aboutsummaryrefslogtreecommitdiffstats
path: root/drivers/scsi/isci/task.c
diff options
context:
space:
mode:
authorLinus Torvalds <torvalds@linux-foundation.org>2011-11-05 18:32:53 -0400
committerLinus Torvalds <torvalds@linux-foundation.org>2011-11-05 18:32:53 -0400
commitcd3f07d1e6e59fade92a8edaff9315cc534199cf (patch)
treea2f30bccdfad1826a81c098c6766c2a4345fc171 /drivers/scsi/isci/task.c
parentdc822e57ee05856291a8c9324d2309076ee5f5e2 (diff)
parentf7c9c6bb14f3104608a3a83cadea10a6943d2804 (diff)
Merge git://git.kernel.org/pub/scm/linux/kernel/git/jejb/scsi-misc-2.6
* git://git.kernel.org/pub/scm/linux/kernel/git/jejb/scsi-misc-2.6: (45 commits) [SCSI] Fix block queue and elevator memory leak in scsi_alloc_sdev [SCSI] scsi_dh_alua: Fix the time inteval for alua rtpg commands [SCSI] scsi_transport_iscsi: Fix documentation os parameter [SCSI] mv_sas: OCZ RevoDrive3 & zDrive R4 support [SCSI] libfc: improve flogi retries to avoid lport stuck [SCSI] libfc: avoid exchanges collision during lport reset [SCSI] libfc: fix checking FC_TYPE_BLS [SCSI] edd: Treat "XPRS" host bus type the same as "PCI" [SCSI] isci: overriding max_concurr_spinup oem parameter by max(oem, user) [SCSI] isci: revert bcn filtering [SCSI] isci: Fix hard reset timeout conditions. [SCSI] isci: No need to manage the pending reset bit on pending requests. [SCSI] isci: Remove redundant isci_request.ttype field. [SCSI] isci: Fix task management for SMP, SATA and on dev remove. [SCSI] isci: No task_done callbacks in error handler paths. [SCSI] isci: Handle task request timeouts correctly. [SCSI] isci: Fix tag leak in tasks and terminated requests. [SCSI] isci: Immediately fail I/O to removed devices. [SCSI] isci: Lookup device references through requests in completions. [SCSI] ipr: add definitions for additional adapter ...
Diffstat (limited to 'drivers/scsi/isci/task.c')
-rw-r--r--drivers/scsi/isci/task.c698
1 files changed, 233 insertions, 465 deletions
diff --git a/drivers/scsi/isci/task.c b/drivers/scsi/isci/task.c
index e2d9418683ce..66ad3dc89498 100644
--- a/drivers/scsi/isci/task.c
+++ b/drivers/scsi/isci/task.c
@@ -212,16 +212,27 @@ int isci_task_execute_task(struct sas_task *task, int num, gfp_t gfp_flags)
212 task->task_state_flags &= ~SAS_TASK_AT_INITIATOR; 212 task->task_state_flags &= ~SAS_TASK_AT_INITIATOR;
213 spin_unlock_irqrestore(&task->task_state_lock, flags); 213 spin_unlock_irqrestore(&task->task_state_lock, flags);
214 214
215 /* Indicate QUEUE_FULL so that the scsi 215 if (test_bit(IDEV_GONE, &idev->flags)) {
216 * midlayer retries. if the request 216
217 * failed for remote device reasons, 217 /* Indicate that the device
218 * it gets returned as 218 * is gone.
219 * SAS_TASK_UNDELIVERED next time 219 */
220 * through. 220 isci_task_refuse(ihost, task,
221 */ 221 SAS_TASK_UNDELIVERED,
222 isci_task_refuse(ihost, task, 222 SAS_DEVICE_UNKNOWN);
223 SAS_TASK_COMPLETE, 223 } else {
224 SAS_QUEUE_FULL); 224 /* Indicate QUEUE_FULL so that
225 * the scsi midlayer retries.
226 * If the request failed for
227 * remote device reasons, it
228 * gets returned as
229 * SAS_TASK_UNDELIVERED next
230 * time through.
231 */
232 isci_task_refuse(ihost, task,
233 SAS_TASK_COMPLETE,
234 SAS_QUEUE_FULL);
235 }
225 } 236 }
226 } 237 }
227 } 238 }
@@ -243,7 +254,7 @@ static enum sci_status isci_sata_management_task_request_build(struct isci_reque
243 struct isci_tmf *isci_tmf; 254 struct isci_tmf *isci_tmf;
244 enum sci_status status; 255 enum sci_status status;
245 256
246 if (tmf_task != ireq->ttype) 257 if (!test_bit(IREQ_TMF, &ireq->flags))
247 return SCI_FAILURE; 258 return SCI_FAILURE;
248 259
249 isci_tmf = isci_request_access_tmf(ireq); 260 isci_tmf = isci_request_access_tmf(ireq);
@@ -327,6 +338,60 @@ static struct isci_request *isci_task_request_build(struct isci_host *ihost,
327 return ireq; 338 return ireq;
328} 339}
329 340
341/**
342* isci_request_mark_zombie() - This function must be called with scic_lock held.
343*/
344static void isci_request_mark_zombie(struct isci_host *ihost, struct isci_request *ireq)
345{
346 struct completion *tmf_completion = NULL;
347 struct completion *req_completion;
348
349 /* Set the request state to "dead". */
350 ireq->status = dead;
351
352 req_completion = ireq->io_request_completion;
353 ireq->io_request_completion = NULL;
354
355 if (test_bit(IREQ_TMF, &ireq->flags)) {
356 /* Break links with the TMF request. */
357 struct isci_tmf *tmf = isci_request_access_tmf(ireq);
358
359 /* In the case where a task request is dying,
360 * the thread waiting on the complete will sit and
361 * timeout unless we wake it now. Since the TMF
362 * has a default error status, complete it here
363 * to wake the waiting thread.
