9524 		mptsas_set_throttle(mpt, ptgt, MAX_THROTTLE);
9525 
9526 		ptgt = (mptsas_target_t *)mptsas_hash_traverse(
9527 		    &mpt->m_active->m_tgttbl, MPTSAS_HASH_NEXT);
9528 	}
9529 	mptsas_restart_hba(mpt);
9530 	mutex_exit(&mpt->m_mutex);
9531 	return (0);
9532 }
9533 
9534 static void
9535 mptsas_ncmds_checkdrain(void *arg)
9536 {
9537 	mptsas_t	*mpt = arg;
9538 	mptsas_target_t	*ptgt = NULL;
9539 
9540 	mutex_enter(&mpt->m_mutex);
9541 	if (mpt->m_softstate & MPTSAS_SS_DRAINING) {
9542 		mpt->m_quiesce_timeid = 0;
9543 		if (mpt->m_ncmds == 0) {
9544 			/* Command queue has been drained */
9545 			cv_signal(&mpt->m_cv);
9546 		} else {
9547 			/*
9548 			 * The throttle may have been reset because
9549 			 * of a SCSI bus reset
9550 			 */
9551 			ptgt = (mptsas_target_t *)mptsas_hash_traverse(
9552 			    &mpt->m_active->m_tgttbl, MPTSAS_HASH_FIRST);
9553 			while (ptgt != NULL) {
9554 				mptsas_set_throttle(mpt, ptgt, HOLD_THROTTLE);
9555 
9556 				ptgt = (mptsas_target_t *)mptsas_hash_traverse(
9557 				    &mpt->m_active->m_tgttbl, MPTSAS_HASH_NEXT);
9558 			}
9559 
9560 			mpt->m_quiesce_timeid = timeout(mptsas_ncmds_checkdrain,
9561 			    mpt, (MPTSAS_QUIESCE_TIMEOUT *
9562 			    drv_usectohz(1000000)));
9563 		}
9564 	}
9565 	mutex_exit(&mpt->m_mutex);
9566 }
9567 
9568 /*ARGSUSED*/
9569 static void
9570 mptsas_dump_cmd(mptsas_t *mpt, mptsas_cmd_t *cmd)
9571 {
9572 	int	i;
9573 	uint8_t	*cp = (uchar_t *)cmd->cmd_pkt->pkt_cdbp;
9574 	char	buf[128];
9575 
9576 	buf[0] = '\0';
9577 	NDBG25(("?Cmd (0x%p) dump for Target %d Lun %d:\n", (void *)cmd,
9578 	    Tgt(cmd), Lun(cmd)));
9579 	(void) sprintf(&buf[0], "\tcdb=[");
9580 	for (i = 0; i < (int)cmd->cmd_cdblen; i++) {
9581 		(void) sprintf(&buf[strlen(buf)], " 0x%x", *cp++);
9582 	}
9583 	(void) sprintf(&buf[strlen(buf)], " ]");
9584 	NDBG25(("?%s\n", buf));
9585 	NDBG25(("?pkt_flags=0x%x pkt_statistics=0x%x pkt_state=0x%x\n",
9586 	    cmd->cmd_pkt->pkt_flags, cmd->cmd_pkt->pkt_statistics,
9587 	    cmd->cmd_pkt->pkt_state));
9588 	NDBG25(("?pkt_scbp=0x%x cmd_flags=0x%x\n", cmd->cmd_pkt->pkt_scbp ?
9589 	    *(cmd->cmd_pkt->pkt_scbp) : 0, cmd->cmd_flags));
9590 }
9591 
9592 static void
9593 mptsas_start_passthru(mptsas_t *mpt, mptsas_cmd_t *cmd)
9594 {
9595 	caddr_t			memp;
9596 	pMPI2RequestHeader_t	request_hdrp;
9597 	struct scsi_pkt		*pkt = cmd->cmd_pkt;
9598 	mptsas_pt_request_t	*pt = pkt->pkt_ha_private;
9599 	uint32_t		request_size, data_size, dataout_size;
9600 	uint32_t		direction;
9601 	ddi_dma_cookie_t	data_cookie;
9602 	ddi_dma_cookie_t	dataout_cookie;
9603 	uint32_t		request_desc_low, request_desc_high = 0;
9604 	uint32_t		i, sense_bufp;
9605 	uint8_t			desc_type;
9606 	uint8_t			*request, function;
9607 	ddi_dma_handle_t	dma_hdl = mpt->m_dma_req_frame_hdl;
9608 	ddi_acc_handle_t	acc_hdl = mpt->m_acc_req_frame_hdl;
9609 
9610 	desc_type = MPI2_REQ_DESCRIPT_FLAGS_DEFAULT_TYPE;
9611 
9612 	request = pt->request;
9613 	direction = pt->direction;
9614 	request_size = pt->request_size;
9615 	data_size = pt->data_size;
9616 	dataout_size = pt->dataout_size;
9617 	data_cookie = pt->data_cookie;
9618 	dataout_cookie = pt->dataout_cookie;
9619 
9620 	/*
9621 	 * Store the passthrough message in memory location
9622 	 * corresponding to our slot number
9623 	 */
9624 	memp = mpt->m_req_frame + (mpt->m_req_frame_size * cmd->cmd_slot);
9625 	request_hdrp = (pMPI2RequestHeader_t)memp;
9626 	bzero(memp, mpt->m_req_frame_size);
9627 
9628 	for (i = 0; i < request_size; i++) {
9629 		bcopy(request + i, memp + i, 1);
9630 	}
9631 
9632 	if (data_size || dataout_size) {
9633 		pMpi2SGESimple64_t	sgep;
9634 		uint32_t		sge_flags;
9635 
9636 		sgep = (pMpi2SGESimple64_t)((uint8_t *)request_hdrp +
9637 		    request_size);
9638 		if (dataout_size) {
9639 
9640 			sge_flags = dataout_size |
9641 			    ((uint32_t)(MPI2_SGE_FLAGS_SIMPLE_ELEMENT |
9642 			    MPI2_SGE_FLAGS_END_OF_BUFFER |
9643 			    MPI2_SGE_FLAGS_HOST_TO_IOC |
9644 			    MPI2_SGE_FLAGS_64_BIT_ADDRESSING) <<
9645 			    MPI2_SGE_FLAGS_SHIFT);
9646 			ddi_put32(acc_hdl, &sgep->FlagsLength, sge_flags);
9647 			ddi_put32(acc_hdl, &sgep->Address.Low,
9648 			    (uint32_t)(dataout_cookie.dmac_laddress &
9649 			    0xffffffffull));
9650 			ddi_put32(acc_hdl, &sgep->Address.High,
9651 			    (uint32_t)(dataout_cookie.dmac_laddress
9652 			    >> 32));
9653 			sgep++;
9654 		}
9655 		sge_flags = data_size;
9656 		sge_flags |= ((uint32_t)(MPI2_SGE_FLAGS_SIMPLE_ELEMENT |
9657 		    MPI2_SGE_FLAGS_LAST_ELEMENT |
9658 		    MPI2_SGE_FLAGS_END_OF_BUFFER |
9659 		    MPI2_SGE_FLAGS_END_OF_LIST |
9660 		    MPI2_SGE_FLAGS_64_BIT_ADDRESSING) <<
9661 		    MPI2_SGE_FLAGS_SHIFT);
9662 		if (direction == MPTSAS_PASS_THRU_DIRECTION_WRITE) {
9663 			sge_flags |= ((uint32_t)(MPI2_SGE_FLAGS_HOST_TO_IOC) <<
9664 			    MPI2_SGE_FLAGS_SHIFT);
9665 		} else {
9666 			sge_flags |= ((uint32_t)(MPI2_SGE_FLAGS_IOC_TO_HOST) <<
9667 			    MPI2_SGE_FLAGS_SHIFT);
9668 		}
9669 		ddi_put32(acc_hdl, &sgep->FlagsLength,
9670 		    sge_flags);
9671 		ddi_put32(acc_hdl, &sgep->Address.Low,
9672 		    (uint32_t)(data_cookie.dmac_laddress &
9673 		    0xffffffffull));
9674 		ddi_put32(acc_hdl, &sgep->Address.High,
9675 		    (uint32_t)(data_cookie.dmac_laddress >> 32));
9676 	}
9677 
9678 	function = request_hdrp->Function;
9679 	if ((function == MPI2_FUNCTION_SCSI_IO_REQUEST) ||
9680 	    (function == MPI2_FUNCTION_RAID_SCSI_IO_PASSTHROUGH)) {
9681 		pMpi2SCSIIORequest_t	scsi_io_req;
9682 
9683 		scsi_io_req = (pMpi2SCSIIORequest_t)request_hdrp;
9684 		/*
9685 		 * Put SGE for data and data_out buffer at the end of
9686 		 * scsi_io_request message header.(64 bytes in total)
9687 		 * Following above SGEs, the residual space will be
9688 		 * used by sense data.
9689 		 */
9690 		ddi_put8(acc_hdl,
9691 		    &scsi_io_req->SenseBufferLength,
9692 		    (uint8_t)(request_size - 64));
9693 
9694 		sense_bufp = mpt->m_req_frame_dma_addr +
9695 		    (mpt->m_req_frame_size * cmd->cmd_slot);
9696 		sense_bufp += 64;
9697 		ddi_put32(acc_hdl,
9698 		    &scsi_io_req->SenseBufferLowAddress, sense_bufp);
9699 
9700 		/*
9701 		 * Set SGLOffset0 value
9702 		 */
9703 		ddi_put8(acc_hdl, &scsi_io_req->SGLOffset0,
9704 		    offsetof(MPI2_SCSI_IO_REQUEST, SGL) / 4);
9705 
9706 		/*
9707 		 * Setup descriptor info.  RAID passthrough must use the
9708 		 * default request descriptor which is already set, so if this
9709 		 * is a SCSI IO request, change the descriptor to SCSI IO.
9710 		 */
9711 		if (function == MPI2_FUNCTION_SCSI_IO_REQUEST) {
9712 			desc_type = MPI2_REQ_DESCRIPT_FLAGS_SCSI_IO;
9713 			request_desc_high = (ddi_get16(acc_hdl,
9714 			    &scsi_io_req->DevHandle) << 16);
9715 		}
9716 	}
9717 
9718 	/*
9719 	 * We must wait till the message has been completed before
9720 	 * beginning the next message so we wait for this one to
9721 	 * finish.
9722 	 */
9723 	(void) ddi_dma_sync(dma_hdl, 0, 0, DDI_DMA_SYNC_FORDEV);
9724 	request_desc_low = (cmd->cmd_slot << 16) + desc_type;
9725 	cmd->cmd_rfm = NULL;
9726 	MPTSAS_START_CMD(mpt, request_desc_low, request_desc_high);
9727 	if ((mptsas_check_dma_handle(dma_hdl) != DDI_SUCCESS) ||
9728 	    (mptsas_check_acc_handle(acc_hdl) != DDI_SUCCESS)) {
9729 		ddi_fm_service_impact(mpt->m_dip, DDI_SERVICE_UNAFFECTED);
9730 	}
9731 }
9732 
9733 
9734 
9735 static int
9736 mptsas_do_passthru(mptsas_t *mpt, uint8_t *request, uint8_t *reply,
9737     uint8_t *data, uint32_t request_size, uint32_t reply_size,
9738     uint32_t data_size, uint32_t direction, uint8_t *dataout,
9739     uint32_t dataout_size, short timeout, int mode)
9740 {
9741 	mptsas_pt_request_t		pt;
9742 	mptsas_dma_alloc_state_t	data_dma_state;
9743 	mptsas_dma_alloc_state_t	dataout_dma_state;
9744 	caddr_t				memp;
9745 	mptsas_cmd_t			*cmd = NULL;
9746 	struct scsi_pkt			*pkt;
9747 	uint32_t			reply_len = 0, sense_len = 0;
9748 	pMPI2RequestHeader_t		request_hdrp;
9749 	pMPI2RequestHeader_t		request_msg;
9750 	pMPI2DefaultReply_t		reply_msg;
9751 	Mpi2SCSIIOReply_t		rep_msg;
9752 	int				i, status = 0, pt_flags = 0, rv = 0;
9753 	int				rvalue;
9754 	uint8_t				function;
9755 
9756 	ASSERT(mutex_owned(&mpt->m_mutex));
9757 
9758 	reply_msg = (pMPI2DefaultReply_t)(&rep_msg);
9759 	bzero(reply_msg, sizeof (MPI2_DEFAULT_REPLY));
9760 	request_msg = kmem_zalloc(request_size, KM_SLEEP);
9761 
9762 	mutex_exit(&mpt->m_mutex);
9763 	/*
9764 	 * copy in the request buffer since it could be used by
9765 	 * another thread when the pt request into waitq
9766 	 */
9767 	if (ddi_copyin(request, request_msg, request_size, mode)) {
9768 		mutex_enter(&mpt->m_mutex);
9769 		status = EFAULT;
9770 		mptsas_log(mpt, CE_WARN, "failed to copy request data");
9771 		goto out;
9772 	}
9773 	mutex_enter(&mpt->m_mutex);
9774 
9775 	function = request_msg->Function;
9776 	if (function == MPI2_FUNCTION_SCSI_TASK_MGMT) {
9777 		pMpi2SCSITaskManagementRequest_t	task;
9778 		task = (pMpi2SCSITaskManagementRequest_t)request_msg;
9779 		mptsas_setup_bus_reset_delay(mpt);
9780 		rv = mptsas_ioc_task_management(mpt, task->TaskType,
9781 		    task->DevHandle, (int)task->LUN[1], reply, reply_size,
9782 		    mode);
9783 
9784 		if (rv != TRUE) {
9785 			status = EIO;
9786 			mptsas_log(mpt, CE_WARN, "task management failed");
9787 		}
9788 		goto out;
9789 	}
9790 
9791 	if (data_size != 0) {
9792 		data_dma_state.size = data_size;
9793 		if (mptsas_dma_alloc(mpt, &data_dma_state) != DDI_SUCCESS) {
9794 			status = ENOMEM;
9795 			mptsas_log(mpt, CE_WARN, "failed to alloc DMA "
9796 			    "resource");
9797 			goto out;
9798 		}
9799 		pt_flags |= MPTSAS_DATA_ALLOCATED;
9800 		if (direction == MPTSAS_PASS_THRU_DIRECTION_WRITE) {
9801 			mutex_exit(&mpt->m_mutex);
9802 			for (i = 0; i < data_size; i++) {
9803 				if (ddi_copyin(data + i, (uint8_t *)
9804 				    data_dma_state.memp + i, 1, mode)) {
9805 					mutex_enter(&mpt->m_mutex);
9806 					status = EFAULT;
9807 					mptsas_log(mpt, CE_WARN, "failed to "
9808 					    "copy read data");
9809 					goto out;
9810 				}
9811 			}
9812 			mutex_enter(&mpt->m_mutex);
9813 		}
9814 	}
9815 
9816 	if (dataout_size != 0) {
9817 		dataout_dma_state.size = dataout_size;
9818 		if (mptsas_dma_alloc(mpt, &dataout_dma_state) != DDI_SUCCESS) {
9819 			status = ENOMEM;
9820 			mptsas_log(mpt, CE_WARN, "failed to alloc DMA "
9821 			    "resource");
9822 			goto out;
9823 		}
9824 		pt_flags |= MPTSAS_DATAOUT_ALLOCATED;
9825 		mutex_exit(&mpt->m_mutex);
9826 		for (i = 0; i < dataout_size; i++) {
9827 			if (ddi_copyin(dataout + i, (uint8_t *)
9828 			    dataout_dma_state.memp + i, 1, mode)) {
9829 				mutex_enter(&mpt->m_mutex);
9830 				mptsas_log(mpt, CE_WARN, "failed to copy out"
9831 				    " data");
9832 				status = EFAULT;
9833 				goto out;
9834 			}
9835 		}
9836 		mutex_enter(&mpt->m_mutex);
9837 	}
9838 
9839 	if ((rvalue = (mptsas_request_from_pool(mpt, &cmd, &pkt))) == -1) {
9840 		status = EAGAIN;
9841 		mptsas_log(mpt, CE_NOTE, "event ack command pool is full");
9842 		goto out;
9843 	}
9844 	pt_flags |= MPTSAS_REQUEST_POOL_CMD;
9845 
9846 	bzero((caddr_t)cmd, sizeof (*cmd));
9847 	bzero((caddr_t)pkt, scsi_pkt_size());
9848 	bzero((caddr_t)&pt, sizeof (pt));
9849 
9850 	cmd->ioc_cmd_slot = (uint32_t)(rvalue);
9851 
9852 	pt.request = (uint8_t *)request_msg;
9853 	pt.direction = direction;
9854 	pt.request_size = request_size;
9855 	pt.data_size = data_size;
9856 	pt.dataout_size = dataout_size;
9857 	pt.data_cookie = data_dma_state.cookie;
9858 	pt.dataout_cookie = dataout_dma_state.cookie;
9859 
9860 	/*
9861 	 * Form a blank cmd/pkt to store the acknowledgement message
9862 	 */
9863 	pkt->pkt_cdbp		= (opaque_t)&cmd->cmd_cdb[0];
9864 	pkt->pkt_scbp		= (opaque_t)&cmd->cmd_scb;
9865 	pkt->pkt_ha_private	= (opaque_t)&pt;
9866 	pkt->pkt_flags		= FLAG_HEAD;
9867 	pkt->pkt_time		= timeout;
9868 	cmd->cmd_pkt		= pkt;
9869 	cmd->cmd_flags		= CFLAG_CMDIOC | CFLAG_PASSTHRU;
9870 
9871 	/*
9872 	 * Save the command in a slot
9873 	 */
9874 	if (mptsas_save_cmd(mpt, cmd) == TRUE) {
9875 		/*
9876 		 * Once passthru command get slot, set cmd_flags
9877 		 * CFLAG_PREPARED.
9878 		 */
9879 		cmd->cmd_flags |= CFLAG_PREPARED;
9880 		mptsas_start_passthru(mpt, cmd);
9881 	} else {
9882 		mptsas_waitq_add(mpt, cmd);
9883 	}
9884 
9885 	while ((cmd->cmd_flags & CFLAG_FINISHED) == 0) {
9886 		cv_wait(&mpt->m_passthru_cv, &mpt->m_mutex);
9887 	}
9888 
9889 	if (cmd->cmd_flags & CFLAG_PREPARED) {
9890 		memp = mpt->m_req_frame + (mpt->m_req_frame_size *
9891 		    cmd->cmd_slot);
9892 		request_hdrp = (pMPI2RequestHeader_t)memp;
9893 	}
9894 
9895 	if (cmd->cmd_flags & CFLAG_TIMEOUT) {
9896 		status = ETIMEDOUT;
9897 		mptsas_log(mpt, CE_WARN, "passthrough command timeout");
9898 		pt_flags |= MPTSAS_CMD_TIMEOUT;
9899 		goto out;
9900 	}
9901 
9902 	if (cmd->cmd_rfm) {
9903 		/*
9904 		 * cmd_rfm is zero means the command reply is a CONTEXT
9905 		 * reply and no PCI Write to post the free reply SMFA
9906 		 * because no reply message frame is used.
9907 		 * cmd_rfm is non-zero means the reply is a ADDRESS
9908 		 * reply and reply message frame is used.
9909 		 */
9910 		pt_flags |= MPTSAS_ADDRESS_REPLY;
9911 		(void) ddi_dma_sync(mpt->m_dma_reply_frame_hdl, 0, 0,
9912 		    DDI_DMA_SYNC_FORCPU);
9913 		reply_msg = (pMPI2DefaultReply_t)
9914 		    (mpt->m_reply_frame + (cmd->cmd_rfm -
9915 		    mpt->m_reply_frame_dma_addr));
9916 	}
9917 
9918 	mptsas_fma_check(mpt, cmd);
9919 	if (pkt->pkt_reason == CMD_TRAN_ERR) {
9920 		status = EAGAIN;
9921 		mptsas_log(mpt, CE_WARN, "passthru fma error");
9922 		goto out;
9923 	}
9924 	if (pkt->pkt_reason == CMD_RESET) {
9925 		status = EAGAIN;
9926 		mptsas_log(mpt, CE_WARN, "ioc reset abort passthru");
9927 		goto out;
9928 	}
9929 
9930 	if (pkt->pkt_reason == CMD_INCOMPLETE) {
9931 		status = EIO;
9932 		mptsas_log(mpt, CE_WARN, "passthrough command incomplete");
9933 		goto out;
9934 	}
9935 
9936 	mutex_exit(&mpt->m_mutex);
9937 	if (cmd->cmd_flags & CFLAG_PREPARED) {
9938 		function = request_hdrp->Function;
9939 		if ((function == MPI2_FUNCTION_SCSI_IO_REQUEST) ||
9940 		    (function == MPI2_FUNCTION_RAID_SCSI_IO_PASSTHROUGH)) {
9941 			reply_len = sizeof (MPI2_SCSI_IO_REPLY);
9942 			sense_len = reply_size - reply_len;
9943 		} else {
9944 			reply_len = reply_size;
9945 			sense_len = 0;
9946 		}
9947 
9948 		for (i = 0; i < reply_len; i++) {
9949 			if (ddi_copyout((uint8_t *)reply_msg + i, reply + i, 1,
9950 			    mode)) {
9951 				mutex_enter(&mpt->m_mutex);
9952 				status = EFAULT;
9953 				mptsas_log(mpt, CE_WARN, "failed to copy out "
9954 				    "reply data");
9955 				goto out;
9956 			}
9957 		}
9958 		for (i = 0; i < sense_len; i++) {
9959 			if (ddi_copyout((uint8_t *)request_hdrp + 64 + i,
9960 			    reply + reply_len + i, 1, mode)) {
9961 				mutex_enter(&mpt->m_mutex);
9962 				status = EFAULT;
9963 				mptsas_log(mpt, CE_WARN, "failed to copy out "
9964 				    "sense data");
9965 				goto out;
9966 			}
9967 		}
9968 	}
9969 
9970 	if (data_size) {
9971 		if (direction != MPTSAS_PASS_THRU_DIRECTION_WRITE) {
9972 			(void) ddi_dma_sync(data_dma_state.handle, 0, 0,
9973 			    DDI_DMA_SYNC_FORCPU);
9974 			for (i = 0; i < data_size; i++) {
9975 				if (ddi_copyout((uint8_t *)(
9976 				    data_dma_state.memp + i), data + i,  1,
9977 				    mode)) {
9978 					mutex_enter(&mpt->m_mutex);
9979 					status = EFAULT;
9980 					mptsas_log(mpt, CE_WARN, "failed to "
9981 					    "copy out the reply data");
9982 					goto out;
9983 				}
9984 			}
9985 		}
9986 	}
9987 	mutex_enter(&mpt->m_mutex);
9988 out:
9989 	/*
9990 	 * Put the reply frame back on the free queue, increment the free
9991 	 * index, and write the new index to the free index register.  But only
9992 	 * if this reply is an ADDRESS reply.
9993 	 */
9994 	if (pt_flags & MPTSAS_ADDRESS_REPLY) {
9995 		ddi_put32(mpt->m_acc_free_queue_hdl,
9996 		    &((uint32_t *)(void *)mpt->m_free_queue)[mpt->m_free_index],
9997 		    cmd->cmd_rfm);
9998 		(void) ddi_dma_sync(mpt->m_dma_free_queue_hdl, 0, 0,
9999 		    DDI_DMA_SYNC_FORDEV);
10000 		if (++mpt->m_free_index == mpt->m_free_queue_depth) {
10001 			mpt->m_free_index = 0;
10002 		}
10003 		ddi_put32(mpt->m_datap, &mpt->m_reg->ReplyFreeHostIndex,
10004 		    mpt->m_free_index);
10005 	}
10006 	if (cmd && (cmd->cmd_flags & CFLAG_PREPARED)) {
10007 		mptsas_remove_cmd(mpt, cmd);
10008 		pt_flags &= (~MPTSAS_REQUEST_POOL_CMD);
10009 	}
10010 	if (pt_flags & MPTSAS_REQUEST_POOL_CMD)
10011 		mptsas_return_to_pool(mpt, cmd);
10012 	if (pt_flags & MPTSAS_DATA_ALLOCATED) {
10013 		if (mptsas_check_dma_handle(data_dma_state.handle) !=
10014 		    DDI_SUCCESS) {
10015 			ddi_fm_service_impact(mpt->m_dip,
10016 			    DDI_SERVICE_UNAFFECTED);
10017 			status = EFAULT;
10018 		}
10019 		mptsas_dma_free(&data_dma_state);
10020 	}
10021 	if (pt_flags & MPTSAS_DATAOUT_ALLOCATED) {
10022 		if (mptsas_check_dma_handle(dataout_dma_state.handle) !=
10023 		    DDI_SUCCESS) {
10024 			ddi_fm_service_impact(mpt->m_dip,
10025 			    DDI_SERVICE_UNAFFECTED);
10026 			status = EFAULT;
10027 		}
10028 		mptsas_dma_free(&dataout_dma_state);
10029 	}
10030 	if (pt_flags & MPTSAS_CMD_TIMEOUT) {
10031 		if ((mptsas_restart_ioc(mpt)) == DDI_FAILURE) {
10032 			mptsas_log(mpt, CE_WARN, "mptsas_restart_ioc failed");
10033 		}
10034 	}
10035 	if (request_msg)
10036 		kmem_free(request_msg, request_size);
10037 
10038 	return (status);
10039 }
10040 
10041 static int
10042 mptsas_pass_thru(mptsas_t *mpt, mptsas_pass_thru_t *data, int mode)
10043 {
10044 	/*
10045 	 * If timeout is 0, set timeout to default of 60 seconds.
10046 	 */
10047 	if (data->Timeout == 0) {
10048 		data->Timeout = MPTSAS_PASS_THRU_TIME_DEFAULT;
10049 	}
10050 
10051 	if (((data->DataSize == 0) &&
10052 	    (data->DataDirection == MPTSAS_PASS_THRU_DIRECTION_NONE)) ||
10053 	    ((data->DataSize != 0) &&
10054 	    ((data->DataDirection == MPTSAS_PASS_THRU_DIRECTION_READ) ||
10055 	    (data->DataDirection == MPTSAS_PASS_THRU_DIRECTION_WRITE) ||
10056 	    ((data->DataDirection == MPTSAS_PASS_THRU_DIRECTION_BOTH) &&
10057 	    (data->DataOutSize != 0))))) {
10058 		if (data->DataDirection == MPTSAS_PASS_THRU_DIRECTION_BOTH) {
10059 			data->DataDirection = MPTSAS_PASS_THRU_DIRECTION_READ;
10060 		} else {
10061 			data->DataOutSize = 0;
10062 		}
10063 		/*
10064 		 * Send passthru request messages
10065 		 */
10066 		return (mptsas_do_passthru(mpt,
10067 		    (uint8_t *)((uintptr_t)data->PtrRequest),
10068 		    (uint8_t *)((uintptr_t)data->PtrReply),
10069 		    (uint8_t *)((uintptr_t)data->PtrData),
10070 		    data->RequestSize, data->ReplySize,
10071 		    data->DataSize, data->DataDirection,
10072 		    (uint8_t *)((uintptr_t)data->PtrDataOut),
10073 		    data->DataOutSize, data->Timeout, mode));
10074 	} else {
10075 		return (EINVAL);
10076 	}
10077 }
10078 
10079 static uint8_t
10080 mptsas_get_fw_diag_buffer_number(mptsas_t *mpt, uint32_t unique_id)
10081 {
10082 	uint8_t	index;
10083 
10084 	for (index = 0; index < MPI2_DIAG_BUF_TYPE_COUNT; index++) {
10085 		if (mpt->m_fw_diag_buffer_list[index].unique_id == unique_id) {
10086 			return (index);
10087 		}
10088 	}
10089 
10090 	return (MPTSAS_FW_DIAGNOSTIC_UID_NOT_FOUND);
10091 }
10092 
10093 static void
10094 mptsas_start_diag(mptsas_t *mpt, mptsas_cmd_t *cmd)
10095 {
10096 	pMpi2DiagBufferPostRequest_t	pDiag_post_msg;
10097 	pMpi2DiagReleaseRequest_t	pDiag_release_msg;
10098 	struct scsi_pkt			*pkt = cmd->cmd_pkt;
10099 	mptsas_diag_request_t		*diag = pkt->pkt_ha_private;
10100 	uint32_t			request_desc_low, i;
10101 
10102 	ASSERT(mutex_owned(&mpt->m_mutex));
10103 
10104 	/*
10105 	 * Form the diag message depending on the post or release function.
10106 	 */
10107 	if (diag->function == MPI2_FUNCTION_DIAG_BUFFER_POST) {
10108 		pDiag_post_msg = (pMpi2DiagBufferPostRequest_t)
10109 		    (mpt->m_req_frame + (mpt->m_req_frame_size *
10110 		    cmd->cmd_slot));
10111 		bzero(pDiag_post_msg, mpt->m_req_frame_size);
10112 		ddi_put8(mpt->m_acc_req_frame_hdl, &pDiag_post_msg->Function,
10113 		    diag->function);
10114 		ddi_put8(mpt->m_acc_req_frame_hdl, &pDiag_post_msg->BufferType,
10115 		    diag->pBuffer->buffer_type);
10116 		ddi_put8(mpt->m_acc_req_frame_hdl,
10117 		    &pDiag_post_msg->ExtendedType,
10118 		    diag->pBuffer->extended_type);
10119 		ddi_put32(mpt->m_acc_req_frame_hdl,
10120 		    &pDiag_post_msg->BufferLength,
10121 		    diag->pBuffer->buffer_data.size);
10122 		for (i = 0; i < (sizeof (pDiag_post_msg->ProductSpecific) / 4);
10123 		    i++) {
10124 			ddi_put32(mpt->m_acc_req_frame_hdl,
10125 			    &pDiag_post_msg->ProductSpecific[i],
10126 			    diag->pBuffer->product_specific[i]);
10127 		}
10128 		ddi_put32(mpt->m_acc_req_frame_hdl,
10129 		    &pDiag_post_msg->BufferAddress.Low,
10130 		    (uint32_t)(diag->pBuffer->buffer_data.cookie.dmac_laddress
10131 		    & 0xffffffffull));
10132 		ddi_put32(mpt->m_acc_req_frame_hdl,
10133 		    &pDiag_post_msg->BufferAddress.High,
10134 		    (uint32_t)(diag->pBuffer->buffer_data.cookie.dmac_laddress
10135 		    >> 32));
10136 	} else {
10137 		pDiag_release_msg = (pMpi2DiagReleaseRequest_t)
10138 		    (mpt->m_req_frame + (mpt->m_req_frame_size *
10139 		    cmd->cmd_slot));
10140 		bzero(pDiag_release_msg, mpt->m_req_frame_size);
10141 		ddi_put8(mpt->m_acc_req_frame_hdl,
10142 		    &pDiag_release_msg->Function, diag->function);
10143 		ddi_put8(mpt->m_acc_req_frame_hdl,
10144 		    &pDiag_release_msg->BufferType,
10145 		    diag->pBuffer->buffer_type);
10146 	}
10147 
10148 	/*
10149 	 * Send the message
10150 	 */
10151 	(void) ddi_dma_sync(mpt->m_dma_req_frame_hdl, 0, 0,
10152 	    DDI_DMA_SYNC_FORDEV);
10153 	request_desc_low = (cmd->cmd_slot << 16) +
10154 	    MPI2_REQ_DESCRIPT_FLAGS_DEFAULT_TYPE;
10155 	cmd->cmd_rfm = NULL;
10156 	MPTSAS_START_CMD(mpt, request_desc_low, 0);
10157 	if ((mptsas_check_dma_handle(mpt->m_dma_req_frame_hdl) !=
10158 	    DDI_SUCCESS) ||
10159 	    (mptsas_check_acc_handle(mpt->m_acc_req_frame_hdl) !=
10160 	    DDI_SUCCESS)) {
10161 		ddi_fm_service_impact(mpt->m_dip, DDI_SERVICE_UNAFFECTED);
10162 	}
10163 }
10164 
10165 static int
10166 mptsas_post_fw_diag_buffer(mptsas_t *mpt,
10167     mptsas_fw_diagnostic_buffer_t *pBuffer, uint32_t *return_code)
10168 {
10169 	mptsas_diag_request_t		diag;
10170 	int				status, slot_num, post_flags = 0;
10171 	mptsas_cmd_t			*cmd = NULL;
10172 	struct scsi_pkt			*pkt;
10173 	pMpi2DiagBufferPostReply_t	reply;
10174 	uint16_t			iocstatus;
10175 	uint32_t			iocloginfo, transfer_length;
10176 
10177 	/*
10178 	 * If buffer is not enabled, just leave.
10179 	 */
10180 	*return_code = MPTSAS_FW_DIAG_ERROR_POST_FAILED;
10181 	if (!pBuffer->enabled) {
10182 		status = DDI_FAILURE;
10183 		goto out;
10184 	}
10185 
10186 	/*
10187 	 * Clear some flags initially.
