How buggy this little piece of code could be? Repair strnvis() buffersize
[dragonfly.git] / lib / libcam / cam_cdbparse.3
CommitLineData
984263bc
MD
1.\"
2.\" Copyright (c) 1998 Kenneth D. Merry.
3.\" All rights reserved.
4.\"
5.\" Redistribution and use in source and binary forms, with or without
6.\" modification, are permitted provided that the following conditions
7.\" are met:
8.\" 1. Redistributions of source code must retain the above copyright
9.\" notice, this list of conditions and the following disclaimer.
10.\" 2. Redistributions in binary form must reproduce the above copyright
11.\" notice, this list of conditions and the following disclaimer in the
12.\" documentation and/or other materials provided with the distribution.
13.\" 3. The name of the author may not be used to endorse or promote products
14.\" derived from this software without specific prior written permission.
15.\"
16.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
17.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
18.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
19.\" ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
20.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
21.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
22.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
23.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
24.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
25.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
26.\" SUCH DAMAGE.
27.\"
28.\" $FreeBSD: src/lib/libcam/cam_cdbparse.3,v 1.3.2.11 2002/12/29 16:35:35 schweikh Exp $
8a7bdfea 29.\" $DragonFly: src/lib/libcam/cam_cdbparse.3,v 1.5 2008/05/02 02:05:04 swildner Exp $
984263bc
MD
30.\"
31.\" This man page borrows heavily from the old scsi(3) man page, which had
32.\" the following copyright:
33.\"
34.\" Copyright (c) 1994 HD Associates (hd@world.std.com)
35.\" All rights reserved.
36.\"
37.\" Redistribution and use in source and binary forms, with or without
38.\" modification, are permitted provided that the following conditions
39.\" are met:
40.\" 1. Redistributions of source code must retain the above copyright
41.\" notice, this list of conditions and the following disclaimer.
42.\" 2. Redistributions in binary form must reproduce the above copyright
43.\" notice, this list of conditions and the following disclaimer in the
44.\" documentation and/or other materials provided with the distribution.
45.\" 3. All advertising materials mentioning features or use of this software
46.\" must display the following acknowledgement:
47.\" This product includes software developed by HD Associates
48.\" 4. Neither the name of the HD Associates nor the names of its contributors
49.\" may be used to endorse or promote products derived from this software
50.\" without specific prior written permission.
51.\"
52.\" THIS SOFTWARE IS PROVIDED BY HD ASSOCIATES``AS IS'' AND
53.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
54.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
55.\" ARE DISCLAIMED. IN NO EVENT SHALL HD ASSOCIATES OR CONTRIBUTORS BE LIABLE
56.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
57.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
58.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
59.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
60.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
61.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
62.\" SUCH DAMAGE.
63.\"
64.\"
65.Dd October 13, 1998
66.Os
67.Dt CAM_CDBPARSE 3
68.Sh NAME
69.Nm csio_build ,
70.Nm csio_build_visit ,
71.Nm csio_decode ,
72.Nm csio_decode_visit ,
73.Nm buff_decode ,
74.Nm buff_decode_visit ,
75.Nm csio_encode ,
76.Nm csio_encode_visit ,
77.Nm buff_encode_visit
78.Nd CAM user library SCSI buffer parsing routines
79.Sh LIBRARY
80.Lb libcam
81.Sh SYNOPSIS
82.In stdio.h
83.In camlib.h
84.Ft int
85.Fo csio_build
86.Fa "struct ccb_scsiio *csio"
87.Fa "u_int8_t *data_ptr"
88.Fa "u_int32_t dxfer_len"
89.Fa "u_int32_t flags"
90.Fa "int retry_count"
91.Fa "int timeout"
5adc1304 92.Fa "const char *cmd_spec"
984263bc
MD
93.Fa "..."
94.Fc
95.Ft int
96.Fo csio_build_visit
97.Fa "struct ccb_scsiio *csio"
98.Fa "u_int8_t *data_ptr"
99.Fa "u_int32_t dxfer_len"
100.Fa "u_int32_t flags"
101.Fa "int retry_count"
102.Fa "int timeout"
5adc1304 103.Fa "const char *cmd_spec"
984263bc
MD
104.Fa "int (*arg_get)(void *hook, char *field_name)"
105.Fa "void *gethook"
106.Fc
107.Ft int
108.Fo csio_decode
109.Fa "struct ccb_scsiio *csio"
5adc1304 110.Fa "const char *fmt"
984263bc
MD
111.Fa "..."
