Cleanup
[mirror/scst/.git] / scst / src / scst_lib.c
1 /*
2  *  scst_lib.c
3  *
4  *  Copyright (C) 2004 - 2008 Vladislav Bolkhovitin <vst@vlnb.net>
5  *  Copyright (C) 2004 - 2005 Leonid Stoljar
6  *  Copyright (C) 2007 - 2008 CMS Distribution Limited
7  *
8  *  This program is free software; you can redistribute it and/or
9  *  modify it under the terms of the GNU General Public License
10  *  as published by the Free Software Foundation, version 2
11  *  of the License.
12  *
13  *  This program is distributed in the hope that it will be useful,
14  *  but WITHOUT ANY WARRANTY; without even the implied warranty of
15  *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16  *  GNU General Public License for more details.
17  */
18
19 #include <linux/init.h>
20 #include <linux/kernel.h>
21 #include <linux/errno.h>
22 #include <linux/list.h>
23 #include <linux/spinlock.h>
24 #include <linux/slab.h>
25 #include <linux/sched.h>
26 #include <linux/kthread.h>
27 #include <linux/cdrom.h>
28 #include <linux/unistd.h>
29 #include <linux/string.h>
30
31 #include "scst.h"
32 #include "scst_priv.h"
33 #include "scst_mem.h"
34
35 #include "scst_cdbprobe.h"
36
37 static void scst_free_tgt_dev(struct scst_tgt_dev *tgt_dev);
38 static void scst_check_internal_sense(struct scst_device *dev, int result,
39         uint8_t *sense, int sense_len);
40 static void scst_alloc_set_UA(struct scst_tgt_dev *tgt_dev,
41         const uint8_t *sense, int sense_len, int head);
42 static void scst_free_all_UA(struct scst_tgt_dev *tgt_dev);
43 static void scst_release_space(struct scst_cmd *cmd);
44 static void scst_sess_free_tgt_devs(struct scst_session *sess);
45 static void scst_unblock_cmds(struct scst_device *dev);
46
47 #ifdef CONFIG_SCST_DEBUG_TM
48 static void tm_dbg_init_tgt_dev(struct scst_tgt_dev *tgt_dev,
49         struct scst_acg_dev *acg_dev);
50 static void tm_dbg_deinit_tgt_dev(struct scst_tgt_dev *tgt_dev);
51 #else
52 static inline void tm_dbg_init_tgt_dev(struct scst_tgt_dev *tgt_dev,
53         struct scst_acg_dev *acg_dev) {}
54 static inline void tm_dbg_deinit_tgt_dev(struct scst_tgt_dev *tgt_dev) {}
55 #endif /* CONFIG_SCST_DEBUG_TM */
56
57 int scst_alloc_sense(struct scst_cmd *cmd, int atomic)
58 {
59         int res = 0;
60         gfp_t gfp_mask = atomic ? GFP_ATOMIC : (GFP_KERNEL|__GFP_NOFAIL);
61
62         TRACE_ENTRY();
63
64         sBUG_ON(cmd->sense != NULL);
65
66         cmd->sense = mempool_alloc(scst_sense_mempool, gfp_mask);
67         if (cmd->sense == NULL) {
68                 PRINT_CRIT_ERROR("Sense memory allocation failed (op %x). "
69                         "The sense data will be lost!!", cmd->cdb[0]);
70                 res = -ENOMEM;
71                 goto out;
72         }
73
74         memset(cmd->sense, 0, SCST_SENSE_BUFFERSIZE);
75
76 out:
77         TRACE_EXIT_RES(res);
78         return res;
79 }
80 EXPORT_SYMBOL(scst_alloc_sense);
81
82 int scst_alloc_set_sense(struct scst_cmd *cmd, int atomic,
83         const uint8_t *sense, unsigned int len)
84 {
85         int res;
86
87         TRACE_ENTRY();
88
89         res = scst_alloc_sense(cmd, atomic);
90         if (res != 0) {
91                 PRINT_BUFFER("Lost sense", sense, len);
92                 goto out;
93         }
94
95         memcpy(cmd->sense, sense, min((int)len, (int)SCST_SENSE_BUFFERSIZE));
96         TRACE_BUFFER("Sense set", cmd->sense, SCST_SENSE_BUFFERSIZE);
97
98 out:
99         TRACE_EXIT_RES(res);
100         return res;
101 }
102 EXPORT_SYMBOL(scst_alloc_set_sense);
103
104 void scst_set_cmd_error_status(struct scst_cmd *cmd, int status)
105 {
106         TRACE_ENTRY();
107
108         cmd->status = status;
109         cmd->host_status = DID_OK;
110
111         cmd->dbl_ua_orig_resp_data_len = cmd->resp_data_len;
112         cmd->dbl_ua_orig_data_direction = cmd->data_direction;
113
114         cmd->data_direction = SCST_DATA_NONE;
115         cmd->resp_data_len = 0;
116         cmd->is_send_status = 1;
117
118         cmd->completed = 1;
119
120         TRACE_EXIT();
121         return;
122 }
123 EXPORT_SYMBOL(scst_set_cmd_error_status);
124
125 void scst_set_cmd_error(struct scst_cmd *cmd, int key, int asc, int ascq)
126 {
127         int rc;
128
129         TRACE_ENTRY();
130
131         scst_set_cmd_error_status(cmd, SAM_STAT_CHECK_CONDITION);
132
133         rc = scst_alloc_sense(cmd, 1);
134         if (rc != 0) {
135                 PRINT_ERROR("Lost sense data (key %x, asc %x, ascq %x)",
136                         key, asc, ascq);
137                 goto out;
138         }
139
140         scst_set_sense(cmd->sense, SCST_SENSE_BUFFERSIZE, key, asc, ascq);
141         TRACE_BUFFER("Sense set", cmd->sense, SCST_SENSE_BUFFERSIZE);
142
143 out:
144         TRACE_EXIT();
145         return;
146 }
147 EXPORT_SYMBOL(scst_set_cmd_error);
148
149 void scst_set_sense(uint8_t *buffer, int len, int key,
150         int asc, int ascq)
151 {
152         memset(buffer, 0, len);
153         buffer[0] = 0x70;       /* Error Code                   */
154         buffer[2] = key;        /* Sense Key                    */
155         buffer[7] = 0x0a;       /* Additional Sense Length      */
156         buffer[12] = asc;       /* ASC                          */
157         buffer[13] = ascq;      /* ASCQ                         */
158         TRACE_BUFFER("Sense set", buffer, len);
159         return;
160 }
161 EXPORT_SYMBOL(scst_set_sense);
162
163 static void scst_set_cmd_error_sense(struct scst_cmd *cmd, uint8_t *sense,
164         unsigned int len)
165 {
166         TRACE_ENTRY();
167
168         scst_set_cmd_error_status(cmd, SAM_STAT_CHECK_CONDITION);
169         scst_alloc_set_sense(cmd, 1, sense, len);
170
171         TRACE_EXIT();
172         return;
173 }
174
175 void scst_set_busy(struct scst_cmd *cmd)
176 {
177         int c = atomic_read(&cmd->sess->sess_cmd_count);
178
179         TRACE_ENTRY();
180
181         if ((c <= 1) || (cmd->sess->init_phase != SCST_SESS_IPH_READY)) {
182                 scst_set_cmd_error_status(cmd, SAM_STAT_BUSY);
183                 TRACE(TRACE_MGMT_MINOR, "Sending BUSY status to initiator %s "
184                         "(cmds count %d, queue_type %x, sess->init_phase %d)",
185                         cmd->sess->initiator_name, c,
186                         cmd->queue_type, cmd->sess->init_phase);
187         } else {
188                 scst_set_cmd_error_status(cmd, SAM_STAT_TASK_SET_FULL);
189                 TRACE(TRACE_MGMT_MINOR, "Sending QUEUE_FULL status to "
190                         "initiator %s (cmds count %d, queue_type %x, "
191                         "sess->init_phase %d)", cmd->sess->initiator_name, c,
192                         cmd->queue_type, cmd->sess->init_phase);
193         }
194
195         TRACE_EXIT();
196         return;
197 }
198 EXPORT_SYMBOL(scst_set_busy);
199
200 int scst_get_cmd_abnormal_done_state(const struct scst_cmd *cmd)
201 {
202         int res;
203
204         TRACE_ENTRY();
205
206         switch (cmd->state) {
207         case SCST_CMD_STATE_INIT_WAIT:
208         case SCST_CMD_STATE_INIT:
209         case SCST_CMD_STATE_PRE_PARSE:
210         case SCST_CMD_STATE_DEV_PARSE:
211                 res = SCST_CMD_STATE_PRE_XMIT_RESP;
212                 break;
213
214         default:
215                 res = SCST_CMD_STATE_PRE_DEV_DONE;
216                 break;
217         }
218
219         TRACE_EXIT_RES(res);
220         return res;
221 }
222 EXPORT_SYMBOL(scst_get_cmd_abnormal_done_state);
223
224 void scst_set_cmd_abnormal_done_state(struct scst_cmd *cmd)
225 {
226         TRACE_ENTRY();
227
228 #ifdef CONFIG_SCST_EXTRACHECKS
229         switch (cmd->state) {
230         case SCST_CMD_STATE_PRE_XMIT_RESP:
231         case SCST_CMD_STATE_XMIT_RESP:
232         case SCST_CMD_STATE_FINISHED:
233         case SCST_CMD_STATE_XMIT_WAIT:
234                 PRINT_CRIT_ERROR("Wrong cmd state %x (cmd %p, op %x)",
235                         cmd->state, cmd, cmd->cdb[0]);
236                 sBUG();
237         }
238 #endif
239
240         cmd->state = scst_get_cmd_abnormal_done_state(cmd);
241
242         EXTRACHECKS_BUG_ON((cmd->state != SCST_CMD_STATE_PRE_XMIT_RESP) &&
243                            (cmd->tgt_dev == NULL));
244
245         TRACE_EXIT();
246         return;
247 }
248 EXPORT_SYMBOL(scst_set_cmd_abnormal_done_state);
249
250 void scst_set_resp_data_len(struct scst_cmd *cmd, int resp_data_len)
251 {
252         int i, l;
253
254         TRACE_ENTRY();
255
256         scst_check_restore_sg_buff(cmd);
257         cmd->resp_data_len = resp_data_len;
258
259         if (resp_data_len == cmd->bufflen)
260                 goto out;
261
262         l = 0;
263         for (i = 0; i < cmd->sg_cnt; i++) {
264                 l += cmd->sg[i].length;
265                 if (l >= resp_data_len) {
266                         int left = resp_data_len - (l - cmd->sg[i].length);
267 #ifdef CONFIG_SCST_DEBUG
268                         TRACE(TRACE_SG_OP|TRACE_MEMORY, "cmd %p (tag %llu), "
269                                 "resp_data_len %d, i %d, cmd->sg[i].length %d, "
270                                 "left %d",
271                                 cmd, (long long unsigned int)cmd->tag,
272                                 resp_data_len, i,
273                                 cmd->sg[i].length, left);
274 #endif
275                         cmd->orig_sg_cnt = cmd->sg_cnt;
276                         cmd->orig_sg_entry = i;
277                         cmd->orig_entry_len = cmd->sg[i].length;
278                         cmd->sg_cnt = (left > 0) ? i+1 : i;
279                         cmd->sg[i].length = left;
280                         cmd->sg_buff_modified = 1;
281                         break;
282                 }
283         }
284
285 out:
286         TRACE_EXIT();
287         return;
288 }
289 EXPORT_SYMBOL(scst_set_resp_data_len);
290
291 /* Called under scst_mutex and suspended activity */
292 int scst_alloc_device(gfp_t gfp_mask, struct scst_device **out_dev)
293 {
294         struct scst_device *dev;
295         int res = 0;
296         static int dev_num; /* protected by scst_mutex */
297
298         TRACE_ENTRY();
299
300         dev = kzalloc(sizeof(*dev), gfp_mask);
301         if (dev == NULL) {
302                 TRACE(TRACE_OUT_OF_MEM, "%s",
303                         "Allocation of scst_device failed");
304                 res = -ENOMEM;
305                 goto out;
306         }
307
308         dev->handler = &scst_null_devtype;
309         dev->p_cmd_lists = &scst_main_cmd_lists;
310         atomic_set(&dev->dev_cmd_count, 0);
311         atomic_set(&dev->write_cmd_count, 0);
312         scst_init_mem_lim(&dev->dev_mem_lim);
313         spin_lock_init(&dev->dev_lock);
314         atomic_set(&dev->on_dev_count, 0);
315         INIT_LIST_HEAD(&dev->blocked_cmd_list);
316         INIT_LIST_HEAD(&dev->dev_tgt_dev_list);
317         INIT_LIST_HEAD(&dev->dev_acg_dev_list);
318         INIT_LIST_HEAD(&dev->threads_list);
319         init_waitqueue_head(&dev->on_dev_waitQ);
320         dev->dev_double_ua_possible = 1;
321         dev->dev_serialized = 1;
322         dev->queue_alg = SCST_CONTR_MODE_QUEUE_ALG_UNRESTRICTED_REORDER;
323         dev->dev_num = dev_num++;
324
325         *out_dev = dev;
326
327 out:
328         TRACE_EXIT_RES(res);
329         return res;
330 }
331
332 /* Called under scst_mutex and suspended activity */
333 void scst_free_device(struct scst_device *dev)
334 {
335         TRACE_ENTRY();
336
337 #ifdef CONFIG_SCST_EXTRACHECKS
338         if (!list_empty(&dev->dev_tgt_dev_list) ||
339             !list_empty(&dev->dev_acg_dev_list)) {
340                 PRINT_CRIT_ERROR("%s: dev_tgt_dev_list or dev_acg_dev_list "
341                         "is not empty!", __func__);
342                 sBUG();
343         }
344 #endif
345
346         kfree(dev);
347
348         TRACE_EXIT();
349         return;
350 }
351
352 void scst_init_mem_lim(struct scst_mem_lim *mem_lim)
353 {
354         atomic_set(&mem_lim->alloced_pages, 0);
355         mem_lim->max_allowed_pages =
356                 ((uint64_t)scst_max_dev_cmd_mem << 10) >> (PAGE_SHIFT - 10);
357 }
358 EXPORT_SYMBOL(scst_init_mem_lim);
359
360 static struct scst_acg_dev *scst_alloc_acg_dev(struct scst_acg *acg,
361                                         struct scst_device *dev, uint64_t lun)
362 {
363         struct scst_acg_dev *res;
364
365         TRACE_ENTRY();
366
367 #if LINUX_VERSION_CODE < KERNEL_VERSION(2, 6, 17)
368         res = kmem_cache_alloc(scst_acgd_cachep, GFP_KERNEL);
369 #else
370         res = kmem_cache_zalloc(scst_acgd_cachep, GFP_KERNEL);
371 #endif
372         if (res == NULL) {
373                 TRACE(TRACE_OUT_OF_MEM,
374                       "%s", "Allocation of scst_acg_dev failed");
375                 goto out;
376         }
377 #if LINUX_VERSION_CODE < KERNEL_VERSION(2, 6, 17)
378         memset(res, 0, sizeof(*res));
379 #endif
380
381         res->dev = dev;
382         res->acg = acg;
383         res->lun = lun;
384
385 out:
386         TRACE_EXIT_HRES(res);
387         return res;
388 }
389
390 /* The activity supposed to be suspended and scst_mutex held */
391 static void scst_free_acg_dev(struct scst_acg_dev *acg_dev)
392 {
393         TRACE_ENTRY();
394
395         TRACE_DBG("Removing acg_dev %p from acg_dev_list and dev_acg_dev_list",
396                 acg_dev);
397         list_del(&acg_dev->acg_dev_list_entry);
398         list_del(&acg_dev->dev_acg_dev_list_entry);
399
400         kmem_cache_free(scst_acgd_cachep, acg_dev);
401
402         TRACE_EXIT();
403         return;
404 }
405
406 /* The activity supposed to be suspended and scst_mutex held */
407 struct scst_acg *scst_alloc_add_acg(const char *acg_name)
408 {
409         struct scst_acg *acg;
410
411         TRACE_ENTRY();
412
413         acg = kzalloc(sizeof(*acg), GFP_KERNEL);
414         if (acg == NULL) {
415                 TRACE(TRACE_OUT_OF_MEM, "%s", "Allocation of acg failed");
416                 goto out;
417         }
418
419         INIT_LIST_HEAD(&acg->acg_dev_list);
420         INIT_LIST_HEAD(&acg->acg_sess_list);
421         INIT_LIST_HEAD(&acg->acn_list);
422         acg->acg_name = acg_name;
423
424         TRACE_DBG("Adding acg %s to scst_acg_list", acg_name);
425         list_add_tail(&acg->scst_acg_list_entry, &scst_acg_list);
426
427 out:
428         TRACE_EXIT_HRES(acg);
429         return acg;
430 }
431
432 /* The activity supposed to be suspended and scst_mutex held */
433 int scst_destroy_acg(struct scst_acg *acg)
434 {
435         struct scst_acn *n, *nn;
436         struct scst_acg_dev *acg_dev, *acg_dev_tmp;
437         int res = 0;
438
439         TRACE_ENTRY();
440
441         if (!list_empty(&acg->acg_sess_list)) {
442                 PRINT_ERROR("%s: acg_sess_list is not empty!", __func__);
443                 res = -EBUSY;
444                 goto out;
445         }
446
447         TRACE_DBG("Removing acg %s from scst_acg_list", acg->acg_name);
448         list_del(&acg->scst_acg_list_entry);
449
450         /* Freeing acg_devs */
451         list_for_each_entry_safe(acg_dev, acg_dev_tmp, &acg->acg_dev_list,
452                         acg_dev_list_entry) {
453                 struct scst_tgt_dev *tgt_dev, *tt;
454                 list_for_each_entry_safe(tgt_dev, tt,
455                                  &acg_dev->dev->dev_tgt_dev_list,
456                                  dev_tgt_dev_list_entry) {
457                         if (tgt_dev->acg_dev == acg_dev)
458                                 scst_free_tgt_dev(tgt_dev);
459                 }
460                 scst_free_acg_dev(acg_dev);
461         }
462
463         /* Freeing names */
464         list_for_each_entry_safe(n, nn, &acg->acn_list,
465                         acn_list_entry) {
466                 list_del(&n->acn_list_entry);
467                 kfree(n->name);
468                 kfree(n);
469         }
470         INIT_LIST_HEAD(&acg->acn_list);
471
472         kfree(acg);
473 out:
474         TRACE_EXIT_RES(res);
475         return res;
476 }
477
478 /*
479  * scst_mutex supposed to be held, there must not be parallel activity in this
480  * session.