10188 	 */
10189 	pBuffer->force_release = FALSE;
10190 	pBuffer->valid_data = FALSE;
10191 	pBuffer->owned_by_firmware = FALSE;
10192 
10193 	/*
10194 	 * Get a cmd buffer from the cmd buffer pool
10195 	 */
10196 	if ((slot_num = (mptsas_request_from_pool(mpt, &cmd, &pkt))) == -1) {
10197 		status = DDI_FAILURE;
10198 		mptsas_log(mpt, CE_NOTE, "command pool is full: Post FW Diag");
10199 		goto out;
10200 	}
10201 	post_flags |= MPTSAS_REQUEST_POOL_CMD;
10202 
10203 	bzero((caddr_t)cmd, sizeof (*cmd));
10204 	bzero((caddr_t)pkt, scsi_pkt_size());
10205 
10206 	cmd->ioc_cmd_slot = (uint32_t)(slot_num);
10207 
10208 	diag.pBuffer = pBuffer;
10209 	diag.function = MPI2_FUNCTION_DIAG_BUFFER_POST;
10210 
10211 	/*
10212 	 * Form a blank cmd/pkt to store the acknowledgement message
10213 	 */
10214 	pkt->pkt_ha_private	= (opaque_t)&diag;
10215 	pkt->pkt_flags		= FLAG_HEAD;
10216 	pkt->pkt_time		= 60;
10217 	cmd->cmd_pkt		= pkt;
10218 	cmd->cmd_flags		= CFLAG_CMDIOC | CFLAG_FW_DIAG;
10219 
10220 	/*
10221 	 * Save the command in a slot
10222 	 */
10223 	if (mptsas_save_cmd(mpt, cmd) == TRUE) {
10224 		/*
10225 		 * Once passthru command get slot, set cmd_flags
10226 		 * CFLAG_PREPARED.
10227 		 */
10228 		cmd->cmd_flags |= CFLAG_PREPARED;
10229 		mptsas_start_diag(mpt, cmd);
10230 	} else {
10231 		mptsas_waitq_add(mpt, cmd);
10232 	}
10233 
10234 	while ((cmd->cmd_flags & CFLAG_FINISHED) == 0) {
10235 		cv_wait(&mpt->m_fw_diag_cv, &mpt->m_mutex);
10236 	}
10237 
10238 	if (cmd->cmd_flags & CFLAG_TIMEOUT) {
10239 		status = DDI_FAILURE;
10240 		mptsas_log(mpt, CE_WARN, "Post FW Diag command timeout");
10241 		goto out;
10242 	}
10243 
10244 	/*
10245 	 * cmd_rfm points to the reply message if a reply was given.  Check the
10246 	 * IOCStatus to make sure everything went OK with the FW diag request
10247 	 * and set buffer flags.
10248 	 */
10249 	if (cmd->cmd_rfm) {
10250 		post_flags |= MPTSAS_ADDRESS_REPLY;
10251 		(void) ddi_dma_sync(mpt->m_dma_reply_frame_hdl, 0, 0,
10252 		    DDI_DMA_SYNC_FORCPU);
10253 		reply = (pMpi2DiagBufferPostReply_t)(mpt->m_reply_frame +
10254 		    (cmd->cmd_rfm - mpt->m_reply_frame_dma_addr));
10255 
10256 		/*
10257 		 * Get the reply message data
10258 		 */
10259 		iocstatus = ddi_get16(mpt->m_acc_reply_frame_hdl,
10260 		    &reply->IOCStatus);
10261 		iocloginfo = ddi_get32(mpt->m_acc_reply_frame_hdl,
10262 		    &reply->IOCLogInfo);
10263 		transfer_length = ddi_get32(mpt->m_acc_reply_frame_hdl,
10264 		    &reply->TransferLength);
10265 
10266 		/*
10267 		 * If post failed quit.
10268 		 */
10269 		if (iocstatus != MPI2_IOCSTATUS_SUCCESS) {
10270 			status = DDI_FAILURE;
10271 			NDBG13(("post FW Diag Buffer failed: IOCStatus=0x%x, "
10272 			    "IOCLogInfo=0x%x, TransferLength=0x%x", iocstatus,
10273 			    iocloginfo, transfer_length));
10274 			goto out;
10275 		}
10276 
10277 		/*
10278 		 * Post was successful.
10279 		 */
10280 		pBuffer->valid_data = TRUE;
10281 		pBuffer->owned_by_firmware = TRUE;
10282 		*return_code = MPTSAS_FW_DIAG_ERROR_SUCCESS;
10283 		status = DDI_SUCCESS;
10284 	}
10285 
10286 out:
10287 	/*
10288 	 * Put the reply frame back on the free queue, increment the free
10289 	 * index, and write the new index to the free index register.  But only
10290 	 * if this reply is an ADDRESS reply.
10291 	 */
10292 	if (post_flags & MPTSAS_ADDRESS_REPLY) {
10293 		ddi_put32(mpt->m_acc_free_queue_hdl,
10294 		    &((uint32_t *)(void *)mpt->m_free_queue)[mpt->m_free_index],
10295 		    cmd->cmd_rfm);
10296 		(void) ddi_dma_sync(mpt->m_dma_free_queue_hdl, 0, 0,
10297 		    DDI_DMA_SYNC_FORDEV);
10298 		if (++mpt->m_free_index == mpt->m_free_queue_depth) {
10299 			mpt->m_free_index = 0;
10300 		}
10301 		ddi_put32(mpt->m_datap, &mpt->m_reg->ReplyFreeHostIndex,
10302 		    mpt->m_free_index);
10303 	}
10304 	if (cmd && (cmd->cmd_flags & CFLAG_PREPARED)) {
10305 		mptsas_remove_cmd(mpt, cmd);
10306 		post_flags &= (~MPTSAS_REQUEST_POOL_CMD);
10307 	}
10308 	if (post_flags & MPTSAS_REQUEST_POOL_CMD) {
10309 		mptsas_return_to_pool(mpt, cmd);
10310 	}
10311 
10312 	return (status);
10313 }
10314 
10315 static int
10316 mptsas_release_fw_diag_buffer(mptsas_t *mpt,
10317     mptsas_fw_diagnostic_buffer_t *pBuffer, uint32_t *return_code,
10318     uint32_t diag_type)
10319 {
10320 	mptsas_diag_request_t	diag;
10321 	int			status, slot_num, rel_flags = 0;
10322 	mptsas_cmd_t		*cmd = NULL;
10323 	struct scsi_pkt		*pkt;
10324 	pMpi2DiagReleaseReply_t	reply;
10325 	uint16_t		iocstatus;
10326 	uint32_t		iocloginfo;
10327 
10328 	/*
10329 	 * If buffer is not enabled, just leave.
10330 	 */
10331 	*return_code = MPTSAS_FW_DIAG_ERROR_RELEASE_FAILED;
10332 	if (!pBuffer->enabled) {
10333 		mptsas_log(mpt, CE_NOTE, "This buffer type is not supported "
10334 		    "by the IOC");
10335 		status = DDI_FAILURE;
10336 		goto out;
10337 	}
10338 
10339 	/*
10340 	 * Clear some flags initially.
10341 	 */
10342 	pBuffer->force_release = FALSE;
10343 	pBuffer->valid_data = FALSE;
10344 	pBuffer->owned_by_firmware = FALSE;
10345 
10346 	/*
10347 	 * Get a cmd buffer from the cmd buffer pool
10348 	 */
10349 	if ((slot_num = (mptsas_request_from_pool(mpt, &cmd, &pkt))) == -1) {
10350 		status = DDI_FAILURE;
10351 		mptsas_log(mpt, CE_NOTE, "command pool is full: Release FW "
10352 		    "Diag");
10353 		goto out;
10354 	}
10355 	rel_flags |= MPTSAS_REQUEST_POOL_CMD;
10356 
10357 	bzero((caddr_t)cmd, sizeof (*cmd));
10358 	bzero((caddr_t)pkt, scsi_pkt_size());
10359 
10360 	cmd->ioc_cmd_slot = (uint32_t)(slot_num);
10361 
10362 	diag.pBuffer = pBuffer;
10363 	diag.function = MPI2_FUNCTION_DIAG_RELEASE;
10364 
10365 	/*
10366 	 * Form a blank cmd/pkt to store the acknowledgement message
10367 	 */
10368 	pkt->pkt_ha_private	= (opaque_t)&diag;
10369 	pkt->pkt_flags		= FLAG_HEAD;
10370 	pkt->pkt_time		= 60;
10371 	cmd->cmd_pkt		= pkt;
10372 	cmd->cmd_flags		= CFLAG_CMDIOC | CFLAG_FW_DIAG;
10373 
10374 	/*
10375 	 * Save the command in a slot
10376 	 */
10377 	if (mptsas_save_cmd(mpt, cmd) == TRUE) {
10378 		/*
10379 		 * Once passthru command get slot, set cmd_flags
10380 		 * CFLAG_PREPARED.
10381 		 */
10382 		cmd->cmd_flags |= CFLAG_PREPARED;
10383 		mptsas_start_diag(mpt, cmd);
10384 	} else {
10385 		mptsas_waitq_add(mpt, cmd);
10386 	}
10387 
10388 	while ((cmd->cmd_flags & CFLAG_FINISHED) == 0) {
10389 		cv_wait(&mpt->m_fw_diag_cv, &mpt->m_mutex);
10390 	}
10391 
10392 	if (cmd->cmd_flags & CFLAG_TIMEOUT) {
10393 		status = DDI_FAILURE;
10394 		mptsas_log(mpt, CE_WARN, "Release FW Diag command timeout");
10395 		goto out;
10396 	}
10397 
10398 	/*
10399 	 * cmd_rfm points to the reply message if a reply was given.  Check the
10400 	 * IOCStatus to make sure everything went OK with the FW diag request
10401 	 * and set buffer flags.
10402 	 */
10403 	if (cmd->cmd_rfm) {
10404 		rel_flags |= MPTSAS_ADDRESS_REPLY;
10405 		(void) ddi_dma_sync(mpt->m_dma_reply_frame_hdl, 0, 0,
10406 		    DDI_DMA_SYNC_FORCPU);
10407 		reply = (pMpi2DiagReleaseReply_t)(mpt->m_reply_frame +
10408 		    (cmd->cmd_rfm - mpt->m_reply_frame_dma_addr));
10409 
10410 		/*
10411 		 * Get the reply message data
10412 		 */
10413 		iocstatus = ddi_get16(mpt->m_acc_reply_frame_hdl,
10414 		    &reply->IOCStatus);
10415 		iocloginfo = ddi_get32(mpt->m_acc_reply_frame_hdl,
10416 		    &reply->IOCLogInfo);
10417 
10418 		/*
10419 		 * If release failed quit.
10420 		 */
10421 		if ((iocstatus != MPI2_IOCSTATUS_SUCCESS) ||
10422 		    pBuffer->owned_by_firmware) {
10423 			status = DDI_FAILURE;
10424 			NDBG13(("release FW Diag Buffer failed: "
10425 			    "IOCStatus=0x%x, IOCLogInfo=0x%x", iocstatus,
10426 			    iocloginfo));
10427 			goto out;
10428 		}
10429 
10430 		/*
10431 		 * Release was successful.
10432 		 */
10433 		*return_code = MPTSAS_FW_DIAG_ERROR_SUCCESS;
10434 		status = DDI_SUCCESS;
10435 
10436 		/*
10437 		 * If this was for an UNREGISTER diag type command, clear the
10438 		 * unique ID.
10439 		 */
10440 		if (diag_type == MPTSAS_FW_DIAG_TYPE_UNREGISTER) {
10441 			pBuffer->unique_id = MPTSAS_FW_DIAG_INVALID_UID;
10442 		}
10443 	}
10444 
10445 out:
10446 	/*
10447 	 * Put the reply frame back on the free queue, increment the free
10448 	 * index, and write the new index to the free index register.  But only
10449 	 * if this reply is an ADDRESS reply.
10450 	 */
10451 	if (rel_flags & MPTSAS_ADDRESS_REPLY) {
10452 		ddi_put32(mpt->m_acc_free_queue_hdl,
10453 		    &((uint32_t *)(void *)mpt->m_free_queue)[mpt->m_free_index],
10454 		    cmd->cmd_rfm);
10455 		(void) ddi_dma_sync(mpt->m_dma_free_queue_hdl, 0, 0,
10456 		    DDI_DMA_SYNC_FORDEV);
10457 		if (++mpt->m_free_index == mpt->m_free_queue_depth) {
10458 			mpt->m_free_index = 0;
10459 		}
10460 		ddi_put32(mpt->m_datap, &mpt->m_reg->ReplyFreeHostIndex,
10461 		    mpt->m_free_index);
10462 	}
10463 	if (cmd && (cmd->cmd_flags & CFLAG_PREPARED)) {
10464 		mptsas_remove_cmd(mpt, cmd);
10465 		rel_flags &= (~MPTSAS_REQUEST_POOL_CMD);
10466 	}
10467 	if (rel_flags & MPTSAS_REQUEST_POOL_CMD) {
10468 		mptsas_return_to_pool(mpt, cmd);
10469 	}
10470 
10471 	return (status);
10472 }
10473 
10474 static int
10475 mptsas_diag_register(mptsas_t *mpt, mptsas_fw_diag_register_t *diag_register,
10476     uint32_t *return_code)
10477 {
10478 	mptsas_fw_diagnostic_buffer_t	*pBuffer;
10479 	uint8_t				extended_type, buffer_type, i;
10480 	uint32_t			buffer_size;
10481 	uint32_t			unique_id;
10482 	int				status;
10483 
10484 	ASSERT(mutex_owned(&mpt->m_mutex));
10485 
10486 	extended_type = diag_register->ExtendedType;
10487 	buffer_type = diag_register->BufferType;
10488 	buffer_size = diag_register->RequestedBufferSize;
10489 	unique_id = diag_register->UniqueId;
10490 
10491 	/*
10492 	 * Check for valid buffer type
10493 	 */
10494 	if (buffer_type >= MPI2_DIAG_BUF_TYPE_COUNT) {
10495 		*return_code = MPTSAS_FW_DIAG_ERROR_INVALID_PARAMETER;
10496 		return (DDI_FAILURE);
10497 	}
10498 
10499 	/*
10500 	 * Get the current buffer and look up the unique ID.  The unique ID
10501 	 * should not be found.  If it is, the ID is already in use.
10502 	 */
10503 	i = mptsas_get_fw_diag_buffer_number(mpt, unique_id);
10504 	pBuffer = &mpt->m_fw_diag_buffer_list[buffer_type];
10505 	if (i != MPTSAS_FW_DIAGNOSTIC_UID_NOT_FOUND) {
10506 		*return_code = MPTSAS_FW_DIAG_ERROR_INVALID_UID;
10507 		return (DDI_FAILURE);
10508 	}
10509 
10510 	/*
10511 	 * The buffer's unique ID should not be registered yet, and the given
10512 	 * unique ID cannot be 0.
10513 	 */
10514 	if ((pBuffer->unique_id != MPTSAS_FW_DIAG_INVALID_UID) ||
10515 	    (unique_id == MPTSAS_FW_DIAG_INVALID_UID)) {
10516 		*return_code = MPTSAS_FW_DIAG_ERROR_INVALID_UID;
10517 		return (DDI_FAILURE);
10518 	}
10519 
10520 	/*
10521 	 * If this buffer is already posted as immediate, just change owner.
10522 	 */
10523 	if (pBuffer->immediate && pBuffer->owned_by_firmware &&
10524 	    (pBuffer->unique_id == MPTSAS_FW_DIAG_INVALID_UID)) {
10525 		pBuffer->immediate = FALSE;
10526 		pBuffer->unique_id = unique_id;
10527 		return (DDI_SUCCESS);
10528 	}
10529 
10530 	/*
10531 	 * Post a new buffer after checking if it's enabled.  The DMA buffer
10532 	 * that is allocated will be contiguous (sgl_len = 1).
10533 	 */
10534 	if (!pBuffer->enabled) {
10535 		*return_code = MPTSAS_FW_DIAG_ERROR_NO_BUFFER;
10536 		return (DDI_FAILURE);
10537 	}
10538 	bzero(&pBuffer->buffer_data, sizeof (mptsas_dma_alloc_state_t));
10539 	pBuffer->buffer_data.size = buffer_size;
10540 	if (mptsas_dma_alloc(mpt, &pBuffer->buffer_data) != DDI_SUCCESS) {
10541 		mptsas_log(mpt, CE_WARN, "failed to alloc DMA resource for "
10542 		    "diag buffer: size = %d bytes", buffer_size);
10543 		*return_code = MPTSAS_FW_DIAG_ERROR_NO_BUFFER;
10544 		return (DDI_FAILURE);
10545 	}
10546 
10547 	/*
10548 	 * Copy the given info to the diag buffer and post the buffer.
10549 	 */
10550 	pBuffer->buffer_type = buffer_type;
10551 	pBuffer->immediate = FALSE;
10552 	if (buffer_type == MPI2_DIAG_BUF_TYPE_TRACE) {
10553 		for (i = 0; i < (sizeof (pBuffer->product_specific) / 4);
10554 		    i++) {
10555 			pBuffer->product_specific[i] =
10556 			    diag_register->ProductSpecific[i];
10557 		}
10558 	}
10559 	pBuffer->extended_type = extended_type;
10560 	pBuffer->unique_id = unique_id;
10561 	status = mptsas_post_fw_diag_buffer(mpt, pBuffer, return_code);
10562 
10563 	if (mptsas_check_dma_handle(pBuffer->buffer_data.handle) !=
10564 	    DDI_SUCCESS) {
10565 		mptsas_log(mpt, CE_WARN, "Check of DMA handle failed in "
10566 		    "mptsas_diag_register.");
10567 		ddi_fm_service_impact(mpt->m_dip, DDI_SERVICE_UNAFFECTED);
10568 			status = DDI_FAILURE;
10569 	}
10570 
10571 	/*
10572 	 * In case there was a failure, free the DMA buffer.
10573 	 */
10574 	if (status == DDI_FAILURE) {
10575 		mptsas_dma_free(&pBuffer->buffer_data);
10576 	}
10577 
10578 	return (status);
10579 }
10580 
10581 static int
10582 mptsas_diag_unregister(mptsas_t *mpt,
10583     mptsas_fw_diag_unregister_t *diag_unregister, uint32_t *return_code)
10584 {
10585 	mptsas_fw_diagnostic_buffer_t	*pBuffer;
10586 	uint8_t				i;
10587 	uint32_t			unique_id;
10588 	int				status;
10589 
10590 	ASSERT(mutex_owned(&mpt->m_mutex));
10591 
10592 	unique_id = diag_unregister->UniqueId;
10593 
10594 	/*
10595 	 * Get the current buffer and look up the unique ID.  The unique ID
10596 	 * should be there.
10597 	 */
10598 	i = mptsas_get_fw_diag_buffer_number(mpt, unique_id);
10599 	if (i == MPTSAS_FW_DIAGNOSTIC_UID_NOT_FOUND) {
10600 		*return_code = MPTSAS_FW_DIAG_ERROR_INVALID_UID;
10601 		return (DDI_FAILURE);
10602 	}
10603 
10604 	pBuffer = &mpt->m_fw_diag_buffer_list[i];
10605 
10606 	/*
10607 	 * Try to release the buffer from FW before freeing it.  If release
10608 	 * fails, don't free the DMA buffer in case FW tries to access it
10609 	 * later.  If buffer is not owned by firmware, can't release it.
10610 	 */
10611 	if (!pBuffer->owned_by_firmware) {
10612 		status = DDI_SUCCESS;
10613 	} else {
10614 		status = mptsas_release_fw_diag_buffer(mpt, pBuffer,
10615 		    return_code, MPTSAS_FW_DIAG_TYPE_UNREGISTER);
10616 	}
10617 
10618 	/*
10619 	 * At this point, return the current status no matter what happens with
10620 	 * the DMA buffer.
10621 	 */
10622 	pBuffer->unique_id = MPTSAS_FW_DIAG_INVALID_UID;
10623 	if (status == DDI_SUCCESS) {
10624 		if (mptsas_check_dma_handle(pBuffer->buffer_data.handle) !=
10625 		    DDI_SUCCESS) {
10626 			mptsas_log(mpt, CE_WARN, "Check of DMA handle failed "
10627 			    "in mptsas_diag_unregister.");
10628 			ddi_fm_service_impact(mpt->m_dip,
10629 			    DDI_SERVICE_UNAFFECTED);
10630 		}
10631 		mptsas_dma_free(&pBuffer->buffer_data);
10632 	}
10633 
10634 	return (status);
10635 }
10636 
10637 static int
10638 mptsas_diag_query(mptsas_t *mpt, mptsas_fw_diag_query_t *diag_query,
10639     uint32_t *return_code)
10640 {
10641 	mptsas_fw_diagnostic_buffer_t	*pBuffer;
10642 	uint8_t				i;
10643 	uint32_t			unique_id;
10644 
10645 	ASSERT(mutex_owned(&mpt->m_mutex));
10646 
10647 	unique_id = diag_query->UniqueId;
10648 
10649 	/*
10650 	 * If ID is valid, query on ID.
10651 	 * If ID is invalid, query on buffer type.
10652 	 */
10653 	if (unique_id == MPTSAS_FW_DIAG_INVALID_UID) {
10654 		i = diag_query->BufferType;
10655 		if (i >= MPI2_DIAG_BUF_TYPE_COUNT) {
10656 			*return_code = MPTSAS_FW_DIAG_ERROR_INVALID_UID;
10657 			return (DDI_FAILURE);
10658 		}
10659 	} else {
10660 		i = mptsas_get_fw_diag_buffer_number(mpt, unique_id);
10661 		if (i == MPTSAS_FW_DIAGNOSTIC_UID_NOT_FOUND) {
10662 			*return_code = MPTSAS_FW_DIAG_ERROR_INVALID_UID;
10663 			return (DDI_FAILURE);
10664 		}
10665 	}
10666 
10667 	/*
10668 	 * Fill query structure with the diag buffer info.
10669 	 */
10670 	pBuffer = &mpt->m_fw_diag_buffer_list[i];
10671 	diag_query->BufferType = pBuffer->buffer_type;
10672 	diag_query->ExtendedType = pBuffer->extended_type;
10673 	if (diag_query->BufferType == MPI2_DIAG_BUF_TYPE_TRACE) {
10674 		for (i = 0; i < (sizeof (diag_query->ProductSpecific) / 4);
10675 		    i++) {
10676 			diag_query->ProductSpecific[i] =
10677 			    pBuffer->product_specific[i];
10678 		}
10679 	}
10680 	diag_query->TotalBufferSize = pBuffer->buffer_data.size;
10681 	diag_query->DriverAddedBufferSize = 0;
10682 	diag_query->UniqueId = pBuffer->unique_id;
10683 	diag_query->ApplicationFlags = 0;
10684 	diag_query->DiagnosticFlags = 0;
10685 
10686 	/*
10687 	 * Set/Clear application flags
10688 	 */
10689 	if (pBuffer->immediate) {
10690 		diag_query->ApplicationFlags &= ~MPTSAS_FW_DIAG_FLAG_APP_OWNED;
10691 	} else {
10692 		diag_query->ApplicationFlags |= MPTSAS_FW_DIAG_FLAG_APP_OWNED;
10693 	}
10694 	if (pBuffer->valid_data || pBuffer->owned_by_firmware) {
10695 		diag_query->ApplicationFlags |=
10696 		    MPTSAS_FW_DIAG_FLAG_BUFFER_VALID;
10697 	} else {
10698 		diag_query->ApplicationFlags &=
10699 		    ~MPTSAS_FW_DIAG_FLAG_BUFFER_VALID;
10700 	}
10701 	if (pBuffer->owned_by_firmware) {
10702 		diag_query->ApplicationFlags |=
10703 		    MPTSAS_FW_DIAG_FLAG_FW_BUFFER_ACCESS;
10704 	} else {
10705 		diag_query->ApplicationFlags &=
10706 		    ~MPTSAS_FW_DIAG_FLAG_FW_BUFFER_ACCESS;
10707 	}
10708 
10709 	return (DDI_SUCCESS);
10710 }
10711 
10712 static int
10713 mptsas_diag_read_buffer(mptsas_t *mpt,
10714     mptsas_diag_read_buffer_t *diag_read_buffer, uint8_t *ioctl_buf,
10715     uint32_t *return_code, int ioctl_mode)
10716 {
10717 	mptsas_fw_diagnostic_buffer_t	*pBuffer;
10718 	uint8_t				i, *pData;
10719 	uint32_t			unique_id, byte;
10720 	int				status;
10721 
10722 	ASSERT(mutex_owned(&mpt->m_mutex));
10723 
10724 	unique_id = diag_read_buffer->UniqueId;
10725 
10726 	/*
10727 	 * Get the current buffer and look up the unique ID.  The unique ID
10728 	 * should be there.
10729 	 */
10730 	i = mptsas_get_fw_diag_buffer_number(mpt, unique_id);
10731 	if (i == MPTSAS_FW_DIAGNOSTIC_UID_NOT_FOUND) {
10732 		*return_code = MPTSAS_FW_DIAG_ERROR_INVALID_UID;
10733 		return (DDI_FAILURE);
10734 	}
10735 
10736 	pBuffer = &mpt->m_fw_diag_buffer_list[i];
10737 
10738 	/*
10739 	 * Make sure requested read is within limits
10740 	 */
10741 	if (diag_read_buffer->StartingOffset + diag_read_buffer->BytesToRead >
10742 	    pBuffer->buffer_data.size) {
10743 		*return_code = MPTSAS_FW_DIAG_ERROR_INVALID_PARAMETER;
10744 		return (DDI_FAILURE);
10745 	}
10746 
10747 	/*
10748 	 * Copy the requested data from DMA to the diag_read_buffer.  The DMA
10749 	 * buffer that was allocated is one contiguous buffer.
10750 	 */
10751 	pData = (uint8_t *)(pBuffer->buffer_data.memp +
10752 	    diag_read_buffer->StartingOffset);
10753 	(void) ddi_dma_sync(pBuffer->buffer_data.handle, 0, 0,
10754 	    DDI_DMA_SYNC_FORCPU);
10755 	for (byte = 0; byte < diag_read_buffer->BytesToRead; byte++) {
10756 		if (ddi_copyout(pData + byte, ioctl_buf + byte, 1, ioctl_mode)
10757 		    != 0) {
10758 			return (DDI_FAILURE);
10759 		}
10760 	}
10761 	diag_read_buffer->Status = 0;
10762 
10763 	/*
10764 	 * Set or clear the Force Release flag.
10765 	 */
10766 	if (pBuffer->force_release) {
10767 		diag_read_buffer->Flags |= MPTSAS_FW_DIAG_FLAG_FORCE_RELEASE;
10768 	} else {
10769 		diag_read_buffer->Flags &= ~MPTSAS_FW_DIAG_FLAG_FORCE_RELEASE;
10770 	}
10771 
10772 	/*
10773 	 * If buffer is to be reregistered, make sure it's not already owned by
10774 	 * firmware first.
10775 	 */
10776 	status = DDI_SUCCESS;
10777 	if (!pBuffer->owned_by_firmware) {
10778 		if (diag_read_buffer->Flags & MPTSAS_FW_DIAG_FLAG_REREGISTER) {
10779 			status = mptsas_post_fw_diag_buffer(mpt, pBuffer,
10780 			    return_code);
10781 		}
10782 	}
10783 
10784 	return (status);
10785 }
10786 
10787 static int
10788 mptsas_diag_release(mptsas_t *mpt, mptsas_fw_diag_release_t *diag_release,
10789     uint32_t *return_code)
10790 {
10791 	mptsas_fw_diagnostic_buffer_t	*pBuffer;
10792 	uint8_t				i;
10793 	uint32_t			unique_id;
10794 	int				status;
10795 
10796 	ASSERT(mutex_owned(&mpt->m_mutex));
10797 
10798 	unique_id = diag_release->UniqueId;
10799 
10800 	/*
10801 	 * Get the current buffer and look up the unique ID.  The unique ID
10802 	 * should be there.
10803 	 */
10804 	i = mptsas_get_fw_diag_buffer_number(mpt, unique_id);
10805 	if (i == MPTSAS_FW_DIAGNOSTIC_UID_NOT_FOUND) {
10806 		*return_code = MPTSAS_FW_DIAG_ERROR_INVALID_UID;
10807 		return (DDI_FAILURE);
10808 	}
10809 
10810 	pBuffer = &mpt->m_fw_diag_buffer_list[i];
10811 
10812 	/*
10813 	 * If buffer is not owned by firmware, it's already been released.
10814 	 */
10815 	if (!pBuffer->owned_by_firmware) {
10816 		*return_code = MPTSAS_FW_DIAG_ERROR_ALREADY_RELEASED;
10817 		return (DDI_FAILURE);
10818 	}
10819 
10820 	/*
10821 	 * Release the buffer.
10822 	 */
10823 	status = mptsas_release_fw_diag_buffer(mpt, pBuffer, return_code,
10824 	    MPTSAS_FW_DIAG_TYPE_RELEASE);
10825 	return (status);
10826 }
10827 
10828 static int
10829 mptsas_do_diag_action(mptsas_t *mpt, uint32_t action, uint8_t *diag_action,
10830     uint32_t length, uint32_t *return_code, int ioctl_mode)
10831 {
10832 	mptsas_fw_diag_register_t	diag_register;
10833 	mptsas_fw_diag_unregister_t	diag_unregister;
10834 	mptsas_fw_diag_query_t		diag_query;
10835 	mptsas_diag_read_buffer_t	diag_read_buffer;
10836 	mptsas_fw_diag_release_t	diag_release;
10837 	int				status = DDI_SUCCESS;
10838 	uint32_t			original_return_code, read_buf_len;
10839 
10840 	ASSERT(mutex_owned(&mpt->m_mutex));
10841 
10842 	original_return_code = *return_code;
10843 	*return_code = MPTSAS_FW_DIAG_ERROR_SUCCESS;
10844 
10845 	switch (action) {
10846 		case MPTSAS_FW_DIAG_TYPE_REGISTER:
10847 			if (!length) {
10848 				*return_code =
10849 				    MPTSAS_FW_DIAG_ERROR_INVALID_PARAMETER;
10850 				status = DDI_FAILURE;
10851 				break;
10852 			}
10853 			if (ddi_copyin(diag_action, &diag_register,
10854 			    sizeof (diag_register), ioctl_mode) != 0) {
10855 				return (DDI_FAILURE);
10856 			}
10857 			status = mptsas_diag_register(mpt, &diag_register,
10858 			    return_code);
10859 			break;
10860 
10861 		case MPTSAS_FW_DIAG_TYPE_UNREGISTER:
10862 			if (length < sizeof (diag_unregister)) {
10863 				*return_code =
10864 				    MPTSAS_FW_DIAG_ERROR_INVALID_PARAMETER;
10865 				status = DDI_FAILURE;
10866 				break;
10867 			}
10868 			if (ddi_copyin(diag_action, &diag_unregister,
10869 			    sizeof (diag_unregister), ioctl_mode) != 0) {
10870 				return (DDI_FAILURE);
10871 			}
10872 			status = mptsas_diag_unregister(mpt, &diag_unregister,
10873 			    return_code);
10874 			break;
10875 
10876 		case MPTSAS_FW_DIAG_TYPE_QUERY:
10877 			if (length < sizeof (diag_query)) {
10878 				*return_code =
10879 				    MPTSAS_FW_DIAG_ERROR_INVALID_PARAMETER;
10880 				status = DDI_FAILURE;
10881 				break;
10882 			}
10883 			if (ddi_copyin(diag_action, &diag_query,
10884 			    sizeof (diag_query), ioctl_mode) != 0) {
10885 				return (DDI_FAILURE);
10886 			}
10887 			status = mptsas_diag_query(mpt, &diag_query,
10888 			    return_code);
10889 			if (status == DDI_SUCCESS) {
10890 				if (ddi_copyout(&diag_query, diag_action,
10891 				    sizeof (diag_query), ioctl_mode) != 0) {
10892 					return (DDI_FAILURE);
10893 				}
10894 			}
10895 			break;
10896 
10897 		case MPTSAS_FW_DIAG_TYPE_READ_BUFFER:
10898 			if (ddi_copyin(diag_action, &diag_read_buffer,
10899 			    sizeof (diag_read_buffer) - 4, ioctl_mode) != 0) {
10900 				return (DDI_FAILURE);
10901 			}
10902 			read_buf_len = sizeof (diag_read_buffer) -
10903 			    sizeof (diag_read_buffer.DataBuffer) +
10904 			    diag_read_buffer.BytesToRead;
10905 			if (length < read_buf_len) {
10906 				*return_code =
10907 				    MPTSAS_FW_DIAG_ERROR_INVALID_PARAMETER;
10908 				status = DDI_FAILURE;
10909 				break;
10910 			}
10911 			status = mptsas_diag_read_buffer(mpt,
10912 			    &diag_read_buffer, diag_action +
10913 			    sizeof (diag_read_buffer) - 4, return_code,
10914 			    ioctl_mode);
10915 			if (status == DDI_SUCCESS) {
10916 				if (ddi_copyout(&diag_read_buffer, diag_action,
10917 				    sizeof (diag_read_buffer) - 4, ioctl_mode)
10918 				    != 0) {
10919 					return (DDI_FAILURE);
10920 				}
10921 			}
10922 			break;
10923 
10924 		case MPTSAS_FW_DIAG_TYPE_RELEASE:
10925 			if (length < sizeof (diag_release)) {
10926 				*return_code =
10927 				    MPTSAS_FW_DIAG_ERROR_INVALID_PARAMETER;
10928 				status = DDI_FAILURE;
10929 				break;
10930 			}
10931 			if (ddi_copyin(diag_action, &diag_release,
10932 			    sizeof (diag_release), ioctl_mode) != 0) {
10933 				return (DDI_FAILURE);
10934 			}
10935 			status = mptsas_diag_release(mpt, &diag_release,
10936 			    return_code);
10937 			break;
10938 
10939 		default:
10940 			*return_code = MPTSAS_FW_DIAG_ERROR_INVALID_PARAMETER;
10941 			status = DDI_FAILURE;
10942 			break;
10943 	}
10944 
10945 	if ((status == DDI_FAILURE) &&
10946 	    (original_return_code == MPTSAS_FW_DIAG_NEW) &&
10947 	    (*return_code != MPTSAS_FW_DIAG_ERROR_SUCCESS)) {
10948 		status = DDI_SUCCESS;
10949 	}
10950 
10951 	return (status);
10952 }
10953 
10954 static int
10955 mptsas_diag_action(mptsas_t *mpt, mptsas_diag_action_t *user_data, int mode)
10956 {
10957 	int			status;
10958 	mptsas_diag_action_t	driver_data;
10959 
10960 	ASSERT(mutex_owned(&mpt->m_mutex));
10961 
10962 	/*
10963 	 * Copy the user data to a driver data buffer.
