1 // SPDX-License-Identifier: GPL-2.0-only
2 /*
3  *  scsi.c Copyright (C) 1992 Drew Eckhardt
4  *         Copyright (C) 1993, 1994, 1995, 1999 Eric Youngdale
5  *         Copyright (C) 2002, 2003 Christoph Hellwig
6  *
7  *  generic mid-level SCSI driver
8  *      Initial versions: Drew Eckhardt
9  *      Subsequent revisions: Eric Youngdale
10  *
11  *  <drew@colorado.edu>
12  *
13  *  Bug correction thanks go to :
14  *      Rik Faith <faith@cs.unc.edu>
15  *      Tommy Thorn <tthorn>
16  *      Thomas Wuensche <tw@fgb1.fgb.mw.tu-muenchen.de>
17  *
18  *  Modified by Eric Youngdale eric@andante.org or ericy@gnu.ai.mit.edu to
19  *  add scatter-gather, multiple outstanding request, and other
20  *  enhancements.
21  *
22  *  Native multichannel, wide scsi, /proc/scsi and hot plugging
23  *  support added by Michael Neuffer <mike@i-connect.net>
24  *
25  *  Added request_module("scsi_hostadapter") for kerneld:
26  *  (Put an "alias scsi_hostadapter your_hostadapter" in /etc/modprobe.conf)
27  *  Bjorn Ekwall  <bj0rn@blox.se>
28  *  (changed to kmod)
29  *
30  *  Major improvements to the timeout, abort, and reset processing,
31  *  as well as performance modifications for large queue depths by
32  *  Leonard N. Zubkoff <lnz@dandelion.com>
33  *
34  *  Converted cli() code to spinlocks, Ingo Molnar
35  *
36  *  Jiffies wrap fixes (host->resetting), 3 Dec 1998 Andrea Arcangeli
37  *
38  *  out_of_space hacks, D. Gilbert (dpg) 990608
39  */
40 
41 #include <linux/module.h>
42 #include <linux/moduleparam.h>
43 #include <linux/kernel.h>
44 #include <linux/timer.h>
45 #include <linux/string.h>
46 #include <linux/slab.h>
47 #include <linux/blkdev.h>
48 #include <linux/delay.h>
49 #include <linux/init.h>
50 #include <linux/completion.h>
51 #include <linux/unistd.h>
52 #include <linux/spinlock.h>
53 #include <linux/kmod.h>
54 #include <linux/interrupt.h>
55 #include <linux/notifier.h>
56 #include <linux/cpu.h>
57 #include <linux/mutex.h>
58 #include <linux/unaligned.h>
59 
60 #include <scsi/scsi.h>
61 #include <scsi/scsi_cmnd.h>
62 #include <scsi/scsi_dbg.h>
63 #include <scsi/scsi_device.h>
64 #include <scsi/scsi_driver.h>
65 #include <scsi/scsi_eh.h>
66 #include <scsi/scsi_host.h>
67 #include <scsi/scsi_tcq.h>
68 
69 #include "scsi_priv.h"
70 #include "scsi_logging.h"
71 
72 #define CREATE_TRACE_POINTS
73 #include <trace/events/scsi.h>
74 
75 /*
76  * Definitions and constants.
77  */
78 
79 /*
80  * Note - the initial logging level can be set here to log events at boot time.
81  * After the system is up, you may enable logging via the /proc interface.
82  */
83 unsigned int scsi_logging_level;
84 #if defined(CONFIG_SCSI_LOGGING)
85 EXPORT_SYMBOL(scsi_logging_level);
86 #endif
87 
88 #ifdef CONFIG_SCSI_LOGGING
scsi_log_send(struct scsi_cmnd * cmd)89 void scsi_log_send(struct scsi_cmnd *cmd)
90 {
91 	unsigned int level;
92 
93 	/*
94 	 * If ML QUEUE log level is greater than or equal to:
95 	 *
96 	 * 1: nothing (match completion)
97 	 *
98 	 * 2: log opcode + command of all commands + cmd address
99 	 *
100 	 * 3: same as 2
101 	 *
102 	 * 4: same as 3
103 	 */
104 	if (unlikely(scsi_logging_level)) {
105 		level = SCSI_LOG_LEVEL(SCSI_LOG_MLQUEUE_SHIFT,
106 				       SCSI_LOG_MLQUEUE_BITS);
107 		if (level > 1) {
108 			scmd_printk(KERN_INFO, cmd,
109 				    "Send: scmd 0x%p\n", cmd);
110 			scsi_print_command(cmd);
111 		}
112 	}
113 }
114 
scsi_log_completion(struct scsi_cmnd * cmd,int disposition)115 void scsi_log_completion(struct scsi_cmnd *cmd, int disposition)
116 {
117 	unsigned int level;
118 
119 	/*
120 	 * If ML COMPLETE log level is greater than or equal to:
121 	 *
122 	 * 1: log disposition, result, opcode + command, and conditionally
123 	 * sense data for failures or non SUCCESS dispositions.
124 	 *
125 	 * 2: same as 1 but for all command completions.
