d1a46710f4a712e7ee0c65f4212cd51417c8832f
[linux-2.6.git] / drivers / scsi / isci / task.c
1 /*
2  * This file is provided under a dual BSD/GPLv2 license.  When using or
3  * redistributing this file, you may do so under either license.
4  *
5  * GPL LICENSE SUMMARY
6  *
7  * Copyright(c) 2008 - 2011 Intel Corporation. All rights reserved.
8  *
9  * This program is free software; you can redistribute it and/or modify
10  * it under the terms of version 2 of the GNU General Public License as
11  * published by the Free Software Foundation.
12  *
13  * This program is distributed in the hope that it will be useful, but
14  * WITHOUT ANY WARRANTY; without even the implied warranty of
15  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
16  * General Public License for more details.
17  *
18  * You should have received a copy of the GNU General Public License
19  * along with this program; if not, write to the Free Software
20  * Foundation, Inc., 51 Franklin St - Fifth Floor, Boston, MA 02110-1301 USA.
21  * The full GNU General Public License is included in this distribution
22  * in the file called LICENSE.GPL.
23  *
24  * BSD LICENSE
25  *
26  * Copyright(c) 2008 - 2011 Intel Corporation. All rights reserved.
27  * All rights reserved.
28  *
29  * Redistribution and use in source and binary forms, with or without
30  * modification, are permitted provided that the following conditions
31  * are met:
32  *
33  *   * Redistributions of source code must retain the above copyright
34  *     notice, this list of conditions and the following disclaimer.
35  *   * Redistributions in binary form must reproduce the above copyright
36  *     notice, this list of conditions and the following disclaimer in
37  *     the documentation and/or other materials provided with the
38  *     distribution.
39  *   * Neither the name of Intel Corporation nor the names of its
40  *     contributors may be used to endorse or promote products derived
41  *     from this software without specific prior written permission.
42  *
43  * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
44  * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
45  * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
46  * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
47  * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
48  * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
49  * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
50  * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
51  * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
52  * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
53  * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
54  */
55
56 #include <linux/completion.h>
57 #include <linux/irqflags.h>
58 #include "sas.h"
59 #include <scsi/libsas.h>
60 #include "remote_device.h"
61 #include "remote_node_context.h"
62 #include "isci.h"
63 #include "request.h"
64 #include "sata.h"
65 #include "task.h"
66 #include "host.h"
67
68 /**
69 * isci_task_refuse() - complete the request to the upper layer driver in
70 *     the case where an I/O needs to be completed back in the submit path.
71 * @ihost: host on which the the request was queued
72 * @task: request to complete
73 * @response: response code for the completed task.
74 * @status: status code for the completed task.
75 *
76 */
77 static void isci_task_refuse(struct isci_host *ihost, struct sas_task *task,
78                              enum service_response response,
79                              enum exec_status status)
80
81 {
82         enum isci_completion_selection disposition;
83
84         disposition = isci_perform_normal_io_completion;
85         disposition = isci_task_set_completion_status(task, response, status,
86                                                       disposition);
87
88         /* Tasks aborted specifically by a call to the lldd_abort_task
89          * function should not be completed to the host in the regular path.
90          */
91         switch (disposition) {
92                 case isci_perform_normal_io_completion:
93                         /* Normal notification (task_done) */
94                         dev_dbg(&ihost->pdev->dev,
95                                 "%s: Normal - task = %p, response=%d, "
96                                 "status=%d\n",
97                                 __func__, task, response, status);
98
99                         task->lldd_task = NULL;
100
101                         isci_execpath_callback(ihost, task, task->task_done);
102                         break;
103
104                 case isci_perform_aborted_io_completion:
105                         /* No notification because this request is already in the
106                         * abort path.
107                         */
108                         dev_warn(&ihost->pdev->dev,
109                                  "%s: Aborted - task = %p, response=%d, "
110                                 "status=%d\n",
111                                  __func__, task, response, status);
112                         break;
113
114                 case isci_perform_error_io_completion:
115                         /* Use sas_task_abort */
116                         dev_warn(&ihost->pdev->dev,
117                                  "%s: Error - task = %p, response=%d, "
118                                 "status=%d\n",
119                                  __func__, task, response, status);
120
121                         isci_execpath_callback(ihost, task, sas_task_abort);
122                         break;
123
124                 default:
125                         dev_warn(&ihost->pdev->dev,
126                                  "%s: isci task notification default case!",
127                                  __func__);
128                         sas_task_abort(task);
129                         break;
130         }
131 }
132
133 #define for_each_sas_task(num, task) \
134         for (; num > 0; num--,\
135              task = list_entry(task->list.next, struct sas_task, list))
136
137
138 static inline int isci_device_io_ready(struct isci_remote_device *idev,
139                                        struct sas_task *task)
140 {
141         return idev ? test_bit(IDEV_IO_READY, &idev->flags) ||
142                       (test_bit(IDEV_IO_NCQERROR, &idev->flags) &&
143                        isci_task_is_ncq_recovery(task))
144                     : 0;
145 }
146 /**
147  * isci_task_execute_task() - This function is one of the SAS Domain Template
148  *    functions. This function is called by libsas to send a task down to
149  *    hardware.
150  * @task: This parameter specifies the SAS task to send.
151  * @num: This parameter specifies the number of tasks to queue.
152  * @gfp_flags: This parameter specifies the context of this call.
153  *
154  * status, zero indicates success.
155  */
156 int isci_task_execute_task(struct sas_task *task, int num, gfp_t gfp_flags)
157 {
158         struct isci_host *ihost = dev_to_ihost(task->dev);
159         struct isci_remote_device *idev;
160         unsigned long flags;
161         bool io_ready;
162         u16 tag;
163
164         dev_dbg(&ihost->pdev->dev, "%s: num=%d\n", __func__, num);
165
166         for_each_sas_task(num, task) {
167                 enum sci_status status = SCI_FAILURE;
168
169                 spin_lock_irqsave(&ihost->scic_lock, flags);
170                 idev = isci_lookup_device(task->dev);
171                 io_ready = isci_device_io_ready(idev, task);
172                 tag = isci_alloc_tag(ihost);
173                 spin_unlock_irqrestore(&ihost->scic_lock, flags);
174
175                 dev_dbg(&ihost->pdev->dev,
176                         "task: %p, num: %d dev: %p idev: %p:%#lx cmd = %p\n",
177                         task, num, task->dev, idev, idev ? idev->flags : 0,
178                         task->uldd_task);
179
180                 if (!idev) {
181                         isci_task_refuse(ihost, task, SAS_TASK_UNDELIVERED,
182                                          SAS_DEVICE_UNKNOWN);
183                 } else if (!io_ready || tag == SCI_CONTROLLER_INVALID_IO_TAG) {
184                         /* Indicate QUEUE_FULL so that the scsi midlayer
185                          * retries.
186                           */
187                         isci_task_refuse(ihost, task, SAS_TASK_COMPLETE,
188                                          SAS_QUEUE_FULL);
189                 } else {
190                         /* There is a device and it's ready for I/O. */
191                         spin_lock_irqsave(&task->task_state_lock, flags);
192
193                         if (task->task_state_flags & SAS_TASK_STATE_ABORTED) {
194                                 /* The I/O was aborted. */
195                                 spin_unlock_irqrestore(&task->task_state_lock,
196                                                        flags);
197
198                                 isci_task_refuse(ihost, task,
199                                                  SAS_TASK_UNDELIVERED,
200                                                  SAM_STAT_TASK_ABORTED);
201                         } else {
202                                 task->task_state_flags |= SAS_TASK_AT_INITIATOR;
203                                 spin_unlock_irqrestore(&task->task_state_lock, flags);
204
205                                 /* build and send the request. */
206                                 status = isci_request_execute(ihost, idev, task, tag, gfp_flags);
207
208                                 if (status != SCI_SUCCESS) {
209
210                                         spin_lock_irqsave(&task->task_state_lock, flags);
211                                         /* Did not really start this command. */
212                                         task->task_state_flags &= ~SAS_TASK_AT_INITIATOR;
213                                         spin_unlock_irqrestore(&task->task_state_lock, flags);
214
215                                         /* Indicate QUEUE_FULL so that the scsi
216                                         * midlayer retries. if the request
217                                         * failed for remote device reasons,
218                                         * it gets returned as
219                                         * SAS_TASK_UNDELIVERED next time
220                                         * through.
