6b0c14f6bc6ba17becbf2b1762041b244a340c81
[mirror/scst/.git] / scst / src / scst_lib.c
1 /*
2  *  scst_lib.c
3  *  
4  *  Copyright (C) 2004-2006 Vladislav Bolkhovitin <vst@vlnb.net>
5  *                 and Leonid Stoljar
6  *  
7  *  This program is free software; you can redistribute it and/or
8  *  modify it under the terms of the GNU General Public License
9  *  as published by the Free Software Foundation, version 2
10  *  of the License.
11  * 
12  *  This program is distributed in the hope that it will be useful,
13  *  but WITHOUT ANY WARRANTY; without even the implied warranty of
14  *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15  *  GNU General Public License for more details.
16  */
17
18 #include <linux/init.h>
19 #include <linux/kernel.h>
20 #include <linux/errno.h>
21 #include <linux/list.h>
22 #include <linux/spinlock.h>
23 #include <linux/slab.h>
24 #include <linux/sched.h>
25 #include <asm/unistd.h>
26 #include <asm/string.h>
27
28 #ifdef SCST_HIGHMEM
29 #include <linux/highmem.h>
30 #endif
31
32 #include "scst_debug.h"
33 #include "scsi_tgt.h"
34 #include "scst_priv.h"
35 #include "scst_mem.h"
36
37 #include "scst_cdbprobe.h"
38
39 static void scst_free_tgt_dev(struct scst_tgt_dev *tgt_dev);
40
41 void scst_set_cmd_error_status(struct scst_cmd *cmd, int status)
42 {
43         TRACE_ENTRY();
44
45         cmd->status = status;
46         cmd->masked_status = status >> 1;
47         cmd->host_status = DID_OK;
48
49         cmd->data_direction = SCST_DATA_NONE;
50         cmd->tgt_resp_flags = SCST_TSC_FLAG_STATUS;
51         cmd->resp_data_len = 0;
52
53         TRACE_EXIT();
54         return;
55 }
56
57 void scst_set_cmd_error(struct scst_cmd *cmd, int key, int asc, int ascq)
58 {
59         TRACE_ENTRY();
60
61         scst_set_cmd_error_status(cmd, SAM_STAT_CHECK_CONDITION);
62         scst_set_sense(cmd->sense_buffer, sizeof(cmd->sense_buffer),
63                 key, asc, ascq);
64         TRACE_BUFFER("Sense set", cmd->sense_buffer, sizeof(cmd->sense_buffer));
65
66         TRACE_EXIT();
67         return;
68 }
69
70 void scst_set_cmd_error_sense(struct scst_cmd *cmd, uint8_t *sense, 
71         unsigned int len)
72 {
73         TRACE_ENTRY();
74
75         scst_set_cmd_error_status(cmd, SAM_STAT_CHECK_CONDITION);
76
77         memset(cmd->sense_buffer, 0, sizeof(cmd->sense_buffer));
78         memcpy(cmd->sense_buffer, sense, min((unsigned long)len, 
79                 (unsigned long)sizeof(cmd->sense_buffer)));
80         TRACE_BUFFER("Sense set", cmd->sense_buffer, sizeof(cmd->sense_buffer));
81
82         TRACE_EXIT();
83         return;
84 }
85
86 void scst_set_busy(struct scst_cmd *cmd)
87 {
88         TRACE_ENTRY();
89
90         if ((cmd->sess->sess_cmd_count <= 1) || 
91             (cmd->sess->init_phase != SCST_SESS_IPH_READY))
92         {
93                 scst_set_cmd_error_status(cmd, SAM_STAT_BUSY);
94                 TRACE_MGMT_DBG("Sending BUSY status to initiator %s "
95                         "(cmds count %d, queue_type %x, sess->init_phase %d), "
96                         "probably the system is overloaded",
97                         cmd->sess->initiator_name, cmd->sess->sess_cmd_count,
98                         cmd->queue_type, cmd->sess->init_phase);
99         } else {
100                 scst_set_cmd_error_status(cmd, SAM_STAT_TASK_SET_FULL);
101                 TRACE_MGMT_DBG("Sending QUEUE_FULL status to initiator %s "
102                         "(cmds count %d, queue_type %x, sess->init_phase %d), "
103                         "probably the system is overloaded",
104                         cmd->sess->initiator_name, cmd->sess->sess_cmd_count,
105                         cmd->queue_type, cmd->sess->init_phase);
106         }
107
108         TRACE_EXIT();
109         return;
110 }
111
112 void scst_set_resp_data_len(struct scst_cmd *cmd, int resp_data_len)
113 {
114         int i, l;
115
116         TRACE_ENTRY();
117
118         scst_check_restore_sg_buff(cmd);
119         cmd->resp_data_len = resp_data_len;
120
121         if (resp_data_len == cmd->bufflen)
122                 goto out;
123
124         l = 0;
125         for(i = 0; i < cmd->sg_cnt; i++) {
126                 l += cmd->sg[i].length;
127                 if (l >= resp_data_len) {
128                         int left = resp_data_len - (l - cmd->sg[i].length);
129                         TRACE(TRACE_SG, "cmd %p (tag %d), "
130                                 "resp_data_len %d, i %d, cmd->sg[i].length %d, "
131                                 "left %d", cmd, cmd->tag, resp_data_len, i,
132                                 cmd->sg[i].length, left);
133                         cmd->orig_sg_cnt = cmd->sg_cnt;
134                         cmd->orig_sg_entry = i;
135                         cmd->orig_entry_len = cmd->sg[i].length;
136                         cmd->sg_cnt = i+1;
137                         cmd->sg[i].length = left;
138                         cmd->sg_buff_modified = 1;
139                         break;
140                 }
141         }
142
143 out:
144         TRACE_EXIT();
145         return;
146 }
147
148 struct scst_device *scst_alloc_device(int gfp_mask)
149 {
150         struct scst_device *dev;
151
152         TRACE_ENTRY();
153
154         dev = kzalloc(sizeof(*dev), gfp_mask);
155         TRACE_MEM("kzalloc() for dev (%zd): %p", sizeof(*dev), dev);
156         if (dev == NULL) {
157                 TRACE(TRACE_OUT_OF_MEM, "%s",
158                       "Allocation of scst_device failed");
159                 goto out;
160         }
161
162         spin_lock_init(&dev->dev_lock);
163         atomic_set(&dev->on_dev_count, 0);
164         INIT_LIST_HEAD(&dev->blocked_cmd_list);
165         INIT_LIST_HEAD(&dev->dev_tgt_dev_list);
166         INIT_LIST_HEAD(&dev->dev_acg_dev_list);
167         init_waitqueue_head(&dev->on_dev_waitQ);
168         dev->dev_double_ua_possible = 1;
169         dev->dev_serialized = 1;
170
171 out:
172         TRACE_EXIT_HRES(dev);
173         return dev;
174 }
175
176 void scst_free_device(struct scst_device *dev)
177 {
178         TRACE_ENTRY();
179
180 #ifdef EXTRACHECKS
181         if (!list_empty(&dev->dev_tgt_dev_list) || 
182             !list_empty(&dev->dev_acg_dev_list))
183         {
184                 PRINT_ERROR_PR("%s: dev_tgt_dev_list or dev_acg_dev_list "
185                         "is not empty!", __FUNCTION__);
186                 BUG();
187         }
188 #endif
189
190         TRACE_MEM("kfree for dev: %p", dev);
191         kfree(dev);
192
193         TRACE_EXIT();
194         return;
195 }
196
197 struct scst_acg_dev *scst_alloc_acg_dev(struct scst_acg *acg,
198         struct scst_device *dev, lun_t lun)
199 {
200         struct scst_acg_dev *res;
201
202         TRACE_ENTRY();
203         
204         res = kmem_cache_alloc(scst_acgd_cachep, GFP_KERNEL);
205         TRACE_MEM("kmem_cache_alloc() for acg_dev (%zd): %p", sizeof(*res), res);
206         if (res == NULL) {
207                 TRACE(TRACE_OUT_OF_MEM, "%s", "Allocation of scst_acg_dev failed");
208                 goto out;
209         }
210         memset(res, 0, sizeof(*res));
211         
212         res->dev = dev;
213         res->acg = acg;
214         res->lun = lun;
215         
216 out:
217         TRACE_EXIT_HRES(res);
218         return res;
219 }
220
221 /* scst_mutex supposed to be held */
222 void scst_free_acg_dev(struct scst_acg_dev *acg_dev)
223 {
224         TRACE_ENTRY();
225         
226         TRACE_DBG("Removing acg_dev %p from acg_dev_list and dev_acg_dev_list", 
227                 acg_dev);
228         list_del(&acg_dev->acg_dev_list_entry);
229         list_del(&acg_dev->dev_acg_dev_list_entry);
230         
231         TRACE_MEM("kfree for acg_dev: %p", acg_dev);
232         kmem_cache_free(scst_acgd_cachep, acg_dev);
233         
234         TRACE_EXIT();
235         return;
236 }
237
238 /* scst_mutex supposed to be held */
239 struct scst_acg *scst_alloc_add_acg(const char *acg_name)
240 {
241         struct scst_acg *acg;
242
243         TRACE_ENTRY();
244
245         acg = kzalloc(sizeof(*acg), GFP_KERNEL);
246         TRACE_MEM("kzalloc() for acg (%zd): %p", sizeof(*acg), acg);
247         if (acg == NULL) {
248                 TRACE(TRACE_OUT_OF_MEM, "%s", "Allocation of acg failed");
249                 goto out;
250         }
251
252         INIT_LIST_HEAD(&acg->acg_dev_list);
253         INIT_LIST_HEAD(&acg->acg_sess_list);
254         INIT_LIST_HEAD(&acg->acn_list);
255         acg->acg_name = acg_name;
256         
257         TRACE_DBG("Adding acg %s to scst_acg_list", acg_name);
258         list_add_tail(&acg->scst_acg_list_entry, &scst_acg_list);
259         
260 out:
261         TRACE_EXIT_HRES(acg);
262         return acg;
263 }
264
265 /* scst_mutex supposed to be held */
266 int scst_destroy_acg(struct scst_acg *acg)
267 {
268         struct scst_acn *n, *nn;
269         struct scst_acg_dev *acg_dev, *acg_dev_tmp;
270         int res = 0;
271
272         TRACE_ENTRY();
273
274         if (!list_empty(&acg->acg_sess_list)) {
275                 PRINT_ERROR_PR("%s: acg_sess_list is not empty!", __FUNCTION__);
276                 res = -EBUSY;
277                 goto out;
278         }
279
280         __scst_suspend_activity();
281
282         TRACE_DBG("Removing acg %s from scst_acg_list", acg->acg_name);
283         list_del(&acg->scst_acg_list_entry);
284         
285         /* Freeing acg_devs */
286         list_for_each_entry_safe(acg_dev, acg_dev_tmp, &acg->acg_dev_list, 
287                 acg_dev_list_entry)
288         {
289                 struct scst_tgt_dev *tgt_dev, *tt;
290                 list_for_each_entry_safe(tgt_dev, tt,
291                          &acg_dev->dev->dev_tgt_dev_list,
292                          dev_tgt_dev_list_entry)
293                 {
294                         if (tgt_dev->acg_dev == acg_dev)
295                                 scst_free_tgt_dev(tgt_dev);
296                 }
297                 scst_free_acg_dev(acg_dev);
298         }
299
300         __scst_resume_activity();
301
302         /* Freeing names */
303         list_for_each_entry_safe(n, nn, &acg->acn_list, 
304                 acn_list_entry)
305         {
306                 list_del(&n->acn_list_entry);
307                 TRACE_MEM("kfree() for scst_acn->name: %p", n->name);
308                 kfree(n->name);
309                 TRACE_MEM("kfree() for scst_acn: %p", n);
310                 kfree(n);
311         }
312         INIT_LIST_HEAD(&acg->acn_list);
313
314         TRACE_MEM("kfree for acg: %p", acg);
315         kfree(acg);
316
317 out:
318         TRACE_EXIT_RES(res);
319         return res;
320 }
321
322 /*
323  * No spin locks supposed to be held, scst_mutex - held.