112.Fc
113.Ft int
114.Fo csio_decode_visit
115.Fa "struct ccb_scsiio *csio"
5adc1304 116.Fa "const char *fmt"
984263bc
MD
117.Fa "void (*arg_put)(void *hook"
118.Fa "int letter"
119.Fa "void *val"
120.Fa "int count"
121.Fa "char *name)"
122.Fa "void *puthook"
123.Fc
124.Ft int
125.Fo buff_decode
126.Fa "u_int8_t *buff"
127.Fa "size_t len"
5adc1304 128.Fa "const char *fmt"
984263bc
MD
129.Fa "..."
130.Fc
131.Ft int
132.Fo buff_decode_visit
133.Fa "u_int8_t *buff"
134.Fa "size_t len"
5adc1304 135.Fa "const char *fmt"
984263bc
MD
136.Fa "void (*arg_put)(void *, int, void *, int, char *)"
137.Fa "void *puthook"
138.Fc
139.Ft int
140.Fo csio_encode
141.Fa "struct ccb_scsiio *csio"
5adc1304 142.Fa "const char *fmt"
984263bc
MD
143.Fa "..."
144.Fc
145.Ft int
146.Fo csio_encode_visit
147.Fa "struct ccb_scsiio *csio"
5adc1304 148.Fa "const char *fmt"
984263bc
MD
149.Fa "int (*arg_get)(void *hook, char *field_name)"
150.Fa "void *gethook"
151.Fc
152.Ft int
153.Fo buff_encode_visit
154.Fa "u_int8_t *buff"
155.Fa "size_t len"
5adc1304 156.Fa "const char *fmt"
984263bc
MD
157.Fa "int (*arg_get)(void *hook, char *field_name)"
158.Fa "void *gethook"
159.Fc
160.Sh DESCRIPTION
161The CAM buffer/CDB encoding and decoding routines provide a relatively easy
162migration path for userland
163.Tn SCSI
164applications written with the similarly-named
165.Va scsireq_ Ns *
166functions from the old
167.Fx
168.Tn SCSI
169layer.
170.Pp
171These functions may be used in new applications, but users may find it
172easier to use the various SCSI CCB building functions included with the
173.Xr cam 3
174library. (e.g.\&
175.Fn cam_fill_csio ,
176.Fn scsi_start_stop ,
177and
178.Fn scsi_read_write )
179.Pp
180.Fn csio_build
181builds up a
182.Va ccb_scsiio
183structure based on the information provided in
184the variable argument list.
185It gracefully handles a NULL
186.Fa data_ptr
187argument passed to it.
188.Pp
189.Fa dxfer_len
190is the length of the data phase; the data transfer direction is
191determined by the
192.Fa flags
193argument.
194.Pp
195.Fa data_ptr
196is the data buffer used during the
197.Tn SCSI
198data phase. If no data is to be
199transferred for the
200.Tn SCSI
201command in question, this should be set to NULL. If there is data to
202transfer for the command, this buffer must be at least
203.Fa dxfer_len
204long.
