2 * Copyright (c) 2006 - 2009 Mellanox Technology Inc. All rights reserved.
3 * Copyright (C) 2008 - 2011 Bart Van Assche <bvanassche@acm.org>.
5 * This software is available to you under a choice of one of two
6 * licenses. You may choose to be licensed under the terms of the GNU
7 * General Public License (GPL) Version 2, available from the file
8 * COPYING in the main directory of this source tree, or the
9 * OpenIB.org BSD license below:
11 * Redistribution and use in source and binary forms, with or
12 * without modification, are permitted provided that the following
15 * - Redistributions of source code must retain the above
16 * copyright notice, this list of conditions and the following
19 * - Redistributions in binary form must reproduce the above
20 * copyright notice, this list of conditions and the following
21 * disclaimer in the documentation and/or other materials
22 * provided with the distribution.
24 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
25 * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
26 * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
27 * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS
28 * BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN
29 * ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
30 * CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
35 #include <linux/module.h>
36 #include <linux/init.h>
37 #include <linux/slab.h>
38 #include <linux/err.h>
39 #include <linux/ctype.h>
40 #include <linux/kthread.h>
41 #include <linux/string.h>
42 #include <linux/delay.h>
43 #include <linux/atomic.h>
44 #include <scsi/scsi_proto.h>
45 #include <scsi/scsi_tcq.h>
46 #include <target/target_core_base.h>
47 #include <target/target_core_fabric.h>
50 /* Name of this kernel module. */
51 #define DRV_NAME "ib_srpt"
52 #define DRV_VERSION "2.0.0"
53 #define DRV_RELDATE "2011-02-14"
55 #define SRPT_ID_STRING "Linux SRP target"
58 #define pr_fmt(fmt) DRV_NAME " " fmt
60 MODULE_AUTHOR("Vu Pham and Bart Van Assche");
61 MODULE_DESCRIPTION("InfiniBand SCSI RDMA Protocol target "
62 "v" DRV_VERSION " (" DRV_RELDATE ")");
63 MODULE_LICENSE("Dual BSD/GPL");
69 static u64 srpt_service_guid;
70 static DEFINE_SPINLOCK(srpt_dev_lock); /* Protects srpt_dev_list. */
71 static LIST_HEAD(srpt_dev_list); /* List of srpt_device structures. */
73 static unsigned srp_max_req_size = DEFAULT_MAX_REQ_SIZE;
74 module_param(srp_max_req_size, int, 0444);
75 MODULE_PARM_DESC(srp_max_req_size,
76 "Maximum size of SRP request messages in bytes.");
78 static int srpt_srq_size = DEFAULT_SRPT_SRQ_SIZE;
79 module_param(srpt_srq_size, int, 0444);
80 MODULE_PARM_DESC(srpt_srq_size,
81 "Shared receive queue (SRQ) size.");
83 static int srpt_get_u64_x(char *buffer, struct kernel_param *kp)
85 return sprintf(buffer, "0x%016llx", *(u64 *)kp->arg);
87 module_param_call(srpt_service_guid, NULL, srpt_get_u64_x, &srpt_service_guid,
89 MODULE_PARM_DESC(srpt_service_guid,
90 "Using this value for ioc_guid, id_ext, and cm_listen_id"
91 " instead of using the node_guid of the first HCA.");
93 static struct ib_client srpt_client;
94 static void srpt_release_cmd(struct se_cmd *se_cmd);
95 static void srpt_free_ch(struct kref *kref);
96 static int srpt_queue_status(struct se_cmd *cmd);
97 static void srpt_recv_done(struct ib_cq *cq, struct ib_wc *wc);
98 static void srpt_send_done(struct ib_cq *cq, struct ib_wc *wc);
99 static void srpt_process_wait_list(struct srpt_rdma_ch *ch);
102 * The only allowed channel state changes are those that change the channel
103 * state into a state with a higher numerical value. Hence the new > prev test.
105 static bool srpt_set_ch_state(struct srpt_rdma_ch *ch, enum rdma_ch_state new)
108 enum rdma_ch_state prev;
109 bool changed = false;
111 spin_lock_irqsave(&ch->spinlock, flags);
117 spin_unlock_irqrestore(&ch->spinlock, flags);
123 * srpt_event_handler() - Asynchronous IB event callback function.
125 * Callback function called by the InfiniBand core when an asynchronous IB
126 * event occurs. This callback may occur in interrupt context. See also
127 * section 11.5.2, Set Asynchronous Event Handler in the InfiniBand
128 * Architecture Specification.