324  * The activity is suspended.
325  */
326 static struct scst_tgt_dev *scst_alloc_add_tgt_dev(struct scst_session *sess,
327         struct scst_acg_dev *acg_dev)
328 {
329         struct scst_tgt_dev *tgt_dev;
330         struct scst_device *dev = acg_dev->dev;
331         int res;
332
333         TRACE_ENTRY();
334
335         tgt_dev = kmem_cache_alloc(scst_tgtd_cachep, GFP_KERNEL);
336         TRACE_MEM("kmem_cache_alloc(GFP_KERNEL) for tgt_dev (%zd): %p",
337               sizeof(*tgt_dev), tgt_dev);
338         if (tgt_dev != NULL)
339                 memset(tgt_dev, 0, sizeof(*tgt_dev));
340         else {
341                 TRACE(TRACE_OUT_OF_MEM, "%s",
342                       "Allocation of scst_tgt_dev failed");
343                 goto out;
344         }
345
346         tgt_dev->acg_dev = acg_dev;
347         tgt_dev->sess = sess;
348         tgt_dev->cmd_count = 0;
349
350         if (dev->scsi_dev != NULL) {
351                 TRACE(TRACE_DEBUG, "host=%d, channel=%d, id=%d, lun=%d, "
352                       "SCST lun=%Ld", dev->scsi_dev->host->host_no, 
353                       dev->scsi_dev->channel, dev->scsi_dev->id, 
354                       dev->scsi_dev->lun, (uint64_t)tgt_dev->acg_dev->lun);
355         }
356         else {
357                 TRACE(TRACE_MINOR, "Virtual device SCST lun=%Ld", 
358                       (uint64_t)tgt_dev->acg_dev->lun);
359         }
360
361         INIT_LIST_HEAD(&tgt_dev->thr_cmd_list);
362         spin_lock_init(&tgt_dev->tgt_dev_lock);
363         INIT_LIST_HEAD(&tgt_dev->UA_list);
364         spin_lock_init(&tgt_dev->sn_lock);
365         INIT_LIST_HEAD(&tgt_dev->deferred_cmd_list);
366         INIT_LIST_HEAD(&tgt_dev->skipped_sn_list);
367
368         spin_lock_bh(&scst_temp_UA_lock);
369         scst_set_sense(scst_temp_UA, sizeof(scst_temp_UA),
370                 SCST_LOAD_SENSE(scst_sense_reset_UA));
371         scst_alloc_set_UA(tgt_dev, scst_temp_UA, sizeof(scst_temp_UA));
372         spin_unlock_bh(&scst_temp_UA_lock);
373
374         tm_dbg_init_tgt_dev(tgt_dev, acg_dev);
375
376         if (dev->handler && dev->handler->attach_tgt) {
377                 TRACE_DBG("Calling dev handler's attach_tgt(%p)",
378                       tgt_dev);
379                 res = dev->handler->attach_tgt(tgt_dev);
380                 TRACE_DBG("%s", "Dev handler's attach_tgt() returned");
381                 if (res != 0) {
382                         PRINT_ERROR_PR("Device handler's %s attach_tgt() "
383                             "failed: %d", dev->handler->name, res);
384                         goto out_free;
385                 }
386         }
387         
388         list_add_tail(&tgt_dev->dev_tgt_dev_list_entry, &dev->dev_tgt_dev_list);
389         if (dev->dev_reserved)
390                 __set_bit(SCST_TGT_DEV_RESERVED, &tgt_dev->tgt_dev_flags);
391
392         list_add_tail(&tgt_dev->sess_tgt_dev_list_entry,
393                 &sess->sess_tgt_dev_list);
394
395 out:
396         TRACE_EXIT();
397         return tgt_dev;
398
399 out_free:
400         TRACE_MEM("kfree for tgt_dev: %p", tgt_dev);
401         kmem_cache_free(scst_tgtd_cachep, tgt_dev);
402         tgt_dev = NULL;
403         goto out;
404 }
405
406 static void scst_send_release(struct scst_tgt_dev *tgt_dev);
407
408 /* 
409  * No locks supposed to be held, scst_mutex - held.
410  * The activity is suspended.
411  */
412 void scst_reset_tgt_dev(struct scst_tgt_dev *tgt_dev, int nexus_loss)
413 {
414         struct scst_device *dev = tgt_dev->acg_dev->dev;
415
416         if (dev->dev_reserved &&
417             !test_bit(SCST_TGT_DEV_RESERVED, &tgt_dev->tgt_dev_flags)) 
418         {
419                 /* This is one who holds the reservation */
420                 struct scst_tgt_dev *tgt_dev_tmp;
421                 list_for_each_entry(tgt_dev_tmp, &dev->dev_tgt_dev_list,
422                                     dev_tgt_dev_list_entry) 
423                 {
424                         clear_bit(SCST_TGT_DEV_RESERVED,
425                                     &tgt_dev_tmp->tgt_dev_flags);
426                 }
427                 dev->dev_reserved = 0;
428
429                 scst_send_release(tgt_dev);
430         }
431
432         spin_lock_bh(&scst_temp_UA_lock);
433         if (nexus_loss) {
434                 scst_set_sense(scst_temp_UA, sizeof(scst_temp_UA),
435                         SCST_LOAD_SENSE(scst_sense_nexus_loss_UA));
436         } else {
437                 scst_set_sense(scst_temp_UA, sizeof(scst_temp_UA),
438                         SCST_LOAD_SENSE(scst_sense_reset_UA));
439         }
440         scst_check_set_UA(tgt_dev, scst_temp_UA, sizeof(scst_temp_UA));
441         spin_unlock_bh(&scst_temp_UA_lock);
442 }
443
444 /* 
445  * No locks supposed to be held, scst_mutex - held.
446  * The activity is suspended.
447  */
448 static void scst_free_tgt_dev(struct scst_tgt_dev *tgt_dev)
449 {
450         struct scst_device *dev = tgt_dev->acg_dev->dev;
451
452         TRACE_ENTRY();
453
454         tm_dbg_deinit_tgt_dev(tgt_dev);
455
456         list_del(&tgt_dev->dev_tgt_dev_list_entry);
457         list_del(&tgt_dev->sess_tgt_dev_list_entry);
458
459         scst_reset_tgt_dev(tgt_dev, 0);
460         scst_free_all_UA(tgt_dev);
461
462         if (dev->handler && dev->handler->detach_tgt) {
463                 TRACE_DBG("Calling dev handler's detach_tgt(%p)",
464                       tgt_dev);
465                 dev->handler->detach_tgt(tgt_dev);
466                 TRACE_DBG("%s", "Dev handler's detach_tgt() returned");
467         }
468
469         TRACE_MEM("kfree for tgt_dev: %p", tgt_dev);
470         kmem_cache_free(scst_tgtd_cachep, tgt_dev);
471
472         TRACE_EXIT();
473         return;
474 }
475
476 /* scst_mutex supposed to be held */
477 int scst_sess_alloc_tgt_devs(struct scst_session *sess)
478 {
479         int res = 0;
480         struct scst_acg_dev *acg_dev;
481         struct scst_tgt_dev *tgt_dev;
482
483         TRACE_ENTRY();
484
485         __scst_suspend_activity();
486
487         INIT_LIST_HEAD(&sess->sess_tgt_dev_list);
488         list_for_each_entry(acg_dev, &sess->acg->acg_dev_list, 
489                 acg_dev_list_entry)
490         {
491                 tgt_dev = scst_alloc_add_tgt_dev(sess, acg_dev);
492                 if (tgt_dev == NULL) {
493                         res = -ENOMEM;
494                         goto out_free;
495                 }
496         }
497
498 out_resume:
499         __scst_resume_activity();
500
501         TRACE_EXIT();
502         return res;
503
504 out_free:
505         scst_sess_free_tgt_devs(sess);
506         goto out_resume;
507 }
508
509 /* scst_mutex supposed to be held and activity suspended */
510 void scst_sess_free_tgt_devs(struct scst_session *sess)
511 {
512         struct scst_tgt_dev *tgt_dev, *t;
513
514         TRACE_ENTRY();
515         
516         /* The session is going down, no users, so no locks */
517         list_for_each_entry_safe(tgt_dev, t, &sess->sess_tgt_dev_list,
518                                  sess_tgt_dev_list_entry) 
519         {
520                 scst_free_tgt_dev(tgt_dev);
521         }
522         INIT_LIST_HEAD(&sess->sess_tgt_dev_list);
523
524         TRACE_EXIT();
525         return;
526 }
527
528 /* scst_mutex supposed to be held */
529 int scst_acg_add_dev(struct scst_acg *acg, struct scst_device *dev, lun_t lun,
530         int read_only)
531 {
532         int res = 0;
533         struct scst_acg_dev *acg_dev;
534         struct scst_tgt_dev *tgt_dev;
535         struct scst_session *sess;
536         LIST_HEAD(tmp_tgt_dev_list);
537         
538         TRACE_ENTRY();
539         
540         INIT_LIST_HEAD(&tmp_tgt_dev_list);
541         
542 #ifdef EXTRACHECKS
543         list_for_each_entry(acg_dev, &acg->acg_dev_list, acg_dev_list_entry) {
544                 if (acg_dev->dev == dev) {
545                         PRINT_ERROR_PR("Device is already in group %s", 
546                                 acg->acg_name);
547                         res = -EINVAL;
548                         goto out;
549                 }
550         }
551 #endif
552         
553         acg_dev = scst_alloc_acg_dev(acg, dev, lun);
554         if (acg_dev == NULL) {
555                 res = -ENOMEM;
556                 goto out;
557         }
558         acg_dev->rd_only_flag = read_only;
559
560         __scst_suspend_activity();
561
562         TRACE_DBG("Adding acg_dev %p to acg_dev_list and dev_acg_dev_list", 
563                 acg_dev);
564         list_add_tail(&acg_dev->acg_dev_list_entry, &acg->acg_dev_list);
565         list_add_tail(&acg_dev->dev_acg_dev_list_entry, &dev->dev_acg_dev_list);
566         
567         list_for_each_entry(sess, &acg->acg_sess_list, acg_sess_list_entry) 
568         {
569                 tgt_dev = scst_alloc_add_tgt_dev(sess, acg_dev);
570                 if (tgt_dev == NULL) {
571                         res = -ENOMEM;
572                         goto out_free;
573                 }
574                 list_add_tail(&tgt_dev->extra_tgt_dev_list_entry,
575                               &tmp_tgt_dev_list);
576         }
577
578 out_resume:
579         __scst_resume_activity();
580
581 out:
582         TRACE_EXIT_RES(res);
583         return res;
584
585 out_free:
586         list_for_each_entry(tgt_dev, &tmp_tgt_dev_list,
587                          extra_tgt_dev_list_entry) 
588         {
589                 scst_free_tgt_dev(tgt_dev);
590         }
591         scst_free_acg_dev(acg_dev);
592         goto out_resume;
593 }
594
595 /* scst_mutex supposed to be held */
596 int scst_acg_remove_dev(struct scst_acg *acg, struct scst_device *dev)
597 {
598         int res = 0;
599         struct scst_acg_dev *acg_dev = NULL, *a;
600         struct scst_tgt_dev *tgt_dev, *tt;
601         
602         TRACE_ENTRY();
603         
604         list_for_each_entry(a, &acg->acg_dev_list, acg_dev_list_entry) {
605                 if (a->dev == dev) {
606                         acg_dev = a;
607                         break;
608                 }
609         }
610         
611         if (acg_dev == NULL) {
612                 PRINT_ERROR_PR("Device is not found in group %s", acg->acg_name);
613                 res = -EINVAL;
614                 goto out;
615         }
616
617         __scst_suspend_activity();
618
619         list_for_each_entry_safe(tgt_dev, tt, &dev->dev_tgt_dev_list,
620                  dev_tgt_dev_list_entry) 
621         {
622                 if (tgt_dev->acg_dev == acg_dev)
623                         scst_free_tgt_dev(tgt_dev);
624         }
625         scst_free_acg_dev(acg_dev);
626
627         __scst_resume_activity();
628
629 out:    
630         TRACE_EXIT_RES(res);
631         return res;
632 }
633