126 	 *
127 	 * 3: same as 2
128 	 *
129 	 * 4: same as 3 plus dump extra junk
130 	 */
131 	if (unlikely(scsi_logging_level)) {
132 		level = SCSI_LOG_LEVEL(SCSI_LOG_MLCOMPLETE_SHIFT,
133 				       SCSI_LOG_MLCOMPLETE_BITS);
134 		if (((level > 0) && (cmd->result || disposition != SUCCESS)) ||
135 		    (level > 1)) {
136 			scsi_print_result(cmd, "Done", disposition);
137 			scsi_print_command(cmd);
138 			if (scsi_status_is_check_condition(cmd->result))
139 				scsi_print_sense(cmd);
140 			if (level > 3)
141 				scmd_printk(KERN_INFO, cmd,
142 					    "scsi host busy %d failed %d\n",
143 					    scsi_host_busy(cmd->device->host),
144 					    cmd->device->host->host_failed);
145 		}
146 	}
147 }
148 #endif
149 
150 /**
151  * scsi_finish_command - cleanup and pass command back to upper layer
152  * @cmd: the command
153  *
154  * Description: Pass command off to upper layer for finishing of I/O
155  *              request, waking processes that are waiting on results,
156  *              etc.
157  */
scsi_finish_command(struct scsi_cmnd * cmd)158 void scsi_finish_command(struct scsi_cmnd *cmd)
159 {
160 	struct scsi_device *sdev = cmd->device;
161 	struct scsi_target *starget = scsi_target(sdev);
162 	struct Scsi_Host *shost = sdev->host;
163 	struct scsi_driver *drv;
164 	unsigned int good_bytes;
165 
166 	scsi_device_unbusy(sdev, cmd);
167 
168 	/*
169 	 * Clear the flags that say that the device/target/host is no longer
170 	 * capable of accepting new commands.
171 	 */
172 	if (atomic_read(&shost->host_blocked))
173 		atomic_set(&shost->host_blocked, 0);
174 	if (atomic_read(&starget->target_blocked))
175 		atomic_set(&starget->target_blocked, 0);
176 	if (atomic_read(&sdev->device_blocked))
177 		atomic_set(&sdev->device_blocked, 0);
178 
179 	SCSI_LOG_MLCOMPLETE(4, sdev_printk(KERN_INFO, sdev,
180 				"Notifying upper driver of completion "
181 				"(result %x)\n", cmd->result));
182 
183 	good_bytes = scsi_bufflen(cmd);
184 	if (!blk_rq_is_passthrough(scsi_cmd_to_rq(cmd))) {
185 		int old_good_bytes = good_bytes;
186 		drv = scsi_cmd_to_driver(cmd);
187 		if (drv->done)
188 			good_bytes = drv->done(cmd);
189 		/*
190 		 * USB may not give sense identifying bad sector and
191 		 * simply return a residue instead, so subtract off the
192 		 * residue if drv->done() error processing indicates no
193 		 * change to the completion length.
194 		 */
195 		if (good_bytes == old_good_bytes)
196 			good_bytes -= scsi_get_resid(cmd);
197 	}
198 	scsi_io_completion(cmd, good_bytes);
199 }
200 
201 
202 /*
203  * 4096 is big enough for saturating fast SCSI LUNs.
204  */
scsi_device_max_queue_depth(struct scsi_device * sdev)205 int scsi_device_max_queue_depth(struct scsi_device *sdev)
206 {
207 	return min_t(int, sdev->host->can_queue, 4096);
208 }
209 
210 /**
211  * scsi_change_queue_depth - change a device's queue depth
212  * @sdev: SCSI Device in question
213  * @depth: number of commands allowed to be queued to the driver
214  *
215  * Sets the device queue depth and returns the new value.
216  */
scsi_change_queue_depth(struct scsi_device * sdev,int depth)217 int scsi_change_queue_depth(struct scsi_device *sdev, int depth)
218 {
219 	depth = min_t(int, depth, scsi_device_max_queue_depth(sdev));
220 
221 	if (depth > 0) {
222 		sdev->queue_depth = depth;
223 		wmb();
224 	}
225 
226 	if (sdev->request_queue)
227 		blk_set_queue_depth(sdev->request_queue, depth);
228 
229 	sbitmap_resize(&sdev->budget_map, sdev->queue_depth);
230 
231 	return sdev->queue_depth;
232 }
233 EXPORT_SYMBOL(scsi_change_queue_depth);
234 
235 /**
236  * scsi_track_queue_full - track QUEUE_FULL events to adjust queue depth
237  * @sdev: SCSI Device in question
238  * @depth: Current number of outstanding SCSI commands on this device,
239  *         not counting the one returned as QUEUE_FULL.
240  *
241  * Description:	This function will track successive QUEUE_FULL events on a
242  * 		specific SCSI device to determine if and when there is a
243  * 		need to adjust the queue depth on the device.
244  *
245  * Returns:	0 - No change needed, >0 - Adjust queue depth to this new depth,
246  * 		-1 - Drop back to untagged operation using host->cmd_per_lun
247  * 			as the untagged command depth
248  *
249  * Lock Status:	None held on entry
250  *
251  * Notes:	Low level drivers may call this at any time and we will do
252  * 		"The Right Thing."  We are interrupt context safe.
253  */
scsi_track_queue_full(struct scsi_device * sdev,int depth)254 int scsi_track_queue_full(struct scsi_device *sdev, int depth)
255 {
256 
257 	/*
258 	 * Don't let QUEUE_FULLs on the same
259 	 * jiffies count, they could all be from
260 	 * same event.