130 static void srpt_event_handler(struct ib_event_handler *handler,
131 struct ib_event *event)
133 struct srpt_device *sdev;
134 struct srpt_port *sport;
136 sdev = ib_get_client_data(event->device, &srpt_client);
137 if (!sdev || sdev->device != event->device)
140 pr_debug("ASYNC event= %d on device= %s\n", event->event,
143 switch (event->event) {
144 case IB_EVENT_PORT_ERR:
145 if (event->element.port_num <= sdev->device->phys_port_cnt) {
146 sport = &sdev->port[event->element.port_num - 1];
151 case IB_EVENT_PORT_ACTIVE:
152 case IB_EVENT_LID_CHANGE:
153 case IB_EVENT_PKEY_CHANGE:
154 case IB_EVENT_SM_CHANGE:
155 case IB_EVENT_CLIENT_REREGISTER:
156 case IB_EVENT_GID_CHANGE:
157 /* Refresh port data asynchronously. */
158 if (event->element.port_num <= sdev->device->phys_port_cnt) {
159 sport = &sdev->port[event->element.port_num - 1];
160 if (!sport->lid && !sport->sm_lid)
161 schedule_work(&sport->work);
165 pr_err("received unrecognized IB event %d\n",
172 * srpt_srq_event() - SRQ event callback function.
174 static void srpt_srq_event(struct ib_event *event, void *ctx)
176 pr_info("SRQ event %d\n", event->event);
179 static const char *get_ch_state_name(enum rdma_ch_state s)
186 case CH_DISCONNECTING:
187 return "disconnecting";
190 case CH_DISCONNECTED:
191 return "disconnected";
197 * srpt_qp_event() - QP event callback function.
199 static void srpt_qp_event(struct ib_event *event, struct srpt_rdma_ch *ch)
201 pr_debug("QP event %d on cm_id=%p sess_name=%s state=%d\n",
202 event->event, ch->cm_id, ch->sess_name, ch->state);
204 switch (event->event) {
205 case IB_EVENT_COMM_EST:
206 ib_cm_notify(ch->cm_id, event->event);
208 case IB_EVENT_QP_LAST_WQE_REACHED:
209 pr_debug("%s-%d, state %s: received Last WQE event.\n",
210 ch->sess_name, ch->qp->qp_num,
211 get_ch_state_name(ch->state));
214 pr_err("received unrecognized IB QP event %d\n", event->event);
220 * srpt_set_ioc() - Helper function for initializing an IOUnitInfo structure.
222 * @slot: one-based slot number.
223 * @value: four-bit value.
225 * Copies the lowest four bits of value in element slot of the array of four
226 * bit elements called c_list (controller list). The index slot is one-based.
228 static void srpt_set_ioc(u8 *c_list, u32 slot, u8 value)
235 tmp = c_list[id] & 0xf;
236 c_list[id] = (value << 4) | tmp;
238 tmp = c_list[id] & 0xf0;
239 c_list[id] = (value & 0xf) | tmp;
244 * srpt_get_class_port_info() - Copy ClassPortInfo to a management datagram.
246 * See also section 16.3.3.1 ClassPortInfo in the InfiniBand Architecture
249 static void srpt_get_class_port_info(struct ib_dm_mad *mad)
251 struct ib_class_port_info *cif;
253 cif = (struct ib_class_port_info *)mad->data;
254 memset(cif, 0, sizeof(*cif));
255 cif->base_version = 1;
256 cif->class_version = 1;
258 ib_set_cpi_resp_time(cif, 20);
259 mad->mad_hdr.status = 0;
263 * srpt_get_iou() - Write IOUnitInfo to a management datagram.
265 * See also section 16.3.3.3 IOUnitInfo in the InfiniBand Architecture
266 * Specification. See also section B.7, table B.6 in the SRP r16a document.
268 static void srpt_get_iou(struct ib_dm_mad *mad)
270 struct ib_dm_iou_info *ioui;
274 ioui = (struct ib_dm_iou_info *)mad->data;
275 ioui->change_id = cpu_to_be16(1);
276 ioui->max_controllers = 16;
278 /* set present for slot 1 and empty for the rest */
279 srpt_set_ioc(ioui->controller_list, 1, 1);
280 for (i = 1, slot = 2; i < 16; i++, slot++)
281 srpt_set_ioc(ioui->controller_list, slot, 0);
283 mad->mad_hdr.status = 0;
287 * srpt_get_ioc() - Write IOControllerprofile to a management datagram.