634 /* scst_mutex supposed to be held */
635 int scst_acg_add_name(struct scst_acg *acg, const char *name)
636 {
637         int res = 0;
638         struct scst_acn *n;
639         int len;
640         char *nm;
641         
642         TRACE_ENTRY();
643
644         list_for_each_entry(n, &acg->acn_list, acn_list_entry) 
645         {
646                 if (strcmp(n->name, name) == 0) {
647                         PRINT_ERROR_PR("Name %s already exists in access "
648                                 "control group %s", name, acg->acg_name);
649                         res = -EINVAL;
650                         goto out;
651                 }
652         }
653         
654         n = kmalloc(sizeof(*n), GFP_KERNEL);
655         TRACE_MEM("kmalloc(GFP_KERNEL) for scst_acn (%zd): %p", sizeof(*n), n);
656         if (n == NULL) {
657                 PRINT_ERROR_PR("%s", "Unable to allocate scst_acn");
658                 res = -ENOMEM;
659                 goto out;
660         }
661         
662         len = strlen(name);
663         nm = kmalloc(len + 1, GFP_KERNEL);
664         TRACE_MEM("kmalloc(GFP_KERNEL) for scst_acn->name (%d): %p",
665                   len + 1, nm);
666         if (nm == NULL) {
667                 PRINT_ERROR_PR("%s", "Unable to allocate scst_acn->name");
668                 res = -ENOMEM;
669                 goto out_free;
670         }
671         
672         strcpy(nm, name);
673         n->name = nm;
674         
675         list_add_tail(&n->acn_list_entry, &acg->acn_list);
676
677 out:
678         TRACE_EXIT_RES(res);
679         return res;
680
681 out_free:
682         TRACE_MEM("kfree() for scst_acn: %p", n);
683         kfree(n);
684         goto out;
685 }
686
687 /* scst_mutex supposed to be held */
688 int scst_acg_remove_name(struct scst_acg *acg, const char *name)
689 {
690         int res = -EINVAL;
691         struct scst_acn *n;
692         
693         TRACE_ENTRY();
694         
695         list_for_each_entry(n, &acg->acn_list, acn_list_entry)
696         {
697                 if (strcmp(n->name, name) == 0) {
698                         list_del(&n->acn_list_entry);
699                         TRACE_MEM("kfree() for scst_acn->name: %p", n->name);
700                         kfree(n->name);
701                         TRACE_MEM("kfree() for scst_acn: %p", n);
702                         kfree(n);
703                         res = 0;
704                         break;
705                 }
706         }
707         
708         if (res != 0) {
709                 PRINT_ERROR_PR("Unable to find name %s in access control "
710                         "group %s", name, acg->acg_name);
711         }
712
713         TRACE_EXIT_RES(res);
714         return res;
715 }
716
717 static void scst_req_done(struct scsi_cmnd *scsi_cmd)
718 {
719         struct scsi_request *req;
720
721         TRACE_ENTRY();
722
723         if (scsi_cmd && (req = scsi_cmd->sc_request)) {
724                 if (req) {
725                         if (req->sr_bufflen) {
726                                 TRACE_MEM("kfree for req->sr_buffer: %p",
727                                       req->sr_buffer);
728                                 kfree(req->sr_buffer);
729                         }
730                         scsi_release_request(req);
731                 }
732         }
733
734         TRACE_EXIT();
735         return;
736 }
737
738 static void scst_send_release(struct scst_tgt_dev *tgt_dev)
739 {
740         struct scsi_request *req;
741         struct scsi_device *scsi_dev;
742         uint8_t cdb[6];
743
744         TRACE_ENTRY();
745         
746         if (tgt_dev->acg_dev->dev->scsi_dev == NULL)
747                 goto out;
748
749         scsi_dev = tgt_dev->acg_dev->dev->scsi_dev;
750
751         req = scsi_allocate_request(scsi_dev, GFP_KERNEL);
752         if (req == NULL) {
753                 PRINT_ERROR_PR("Allocation of scsi_request failed: unable "
754                             "to RELEASE device %d:%d:%d:%d",
755                             scsi_dev->host->host_no, scsi_dev->channel,
756                             scsi_dev->id, scsi_dev->lun);
757                 goto out;
758         }
759
760         memset(cdb, 0, sizeof(cdb));
761         cdb[0] = RELEASE;
762         cdb[1] = (scsi_dev->scsi_level <= SCSI_2) ?
763             ((scsi_dev->lun << 5) & 0xe0) : 0;
764         memcpy(req->sr_cmnd, cdb, sizeof(cdb));
765         req->sr_cmd_len = sizeof(cdb);
766         req->sr_data_direction = SCST_DATA_NONE;
767         req->sr_use_sg = 0;
768         req->sr_bufflen = 0;
769         req->sr_buffer = NULL;
770         req->sr_request->rq_disk = tgt_dev->acg_dev->dev->rq_disk;
771         req->sr_sense_buffer[0] = 0;
772
773         TRACE(TRACE_DEBUG | TRACE_SCSI, "Sending RELEASE req %p to SCSI "
774                 "mid-level", req);
775         scst_do_req(req, req->sr_cmnd, (void *)req->sr_buffer, req->sr_bufflen,
776                     scst_req_done, SCST_DEFAULT_TIMEOUT, 3);
777
778 out:
779         TRACE_EXIT();
780         return;
781 }
782
783 struct scst_session *scst_alloc_session(struct scst_tgt *tgt, int gfp_mask,
784         const char *initiator_name)
785 {
786         struct scst_session *sess;
787         int len;
788         char *nm;
789
790         TRACE_ENTRY();
791
792         sess = kmem_cache_alloc(scst_sess_cachep, gfp_mask);
793         TRACE_MEM("kmem_cache_alloc() for sess (%zd): %p", sizeof(*sess), sess);
794         if (sess != NULL)
795                 memset(sess, 0, sizeof(*sess));
796         else {
797                 TRACE(TRACE_OUT_OF_MEM, "%s",
798                       "Allocation of scst_session failed");
799                 goto out;
800         }
801
802         sess->init_phase = SCST_SESS_IPH_INITING;
803         atomic_set(&sess->refcnt, 0);
804         INIT_LIST_HEAD(&sess->sess_tgt_dev_list);
805         INIT_LIST_HEAD(&sess->search_cmd_list);
806         sess->tgt = tgt;
807         INIT_LIST_HEAD(&sess->init_deferred_cmd_list);
808         INIT_LIST_HEAD(&sess->init_deferred_mcmd_list);
809         
810         len = strlen(initiator_name);
811         nm = kmalloc(len + 1, gfp_mask);
812         TRACE_MEM("kmalloc(GFP_KERNEL) for sess->initiator_name (%d): %p",
813                   len + 1, nm);
814         if (nm == NULL) {
815                 PRINT_ERROR_PR("%s", "Unable to allocate sess->initiator_name");
816                 goto out_free;
817         }
818         
819         strcpy(nm, initiator_name);
820         sess->initiator_name = nm;
821         
822 out:
823         TRACE_EXIT();
824         return sess;
825
826 out_free:
827         TRACE_MEM("kfree() for sess: %p", sess);
828         kmem_cache_free(scst_sess_cachep, sess);
829         sess = NULL;
830         goto out;
831 }
832
833 void scst_free_session(struct scst_session *sess)
834 {
835         TRACE_ENTRY();
836
837         down(&scst_mutex);
838         TRACE_DBG("Removing sess %p from the list", sess);
839         list_del(&sess->sess_list_entry);
840         TRACE_DBG("Removing session %p from acg %s", sess, sess->acg->acg_name);
841         list_del(&sess->acg_sess_list_entry);
842         
843         __scst_suspend_activity();
844         scst_sess_free_tgt_devs(sess);
845         __scst_resume_activity();
846
847         wake_up_all(&sess->tgt->unreg_waitQ);
848
849         up(&scst_mutex);
850
851         TRACE_MEM("kfree for sess->initiator_name: %p", sess->initiator_name);
852         kfree(sess->initiator_name);
853
854         TRACE_MEM("kfree for sess: %p", sess);
855         kmem_cache_free(scst_sess_cachep, sess);
856
857         TRACE_EXIT();
858         return;
859 }
860
861 void scst_free_session_callback(struct scst_session *sess)
862 {
863         struct semaphore *shm;
864
865         TRACE_ENTRY();
866
867         TRACE_DBG("Freeing session %p", sess);
868
869         shm = sess->shutdown_mutex;
870
871         if (sess->unreg_done_fn) {
872                 TRACE_DBG("Calling unreg_done_fn(%p)", sess);
873                 sess->unreg_done_fn(sess);
874                 TRACE_DBG("%s", "unreg_done_fn() returned");
875         }
876         scst_free_session(sess);
877
878         if (shm)
879                 up(shm);
880
881         TRACE_EXIT();
882         return;
883 }
884
885 void scst_sched_session_free(struct scst_session *sess)
886 {
887         unsigned long flags;
888
889         TRACE_ENTRY();
890
891         spin_lock_irqsave(&scst_mgmt_lock, flags);
892         TRACE_DBG("Adding sess %p to scst_sess_mgmt_list", sess);
893         list_add_tail(&sess->sess_mgmt_list_entry, &scst_sess_mgmt_list);
894         spin_unlock_irqrestore(&scst_mgmt_lock, flags);
895         
896         wake_up(&scst_mgmt_waitQ);
897
898         TRACE_EXIT();
899         return;
900 }
901
902 struct scst_cmd *scst_alloc_cmd(int gfp_mask)
903 {
904         struct scst_cmd *cmd;
905
906         TRACE_ENTRY();
907
908         cmd = kmem_cache_alloc(scst_cmd_cachep, gfp_mask);
909         TRACE_MEM("kmem_cache_alloc() for cmd (%zd): %p", sizeof(*cmd), cmd);
910         if (cmd != NULL)
911                 memset(cmd, 0, sizeof(*cmd));
912         else {
913                 TRACE(TRACE_OUT_OF_MEM, "%s", "Allocation of scst_cmd failed");
914                 goto out;
915         }
916
917         cmd->queue_type = SCST_CMD_QUEUE_UNTAGGED;
918         cmd->timeout = SCST_DEFAULT_TIMEOUT;
919         cmd->retries = SCST_DEFAULT_RETRIES;
920         cmd->data_len = -1;
921         cmd->tgt_resp_flags = SCST_TSC_FLAG_STATUS;
922         cmd->resp_data_len = -1;
923
924 out:
925         TRACE_EXIT();
926         return cmd;
927 }
928
929 static void scst_destroy_put_cmd(struct scst_cmd *cmd)
930 {
931         scst_sess_put(cmd->sess);
932
933         /* At this point tgt_dev can be dead, but the pointer remains not-NULL */
934         if (likely(cmd->tgt_dev != NULL))
935                 scst_dec_cmd_count();
936
937         scst_destroy_cmd(cmd);
938         return;
939 }
940
941 /* No locks supposed to be held. Must be called only from scst_finish_cmd()! */
942 void scst_free_cmd(struct scst_cmd *cmd)
943 {
944         int destroy = 1;
945
946         TRACE_ENTRY();
947
948         BUG_ON(cmd->blocking);
949
950 #ifdef EXTRACHECKS
951         if (cmd->scsi_req) {
952                 PRINT_ERROR_PR("%s: %s", __FUNCTION__, "Cmd with unfreed "
953                         "scsi_req!");
954                 scst_release_request(cmd);
955         }
956 #endif
957
958         TRACE_DBG("Calling target's on_free_cmd(%p)", cmd);
959         cmd->tgtt->on_free_cmd(cmd);
960         TRACE_DBG("%s", "Target's on_free_cmd() returned");
961
962         if (likely(cmd->dev != NULL)) {
963                 struct scst_dev_type *handler = cmd->dev->handler;
964                 if (handler->on_free_cmd != NULL) {