221                                         */
222                                         isci_task_refuse(ihost, task,
223                                                          SAS_TASK_COMPLETE,
224                                                          SAS_QUEUE_FULL);
225                                 }
226                         }
227                 }
228                 if (status != SCI_SUCCESS && tag != SCI_CONTROLLER_INVALID_IO_TAG) {
229                         spin_lock_irqsave(&ihost->scic_lock, flags);
230                         /* command never hit the device, so just free
231                          * the tci and skip the sequence increment
232                          */
233                         isci_tci_free(ihost, ISCI_TAG_TCI(tag));
234                         spin_unlock_irqrestore(&ihost->scic_lock, flags);
235                 }
236                 isci_put_device(idev);
237         }
238         return 0;
239 }
240
241 static struct isci_request *isci_task_request_build(struct isci_host *ihost,
242                                                     struct isci_remote_device *idev,
243                                                     u16 tag, struct isci_tmf *isci_tmf)
244 {
245         enum sci_status status = SCI_FAILURE;
246         struct isci_request *ireq = NULL;
247         struct domain_device *dev;
248
249         dev_dbg(&ihost->pdev->dev,
250                 "%s: isci_tmf = %p\n", __func__, isci_tmf);
251
252         dev = idev->domain_dev;
253
254         /* do common allocation and init of request object. */
255         ireq = isci_request_alloc_tmf(ihost, isci_tmf, GFP_ATOMIC);
256         if (!ireq)
257                 return NULL;
258
259         /* let the core do it's construct. */
260         status = scic_task_request_construct(&ihost->sci, &idev->sci, tag,
261                                              &ireq->sci);
262
263         if (status != SCI_SUCCESS) {
264                 dev_warn(&ihost->pdev->dev,
265                          "%s: scic_task_request_construct failed - "
266                          "status = 0x%x\n",
267                          __func__,
268                          status);
269                 goto errout;
270         }
271
272         /* XXX convert to get this from task->tproto like other drivers */
273         if (dev->dev_type == SAS_END_DEV) {
274                 isci_tmf->proto = SAS_PROTOCOL_SSP;
275                 status = scic_task_request_construct_ssp(&ireq->sci);
276                 if (status != SCI_SUCCESS)
277                         goto errout;
278         }
279
280         if (dev->dev_type == SATA_DEV || (dev->tproto & SAS_PROTOCOL_STP)) {
281                 isci_tmf->proto = SAS_PROTOCOL_SATA;
282                 status = isci_sata_management_task_request_build(ireq);
283
284                 if (status != SCI_SUCCESS)
285                         goto errout;
286         }
287         return ireq;
288  errout:
289         isci_request_free(ihost, ireq);
290         return NULL;
291 }
292
293 int isci_task_execute_tmf(struct isci_host *ihost,
294                           struct isci_remote_device *isci_device,
295                           struct isci_tmf *tmf, unsigned long timeout_ms)
296 {
297         DECLARE_COMPLETION_ONSTACK(completion);
298         enum sci_task_status status = SCI_TASK_FAILURE;
299         struct scic_sds_remote_device *sci_device;
300         struct isci_request *ireq;
301         int ret = TMF_RESP_FUNC_FAILED;
302         unsigned long flags;
303         unsigned long timeleft;
304         u16 tag;
305
306         spin_lock_irqsave(&ihost->scic_lock, flags);
307         tag = isci_alloc_tag(ihost);
308         spin_unlock_irqrestore(&ihost->scic_lock, flags);
309
310         if (tag == SCI_CONTROLLER_INVALID_IO_TAG)
311                 return ret;
312
313         /* sanity check, return TMF_RESP_FUNC_FAILED
314          * if the device is not there and ready.
315          */
316         if (!isci_device ||
317             (!test_bit(IDEV_IO_READY, &isci_device->flags) &&
318              !test_bit(IDEV_IO_NCQERROR, &isci_device->flags))) {
319                 dev_dbg(&ihost->pdev->dev,
320                         "%s: isci_device = %p not ready (%#lx)\n",
321                         __func__,
322                         isci_device, isci_device ? isci_device->flags : 0);
323                 goto err_tci;
324         } else
325                 dev_dbg(&ihost->pdev->dev,
326                         "%s: isci_device = %p\n",
327                         __func__, isci_device);
328
329         sci_device = &isci_device->sci;
330
331         /* Assign the pointer to the TMF's completion kernel wait structure. */
332         tmf->complete = &completion;
333
334         ireq = isci_task_request_build(ihost, isci_device, tag, tmf);
335         if (!ireq)
336                 goto err_tci;
337
338         spin_lock_irqsave(&ihost->scic_lock, flags);
339
340         /* start the TMF io. */
341         status = scic_controller_start_task(&ihost->sci,
342                                             sci_device,
343                                             &ireq->sci);
344
345         if (status != SCI_TASK_SUCCESS) {
346                 dev_warn(&ihost->pdev->dev,
347                          "%s: start_io failed - status = 0x%x, request = %p\n",
348                          __func__,
349                          status,
350                          ireq);
351                 spin_unlock_irqrestore(&ihost->scic_lock, flags);
352                 goto err_ireq;
353         }
354
355         if (tmf->cb_state_func != NULL)
356                 tmf->cb_state_func(isci_tmf_started, tmf, tmf->cb_data);
357
358         isci_request_change_state(ireq, started);
359
360         /* add the request to the remote device request list. */
361         list_add(&ireq->dev_node, &isci_device->reqs_in_process);
362
363         spin_unlock_irqrestore(&ihost->scic_lock, flags);
364
365         /* Wait for the TMF to complete, or a timeout. */
366         timeleft = wait_for_completion_timeout(&completion,
367                                                msecs_to_jiffies(timeout_ms));
368
369         if (timeleft == 0) {
370                 spin_lock_irqsave(&ihost->scic_lock, flags);
371
372                 if (tmf->cb_state_func != NULL)
373                         tmf->cb_state_func(isci_tmf_timed_out, tmf, tmf->cb_data);
374
375                 scic_controller_terminate_request(&ihost->sci,
376                                                   &isci_device->sci,
377                                                   &ireq->sci);
378
379                 spin_unlock_irqrestore(&ihost->scic_lock, flags);
380
381                 wait_for_completion(tmf->complete);
382         }
383
384         isci_print_tmf(tmf);
385
386         if (tmf->status == SCI_SUCCESS)
387                 ret =  TMF_RESP_FUNC_COMPLETE;
388         else if (tmf->status == SCI_FAILURE_IO_RESPONSE_VALID) {
389                 dev_dbg(&ihost->pdev->dev,
390                         "%s: tmf.status == "
391                         "SCI_FAILURE_IO_RESPONSE_VALID\n",
392                         __func__);
393                 ret =  TMF_RESP_FUNC_COMPLETE;
394         }
395         /* Else - leave the default "failed" status alone. */
396
397         dev_dbg(&ihost->pdev->dev,
398                 "%s: completed request = %p\n",
399                 __func__,
400                 ireq);
401
402         return ret;
403
404  err_ireq:
405         isci_request_free(ihost, ireq);
406  err_tci:
407         spin_lock_irqsave(&ihost->scic_lock, flags);
408         isci_tci_free(ihost, ISCI_TAG_TCI(tag));
409         spin_unlock_irqrestore(&ihost->scic_lock, flags);
410
411         return ret;
412 }
413
414 void isci_task_build_tmf(
415         struct isci_tmf *tmf,
416         enum isci_tmf_function_codes code,
417         void (*tmf_sent_cb)(enum isci_tmf_cb_state,
418                             struct isci_tmf *,
419                             void *),
420         void *cb_data)
421 {
422         memset(tmf, 0, sizeof(*tmf));
423
424         tmf->tmf_code      = code;
425         tmf->cb_state_func = tmf_sent_cb;
426         tmf->cb_data       = cb_data;
427 }
428
429 static void isci_task_build_abort_task_tmf(
430         struct isci_tmf *tmf,
431         enum isci_tmf_function_codes code,
432         void (*tmf_sent_cb)(enum isci_tmf_cb_state,
433                             struct isci_tmf *,
434                             void *),
435         struct isci_request *old_request)
436 {
437         isci_task_build_tmf(tmf, code, tmf_sent_cb,
438                             (void *)old_request);
439         tmf->io_tag = old_request->io_tag;
440 }
441
442 /**
443  * isci_task_validate_request_to_abort() - This function checks the given I/O
444  *    against the "started" state.  If the request is still "started", it's
445  *    state is changed to aborted. NOTE: isci_host->scic_lock MUST BE HELD
446  *    BEFORE CALLING THIS FUNCTION.