481  */
482 static struct scst_tgt_dev *scst_alloc_add_tgt_dev(struct scst_session *sess,
483         struct scst_acg_dev *acg_dev)
484 {
485         int ini_sg, ini_unchecked_isa_dma, ini_use_clustering;
486         struct scst_tgt_dev *tgt_dev;
487         struct scst_device *dev = acg_dev->dev;
488         struct list_head *sess_tgt_dev_list_head;
489         struct scst_tgt_template *vtt = sess->tgt->tgtt;
490         int rc, i;
491
492         TRACE_ENTRY();
493
494 #if LINUX_VERSION_CODE < KERNEL_VERSION(2, 6, 17)
495         tgt_dev = kmem_cache_alloc(scst_tgtd_cachep, GFP_KERNEL);
496 #else
497         tgt_dev = kmem_cache_zalloc(scst_tgtd_cachep, GFP_KERNEL);
498 #endif
499         if (tgt_dev == NULL) {
500                 TRACE(TRACE_OUT_OF_MEM, "%s",
501                       "Allocation of scst_tgt_dev failed");
502                 goto out;
503         }
504 #if LINUX_VERSION_CODE < KERNEL_VERSION(2, 6, 17)
505         memset(tgt_dev, 0, sizeof(*tgt_dev));
506 #endif
507
508         tgt_dev->dev = dev;
509         tgt_dev->lun = acg_dev->lun;
510         tgt_dev->acg_dev = acg_dev;
511         tgt_dev->sess = sess;
512         atomic_set(&tgt_dev->tgt_dev_cmd_count, 0);
513
514         scst_sgv_pool_use_norm(tgt_dev);
515
516         if (dev->scsi_dev != NULL) {
517                 ini_sg = dev->scsi_dev->host->sg_tablesize;
518                 ini_unchecked_isa_dma = dev->scsi_dev->host->unchecked_isa_dma;
519                 ini_use_clustering = (dev->scsi_dev->host->use_clustering ==
520                                 ENABLE_CLUSTERING);
521         } else {
522                 ini_sg = (1 << 15) /* infinite */;
523                 ini_unchecked_isa_dma = 0;
524                 ini_use_clustering = 0;
525         }
526         tgt_dev->max_sg_cnt = min(ini_sg, sess->tgt->sg_tablesize);
527
528         if ((sess->tgt->tgtt->use_clustering || ini_use_clustering) &&
529             !sess->tgt->tgtt->no_clustering)
530                 scst_sgv_pool_use_norm_clust(tgt_dev);
531
532         if (sess->tgt->tgtt->unchecked_isa_dma || ini_unchecked_isa_dma)
533                 scst_sgv_pool_use_dma(tgt_dev);
534
535         if (dev->scsi_dev != NULL) {
536                 TRACE_MGMT_DBG("host=%d, channel=%d, id=%d, lun=%d, "
537                       "SCST lun=%lld", dev->scsi_dev->host->host_no,
538                       dev->scsi_dev->channel, dev->scsi_dev->id,
539                       dev->scsi_dev->lun,
540                       (long long unsigned int)tgt_dev->lun);
541         } else {
542                 TRACE_MGMT_DBG("Virtual device %s on SCST lun=%lld",
543                                dev->virt_name,
544                                (long long unsigned int)tgt_dev->lun);
545         }
546
547         spin_lock_init(&tgt_dev->tgt_dev_lock);
548         INIT_LIST_HEAD(&tgt_dev->UA_list);
549         spin_lock_init(&tgt_dev->thr_data_lock);
550         INIT_LIST_HEAD(&tgt_dev->thr_data_list);
551         spin_lock_init(&tgt_dev->sn_lock);
552         INIT_LIST_HEAD(&tgt_dev->deferred_cmd_list);
553         INIT_LIST_HEAD(&tgt_dev->skipped_sn_list);
554         tgt_dev->expected_sn = 1;
555         tgt_dev->num_free_sn_slots = ARRAY_SIZE(tgt_dev->sn_slots)-1;
556         tgt_dev->cur_sn_slot = &tgt_dev->sn_slots[0];
557         for (i = 0; i < (int)ARRAY_SIZE(tgt_dev->sn_slots); i++)
558                 atomic_set(&tgt_dev->sn_slots[i], 0);
559
560         if (dev->handler->parse_atomic &&
561             (sess->tgt->tgtt->preprocessing_done == NULL)) {
562                 if (sess->tgt->tgtt->rdy_to_xfer_atomic)
563                         __set_bit(SCST_TGT_DEV_AFTER_INIT_WR_ATOMIC,
564                                 &tgt_dev->tgt_dev_flags);
565                 if (dev->handler->exec_atomic)
566                         __set_bit(SCST_TGT_DEV_AFTER_INIT_OTH_ATOMIC,
567                                 &tgt_dev->tgt_dev_flags);
568         }
569         if (dev->handler->exec_atomic) {
570                 if (sess->tgt->tgtt->rdy_to_xfer_atomic)
571                         __set_bit(SCST_TGT_DEV_AFTER_RESTART_WR_ATOMIC,
572                                 &tgt_dev->tgt_dev_flags);
573                 __set_bit(SCST_TGT_DEV_AFTER_RESTART_OTH_ATOMIC,
574                                 &tgt_dev->tgt_dev_flags);
575                 __set_bit(SCST_TGT_DEV_AFTER_RX_DATA_ATOMIC,
576                         &tgt_dev->tgt_dev_flags);
577         }
578         if (dev->handler->dev_done_atomic &&
579             sess->tgt->tgtt->xmit_response_atomic) {
580                 __set_bit(SCST_TGT_DEV_AFTER_EXEC_ATOMIC,
581                         &tgt_dev->tgt_dev_flags);
582         }
583
584         spin_lock_bh(&scst_temp_UA_lock);
585         scst_set_sense(scst_temp_UA, sizeof(scst_temp_UA),
586                 SCST_LOAD_SENSE(scst_sense_reset_UA));
587         scst_alloc_set_UA(tgt_dev, scst_temp_UA, sizeof(scst_temp_UA), 0);
588         spin_unlock_bh(&scst_temp_UA_lock);
589
590         tm_dbg_init_tgt_dev(tgt_dev, acg_dev);
591
592         if (vtt->threads_num > 0) {
593                 rc = 0;
594                 if (dev->handler->threads_num > 0)
595                         rc = scst_add_dev_threads(dev, vtt->threads_num);
596                 else if (dev->handler->threads_num == 0)
597                         rc = scst_add_cmd_threads(vtt->threads_num);
598                 if (rc != 0)
599                         goto out_free;
600         }
601
602         if (dev->handler && dev->handler->attach_tgt) {
603                 TRACE_DBG("Calling dev handler's attach_tgt(%p)",
604                       tgt_dev);
605                 rc = dev->handler->attach_tgt(tgt_dev);
606                 TRACE_DBG("%s", "Dev handler's attach_tgt() returned");
607                 if (rc != 0) {
608                         PRINT_ERROR("Device handler's %s attach_tgt() "
609                             "failed: %d", dev->handler->name, rc);
610                         goto out_thr_free;
611                 }
612         }
613
614         spin_lock_bh(&dev->dev_lock);
615         list_add_tail(&tgt_dev->dev_tgt_dev_list_entry, &dev->dev_tgt_dev_list);
616         if (dev->dev_reserved)
617                 __set_bit(SCST_TGT_DEV_RESERVED, &tgt_dev->tgt_dev_flags);
618         spin_unlock_bh(&dev->dev_lock);
619
620         sess_tgt_dev_list_head =
621                 &sess->sess_tgt_dev_list_hash[HASH_VAL(tgt_dev->lun)];
622         list_add_tail(&tgt_dev->sess_tgt_dev_list_entry,
623                       sess_tgt_dev_list_head);
624
625 out:
626         TRACE_EXIT();
627         return tgt_dev;
628
629 out_thr_free:
630         if (vtt->threads_num > 0) {
631                 if (dev->handler->threads_num > 0)
632                         scst_del_dev_threads(dev, vtt->threads_num);
633                 else if (dev->handler->threads_num == 0)
634                         scst_del_cmd_threads(vtt->threads_num);
635         }
636
637 out_free:
638         kmem_cache_free(scst_tgtd_cachep, tgt_dev);
639         tgt_dev = NULL;
640         goto out;
641 }
642
643 static void scst_clear_reservation(struct scst_tgt_dev *tgt_dev);
644
645 /* No locks supposed to be held, scst_mutex - held */
646 void scst_nexus_loss(struct scst_tgt_dev *tgt_dev)
647 {
648         TRACE_ENTRY();
649
650         scst_clear_reservation(tgt_dev);
651
652         /* With activity suspended the lock isn't needed, but let's be safe */
653         spin_lock_bh(&tgt_dev->tgt_dev_lock);
654         scst_free_all_UA(tgt_dev);
655         spin_unlock_bh(&tgt_dev->tgt_dev_lock);
656
657         spin_lock_bh(&scst_temp_UA_lock);
658         scst_set_sense(scst_temp_UA, sizeof(scst_temp_UA),
659                 SCST_LOAD_SENSE(scst_sense_nexus_loss_UA));
660         scst_check_set_UA(tgt_dev, scst_temp_UA, sizeof(scst_temp_UA), 0);
661         spin_unlock_bh(&scst_temp_UA_lock);
662
663         TRACE_EXIT();
664         return;
665 }
666
667 /*
668  * scst_mutex supposed to be held, there must not be parallel activity in this
669  * session.
670  */
671 static void scst_free_tgt_dev(struct scst_tgt_dev *tgt_dev)
672 {
673         struct scst_device *dev = tgt_dev->dev;
674         struct scst_tgt_template *vtt = tgt_dev->sess->tgt->tgtt;
675
676         TRACE_ENTRY();
677
678         tm_dbg_deinit_tgt_dev(tgt_dev);
679
680         spin_lock_bh(&dev->dev_lock);
681         list_del(&tgt_dev->dev_tgt_dev_list_entry);
682         spin_unlock_bh(&dev->dev_lock);
683
684         list_del(&tgt_dev->sess_tgt_dev_list_entry);
685
686         scst_clear_reservation(tgt_dev);
687         scst_free_all_UA(tgt_dev);
688
689         if (dev->handler && dev->handler->detach_tgt) {
690                 TRACE_DBG("Calling dev handler's detach_tgt(%p)",
691                       tgt_dev);
692                 dev->handler->detach_tgt(tgt_dev);
693                 TRACE_DBG("%s", "Dev handler's detach_tgt() returned");
694         }
695
696         if (vtt->threads_num > 0) {
697                 if (dev->handler->threads_num > 0)
698                         scst_del_dev_threads(dev, vtt->threads_num);
699                 else if (dev->handler->threads_num == 0)
700                         scst_del_cmd_threads(vtt->threads_num);
701         }
702
703         kmem_cache_free(scst_tgtd_cachep, tgt_dev);
704
705         TRACE_EXIT();
706         return;
707 }
708
709 /* scst_mutex supposed to be held */
710 int scst_sess_alloc_tgt_devs(struct scst_session *sess)
711 {
712         int res = 0;
713         struct scst_acg_dev *acg_dev;
714         struct scst_tgt_dev *tgt_dev;
715
716         TRACE_ENTRY();
717
718         list_for_each_entry(acg_dev, &sess->acg->acg_dev_list,
719                         acg_dev_list_entry) {
720                 tgt_dev = scst_alloc_add_tgt_dev(sess, acg_dev);
721                 if (tgt_dev == NULL) {
722                         res = -ENOMEM;
723                         goto out_free;
724                 }
725         }
726
727 out:
728         TRACE_EXIT();
729         return res;
730
731 out_free:
732         scst_sess_free_tgt_devs(sess);
733         goto out;
734 }
735
736 /*
737  * scst_mutex supposed to be held, there must not be parallel activity in this
738  * session.
739  */
740 void scst_sess_free_tgt_devs(struct scst_session *sess)
741 {
742         int i;
743         struct scst_tgt_dev *tgt_dev, *t;
744
745         TRACE_ENTRY();
746
747         /* The session is going down, no users, so no locks */
748         for (i = 0; i < TGT_DEV_HASH_SIZE; i++) {
749                 struct list_head *sess_tgt_dev_list_head =
750                         &sess->sess_tgt_dev_list_hash[i];
751                 list_for_each_entry_safe(tgt_dev, t, sess_tgt_dev_list_head,
752                                 sess_tgt_dev_list_entry) {
753                         scst_free_tgt_dev(tgt_dev);
754                 }
755                 INIT_LIST_HEAD(sess_tgt_dev_list_head);
756         }
757
758         TRACE_EXIT();
759         return;
760 }
761
762 /* The activity supposed to be suspended and scst_mutex held */
763 int scst_acg_add_dev(struct scst_acg *acg, struct scst_device *dev,
764                      uint64_t lun, int read_only)
765 {
766         int res = 0;
767         struct scst_acg_dev *acg_dev;
768         struct scst_tgt_dev *tgt_dev;
769         struct scst_session *sess;
770         LIST_HEAD(tmp_tgt_dev_list);
771
772         TRACE_ENTRY();
773
774         INIT_LIST_HEAD(&tmp_tgt_dev_list);
775
776 #ifdef CONFIG_SCST_EXTRACHECKS
777         list_for_each_entry(acg_dev, &acg->acg_dev_list, acg_dev_list_entry) {
778                 if (acg_dev->dev == dev) {
779                         PRINT_ERROR("Device is already in group %s",
780                                 acg->acg_name);
781                         res = -EINVAL;
782                         goto out;
783                 }
784         }
785 #endif
786
787         acg_dev = scst_alloc_acg_dev(acg, dev, lun);
788         if (acg_dev == NULL) {
789                 res = -ENOMEM;
790                 goto out;
791         }
792         acg_dev->rd_only_flag = read_only;
793
794         TRACE_DBG("Adding acg_dev %p to acg_dev_list and dev_acg_dev_list",
795                 acg_dev);
796         list_add_tail(&acg_dev->acg_dev_list_entry, &acg->acg_dev_list);
797         list_add_tail(&acg_dev->dev_acg_dev_list_entry, &dev->dev_acg_dev_list);
798
799         list_for_each_entry(sess, &acg->acg_sess_list, acg_sess_list_entry) {
800                 tgt_dev = scst_alloc_add_tgt_dev(sess, acg_dev);
801                 if (tgt_dev == NULL) {
802                         res = -ENOMEM;
803                         goto out_free;
804                 }
805                 list_add_tail(&tgt_dev->extra_tgt_dev_list_entry,
806                               &tmp_tgt_dev_list);
807         }
808
809 out:
810         if (res == 0) {
811                 if (dev->virt_name != NULL) {
812                         PRINT_INFO("Added device %s to group %s (LUN %lld, "
813                                 "rd_only %d)", dev->virt_name, acg->acg_name,
814                                 (long long unsigned int)lun,
815                                 read_only);
816                 } else {
817                         PRINT_INFO("Added device %d:%d:%d:%d to group %s (LUN "
818                                 "%lld, rd_only %d)",
819                                 dev->scsi_dev->host->host_no,
820                                 dev->scsi_dev->channel, dev->scsi_dev->id,
821                                 dev->scsi_dev->lun, acg->acg_name,
822                                 (long long unsigned int)lun,
823                                 read_only);
824                 }
825         }
826
827         TRACE_EXIT_RES(res);
828         return res;
829
830 out_free:
831         list_for_each_entry(tgt_dev, &tmp_tgt_dev_list,
832                          extra_tgt_dev_list_entry) {
833                 scst_free_tgt_dev(tgt_dev);
834         }
835         scst_free_acg_dev(acg_dev);
836         goto out;
837 }
838
839 /* The activity supposed to be suspended and scst_mutex held */
840 int scst_acg_remove_dev(struct scst_acg *acg, struct scst_device *dev)
841 {
842         int res = 0;
843         struct scst_acg_dev *acg_dev = NULL, *a;
844         struct scst_tgt_dev *tgt_dev, *tt;
845
846         TRACE_ENTRY();
847
848         list_for_each_entry(a, &acg->acg_dev_list, acg_dev_list_entry) {
849                 if (a->dev == dev) {
850                         acg_dev = a;
851                         break;
852                 }
853         }
854
855         if (acg_dev == NULL) {
856                 PRINT_ERROR("Device is not found in group %s", acg->acg_name);
857                 res = -EINVAL;
858                 goto out;
859         }
860
861         list_for_each_entry_safe(tgt_dev, tt, &dev->dev_tgt_dev_list,
862                          dev_tgt_dev_list_entry) {
863                 if (tgt_dev->acg_dev == acg_dev)
864                         scst_free_tgt_dev(tgt_dev);
865         }
866         scst_free_acg_dev(acg_dev);
867
868 out:
869         if (res == 0) {
870                 if (dev->virt_name != NULL) {
871                         PRINT_INFO("Removed device %s from group %s",
872                                 dev->virt_name, acg->acg_name);
873                 } else {
874                         PRINT_INFO("Removed device %d:%d:%d:%d from group %s",
875                                 dev->scsi_dev->host->host_no,
876                                 dev->scsi_dev->channel, dev->scsi_dev->id,
877                                 dev->scsi_dev->lun, acg->acg_name);
878                 }
879         }
880
881         TRACE_EXIT_RES(res);
882         return res;
883 }
884
885 /* scst_mutex supposed to be held */
886 int scst_acg_add_name(struct scst_acg *acg, const char *name)
887 {
888         int res = 0;
889         struct scst_acn *n;
890         int len;
891         char *nm;
892
893         TRACE_ENTRY();
894
895         list_for_each_entry(n, &acg->acn_list, acn_list_entry)
896         {
897                 if (strcmp(n->name, name) == 0) {
898                         PRINT_ERROR("Name %s already exists in group %s",
899                                 name, acg->acg_name);
900                         res = -EINVAL;
901                         goto out;
902                 }
903         }
904
905         n = kmalloc(sizeof(*n), GFP_KERNEL);
906         if (n == NULL) {
907                 PRINT_ERROR("%s", "Unable to allocate scst_acn");
908                 res = -ENOMEM;
909                 goto out;
910         }
911
912         len = strlen(name);
913         nm = kmalloc(len + 1, GFP_KERNEL);
914         if (nm == NULL) {
915                 PRINT_ERROR("%s", "Unable to allocate scst_acn->name");
916                 res = -ENOMEM;
917                 goto out_free;
918         }
919
920         strcpy(nm, name);
921         n->name = nm;
922
923         list_add_tail(&n->acn_list_entry, &acg->acn_list);
924
925 out:
926         if (res == 0)
927                 PRINT_INFO("Added name %s to group %s", name, acg->acg_name);
928
929         TRACE_EXIT_RES(res);
930         return res;
931
932 out_free:
933         kfree(n);
934         goto out;
935 }
936
937 /* scst_mutex supposed to be held */