10964 	 */
10965 	if (ddi_copyin(user_data, &driver_data, sizeof (mptsas_diag_action_t),
10966 	    mode) == 0) {
10967 		/*
10968 		 * Send diag action request if Action is valid
10969 		 */
10970 		if (driver_data.Action == MPTSAS_FW_DIAG_TYPE_REGISTER ||
10971 		    driver_data.Action == MPTSAS_FW_DIAG_TYPE_UNREGISTER ||
10972 		    driver_data.Action == MPTSAS_FW_DIAG_TYPE_QUERY ||
10973 		    driver_data.Action == MPTSAS_FW_DIAG_TYPE_READ_BUFFER ||
10974 		    driver_data.Action == MPTSAS_FW_DIAG_TYPE_RELEASE) {
10975 			status = mptsas_do_diag_action(mpt, driver_data.Action,
10976 			    (void *)(uintptr_t)driver_data.PtrDiagAction,
10977 			    driver_data.Length, &driver_data.ReturnCode,
10978 			    mode);
10979 			if (status == DDI_SUCCESS) {
10980 				if (ddi_copyout(&driver_data.ReturnCode,
10981 				    &user_data->ReturnCode,
10982 				    sizeof (user_data->ReturnCode), mode)
10983 				    != 0) {
10984 					status = EFAULT;
10985 				} else {
10986 					status = 0;
10987 				}
10988 			} else {
10989 				status = EIO;
10990 			}
10991 		} else {
10992 			status = EINVAL;
10993 		}
10994 	} else {
10995 		status = EFAULT;
10996 	}
10997 
10998 	return (status);
10999 }
11000 
11001 /*
11002  * This routine handles the "event query" ioctl.
11003  */
11004 static int
11005 mptsas_event_query(mptsas_t *mpt, mptsas_event_query_t *data, int mode,
11006     int *rval)
11007 {
11008 	int			status;
11009 	mptsas_event_query_t	driverdata;
11010 	uint8_t			i;
11011 
11012 	driverdata.Entries = MPTSAS_EVENT_QUEUE_SIZE;
11013 
11014 	mutex_enter(&mpt->m_mutex);
11015 	for (i = 0; i < 4; i++) {
11016 		driverdata.Types[i] = mpt->m_event_mask[i];
11017 	}
11018 	mutex_exit(&mpt->m_mutex);
11019 
11020 	if (ddi_copyout(&driverdata, data, sizeof (driverdata), mode) != 0) {
11021 		status = EFAULT;
11022 	} else {
11023 		*rval = MPTIOCTL_STATUS_GOOD;
11024 		status = 0;
11025 	}
11026 
11027 	return (status);
11028 }
11029 
11030 /*
11031  * This routine handles the "event enable" ioctl.
11032  */
11033 static int
11034 mptsas_event_enable(mptsas_t *mpt, mptsas_event_enable_t *data, int mode,
11035     int *rval)
11036 {
11037 	int			status;
11038 	mptsas_event_enable_t	driverdata;
11039 	uint8_t			i;
11040 
11041 	if (ddi_copyin(data, &driverdata, sizeof (driverdata), mode) == 0) {
11042 		mutex_enter(&mpt->m_mutex);
11043 		for (i = 0; i < 4; i++) {
11044 			mpt->m_event_mask[i] = driverdata.Types[i];
11045 		}
11046 		mutex_exit(&mpt->m_mutex);
11047 
11048 		*rval = MPTIOCTL_STATUS_GOOD;
11049 		status = 0;
11050 	} else {
11051 		status = EFAULT;
11052 	}
11053 	return (status);
11054 }
11055 
11056 /*
11057  * This routine handles the "event report" ioctl.
11058  */
11059 static int
11060 mptsas_event_report(mptsas_t *mpt, mptsas_event_report_t *data, int mode,
11061     int *rval)
11062 {
11063 	int			status;
11064 	mptsas_event_report_t	driverdata;
11065 
11066 	mutex_enter(&mpt->m_mutex);
11067 
11068 	if (ddi_copyin(&data->Size, &driverdata.Size, sizeof (driverdata.Size),
11069 	    mode) == 0) {
11070 		if (driverdata.Size >= sizeof (mpt->m_events)) {
11071 			if (ddi_copyout(mpt->m_events, data->Events,
11072 			    sizeof (mpt->m_events), mode) != 0) {
11073 				status = EFAULT;
11074 			} else {
11075 				if (driverdata.Size > sizeof (mpt->m_events)) {
11076 					driverdata.Size =
11077 					    sizeof (mpt->m_events);
11078 					if (ddi_copyout(&driverdata.Size,
11079 					    &data->Size,
11080 					    sizeof (driverdata.Size),
11081 					    mode) != 0) {
11082 						status = EFAULT;
11083 					} else {
11084 						*rval = MPTIOCTL_STATUS_GOOD;
11085 						status = 0;
11086 					}
11087 				} else {
11088 					*rval = MPTIOCTL_STATUS_GOOD;
11089 					status = 0;
11090 				}
11091 			}
11092 		} else {
11093 			*rval = MPTIOCTL_STATUS_LEN_TOO_SHORT;
11094 			status = 0;
11095 		}
11096 	} else {
11097 		status = EFAULT;
11098 	}
11099 
11100 	mutex_exit(&mpt->m_mutex);
11101 	return (status);
11102 }
11103 
11104 static void
11105 mptsas_lookup_pci_data(mptsas_t *mpt, mptsas_adapter_data_t *adapter_data)
11106 {
11107 	int	*reg_data;
11108 	uint_t	reglen;
11109 
11110 	/*
11111 	 * Lookup the 'reg' property and extract the other data
11112 	 */
11113 	if (ddi_prop_lookup_int_array(DDI_DEV_T_ANY, mpt->m_dip,
11114 	    DDI_PROP_DONTPASS, "reg", &reg_data, &reglen) ==
11115 	    DDI_PROP_SUCCESS) {
11116 		/*
11117 		 * Extract the PCI data from the 'reg' property first DWORD.
11118 		 * The entry looks like the following:
11119 		 * First DWORD:
11120 		 * Bits 0 - 7 8-bit Register number
11121 		 * Bits 8 - 10 3-bit Function number
11122 		 * Bits 11 - 15 5-bit Device number
11123 		 * Bits 16 - 23 8-bit Bus number
11124 		 * Bits 24 - 25 2-bit Address Space type identifier
11125 		 *
11126 		 */
11127 		adapter_data->PciInformation.u.bits.BusNumber =
11128 		    (reg_data[0] & 0x00FF0000) >> 16;
11129 		adapter_data->PciInformation.u.bits.DeviceNumber =
11130 		    (reg_data[0] & 0x0000F800) >> 11;
11131 		adapter_data->PciInformation.u.bits.FunctionNumber =
11132 		    (reg_data[0] & 0x00000700) >> 8;
11133 		ddi_prop_free((void *)reg_data);
11134 	} else {
11135 		/*
11136 		 * If we can't determine the PCI data then we fill in FF's for
11137 		 * the data to indicate this.
11138 		 */
11139 		adapter_data->PCIDeviceHwId = 0xFFFFFFFF;
11140 		adapter_data->MpiPortNumber = 0xFFFFFFFF;
11141 		adapter_data->PciInformation.u.AsDWORD = 0xFFFFFFFF;
11142 	}
11143 
11144 	/*
11145 	 * Saved in the mpt->m_fwversion
11146 	 */
11147 	adapter_data->MpiFirmwareVersion = mpt->m_fwversion;
11148 }
11149 
11150 static void
11151 mptsas_read_adapter_data(mptsas_t *mpt, mptsas_adapter_data_t *adapter_data)
11152 {
11153 	char	*driver_verstr = MPTSAS_MOD_STRING;
11154 
11155 	mptsas_lookup_pci_data(mpt, adapter_data);
11156 	adapter_data->AdapterType = MPTIOCTL_ADAPTER_TYPE_SAS2;
11157 	adapter_data->PCIDeviceHwId = (uint32_t)mpt->m_devid;
11158 	adapter_data->PCIDeviceHwRev = (uint32_t)mpt->m_revid;
11159 	adapter_data->SubSystemId = (uint32_t)mpt->m_ssid;
11160 	adapter_data->SubsystemVendorId = (uint32_t)mpt->m_svid;
11161 	(void) strcpy((char *)&adapter_data->DriverVersion[0], driver_verstr);
11162 	adapter_data->BiosVersion = 0;
11163 	(void) mptsas_get_bios_page3(mpt, &adapter_data->BiosVersion);
11164 }
11165 
11166 static void
11167 mptsas_read_pci_info(mptsas_t *mpt, mptsas_pci_info_t *pci_info)
11168 {
11169 	int	*reg_data, i;
11170 	uint_t	reglen;
11171 
11172 	/*
11173 	 * Lookup the 'reg' property and extract the other data
11174 	 */
11175 	if (ddi_prop_lookup_int_array(DDI_DEV_T_ANY, mpt->m_dip,
11176 	    DDI_PROP_DONTPASS, "reg", &reg_data, &reglen) ==
11177 	    DDI_PROP_SUCCESS) {
11178 		/*
11179 		 * Extract the PCI data from the 'reg' property first DWORD.
11180 		 * The entry looks like the following:
11181 		 * First DWORD:
11182 		 * Bits 8 - 10 3-bit Function number
11183 		 * Bits 11 - 15 5-bit Device number
11184 		 * Bits 16 - 23 8-bit Bus number
11185 		 */
11186 		pci_info->BusNumber = (reg_data[0] & 0x00FF0000) >> 16;
11187 		pci_info->DeviceNumber = (reg_data[0] & 0x0000F800) >> 11;
11188 		pci_info->FunctionNumber = (reg_data[0] & 0x00000700) >> 8;
11189 		ddi_prop_free((void *)reg_data);
11190 	} else {
11191 		/*
11192 		 * If we can't determine the PCI info then we fill in FF's for
11193 		 * the data to indicate this.
11194 		 */
11195 		pci_info->BusNumber = 0xFFFFFFFF;
11196 		pci_info->DeviceNumber = 0xFF;
11197 		pci_info->FunctionNumber = 0xFF;
11198 	}
11199 
11200 	/*
11201 	 * Now get the interrupt vector and the pci header.  The vector can
11202 	 * only be 0 right now.  The header is the first 256 bytes of config
11203 	 * space.
11204 	 */
11205 	pci_info->InterruptVector = 0;
11206 	for (i = 0; i < sizeof (pci_info->PciHeader); i++) {
11207 		pci_info->PciHeader[i] = pci_config_get8(mpt->m_config_handle,
11208 		    i);
11209 	}
11210 }
11211 
11212 static int
11213 mptsas_reg_access(mptsas_t *mpt, mptsas_reg_access_t *data, int mode)
11214 {
11215 	int			status = 0;
11216 	mptsas_reg_access_t	driverdata;
11217 
11218 	mutex_enter(&mpt->m_mutex);
11219 	if (ddi_copyin(data, &driverdata, sizeof (driverdata), mode) == 0) {
11220 		switch (driverdata.Command) {
11221 			/*
11222 			 * IO access is not supported.
11223 			 */
11224 			case REG_IO_READ:
11225 			case REG_IO_WRITE:
11226 				mptsas_log(mpt, CE_WARN, "IO access is not "
11227 				    "supported.  Use memory access.");
11228 				status = EINVAL;
11229 				break;
11230 
11231 			case REG_MEM_READ:
11232 				driverdata.RegData = ddi_get32(mpt->m_datap,
11233 				    (uint32_t *)(void *)mpt->m_reg +
11234 				    driverdata.RegOffset);
11235 				if (ddi_copyout(&driverdata.RegData,
11236 				    &data->RegData,
11237 				    sizeof (driverdata.RegData), mode) != 0) {
11238 					mptsas_log(mpt, CE_WARN, "Register "
11239 					    "Read Failed");
11240 					status = EFAULT;
11241 				}
11242 				break;
11243 
11244 			case REG_MEM_WRITE:
11245 				ddi_put32(mpt->m_datap,
11246 				    (uint32_t *)(void *)mpt->m_reg +
11247 				    driverdata.RegOffset,
11248 				    driverdata.RegData);
11249 				break;
11250 
11251 			default:
11252 				status = EINVAL;
11253 				break;
11254 		}
11255 	} else {
11256 		status = EFAULT;
11257 	}
11258 
11259 	mutex_exit(&mpt->m_mutex);
11260 	return (status);
11261 }
11262 
11263 static int
11264 mptsas_ioctl(dev_t dev, int cmd, intptr_t data, int mode, cred_t *credp,
11265     int *rval)
11266 {
11267 	int			status = 0;
11268 	mptsas_t		*mpt;
11269 	mptsas_update_flash_t	flashdata;
11270 	mptsas_pass_thru_t	passthru_data;
11271 	mptsas_adapter_data_t   adapter_data;
11272 	mptsas_pci_info_t	pci_info;
11273 	int			copylen;
11274 
11275 	int			iport_flag = 0;
11276 	dev_info_t		*dip = NULL;
11277 	mptsas_phymask_t	phymask = 0;
11278 	struct devctl_iocdata	*dcp = NULL;
11279 	uint32_t		slotstatus = 0;
11280 	char			*addr = NULL;
11281 	mptsas_target_t		*ptgt = NULL;
11282 
11283 	*rval = MPTIOCTL_STATUS_GOOD;
11284 	if (secpolicy_sys_config(credp, B_FALSE) != 0) {
11285 		return (EPERM);
11286 	}
11287 
11288 	mpt = ddi_get_soft_state(mptsas_state, MINOR2INST(getminor(dev)));
11289 	if (mpt == NULL) {
11290 		/*
11291 		 * Called from iport node, get the states
11292 		 */
11293 		iport_flag = 1;
11294 		dip = mptsas_get_dip_from_dev(dev, &phymask);
11295 		if (dip == NULL) {
11296 			return (ENXIO);
11297 		}
11298 		mpt = DIP2MPT(dip);
11299 	}
11300 	/* Make sure power level is D0 before accessing registers */
11301 	mutex_enter(&mpt->m_mutex);
11302 	if (mpt->m_options & MPTSAS_OPT_PM) {
11303 		(void) pm_busy_component(mpt->m_dip, 0);
11304 		if (mpt->m_power_level != PM_LEVEL_D0) {
11305 			mutex_exit(&mpt->m_mutex);
11306 			if (pm_raise_power(mpt->m_dip, 0, PM_LEVEL_D0) !=
11307 			    DDI_SUCCESS) {
11308 				mptsas_log(mpt, CE_WARN,
11309 				    "mptsas%d: mptsas_ioctl: Raise power "
11310 				    "request failed.", mpt->m_instance);
11311 				(void) pm_idle_component(mpt->m_dip, 0);
11312 				return (ENXIO);
11313 			}
11314 		} else {
11315 			mutex_exit(&mpt->m_mutex);
11316 		}
11317 	} else {
11318 		mutex_exit(&mpt->m_mutex);
11319 	}
11320 
11321 	if (iport_flag) {
11322 		status = scsi_hba_ioctl(dev, cmd, data, mode, credp, rval);
11323 		if (status != 0) {
11324 			goto out;
11325 		}
11326 		/*
11327 		 * The following code control the OK2RM LED, it doesn't affect
11328 		 * the ioctl return status.
11329 		 */
11330 		if ((cmd == DEVCTL_DEVICE_ONLINE) ||
11331 		    (cmd == DEVCTL_DEVICE_OFFLINE)) {
11332 			if (ndi_dc_allochdl((void *)data, &dcp) !=
11333 			    NDI_SUCCESS) {
11334 				goto out;
11335 			}
11336 			addr = ndi_dc_getaddr(dcp);
11337 			ptgt = mptsas_addr_to_ptgt(mpt, addr, phymask);
11338 			if (ptgt == NULL) {
11339 				NDBG14(("mptsas_ioctl led control: tgt %s not "
11340 				    "found", addr));
11341 				ndi_dc_freehdl(dcp);
11342 				goto out;
11343 			}
11344 			mutex_enter(&mpt->m_mutex);
11345 			if (cmd == DEVCTL_DEVICE_ONLINE) {
11346 				ptgt->m_tgt_unconfigured = 0;
11347 			} else if (cmd == DEVCTL_DEVICE_OFFLINE) {
11348 				ptgt->m_tgt_unconfigured = 1;
11349 			}
11350 			slotstatus = 0;
11351 #ifdef MPTSAS_GET_LED
11352 			/*
11353 			 * The get led status can't get a valid/reasonable
11354 			 * state, so ignore the get led status, and write the
11355 			 * required value directly
11356 			 */
11357 			if (mptsas_get_led_status(mpt, ptgt, &slotstatus) !=
11358 			    DDI_SUCCESS) {
11359 				NDBG14(("mptsas_ioctl: get LED for tgt %s "
11360 				    "failed %x", addr, slotstatus));
11361 				slotstatus = 0;
11362 			}
11363 			NDBG14(("mptsas_ioctl: LED status %x for %s",
11364 			    slotstatus, addr));
11365 #endif
11366 			if (cmd == DEVCTL_DEVICE_OFFLINE) {
11367 				slotstatus |=
11368 				    MPI2_SEP_REQ_SLOTSTATUS_REQUEST_REMOVE;
11369 			} else {
11370 				slotstatus &=
11371 				    ~MPI2_SEP_REQ_SLOTSTATUS_REQUEST_REMOVE;
11372 			}
11373 			if (mptsas_set_led_status(mpt, ptgt, slotstatus) !=
11374 			    DDI_SUCCESS) {
11375 				NDBG14(("mptsas_ioctl: set LED for tgt %s "
11376 				    "failed %x", addr, slotstatus));
11377 			}
11378 			mutex_exit(&mpt->m_mutex);
11379 			ndi_dc_freehdl(dcp);
11380 		}
11381 		goto out;
11382 	}
11383 	switch (cmd) {
11384 		case MPTIOCTL_UPDATE_FLASH:
11385 			if (ddi_copyin((void *)data, &flashdata,
11386 				sizeof (struct mptsas_update_flash), mode)) {
11387 				status = EFAULT;
11388 				break;
11389 			}
11390 
11391 			mutex_enter(&mpt->m_mutex);
11392 			if (mptsas_update_flash(mpt,
11393 			    (caddr_t)(long)flashdata.PtrBuffer,
11394 			    flashdata.ImageSize, flashdata.ImageType, mode)) {
11395 				status = EFAULT;
11396 			}
11397 
11398 			/*
11399 			 * Reset the chip to start using the new
11400 			 * firmware.  Reset if failed also.
11401 			 */
11402 			mpt->m_softstate &= ~MPTSAS_SS_MSG_UNIT_RESET;
11403 			if (mptsas_restart_ioc(mpt) == DDI_FAILURE) {
11404 				status = EFAULT;
11405 			}
11406 			mutex_exit(&mpt->m_mutex);
11407 			break;
11408 		case MPTIOCTL_PASS_THRU:
11409 			/*
11410 			 * The user has requested to pass through a command to
11411 			 * be executed by the MPT firmware.  Call our routine
11412 			 * which does this.  Only allow one passthru IOCTL at
11413 			 * one time. Other threads will block on
11414 			 * m_passthru_mutex, which is of adaptive variant.
11415 			 */
11416 			if (ddi_copyin((void *)data, &passthru_data,
11417 			    sizeof (mptsas_pass_thru_t), mode)) {
11418 				status = EFAULT;
11419 				break;
11420 			}
11421 			mutex_enter(&mpt->m_passthru_mutex);
11422 			mutex_enter(&mpt->m_mutex);
11423 			status = mptsas_pass_thru(mpt, &passthru_data, mode);
11424 			mutex_exit(&mpt->m_mutex);
11425 			mutex_exit(&mpt->m_passthru_mutex);
11426 
11427 			break;
11428 		case MPTIOCTL_GET_ADAPTER_DATA:
11429 			/*
11430 			 * The user has requested to read adapter data.  Call
11431 			 * our routine which does this.
11432 			 */
11433 			bzero(&adapter_data, sizeof (mptsas_adapter_data_t));
11434 			if (ddi_copyin((void *)data, (void *)&adapter_data,
11435 			    sizeof (mptsas_adapter_data_t), mode)) {
11436 				status = EFAULT;
11437 				break;
11438 			}
11439 			if (adapter_data.StructureLength >=
11440 			    sizeof (mptsas_adapter_data_t)) {
11441 				adapter_data.StructureLength = (uint32_t)
11442 				    sizeof (mptsas_adapter_data_t);
11443 				copylen = sizeof (mptsas_adapter_data_t);
11444 				mutex_enter(&mpt->m_mutex);
11445 				mptsas_read_adapter_data(mpt, &adapter_data);
11446 				mutex_exit(&mpt->m_mutex);
11447 			} else {
11448 				adapter_data.StructureLength = (uint32_t)
11449 				    sizeof (mptsas_adapter_data_t);
11450 				copylen = sizeof (adapter_data.StructureLength);
11451 				*rval = MPTIOCTL_STATUS_LEN_TOO_SHORT;
11452 			}
11453 			if (ddi_copyout((void *)(&adapter_data), (void *)data,
11454 			    copylen, mode) != 0) {
11455 				status = EFAULT;
11456 			}
11457 			break;
11458 		case MPTIOCTL_GET_PCI_INFO:
11459 			/*
11460 			 * The user has requested to read pci info.  Call
11461 			 * our routine which does this.
11462 			 */
11463 			bzero(&pci_info, sizeof (mptsas_pci_info_t));
11464 			mutex_enter(&mpt->m_mutex);
11465 			mptsas_read_pci_info(mpt, &pci_info);
11466 			mutex_exit(&mpt->m_mutex);
11467 			if (ddi_copyout((void *)(&pci_info), (void *)data,
11468 			    sizeof (mptsas_pci_info_t), mode) != 0) {
11469 				status = EFAULT;
11470 			}
11471 			break;
11472 		case MPTIOCTL_RESET_ADAPTER:
11473 			mutex_enter(&mpt->m_mutex);
11474 			mpt->m_softstate &= ~MPTSAS_SS_MSG_UNIT_RESET;
11475 			if ((mptsas_restart_ioc(mpt)) == DDI_FAILURE) {
11476 				mptsas_log(mpt, CE_WARN, "reset adapter IOCTL "
11477 				    "failed");
11478 				status = EFAULT;
11479 			}
11480 			mutex_exit(&mpt->m_mutex);
11481 			break;
11482 		case MPTIOCTL_DIAG_ACTION:
11483 			/*
11484 			 * The user has done a diag buffer action.  Call our
11485 			 * routine which does this.  Only allow one diag action
11486 			 * at one time.
11487 			 */
11488 			mutex_enter(&mpt->m_mutex);
11489 			if (mpt->m_diag_action_in_progress) {
11490 				mutex_exit(&mpt->m_mutex);
11491 				return (EBUSY);
11492 			}
11493 			mpt->m_diag_action_in_progress = 1;
11494 			status = mptsas_diag_action(mpt,
11495 			    (mptsas_diag_action_t *)data, mode);
11496 			mpt->m_diag_action_in_progress = 0;
11497 			mutex_exit(&mpt->m_mutex);
11498 			break;
11499 		case MPTIOCTL_EVENT_QUERY:
11500 			/*
11501 			 * The user has done an event query. Call our routine
11502 			 * which does this.
11503 			 */
11504 			status = mptsas_event_query(mpt,
11505 			    (mptsas_event_query_t *)data, mode, rval);
11506 			break;
11507 		case MPTIOCTL_EVENT_ENABLE:
11508 			/*
11509 			 * The user has done an event enable. Call our routine
11510 			 * which does this.
11511 			 */
11512 			status = mptsas_event_enable(mpt,
11513 			    (mptsas_event_enable_t *)data, mode, rval);
11514 			break;
11515 		case MPTIOCTL_EVENT_REPORT:
11516 			/*
11517 			 * The user has done an event report. Call our routine
11518 			 * which does this.
11519 			 */
11520 			status = mptsas_event_report(mpt,
11521 			    (mptsas_event_report_t *)data, mode, rval);
11522 			break;
11523 		case MPTIOCTL_REG_ACCESS:
11524 			/*
11525 			 * The user has requested register access.  Call our
11526 			 * routine which does this.
11527 			 */
11528 			status = mptsas_reg_access(mpt,
11529 			    (mptsas_reg_access_t *)data, mode);
11530 			break;
11531 		default:
11532 			status = scsi_hba_ioctl(dev, cmd, data, mode, credp,
11533 			    rval);
11534 			break;
11535 	}
11536 
11537 out:
11538 	return (status);
11539 }
11540 
11541 int
11542 mptsas_restart_ioc(mptsas_t *mpt)
11543 {
11544 	int		rval = DDI_SUCCESS;
11545 	mptsas_target_t	*ptgt = NULL;
11546 
11547 	ASSERT(mutex_owned(&mpt->m_mutex));
11548 
11549 	/*
11550 	 * Set a flag telling I/O path that we're processing a reset.  This is
11551 	 * needed because after the reset is complete, the hash table still
11552 	 * needs to be rebuilt.  If I/Os are started before the hash table is
11553 	 * rebuilt, I/O errors will occur.  This flag allows I/Os to be marked
11554 	 * so that they can be retried.
11555 	 */
11556 	mpt->m_in_reset = TRUE;
11557 
11558 	/*
11559 	 * Set all throttles to HOLD
11560 	 */
11561 	ptgt = (mptsas_target_t *)mptsas_hash_traverse(&mpt->m_active->m_tgttbl,
11562 	    MPTSAS_HASH_FIRST);
11563 	while (ptgt != NULL) {
11564 		mptsas_set_throttle(mpt, ptgt, HOLD_THROTTLE);
11565 
11566 		ptgt = (mptsas_target_t *)mptsas_hash_traverse(
11567 		    &mpt->m_active->m_tgttbl, MPTSAS_HASH_NEXT);
11568 	}
11569 
11570 	/*
11571 	 * Disable interrupts
11572 	 */
11573 	MPTSAS_DISABLE_INTR(mpt);
11574 
11575 	/*
11576 	 * Abort all commands: outstanding commands, commands in waitq and
11577 	 * tx_waitq.
11578 	 */
11579 	mptsas_flush_hba(mpt);
11580 
11581 	/*
11582 	 * Reinitialize the chip.
11583 	 */
11584 	if (mptsas_init_chip(mpt, FALSE) == DDI_FAILURE) {
11585 		rval = DDI_FAILURE;
11586 	}
11587 
11588 	/*
11589 	 * Enable interrupts again
11590 	 */
11591 	MPTSAS_ENABLE_INTR(mpt);
11592 
11593 	/*
11594 	 * If mptsas_init_chip was successful, update the driver data.
11595 	 */
11596 	if (rval == DDI_SUCCESS) {
11597 		mptsas_update_driver_data(mpt);
11598 	}
11599 
11600 	/*
11601 	 * Reset the throttles
11602 	 */
11603 	ptgt = (mptsas_target_t *)mptsas_hash_traverse(&mpt->m_active->m_tgttbl,
11604 	    MPTSAS_HASH_FIRST);
11605 	while (ptgt != NULL) {
11606 		mptsas_set_throttle(mpt, ptgt, MAX_THROTTLE);
11607 
11608 		ptgt = (mptsas_target_t *)mptsas_hash_traverse(
11609 		    &mpt->m_active->m_tgttbl, MPTSAS_HASH_NEXT);
11610 	}
11611 
11612 	mptsas_doneq_empty(mpt);
11613 	mptsas_restart_hba(mpt);
11614 
11615 	if (rval != DDI_SUCCESS) {
11616 		mptsas_fm_ereport(mpt, DDI_FM_DEVICE_NO_RESPONSE);
11617 		ddi_fm_service_impact(mpt->m_dip, DDI_SERVICE_LOST);
11618 	}
11619 
11620 	/*
11621 	 * Clear the reset flag so that I/Os can continue.
11622 	 */
11623 	mpt->m_in_reset = FALSE;
11624 
11625 	return (rval);
11626 }
11627 
11628 static int
11629 mptsas_init_chip(mptsas_t *mpt, int first_time)
11630 {
11631 	ddi_dma_cookie_t	cookie;
11632 	uint32_t		i;
11633 	int			rval;
11634 
11635 	/*
11636 	 * Check to see if the firmware image is valid
11637 	 */
11638 	if (ddi_get32(mpt->m_datap, &mpt->m_reg->HostDiagnostic) &
11639 	    MPI2_DIAG_FLASH_BAD_SIG) {
11640 		mptsas_log(mpt, CE_WARN, "mptsas bad flash signature!");
11641 		goto fail;
11642 	}
11643 
11644 	/*
11645 	 * Reset the chip
11646 	 */
11647 	rval = mptsas_ioc_reset(mpt);
11648 	if (rval == MPTSAS_RESET_FAIL) {
11649 		mptsas_log(mpt, CE_WARN, "hard reset failed!");
11650 		goto fail;
11651 	}
11652 
11653 	if ((rval == MPTSAS_SUCCESS_MUR) && (!first_time)) {
11654 		goto mur;
11655 	}
11656 	/*
11657 	 * Setup configuration space
11658 	 */
11659 	if (mptsas_config_space_init(mpt) == FALSE) {
11660 		mptsas_log(mpt, CE_WARN, "mptsas_config_space_init "
11661 		    "failed!");
11662 		goto fail;
11663 	}
11664 
11665 	/*
11666 	 * IOC facts can change after a diag reset so all buffers that are
11667 	 * based on these numbers must be de-allocated and re-allocated.  Get
11668 	 * new IOC facts each time chip is initialized.
11669 	 */
11670 	if (mptsas_ioc_get_facts(mpt) == DDI_FAILURE) {
11671 		mptsas_log(mpt, CE_WARN, "mptsas_ioc_get_facts failed");
11672 		goto fail;
11673 	}
11674 
11675 	if (mptsas_alloc_active_slots(mpt, KM_SLEEP)) {
11676 		goto fail;
11677 	}
11678 	/*
11679 	 * Allocate request message frames, reply free queue, reply descriptor
11680 	 * post queue, and reply message frames using latest IOC facts.
11681 	 */
11682 	if (mptsas_alloc_request_frames(mpt) == DDI_FAILURE) {
11683 		mptsas_log(mpt, CE_WARN, "mptsas_alloc_request_frames failed");
11684 		goto fail;
11685 	}
11686 	if (mptsas_alloc_free_queue(mpt) == DDI_FAILURE) {
11687 		mptsas_log(mpt, CE_WARN, "mptsas_alloc_free_queue failed!");
11688 		goto fail;
11689 	}
11690 	if (mptsas_alloc_post_queue(mpt) == DDI_FAILURE) {
11691 		mptsas_log(mpt, CE_WARN, "mptsas_alloc_post_queue failed!");
11692 		goto fail;
11693 	}
11694 	if (mptsas_alloc_reply_frames(mpt) == DDI_FAILURE) {
11695 		mptsas_log(mpt, CE_WARN, "mptsas_alloc_reply_frames failed!");
11696 		goto fail;
11697 	}
11698 
11699 mur:
11700 	/*
11701 	 * Re-Initialize ioc to operational state
11702 	 */
11703 	if (mptsas_ioc_init(mpt) == DDI_FAILURE) {
11704 		mptsas_log(mpt, CE_WARN, "mptsas_ioc_init failed");
11705 		goto fail;
11706 	}
11707 
11708 	mptsas_alloc_reply_args(mpt);
11709 
11710 	/*
11711 	 * Initialize reply post index.  Reply free index is initialized after
11712 	 * the next loop.