447  * @isci_request: This parameter specifies the request object to control.
448  * @isci_host: This parameter specifies the ISCI host object
449  * @isci_device: This is the device to which the request is pending.
450  * @aborted_io_completion: This is a completion structure that will be added to
451  *    the request in case it is changed to aborting; this completion is
452  *    triggered when the request is fully completed.
453  *
454  * Either "started" on successful change of the task status to "aborted", or
455  * "unallocated" if the task cannot be controlled.
456  */
457 static enum isci_request_status isci_task_validate_request_to_abort(
458         struct isci_request *isci_request,
459         struct isci_host *isci_host,
460         struct isci_remote_device *isci_device,
461         struct completion *aborted_io_completion)
462 {
463         enum isci_request_status old_state = unallocated;
464
465         /* Only abort the task if it's in the
466          *  device's request_in_process list
467          */
468         if (isci_request && !list_empty(&isci_request->dev_node)) {
469                 old_state = isci_request_change_started_to_aborted(
470                         isci_request, aborted_io_completion);
471
472         }
473
474         return old_state;
475 }
476
477 /**
478 * isci_request_cleanup_completed_loiterer() - This function will take care of
479 *    the final cleanup on any request which has been explicitly terminated.
480 * @isci_host: This parameter specifies the ISCI host object
481 * @isci_device: This is the device to which the request is pending.
482 * @isci_request: This parameter specifies the terminated request object.
483 * @task: This parameter is the libsas I/O request.
484 */
485 static void isci_request_cleanup_completed_loiterer(
486         struct isci_host          *isci_host,
487         struct isci_remote_device *isci_device,
488         struct isci_request       *isci_request,
489         struct sas_task           *task)
490 {
491         unsigned long flags;
492
493         dev_dbg(&isci_host->pdev->dev,
494                 "%s: isci_device=%p, request=%p, task=%p\n",
495                 __func__, isci_device, isci_request, task);
496
497         if (task != NULL) {
498
499                 spin_lock_irqsave(&task->task_state_lock, flags);
500                 task->lldd_task = NULL;
501
502                 task->task_state_flags &= ~SAS_TASK_NEED_DEV_RESET;
503
504                 isci_set_task_doneflags(task);
505
506                 /* If this task is not in the abort path, call task_done. */
507                 if (!(task->task_state_flags & SAS_TASK_STATE_ABORTED)) {
508
509                         spin_unlock_irqrestore(&task->task_state_lock, flags);
510                         task->task_done(task);
511                 } else
512                         spin_unlock_irqrestore(&task->task_state_lock, flags);
513         }
514
515         if (isci_request != NULL) {
516                 spin_lock_irqsave(&isci_host->scic_lock, flags);
517                 list_del_init(&isci_request->dev_node);
518                 spin_unlock_irqrestore(&isci_host->scic_lock, flags);
519
520                 isci_request_free(isci_host, isci_request);
521         }
522 }
523
524 /**
525  * isci_terminate_request_core() - This function will terminate the given
526  *    request, and wait for it to complete.  This function must only be called
527  *    from a thread that can wait.  Note that the request is terminated and
528  *    completed (back to the host, if started there).
529  * @isci_host: This SCU.
530  * @isci_device: The target.
531  * @isci_request: The I/O request to be terminated.
532  *
533  */
534 static void isci_terminate_request_core(
535         struct isci_host *isci_host,
536         struct isci_remote_device *isci_device,
537         struct isci_request *isci_request)
538 {
539         enum sci_status status      = SCI_SUCCESS;
540         bool was_terminated         = false;
541         bool needs_cleanup_handling = false;
542         enum isci_request_status request_status;
543         unsigned long     flags;
544         unsigned long     termination_completed = 1;
545         struct completion *io_request_completion;
546         struct sas_task   *task;
547
548         dev_dbg(&isci_host->pdev->dev,
549                 "%s: device = %p; request = %p\n",
550                 __func__, isci_device, isci_request);
551
552         spin_lock_irqsave(&isci_host->scic_lock, flags);
553
554         io_request_completion = isci_request->io_request_completion;
555
556         task = (isci_request->ttype == io_task)
557                 ? isci_request_access_task(isci_request)
558                 : NULL;
559
560         /* Note that we are not going to control
561          * the target to abort the request.
562          */
563         set_bit(IREQ_COMPLETE_IN_TARGET, &isci_request->flags);
564
565         /* Make sure the request wasn't just sitting around signalling
566          * device condition (if the request handle is NULL, then the
567          * request completed but needed additional handling here).
568          */
569         if (!test_bit(IREQ_TERMINATED, &isci_request->flags)) {
570                 was_terminated = true;
571                 needs_cleanup_handling = true;
572                 status = scic_controller_terminate_request(
573                         &isci_host->sci,
574                         &isci_device->sci,
575                         &isci_request->sci);
576         }
577         spin_unlock_irqrestore(&isci_host->scic_lock, flags);
578
579         /*
580          * The only time the request to terminate will
581          * fail is when the io request is completed and
582          * being aborted.
583          */
584         if (status != SCI_SUCCESS) {
585                 dev_err(&isci_host->pdev->dev,
586                         "%s: scic_controller_terminate_request"
587                         " returned = 0x%x\n",
588                         __func__, status);
589
590                 isci_request->io_request_completion = NULL;
591
592         } else {
593                 if (was_terminated) {
594                         dev_dbg(&isci_host->pdev->dev,
595                                 "%s: before completion wait (%p/%p)\n",
596                                 __func__, isci_request, io_request_completion);
597
598                         /* Wait here for the request to complete. */
599                         #define TERMINATION_TIMEOUT_MSEC 500
600                         termination_completed
601                                 = wait_for_completion_timeout(
602                                    io_request_completion,
603                                    msecs_to_jiffies(TERMINATION_TIMEOUT_MSEC));
604
605                         if (!termination_completed) {
606
607                                 /* The request to terminate has timed out.  */
608                                 spin_lock_irqsave(&isci_host->scic_lock,
609                                                   flags);
610
611                                 /* Check for state changes. */
612                                 if (!test_bit(IREQ_TERMINATED, &isci_request->flags)) {
613
614                                         /* The best we can do is to have the
615                                          * request die a silent death if it
616                                          * ever really completes.
617                                          *
618                                          * Set the request state to "dead",
619                                          * and clear the task pointer so that
620                                          * an actual completion event callback
621                                          * doesn't do anything.
622                                          */
623                                         isci_request->status = dead;
624                                         isci_request->io_request_completion
625                                                 = NULL;
626
627                                         if (isci_request->ttype == io_task) {
628
629                                                 /* Break links with the
630                                                 * sas_task.