965                         TRACE_DBG("Calling dev handler %s on_free_cmd(%p)",
966                               handler->name, cmd);
967                         handler->on_free_cmd(cmd);
968                         TRACE_DBG("Dev handler %s on_free_cmd() returned",
969                                 handler->name);
970                 }
971         }
972
973         scst_release_space(cmd);
974
975         if (likely(cmd->tgt_dev != NULL)) {
976 #ifdef EXTRACHECKS
977                 if (cmd->sent_to_midlev == 0) {
978                         PRINT_ERROR_PR("Finishing not executed cmd (opcode %d, "
979                              "target %s, lun %Ld, sn %d, expected_sn %d)", 
980                              cmd->cdb[0], cmd->tgtt->name, (uint64_t)cmd->lun, 
981                              cmd->sn, cmd->tgt_dev->expected_sn);
982                         scst_inc_expected_sn_unblock(cmd->tgt_dev, cmd, 0);
983                 }
984 #endif
985                 if (unlikely(test_bit(SCST_CMD_OUT_OF_SN, 
986                                 &cmd->cmd_flags)))
987                 {
988                         spin_lock_bh(&cmd->tgt_dev->sn_lock);
989                         set_bit(SCST_CMD_CAN_BE_DESTROYED, 
990                                 &cmd->cmd_flags);
991                         barrier(); /* to reread SCST_CMD_OUT_OF_SN */
992                         destroy = !test_bit(SCST_CMD_OUT_OF_SN, 
993                                         &cmd->cmd_flags);
994                         TRACE(TRACE_SCSI_SERIALIZING, "Out of SN "
995                                 "cmd %p (tag %d, sn %d), destroy=%d", cmd,
996                                 cmd->tag, cmd->sn, destroy);
997                         spin_unlock_bh(&cmd->tgt_dev->sn_lock);
998                 }
999         }
1000
1001         if (likely(destroy))
1002                 scst_destroy_put_cmd(cmd);
1003
1004         TRACE_EXIT();
1005         return;
1006 }
1007
1008 /* No locks supposed to be held. */
1009 void scst_check_retries(struct scst_tgt *tgt, int processible_env)
1010 {
1011         int need_wake_up = 0;
1012
1013         TRACE_ENTRY();
1014
1015         /* 
1016          * We don't worry about overflow of finished_cmds, because we check 
1017          * only for its change 
1018          */
1019         atomic_inc(&tgt->finished_cmds);
1020         smp_mb__after_atomic_inc();
1021         if (unlikely(tgt->retry_cmds > 0)) 
1022         {
1023                 struct scst_cmd *c, *tc;
1024                 unsigned long flags;
1025
1026                 TRACE(TRACE_RETRY, "Checking retry cmd list (retry_cmds %d)",
1027                       tgt->retry_cmds);
1028
1029                 spin_lock_irqsave(&tgt->tgt_lock, flags);
1030                 spin_lock(&scst_list_lock);
1031
1032                 list_for_each_entry_safe(c, tc, &tgt->retry_cmd_list,
1033                                 cmd_list_entry)
1034                 {
1035                         tgt->retry_cmds--;
1036
1037                         TRACE(TRACE_RETRY, "Moving retry cmd %p to active cmd "
1038                             "list (retry_cmds left %d)", c, tgt->retry_cmds);
1039                         list_move(&c->cmd_list_entry, &scst_active_cmd_list);
1040
1041                         need_wake_up++;
1042                         if (need_wake_up >= 2) /* "slow start" */
1043                                 break; 
1044                 }
1045
1046                 spin_unlock(&scst_list_lock);
1047                 spin_unlock_irqrestore(&tgt->tgt_lock, flags);
1048         }
1049
1050         if (need_wake_up && !processible_env)
1051                 wake_up(&scst_list_waitQ);
1052
1053         TRACE_EXIT();
1054         return;
1055 }
1056
1057 void scst_tgt_retry_timer_fn(unsigned long arg)
1058 {
1059         struct scst_tgt *tgt = (struct scst_tgt*)arg;
1060         unsigned long flags;
1061
1062         TRACE(TRACE_RETRY, "Retry timer expired (retry_cmds %d)",
1063                 tgt->retry_cmds);
1064
1065         spin_lock_irqsave(&tgt->tgt_lock, flags);
1066         tgt->retry_timer_active = 0;
1067         spin_unlock_irqrestore(&tgt->tgt_lock, flags);
1068
1069         scst_check_retries(tgt, 0);
1070
1071         TRACE_EXIT();
1072         return;
1073 }
1074
1075 struct scst_mgmt_cmd *scst_alloc_mgmt_cmd(int gfp_mask)
1076 {
1077         struct scst_mgmt_cmd *mcmd;
1078
1079         TRACE_ENTRY();
1080
1081         mcmd = mempool_alloc(scst_mgmt_mempool, gfp_mask);
1082         TRACE_MEM("mempool_alloc() for mgmt cmd (%zd): %p", sizeof(*mcmd),
1083                 mcmd);
1084         if (mcmd == NULL) {
1085                 PRINT_ERROR("%s", "Allocation of management command "
1086                         "failed, some commands and their data could leak");
1087                 goto out;
1088         }
1089         memset(mcmd, 0, sizeof(*mcmd));
1090
1091 out:
1092         TRACE_EXIT();
1093         return mcmd;
1094 }
1095
1096 void scst_free_mgmt_cmd(struct scst_mgmt_cmd *mcmd, int del)
1097 {
1098         unsigned long flags;
1099
1100         TRACE_ENTRY();
1101
1102         spin_lock_irqsave(&scst_list_lock, flags);
1103         if (del)
1104                 list_del(&mcmd->mgmt_cmd_list_entry);
1105         mcmd->sess->sess_cmd_count--;
1106         spin_unlock_irqrestore(&scst_list_lock, flags);
1107
1108         scst_sess_put(mcmd->sess);
1109
1110         if (mcmd->mcmd_tgt_dev != NULL)
1111                 scst_dec_cmd_count();
1112
1113         TRACE_MEM("mempool_free for mgmt cmd: %p", mcmd);
1114         mempool_free(mcmd, scst_mgmt_mempool);
1115
1116         TRACE_EXIT();
1117         return;
1118 }
1119
1120 int scst_alloc_request(struct scst_cmd *cmd)
1121 {
1122         int res = 0;
1123         struct scsi_request *req;
1124         int gm = scst_cmd_atomic(cmd) ? GFP_ATOMIC : GFP_KERNEL;
1125
1126         TRACE_ENTRY();
1127
1128         /* cmd->dev->scsi_dev must be non-NULL here */
1129         req = scsi_allocate_request(cmd->dev->scsi_dev, gm);
1130         if (req == NULL) {
1131                 TRACE(TRACE_OUT_OF_MEM, "%s",
1132                       "Allocation of scsi_request failed");
1133                 res = -ENOMEM;
1134                 goto out;
1135         }
1136
1137         cmd->scsi_req = req;
1138
1139         memcpy(req->sr_cmnd, cmd->cdb, cmd->cdb_len);
1140         req->sr_cmd_len = cmd->cdb_len;
1141         req->sr_data_direction = cmd->data_direction;
1142         req->sr_use_sg = cmd->sg_cnt;
1143         req->sr_bufflen = cmd->bufflen;
1144         req->sr_buffer = cmd->sg;
1145         req->sr_request->rq_disk = cmd->dev->rq_disk;
1146         req->sr_sense_buffer[0] = 0;
1147
1148         cmd->scsi_req->upper_private_data = cmd;
1149
1150 out:
1151         TRACE_EXIT();
1152         return res;
1153 }
1154
1155 void scst_release_request(struct scst_cmd *cmd)
1156 {
1157         scsi_release_request(cmd->scsi_req);
1158         cmd->scsi_req = NULL;
1159 }
1160
1161 int scst_alloc_space(struct scst_cmd *cmd)
1162 {
1163         int tgt_sg = cmd->tgt->sg_tablesize;
1164         int ini_sg;
1165         int gfp_mask;
1166         int res = -ENOMEM;
1167         int ini_unchecked_isa_dma, ini_use_clustering;
1168         struct sgv_pool *pool;
1169         struct sgv_pool_obj *sgv;
1170
1171         TRACE_ENTRY();
1172
1173         if (cmd->data_buf_alloced) {
1174                 TRACE_MEM("%s", "data_buf_alloced set, returning");
1175                 BUG_ON(cmd->sg == NULL);
1176                 res = 0;
1177                 goto out;
1178         }
1179
1180         gfp_mask = __GFP_NOWARN;
1181         gfp_mask |= (scst_cmd_atomic(cmd) ? GFP_ATOMIC : GFP_KERNEL);
1182         pool = &scst_sgv.norm;
1183
1184         if (cmd->dev->scsi_dev != NULL) {
1185                 ini_sg = cmd->dev->scsi_dev->host->sg_tablesize;
1186                 ini_unchecked_isa_dma = 
1187                         cmd->dev->scsi_dev->host->unchecked_isa_dma;
1188                 ini_use_clustering = 
1189                         (cmd->dev->scsi_dev->host->use_clustering == 
1190                                 ENABLE_CLUSTERING);
1191         }
1192         else {
1193                 ini_sg = (1 << 15) /* infinite */;
1194                 ini_unchecked_isa_dma = 0;
1195                 ini_use_clustering = 0;
1196         }
1197
1198         if (cmd->tgtt->use_clustering || ini_use_clustering)
1199         {
1200                 TRACE_MEM("%s", "Use clustering");
1201                 pool = &scst_sgv.norm_clust;
1202         }
1203
1204         if (cmd->tgtt->unchecked_isa_dma || ini_unchecked_isa_dma) {
1205                 TRACE_MEM("%s", "Use ISA DMA memory");
1206                 gfp_mask |= GFP_DMA;
1207                 pool = &scst_sgv.dma;
1208         } else {
1209 #ifdef SCST_HIGHMEM
1210                 gfp_mask |= __GFP_HIGHMEM;
1211                 pool = &scst_sgv.highmem;
1212 #endif
1213         }
1214
1215         sgv = sgv_pool_alloc(pool, cmd->bufflen, gfp_mask, &cmd->sg_cnt);
1216         if (sgv == NULL)
1217                 goto out;
1218
1219         if (unlikely(cmd->sg_cnt > ini_sg)) {
1220                 static int ll;
1221                 if (ll < 10) {
1222                         PRINT_INFO("Unable to complete command due to "
1223                                 "underlying device SG IO count limitation "
1224                                 "(requested %d, available %d)", cmd->sg_cnt,
1225                                 ini_sg);
1226                         ll++;
1227                 }
1228                 goto out_sgv_free;
1229         }
1230
1231         if (unlikely(cmd->sg_cnt > tgt_sg)) {
1232                 static int ll;
1233                 if (ll < 10) {
1234                         PRINT_INFO("Unable to complete command due to "
1235                                 "target device %s SG IO count limitation "
1236                                 "(requested %d, available %d)", cmd->tgtt->name,
1237                                 cmd->sg_cnt, tgt_sg);
1238                         ll++;
1239                 }
1240                 goto out_sgv_free;
1241         }
1242
1243         cmd->sgv = sgv;
1244         cmd->sg = sgv_pool_sg(sgv);
1245         
1246         res = 0;
1247
1248 out:
1249         TRACE_EXIT();
1250         return res;
1251
1252 out_sgv_free:
1253         sgv_pool_free(sgv);
1254         cmd->sg_cnt = 0;
1255         goto out;
1256 }
1257
1258 void scst_release_space(struct scst_cmd *cmd)
1259 {
1260         TRACE_ENTRY();
1261
1262         if (cmd->data_buf_alloced) {
1263                 TRACE_MEM("%s", "data_buf_alloced set, returning");
1264                 goto out;
1265         }
1266
1267         if (cmd->sgv) {
1268                 scst_check_restore_sg_buff(cmd);