938 int scst_acg_remove_name(struct scst_acg *acg, const char *name)
939 {
940         int res = -EINVAL;
941         struct scst_acn *n;
942
943         TRACE_ENTRY();
944
945         list_for_each_entry(n, &acg->acn_list, acn_list_entry)
946         {
947                 if (strcmp(n->name, name) == 0) {
948                         list_del(&n->acn_list_entry);
949                         kfree(n->name);
950                         kfree(n);
951                         res = 0;
952                         break;
953                 }
954         }
955
956         if (res == 0) {
957                 PRINT_INFO("Removed name %s from group %s", name,
958                         acg->acg_name);
959         } else {
960                 PRINT_ERROR("Unable to find name %s in group %s", name,
961                         acg->acg_name);
962         }
963
964         TRACE_EXIT_RES(res);
965         return res;
966 }
967
968 static struct scst_cmd *scst_create_prepare_internal_cmd(
969         struct scst_cmd *orig_cmd, int bufsize)
970 {
971         struct scst_cmd *res;
972         gfp_t gfp_mask = scst_cmd_atomic(orig_cmd) ? GFP_ATOMIC : GFP_KERNEL;
973
974         TRACE_ENTRY();
975
976         res = scst_alloc_cmd(gfp_mask);
977         if (res == NULL)
978                 goto out;
979
980         res->cmd_lists = orig_cmd->cmd_lists;
981         res->sess = orig_cmd->sess;
982         res->atomic = scst_cmd_atomic(orig_cmd);
983         res->internal = 1;
984         res->tgtt = orig_cmd->tgtt;
985         res->tgt = orig_cmd->tgt;
986         res->dev = orig_cmd->dev;
987         res->tgt_dev = orig_cmd->tgt_dev;
988         res->lun = orig_cmd->lun;
989         res->queue_type = SCST_CMD_QUEUE_HEAD_OF_QUEUE;
990         res->data_direction = SCST_DATA_UNKNOWN;
991         res->orig_cmd = orig_cmd;
992         res->bufflen = bufsize;
993
994         res->state = SCST_CMD_STATE_PRE_PARSE;
995
996 out:
997         TRACE_EXIT_HRES((unsigned long)res);
998         return res;
999 }
1000
1001 static void scst_free_internal_cmd(struct scst_cmd *cmd)
1002 {
1003         TRACE_ENTRY();
1004
1005         __scst_cmd_put(cmd);
1006
1007         TRACE_EXIT();
1008         return;
1009 }
1010
1011 int scst_prepare_request_sense(struct scst_cmd *orig_cmd)
1012 {
1013         int res = 0;
1014 #define sbuf_size 252
1015         static const uint8_t request_sense[6] =
1016             { REQUEST_SENSE, 0, 0, 0, sbuf_size, 0 };
1017         struct scst_cmd *rs_cmd;
1018
1019         TRACE_ENTRY();
1020
1021         rs_cmd = scst_create_prepare_internal_cmd(orig_cmd, sbuf_size);
1022         if (rs_cmd == NULL)
1023                 goto out_error;
1024
1025         memcpy(rs_cmd->cdb, request_sense, sizeof(request_sense));
1026         rs_cmd->cdb_len = sizeof(request_sense);
1027         rs_cmd->data_direction = SCST_DATA_READ;
1028         rs_cmd->expected_data_direction = rs_cmd->data_direction;
1029         rs_cmd->expected_transfer_len = sbuf_size;
1030         rs_cmd->expected_values_set = 1;
1031
1032         TRACE(TRACE_MGMT_MINOR, "Adding REQUEST SENSE cmd %p to head of active "
1033                 "cmd list ", rs_cmd);
1034         spin_lock_irq(&rs_cmd->cmd_lists->cmd_list_lock);
1035         list_add(&rs_cmd->cmd_list_entry, &rs_cmd->cmd_lists->active_cmd_list);
1036         spin_unlock_irq(&rs_cmd->cmd_lists->cmd_list_lock);
1037         wake_up(&rs_cmd->cmd_lists->cmd_list_waitQ);
1038
1039 out:
1040         TRACE_EXIT_RES(res);
1041         return res;
1042
1043 out_error:
1044         res = -1;
1045         goto out;
1046 #undef sbuf_size
1047 }
1048
1049 struct scst_cmd *scst_complete_request_sense(struct scst_cmd *req_cmd)
1050 {
1051         struct scst_cmd *orig_cmd = req_cmd->orig_cmd;
1052         uint8_t *buf;
1053         int len;
1054
1055         TRACE_ENTRY();
1056
1057         sBUG_ON(orig_cmd == NULL);
1058
1059         len = scst_get_buf_first(req_cmd, &buf);
1060
1061         if (scsi_status_is_good(req_cmd->status) && (len > 0) &&
1062             SCST_SENSE_VALID(buf) && (!SCST_NO_SENSE(buf))) {
1063                 PRINT_BUFF_FLAG(TRACE_SCSI, "REQUEST SENSE returned",
1064                         buf, len);
1065                 scst_alloc_set_sense(orig_cmd, scst_cmd_atomic(req_cmd), buf,
1066                         len);
1067         } else {
1068                 PRINT_ERROR("%s", "Unable to get the sense via "
1069                         "REQUEST SENSE, returning HARDWARE ERROR");
1070                 scst_set_cmd_error(orig_cmd,
1071                         SCST_LOAD_SENSE(scst_sense_hardw_error));
1072         }
1073
1074         if (len > 0)
1075                 scst_put_buf(req_cmd, buf);
1076
1077         scst_free_internal_cmd(req_cmd);
1078
1079         TRACE_EXIT_HRES((unsigned long)orig_cmd);
1080         return orig_cmd;
1081 }
1082
1083 #if LINUX_VERSION_CODE < KERNEL_VERSION(2, 6, 18)
1084 static void scst_req_done(struct scsi_cmnd *scsi_cmd)
1085 {
1086         struct scsi_request *req;
1087
1088         TRACE_ENTRY();
1089
1090         if (scsi_cmd && (req = scsi_cmd->sc_request)) {
1091                 if (req) {
1092                         if (req->sr_bufflen)
1093                                 kfree(req->sr_buffer);
1094                         scsi_release_request(req);
1095                 }
1096         }
1097
1098         TRACE_EXIT();
1099         return;
1100 }
1101
1102 static void scst_send_release(struct scst_device *dev)
1103 {
1104         struct scsi_request *req;
1105         struct scsi_device *scsi_dev;
1106         uint8_t cdb[6];
1107
1108         TRACE_ENTRY();
1109
1110         if (dev->scsi_dev == NULL)
1111                 goto out;
1112
1113         scsi_dev = dev->scsi_dev;
1114
1115         req = scsi_allocate_request(scsi_dev, GFP_KERNEL);
1116         if (req == NULL) {
1117                 PRINT_ERROR("Allocation of scsi_request failed: unable "
1118                             "to RELEASE device %d:%d:%d:%d",
1119                             scsi_dev->host->host_no, scsi_dev->channel,
1120                             scsi_dev->id, scsi_dev->lun);
1121                 goto out;
1122         }
1123
1124         memset(cdb, 0, sizeof(cdb));
1125         cdb[0] = RELEASE;
1126         cdb[1] = (scsi_dev->scsi_level <= SCSI_2) ?
1127             ((scsi_dev->lun << 5) & 0xe0) : 0;
1128         memcpy(req->sr_cmnd, cdb, sizeof(cdb));
1129         req->sr_cmd_len = sizeof(cdb);
1130         req->sr_data_direction = SCST_DATA_NONE;
1131         req->sr_use_sg = 0;
1132         req->sr_bufflen = 0;
1133         req->sr_buffer = NULL;
1134         req->sr_request->rq_disk = dev->rq_disk;
1135         req->sr_sense_buffer[0] = 0;
1136
1137         TRACE(TRACE_DEBUG | TRACE_SCSI, "Sending RELEASE req %p to SCSI "
1138                 "mid-level", req);
1139         scst_do_req(req, req->sr_cmnd, (void *)req->sr_buffer, req->sr_bufflen,
1140                     scst_req_done, 15, 3);
1141
1142 out:
1143         TRACE_EXIT();
1144         return;
1145 }
1146 #else /* LINUX_VERSION_CODE < KERNEL_VERSION(2, 6, 18) */
1147 static void scst_send_release(struct scst_device *dev)
1148 {
1149         struct scsi_device *scsi_dev;
1150         unsigned char cdb[6];
1151         unsigned char *sense;
1152         int rc, i;
1153
1154         TRACE_ENTRY();
1155
1156         if (dev->scsi_dev == NULL)
1157                 goto out;
1158
1159         /* We can't afford missing RELEASE due to memory shortage */
1160         sense = kmalloc(SCST_SENSE_BUFFERSIZE, GFP_KERNEL|__GFP_NOFAIL);
1161
1162         scsi_dev = dev->scsi_dev;
1163
1164         for (i = 0; i < 5; i++) {
1165                 memset(cdb, 0, sizeof(cdb));
1166                 cdb[0] = RELEASE;
1167                 cdb[1] = (scsi_dev->scsi_level <= SCSI_2) ?
1168                     ((scsi_dev->lun << 5) & 0xe0) : 0;
1169
1170                 memset(sense, 0, SCST_SENSE_BUFFERSIZE);
1171
1172                 TRACE(TRACE_DEBUG | TRACE_SCSI, "%s", "Sending RELEASE req to "
1173                         "SCSI mid-level");
1174                 rc = scsi_execute(scsi_dev, cdb, SCST_DATA_NONE, NULL, 0,
1175                                 sense, 15, 0, 0);
1176                 TRACE_DBG("MODE_SENSE done: %x", rc);
1177
1178                 if (scsi_status_is_good(rc)) {
1179                         break;
1180                 } else {
1181                         PRINT_ERROR("RELEASE failed: %d", rc);
1182                         PRINT_BUFFER("RELEASE sense", sense,
1183                                 SCST_SENSE_BUFFERSIZE);
1184                         scst_check_internal_sense(dev, rc,
1185                                         sense, SCST_SENSE_BUFFERSIZE);
1186                 }
1187         }
1188
1189         kfree(sense);
1190
1191 out:
1192         TRACE_EXIT();
1193         return;
1194 }
1195 #endif /* LINUX_VERSION_CODE < KERNEL_VERSION(2, 6, 18) */
1196
1197 /* scst_mutex supposed to be held */
1198 static void scst_clear_reservation(struct scst_tgt_dev *tgt_dev)
1199 {
1200         struct scst_device *dev = tgt_dev->dev;
1201         int release = 0;
1202
1203         TRACE_ENTRY();
1204
1205         spin_lock_bh(&dev->dev_lock);
1206         if (dev->dev_reserved &&
1207             !test_bit(SCST_TGT_DEV_RESERVED, &tgt_dev->tgt_dev_flags)) {
1208                 /* This is one who holds the reservation */
1209                 struct scst_tgt_dev *tgt_dev_tmp;
1210                 list_for_each_entry(tgt_dev_tmp, &dev->dev_tgt_dev_list,
1211                                     dev_tgt_dev_list_entry) {
1212                         clear_bit(SCST_TGT_DEV_RESERVED,
1213                                     &tgt_dev_tmp->tgt_dev_flags);
1214                 }
1215                 dev->dev_reserved = 0;
1216                 release = 1;
1217         }
1218         spin_unlock_bh(&dev->dev_lock);
1219
1220         if (release)
1221                 scst_send_release(dev);
1222
1223         TRACE_EXIT();
1224         return;
1225 }
1226
1227 struct scst_session *scst_alloc_session(struct scst_tgt *tgt, gfp_t gfp_mask,
1228         const char *initiator_name)
1229 {
1230         struct scst_session *sess;
1231         int i;
1232         int len;
1233         char *nm;
1234
1235         TRACE_ENTRY();
1236
1237 #if LINUX_VERSION_CODE < KERNEL_VERSION(2, 6, 17)
1238         sess = kmem_cache_alloc(scst_sess_cachep, gfp_mask);
1239 #else
1240         sess = kmem_cache_zalloc(scst_sess_cachep, gfp_mask);
1241 #endif
1242         if (sess == NULL) {
1243                 TRACE(TRACE_OUT_OF_MEM, "%s",
1244                       "Allocation of scst_session failed");
1245                 goto out;
1246         }
1247 #if LINUX_VERSION_CODE < KERNEL_VERSION(2, 6, 17)
1248         memset(sess, 0, sizeof(*sess));
1249 #endif
1250
1251         sess->init_phase = SCST_SESS_IPH_INITING;
1252         sess->shut_phase = SCST_SESS_SPH_READY;
1253         atomic_set(&sess->refcnt, 0);
1254         for (i = 0; i < TGT_DEV_HASH_SIZE; i++) {
1255                 struct list_head *sess_tgt_dev_list_head =
1256                          &sess->sess_tgt_dev_list_hash[i];
1257                 INIT_LIST_HEAD(sess_tgt_dev_list_head);
1258         }
1259         spin_lock_init(&sess->sess_list_lock);
1260         INIT_LIST_HEAD(&sess->search_cmd_list);
1261         sess->tgt = tgt;
1262         INIT_LIST_HEAD(&sess->init_deferred_cmd_list);
1263         INIT_LIST_HEAD(&sess->init_deferred_mcmd_list);
1264
1265 #ifdef CONFIG_SCST_MEASURE_LATENCY
1266         spin_lock_init(&sess->meas_lock);
1267 #endif
1268
1269         len = strlen(initiator_name);
1270         nm = kmalloc(len + 1, gfp_mask);
1271         if (nm == NULL) {
1272                 PRINT_ERROR("%s", "Unable to allocate sess->initiator_name");
1273                 goto out_free;
1274         }
1275
1276         strcpy(nm, initiator_name);
1277         sess->initiator_name = nm;
1278
1279 out:
1280         TRACE_EXIT();
1281         return sess;
1282
1283 out_free:
1284         kmem_cache_free(scst_sess_cachep, sess);
1285         sess = NULL;
1286         goto out;
1287 }
1288
1289 void scst_free_session(struct scst_session *sess)
1290 {
1291         TRACE_ENTRY();
1292
1293         mutex_lock(&scst_mutex);
1294
1295         TRACE_DBG("Removing sess %p from the list", sess);
1296         list_del(&sess->sess_list_entry);
1297         TRACE_DBG("Removing session %p from acg %s", sess, sess->acg->acg_name);
1298         list_del(&sess->acg_sess_list_entry);
1299
1300         scst_sess_free_tgt_devs(sess);
1301
1302         wake_up_all(&sess->tgt->unreg_waitQ);
1303
1304         mutex_unlock(&scst_mutex);
1305
1306         kfree(sess->initiator_name);
1307         kmem_cache_free(scst_sess_cachep, sess);
1308
1309         TRACE_EXIT();
1310         return;
1311 }
1312
1313 void scst_free_session_callback(struct scst_session *sess)
1314 {
1315         struct completion *c;
1316
1317         TRACE_ENTRY();
1318
1319         TRACE_DBG("Freeing session %p", sess);
1320
1321         c = sess->shutdown_compl;
1322
1323         if (sess->unreg_done_fn) {
1324                 TRACE_DBG("Calling unreg_done_fn(%p)", sess);
1325                 sess->unreg_done_fn(sess);
1326                 TRACE_DBG("%s", "unreg_done_fn() returned");
1327         }
1328         scst_free_session(sess);
1329
1330         if (c)
1331                 complete_all(c);
1332
1333         TRACE_EXIT();
1334         return;
1335 }
1336
1337 void scst_sched_session_free(struct scst_session *sess)
1338 {
1339         unsigned long flags;
1340
1341         TRACE_ENTRY();
1342
1343         if (sess->shut_phase != SCST_SESS_SPH_SHUTDOWN) {
1344                 PRINT_CRIT_ERROR("session %p is going to shutdown with unknown "
1345                         "shut phase %lx", sess, sess->shut_phase);
1346                 sBUG();
1347         }
1348
1349         spin_lock_irqsave(&scst_mgmt_lock, flags);
1350         TRACE_DBG("Adding sess %p to scst_sess_shut_list", sess);
1351         list_add_tail(&sess->sess_shut_list_entry, &scst_sess_shut_list);
1352         spin_unlock_irqrestore(&scst_mgmt_lock, flags);
1353
1354         wake_up(&scst_mgmt_waitQ);
1355
1356         TRACE_EXIT();
1357         return;
1358 }
1359
1360 void scst_cmd_get(struct scst_cmd *cmd)
1361 {
1362         __scst_cmd_get(cmd);
1363 }
1364 EXPORT_SYMBOL(scst_cmd_get);
1365
1366 void scst_cmd_put(struct scst_cmd *cmd)
1367 {
1368         __scst_cmd_put(cmd);
1369 }
1370 EXPORT_SYMBOL(scst_cmd_put);
1371
1372 struct scst_cmd *scst_alloc_cmd(gfp_t gfp_mask)
1373 {
1374         struct scst_cmd *cmd;
1375
1376         TRACE_ENTRY();
1377
1378 #if LINUX_VERSION_CODE < KERNEL_VERSION(2, 6, 17)
1379         cmd = kmem_cache_alloc(scst_cmd_cachep, gfp_mask);
1380 #else
1381         cmd = kmem_cache_zalloc(scst_cmd_cachep, gfp_mask);
1382 #endif
1383         if (cmd == NULL) {
1384                 TRACE(TRACE_OUT_OF_MEM, "%s", "Allocation of scst_cmd failed");
1385                 goto out;
1386         }
1387 #if LINUX_VERSION_CODE < KERNEL_VERSION(2, 6, 17)
1388         memset(cmd, 0, sizeof(*cmd));
1389 #endif
1390
1391         cmd->state = SCST_CMD_STATE_INIT_WAIT;
1392         cmd->start_time = jiffies;
1393         atomic_set(&cmd->cmd_ref, 1);
1394         cmd->cmd_lists = &scst_main_cmd_lists;
1395         INIT_LIST_HEAD(&cmd->mgmt_cmd_list);
1396         cmd->queue_type = SCST_CMD_QUEUE_SIMPLE;
1397         cmd->timeout = SCST_DEFAULT_TIMEOUT;
1398         cmd->retries = 0;
1399         cmd->data_len = -1;
1400         cmd->is_send_status = 1;
1401         cmd->resp_data_len = -1;
1402
1403         cmd->dbl_ua_orig_data_direction = SCST_DATA_UNKNOWN;
1404         cmd->dbl_ua_orig_resp_data_len = -1;
1405
1406 out:
1407         TRACE_EXIT();
1408         return cmd;
1409 }
1410
1411 static void scst_destroy_put_cmd(struct scst_cmd *cmd)
1412 {
1413         scst_sess_put(cmd->sess);
1414
1415         /*
1416          * At this point tgt_dev can be dead, but the pointer remains non-NULL
1417          */
1418         if (likely(cmd->tgt_dev != NULL))
1419                 __scst_put();
1420
1421         scst_destroy_cmd(cmd);
1422         return;
1423 }
1424
1425 /* No locks supposed to be held */
1426 void scst_free_cmd(struct scst_cmd *cmd)
1427 {
1428         int destroy = 1;
1429
1430         TRACE_ENTRY();
1431
1432         TRACE_DBG("Freeing cmd %p (tag %llu)",
1433                   cmd, (long long unsigned int)cmd->tag);
1434
1435         if (unlikely(test_bit(SCST_CMD_ABORTED, &cmd->cmd_flags))) {
1436                 TRACE_MGMT_DBG("Freeing aborted cmd %p (scst_cmd_count %d)",
1437                         cmd, atomic_read(&scst_cmd_count));
1438         }
1439
1440         sBUG_ON(cmd->inc_blocking || cmd->needs_unblocking ||
1441                 cmd->dec_on_dev_needed);
1442
1443 #if LINUX_VERSION_CODE < KERNEL_VERSION(2, 6, 18)
1444 #if defined(CONFIG_SCST_EXTRACHECKS)
1445         if (cmd->scsi_req) {
1446                 PRINT_ERROR("%s: %s", __func__, "Cmd with unfreed "
1447                         "scsi_req!");
1448                 scst_release_request(cmd);
1449         }
1450 #endif
1451 #endif
1452
1453         /*
1454          * Target driver can already free sg buffer before calling
1455          * scst_tgt_cmd_done(). E.g., scst_local has to do that.
