2 * Common functions for CAM "type" (peripheral) drivers.
4 * Copyright (c) 1997, 1998 Justin T. Gibbs.
5 * Copyright (c) 1997, 1998, 1999, 2000 Kenneth D. Merry.
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
11 * 1. Redistributions of source code must retain the above copyright
12 * notice, this list of conditions, and the following disclaimer,
13 * without modification, immediately at the beginning of the file.
14 * 2. The name of the author may not be used to endorse or promote products
15 * derived from this software without specific prior written permission.
17 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
18 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
19 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
20 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE FOR
21 * ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
22 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
23 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
24 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
25 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
26 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
29 * $FreeBSD: src/sys/cam/cam_periph.c,v 1.70 2008/02/12 11:07:33 raj Exp $
30 * $DragonFly: src/sys/bus/cam/cam_periph.c,v 1.41 2008/07/18 00:07:21 dillon Exp $
33 #include <sys/param.h>
34 #include <sys/systm.h>
35 #include <sys/types.h>
36 #include <sys/malloc.h>
37 #include <sys/kernel.h>
41 #include <sys/devicestat.h>
44 #include <vm/vm_extern.h>
46 #include <sys/thread2.h>
50 #include "cam_xpt_periph.h"
51 #include "cam_periph.h"
52 #include "cam_debug.h"
55 #include <bus/cam/scsi/scsi_all.h>
56 #include <bus/cam/scsi/scsi_message.h>
57 #include <bus/cam/scsi/scsi_pass.h>
59 static u_int camperiphnextunit(struct periph_driver *p_drv,
60 u_int newunit, int wired,
61 path_id_t pathid, target_id_t target,
63 static u_int camperiphunit(struct periph_driver *p_drv,
64 path_id_t pathid, target_id_t target,
66 static void camperiphdone(struct cam_periph *periph,
68 static void camperiphfree(struct cam_periph *periph);
69 static int camperiphscsistatuserror(union ccb *ccb,
71 u_int32_t sense_flags,
74 u_int32_t *relsim_flags,
76 static int camperiphscsisenseerror(union ccb *ccb,
78 u_int32_t sense_flags,
81 u_int32_t *relsim_flags,
83 static void cam_periph_unmapbufs(struct cam_periph_map_info *mapinfo,
84 u_int8_t ***data_ptrs, int numbufs);
86 static int nperiph_drivers;
87 struct periph_driver **periph_drivers;
89 MALLOC_DEFINE(M_CAMPERIPH, "CAM periph", "CAM peripheral buffers");
91 static int periph_selto_delay = 1000;
92 TUNABLE_INT("kern.cam.periph_selto_delay", &periph_selto_delay);
93 static int periph_noresrc_delay = 500;
94 TUNABLE_INT("kern.cam.periph_noresrc_delay", &periph_noresrc_delay);
95 static int periph_busy_delay = 500;
96 TUNABLE_INT("kern.cam.periph_busy_delay", &periph_busy_delay);
100 periphdriver_register(void *data)
102 struct periph_driver **newdrivers, **old;
105 ndrivers = nperiph_drivers + 2;
106 newdrivers = kmalloc(sizeof(*newdrivers) * ndrivers, M_CAMPERIPH,
109 bcopy(periph_drivers, newdrivers,
110 sizeof(*newdrivers) * nperiph_drivers);
111 newdrivers[nperiph_drivers] = (struct periph_driver *)data;
112 newdrivers[nperiph_drivers + 1] = NULL;
113 old = periph_drivers;
114 periph_drivers = newdrivers;
116 kfree(old, M_CAMPERIPH);
121 cam_periph_alloc(periph_ctor_t *periph_ctor,
122 periph_oninv_t *periph_oninvalidate,
123 periph_dtor_t *periph_dtor, periph_start_t *periph_start,
124 char *name, cam_periph_type type, struct cam_path *path,
125 ac_callback_t *ac_callback, ac_code code, void *arg)
127 struct periph_driver **p_drv;
129 struct cam_periph *periph;
130 struct cam_periph *cur_periph;
132 target_id_t target_id;
139 * Handle Hot-Plug scenarios. If there is already a peripheral
140 * of our type assigned to this path, we are likely waiting for
141 * final close on an old, invalidated, peripheral. If this is
142 * the case, queue up a deferred call to the peripheral's async
143 * handler. If it looks like a mistaken re-allocation, complain.
145 if ((periph = cam_periph_find(path, name)) != NULL) {
147 if ((periph->flags & CAM_PERIPH_INVALID) != 0
148 && (periph->flags & CAM_PERIPH_NEW_DEV_FOUND) == 0) {
149 periph->flags |= CAM_PERIPH_NEW_DEV_FOUND;
150 periph->deferred_callback = ac_callback;
151 periph->deferred_ac = code;
152 return (CAM_REQ_INPROG);
154 kprintf("cam_periph_alloc: attempt to re-allocate "
155 "valid device %s%d rejected\n",
156 periph->periph_name, periph->unit_number);
158 return (CAM_REQ_INVALID);
161 periph = kmalloc(sizeof(*periph), M_CAMPERIPH, M_INTWAIT | M_ZERO);
166 for (p_drv = periph_drivers; *p_drv != NULL; p_drv++) {
167 if (strcmp((*p_drv)->driver_name, name) == 0)
172 sim = xpt_path_sim(path);
173 path_id = xpt_path_path_id(path);
174 target_id = xpt_path_target_id(path);
175 lun_id = xpt_path_lun_id(path);
176 cam_init_pinfo(&periph->pinfo);
177 periph->periph_start = periph_start;
178 periph->periph_dtor = periph_dtor;
179 periph->periph_oninval = periph_oninvalidate;
181 periph->periph_name = name;
182 periph->unit_number = camperiphunit(*p_drv, path_id, target_id, lun_id);
183 periph->immediate_priority = CAM_PRIORITY_NONE;
184 periph->refcount = 0;
186 SLIST_INIT(&periph->ccb_list);
187 status = xpt_create_path(&path, periph, path_id, target_id, lun_id);
188 if (status != CAM_REQ_CMP)
194 status = xpt_add_periph(periph);
196 if (status != CAM_REQ_CMP)
199 cur_periph = TAILQ_FIRST(&(*p_drv)->units);
200 while (cur_periph != NULL
201 && cur_periph->unit_number < periph->unit_number)
202 cur_periph = TAILQ_NEXT(cur_periph, unit_links);
204 if (cur_periph != NULL)
205 TAILQ_INSERT_BEFORE(cur_periph, periph, unit_links);
207 TAILQ_INSERT_TAIL(&(*p_drv)->units, periph, unit_links);
208 (*p_drv)->generation++;
213 status = periph_ctor(periph, arg);
215 if (status == CAM_REQ_CMP)
219 switch (init_level) {
221 /* Initialized successfully */
224 TAILQ_REMOVE(&(*p_drv)->units, periph, unit_links);
225 xpt_remove_periph(periph);
228 xpt_free_path(periph->path);
231 kfree(periph, M_CAMPERIPH);
234 /* No cleanup to perform. */
237 panic("cam_periph_alloc: Unknown init level");
243 * Find a peripheral structure with the specified path, target, lun,
244 * and (optionally) type. If the name is NULL, this function will return
245 * the first peripheral driver that matches the specified path.