261 	 */
262 	if ((jiffies >> 4) == (sdev->last_queue_full_time >> 4))
263 		return 0;
264 
265 	sdev->last_queue_full_time = jiffies;
266 	if (sdev->last_queue_full_depth != depth) {
267 		sdev->last_queue_full_count = 1;
268 		sdev->last_queue_full_depth = depth;
269 	} else {
270 		sdev->last_queue_full_count++;
271 	}
272 
273 	if (sdev->last_queue_full_count <= 10)
274 		return 0;
275 
276 	return scsi_change_queue_depth(sdev, depth);
277 }
278 EXPORT_SYMBOL(scsi_track_queue_full);
279 
280 /**
281  * scsi_vpd_inquiry - Request a device provide us with a VPD page
282  * @sdev: The device to ask
283  * @buffer: Where to put the result
284  * @page: Which Vital Product Data to return
285  * @len: The length of the buffer
286  *
287  * This is an internal helper function.  You probably want to use
288  * scsi_get_vpd_page instead.
289  *
290  * Returns size of the vpd page on success or a negative error number.
291  */
scsi_vpd_inquiry(struct scsi_device * sdev,unsigned char * buffer,u8 page,unsigned len)292 static int scsi_vpd_inquiry(struct scsi_device *sdev, unsigned char *buffer,
293 							u8 page, unsigned len)
294 {
295 	int result;
296 	unsigned char cmd[16];
297 
298 	if (len < 4)
299 		return -EINVAL;
300 
301 	cmd[0] = INQUIRY;
302 	cmd[1] = 1;		/* EVPD */
303 	cmd[2] = page;
304 	cmd[3] = len >> 8;
305 	cmd[4] = len & 0xff;
306 	cmd[5] = 0;		/* Control byte */
307 
308 	/*
309 	 * I'm not convinced we need to try quite this hard to get VPD, but
310 	 * all the existing users tried this hard.
311 	 */
312 	result = scsi_execute_cmd(sdev, cmd, REQ_OP_DRV_IN, buffer, len,
313 				  30 * HZ, 3, NULL);
314 	if (result)
315 		return -EIO;
316 
317 	/*
318 	 * Sanity check that we got the page back that we asked for and that
319 	 * the page size is not 0.
320 	 */
321 	if (buffer[1] != page)
322 		return -EIO;
323 
324 	result = get_unaligned_be16(&buffer[2]);
325 	if (!result)
326 		return -EIO;
327 
328 	return result + 4;
329 }
330 
331 enum scsi_vpd_parameters {
332 	SCSI_VPD_HEADER_SIZE = 4,
333 	SCSI_VPD_LIST_SIZE = 36,
334 };
335 
scsi_get_vpd_size(struct scsi_device * sdev,u8 page)336 static int scsi_get_vpd_size(struct scsi_device *sdev, u8 page)
337 {
338 	unsigned char vpd[SCSI_VPD_LIST_SIZE] __aligned(4);
339 	int result;
340 
341 	if (sdev->no_vpd_size)
342 		return SCSI_DEFAULT_VPD_LEN;
343 
344 	/*
345 	 * Fetch the supported pages VPD and validate that the requested page
346 	 * number is present.
347 	 */
348 	if (page != 0) {
349 		result = scsi_vpd_inquiry(sdev, vpd, 0, sizeof(vpd));
350 		if (result < SCSI_VPD_HEADER_SIZE)
351 			return 0;
352 
353 		if (result > sizeof(vpd)) {
354 			dev_warn_once(&sdev->sdev_gendev,
355 				      "%s: long VPD page 0 length: %d bytes\n",
356 				      __func__, result);
357 			result = sizeof(vpd);
358 		}
359 
360 		result -= SCSI_VPD_HEADER_SIZE;
361 		if (!memchr(&vpd[SCSI_VPD_HEADER_SIZE], page, result))
362 			return 0;
363 	}
364 	/*
365 	 * Fetch the VPD page header to find out how big the page
366 	 * is. This is done to prevent problems on legacy devices
367 	 * which can not handle allocation lengths as large as
368 	 * potentially requested by the caller.
369 	 */
370 	result = scsi_vpd_inquiry(sdev, vpd, page, SCSI_VPD_HEADER_SIZE);
371 	if (result < 0)
372 		return 0;
373 
374 	if (result < SCSI_VPD_HEADER_SIZE) {
375 		dev_warn_once(&sdev->sdev_gendev,
376 			      "%s: short VPD page 0x%02x length: %d bytes\n",
377 			      __func__, page, result);
378 		return 0;
379 	}
380 
381 	return result;
382 }
383 
384 /**
385  * scsi_get_vpd_page - Get Vital Product Data from a SCSI device
386  * @sdev: The device to ask
387  * @page: Which Vital Product Data to return
388  * @buf: where to store the VPD
389  * @buf_len: number of bytes in the VPD buffer area
390  *
391  * SCSI devices may optionally supply Vital Product Data.  Each 'page'
392  * of VPD is defined in the appropriate SCSI document (eg SPC, SBC).
393  * If the device supports this VPD page, this routine fills @buf
394  * with the data from that page and return 0. If the VPD page is not
395  * supported or its content cannot be retrieved, -EINVAL is returned.
396  */
scsi_get_vpd_page(struct scsi_device * sdev,u8 page,unsigned char * buf,int buf_len)397 int scsi_get_vpd_page(struct scsi_device *sdev, u8 page, unsigned char *buf,
398 		      int buf_len)
399 {
400 	int result, vpd_len;
401 
402 	if (!scsi_device_supports_vpd(sdev))
403 		return -EINVAL;
404 
405 	vpd_len = scsi_get_vpd_size(sdev, page);
406 	if (vpd_len <= 0)
407 		return -EINVAL;
408 
409 	vpd_len = min(vpd_len, buf_len);
410 
411 	/*
412 	 * Fetch the actual page. Since the appropriate size was reported
413 	 * by the device it is now safe to ask for something bigger.