631                                                 */
632                                                 isci_request->ttype_ptr.io_task_ptr
633                                                         = NULL;
634                                         }
635                                 } else
636                                         termination_completed = 1;
637
638                                 spin_unlock_irqrestore(&isci_host->scic_lock,
639                                                        flags);
640
641                                 if (!termination_completed) {
642
643                                         dev_err(&isci_host->pdev->dev,
644                                                 "%s: *** Timeout waiting for "
645                                                 "termination(%p/%p)\n",
646                                                 __func__, io_request_completion,
647                                                 isci_request);
648
649                                         /* The request can no longer be referenced
650                                          * safely since it may go away if the
651                                          * termination every really does complete.
652                                          */
653                                         isci_request = NULL;
654                                 }
655                         }
656                         if (termination_completed)
657                                 dev_dbg(&isci_host->pdev->dev,
658                                         "%s: after completion wait (%p/%p)\n",
659                                         __func__, isci_request, io_request_completion);
660                 }
661
662                 if (termination_completed) {
663
664                         isci_request->io_request_completion = NULL;
665
666                         /* Peek at the status of the request.  This will tell
667                          * us if there was special handling on the request such that it
668                          * needs to be detached and freed here.
669                          */
670                         spin_lock_irqsave(&isci_request->state_lock, flags);
671                         request_status = isci_request_get_state(isci_request);
672
673                         if ((isci_request->ttype == io_task) /* TMFs are in their own thread */
674                             && ((request_status == aborted)
675                                 || (request_status == aborting)
676                                 || (request_status == terminating)
677                                 || (request_status == completed)
678                                 || (request_status == dead)
679                                 )
680                             ) {
681
682                                 /* The completion routine won't free a request in
683                                  * the aborted/aborting/etc. states, so we do
684                                  * it here.
685                                  */
686                                 needs_cleanup_handling = true;
687                         }
688                         spin_unlock_irqrestore(&isci_request->state_lock, flags);
689
690                 }
691                 if (needs_cleanup_handling)
692                         isci_request_cleanup_completed_loiterer(
693                                 isci_host, isci_device, isci_request, task);
694         }
695 }
696
697 /**
698  * isci_terminate_pending_requests() - This function will change the all of the
699  *    requests on the given device's state to "aborting", will terminate the
700  *    requests, and wait for them to complete.  This function must only be
701  *    called from a thread that can wait.  Note that the requests are all
702  *    terminated and completed (back to the host, if started there).
703  * @isci_host: This parameter specifies SCU.
704  * @isci_device: This parameter specifies the target.
705  *
706  */
707 void isci_terminate_pending_requests(struct isci_host *ihost,
708                                      struct isci_remote_device *idev)
709 {
710         struct completion request_completion;
711         enum isci_request_status old_state;
712         unsigned long flags;
713         LIST_HEAD(list);
714
715         spin_lock_irqsave(&ihost->scic_lock, flags);
716         list_splice_init(&idev->reqs_in_process, &list);
717
718         /* assumes that isci_terminate_request_core deletes from the list */
719         while (!list_empty(&list)) {
720                 struct isci_request *ireq = list_entry(list.next, typeof(*ireq), dev_node);
721
722                 /* Change state to "terminating" if it is currently
723                  * "started".
724                  */
725                 old_state = isci_request_change_started_to_newstate(ireq,
726                                                                     &request_completion,
727                                                                     terminating);
728                 switch (old_state) {
729                 case started:
730                 case completed:
731                 case aborting:
732                         break;
733                 default:
734                         /* termination in progress, or otherwise dispositioned.
735                          * We know the request was on 'list' so should be safe
736                          * to move it back to reqs_in_process
737                          */
738                         list_move(&ireq->dev_node, &idev->reqs_in_process);
739                         ireq = NULL;
740                         break;
741                 }
742
743                 if (!ireq)
744                         continue;
745                 spin_unlock_irqrestore(&ihost->scic_lock, flags);
746
747                 init_completion(&request_completion);
748
749                 dev_dbg(&ihost->pdev->dev,
750                          "%s: idev=%p request=%p; task=%p old_state=%d\n",
751                          __func__, idev, ireq,
752                         ireq->ttype == io_task ? isci_request_access_task(ireq) : NULL,
753                         old_state);
754
755                 /* If the old_state is started:
756                  * This request was not already being aborted. If it had been,
757                  * then the aborting I/O (ie. the TMF request) would not be in
758                  * the aborting state, and thus would be terminated here.  Note
759                  * that since the TMF completion's call to the kernel function
760                  * "complete()" does not happen until the pending I/O request
761                  * terminate fully completes, we do not have to implement a
762                  * special wait here for already aborting requests - the
763                  * termination of the TMF request will force the request
764                  * to finish it's already started terminate.
765                  *
766                  * If old_state == completed:
767                  * This request completed from the SCU hardware perspective
768                  * and now just needs cleaning up in terms of freeing the
769                  * request and potentially calling up to libsas.
770                  *
771                  * If old_state == aborting:
772                  * This request has already gone through a TMF timeout, but may
773                  * not have been terminated; needs cleaning up at least.
774                  */
775                 isci_terminate_request_core(ihost, idev, ireq);
776                 spin_lock_irqsave(&ihost->scic_lock, flags);
777         }
778         spin_unlock_irqrestore(&ihost->scic_lock, flags);
779 }
780
781 /**
782  * isci_task_send_lu_reset_sas() - This function is called by of the SAS Domain
783  *    Template functions.
784  * @lun: This parameter specifies the lun to be reset.
785  *
786  * status, zero indicates success.
787  */
788 static int isci_task_send_lu_reset_sas(
789         struct isci_host *isci_host,
790         struct isci_remote_device *isci_device,
791         u8 *lun)
792 {
793         struct isci_tmf tmf;
794         int ret = TMF_RESP_FUNC_FAILED;
795
796         dev_dbg(&isci_host->pdev->dev,
797                 "%s: isci_host = %p, isci_device = %p\n",
798                 __func__, isci_host, isci_device);
799         /* Send the LUN reset to the target.  By the time the call returns,
800          * the TMF has fully exected in the target (in which case the return
801          * value is "TMF_RESP_FUNC_COMPLETE", or the request timed-out (or
802          * was otherwise unable to be executed ("TMF_RESP_FUNC_FAILED").
803          */
804         isci_task_build_tmf(&tmf, isci_tmf_ssp_lun_reset, NULL, NULL);
805
806         #define ISCI_LU_RESET_TIMEOUT_MS 2000 /* 2 second timeout. */
807         ret = isci_task_execute_tmf(isci_host, isci_device, &tmf, ISCI_LU_RESET_TIMEOUT_MS);
808
809         if (ret == TMF_RESP_FUNC_COMPLETE)
810                 dev_dbg(&isci_host->pdev->dev,
811                         "%s: %p: TMF_LU_RESET passed\n",
812                         __func__, isci_device);
813         else
814                 dev_dbg(&isci_host->pdev->dev,
815                         "%s: %p: TMF_LU_RESET failed (%x)\n",
816                         __func__, isci_device, ret);
817
818         return ret;
819 }
820
821 /**
822  * isci_task_lu_reset() - This function is one of the SAS Domain Template
823  *    functions. This is one of the Task Management functoins called by libsas,
824  *    to reset the given lun. Note the assumption that while this call is
825  *    executing, no I/O will be sent by the host to the device.
826  * @lun: This parameter specifies the lun to be reset.
827  *
828  * status, zero indicates success.
829  */
830 int isci_task_lu_reset(struct domain_device *domain_device, u8 *lun)
831 {
832         struct isci_host *isci_host = dev_to_ihost(domain_device);
833         struct isci_remote_device *isci_device;
834         unsigned long flags;
835         int ret;
836
837         spin_lock_irqsave(&isci_host->scic_lock, flags);
838         isci_device = isci_lookup_device(domain_device);
839         spin_unlock_irqrestore(&isci_host->scic_lock, flags);
840
841         dev_dbg(&isci_host->pdev->dev,
842                 "%s: domain_device=%p, isci_host=%p; isci_device=%p\n",
843                  __func__, domain_device, isci_host, isci_device);
844
845         if (isci_device)
846                 set_bit(IDEV_EH, &isci_device->flags);
847
848         /* If there is a device reset pending on any request in the
849          * device's list, fail this LUN reset request in order to
850          * escalate to the device reset.