248 cam_periph_find(struct cam_path *path, char *name)
250 struct periph_driver **p_drv;
251 struct cam_periph *periph;
254 for (p_drv = periph_drivers; *p_drv != NULL; p_drv++) {
255 if (name != NULL && (strcmp((*p_drv)->driver_name, name) != 0))
258 TAILQ_FOREACH(periph, &(*p_drv)->units, unit_links) {
259 if (xpt_path_comp(periph->path, path) == 0) {
274 cam_periph_acquire(struct cam_periph *periph)
277 return(CAM_REQ_CMP_ERR);
287 cam_periph_release(struct cam_periph *periph)
294 if ((--periph->refcount == 0)
295 && (periph->flags & CAM_PERIPH_INVALID)) {
296 camperiphfree(periph);
303 cam_periph_hold(struct cam_periph *periph, int flags)
307 sim_lock_assert_owned(periph->sim->lock);
310 * Increment the reference count on the peripheral
311 * while we wait for our lock attempt to succeed
312 * to ensure the peripheral doesn't disappear out
313 * from user us while we sleep.
316 if (cam_periph_acquire(periph) != CAM_REQ_CMP)
319 while ((periph->flags & CAM_PERIPH_LOCKED) != 0) {
320 periph->flags |= CAM_PERIPH_LOCK_WANTED;
321 if ((error = sim_lock_sleep(periph, flags, "caplck", 0,
322 periph->sim->lock)) != 0) {
323 cam_periph_release(periph);
328 periph->flags |= CAM_PERIPH_LOCKED;
333 cam_periph_unhold(struct cam_periph *periph, int unlock)
337 sim_lock_assert_owned(periph->sim->lock);
338 periph->flags &= ~CAM_PERIPH_LOCKED;
339 if ((periph->flags & CAM_PERIPH_LOCK_WANTED) != 0) {
340 periph->flags &= ~CAM_PERIPH_LOCK_WANTED;
345 cam_periph_release(periph);
346 /* periph may be garbage now */
349 cam_periph_release(periph);
354 * Look for the next unit number that is not currently in use for this
355 * peripheral type starting at "newunit". Also exclude unit numbers that
356 * are reserved by for future "hardwiring" unless we already know that this
357 * is a potential wired device. Only assume that the device is "wired" the
358 * first time through the loop since after that we'll be looking at unit
359 * numbers that did not match a wiring entry.
362 camperiphnextunit(struct periph_driver *p_drv, u_int newunit, int wired,
363 path_id_t pathid, target_id_t target, lun_id_t lun)
365 struct cam_periph *periph;
366 char *periph_name, *strval;
370 periph_name = p_drv->driver_name;
373 for (periph = TAILQ_FIRST(&p_drv->units);
374 periph != NULL && periph->unit_number != newunit;
375 periph = TAILQ_NEXT(periph, unit_links))
378 if (periph != NULL && periph->unit_number == newunit) {
380 xpt_print(periph->path, "Duplicate Wired "
382 xpt_print(periph->path, "Second device (%s "
383 "device at scbus%d target %d lun %d) will "
384 "not be wired\n", periph_name, pathid,
394 * Don't match entries like "da 4" as a wired down
395 * device, but do match entries like "da 4 target 5"
396 * or even "da 4 scbus 1".