11713 	 */
11714 	mpt->m_post_index = 0;
11715 
11716 	/*
11717 	 * Initialize the Reply Free Queue with the physical addresses of our
11718 	 * reply frames.
11719 	 */
11720 	cookie.dmac_address = mpt->m_reply_frame_dma_addr;
11721 	for (i = 0; i < mpt->m_max_replies; i++) {
11722 		ddi_put32(mpt->m_acc_free_queue_hdl,
11723 		    &((uint32_t *)(void *)mpt->m_free_queue)[i],
11724 		    cookie.dmac_address);
11725 		cookie.dmac_address += mpt->m_reply_frame_size;
11726 	}
11727 	(void) ddi_dma_sync(mpt->m_dma_free_queue_hdl, 0, 0,
11728 	    DDI_DMA_SYNC_FORDEV);
11729 
11730 	/*
11731 	 * Initialize the reply free index to one past the last frame on the
11732 	 * queue.  This will signify that the queue is empty to start with.
11733 	 */
11734 	mpt->m_free_index = i;
11735 	ddi_put32(mpt->m_datap, &mpt->m_reg->ReplyFreeHostIndex, i);
11736 
11737 	/*
11738 	 * Initialize the reply post queue to 0xFFFFFFFF,0xFFFFFFFF's.
11739 	 */
11740 	for (i = 0; i < mpt->m_post_queue_depth; i++) {
11741 		ddi_put64(mpt->m_acc_post_queue_hdl,
11742 		    &((uint64_t *)(void *)mpt->m_post_queue)[i],
11743 		    0xFFFFFFFFFFFFFFFF);
11744 	}
11745 	(void) ddi_dma_sync(mpt->m_dma_post_queue_hdl, 0, 0,
11746 	    DDI_DMA_SYNC_FORDEV);
11747 
11748 	/*
11749 	 * Enable ports
11750 	 */
11751 	if (mptsas_ioc_enable_port(mpt) == DDI_FAILURE) {
11752 		mptsas_log(mpt, CE_WARN, "mptsas_ioc_enable_port failed");
11753 		goto fail;
11754 	}
11755 
11756 	/*
11757 	 * enable events
11758 	 */
11759 	if (mptsas_ioc_enable_event_notification(mpt)) {
11760 		goto fail;
11761 	}
11762 
11763 	/*
11764 	 * We need checks in attach and these.
11765 	 * chip_init is called in mult. places
11766 	 */
11767 
11768 	if ((mptsas_check_dma_handle(mpt->m_dma_req_frame_hdl) !=
11769 	    DDI_SUCCESS) ||
11770 	    (mptsas_check_dma_handle(mpt->m_dma_reply_frame_hdl) !=
11771 	    DDI_SUCCESS) ||
11772 	    (mptsas_check_dma_handle(mpt->m_dma_free_queue_hdl) !=
11773 	    DDI_SUCCESS) ||
11774 	    (mptsas_check_dma_handle(mpt->m_dma_post_queue_hdl) !=
11775 	    DDI_SUCCESS) ||
11776 	    (mptsas_check_dma_handle(mpt->m_hshk_dma_hdl) !=
11777 	    DDI_SUCCESS)) {
11778 		ddi_fm_service_impact(mpt->m_dip, DDI_SERVICE_UNAFFECTED);
11779 		goto fail;
11780 	}
11781 
11782 	/* Check all acc handles */
11783 	if ((mptsas_check_acc_handle(mpt->m_datap) != DDI_SUCCESS) ||
11784 	    (mptsas_check_acc_handle(mpt->m_acc_req_frame_hdl) !=
11785 	    DDI_SUCCESS) ||
11786 	    (mptsas_check_acc_handle(mpt->m_acc_reply_frame_hdl) !=
11787 	    DDI_SUCCESS) ||
11788 	    (mptsas_check_acc_handle(mpt->m_acc_free_queue_hdl) !=
11789 	    DDI_SUCCESS) ||
11790 	    (mptsas_check_acc_handle(mpt->m_acc_post_queue_hdl) !=
11791 	    DDI_SUCCESS) ||
11792 	    (mptsas_check_acc_handle(mpt->m_hshk_acc_hdl) !=
11793 	    DDI_SUCCESS) ||
11794 	    (mptsas_check_acc_handle(mpt->m_config_handle) !=
11795 	    DDI_SUCCESS)) {
11796 		ddi_fm_service_impact(mpt->m_dip, DDI_SERVICE_UNAFFECTED);
11797 		goto fail;
11798 	}
11799 
11800 	return (DDI_SUCCESS);
11801 
11802 fail:
11803 	return (DDI_FAILURE);
11804 }
11805 
11806 static int
11807 mptsas_get_pci_cap(mptsas_t *mpt)
11808 {
11809 	ushort_t caps_ptr, cap, cap_count;
11810 
11811 	if (mpt->m_config_handle == NULL)
11812 		return (FALSE);
11813 	/*
11814 	 * Check if capabilities list is supported and if so,
11815 	 * get initial capabilities pointer and clear bits 0,1.
11816 	 */
11817 	if (pci_config_get16(mpt->m_config_handle, PCI_CONF_STAT)
11818 	    & PCI_STAT_CAP) {
11819 		caps_ptr = P2ALIGN(pci_config_get8(mpt->m_config_handle,
11820 		    PCI_CONF_CAP_PTR), 4);
11821 	} else {
11822 		caps_ptr = PCI_CAP_NEXT_PTR_NULL;
11823 	}
11824 
11825 	/*
11826 	 * Walk capabilities if supported.
11827 	 */
11828 	for (cap_count = 0; caps_ptr != PCI_CAP_NEXT_PTR_NULL; ) {
11829 
11830 		/*
11831 		 * Check that we haven't exceeded the maximum number of
11832 		 * capabilities and that the pointer is in a valid range.
11833 		 */
11834 		if (++cap_count > 48) {
11835 			mptsas_log(mpt, CE_WARN,
11836 			    "too many device capabilities.\n");
11837 			break;
11838 		}
11839 		if (caps_ptr < 64) {
11840 			mptsas_log(mpt, CE_WARN,
11841 			    "capabilities pointer 0x%x out of range.\n",
11842 			    caps_ptr);
11843 			break;
11844 		}
11845 
11846 		/*
11847 		 * Get next capability and check that it is valid.
11848 		 * For now, we only support power management.
11849 		 */
11850 		cap = pci_config_get8(mpt->m_config_handle, caps_ptr);
11851 		switch (cap) {
11852 			case PCI_CAP_ID_PM:
11853 				mptsas_log(mpt, CE_NOTE,
11854 				    "?mptsas%d supports power management.\n",
11855 				    mpt->m_instance);
11856 				mpt->m_options |= MPTSAS_OPT_PM;
11857 
11858 				/* Save PMCSR offset */
11859 				mpt->m_pmcsr_offset = caps_ptr + PCI_PMCSR;
11860 				break;
11861 			/*
11862 			 * The following capabilities are valid.  Any others
11863 			 * will cause a message to be logged.
11864 			 */
11865 			case PCI_CAP_ID_VPD:
11866 			case PCI_CAP_ID_MSI:
11867 			case PCI_CAP_ID_PCIX:
11868 			case PCI_CAP_ID_PCI_E:
11869 			case PCI_CAP_ID_MSI_X:
11870 				break;
11871 			default:
11872 				mptsas_log(mpt, CE_NOTE,
11873 				    "?mptsas%d unrecognized capability "
11874 				    "0x%x.\n", mpt->m_instance, cap);
11875 				break;
11876 		}
11877 
11878 		/*
11879 		 * Get next capabilities pointer and clear bits 0,1.
11880 		 */
11881 		caps_ptr = P2ALIGN(pci_config_get8(mpt->m_config_handle,
11882 		    (caps_ptr + PCI_CAP_NEXT_PTR)), 4);
11883 	}
11884 	return (TRUE);
11885 }
11886 
11887 static int
11888 mptsas_init_pm(mptsas_t *mpt)
11889 {
11890 	char		pmc_name[16];
11891 	char		*pmc[] = {
11892 				NULL,
11893 				"0=Off (PCI D3 State)",
11894 				"3=On (PCI D0 State)",
11895 				NULL
11896 			};
11897 	uint16_t	pmcsr_stat;
11898 
11899 	if (mptsas_get_pci_cap(mpt) == FALSE) {
11900 		return (DDI_FAILURE);
11901 	}
11902 	/*
11903 	 * If PCI's capability does not support PM, then don't need
11904 	 * to registe the pm-components
11905 	 */
11906 	if (!(mpt->m_options & MPTSAS_OPT_PM))
11907 		return (DDI_SUCCESS);
11908 	/*
11909 	 * If power management is supported by this chip, create
11910 	 * pm-components property for the power management framework
11911 	 */
11912 	(void) sprintf(pmc_name, "NAME=mptsas%d", mpt->m_instance);
11913 	pmc[0] = pmc_name;
11914 	if (ddi_prop_update_string_array(DDI_DEV_T_NONE, mpt->m_dip,
11915 	    "pm-components", pmc, 3) != DDI_PROP_SUCCESS) {
11916 		mpt->m_options &= ~MPTSAS_OPT_PM;
11917 		mptsas_log(mpt, CE_WARN,
11918 		    "mptsas%d: pm-component property creation failed.",
11919 		    mpt->m_instance);
11920 		return (DDI_FAILURE);
11921 	}
11922 
11923 	/*
11924 	 * Power on device.
11925 	 */
11926 	(void) pm_busy_component(mpt->m_dip, 0);
11927 	pmcsr_stat = pci_config_get16(mpt->m_config_handle,
11928 	    mpt->m_pmcsr_offset);
11929 	if ((pmcsr_stat & PCI_PMCSR_STATE_MASK) != PCI_PMCSR_D0) {
11930 		mptsas_log(mpt, CE_WARN, "mptsas%d: Power up the device",
11931 		    mpt->m_instance);
11932 		pci_config_put16(mpt->m_config_handle, mpt->m_pmcsr_offset,
11933 		    PCI_PMCSR_D0);
11934 	}
11935 	if (pm_power_has_changed(mpt->m_dip, 0, PM_LEVEL_D0) != DDI_SUCCESS) {
11936 		mptsas_log(mpt, CE_WARN, "pm_power_has_changed failed");
11937 		return (DDI_FAILURE);
11938 	}
11939 	mpt->m_power_level = PM_LEVEL_D0;
11940 	/*
11941 	 * Set pm idle delay.
11942 	 */
11943 	mpt->m_pm_idle_delay = ddi_prop_get_int(DDI_DEV_T_ANY,
11944 	    mpt->m_dip, 0, "mptsas-pm-idle-delay", MPTSAS_PM_IDLE_TIMEOUT);
11945 
11946 	return (DDI_SUCCESS);
11947 }
11948 
11949 static int
11950 mptsas_register_intrs(mptsas_t *mpt)
11951 {
11952 	dev_info_t *dip;
11953 	int intr_types;
11954 
11955 	dip = mpt->m_dip;
11956 
11957 	/* Get supported interrupt types */
11958 	if (ddi_intr_get_supported_types(dip, &intr_types) != DDI_SUCCESS) {
11959 		mptsas_log(mpt, CE_WARN, "ddi_intr_get_supported_types "
11960 		    "failed\n");
11961 		return (FALSE);
11962 	}
11963 
11964 	NDBG6(("ddi_intr_get_supported_types() returned: 0x%x", intr_types));
11965 
11966 	/*
11967 	 * Try MSI, but fall back to FIXED
11968 	 */
11969 	if (mptsas_enable_msi && (intr_types & DDI_INTR_TYPE_MSI)) {
11970 		if (mptsas_add_intrs(mpt, DDI_INTR_TYPE_MSI) == DDI_SUCCESS) {
11971 			NDBG0(("Using MSI interrupt type"));
11972 			mpt->m_intr_type = DDI_INTR_TYPE_MSI;
11973 			return (TRUE);
11974 		}
11975 	}
11976 	if (intr_types & DDI_INTR_TYPE_FIXED) {
11977 		if (mptsas_add_intrs(mpt, DDI_INTR_TYPE_FIXED) == DDI_SUCCESS) {
11978 			NDBG0(("Using FIXED interrupt type"));
11979 			mpt->m_intr_type = DDI_INTR_TYPE_FIXED;
11980 			return (TRUE);
11981 		} else {
11982 			NDBG0(("FIXED interrupt registration failed"));
11983 			return (FALSE);
11984 		}
11985 	}
11986 
11987 	return (FALSE);
11988 }
11989 
11990 static void
11991 mptsas_unregister_intrs(mptsas_t *mpt)
11992 {
11993 	mptsas_rem_intrs(mpt);
11994 }
11995 
11996 /*
11997  * mptsas_add_intrs:
11998  *
11999  * Register FIXED or MSI interrupts.
12000  */
12001 static int
12002 mptsas_add_intrs(mptsas_t *mpt, int intr_type)
12003 {
12004 	dev_info_t	*dip = mpt->m_dip;
12005 	int		avail, actual, count = 0;
12006 	int		i, flag, ret;
12007 
12008 	NDBG6(("mptsas_add_intrs:interrupt type 0x%x", intr_type));
12009 
12010 	/* Get number of interrupts */
12011 	ret = ddi_intr_get_nintrs(dip, intr_type, &count);
12012 	if ((ret != DDI_SUCCESS) || (count <= 0)) {
12013 		mptsas_log(mpt, CE_WARN, "ddi_intr_get_nintrs() failed, "
12014 		    "ret %d count %d\n", ret, count);
12015 
12016 		return (DDI_FAILURE);
12017 	}
12018 
12019 	/* Get number of available interrupts */
12020 	ret = ddi_intr_get_navail(dip, intr_type, &avail);
12021 	if ((ret != DDI_SUCCESS) || (avail == 0)) {
12022 		mptsas_log(mpt, CE_WARN, "ddi_intr_get_navail() failed, "
12023 		    "ret %d avail %d\n", ret, avail);
12024 
12025 		return (DDI_FAILURE);
12026 	}
12027 
12028 	if (avail < count) {
12029 		mptsas_log(mpt, CE_NOTE, "ddi_intr_get_nvail returned %d, "
12030 		    "navail() returned %d", count, avail);
12031 	}
12032 
12033 	/* Mpt only have one interrupt routine */
12034 	if ((intr_type == DDI_INTR_TYPE_MSI) && (count > 1)) {
12035 		count = 1;
12036 	}
12037 
12038 	/* Allocate an array of interrupt handles */
12039 	mpt->m_intr_size = count * sizeof (ddi_intr_handle_t);
12040 	mpt->m_htable = kmem_alloc(mpt->m_intr_size, KM_SLEEP);
12041 
12042 	flag = DDI_INTR_ALLOC_NORMAL;
12043 
12044 	/* call ddi_intr_alloc() */
12045 	ret = ddi_intr_alloc(dip, mpt->m_htable, intr_type, 0,
12046 	    count, &actual, flag);
12047 
12048 	if ((ret != DDI_SUCCESS) || (actual == 0)) {
12049 		mptsas_log(mpt, CE_WARN, "ddi_intr_alloc() failed, ret %d\n",
12050 		    ret);
12051 		kmem_free(mpt->m_htable, mpt->m_intr_size);
12052 		return (DDI_FAILURE);
12053 	}
12054 
12055 	/* use interrupt count returned or abort? */
12056 	if (actual < count) {
12057 		mptsas_log(mpt, CE_NOTE, "Requested: %d, Received: %d\n",
12058 		    count, actual);
12059 	}
12060 
12061 	mpt->m_intr_cnt = actual;
12062 
12063 	/*
12064 	 * Get priority for first msi, assume remaining are all the same
12065 	 */
12066 	if ((ret = ddi_intr_get_pri(mpt->m_htable[0],
12067 	    &mpt->m_intr_pri)) != DDI_SUCCESS) {
12068 		mptsas_log(mpt, CE_WARN, "ddi_intr_get_pri() failed %d\n", ret);
12069 
12070 		/* Free already allocated intr */
12071 		for (i = 0; i < actual; i++) {
12072 			(void) ddi_intr_free(mpt->m_htable[i]);
12073 		}
12074 
12075 		kmem_free(mpt->m_htable, mpt->m_intr_size);
12076 		return (DDI_FAILURE);
12077 	}
12078 
12079 	/* Test for high level mutex */
12080 	if (mpt->m_intr_pri >= ddi_intr_get_hilevel_pri()) {
12081 		mptsas_log(mpt, CE_WARN, "mptsas_add_intrs: "
12082 		    "Hi level interrupt not supported\n");
12083 
12084 		/* Free already allocated intr */
12085 		for (i = 0; i < actual; i++) {
12086 			(void) ddi_intr_free(mpt->m_htable[i]);
12087 		}
12088 
12089 		kmem_free(mpt->m_htable, mpt->m_intr_size);
12090 		return (DDI_FAILURE);
12091 	}
12092 
12093 	/* Call ddi_intr_add_handler() */
12094 	for (i = 0; i < actual; i++) {
12095 		if ((ret = ddi_intr_add_handler(mpt->m_htable[i], mptsas_intr,
12096 		    (caddr_t)mpt, (caddr_t)(uintptr_t)i)) != DDI_SUCCESS) {
12097 			mptsas_log(mpt, CE_WARN, "ddi_intr_add_handler() "
12098 			    "failed %d\n", ret);
12099 
12100 			/* Free already allocated intr */
12101 			for (i = 0; i < actual; i++) {
12102 				(void) ddi_intr_free(mpt->m_htable[i]);
12103 			}
12104 
12105 			kmem_free(mpt->m_htable, mpt->m_intr_size);
12106 			return (DDI_FAILURE);
12107 		}
12108 	}
12109 
12110 	if ((ret = ddi_intr_get_cap(mpt->m_htable[0], &mpt->m_intr_cap))
12111 	    != DDI_SUCCESS) {
12112 		mptsas_log(mpt, CE_WARN, "ddi_intr_get_cap() failed %d\n", ret);
12113 
12114 		/* Free already allocated intr */
12115 		for (i = 0; i < actual; i++) {
12116 			(void) ddi_intr_free(mpt->m_htable[i]);
12117 		}
12118 
12119 		kmem_free(mpt->m_htable, mpt->m_intr_size);
12120 		return (DDI_FAILURE);
12121 	}
12122 
12123 	/*
12124 	 * Enable interrupts
12125 	 */
12126 	if (mpt->m_intr_cap & DDI_INTR_FLAG_BLOCK) {
12127 		/* Call ddi_intr_block_enable() for MSI interrupts */
12128 		(void) ddi_intr_block_enable(mpt->m_htable, mpt->m_intr_cnt);
12129 	} else {
12130 		/* Call ddi_intr_enable for MSI or FIXED interrupts */
12131 		for (i = 0; i < mpt->m_intr_cnt; i++) {
12132 			(void) ddi_intr_enable(mpt->m_htable[i]);
12133 		}
12134 	}
12135 	return (DDI_SUCCESS);
12136 }
12137 
12138 /*
12139  * mptsas_rem_intrs:
12140  *
12141  * Unregister FIXED or MSI interrupts
12142  */
12143 static void
12144 mptsas_rem_intrs(mptsas_t *mpt)
12145 {
12146 	int	i;
12147 
12148 	NDBG6(("mptsas_rem_intrs"));
12149 
12150 	/* Disable all interrupts */
12151 	if (mpt->m_intr_cap & DDI_INTR_FLAG_BLOCK) {
12152 		/* Call ddi_intr_block_disable() */
12153 		(void) ddi_intr_block_disable(mpt->m_htable, mpt->m_intr_cnt);
12154 	} else {
12155 		for (i = 0; i < mpt->m_intr_cnt; i++) {
12156 			(void) ddi_intr_disable(mpt->m_htable[i]);
12157 		}
12158 	}
12159 
12160 	/* Call ddi_intr_remove_handler() */
12161 	for (i = 0; i < mpt->m_intr_cnt; i++) {
12162 		(void) ddi_intr_remove_handler(mpt->m_htable[i]);
12163 		(void) ddi_intr_free(mpt->m_htable[i]);
12164 	}
12165 
12166 	kmem_free(mpt->m_htable, mpt->m_intr_size);
12167 }
12168 
12169 /*
12170  * The IO fault service error handling callback function
12171  */
12172 /*ARGSUSED*/
12173 static int
12174 mptsas_fm_error_cb(dev_info_t *dip, ddi_fm_error_t *err, const void *impl_data)
12175 {
12176 	/*
12177 	 * as the driver can always deal with an error in any dma or
12178 	 * access handle, we can just return the fme_status value.
12179 	 */
12180 	pci_ereport_post(dip, err, NULL);
12181 	return (err->fme_status);
12182 }
12183 
12184 /*
12185  * mptsas_fm_init - initialize fma capabilities and register with IO
12186  *               fault services.
12187  */
12188 static void
12189 mptsas_fm_init(mptsas_t *mpt)
12190 {
12191 	/*
12192 	 * Need to change iblock to priority for new MSI intr
12193 	 */
12194 	ddi_iblock_cookie_t	fm_ibc;
12195 
12196 	/* Only register with IO Fault Services if we have some capability */
12197 	if (mpt->m_fm_capabilities) {
12198 		/* Adjust access and dma attributes for FMA */
12199 		mpt->m_reg_acc_attr.devacc_attr_access = DDI_FLAGERR_ACC;
12200 		mpt->m_msg_dma_attr.dma_attr_flags |= DDI_DMA_FLAGERR;
12201 		mpt->m_io_dma_attr.dma_attr_flags |= DDI_DMA_FLAGERR;
12202 
12203 		/*
12204 		 * Register capabilities with IO Fault Services.
12205 		 * mpt->m_fm_capabilities will be updated to indicate
12206 		 * capabilities actually supported (not requested.)
12207 		 */
12208 		ddi_fm_init(mpt->m_dip, &mpt->m_fm_capabilities, &fm_ibc);
12209 
12210 		/*
12211 		 * Initialize pci ereport capabilities if ereport
12212 		 * capable (should always be.)
12213 		 */
12214 		if (DDI_FM_EREPORT_CAP(mpt->m_fm_capabilities) ||
12215 		    DDI_FM_ERRCB_CAP(mpt->m_fm_capabilities)) {
12216 			pci_ereport_setup(mpt->m_dip);
12217 		}
12218 
12219 		/*
12220 		 * Register error callback if error callback capable.
12221 		 */
12222 		if (DDI_FM_ERRCB_CAP(mpt->m_fm_capabilities)) {
12223 			ddi_fm_handler_register(mpt->m_dip,
12224 			    mptsas_fm_error_cb, (void *) mpt);
12225 		}
12226 	}
12227 }
12228 
12229 /*
12230  * mptsas_fm_fini - Releases fma capabilities and un-registers with IO
12231  *               fault services.
12232  *
12233  */
12234 static void
12235 mptsas_fm_fini(mptsas_t *mpt)
12236 {
12237 	/* Only unregister FMA capabilities if registered */
12238 	if (mpt->m_fm_capabilities) {
12239 
12240 		/*
12241 		 * Un-register error callback if error callback capable.
12242 		 */
12243 
12244 		if (DDI_FM_ERRCB_CAP(mpt->m_fm_capabilities)) {
12245 			ddi_fm_handler_unregister(mpt->m_dip);
12246 		}
12247 
12248 		/*
12249 		 * Release any resources allocated by pci_ereport_setup()
12250 		 */
12251 
12252 		if (DDI_FM_EREPORT_CAP(mpt->m_fm_capabilities) ||
12253 		    DDI_FM_ERRCB_CAP(mpt->m_fm_capabilities)) {
12254 			pci_ereport_teardown(mpt->m_dip);
12255 		}
12256 
12257 		/* Unregister from IO Fault Services */
12258 		ddi_fm_fini(mpt->m_dip);
12259 
12260 		/* Adjust access and dma attributes for FMA */
12261 		mpt->m_reg_acc_attr.devacc_attr_access = DDI_DEFAULT_ACC;
12262 		mpt->m_msg_dma_attr.dma_attr_flags &= ~DDI_DMA_FLAGERR;
12263 		mpt->m_io_dma_attr.dma_attr_flags &= ~DDI_DMA_FLAGERR;
12264 
12265 	}
12266 }
12267 
12268 int
12269 mptsas_check_acc_handle(ddi_acc_handle_t handle)
12270 {
12271 	ddi_fm_error_t	de;
12272 
12273 	if (handle == NULL)
12274 		return (DDI_FAILURE);
12275 	ddi_fm_acc_err_get(handle, &de, DDI_FME_VER0);
12276 	return (de.fme_status);
12277 }
12278 
12279 int
12280 mptsas_check_dma_handle(ddi_dma_handle_t handle)
12281 {
12282 	ddi_fm_error_t	de;
12283 
12284 	if (handle == NULL)
12285 		return (DDI_FAILURE);
12286 	ddi_fm_dma_err_get(handle, &de, DDI_FME_VER0);
12287 	return (de.fme_status);
12288 }
12289 
12290 void
12291 mptsas_fm_ereport(mptsas_t *mpt, char *detail)
12292 {
12293 	uint64_t	ena;
12294 	char		buf[FM_MAX_CLASS];
12295 
12296 	(void) snprintf(buf, FM_MAX_CLASS, "%s.%s", DDI_FM_DEVICE, detail);
12297 	ena = fm_ena_generate(0, FM_ENA_FMT1);
12298 	if (DDI_FM_EREPORT_CAP(mpt->m_fm_capabilities)) {
12299 		ddi_fm_ereport_post(mpt->m_dip, buf, ena, DDI_NOSLEEP,
12300 		    FM_VERSION, DATA_TYPE_UINT8, FM_EREPORT_VERS0, NULL);
12301 	}
12302 }
12303 
12304 static int
12305 mptsas_get_target_device_info(mptsas_t *mpt, uint32_t page_address,
12306     uint16_t *dev_handle, mptsas_target_t **pptgt)
12307 {
12308 	int		rval;
12309 	uint32_t	dev_info;
12310 	uint64_t	sas_wwn;
12311 	mptsas_phymask_t phymask;
12312 	uint8_t		physport, phynum, config, disk;
12313 	mptsas_slots_t	*slots = mpt->m_active;
12314 	uint64_t	devicename;
12315 	uint16_t	pdev_hdl;
12316 	mptsas_target_t	*tmp_tgt = NULL;
12317 	uint16_t	bay_num, enclosure;
12318 
12319 	ASSERT(*pptgt == NULL);
12320 
12321 	rval = mptsas_get_sas_device_page0(mpt, page_address, dev_handle,
12322 	    &sas_wwn, &dev_info, &physport, &phynum, &pdev_hdl,
12323 	    &bay_num, &enclosure);
12324 	if (rval != DDI_SUCCESS) {
12325 		rval = DEV_INFO_FAIL_PAGE0;
12326 		return (rval);
12327 	}
12328 
12329 	if ((dev_info & (MPI2_SAS_DEVICE_INFO_SSP_TARGET |
12330 	    MPI2_SAS_DEVICE_INFO_SATA_DEVICE |
12331 	    MPI2_SAS_DEVICE_INFO_ATAPI_DEVICE)) == NULL) {
12332 		rval = DEV_INFO_WRONG_DEVICE_TYPE;
12333 		return (rval);
12334 	}
12335 
12336 	/*
12337 	 * Check if the dev handle is for a Phys Disk. If so, set return value
12338 	 * and exit.  Don't add Phys Disks to hash.
12339 	 */
12340 	for (config = 0; config < slots->m_num_raid_configs; config++) {
12341 		for (disk = 0; disk < MPTSAS_MAX_DISKS_IN_CONFIG; disk++) {
12342 			if (*dev_handle == slots->m_raidconfig[config].
12343 			    m_physdisk_devhdl[disk]) {
12344 				rval = DEV_INFO_PHYS_DISK;
12345 				return (rval);
12346 			}
12347 		}
12348 	}
12349 
12350 	/*
12351 	 * Get SATA Device Name from SAS device page0 for
12352 	 * sata device, if device name doesn't exist, set m_sas_wwn to
12353 	 * 0 for direct attached SATA. For the device behind the expander
12354 	 * we still can use STP address assigned by expander.