364 */
365 if (tmf) {
366 tmf_completion = tmf->complete;
367 tmf->complete = NULL;
368 }
369 ireq->ttype_ptr.tmf_task_ptr = NULL;
370 dev_dbg(&ihost->pdev->dev, "%s: tmf_code %d, managed tag %#x\n",
371 __func__, tmf->tmf_code, tmf->io_tag);
372 } else {
373 /* Break links with the sas_task - the callback is done
374 * elsewhere.
375 */
376 struct sas_task *task = isci_request_access_task(ireq);
377
378 if (task)
379 task->lldd_task = NULL;
380
381 ireq->ttype_ptr.io_task_ptr = NULL;
382 }
383
384 dev_warn(&ihost->pdev->dev, "task context unrecoverable (tag: %#x)\n",
385 ireq->io_tag);
386
387 /* Don't force waiting threads to timeout. */
388 if (req_completion)
389 complete(req_completion);
390
391 if (tmf_completion != NULL)
392 complete(tmf_completion);
393}
394
330static int isci_task_execute_tmf(struct isci_host *ihost, 395static int isci_task_execute_tmf(struct isci_host *ihost,
331 struct isci_remote_device *idev, 396 struct isci_remote_device *idev,
332 struct isci_tmf *tmf, unsigned long timeout_ms) 397 struct isci_tmf *tmf, unsigned long timeout_ms)
@@ -364,6 +429,7 @@ static int isci_task_execute_tmf(struct isci_host *ihost,
364 429
365 /* Assign the pointer to the TMF's completion kernel wait structure. */ 430 /* Assign the pointer to the TMF's completion kernel wait structure. */
366 tmf->complete = &completion; 431 tmf->complete = &completion;
432 tmf->status = SCI_FAILURE_TIMEOUT;
367 433
368 ireq = isci_task_request_build(ihost, idev, tag, tmf); 434 ireq = isci_task_request_build(ihost, idev, tag, tmf);
369 if (!ireq) 435 if (!ireq)
@@ -399,18 +465,35 @@ static int isci_task_execute_tmf(struct isci_host *ihost,
399 msecs_to_jiffies(timeout_ms)); 465 msecs_to_jiffies(timeout_ms));
400 466
401 if (timeleft == 0) { 467 if (timeleft == 0) {
468 /* The TMF did not complete - this could be because
469 * of an unplug. Terminate the TMF request now.
470 */
402 spin_lock_irqsave(&ihost->scic_lock, flags); 471 spin_lock_irqsave(&ihost->scic_lock, flags);
403 472
404 if (tmf->cb_state_func != NULL) 473 if (tmf->cb_state_func != NULL)
405 tmf->cb_state_func(isci_tmf_timed_out, tmf, tmf->cb_data); 474 tmf->cb_state_func(isci_tmf_timed_out, tmf,
475 tmf->cb_data);
406 476
407 sci_controller_terminate_request(ihost, 477 sci_controller_terminate_request(ihost, idev, ireq);
408 idev,
409 ireq);
410 478
411 spin_unlock_irqrestore(&ihost->scic_lock, flags); 479 spin_unlock_irqrestore(&ihost->scic_lock, flags);
412 480
413 wait_for_completion(tmf->complete); 481 timeleft = wait_for_completion_timeout(
482 &completion,
483 msecs_to_jiffies(ISCI_TERMINATION_TIMEOUT_MSEC));
484
485 if (!timeleft) {
486 /* Strange condition - the termination of the TMF
487 * request timed-out.
488 */
489 spin_lock_irqsave(&ihost->scic_lock, flags);
490
491 /* If the TMF status has not changed, kill it. */
492 if (tmf->status == SCI_FAILURE_TIMEOUT)
493 isci_request_mark_zombie(ihost, ireq);
494
495 spin_unlock_irqrestore(&ihost->scic_lock, flags);
496 }
414 } 497 }
415 498
416 isci_print_tmf(tmf); 499 isci_print_tmf(tmf);
@@ -501,48 +584,17 @@ static enum isci_request_status isci_task_validate_request_to_abort(
501 return old_state; 584 return old_state;
502} 585}
503 586
504/** 587static int isci_request_is_dealloc_managed(enum isci_request_status stat)
505* isci_request_cleanup_completed_loiterer() - This function will take care of
506* the final cleanup on any request which has been explicitly terminated.
507* @isci_host: This parameter specifies the ISCI host object
508* @isci_device: This is the device to which the request is pending.
509* @isci_request: This parameter specifies the terminated request object.
510* @task: This parameter is the libsas I/O request.