399 while ((i = resource_locate(i, periph_name)) != -1) {
400 dname = resource_query_name(i);
401 dunit = resource_query_unit(i);
402 /* if no "target" and no specific scbus, skip */
403 if (resource_int_value(dname, dunit, "target", &val) &&
404 (resource_string_value(dname, dunit, "at",&strval)||
405 strcmp(strval, "scbus") == 0))
407 if (newunit == dunit)
417 camperiphunit(struct periph_driver *p_drv, path_id_t pathid,
418 target_id_t target, lun_id_t lun)
421 int hit, i, val, dunit;
423 char pathbuf[32], *strval, *periph_name;
427 periph_name = p_drv->driver_name;
428 ksnprintf(pathbuf, sizeof(pathbuf), "scbus%d", pathid);
430 for (hit = 0; (i = resource_locate(i, periph_name)) != -1; hit = 0) {
431 dname = resource_query_name(i);
432 dunit = resource_query_unit(i);
433 if (resource_string_value(dname, dunit, "at", &strval) == 0) {
434 if (strcmp(strval, pathbuf) != 0)
438 if (resource_int_value(dname, dunit, "target", &val) == 0) {
443 if (resource_int_value(dname, dunit, "lun", &val) == 0) {
455 * Either start from 0 looking for the next unit or from
456 * the unit number given in the resource config. This way,
457 * if we have wildcard matches, we don't return the same
460 unit = camperiphnextunit(p_drv, unit, /*wired*/hit, pathid,
467 cam_periph_invalidate(struct cam_periph *periph)
470 * We only call this routine the first time a peripheral is
473 if (((periph->flags & CAM_PERIPH_INVALID) == 0)
474 && (periph->periph_oninval != NULL))
475 periph->periph_oninval(periph);
477 periph->flags |= CAM_PERIPH_INVALID;
478 periph->flags &= ~CAM_PERIPH_NEW_DEV_FOUND;
481 if (periph->refcount == 0)
482 camperiphfree(periph);
483 else if (periph->refcount < 0)
484 kprintf("cam_invalidate_periph: refcount < 0!!\n");
489 camperiphfree(struct cam_periph *periph)
491 struct periph_driver **p_drv;
493 for (p_drv = periph_drivers; *p_drv != NULL; p_drv++) {
494 if (strcmp((*p_drv)->driver_name, periph->periph_name) == 0)
498 if (*p_drv == NULL) {
499 kprintf("camperiphfree: attempt to free non-existent periph\n");
503 TAILQ_REMOVE(&(*p_drv)->units, periph, unit_links);
504 (*p_drv)->generation++;
507 if (periph->periph_dtor != NULL)
508 periph->periph_dtor(periph);
509 xpt_remove_periph(periph);
511 if (periph->flags & CAM_PERIPH_NEW_DEV_FOUND) {
515 switch (periph->deferred_ac) {
516 case AC_FOUND_DEVICE:
517 ccb.ccb_h.func_code = XPT_GDEV_TYPE;
518 xpt_setup_ccb(&ccb.ccb_h, periph->path, /*priority*/ 1);
522 case AC_PATH_REGISTERED:
523 ccb.ccb_h.func_code = XPT_PATH_INQ;
524 xpt_setup_ccb(&ccb.ccb_h, periph->path, /*priority*/ 1);
532 periph->deferred_callback(NULL, periph->deferred_ac,
535 xpt_free_path(periph->path);
536 kfree(periph, M_CAMPERIPH);
541 * Map user virtual pointers into kernel virtual address space, so we can
542 * access the memory. This won't work on physical pointers, for now it's
543 * up to the caller to check for that. (XXX KDM -- should we do that here
544 * instead?) This also only works for up to MAXPHYS memory. Since we use
545 * buffers to map stuff in and out, we're limited to the buffer size.
548 cam_periph_mapmem(union ccb *ccb, struct cam_periph_map_info *mapinfo)
550 buf_cmd_t cmd[CAM_PERIPH_MAXMAPS];
551 u_int8_t **data_ptrs[CAM_PERIPH_MAXMAPS];
552 u_int32_t lengths[CAM_PERIPH_MAXMAPS];
558 switch(ccb->ccb_h.func_code) {
560 if (ccb->cdm.match_buf_len == 0) {
561 kprintf("cam_periph_mapmem: invalid match buffer "
565 if (ccb->cdm.pattern_buf_len > 0) {
566 data_ptrs[0] = (u_int8_t **)&ccb->cdm.patterns;
567 lengths[0] = ccb->cdm.pattern_buf_len;
568 mapinfo->dirs[0] = CAM_DIR_OUT;
569 data_ptrs[1] = (u_int8_t **)&ccb->cdm.matches;
570 lengths[1] = ccb->cdm.match_buf_len;
571 mapinfo->dirs[1] = CAM_DIR_IN;
574 data_ptrs[0] = (u_int8_t **)&ccb->cdm.matches;
575 lengths[0] = ccb->cdm.match_buf_len;
576 mapinfo->dirs[0] = CAM_DIR_IN;
581 case XPT_CONT_TARGET_IO:
582 if ((ccb->ccb_h.flags & CAM_DIR_MASK) == CAM_DIR_NONE)
585 data_ptrs[0] = &ccb->csio.data_ptr;
586 lengths[0] = ccb->csio.dxfer_len;
587 mapinfo->dirs[0] = ccb->ccb_h.flags & CAM_DIR_MASK;
592 break; /* NOTREACHED */
596 * Check the transfer length and permissions first, so we don't
597 * have to unmap any previously mapped buffers.
599 for (i = 0; i < numbufs; i++) {
601 * Its kinda bogus, we need a R+W command. For now the
602 * buffer needs some sort of command. Use BUF_CMD_WRITE
603 * to indicate a write and BUF_CMD_READ to indicate R+W.
605 cmd[i] = BUF_CMD_WRITE;
608 * The userland data pointer passed in may not be page
609 * aligned. vmapbuf() truncates the address to a page
610 * boundary, so if the address isn't page aligned, we'll
611 * need enough space for the given transfer length, plus
612 * whatever extra space is necessary to make it to the page
616 (((vm_offset_t)(*data_ptrs[i])) & PAGE_MASK)) > DFLTPHYS){
617 kprintf("cam_periph_mapmem: attempt to map %lu bytes, "
618 "which is greater than DFLTPHYS(%d)\n",
620 (((vm_offset_t)(*data_ptrs[i])) & PAGE_MASK)),
625 if (mapinfo->dirs[i] & CAM_DIR_OUT) {
626 if (!useracc(*data_ptrs[i], lengths[i],
628 kprintf("cam_periph_mapmem: error, "
629 "address %p, length %lu isn't "
630 "user accessible for READ\n",
631 (void *)*data_ptrs[i],
637 if (mapinfo->dirs[i] & CAM_DIR_IN) {
638 cmd[i] = BUF_CMD_READ;
639 if (!useracc(*data_ptrs[i], lengths[i],
641 kprintf("cam_periph_mapmem: error, "
642 "address %p, length %lu isn't "
643 "user accessible for WRITE\n",
644 (void *)*data_ptrs[i],
653 for (i = 0; i < numbufs; i++) {
659 /* save the original user pointer */
660 mapinfo->saved_ptrs[i] = *data_ptrs[i];
666 * Require 16-byte alignment and bounce if we don't get it.
667 * (NATA does not realign buffers for DMA).