1456          */
1457         if (!cmd->tgt_data_buf_alloced)
1458                 scst_check_restore_sg_buff(cmd);
1459
1460         if (unlikely(cmd->internal)) {
1461                 if (cmd->bufflen > 0)
1462                         scst_release_space(cmd);
1463                 scst_destroy_cmd(cmd);
1464                 goto out;
1465         }
1466
1467         if (cmd->tgtt->on_free_cmd != NULL) {
1468                 TRACE_DBG("Calling target's on_free_cmd(%p)", cmd);
1469                 cmd->tgtt->on_free_cmd(cmd);
1470                 TRACE_DBG("%s", "Target's on_free_cmd() returned");
1471         }
1472
1473         if (likely(cmd->dev != NULL)) {
1474                 struct scst_dev_type *handler = cmd->dev->handler;
1475                 if (handler->on_free_cmd != NULL) {
1476                         TRACE_DBG("Calling dev handler %s on_free_cmd(%p)",
1477                               handler->name, cmd);
1478                         handler->on_free_cmd(cmd);
1479                         TRACE_DBG("Dev handler %s on_free_cmd() returned",
1480                                 handler->name);
1481                 }
1482         }
1483
1484         scst_release_space(cmd);
1485
1486         if (unlikely(cmd->sense != NULL)) {
1487                 TRACE_MEM("Releasing sense %p (cmd %p)", cmd->sense, cmd);
1488                 mempool_free(cmd->sense, scst_sense_mempool);
1489                 cmd->sense = NULL;
1490         }
1491
1492         if (likely(cmd->tgt_dev != NULL)) {
1493 #ifdef CONFIG_SCST_EXTRACHECKS
1494                 if (unlikely(!cmd->sent_for_exec)) {
1495                         PRINT_ERROR("Finishing not executed cmd %p (opcode "
1496                             "%d, target %s, lun %lld, sn %ld, expected_sn %ld)",
1497                             cmd, cmd->cdb[0], cmd->tgtt->name,
1498                             (long long unsigned int)cmd->lun,
1499                             cmd->sn, cmd->tgt_dev->expected_sn);
1500                         scst_unblock_deferred(cmd->tgt_dev, cmd);
1501                 }
1502 #endif
1503
1504                 if (unlikely(cmd->out_of_sn)) {
1505                         TRACE_SN("Out of SN cmd %p (tag %llu, sn %ld), "
1506                                 "destroy=%d", cmd,
1507                                 (long long unsigned int)cmd->tag,
1508                                 cmd->sn, destroy);
1509                         destroy = test_and_set_bit(SCST_CMD_CAN_BE_DESTROYED,
1510                                         &cmd->cmd_flags);
1511                 }
1512         }
1513
1514         if (likely(destroy))
1515                 scst_destroy_put_cmd(cmd);
1516
1517 out:
1518         TRACE_EXIT();
1519         return;
1520 }
1521
1522 /* No locks supposed to be held. */
1523 void scst_check_retries(struct scst_tgt *tgt)
1524 {
1525         int need_wake_up = 0;
1526
1527         TRACE_ENTRY();
1528
1529         /*
1530          * We don't worry about overflow of finished_cmds, because we check
1531          * only for its change
1532          */
1533         atomic_inc(&tgt->finished_cmds);
1534         smp_mb__after_atomic_inc();
1535         if (unlikely(tgt->retry_cmds > 0)) {
1536                 struct scst_cmd *c, *tc;
1537                 unsigned long flags;
1538
1539                 TRACE_RETRY("Checking retry cmd list (retry_cmds %d)",
1540                       tgt->retry_cmds);
1541
1542                 spin_lock_irqsave(&tgt->tgt_lock, flags);
1543                 list_for_each_entry_safe(c, tc, &tgt->retry_cmd_list,
1544                                 cmd_list_entry)
1545                 {
1546                         tgt->retry_cmds--;
1547
1548                         TRACE_RETRY("Moving retry cmd %p to head of active "
1549                                 "cmd list (retry_cmds left %d)",
1550                                 c, tgt->retry_cmds);
1551                         spin_lock(&c->cmd_lists->cmd_list_lock);
1552                         list_move(&c->cmd_list_entry,
1553                                   &c->cmd_lists->active_cmd_list);
1554                         wake_up(&c->cmd_lists->cmd_list_waitQ);
1555                         spin_unlock(&c->cmd_lists->cmd_list_lock);
1556
1557                         need_wake_up++;
1558                         if (need_wake_up >= 2) /* "slow start" */
1559                                 break;
1560                 }
1561                 spin_unlock_irqrestore(&tgt->tgt_lock, flags);
1562         }
1563
1564         TRACE_EXIT();
1565         return;
1566 }
1567
1568 void scst_tgt_retry_timer_fn(unsigned long arg)
1569 {
1570         struct scst_tgt *tgt = (struct scst_tgt *)arg;
1571         unsigned long flags;
1572
1573         TRACE_RETRY("Retry timer expired (retry_cmds %d)", tgt->retry_cmds);
1574
1575         spin_lock_irqsave(&tgt->tgt_lock, flags);
1576         tgt->retry_timer_active = 0;
1577         spin_unlock_irqrestore(&tgt->tgt_lock, flags);
1578
1579         scst_check_retries(tgt);
1580
1581         TRACE_EXIT();
1582         return;
1583 }
1584
1585 struct scst_mgmt_cmd *scst_alloc_mgmt_cmd(gfp_t gfp_mask)
1586 {
1587         struct scst_mgmt_cmd *mcmd;
1588
1589         TRACE_ENTRY();
1590
1591         mcmd = mempool_alloc(scst_mgmt_mempool, gfp_mask);
1592         if (mcmd == NULL) {
1593                 PRINT_CRIT_ERROR("%s", "Allocation of management command "
1594                         "failed, some commands and their data could leak");
1595                 goto out;
1596         }
1597         memset(mcmd, 0, sizeof(*mcmd));
1598
1599 out:
1600         TRACE_EXIT();
1601         return mcmd;
1602 }
1603
1604 void scst_free_mgmt_cmd(struct scst_mgmt_cmd *mcmd)
1605 {
1606         unsigned long flags;
1607
1608         TRACE_ENTRY();
1609
1610         spin_lock_irqsave(&mcmd->sess->sess_list_lock, flags);
1611         atomic_dec(&mcmd->sess->sess_cmd_count);
1612         spin_unlock_irqrestore(&mcmd->sess->sess_list_lock, flags);
1613
1614         scst_sess_put(mcmd->sess);
1615
1616         if (mcmd->mcmd_tgt_dev != NULL)
1617                 __scst_put();
1618
1619         mempool_free(mcmd, scst_mgmt_mempool);
1620
1621         TRACE_EXIT();
1622         return;
1623 }
1624
1625 #if LINUX_VERSION_CODE < KERNEL_VERSION(2, 6, 18)
1626 int scst_alloc_request(struct scst_cmd *cmd)
1627 {
1628         int res = 0;
1629         struct scsi_request *req;
1630         int gm = scst_cmd_atomic(cmd) ? GFP_ATOMIC : GFP_KERNEL;
1631
1632         TRACE_ENTRY();
1633
1634         /* cmd->dev->scsi_dev must be non-NULL here */
1635         req = scsi_allocate_request(cmd->dev->scsi_dev, gm);
1636         if (req == NULL) {
1637                 TRACE(TRACE_OUT_OF_MEM, "%s",
1638                       "Allocation of scsi_request failed");
1639                 res = -ENOMEM;
1640                 goto out;
1641         }
1642
1643         cmd->scsi_req = req;
1644
1645         memcpy(req->sr_cmnd, cmd->cdb, cmd->cdb_len);
1646         req->sr_cmd_len = cmd->cdb_len;
1647         req->sr_data_direction = cmd->data_direction;
1648         req->sr_use_sg = cmd->sg_cnt;
1649         req->sr_bufflen = cmd->bufflen;
1650         req->sr_buffer = cmd->sg;
1651         req->sr_request->rq_disk = cmd->dev->rq_disk;
1652         req->sr_sense_buffer[0] = 0;
1653
1654         cmd->scsi_req->upper_private_data = cmd;
1655
1656 out:
1657         TRACE_EXIT();
1658         return res;
1659 }
1660
1661 void scst_release_request(struct scst_cmd *cmd)
1662 {
1663         scsi_release_request(cmd->scsi_req);
1664         cmd->scsi_req = NULL;
1665 }
1666 #endif
1667
1668 int scst_alloc_space(struct scst_cmd *cmd)
1669 {
1670         gfp_t gfp_mask;
1671         int res = -ENOMEM;
1672         int atomic = scst_cmd_atomic(cmd);
1673         int flags;
1674         struct scst_tgt_dev *tgt_dev = cmd->tgt_dev;
1675
1676         TRACE_ENTRY();
1677
1678         gfp_mask = tgt_dev->gfp_mask | (atomic ? GFP_ATOMIC : GFP_KERNEL);
1679
1680         flags = atomic ? SCST_POOL_NO_ALLOC_ON_CACHE_MISS : 0;
1681         if (cmd->no_sgv)
1682                 flags |= SCST_POOL_ALLOC_NO_CACHED;
1683
1684         cmd->sg = sgv_pool_alloc(tgt_dev->pool, cmd->bufflen, gfp_mask, flags,
1685                         &cmd->sg_cnt, &cmd->sgv, &cmd->dev->dev_mem_lim, NULL);
1686         if (cmd->sg == NULL)
1687                 goto out;
1688
1689         if (unlikely(cmd->sg_cnt > tgt_dev->max_sg_cnt)) {
1690                 static int ll;
1691                 if (ll < 10) {
1692                         PRINT_INFO("Unable to complete command due to "
1693                                 "SG IO count limitation (requested %d, "
1694                                 "available %d, tgt lim %d)", cmd->sg_cnt,
1695                                 tgt_dev->max_sg_cnt, cmd->tgt->sg_tablesize);
1696                         ll++;
1697                 }
1698                 goto out_sg_free;
1699         }
1700
1701         res = 0;
1702
1703 out:
1704         TRACE_EXIT();
1705         return res;
1706
1707 out_sg_free:
1708         sgv_pool_free(cmd->sgv, &cmd->dev->dev_mem_lim);
1709         cmd->sgv = NULL;
1710         cmd->sg = NULL;
1711         cmd->sg_cnt = 0;
1712         goto out;
1713 }
1714
1715 void scst_release_space(struct scst_cmd *cmd)
1716 {
1717         TRACE_ENTRY();
1718
1719         if (cmd->sgv == NULL)
1720                 goto out;
1721
1722         if (cmd->tgt_data_buf_alloced || cmd->dh_data_buf_alloced) {
1723                 TRACE_MEM("%s", "*data_buf_alloced set, returning");
1724                 goto out;
1725         }
1726
1727         sgv_pool_free(cmd->sgv, &cmd->dev->dev_mem_lim);
1728
1729         cmd->sgv = NULL;
1730         cmd->sg_cnt = 0;
1731         cmd->sg = NULL;
1732         cmd->bufflen = 0;
1733         cmd->data_len = 0;
1734
1735 out:
1736         TRACE_EXIT();
1737         return;
1738 }
1739
1740 void scst_copy_sg(struct scst_cmd *cmd, enum scst_sg_copy_dir copy_dir)
1741 {
1742         struct scatterlist *src_sg, *dst_sg;
1743         unsigned int src_sg_cnt, src_len, dst_len, src_offs, dst_offs;
1744         struct page *src, *dst;
1745         unsigned int s, d, to_copy;
1746
1747         TRACE_ENTRY();
1748
1749         if (copy_dir == SCST_SG_COPY_FROM_TARGET) {
1750                 src_sg = cmd->tgt_sg;
1751                 src_sg_cnt = cmd->tgt_sg_cnt;
1752                 dst_sg = cmd->sg;
1753                 to_copy = cmd->bufflen;
1754         } else {
1755                 src_sg = cmd->sg;
1756                 src_sg_cnt = cmd->sg_cnt;
1757                 dst_sg = cmd->tgt_sg;
1758                 to_copy = cmd->resp_data_len;
1759         }
1760
1761         TRACE_MEM("cmd %p, copy_dir %d, src_sg %p, src_sg_cnt %d, dst_sg %p, "
1762                 "to_copy %d", cmd, copy_dir, src_sg, src_sg_cnt, dst_sg,
1763                 to_copy);
1764
1765         dst = sg_page(dst_sg);
1766         dst_len = dst_sg->length;
1767         dst_offs = dst_sg->offset;
1768
1769         s = 0;
1770         d = 0;
1771         src_offs = 0;
1772         while (s < src_sg_cnt) {
1773                 src = sg_page(&src_sg[s]);
1774                 src_len = src_sg[s].length;
1775                 src_offs += src_sg[s].offset;
1776
1777                 do {
1778                         unsigned int n;
1779
1780                         /*
1781                          * Himem pages are not allowed here, see the
1782                          * corresponding #warning in scst_main.c. Correct
1783                          * your target driver or dev handler to not alloc
1784                          * such pages!
1785                          */
1786                         EXTRACHECKS_BUG_ON(PageHighMem(dst) ||
1787                                            PageHighMem(src));
1788
1789                         TRACE_MEM("cmd %p, to_copy %d, src %p, src_len %d, "
1790                                 "src_offs %d, dst %p, dst_len %d, dst_offs %d",
1791                                 cmd, to_copy, src, src_len, src_offs, dst,
1792                                 dst_len, dst_offs);
1793
1794                         if ((src_offs == 0) && (dst_offs == 0) &&
1795                             (src_len >= PAGE_SIZE) && (dst_len >= PAGE_SIZE)) {
1796                                 copy_page(page_address(dst), page_address(src));
1797                                 n = PAGE_SIZE;
1798                         } else {
1799                                 n = min(PAGE_SIZE - dst_offs,
1800                                         PAGE_SIZE - src_offs);
1801                                 n = min(n, src_len);
1802                                 n = min(n, dst_len);
1803                                 memcpy(page_address(dst) + dst_offs,
1804                                        page_address(src) + src_offs, n);
1805                                 dst_offs -= min(n, dst_offs);
1806                                 src_offs -= min(n, src_offs);
1807                         }
1808
1809                         TRACE_MEM("cmd %p, n %d, s %d", cmd, n, s);
1810
1811                         to_copy -= n;
1812                         if (to_copy <= 0)
1813                                 goto out;
1814
1815                         src_len -= n;
1816                         dst_len -= n;
1817                         if (dst_len == 0) {
1818                                 d++;
1819                                 dst = sg_page(&dst_sg[d]);
1820                                 dst_len = dst_sg[d].length;
1821                                 dst_offs += dst_sg[d].offset;
1822                         }
1823                 } while (src_len > 0);
1824
1825                 s++;
1826         }
1827
1828 out:
1829         TRACE_EXIT();
1830         return;
1831 }
1832
1833 static const int SCST_CDB_LENGTH[8] = { 6, 10, 10, -1, 16, 12, -1, -1 };
1834
1835 #define SCST_CDB_GROUP(opcode)   ((opcode >> 5) & 0x7)
1836 #define SCST_GET_CDB_LEN(opcode) SCST_CDB_LENGTH[SCST_CDB_GROUP(opcode)]
1837
1838 int scst_get_cdb_len(const uint8_t *cdb)
1839 {
1840         return SCST_GET_CDB_LEN(cdb[0]);
1841 }
1842
1843 /* get_trans_len_x extract x bytes from cdb as length starting from off */
1844
1845 /* for special commands */
1846 static int get_trans_len_block_limit(struct scst_cmd *cmd, uint8_t off)
1847 {
1848         cmd->bufflen = 6;
1849         return 0;
1850 }
1851
1852 static int get_trans_len_read_capacity(struct scst_cmd *cmd, uint8_t off)
1853 {
1854         cmd->bufflen = READ_CAP_LEN;
1855         return 0;
1856 }
1857
1858 static int get_trans_len_single(struct scst_cmd *cmd, uint8_t off)
1859 {
1860         cmd->bufflen = 1;
1861         return 0;
1862 }
1863
1864 static int get_trans_len_read_pos(struct scst_cmd *cmd, uint8_t off)
1865 {
1866         uint8_t *p = (uint8_t *)cmd->cdb + off;
1867         int res = 0;
1868
1869         cmd->bufflen = 0;
1870         cmd->bufflen |= ((u32)p[0]) << 8;
1871         cmd->bufflen |= ((u32)p[1]);
1872
1873         switch (cmd->cdb[1] & 0x1f) {
1874         case 0:
1875         case 1:
1876         case 6:
1877                 if (cmd->bufflen != 0) {
1878                         PRINT_ERROR("READ POSITION: Invalid non-zero (%d) "
1879                                 "allocation length for service action %x",
1880                                 cmd->bufflen, cmd->cdb[1] & 0x1f);
1881                         goto out_inval;
1882                 }
1883                 break;
1884         }
1885
1886         switch (cmd->cdb[1] & 0x1f) {
1887         case 0:
1888         case 1:
1889                 cmd->bufflen = 20;
1890                 break;
1891         case 6:
1892                 cmd->bufflen = 32;
1893                 break;
1894         case 8:
1895                 cmd->bufflen = max(28, cmd->bufflen);
1896                 break;
1897         default:
1898                 PRINT_ERROR("READ POSITION: Invalid service action %x",
1899                         cmd->cdb[1] & 0x1f);
1900                 goto out_inval;
1901         }
1902
1903 out:
1904         return res;
1905
1906 out_inval:
1907         scst_set_cmd_error(cmd,
1908                 SCST_LOAD_SENSE(scst_sense_invalid_field_in_cdb));
1909         res = 1;
1910         goto out;
1911 }
1912
1913 static int get_trans_len_1(struct scst_cmd *cmd, uint8_t off)
1914 {
1915         cmd->bufflen = (u32)cmd->cdb[off];
1916         return 0;
1917 }
1918
1919 static int get_trans_len_1_256(struct scst_cmd *cmd, uint8_t off)
1920 {
1921         cmd->bufflen = (u32)cmd->cdb[off];
1922         if (cmd->bufflen == 0)
1923                 cmd->bufflen = 256;
1924         return 0;
1925 }
1926
1927 static int get_trans_len_2(struct scst_cmd *cmd, uint8_t off)
1928 {
1929         const uint8_t *p = cmd->cdb + off;
1930
1931         cmd->bufflen = 0;
1932         cmd->bufflen |= ((u32)p[0]) << 8;
1933         cmd->bufflen |= ((u32)p[1]);
1934
1935         return 0;
1936 }
1937
1938 static int get_trans_len_3(struct scst_cmd *cmd, uint8_t off)
1939 {
1940         const uint8_t *p = cmd->cdb + off;
1941
1942         cmd->bufflen = 0;
1943         cmd->bufflen |= ((u32)p[0]) << 16;
1944         cmd->bufflen |= ((u32)p[1]) << 8;
1945         cmd->bufflen |= ((u32)p[2]);
1946
1947         return 0;
1948 }
1949
1950 static int get_trans_len_4(struct scst_cmd *cmd, uint8_t off)
1951 {
1952         const uint8_t *p = cmd->cdb + off;
1953
1954         cmd->bufflen = 0;
1955         cmd->bufflen |= ((u32)p[0]) << 24;
1956         cmd->bufflen |= ((u32)p[1]) << 16;
1957         cmd->bufflen |= ((u32)p[2]) << 8;
1958         cmd->bufflen |= ((u32)p[3]);
1959
1960         return 0;
1961 }
1962
1963 static int get_trans_len_none(struct scst_cmd *cmd, uint8_t off)
1964 {
1965         cmd->bufflen = 0;
1966         return 0;
1967 }
1968
1969 int scst_get_cdb_info(struct scst_cmd *cmd)
1970 {
1971         int dev_type = cmd->dev->handler->type;
1972         int i, res = 0;
1973         uint8_t op;
1974         const struct scst_sdbops *ptr = NULL;
1975
1976         TRACE_ENTRY();
1977
1978         op = cmd->cdb[0];       /* get clear opcode */
1979
1980         TRACE_DBG("opcode=%02x, cdblen=%d bytes, tblsize=%d, "
1981                 "dev_type=%d", op, SCST_GET_CDB_LEN(op), SCST_CDB_TBL_SIZE,
1982                 dev_type);
1983
1984         i = scst_scsi_op_list[op];
1985         while (i < SCST_CDB_TBL_SIZE && scst_scsi_op_table[i].ops == op) {
1986                 if (scst_scsi_op_table[i].devkey[dev_type] != SCST_CDB_NOTSUPP) {
1987                         ptr = &scst_scsi_op_table[i];
1988                         TRACE_DBG("op = 0x%02x+'%c%c%c%c%c%c%c%c%c%c'+<%s>",
1989                               ptr->ops, ptr->devkey[0], /* disk     */
1990                               ptr->devkey[1],   /* tape     */
1991                               ptr->devkey[2],   /* printer */
1992                               ptr->devkey[3],   /* cpu      */
1993                               ptr->devkey[4],   /* cdr      */
1994                               ptr->devkey[5],   /* cdrom    */
1995                               ptr->devkey[6],   /* scanner */
1996                               ptr->devkey[7],   /* worm     */
1997                               ptr->devkey[8],   /* changer */
1998                               ptr->devkey[9],   /* commdev */
1999                               ptr->op_name);
2000                         TRACE_DBG("direction=%d flags=%d off=%d",
2001                               ptr->direction,
2002                               ptr->flags,
2003                               ptr->off);
2004                         break;
2005                 }
2006                 i++;
2007         }
2008
2009         if (ptr == NULL) {
2010                 /* opcode not found or now not used !!! */
2011                 TRACE(TRACE_SCSI, "Unknown opcode 0x%x for type %d", op,
2012                       dev_type);
2013                 res = -1;
2014                 cmd->op_flags = SCST_INFO_INVALID;
2015                 goto out;
2016         }
2017
2018         cmd->cdb_len = SCST_GET_CDB_LEN(op);
2019         cmd->op_name = ptr->op_name;
2020         cmd->data_direction = ptr->direction;
2021         cmd->op_flags = ptr->flags;
2022         res = (*ptr->get_trans_len)(cmd, ptr->off);
2023
2024         if (cmd->bufflen == 0) {
2025                 /*
2026                  * According to SPC bufflen 0 for data transfer commands isn't
2027                  * an error, so we need to fix the transfer direction.