414 	 */
415 	memset(buf, 0, buf_len);
416 	result = scsi_vpd_inquiry(sdev, buf, page, vpd_len);
417 	if (result < 0)
418 		return -EINVAL;
419 	else if (result > vpd_len)
420 		dev_warn_once(&sdev->sdev_gendev,
421 			      "%s: VPD page 0x%02x result %d > %d bytes\n",
422 			      __func__, page, result, vpd_len);
423 
424 	return 0;
425 }
426 EXPORT_SYMBOL_GPL(scsi_get_vpd_page);
427 
428 /**
429  * scsi_get_vpd_buf - Get Vital Product Data from a SCSI device
430  * @sdev: The device to ask
431  * @page: Which Vital Product Data to return
432  *
433  * Returns %NULL upon failure.
434  */
scsi_get_vpd_buf(struct scsi_device * sdev,u8 page)435 static struct scsi_vpd *scsi_get_vpd_buf(struct scsi_device *sdev, u8 page)
436 {
437 	struct scsi_vpd *vpd_buf;
438 	int vpd_len, result;
439 
440 	vpd_len = scsi_get_vpd_size(sdev, page);
441 	if (vpd_len <= 0)
442 		return NULL;
443 
444 retry_pg:
445 	/*
446 	 * Fetch the actual page. Since the appropriate size was reported
447 	 * by the device it is now safe to ask for something bigger.
448 	 */
449 	vpd_buf = kmalloc(sizeof(*vpd_buf) + vpd_len, GFP_KERNEL);
450 	if (!vpd_buf)
451 		return NULL;
452 
453 	result = scsi_vpd_inquiry(sdev, vpd_buf->data, page, vpd_len);
454 	if (result < 0) {
455 		kfree(vpd_buf);
456 		return NULL;
457 	}
458 	if (result > vpd_len) {
459 		dev_warn_once(&sdev->sdev_gendev,
460 			      "%s: VPD page 0x%02x result %d > %d bytes\n",
461 			      __func__, page, result, vpd_len);
462 		vpd_len = result;
463 		kfree(vpd_buf);
464 		goto retry_pg;
465 	}
466 
467 	vpd_buf->len = result;
468 
469 	return vpd_buf;
470 }
471 
scsi_update_vpd_page(struct scsi_device * sdev,u8 page,struct scsi_vpd __rcu ** sdev_vpd_buf)472 static void scsi_update_vpd_page(struct scsi_device *sdev, u8 page,
473 				 struct scsi_vpd __rcu **sdev_vpd_buf)
474 {
475 	struct scsi_vpd *vpd_buf;
476 
477 	vpd_buf = scsi_get_vpd_buf(sdev, page);
478 	if (!vpd_buf)
479 		return;
480 
481 	mutex_lock(&sdev->inquiry_mutex);
482 	vpd_buf = rcu_replace_pointer(*sdev_vpd_buf, vpd_buf,
483 				      lockdep_is_held(&sdev->inquiry_mutex));
484 	mutex_unlock(&sdev->inquiry_mutex);
485 
486 	if (vpd_buf)
487 		kfree_rcu(vpd_buf, rcu);
488 }
489 
490 /**
491  * scsi_attach_vpd - Attach Vital Product Data to a SCSI device structure
492  * @sdev: The device to ask
493  *
494  * Attach the 'Device Identification' VPD page (0x83) and the
495  * 'Unit Serial Number' VPD page (0x80) to a SCSI device
496  * structure. This information can be used to identify the device
497  * uniquely.
498  */
scsi_attach_vpd(struct scsi_device * sdev)499 void scsi_attach_vpd(struct scsi_device *sdev)
500 {
501 	int i;
502 	struct scsi_vpd *vpd_buf;
503 
504 	if (!scsi_device_supports_vpd(sdev))
505 		return;
506 
507 	/* Ask for all the pages supported by this device */
508 	vpd_buf = scsi_get_vpd_buf(sdev, 0);
509 	if (!vpd_buf)
510 		return;
511 
512 	for (i = 4; i < vpd_buf->len; i++) {
513 		if (vpd_buf->data[i] == 0x0)
514 			scsi_update_vpd_page(sdev, 0x0, &sdev->vpd_pg0);
515 		if (vpd_buf->data[i] == 0x80)
516 			scsi_update_vpd_page(sdev, 0x80, &sdev->vpd_pg80);
517 		if (vpd_buf->data[i] == 0x83)
518 			scsi_update_vpd_page(sdev, 0x83, &sdev->vpd_pg83);
519 		if (vpd_buf->data[i] == 0x89)
520 			scsi_update_vpd_page(sdev, 0x89, &sdev->vpd_pg89);
521 		if (vpd_buf->data[i] == 0xb0)
522 			scsi_update_vpd_page(sdev, 0xb0, &sdev->vpd_pgb0);
523 		if (vpd_buf->data[i] == 0xb1)
524 			scsi_update_vpd_page(sdev, 0xb1, &sdev->vpd_pgb1);
525 		if (vpd_buf->data[i] == 0xb2)
526 			scsi_update_vpd_page(sdev, 0xb2, &sdev->vpd_pgb2);
527 		if (vpd_buf->data[i] == 0xb7)
528 			scsi_update_vpd_page(sdev, 0xb7, &sdev->vpd_pgb7);
529 	}
530 	kfree(vpd_buf);
531 }
532 
533 /**
534  * scsi_report_opcode - Find out if a given command is supported
535  * @sdev:	scsi device to query
536  * @buffer:	scratch buffer (must be at least 20 bytes long)
537  * @len:	length of buffer
538  * @opcode:	opcode for the command to look up
539  * @sa:		service action for the command to look up
540  *
541  * Uses the REPORT SUPPORTED OPERATION CODES to check support for the
542  * command identified with @opcode and @sa. If the command does not
543  * have a service action, @sa must be 0. Returns -EINVAL if RSOC fails,
544  * 0 if the command is not supported and 1 if the device claims to
545  * support the command.