289 * See also section 16.3.3.4 IOControllerProfile in the InfiniBand
290 * Architecture Specification. See also section B.7, table B.7 in the SRP
293 static void srpt_get_ioc(struct srpt_port *sport, u32 slot,
294 struct ib_dm_mad *mad)
296 struct srpt_device *sdev = sport->sdev;
297 struct ib_dm_ioc_profile *iocp;
299 iocp = (struct ib_dm_ioc_profile *)mad->data;
301 if (!slot || slot > 16) {
303 = cpu_to_be16(DM_MAD_STATUS_INVALID_FIELD);
309 = cpu_to_be16(DM_MAD_STATUS_NO_IOC);
313 memset(iocp, 0, sizeof(*iocp));
314 strcpy(iocp->id_string, SRPT_ID_STRING);
315 iocp->guid = cpu_to_be64(srpt_service_guid);
316 iocp->vendor_id = cpu_to_be32(sdev->device->attrs.vendor_id);
317 iocp->device_id = cpu_to_be32(sdev->device->attrs.vendor_part_id);
318 iocp->device_version = cpu_to_be16(sdev->device->attrs.hw_ver);
319 iocp->subsys_vendor_id = cpu_to_be32(sdev->device->attrs.vendor_id);
320 iocp->subsys_device_id = 0x0;
321 iocp->io_class = cpu_to_be16(SRP_REV16A_IB_IO_CLASS);
322 iocp->io_subclass = cpu_to_be16(SRP_IO_SUBCLASS);
323 iocp->protocol = cpu_to_be16(SRP_PROTOCOL);
324 iocp->protocol_version = cpu_to_be16(SRP_PROTOCOL_VERSION);
325 iocp->send_queue_depth = cpu_to_be16(sdev->srq_size);
326 iocp->rdma_read_depth = 4;
327 iocp->send_size = cpu_to_be32(srp_max_req_size);
328 iocp->rdma_size = cpu_to_be32(min(sport->port_attrib.srp_max_rdma_size,
330 iocp->num_svc_entries = 1;
331 iocp->op_cap_mask = SRP_SEND_TO_IOC | SRP_SEND_FROM_IOC |
332 SRP_RDMA_READ_FROM_IOC | SRP_RDMA_WRITE_FROM_IOC;
334 mad->mad_hdr.status = 0;
338 * srpt_get_svc_entries() - Write ServiceEntries to a management datagram.
340 * See also section 16.3.3.5 ServiceEntries in the InfiniBand Architecture
341 * Specification. See also section B.7, table B.8 in the SRP r16a document.
343 static void srpt_get_svc_entries(u64 ioc_guid,
344 u16 slot, u8 hi, u8 lo, struct ib_dm_mad *mad)
346 struct ib_dm_svc_entries *svc_entries;
350 if (!slot || slot > 16) {
352 = cpu_to_be16(DM_MAD_STATUS_INVALID_FIELD);
356 if (slot > 2 || lo > hi || hi > 1) {
358 = cpu_to_be16(DM_MAD_STATUS_NO_IOC);
362 svc_entries = (struct ib_dm_svc_entries *)mad->data;
363 memset(svc_entries, 0, sizeof(*svc_entries));
364 svc_entries->service_entries[0].id = cpu_to_be64(ioc_guid);
365 snprintf(svc_entries->service_entries[0].name,
366 sizeof(svc_entries->service_entries[0].name),
368 SRP_SERVICE_NAME_PREFIX,
371 mad->mad_hdr.status = 0;
375 * srpt_mgmt_method_get() - Process a received management datagram.
376 * @sp: source port through which the MAD has been received.
377 * @rq_mad: received MAD.
378 * @rsp_mad: response MAD.
380 static void srpt_mgmt_method_get(struct srpt_port *sp, struct ib_mad *rq_mad,
381 struct ib_dm_mad *rsp_mad)
387 attr_id = be16_to_cpu(rq_mad->mad_hdr.attr_id);
389 case DM_ATTR_CLASS_PORT_INFO:
390 srpt_get_class_port_info(rsp_mad);
392 case DM_ATTR_IOU_INFO:
393 srpt_get_iou(rsp_mad);
395 case DM_ATTR_IOC_PROFILE:
396 slot = be32_to_cpu(rq_mad->mad_hdr.attr_mod);
397 srpt_get_ioc(sp, slot, rsp_mad);
399 case DM_ATTR_SVC_ENTRIES:
400 slot = be32_to_cpu(rq_mad->mad_hdr.attr_mod);
401 hi = (u8) ((slot >> 8) & 0xff);
402 lo = (u8) (slot & 0xff);
403 slot = (u16) ((slot >> 16) & 0xffff);
404 srpt_get_svc_entries(srpt_service_guid,
405 slot, hi, lo, rsp_mad);
408 rsp_mad->mad_hdr.status =
409 cpu_to_be16(DM_MAD_STATUS_UNSUP_METHOD_ATTR);
415 * srpt_mad_send_handler() - Post MAD-send callback function.