511*/
512static void isci_request_cleanup_completed_loiterer(
513 struct isci_host *isci_host,
514 struct isci_remote_device *isci_device,
515 struct isci_request *isci_request,
516 struct sas_task *task)
517{ 588{
518 unsigned long flags; 589 switch (stat) {
519 590 case aborted:
520 dev_dbg(&isci_host->pdev->dev, 591 case aborting:
521 "%s: isci_device=%p, request=%p, task=%p\n", 592 case terminating:
522 __func__, isci_device, isci_request, task); 593 case completed:
523 594 case dead:
524 if (task != NULL) { 595 return true;
525 596 default:
526 spin_lock_irqsave(&task->task_state_lock, flags); 597 return false;
527 task->lldd_task = NULL;
528
529 task->task_state_flags &= ~SAS_TASK_NEED_DEV_RESET;
530
531 isci_set_task_doneflags(task);
532
533 /* If this task is not in the abort path, call task_done. */
534 if (!(task->task_state_flags & SAS_TASK_STATE_ABORTED)) {
535
536 spin_unlock_irqrestore(&task->task_state_lock, flags);
537 task->task_done(task);
538 } else
539 spin_unlock_irqrestore(&task->task_state_lock, flags);
540 }
541
542 if (isci_request != NULL) {
543 spin_lock_irqsave(&isci_host->scic_lock, flags);
544 list_del_init(&isci_request->dev_node);
545 spin_unlock_irqrestore(&isci_host->scic_lock, flags);
546 } 598 }
547} 599}
548 600
@@ -563,11 +615,9 @@ static void isci_terminate_request_core(struct isci_host *ihost,
563 enum sci_status status = SCI_SUCCESS; 615 enum sci_status status = SCI_SUCCESS;
564 bool was_terminated = false; 616 bool was_terminated = false;
565 bool needs_cleanup_handling = false; 617 bool needs_cleanup_handling = false;
566 enum isci_request_status request_status;
567 unsigned long flags; 618 unsigned long flags;
568 unsigned long termination_completed = 1; 619 unsigned long termination_completed = 1;
569 struct completion *io_request_completion; 620 struct completion *io_request_completion;
570 struct sas_task *task;
571 621
572 dev_dbg(&ihost->pdev->dev, 622 dev_dbg(&ihost->pdev->dev,
573 "%s: device = %p; request = %p\n", 623 "%s: device = %p; request = %p\n",
@@ -577,10 +627,6 @@ static void isci_terminate_request_core(struct isci_host *ihost,
577 627
578 io_request_completion = isci_request->io_request_completion; 628 io_request_completion = isci_request->io_request_completion;
579 629
580 task = (isci_request->ttype == io_task)
581 ? isci_request_access_task(isci_request)
582 : NULL;
583
584 /* Note that we are not going to control 630 /* Note that we are not going to control
585 * the target to abort the request. 631 * the target to abort the request.
586 */ 632 */
@@ -619,42 +665,27 @@ static void isci_terminate_request_core(struct isci_host *ihost,
619 __func__, isci_request, io_request_completion); 665 __func__, isci_request, io_request_completion);
620 666
621 /* Wait here for the request to complete. */ 667 /* Wait here for the request to complete. */
622 #define TERMINATION_TIMEOUT_MSEC 500
623 termination_completed 668 termination_completed
624 = wait_for_completion_timeout( 669 = wait_for_completion_timeout(
625 io_request_completion, 670 io_request_completion,
626 msecs_to_jiffies(TERMINATION_TIMEOUT_MSEC)); 671 msecs_to_jiffies(ISCI_TERMINATION_TIMEOUT_MSEC));
627 672
628 if (!termination_completed) { 673 if (!termination_completed) {
629 674
630 /* The request to terminate has timed out. */ 675 /* The request to terminate has timed out. */
631 spin_lock_irqsave(&ihost->scic_lock, 676 spin_lock_irqsave(&ihost->scic_lock, flags);
632 flags);
633 677
634 /* Check for state changes. */ 678 /* Check for state changes. */
635 if (!test_bit(IREQ_TERMINATED, &isci_request->flags)) { 679 if (!test_bit(IREQ_TERMINATED,
680 &isci_request->flags)) {
636 681
637 /* The best we can do is to have the 682 /* The best we can do is to have the
638 * request die a silent death if it 683 * request die a silent death if it
639 * ever really completes. 684 * ever really completes.
640 *
641 * Set the request state to "dead",
642 * and clear the task pointer so that
643 * an actual completion event callback
644 * doesn't do anything.
645 */ 685 */
646 isci_request->status = dead; 686 isci_request_mark_zombie(ihost,
647 isci_request->io_request_completion 687 isci_request);
648 = NULL; 688 needs_cleanup_handling = true;
649
650 if (isci_request->ttype == io_task) {
651
652 /* Break links with the
653 * sas_task.
654 */
655 isci_request->ttype_ptr.io_task_ptr
656 = NULL;
657 }
658 } else 689 } else
659 termination_completed = 1; 690 termination_completed = 1;
660 691
@@ -691,29 +722,28 @@ static void isci_terminate_request_core(struct isci_host *ihost,
691 * needs to be detached and freed here. 722 * needs to be detached and freed here.
692 */ 723 */
693 spin_lock_irqsave(&isci_request->state_lock, flags); 724 spin_lock_irqsave(&isci_request->state_lock, flags);
694 request_status = isci_request->status; 725
695 726 needs_cleanup_handling
696 if ((isci_request->ttype == io_task) /* TMFs are in their own thread */ 727 = isci_request_is_dealloc_managed(
697 && ((request_status == aborted) 728 isci_request->status);
698 || (request_status == aborting) 729
699 || (request_status == terminating)
700 || (request_status == completed)
701 || (request_status == dead)
702 )
703 ) {
704
705 /* The completion routine won't free a request in
706 * the aborted/aborting/etc. states, so we do
707 * it here.