546  */
scsi_report_opcode(struct scsi_device * sdev,unsigned char * buffer,unsigned int len,unsigned char opcode,unsigned short sa)547 int scsi_report_opcode(struct scsi_device *sdev, unsigned char *buffer,
548 		       unsigned int len, unsigned char opcode,
549 		       unsigned short sa)
550 {
551 	unsigned char cmd[16];
552 	struct scsi_sense_hdr sshdr;
553 	int result, request_len;
554 	const struct scsi_exec_args exec_args = {
555 		.sshdr = &sshdr,
556 	};
557 
558 	if (sdev->no_report_opcodes || sdev->scsi_level < SCSI_SPC_3)
559 		return -EINVAL;
560 
561 	/* RSOC header + size of command we are asking about */
562 	request_len = 4 + COMMAND_SIZE(opcode);
563 	if (request_len > len) {
564 		dev_warn_once(&sdev->sdev_gendev,
565 			      "%s: len %u bytes, opcode 0x%02x needs %u\n",
566 			      __func__, len, opcode, request_len);
567 		return -EINVAL;
568 	}
569 
570 	memset(cmd, 0, 16);
571 	cmd[0] = MAINTENANCE_IN;
572 	cmd[1] = MI_REPORT_SUPPORTED_OPERATION_CODES;
573 	if (!sa) {
574 		cmd[2] = 1;	/* One command format */
575 		cmd[3] = opcode;
576 	} else {
577 		cmd[2] = 3;	/* One command format with service action */
578 		cmd[3] = opcode;
579 		put_unaligned_be16(sa, &cmd[4]);
580 	}
581 	put_unaligned_be32(request_len, &cmd[6]);
582 	memset(buffer, 0, len);
583 
584 	result = scsi_execute_cmd(sdev, cmd, REQ_OP_DRV_IN, buffer,
585 				  request_len, 30 * HZ, 3, &exec_args);
586 	if (result < 0)
587 		return result;
588 	if (result && scsi_sense_valid(&sshdr) &&
589 	    sshdr.sense_key == ILLEGAL_REQUEST &&
590 	    (sshdr.asc == 0x20 || sshdr.asc == 0x24) && sshdr.ascq == 0x00)
591 		return -EINVAL;
592 
593 	if ((buffer[1] & 3) == 3) /* Command supported */
594 		return 1;
595 
596 	return 0;
597 }
598 EXPORT_SYMBOL(scsi_report_opcode);
599 
600 #define SCSI_CDL_CHECK_BUF_LEN	64
601 
scsi_cdl_check_cmd(struct scsi_device * sdev,u8 opcode,u16 sa,unsigned char * buf)602 static bool scsi_cdl_check_cmd(struct scsi_device *sdev, u8 opcode, u16 sa,
603 			       unsigned char *buf)
604 {
605 	int ret;
606 	u8 cdlp;
607 
608 	/* Check operation code */
609 	ret = scsi_report_opcode(sdev, buf, SCSI_CDL_CHECK_BUF_LEN, opcode, sa);
610 	if (ret <= 0)
611 		return false;
612 
613 	if ((buf[1] & 0x03) != 0x03)
614 		return false;
615 
616 	/*
617 	 * See SPC-6, One_command parameter data format for
618 	 * REPORT SUPPORTED OPERATION CODES. We have the following cases
619 	 * depending on rwcdlp (buf[0] & 0x01) value:
620 	 *  - rwcdlp == 0: then cdlp indicates support for the A mode page when
621 	 *		   it is equal to 1 and for the B mode page when it is
622 	 *		   equal to 2.
623 	 *  - rwcdlp == 1: then cdlp indicates support for the T2A mode page
624 	 *		   when it is equal to 1 and for the T2B mode page when
625 	 *		   it is equal to 2.
626 	 * Overall, to detect support for command duration limits, we only need
627 	 * to check that cdlp is 1 or 2.
628 	 */
629 	cdlp = (buf[1] & 0x18) >> 3;
630 
631 	return cdlp == 0x01 || cdlp == 0x02;
632 }
633 
634 /**
635  * scsi_cdl_check - Check if a SCSI device supports Command Duration Limits
636  * @sdev: The device to check
637  */
scsi_cdl_check(struct scsi_device * sdev)638 void scsi_cdl_check(struct scsi_device *sdev)
639 {
640 	bool cdl_supported;
641 	unsigned char *buf;
642 
643 	/*
644 	 * Support for CDL was defined in SPC-5. Ignore devices reporting an
645 	 * lower SPC version. This also avoids problems with old drives choking
646 	 * on MAINTENANCE_IN / MI_REPORT_SUPPORTED_OPERATION_CODES with a
647 	 * service action specified, as done in scsi_cdl_check_cmd().