417 static void srpt_mad_send_handler(struct ib_mad_agent *mad_agent,
418 struct ib_mad_send_wc *mad_wc)
420 rdma_destroy_ah(mad_wc->send_buf->ah);
421 ib_free_send_mad(mad_wc->send_buf);
425 * srpt_mad_recv_handler() - MAD reception callback function.
427 static void srpt_mad_recv_handler(struct ib_mad_agent *mad_agent,
428 struct ib_mad_send_buf *send_buf,
429 struct ib_mad_recv_wc *mad_wc)
431 struct srpt_port *sport = (struct srpt_port *)mad_agent->context;
433 struct ib_mad_send_buf *rsp;
434 struct ib_dm_mad *dm_mad;
436 if (!mad_wc || !mad_wc->recv_buf.mad)
439 ah = ib_create_ah_from_wc(mad_agent->qp->pd, mad_wc->wc,
440 mad_wc->recv_buf.grh, mad_agent->port_num);
444 BUILD_BUG_ON(offsetof(struct ib_dm_mad, data) != IB_MGMT_DEVICE_HDR);
446 rsp = ib_create_send_mad(mad_agent, mad_wc->wc->src_qp,
447 mad_wc->wc->pkey_index, 0,
448 IB_MGMT_DEVICE_HDR, IB_MGMT_DEVICE_DATA,
450 IB_MGMT_BASE_VERSION);
457 memcpy(dm_mad, mad_wc->recv_buf.mad, sizeof(*dm_mad));
458 dm_mad->mad_hdr.method = IB_MGMT_METHOD_GET_RESP;
459 dm_mad->mad_hdr.status = 0;
461 switch (mad_wc->recv_buf.mad->mad_hdr.method) {
462 case IB_MGMT_METHOD_GET:
463 srpt_mgmt_method_get(sport, mad_wc->recv_buf.mad, dm_mad);
465 case IB_MGMT_METHOD_SET:
466 dm_mad->mad_hdr.status =
467 cpu_to_be16(DM_MAD_STATUS_UNSUP_METHOD_ATTR);
470 dm_mad->mad_hdr.status =
471 cpu_to_be16(DM_MAD_STATUS_UNSUP_METHOD);
475 if (!ib_post_send_mad(rsp, NULL)) {
476 ib_free_recv_mad(mad_wc);
477 /* will destroy_ah & free_send_mad in send completion */
481 ib_free_send_mad(rsp);
486 ib_free_recv_mad(mad_wc);
490 * srpt_refresh_port() - Configure a HCA port.
492 * Enable InfiniBand management datagram processing, update the cached sm_lid,
493 * lid and gid values, and register a callback function for processing MADs
494 * on the specified port.
496 * Note: It is safe to call this function more than once for the same port.
498 static int srpt_refresh_port(struct srpt_port *sport)
500 struct ib_mad_reg_req reg_req;
501 struct ib_port_modify port_modify;
502 struct ib_port_attr port_attr;
506 memset(&port_modify, 0, sizeof(port_modify));
507 port_modify.set_port_cap_mask = IB_PORT_DEVICE_MGMT_SUP;
508 port_modify.clr_port_cap_mask = 0;
510 ret = ib_modify_port(sport->sdev->device, sport->port, 0, &port_modify);
514 ret = ib_query_port(sport->sdev->device, sport->port, &port_attr);
518 sport->sm_lid = port_attr.sm_lid;
519 sport->lid = port_attr.lid;
521 ret = ib_query_gid(sport->sdev->device, sport->port, 0, &sport->gid,
526 sport->port_guid_wwn.priv = sport;
527 guid = (__be16 *)&sport->gid.global.interface_id;
528 snprintf(sport->port_guid, sizeof(sport->port_guid),
529 "%04x:%04x:%04x:%04x",
530 be16_to_cpu(guid[0]), be16_to_cpu(guid[1]),
531 be16_to_cpu(guid[2]), be16_to_cpu(guid[3]));
532 sport->port_gid_wwn.priv = sport;
533 snprintf(sport->port_gid, sizeof(sport->port_gid),
535 be64_to_cpu(sport->gid.global.subnet_prefix),
536 be64_to_cpu(sport->gid.global.interface_id));
538 if (!sport->mad_agent) {
539 memset(®_req, 0, sizeof(reg_req));
540 reg_req.mgmt_class = IB_MGMT_CLASS_DEVICE_MGMT;
541 reg_req.mgmt_class_version = IB_MGMT_BASE_VERSION;
542 set_bit(IB_MGMT_METHOD_GET, reg_req.method_mask);
543 set_bit(IB_MGMT_METHOD_SET, reg_req.method_mask);
545 sport->mad_agent = ib_register_mad_agent(sport->sdev->device,
549 srpt_mad_send_handler,
550 srpt_mad_recv_handler,
552 if (IS_ERR(sport->mad_agent)) {
553 ret = PTR_ERR(sport->mad_agent);
554 sport->mad_agent = NULL;
563 port_modify.set_port_cap_mask = 0;
564 port_modify.clr_port_cap_mask = IB_PORT_DEVICE_MGMT_SUP;
565 ib_modify_port(sport->sdev->device, sport->port, 0, &port_modify);
573 * srpt_unregister_mad_agent() - Unregister MAD callback functions.