851          */
852         if (!isci_device ||
853             isci_device_is_reset_pending(isci_host, isci_device)) {
854                 dev_warn(&isci_host->pdev->dev,
855                          "%s: No dev (%p), or "
856                          "RESET PENDING: domain_device=%p\n",
857                          __func__, isci_device, domain_device);
858                 ret = TMF_RESP_FUNC_FAILED;
859                 goto out;
860         }
861
862         /* Send the task management part of the reset. */
863         if (sas_protocol_ata(domain_device->tproto)) {
864                 ret = isci_task_send_lu_reset_sata(isci_host, isci_device, lun);
865         } else
866                 ret = isci_task_send_lu_reset_sas(isci_host, isci_device, lun);
867
868         /* If the LUN reset worked, all the I/O can now be terminated. */
869         if (ret == TMF_RESP_FUNC_COMPLETE)
870                 /* Terminate all I/O now. */
871                 isci_terminate_pending_requests(isci_host,
872                                                 isci_device);
873
874  out:
875         isci_put_device(isci_device);
876         return ret;
877 }
878
879
880 /*       int (*lldd_clear_nexus_port)(struct asd_sas_port *); */
881 int isci_task_clear_nexus_port(struct asd_sas_port *port)
882 {
883         return TMF_RESP_FUNC_FAILED;
884 }
885
886
887
888 int isci_task_clear_nexus_ha(struct sas_ha_struct *ha)
889 {
890         return TMF_RESP_FUNC_FAILED;
891 }
892
893 /* Task Management Functions. Must be called from process context.       */
894
895 /**
896  * isci_abort_task_process_cb() - This is a helper function for the abort task
897  *    TMF command.  It manages the request state with respect to the successful
898  *    transmission / completion of the abort task request.
899  * @cb_state: This parameter specifies when this function was called - after
900  *    the TMF request has been started and after it has timed-out.
901  * @tmf: This parameter specifies the TMF in progress.
902  *
903  *
904  */
905 static void isci_abort_task_process_cb(
906         enum isci_tmf_cb_state cb_state,
907         struct isci_tmf *tmf,
908         void *cb_data)
909 {
910         struct isci_request *old_request;
911
912         old_request = (struct isci_request *)cb_data;
913
914         dev_dbg(&old_request->isci_host->pdev->dev,
915                 "%s: tmf=%p, old_request=%p\n",
916                 __func__, tmf, old_request);
917
918         switch (cb_state) {
919
920         case isci_tmf_started:
921                 /* The TMF has been started.  Nothing to do here, since the
922                  * request state was already set to "aborted" by the abort
923                  * task function.
924                  */
925                 if ((old_request->status != aborted)
926                         && (old_request->status != completed))
927                         dev_err(&old_request->isci_host->pdev->dev,
928                                 "%s: Bad request status (%d): tmf=%p, old_request=%p\n",
929                                 __func__, old_request->status, tmf, old_request);
930                 break;
931
932         case isci_tmf_timed_out:
933
934                 /* Set the task's state to "aborting", since the abort task
935                  * function thread set it to "aborted" (above) in anticipation
936                  * of the task management request working correctly.  Since the
937                  * timeout has now fired, the TMF request failed.  We set the
938                  * state such that the request completion will indicate the
939                  * device is no longer present.
940                  */
941                 isci_request_change_state(old_request, aborting);
942                 break;
943
944         default:
945                 dev_err(&old_request->isci_host->pdev->dev,
946                         "%s: Bad cb_state (%d): tmf=%p, old_request=%p\n",
947                         __func__, cb_state, tmf, old_request);
948                 break;
949         }
950 }
951
952 /**
953  * isci_task_abort_task() - This function is one of the SAS Domain Template
954  *    functions. This function is called by libsas to abort a specified task.
955  * @task: This parameter specifies the SAS task to abort.
956  *
957  * status, zero indicates success.
958  */
959 int isci_task_abort_task(struct sas_task *task)
960 {
961         struct isci_host *isci_host = dev_to_ihost(task->dev);
962         DECLARE_COMPLETION_ONSTACK(aborted_io_completion);
963         struct isci_request       *old_request = NULL;
964         enum isci_request_status  old_state;
965         struct isci_remote_device *isci_device = NULL;
966         struct isci_tmf           tmf;
967         int                       ret = TMF_RESP_FUNC_FAILED;
968         unsigned long             flags;
969         bool                      any_dev_reset = false;
970
971         /* Get the isci_request reference from the task.  Note that
972          * this check does not depend on the pending request list
973          * in the device, because tasks driving resets may land here
974          * after completion in the core.
975          */
976         spin_lock_irqsave(&isci_host->scic_lock, flags);
977         spin_lock(&task->task_state_lock);
978
979         old_request = task->lldd_task;
980
981         /* If task is already done, the request isn't valid */
982         if (!(task->task_state_flags & SAS_TASK_STATE_DONE) &&
983             (task->task_state_flags & SAS_TASK_AT_INITIATOR) &&
984             old_request)
985                 isci_device = isci_lookup_device(task->dev);
986
987         spin_unlock(&task->task_state_lock);
988         spin_unlock_irqrestore(&isci_host->scic_lock, flags);
989
990         dev_dbg(&isci_host->pdev->dev,
991                 "%s: task = %p\n", __func__, task);
992
993         if (!isci_device || !old_request)
994                 goto out;
995
996         set_bit(IDEV_EH, &isci_device->flags);
997
998         /* This version of the driver will fail abort requests for
999          * SATA/STP.  Failing the abort request this way will cause the
1000          * SCSI error handler thread to escalate to LUN reset
1001          */
1002         if (sas_protocol_ata(task->task_proto)) {
1003                 dev_warn(&isci_host->pdev->dev,
1004                             " task %p is for a STP/SATA device;"
1005                             " returning TMF_RESP_FUNC_FAILED\n"
1006                             " to cause a LUN reset...\n", task);
1007                 goto out;
1008         }
1009
1010         dev_dbg(&isci_host->pdev->dev,
1011                 "%s: old_request == %p\n", __func__, old_request);
1012
1013         any_dev_reset = isci_device_is_reset_pending(isci_host,isci_device);
1014
1015         spin_lock_irqsave(&task->task_state_lock, flags);
1016
1017         any_dev_reset = any_dev_reset || (task->task_state_flags & SAS_TASK_NEED_DEV_RESET);
1018
1019         /* If the extraction of the request reference from the task
1020          * failed, then the request has been completed (or if there is a
1021          * pending reset then this abort request function must be failed
1022          * in order to escalate to the target reset).
1023          */
1024         if ((old_request == NULL) || any_dev_reset) {
1025
1026                 /* If the device reset task flag is set, fail the task
1027                  * management request.  Otherwise, the original request
1028                  * has completed.
1029                  */
1030                 if (any_dev_reset) {
1031
1032                         /* Turn off the task's DONE to make sure this
1033                          * task is escalated to a target reset.
1034                          */
1035                         task->task_state_flags &= ~SAS_TASK_STATE_DONE;
1036
1037                         /* Make the reset happen as soon as possible. */
1038                         task->task_state_flags |= SAS_TASK_NEED_DEV_RESET;
1039
1040                         spin_unlock_irqrestore(&task->task_state_lock, flags);
1041
1042                         /* Fail the task management request in order to
1043                          * escalate to the target reset.
1044                          */
1045                         ret = TMF_RESP_FUNC_FAILED;
1046
1047                         dev_dbg(&isci_host->pdev->dev,
1048                                 "%s: Failing task abort in order to "
1049                                 "escalate to target reset because\n"
1050                                 "SAS_TASK_NEED_DEV_RESET is set for "
1051                                 "task %p on dev %p\n",
1052                                 __func__, task, isci_device);
1053
1054
1055                 } else {
1056                         /* The request has already completed and there
1057                          * is nothing to do here other than to set the task
1058                          * done bit, and indicate that the task abort function
1059                          * was sucessful.