12355 	 */
12356 	if (dev_info & (MPI2_SAS_DEVICE_INFO_SATA_DEVICE |
12357 	    MPI2_SAS_DEVICE_INFO_ATAPI_DEVICE)) {
12358 		mutex_exit(&mpt->m_mutex);
12359 		/* alloc a tmp_tgt to send the cmd */
12360 		tmp_tgt = kmem_zalloc(sizeof (struct mptsas_target),
12361 		    KM_SLEEP);
12362 		tmp_tgt->m_devhdl = *dev_handle;
12363 		tmp_tgt->m_deviceinfo = dev_info;
12364 		tmp_tgt->m_qfull_retries = QFULL_RETRIES;
12365 		tmp_tgt->m_qfull_retry_interval =
12366 		    drv_usectohz(QFULL_RETRY_INTERVAL * 1000);
12367 		tmp_tgt->m_t_throttle = MAX_THROTTLE;
12368 		devicename = mptsas_get_sata_guid(mpt, tmp_tgt, 0);
12369 		kmem_free(tmp_tgt, sizeof (struct mptsas_target));
12370 		mutex_enter(&mpt->m_mutex);
12371 		if (devicename != 0 && (((devicename >> 56) & 0xf0) == 0x50)) {
12372 			sas_wwn = devicename;
12373 		} else if (dev_info & MPI2_SAS_DEVICE_INFO_DIRECT_ATTACH) {
12374 			sas_wwn = 0;
12375 		}
12376 	}
12377 
12378 	phymask = mptsas_physport_to_phymask(mpt, physport);
12379 	*pptgt = mptsas_tgt_alloc(&slots->m_tgttbl, *dev_handle, sas_wwn,
12380 	    dev_info, phymask, phynum);
12381 	if (*pptgt == NULL) {
12382 		mptsas_log(mpt, CE_WARN, "Failed to allocated target"
12383 		    "structure!");
12384 		rval = DEV_INFO_FAIL_ALLOC;
12385 		return (rval);
12386 	}
12387 	(*pptgt)->m_enclosure = enclosure;
12388 	(*pptgt)->m_slot_num = bay_num;
12389 	return (DEV_INFO_SUCCESS);
12390 }
12391 
12392 uint64_t
12393 mptsas_get_sata_guid(mptsas_t *mpt, mptsas_target_t *ptgt, int lun)
12394 {
12395 	uint64_t	sata_guid = 0, *pwwn = NULL;
12396 	int		target = ptgt->m_devhdl;
12397 	uchar_t		*inq83 = NULL;
12398 	int		inq83_len = 0xFF;
12399 	uchar_t		*dblk = NULL;
12400 	int		inq83_retry = 3;
12401 	int		rval = DDI_FAILURE;
12402 
12403 	inq83	= kmem_zalloc(inq83_len, KM_SLEEP);
12404 
12405 inq83_retry:
12406 	rval = mptsas_inquiry(mpt, ptgt, lun, 0x83, inq83,
12407 	    inq83_len, NULL, 1);
12408 	if (rval != DDI_SUCCESS) {
12409 		mptsas_log(mpt, CE_WARN, "!mptsas request inquiry page "
12410 		    "0x83 for target:%x, lun:%x failed!", target, lun);
12411 		goto out;
12412 	}
12413 	/* According to SAT2, the first descriptor is logic unit name */
12414 	dblk = &inq83[4];
12415 	if ((dblk[1] & 0x30) != 0) {
12416 		mptsas_log(mpt, CE_WARN, "!Descriptor is not lun associated.");
12417 		goto out;
12418 	}
12419 	pwwn = (uint64_t *)(void *)(&dblk[4]);
12420 	if ((dblk[4] & 0xf0) == 0x50) {
12421 		sata_guid = BE_64(*pwwn);
12422 		goto out;
12423 	} else if (dblk[4] == 'A') {
12424 		NDBG20(("SATA drive has no NAA format GUID."));
12425 		goto out;
12426 	} else {
12427 		/* The data is not ready, wait and retry */
12428 		inq83_retry--;
12429 		if (inq83_retry <= 0) {
12430 			goto out;
12431 		}
12432 		NDBG20(("The GUID is not ready, retry..."));
12433 		delay(1 * drv_usectohz(1000000));
12434 		goto inq83_retry;
12435 	}
12436 out:
12437 	kmem_free(inq83, inq83_len);
12438 	return (sata_guid);
12439 }
12440 
12441 static int
12442 mptsas_inquiry(mptsas_t *mpt, mptsas_target_t *ptgt, int lun, uchar_t page,
12443     unsigned char *buf, int len, int *reallen, uchar_t evpd)
12444 {
12445 	uchar_t			cdb[CDB_GROUP0];
12446 	struct scsi_address	ap;
12447 	struct buf		*data_bp = NULL;
12448 	int			resid = 0;
12449 	int			ret = DDI_FAILURE;
12450 
12451 	ASSERT(len <= 0xffff);
12452 
12453 	ap.a_target = MPTSAS_INVALID_DEVHDL;
12454 	ap.a_lun = (uchar_t)(lun);
12455 	ap.a_hba_tran = mpt->m_tran;
12456 
12457 	data_bp = scsi_alloc_consistent_buf(&ap,
12458 	    (struct buf *)NULL, len, B_READ, NULL_FUNC, NULL);
12459 	if (data_bp == NULL) {
12460 		return (ret);
12461 	}
12462 	bzero(cdb, CDB_GROUP0);
12463 	cdb[0] = SCMD_INQUIRY;
12464 	cdb[1] = evpd;
12465 	cdb[2] = page;
12466 	cdb[3] = (len & 0xff00) >> 8;
12467 	cdb[4] = (len & 0x00ff);
12468 	cdb[5] = 0;
12469 
12470 	ret = mptsas_send_scsi_cmd(mpt, &ap, ptgt, &cdb[0], CDB_GROUP0, data_bp,
12471 	    &resid);
12472 	if (ret == DDI_SUCCESS) {
12473 		if (reallen) {
12474 			*reallen = len - resid;
12475 		}
12476 		bcopy((caddr_t)data_bp->b_un.b_addr, buf, len);
12477 	}
12478 	if (data_bp) {
12479 		scsi_free_consistent_buf(data_bp);
12480 	}
12481 	return (ret);
12482 }
12483 
12484 static int
12485 mptsas_send_scsi_cmd(mptsas_t *mpt, struct scsi_address *ap,
12486     mptsas_target_t *ptgt, uchar_t *cdb, int cdblen, struct buf *data_bp,
12487     int *resid)
12488 {
12489 	struct scsi_pkt		*pktp = NULL;
12490 	scsi_hba_tran_t		*tran_clone = NULL;
12491 	mptsas_tgt_private_t	*tgt_private = NULL;
12492 	int			ret = DDI_FAILURE;
12493 
12494 	/*
12495 	 * scsi_hba_tran_t->tran_tgt_private is used to pass the address
12496 	 * information to scsi_init_pkt, allocate a scsi_hba_tran structure
12497 	 * to simulate the cmds from sd
12498 	 */
12499 	tran_clone = kmem_alloc(
12500 	    sizeof (scsi_hba_tran_t), KM_SLEEP);
12501 	if (tran_clone == NULL) {
12502 		goto out;
12503 	}
12504 	bcopy((caddr_t)mpt->m_tran,
12505 	    (caddr_t)tran_clone, sizeof (scsi_hba_tran_t));
12506 	tgt_private = kmem_alloc(
12507 	    sizeof (mptsas_tgt_private_t), KM_SLEEP);
12508 	if (tgt_private == NULL) {
12509 		goto out;
12510 	}
12511 	tgt_private->t_lun = ap->a_lun;
12512 	tgt_private->t_private = ptgt;
12513 	tran_clone->tran_tgt_private = tgt_private;
12514 	ap->a_hba_tran = tran_clone;
12515 
12516 	pktp = scsi_init_pkt(ap, (struct scsi_pkt *)NULL,
12517 	    data_bp, cdblen, sizeof (struct scsi_arq_status),
12518 	    0, PKT_CONSISTENT, NULL, NULL);
12519 	if (pktp == NULL) {
12520 		goto out;
12521 	}
12522 	bcopy(cdb, pktp->pkt_cdbp, cdblen);
12523 	pktp->pkt_flags = FLAG_NOPARITY;
12524 	if (scsi_poll(pktp) < 0) {
12525 		goto out;
12526 	}
12527 	if (((struct scsi_status *)pktp->pkt_scbp)->sts_chk) {
12528 		goto out;
12529 	}
12530 	if (resid != NULL) {
12531 		*resid = pktp->pkt_resid;
12532 	}
12533 
12534 	ret = DDI_SUCCESS;
12535 out:
12536 	if (pktp) {
12537 		scsi_destroy_pkt(pktp);
12538 	}
12539 	if (tran_clone) {
12540 		kmem_free(tran_clone, sizeof (scsi_hba_tran_t));
12541 	}
12542 	if (tgt_private) {
12543 		kmem_free(tgt_private, sizeof (mptsas_tgt_private_t));
12544 	}
12545 	return (ret);
12546 }
12547 static int
12548 mptsas_parse_address(char *name, uint64_t *wwid, uint8_t *phy, int *lun)
12549 {
12550 	char	*cp = NULL;
12551 	char	*ptr = NULL;
12552 	size_t	s = 0;
12553 	char	*wwid_str = NULL;
12554 	char	*lun_str = NULL;
12555 	long	lunnum;
12556 	long	phyid = -1;
12557 	int	rc = DDI_FAILURE;
12558 
12559 	ptr = name;
12560 	ASSERT(ptr[0] == 'w' || ptr[0] == 'p');
12561 	ptr++;
12562 	if ((cp = strchr(ptr, ',')) == NULL) {
12563 		return (DDI_FAILURE);
12564 	}
12565 
12566 	wwid_str = kmem_zalloc(SCSI_MAXNAMELEN, KM_SLEEP);
12567 	s = (uintptr_t)cp - (uintptr_t)ptr;
12568 
12569 	bcopy(ptr, wwid_str, s);
12570 	wwid_str[s] = '\0';
12571 
12572 	ptr = ++cp;
12573 
12574 	if ((cp = strchr(ptr, '\0')) == NULL) {
12575 		goto out;
12576 	}
12577 	lun_str =  kmem_zalloc(SCSI_MAXNAMELEN, KM_SLEEP);
12578 	s = (uintptr_t)cp - (uintptr_t)ptr;
12579 
12580 	bcopy(ptr, lun_str, s);
12581 	lun_str[s] = '\0';
12582 
12583 	if (name[0] == 'p') {
12584 		rc = ddi_strtol(wwid_str, NULL, 0x10, &phyid);
12585 	} else {
12586 		rc = scsi_wwnstr_to_wwn(wwid_str, wwid);
12587 	}
12588 	if (rc != DDI_SUCCESS)
12589 		goto out;
12590 
12591 	if (phyid != -1) {
12592 		ASSERT(phyid < MPTSAS_MAX_PHYS);
12593 		*phy = (uint8_t)phyid;
12594 	}
12595 	rc = ddi_strtol(lun_str, NULL, 0x10, &lunnum);
12596 	if (rc != 0)
12597 		goto out;
12598 
12599 	*lun = (int)lunnum;
12600 	rc = DDI_SUCCESS;
12601 out:
12602 	if (wwid_str)
12603 		kmem_free(wwid_str, SCSI_MAXNAMELEN);
12604 	if (lun_str)
12605 		kmem_free(lun_str, SCSI_MAXNAMELEN);
12606 
12607 	return (rc);
12608 }
12609 
12610 /*
12611  * mptsas_parse_smp_name() is to parse sas wwn string
12612  * which format is "wWWN"
12613  */
12614 static int
12615 mptsas_parse_smp_name(char *name, uint64_t *wwn)
12616 {
12617 	char	*ptr = name;
12618 
12619 	if (*ptr != 'w') {
12620 		return (DDI_FAILURE);
12621 	}
12622 
12623 	ptr++;
12624 	if (scsi_wwnstr_to_wwn(ptr, wwn)) {
12625 		return (DDI_FAILURE);
12626 	}
12627 	return (DDI_SUCCESS);
12628 }
12629 
12630 static int
12631 mptsas_bus_config(dev_info_t *pdip, uint_t flag,
12632     ddi_bus_config_op_t op, void *arg, dev_info_t **childp)
12633 {
12634 	int		ret = NDI_FAILURE;
12635 	int		circ = 0;
12636 	int		circ1 = 0;
12637 	mptsas_t	*mpt;
12638 	char		*ptr = NULL;
12639 	char		*devnm = NULL;
12640 	uint64_t	wwid = 0;
12641 	uint8_t		phy = 0xFF;
12642 	int		lun = 0;
12643 	uint_t		mflags = flag;
12644 	int		bconfig = TRUE;
12645 
12646 	if (scsi_hba_iport_unit_address(pdip) == 0) {
12647 		return (DDI_FAILURE);
12648 	}
12649 
12650 	mpt = DIP2MPT(pdip);
12651 	if (!mpt) {
12652 		return (DDI_FAILURE);
12653 	}
12654 	/*
12655 	 * Hold the nexus across the bus_config
12656 	 */
12657 	ndi_devi_enter(scsi_vhci_dip, &circ);
12658 	ndi_devi_enter(pdip, &circ1);
12659 	switch (op) {
12660 	case BUS_CONFIG_ONE:
12661 		/* parse wwid/target name out of name given */
12662 		if ((ptr = strchr((char *)arg, '@')) == NULL) {
12663 			ret = NDI_FAILURE;
12664 			break;
12665 		}
12666 		ptr++;
12667 		if (strncmp((char *)arg, "smp", 3) == 0) {
12668 			/*
12669 			 * This is a SMP target device
12670 			 */
12671 			ret = mptsas_parse_smp_name(ptr, &wwid);
12672 			if (ret != DDI_SUCCESS) {
12673 				ret = NDI_FAILURE;
12674 				break;
12675 			}
12676 			ret = mptsas_config_smp(pdip, wwid, childp);
12677 		} else if ((ptr[0] == 'w') || (ptr[0] == 'p')) {
12678 			/*
12679 			 * OBP could pass down a non-canonical form
12680 			 * bootpath without LUN part when LUN is 0.
12681 			 * So driver need adjust the string.
12682 			 */
12683 			if (strchr(ptr, ',') == NULL) {
12684 				devnm = kmem_zalloc(SCSI_MAXNAMELEN, KM_SLEEP);
12685 				(void) sprintf(devnm, "%s,0", (char *)arg);
12686 				ptr = strchr(devnm, '@');
12687 				ptr++;
12688 			}
12689 
12690 			/*
12691 			 * The device path is wWWID format and the device
12692 			 * is not SMP target device.
12693 			 */
12694 			ret = mptsas_parse_address(ptr, &wwid, &phy, &lun);
12695 			if (ret != DDI_SUCCESS) {
12696 				ret = NDI_FAILURE;
12697 				break;
12698 			}
12699 			*childp = NULL;
12700 			if (ptr[0] == 'w') {
12701 				ret = mptsas_config_one_addr(pdip, wwid,
12702 				    lun, childp);
12703 			} else if (ptr[0] == 'p') {
12704 				ret = mptsas_config_one_phy(pdip, phy, lun,
12705 				    childp);
12706 			}
12707 
12708 			/*
12709 			 * If this is CD/DVD device in OBP path, the
12710 			 * ndi_busop_bus_config can be skipped as config one
12711 			 * operation is done above.
12712 			 */
12713 			if ((ret == NDI_SUCCESS) && (*childp != NULL) &&
12714 			    (strcmp(ddi_node_name(*childp), "cdrom") == 0) &&
12715 			    (strncmp((char *)arg, "disk", 4) == 0)) {
12716 				bconfig = FALSE;
12717 				ndi_hold_devi(*childp);
12718 			}
12719 		} else {
12720 			ret = NDI_FAILURE;
12721 			break;
12722 		}
12723 
12724 		/*
12725 		 * DDI group instructed us to use this flag.
12726 		 */
12727 		mflags |= NDI_MDI_FALLBACK;
12728 		break;
12729 	case BUS_CONFIG_DRIVER:
12730 	case BUS_CONFIG_ALL:
12731 		mptsas_config_all(pdip);
12732 		ret = NDI_SUCCESS;
12733 		break;
12734 	}
12735 
12736 	if ((ret == NDI_SUCCESS) && bconfig) {
12737 		ret = ndi_busop_bus_config(pdip, mflags, op,
12738 		    (devnm == NULL) ? arg : devnm, childp, 0);
12739 	}
12740 
12741 	ndi_devi_exit(pdip, circ1);
12742 	ndi_devi_exit(scsi_vhci_dip, circ);
12743 	if (devnm != NULL)
12744 		kmem_free(devnm, SCSI_MAXNAMELEN);
12745 	return (ret);
12746 }
12747 
12748 static int
12749 mptsas_probe_lun(dev_info_t *pdip, int lun, dev_info_t **dip,
12750     mptsas_target_t *ptgt)
12751 {
12752 	int			rval = DDI_FAILURE;
12753 	struct scsi_inquiry	*sd_inq = NULL;
12754 	mptsas_t		*mpt = DIP2MPT(pdip);
12755 
12756 	sd_inq = (struct scsi_inquiry *)kmem_alloc(SUN_INQSIZE, KM_SLEEP);
12757 
12758 	rval = mptsas_inquiry(mpt, ptgt, lun, 0, (uchar_t *)sd_inq,
12759 	    SUN_INQSIZE, 0, (uchar_t)0);
12760 
12761 	if ((rval == DDI_SUCCESS) && MPTSAS_VALID_LUN(sd_inq)) {
12762 		rval = mptsas_create_lun(pdip, sd_inq, dip, ptgt, lun);
12763 	} else {
12764 		rval = DDI_FAILURE;
12765 	}
12766 
12767 	kmem_free(sd_inq, SUN_INQSIZE);
12768 	return (rval);
12769 }
12770 
12771 static int
12772 mptsas_config_one_addr(dev_info_t *pdip, uint64_t sasaddr, int lun,
12773     dev_info_t **lundip)
12774 {
12775 	int		rval;
12776 	mptsas_t		*mpt = DIP2MPT(pdip);
12777 	int		phymask;
12778 	mptsas_target_t	*ptgt = NULL;
12779 
12780 	/*
12781 	 * Get the physical port associated to the iport
12782 	 */
12783 	phymask = ddi_prop_get_int(DDI_DEV_T_ANY, pdip, 0,
12784 	    "phymask", 0);
12785 
12786 	ptgt = mptsas_wwid_to_ptgt(mpt, phymask, sasaddr);
12787 	if (ptgt == NULL) {
12788 		/*
12789 		 * didn't match any device by searching
12790 		 */
12791 		return (DDI_FAILURE);
12792 	}
12793 	/*
12794 	 * If the LUN already exists and the status is online,
12795 	 * we just return the pointer to dev_info_t directly.
12796 	 * For the mdi_pathinfo node, we'll handle it in
12797 	 * mptsas_create_virt_lun()
12798 	 * TODO should be also in mptsas_handle_dr
12799 	 */
12800 
12801 	*lundip = mptsas_find_child_addr(pdip, sasaddr, lun);
12802 	if (*lundip != NULL) {
12803 		/*
12804 		 * TODO Another senario is, we hotplug the same disk
12805 		 * on the same slot, the devhdl changed, is this
12806 		 * possible?
12807 		 * tgt_private->t_private != ptgt
12808 		 */
12809 		if (sasaddr != ptgt->m_sas_wwn) {
12810 			/*
12811 			 * The device has changed although the devhdl is the
12812 			 * same (Enclosure mapping mode, change drive on the
12813 			 * same slot)
12814 			 */
12815 			return (DDI_FAILURE);
12816 		}
12817 		return (DDI_SUCCESS);
12818 	}
12819 
12820 	if (phymask == 0) {
12821 		/*
12822 		 * Configure IR volume
12823 		 */
12824 		rval =  mptsas_config_raid(pdip, ptgt->m_devhdl, lundip);
12825 		return (rval);
12826 	}
12827 	rval = mptsas_probe_lun(pdip, lun, lundip, ptgt);
12828 
12829 	return (rval);
12830 }
12831 
12832 static int
12833 mptsas_config_one_phy(dev_info_t *pdip, uint8_t phy, int lun,
12834     dev_info_t **lundip)
12835 {
12836 	int		rval;
12837 	mptsas_t	*mpt = DIP2MPT(pdip);
12838 	int		phymask;
12839 	mptsas_target_t	*ptgt = NULL;
12840 
12841 	/*
12842 	 * Get the physical port associated to the iport
12843 	 */
12844 	phymask = ddi_prop_get_int(DDI_DEV_T_ANY, pdip, 0,
12845 	    "phymask", 0);
12846 
12847 	ptgt = mptsas_phy_to_tgt(mpt, phymask, phy);
12848 	if (ptgt == NULL) {
12849 		/*
12850 		 * didn't match any device by searching
12851 		 */
12852 		return (DDI_FAILURE);
12853 	}
12854 
12855 	/*
12856 	 * If the LUN already exists and the status is online,
12857 	 * we just return the pointer to dev_info_t directly.
12858 	 * For the mdi_pathinfo node, we'll handle it in
12859 	 * mptsas_create_virt_lun().
12860 	 */
12861 
12862 	*lundip = mptsas_find_child_phy(pdip, phy);
12863 	if (*lundip != NULL) {
12864 		return (DDI_SUCCESS);
12865 	}
12866 
12867 	rval = mptsas_probe_lun(pdip, lun, lundip, ptgt);
12868 
12869 	return (rval);
12870 }
12871 
12872 static int
12873 mptsas_retrieve_lundata(int lun_cnt, uint8_t *buf, uint16_t *lun_num,
12874     uint8_t *lun_addr_type)
12875 {
12876 	uint32_t	lun_idx = 0;
12877 
12878 	ASSERT(lun_num != NULL);
12879 	ASSERT(lun_addr_type != NULL);
12880 
12881 	lun_idx = (lun_cnt + 1) * MPTSAS_SCSI_REPORTLUNS_ADDRESS_SIZE;
12882 	/* determine report luns addressing type */
12883 	switch (buf[lun_idx] & MPTSAS_SCSI_REPORTLUNS_ADDRESS_MASK) {
12884 		/*
12885 		 * Vendors in the field have been found to be concatenating
12886 		 * bus/target/lun to equal the complete lun value instead
12887 		 * of switching to flat space addressing
12888 		 */
12889 		/* 00b - peripheral device addressing method */
12890 	case MPTSAS_SCSI_REPORTLUNS_ADDRESS_PERIPHERAL:
12891 		/* FALLTHRU */
12892 		/* 10b - logical unit addressing method */
12893 	case MPTSAS_SCSI_REPORTLUNS_ADDRESS_LOGICAL_UNIT:
12894 		/* FALLTHRU */
12895 		/* 01b - flat space addressing method */
12896 	case MPTSAS_SCSI_REPORTLUNS_ADDRESS_FLAT_SPACE:
12897 		/* byte0 bit0-5=msb lun byte1 bit0-7=lsb lun */
12898 		*lun_addr_type = (buf[lun_idx] &
12899 		    MPTSAS_SCSI_REPORTLUNS_ADDRESS_MASK) >> 6;
12900 		*lun_num = (buf[lun_idx] & 0x3F) << 8;
12901 		*lun_num |= buf[lun_idx + 1];
12902 		return (DDI_SUCCESS);
12903 	default:
12904 		return (DDI_FAILURE);
12905 	}
12906 }
12907 
12908 static int
12909 mptsas_config_luns(dev_info_t *pdip, mptsas_target_t *ptgt)
12910 {
12911 	struct buf		*repluns_bp = NULL;
12912 	struct scsi_address	ap;
12913 	uchar_t			cdb[CDB_GROUP5];
12914 	int			ret = DDI_FAILURE;
12915 	int			retry = 0;
12916 	int			lun_list_len = 0;
12917 	uint16_t		lun_num = 0;
12918 	uint8_t			lun_addr_type = 0;
12919 	uint32_t		lun_cnt = 0;
12920 	uint32_t		lun_total = 0;
12921 	dev_info_t		*cdip = NULL;
12922 	uint16_t		*saved_repluns = NULL;
12923 	char			*buffer = NULL;
12924 	int			buf_len = 128;
12925 	mptsas_t		*mpt = DIP2MPT(pdip);
12926 	uint64_t		sas_wwn = 0;
12927 	uint8_t			phy = 0xFF;
12928 	uint32_t		dev_info = 0;
12929 
12930 	mutex_enter(&mpt->m_mutex);
12931 	sas_wwn = ptgt->m_sas_wwn;
12932 	phy = ptgt->m_phynum;
12933 	dev_info = ptgt->m_deviceinfo;
12934 	mutex_exit(&mpt->m_mutex);
12935 
12936 	if (sas_wwn == 0) {
12937 		/*
12938 		 * It's a SATA without Device Name
12939 		 * So don't try multi-LUNs
12940 		 */
12941 		if (mptsas_find_child_phy(pdip, phy)) {
12942 			return (DDI_SUCCESS);
12943 		} else {
12944 			/*
12945 			 * need configure and create node
12946 			 */
12947 			return (DDI_FAILURE);
12948 		}
12949 	}
12950 
12951 	/*
12952 	 * WWN (SAS address or Device Name exist)
12953 	 */
12954 	if (dev_info & (MPI2_SAS_DEVICE_INFO_SATA_DEVICE |
12955 	    MPI2_SAS_DEVICE_INFO_ATAPI_DEVICE)) {
12956 		/*
12957 		 * SATA device with Device Name
12958 		 * So don't try multi-LUNs
12959 		 */
12960 		if (mptsas_find_child_addr(pdip, sas_wwn, 0)) {
12961 			return (DDI_SUCCESS);
12962 		} else {
12963 			return (DDI_FAILURE);
12964 		}
12965 	}
12966 
12967 	do {
12968 		ap.a_target = MPTSAS_INVALID_DEVHDL;
12969 		ap.a_lun = 0;
12970 		ap.a_hba_tran = mpt->m_tran;
12971 		repluns_bp = scsi_alloc_consistent_buf(&ap,
12972 		    (struct buf *)NULL, buf_len, B_READ, NULL_FUNC, NULL);
12973 		if (repluns_bp == NULL) {
12974 			retry++;
12975 			continue;
12976 		}
12977 		bzero(cdb, CDB_GROUP5);
12978 		cdb[0] = SCMD_REPORT_LUNS;
12979 		cdb[6] = (buf_len & 0xff000000) >> 24;
12980 		cdb[7] = (buf_len & 0x00ff0000) >> 16;
12981 		cdb[8] = (buf_len & 0x0000ff00) >> 8;
12982 		cdb[9] = (buf_len & 0x000000ff);
12983 
12984 		ret = mptsas_send_scsi_cmd(mpt, &ap, ptgt, &cdb[0], CDB_GROUP5,
12985 		    repluns_bp, NULL);
12986 		if (ret != DDI_SUCCESS) {
12987 			scsi_free_consistent_buf(repluns_bp);
12988 			retry++;
12989 			continue;
12990 		}
12991 		lun_list_len = BE_32(*(int *)((void *)(
12992 		    repluns_bp->b_un.b_addr)));
12993 		if (buf_len >= lun_list_len + 8) {
12994 			ret = DDI_SUCCESS;
12995 			break;
12996 		}
12997 		scsi_free_consistent_buf(repluns_bp);
12998 		buf_len = lun_list_len + 8;
12999 
13000 	} while (retry < 3);
13001 
13002 	if (ret != DDI_SUCCESS)
13003 		return (ret);
13004 	buffer = (char *)repluns_bp->b_un.b_addr;
13005 	/*
13006 	 * find out the number of luns returned by the SCSI ReportLun call
13007 	 * and allocate buffer space
13008 	 */
13009 	lun_total = lun_list_len / MPTSAS_SCSI_REPORTLUNS_ADDRESS_SIZE;
13010 	saved_repluns = kmem_zalloc(sizeof (uint16_t) * lun_total, KM_SLEEP);
13011 	if (saved_repluns == NULL) {
13012 		scsi_free_consistent_buf(repluns_bp);
13013 		return (DDI_FAILURE);
13014 	}
13015 	for (lun_cnt = 0; lun_cnt < lun_total; lun_cnt++) {
13016 		if (mptsas_retrieve_lundata(lun_cnt, (uint8_t *)(buffer),
13017 		    &lun_num, &lun_addr_type) != DDI_SUCCESS) {
13018 			continue;
13019 		}
13020 		saved_repluns[lun_cnt] = lun_num;
13021 		if (cdip = mptsas_find_child_addr(pdip, sas_wwn, lun_num))
13022 			ret = DDI_SUCCESS;
13023 		else
13024 			ret = mptsas_probe_lun(pdip, lun_num, &cdip,
13025 			    ptgt);
13026 		if ((ret == DDI_SUCCESS) && (cdip != NULL)) {
13027 			(void) ndi_prop_remove(DDI_DEV_T_NONE, cdip,
13028 			    MPTSAS_DEV_GONE);
13029 		}
13030 	}
13031 	mptsas_offline_missed_luns(pdip, saved_repluns, lun_total, ptgt);
13032 	kmem_free(saved_repluns, sizeof (uint16_t) * lun_total);
13033 	scsi_free_consistent_buf(repluns_bp);
13034 	return (DDI_SUCCESS);
13035 }
13036 
13037 static int
13038 mptsas_config_raid(dev_info_t *pdip, uint16_t target, dev_info_t **dip)
13039 {
13040 	int			rval = DDI_FAILURE;
13041 	struct scsi_inquiry	*sd_inq = NULL;
13042 	mptsas_t		*mpt = DIP2MPT(pdip);
13043 	mptsas_target_t		*ptgt = NULL;
13044 
13045 	mutex_enter(&mpt->m_mutex);
13046 	ptgt = mptsas_search_by_devhdl(&mpt->m_active->m_tgttbl, target);
13047 	mutex_exit(&mpt->m_mutex);
13048 	if (ptgt == NULL) {
13049 		mptsas_log(mpt, CE_WARN, "Volume with VolDevHandle of 0x%x "
13050 		    "not found.", target);
13051 		return (rval);
13052 	}
13053 
13054 	sd_inq = (struct scsi_inquiry *)kmem_alloc(SUN_INQSIZE, KM_SLEEP);
13055 	rval = mptsas_inquiry(mpt, ptgt, 0, 0, (uchar_t *)sd_inq,
13056 	    SUN_INQSIZE, 0, (uchar_t)0);
13057 
13058 	if ((rval == DDI_SUCCESS) && MPTSAS_VALID_LUN(sd_inq)) {
13059 		rval = mptsas_create_phys_lun(pdip, sd_inq, NULL, dip, ptgt,
13060 		    0);
13061 	} else {
13062 		rval = DDI_FAILURE;
13063 	}
13064 
13065 	kmem_free(sd_inq, SUN_INQSIZE);
13066 	return (rval);
13067 }
13068 
13069 /*
13070  * configure all RAID volumes for virtual iport
13071  */
13072 static void
13073 mptsas_config_all_viport(dev_info_t *pdip)
13074 {
13075 	mptsas_t	*mpt = DIP2MPT(pdip);
13076 	int		config, vol;
13077 	int		target;
13078 	dev_info_t	*lundip = NULL;
13079 	mptsas_slots_t	*slots = mpt->m_active;
13080 
13081 	/*
13082 	 * Get latest RAID info and search for any Volume DevHandles.  If any
13083 	 * are found, configure the volume.
13084 	 */
13085 	mutex_enter(&mpt->m_mutex);
13086 	for (config = 0; config < slots->m_num_raid_configs; config++) {
13087 		for (vol = 0; vol < MPTSAS_MAX_RAIDVOLS; vol++) {
13088 			if (slots->m_raidconfig[config].m_raidvol[vol].m_israid
13089 			    == 1) {
13090 				target = slots->m_raidconfig[config].
13091 				    m_raidvol[vol].m_raidhandle;
13092 				mutex_exit(&mpt->m_mutex);
13093 				(void) mptsas_config_raid(pdip, target,
13094 				    &lundip);
13095 				mutex_enter(&mpt->m_mutex);
13096 			}
13097 		}
13098 	}
13099 	mutex_exit(&mpt->m_mutex);
13100 }
13101 
13102 static void
13103 mptsas_offline_missed_luns(dev_info_t *pdip, uint16_t *repluns,
13104     int lun_cnt, mptsas_target_t *ptgt)
13105 {
13106 	dev_info_t	*child = NULL, *savechild = NULL;
13107 	mdi_pathinfo_t	*pip = NULL, *savepip = NULL;
13108 	uint64_t	sas_wwn, wwid;
13109 	uint8_t		phy;
13110 	int		lun;
13111 	int		i;
13112 	int		find;
13113 	char		*addr;
13114 	char		*nodename;
13115 	mptsas_t	*mpt = DIP2MPT(pdip);
13116 
13117 	mutex_enter(&mpt->m_mutex);
13118 	wwid = ptgt->m_sas_wwn;
13119 	mutex_exit(&mpt->m_mutex);
13120 
13121 	child = ddi_get_child(pdip);
13122 	while (child) {
13123 		find = 0;
13124 		savechild = child;
13125 		child = ddi_get_next_sibling(child);
13126 
13127 		nodename = ddi_node_name(savechild);
13128 		if (strcmp(nodename, "smp") == 0) {
13129 			continue;
13130 		}
13131 
13132 		addr = ddi_get_name_addr(savechild);
13133 		if (addr == NULL) {
13134 			continue;
13135 		}
13136 
13137 		if (mptsas_parse_address(addr, &sas_wwn, &phy, &lun) !=
13138 		    DDI_SUCCESS) {
13139 			continue;
13140 		}
13141 
13142 		if (wwid == sas_wwn) {
13143 			for (i = 0; i < lun_cnt; i++) {
13144 				if (repluns[i] == lun) {
13145 					find = 1;
13146 					break;
13147 				}
13148 			}
13149 		} else {
13150 			continue;
13151 		}
13152 		if (find == 0) {
13153 			/*
13154 			 * The lun has not been there already
13155 			 */
13156 			(void) mptsas_offline_lun(pdip, savechild, NULL,
13157 			    NDI_DEVI_REMOVE);
13158 		}
13159 	}
13160 
13161 	pip = mdi_get_next_client_path(pdip, NULL);
13162 	while (pip) {
13163 		find = 0;
13164 		savepip = pip;
13165 		addr = MDI_PI(pip)->pi_addr;
13166 
13167 		pip = mdi_get_next_client_path(pdip, pip);
13168 
13169 		if (addr == NULL) {
13170 			continue;
13171 		}
13172 
13173 		if (mptsas_parse_address(addr, &sas_wwn, &phy,
13174 		    &lun) != DDI_SUCCESS) {
13175 			continue;
13176 		}
13177 
13178 		if (sas_wwn == wwid) {
13179 			for (i = 0; i < lun_cnt; i++) {
13180 				if (repluns[i] == lun) {
13181 					find = 1;
13182 					break;
13183 				}
13184 			}
13185 		} else {
13186 			continue;
13187 		}
13188 
13189 		if (find == 0) {
13190 			/*
13191 			 * The lun has not been there already
13192 			 */
13193 			(void) mptsas_offline_lun(pdip, NULL, savepip,
13194 			    NDI_DEVI_REMOVE);
13195 		}
13196 	}
13197 }
13198 
13199 void
13200 mptsas_update_hashtab(struct mptsas *mpt)
13201 {
13202 	uint32_t	page_address;
13203 	int		rval = 0;
13204 	uint16_t	dev_handle;
13205 	mptsas_target_t	*ptgt = NULL;
13206 	mptsas_smp_t	smp_node;
13207 
13208 	/*
13209 	 * Get latest RAID info.
13210 	 */
13211 	(void) mptsas_get_raid_info(mpt);
13212 
13213 	dev_handle = mpt->m_smp_devhdl;
13214 	for (; mpt->m_done_traverse_smp == 0; ) {
13215 		page_address = (MPI2_SAS_EXPAND_PGAD_FORM_GET_NEXT_HNDL &
13216 		    MPI2_SAS_EXPAND_PGAD_FORM_MASK) | (uint32_t)dev_handle;
13217 		if (mptsas_get_sas_expander_page0(mpt, page_address, &smp_node)
13218 		    != DDI_SUCCESS) {
13219 			break;
13220 		}
13221 		mpt->m_smp_devhdl = dev_handle = smp_node.m_devhdl;
13222 		(void) mptsas_smp_alloc(&mpt->m_active->m_smptbl, &smp_node);
13223 	}
13224 
13225 	/*
13226 	 * Config target devices
13227 	 */
13228 	dev_handle = mpt->m_dev_handle;
13229 
13230 	/*
13231 	 * Do loop to get sas device page 0 by GetNextHandle till the
13232 	 * the last handle. If the sas device is a SATA/SSP target,
13233 	 * we try to config it.
13234 	 */
13235 	for (; mpt->m_done_traverse_dev == 0; ) {
13236 		ptgt = NULL;
13237 		page_address =
13238 		    (MPI2_SAS_DEVICE_PGAD_FORM_GET_NEXT_HANDLE &
13239 		    MPI2_SAS_DEVICE_PGAD_FORM_MASK) |
13240 		    (uint32_t)dev_handle;
13241 		rval = mptsas_get_target_device_info(mpt, page_address,
13242 		    &dev_handle, &ptgt);
13243 		if ((rval == DEV_INFO_FAIL_PAGE0) ||
13244 		    (rval == DEV_INFO_FAIL_ALLOC)) {
13245 			break;
13246 		}
13247 
13248 		mpt->m_dev_handle = dev_handle;
13249 	}
13250 
13251 }
13252 
13253 void
13254 mptsas_invalid_hashtab(mptsas_hash_table_t *hashtab)
13255 {
13256 	mptsas_hash_data_t *data;
13257 	data = mptsas_hash_traverse(hashtab, MPTSAS_HASH_FIRST);
13258 	while (data != NULL) {
13259 		data->devhdl = MPTSAS_INVALID_DEVHDL;
13260 		data->device_info = 0;
13261 		/*
13262 		 * For tgttbl, clear dr_flag.