669 if ((intptr_t)*data_ptrs[i] & 15)
670 mapinfo->bounce[i] = 1;
672 mapinfo->bounce[i] = 0;
675 * Map the user buffer into kernel memory. If the user
676 * buffer is not aligned we have to allocate a bounce buffer
679 if (mapinfo->bounce[i]) {
680 bp->b_data = bp->b_kvabase;
681 bp->b_bcount = lengths[i];
682 vm_hold_load_pages(bp, (vm_offset_t)bp->b_data,
683 (vm_offset_t)bp->b_data + bp->b_bcount);
684 if (mapinfo->dirs[i] & CAM_DIR_OUT) {
685 error = copyin(*data_ptrs[i], bp->b_data, bp->b_bcount);
687 vm_hold_free_pages(bp, (vm_offset_t)bp->b_data, (vm_offset_t)bp->b_data + bp->b_bcount);
692 } else if (vmapbuf(bp, *data_ptrs[i], lengths[i]) < 0) {
693 kprintf("cam_periph_mapmem: error, "
694 "address %p, length %lu isn't "
695 "user accessible any more\n",
696 (void *)*data_ptrs[i],
704 cam_periph_unmapbufs(mapinfo, data_ptrs, i);
705 mapinfo->num_bufs_used -= i;
709 /* set our pointer to the new mapped area */
710 *data_ptrs[i] = bp->b_data;
713 mapinfo->num_bufs_used++;
720 * Unmap memory segments mapped into kernel virtual address space by
721 * cam_periph_mapmem().
724 cam_periph_unmapmem(union ccb *ccb, struct cam_periph_map_info *mapinfo)
727 u_int8_t **data_ptrs[CAM_PERIPH_MAXMAPS];
729 if (mapinfo->num_bufs_used <= 0) {
730 /* allow ourselves to be swapped once again */
734 switch (ccb->ccb_h.func_code) {
736 numbufs = min(mapinfo->num_bufs_used, 2);
739 data_ptrs[0] = (u_int8_t **)&ccb->cdm.matches;
741 data_ptrs[0] = (u_int8_t **)&ccb->cdm.patterns;
742 data_ptrs[1] = (u_int8_t **)&ccb->cdm.matches;
746 case XPT_CONT_TARGET_IO:
747 data_ptrs[0] = &ccb->csio.data_ptr;
748 numbufs = min(mapinfo->num_bufs_used, 1);
751 /* allow ourselves to be swapped once again */
753 break; /* NOTREACHED */
755 cam_periph_unmapbufs(mapinfo, data_ptrs, numbufs);
759 cam_periph_unmapbufs(struct cam_periph_map_info *mapinfo,
760 u_int8_t ***data_ptrs, int numbufs)
765 for (i = 0; i < numbufs; i++) {
768 /* Set the user's pointer back to the original value */
769 *data_ptrs[i] = mapinfo->saved_ptrs[i];
771 /* unmap the buffer */
772 if (mapinfo->bounce[i]) {
773 if (mapinfo->dirs[i] & CAM_DIR_IN) {
774 /* XXX return error */
775 copyout(bp->b_data, *data_ptrs[i],
778 vm_hold_free_pages(bp, (vm_offset_t)bp->b_data,
779 (vm_offset_t)bp->b_data + bp->b_bcount);
784 mapinfo->bp[i] = NULL;
789 cam_periph_getccb(struct cam_periph *periph, u_int32_t priority)
791 struct ccb_hdr *ccb_h;
793 sim_lock_assert_owned(periph->sim->lock);
794 CAM_DEBUG(periph->path, CAM_DEBUG_TRACE, ("entering cdgetccb\n"));
796 while (SLIST_FIRST(&periph->ccb_list) == NULL) {
797 if (periph->immediate_priority > priority)
798 periph->immediate_priority = priority;
799 xpt_schedule(periph, priority);
800 if ((SLIST_FIRST(&periph->ccb_list) != NULL)
801 && (SLIST_FIRST(&periph->ccb_list)->pinfo.priority == priority))
803 sim_lock_sleep(&periph->ccb_list, 0, "cgticb", 0,
807 ccb_h = SLIST_FIRST(&periph->ccb_list);
808 SLIST_REMOVE_HEAD(&periph->ccb_list, periph_links.sle);
809 return ((union ccb *)ccb_h);
813 cam_periph_ccbwait(union ccb *ccb)
817 sim = xpt_path_sim(ccb->ccb_h.path);
818 while ((ccb->ccb_h.pinfo.index != CAM_UNQUEUED_INDEX)
819 || ((ccb->ccb_h.status & CAM_STATUS_MASK) == CAM_REQ_INPROG)) {
820 sim_lock_sleep(&ccb->ccb_h.cbfcnp, 0, "cbwait", 0, sim->lock);
825 cam_periph_ioctl(struct cam_periph *periph, int cmd, caddr_t addr,
826 int (*error_routine)(union ccb *ccb,
828 u_int32_t sense_flags))
838 ccb = cam_periph_getccb(periph, /* priority */ 1);
839 xpt_setup_ccb(&ccb->ccb_h,
842 ccb->ccb_h.func_code = XPT_GDEVLIST;
845 * Basically, the point of this is that we go through
846 * getting the list of devices, until we find a passthrough
847 * device. In the current version of the CAM code, the
848 * only way to determine what type of device we're dealing
849 * with is by its name.
853 ccb->cgdl.status = CAM_GDEVLIST_MORE_DEVS;
854 while (ccb->cgdl.status == CAM_GDEVLIST_MORE_DEVS) {
856 /* we want the next device in the list */
858 if (strncmp(ccb->cgdl.periph_name,
864 if ((ccb->cgdl.status == CAM_GDEVLIST_LAST_DEVICE) &&
866 ccb->cgdl.periph_name[0] = '\0';
867 ccb->cgdl.unit_number = 0;
872 /* copy the result back out */
873 bcopy(ccb, addr, sizeof(union ccb));
875 /* and release the ccb */
876 xpt_release_ccb(ccb);
887 cam_periph_runccb(union ccb *ccb,
888 int (*error_routine)(union ccb *ccb,
890 u_int32_t sense_flags),
891 cam_flags camflags, u_int32_t sense_flags,
898 sim = xpt_path_sim(ccb->ccb_h.path);
899 sim_lock_assert_owned(sim->lock);
902 * If the user has supplied a stats structure, and if we understand
903 * this particular type of ccb, record the transaction start.