575 * Note: It is safe to call this function more than once for the same device.
577 static void srpt_unregister_mad_agent(struct srpt_device *sdev)
579 struct ib_port_modify port_modify = {
580 .clr_port_cap_mask = IB_PORT_DEVICE_MGMT_SUP,
582 struct srpt_port *sport;
585 for (i = 1; i <= sdev->device->phys_port_cnt; i++) {
586 sport = &sdev->port[i - 1];
587 WARN_ON(sport->port != i);
588 if (ib_modify_port(sdev->device, i, 0, &port_modify) < 0)
589 pr_err("disabling MAD processing failed.\n");
590 if (sport->mad_agent) {
591 ib_unregister_mad_agent(sport->mad_agent);
592 sport->mad_agent = NULL;
598 * srpt_alloc_ioctx() - Allocate an SRPT I/O context structure.
600 static struct srpt_ioctx *srpt_alloc_ioctx(struct srpt_device *sdev,
601 int ioctx_size, int dma_size,
602 enum dma_data_direction dir)
604 struct srpt_ioctx *ioctx;
606 ioctx = kmalloc(ioctx_size, GFP_KERNEL);
610 ioctx->buf = kmalloc(dma_size, GFP_KERNEL);
614 ioctx->dma = ib_dma_map_single(sdev->device, ioctx->buf, dma_size, dir);
615 if (ib_dma_mapping_error(sdev->device, ioctx->dma))
629 * srpt_free_ioctx() - Free an SRPT I/O context structure.
631 static void srpt_free_ioctx(struct srpt_device *sdev, struct srpt_ioctx *ioctx,
632 int dma_size, enum dma_data_direction dir)
637 ib_dma_unmap_single(sdev->device, ioctx->dma, dma_size, dir);
643 * srpt_alloc_ioctx_ring() - Allocate a ring of SRPT I/O context structures.
644 * @sdev: Device to allocate the I/O context ring for.
645 * @ring_size: Number of elements in the I/O context ring.
646 * @ioctx_size: I/O context size.
647 * @dma_size: DMA buffer size.
648 * @dir: DMA data direction.
650 static struct srpt_ioctx **srpt_alloc_ioctx_ring(struct srpt_device *sdev,
651 int ring_size, int ioctx_size,
652 int dma_size, enum dma_data_direction dir)
654 struct srpt_ioctx **ring;
657 WARN_ON(ioctx_size != sizeof(struct srpt_recv_ioctx)
658 && ioctx_size != sizeof(struct srpt_send_ioctx));
660 ring = kmalloc(ring_size * sizeof(ring[0]), GFP_KERNEL);
663 for (i = 0; i < ring_size; ++i) {
664 ring[i] = srpt_alloc_ioctx(sdev, ioctx_size, dma_size, dir);
673 srpt_free_ioctx(sdev, ring[i], dma_size, dir);
681 * srpt_free_ioctx_ring() - Free the ring of SRPT I/O context structures.
683 static void srpt_free_ioctx_ring(struct srpt_ioctx **ioctx_ring,
684 struct srpt_device *sdev, int ring_size,
685 int dma_size, enum dma_data_direction dir)
689 for (i = 0; i < ring_size; ++i)
690 srpt_free_ioctx(sdev, ioctx_ring[i], dma_size, dir);
695 * srpt_get_cmd_state() - Get the state of a SCSI command.
697 static enum srpt_command_state srpt_get_cmd_state(struct srpt_send_ioctx *ioctx)
699 enum srpt_command_state state;
704 spin_lock_irqsave(&ioctx->spinlock, flags);
705 state = ioctx->state;
706 spin_unlock_irqrestore(&ioctx->spinlock, flags);
711 * srpt_set_cmd_state() - Set the state of a SCSI command.
713 * Does not modify the state of aborted commands. Returns the previous command
716 static enum srpt_command_state srpt_set_cmd_state(struct srpt_send_ioctx *ioctx,
717 enum srpt_command_state new)
719 enum srpt_command_state previous;
724 spin_lock_irqsave(&ioctx->spinlock, flags);
725 previous = ioctx->state;
726 if (previous != SRPT_STATE_DONE)
728 spin_unlock_irqrestore(&ioctx->spinlock, flags);
734 * srpt_test_and_set_cmd_state() - Test and set the state of a command.