708 */
709 needs_cleanup_handling = true;
710 }
711 spin_unlock_irqrestore(&isci_request->state_lock, flags); 730 spin_unlock_irqrestore(&isci_request->state_lock, flags);
712 731
713 } 732 }
714 if (needs_cleanup_handling) 733 if (needs_cleanup_handling) {
715 isci_request_cleanup_completed_loiterer( 734
716 ihost, idev, isci_request, task); 735 dev_dbg(&ihost->pdev->dev,
736 "%s: cleanup isci_device=%p, request=%p\n",
737 __func__, idev, isci_request);
738
739 if (isci_request != NULL) {
740 spin_lock_irqsave(&ihost->scic_lock, flags);
741 isci_free_tag(ihost, isci_request->io_tag);
742 isci_request_change_state(isci_request, unallocated);
743 list_del_init(&isci_request->dev_node);
744 spin_unlock_irqrestore(&ihost->scic_lock, flags);
745 }
746 }
717 } 747 }
718} 748}
719 749
@@ -772,7 +802,9 @@ void isci_terminate_pending_requests(struct isci_host *ihost,
772 dev_dbg(&ihost->pdev->dev, 802 dev_dbg(&ihost->pdev->dev,
773 "%s: idev=%p request=%p; task=%p old_state=%d\n", 803 "%s: idev=%p request=%p; task=%p old_state=%d\n",
774 __func__, idev, ireq, 804 __func__, idev, ireq,
775 ireq->ttype == io_task ? isci_request_access_task(ireq) : NULL, 805 (!test_bit(IREQ_TMF, &ireq->flags)
806 ? isci_request_access_task(ireq)
807 : NULL),
776 old_state); 808 old_state);
777 809
778 /* If the old_state is started: 810 /* If the old_state is started:
@@ -889,22 +921,14 @@ int isci_task_lu_reset(struct domain_device *domain_device, u8 *lun)
889 "%s: domain_device=%p, isci_host=%p; isci_device=%p\n", 921 "%s: domain_device=%p, isci_host=%p; isci_device=%p\n",
890 __func__, domain_device, isci_host, isci_device); 922 __func__, domain_device, isci_host, isci_device);
891 923
892 if (isci_device) 924 if (!isci_device) {
893 set_bit(IDEV_EH, &isci_device->flags); 925 /* If the device is gone, stop the escalations. */
926 dev_dbg(&isci_host->pdev->dev, "%s: No dev\n", __func__);
894 927
895 /* If there is a device reset pending on any request in the 928 ret = TMF_RESP_FUNC_COMPLETE;
896 * device's list, fail this LUN reset request in order to
897 * escalate to the device reset.
898 */
899 if (!isci_device ||
900 isci_device_is_reset_pending(isci_host, isci_device)) {
901 dev_dbg(&isci_host->pdev->dev,
902 "%s: No dev (%p), or "
903 "RESET PENDING: domain_device=%p\n",
904 __func__, isci_device, domain_device);
905 ret = TMF_RESP_FUNC_FAILED;
906 goto out; 929 goto out;
907 } 930 }
931 set_bit(IDEV_EH, &isci_device->flags);
908 932
909 /* Send the task management part of the reset. */ 933 /* Send the task management part of the reset. */
910 if (sas_protocol_ata(domain_device->tproto)) { 934 if (sas_protocol_ata(domain_device->tproto)) {
@@ -1013,7 +1037,7 @@ int isci_task_abort_task(struct sas_task *task)
1013 struct isci_tmf tmf; 1037 struct isci_tmf tmf;
1014 int ret = TMF_RESP_FUNC_FAILED; 1038 int ret = TMF_RESP_FUNC_FAILED;
1015 unsigned long flags; 1039 unsigned long flags;
1016 bool any_dev_reset = false; 1040 int perform_termination = 0;
1017 1041
1018 /* Get the isci_request reference from the task. Note that 1042 /* Get the isci_request reference from the task. Note that
1019 * this check does not depend on the pending request list 1043 * this check does not depend on the pending request list
@@ -1035,89 +1059,34 @@ int isci_task_abort_task(struct sas_task *task)
1035 spin_unlock_irqrestore(&isci_host->scic_lock, flags); 1059 spin_unlock_irqrestore(&isci_host->scic_lock, flags);
1036 1060
1037 dev_dbg(&isci_host->pdev->dev, 1061 dev_dbg(&isci_host->pdev->dev,
1038 "%s: task = %p\n", __func__, task); 1062 "%s: dev = %p, task = %p, old_request == %p\n",
1039 1063 __func__, isci_device, task, old_request);
1040 if (!isci_device || !old_request)
1041 goto out;
1042
1043 set_bit(IDEV_EH, &isci_device->flags);
1044
1045 /* This version of the driver will fail abort requests for
1046 * SATA/STP. Failing the abort request this way will cause the
1047 * SCSI error handler thread to escalate to LUN reset
1048 */
1049 if (sas_protocol_ata(task->task_proto)) {
1050 dev_dbg(&isci_host->pdev->dev,
1051 " task %p is for a STP/SATA device;"
1052 " returning TMF_RESP_FUNC_FAILED\n"
1053 " to cause a LUN reset...\n", task);
1054 goto out;
1055 }
1056 1064
1057 dev_dbg(&isci_host->pdev->dev, 1065 if (isci_device)
1058 "%s: old_request == %p\n", __func__, old_request); 1066 set_bit(IDEV_EH, &isci_device->flags);
1059
1060 any_dev_reset = isci_device_is_reset_pending(isci_host, isci_device);
1061
1062 spin_lock_irqsave(&task->task_state_lock, flags);
1063
1064 any_dev_reset = any_dev_reset || (task->task_state_flags & SAS_TASK_NEED_DEV_RESET);
1065 1067
1066 /* If the extraction of the request reference from the task 1068 /* Device reset conditions signalled in task_state_flags are the
1067 * failed, then the request has been completed (or if there is a 1069 * responsbility of libsas to observe at the start of the error
1068 * pending reset then this abort request function must be failed 1070 * handler thread.
1069 * in order to escalate to the target reset).
1070 */ 1071 */
1071 if ((old_request == NULL) || any_dev_reset) { 1072 if (!isci_device || !old_request) {
1072 1073 /* The request has already completed and there
1073 /* If the device reset task flag is set, fail the task 1074 * is nothing to do here other than to set the task
1074 * management request. Otherwise, the original request 1075 * done bit, and indicate that the task abort function
1075 * has completed. 1076 * was sucessful.