205.Pp
206.Fa flags
207are the flags defined in
44cb301e 208.In bus/cam/cam_ccb.h :
984263bc
MD
209.Bd -literal
210/* Common CCB header */
211/* CAM CCB flags */
212typedef enum {
213 CAM_CDB_POINTER = 0x00000001,/* The CDB field is a pointer */
214 CAM_QUEUE_ENABLE = 0x00000002,/* SIM queue actions are enabled */
215 CAM_CDB_LINKED = 0x00000004,/* CCB contains a linked CDB */
216 CAM_SCATTER_VALID = 0x00000010,/* Scatter/gather list is valid */
217 CAM_DIS_AUTOSENSE = 0x00000020,/* Disable autosense feature */
218 CAM_DIR_RESV = 0x00000000,/* Data direction (00:reserved) */
219 CAM_DIR_IN = 0x00000040,/* Data direction (01:DATA IN) */
220 CAM_DIR_OUT = 0x00000080,/* Data direction (10:DATA OUT) */
221 CAM_DIR_NONE = 0x000000C0,/* Data direction (11:no data) */
222 CAM_DIR_MASK = 0x000000C0,/* Data direction Mask */
223 CAM_SOFT_RST_OP = 0x00000100,/* Use Soft reset alternative */
224 CAM_ENG_SYNC = 0x00000200,/* Flush resid bytes on complete */
225 CAM_DEV_QFRZDIS = 0x00000400,/* Disable DEV Q freezing */
226 CAM_DEV_QFREEZE = 0x00000800,/* Freeze DEV Q on execution */
227 CAM_HIGH_POWER = 0x00001000,/* Command takes a lot of power */
228 CAM_SENSE_PTR = 0x00002000,/* Sense data is a pointer */
229 CAM_SENSE_PHYS = 0x00004000,/* Sense pointer is physical addr*/
230 CAM_TAG_ACTION_VALID = 0x00008000,/* Use the tag action in this ccb*/
231 CAM_PASS_ERR_RECOVER = 0x00010000,/* Pass driver does err. recovery*/
232 CAM_DIS_DISCONNECT = 0x00020000,/* Disable disconnect */
233 CAM_SG_LIST_PHYS = 0x00040000,/* SG list has physical addrs. */
234 CAM_MSG_BUF_PHYS = 0x00080000,/* Message buffer ptr is physical*/
235 CAM_SNS_BUF_PHYS = 0x00100000,/* Autosense data ptr is physical*/
236 CAM_DATA_PHYS = 0x00200000,/* SG/Buffer data ptrs are phys. */
237 CAM_CDB_PHYS = 0x00400000,/* CDB pointer is physical */
238 CAM_ENG_SGLIST = 0x00800000,/* SG list is for the HBA engine */
239
240/* Phase cognizant mode flags */
241 CAM_DIS_AUTOSRP = 0x01000000,/* Disable autosave/restore ptrs */
242 CAM_DIS_AUTODISC = 0x02000000,/* Disable auto disconnect */
243 CAM_TGT_CCB_AVAIL = 0x04000000,/* Target CCB available */
244 CAM_TGT_PHASE_MODE = 0x08000000,/* The SIM runs in phase mode */
245 CAM_MSGB_VALID = 0x20000000,/* Message buffer valid */
246 CAM_STATUS_VALID = 0x40000000,/* Status buffer valid */
247 CAM_DATAB_VALID = 0x80000000,/* Data buffer valid */
248
249/* Host target Mode flags */
250 CAM_TERM_IO = 0x20000000,/* Terminate I/O Message sup. */
251 CAM_DISCONNECT = 0x40000000,/* Disconnects are mandatory */
252 CAM_SEND_STATUS = 0x80000000,/* Send status after data phase */
253} ccb_flags;
254.Ed
255.Pp
256Multiple flags should be ORed together. Any of the CCB flags may be used,
257although it is worth noting several important ones here:
984263bc
MD
258.Bl -tag -width CAM_PASS_ERR_RECOVER
259.It Dv CAM_DIR_IN
260This indicates that the operation in question is a read operation. i.e.,
261data is being read from the
262.Tn SCSI
263device to the user-supplied buffer.
264.It Dv CAM_DIR_OUT
265This indicates that the operation is a write operation. i.e. data is being
266written from the user-supplied buffer to the device.
267.It Dv CAM_DIR_NONE
268This indicates that there is no data to be transferred for this command.
269.It Dv CAM_DEV_QFRZDIS
270This flag disables device queue freezing as an error recovery mechanism.
271.It Dv CAM_PASS_ERR_RECOVER
272This flag tells the
273.Xr pass 4
274driver to enable error recovery. The default is to not perform error
275recovery, which means that the retry count won't be honored without this
276flag, among other things.
277.It Dv CAM_DATA_PHYS
278This indicates that the address contained in
279.Fa data_ptr
280is a physical address, not a virtual address.