13263 		 */
13264 		data->dr_flag = MPTSAS_DR_INACTIVE;
13265 		data = mptsas_hash_traverse(hashtab, MPTSAS_HASH_NEXT);
13266 	}
13267 }
13268 
13269 void
13270 mptsas_update_driver_data(struct mptsas *mpt)
13271 {
13272 	/*
13273 	 * TODO after hard reset, update the driver data structures
13274 	 * 1. update port/phymask mapping table mpt->m_phy_info
13275 	 * 2. invalid all the entries in hash table
13276 	 *    m_devhdl = 0xffff and m_deviceinfo = 0
13277 	 * 3. call sas_device_page/expander_page to update hash table
13278 	 */
13279 	mptsas_update_phymask(mpt);
13280 	/*
13281 	 * Invalid the existing entries
13282 	 */
13283 	mptsas_invalid_hashtab(&mpt->m_active->m_tgttbl);
13284 	mptsas_invalid_hashtab(&mpt->m_active->m_smptbl);
13285 	mpt->m_done_traverse_dev = 0;
13286 	mpt->m_done_traverse_smp = 0;
13287 	mpt->m_dev_handle = mpt->m_smp_devhdl = MPTSAS_INVALID_DEVHDL;
13288 	mptsas_update_hashtab(mpt);
13289 }
13290 
13291 static void
13292 mptsas_config_all(dev_info_t *pdip)
13293 {
13294 	dev_info_t	*smpdip = NULL;
13295 	mptsas_t	*mpt = DIP2MPT(pdip);
13296 	int		phymask = 0;
13297 	mptsas_phymask_t phy_mask;
13298 	mptsas_target_t	*ptgt = NULL;
13299 	mptsas_smp_t	*psmp;
13300 
13301 	/*
13302 	 * Get the phymask associated to the iport
13303 	 */
13304 	phymask = ddi_prop_get_int(DDI_DEV_T_ANY, pdip, 0,
13305 	    "phymask", 0);
13306 
13307 	/*
13308 	 * Enumerate RAID volumes here (phymask == 0).
13309 	 */
13310 	if (phymask == 0) {
13311 		mptsas_config_all_viport(pdip);
13312 		return;
13313 	}
13314 
13315 	mutex_enter(&mpt->m_mutex);
13316 
13317 	if (!mpt->m_done_traverse_dev || !mpt->m_done_traverse_smp) {
13318 		mptsas_update_hashtab(mpt);
13319 	}
13320 
13321 	psmp = (mptsas_smp_t *)mptsas_hash_traverse(&mpt->m_active->m_smptbl,
13322 	    MPTSAS_HASH_FIRST);
13323 	while (psmp != NULL) {
13324 		phy_mask = psmp->m_phymask;
13325 		if (phy_mask == phymask) {
13326 			smpdip = NULL;
13327 			mutex_exit(&mpt->m_mutex);
13328 			(void) mptsas_online_smp(pdip, psmp, &smpdip);
13329 			mutex_enter(&mpt->m_mutex);
13330 		}
13331 		psmp = (mptsas_smp_t *)mptsas_hash_traverse(
13332 		    &mpt->m_active->m_smptbl, MPTSAS_HASH_NEXT);
13333 	}
13334 
13335 	ptgt = (mptsas_target_t *)mptsas_hash_traverse(&mpt->m_active->m_tgttbl,
13336 	    MPTSAS_HASH_FIRST);
13337 	while (ptgt != NULL) {
13338 		phy_mask = ptgt->m_phymask;
13339 		if (phy_mask == phymask) {
13340 			mutex_exit(&mpt->m_mutex);
13341 			(void) mptsas_config_target(pdip, ptgt);
13342 			mutex_enter(&mpt->m_mutex);
13343 		}
13344 
13345 		ptgt = (mptsas_target_t *)mptsas_hash_traverse(
13346 		    &mpt->m_active->m_tgttbl, MPTSAS_HASH_NEXT);
13347 	}
13348 	mutex_exit(&mpt->m_mutex);
13349 }
13350 
13351 static int
13352 mptsas_config_target(dev_info_t *pdip, mptsas_target_t *ptgt)
13353 {
13354 	int		rval = DDI_FAILURE;
13355 	dev_info_t	*tdip;
13356 
13357 	rval = mptsas_config_luns(pdip, ptgt);
13358 	if (rval != DDI_SUCCESS) {
13359 		/*
13360 		 * The return value means the SCMD_REPORT_LUNS
13361 		 * did not execute successfully. The target maybe
13362 		 * doesn't support such command.
13363 		 */
13364 		rval = mptsas_probe_lun(pdip, 0, &tdip, ptgt);
13365 	}
13366 	return (rval);
13367 }
13368 
13369 /*
13370  * Return fail if not all the childs/paths are freed.
13371  * if there is any path under the HBA, the return value will be always fail
13372  * because we didn't call mdi_pi_free for path
13373  */
13374 static int
13375 mptsas_offline_target(dev_info_t *pdip, char *name)
13376 {
13377 	dev_info_t		*child = NULL, *prechild = NULL;
13378 	mdi_pathinfo_t		*pip = NULL, *savepip = NULL;
13379 	int			tmp_rval, rval = DDI_SUCCESS;
13380 	char			*addr, *cp;
13381 	size_t			s;
13382 	mptsas_t		*mpt = DIP2MPT(pdip);
13383 
13384 	child = ddi_get_child(pdip);
13385 	while (child) {
13386 		addr = ddi_get_name_addr(child);
13387 		prechild = child;
13388 		child = ddi_get_next_sibling(child);
13389 
13390 		if (addr == NULL) {
13391 			continue;
13392 		}
13393 		if ((cp = strchr(addr, ',')) == NULL) {
13394 			continue;
13395 		}
13396 
13397 		s = (uintptr_t)cp - (uintptr_t)addr;
13398 
13399 		if (strncmp(addr, name, s) != 0) {
13400 			continue;
13401 		}
13402 
13403 		tmp_rval = mptsas_offline_lun(pdip, prechild, NULL,
13404 		    NDI_DEVI_REMOVE);
13405 		if (tmp_rval != DDI_SUCCESS) {
13406 			rval = DDI_FAILURE;
13407 			if (ndi_prop_create_boolean(DDI_DEV_T_NONE,
13408 			    prechild, MPTSAS_DEV_GONE) !=
13409 			    DDI_PROP_SUCCESS) {
13410 				mptsas_log(mpt, CE_WARN, "mptsas driver "
13411 				    "unable to create property for "
13412 				    "SAS %s (MPTSAS_DEV_GONE)", addr);
13413 			}
13414 		}
13415 	}
13416 
13417 	pip = mdi_get_next_client_path(pdip, NULL);
13418 	while (pip) {
13419 		addr = MDI_PI(pip)->pi_addr;
13420 		savepip = pip;
13421 		pip = mdi_get_next_client_path(pdip, pip);
13422 		if (addr == NULL) {
13423 			continue;
13424 		}
13425 
13426 		if ((cp = strchr(addr, ',')) == NULL) {
13427 			continue;
13428 		}
13429 
13430 		s = (uintptr_t)cp - (uintptr_t)addr;
13431 
13432 		if (strncmp(addr, name, s) != 0) {
13433 			continue;
13434 		}
13435 
13436 		(void) mptsas_offline_lun(pdip, NULL, savepip,
13437 		    NDI_DEVI_REMOVE);
13438 		/*
13439 		 * driver will not invoke mdi_pi_free, so path will not
13440 		 * be freed forever, return DDI_FAILURE.
13441 		 */
13442 		rval = DDI_FAILURE;
13443 	}
13444 	return (rval);
13445 }
13446 
13447 static int
13448 mptsas_offline_lun(dev_info_t *pdip, dev_info_t *rdip,
13449     mdi_pathinfo_t *rpip, uint_t flags)
13450 {
13451 	int		rval = DDI_FAILURE;
13452 	char		*devname;
13453 	dev_info_t	*cdip, *parent;
13454 
13455 	if (rpip != NULL) {
13456 		parent = scsi_vhci_dip;
13457 		cdip = mdi_pi_get_client(rpip);
13458 	} else if (rdip != NULL) {
13459 		parent = pdip;
13460 		cdip = rdip;
13461 	} else {
13462 		return (DDI_FAILURE);
13463 	}
13464 
13465 	/*
13466 	 * Make sure node is attached otherwise
13467 	 * it won't have related cache nodes to
13468 	 * clean up.  i_ddi_devi_attached is
13469 	 * similiar to i_ddi_node_state(cdip) >=
13470 	 * DS_ATTACHED.
13471 	 */
13472 	if (i_ddi_devi_attached(cdip)) {
13473 
13474 		/* Get full devname */
13475 		devname = kmem_alloc(MAXNAMELEN + 1, KM_SLEEP);
13476 		(void) ddi_deviname(cdip, devname);
13477 		/* Clean cache */
13478 		(void) devfs_clean(parent, devname + 1,
13479 		    DV_CLEAN_FORCE);
13480 		kmem_free(devname, MAXNAMELEN + 1);
13481 	}
13482 	if (rpip != NULL) {
13483 		if (MDI_PI_IS_OFFLINE(rpip)) {
13484 			rval = DDI_SUCCESS;
13485 		} else {
13486 			rval = mdi_pi_offline(rpip, 0);
13487 		}
13488 	} else {
13489 		rval = ndi_devi_offline(cdip, flags);
13490 	}
13491 
13492 	return (rval);
13493 }
13494 
13495 static dev_info_t *
13496 mptsas_find_smp_child(dev_info_t *parent, char *str_wwn)
13497 {
13498 	dev_info_t	*child = NULL;
13499 	char		*smp_wwn = NULL;
13500 
13501 	child = ddi_get_child(parent);
13502 	while (child) {
13503 		if (ddi_prop_lookup_string(DDI_DEV_T_ANY, child,
13504 		    DDI_PROP_DONTPASS, SMP_WWN, &smp_wwn)
13505 		    != DDI_SUCCESS) {
13506 			child = ddi_get_next_sibling(child);
13507 			continue;
13508 		}
13509 
13510 		if (strcmp(smp_wwn, str_wwn) == 0) {
13511 			ddi_prop_free(smp_wwn);
13512 			break;
13513 		}
13514 		child = ddi_get_next_sibling(child);
13515 		ddi_prop_free(smp_wwn);
13516 	}
13517 	return (child);
13518 }
13519 
13520 static int
13521 mptsas_offline_smp(dev_info_t *pdip, mptsas_smp_t *smp_node, uint_t flags)
13522 {
13523 	int		rval = DDI_FAILURE;
13524 	char		*devname;
13525 	char		wwn_str[MPTSAS_WWN_STRLEN];
13526 	dev_info_t	*cdip;
13527 
13528 	(void) sprintf(wwn_str, "%"PRIx64, smp_node->m_sasaddr);
13529 
13530 	cdip = mptsas_find_smp_child(pdip, wwn_str);
13531 
13532 	if (cdip == NULL)
13533 		return (DDI_SUCCESS);
13534 
13535 	/*
13536 	 * Make sure node is attached otherwise
13537 	 * it won't have related cache nodes to
13538 	 * clean up.  i_ddi_devi_attached is
13539 	 * similiar to i_ddi_node_state(cdip) >=
13540 	 * DS_ATTACHED.
13541 	 */
13542 	if (i_ddi_devi_attached(cdip)) {
13543 
13544 		/* Get full devname */
13545 		devname = kmem_alloc(MAXNAMELEN + 1, KM_SLEEP);
13546 		(void) ddi_deviname(cdip, devname);
13547 		/* Clean cache */
13548 		(void) devfs_clean(pdip, devname + 1,
13549 		    DV_CLEAN_FORCE);
13550 		kmem_free(devname, MAXNAMELEN + 1);
13551 	}
13552 
13553 	rval = ndi_devi_offline(cdip, flags);
13554 
13555 	return (rval);
13556 }
13557 
13558 static dev_info_t *
13559 mptsas_find_child(dev_info_t *pdip, char *name)
13560 {
13561 	dev_info_t	*child = NULL;
13562 	char		*rname = NULL;
13563 	int		rval = DDI_FAILURE;
13564 
13565 	rname = kmem_zalloc(SCSI_MAXNAMELEN, KM_SLEEP);
13566 
13567 	child = ddi_get_child(pdip);
13568 	while (child) {
13569 		rval = mptsas_name_child(child, rname, SCSI_MAXNAMELEN);
13570 		if (rval != DDI_SUCCESS) {
13571 			child = ddi_get_next_sibling(child);
13572 			bzero(rname, SCSI_MAXNAMELEN);
13573 			continue;
13574 		}
13575 
13576 		if (strcmp(rname, name) == 0) {
13577 			break;
13578 		}
13579 		child = ddi_get_next_sibling(child);
13580 		bzero(rname, SCSI_MAXNAMELEN);
13581 	}
13582 
13583 	kmem_free(rname, SCSI_MAXNAMELEN);
13584 
13585 	return (child);
13586 }
13587 
13588 
13589 static dev_info_t *
13590 mptsas_find_child_addr(dev_info_t *pdip, uint64_t sasaddr, int lun)
13591 {
13592 	dev_info_t	*child = NULL;
13593 	char		*name = NULL;
13594 	char		*addr = NULL;
13595 
13596 	name = kmem_zalloc(SCSI_MAXNAMELEN, KM_SLEEP);
13597 	addr = kmem_zalloc(SCSI_MAXNAMELEN, KM_SLEEP);
13598 	(void) sprintf(name, "%016"PRIx64, sasaddr);
13599 	(void) sprintf(addr, "w%s,%x", name, lun);
13600 	child = mptsas_find_child(pdip, addr);
13601 	kmem_free(name, SCSI_MAXNAMELEN);
13602 	kmem_free(addr, SCSI_MAXNAMELEN);
13603 	return (child);
13604 }
13605 
13606 static dev_info_t *
13607 mptsas_find_child_phy(dev_info_t *pdip, uint8_t phy)
13608 {
13609 	dev_info_t	*child;
13610 	char		*addr;
13611 
13612 	addr = kmem_zalloc(SCSI_MAXNAMELEN, KM_SLEEP);
13613 	(void) sprintf(addr, "p%x,0", phy);
13614 	child = mptsas_find_child(pdip, addr);
13615 	kmem_free(addr, SCSI_MAXNAMELEN);
13616 	return (child);
13617 }
13618 
13619 static mdi_pathinfo_t *
13620 mptsas_find_path_phy(dev_info_t *pdip, uint8_t phy)
13621 {
13622 	mdi_pathinfo_t	*path;
13623 	char		*addr = NULL;
13624 
13625 	addr = kmem_zalloc(SCSI_MAXNAMELEN, KM_SLEEP);
13626 	(void) sprintf(addr, "p%x,0", phy);
13627 	path = mdi_pi_find(pdip, NULL, addr);
13628 	kmem_free(addr, SCSI_MAXNAMELEN);
13629 	return (path);
13630 }
13631 
13632 static mdi_pathinfo_t *
13633 mptsas_find_path_addr(dev_info_t *parent, uint64_t sasaddr, int lun)
13634 {
13635 	mdi_pathinfo_t	*path;
13636 	char		*name = NULL;
13637 	char		*addr = NULL;
13638 
13639 	name = kmem_zalloc(SCSI_MAXNAMELEN, KM_SLEEP);
13640 	addr = kmem_zalloc(SCSI_MAXNAMELEN, KM_SLEEP);
13641 	(void) sprintf(name, "%016"PRIx64, sasaddr);
13642 	(void) sprintf(addr, "w%s,%x", name, lun);
13643 	path = mdi_pi_find(parent, NULL, addr);
13644 	kmem_free(name, SCSI_MAXNAMELEN);
13645 	kmem_free(addr, SCSI_MAXNAMELEN);
13646 
13647 	return (path);
13648 }
13649 
13650 static int
13651 mptsas_create_lun(dev_info_t *pdip, struct scsi_inquiry *sd_inq,
13652     dev_info_t **lun_dip, mptsas_target_t *ptgt, int lun)
13653 {
13654 	int			i = 0;
13655 	uchar_t			*inq83 = NULL;
13656 	int			inq83_len1 = 0xFF;
13657 	int			inq83_len = 0;
13658 	int			rval = DDI_FAILURE;
13659 	ddi_devid_t		devid;
13660 	char			*guid = NULL;
13661 	int			target = ptgt->m_devhdl;
13662 	mdi_pathinfo_t		*pip = NULL;
13663 	mptsas_t		*mpt = DIP2MPT(pdip);
13664 
13665 	/*
13666 	 * For DVD/CD ROM and tape devices and optical
13667 	 * devices, we won't try to enumerate them under
13668 	 * scsi_vhci, so no need to try page83
13669 	 */
13670 	if (sd_inq && (sd_inq->inq_dtype == DTYPE_RODIRECT ||
13671 	    sd_inq->inq_dtype == DTYPE_OPTICAL ||
13672 	    sd_inq->inq_dtype == DTYPE_ESI))
13673 		goto create_lun;
13674 
13675 	/*
13676 	 * The LCA returns good SCSI status, but corrupt page 83 data the first
13677 	 * time it is queried. The solution is to keep trying to request page83
13678 	 * and verify the GUID is not (DDI_NOT_WELL_FORMED) in
13679 	 * mptsas_inq83_retry_timeout seconds. If the timeout expires, driver
13680 	 * give up to get VPD page at this stage and fail the enumeration.
13681 	 */
13682 
13683 	inq83	= kmem_zalloc(inq83_len1, KM_SLEEP);
13684 
13685 	for (i = 0; i < mptsas_inq83_retry_timeout; i++) {
13686 		rval = mptsas_inquiry(mpt, ptgt, lun, 0x83, inq83,
13687 		    inq83_len1, &inq83_len, 1);
13688 		if (rval != 0) {
13689 			mptsas_log(mpt, CE_WARN, "!mptsas request inquiry page "
13690 			    "0x83 for target:%x, lun:%x failed!", target, lun);
13691 			goto out;
13692 		}
13693 		/*
13694 		 * create DEVID from inquiry data
13695 		 */
13696 		if ((rval = ddi_devid_scsi_encode(
13697 		    DEVID_SCSI_ENCODE_VERSION_LATEST, NULL, (uchar_t *)sd_inq,
13698 		    sizeof (struct scsi_inquiry), NULL, 0, inq83,
13699 		    (size_t)inq83_len, &devid)) == DDI_SUCCESS) {
13700 			/*
13701 			 * extract GUID from DEVID
13702 			 */
13703 			guid = ddi_devid_to_guid(devid);
13704 
13705 			/*
13706 			 * Do not enable MPXIO if the strlen(guid) is greater
13707 			 * than MPTSAS_MAX_GUID_LEN, this constrain would be
13708 			 * handled by framework later.
13709 			 */
13710 			if (guid && (strlen(guid) > MPTSAS_MAX_GUID_LEN)) {
13711 				ddi_devid_free_guid(guid);
13712 				guid = NULL;
13713 				if (mpt->m_mpxio_enable == TRUE) {
13714 					mptsas_log(mpt, CE_NOTE, "!Target:%x, "
13715 					    "lun:%x doesn't have a valid GUID, "
13716 					    "multipathing for this drive is "
13717 					    "not enabled", target, lun);
13718 				}
13719 			}
13720 
13721 			/*
13722 			 * devid no longer needed
13723 			 */
13724 			ddi_devid_free(devid);
13725 			break;
13726 		} else if (rval == DDI_NOT_WELL_FORMED) {
13727 			/*
13728 			 * return value of ddi_devid_scsi_encode equal to
13729 			 * DDI_NOT_WELL_FORMED means DEVID_RETRY, it worth
13730 			 * to retry inquiry page 0x83 and get GUID.
13731 			 */
13732 			NDBG20(("Not well formed devid, retry..."));
13733 			delay(1 * drv_usectohz(1000000));
13734 			continue;
13735 		} else {
13736 			mptsas_log(mpt, CE_WARN, "!Encode devid failed for "
13737 			    "path target:%x, lun:%x", target, lun);
13738 			rval = DDI_FAILURE;
13739 			goto create_lun;
13740 		}
13741 	}
13742 
13743 	if (i == mptsas_inq83_retry_timeout) {
13744 		mptsas_log(mpt, CE_WARN, "!Repeated page83 requests timeout "
13745 		    "for path target:%x, lun:%x", target, lun);
13746 	}
13747 
13748 	rval = DDI_FAILURE;
13749 
13750 create_lun:
13751 	if ((guid != NULL) && (mpt->m_mpxio_enable == TRUE)) {
13752 		rval = mptsas_create_virt_lun(pdip, sd_inq, guid, lun_dip, &pip,
13753 		    ptgt, lun);
13754 	}
13755 	if (rval != DDI_SUCCESS) {
13756 		rval = mptsas_create_phys_lun(pdip, sd_inq, guid, lun_dip,
13757 		    ptgt, lun);
13758 
13759 	}
13760 out:
13761 	if (guid != NULL) {
13762 		/*
13763 		 * guid no longer needed
13764 		 */
13765 		ddi_devid_free_guid(guid);
13766 	}
13767 	if (inq83 != NULL)
13768 		kmem_free(inq83, inq83_len1);
13769 	return (rval);
13770 }
13771 
13772 static int
13773 mptsas_create_virt_lun(dev_info_t *pdip, struct scsi_inquiry *inq, char *guid,
13774     dev_info_t **lun_dip, mdi_pathinfo_t **pip, mptsas_target_t *ptgt, int lun)
13775 {
13776 	int			target;
13777 	char			*nodename = NULL;
13778 	char			**compatible = NULL;
13779 	int			ncompatible	= 0;
13780 	int			mdi_rtn = MDI_FAILURE;
13781 	int			rval = DDI_FAILURE;
13782 	char			*old_guid = NULL;
13783 	mptsas_t		*mpt = DIP2MPT(pdip);
13784 	char			*lun_addr = NULL;
13785 	char			*wwn_str = NULL;
13786 	char			*attached_wwn_str = NULL;
13787 	char			*component = NULL;
13788 	uint8_t			phy = 0xFF;
13789 	uint64_t		sas_wwn;
13790 	int64_t			lun64 = 0;
13791 	uint32_t		devinfo;
13792 	uint16_t		dev_hdl;
13793 	uint16_t		pdev_hdl;
13794 	uint64_t		dev_sas_wwn;
13795 	uint64_t		pdev_sas_wwn;
13796 	uint32_t		pdev_info;
13797 	uint8_t			physport;
13798 	uint8_t			phy_id;
13799 	uint32_t		page_address;
13800 	uint16_t		bay_num, enclosure;
13801 	char			pdev_wwn_str[MPTSAS_WWN_STRLEN];
13802 	uint32_t		dev_info;
13803 
13804 	mutex_enter(&mpt->m_mutex);
13805 	target = ptgt->m_devhdl;
13806 	sas_wwn = ptgt->m_sas_wwn;
13807 	devinfo = ptgt->m_deviceinfo;
13808 	phy = ptgt->m_phynum;
13809 	mutex_exit(&mpt->m_mutex);
13810 
13811 	if (sas_wwn) {
13812 		*pip = mptsas_find_path_addr(pdip, sas_wwn, lun);
13813 	} else {
13814 		*pip = mptsas_find_path_phy(pdip, phy);
13815 	}
13816 
13817 	if (*pip != NULL) {
13818 		*lun_dip = MDI_PI(*pip)->pi_client->ct_dip;
13819 		ASSERT(*lun_dip != NULL);
13820 		if (ddi_prop_lookup_string(DDI_DEV_T_ANY, *lun_dip,
13821 		    (DDI_PROP_DONTPASS | DDI_PROP_NOTPROM),
13822 		    MDI_CLIENT_GUID_PROP, &old_guid) == DDI_SUCCESS) {
13823 			if (strncmp(guid, old_guid, strlen(guid)) == 0) {
13824 				/*
13825 				 * Same path back online again.
13826 				 */
13827 				(void) ddi_prop_free(old_guid);
13828 				if ((!MDI_PI_IS_ONLINE(*pip)) &&
13829 				    (!MDI_PI_IS_STANDBY(*pip)) &&
13830 				    (ptgt->m_tgt_unconfigured == 0)) {
13831 					rval = mdi_pi_online(*pip, 0);
13832 					mutex_enter(&mpt->m_mutex);
13833 					(void) mptsas_set_led_status(mpt, ptgt,
13834 					    0);
13835 					mutex_exit(&mpt->m_mutex);
13836 				} else {
13837 					rval = DDI_SUCCESS;
13838 				}
13839 				if (rval != DDI_SUCCESS) {
13840 					mptsas_log(mpt, CE_WARN, "path:target: "
13841 					    "%x, lun:%x online failed!", target,
13842 					    lun);
13843 					*pip = NULL;
13844 					*lun_dip = NULL;
13845 				}
13846 				return (rval);
13847 			} else {
13848 				/*
13849 				 * The GUID of the LUN has changed which maybe
13850 				 * because customer mapped another volume to the
13851 				 * same LUN.