1060                          */
1061                         isci_set_task_doneflags(task);
1062
1063                         spin_unlock_irqrestore(&task->task_state_lock, flags);
1064
1065                         ret = TMF_RESP_FUNC_COMPLETE;
1066
1067                         dev_dbg(&isci_host->pdev->dev,
1068                                 "%s: abort task not needed for %p\n",
1069                                 __func__, task);
1070                 }
1071                 goto out;
1072         }
1073         else
1074                 spin_unlock_irqrestore(&task->task_state_lock, flags);
1075
1076         spin_lock_irqsave(&isci_host->scic_lock, flags);
1077
1078         /* Check the request status and change to "aborted" if currently
1079          * "starting"; if true then set the I/O kernel completion
1080          * struct that will be triggered when the request completes.
1081          */
1082         old_state = isci_task_validate_request_to_abort(
1083                                 old_request, isci_host, isci_device,
1084                                 &aborted_io_completion);
1085         if ((old_state != started) &&
1086             (old_state != completed) &&
1087             (old_state != aborting)) {
1088
1089                 spin_unlock_irqrestore(&isci_host->scic_lock, flags);
1090
1091                 /* The request was already being handled by someone else (because
1092                 * they got to set the state away from started).
1093                 */
1094                 dev_dbg(&isci_host->pdev->dev,
1095                         "%s:  device = %p; old_request %p already being aborted\n",
1096                         __func__,
1097                         isci_device, old_request);
1098                 ret = TMF_RESP_FUNC_COMPLETE;
1099                 goto out;
1100         }
1101         if (task->task_proto == SAS_PROTOCOL_SMP ||
1102             test_bit(IREQ_COMPLETE_IN_TARGET, &old_request->flags)) {
1103
1104                 spin_unlock_irqrestore(&isci_host->scic_lock, flags);
1105
1106                 dev_dbg(&isci_host->pdev->dev,
1107                         "%s: SMP request (%d)"
1108                         " or complete_in_target (%d), thus no TMF\n",
1109                         __func__, (task->task_proto == SAS_PROTOCOL_SMP),
1110                         test_bit(IREQ_COMPLETE_IN_TARGET, &old_request->flags));
1111
1112                 /* Set the state on the task. */
1113                 isci_task_all_done(task);
1114
1115                 ret = TMF_RESP_FUNC_COMPLETE;
1116
1117                 /* Stopping and SMP devices are not sent a TMF, and are not
1118                  * reset, but the outstanding I/O request is terminated below.
1119                  */
1120         } else {
1121                 /* Fill in the tmf stucture */
1122                 isci_task_build_abort_task_tmf(&tmf, isci_tmf_ssp_task_abort,
1123                                                isci_abort_task_process_cb,
1124                                                old_request);
1125
1126                 spin_unlock_irqrestore(&isci_host->scic_lock, flags);
1127
1128                 #define ISCI_ABORT_TASK_TIMEOUT_MS 500 /* half second timeout. */
1129                 ret = isci_task_execute_tmf(isci_host, isci_device, &tmf,
1130                                             ISCI_ABORT_TASK_TIMEOUT_MS);
1131
1132                 if (ret != TMF_RESP_FUNC_COMPLETE)
1133                         dev_err(&isci_host->pdev->dev,
1134                                 "%s: isci_task_send_tmf failed\n",
1135                                 __func__);
1136         }
1137         if (ret == TMF_RESP_FUNC_COMPLETE) {
1138                 set_bit(IREQ_COMPLETE_IN_TARGET, &old_request->flags);
1139
1140                 /* Clean up the request on our side, and wait for the aborted
1141                  * I/O to complete.
1142                  */
1143                 isci_terminate_request_core(isci_host, isci_device, old_request);
1144         }
1145
1146         /* Make sure we do not leave a reference to aborted_io_completion */
1147         old_request->io_request_completion = NULL;
1148  out:
1149         isci_put_device(isci_device);
1150         return ret;
1151 }
1152
1153 /**
1154  * isci_task_abort_task_set() - This function is one of the SAS Domain Template
1155  *    functions. This is one of the Task Management functoins called by libsas,
1156  *    to abort all task for the given lun.
1157  * @d_device: This parameter specifies the domain device associated with this
1158  *    request.
1159  * @lun: This parameter specifies the lun associated with this request.
1160  *
1161  * status, zero indicates success.
1162  */
1163 int isci_task_abort_task_set(
1164         struct domain_device *d_device,
1165         u8 *lun)
1166 {
1167         return TMF_RESP_FUNC_FAILED;
1168 }
1169
1170
1171 /**
1172  * isci_task_clear_aca() - This function is one of the SAS Domain Template
1173  *    functions. This is one of the Task Management functoins called by libsas.
1174  * @d_device: This parameter specifies the domain device associated with this
1175  *    request.
1176  * @lun: This parameter specifies the lun        associated with this request.
1177  *
1178  * status, zero indicates success.
1179  */
1180 int isci_task_clear_aca(
1181         struct domain_device *d_device,
1182         u8 *lun)
1183 {
1184         return TMF_RESP_FUNC_FAILED;
1185 }
1186
1187
1188
1189 /**
1190  * isci_task_clear_task_set() - This function is one of the SAS Domain Template
1191  *    functions. This is one of the Task Management functoins called by libsas.
1192  * @d_device: This parameter specifies the domain device associated with this
1193  *    request.
1194  * @lun: This parameter specifies the lun        associated with this request.
1195  *
1196  * status, zero indicates success.
1197  */
1198 int isci_task_clear_task_set(
1199         struct domain_device *d_device,
1200         u8 *lun)
1201 {
1202         return TMF_RESP_FUNC_FAILED;
1203 }
1204
1205
1206 /**
1207  * isci_task_query_task() - This function is implemented to cause libsas to
1208  *    correctly escalate the failed abort to a LUN or target reset (this is
1209  *    because sas_scsi_find_task libsas function does not correctly interpret
1210  *    all return codes from the abort task call).  When TMF_RESP_FUNC_SUCC is
1211  *    returned, libsas turns this into a LUN reset; when FUNC_FAILED is
1212  *    returned, libsas will turn this into a target reset
1213  * @task: This parameter specifies the sas task being queried.
1214  * @lun: This parameter specifies the lun associated with this request.
1215  *
1216  * status, zero indicates success.
1217  */
1218 int isci_task_query_task(
1219         struct sas_task *task)
1220 {
1221         /* See if there is a pending device reset for this device. */
1222         if (task->task_state_flags & SAS_TASK_NEED_DEV_RESET)
1223                 return TMF_RESP_FUNC_FAILED;
1224         else
1225                 return TMF_RESP_FUNC_SUCC;
1226 }
1227
1228 /*
1229  * isci_task_request_complete() - This function is called by the sci core when
1230  *    an task request completes.
1231  * @ihost: This parameter specifies the ISCI host object
1232  * @ireq: This parameter is the completed isci_request object.
1233  * @completion_status: This parameter specifies the completion status from the
1234  *    sci core.
1235  *
1236  * none.