648 	 */
649 	if (sdev->scsi_level < SCSI_SPC_5) {
650 		sdev->cdl_supported = 0;
651 		return;
652 	}
653 
654 	buf = kmalloc(SCSI_CDL_CHECK_BUF_LEN, GFP_KERNEL);
655 	if (!buf) {
656 		sdev->cdl_supported = 0;
657 		return;
658 	}
659 
660 	/* Check support for READ_16, WRITE_16, READ_32 and WRITE_32 commands */
661 	cdl_supported =
662 		scsi_cdl_check_cmd(sdev, READ_16, 0, buf) ||
663 		scsi_cdl_check_cmd(sdev, WRITE_16, 0, buf) ||
664 		scsi_cdl_check_cmd(sdev, VARIABLE_LENGTH_CMD, READ_32, buf) ||
665 		scsi_cdl_check_cmd(sdev, VARIABLE_LENGTH_CMD, WRITE_32, buf);
666 	if (cdl_supported) {
667 		/*
668 		 * We have CDL support: force the use of READ16/WRITE16.
669 		 * READ32 and WRITE32 will be used for devices that support
670 		 * the T10_PI_TYPE2_PROTECTION protection type.
671 		 */
672 		sdev->use_16_for_rw = 1;
673 		sdev->use_10_for_rw = 0;
674 
675 		sdev->cdl_supported = 1;
676 
677 		/*
678 		 * If the device supports CDL, make sure that the current drive
679 		 * feature status is consistent with the user controlled
680 		 * cdl_enable state.
681 		 */
682 		scsi_cdl_enable(sdev, sdev->cdl_enable);
683 	} else {
684 		sdev->cdl_supported = 0;
685 	}
686 
687 	kfree(buf);
688 }
689 
690 /**
691  * scsi_cdl_enable - Enable or disable a SCSI device supports for Command
692  *                   Duration Limits
693  * @sdev: The target device
694  * @enable: the target state
695  */
scsi_cdl_enable(struct scsi_device * sdev,bool enable)696 int scsi_cdl_enable(struct scsi_device *sdev, bool enable)
697 {
698 	struct scsi_mode_data data;
699 	struct scsi_sense_hdr sshdr;
700 	struct scsi_vpd *vpd;
701 	bool is_ata = false;
702 	char buf[64];
703 	int ret;
704 
705 	if (!sdev->cdl_supported)
706 		return -EOPNOTSUPP;
707 
708 	rcu_read_lock();
709 	vpd = rcu_dereference(sdev->vpd_pg89);
710 	if (vpd)
711 		is_ata = true;
712 	rcu_read_unlock();
713 
714 	/*
715 	 * For ATA devices, CDL needs to be enabled with a SET FEATURES command.
716 	 */
717 	if (is_ata) {
718 		char *buf_data;
719 		int len;
720 
721 		ret = scsi_mode_sense(sdev, 0x08, 0x0a, 0xf2, buf, sizeof(buf),
722 				      5 * HZ, 3, &data, NULL);
723 		if (ret)
724 			return -EINVAL;
725 
726 		/* Enable CDL using the ATA feature page */
727 		len = min_t(size_t, sizeof(buf),
728 			    data.length - data.header_length -
729 			    data.block_descriptor_length);
730 		buf_data = buf + data.header_length +
731 			data.block_descriptor_length;
732 		if (enable)
733 			buf_data[4] = 0x02;
734 		else
735 			buf_data[4] = 0;
736 
737 		ret = scsi_mode_select(sdev, 1, 0, buf_data, len, 5 * HZ, 3,
738 				       &data, &sshdr);
739 		if (ret) {
740 			if (ret > 0 && scsi_sense_valid(&sshdr))
741 				scsi_print_sense_hdr(sdev,
742 					dev_name(&sdev->sdev_gendev), &sshdr);
743 			return ret;
744 		}
745 	}
746 
747 	sdev->cdl_enable = enable;
748 
749 	return 0;
750 }
751 
752 /**
753  * scsi_device_get  -  get an additional reference to a scsi_device
754  * @sdev:	device to get a reference to
755  *
756  * Description: Gets a reference to the scsi_device and increments the use count
757  * of the underlying LLDD module.  You must hold host_lock of the
758  * parent Scsi_Host or already have a reference when calling this.
759  *
760  * This will fail if a device is deleted or cancelled, or when the LLD module
761  * is in the process of being unloaded.
762  */
scsi_device_get(struct scsi_device * sdev)763 int scsi_device_get(struct scsi_device *sdev)
764 {
765 	if (sdev->sdev_state == SDEV_DEL || sdev->sdev_state == SDEV_CANCEL)
766 		goto fail;
767 	if (!try_module_get(sdev->host->hostt->module))
768 		goto fail;
769 	if (!get_device(&sdev->sdev_gendev))
770 		goto fail_put_module;
771 	return 0;
772 
773 fail_put_module:
774 	module_put(sdev->host->hostt->module);
775 fail:
776 	return -ENXIO;
777 }
778 EXPORT_SYMBOL(scsi_device_get);
779 
780 /**
781  * scsi_device_put  -  release a reference to a scsi_device
782  * @sdev:	device to release a reference on.
783  *
784  * Description: Release a reference to the scsi_device and decrements the use
785  * count of the underlying LLDD module.  The device is freed once the last
786  * user vanishes.