1076 */ 1077 */
1077 if (any_dev_reset) { 1078 spin_lock_irqsave(&task->task_state_lock, flags);
1078 1079 task->task_state_flags |= SAS_TASK_STATE_DONE;
1079 /* Turn off the task's DONE to make sure this 1080 task->task_state_flags &= ~(SAS_TASK_AT_INITIATOR |
1080 * task is escalated to a target reset. 1081 SAS_TASK_STATE_PENDING);
1081 */ 1082 spin_unlock_irqrestore(&task->task_state_lock, flags);
1082 task->task_state_flags &= ~SAS_TASK_STATE_DONE;
1083
1084 /* Make the reset happen as soon as possible. */
1085 task->task_state_flags |= SAS_TASK_NEED_DEV_RESET;
1086
1087 spin_unlock_irqrestore(&task->task_state_lock, flags);
1088
1089 /* Fail the task management request in order to
1090 * escalate to the target reset.
1091 */
1092 ret = TMF_RESP_FUNC_FAILED;
1093
1094 dev_dbg(&isci_host->pdev->dev,
1095 "%s: Failing task abort in order to "
1096 "escalate to target reset because\n"
1097 "SAS_TASK_NEED_DEV_RESET is set for "
1098 "task %p on dev %p\n",
1099 __func__, task, isci_device);
1100
1101
1102 } else {
1103 /* The request has already completed and there
1104 * is nothing to do here other than to set the task
1105 * done bit, and indicate that the task abort function
1106 * was sucessful.
1107 */
1108 isci_set_task_doneflags(task);
1109
1110 spin_unlock_irqrestore(&task->task_state_lock, flags);
1111 1083
1112 ret = TMF_RESP_FUNC_COMPLETE; 1084 ret = TMF_RESP_FUNC_COMPLETE;
1113 1085
1114 dev_dbg(&isci_host->pdev->dev, 1086 dev_dbg(&isci_host->pdev->dev,
1115 "%s: abort task not needed for %p\n", 1087 "%s: abort task not needed for %p\n",
1116 __func__, task); 1088 __func__, task);
1117 }
1118 goto out; 1089 goto out;
1119 } else {
1120 spin_unlock_irqrestore(&task->task_state_lock, flags);
1121 } 1090 }
1122 1091
1123 spin_lock_irqsave(&isci_host->scic_lock, flags); 1092 spin_lock_irqsave(&isci_host->scic_lock, flags);
@@ -1146,24 +1115,44 @@ int isci_task_abort_task(struct sas_task *task)
1146 goto out; 1115 goto out;
1147 } 1116 }
1148 if (task->task_proto == SAS_PROTOCOL_SMP || 1117 if (task->task_proto == SAS_PROTOCOL_SMP ||
1118 sas_protocol_ata(task->task_proto) ||
1149 test_bit(IREQ_COMPLETE_IN_TARGET, &old_request->flags)) { 1119 test_bit(IREQ_COMPLETE_IN_TARGET, &old_request->flags)) {
1150 1120
1151 spin_unlock_irqrestore(&isci_host->scic_lock, flags); 1121 spin_unlock_irqrestore(&isci_host->scic_lock, flags);
1152 1122
1153 dev_dbg(&isci_host->pdev->dev, 1123 dev_dbg(&isci_host->pdev->dev,
1154 "%s: SMP request (%d)" 1124 "%s: %s request"
1155 " or complete_in_target (%d), thus no TMF\n", 1125 " or complete_in_target (%d), thus no TMF\n",
1156 __func__, (task->task_proto == SAS_PROTOCOL_SMP), 1126 __func__,
1127 ((task->task_proto == SAS_PROTOCOL_SMP)
1128 ? "SMP"
1129 : (sas_protocol_ata(task->task_proto)
1130 ? "SATA/STP"
1131 : "<other>")
1132 ),
1157 test_bit(IREQ_COMPLETE_IN_TARGET, &old_request->flags)); 1133 test_bit(IREQ_COMPLETE_IN_TARGET, &old_request->flags));
1158 1134
1159 /* Set the state on the task. */ 1135 if (test_bit(IREQ_COMPLETE_IN_TARGET, &old_request->flags)) {
1160 isci_task_all_done(task); 1136 spin_lock_irqsave(&task->task_state_lock, flags);
1161 1137 task->task_state_flags |= SAS_TASK_STATE_DONE;
1162 ret = TMF_RESP_FUNC_COMPLETE; 1138 task->task_state_flags &= ~(SAS_TASK_AT_INITIATOR |
1139 SAS_TASK_STATE_PENDING);
1140 spin_unlock_irqrestore(&task->task_state_lock, flags);
1141 ret = TMF_RESP_FUNC_COMPLETE;
1142 } else {
1143 spin_lock_irqsave(&task->task_state_lock, flags);
1144 task->task_state_flags &= ~(SAS_TASK_AT_INITIATOR |
1145 SAS_TASK_STATE_PENDING);
1146 spin_unlock_irqrestore(&task->task_state_lock, flags);
1147 }
1163 1148
1164 /* Stopping and SMP devices are not sent a TMF, and are not 1149 /* STP and SMP devices are not sent a TMF, but the
1165 * reset, but the outstanding I/O request is terminated below. 1150 * outstanding I/O request is terminated below. This is
1151 * because SATA/STP and SMP discovery path timeouts directly
1152 * call the abort task interface for cleanup.