905 if ((ds != NULL) && (ccb->ccb_h.func_code == XPT_SCSI_IO))
906 devstat_start_transaction(ds);
911 cam_periph_ccbwait(ccb);
912 if ((ccb->ccb_h.status & CAM_STATUS_MASK) == CAM_REQ_CMP)
914 else if (error_routine != NULL)
915 error = (*error_routine)(ccb, camflags, sense_flags);
919 } while (error == ERESTART);
921 if ((ccb->ccb_h.status & CAM_DEV_QFRZN) != 0)
922 cam_release_devq(ccb->ccb_h.path,
926 /* getcount_only */ FALSE);
928 if ((ds != NULL) && (ccb->ccb_h.func_code == XPT_SCSI_IO))
929 devstat_end_transaction(ds,
931 ccb->csio.tag_action & 0xf,
932 ((ccb->ccb_h.flags & CAM_DIR_MASK) ==
933 CAM_DIR_NONE) ? DEVSTAT_NO_DATA :
934 (ccb->ccb_h.flags & CAM_DIR_OUT) ?
942 cam_freeze_devq(struct cam_path *path)
944 struct ccb_hdr ccb_h;
946 xpt_setup_ccb(&ccb_h, path, /*priority*/1);
947 ccb_h.func_code = XPT_NOOP;
948 ccb_h.flags = CAM_DEV_QFREEZE;
949 xpt_action((union ccb *)&ccb_h);
953 cam_release_devq(struct cam_path *path, u_int32_t relsim_flags,
954 u_int32_t openings, u_int32_t timeout,
957 struct ccb_relsim crs;
959 xpt_setup_ccb(&crs.ccb_h, path,
961 crs.ccb_h.func_code = XPT_REL_SIMQ;
962 crs.ccb_h.flags = getcount_only ? CAM_DEV_QFREEZE : 0;
963 crs.release_flags = relsim_flags;
964 crs.openings = openings;
965 crs.release_timeout = timeout;
966 xpt_action((union ccb *)&crs);
967 return (crs.qfrozen_cnt);
970 #define saved_ccb_ptr ppriv_ptr0
972 camperiphdone(struct cam_periph *periph, union ccb *done_ccb)
974 union ccb *saved_ccb;
978 struct scsi_start_stop_unit *scsi_cmd;
979 u_int32_t relsim_flags, timeout;
980 u_int32_t qfrozen_cnt;
983 xpt_done_ccb = FALSE;
984 status = done_ccb->ccb_h.status;
985 frozen = (status & CAM_DEV_QFRZN) != 0;
986 sense = (status & CAM_AUTOSNS_VALID) != 0;
987 status &= CAM_STATUS_MASK;
991 saved_ccb = (union ccb *)done_ccb->ccb_h.saved_ccb_ptr;
994 * Unfreeze the queue once if it is already frozen..
997 qfrozen_cnt = cam_release_devq(done_ccb->ccb_h.path,
1001 /*getcount_only*/0);
1008 * If we have successfully taken a device from the not
1009 * ready to ready state, re-scan the device and re-get
1010 * the inquiry information. Many devices (mostly disks)
1011 * don't properly report their inquiry information unless
1014 * If we manually retrieved sense into a CCB and got
1015 * something other than "NO SENSE" send the updated CCB
1016 * back to the client via xpt_done() to be processed via
1017 * the error recovery code again.
1019 if (done_ccb->ccb_h.func_code == XPT_SCSI_IO) {
1020 scsi_cmd = (struct scsi_start_stop_unit *)
1021 &done_ccb->csio.cdb_io.cdb_bytes;
1023 if (scsi_cmd->opcode == START_STOP_UNIT)
1024 xpt_async(AC_INQ_CHANGED,
1025 done_ccb->ccb_h.path, NULL);
1026 if (scsi_cmd->opcode == REQUEST_SENSE) {
1029 sense_key = saved_ccb->csio.sense_data.flags;
1030 sense_key &= SSD_KEY;
1031 if (sense_key != SSD_KEY_NO_SENSE) {
1032 saved_ccb->ccb_h.status |=
1035 xpt_print(saved_ccb->ccb_h.path,
1036 "Recovered Sense\n");
1037 scsi_sense_print(&saved_ccb->csio);
1038 cam_error_print(saved_ccb, CAM_ESF_ALL,
1041 xpt_done_ccb = TRUE;
1045 bcopy(done_ccb->ccb_h.saved_ccb_ptr, done_ccb,
1048 periph->flags &= ~CAM_PERIPH_RECOVERY_INPROG;
1050 if (xpt_done_ccb == FALSE)
1051 xpt_action(done_ccb);
1055 case CAM_SCSI_STATUS_ERROR:
1056 scsi_cmd = (struct scsi_start_stop_unit *)
1057 &done_ccb->csio.cdb_io.cdb_bytes;
1059 struct ccb_getdev cgd;
1060 struct scsi_sense_data *sense;
1061 int error_code, sense_key, asc, ascq;
1062 scsi_sense_action err_action;
1064 sense = &done_ccb->csio.sense_data;
1065 scsi_extract_sense(sense, &error_code,
1066 &sense_key, &asc, &ascq);
1069 * Grab the inquiry data for this device.
1071 xpt_setup_ccb(&cgd.ccb_h, done_ccb->ccb_h.path,
1073 cgd.ccb_h.func_code = XPT_GDEV_TYPE;
1074 xpt_action((union ccb *)&cgd);
1075 err_action = scsi_error_action(&done_ccb->csio,
1079 * If the error is "invalid field in CDB",
1080 * and the load/eject flag is set, turn the
1081 * flag off and try again. This is just in
1082 * case the drive in question barfs on the
1083 * load eject flag. The CAM code should set
1084 * the load/eject flag by default for
1089 * Should we check to see what the specific
1090 * scsi status is?? Or does it not matter
1091 * since we already know that there was an
1092 * error, and we know what the specific
1093 * error code was, and we know what the
1096 if ((scsi_cmd->opcode == START_STOP_UNIT) &&
1097 ((scsi_cmd->how & SSS_LOEJ) != 0) &&
1098 (asc == 0x24) && (ascq == 0x00) &&
1099 (done_ccb->ccb_h.retry_count > 0)) {
1101 scsi_cmd->how &= ~SSS_LOEJ;
1103 xpt_action(done_ccb);
1105 } else if ((done_ccb->ccb_h.retry_count > 1)
1106 && ((err_action & SS_MASK) != SS_FAIL)) {
1109 * In this case, the error recovery
1110 * command failed, but we've got
1111 * some retries left on it. Give
1112 * it another try unless this is an
1113 * unretryable error.