1237  */
1238 void
1239 isci_task_request_complete(struct isci_host *ihost,
1240                            struct isci_request *ireq,
1241                            enum sci_task_status completion_status)
1242 {
1243         struct isci_tmf *tmf = isci_request_access_tmf(ireq);
1244         struct completion *tmf_complete;
1245         struct scic_sds_request *sci_req = &ireq->sci;
1246
1247         dev_dbg(&ihost->pdev->dev,
1248                 "%s: request = %p, status=%d\n",
1249                 __func__, ireq, completion_status);
1250
1251         isci_request_change_state(ireq, completed);
1252
1253         tmf->status = completion_status;
1254         set_bit(IREQ_COMPLETE_IN_TARGET, &ireq->flags);
1255
1256         if (tmf->proto == SAS_PROTOCOL_SSP) {
1257                 memcpy(&tmf->resp.resp_iu,
1258                        &sci_req->ssp.rsp,
1259                        SSP_RESP_IU_MAX_SIZE);
1260         } else if (tmf->proto == SAS_PROTOCOL_SATA) {
1261                 memcpy(&tmf->resp.d2h_fis,
1262                        &sci_req->stp.rsp,
1263                        sizeof(struct dev_to_host_fis));
1264         }
1265
1266         /* PRINT_TMF( ((struct isci_tmf *)request->task)); */
1267         tmf_complete = tmf->complete;
1268
1269         scic_controller_complete_io(&ihost->sci, ireq->sci.target_device, &ireq->sci);
1270         /* set the 'terminated' flag handle to make sure it cannot be terminated
1271          *  or completed again.
1272          */
1273         set_bit(IREQ_TERMINATED, &ireq->flags);
1274
1275         isci_request_change_state(ireq, unallocated);
1276         list_del_init(&ireq->dev_node);
1277
1278         /* The task management part completes last. */
1279         complete(tmf_complete);
1280 }
1281
1282 static void isci_smp_task_timedout(unsigned long _task)
1283 {
1284         struct sas_task *task = (void *) _task;
1285         unsigned long flags;
1286
1287         spin_lock_irqsave(&task->task_state_lock, flags);
1288         if (!(task->task_state_flags & SAS_TASK_STATE_DONE))
1289                 task->task_state_flags |= SAS_TASK_STATE_ABORTED;
1290         spin_unlock_irqrestore(&task->task_state_lock, flags);
1291
1292         complete(&task->completion);
1293 }
1294
1295 static void isci_smp_task_done(struct sas_task *task)
1296 {
1297         if (!del_timer(&task->timer))
1298                 return;
1299         complete(&task->completion);
1300 }
1301
1302 static struct sas_task *isci_alloc_task(void)
1303 {
1304         struct sas_task *task = kzalloc(sizeof(*task), GFP_KERNEL);
1305
1306         if (task) {
1307                 INIT_LIST_HEAD(&task->list);
1308                 spin_lock_init(&task->task_state_lock);
1309                 task->task_state_flags = SAS_TASK_STATE_PENDING;
1310                 init_timer(&task->timer);
1311                 init_completion(&task->completion);
1312         }
1313
1314         return task;
1315 }
1316
1317 static void isci_free_task(struct isci_host *ihost, struct sas_task  *task)
1318 {
1319         if (task) {
1320                 BUG_ON(!list_empty(&task->list));
1321                 kfree(task);
1322         }
1323 }
1324
1325 static int isci_smp_execute_task(struct isci_host *ihost,
1326                                  struct domain_device *dev, void *req,
1327                                  int req_size, void *resp, int resp_size)
1328 {
1329         int res, retry;
1330         struct sas_task *task = NULL;
1331
1332         for (retry = 0; retry < 3; retry++) {
1333                 task = isci_alloc_task();
1334                 if (!task)
1335                         return -ENOMEM;
1336
1337                 task->dev = dev;
1338                 task->task_proto = dev->tproto;
1339                 sg_init_one(&task->smp_task.smp_req, req, req_size);
1340                 sg_init_one(&task->smp_task.smp_resp, resp, resp_size);
1341
1342                 task->task_done = isci_smp_task_done;
1343
1344                 task->timer.data = (unsigned long) task;
1345                 task->timer.function = isci_smp_task_timedout;
1346                 task->timer.expires = jiffies + 10*HZ;
1347                 add_timer(&task->timer);
1348
1349                 res = isci_task_execute_task(task, 1, GFP_KERNEL);
1350
1351                 if (res) {
1352                         del_timer(&task->timer);
1353                         dev_err(&ihost->pdev->dev,
1354                                 "%s: executing SMP task failed:%d\n",
1355                                 __func__, res);
1356                         goto ex_err;
1357                 }
1358
1359                 wait_for_completion(&task->completion);
1360                 res = -ECOMM;
1361                 if ((task->task_state_flags & SAS_TASK_STATE_ABORTED)) {
1362                         dev_err(&ihost->pdev->dev,
1363                                 "%s: smp task timed out or aborted\n",
1364                                 __func__);
1365                         isci_task_abort_task(task);
1366                         if (!(task->task_state_flags & SAS_TASK_STATE_DONE)) {
1367                                 dev_err(&ihost->pdev->dev,
1368                                         "%s: SMP task aborted and not done\n",
1369                                         __func__);
1370                                 goto ex_err;
1371                         }
1372                 }
1373                 if (task->task_status.resp == SAS_TASK_COMPLETE &&
1374                     task->task_status.stat == SAM_STAT_GOOD) {
1375                         res = 0;
1376                         break;
1377                 }
1378                 if (task->task_status.resp == SAS_TASK_COMPLETE &&
1379                       task->task_status.stat == SAS_DATA_UNDERRUN) {
1380                         /* no error, but return the number of bytes of
1381                         * underrun */
1382                         res = task->task_status.residual;
1383                         break;
1384                 }
1385                 if (task->task_status.resp == SAS_TASK_COMPLETE &&
1386                       task->task_status.stat == SAS_DATA_OVERRUN) {
1387                         res = -EMSGSIZE;
1388                         break;
1389                 } else {
1390                         dev_err(&ihost->pdev->dev,
1391                                 "%s: task to dev %016llx response: 0x%x "
1392                                 "status 0x%x\n", __func__,
1393                                 SAS_ADDR(dev->sas_addr),
1394                                 task->task_status.resp,
1395                                 task->task_status.stat);
1396                         isci_free_task(ihost, task);
1397                         task = NULL;
1398                 }
1399         }
1400 ex_err:
1401         BUG_ON(retry == 3 && task != NULL);
1402         isci_free_task(ihost, task);
1403         return res;
1404 }
1405
1406 #define DISCOVER_REQ_SIZE  16
1407 #define DISCOVER_RESP_SIZE 56
1408
1409 int isci_smp_get_phy_attached_dev_type(struct isci_host *ihost,
1410                                        struct domain_device *dev,
1411                                        int phy_id, int *adt)
1412 {
1413         struct smp_resp *disc_resp;
1414         u8 *disc_req;
1415         int res;
1416
1417         disc_resp = kzalloc(DISCOVER_RESP_SIZE, GFP_KERNEL);
1418         if (!disc_resp)
1419                 return -ENOMEM;
1420
1421         disc_req = kzalloc(DISCOVER_REQ_SIZE, GFP_KERNEL);
1422         if (disc_req) {
1423                 disc_req[0] = SMP_REQUEST;
1424                 disc_req[1] = SMP_DISCOVER;
1425                 disc_req[9] = phy_id;
1426         } else {
1427                 kfree(disc_resp);
1428                 return -ENOMEM;
1429         }
1430         res = isci_smp_execute_task(ihost, dev, disc_req, DISCOVER_REQ_SIZE,
1431                                     disc_resp, DISCOVER_RESP_SIZE);
1432         if (!res) {
1433                 if (disc_resp->result != SMP_RESP_FUNC_ACC)
1434                         res = disc_resp->result;
1435                 else
1436                         *adt = disc_resp->disc.attached_dev_type;
1437         }
1438         kfree(disc_req);
1439         kfree(disc_resp);
1440