2028                  */
2029                 cmd->data_direction = SCST_DATA_NONE;
2030         }
2031
2032 out:
2033         TRACE_EXIT();
2034         return res;
2035 }
2036 EXPORT_SYMBOL(scst_get_cdb_info);
2037
2038 /*
2039  * Routine to extract a lun number from an 8-byte LUN structure
2040  * in network byte order (BE).
2041  * (see SAM-2, Section 4.12.3 page 40)
2042  * Supports 2 types of lun unpacking: peripheral and logical unit.
2043  */
2044 uint64_t scst_unpack_lun(const uint8_t *lun, int len)
2045 {
2046         uint64_t res = NO_SUCH_LUN;
2047         int address_method;
2048
2049         TRACE_ENTRY();
2050
2051         TRACE_BUFF_FLAG(TRACE_DEBUG, "Raw LUN", lun, len);
2052
2053         if (unlikely(len < 2)) {
2054                 PRINT_ERROR("Illegal lun length %d, expected 2 bytes or "
2055                         "more", len);
2056                 goto out;
2057         }
2058
2059         if (len > 2) {
2060                 switch (len) {
2061                 case 8:
2062                         if ((*((uint64_t *)lun) &
2063                           __constant_cpu_to_be64(0x0000FFFFFFFFFFFFLL)) != 0)
2064                                 goto out_err;
2065                         break;
2066                 case 4:
2067                         if (*((uint16_t *)&lun[2]) != 0)
2068                                 goto out_err;
2069                         break;
2070                 case 6:
2071                         if (*((uint32_t *)&lun[2]) != 0)
2072                                 goto out_err;
2073                         break;
2074                 default:
2075                         goto out_err;
2076                 }
2077         }
2078
2079         address_method = (*lun) >> 6;   /* high 2 bits of byte 0 */
2080         switch (address_method) {
2081         case 0: /* peripheral device addressing method */
2082 #if 0
2083                 if (*lun) {
2084                         PRINT_ERROR("Illegal BUS INDENTIFIER in LUN "
2085                              "peripheral device addressing method 0x%02x, "
2086                              "expected 0", *lun);
2087                         break;
2088                 }
2089                 res = *(lun + 1);
2090                 break;
2091 #else
2092                 /*
2093                  * Looks like it's legal to use it as flat space addressing
2094                  * method as well
2095                  */
2096
2097                 /* go through */
2098 #endif
2099
2100         case 1: /* flat space addressing method */
2101                 res = *(lun + 1) | (((*lun) & 0x3f) << 8);
2102                 break;
2103
2104         case 2: /* logical unit addressing method */
2105                 if (*lun & 0x3f) {
2106                         PRINT_ERROR("Illegal BUS NUMBER in LUN logical unit "
2107                                     "addressing method 0x%02x, expected 0",
2108                                     *lun & 0x3f);
2109                         break;
2110                 }
2111                 if (*(lun + 1) & 0xe0) {
2112                         PRINT_ERROR("Illegal TARGET in LUN logical unit "
2113                                     "addressing method 0x%02x, expected 0",
2114                                     (*(lun + 1) & 0xf8) >> 5);
2115                         break;
2116                 }
2117                 res = *(lun + 1) & 0x1f;
2118                 break;
2119
2120         case 3: /* extended logical unit addressing method */
2121         default:
2122                 PRINT_ERROR("Unimplemented LUN addressing method %u",
2123                             address_method);
2124                 break;
2125         }
2126
2127 out:
2128         TRACE_EXIT_RES((int)res);
2129         return res;
2130
2131 out_err:
2132         PRINT_ERROR("%s", "Multi-level LUN unimplemented");
2133         goto out;
2134 }
2135
2136 int scst_calc_block_shift(int sector_size)
2137 {
2138         int block_shift = 0;
2139         int t;
2140
2141         if (sector_size == 0)
2142                 sector_size = 512;
2143
2144         t = sector_size;
2145         while (1) {
2146                 if ((t & 1) != 0)
2147                         break;
2148                 t >>= 1;
2149                 block_shift++;
2150         }
2151         if (block_shift < 9) {
2152                 PRINT_ERROR("Wrong sector size %d", sector_size);
2153                 block_shift = -1;
2154         }
2155
2156         TRACE_EXIT_RES(block_shift);
2157         return block_shift;
2158 }
2159 EXPORT_SYMBOL(scst_calc_block_shift);
2160
2161 int scst_sbc_generic_parse(struct scst_cmd *cmd,
2162         int (*get_block_shift)(struct scst_cmd *cmd))
2163 {
2164         int res = 0;
2165
2166         TRACE_ENTRY();
2167
2168         /*
2169          * SCST sets good defaults for cmd->data_direction and cmd->bufflen,
2170          * therefore change them only if necessary
2171          */
2172
2173         TRACE_DBG("op_name <%s> direct %d flags %d transfer_len %d",
2174               cmd->op_name, cmd->data_direction, cmd->op_flags, cmd->bufflen);
2175
2176         switch (cmd->cdb[0]) {
2177         case SERVICE_ACTION_IN:
2178                 if ((cmd->cdb[1] & 0x1f) == SAI_READ_CAPACITY_16) {
2179                         cmd->bufflen = READ_CAP16_LEN;
2180                         cmd->data_direction = SCST_DATA_READ;
2181                 }
2182                 break;
2183         case VERIFY_6:
2184         case VERIFY:
2185         case VERIFY_12:
2186         case VERIFY_16:
2187                 if ((cmd->cdb[1] & BYTCHK) == 0) {
2188                         cmd->data_len = cmd->bufflen << get_block_shift(cmd);
2189                         cmd->bufflen = 0;
2190                         goto set_timeout;
2191                 } else
2192                         cmd->data_len = 0;
2193                 break;
2194         default:
2195                 /* It's all good */
2196                 break;
2197         }
2198
2199         if (cmd->op_flags & SCST_TRANSFER_LEN_TYPE_FIXED) {
2200                 /*
2201                  * No need for locks here, since *_detach() can not be
2202                  * called, when there are existing commands.
2203                  */
2204                 cmd->bufflen = cmd->bufflen << get_block_shift(cmd);
2205         }
2206
2207 set_timeout:
2208         if ((cmd->op_flags & (SCST_SMALL_TIMEOUT | SCST_LONG_TIMEOUT)) == 0)
2209                 cmd->timeout = SCST_GENERIC_DISK_REG_TIMEOUT;
2210         else if (cmd->op_flags & SCST_SMALL_TIMEOUT)
2211                 cmd->timeout = SCST_GENERIC_DISK_SMALL_TIMEOUT;
2212         else if (cmd->op_flags & SCST_LONG_TIMEOUT)
2213                 cmd->timeout = SCST_GENERIC_DISK_LONG_TIMEOUT;
2214
2215         TRACE_DBG("res %d, bufflen %d, data_len %d, direct %d",
2216               res, cmd->bufflen, cmd->data_len, cmd->data_direction);
2217
2218         TRACE_EXIT_RES(res);
2219         return res;
2220 }
2221 EXPORT_SYMBOL(scst_sbc_generic_parse);
2222
2223 int scst_cdrom_generic_parse(struct scst_cmd *cmd,
2224         int (*get_block_shift)(struct scst_cmd *cmd))
2225 {
2226         int res = 0;
2227
2228         TRACE_ENTRY();
2229
2230         /*
2231          * SCST sets good defaults for cmd->data_direction and cmd->bufflen,
2232          * therefore change them only if necessary
2233          */
2234
2235         TRACE_DBG("op_name <%s> direct %d flags %d transfer_len %d",
2236               cmd->op_name, cmd->data_direction, cmd->op_flags, cmd->bufflen);
2237
2238         cmd->cdb[1] &= 0x1f;
2239
2240         switch (cmd->cdb[0]) {
2241         case VERIFY_6:
2242         case VERIFY:
2243         case VERIFY_12:
2244         case VERIFY_16:
2245                 if ((cmd->cdb[1] & BYTCHK) == 0) {
2246                         cmd->data_len = cmd->bufflen << get_block_shift(cmd);
2247                         cmd->bufflen = 0;
2248                         goto set_timeout;
2249                 }
2250                 break;
2251         default:
2252                 /* It's all good */
2253                 break;
2254         }
2255
2256         if (cmd->op_flags & SCST_TRANSFER_LEN_TYPE_FIXED)
2257                 cmd->bufflen = cmd->bufflen << get_block_shift(cmd);
2258
2259 set_timeout:
2260         if ((cmd->op_flags & (SCST_SMALL_TIMEOUT | SCST_LONG_TIMEOUT)) == 0)
2261                 cmd->timeout = SCST_GENERIC_CDROM_REG_TIMEOUT;
2262         else if (cmd->op_flags & SCST_SMALL_TIMEOUT)
2263                 cmd->timeout = SCST_GENERIC_CDROM_SMALL_TIMEOUT;
2264         else if (cmd->op_flags & SCST_LONG_TIMEOUT)
2265                 cmd->timeout = SCST_GENERIC_CDROM_LONG_TIMEOUT;
2266
2267         TRACE_DBG("res=%d, bufflen=%d, direct=%d", res, cmd->bufflen,
2268                 cmd->data_direction);
2269
2270         TRACE_EXIT();
2271         return res;
2272 }
2273 EXPORT_SYMBOL(scst_cdrom_generic_parse);
2274
2275 int scst_modisk_generic_parse(struct scst_cmd *cmd,
2276         int (*get_block_shift)(struct scst_cmd *cmd))
2277 {
2278         int res = 0;
2279
2280         TRACE_ENTRY();
2281
2282         /*
2283          * SCST sets good defaults for cmd->data_direction and cmd->bufflen,
2284          * therefore change them only if necessary
2285          */
2286
2287         TRACE_DBG("op_name <%s> direct %d flags %d transfer_len %d",
2288               cmd->op_name, cmd->data_direction, cmd->op_flags, cmd->bufflen);
2289
2290         cmd->cdb[1] &= 0x1f;
2291
2292         switch (cmd->cdb[0]) {
2293         case VERIFY_6:
2294         case VERIFY:
2295         case VERIFY_12:
2296         case VERIFY_16:
2297                 if ((cmd->cdb[1] & BYTCHK) == 0) {
2298                         cmd->data_len = cmd->bufflen << get_block_shift(cmd);
2299                         cmd->bufflen = 0;
2300                         goto set_timeout;
2301                 }
2302                 break;
2303         default:
2304                 /* It's all good */
2305                 break;
2306         }
2307
2308         if (cmd->op_flags & SCST_TRANSFER_LEN_TYPE_FIXED)
2309                 cmd->bufflen = cmd->bufflen << get_block_shift(cmd);
2310
2311 set_timeout:
2312         if ((cmd->op_flags & (SCST_SMALL_TIMEOUT | SCST_LONG_TIMEOUT)) == 0)
2313                 cmd->timeout = SCST_GENERIC_MODISK_REG_TIMEOUT;
2314         else if (cmd->op_flags & SCST_SMALL_TIMEOUT)
2315                 cmd->timeout = SCST_GENERIC_MODISK_SMALL_TIMEOUT;
2316         else if (cmd->op_flags & SCST_LONG_TIMEOUT)
2317                 cmd->timeout = SCST_GENERIC_MODISK_LONG_TIMEOUT;
2318
2319         TRACE_DBG("res=%d, bufflen=%d, direct=%d", res, cmd->bufflen,
2320                 cmd->data_direction);
2321
2322         TRACE_EXIT_RES(res);
2323         return res;
2324 }
2325 EXPORT_SYMBOL(scst_modisk_generic_parse);
2326
2327 int scst_tape_generic_parse(struct scst_cmd *cmd,
2328         int (*get_block_size)(struct scst_cmd *cmd))
2329 {
2330         int res = 0;
2331
2332         TRACE_ENTRY();
2333
2334         /*
2335          * SCST sets good defaults for cmd->data_direction and cmd->bufflen,
2336          * therefore change them only if necessary
2337          */
2338
2339         TRACE_DBG("op_name <%s> direct %d flags %d transfer_len %d",
2340               cmd->op_name, cmd->data_direction, cmd->op_flags, cmd->bufflen);
2341
2342         if (cmd->cdb[0] == READ_POSITION) {
2343                 int tclp = cmd->cdb[1] & TCLP_BIT;
2344                 int long_bit = cmd->cdb[1] & LONG_BIT;
2345                 int bt = cmd->cdb[1] & BT_BIT;
2346
2347                 if ((tclp == long_bit) && (!bt || !long_bit)) {
2348                         cmd->bufflen =
2349                             tclp ? POSITION_LEN_LONG : POSITION_LEN_SHORT;
2350                         cmd->data_direction = SCST_DATA_READ;
2351                 } else {
2352                         cmd->bufflen = 0;
2353                         cmd->data_direction = SCST_DATA_NONE;
2354                 }
2355         }
2356
2357         if (cmd->op_flags & SCST_TRANSFER_LEN_TYPE_FIXED & cmd->cdb[1])
2358                 cmd->bufflen = cmd->bufflen * get_block_size(cmd);
2359
2360         if ((cmd->op_flags & (SCST_SMALL_TIMEOUT | SCST_LONG_TIMEOUT)) == 0)
2361                 cmd->timeout = SCST_GENERIC_TAPE_REG_TIMEOUT;
2362         else if (cmd->op_flags & SCST_SMALL_TIMEOUT)
2363                 cmd->timeout = SCST_GENERIC_TAPE_SMALL_TIMEOUT;
2364         else if (cmd->op_flags & SCST_LONG_TIMEOUT)
2365                 cmd->timeout = SCST_GENERIC_TAPE_LONG_TIMEOUT;
2366
2367         TRACE_EXIT_RES(res);
2368         return res;
2369 }
2370 EXPORT_SYMBOL(scst_tape_generic_parse);
2371
2372 static int scst_null_parse(struct scst_cmd *cmd)
2373 {
2374         int res = 0;
2375
2376         TRACE_ENTRY();
2377
2378         /*
2379          * SCST sets good defaults for cmd->data_direction and cmd->bufflen,
2380          * therefore change them only if necessary
2381          */
2382
2383         TRACE_DBG("op_name <%s> direct %d flags %d transfer_len %d",
2384               cmd->op_name, cmd->data_direction, cmd->op_flags, cmd->bufflen);
2385 #if 0
2386         switch (cmd->cdb[0]) {
2387         default:
2388                 /* It's all good */
2389                 break;
2390         }
2391 #endif
2392         TRACE_DBG("res %d bufflen %d direct %d",
2393               res, cmd->bufflen, cmd->data_direction);
2394
2395         TRACE_EXIT();
2396         return res;
2397 }
2398
2399 int scst_changer_generic_parse(struct scst_cmd *cmd,
2400         int (*nothing)(struct scst_cmd *cmd))
2401 {
2402         int res = scst_null_parse(cmd);
2403
2404         if (cmd->op_flags & SCST_LONG_TIMEOUT)
2405                 cmd->timeout = SCST_GENERIC_CHANGER_LONG_TIMEOUT;
2406         else
2407                 cmd->timeout = SCST_GENERIC_CHANGER_TIMEOUT;
2408
2409         return res;
2410 }
2411 EXPORT_SYMBOL(scst_changer_generic_parse);
2412
2413 int scst_processor_generic_parse(struct scst_cmd *cmd,
2414         int (*nothing)(struct scst_cmd *cmd))
2415 {
2416         int res = scst_null_parse(cmd);
2417
2418         if (cmd->op_flags & SCST_LONG_TIMEOUT)
2419                 cmd->timeout = SCST_GENERIC_PROCESSOR_LONG_TIMEOUT;
2420         else
2421                 cmd->timeout = SCST_GENERIC_PROCESSOR_TIMEOUT;
2422
2423         return res;
2424 }
2425 EXPORT_SYMBOL(scst_processor_generic_parse);
2426
2427 int scst_raid_generic_parse(struct scst_cmd *cmd,
2428         int (*nothing)(struct scst_cmd *cmd))
2429 {
2430         int res = scst_null_parse(cmd);
2431
2432         if (cmd->op_flags & SCST_LONG_TIMEOUT)
2433                 cmd->timeout = SCST_GENERIC_RAID_LONG_TIMEOUT;
2434         else
2435                 cmd->timeout = SCST_GENERIC_RAID_TIMEOUT;
2436
2437         return res;
2438 }
2439 EXPORT_SYMBOL(scst_raid_generic_parse);
2440
2441 int scst_block_generic_dev_done(struct scst_cmd *cmd,
2442         void (*set_block_shift)(struct scst_cmd *cmd, int block_shift))
2443 {
2444         int opcode = cmd->cdb[0];
2445         int status = cmd->status;
2446         int res = SCST_CMD_STATE_DEFAULT;
2447
2448         TRACE_ENTRY();
2449
2450         /*
2451          * SCST sets good defaults for cmd->is_send_status and
2452          * cmd->resp_data_len based on cmd->status and cmd->data_direction,
2453          * therefore change them only if necessary
2454          */
2455
2456         if ((status == SAM_STAT_GOOD) || (status == SAM_STAT_CONDITION_MET)) {
2457                 switch (opcode) {
2458                 case READ_CAPACITY:
2459                 {
2460                         /* Always keep track of disk capacity */
2461                         int buffer_size, sector_size, sh;
2462                         uint8_t *buffer;
2463
2464                         buffer_size = scst_get_buf_first(cmd, &buffer);
2465                         if (unlikely(buffer_size <= 0)) {
2466                                 if (buffer_size < 0) {
2467                                         PRINT_ERROR("%s: Unable to get the"
2468                                         " buffer (%d)", __func__, buffer_size);
2469                                 }
2470                                 goto out;
2471                         }
2472
2473                         sector_size =
2474                             ((buffer[4] << 24) | (buffer[5] << 16) |
2475                              (buffer[6] << 8) | (buffer[7] << 0));
2476                         scst_put_buf(cmd, buffer);
2477                         if (sector_size != 0)
2478                                 sh = scst_calc_block_shift(sector_size);
2479                         else
2480                                 sh = 0;
2481                         set_block_shift(cmd, sh);
2482                         TRACE_DBG("block_shift %d", sh);
2483                         break;
2484                 }
2485                 default:
2486                         /* It's all good */
2487                         break;
2488                 }
2489         }
2490
2491         TRACE_DBG("cmd->is_send_status=%x, cmd->resp_data_len=%d, "
2492               "res=%d", cmd->is_send_status, cmd->resp_data_len, res);
2493
2494 out:
2495         TRACE_EXIT_RES(res);
2496         return res;
2497 }
2498 EXPORT_SYMBOL(scst_block_generic_dev_done);
2499
2500 int scst_tape_generic_dev_done(struct scst_cmd *cmd,
2501         void (*set_block_size)(struct scst_cmd *cmd, int block_shift))
2502 {
2503         int opcode = cmd->cdb[0];
2504         int res = SCST_CMD_STATE_DEFAULT;
2505         int buffer_size, bs;
2506         uint8_t *buffer = NULL;
2507
2508         TRACE_ENTRY();
2509
2510         /*
2511          * SCST sets good defaults for cmd->is_send_status and
2512          * cmd->resp_data_len based on cmd->status and cmd->data_direction,
2513          * therefore change them only if necessary
2514          */
2515
2516         switch (opcode) {
2517         case MODE_SENSE:
2518         case MODE_SELECT:
2519                 buffer_size = scst_get_buf_first(cmd, &buffer);
2520                 if (unlikely(buffer_size <= 0)) {
2521                         if (buffer_size < 0) {
2522                                 PRINT_ERROR("%s: Unable to get the buffer (%d)",
2523                                         __func__, buffer_size);
2524                         }
2525                         goto out;
2526                 }
2527                 break;
2528         }
2529
2530         switch (opcode) {
2531         case MODE_SENSE:
2532                 TRACE_DBG("%s", "MODE_SENSE");
2533                 if ((cmd->cdb[2] & 0xC0) == 0) {
2534                         if (buffer[3] == 8) {
2535                                 bs = (buffer[9] << 16) |
2536                                     (buffer[10] << 8) | buffer[11];
2537                                 set_block_size(cmd, bs);
2538                         }
2539                 }
2540                 break;
2541         case MODE_SELECT:
2542                 TRACE_DBG("%s", "MODE_SELECT");
2543                 if (buffer[3] == 8) {
2544                         bs = (buffer[9] << 16) | (buffer[10] << 8) |
2545                             (buffer[11]);
2546                         set_block_size(cmd, bs);
2547                 }
2548                 break;
2549         default:
2550                 /* It's all good */
2551                 break;
2552         }
2553
2554         switch (opcode) {
2555         case MODE_SENSE:
2556         case MODE_SELECT:
2557                 scst_put_buf(cmd, buffer);
2558                 break;
2559         }
2560
2561 out:
2562         TRACE_EXIT_RES(res);
2563         return res;
2564 }
2565 EXPORT_SYMBOL(scst_tape_generic_dev_done);
2566