1116 /* set the timeout to .5 sec */
1118 RELSIM_RELEASE_AFTER_TIMEOUT;
1121 xpt_action(done_ccb);
1127 * Perform the final retry with the original
1128 * CCB so that final error processing is
1129 * performed by the owner of the CCB.
1131 bcopy(done_ccb->ccb_h.saved_ccb_ptr,
1132 done_ccb, sizeof(union ccb));
1134 periph->flags &= ~CAM_PERIPH_RECOVERY_INPROG;
1136 xpt_action(done_ccb);
1140 * Eh?? The command failed, but we don't
1141 * have any sense. What's up with that?
1142 * Fire the CCB again to return it to the
1145 bcopy(done_ccb->ccb_h.saved_ccb_ptr,
1146 done_ccb, sizeof(union ccb));
1148 periph->flags &= ~CAM_PERIPH_RECOVERY_INPROG;
1150 xpt_action(done_ccb);
1155 bcopy(done_ccb->ccb_h.saved_ccb_ptr, done_ccb,
1158 periph->flags &= ~CAM_PERIPH_RECOVERY_INPROG;
1160 xpt_action(done_ccb);
1165 /* decrement the retry count */
1167 * XXX This isn't appropriate in all cases. Restructure,
1168 * so that the retry count is only decremented on an
1169 * actual retry. Remeber that the orignal ccb had its
1170 * retry count dropped before entering recovery, so
1171 * doing it again is a bug.
1173 if (done_ccb->ccb_h.retry_count > 0)
1174 done_ccb->ccb_h.retry_count--;
1176 qfrozen_cnt = cam_release_devq(done_ccb->ccb_h.path,
1177 /*relsim_flags*/relsim_flags,
1180 /*getcount_only*/0);
1181 if (xpt_done_ccb == TRUE)
1182 (*done_ccb->ccb_h.cbfcnp)(periph, done_ccb);
1186 * Generic Async Event handler. Peripheral drivers usually
1187 * filter out the events that require personal attention,
1188 * and leave the rest to this function.
1191 cam_periph_async(struct cam_periph *periph, u_int32_t code,
1192 struct cam_path *path, void *arg)
1195 case AC_LOST_DEVICE:
1196 cam_periph_invalidate(periph);
1201 cam_periph_bus_settle(periph, scsi_delay);
1210 cam_periph_bus_settle(struct cam_periph *periph, u_int bus_settle)
1212 struct ccb_getdevstats cgds;
1214 xpt_setup_ccb(&cgds.ccb_h, periph->path, /*priority*/1);
1215 cgds.ccb_h.func_code = XPT_GDEV_STATS;
1216 xpt_action((union ccb *)&cgds);
1217 cam_periph_freeze_after_event(periph, &cgds.last_reset, bus_settle);
1221 cam_periph_freeze_after_event(struct cam_periph *periph,
1222 struct timeval* event_time, u_int duration_ms)
1224 struct timeval delta;
1225 struct timeval duration_tv;
1227 microuptime(&delta);
1228 timevalsub(&delta, event_time);
1229 duration_tv.tv_sec = duration_ms / 1000;
1230 duration_tv.tv_usec = (duration_ms % 1000) * 1000;
1231 if (timevalcmp(&delta, &duration_tv, <)) {
1232 timevalsub(&duration_tv, &delta);
1234 duration_ms = duration_tv.tv_sec * 1000;
1235 duration_ms += duration_tv.tv_usec / 1000;
1236 cam_freeze_devq(periph->path);
1237 cam_release_devq(periph->path,
1238 RELSIM_RELEASE_AFTER_TIMEOUT,
1240 /*timeout*/duration_ms,
1241 /*getcount_only*/0);
1247 camperiphscsistatuserror(union ccb *ccb, cam_flags camflags,
1248 u_int32_t sense_flags, union ccb *save_ccb,
1249 int *openings, u_int32_t *relsim_flags,
1254 switch (ccb->csio.scsi_status) {
1255 case SCSI_STATUS_OK:
1256 case SCSI_STATUS_COND_MET:
1257 case SCSI_STATUS_INTERMED:
1258 case SCSI_STATUS_INTERMED_COND_MET:
1261 case SCSI_STATUS_CMD_TERMINATED:
1262 case SCSI_STATUS_CHECK_COND:
1263 error = camperiphscsisenseerror(ccb,
1271 case SCSI_STATUS_QUEUE_FULL:
1274 struct ccb_getdevstats cgds;
1277 * First off, find out what the current
1278 * transaction counts are.
1280 xpt_setup_ccb(&cgds.ccb_h,
1283 cgds.ccb_h.func_code = XPT_GDEV_STATS;
1284 xpt_action((union ccb *)&cgds);
1287 * If we were the only transaction active, treat
1288 * the QUEUE FULL as if it were a BUSY condition.
1290 if (cgds.dev_active != 0) {
1294 * Reduce the number of openings to
1295 * be 1 less than the amount it took
1296 * to get a queue full bounded by the
1297 * minimum allowed tag count for this
1300 total_openings = cgds.dev_active + cgds.dev_openings;
1301 *openings = cgds.dev_active;
1302 if (*openings < cgds.mintags)
1303 *openings = cgds.mintags;
1304 if (*openings < total_openings)
1305 *relsim_flags = RELSIM_ADJUST_OPENINGS;
1308 * Some devices report queue full for
1309 * temporary resource shortages. For
1310 * this reason, we allow a minimum
1311 * tag count to be entered via a
1312 * quirk entry to prevent the queue
1313 * count on these devices from falling
1314 * to a pessimisticly low value. We
1315 * still wait for the next successful
1316 * completion, however, before queueing
1317 * more transactions to the device.
1319 *relsim_flags = RELSIM_RELEASE_AFTER_CMDCMPLT;
1324 xpt_print(ccb->ccb_h.path, "Queue Full\n");
1330 case SCSI_STATUS_BUSY:
1332 * Restart the queue after either another
1333 * command completes or a 1 second timeout.