736 * Returns true if and only if the previous command state was equal to 'old'.
738 static bool srpt_test_and_set_cmd_state(struct srpt_send_ioctx *ioctx,
739 enum srpt_command_state old,
740 enum srpt_command_state new)
742 enum srpt_command_state previous;
746 WARN_ON(old == SRPT_STATE_DONE);
747 WARN_ON(new == SRPT_STATE_NEW);
749 spin_lock_irqsave(&ioctx->spinlock, flags);
750 previous = ioctx->state;
753 spin_unlock_irqrestore(&ioctx->spinlock, flags);
754 return previous == old;
758 * srpt_post_recv() - Post an IB receive request.
760 static int srpt_post_recv(struct srpt_device *sdev,
761 struct srpt_recv_ioctx *ioctx)
764 struct ib_recv_wr wr, *bad_wr;
767 list.addr = ioctx->ioctx.dma;
768 list.length = srp_max_req_size;
769 list.lkey = sdev->pd->local_dma_lkey;
771 ioctx->ioctx.cqe.done = srpt_recv_done;
772 wr.wr_cqe = &ioctx->ioctx.cqe;
777 return ib_post_srq_recv(sdev->srq, &wr, &bad_wr);
781 * srpt_zerolength_write() - Perform a zero-length RDMA write.
783 * A quote from the InfiniBand specification: C9-88: For an HCA responder
784 * using Reliable Connection service, for each zero-length RDMA READ or WRITE
785 * request, the R_Key shall not be validated, even if the request includes
788 static int srpt_zerolength_write(struct srpt_rdma_ch *ch)
790 struct ib_send_wr *bad_wr;
791 struct ib_rdma_wr wr = {
793 .opcode = IB_WR_RDMA_WRITE,
794 .wr_cqe = &ch->zw_cqe,
795 .send_flags = IB_SEND_SIGNALED,
799 return ib_post_send(ch->qp, &wr.wr, &bad_wr);
802 static void srpt_zerolength_write_done(struct ib_cq *cq, struct ib_wc *wc)
804 struct srpt_rdma_ch *ch = cq->cq_context;
806 if (wc->status == IB_WC_SUCCESS) {
807 srpt_process_wait_list(ch);
809 if (srpt_set_ch_state(ch, CH_DISCONNECTED))
810 schedule_work(&ch->release_work);
812 WARN_ONCE(1, "%s-%d\n", ch->sess_name, ch->qp->qp_num);
816 static int srpt_alloc_rw_ctxs(struct srpt_send_ioctx *ioctx,
817 struct srp_direct_buf *db, int nbufs, struct scatterlist **sg,
820 enum dma_data_direction dir = target_reverse_dma_direction(&ioctx->cmd);
821 struct srpt_rdma_ch *ch = ioctx->ch;
822 struct scatterlist *prev = NULL;
827 ioctx->rw_ctxs = &ioctx->s_rw_ctx;
829 ioctx->rw_ctxs = kmalloc_array(nbufs, sizeof(*ioctx->rw_ctxs),
835 for (i = ioctx->n_rw_ctx; i < nbufs; i++, db++) {
836 struct srpt_rw_ctx *ctx = &ioctx->rw_ctxs[i];
837 u64 remote_addr = be64_to_cpu(db->va);
838 u32 size = be32_to_cpu(db->len);
839 u32 rkey = be32_to_cpu(db->key);
841 ret = target_alloc_sgl(&ctx->sg, &ctx->nents, size, false,
846 ret = rdma_rw_ctx_init(&ctx->rw, ch->qp, ch->sport->port,
847 ctx->sg, ctx->nents, 0, remote_addr, rkey, dir);
849 target_free_sgl(ctx->sg, ctx->nents);
853 ioctx->n_rdma += ret;
857 sg_unmark_end(&prev[prev_nents - 1]);
858 sg_chain(prev, prev_nents + 1, ctx->sg);
864 prev_nents = ctx->nents;
866 *sg_cnt += ctx->nents;
873 struct srpt_rw_ctx *ctx = &ioctx->rw_ctxs[i];
875 rdma_rw_ctx_destroy(&ctx->rw, ch->qp, ch->sport->port,
876 ctx->sg, ctx->nents, dir);
877 target_free_sgl(ctx->sg, ctx->nents);
879 if (ioctx->rw_ctxs != &ioctx->s_rw_ctx)
880 kfree(ioctx->rw_ctxs);
884 static void srpt_free_rw_ctxs(struct srpt_rdma_ch *ch,
885 struct srpt_send_ioctx *ioctx)
887 enum dma_data_direction dir = target_reverse_dma_direction(&ioctx->cmd);
890 for (i = 0; i < ioctx->n_rw_ctx; i++) {
891 struct srpt_rw_ctx *ctx = &ioctx->rw_ctxs[i];
893 rdma_rw_ctx_destroy(&ctx->rw, ch->qp, ch->sport->port,
894 ctx->sg, ctx->nents, dir);
895 target_free_sgl(ctx->sg, ctx->nents);
898 if (ioctx->rw_ctxs != &ioctx->s_rw_ctx)
899 kfree(ioctx->rw_ctxs);
902 static inline void *srpt_get_desc_buf(struct srp_cmd *srp_cmd)
905 * The pointer computations below will only be compiled correctly
906 * if srp_cmd::add_data is declared as s8*, u8*, s8[] or u8[], so check
907 * whether srp_cmd::add_data has been declared as a byte pointer.