787  */
scsi_device_put(struct scsi_device * sdev)788 void scsi_device_put(struct scsi_device *sdev)
789 {
790 	struct module *mod = sdev->host->hostt->module;
791 
792 	put_device(&sdev->sdev_gendev);
793 	module_put(mod);
794 }
795 EXPORT_SYMBOL(scsi_device_put);
796 
797 /* helper for shost_for_each_device, see that for documentation */
__scsi_iterate_devices(struct Scsi_Host * shost,struct scsi_device * prev)798 struct scsi_device *__scsi_iterate_devices(struct Scsi_Host *shost,
799 					   struct scsi_device *prev)
800 {
801 	struct list_head *list = (prev ? &prev->siblings : &shost->__devices);
802 	struct scsi_device *next = NULL;
803 	unsigned long flags;
804 
805 	spin_lock_irqsave(shost->host_lock, flags);
806 	while (list->next != &shost->__devices) {
807 		next = list_entry(list->next, struct scsi_device, siblings);
808 		/* skip devices that we can't get a reference to */
809 		if (!scsi_device_get(next))
810 			break;
811 		next = NULL;
812 		list = list->next;
813 	}
814 	spin_unlock_irqrestore(shost->host_lock, flags);
815 
816 	if (prev)
817 		scsi_device_put(prev);
818 	return next;
819 }
820 EXPORT_SYMBOL(__scsi_iterate_devices);
821 
822 /**
823  * starget_for_each_device  -  helper to walk all devices of a target
824  * @starget:	target whose devices we want to iterate over.
825  * @data:	Opaque passed to each function call.
826  * @fn:		Function to call on each device
827  *
828  * This traverses over each device of @starget.  The devices have
829  * a reference that must be released by scsi_host_put when breaking
830  * out of the loop.
831  */
starget_for_each_device(struct scsi_target * starget,void * data,void (* fn)(struct scsi_device *,void *))832 void starget_for_each_device(struct scsi_target *starget, void *data,
833 		     void (*fn)(struct scsi_device *, void *))
834 {
835 	struct Scsi_Host *shost = dev_to_shost(starget->dev.parent);
836 	struct scsi_device *sdev;
837 
838 	shost_for_each_device(sdev, shost) {
839 		if ((sdev->channel == starget->channel) &&
840 		    (sdev->id == starget->id))
841 			fn(sdev, data);
842 	}
843 }
844 EXPORT_SYMBOL(starget_for_each_device);
845 
846 /**
847  * __starget_for_each_device - helper to walk all devices of a target (UNLOCKED)
848  * @starget:	target whose devices we want to iterate over.
849  * @data:	parameter for callback @fn()
850  * @fn:		callback function that is invoked for each device
851  *
852  * This traverses over each device of @starget.  It does _not_
853  * take a reference on the scsi_device, so the whole loop must be
854  * protected by shost->host_lock.
855  *
856  * Note:  The only reason why drivers would want to use this is because
857  * they need to access the device list in irq context.  Otherwise you
858  * really want to use starget_for_each_device instead.
859  **/
__starget_for_each_device(struct scsi_target * starget,void * data,void (* fn)(struct scsi_device *,void *))860 void __starget_for_each_device(struct scsi_target *starget, void *data,
861 			       void (*fn)(struct scsi_device *, void *))
862 {
863 	struct Scsi_Host *shost = dev_to_shost(starget->dev.parent);
864 	struct scsi_device *sdev;
865 
866 	__shost_for_each_device(sdev, shost) {
867 		if ((sdev->channel == starget->channel) &&
868 		    (sdev->id == starget->id))
869 			fn(sdev, data);
870 	}
871 }
872 EXPORT_SYMBOL(__starget_for_each_device);
873 
874 /**
875  * __scsi_device_lookup_by_target - find a device given the target (UNLOCKED)
876  * @starget:	SCSI target pointer
877  * @lun:	SCSI Logical Unit Number
878  *
879  * Description: Looks up the scsi_device with the specified @lun for a given
880  * @starget.  The returned scsi_device does not have an additional
881  * reference.  You must hold the host's host_lock over this call and
882  * any access to the returned scsi_device. A scsi_device in state
883  * SDEV_DEL is skipped.
884  *
885  * Note:  The only reason why drivers should use this is because
886  * they need to access the device list in irq context.  Otherwise you
887  * really want to use scsi_device_lookup_by_target instead.
888  **/
__scsi_device_lookup_by_target(struct scsi_target * starget,u64 lun)889 struct scsi_device *__scsi_device_lookup_by_target(struct scsi_target *starget,
890 						   u64 lun)
891 {
892 	struct scsi_device *sdev;
893 
894 	list_for_each_entry(sdev, &starget->devices, same_target_siblings) {
895 		if (sdev->sdev_state == SDEV_DEL)
896 			continue;
897 		if (sdev->lun ==lun)
898 			return sdev;
899 	}
900 
901 	return NULL;
902 }
903 EXPORT_SYMBOL(__scsi_device_lookup_by_target);
904 
905 /**
906  * scsi_device_lookup_by_target - find a device given the target
907  * @starget:	SCSI target pointer
908  * @lun:	SCSI Logical Unit Number
909  *
910  * Description: Looks up the scsi_device with the specified @lun for a given
911  * @starget.  The returned scsi_device has an additional reference that
912  * needs to be released with scsi_device_put once you're done with it.