13852 				 */
13853 				mptsas_log(mpt, CE_WARN, "The GUID of the "
13854 				    "target:%x, lun:%x was changed, maybe "
13855 				    "because someone mapped another volume "
13856 				    "to the same LUN", target, lun);
13857 				(void) ddi_prop_free(old_guid);
13858 				if (!MDI_PI_IS_OFFLINE(*pip)) {
13859 					rval = mdi_pi_offline(*pip, 0);
13860 					if (rval != MDI_SUCCESS) {
13861 						mptsas_log(mpt, CE_WARN, "path:"
13862 						    "target:%x, lun:%x offline "
13863 						    "failed!", target, lun);
13864 						*pip = NULL;
13865 						*lun_dip = NULL;
13866 						return (DDI_FAILURE);
13867 					}
13868 				}
13869 				if (mdi_pi_free(*pip, 0) != MDI_SUCCESS) {
13870 					mptsas_log(mpt, CE_WARN, "path:target:"
13871 					    "%x, lun:%x free failed!", target,
13872 					    lun);
13873 					*pip = NULL;
13874 					*lun_dip = NULL;
13875 					return (DDI_FAILURE);
13876 				}
13877 			}
13878 		} else {
13879 			mptsas_log(mpt, CE_WARN, "Can't get client-guid "
13880 			    "property for path:target:%x, lun:%x", target, lun);
13881 			*pip = NULL;
13882 			*lun_dip = NULL;
13883 			return (DDI_FAILURE);
13884 		}
13885 	}
13886 	scsi_hba_nodename_compatible_get(inq, NULL,
13887 	    inq->inq_dtype, NULL, &nodename, &compatible, &ncompatible);
13888 
13889 	/*
13890 	 * if nodename can't be determined then print a message and skip it
13891 	 */
13892 	if (nodename == NULL) {
13893 		mptsas_log(mpt, CE_WARN, "mptsas driver found no compatible "
13894 		    "driver for target%d lun %d dtype:0x%02x", target, lun,
13895 		    inq->inq_dtype);
13896 		return (DDI_FAILURE);
13897 	}
13898 
13899 	wwn_str = kmem_zalloc(MPTSAS_WWN_STRLEN, KM_SLEEP);
13900 	/* The property is needed by MPAPI */
13901 	(void) sprintf(wwn_str, "%016"PRIx64, sas_wwn);
13902 
13903 	lun_addr = kmem_zalloc(SCSI_MAXNAMELEN, KM_SLEEP);
13904 	if (guid) {
13905 		(void) sprintf(lun_addr, "w%s,%x", wwn_str, lun);
13906 		(void) sprintf(wwn_str, "w%016"PRIx64, sas_wwn);
13907 	} else {
13908 		(void) sprintf(lun_addr, "p%x,%x", phy, lun);
13909 		(void) sprintf(wwn_str, "p%x", phy);
13910 	}
13911 
13912 	mdi_rtn = mdi_pi_alloc_compatible(pdip, nodename,
13913 	    guid, lun_addr, compatible, ncompatible,
13914 	    0, pip);
13915 	if (mdi_rtn == MDI_SUCCESS) {
13916 
13917 		if (mdi_prop_update_string(*pip, MDI_GUID,
13918 		    guid) != DDI_SUCCESS) {
13919 			mptsas_log(mpt, CE_WARN, "mptsas driver unable to "
13920 			    "create prop for target %d lun %d (MDI_GUID)",
13921 			    target, lun);
13922 			mdi_rtn = MDI_FAILURE;
13923 			goto virt_create_done;
13924 		}
13925 
13926 		if (mdi_prop_update_int(*pip, LUN_PROP,
13927 		    lun) != DDI_SUCCESS) {
13928 			mptsas_log(mpt, CE_WARN, "mptsas driver unable to "
13929 			    "create prop for target %d lun %d (LUN_PROP)",
13930 			    target, lun);
13931 			mdi_rtn = MDI_FAILURE;
13932 			goto virt_create_done;
13933 		}
13934 		lun64 = (int64_t)lun;
13935 		if (mdi_prop_update_int64(*pip, LUN64_PROP,
13936 		    lun64) != DDI_SUCCESS) {
13937 			mptsas_log(mpt, CE_WARN, "mptsas driver unable to "
13938 			    "create prop for target %d (LUN64_PROP)",
13939 			    target);
13940 			mdi_rtn = MDI_FAILURE;
13941 			goto virt_create_done;
13942 		}
13943 		if (mdi_prop_update_string_array(*pip, "compatible",
13944 		    compatible, ncompatible) !=
13945 		    DDI_PROP_SUCCESS) {
13946 			mptsas_log(mpt, CE_WARN, "mptsas driver unable to "
13947 			    "create prop for target %d lun %d (COMPATIBLE)",
13948 			    target, lun);
13949 			mdi_rtn = MDI_FAILURE;
13950 			goto virt_create_done;
13951 		}
13952 		if (sas_wwn && (mdi_prop_update_string(*pip,
13953 		    SCSI_ADDR_PROP_TARGET_PORT, wwn_str) != DDI_PROP_SUCCESS)) {
13954 			mptsas_log(mpt, CE_WARN, "mptsas driver unable to "
13955 			    "create prop for target %d lun %d "
13956 			    "(target-port)", target, lun);
13957 			mdi_rtn = MDI_FAILURE;
13958 			goto virt_create_done;
13959 		} else if ((sas_wwn == 0) && (mdi_prop_update_int(*pip,
13960 		    "sata-phy", phy) != DDI_PROP_SUCCESS)) {
13961 			/*
13962 			 * Direct attached SATA device without DeviceName
13963 			 */
13964 			mptsas_log(mpt, CE_WARN, "mptsas driver unable to "
13965 			    "create prop for SAS target %d lun %d "
13966 			    "(sata-phy)", target, lun);
13967 			mdi_rtn = MDI_FAILURE;
13968 			goto virt_create_done;
13969 		}
13970 		mutex_enter(&mpt->m_mutex);
13971 
13972 		page_address = (MPI2_SAS_DEVICE_PGAD_FORM_HANDLE &
13973 		    MPI2_SAS_DEVICE_PGAD_FORM_MASK) |
13974 		    (uint32_t)ptgt->m_devhdl;
13975 		rval = mptsas_get_sas_device_page0(mpt, page_address,
13976 		    &dev_hdl, &dev_sas_wwn, &dev_info, &physport,
13977 		    &phy_id, &pdev_hdl, &bay_num, &enclosure);
13978 		if (rval != DDI_SUCCESS) {
13979 			mutex_exit(&mpt->m_mutex);
13980 			mptsas_log(mpt, CE_WARN, "mptsas unable to get "
13981 			    "parent device for handle %d", page_address);
13982 			mdi_rtn = MDI_FAILURE;
13983 			goto virt_create_done;
13984 		}
13985 
13986 		page_address = (MPI2_SAS_DEVICE_PGAD_FORM_HANDLE &
13987 		    MPI2_SAS_DEVICE_PGAD_FORM_MASK) | (uint32_t)pdev_hdl;
13988 		rval = mptsas_get_sas_device_page0(mpt, page_address,
13989 		    &dev_hdl, &pdev_sas_wwn, &pdev_info, &physport,
13990 		    &phy_id, &pdev_hdl, &bay_num, &enclosure);
13991 		if (rval != DDI_SUCCESS) {
13992 			mutex_exit(&mpt->m_mutex);
13993 			mptsas_log(mpt, CE_WARN, "mptsas unable to get"
13994 			    "device info for handle %d", page_address);
13995 			mdi_rtn = MDI_FAILURE;
13996 			goto virt_create_done;
13997 		}
13998 
13999 		mutex_exit(&mpt->m_mutex);
14000 
14001 		/*
14002 		 * If this device direct attached to the controller
14003 		 * set the attached-port to the base wwid
14004 		 */
14005 		if ((ptgt->m_deviceinfo & DEVINFO_DIRECT_ATTACHED)
14006 		    != DEVINFO_DIRECT_ATTACHED) {
14007 			(void) sprintf(pdev_wwn_str, "w%016"PRIx64,
14008 			    pdev_sas_wwn);
14009 		} else {
14010 			/*
14011 			 * Update the iport's attached-port to guid
14012 			 */
14013 			if (sas_wwn == 0) {
14014 				(void) sprintf(wwn_str, "p%x", phy);
14015 			} else {
14016 				(void) sprintf(wwn_str, "w%016"PRIx64, sas_wwn);
14017 			}
14018 			if (ddi_prop_update_string(DDI_DEV_T_NONE,
14019 			    pdip, SCSI_ADDR_PROP_ATTACHED_PORT, wwn_str) !=
14020 			    DDI_PROP_SUCCESS) {
14021 				mptsas_log(mpt, CE_WARN,
14022 				    "mptsas unable to create "
14023 				    "property for iport target-port"
14024 				    " %s (sas_wwn)",
14025 				    wwn_str);
14026 				mdi_rtn = MDI_FAILURE;
14027 				goto virt_create_done;
14028 			}
14029 
14030 			(void) sprintf(pdev_wwn_str, "w%016"PRIx64,
14031 			    mpt->un.m_base_wwid);
14032 		}
14033 
14034 		if (mdi_prop_update_string(*pip,
14035 		    SCSI_ADDR_PROP_ATTACHED_PORT, pdev_wwn_str) !=
14036 		    DDI_PROP_SUCCESS) {
14037 			mptsas_log(mpt, CE_WARN, "mptsas unable to create "
14038 			    "property for iport attached-port %s (sas_wwn)",
14039 			    attached_wwn_str);
14040 			mdi_rtn = MDI_FAILURE;
14041 			goto virt_create_done;
14042 		}
14043 
14044 
14045 		if (inq->inq_dtype == 0) {
14046 			component = kmem_zalloc(MAXPATHLEN, KM_SLEEP);
14047 			/*
14048 			 * set obp path for pathinfo
14049 			 */
14050 			(void) snprintf(component, MAXPATHLEN,
14051 			    "disk@%s", lun_addr);
14052 
14053 			if (mdi_pi_pathname_obp_set(*pip, component) !=
14054 			    DDI_SUCCESS) {
14055 				mptsas_log(mpt, CE_WARN, "mpt_sas driver "
14056 				    "unable to set obp-path for object %s",
14057 				    component);
14058 				mdi_rtn = MDI_FAILURE;
14059 				goto virt_create_done;
14060 			}
14061 		}
14062 
14063 		*lun_dip = MDI_PI(*pip)->pi_client->ct_dip;
14064 		if (devinfo & (MPI2_SAS_DEVICE_INFO_SATA_DEVICE |
14065 		    MPI2_SAS_DEVICE_INFO_ATAPI_DEVICE)) {
14066 			if ((ndi_prop_update_int(DDI_DEV_T_NONE, *lun_dip,
14067 			    "pm-capable", 1)) !=
14068 			    DDI_PROP_SUCCESS) {
14069 				mptsas_log(mpt, CE_WARN, "mptsas driver"
14070 				    "failed to create pm-capable "
14071 				    "property, target %d", target);
14072 				mdi_rtn = MDI_FAILURE;
14073 				goto virt_create_done;
14074 			}
14075 		}
14076 		/*
14077 		 * Create the phy-num property
14078 		 */
14079 		if (mdi_prop_update_int(*pip, "phy-num",
14080 		    ptgt->m_phynum) != DDI_SUCCESS) {
14081 			mptsas_log(mpt, CE_WARN, "mptsas driver unable to "
14082 			    "create phy-num property for target %d lun %d",
14083 			    target, lun);
14084 			mdi_rtn = MDI_FAILURE;
14085 			goto virt_create_done;
14086 		}
14087 		NDBG20(("new path:%s onlining,", MDI_PI(*pip)->pi_addr));
14088 		mdi_rtn = mdi_pi_online(*pip, 0);
14089 		if (mdi_rtn == MDI_SUCCESS) {
14090 			mutex_enter(&mpt->m_mutex);
14091 			if (mptsas_set_led_status(mpt, ptgt, 0) !=
14092 			    DDI_SUCCESS) {
14093 				NDBG14(("mptsas: clear LED for slot %x "
14094 				    "failed", ptgt->m_slot_num));
14095 			}
14096 			mutex_exit(&mpt->m_mutex);
14097 		}
14098 		if (mdi_rtn == MDI_NOT_SUPPORTED) {
14099 			mdi_rtn = MDI_FAILURE;
14100 		}
14101 virt_create_done:
14102 		if (*pip && mdi_rtn != MDI_SUCCESS) {
14103 			(void) mdi_pi_free(*pip, 0);
14104 			*pip = NULL;
14105 			*lun_dip = NULL;
14106 		}
14107 	}
14108 
14109 	scsi_hba_nodename_compatible_free(nodename, compatible);
14110 	if (lun_addr != NULL) {
14111 		kmem_free(lun_addr, SCSI_MAXNAMELEN);
14112 	}
14113 	if (wwn_str != NULL) {
14114 		kmem_free(wwn_str, MPTSAS_WWN_STRLEN);
14115 	}
14116 	if (component != NULL) {
14117 		kmem_free(component, MAXPATHLEN);
14118 	}
14119 
14120 	return ((mdi_rtn == MDI_SUCCESS) ? DDI_SUCCESS : DDI_FAILURE);
14121 }
14122 
14123 static int
14124 mptsas_create_phys_lun(dev_info_t *pdip, struct scsi_inquiry *inq,
14125     char *guid, dev_info_t **lun_dip, mptsas_target_t *ptgt, int lun)
14126 {
14127 	int			target;
14128 	int			rval;
14129 	int			ndi_rtn = NDI_FAILURE;
14130 	uint64_t		be_sas_wwn;
14131 	char			*nodename = NULL;
14132 	char			**compatible = NULL;
14133 	int			ncompatible = 0;
14134 	int			instance = 0;
14135 	mptsas_t		*mpt = DIP2MPT(pdip);
14136 	char			*wwn_str = NULL;
14137 	char			*component = NULL;
14138 	char			*attached_wwn_str = NULL;
14139 	uint8_t			phy = 0xFF;
14140 	uint64_t		sas_wwn;
14141 	uint32_t		devinfo;
14142 	uint16_t		dev_hdl;
14143 	uint16_t		pdev_hdl;
14144 	uint64_t		pdev_sas_wwn;
14145 	uint64_t		dev_sas_wwn;
14146 	uint32_t		pdev_info;
14147 	uint8_t			physport;
14148 	uint8_t			phy_id;
14149 	uint32_t		page_address;
14150 	uint16_t		bay_num, enclosure;
14151 	char			pdev_wwn_str[MPTSAS_WWN_STRLEN];
14152 	uint32_t		dev_info;
14153 	int64_t			lun64 = 0;
14154 
14155 	mutex_enter(&mpt->m_mutex);
14156 	target = ptgt->m_devhdl;
14157 	sas_wwn = ptgt->m_sas_wwn;
14158 	devinfo = ptgt->m_deviceinfo;
14159 	phy = ptgt->m_phynum;
14160 	mutex_exit(&mpt->m_mutex);
14161 
14162 	/*
14163 	 * generate compatible property with binding-set "mpt"
14164 	 */
14165 	scsi_hba_nodename_compatible_get(inq, NULL, inq->inq_dtype, NULL,
14166 	    &nodename, &compatible, &ncompatible);
14167 
14168 	/*
14169 	 * if nodename can't be determined then print a message and skip it
14170 	 */
14171 	if (nodename == NULL) {
14172 		mptsas_log(mpt, CE_WARN, "mptsas found no compatible driver "
14173 		    "for target %d lun %d", target, lun);
14174 		return (DDI_FAILURE);
14175 	}
14176 
14177 	ndi_rtn = ndi_devi_alloc(pdip, nodename,
14178 	    DEVI_SID_NODEID, lun_dip);
14179 
14180 	/*
14181 	 * if lun alloc success, set props
14182 	 */
14183 	if (ndi_rtn == NDI_SUCCESS) {
14184 
14185 		if (ndi_prop_update_int(DDI_DEV_T_NONE,
14186 		    *lun_dip, LUN_PROP, lun) !=
14187 		    DDI_PROP_SUCCESS) {
14188 			mptsas_log(mpt, CE_WARN, "mptsas unable to create "
14189 			    "property for target %d lun %d (LUN_PROP)",
14190 			    target, lun);
14191 			ndi_rtn = NDI_FAILURE;
14192 			goto phys_create_done;
14193 		}
14194 
14195 		lun64 = (int64_t)lun;
14196 		if (ndi_prop_update_int64(DDI_DEV_T_NONE,
14197 		    *lun_dip, LUN64_PROP, lun64) !=
14198 		    DDI_PROP_SUCCESS) {
14199 			mptsas_log(mpt, CE_WARN, "mptsas unable to create "
14200 			    "property for target %d lun64 %d (LUN64_PROP)",
14201 			    target, lun);
14202 			ndi_rtn = NDI_FAILURE;
14203 			goto phys_create_done;
14204 		}
14205 		if (ndi_prop_update_string_array(DDI_DEV_T_NONE,
14206 		    *lun_dip, "compatible", compatible, ncompatible)
14207 		    != DDI_PROP_SUCCESS) {
14208 			mptsas_log(mpt, CE_WARN, "mptsas unable to create "
14209 			    "property for target %d lun %d (COMPATIBLE)",
14210 			    target, lun);
14211 			ndi_rtn = NDI_FAILURE;
14212 			goto phys_create_done;
14213 		}
14214 
14215 		/*
14216 		 * We need the SAS WWN for non-multipath devices, so
14217 		 * we'll use the same property as that multipathing
14218 		 * devices need to present for MPAPI. If we don't have
14219 		 * a WWN (e.g. parallel SCSI), don't create the prop.
14220 		 */
14221 		wwn_str = kmem_zalloc(MPTSAS_WWN_STRLEN, KM_SLEEP);
14222 		(void) sprintf(wwn_str, "w%016"PRIx64, sas_wwn);
14223 		if (sas_wwn && ndi_prop_update_string(DDI_DEV_T_NONE,
14224 		    *lun_dip, SCSI_ADDR_PROP_TARGET_PORT, wwn_str)
14225 		    != DDI_PROP_SUCCESS) {
14226 			mptsas_log(mpt, CE_WARN, "mptsas unable to "
14227 			    "create property for SAS target %d lun %d "
14228 			    "(target-port)", target, lun);
14229 			ndi_rtn = NDI_FAILURE;
14230 			goto phys_create_done;
14231 		}
14232 
14233 		be_sas_wwn = BE_64(sas_wwn);
14234 		if (sas_wwn && ndi_prop_update_byte_array(
14235 		    DDI_DEV_T_NONE, *lun_dip, "port-wwn",
14236 		    (uchar_t *)&be_sas_wwn, 8) != DDI_PROP_SUCCESS) {
14237 			mptsas_log(mpt, CE_WARN, "mptsas unable to "
14238 			    "create property for SAS target %d lun %d "
14239 			    "(port-wwn)", target, lun);
14240 			ndi_rtn = NDI_FAILURE;
14241 			goto phys_create_done;
14242 		} else if ((sas_wwn == 0) && (ndi_prop_update_int(
14243 		    DDI_DEV_T_NONE, *lun_dip, "sata-phy", phy) !=
14244 		    DDI_PROP_SUCCESS)) {
14245 			/*
14246 			 * Direct attached SATA device without DeviceName
14247 			 */
14248 			mptsas_log(mpt, CE_WARN, "mptsas unable to "
14249 			    "create property for SAS target %d lun %d "
14250 			    "(sata-phy)", target, lun);
14251 			ndi_rtn = NDI_FAILURE;
14252 			goto phys_create_done;
14253 		}
14254 
14255 		if (ndi_prop_create_boolean(DDI_DEV_T_NONE,
14256 		    *lun_dip, SAS_PROP) != DDI_PROP_SUCCESS) {
14257 			mptsas_log(mpt, CE_WARN, "mptsas unable to"
14258 			    "create property for SAS target %d lun %d"
14259 			    " (SAS_PROP)", target, lun);
14260 			ndi_rtn = NDI_FAILURE;
14261 			goto phys_create_done;
14262 		}
14263 		if (guid && (ndi_prop_update_string(DDI_DEV_T_NONE,
14264 		    *lun_dip, NDI_GUID, guid) != DDI_SUCCESS)) {
14265 			mptsas_log(mpt, CE_WARN, "mptsas unable "
14266 			    "to create guid property for target %d "
14267 			    "lun %d", target, lun);
14268 			ndi_rtn = NDI_FAILURE;
14269 			goto phys_create_done;
14270 		}
14271 
14272 		/*
14273 		 * The following code is to set properties for SM-HBA support,
14274 		 * it doesn't apply to RAID volumes
14275 		 */
14276 		if (ptgt->m_phymask == 0)
14277 			goto phys_raid_lun;
14278 
14279 		mutex_enter(&mpt->m_mutex);
14280 
14281 		page_address = (MPI2_SAS_DEVICE_PGAD_FORM_HANDLE &
14282 		    MPI2_SAS_DEVICE_PGAD_FORM_MASK) |
14283 		    (uint32_t)ptgt->m_devhdl;
14284 		rval = mptsas_get_sas_device_page0(mpt, page_address,
14285 		    &dev_hdl, &dev_sas_wwn, &dev_info,
14286 		    &physport, &phy_id, &pdev_hdl,
14287 		    &bay_num, &enclosure);
14288 		if (rval != DDI_SUCCESS) {
14289 			mutex_exit(&mpt->m_mutex);
14290 			mptsas_log(mpt, CE_WARN, "mptsas unable to get"
14291 			    "parent device for handle %d.", page_address);
14292 			ndi_rtn = NDI_FAILURE;
14293 			goto phys_create_done;
14294 		}
14295 
14296 		page_address = (MPI2_SAS_DEVICE_PGAD_FORM_HANDLE &
14297 		    MPI2_SAS_DEVICE_PGAD_FORM_MASK) | (uint32_t)pdev_hdl;
14298 		rval = mptsas_get_sas_device_page0(mpt, page_address,
14299 		    &dev_hdl, &pdev_sas_wwn, &pdev_info,
14300 		    &physport, &phy_id, &pdev_hdl, &bay_num, &enclosure);
14301 		if (rval != DDI_SUCCESS) {
14302 			mutex_exit(&mpt->m_mutex);
14303 			mptsas_log(mpt, CE_WARN, "mptsas unable to create "
14304 			    "device for handle %d.", page_address);
14305 			ndi_rtn = NDI_FAILURE;
14306 			goto phys_create_done;
14307 		}
14308 
14309 		mutex_exit(&mpt->m_mutex);
14310 
14311 		/*
14312 		 * If this device direct attached to the controller
14313 		 * set the attached-port to the base wwid
14314 		 */
14315 		if ((ptgt->m_deviceinfo & DEVINFO_DIRECT_ATTACHED)
14316 		    != DEVINFO_DIRECT_ATTACHED) {
14317 			(void) sprintf(pdev_wwn_str, "w%016"PRIx64,
14318 			    pdev_sas_wwn);
14319 		} else {
14320 			/*
14321 			 * Update the iport's attached-port to guid
14322 			 */
14323 			if (sas_wwn == 0) {
14324 				(void) sprintf(wwn_str, "p%x", phy);
14325 			} else {
14326 				(void) sprintf(wwn_str, "w%016"PRIx64, sas_wwn);
14327 			}
14328 			if (ddi_prop_update_string(DDI_DEV_T_NONE,
14329 			    pdip, SCSI_ADDR_PROP_ATTACHED_PORT, wwn_str) !=
14330 			    DDI_PROP_SUCCESS) {
14331 				mptsas_log(mpt, CE_WARN,
14332 				    "mptsas unable to create "
14333 				    "property for iport target-port"
14334 				    " %s (sas_wwn)",
14335 				    wwn_str);
14336 				ndi_rtn = NDI_FAILURE;
14337 				goto phys_create_done;
14338 			}
14339 
14340 			(void) sprintf(pdev_wwn_str, "w%016"PRIx64,
14341 			    mpt->un.m_base_wwid);
14342 		}
14343 
14344 		if (ndi_prop_update_string(DDI_DEV_T_NONE,
14345 		    *lun_dip, SCSI_ADDR_PROP_ATTACHED_PORT, pdev_wwn_str) !=
14346 		    DDI_PROP_SUCCESS) {
14347 			mptsas_log(mpt, CE_WARN,
14348 			    "mptsas unable to create "
14349 			    "property for iport attached-port %s (sas_wwn)",
14350 			    attached_wwn_str);
14351 			ndi_rtn = NDI_FAILURE;
14352 			goto phys_create_done;
14353 		}
14354 
14355 		if (IS_ATAPI_DEVICE(dev_info)) {
14356 			if (ndi_prop_update_string(DDI_DEV_T_NONE,
14357 			    *lun_dip, MPTSAS_VARIANT, "atapi") !=
14358 			    DDI_PROP_SUCCESS) {
14359 				mptsas_log(mpt, CE_WARN,
14360 				    "mptsas unable to create "
14361 				    "property for device variant ");
14362 				ndi_rtn = NDI_FAILURE;
14363 				goto phys_create_done;
14364 			}
14365 		}
14366 
14367 		if (IS_SATA_DEVICE(dev_info)) {
14368 			if (ndi_prop_update_string(DDI_DEV_T_NONE,
14369 			    *lun_dip, MPTSAS_VARIANT, "sata") !=
14370 			    DDI_PROP_SUCCESS) {
14371 				mptsas_log(mpt, CE_WARN,
14372 				    "mptsas unable to create "
14373 				    "property for device variant ");
14374 				ndi_rtn = NDI_FAILURE;
14375 				goto phys_create_done;
14376 			}
14377 		}
14378 phys_raid_lun:
14379 		/*
14380 		 * if this is a SAS controller, and the target is a SATA
14381 		 * drive, set the 'pm-capable' property for sd and if on
14382 		 * an OPL platform, also check if this is an ATAPI
14383 		 * device.
14384 		 */
14385 		instance = ddi_get_instance(mpt->m_dip);
14386 		if (devinfo & (MPI2_SAS_DEVICE_INFO_SATA_DEVICE |
14387 		    MPI2_SAS_DEVICE_INFO_ATAPI_DEVICE)) {
14388 			NDBG2(("mptsas%d: creating pm-capable property, "
14389 			    "target %d", instance, target));
14390 
14391 			if ((ndi_prop_update_int(DDI_DEV_T_NONE,
14392 			    *lun_dip, "pm-capable", 1)) !=
14393 			    DDI_PROP_SUCCESS) {
14394 				mptsas_log(mpt, CE_WARN, "mptsas "
14395 				    "failed to create pm-capable "
14396 				    "property, target %d", target);
14397 				ndi_rtn = NDI_FAILURE;
14398 				goto phys_create_done;
14399 			}
14400 
14401 		}
14402 
14403 		if ((inq->inq_dtype == 0) || (inq->inq_dtype == 5)) {
14404 			/*
14405 			 * add 'obp-path' properties for devinfo
14406 			 */
14407 			bzero(wwn_str, sizeof (wwn_str));
14408 			(void) sprintf(wwn_str, "%016"PRIx64, sas_wwn);
14409 			component = kmem_zalloc(MAXPATHLEN, KM_SLEEP);
14410 			if (guid) {
14411 				(void) snprintf(component, MAXPATHLEN,
14412 				    "disk@w%s,%x", wwn_str, lun);
14413 			} else {
14414 				(void) snprintf(component, MAXPATHLEN,
14415 				    "disk@p%x,%x", phy, lun);
14416 			}
14417 			if (ddi_pathname_obp_set(*lun_dip, component)
14418 			    != DDI_SUCCESS) {
14419 				mptsas_log(mpt, CE_WARN, "mpt_sas driver "
14420 				    "unable to set obp-path for SAS "
14421 				    "object %s", component);
14422 				ndi_rtn = NDI_FAILURE;
14423 				goto phys_create_done;
14424 			}
14425 		}
14426 		/*
14427 		 * Create the phy-num property for non-raid disk
14428 		 */
14429 		if (ptgt->m_phymask != 0) {
14430 			if (ndi_prop_update_int(DDI_DEV_T_NONE,
14431 			    *lun_dip, "phy-num", ptgt->m_phynum) !=
14432 			    DDI_PROP_SUCCESS) {
14433 				mptsas_log(mpt, CE_WARN, "mptsas driver "
14434 				    "failed to create phy-num property for "
14435 				    "target %d", target);
14436 				ndi_rtn = NDI_FAILURE;
14437 				goto phys_create_done;
14438 			}
14439 		}
14440 phys_create_done:
14441 		/*
14442 		 * If props were setup ok, online the lun
14443 		 */
14444 		if (ndi_rtn == NDI_SUCCESS) {
14445 			/*
14446 			 * Try to online the new node
14447 			 */
14448 			ndi_rtn = ndi_devi_online(*lun_dip, NDI_ONLINE_ATTACH);
14449 		}
14450 		if (ndi_rtn == NDI_SUCCESS) {
14451 			mutex_enter(&mpt->m_mutex);
14452 			if (mptsas_set_led_status(mpt, ptgt, 0) !=
14453 			    DDI_SUCCESS) {
14454 				NDBG14(("mptsas: clear LED for tgt %x "
14455 				    "failed", ptgt->m_slot_num));
14456 			}
14457 			mutex_exit(&mpt->m_mutex);
14458 		}
14459 
14460 		/*
14461 		 * If success set rtn flag, else unwire alloc'd lun
14462 		 */
14463 		if (ndi_rtn != NDI_SUCCESS) {
14464 			NDBG12(("mptsas driver unable to online "
14465 			    "target %d lun %d", target, lun));
14466 			ndi_prop_remove_all(*lun_dip);
14467 			(void) ndi_devi_free(*lun_dip);
14468 			*lun_dip = NULL;
14469 		}
14470 	}
14471 
14472 	scsi_hba_nodename_compatible_free(nodename, compatible);
14473 
14474 	if (wwn_str != NULL) {
14475 		kmem_free(wwn_str, MPTSAS_WWN_STRLEN);
14476 	}
14477 	if (component != NULL) {
14478 		kmem_free(component, MAXPATHLEN);
14479 	}
14480 
14481 
14482 	return ((ndi_rtn == NDI_SUCCESS) ? DDI_SUCCESS : DDI_FAILURE);
14483 }
14484 
14485 static int
14486 mptsas_probe_smp(dev_info_t *pdip, uint64_t wwn)
14487 {
14488 	mptsas_t	*mpt = DIP2MPT(pdip);
14489 	struct smp_device smp_sd;
14490 
14491 	/* XXX An HBA driver should not be allocating an smp_device. */
14492 	bzero(&smp_sd, sizeof (struct smp_device));
14493 	smp_sd.smp_sd_address.smp_a_hba_tran = mpt->m_smptran;
14494 	bcopy(&wwn, smp_sd.smp_sd_address.smp_a_wwn, SAS_WWN_BYTE_SIZE);
14495 
14496 	if (smp_probe(&smp_sd) != DDI_PROBE_SUCCESS)
14497 		return (NDI_FAILURE);
14498 	return (NDI_SUCCESS);
14499 }
14500 
14501 static int
14502 mptsas_config_smp(dev_info_t *pdip, uint64_t sas_wwn, dev_info_t **smp_dip)
14503 {
14504 	mptsas_t	*mpt = DIP2MPT(pdip);
14505 	mptsas_smp_t	*psmp = NULL;
14506 	int		rval;
14507 	int		phymask;
14508 
14509 	/*
14510 	 * Get the physical port associated to the iport
14511 	 * PHYMASK TODO
14512 	 */
14513 	phymask = ddi_prop_get_int(DDI_DEV_T_ANY, pdip, 0,
14514 	    "phymask", 0);
14515 	/*
14516 	 * Find the smp node in hash table with specified sas address and
14517 	 * physical port
14518 	 */
14519 	psmp = mptsas_wwid_to_psmp(mpt, phymask, sas_wwn);
14520 	if (psmp == NULL) {
14521 		return (DDI_FAILURE);
14522 	}
14523 
14524 	rval = mptsas_online_smp(pdip, psmp, smp_dip);
14525 
14526 	return (rval);
14527 }
14528 
14529 static int
14530 mptsas_online_smp(dev_info_t *pdip, mptsas_smp_t *smp_node,
14531     dev_info_t **smp_dip)
14532 {
14533 	char		wwn_str[MPTSAS_WWN_STRLEN];
14534 	char		attached_wwn_str[MPTSAS_WWN_STRLEN];
14535 	int		ndi_rtn = NDI_FAILURE;
14536 	int		rval = 0;
14537 	mptsas_smp_t	dev_info;
14538 	uint32_t	page_address;
14539 	mptsas_t	*mpt = DIP2MPT(pdip);
14540 	uint16_t	dev_hdl;
14541 	uint64_t	sas_wwn;
14542 	uint64_t	smp_sas_wwn;
14543 	uint8_t		physport;
14544 	uint8_t		phy_id;
14545 	uint16_t	pdev_hdl;
14546 	uint8_t		numphys = 0;
14547 	uint16_t	i = 0;
14548 	char		phymask[MPTSAS_MAX_PHYS];
14549 	char		*iport = NULL;
14550 	mptsas_phymask_t	phy_mask = 0;
14551 	uint16_t	attached_devhdl;
14552 	uint16_t	bay_num, enclosure;
14553 
14554 	(void) sprintf(wwn_str, "%"PRIx64, smp_node->m_sasaddr);
14555 
14556 	/*
14557 	 * Probe smp device, prevent the node of removed device from being
14558 	 * configured succesfully
14559 	 */
14560 	if (mptsas_probe_smp(pdip, smp_node->m_sasaddr) != NDI_SUCCESS) {
14561 		return (DDI_FAILURE);
14562 	}
14563 
14564 	if ((*smp_dip = mptsas_find_smp_child(pdip, wwn_str)) != NULL) {
14565 		return (DDI_SUCCESS);
14566 	}
14567 
14568 	ndi_rtn = ndi_devi_alloc(pdip, "smp", DEVI_SID_NODEID, smp_dip);
14569 
14570 	/*
14571 	 * if lun alloc success, set props
14572 	 */
14573 	if (ndi_rtn == NDI_SUCCESS) {
14574 		/*
14575 		 * Set the flavor of the child to be SMP flavored
14576 		 */
14577 		ndi_flavor_set(*smp_dip, SCSA_FLAVOR_SMP);
14578 
14579 		if (ndi_prop_update_string(DDI_DEV_T_NONE,
14580 		    *smp_dip, SMP_WWN, wwn_str) !=
14581 		    DDI_PROP_SUCCESS) {
14582 			mptsas_log(mpt, CE_WARN, "mptsas unable to create "
14583 			    "property for smp device %s (sas_wwn)",
14584 			    wwn_str);
14585 			ndi_rtn = NDI_FAILURE;
14586 			goto smp_create_done;
14587 		}
14588 		(void) sprintf(wwn_str, "w%"PRIx64, smp_node->m_sasaddr);
14589 		if (ndi_prop_update_string(DDI_DEV_T_NONE,
14590 		    *smp_dip, SCSI_ADDR_PROP_TARGET_PORT, wwn_str) !=
14591 		    DDI_PROP_SUCCESS) {
14592 			mptsas_log(mpt, CE_WARN, "mptsas unable to create "
14593 			    "property for iport target-port %s (sas_wwn)",
14594 			    wwn_str);
14595 			ndi_rtn = NDI_FAILURE;
14596 			goto smp_create_done;
14597 		}
14598 
14599 		mutex_enter(&mpt->m_mutex);
14600 
14601 		page_address = (MPI2_SAS_EXPAND_PGAD_FORM_HNDL &
14602 		    MPI2_SAS_EXPAND_PGAD_FORM_MASK) | smp_node->m_devhdl;
14603 		rval = mptsas_get_sas_expander_page0(mpt, page_address,
14604 		    &dev_info);
14605 		if (rval != DDI_SUCCESS) {
14606 			mutex_exit(&mpt->m_mutex);
14607 			mptsas_log(mpt, CE_WARN,
14608 			    "mptsas unable to get expander "
14609 			    "parent device info for %x", page_address);
14610 			ndi_rtn = NDI_FAILURE;
14611 			goto smp_create_done;
14612 		}
14613 
14614 		smp_node->m_pdevhdl = dev_info.m_pdevhdl;
14615 		page_address = (MPI2_SAS_DEVICE_PGAD_FORM_HANDLE &
14616 		    MPI2_SAS_DEVICE_PGAD_FORM_MASK) |
14617 		    (uint32_t)dev_info.m_pdevhdl;
14618 		rval = mptsas_get_sas_device_page0(mpt, page_address,
14619 		    &dev_hdl, &sas_wwn, &smp_node->m_pdevinfo,
14620 		    &physport, &phy_id, &pdev_hdl, &bay_num, &enclosure);
14621 		if (rval != DDI_SUCCESS) {
14622 			mutex_exit(&mpt->m_mutex);
14623 			mptsas_log(mpt, CE_WARN, "mptsas unable to get "
14624 			    "device info for %x", page_address);
14625 			ndi_rtn = NDI_FAILURE;
14626 			goto smp_create_done;
14627 		}
14628 
14629 		page_address = (MPI2_SAS_DEVICE_PGAD_FORM_HANDLE &
14630 		    MPI2_SAS_DEVICE_PGAD_FORM_MASK) |
14631 		    (uint32_t)dev_info.m_devhdl;
14632 		rval = mptsas_get_sas_device_page0(mpt, page_address,
14633 		    &dev_hdl, &smp_sas_wwn, &smp_node->m_deviceinfo,
14634 		    &physport, &phy_id, &pdev_hdl, &bay_num, &enclosure);
14635 		if (rval != DDI_SUCCESS) {
14636 			mutex_exit(&mpt->m_mutex);
14637 			mptsas_log(mpt, CE_WARN, "mptsas unable to get "
14638 			    "device info for %x", page_address);
14639 			ndi_rtn = NDI_FAILURE;
14640 			goto smp_create_done;
14641 		}
14642 		mutex_exit(&mpt->m_mutex);
14643 
14644 		/*
14645 		 * If this smp direct attached to the controller
14646 		 * set the attached-port to the base wwid
14647 		 */
14648 		if ((smp_node->m_deviceinfo & DEVINFO_DIRECT_ATTACHED)
14649 		    != DEVINFO_DIRECT_ATTACHED) {
14650 			(void) sprintf(attached_wwn_str, "w%016"PRIx64,
14651 			    sas_wwn);
14652 		} else {
14653 			(void) sprintf(attached_wwn_str, "w%016"PRIx64,
14654 			    mpt->un.m_base_wwid);
14655 		}
14656 
14657 		if (ndi_prop_update_string(DDI_DEV_T_NONE,
14658 		    *smp_dip, SCSI_ADDR_PROP_ATTACHED_PORT, attached_wwn_str) !=
14659 		    DDI_PROP_SUCCESS) {
14660 			mptsas_log(mpt, CE_WARN, "mptsas unable to create "
14661 			    "property for smp attached-port %s (sas_wwn)",
14662 			    attached_wwn_str);
14663 			ndi_rtn = NDI_FAILURE;
14664 			goto smp_create_done;
14665 		}
14666 
14667 		if (ndi_prop_create_boolean(DDI_DEV_T_NONE,
14668 		    *smp_dip, SMP_PROP) != DDI_PROP_SUCCESS) {
14669 			mptsas_log(mpt, CE_WARN, "mptsas unable to "
14670 			    "create property for SMP %s (SMP_PROP) ",
14671 			    wwn_str);
14672 			ndi_rtn = NDI_FAILURE;
14673 			goto smp_create_done;
14674 		}
14675 
14676 		/*
14677 		 * check the smp to see whether it direct
14678 		 * attached to the controller
14679 		 */
14680 		if ((smp_node->m_deviceinfo & DEVINFO_DIRECT_ATTACHED)
14681 		    != DEVINFO_DIRECT_ATTACHED) {
14682 			goto smp_create_done;
14683 		}
14684 		numphys = ddi_prop_get_int(DDI_DEV_T_ANY, pdip,
14685 		    DDI_PROP_DONTPASS, MPTSAS_NUM_PHYS, -1);
14686 		if (numphys > 0) {
14687 			goto smp_create_done;
14688 		}
14689 		/*
14690 		 * this iport is an old iport, we need to
14691 		 * reconfig the props for it.