1336 xpt_print(ccb->ccb_h.path, "Device Busy\n");
1338 if (ccb->ccb_h.retry_count > 0) {
1339 ccb->ccb_h.retry_count--;
1341 *relsim_flags = RELSIM_RELEASE_AFTER_TIMEOUT
1342 | RELSIM_RELEASE_AFTER_CMDCMPLT;
1348 case SCSI_STATUS_RESERV_CONFLICT:
1349 xpt_print(ccb->ccb_h.path, "Reservation Conflict\n");
1353 xpt_print(ccb->ccb_h.path, "SCSI Status 0x%x\n",
1354 ccb->csio.scsi_status);
1362 camperiphscsisenseerror(union ccb *ccb, cam_flags camflags,
1363 u_int32_t sense_flags, union ccb *save_ccb,
1364 int *openings, u_int32_t *relsim_flags,
1367 struct cam_periph *periph;
1370 periph = xpt_path_periph(ccb->ccb_h.path);
1371 if (periph->flags & CAM_PERIPH_RECOVERY_INPROG) {
1374 * If error recovery is already in progress, don't attempt
1375 * to process this error, but requeue it unconditionally
1376 * and attempt to process it once error recovery has
1377 * completed. This failed command is probably related to
1378 * the error that caused the currently active error recovery
1379 * action so our current recovery efforts should also
1380 * address this command. Be aware that the error recovery
1381 * code assumes that only one recovery action is in progress
1382 * on a particular peripheral instance at any given time
1383 * (e.g. only one saved CCB for error recovery) so it is
1384 * imperitive that we don't violate this assumption.
1388 scsi_sense_action err_action;
1389 struct ccb_getdev cgd;
1390 const char *action_string;
1391 union ccb* print_ccb;
1393 /* A description of the error recovery action performed */
1394 action_string = NULL;
1397 * The location of the orignal ccb
1398 * for sense printing purposes.
1403 * Grab the inquiry data for this device.
1405 xpt_setup_ccb(&cgd.ccb_h, ccb->ccb_h.path, /*priority*/ 1);
1406 cgd.ccb_h.func_code = XPT_GDEV_TYPE;
1407 xpt_action((union ccb *)&cgd);
1409 if ((ccb->ccb_h.status & CAM_AUTOSNS_VALID) != 0)
1410 err_action = scsi_error_action(&ccb->csio,
1413 else if ((ccb->ccb_h.flags & CAM_DIS_AUTOSENSE) == 0)
1414 err_action = SS_REQSENSE;
1416 err_action = SS_RETRY|SSQ_DECREMENT_COUNT|EIO;
1418 error = err_action & SS_ERRMASK;
1421 * If the recovery action will consume a retry,
1422 * make sure we actually have retries available.
1424 if ((err_action & SSQ_DECREMENT_COUNT) != 0) {
1425 if (ccb->ccb_h.retry_count > 0)
1426 ccb->ccb_h.retry_count--;
1428 action_string = "Retries Exhausted";
1429 goto sense_error_done;
1433 if ((err_action & SS_MASK) >= SS_START) {
1435 * Do common portions of commands that
1436 * use recovery CCBs.
1438 if (save_ccb == NULL) {
1439 action_string = "No recovery CCB supplied";
1440 goto sense_error_done;
1442 bcopy(ccb, save_ccb, sizeof(*save_ccb));
1443 print_ccb = save_ccb;
1444 periph->flags |= CAM_PERIPH_RECOVERY_INPROG;
1447 switch (err_action & SS_MASK) {
1449 action_string = "No Recovery Action Needed";
1453 action_string = "Retrying Command (per Sense Data)";
1457 action_string = "Unretryable error";
1464 * Send a start unit command to the device, and
1465 * then retry the command.
1467 action_string = "Attempting to Start Unit";
1470 * Check for removable media and set
1471 * load/eject flag appropriately.
1473 if (SID_IS_REMOVABLE(&cgd.inq_data))
1478 scsi_start_stop(&ccb->csio,
1492 * Send a Test Unit Ready to the device.
1493 * If the 'many' flag is set, we send 120
1494 * test unit ready commands, one every half
1495 * second. Otherwise, we just send one TUR.
1496 * We only want to do this if the retry
1497 * count has not been exhausted.
1501 if ((err_action & SSQ_MANY) != 0) {
1502 action_string = "Polling device for readiness";
1505 action_string = "Testing device for readiness";
1508 scsi_test_unit_ready(&ccb->csio,
1516 * Accomplish our 500ms delay by deferring
1517 * the release of our device queue appropriately.
1519 *relsim_flags = RELSIM_RELEASE_AFTER_TIMEOUT;
1526 * Send a Request Sense to the device. We
1527 * assume that we are in a contingent allegiance
1528 * condition so we do not tag this request.
1530 scsi_request_sense(&ccb->csio, /*retries*/1,
1532 &save_ccb->csio.sense_data,
1533 sizeof(save_ccb->csio.sense_data),
1534 CAM_TAG_ACTION_NONE,
1535 /*sense_len*/SSD_FULL_SIZE,
1540 panic("Unhandled error action %x", err_action);
1543 if ((err_action & SS_MASK) >= SS_START) {
1545 * Drop the priority to 0 so that the recovery
1546 * CCB is the first to execute. Freeze the queue
1547 * after this command is sent so that we can
1548 * restore the old csio and have it queued in
1549 * the proper order before we release normal
1550 * transactions to the device.
1552 ccb->ccb_h.pinfo.priority = 0;
1553 ccb->ccb_h.flags |= CAM_DEV_QFREEZE;
1554 ccb->ccb_h.saved_ccb_ptr = save_ccb;
1559 if ((err_action & SSQ_PRINT_SENSE) != 0
1560 && (ccb->ccb_h.status & CAM_AUTOSNS_VALID) != 0) {
1561 cam_error_print(print_ccb, CAM_ESF_ALL, CAM_EPF_ALL);
1562 xpt_print_path(ccb->ccb_h.path);
1564 scsi_sense_print(&print_ccb->csio);
1565 kprintf("%s\n", action_string);
1572 * Generic error handler. Peripheral drivers usually filter
1573 * out the errors that they handle in a unique mannor, then
1574 * call this function.