1269                 sgv_pool_free(cmd->sgv);
1270         }
1271
1272         cmd->sgv = NULL;
1273         cmd->sg_cnt = 0;
1274         cmd->sg = NULL;
1275         cmd->bufflen = 0;
1276         cmd->data_len = 0;
1277
1278 out:
1279         TRACE_EXIT();
1280         return;
1281 }
1282
1283 int __scst_get_buf(struct scst_cmd *cmd, uint8_t **buf)
1284 {
1285         int res = 0;
1286         struct scatterlist *sg = cmd->sg;
1287         int i = cmd->get_sg_buf_entry_num;
1288         
1289         TRACE_ENTRY();
1290         
1291         *buf = NULL;
1292         
1293         if (i >= cmd->sg_cnt)
1294                 goto out;
1295 #ifdef SCST_HIGHMEM
1296         /* 
1297          * HIGHMEM pages not merged (clustered), so if it's 
1298          * not HIGHMEM page, kmap() is the same as page_address()
1299          */
1300         if (scst_cmd_atomic(cmd)) {
1301                 enum km_type km;
1302                 if (in_softirq())
1303                         km = KM_SOFTIRQ0;
1304                 else
1305                         km = KM_USER0;
1306                 *buf = kmap_atomic(sg[i].page, km);
1307         } else
1308                 *buf = kmap(sg[i].page);
1309 #else
1310         *buf = page_address(sg[i].page);
1311 #endif
1312         res = sg[i].length;
1313         cmd->get_sg_buf_entry_num++;
1314         
1315 out:
1316         TRACE_EXIT_RES(res);
1317         return res;
1318 }
1319
1320 static const int SCST_CDB_LENGTH[8] = { 6, 10, 10, -1, 16, 12, -1, -1 };
1321
1322 #define SCST_CDB_GROUP(opcode)   ((opcode >> 5) & 0x7)
1323 #define SCST_GET_CDB_LEN(opcode) SCST_CDB_LENGTH[SCST_CDB_GROUP(opcode)]
1324
1325 int scst_get_cdb_len(const uint8_t *cdb)
1326 {
1327         return SCST_GET_CDB_LEN(cdb[0]);
1328 }
1329
1330 int scst_get_cdb_info(const uint8_t *cdb_p, int dev_type,
1331                       struct scst_info_cdb *info_p)
1332 {
1333         int i, res = 0;
1334         uint8_t op;
1335         const struct scst_sdbops *ptr = NULL;
1336
1337         TRACE_ENTRY();
1338
1339         memset(info_p, 0, sizeof(*info_p));
1340         info_p->direction = SCST_DATA_NONE;
1341         info_p->op_name = "NOOP";
1342         op = *cdb_p;    /* get clear opcode */
1343
1344         TRACE(TRACE_SCSI, "opcode=%02x, cdblen=%d bytes, tblsize=%zd, "
1345                 "dev_type=%d", op, SCST_GET_CDB_LEN(op), SCST_CDB_TBL_SIZE,
1346                 dev_type);
1347
1348         i = scst_scsi_op_list[op];
1349         while (i < SCST_CDB_TBL_SIZE && scst_scsi_op_table[i].ops == op) {
1350                 if (scst_scsi_op_table[i].devkey[dev_type] != SCST_CDB_NOTSUPP) {
1351                         ptr = &scst_scsi_op_table[i];
1352 #if 0
1353                         TRACE(TRACE_SCSI, "op = 0x%02x+'%c%c%c%c%c%c%c%c%c%c'+<%s>", 
1354                               ptr->ops, ptr->devkey[0], /* disk     */
1355                               ptr->devkey[1],   /* tape     */
1356                               ptr->devkey[2],   /* printer */
1357                               ptr->devkey[3],   /* cpu      */
1358                               ptr->devkey[4],   /* cdr      */
1359                               ptr->devkey[5],   /* cdrom    */
1360                               ptr->devkey[6],   /* scanner */
1361                               ptr->devkey[7],   /* worm     */
1362                               ptr->devkey[8],   /* changer */
1363                               ptr->devkey[9],   /* commdev */
1364                               ptr->op_name);
1365
1366                         TRACE(TRACE_SCSI,
1367                               "direction=%d size_field_len=%d fixed=%d flag1=%d flag2=%d",
1368                               ptr->direction,
1369                               ptr->size_field_len,
1370                               ptr->fixed, ptr->flag1, ptr->flag2);
1371 #endif
1372                         break;
1373                 }
1374                 i++;
1375         }
1376
1377         if (ptr == NULL) {
1378                 /* opcode not found or now not used !!! */
1379                 TRACE(TRACE_SCSI, "Unknown opcode 0x%x for type %d", op,
1380                       dev_type);
1381                 res = -1;
1382                 goto out;
1383         }
1384
1385         info_p->cdb_len = SCST_GET_CDB_LEN(op);
1386         info_p->op_name = ptr->op_name;
1387         /* 1. direction */
1388         info_p->direction = ptr->direction;
1389         if (info_p->direction == SCST_DATA_NONE)
1390                 goto out;
1391
1392         /* 2. flags */
1393         info_p->flags = ptr->fixed;
1394
1395         /*
1396          * CDB length needed, because we must know offsets:
1397          * 1) for  6-bytes CDB len = 1 byte or 3 bytes(if real transfer exist)
1398          * 2) for 10-bytes CDB len = 1 byte or 2 bytes(0x24,0x25 = 3)
1399          * 3) for 12-bytes CDB len = 1 byte or 4 bytes
1400          */
1401
1402         /* 3. transfer_len */
1403         if (SCST_GET_CDB_LEN(op) == 6) {
1404                 if (ptr->size_field_len == 3) {
1405                         /* length = 3 bytes */
1406                         info_p->transfer_len = (((*(cdb_p + 2)) & 0xff) << 16) +
1407                             (((*(cdb_p + 3)) & 0xff) << 8) +
1408                             ((*(cdb_p + 4)) & 0xff);
1409                         info_p->transfer_len &= 0xffffff;
1410                 } else if (ptr->size_field_len == 1) {
1411                         /* 
1412                          * Warning!!! CDB 'READ BLOCK LIMITS'
1413                          * always returns 6-byte block with limits
1414                          * info_p->transfer_len = (int)(*(cdb_p + 4));
1415                          */
1416                         info_p->transfer_len = ((op == READ_BLOCK_LIMITS) ?
1417                                                 SCST_BLOCK_LIMIT_LEN : 
1418                                                 *(cdb_p + 4)) & 0xff;
1419                 }
1420         } else if (SCST_GET_CDB_LEN(op) == 10) {
1421                 if (ptr->size_field_len == 3)
1422                         /* 
1423                          * SET window usees 3 bytes length SET/GET WINDOW
1424                          * if ((uint8_t)ptr->ops == 0x24 || 0x25)
1425                          */
1426                 {
1427                         info_p->transfer_len = (((*(cdb_p + 6)) & 0xff) << 16) +
1428                             (((*(cdb_p + 7)) & 0xff) << 8) +
1429                             ((*(cdb_p + 8)) & 0xff);
1430                         info_p->transfer_len &= 0xffffff;
1431                 } else if (ptr->size_field_len == 2) {
1432                         info_p->transfer_len = (((*(cdb_p + 7)) & 0xff) << 8) +
1433                             ((*(cdb_p + 8)) & 0xff);
1434                         info_p->transfer_len &= 0xffff;
1435                 } else if (ptr->size_field_len == 1) {
1436                         info_p->transfer_len = (*(cdb_p + 8));
1437
1438                         /* opcode = READ-WRITE UPDATED BLOCK */
1439                         if ((ptr->ops == 0x5d) ||
1440                             (ptr->ops == UPDATE_BLOCK) ||
1441                             (ptr->ops == WRITE_SAME)) {
1442                                 /* the opcode always returns 1 block */
1443                                 info_p->flags |= SCST_TRANSFER_LEN_TYPE_FIXED;
1444                                 info_p->transfer_len = 1;
1445                         }
1446
1447                         if ((ptr->ops == COMPARE) || (ptr->ops == COPY_VERIFY)) {
1448                                 /* ese other place in CDB [3,4],5 */
1449                                 info_p->transfer_len = (*(cdb_p + 5));
1450                         }
1451
1452                         info_p->transfer_len &= 0xff;
1453                 }
1454         } else if (SCST_GET_CDB_LEN(op) == 12) {
1455                 if (ptr->size_field_len == 4) {
1456                         info_p->transfer_len = (((*(cdb_p + 6)) & 0xff) << 24) +
1457                             (((*(cdb_p + 7)) & 0xff) << 16) +
1458                             (((*(cdb_p + 8)) & 0xff) << 8) +
1459                             ((*(cdb_p + 9)) & 0xff);
1460                         info_p->transfer_len &= 0xffffffff;
1461                 } else if (ptr->size_field_len == 3) {
1462                         info_p->transfer_len = (((*(cdb_p + 7)) & 0xff) << 16) +
1463                             (((*(cdb_p + 8)) & 0xff) << 8) +
1464                             ((*(cdb_p + 9)) & 0xff);
1465                         info_p->transfer_len &= 0xffffff;
1466                 } else if (ptr->size_field_len == 2) {
1467                         info_p->transfer_len = (((*(cdb_p + 8)) & 0xff) << 8) +
1468                             ((*(cdb_p + 9)) & 0xff);
1469                         info_p->transfer_len &= 0xffff;
1470                 } else {
1471                         if (ptr->size_field_len == 1) {
1472                                 info_p->transfer_len = (*(cdb_p + 9));
1473                                 info_p->transfer_len &= 0xff;
1474                         }
1475                 }
1476         } else if (SCST_GET_CDB_LEN(op) == 16) {
1477                 if (ptr->size_field_len == 4) {
1478                         info_p->transfer_len =
1479                             (((*(cdb_p + 10)) & 0xff) << 24) +
1480                             (((*(cdb_p + 11)) & 0xff) << 16) +
1481                             (((*(cdb_p + 12)) & 0xff) << 8) +
1482                             ((*(cdb_p + 13)) & 0xff);
1483                 }
1484         }
1485         if (!info_p->transfer_len) {
1486                 TRACE(TRACE_SCSI,
1487                       "Warning! transfer_len 0, direction %d change on " "%d",
1488                       info_p->direction, SCST_DATA_NONE);
1489                 info_p->direction = SCST_DATA_NONE;
1490         }
1491
1492 out:
1493         TRACE_EXIT();
1494         return res;
1495 }
1496
1497 void scst_scsi_op_list_init(void)
1498 {
1499         int i;
1500         uint8_t op = 0xff;
1501
1502         TRACE_ENTRY();
1503
1504         for (i = 0; i < 256; i++)
1505                 scst_scsi_op_list[i] = SCST_CDB_TBL_SIZE;
1506
1507         for (i = 0; i < SCST_CDB_TBL_SIZE; i++) {
1508                 if (scst_scsi_op_table[i].ops != op) {
1509                         op = scst_scsi_op_table[i].ops;
1510                         scst_scsi_op_list[op] = i;
1511                 }
1512         }
1513
1514         TRACE_EXIT();
1515         return;
1516 }
1517
1518 /*
1519  * Routine to extract a lun number from an 8-byte LUN structure
1520  * in network byte order (BE).
1521  * (see SAM-2, Section 4.12.3 page 40)
1522  * Supports 2 types of lun unpacking: peripheral and logical unit.