913  **/
scsi_device_lookup_by_target(struct scsi_target * starget,u64 lun)914 struct scsi_device *scsi_device_lookup_by_target(struct scsi_target *starget,
915 						 u64 lun)
916 {
917 	struct scsi_device *sdev;
918 	struct Scsi_Host *shost = dev_to_shost(starget->dev.parent);
919 	unsigned long flags;
920 
921 	spin_lock_irqsave(shost->host_lock, flags);
922 	sdev = __scsi_device_lookup_by_target(starget, lun);
923 	if (sdev && scsi_device_get(sdev))
924 		sdev = NULL;
925 	spin_unlock_irqrestore(shost->host_lock, flags);
926 
927 	return sdev;
928 }
929 EXPORT_SYMBOL(scsi_device_lookup_by_target);
930 
931 /**
932  * __scsi_device_lookup - find a device given the host (UNLOCKED)
933  * @shost:	SCSI host pointer
934  * @channel:	SCSI channel (zero if only one channel)
935  * @id:		SCSI target number (physical unit number)
936  * @lun:	SCSI Logical Unit Number
937  *
938  * Description: Looks up the scsi_device with the specified @channel, @id, @lun
939  * for a given host. The returned scsi_device does not have an additional
940  * reference.  You must hold the host's host_lock over this call and any access
941  * to the returned scsi_device.
942  *
943  * Note:  The only reason why drivers would want to use this is because
944  * they need to access the device list in irq context.  Otherwise you
945  * really want to use scsi_device_lookup instead.
946  **/
__scsi_device_lookup(struct Scsi_Host * shost,uint channel,uint id,u64 lun)947 struct scsi_device *__scsi_device_lookup(struct Scsi_Host *shost,
948 		uint channel, uint id, u64 lun)
949 {
950 	struct scsi_device *sdev;
951 
952 	list_for_each_entry(sdev, &shost->__devices, siblings) {
953 		if (sdev->sdev_state == SDEV_DEL)
954 			continue;
955 		if (sdev->channel == channel && sdev->id == id &&
956 				sdev->lun ==lun)
957 			return sdev;
958 	}
959 
960 	return NULL;
961 }
962 EXPORT_SYMBOL(__scsi_device_lookup);
963 
964 /**
965  * scsi_device_lookup - find a device given the host
966  * @shost:	SCSI host pointer
967  * @channel:	SCSI channel (zero if only one channel)
968  * @id:		SCSI target number (physical unit number)
969  * @lun:	SCSI Logical Unit Number
970  *
971  * Description: Looks up the scsi_device with the specified @channel, @id, @lun
972  * for a given host.  The returned scsi_device has an additional reference that
973  * needs to be released with scsi_device_put once you're done with it.
974  **/
scsi_device_lookup(struct Scsi_Host * shost,uint channel,uint id,u64 lun)975 struct scsi_device *scsi_device_lookup(struct Scsi_Host *shost,
976 		uint channel, uint id, u64 lun)
977 {
978 	struct scsi_device *sdev;
979 	unsigned long flags;
980 
981 	spin_lock_irqsave(shost->host_lock, flags);
982 	sdev = __scsi_device_lookup(shost, channel, id, lun);
983 	if (sdev && scsi_device_get(sdev))
984 		sdev = NULL;
985 	spin_unlock_irqrestore(shost->host_lock, flags);
986 
987 	return sdev;
988 }
989 EXPORT_SYMBOL(scsi_device_lookup);
990 
991 MODULE_DESCRIPTION("SCSI core");
992 MODULE_LICENSE("GPL");
993 
994 module_param(scsi_logging_level, int, S_IRUGO|S_IWUSR);
995 MODULE_PARM_DESC(scsi_logging_level, "a bit mask of logging levels");
996 
init_scsi(void)997 static int __init init_scsi(void)
998 {
999 	int error;
1000 
1001 	error = scsi_init_procfs();
1002 	if (error)
1003 		goto cleanup_queue;
1004 	error = scsi_init_devinfo();
1005 	if (error)
1006 		goto cleanup_procfs;
1007 	error = scsi_init_hosts();
1008 	if (error)
1009 		goto cleanup_devlist;
1010 	error = scsi_init_sysctl();
1011 	if (error)
1012 		goto cleanup_hosts;
1013 	error = scsi_sysfs_register();
1014 	if (error)
1015 		goto cleanup_sysctl;
1016 
1017 	scsi_netlink_init();
1018 
1019 	printk(KERN_NOTICE "SCSI subsystem initialized\n");
1020 	return 0;
1021 
1022 cleanup_sysctl:
1023 	scsi_exit_sysctl();
1024 cleanup_hosts:
1025 	scsi_exit_hosts();
1026 cleanup_devlist:
1027 	scsi_exit_devinfo();
1028 cleanup_procfs:
1029 	scsi_exit_procfs();
1030 cleanup_queue:
1031 	scsi_exit_queue();
1032 	printk(KERN_ERR "SCSI subsystem failed to initialize, error = %d\n",
1033 	       -error);
1034 	return error;
1035 }
1036 
exit_scsi(void)1037 static void __exit exit_scsi(void)
1038 {
1039 	scsi_netlink_exit();
1040 	scsi_sysfs_unregister();
1041 	scsi_exit_sysctl();
1042 	scsi_exit_hosts();
1043 	scsi_exit_devinfo();
1044 	scsi_exit_procfs();
1045 	scsi_exit_queue();
1046 }
1047 
1048 subsys_initcall(init_scsi);
1049 module_exit(exit_scsi);
1050