909 BUILD_BUG_ON(!__same_type(srp_cmd->add_data[0], (s8)0) &&
910 !__same_type(srp_cmd->add_data[0], (u8)0));
913 * According to the SRP spec, the lower two bits of the 'ADDITIONAL
914 * CDB LENGTH' field are reserved and the size in bytes of this field
915 * is four times the value specified in bits 3..7. Hence the "& ~3".
917 return srp_cmd->add_data + (srp_cmd->add_cdb_len & ~3);
921 * srpt_get_desc_tbl() - Parse the data descriptors of an SRP_CMD request.
922 * @ioctx: Pointer to the I/O context associated with the request.
923 * @srp_cmd: Pointer to the SRP_CMD request data.
924 * @dir: Pointer to the variable to which the transfer direction will be
926 * @data_len: Pointer to the variable to which the total data length of all
927 * descriptors in the SRP_CMD request will be written.
929 * This function initializes ioctx->nrbuf and ioctx->r_bufs.
931 * Returns -EINVAL when the SRP_CMD request contains inconsistent descriptors;
932 * -ENOMEM when memory allocation fails and zero upon success.
934 static int srpt_get_desc_tbl(struct srpt_send_ioctx *ioctx,
935 struct srp_cmd *srp_cmd, enum dma_data_direction *dir,
936 struct scatterlist **sg, unsigned *sg_cnt, u64 *data_len)
942 * The lower four bits of the buffer format field contain the DATA-IN
943 * buffer descriptor format, and the highest four bits contain the
944 * DATA-OUT buffer descriptor format.
946 if (srp_cmd->buf_fmt & 0xf)
947 /* DATA-IN: transfer data from target to initiator (read). */
948 *dir = DMA_FROM_DEVICE;
949 else if (srp_cmd->buf_fmt >> 4)
950 /* DATA-OUT: transfer data from initiator to target (write). */
951 *dir = DMA_TO_DEVICE;
955 /* initialize data_direction early as srpt_alloc_rw_ctxs needs it */
956 ioctx->cmd.data_direction = *dir;
958 if (((srp_cmd->buf_fmt & 0xf) == SRP_DATA_DESC_DIRECT) ||
959 ((srp_cmd->buf_fmt >> 4) == SRP_DATA_DESC_DIRECT)) {
960 struct srp_direct_buf *db = srpt_get_desc_buf(srp_cmd);
962 *data_len = be32_to_cpu(db->len);
963 return srpt_alloc_rw_ctxs(ioctx, db, 1, sg, sg_cnt);
964 } else if (((srp_cmd->buf_fmt & 0xf) == SRP_DATA_DESC_INDIRECT) ||
965 ((srp_cmd->buf_fmt >> 4) == SRP_DATA_DESC_INDIRECT)) {
966 struct srp_indirect_buf *idb = srpt_get_desc_buf(srp_cmd);
967 int nbufs = be32_to_cpu(idb->table_desc.len) /
968 sizeof(struct srp_direct_buf);
971 (srp_cmd->data_out_desc_cnt + srp_cmd->data_in_desc_cnt)) {
972 pr_err("received unsupported SRP_CMD request"
973 " type (%u out + %u in != %u / %zu)\n",
974 srp_cmd->data_out_desc_cnt,
975 srp_cmd->data_in_desc_cnt,
976 be32_to_cpu(idb->table_desc.len),
977 sizeof(struct srp_direct_buf));
981 *data_len = be32_to_cpu(idb->len);
982 return srpt_alloc_rw_ctxs(ioctx, idb->desc_list, nbufs,
991 * srpt_init_ch_qp() - Initialize queue pair attributes.
993 * Initialized the attributes of queue pair 'qp' by allowing local write,
994 * remote read and remote write. Also transitions 'qp' to state IB_QPS_INIT.