2567 static void scst_check_internal_sense(struct scst_device *dev, int result,
2568         uint8_t *sense, int sense_len)
2569 {
2570         TRACE_ENTRY();
2571
2572         if (host_byte(result) == DID_RESET) {
2573                 TRACE(TRACE_MGMT_MINOR, "%s", "DID_RESET received, triggering "
2574                         "reset UA");
2575                 scst_set_sense(sense, sense_len,
2576                         SCST_LOAD_SENSE(scst_sense_reset_UA));
2577                 scst_dev_check_set_UA(dev, NULL, sense, sense_len);
2578         } else if ((status_byte(result) == CHECK_CONDITION) &&
2579                    SCST_SENSE_VALID(sense) && scst_is_ua_sense(sense))
2580                 scst_dev_check_set_UA(dev, NULL, sense, sense_len);
2581
2582         TRACE_EXIT();
2583         return;
2584 }
2585
2586 int scst_obtain_device_parameters(struct scst_device *dev)
2587 {
2588         int res = 0, i;
2589         uint8_t cmd[16];
2590         uint8_t buffer[4+0x0A];
2591         uint8_t sense_buffer[SCST_SENSE_BUFFERSIZE];
2592
2593         TRACE_ENTRY();
2594
2595         EXTRACHECKS_BUG_ON(dev->scsi_dev == NULL);
2596
2597         for (i = 0; i < 5; i++) {
2598                 /* Get control mode page */
2599                 memset(cmd, 0, sizeof(cmd));
2600                 cmd[0] = MODE_SENSE;
2601                 cmd[1] = 8; /* DBD */
2602                 cmd[2] = 0x0A;
2603                 cmd[4] = sizeof(buffer);
2604
2605                 memset(buffer, 0, sizeof(buffer));
2606                 memset(sense_buffer, 0, sizeof(sense_buffer));
2607
2608                 TRACE(TRACE_SCSI, "%s", "Doing internal MODE_SENSE");
2609                 res = scsi_execute(dev->scsi_dev, cmd, SCST_DATA_READ, buffer,
2610                                 sizeof(buffer), sense_buffer, 15, 0, 0);
2611
2612                 TRACE_DBG("MODE_SENSE done: %x", res);
2613
2614                 if (scsi_status_is_good(res)) {
2615                         int q;
2616
2617                         PRINT_BUFF_FLAG(TRACE_SCSI,
2618                                 "Returned control mode page data",
2619                                 buffer, sizeof(buffer));
2620
2621                         dev->tst = buffer[4+2] >> 5;
2622                         q = buffer[4+3] >> 4;
2623                         if (q > SCST_CONTR_MODE_QUEUE_ALG_UNRESTRICTED_REORDER) {
2624                                 PRINT_ERROR("Too big QUEUE ALG %x, dev "
2625                                         "%d:%d:%d:%d", dev->queue_alg,
2626                                         dev->scsi_dev->host->host_no,
2627                                         dev->scsi_dev->channel,
2628                                         dev->scsi_dev->id, dev->scsi_dev->lun);
2629                         }
2630                         dev->queue_alg = q;
2631                         dev->swp = (buffer[4+4] & 0x8) >> 3;
2632                         dev->tas = (buffer[4+5] & 0x40) >> 6;
2633
2634                         /*
2635                          * Unfortunately, SCSI ML doesn't provide a way to
2636                          * specify commands task attribute, so we can rely on
2637                          * device's restricted reordering only.
2638                          */
2639                         dev->has_own_order_mgmt = !dev->queue_alg;
2640
2641                         TRACE(TRACE_SCSI|TRACE_MGMT_MINOR,
2642                                 "Device %d:%d:%d:%d: TST %x, "
2643                                 "QUEUE ALG %x, SWP %x, TAS %x, "
2644                                 "has_own_order_mgmt %d",
2645                                 dev->scsi_dev->host->host_no,
2646                                 dev->scsi_dev->channel, dev->scsi_dev->id,
2647                                 dev->scsi_dev->lun, dev->tst, dev->queue_alg,
2648                                 dev->swp, dev->tas, dev->has_own_order_mgmt);
2649
2650                         goto out;
2651                 } else {
2652 #if 0
2653                         if ((status_byte(res) == CHECK_CONDITION) &&
2654 #else
2655                         /*
2656                          * 3ware controller is buggy and returns CONDITION_GOOD
2657                          * instead of CHECK_CONDITION
2658                          */
2659                         if (
2660 #endif
2661                             SCST_SENSE_VALID(sense_buffer)) {
2662                                 if (sense_buffer[2] == ILLEGAL_REQUEST) {
2663                                         TRACE(TRACE_SCSI|TRACE_MGMT_MINOR,
2664                                                 "Device %d:%d:%d:%d doesn't"
2665                                                 " support control mode page,"
2666                                                 " using defaults: TST %x,"
2667                                                 " QUEUE ALG %x, SWP %x, TAS %x,"
2668                                                 " has_own_order_mgmt %d",
2669                                                 dev->scsi_dev->host->host_no,
2670                                                 dev->scsi_dev->channel,
2671                                                 dev->scsi_dev->id,
2672                                                 dev->scsi_dev->lun,
2673                                                 dev->tst,
2674                                                 dev->queue_alg,
2675                                                 dev->swp,
2676                                                 dev->tas,
2677                                                 dev->has_own_order_mgmt);
2678                                         res = 0;
2679                                         goto out;
2680                                 } else if (sense_buffer[2] == NOT_READY) {
2681                                         TRACE(TRACE_SCSI,
2682                                                 "Device %d:%d:%d:%d not ready",
2683                                                 dev->scsi_dev->host->host_no,
2684                                                 dev->scsi_dev->channel,
2685                                                 dev->scsi_dev->id,
2686                                                 dev->scsi_dev->lun);
2687                                         res = 0;
2688                                         goto out;
2689                                 }
2690                         } else {
2691                                 TRACE(TRACE_SCSI|TRACE_MGMT_MINOR,
2692                                         "Internal MODE SENSE to "
2693                                         "device %d:%d:%d:%d failed: %x",
2694                                         dev->scsi_dev->host->host_no,
2695                                         dev->scsi_dev->channel,
2696                                         dev->scsi_dev->id,
2697                                         dev->scsi_dev->lun, res);
2698                                 PRINT_BUFF_FLAG(TRACE_SCSI|TRACE_MGMT_MINOR,
2699                                         "MODE SENSE sense",
2700                                         sense_buffer, sizeof(sense_buffer));
2701                         }
2702                         scst_check_internal_sense(dev, res, sense_buffer,
2703                                         sizeof(sense_buffer));
2704                 }
2705         }
2706         res = -ENODEV;
2707
2708 out:
2709         TRACE_EXIT_RES(res);
2710         return res;
2711 }
2712 EXPORT_SYMBOL(scst_obtain_device_parameters);
2713
2714 /* Called under dev_lock and BH off */
2715 void scst_process_reset(struct scst_device *dev,
2716         struct scst_session *originator, struct scst_cmd *exclude_cmd,
2717         struct scst_mgmt_cmd *mcmd, bool setUA)
2718 {
2719         struct scst_tgt_dev *tgt_dev;
2720         struct scst_cmd *cmd, *tcmd;
2721
2722         TRACE_ENTRY();
2723
2724         /* Clear RESERVE'ation, if necessary */
2725         if (dev->dev_reserved) {
2726                 list_for_each_entry(tgt_dev, &dev->dev_tgt_dev_list,
2727                                     dev_tgt_dev_list_entry) {
2728                         TRACE(TRACE_MGMT, "Clearing RESERVE'ation for tgt_dev "
2729                                 "lun %lld",
2730                                 (long long unsigned int)tgt_dev->lun);
2731                         clear_bit(SCST_TGT_DEV_RESERVED,
2732                                   &tgt_dev->tgt_dev_flags);
2733                 }
2734                 dev->dev_reserved = 0;
2735                 /*
2736                  * There is no need to send RELEASE, since the device is going
2737                  * to be resetted. Actually, since we can be in RESET TM
2738                  * function, it might be dangerous.
2739                  */
2740         }
2741
2742         dev->dev_double_ua_possible = 1;
2743         dev->dev_serialized = 1;
2744
2745         list_for_each_entry(tgt_dev, &dev->dev_tgt_dev_list,
2746                 dev_tgt_dev_list_entry) {
2747                 struct scst_session *sess = tgt_dev->sess;
2748
2749                 spin_lock_bh(&tgt_dev->tgt_dev_lock);
2750                 scst_free_all_UA(tgt_dev);
2751                 spin_unlock_bh(&tgt_dev->tgt_dev_lock);
2752
2753                 spin_lock_irq(&sess->sess_list_lock);
2754
2755                 TRACE_DBG("Searching in search cmd list (sess=%p)", sess);
2756                 list_for_each_entry(cmd, &sess->search_cmd_list,
2757                                 search_cmd_list_entry) {
2758                         if (cmd == exclude_cmd)
2759                                 continue;
2760                         if ((cmd->tgt_dev == tgt_dev) ||
2761                             ((cmd->tgt_dev == NULL) &&
2762                              (cmd->lun == tgt_dev->lun))) {
2763                                 scst_abort_cmd(cmd, mcmd,
2764                                         (tgt_dev->sess != originator), 0);
2765                         }
2766                 }
2767                 spin_unlock_irq(&sess->sess_list_lock);
2768         }
2769
2770         list_for_each_entry_safe(cmd, tcmd, &dev->blocked_cmd_list,
2771                                 blocked_cmd_list_entry) {
2772                 if (test_bit(SCST_CMD_ABORTED, &cmd->cmd_flags)) {
2773                         list_del(&cmd->blocked_cmd_list_entry);
2774                         TRACE_MGMT_DBG("Adding aborted blocked cmd %p "
2775                                 "to active cmd list", cmd);
2776                         spin_lock_irq(&cmd->cmd_lists->cmd_list_lock);
2777                         list_add_tail(&cmd->cmd_list_entry,
2778                                 &cmd->cmd_lists->active_cmd_list);
2779                         wake_up(&cmd->cmd_lists->cmd_list_waitQ);
2780                         spin_unlock_irq(&cmd->cmd_lists->cmd_list_lock);
2781                 }
2782         }
2783
2784         if (setUA) {
2785                 /* BH already off */
2786                 spin_lock(&scst_temp_UA_lock);
2787                 scst_set_sense(scst_temp_UA, sizeof(scst_temp_UA),
2788                         SCST_LOAD_SENSE(scst_sense_reset_UA));
2789                 scst_dev_check_set_local_UA(dev, exclude_cmd, scst_temp_UA,
2790                         sizeof(scst_temp_UA));
2791                 spin_unlock(&scst_temp_UA_lock);
2792         }
2793
2794         TRACE_EXIT();
2795         return;
2796 }
2797
2798 int scst_set_pending_UA(struct scst_cmd *cmd)
2799 {
2800         int res = 0;
2801         struct scst_tgt_dev_UA *UA_entry;
2802
2803         TRACE_ENTRY();
2804
2805         TRACE(TRACE_MGMT, "Setting pending UA cmd %p", cmd);
2806
2807         spin_lock_bh(&cmd->tgt_dev->tgt_dev_lock);
2808
2809         /* UA list could be cleared behind us, so retest */
2810         if (list_empty(&cmd->tgt_dev->UA_list)) {
2811                 TRACE_DBG("%s",
2812                       "SCST_TGT_DEV_UA_PENDING set, but UA_list empty");
2813                 res = -1;
2814                 goto out_unlock;
2815         }
2816
2817         UA_entry = list_entry(cmd->tgt_dev->UA_list.next, typeof(*UA_entry),
2818                               UA_list_entry);
2819
2820         TRACE_DBG("next %p UA_entry %p",
2821               cmd->tgt_dev->UA_list.next, UA_entry);
2822
2823         scst_set_cmd_error_sense(cmd, UA_entry->UA_sense_buffer,
2824                 sizeof(UA_entry->UA_sense_buffer));
2825
2826         cmd->ua_ignore = 1;
2827
2828         list_del(&UA_entry->UA_list_entry);
2829
2830         mempool_free(UA_entry, scst_ua_mempool);
2831
2832         if (list_empty(&cmd->tgt_dev->UA_list)) {
2833                 clear_bit(SCST_TGT_DEV_UA_PENDING,
2834                           &cmd->tgt_dev->tgt_dev_flags);
2835         }
2836
2837         spin_unlock_bh(&cmd->tgt_dev->tgt_dev_lock);
2838
2839 out:
2840         TRACE_EXIT_RES(res);
2841         return res;
2842
2843 out_unlock:
2844         spin_unlock_bh(&cmd->tgt_dev->tgt_dev_lock);
2845         goto out;
2846 }
2847
2848 /* Called under tgt_dev_lock and BH off */
2849 void scst_alloc_set_UA(struct scst_tgt_dev *tgt_dev,
2850         const uint8_t *sense, int sense_len, int head)
2851 {
2852         struct scst_tgt_dev_UA *UA_entry = NULL;
2853
2854         TRACE_ENTRY();
2855
2856         UA_entry = mempool_alloc(scst_ua_mempool, GFP_ATOMIC);
2857         if (UA_entry == NULL) {
2858                 PRINT_CRIT_ERROR("%s", "UNIT ATTENTION memory "
2859                      "allocation failed. The UNIT ATTENTION "
2860                      "on some sessions will be missed");
2861                 PRINT_BUFFER("Lost UA", sense, sense_len);
2862                 goto out;
2863         }
2864         memset(UA_entry, 0, sizeof(*UA_entry));
2865
2866         if (sense_len > (int)sizeof(UA_entry->UA_sense_buffer))
2867                 sense_len = sizeof(UA_entry->UA_sense_buffer);
2868         memcpy(UA_entry->UA_sense_buffer, sense, sense_len);
2869
2870         set_bit(SCST_TGT_DEV_UA_PENDING, &tgt_dev->tgt_dev_flags);
2871
2872         TRACE_MGMT_DBG("Adding new UA to tgt_dev %p", tgt_dev);
2873
2874         if (head)
2875                 list_add(&UA_entry->UA_list_entry, &tgt_dev->UA_list);
2876         else
2877                 list_add_tail(&UA_entry->UA_list_entry, &tgt_dev->UA_list);
2878
2879 out:
2880         TRACE_EXIT();
2881         return;
2882 }
2883
2884 void scst_check_set_UA(struct scst_tgt_dev *tgt_dev,
2885         const uint8_t *sense, int sense_len, int head)
2886 {
2887         int skip_UA = 0;
2888         struct scst_tgt_dev_UA *UA_entry_tmp;
2889
2890         TRACE_ENTRY();
2891
2892         spin_lock_bh(&tgt_dev->tgt_dev_lock);
2893
2894         list_for_each_entry(UA_entry_tmp, &tgt_dev->UA_list,
2895                             UA_list_entry) {
2896                 if (memcmp(sense, UA_entry_tmp->UA_sense_buffer,
2897                            sense_len) == 0) {
2898                         TRACE_MGMT_DBG("%s", "UA already exists");
2899                         skip_UA = 1;
2900                         break;
2901                 }
2902         }
2903
2904         if (skip_UA == 0)
2905                 scst_alloc_set_UA(tgt_dev, sense, sense_len, head);
2906
2907         spin_unlock_bh(&tgt_dev->tgt_dev_lock);
2908
2909         TRACE_EXIT();
2910         return;
2911 }
2912
2913 /* Called under dev_lock and BH off */
2914 void scst_dev_check_set_local_UA(struct scst_device *dev,
2915         struct scst_cmd *exclude, const uint8_t *sense, int sense_len)
2916 {
2917         struct scst_tgt_dev *tgt_dev, *exclude_tgt_dev = NULL;
2918
2919         TRACE_ENTRY();
2920
2921         if (exclude != NULL)
2922                 exclude_tgt_dev = exclude->tgt_dev;
2923
2924         list_for_each_entry(tgt_dev, &dev->dev_tgt_dev_list,
2925                         dev_tgt_dev_list_entry) {
2926                 if (tgt_dev != exclude_tgt_dev)
2927                         scst_check_set_UA(tgt_dev, sense, sense_len, 0);
2928         }
2929
2930         TRACE_EXIT();
2931         return;
2932 }
2933
2934 /* Called under dev_lock and BH off */
2935 void __scst_dev_check_set_UA(struct scst_device *dev,
2936         struct scst_cmd *exclude, const uint8_t *sense, int sense_len)
2937 {
2938         TRACE_ENTRY();
2939
2940         TRACE(TRACE_MGMT, "Processing UA dev %p", dev);
2941
2942         /* Check for reset UA */
2943         if (sense[12] == SCST_SENSE_ASC_UA_RESET)
2944                 scst_process_reset(dev,
2945                                    (exclude != NULL) ? exclude->sess : NULL,
2946                                    exclude, NULL, false);
2947
2948         scst_dev_check_set_local_UA(dev, exclude, sense, sense_len);
2949
2950         TRACE_EXIT();
2951         return;
2952 }
2953
2954 /* Called under tgt_dev_lock or when tgt_dev is unused */
2955 void scst_free_all_UA(struct scst_tgt_dev *tgt_dev)
2956 {
2957         struct scst_tgt_dev_UA *UA_entry, *t;
2958
2959         TRACE_ENTRY();
2960
2961         list_for_each_entry_safe(UA_entry, t,
2962                                  &tgt_dev->UA_list, UA_list_entry) {
2963                 TRACE_MGMT_DBG("Clearing UA for tgt_dev lun %lld",
2964                                (long long unsigned int)tgt_dev->lun);
2965                 list_del(&UA_entry->UA_list_entry);
2966                 kfree(UA_entry);
2967         }
2968         INIT_LIST_HEAD(&tgt_dev->UA_list);
2969         clear_bit(SCST_TGT_DEV_UA_PENDING, &tgt_dev->tgt_dev_flags);
2970
2971         TRACE_EXIT();
2972         return;
2973 }
2974
2975 /* No locks */
2976 struct scst_cmd *__scst_check_deferred_commands(struct scst_tgt_dev *tgt_dev)
2977 {
2978         struct scst_cmd *res = NULL, *cmd, *t;
2979         typeof(tgt_dev->expected_sn) expected_sn = tgt_dev->expected_sn;
2980
2981         spin_lock_irq(&tgt_dev->sn_lock);
2982
2983         if (unlikely(tgt_dev->hq_cmd_count != 0))
2984                 goto out_unlock;
2985
2986 restart:
2987         list_for_each_entry_safe(cmd, t, &tgt_dev->deferred_cmd_list,
2988                                 sn_cmd_list_entry) {
2989                 EXTRACHECKS_BUG_ON(cmd->queue_type ==
2990                         SCST_CMD_QUEUE_HEAD_OF_QUEUE);
2991                 if (cmd->sn == expected_sn) {
2992                         TRACE_SN("Deferred command %p (sn %ld, set %d) found",
2993                                 cmd, cmd->sn, cmd->sn_set);
2994                         tgt_dev->def_cmd_count--;
2995                         list_del(&cmd->sn_cmd_list_entry);
2996                         if (res == NULL)
2997                                 res = cmd;
2998                         else {
2999                                 spin_lock(&cmd->cmd_lists->cmd_list_lock);
3000                                 TRACE_SN("Adding cmd %p to active cmd list",
3001                                         cmd);
3002                                 list_add_tail(&cmd->cmd_list_entry,
3003                                         &cmd->cmd_lists->active_cmd_list);
3004                                 wake_up(&cmd->cmd_lists->cmd_list_waitQ);
3005                                 spin_unlock(&cmd->cmd_lists->cmd_list_lock);
3006                         }
3007                 }
3008         }
3009         if (res != NULL)
3010                 goto out_unlock;
3011
3012         list_for_each_entry(cmd, &tgt_dev->skipped_sn_list,
3013                                 sn_cmd_list_entry) {
3014                 EXTRACHECKS_BUG_ON(cmd->queue_type ==
3015                         SCST_CMD_QUEUE_HEAD_OF_QUEUE);
3016                 if (cmd->sn == expected_sn) {
3017                         atomic_t *slot = cmd->sn_slot;
3018                         /*
3019                          * !! At this point any pointer in cmd, except !!