1523  */
1524 lun_t scst_unpack_lun(const uint8_t *lun, int len)
1525 {
1526         lun_t res = (lun_t)-1;
1527         int address_method;
1528
1529         TRACE_ENTRY();
1530
1531         TRACE_BUFF_FLAG(TRACE_DEBUG, "Raw LUN", lun, len);
1532
1533         if (len < 2) {
1534                 PRINT_ERROR_PR("Illegal lun length %d, expected 2 bytes or "
1535                         "more", len);
1536                 goto out;
1537         }
1538
1539         if (len > 2) {
1540                 switch(len) {
1541                 case 8:
1542                 {
1543                         if ((*((uint64_t*)lun) & 
1544                           __constant_cpu_to_be64(0x0000FFFFFFFFFFFFLL)) != 0)
1545                                 goto out_err;
1546                         break;
1547                 }
1548                 case 4:
1549                         if (*((uint16_t*)&lun[2]) != 0)
1550                                 goto out_err;
1551                         break;
1552                 case 6:
1553                         if (*((uint32_t*)&lun[2]) != 0)
1554                                 goto out_err;
1555                         break;
1556                 default:
1557                         goto out_err;
1558                 }
1559         }
1560
1561         address_method = (*lun) >> 6;   /* high 2 bits of byte 0 */
1562         switch (address_method) {
1563         case 0: /* peripheral device addressing method */
1564                 if (*lun) {
1565                         PRINT_ERROR_PR("Illegal BUS INDENTIFIER in LUN "
1566                              "peripheral device addressing method 0x%02x, "
1567                              "expected 0", *lun);
1568                         break;
1569                 }
1570                 res = *(lun + 1);
1571                 break;
1572
1573         case 1: /* flat space addressing method */
1574                 res = *(lun + 1) | (((*lun) & 0x3f) << 8);
1575                 break;
1576
1577         case 2: /* logical unit addressing method */
1578                 if (*lun & 0x3f) {
1579                         PRINT_ERROR_PR("Illegal BUS NUMBER in LUN logical unit "
1580                                     "addressing method 0x%02x, expected 0",
1581                                     *lun & 0x3f);
1582                         break;
1583                 }
1584                 if (*(lun + 1) & 0xe0) {
1585                         PRINT_ERROR_PR("Illegal TARGET in LUN logical unit "
1586                                     "addressing method 0x%02x, expected 0",
1587                                     (*(lun + 1) & 0xf8) >> 5);
1588                         break;
1589                 }
1590                 res = *(lun + 1) & 0x1f;
1591                 break;
1592
1593         case 3: /* extended logical unit addressing method */
1594         default:
1595                 PRINT_ERROR_PR("Unimplemented LUN addressing method %u",
1596                             address_method);
1597                 break;
1598         }
1599
1600 out:
1601         TRACE_EXIT_RES((int)res);
1602         return res;
1603
1604 out_err:
1605         PRINT_ERROR_PR("%s", "Multi-level LUN unimplemented");
1606         goto out;
1607 }
1608
1609 /* Called under dev_lock and BH off */
1610 void scst_process_reset(struct scst_device *dev,
1611         struct scst_session *originator, struct scst_cmd *exclude_cmd,
1612         struct scst_mgmt_cmd *mcmd)
1613 {
1614         struct scst_tgt_dev *tgt_dev;
1615         struct scst_cmd *cmd, *tcmd;
1616         int wake = 0;
1617
1618         TRACE_ENTRY();
1619
1620         /* Clear RESERVE'ation, if necessary */
1621         if (dev->dev_reserved) {
1622                 list_for_each_entry(tgt_dev, &dev->dev_tgt_dev_list,
1623                                     dev_tgt_dev_list_entry) 
1624                 {
1625                         TRACE(TRACE_MGMT, "Clearing RESERVE'ation for tgt_dev "
1626                                 "lun %d", tgt_dev->acg_dev->lun);
1627                         clear_bit(SCST_TGT_DEV_RESERVED,
1628                                   &tgt_dev->tgt_dev_flags);
1629                 }
1630                 dev->dev_reserved = 0;
1631                 /*
1632                  * There is no need to send RELEASE, since the device is going
1633                  * to be resetted
1634                  */
1635         }
1636
1637         dev->dev_double_ua_possible = 1;
1638         dev->dev_serialized = 1;
1639
1640         /* BH already off */
1641         spin_lock(&scst_temp_UA_lock);
1642         scst_set_sense(scst_temp_UA, sizeof(scst_temp_UA),
1643                 SCST_LOAD_SENSE(scst_sense_reset_UA));
1644         __scst_process_UA(dev, exclude_cmd, scst_temp_UA, sizeof(scst_temp_UA),
1645                 1);
1646         spin_unlock(&scst_temp_UA_lock);
1647
1648         list_for_each_entry(tgt_dev, &dev->dev_tgt_dev_list, 
1649                 dev_tgt_dev_list_entry) 
1650         {
1651                 struct scst_session *sess = tgt_dev->sess;
1652
1653                 spin_lock_irq(&scst_list_lock);
1654
1655                 TRACE_DBG("Searching in search cmd list (sess=%p)", sess);
1656                 list_for_each_entry(cmd, &sess->search_cmd_list, 
1657                                 search_cmd_list_entry) {
1658                         if (cmd == exclude_cmd)
1659                                 continue;
1660                         if ((cmd->tgt_dev == tgt_dev) ||
1661                             ((cmd->tgt_dev == NULL) && 
1662                              (cmd->lun == tgt_dev->acg_dev->lun))) {
1663                                 scst_abort_cmd(cmd, mcmd, 
1664                                         (tgt_dev->sess != originator), 0);
1665                         }
1666                 }
1667                 spin_unlock_irq(&scst_list_lock);
1668         }
1669
1670         list_for_each_entry_safe(cmd, tcmd, &dev->blocked_cmd_list,
1671                                 blocked_cmd_list_entry) {
1672                 if (test_bit(SCST_CMD_ABORTED, &cmd->cmd_flags)) {
1673                         list_del(&cmd->blocked_cmd_list_entry);
1674                         TRACE_MGMT_DBG("Moving aborted blocked cmd %p "
1675                                 "to active cmd list", cmd);
1676                         spin_lock_irq(&scst_list_lock);
1677                         list_move_tail(&cmd->cmd_list_entry,
1678                                 &scst_active_cmd_list);
1679                         spin_unlock_irq(&scst_list_lock);
1680                         wake = 1;
1681                 }
1682         }
1683
1684         if (wake)
1685                 wake_up(&scst_list_waitQ);
1686
1687         TRACE_EXIT();
1688         return;
1689 }
1690
1691 int scst_set_pending_UA(struct scst_cmd *cmd)
1692 {
1693         int res = 0;
1694         struct scst_tgt_dev_UA *UA_entry;
1695
1696         TRACE_ENTRY();
1697
1698         TRACE(TRACE_MGMT, "Setting pending UA cmd %p", cmd);
1699
1700         spin_lock_bh(&cmd->tgt_dev->tgt_dev_lock);
1701
1702         /* UA list could be cleared behind us, so retest */
1703         if (list_empty(&cmd->tgt_dev->UA_list)) {
1704                 TRACE_DBG("%s",
1705                       "SCST_TGT_DEV_UA_PENDING set, but UA_list empty");
1706                 res = -1;
1707                 goto out_unlock;
1708         }
1709
1710         UA_entry = list_entry(cmd->tgt_dev->UA_list.next, typeof(*UA_entry),
1711                               UA_list_entry);
1712
1713         TRACE_DBG("next %p UA_entry %p",
1714               cmd->tgt_dev->UA_list.next, UA_entry);
1715
1716         scst_set_cmd_error_sense(cmd, UA_entry->UA_sense_buffer,
1717                 sizeof(UA_entry->UA_sense_buffer));
1718
1719         cmd->ua_ignore = 1;
1720
1721         list_del(&UA_entry->UA_list_entry);
1722
1723
1724         TRACE_MEM("mempool_free for UA_entry: %p", UA_entry);
1725         mempool_free(UA_entry, scst_ua_mempool);
1726
1727         if (list_empty(&cmd->tgt_dev->UA_list)) {
1728                 clear_bit(SCST_TGT_DEV_UA_PENDING,
1729                           &cmd->tgt_dev->tgt_dev_flags);
1730         }
1731
1732         spin_unlock_bh(&cmd->tgt_dev->tgt_dev_lock);
1733
1734 out:
1735         TRACE_EXIT_RES(res);
1736         return res;
1737
1738 out_unlock:
1739         spin_unlock_bh(&cmd->tgt_dev->tgt_dev_lock);
1740         goto out;
1741 }
1742
1743 /* Called under dev_lock, tgt_dev_lock and BH off */
1744 void scst_alloc_set_UA(struct scst_tgt_dev *tgt_dev,
1745         const uint8_t *sense, int sense_len)
1746 {
1747         struct scst_tgt_dev_UA *UA_entry = NULL;
1748
1749         TRACE_ENTRY();
1750
1751         UA_entry = mempool_alloc(scst_ua_mempool, GFP_ATOMIC);
1752         TRACE_MEM("mempool_alloc(GFP_ATOMIC) for UA_entry (%zd): %p",
1753                 sizeof(*UA_entry), UA_entry);
1754         if (UA_entry == NULL) {
1755                 PRINT_ERROR_PR("%s", "UNIT ATTENTION memory "
1756                      "allocation failed. The UNIT ATTENTION "
1757                      "on some sessions will be missed");
1758                 goto out;
1759         }
1760         memset(UA_entry, 0, sizeof(*UA_entry));
1761
1762         if (sense_len > sizeof(UA_entry->UA_sense_buffer))
1763                 sense_len = sizeof(UA_entry->UA_sense_buffer);
1764         memcpy(UA_entry->UA_sense_buffer, sense, sense_len);
1765         set_bit(SCST_TGT_DEV_UA_PENDING, &tgt_dev->tgt_dev_flags);
1766         smp_mb__after_set_bit();
1767         list_add_tail(&UA_entry->UA_list_entry, &tgt_dev->UA_list);
1768
1769 out:
1770         TRACE_EXIT();
1771         return;
1772 }
1773
1774 /* Called under dev_lock and BH off */
1775 void scst_check_set_UA(struct scst_tgt_dev *tgt_dev,
1776         const uint8_t *sense, int sense_len)
1777 {
1778         int skip_UA = 0;
1779         struct scst_tgt_dev_UA *UA_entry_tmp;
1780
1781         TRACE_ENTRY();
1782
1783         spin_lock(&tgt_dev->tgt_dev_lock);
1784
1785         list_for_each_entry(UA_entry_tmp, &tgt_dev->UA_list,
1786                             UA_list_entry) 
1787         {
1788                 if (sense[12] == UA_entry_tmp->UA_sense_buffer[12]) {
1789                         skip_UA = 1;
1790                         break;
1791                 }
1792         }
1793
1794         if (skip_UA == 0)
1795                 scst_alloc_set_UA(tgt_dev, sense, sense_len);
1796
1797         spin_unlock(&tgt_dev->tgt_dev_lock);
1798
1799         TRACE_EXIT();
1800         return;
1801 }
1802
1803 /* Called under dev_lock and BH off */
1804 void __scst_process_UA(struct scst_device *dev,
1805         struct scst_cmd *exclude, const uint8_t *sense, int sense_len,
1806         int internal)
1807 {
1808         struct scst_tgt_dev *tgt_dev, *exclude_tgt_dev = NULL;
1809
1810         TRACE_ENTRY();
1811
1812         TRACE(TRACE_MGMT, "Processing UA dev %p", dev);
1813
1814         if (exclude != NULL)
1815                 exclude_tgt_dev = exclude->tgt_dev;
1816
1817         /* Check for reset UA */
1818         if (!internal && (sense[12] == SCST_SENSE_ASC_UA_RESET)) {
1819                 scst_process_reset(dev, (exclude != NULL) ? exclude->sess : NULL,
1820                         exclude, NULL);
1821         }
1822
1823         list_for_each_entry(tgt_dev, &dev->dev_tgt_dev_list, 
1824                                 dev_tgt_dev_list_entry) {
1825                 if (tgt_dev != exclude_tgt_dev)
1826                         scst_check_set_UA(tgt_dev, sense, sense_len);
1827         }
1828
1829         TRACE_EXIT();
1830         return;
1831 }
1832
1833 /* Called under tgt_dev_lock or when tgt_dev is unused */
1834 void scst_free_all_UA(struct scst_tgt_dev *tgt_dev)
1835 {
1836         struct scst_tgt_dev_UA *UA_entry, *t;
1837
1838         TRACE_ENTRY();
1839
1840         list_for_each_entry_safe(UA_entry, t, &tgt_dev->UA_list, UA_list_entry) {
1841                 TRACE_MGMT_DBG("Clearing UA for tgt_dev lun %d", 
1842                         tgt_dev->acg_dev->lun);
1843                 list_del(&UA_entry->UA_list_entry);
1844                 TRACE_MEM("kfree for UA_entry: %p", UA_entry);
1845                 kfree(UA_entry);
1846         }
1847         INIT_LIST_HEAD(&tgt_dev->UA_list);
1848         clear_bit(SCST_TGT_DEV_UA_PENDING, &tgt_dev->tgt_dev_flags);
1849
1850         TRACE_EXIT();
1851         return;
1852 }
1853
1854 struct scst_cmd *__scst_check_deferred_commands(struct scst_tgt_dev *tgt_dev,
1855         int expected_sn)
1856 {
1857         struct scst_cmd *cmd = NULL, *tcmd;
1858
1859         if (tgt_dev->def_cmd_count == 0)
1860                 goto out;
1861
1862         spin_lock_bh(&tgt_dev->sn_lock);
1863
1864 restart:
1865         list_for_each_entry(tcmd, &tgt_dev->deferred_cmd_list,
1866                                 sn_cmd_list_entry) {
1867                 if (tcmd->sn == expected_sn) {
1868                         TRACE(TRACE_SCSI_SERIALIZING,
1869                               "Deferred command sn %d found", tcmd->sn);
1870                         tgt_dev->def_cmd_count--;
1871                         list_del(&tcmd->sn_cmd_list_entry);
1872                         cmd = tcmd;
1873                         goto out_unlock;
1874                 }
1875         }
1876
1877         list_for_each_entry(tcmd, &tgt_dev->skipped_sn_list,
1878                                 sn_cmd_list_entry) {
1879                 if (tcmd->sn == expected_sn) {
1880                         /* 
1881                          * !! At this point any pointer in tcmd, except      !!