1577 cam_periph_error(union ccb *ccb, cam_flags camflags,
1578 u_int32_t sense_flags, union ccb *save_ccb)
1580 const char *action_string;
1583 int error, printed = 0;
1585 u_int32_t relsim_flags;
1586 u_int32_t timeout = 0;
1588 action_string = NULL;
1589 status = ccb->ccb_h.status;
1590 frozen = (status & CAM_DEV_QFRZN) != 0;
1591 status &= CAM_STATUS_MASK;
1592 openings = relsim_flags = 0;
1598 case CAM_SCSI_STATUS_ERROR:
1599 error = camperiphscsistatuserror(ccb,
1607 case CAM_AUTOSENSE_FAIL:
1608 xpt_print(ccb->ccb_h.path, "AutoSense Failed\n");
1609 error = EIO; /* we have to kill the command */
1611 case CAM_REQ_CMP_ERR:
1612 if (bootverbose && printed == 0) {
1613 xpt_print(ccb->ccb_h.path,
1614 "Request completed with CAM_REQ_CMP_ERR\n");
1618 case CAM_CMD_TIMEOUT:
1619 if (bootverbose && printed == 0) {
1620 xpt_print(ccb->ccb_h.path, "Command timed out\n");
1624 case CAM_UNEXP_BUSFREE:
1625 if (bootverbose && printed == 0) {
1626 xpt_print(ccb->ccb_h.path, "Unexpected Bus Free\n");
1630 case CAM_UNCOR_PARITY:
1631 if (bootverbose && printed == 0) {
1632 xpt_print(ccb->ccb_h.path,
1633 "Uncorrected Parity Error\n");
1637 case CAM_DATA_RUN_ERR:
1638 if (bootverbose && printed == 0) {
1639 xpt_print(ccb->ccb_h.path, "Data Overrun\n");
1642 error = EIO; /* we have to kill the command */
1643 /* decrement the number of retries */
1644 if (ccb->ccb_h.retry_count > 0) {
1645 ccb->ccb_h.retry_count--;
1648 action_string = "Retries Exhausted";
1654 case CAM_MSG_REJECT_REC:
1655 /* XXX Don't know that these are correct */
1658 case CAM_SEL_TIMEOUT:
1660 struct cam_path *newpath;
1662 if ((camflags & CAM_RETRY_SELTO) != 0) {
1663 if (ccb->ccb_h.retry_count > 0) {
1665 ccb->ccb_h.retry_count--;
1667 if (bootverbose && printed == 0) {
1668 xpt_print(ccb->ccb_h.path,
1669 "Selection Timeout\n");
1674 * Wait a bit to give the device
1675 * time to recover before we try again.
1677 relsim_flags = RELSIM_RELEASE_AFTER_TIMEOUT;
1678 timeout = periph_selto_delay;
1683 /* Should we do more if we can't create the path?? */
1684 if (xpt_create_path(&newpath, xpt_path_periph(ccb->ccb_h.path),
1685 xpt_path_path_id(ccb->ccb_h.path),
1686 xpt_path_target_id(ccb->ccb_h.path),
1687 CAM_LUN_WILDCARD) != CAM_REQ_CMP)
1691 * Let peripheral drivers know that this device has gone
1694 xpt_async(AC_LOST_DEVICE, newpath, NULL);
1695 xpt_free_path(newpath);
1698 case CAM_REQ_INVALID:
1699 case CAM_PATH_INVALID:
1700 case CAM_DEV_NOT_THERE:
1702 case CAM_PROVIDE_FAIL:
1703 case CAM_REQ_TOO_BIG:
1704 case CAM_LUN_INVALID:
1705 case CAM_TID_INVALID:
1708 case CAM_SCSI_BUS_RESET:
1711 * Commands that repeatedly timeout and cause these
1712 * kinds of error recovery actions, should return
1713 * CAM_CMD_TIMEOUT, which allows us to safely assume
1714 * that this command was an innocent bystander to
1715 * these events and should be unconditionally
1718 if (bootverbose && printed == 0) {
1719 xpt_print_path(ccb->ccb_h.path);
1720 if (status == CAM_BDR_SENT)
1721 kprintf("Bus Device Reset sent\n");
1723 kprintf("Bus Reset issued\n");
1727 case CAM_REQUEUE_REQ:
1728 /* Unconditional requeue */
1730 if (bootverbose && printed == 0) {
1731 xpt_print(ccb->ccb_h.path, "Request Requeued\n");
1735 case CAM_RESRC_UNAVAIL:
1736 /* Wait a bit for the resource shortage to abate. */
1737 timeout = periph_noresrc_delay;
1741 /* Wait a bit for the busy condition to abate. */
1742 timeout = periph_busy_delay;
1744 relsim_flags = RELSIM_RELEASE_AFTER_TIMEOUT;
1747 /* decrement the number of retries */
1748 if (ccb->ccb_h.retry_count > 0) {
1749 ccb->ccb_h.retry_count--;
1751 if (bootverbose && printed == 0) {
1752 xpt_print(ccb->ccb_h.path, "CAM Status 0x%x\n",
1758 action_string = "Retries Exhausted";
1763 /* Attempt a retry */
1764 if (error == ERESTART || error == 0) {
1766 ccb->ccb_h.status &= ~CAM_DEV_QFRZN;
1768 if (error == ERESTART) {
1769 action_string = "Retrying Command";
1774 cam_release_devq(ccb->ccb_h.path,
1778 /*getcount_only*/0);
1782 * If we have an error and are booting verbosely, whine
1783 * *unless* this was a non-retryable selection timeout.
1785 if (error != 0 && bootverbose &&
1786 !(status == CAM_SEL_TIMEOUT && (camflags & CAM_RETRY_SELTO) == 0)) {
1789 if (action_string == NULL)
1790 action_string = "Unretryable Error";
1791 if (error != ERESTART) {
1792 xpt_print(ccb->ccb_h.path, "error %d\n", error);
1794 xpt_print(ccb->ccb_h.path, "%s\n", action_string);