3020                          * !! sn_slot and sn_cmd_list_entry, could be   !!
3021                          * !! already destroyed                         !!
3022                          */
3023                         TRACE_SN("cmd %p (tag %llu) with skipped sn %ld found",
3024                                  cmd,
3025                                  (long long unsigned int)cmd->tag,
3026                                  cmd->sn);
3027                         tgt_dev->def_cmd_count--;
3028                         list_del(&cmd->sn_cmd_list_entry);
3029                         spin_unlock_irq(&tgt_dev->sn_lock);
3030                         if (test_and_set_bit(SCST_CMD_CAN_BE_DESTROYED,
3031                                              &cmd->cmd_flags))
3032                                 scst_destroy_put_cmd(cmd);
3033                         scst_inc_expected_sn(tgt_dev, slot);
3034                         expected_sn = tgt_dev->expected_sn;
3035                         spin_lock_irq(&tgt_dev->sn_lock);
3036                         goto restart;
3037                 }
3038         }
3039
3040 out_unlock:
3041         spin_unlock_irq(&tgt_dev->sn_lock);
3042         return res;
3043 }
3044
3045 void scst_add_thr_data(struct scst_tgt_dev *tgt_dev,
3046         struct scst_thr_data_hdr *data,
3047         void (*free_fn) (struct scst_thr_data_hdr *data))
3048 {
3049         data->pid = current->pid;
3050         atomic_set(&data->ref, 1);
3051         EXTRACHECKS_BUG_ON(free_fn == NULL);
3052         data->free_fn = free_fn;
3053         spin_lock(&tgt_dev->thr_data_lock);
3054         list_add_tail(&data->thr_data_list_entry, &tgt_dev->thr_data_list);
3055         spin_unlock(&tgt_dev->thr_data_lock);
3056 }
3057 EXPORT_SYMBOL(scst_add_thr_data);
3058
3059 void scst_del_all_thr_data(struct scst_tgt_dev *tgt_dev)
3060 {
3061         spin_lock(&tgt_dev->thr_data_lock);
3062         while (!list_empty(&tgt_dev->thr_data_list)) {
3063                 struct scst_thr_data_hdr *d = list_entry(
3064                                 tgt_dev->thr_data_list.next, typeof(*d),
3065                                 thr_data_list_entry);
3066                 list_del(&d->thr_data_list_entry);
3067                 spin_unlock(&tgt_dev->thr_data_lock);
3068                 scst_thr_data_put(d);
3069                 spin_lock(&tgt_dev->thr_data_lock);
3070         }
3071         spin_unlock(&tgt_dev->thr_data_lock);
3072         return;
3073 }
3074 EXPORT_SYMBOL(scst_del_all_thr_data);
3075
3076 void scst_dev_del_all_thr_data(struct scst_device *dev)
3077 {
3078         struct scst_tgt_dev *tgt_dev;
3079
3080         TRACE_ENTRY();
3081
3082         mutex_lock(&scst_mutex);
3083
3084         list_for_each_entry(tgt_dev, &dev->dev_tgt_dev_list,
3085                                 dev_tgt_dev_list_entry) {
3086                 scst_del_all_thr_data(tgt_dev);
3087         }
3088
3089         mutex_unlock(&scst_mutex);
3090
3091         TRACE_EXIT();
3092         return;
3093 }
3094 EXPORT_SYMBOL(scst_dev_del_all_thr_data);
3095
3096 struct scst_thr_data_hdr *scst_find_thr_data(struct scst_tgt_dev *tgt_dev)
3097 {
3098         struct scst_thr_data_hdr *res = NULL, *d;
3099         struct task_struct *tsk = current;
3100
3101         spin_lock(&tgt_dev->thr_data_lock);
3102         list_for_each_entry(d, &tgt_dev->thr_data_list, thr_data_list_entry) {
3103                 if (d->pid == tsk->pid) {
3104                         res = d;
3105                         scst_thr_data_get(res);
3106                         break;
3107                 }
3108         }
3109         spin_unlock(&tgt_dev->thr_data_lock);
3110         return res;
3111 }
3112 EXPORT_SYMBOL(scst_find_thr_data);
3113
3114 /* dev_lock supposed to be held and BH disabled */
3115 void __scst_block_dev(struct scst_device *dev)
3116 {
3117         dev->block_count++;
3118         TRACE_MGMT_DBG("Device BLOCK(new %d), dev %p", dev->block_count, dev);
3119 }
3120
3121 /* No locks */
3122 static void scst_block_dev(struct scst_device *dev, int outstanding)
3123 {
3124         spin_lock_bh(&dev->dev_lock);
3125         __scst_block_dev(dev);
3126         spin_unlock_bh(&dev->dev_lock);
3127
3128         /* spin_unlock_bh() doesn't provide the necessary memory barrier */
3129         smp_mb();
3130
3131         TRACE_MGMT_DBG("Waiting during blocking outstanding %d (on_dev_count "
3132                 "%d)", outstanding, atomic_read(&dev->on_dev_count));
3133         wait_event(dev->on_dev_waitQ,
3134                 atomic_read(&dev->on_dev_count) <= outstanding);
3135         TRACE_MGMT_DBG("%s", "wait_event() returned");
3136 }
3137
3138 /* No locks */
3139 void scst_block_dev_cmd(struct scst_cmd *cmd, int outstanding)
3140 {
3141         sBUG_ON(cmd->needs_unblocking);
3142
3143         cmd->needs_unblocking = 1;
3144         TRACE_MGMT_DBG("Needs unblocking cmd %p (tag %llu)",
3145                        cmd, (long long unsigned int)cmd->tag);
3146
3147         scst_block_dev(cmd->dev, outstanding);
3148 }
3149
3150 /* No locks */
3151 void scst_unblock_dev(struct scst_device *dev)
3152 {
3153         spin_lock_bh(&dev->dev_lock);
3154         TRACE_MGMT_DBG("Device UNBLOCK(new %d), dev %p",
3155                 dev->block_count-1, dev);
3156         if (--dev->block_count == 0)
3157                 scst_unblock_cmds(dev);
3158         spin_unlock_bh(&dev->dev_lock);
3159         sBUG_ON(dev->block_count < 0);
3160 }
3161
3162 /* No locks */
3163 void scst_unblock_dev_cmd(struct scst_cmd *cmd)
3164 {
3165         scst_unblock_dev(cmd->dev);
3166         cmd->needs_unblocking = 0;
3167 }
3168
3169 /* No locks */
3170 int scst_inc_on_dev_cmd(struct scst_cmd *cmd)
3171 {
3172         int res = 0;
3173         struct scst_device *dev = cmd->dev;
3174
3175         TRACE_ENTRY();
3176
3177         sBUG_ON(cmd->inc_blocking || cmd->dec_on_dev_needed);
3178
3179         atomic_inc(&dev->on_dev_count);
3180         cmd->dec_on_dev_needed = 1;
3181         TRACE_DBG("New on_dev_count %d", atomic_read(&dev->on_dev_count));
3182
3183         if (unlikely(cmd->internal) && (cmd->cdb[0] == REQUEST_SENSE)) {
3184                 /*
3185                  * The original command can already block the device, so
3186                  * REQUEST SENSE command should always pass.
3187                  */
3188                 goto out;
3189         }
3190
3191 #ifdef CONFIG_SCST_STRICT_SERIALIZING
3192         spin_lock_bh(&dev->dev_lock);
3193         if (unlikely(test_bit(SCST_CMD_ABORTED, &cmd->cmd_flags)))
3194                 goto out_unlock;
3195         if (dev->block_count > 0) {
3196                 scst_dec_on_dev_cmd(cmd);
3197                 TRACE_MGMT_DBG("Delaying cmd %p due to blocking or strict "
3198                         "serializing (tag %llu, dev %p)", cmd, cmd->tag, dev);
3199                 list_add_tail(&cmd->blocked_cmd_list_entry,
3200                               &dev->blocked_cmd_list);
3201                 res = 1;
3202         } else {
3203                 __scst_block_dev(dev);
3204                 cmd->inc_blocking = 1;
3205         }
3206         spin_unlock_bh(&dev->dev_lock);
3207         goto out;
3208 #else
3209 repeat:
3210         if (unlikely(dev->block_count > 0)) {
3211                 spin_lock_bh(&dev->dev_lock);
3212                 if (unlikely(test_bit(SCST_CMD_ABORTED, &cmd->cmd_flags)))
3213                         goto out_unlock;
3214                 barrier(); /* to reread block_count */
3215                 if (dev->block_count > 0) {
3216                         scst_dec_on_dev_cmd(cmd);
3217                         TRACE_MGMT_DBG("Delaying cmd %p due to blocking or "
3218                                 "serializing (tag %llu, dev %p)", cmd,
3219                                 (long long unsigned int)cmd->tag, dev);
3220                         list_add_tail(&cmd->blocked_cmd_list_entry,
3221                                       &dev->blocked_cmd_list);
3222                         res = 1;
3223                         spin_unlock_bh(&dev->dev_lock);
3224                         goto out;
3225                 } else {
3226                         TRACE_MGMT_DBG("%s", "Somebody unblocked the device, "
3227                                 "continuing");
3228                 }
3229                 spin_unlock_bh(&dev->dev_lock);
3230         }
3231         if (unlikely(dev->dev_serialized)) {
3232                 spin_lock_bh(&dev->dev_lock);
3233                 barrier(); /* to reread block_count */
3234                 if (dev->block_count == 0) {
3235                         TRACE_MGMT_DBG("cmd %p (tag %llu), blocking further "
3236                                 "cmds due to serializing (dev %p)", cmd,
3237                                 (long long unsigned int)cmd->tag, dev);
3238                         __scst_block_dev(dev);
3239                         cmd->inc_blocking = 1;
3240                 } else {
3241                         spin_unlock_bh(&dev->dev_lock);
3242                         TRACE_MGMT_DBG("Somebody blocked the device, "
3243                                 "repeating (count %d)", dev->block_count);
3244                         goto repeat;
3245                 }
3246                 spin_unlock_bh(&dev->dev_lock);
3247         }
3248 #endif
3249
3250 out:
3251         TRACE_EXIT_RES(res);
3252         return res;
3253
3254 out_unlock:
3255         spin_unlock_bh(&dev->dev_lock);
3256         goto out;
3257 }
3258
3259 /* Called under dev_lock */
3260 void scst_unblock_cmds(struct scst_device *dev)
3261 {
3262 #ifdef CONFIG_SCST_STRICT_SERIALIZING
3263         struct scst_cmd *cmd, *t;
3264         unsigned long flags;
3265
3266         TRACE_ENTRY();
3267
3268         local_irq_save(flags);
3269         list_for_each_entry_safe(cmd, t, &dev->blocked_cmd_list,
3270                                  blocked_cmd_list_entry) {
3271                 int brk = 0;
3272                 /*
3273                  * Since only one cmd per time is being executed, expected_sn
3274                  * can't change behind us, if the corresponding cmd is in
3275                  * blocked_cmd_list, but we could be called before
3276                  * scst_inc_expected_sn().
3277                  *
3278                  * For HQ commands SN is not set.
3279                  */
3280                 if (likely(!cmd->internal && cmd->sn_set)) {
3281                         typeof(cmd->tgt_dev->expected_sn) expected_sn;
3282                         if (cmd->tgt_dev == NULL)
3283                                 sBUG();
3284                         expected_sn = cmd->tgt_dev->expected_sn;
3285                         if (cmd->sn == expected_sn)
3286                                 brk = 1;
3287                         else if (cmd->sn != (expected_sn+1))
3288                                 continue;
3289                 }
3290
3291                 list_del(&cmd->blocked_cmd_list_entry);
3292                 TRACE_MGMT_DBG("Adding cmd %p to head of active cmd list", cmd);
3293                 spin_lock(&cmd->cmd_lists->cmd_list_lock);
3294                 list_add(&cmd->cmd_list_entry,
3295                          &cmd->cmd_lists->active_cmd_list);
3296                 wake_up(&cmd->cmd_lists->cmd_list_waitQ);
3297                 spin_unlock(&cmd->cmd_lists->cmd_list_lock);
3298                 if (brk)
3299                         break;
3300         }
3301         local_irq_restore(flags);
3302 #else /* CONFIG_SCST_STRICT_SERIALIZING */
3303         struct scst_cmd *cmd, *tcmd;
3304         unsigned long flags;
3305
3306         TRACE_ENTRY();
3307
3308         local_irq_save(flags);
3309         list_for_each_entry_safe(cmd, tcmd, &dev->blocked_cmd_list,
3310                                  blocked_cmd_list_entry) {
3311                 list_del(&cmd->blocked_cmd_list_entry);
3312                 TRACE_MGMT_DBG("Adding blocked cmd %p to active cmd list", cmd);
3313                 spin_lock(&cmd->cmd_lists->cmd_list_lock);
3314                 if (unlikely(cmd->queue_type == SCST_CMD_QUEUE_HEAD_OF_QUEUE))
3315                         list_add(&cmd->cmd_list_entry,
3316                                 &cmd->cmd_lists->active_cmd_list);
3317                 else
3318                         list_add_tail(&cmd->cmd_list_entry,
3319                                 &cmd->cmd_lists->active_cmd_list);
3320                 wake_up(&cmd->cmd_lists->cmd_list_waitQ);
3321                 spin_unlock(&cmd->cmd_lists->cmd_list_lock);
3322         }
3323         local_irq_restore(flags);
3324 #endif /* CONFIG_SCST_STRICT_SERIALIZING */
3325
3326         TRACE_EXIT();
3327         return;
3328 }
3329
3330 static void __scst_unblock_deferred(struct scst_tgt_dev *tgt_dev,
3331         struct scst_cmd *out_of_sn_cmd)
3332 {
3333         EXTRACHECKS_BUG_ON(!out_of_sn_cmd->sn_set);
3334
3335         if (out_of_sn_cmd->sn == tgt_dev->expected_sn) {
3336                 scst_inc_expected_sn(tgt_dev, out_of_sn_cmd->sn_slot);
3337                 scst_make_deferred_commands_active(tgt_dev);
3338         } else {
3339                 out_of_sn_cmd->out_of_sn = 1;
3340                 spin_lock_irq(&tgt_dev->sn_lock);
3341                 tgt_dev->def_cmd_count++;
3342                 list_add_tail(&out_of_sn_cmd->sn_cmd_list_entry,
3343                               &tgt_dev->skipped_sn_list);
3344                 TRACE_SN("out_of_sn_cmd %p with sn %ld added to skipped_sn_list"
3345                         " (expected_sn %ld)", out_of_sn_cmd, out_of_sn_cmd->sn,
3346                         tgt_dev->expected_sn);
3347                 spin_unlock_irq(&tgt_dev->sn_lock);
3348         }
3349
3350         return;
3351 }
3352
3353 void scst_unblock_deferred(struct scst_tgt_dev *tgt_dev,
3354         struct scst_cmd *out_of_sn_cmd)
3355 {
3356         TRACE_ENTRY();
3357
3358         if (!out_of_sn_cmd->sn_set) {
3359                 TRACE_SN("cmd %p without sn", out_of_sn_cmd);
3360                 goto out;
3361         }
3362
3363         __scst_unblock_deferred(tgt_dev, out_of_sn_cmd);
3364
3365 out:
3366         TRACE_EXIT();
3367         return;
3368 }
3369
3370 void scst_on_hq_cmd_response(struct scst_cmd *cmd)
3371 {
3372         struct scst_tgt_dev *tgt_dev = cmd->tgt_dev;
3373
3374         TRACE_ENTRY();
3375
3376         if (!cmd->hq_cmd_inced)
3377                 goto out;
3378
3379         spin_lock_irq(&tgt_dev->sn_lock);
3380         tgt_dev->hq_cmd_count--;
3381         spin_unlock_irq(&tgt_dev->sn_lock);
3382
3383         EXTRACHECKS_BUG_ON(tgt_dev->hq_cmd_count < 0);
3384
3385         /*
3386          * There is no problem in checking hq_cmd_count in the
3387          * non-locked state. In the worst case we will only have
3388          * unneeded run of the deferred commands.