281.El
282.Pp
283The
284.Fa retry_count
285tells the kernel how many times to retry the command in question. The
286retry count is ignored unless the
287.Xr pass 4
288driver is told to enable error recovery via the
289.Dv CAM_PASS_ERR_RECOVER
290flag.
291.Pp
292The
293.Fa timeout
294tells the kernel how long to wait for the given command to complete. If
295the timeout expires and the command hasn't completed, the CCB will be
296returned from the kernel with an appropriate error status.
297.Pp
298.Fa cmd_spec
299is a CDB format specifier used to build up the SCSI CDB.
300This text string is made up of a list of field specifiers. Field
301specifiers specify the value for each CDB field (including indicating
302that the value be taken from the next argument in the
303variable argument list), the width
304of the field in bits or bytes, and an optional name. White space is
305ignored, and the pound sign ('#') introduces a comment that ends at the
306end of the current line.
307.Pp
308The optional name is the first part of a field specifier and
309is in curly braces. The text in curly braces in this example are
310the names:
311.Dl "{PS} v:b1 {Reserved} 0:b1 {Page Code} v:b6 # Mode select page"
312.Pp
313This field specifier has two one bit fields and one six bit field.
314The second one bit field is the constant value 0 and the first
315one bit field and the six bit field are taken from the variable
316argument list.
317Multi byte fields are swapped into the SCSI byte order in the
318CDB and white space is ignored.
319.Pp
320When the field is a hex value or the letter v, (e.g.,
321.Fa "1A"
322or
323.Fa "v" )
324then a single byte value
325is copied to the next unused byte of the CDB.
326When the letter
327.Fa v
328is used the next integer argument is taken from the variable argument list
329and that value used.
330.Pp
331A constant hex value followed by a field width specifier or the letter
332.Fa v
333followed by a field width specifier (e.g.,
334.Fa 3:4 ,
335.Fa 3:b4 ,
336.Fa 3:i3 ,
337.Fa v:i3 )
338specifies a field of a given bit or byte width.
339Either the constant value or (for the V specifier) the next integer value from
340the variable argument list is copied to the next unused
341bits or bytes of the CDB.
342.Pp
343A decimal number or the letter
344.Fa b
345followed by a decimal number field width indicates a bit field of that width.
346The bit fields are packed as tightly as possible beginning with the
347high bit (so that it reads the same as the SCSI spec), and a new byte of
348the CDB is started whenever a byte fills completely or when an
349.Fa i
350field is encountered.
351.Pp
352A field width specifier consisting of the letter
353.Fa i
354followed by either
3551, 2, 3 or 4 indicates a 1, 2, 3 or 4 byte integral value that must
356be swapped into SCSI byte order (MSB first).
357.Pp
358For the
359.Fa v
360field specifier the next integer argument is taken from the variable argument
361list and that value is used swapped into SCSI byte order.
362.Pp
363.Fn csio_build_visit
364operates similarly to
365.Fn csio_build ,
366except that the values to substitute for variable arguments in
367.Fa cmd_spec
368are retrieved via the
369.Fn arg_get
370function passed in to
371.Fn csio_build_visit
372instead of via
373.Xr stdarg 3 .
374The
375.Fn arg_get
376function takes two arguments:
377.Bl -tag -width field_name
378.It Fa gethook
379is passed into the
380.Fn arg_get
381function at each invocation. This enables the
382.Fn arg_get
383function to keep some state in between calls without using global or static
384variables.
385.It Fa field_name
386is the field name supplied in
387.Fa fmt ,
388if any.
389.El
390.Pp
391.Fn csio_decode
392is used to decode information from the data in phase of the SCSI
393transfer.
394.Pp
395The decoding is similar to
396the command specifier processing of
397.Fn csio_build
398except that the data is extracted from the data pointed to by
399.Fa csio->data_ptr .
400The stdarg list should be pointers to integers instead of integer
401values.
402A seek field type and a suppression modifier are added.
403The
404.Fa *
405suppression modifier (e.g.,
406.Fa *i3
407or
408.Fa *b4 )
409suppresses assignment from the field and can be used to skip
410over bytes or bits in the data, without having to copy
411them to a dummy variable in the arg list.