1166 */ 1153 */
1154 perform_termination = 1;
1155
1167 } else { 1156 } else {
1168 /* Fill in the tmf stucture */ 1157 /* Fill in the tmf stucture */
1169 isci_task_build_abort_task_tmf(&tmf, isci_tmf_ssp_task_abort, 1158 isci_task_build_abort_task_tmf(&tmf, isci_tmf_ssp_task_abort,
@@ -1172,22 +1161,24 @@ int isci_task_abort_task(struct sas_task *task)
1172 1161
1173 spin_unlock_irqrestore(&isci_host->scic_lock, flags); 1162 spin_unlock_irqrestore(&isci_host->scic_lock, flags);
1174 1163
1175 #define ISCI_ABORT_TASK_TIMEOUT_MS 500 /* half second timeout. */ 1164 #define ISCI_ABORT_TASK_TIMEOUT_MS 500 /* 1/2 second timeout */
1176 ret = isci_task_execute_tmf(isci_host, isci_device, &tmf, 1165 ret = isci_task_execute_tmf(isci_host, isci_device, &tmf,
1177 ISCI_ABORT_TASK_TIMEOUT_MS); 1166 ISCI_ABORT_TASK_TIMEOUT_MS);
1178 1167
1179 if (ret != TMF_RESP_FUNC_COMPLETE) 1168 if (ret == TMF_RESP_FUNC_COMPLETE)
1169 perform_termination = 1;
1170 else
1180 dev_dbg(&isci_host->pdev->dev, 1171 dev_dbg(&isci_host->pdev->dev,
1181 "%s: isci_task_send_tmf failed\n", 1172 "%s: isci_task_send_tmf failed\n", __func__);
1182 __func__);
1183 } 1173 }
1184 if (ret == TMF_RESP_FUNC_COMPLETE) { 1174 if (perform_termination) {
1185 set_bit(IREQ_COMPLETE_IN_TARGET, &old_request->flags); 1175 set_bit(IREQ_COMPLETE_IN_TARGET, &old_request->flags);
1186 1176
1187 /* Clean up the request on our side, and wait for the aborted 1177 /* Clean up the request on our side, and wait for the aborted
1188 * I/O to complete. 1178 * I/O to complete.
1189 */ 1179 */
1190 isci_terminate_request_core(isci_host, isci_device, old_request); 1180 isci_terminate_request_core(isci_host, isci_device,
1181 old_request);
1191 } 1182 }
1192 1183
1193 /* Make sure we do not leave a reference to aborted_io_completion */ 1184 /* Make sure we do not leave a reference to aborted_io_completion */
@@ -1288,7 +1279,8 @@ isci_task_request_complete(struct isci_host *ihost,
1288 enum sci_task_status completion_status) 1279 enum sci_task_status completion_status)
1289{ 1280{
1290 struct isci_tmf *tmf = isci_request_access_tmf(ireq); 1281 struct isci_tmf *tmf = isci_request_access_tmf(ireq);
1291 struct completion *tmf_complete; 1282 struct completion *tmf_complete = NULL;
1283 struct completion *request_complete = ireq->io_request_completion;
1292 1284
1293 dev_dbg(&ihost->pdev->dev, 1285 dev_dbg(&ihost->pdev->dev,
1294 "%s: request = %p, status=%d\n", 1286 "%s: request = %p, status=%d\n",
@@ -1296,255 +1288,53 @@ isci_task_request_complete(struct isci_host *ihost,
1296 1288
1297 isci_request_change_state(ireq, completed); 1289 isci_request_change_state(ireq, completed);
1298 1290
1299 tmf->status = completion_status;
1300 set_bit(IREQ_COMPLETE_IN_TARGET, &ireq->flags); 1291 set_bit(IREQ_COMPLETE_IN_TARGET, &ireq->flags);
1301 1292
1302 if (tmf->proto == SAS_PROTOCOL_SSP) { 1293 if (tmf) {
1303 memcpy(&tmf->resp.resp_iu, 1294 tmf->status = completion_status;
1304 &ireq->ssp.rsp, 1295
1305 SSP_RESP_IU_MAX_SIZE); 1296 if (tmf->proto == SAS_PROTOCOL_SSP) {
1306 } else if (tmf->proto == SAS_PROTOCOL_SATA) { 1297 memcpy(&tmf->resp.resp_iu,
1307 memcpy(&tmf->resp.d2h_fis, 1298 &ireq->ssp.rsp,
1308 &ireq->stp.rsp, 1299 SSP_RESP_IU_MAX_SIZE);
1309 sizeof(struct dev_to_host_fis)); 1300 } else if (tmf->proto == SAS_PROTOCOL_SATA) {
1301 memcpy(&tmf->resp.d2h_fis,
1302 &ireq->stp.rsp,
1303 sizeof(struct dev_to_host_fis));
1304 }
1305 /* PRINT_TMF( ((struct isci_tmf *)request->task)); */
1306 tmf_complete = tmf->complete;
1310 } 1307 }
1311
1312 /* PRINT_TMF( ((struct isci_tmf *)request->task)); */
1313 tmf_complete = tmf->complete;
1314
1315 sci_controller_complete_io(ihost, ireq->target_device, ireq); 1308 sci_controller_complete_io(ihost, ireq->target_device, ireq);
1316 /* set the 'terminated' flag handle to make sure it cannot be terminated 1309 /* set the 'terminated' flag handle to make sure it cannot be terminated
1317 * or completed again. 1310 * or completed again.
1318 */ 1311 */
1319 set_bit(IREQ_TERMINATED, &ireq->flags); 1312 set_bit(IREQ_TERMINATED, &ireq->flags);
1320 1313
1321 isci_request_change_state(ireq, unallocated); 1314 /* As soon as something is in the terminate path, deallocation is
1322 list_del_init(&ireq->dev_node); 1315 * managed there. Note that the final non-managed state of a task
1323 1316 * request is "completed".