1882                          * !! sn_cmd_list_entry, could be already destroyed  !!
1883                          */
1884                         TRACE(TRACE_SCSI_SERIALIZING,
1885                               "cmd %p (tag %d) with skipped sn %d found", tcmd,
1886                               tcmd->tag, tcmd->sn);
1887                         tgt_dev->def_cmd_count--;
1888                         list_del(&tcmd->sn_cmd_list_entry);
1889                         if (test_bit(SCST_CMD_CAN_BE_DESTROYED, 
1890                                         &tcmd->cmd_flags)) {
1891                                 scst_destroy_put_cmd(tcmd);
1892                         } else {
1893                                 smp_mb__before_clear_bit();
1894                                 clear_bit(SCST_CMD_OUT_OF_SN, &tcmd->cmd_flags);
1895                         }
1896                         expected_sn = __scst_inc_expected_sn(tgt_dev);
1897                         goto restart;
1898                 }
1899         }
1900
1901 out_unlock:
1902         spin_unlock_bh(&tgt_dev->sn_lock);
1903
1904 out:
1905         return cmd;
1906 }
1907
1908 /* No locks */
1909 int scst_inc_on_dev_cmd(struct scst_cmd *cmd)
1910 {
1911         int res = 0;
1912         struct scst_device *dev = cmd->dev;
1913
1914         BUG_ON(cmd->blocking);
1915
1916         atomic_inc(&dev->on_dev_count);
1917
1918 #ifdef STRICT_SERIALIZING
1919         spin_lock_bh(&dev->dev_lock);
1920         if (test_bit(SCST_CMD_ABORTED, &cmd->cmd_flags))
1921                 goto out_unlock;
1922         if (dev->block_count > 0) {
1923                 scst_dec_on_dev_cmd(cmd);
1924                 TRACE_MGMT_DBG("Delaying cmd %p due to blocking or serializing"
1925                       "(tag %d, dev %p)", cmd, cmd->tag, dev);
1926                 list_add_tail(&cmd->blocked_cmd_list_entry,
1927                               &dev->blocked_cmd_list);
1928                 res = 1;
1929         } else {
1930                 __scst_block_dev(cmd->dev);
1931                 cmd->blocking = 1;
1932         }
1933         spin_unlock_bh(&dev->dev_lock);
1934         goto out;
1935 #else
1936 repeat:
1937         if (unlikely(dev->block_count > 0)) {
1938                 spin_lock_bh(&dev->dev_lock);
1939                 if (test_bit(SCST_CMD_ABORTED, &cmd->cmd_flags))
1940                         goto out_unlock;
1941                 barrier(); /* to reread block_count */
1942                 if (dev->block_count > 0) {
1943                         scst_dec_on_dev_cmd(cmd);
1944                         TRACE_MGMT_DBG("Delaying cmd %p due to blocking or "
1945                                 "serializing (tag %d, dev %p)", cmd,
1946                                 cmd->tag, dev);
1947                         list_add_tail(&cmd->blocked_cmd_list_entry,
1948                                       &dev->blocked_cmd_list);
1949                         res = 1;
1950                         spin_unlock_bh(&dev->dev_lock);
1951                         goto out;
1952                 } else {
1953                         TRACE_MGMT_DBG("%s", "Somebody unblocked the device, "
1954                                 "continuing");
1955                 }
1956                 spin_unlock_bh(&dev->dev_lock);
1957         }
1958         if (unlikely(cmd->dev->dev_serialized)) {
1959                 spin_lock_bh(&dev->dev_lock);
1960                 barrier(); /* to reread block_count */
1961                 if (cmd->dev->block_count == 0) {
1962                         TRACE_MGMT_DBG("cmd %p (tag %d), blocking further "
1963                                 "cmds due to serializing (dev %p)", cmd,
1964                                 cmd->tag, dev);
1965                         __scst_block_dev(cmd->dev);
1966                         cmd->blocking = 1;
1967                 } else {
1968                         spin_unlock_bh(&dev->dev_lock);
1969                         goto repeat;
1970                 }
1971                 spin_unlock_bh(&dev->dev_lock);
1972         }
1973 #endif
1974
1975 out:
1976         return res;
1977
1978 out_unlock:
1979         spin_unlock_bh(&dev->dev_lock);
1980         goto out;
1981 }
1982
1983 /* Called under dev_lock */
1984 void scst_unblock_cmds(struct scst_device *dev)
1985 {
1986 #ifdef STRICT_SERIALIZING
1987         struct scst_cmd *cmd;
1988         int found = 0;
1989
1990         TRACE_ENTRY();
1991
1992         list_for_each_entry(cmd, &dev->blocked_cmd_list,
1993                                  blocked_cmd_list_entry) {
1994                 /* 
1995                  * Since only one cmd per time is being executed, expected_sn
1996                  * can't change behind us, if the corresponding cmd is in
1997                  * blocked_cmd_list
1998                  */
1999                 if ((cmd->tgt_dev && (cmd->sn == cmd->tgt_dev->expected_sn)) ||
2000                     (unlikely(cmd->internal) || unlikely(cmd->retry))) {
2001                         unsigned long flags;
2002                         list_del(&cmd->blocked_cmd_list_entry);
2003                         TRACE_MGMT_DBG("Moving cmd %p to active cmd list", cmd);
2004                         spin_lock_irqsave(&scst_list_lock, flags);
2005                         list_move(&cmd->cmd_list_entry, &scst_active_cmd_list);
2006                         spin_unlock_irqrestore(&scst_list_lock, flags);
2007                         wake_up(&scst_list_waitQ);
2008                         found = 1;
2009                         break;
2010                 }
2011         }
2012 #ifdef EXTRACHECKS
2013         if (!found && !list_empty(&dev->blocked_cmd_list)) {
2014                 TRACE(TRACE_MINOR, "%s", "No commands unblocked when "
2015                         "blocked cmd list is not empty");
2016         }
2017 #endif
2018 #else /* STRICT_SERIALIZING */
2019         struct scst_cmd *cmd, *tcmd;
2020         unsigned long flags;
2021
2022         TRACE_ENTRY();
2023
2024         spin_lock_irqsave(&scst_list_lock, flags);
2025         list_for_each_entry_safe(cmd, tcmd, &dev->blocked_cmd_list,
2026                                  blocked_cmd_list_entry) {
2027                 list_del(&cmd->blocked_cmd_list_entry);
2028                 TRACE_MGMT_DBG("Moving blocked cmd %p to active cmd list", cmd);
2029                 list_move_tail(&cmd->cmd_list_entry, &scst_active_cmd_list);
2030                 wake_up(&scst_list_waitQ);
2031         }
2032         spin_unlock_irqrestore(&scst_list_lock, flags);
2033 #endif /* STRICT_SERIALIZING */
2034
2035         TRACE_EXIT();
2036         return;
2037 }
2038
2039 /* Called under scst_list_lock and IRQs disabled */
2040 void scst_throttle_cmd(struct scst_cmd *cmd)
2041 {
2042         struct scst_tgt_dev *tgt_dev = cmd->tgt_dev;
2043
2044         TRACE(TRACE_RETRY, "Too many pending commands in session, initiator "
2045                 "\"%s\". Moving cmd %p to thr cmd list", 
2046                 (cmd->sess->initiator_name[0] == '\0') ? "Anonymous" : 
2047                                 cmd->sess->initiator_name, cmd);
2048         list_move_tail(&cmd->cmd_list_entry, &tgt_dev->thr_cmd_list);
2049         set_bit(SCST_CMD_THROTTELED, &cmd->cmd_flags);
2050 }
2051
2052 /* Called under scst_list_lock and IRQs disabled */
2053 void scst_unthrottle_cmd(struct scst_cmd *cmd)
2054 {
2055         TRACE(TRACE_RETRY|TRACE_DEBUG, "Moving cmd %p from "
2056                 "thr cmd list to active cmd list", cmd);
2057         list_move_tail(&cmd->cmd_list_entry, &scst_active_cmd_list);
2058         clear_bit(SCST_CMD_THROTTELED, &cmd->cmd_flags);
2059 }
2060
2061 static struct scst_cmd *scst_inc_expected_sn(
2062         struct scst_tgt_dev *tgt_dev, struct scst_cmd *out_of_sn_cmd)
2063 {
2064         struct scst_cmd *res = NULL;
2065
2066         if (out_of_sn_cmd->sn == tgt_dev->expected_sn) {
2067                 __scst_inc_expected_sn(tgt_dev);
2068         } else {
2069                 spin_lock_bh(&tgt_dev->sn_lock);
2070                 tgt_dev->def_cmd_count++;
2071                 set_bit(SCST_CMD_OUT_OF_SN, &out_of_sn_cmd->cmd_flags);
2072                 list_add_tail(&out_of_sn_cmd->sn_cmd_list_entry,
2073                               &tgt_dev->skipped_sn_list);
2074                 TRACE(TRACE_SCSI_SERIALIZING, "out_of_sn_cmd %p with sn %d "
2075                         "added to skipped_sn_list (expected_sn %d)",
2076                         out_of_sn_cmd, out_of_sn_cmd->sn, tgt_dev->expected_sn);
2077                 spin_unlock_bh(&tgt_dev->sn_lock);
2078                 smp_mb(); /* just in case, we need new value of tgt_dev->expected_sn */
2079         }
2080         res = scst_check_deferred_commands(tgt_dev, tgt_dev->expected_sn);
2081         return res;
2082 }
2083
2084 void scst_inc_expected_sn_unblock(struct scst_tgt_dev *tgt_dev,
2085         struct scst_cmd *cmd_sn, int locked)
2086 {
2087         struct scst_cmd *cmd;
2088
2089         TRACE_ENTRY();
2090
2091         cmd = scst_inc_expected_sn(tgt_dev, cmd_sn);
2092         if (cmd != NULL) {
2093                 unsigned long flags = 0;
2094                 if (!locked)
2095                         spin_lock_irqsave(&scst_list_lock, flags);
2096                 TRACE(TRACE_SCSI_SERIALIZING, "cmd %p with sn %d "
2097                         "moved to active cmd list", cmd, cmd->sn);
2098                 list_move(&cmd->cmd_list_entry, &scst_active_cmd_list);
2099                 if (!locked)
2100                         spin_unlock_irqrestore(&scst_list_lock, flags);
2101                 if (!cmd_sn->processible_env)
2102                         wake_up(&scst_list_waitQ);
2103         }
2104