3389          */
3390         if (tgt_dev->hq_cmd_count == 0)
3391                 scst_make_deferred_commands_active(tgt_dev);
3392
3393 out:
3394         TRACE_EXIT();
3395         return;
3396 }
3397
3398 void scst_xmit_process_aborted_cmd(struct scst_cmd *cmd)
3399 {
3400         TRACE_ENTRY();
3401
3402         TRACE_MGMT_DBG("Aborted cmd %p done (cmd_ref %d, "
3403                 "scst_cmd_count %d)", cmd, atomic_read(&cmd->cmd_ref),
3404                 atomic_read(&scst_cmd_count));
3405
3406         scst_done_cmd_mgmt(cmd);
3407
3408         smp_rmb();
3409         if (test_bit(SCST_CMD_ABORTED_OTHER, &cmd->cmd_flags)) {
3410                 if (cmd->completed) {
3411                         /* It's completed and it's OK to return its result */
3412                         goto out;
3413                 }
3414
3415                 if (cmd->dev->tas) {
3416                         TRACE_MGMT_DBG("Flag ABORTED OTHER set for cmd %p "
3417                                 "(tag %llu), returning TASK ABORTED ", cmd,
3418                                 (long long unsigned int)cmd->tag);
3419                         scst_set_cmd_error_status(cmd, SAM_STAT_TASK_ABORTED);
3420                 } else {
3421                         TRACE_MGMT_DBG("Flag ABORTED OTHER set for cmd %p "
3422                                 "(tag %llu), aborting without delivery or "
3423                                 "notification",
3424                                 cmd, (long long unsigned int)cmd->tag);
3425                         /*
3426                          * There is no need to check/requeue possible UA,
3427                          * because, if it exists, it will be delivered
3428                          * by the "completed" branch above.
3429                          */
3430                         clear_bit(SCST_CMD_ABORTED_OTHER, &cmd->cmd_flags);
3431                 }
3432         }
3433
3434 out:
3435         TRACE_EXIT();
3436         return;
3437 }
3438
3439 void __init scst_scsi_op_list_init(void)
3440 {
3441         int i;
3442         uint8_t op = 0xff;
3443
3444         TRACE_ENTRY();
3445
3446         for (i = 0; i < 256; i++)
3447                 scst_scsi_op_list[i] = SCST_CDB_TBL_SIZE;
3448
3449         for (i = 0; i < SCST_CDB_TBL_SIZE; i++) {
3450                 if (scst_scsi_op_table[i].ops != op) {
3451                         op = scst_scsi_op_table[i].ops;
3452                         scst_scsi_op_list[op] = i;
3453                 }
3454         }
3455
3456         TRACE_EXIT();
3457         return;
3458 }
3459
3460 #ifdef CONFIG_SCST_DEBUG
3461 /* Original taken from the XFS code */
3462 unsigned long scst_random(void)
3463 {
3464         static int Inited;
3465         static unsigned long RandomValue;
3466         static DEFINE_SPINLOCK(lock);
3467         /* cycles pseudo-randomly through all values between 1 and 2^31 - 2 */
3468         register long rv;
3469         register long lo;
3470         register long hi;
3471         unsigned long flags;
3472
3473         spin_lock_irqsave(&lock, flags);
3474         if (!Inited) {
3475                 RandomValue = jiffies;
3476                 Inited = 1;
3477         }
3478         rv = RandomValue;
3479         hi = rv / 127773;
3480         lo = rv % 127773;
3481         rv = 16807 * lo - 2836 * hi;
3482         if (rv <= 0)
3483                 rv += 2147483647;
3484         RandomValue = rv;
3485         spin_unlock_irqrestore(&lock, flags);
3486         return rv;
3487 }
3488 EXPORT_SYMBOL(scst_random);
3489 #endif
3490
3491 #ifdef CONFIG_SCST_DEBUG_TM
3492
3493 #define TM_DBG_STATE_ABORT              0
3494 #define TM_DBG_STATE_RESET              1
3495 #define TM_DBG_STATE_OFFLINE            2
3496
3497 #define INIT_TM_DBG_STATE               TM_DBG_STATE_ABORT
3498
3499 static void tm_dbg_timer_fn(unsigned long arg);
3500
3501 static DEFINE_SPINLOCK(scst_tm_dbg_lock);
3502 /* All serialized by scst_tm_dbg_lock */
3503 static struct {
3504         unsigned int tm_dbg_release:1;
3505         unsigned int tm_dbg_blocked:1;
3506 } tm_dbg_flags;
3507 static LIST_HEAD(tm_dbg_delayed_cmd_list);
3508 static int tm_dbg_delayed_cmds_count;
3509 static int tm_dbg_passed_cmds_count;
3510 static int tm_dbg_state;
3511 static int tm_dbg_on_state_passes;
3512 static DEFINE_TIMER(tm_dbg_timer, tm_dbg_timer_fn, 0, 0);
3513 static wait_queue_head_t *tm_dbg_p_cmd_list_waitQ;
3514
3515 static const int tm_dbg_on_state_num_passes[] = { 5, 1, 0x7ffffff };
3516
3517 void tm_dbg_init_tgt_dev(struct scst_tgt_dev *tgt_dev,
3518         struct scst_acg_dev *acg_dev)
3519 {
3520         if ((acg_dev->acg == scst_default_acg) && (acg_dev->lun == 0)) {
3521                 unsigned long flags;
3522                 /* Do TM debugging only for LUN 0 */
3523                 spin_lock_irqsave(&scst_tm_dbg_lock, flags);
3524                 tm_dbg_p_cmd_list_waitQ =
3525                         &tgt_dev->dev->p_cmd_lists->cmd_list_waitQ;
3526                 tm_dbg_state = INIT_TM_DBG_STATE;
3527                 tm_dbg_on_state_passes =
3528                         tm_dbg_on_state_num_passes[tm_dbg_state];
3529                 __set_bit(SCST_TGT_DEV_UNDER_TM_DBG, &tgt_dev->tgt_dev_flags);
3530                 PRINT_INFO("LUN 0 connected from initiator %s is under "
3531                         "TM debugging", tgt_dev->sess->tgt->tgtt->name);
3532                 spin_unlock_irqrestore(&scst_tm_dbg_lock, flags);
3533         }
3534 }
3535
3536 void tm_dbg_deinit_tgt_dev(struct scst_tgt_dev *tgt_dev)
3537 {
3538         if (test_bit(SCST_TGT_DEV_UNDER_TM_DBG, &tgt_dev->tgt_dev_flags)) {
3539                 unsigned long flags;
3540                 del_timer_sync(&tm_dbg_timer);
3541                 spin_lock_irqsave(&scst_tm_dbg_lock, flags);
3542                 tm_dbg_p_cmd_list_waitQ = NULL;
3543                 spin_unlock_irqrestore(&scst_tm_dbg_lock, flags);
3544         }
3545 }
3546
3547 static void tm_dbg_timer_fn(unsigned long arg)
3548 {
3549         TRACE_MGMT_DBG("%s", "delayed cmd timer expired");
3550         tm_dbg_flags.tm_dbg_release = 1;
3551         smp_wmb();
3552         wake_up_all(tm_dbg_p_cmd_list_waitQ);
3553 }
3554
3555 /* Called under scst_tm_dbg_lock and IRQs off */
3556 static void tm_dbg_delay_cmd(struct scst_cmd *cmd)
3557 {
3558         switch (tm_dbg_state) {
3559         case TM_DBG_STATE_ABORT:
3560                 if (tm_dbg_delayed_cmds_count == 0) {
3561                         unsigned long d = 58*HZ + (scst_random() % (4*HZ));
3562                         TRACE_MGMT_DBG("STATE ABORT: delaying cmd %p (tag %llu)"
3563                                 " for %ld.%ld seconds (%ld HZ), "
3564                                 "tm_dbg_on_state_passes=%d", cmd, cmd->tag,
3565                                 d/HZ, (d%HZ)*100/HZ, d, tm_dbg_on_state_passes);
3566                         mod_timer(&tm_dbg_timer, jiffies + d);
3567 #if 0
3568                         tm_dbg_flags.tm_dbg_blocked = 1;
3569 #endif
3570                 } else {
3571                         TRACE_MGMT_DBG("Delaying another timed cmd %p "
3572                                 "(tag %llu), delayed_cmds_count=%d, "
3573                                 "tm_dbg_on_state_passes=%d", cmd, cmd->tag,
3574                                 tm_dbg_delayed_cmds_count,
3575                                 tm_dbg_on_state_passes);
3576                         if (tm_dbg_delayed_cmds_count == 2)
3577                                 tm_dbg_flags.tm_dbg_blocked = 0;
3578                 }
3579                 break;
3580
3581         case TM_DBG_STATE_RESET:
3582         case TM_DBG_STATE_OFFLINE:
3583                 TRACE_MGMT_DBG("STATE RESET/OFFLINE: delaying cmd %p "
3584                         "(tag %llu), delayed_cmds_count=%d, "
3585                         "tm_dbg_on_state_passes=%d", cmd, cmd->tag,
3586                         tm_dbg_delayed_cmds_count, tm_dbg_on_state_passes);
3587                 tm_dbg_flags.tm_dbg_blocked = 1;
3588                 break;
3589
3590         default:
3591                 sBUG();
3592         }
3593         /* IRQs already off */
3594         spin_lock(&cmd->cmd_lists->cmd_list_lock);
3595         list_add_tail(&cmd->cmd_list_entry, &tm_dbg_delayed_cmd_list);
3596         spin_unlock(&cmd->cmd_lists->cmd_list_lock);
3597         cmd->tm_dbg_delayed = 1;
3598         tm_dbg_delayed_cmds_count++;
3599         return;
3600 }
3601
3602 /* No locks */
3603 void tm_dbg_check_released_cmds(void)
3604 {
3605         if (tm_dbg_flags.tm_dbg_release) {
3606                 struct scst_cmd *cmd, *tc;
3607                 spin_lock_irq(&scst_tm_dbg_lock);
3608                 list_for_each_entry_safe_reverse(cmd, tc,
3609                                 &tm_dbg_delayed_cmd_list, cmd_list_entry) {
3610                         TRACE_MGMT_DBG("Releasing timed cmd %p (tag %llu), "
3611                                 "delayed_cmds_count=%d", cmd, cmd->tag,
3612                                 tm_dbg_delayed_cmds_count);
3613                         spin_lock(&cmd->cmd_lists->cmd_list_lock);
3614                         list_move(&cmd->cmd_list_entry,
3615                                 &cmd->cmd_lists->active_cmd_list);
3616                         spin_unlock(&cmd->cmd_lists->cmd_list_lock);
3617                 }
3618                 tm_dbg_flags.tm_dbg_release = 0;
3619                 spin_unlock_irq(&scst_tm_dbg_lock);
3620         }
3621 }
3622
3623 /* Called under scst_tm_dbg_lock */
3624 static void tm_dbg_change_state(void)
3625 {
3626         tm_dbg_flags.tm_dbg_blocked = 0;
3627         if (--tm_dbg_on_state_passes == 0) {
3628                 switch (tm_dbg_state) {
3629                 case TM_DBG_STATE_ABORT:
3630                         TRACE_MGMT_DBG("%s", "Changing "
3631                             "tm_dbg_state to RESET");
3632                         tm_dbg_state =
3633                                 TM_DBG_STATE_RESET;
3634                         tm_dbg_flags.tm_dbg_blocked = 0;
3635                         break;
3636                 case TM_DBG_STATE_RESET:
3637                 case TM_DBG_STATE_OFFLINE:
3638 #ifdef CONFIG_SCST_TM_DBG_GO_OFFLINE
3639                             TRACE_MGMT_DBG("%s", "Changing "
3640                                     "tm_dbg_state to OFFLINE");
3641                             tm_dbg_state =
3642                                 TM_DBG_STATE_OFFLINE;
3643 #else
3644                             TRACE_MGMT_DBG("%s", "Changing "
3645                                     "tm_dbg_state to ABORT");
3646                             tm_dbg_state =
3647                                 TM_DBG_STATE_ABORT;
3648 #endif
3649                         break;
3650                 default:
3651                         sBUG();
3652                 }
3653                 tm_dbg_on_state_passes =
3654                     tm_dbg_on_state_num_passes[tm_dbg_state];
3655         }
3656
3657         TRACE_MGMT_DBG("%s", "Deleting timer");
3658         del_timer(&tm_dbg_timer);
3659 }
3660
3661 /* No locks */
3662 int tm_dbg_check_cmd(struct scst_cmd *cmd)
3663 {
3664         int res = 0;
3665         unsigned long flags;
3666
3667         if (cmd->tm_dbg_immut)
3668                 goto out;
3669
3670         if (cmd->tm_dbg_delayed) {
3671                 spin_lock_irqsave(&scst_tm_dbg_lock, flags);
3672                 TRACE_MGMT_DBG("Processing delayed cmd %p (tag %llu), "
3673                         "delayed_cmds_count=%d", cmd, cmd->tag,
3674                         tm_dbg_delayed_cmds_count);
3675
3676                 cmd->tm_dbg_immut = 1;
3677                 tm_dbg_delayed_cmds_count--;
3678                 if ((tm_dbg_delayed_cmds_count == 0) &&
3679                     (tm_dbg_state == TM_DBG_STATE_ABORT))
3680                         tm_dbg_change_state();
3681                 spin_unlock_irqrestore(&scst_tm_dbg_lock, flags);
3682         } else if (cmd->tgt_dev && test_bit(SCST_TGT_DEV_UNDER_TM_DBG,
3683                                         &cmd->tgt_dev->tgt_dev_flags)) {
3684                 /* Delay 50th command */
3685                 spin_lock_irqsave(&scst_tm_dbg_lock, flags);
3686                 if (tm_dbg_flags.tm_dbg_blocked ||
3687                     (++tm_dbg_passed_cmds_count % 50) == 0) {
3688                         tm_dbg_delay_cmd(cmd);
3689                         res = 1;
3690                 } else
3691                         cmd->tm_dbg_immut = 1;
3692                 spin_unlock_irqrestore(&scst_tm_dbg_lock, flags);
3693         }
3694
3695 out:
3696         return res;
3697 }
3698
3699 /* No locks */
3700 void tm_dbg_release_cmd(struct scst_cmd *cmd)
3701 {
3702         struct scst_cmd *c;
3703         unsigned long flags;
3704
3705         spin_lock_irqsave(&scst_tm_dbg_lock, flags);
3706         list_for_each_entry(c, &tm_dbg_delayed_cmd_list,
3707                                 cmd_list_entry) {
3708                 if (c == cmd) {
3709                         TRACE_MGMT_DBG("Abort request for "
3710                                 "delayed cmd %p (tag=%llu), moving it to "
3711                                 "active cmd list (delayed_cmds_count=%d)",
3712                                 c, c->tag, tm_dbg_delayed_cmds_count);
3713
3714                         if (!test_bit(SCST_CMD_ABORTED_OTHER,
3715                                             &cmd->cmd_flags)) {
3716                                 /* Test how completed commands handled */
3717                                 if (((scst_random() % 10) == 5)) {
3718                                         scst_set_cmd_error(cmd,
3719                                                 SCST_LOAD_SENSE(
3720                                                 scst_sense_hardw_error));
3721                                         /* It's completed now */
3722                                 }
3723                         }
3724
3725                         spin_lock(&cmd->cmd_lists->cmd_list_lock);
3726                         list_move(&c->cmd_list_entry,
3727                                 &c->cmd_lists->active_cmd_list);
3728                         wake_up(&c->cmd_lists->cmd_list_waitQ);
3729                         spin_unlock(&cmd->cmd_lists->cmd_list_lock);
3730                         break;
3731                 }
3732         }
3733         spin_unlock_irqrestore(&scst_tm_dbg_lock, flags);
3734 }
3735
3736 /* Might be called under scst_mutex */
3737 void tm_dbg_task_mgmt(struct scst_device *dev, const char *fn, int force)
3738 {
3739         unsigned long flags;
3740
3741         if (dev != NULL) {
3742                 struct scst_tgt_dev *tgt_dev;
3743                 bool found = 0;
3744
3745                 spin_lock_bh(&dev->dev_lock);
3746                 list_for_each_entry(tgt_dev, &dev->dev_tgt_dev_list,
3747                                             dev_tgt_dev_list_entry) {
3748                         if (test_bit(SCST_TGT_DEV_UNDER_TM_DBG,
3749                                         &tgt_dev->tgt_dev_flags)) {
3750                                 found = 1;
3751                                 break;
3752                         }
3753                 }
3754                 spin_unlock_bh(&dev->dev_lock);
3755
3756                 if (!found)
3757                         goto out;
3758         }
3759
3760         spin_lock_irqsave(&scst_tm_dbg_lock, flags);
3761         if ((tm_dbg_state != TM_DBG_STATE_OFFLINE) || force) {
3762                 TRACE_MGMT_DBG("%s: freeing %d delayed cmds", fn,
3763                         tm_dbg_delayed_cmds_count);
3764                 tm_dbg_change_state();
3765                 tm_dbg_flags.tm_dbg_release = 1;
3766                 smp_wmb();
3767                 if (tm_dbg_p_cmd_list_waitQ != NULL)
3768                         wake_up_all(tm_dbg_p_cmd_list_waitQ);
3769         } else {
3770                 TRACE_MGMT_DBG("%s: while OFFLINE state, doing nothing", fn);
3771         }
3772 &