1324 /* The task management part completes last. */ 1317 */
1325 complete(tmf_complete); 1318 if ((ireq->status == completed) ||
1326} 1319 !isci_request_is_dealloc_managed(ireq->status)) {
1327 1320 isci_request_change_state(ireq, unallocated);
1328static void isci_smp_task_timedout(unsigned long _task) 1321 isci_free_tag(ihost, ireq->io_tag);
1329{ 1322 list_del_init(&ireq->dev_node);
1330 struct sas_task *task = (void *) _task;
1331 unsigned long flags;
1332
1333 spin_lock_irqsave(&task->task_state_lock, flags);
1334 if (!(task->task_state_flags & SAS_TASK_STATE_DONE))
1335 task->task_state_flags |= SAS_TASK_STATE_ABORTED;
1336 spin_unlock_irqrestore(&task->task_state_lock, flags);
1337
1338 complete(&task->completion);
1339}
1340
1341static void isci_smp_task_done(struct sas_task *task)
1342{
1343 if (!del_timer(&task->timer))
1344 return;
1345 complete(&task->completion);
1346}
1347
1348static int isci_smp_execute_task(struct isci_host *ihost,
1349 struct domain_device *dev, void *req,
1350 int req_size, void *resp, int resp_size)
1351{
1352 int res, retry;
1353 struct sas_task *task = NULL;
1354
1355 for (retry = 0; retry < 3; retry++) {
1356 task = sas_alloc_task(GFP_KERNEL);
1357 if (!task)
1358 return -ENOMEM;
1359
1360 task->dev = dev;
1361 task->task_proto = dev->tproto;
1362 sg_init_one(&task->smp_task.smp_req, req, req_size);
1363 sg_init_one(&task->smp_task.smp_resp, resp, resp_size);
1364
1365 task->task_done = isci_smp_task_done;
1366
1367 task->timer.data = (unsigned long) task;
1368 task->timer.function = isci_smp_task_timedout;
1369 task->timer.expires = jiffies + 10*HZ;
1370 add_timer(&task->timer);
1371
1372 res = isci_task_execute_task(task, 1, GFP_KERNEL);
1373
1374 if (res) {
1375 del_timer(&task->timer);
1376 dev_dbg(&ihost->pdev->dev,
1377 "%s: executing SMP task failed:%d\n",
1378 __func__, res);
1379 goto ex_err;
1380 }
1381
1382 wait_for_completion(&task->completion);
1383 res = -ECOMM;
1384 if ((task->task_state_flags & SAS_TASK_STATE_ABORTED)) {
1385 dev_dbg(&ihost->pdev->dev,
1386 "%s: smp task timed out or aborted\n",
1387 __func__);
1388 isci_task_abort_task(task);
1389 if (!(task->task_state_flags & SAS_TASK_STATE_DONE)) {
1390 dev_dbg(&ihost->pdev->dev,
1391 "%s: SMP task aborted and not done\n",
1392 __func__);
1393 goto ex_err;
1394 }
1395 }
1396 if (task->task_status.resp == SAS_TASK_COMPLETE &&
1397 task->task_status.stat == SAM_STAT_GOOD) {
1398 res = 0;
1399 break;
1400 }
1401 if (task->task_status.resp == SAS_TASK_COMPLETE &&
1402 task->task_status.stat == SAS_DATA_UNDERRUN) {
1403 /* no error, but return the number of bytes of
1404 * underrun */
1405 res = task->task_status.residual;
1406 break;
1407 }
1408 if (task->task_status.resp == SAS_TASK_COMPLETE &&
1409 task->task_status.stat == SAS_DATA_OVERRUN) {
1410 res = -EMSGSIZE;
1411 break;
1412 } else {
1413 dev_dbg(&ihost->pdev->dev,
1414 "%s: task to dev %016llx response: 0x%x "
1415 "status 0x%x\n", __func__,
1416 SAS_ADDR(dev->sas_addr),
1417 task->task_status.resp,
1418 task->task_status.stat);
1419 sas_free_task(task);
1420 task = NULL;
1421 }
1422 }
1423ex_err:
1424 BUG_ON(retry == 3 && task != NULL);
1425 sas_free_task(task);
1426 return res;
1427}
1428
1429#define DISCOVER_REQ_SIZE 16
1430#define DISCOVER_RESP_SIZE 56
1431
1432int isci_smp_get_phy_attached_dev_type(struct isci_host *ihost,
1433 struct domain_device *dev,
1434 int phy_id, int *adt)
1435{
1436 struct smp_resp *disc_resp;
1437 u8 *disc_req;
1438 int res;
1439
1440 disc_resp = kzalloc(DISCOVER_RESP_SIZE, GFP_KERNEL);
1441 if (!disc_resp)
1442 return -ENOMEM;
1443
1444 disc_req = kzalloc(DISCOVER_REQ_SIZE, GFP_KERNEL);
1445 if (disc_req) {
1446 disc_req[0] = SMP_REQUEST;
1447 disc_req[1] = SMP_DISCOVER;
1448 disc_req[9] = phy_id;
1449 } else {
1450 kfree(disc_resp);
1451 return -ENOMEM;
1452 }
1453 res = isci_smp_execute_task(ihost, dev, disc_req, DISCOVER_REQ_SIZE,
1454 disc_resp, DISCOVER_RESP_SIZE);
1455 if (!res) {
1456 if (disc_resp->result != SMP_RESP_FUNC_ACC)
1457 res = disc_resp->result;
1458 else
1459 *adt = disc_resp->disc.attached_dev_type;
1460 } 1323 }
1461 kfree(disc_req);
1462 kfree(disc_resp);
1463
1464 return res;
1465}
1466
1467static void isci_wait_for_smp_phy_reset(struct isci_remote_device *idev, int phy_num)
1468{
1469 struct domain_device *dev = idev->domain_dev;
1470 struct isci_port *iport = idev->isci_port;
1471 struct isci_host *ihost = iport->isci_host;
1472 int res, iteration = 0, attached_device_type;
1473 #define STP_WAIT_MSECS 25000
1474 unsigned long tmo = msecs_to_jiffies(STP_WAIT_MSECS);
1475 unsigned long deadline = jiffies + tmo;