2105         TRACE_EXIT();
2106         return;
2107 }
2108
2109 #ifdef DEBUG
2110 /* Original taken from the XFS code */
2111 unsigned long scst_random(void)
2112 {
2113         static int Inited;
2114         static unsigned long RandomValue;
2115         static spinlock_t lock = SPIN_LOCK_UNLOCKED;
2116         /* cycles pseudo-randomly through all values between 1 and 2^31 - 2 */
2117         register long rv;
2118         register long lo;
2119         register long hi;
2120         unsigned long flags;
2121
2122         spin_lock_irqsave(&lock, flags);
2123         if (!Inited) {
2124                 RandomValue = jiffies;
2125                 Inited = 1;
2126         }
2127         rv = RandomValue;
2128         hi = rv / 127773;
2129         lo = rv % 127773;
2130         rv = 16807 * lo - 2836 * hi;
2131         if (rv <= 0) rv += 2147483647;
2132         RandomValue = rv;
2133         spin_unlock_irqrestore(&lock, flags);
2134         return rv;
2135 }
2136 #endif
2137
2138 #ifdef DEBUG_TM
2139
2140 #define TM_DBG_STATE_ABORT              0
2141 #define TM_DBG_STATE_RESET              1
2142 #define TM_DBG_STATE_OFFLINE            2
2143
2144 #define INIT_TM_DBG_STATE               TM_DBG_STATE_ABORT
2145
2146 static void tm_dbg_timer_fn(unsigned long arg);
2147
2148 /* All serialized by scst_list_lock */
2149 static int tm_dbg_release;
2150 static int tm_dbg_blocked;
2151 static LIST_HEAD(tm_dbg_delayed_cmd_list);
2152 static int tm_dbg_delayed_cmds_count;
2153 static int tm_dbg_passed_cmds_count;
2154 static int tm_dbg_state;
2155 static int tm_dbg_on_state_passes;
2156 static DEFINE_TIMER(tm_dbg_timer, tm_dbg_timer_fn, 0, 0);
2157
2158 static const int tm_dbg_on_state_num_passes[] = { 10, 1, 0x7ffffff };
2159
2160 void tm_dbg_init_tgt_dev(struct scst_tgt_dev *tgt_dev,
2161         struct scst_acg_dev *acg_dev)
2162 {
2163         if ((acg_dev->acg == scst_default_acg) && (acg_dev->lun == 0)) {
2164                 /* Do TM debugging only for LUN 0 */
2165                 tm_dbg_state = INIT_TM_DBG_STATE;
2166                 tm_dbg_on_state_passes =
2167                         tm_dbg_on_state_num_passes[tm_dbg_state];
2168                 __set_bit(SCST_TGT_DEV_UNDER_TM_DBG, &tgt_dev->tgt_dev_flags);
2169                 PRINT_INFO("LUN 0 connected from initiator %s is under "
2170                         "TM debugging", tgt_dev->sess->tgt->tgtt->name);
2171         }
2172 }
2173
2174 void tm_dbg_deinit_tgt_dev(struct scst_tgt_dev *tgt_dev)
2175 {
2176         if (test_bit(SCST_TGT_DEV_UNDER_TM_DBG, &tgt_dev->tgt_dev_flags))
2177                 del_timer_sync(&tm_dbg_timer);
2178 }
2179
2180 static void tm_dbg_timer_fn(unsigned long arg)
2181 {
2182         TRACE_MGMT_DBG("%s: delayed cmd timer expired", __func__);
2183         tm_dbg_release = 1;
2184         smp_mb();
2185         wake_up_all(&scst_list_waitQ);
2186 }
2187
2188 /* Called under scst_list_lock */
2189 static void tm_dbg_delay_cmd(struct scst_cmd *cmd)
2190 {
2191         switch(tm_dbg_state) {
2192         case TM_DBG_STATE_ABORT:
2193                 if (tm_dbg_delayed_cmds_count == 0) {
2194                         unsigned long d = 58*HZ + (scst_random() % (4*HZ));
2195                         TRACE_MGMT_DBG("%s: delaying timed cmd %p (tag %d) "
2196                                 "for %ld.%ld seconds (%ld HZ)", __func__, cmd, cmd->tag,
2197                                 d/HZ, (d%HZ)*100/HZ, d);
2198                         mod_timer(&tm_dbg_timer, jiffies + d);
2199 #if 0
2200                         tm_dbg_blocked = 1;
2201 #endif
2202                 } else {
2203                         TRACE_MGMT_DBG("%s: delaying another timed cmd %p "
2204                                 "(tag %d), delayed_cmds_count=%d", __func__, cmd,
2205                                 cmd->tag, tm_dbg_delayed_cmds_count);
2206                         if (tm_dbg_delayed_cmds_count == 2)
2207                                 tm_dbg_blocked = 0;
2208                 }
2209                 break;
2210
2211         case TM_DBG_STATE_RESET:
2212         case TM_DBG_STATE_OFFLINE:
2213                 TRACE_MGMT_DBG("%s: delaying cmd %p "
2214                         "(tag %d), delayed_cmds_count=%d", __func__, cmd,
2215                         cmd->tag, tm_dbg_delayed_cmds_count);
2216                 tm_dbg_blocked = 1;
2217                 break;
2218
2219         default:
2220                 BUG();
2221         }
2222         list_move_tail(&cmd->cmd_list_entry, &tm_dbg_delayed_cmd_list);
2223         cmd->tm_dbg_delayed = 1;
2224         tm_dbg_delayed_cmds_count++;
2225         return;
2226 }
2227
2228 /* Called under scst_list_lock */
2229 void tm_dbg_check_released_cmds(void)
2230 {
2231         if (tm_dbg_release) {
2232                 struct scst_cmd *cmd, *tc;
2233                 list_for_each_entry_safe_reverse(cmd, tc, 
2234                                 &tm_dbg_delayed_cmd_list, cmd_list_entry) {
2235                         TRACE_MGMT_DBG("%s: Releasing timed cmd %p "
2236                                 "(tag %d), delayed_cmds_count=%d", __func__,
2237                                 cmd, cmd->tag, tm_dbg_delayed_cmds_count);
2238                         list_move(&cmd->cmd_list_entry, &scst_active_cmd_list);
2239                 }
2240                 tm_dbg_release = 0;
2241         }
2242 }
2243
2244 static void tm_dbg_change_state(void)
2245 {
2246         tm_dbg_blocked = 0;
2247         if (--tm_dbg_on_state_passes == 0) {
2248                 switch(tm_dbg_state) {
2249                 case TM_DBG_STATE_ABORT:
2250                         TRACE_MGMT_DBG("%s", "Changing "
2251                             "tm_dbg_state to RESET");
2252                         tm_dbg_state =
2253                                 TM_DBG_STATE_RESET;
2254                         tm_dbg_blocked = 0;
2255                         break;
2256                 case TM_DBG_STATE_RESET:
2257                 case TM_DBG_STATE_OFFLINE:
2258                         if (TM_DBG_GO_OFFLINE) {
2259                             TRACE_MGMT_DBG("%s", "Changing "
2260                                     "tm_dbg_state to OFFLINE");
2261                             tm_dbg_state =
2262                                 TM_DBG_STATE_OFFLINE;
2263                         } else {
2264                             TRACE_MGMT_DBG("%s", "Changing "
2265                                     "tm_dbg_state to ABORT");
2266                             tm_dbg_state =
2267                                 TM_DBG_STATE_ABORT;
2268                         }
2269                         break;
2270                 default:
2271                         BUG();
2272                 }
2273                 tm_dbg_on_state_passes =
2274                     tm_dbg_on_state_num_passes[tm_dbg_state];
2275         }
2276                 
2277         TRACE_MGMT_DBG("%s", "Deleting timer");
2278         del_timer(&tm_dbg_timer);
2279 }
2280
2281 /* Called under scst_list_lock */
2282 int tm_dbg_check_cmd(struct scst_cmd *cmd)
2283 {
2284         int res = 0;
2285
2286         if (cmd->tm_dbg_immut)
2287                 goto out;
2288
2289         if (cmd->tm_dbg_delayed) {
2290                 TRACE_MGMT_DBG("Processing delayed cmd %p (tag %d), "
2291                         "delayed_cmds_count=%d", cmd, cmd->tag,
2292                         tm_dbg_delayed_cmds_count);
2293
2294                 cmd->tm_dbg_immut = 1;
2295                 tm_dbg_delayed_cmds_count--;
2296                 if ((tm_dbg_delayed_cmds_count == 0) &&
2297                     (tm_dbg_state == TM_DBG_STATE_ABORT))
2298                         tm_dbg_change_state();
2299
2300         } else if (cmd->tgt_dev && test_bit(SCST_TGT_DEV_UNDER_TM_DBG,
2301                                         &cmd->tgt_dev->tgt_dev_flags)) {
2302                 /* Delay 50th command */
2303                 if (tm_dbg_blocked || (++tm_dbg_passed_cmds_count % 50) == 0) {
2304                         tm_dbg_delay_cmd(cmd);
2305                         res = 1;
2306                 } else
2307                         cmd->tm_dbg_immut = 1;
2308         }
2309
2310 out:
2311         return res;
2312 }
2313
2314 /* Called under scst_list_lock */
2315 void tm_dbg_release_cmd(struct scst_cmd *cmd)
2316 {
2317         struct scst_cmd *c;
2318         list_for_each_entry(c, &tm_dbg_delayed_cmd_list,
2319                                 cmd_list_entry) {
2320                 if (c == cmd) {
2321                         TRACE_MGMT_DBG("Abort request for "
2322                                 "delayed cmd %p (tag=%d), moving it to "
2323                                 "active cmd list (delayed_cmds_count=%d)",
2324                                 c, c->tag, tm_dbg_delayed_cmds_count);
2325                         list_move(&c->cmd_list_entry, &scst_active_cmd_list);
2326                         wake_up_all(&scst_list_waitQ);
2327                         break;
2328                 }
2329         }
2330 }
2331
2332 /* Called under scst_list_lock */
2333 void tm_dbg_task_mgmt(const char *fn)
2334 {
2335         if (tm_dbg_state != TM_DBG_STATE_OFFLINE) {
2336                 TRACE_MGMT_DBG("%s: freeing %d delayed cmds", fn,
2337                         tm_dbg_delayed_cmds_count);
2338                 tm_dbg_change_state();
2339                 tm_dbg_release = 1;
2340                 smp_mb();
2341                 wake_up_all(&scst_list_waitQ);
2342         } else {
2343                 TRACE_MGMT_DBG("%s: while OFFLINE state, doing nothing", fn);
2344         }
2345 }
2346
2347 int tm_dbg_is_release(void)
2348 {
2349         return tm_dbg_release;
2350 }
2351 #endif /* DEBUG_TM */