14692 		 */
14693 		if (ddi_prop_update_int(DDI_DEV_T_NONE, pdip,
14694 		    MPTSAS_VIRTUAL_PORT, 0) !=
14695 		    DDI_PROP_SUCCESS) {
14696 			(void) ddi_prop_remove(DDI_DEV_T_NONE, pdip,
14697 			    MPTSAS_VIRTUAL_PORT);
14698 			mptsas_log(mpt, CE_WARN, "mptsas virtual port "
14699 			    "prop update failed");
14700 			goto smp_create_done;
14701 		}
14702 
14703 		mutex_enter(&mpt->m_mutex);
14704 		numphys = 0;
14705 		iport = ddi_get_name_addr(pdip);
14706 		for (i = 0; i < MPTSAS_MAX_PHYS; i++) {
14707 			bzero(phymask, sizeof (phymask));
14708 			(void) sprintf(phymask,
14709 			    "%x", mpt->m_phy_info[i].phy_mask);
14710 			if (strcmp(phymask, iport) == 0) {
14711 				phy_mask = mpt->m_phy_info[i].phy_mask;
14712 				break;
14713 			}
14714 		}
14715 
14716 		for (i = 0; i < MPTSAS_MAX_PHYS; i++) {
14717 			if ((phy_mask >> i) & 0x01) {
14718 				numphys++;
14719 			}
14720 		}
14721 		/*
14722 		 * Update PHY info for smhba
14723 		 */
14724 		if (mptsas_smhba_phy_init(mpt)) {
14725 			mutex_exit(&mpt->m_mutex);
14726 			mptsas_log(mpt, CE_WARN, "mptsas phy update "
14727 			    "failed");
14728 			goto smp_create_done;
14729 		}
14730 		mutex_exit(&mpt->m_mutex);
14731 
14732 		mptsas_smhba_set_phy_props(mpt, iport, pdip,
14733 		    numphys, &attached_devhdl);
14734 
14735 		if (ddi_prop_update_int(DDI_DEV_T_NONE, pdip,
14736 		    MPTSAS_NUM_PHYS, numphys) !=
14737 		    DDI_PROP_SUCCESS) {
14738 			(void) ddi_prop_remove(DDI_DEV_T_NONE, pdip,
14739 			    MPTSAS_NUM_PHYS);
14740 			mptsas_log(mpt, CE_WARN, "mptsas update "
14741 			    "num phys props failed");
14742 			goto smp_create_done;
14743 		}
14744 		/*
14745 		 * Add parent's props for SMHBA support
14746 		 */
14747 		if (ddi_prop_update_string(DDI_DEV_T_NONE, pdip,
14748 		    SCSI_ADDR_PROP_ATTACHED_PORT, wwn_str) !=
14749 		    DDI_PROP_SUCCESS) {
14750 			(void) ddi_prop_remove(DDI_DEV_T_NONE, pdip,
14751 			    SCSI_ADDR_PROP_ATTACHED_PORT);
14752 			mptsas_log(mpt, CE_WARN, "mptsas update iport"
14753 			    "attached-port failed");
14754 			goto smp_create_done;
14755 		}
14756 
14757 smp_create_done:
14758 		/*
14759 		 * If props were setup ok, online the lun
14760 		 */
14761 		if (ndi_rtn == NDI_SUCCESS) {
14762 			/*
14763 			 * Try to online the new node
14764 			 */
14765 			ndi_rtn = ndi_devi_online(*smp_dip, NDI_ONLINE_ATTACH);
14766 		}
14767 
14768 		/*
14769 		 * If success set rtn flag, else unwire alloc'd lun
14770 		 */
14771 		if (ndi_rtn != NDI_SUCCESS) {
14772 			NDBG12(("mptsas unable to online "
14773 			    "SMP target %s", wwn_str));
14774 			ndi_prop_remove_all(*smp_dip);
14775 			(void) ndi_devi_free(*smp_dip);
14776 		}
14777 	}
14778 
14779 	return ((ndi_rtn == NDI_SUCCESS) ? DDI_SUCCESS : DDI_FAILURE);
14780 }
14781 
14782 /* smp transport routine */
14783 static int mptsas_smp_start(struct smp_pkt *smp_pkt)
14784 {
14785 	uint64_t			wwn;
14786 	Mpi2SmpPassthroughRequest_t	req;
14787 	Mpi2SmpPassthroughReply_t	rep;
14788 	uint32_t			direction = 0;
14789 	mptsas_t			*mpt;
14790 	int				ret;
14791 	uint64_t			tmp64;
14792 
14793 	mpt = (mptsas_t *)smp_pkt->smp_pkt_address->
14794 	    smp_a_hba_tran->smp_tran_hba_private;
14795 
14796 	bcopy(smp_pkt->smp_pkt_address->smp_a_wwn, &wwn, SAS_WWN_BYTE_SIZE);
14797 	/*
14798 	 * Need to compose a SMP request message
14799 	 * and call mptsas_do_passthru() function
14800 	 */
14801 	bzero(&req, sizeof (req));
14802 	bzero(&rep, sizeof (rep));
14803 	req.PassthroughFlags = 0;
14804 	req.PhysicalPort = 0xff;
14805 	req.ChainOffset = 0;
14806 	req.Function = MPI2_FUNCTION_SMP_PASSTHROUGH;
14807 
14808 	if ((smp_pkt->smp_pkt_reqsize & 0xffff0000ul) != 0) {
14809 		smp_pkt->smp_pkt_reason = ERANGE;
14810 		return (DDI_FAILURE);
14811 	}
14812 	req.RequestDataLength = LE_16((uint16_t)(smp_pkt->smp_pkt_reqsize - 4));
14813 
14814 	req.MsgFlags = 0;
14815 	tmp64 = LE_64(wwn);
14816 	bcopy(&tmp64, &req.SASAddress, SAS_WWN_BYTE_SIZE);
14817 	if (smp_pkt->smp_pkt_rspsize > 0) {
14818 		direction |= MPTSAS_PASS_THRU_DIRECTION_READ;
14819 	}
14820 	if (smp_pkt->smp_pkt_reqsize > 0) {
14821 		direction |= MPTSAS_PASS_THRU_DIRECTION_WRITE;
14822 	}
14823 
14824 	mutex_enter(&mpt->m_mutex);
14825 	ret = mptsas_do_passthru(mpt, (uint8_t *)&req, (uint8_t *)&rep,
14826 	    (uint8_t *)smp_pkt->smp_pkt_rsp,
14827 	    offsetof(Mpi2SmpPassthroughRequest_t, SGL), sizeof (rep),
14828 	    smp_pkt->smp_pkt_rspsize - 4, direction,
14829 	    (uint8_t *)smp_pkt->smp_pkt_req, smp_pkt->smp_pkt_reqsize - 4,
14830 	    smp_pkt->smp_pkt_timeout, FKIOCTL);
14831 	mutex_exit(&mpt->m_mutex);
14832 	if (ret != 0) {
14833 		cmn_err(CE_WARN, "smp_start do passthru error %d", ret);
14834 		smp_pkt->smp_pkt_reason = (uchar_t)(ret);
14835 		return (DDI_FAILURE);
14836 	}
14837 	/* do passthrough success, check the smp status */
14838 	if (LE_16(rep.IOCStatus) != MPI2_IOCSTATUS_SUCCESS) {
14839 		switch (LE_16(rep.IOCStatus)) {
14840 		case MPI2_IOCSTATUS_SCSI_DEVICE_NOT_THERE:
14841 			smp_pkt->smp_pkt_reason = ENODEV;
14842 			break;
14843 		case MPI2_IOCSTATUS_SAS_SMP_DATA_OVERRUN:
14844 			smp_pkt->smp_pkt_reason = EOVERFLOW;
14845 			break;
14846 		case MPI2_IOCSTATUS_SAS_SMP_REQUEST_FAILED:
14847 			smp_pkt->smp_pkt_reason = EIO;
14848 			break;
14849 		default:
14850 			mptsas_log(mpt, CE_NOTE, "smp_start: get unknown ioc"
14851 			    "status:%x", LE_16(rep.IOCStatus));
14852 			smp_pkt->smp_pkt_reason = EIO;
14853 			break;
14854 		}
14855 		return (DDI_FAILURE);
14856 	}
14857 	if (rep.SASStatus != MPI2_SASSTATUS_SUCCESS) {
14858 		mptsas_log(mpt, CE_NOTE, "smp_start: get error SAS status:%x",
14859 		    rep.SASStatus);
14860 		smp_pkt->smp_pkt_reason = EIO;
14861 		return (DDI_FAILURE);
14862 	}
14863 
14864 	return (DDI_SUCCESS);
14865 }
14866 
14867 /*
14868  * If we didn't get a match, we need to get sas page0 for each device, and
14869  * untill we get a match. If failed, return NULL
14870  */
14871 static mptsas_target_t *
14872 mptsas_phy_to_tgt(mptsas_t *mpt, int phymask, uint8_t phy)
14873 {
14874 	int		i, j = 0;
14875 	int		rval = 0;
14876 	uint16_t	cur_handle;
14877 	uint32_t	page_address;
14878 	mptsas_target_t	*ptgt = NULL;
14879 
14880 	/*
14881 	 * PHY named device must be direct attached and attaches to
14882 	 * narrow port, if the iport is not parent of the device which
14883 	 * we are looking for.
14884 	 */
14885 	for (i = 0; i < MPTSAS_MAX_PHYS; i++) {
14886 		if ((1 << i) & phymask)
14887 			j++;
14888 	}
14889 
14890 	if (j > 1)
14891 		return (NULL);
14892 
14893 	/*
14894 	 * Must be a narrow port and single device attached to the narrow port
14895 	 * So the physical port num of device  which is equal to the iport's
14896 	 * port num is the device what we are looking for.
14897 	 */
14898 
14899 	if (mpt->m_phy_info[phy].phy_mask != phymask)
14900 		return (NULL);
14901 
14902 	mutex_enter(&mpt->m_mutex);
14903 
14904 	ptgt = (mptsas_target_t *)mptsas_hash_traverse(&mpt->m_active->m_tgttbl,
14905 	    MPTSAS_HASH_FIRST);
14906 	while (ptgt != NULL) {
14907 			if ((ptgt->m_sas_wwn == 0) && (ptgt->m_phynum == phy)) {
14908 			mutex_exit(&mpt->m_mutex);
14909 			return (ptgt);
14910 		}
14911 
14912 		ptgt = (mptsas_target_t *)mptsas_hash_traverse(
14913 		    &mpt->m_active->m_tgttbl, MPTSAS_HASH_NEXT);
14914 	}
14915 
14916 	if (mpt->m_done_traverse_dev) {
14917 		mutex_exit(&mpt->m_mutex);
14918 		return (NULL);
14919 	}
14920 
14921 	/* If didn't get a match, come here */
14922 	cur_handle = mpt->m_dev_handle;
14923 	for (; ; ) {
14924 		ptgt = NULL;
14925 		page_address = (MPI2_SAS_DEVICE_PGAD_FORM_GET_NEXT_HANDLE &
14926 		    MPI2_SAS_DEVICE_PGAD_FORM_MASK) | (uint32_t)cur_handle;
14927 		rval = mptsas_get_target_device_info(mpt, page_address,
14928 		    &cur_handle, &ptgt);
14929 		if ((rval == DEV_INFO_FAIL_PAGE0) ||
14930 		    (rval == DEV_INFO_FAIL_ALLOC)) {
14931 			break;
14932 		}
14933 		if ((rval == DEV_INFO_WRONG_DEVICE_TYPE) ||
14934 		    (rval == DEV_INFO_PHYS_DISK)) {
14935 			continue;
14936 		}
14937 		mpt->m_dev_handle = cur_handle;
14938 
14939 		if ((ptgt->m_sas_wwn == 0) && (ptgt->m_phynum == phy)) {
14940 			break;
14941 		}
14942 	}
14943 
14944 	mutex_exit(&mpt->m_mutex);
14945 	return (ptgt);
14946 }
14947 
14948 /*
14949  * The ptgt->m_sas_wwn contains the wwid for each disk.
14950  * For Raid volumes, we need to check m_raidvol[x].m_raidwwid
14951  * If we didn't get a match, we need to get sas page0 for each device, and
14952  * untill we get a match
14953  * If failed, return NULL
14954  */
14955 static mptsas_target_t *
14956 mptsas_wwid_to_ptgt(mptsas_t *mpt, int phymask, uint64_t wwid)
14957 {
14958 	int		rval = 0;
14959 	uint16_t	cur_handle;
14960 	uint32_t	page_address;
14961 	mptsas_target_t	*tmp_tgt = NULL;
14962 
14963 	mutex_enter(&mpt->m_mutex);
14964 	tmp_tgt = (struct mptsas_target *)mptsas_hash_search(
14965 	    &mpt->m_active->m_tgttbl, wwid, phymask);
14966 	if (tmp_tgt != NULL) {
14967 		mutex_exit(&mpt->m_mutex);
14968 		return (tmp_tgt);
14969 	}
14970 
14971 	if (phymask == 0) {
14972 		/*
14973 		 * It's IR volume
14974 		 */
14975 		rval = mptsas_get_raid_info(mpt);
14976 		if (rval) {
14977 			tmp_tgt = (struct mptsas_target *)mptsas_hash_search(
14978 			    &mpt->m_active->m_tgttbl, wwid, phymask);
14979 		}
14980 		mutex_exit(&mpt->m_mutex);
14981 		return (tmp_tgt);
14982 	}
14983 
14984 	if (mpt->m_done_traverse_dev) {
14985 		mutex_exit(&mpt->m_mutex);
14986 		return (NULL);
14987 	}
14988 
14989 	/* If didn't get a match, come here */
14990 	cur_handle = mpt->m_dev_handle;
14991 	for (; ; ) {
14992 		tmp_tgt = NULL;
14993 		page_address = (MPI2_SAS_DEVICE_PGAD_FORM_GET_NEXT_HANDLE &
14994 		    MPI2_SAS_DEVICE_PGAD_FORM_MASK) | cur_handle;
14995 		rval = mptsas_get_target_device_info(mpt, page_address,
14996 		    &cur_handle, &tmp_tgt);
14997 		if ((rval == DEV_INFO_FAIL_PAGE0) ||
14998 		    (rval == DEV_INFO_FAIL_ALLOC)) {
14999 			tmp_tgt = NULL;
15000 			break;
15001 		}
15002 		if ((rval == DEV_INFO_WRONG_DEVICE_TYPE) ||
15003 		    (rval == DEV_INFO_PHYS_DISK)) {
15004 			continue;
15005 		}
15006 		mpt->m_dev_handle = cur_handle;
15007 		if ((tmp_tgt->m_sas_wwn) && (tmp_tgt->m_sas_wwn == wwid) &&
15008 		    (tmp_tgt->m_phymask == phymask)) {
15009 			break;
15010 		}
15011 	}
15012 
15013 	mutex_exit(&mpt->m_mutex);
15014 	return (tmp_tgt);
15015 }
15016 
15017 static mptsas_smp_t *
15018 mptsas_wwid_to_psmp(mptsas_t *mpt, int phymask, uint64_t wwid)
15019 {
15020 	int		rval = 0;
15021 	uint16_t	cur_handle;
15022 	uint32_t	page_address;
15023 	mptsas_smp_t	smp_node, *psmp = NULL;
15024 
15025 	mutex_enter(&mpt->m_mutex);
15026 	psmp = (struct mptsas_smp *)mptsas_hash_search(&mpt->m_active->m_smptbl,
15027 	    wwid, phymask);
15028 	if (psmp != NULL) {
15029 		mutex_exit(&mpt->m_mutex);
15030 		return (psmp);
15031 	}
15032 
15033 	if (mpt->m_done_traverse_smp) {
15034 		mutex_exit(&mpt->m_mutex);
15035 		return (NULL);
15036 	}
15037 
15038 	/* If didn't get a match, come here */
15039 	cur_handle = mpt->m_smp_devhdl;
15040 	for (; ; ) {
15041 		psmp = NULL;
15042 		page_address = (MPI2_SAS_EXPAND_PGAD_FORM_GET_NEXT_HNDL &
15043 		    MPI2_SAS_EXPAND_PGAD_FORM_MASK) | (uint32_t)cur_handle;
15044 		rval = mptsas_get_sas_expander_page0(mpt, page_address,
15045 		    &smp_node);
15046 		if (rval != DDI_SUCCESS) {
15047 			break;
15048 		}
15049 		mpt->m_smp_devhdl = cur_handle = smp_node.m_devhdl;
15050 		psmp = mptsas_smp_alloc(&mpt->m_active->m_smptbl, &smp_node);
15051 		ASSERT(psmp);
15052 		if ((psmp->m_sasaddr) && (psmp->m_sasaddr == wwid) &&
15053 		    (psmp->m_phymask == phymask)) {
15054 			break;
15055 		}
15056 	}
15057 
15058 	mutex_exit(&mpt->m_mutex);
15059 	return (psmp);
15060 }
15061 
15062 /* helper functions using hash */
15063 
15064 /*
15065  * Can't have duplicate entries for same devhdl,
15066  * if there are invalid entries, the devhdl should be set to 0xffff
15067  */
15068 static void *
15069 mptsas_search_by_devhdl(mptsas_hash_table_t *hashtab, uint16_t devhdl)
15070 {
15071 	mptsas_hash_data_t *data;
15072 
15073 	data = mptsas_hash_traverse(hashtab, MPTSAS_HASH_FIRST);
15074 	while (data != NULL) {
15075 		if (data->devhdl == devhdl) {
15076 			break;
15077 		}
15078 		data = mptsas_hash_traverse(hashtab, MPTSAS_HASH_NEXT);
15079 	}
15080 	return (data);
15081 }
15082 
15083 mptsas_target_t *
15084 mptsas_tgt_alloc(mptsas_hash_table_t *hashtab, uint16_t devhdl, uint64_t wwid,
15085     uint32_t devinfo, mptsas_phymask_t phymask, uint8_t phynum)
15086 {
15087 	mptsas_target_t *tmp_tgt = NULL;
15088 
15089 	tmp_tgt = mptsas_hash_search(hashtab, wwid, phymask);
15090 	if (tmp_tgt != NULL) {
15091 		NDBG20(("Hash item already exist"));
15092 		tmp_tgt->m_deviceinfo = devinfo;
15093 		tmp_tgt->m_devhdl = devhdl;
15094 		return (tmp_tgt);
15095 	}
15096 	tmp_tgt = kmem_zalloc(sizeof (struct mptsas_target), KM_SLEEP);
15097 	if (tmp_tgt == NULL) {
15098 		cmn_err(CE_WARN, "Fatal, allocated tgt failed");
15099 		return (NULL);
15100 	}
15101 	tmp_tgt->m_devhdl = devhdl;
15102 	tmp_tgt->m_sas_wwn = wwid;
15103 	tmp_tgt->m_deviceinfo = devinfo;
15104 	tmp_tgt->m_phymask = phymask;
15105 	tmp_tgt->m_phynum = phynum;
15106 	/* Initialized the tgt structure */
15107 	tmp_tgt->m_qfull_retries = QFULL_RETRIES;
15108 	tmp_tgt->m_qfull_retry_interval =
15109 	    drv_usectohz(QFULL_RETRY_INTERVAL * 1000);
15110 	tmp_tgt->m_t_throttle = MAX_THROTTLE;
15111 
15112 	mptsas_hash_add(hashtab, tmp_tgt);
15113 
15114 	return (tmp_tgt);
15115 }
15116 
15117 static void
15118 mptsas_tgt_free(mptsas_hash_table_t *hashtab, uint64_t wwid,
15119     mptsas_phymask_t phymask)
15120 {
15121 	mptsas_target_t *tmp_tgt;
15122 	tmp_tgt = mptsas_hash_rem(hashtab, wwid, phymask);
15123 	if (tmp_tgt == NULL) {
15124 		cmn_err(CE_WARN, "Tgt not found, nothing to free");
15125 	} else {
15126 		kmem_free(tmp_tgt, sizeof (struct mptsas_target));
15127 	}
15128 }
15129 
15130 /*
15131  * Return the entry in the hash table
15132  */
15133 static mptsas_smp_t *
15134 mptsas_smp_alloc(mptsas_hash_table_t *hashtab, mptsas_smp_t *data)
15135 {
15136 	uint64_t key1 = data->m_sasaddr;
15137 	mptsas_phymask_t key2 = data->m_phymask;
15138 	mptsas_smp_t *ret_data;
15139 
15140 	ret_data = mptsas_hash_search(hashtab, key1, key2);
15141 	if (ret_data != NULL) {
15142 		bcopy(data, ret_data, sizeof (mptsas_smp_t));
15143 		return (ret_data);
15144 	}
15145 
15146 	ret_data = kmem_alloc(sizeof (mptsas_smp_t), KM_SLEEP);
15147 	bcopy(data, ret_data, sizeof (mptsas_smp_t));
15148 	mptsas_hash_add(hashtab, ret_data);
15149 	return (ret_data);
15150 }
15151 
15152 static void
15153 mptsas_smp_free(mptsas_hash_table_t *hashtab, uint64_t wwid,
15154     mptsas_phymask_t phymask)
15155 {
15156 	mptsas_smp_t *tmp_smp;
15157 	tmp_smp = mptsas_hash_rem(hashtab, wwid, phymask);
15158 	if (tmp_smp == NULL) {
15159 		cmn_err(CE_WARN, "Smp element not found, nothing to free");
15160 	} else {
15161 		kmem_free(tmp_smp, sizeof (struct mptsas_smp));
15162 	}
15163 }
15164 
15165 /*
15166  * Hash operation functions
15167  * key1 is the sas_wwn, key2 is the phymask
15168  */
15169 static void
15170 mptsas_hash_init(mptsas_hash_table_t *hashtab)
15171 {
15172 	if (hashtab == NULL) {
15173 		return;
15174 	}
15175 	bzero(hashtab->head, sizeof (mptsas_hash_node_t) *
15176 	    MPTSAS_HASH_ARRAY_SIZE);
15177 	hashtab->cur = NULL;
15178 	hashtab->line = 0;
15179 }
15180 
15181 static void
15182 mptsas_hash_uninit(mptsas_hash_table_t *hashtab, size_t datalen)
15183 {
15184 	uint16_t line = 0;
15185 	mptsas_hash_node_t *cur = NULL, *last = NULL;
15186 
15187 	if (hashtab == NULL) {
15188 		return;
15189 	}
15190 	for (line = 0; line < MPTSAS_HASH_ARRAY_SIZE; line++) {
15191 		cur = hashtab->head[line];
15192 		while (cur != NULL) {
15193 			last = cur;
15194 			cur = cur->next;
15195 			kmem_free(last->data, datalen);
15196 			kmem_free(last, sizeof (mptsas_hash_node_t));
15197 		}
15198 	}
15199 }
15200 
15201 /*
15202  * You must guarantee the element doesn't exist in the hash table
15203  * before you call mptsas_hash_add()
15204  */
15205 static void
15206 mptsas_hash_add(mptsas_hash_table_t *hashtab, void *data)
15207 {
15208 	uint64_t key1 = ((mptsas_hash_data_t *)data)->key1;
15209 	mptsas_phymask_t key2 = ((mptsas_hash_data_t *)data)->key2;
15210 	mptsas_hash_node_t **head = NULL;
15211 	mptsas_hash_node_t *node = NULL;
15212 
15213 	if (hashtab == NULL) {
15214 		return;
15215 	}
15216 	ASSERT(mptsas_hash_search(hashtab, key1, key2) == NULL);
15217 	node = kmem_zalloc(sizeof (mptsas_hash_node_t), KM_NOSLEEP);
15218 	node->data = data;
15219 
15220 	head = &(hashtab->head[key1 % MPTSAS_HASH_ARRAY_SIZE]);
15221 	if (*head == NULL) {
15222 		*head = node;
15223 	} else {
15224 		node->next = *head;
15225 		*head = node;
15226 	}
15227 }
15228 
15229 static void *
15230 mptsas_hash_rem(mptsas_hash_table_t *hashtab, uint64_t key1,
15231     mptsas_phymask_t key2)
15232 {
15233 	mptsas_hash_node_t **head = NULL;
15234 	mptsas_hash_node_t *last = NULL, *cur = NULL;
15235 	mptsas_hash_data_t *data;
15236 	if (hashtab == NULL) {
15237 		return (NULL);
15238 	}
15239 	head = &(hashtab->head[key1 % MPTSAS_HASH_ARRAY_SIZE]);
15240 	cur = *head;
15241 	while (cur != NULL) {
15242 		data = cur->data;
15243 		if ((data->key1 == key1) && (data->key2 == key2)) {
15244 			if (last == NULL) {
15245 				(*head) = cur->next;
15246 			} else {
15247 				last->next = cur->next;
15248 			}
15249 			kmem_free(cur, sizeof (mptsas_hash_node_t));
15250 			return (data);
15251 		} else {
15252 			last = cur;
15253 			cur = cur->next;
15254 		}
15255 	}
15256 	return (NULL);
15257 }
15258 
15259 static void *
15260 mptsas_hash_search(mptsas_hash_table_t *hashtab, uint64_t key1,
15261     mptsas_phymask_t key2)
15262 {
15263 	mptsas_hash_node_t *cur = NULL;
15264 	mptsas_hash_data_t *data;
15265 	if (hashtab == NULL) {
15266 		return (NULL);
15267 	}
15268 	cur = hashtab->head[key1 % MPTSAS_HASH_ARRAY_SIZE];
15269 	while (cur != NULL) {
15270 		data = cur->data;
15271 		if ((data->key1 == key1) && (data->key2 == key2)) {
15272 			return (data);
15273 		} else {
15274 			cur = cur->next;
15275 		}
15276 	}
15277 	return (NULL);
15278 }
15279 
15280 static void *
15281 mptsas_hash_traverse(mptsas_hash_table_t *hashtab, int pos)
15282 {
15283 	mptsas_hash_node_t *this = NULL;
15284 
15285 	if (hashtab == NULL) {
15286 		return (NULL);
15287 	}
15288 
15289 	if (pos == MPTSAS_HASH_FIRST) {
15290 		hashtab->line = 0;
15291 		hashtab->cur = NULL;
15292 		this = hashtab->head[0];
15293 	} else {
15294 		if (hashtab->cur == NULL) {
15295 			return (NULL);
15296 		} else {
15297 			this = hashtab->cur->next;
15298 		}
15299 	}
15300 
15301 	while (this == NULL) {
15302 		hashtab->line++;
15303 		if (hashtab->line >= MPTSAS_HASH_ARRAY_SIZE) {
15304 			/* the traverse reaches the end */
15305 			hashtab->cur = NULL;
15306 			return (NULL);
15307 		} else {
15308 			this = hashtab->head[hashtab->line];
15309 		}
15310 	}
15311 	hashtab->cur = this;
15312 	return (this->data);
15313 }
15314 
15315 /*
15316  * Functions for SGPIO LED support
15317  */
15318 static dev_info_t *
15319 mptsas_get_dip_from_dev(dev_t dev, mptsas_phymask_t *phymask)
15320 {
15321 	dev_info_t	*dip;
15322 	int		prop;
15323 	dip = e_ddi_hold_devi_by_dev(dev, 0);
15324 	if (dip == NULL)
15325 		return (dip);
15326 	prop = ddi_prop_get_int(DDI_DEV_T_ANY, dip, 0,
15327 	    "phymask", 0);
15328 	*phymask = (mptsas_phymask_t)prop;
15329 	ddi_release_devi(dip);
15330 	return (dip);
15331 }
15332 static mptsas_target_t *
15333 mptsas_addr_to_ptgt(mptsas_t *mpt, char *addr, mptsas_phymask_t phymask)
15334 {
15335 	uint8_t			phynum;
15336 	uint64_t		wwn;
15337 	int			lun;
15338 	mptsas_target_t		*ptgt = NULL;
15339 
15340 	if (mptsas_parse_address(addr, &wwn, &phynum, &lun) != DDI_SUCCESS) {
15341 		return (NULL);
15342 	}
15343 	if (addr[0] == 'w') {
15344 		ptgt = mptsas_wwid_to_ptgt(mpt, (int)phymask, wwn);
15345 	} else {
15346 		ptgt = mptsas_phy_to_tgt(mpt, (int)phymask, phynum);
15347 	}
15348 	return (ptgt);
15349 }
15350 
15351 #ifdef MPTSAS_GET_LED
15352 static int
15353 mptsas_get_led_status(mptsas_t *mpt, mptsas_target_t *ptgt,
15354     uint32_t *slotstatus)
15355 {
15356 	return (mptsas_send_sep(mpt, ptgt, slotstatus,
15357 	    MPI2_SEP_REQ_ACTION_READ_STATUS));
15358 }
15359 #endif
15360 static int
15361 mptsas_set_led_status(mptsas_t *mpt, mptsas_target_t *ptgt, uint32_t slotstatus)
15362 {
15363 	NDBG14(("mptsas_ioctl: set LED status %x for slot %x",
15364 	    slotstatus, ptgt->m_slot_num));
15365 	return (mptsas_send_sep(mpt, ptgt, &slotstatus,
15366 	    MPI2_SEP_REQ_ACTION_WRITE_STATUS));
15367 }
15368 /*
15369  *  send sep request, use enclosure/slot addressing
15370  */
15371 static int mptsas_send_sep(mptsas_t *mpt, mptsas_target_t *ptgt,
15372     uint32_t *status, uint8_t act)
15373 {
15374 	Mpi2SepRequest_t	req;
15375 	Mpi2SepReply_t		rep;
15376 	int			ret;
15377 
15378 	ASSERT(mutex_owned(&mpt->m_mutex));
15379 
15380 	bzero(&req, sizeof (req));
15381 	bzero(&rep, sizeof (rep));
15382 
15383 	req.Function = MPI2_FUNCTION_SCSI_ENCLOSURE_PROCESSOR;
15384 	req.Action = act;
15385 	req.Flags = MPI2_SEP_REQ_FLAGS_ENCLOSURE_SLOT_ADDRESS;
15386 	req.EnclosureHandle = LE_16(ptgt->m_enclosure);
15387 	req.Slot = LE_16(ptgt->m_slot_num);
15388 	if (act == MPI2_SEP_REQ_ACTION_WRITE_STATUS) {
15389 		req.SlotStatus = LE_32(*status);
15390 	}
15391 	ret = mptsas_do_passthru(mpt, (uint8_t *)&req, (uint8_t *)&rep, NULL,
15392 	    sizeof (req), sizeof (rep), NULL, 0, NULL, 0, 60, FKIOCTL);
15393 	if (ret != 0) {
15394 		mptsas_log(mpt, CE_NOTE, "mptsas_send_sep: passthru SEP "
15395 		    "Processor Request message error %d", ret);
15396 		return (DDI_FAILURE);
15397 	}
15398 	/* do passthrough success, check the ioc status */
15399 	if (LE_16(rep.IOCStatus) != MPI2_IOCSTATUS_SUCCESS) {
15400 		if ((LE_16(rep.IOCStatus) & MPI2_IOCSTATUS_MASK) ==
15401 		    MPI2_IOCSTATUS_INVALID_FIELD) {
15402 			mptsas_log(mpt, CE_NOTE, "send sep act %x: Not "
15403 			    "supported action, loginfo %x", act,
15404 			    LE_32(rep.IOCLogInfo));
15405 			return (DDI_FAILURE);
15406 		}
15407 		mptsas_log(mpt, CE_NOTE, "send_sep act %x: ioc "
15408 		    "status:%x", act, LE_16(rep.IOCStatus));
15409 		return (DDI_FAILURE);
15410 	}
15411 	if (act != MPI2_SEP_REQ_ACTION_WRITE_STATUS) {
15412 		*status = LE_32(rep.SlotStatus);
15413 	}
15414 
15415 	return (DDI_SUCCESS);
15416 }
15417 
15418 int
15419 mptsas_dma_addr_create(mptsas_t *mpt, ddi_dma_attr_t dma_attr,
15420     ddi_dma_handle_t *dma_hdp, ddi_acc_handle_t *acc_hdp, caddr_t *dma_memp,
15421     uint32_t alloc_size, ddi_dma_cookie_t *cookiep)
15422 {
15423 	ddi_dma_cookie_t	new_cookie;
15424 	size_t			alloc_len;
15425 	uint_t			ncookie;
15426 
15427 	if (cookiep == NULL)
15428 		cookiep = &new_cookie;
15429 
15430 	if (ddi_dma_alloc_handle(mpt->m_dip, &dma_attr, DDI_DMA_SLEEP,
15431 	    NULL, dma_hdp) != DDI_SUCCESS) {
15432 		dma_hdp = NULL;
15433 		return (FALSE);
15434 	}
15435 
15436 	if (ddi_dma_mem_alloc(*dma_hdp, alloc_size, &mpt->m_dev_acc_attr,
15437 	    DDI_DMA_CONSISTENT, DDI_DMA_SLEEP, NULL, dma_memp, &alloc_len,
15438 	    acc_hdp) != DDI_SUCCESS) {
15439 		ddi_dma_free_handle(dma_hdp);
15440 		dma_hdp = NULL;
15441 		return (FALSE);
15442 	}
15443 
15444 	if (ddi_dma_addr_bind_handle(*dma_hdp, NULL, *dma_memp, alloc_len,
15445 	    (DDI_DMA_RDWR | DDI_DMA_CONSISTENT), DDI_DMA_SLEEP, NULL,
15446 	    cookiep, &ncookie) != DDI_DMA_MAPPED) {
15447 		(void) ddi_dma_mem_free(acc_hdp);
15448 		ddi_dma_free_handle(dma_hdp);
15449 		dma_hdp = NULL;
15450 		return (FALSE);
15451 	}
15452 
15453 	return (TRUE);
15454 }
15455 
15456 void
15457 mptsas_dma_addr_destroy(ddi_dma_handle_t *dma_hdp, ddi_acc_handle_t *acc_hdp)
15458 {
15459 	if (*dma_hdp == NULL)
15460 		return;
15461 
15462 	(void) ddi_dma_unbind_handle(*dma_hdp);
15463 	(void) ddi_dma_mem_free(acc_hdp);
15464 	ddi_dma_free_handle(dma_hdp);
15465 	dma_hdp = NULL;
15466 }
15467