1476 enum {
1477 SMP_PHYWAIT_PHYDOWN,
1478 SMP_PHYWAIT_PHYUP,
1479 SMP_PHYWAIT_DONE
1480 } phy_state = SMP_PHYWAIT_PHYDOWN;
1481
1482 /* While there is time, wait for the phy to go away and come back */
1483 while (time_is_after_jiffies(deadline) && phy_state != SMP_PHYWAIT_DONE) {
1484 int event = atomic_read(&iport->event);
1485
1486 ++iteration;
1487
1488 tmo = wait_event_timeout(ihost->eventq,
1489 event != atomic_read(&iport->event) ||
1490 !test_bit(IPORT_BCN_BLOCKED, &iport->flags),
1491 tmo);
1492 /* link down, stop polling */
1493 if (!test_bit(IPORT_BCN_BLOCKED, &iport->flags))
1494 break;
1495 1324
1496 dev_dbg(&ihost->pdev->dev, 1325 /* "request_complete" is set if the task was being terminated. */
1497 "%s: iport %p, iteration %d," 1326 if (request_complete)
1498 " phase %d: time_remaining %lu, bcns = %d\n", 1327 complete(request_complete);
1499 __func__, iport, iteration, phy_state,
1500 tmo, test_bit(IPORT_BCN_PENDING, &iport->flags));
1501
1502 res = isci_smp_get_phy_attached_dev_type(ihost, dev, phy_num,
1503 &attached_device_type);
1504 tmo = deadline - jiffies;
1505
1506 if (res) {
1507 dev_dbg(&ihost->pdev->dev,
1508 "%s: iteration %d, phase %d:"
1509 " SMP error=%d, time_remaining=%lu\n",
1510 __func__, iteration, phy_state, res, tmo);
1511 break;
1512 }
1513 dev_dbg(&ihost->pdev->dev,
1514 "%s: iport %p, iteration %d,"
1515 " phase %d: time_remaining %lu, bcns = %d, "
1516 "attdevtype = %x\n",
1517 __func__, iport, iteration, phy_state,
1518 tmo, test_bit(IPORT_BCN_PENDING, &iport->flags),
1519 attached_device_type);
1520
1521 switch (phy_state) {
1522 case SMP_PHYWAIT_PHYDOWN:
1523 /* Has the device gone away? */
1524 if (!attached_device_type)
1525 phy_state = SMP_PHYWAIT_PHYUP;
1526
1527 break;
1528
1529 case SMP_PHYWAIT_PHYUP:
1530 /* Has the device come back? */
1531 if (attached_device_type)
1532 phy_state = SMP_PHYWAIT_DONE;
1533 break;
1534
1535 case SMP_PHYWAIT_DONE:
1536 break;
1537 }
1538 1328
1539 } 1329 /* The task management part completes last. */
1540 dev_dbg(&ihost->pdev->dev, "%s: done\n", __func__); 1330 if (tmf_complete)
1331 complete(tmf_complete);
1541} 1332}
1542 1333
1543static int isci_reset_device(struct isci_host *ihost, 1334static int isci_reset_device(struct isci_host *ihost,
1544 struct isci_remote_device *idev) 1335 struct isci_remote_device *idev)
1545{ 1336{
1546 struct sas_phy *phy = sas_find_local_phy(idev->domain_dev); 1337 struct sas_phy *phy = sas_find_local_phy(idev->domain_dev);
1547 struct isci_port *iport = idev->isci_port;
1548 enum sci_status status; 1338 enum sci_status status;
1549 unsigned long flags; 1339 unsigned long flags;
1550 int rc; 1340 int rc;
@@ -1564,13 +1354,6 @@ static int isci_reset_device(struct isci_host *ihost,
1564 } 1354 }
1565 spin_unlock_irqrestore(&ihost->scic_lock, flags); 1355 spin_unlock_irqrestore(&ihost->scic_lock, flags);
1566 1356
1567 /* Make sure all pending requests are able to be fully terminated. */
1568 isci_device_clear_reset_pending(ihost, idev);
1569
1570 /* If this is a device on an expander, disable BCN processing. */
1571 if (!scsi_is_sas_phy_local(phy))
1572 set_bit(IPORT_BCN_BLOCKED, &iport->flags);
1573
1574 rc = sas_phy_reset(phy, true); 1357 rc = sas_phy_reset(phy, true);
1575 1358
1576 /* Terminate in-progress I/O now. */ 1359 /* Terminate in-progress I/O now. */
@@ -1581,21 +1364,6 @@ static int isci_reset_device(struct isci_host *ihost,
1581 status = sci_remote_device_reset_complete(idev); 1364 status = sci_remote_device_reset_complete(idev);
1582 spin_unlock_irqrestore(&ihost->scic_lock, flags); 1365 spin_unlock_irqrestore(&ihost->scic_lock, flags);
1583 1366
1584 /* If this is a device on an expander, bring the phy back up. */
1585 if (!scsi_is_sas_phy_local(phy)) {
1586 /* A phy reset will cause the device to go away then reappear.
1587 * Since libsas will take action on incoming BCNs (eg. remove
1588 * a device going through an SMP phy-control driven reset),
1589 * we need to wait until the phy comes back up before letting
1590 * discovery proceed in libsas.
1591 */
1592 isci_wait_for_smp_phy_reset(idev, phy->number);
1593
1594 spin_lock_irqsave(&ihost->scic_lock, flags);
1595 isci_port_bcn_enable(ihost, idev->isci_port);
1596 spin_unlock_irqrestore(&ihost->scic_lock, flags);
1597 }
1598
1599 if (status != SCI_SUCCESS) { 1367 if (status != SCI_SUCCESS) {
1600 dev_dbg(&ihost->pdev->dev, 1368 dev_dbg(&ihost->pdev->dev,
1601 "%s: sci_remote_device_reset_complete(%p) " 1369 "%s: sci_remote_device_reset_complete(%p) "
generated by cgit v1.2.2 (git 2.25.0) at 2025-11-12 16:14:15 -0500