1441         return res;
1442 }
1443
1444 static void isci_wait_for_smp_phy_reset(struct isci_remote_device *idev, int phy_num)
1445 {
1446         struct domain_device *dev = idev->domain_dev;
1447         struct isci_port *iport = idev->isci_port;
1448         struct isci_host *ihost = iport->isci_host;
1449         int res, iteration = 0, attached_device_type;
1450         #define STP_WAIT_MSECS 25000
1451         unsigned long tmo = msecs_to_jiffies(STP_WAIT_MSECS);
1452         unsigned long deadline = jiffies + tmo;
1453         enum {
1454                 SMP_PHYWAIT_PHYDOWN,
1455                 SMP_PHYWAIT_PHYUP,
1456                 SMP_PHYWAIT_DONE
1457         } phy_state = SMP_PHYWAIT_PHYDOWN;
1458
1459         /* While there is time, wait for the phy to go away and come back */
1460         while (time_is_after_jiffies(deadline) && phy_state != SMP_PHYWAIT_DONE) {
1461                 int event = atomic_read(&iport->event);
1462
1463                 ++iteration;
1464
1465                 tmo = wait_event_timeout(ihost->eventq,
1466                                          event != atomic_read(&iport->event) ||
1467                                          !test_bit(IPORT_BCN_BLOCKED, &iport->flags),
1468                                          tmo);
1469                 /* link down, stop polling */
1470                 if (!test_bit(IPORT_BCN_BLOCKED, &iport->flags))
1471                         break;
1472
1473                 dev_dbg(&ihost->pdev->dev,
1474                         "%s: iport %p, iteration %d,"
1475                         " phase %d: time_remaining %lu, bcns = %d\n",
1476                         __func__, iport, iteration, phy_state,
1477                         tmo, test_bit(IPORT_BCN_PENDING, &iport->flags));
1478
1479                 res = isci_smp_get_phy_attached_dev_type(ihost, dev, phy_num,
1480                                                          &attached_device_type);
1481                 tmo = deadline - jiffies;
1482
1483                 if (res) {
1484                         dev_warn(&ihost->pdev->dev,
1485                                  "%s: iteration %d, phase %d:"
1486                                  " SMP error=%d, time_remaining=%lu\n",
1487                                  __func__, iteration, phy_state, res, tmo);
1488                         break;
1489                 }
1490                 dev_dbg(&ihost->pdev->dev,
1491                         "%s: iport %p, iteration %d,"
1492                         " phase %d: time_remaining %lu, bcns = %d, "
1493                         "attdevtype = %x\n",
1494                         __func__, iport, iteration, phy_state,
1495                         tmo, test_bit(IPORT_BCN_PENDING, &iport->flags),
1496                         attached_device_type);
1497
1498                 switch (phy_state) {
1499                 case SMP_PHYWAIT_PHYDOWN:
1500                         /* Has the device gone away? */
1501                         if (!attached_device_type)
1502                                 phy_state = SMP_PHYWAIT_PHYUP;
1503
1504                         break;
1505
1506                 case SMP_PHYWAIT_PHYUP:
1507                         /* Has the device come back? */
1508                         if (attached_device_type)
1509                                 phy_state = SMP_PHYWAIT_DONE;
1510                         break;
1511
1512                 case SMP_PHYWAIT_DONE:
1513                         break;
1514                 }
1515
1516         }
1517         dev_dbg(&ihost->pdev->dev, "%s: done\n",  __func__);
1518 }
1519
1520 static int isci_reset_device(struct isci_host *ihost,
1521                              struct isci_remote_device *idev, int hard_reset)
1522 {
1523         struct sas_phy *phy = sas_find_local_phy(idev->domain_dev);
1524         struct isci_port *iport = idev->isci_port;
1525         enum sci_status status;
1526         unsigned long flags;
1527         int rc;
1528
1529         dev_dbg(&ihost->pdev->dev, "%s: idev %p\n", __func__, idev);
1530
1531         spin_lock_irqsave(&ihost->scic_lock, flags);
1532         status = scic_remote_device_reset(&idev->sci);
1533         if (status != SCI_SUCCESS) {
1534                 spin_unlock_irqrestore(&ihost->scic_lock, flags);
1535
1536                 dev_warn(&ihost->pdev->dev,
1537                          "%s: scic_remote_device_reset(%p) returned %d!\n",
1538                          __func__, idev, status);
1539
1540                 return TMF_RESP_FUNC_FAILED;
1541         }
1542         spin_unlock_irqrestore(&ihost->scic_lock, flags);
1543
1544         /* Make sure all pending requests are able to be fully terminated. */
1545         isci_device_clear_reset_pending(ihost, idev);
1546
1547         /* If this is a device on an expander, disable BCN processing. */
1548         if (!scsi_is_sas_phy_local(phy))
1549                 set_bit(IPORT_BCN_BLOCKED, &iport->flags);
1550
1551         rc = sas_phy_reset(phy, hard_reset);
1552
1553         /* Terminate in-progress I/O now. */
1554         isci_remote_device_nuke_requests(ihost, idev);
1555
1556         /* Since all pending TCs have been cleaned, resume the RNC. */
1557         spin_lock_irqsave(&ihost->scic_lock, flags);
1558         status = scic_remote_device_reset_complete(&idev->sci);
1559         spin_unlock_irqrestore(&ihost->scic_lock, flags);
1560
1561         /* If this is a device on an expander, bring the phy back up. */
1562         if (!scsi_is_sas_phy_local(phy)) {
1563                 /* A phy reset will cause the device to go away then reappear.
1564                  * Since libsas will take action on incoming BCNs (eg. remove
1565                  * a device going through an SMP phy-control driven reset),
1566                  * we need to wait until the phy comes back up before letting
1567                  * discovery proceed in libsas.
1568                  */
1569                 isci_wait_for_smp_phy_reset(idev, phy->number);
1570
1571                 spin_lock_irqsave(&ihost->scic_lock, flags);
1572                 isci_port_bcn_enable(ihost, idev->isci_port);
1573                 spin_unlock_irqrestore(&ihost->scic_lock, flags);
1574         }
1575
1576         if (status != SCI_SUCCESS) {
1577                 dev_warn(&ihost->pdev->dev,
1578                          "%s: scic_remote_device_reset_complete(%p) "
1579                          "returned %d!\n", __func__, idev, status);
1580         }
1581
1582         dev_dbg(&ihost->pdev->dev, "%s: idev %p complete.\n", __func__, idev);
1583
1584         return rc;
1585 }
1586
1587 int isci_task_I_T_nexus_reset(struct domain_device *dev)
1588 {
1589         struct isci_host *ihost = dev_to_ihost(dev);
1590         struct isci_remote_device *idev;
1591         int ret, hard_reset = 1;
1592         unsigned long flags;
1593
1594         spin_lock_irqsave(&ihost->scic_lock, flags);
1595         idev = isci_lookup_device(dev);
1596         spin_unlock_irqrestore(&ihost->scic_lock, flags);
1597
1598         if (!idev || !test_bit(IDEV_EH, &idev->flags)) {
1599                 ret = TMF_RESP_FUNC_COMPLETE;
1600                 goto out;
1601         }
1602
1603         if (dev->dev_type == SATA_DEV || (dev->tproto & SAS_PROTOCOL_STP))
1604                 hard_reset = 0;
1605
1606         ret = isci_reset_device(ihost, idev, hard_reset);
1607  out:
1608         isci_put_device(idev);
1609         return ret;
1610 }
1611
1612 int isci_bus_reset_handler(struct scsi_cmnd *cmd)
1613 {
1614         struct domain_device *dev = sdev_to_domain_dev(cmd->device);
1615         struct isci_host *ihost = dev_to_ihost(dev);
1616         struct isci_remote_device *idev;
1617         int ret, hard_reset = 1;
1618         unsigned long flags;
1619
1620         if (dev->dev_type == SATA_DEV || (dev->tproto & SAS_PROTOCOL_STP))
1621                 hard_reset = 0;
1622
1623         spin_lock_irqsave(&ihost->scic_lock, flags);
1624         idev = isci_lookup_device(dev);
1625         spin_unlock_irqrestore(&ihost->scic_lock, flags);
1626
1627         if (!idev) {
1628                 ret = TMF_RESP_FUNC_COMPLETE;
1629                 goto out;
1630         }
1631
1632         ret = isci_reset_device(ihost, idev, hard_reset);
1633  out:
1634         isci_put_device(idev);
1635         return ret;
1636 }