412.Pp
413The seek field type
414.Fa s
415permits you to skip over data.
416This seeks to an absolute position
417.Pq Fa s3
418or a relative position
419.Pq Fa s+3
420in the data, based on whether or not the presence of the '+' sign.
421The seek value can be specified as
422.Fa v
423and the next integer value from the argument list will be
424used as the seek value.
425.Pp
426.Fn csio_decode_visit
427operates like
428.Fn csio_decode
429except that instead of placing the decoded contents of the buffer in
430variadic arguments, the decoded buffer contents are returned to the user
431via the
432.Fn arg_put
433function that is passed in.
434The
435.Fn arg_put
436function takes several arguments:
437.Bl -tag -width letter
438.It Fa hook
439The "hook" is a mechanism to allow the
440.Fn arg_put
441function to save state in between calls.
442.It Fa letter
443is the letter describing the format of the argument being passed into the
444function.
445.It Fa val
446is a void pointer to the value being passed into the function.
447.It Fa count
448is the size of the value being passed into the
449.Fn arg_put
450function. The argument format determines the unit of measure.
451.It Fa name
452This is a text description of the field, if one was provided in the
453.Fa fmt .
454.El
455.Pp
456.Fn buff_decode
457decodes an arbitrary data buffer using the method
458described above for
459.Fn csio_decode .
460.Pp
461.Fn buff_decode_visit
462decodes an arbitrary data buffer using the method described above for
463.Fn csio_decode_visit .
464.Pp
465.Fn csio_encode
466encodes the
467.Fa data_ptr
468portion (not the CDB!) of a
469.Va ccb_scsiio
470structure, using the method described above for
471.Fn csio_build .
472.Pp
473.Fn csio_encode_visit
474encodes the
475.Fa data_ptr
476portion (not the CDB!) of a
477.Va ccb_scsiio
478structure, using the method described above for
479.Fn csio_build_visit .
480.Pp
481.Fn buff_encode_visit
482encodes an arbitrary data pointer, using the method described
483above for
484.Fn csio_build_visit .
485.Sh RETURN VALUES
486.Fn csio_build ,
487.Fn csio_build_visit ,
488.Fn csio_encode ,
489.Fn csio_encode_visit ,
490and
491.Fn buff_encode_visit
492return the number of fields processed.
493.Pp
494.Fn csio_decode ,
495.Fn csio_decode_visit ,
496.Fn buff_decode ,
497and
498.Fn buff_decode_visit
499return the number of assignments performed.
500.Sh SEE ALSO
501.Xr cam 3 ,
502.Xr pass 4 ,
503.Xr camcontrol 8
504.Sh HISTORY
505The CAM versions of these functions are based upon similar functions
506implemented for the old
507.Fx
508.Tn SCSI
509layer. The encoding/decoding functions in the old
510.Tn SCSI
511code were written by Peter Dufault.
512.Pp
513Many systems have comparable interfaces to permit a user to construct a
514SCSI command in user space.
515.Pp
516The old
517.Va scsireq
518data structure was almost identical to the SGI /dev/scsi data
519structure. If anyone knows the name of the authors it should
520go here; Peter Dufault first read about it in a 1989 Sun Expert magazine.
521.Pp
522The new CCB data structures are derived from the CAM-2 and CAM-3
523specifications.
524.Pp
525.An Peter Dufault
526implemented a clone of SGI's interface in
527.Bx 386
528that
529led to the original
530.Fx
531.Tn SCSI
532library and the related kernel ioctl.
533If anyone needs that for compatibility contact dufault@hda.com.
534.Sh AUTHORS
535Kenneth Merry implemented the CAM versions of these encoding and decoding
536functions. This current work is based upon earlier work by Peter Dufault.
537.Sh BUGS
538There should probably be a function that encodes both the CDB and the data
539buffer portions of a
540.Tn SCSI
541CCB. I discovered this while implementing the arbitrary command execution
542code in
543.Xr camcontrol 8 ,
544but I haven't yet had time to implement such a function.
545.Pp
546Some of the CCB flag descriptions really don't belong here. Rather they
547belong in a generic CCB man page. Since that man page hasn't yet been
548written, the shorter descriptions here will have to suffice.