996 static int srpt_init_ch_qp(struct srpt_rdma_ch *ch, struct ib_qp *qp)
998 struct ib_qp_attr *attr;
1001 attr = kzalloc(sizeof(*attr), GFP_KERNEL);
1005 attr->qp_state = IB_QPS_INIT;
1006 attr->qp_access_flags = IB_ACCESS_LOCAL_WRITE;
1007 attr->port_num = ch->sport->port;
1008 attr->pkey_index = 0;
1010 ret = ib_modify_qp(qp, attr,
1011 IB_QP_STATE | IB_QP_ACCESS_FLAGS | IB_QP_PORT |
1019 * srpt_ch_qp_rtr() - Change the state of a channel to 'ready to receive' (RTR).
1020 * @ch: channel of the queue pair.
1021 * @qp: queue pair to change the state of.
1023 * Returns zero upon success and a negative value upon failure.
1025 * Note: currently a struct ib_qp_attr takes 136 bytes on a 64-bit system.
1026 * If this structure ever becomes larger, it might be necessary to allocate
1027 * it dynamically instead of on the stack.
1029 static int srpt_ch_qp_rtr(struct srpt_rdma_ch *ch, struct ib_qp *qp)
1031 struct ib_qp_attr qp_attr;
1035 qp_attr.qp_state = IB_QPS_RTR;
1036 ret = ib_cm_init_qp_attr(ch->cm_id, &qp_attr, &attr_mask);
1040 qp_attr.max_dest_rd_atomic = 4;
1042 ret = ib_modify_qp(qp, &qp_attr, attr_mask);
1049 * srpt_ch_qp_rts() - Change the state of a channel to 'ready to send' (RTS).
1050 * @ch: channel of the queue pair.
1051 * @qp: queue pair to change the state of.
1053 * Returns zero upon success and a negative value upon failure.
1055 * Note: currently a struct ib_qp_attr takes 136 bytes on a 64-bit system.
1056 * If this structure ever becomes larger, it might be necessary to allocate
1057 * it dynamically instead of on the stack.
1059 static int srpt_ch_qp_rts(struct srpt_rdma_ch *ch, struct ib_qp *qp)
1061 struct ib_qp_attr qp_attr;
1065 qp_attr.qp_state = IB_QPS_RTS;
1066 ret = ib_cm_init_qp_attr(ch->cm_id, &qp_attr, &attr_mask);
1070 qp_attr.max_rd_atomic = 4;
1072 ret = ib_modify_qp(qp, &qp_attr, attr_mask);
1079 * srpt_ch_qp_err() - Set the channel queue pair state to 'error'.
1081 static int srpt_ch_qp_err(struct srpt_rdma_ch *ch)
1083 struct ib_qp_attr qp_attr;
1085 qp_attr.qp_state = IB_QPS_ERR;
1086 return ib_modify_qp(ch->qp, &qp_attr, IB_QP_STATE);
1090 * srpt_get_send_ioctx() - Obtain an I/O context for sending to the initiator.
1092 static struct srpt_send_ioctx *srpt_get_send_ioctx(struct srpt_rdma_ch *ch)
1094 struct srpt_send_ioctx *ioctx;
1095 unsigned long flags;
1100 spin_lock_irqsave(&ch->spinlock, flags);
1101 if (!list_empty(&ch->free_list)) {
1102 ioctx = list_first_entry(&ch->free_list,
1103 struct srpt_send_ioctx, free_list);
1104 list_del(&ioctx->free_list);
1106 spin_unlock_irqrestore(&ch->spinlock, flags);
1111 BUG_ON(ioctx->ch != ch);
1112 spin_lock_init(&ioctx->spinlock);
1113 ioctx->state = SRPT_STATE_NEW;
1115 ioctx->n_rw_ctx = 0;
1116 init_completion(&ioctx->tx_done);
1117 ioctx->queue_status_only = false;
1119 * transport_init_se_cmd() does not initialize all fields, so do it
1122 memset(&ioctx->cmd, 0, sizeof(ioctx->cmd));
1123 memset(&ioctx->sense_data, 0, sizeof(ioctx->sense_data));
1129 * srpt_abort_cmd() - Abort a SCSI command.
1130 * @ioctx: I/O context associated with the SCSI command.
1131 * @context: Preferred execution context.
1133 static int srpt_abort_cmd(struct srpt_send_ioctx *ioctx)
1135 enum srpt_command_state state;
1136 unsigned long flags;
1141 * If the command is in a state where the target core is waiting for
1142 * the ib_srpt driver, change the state to the next state.
1145 spin_lock_irqsave(&ioctx->spinlock, flags);
1146 state = ioctx->state;
1148 case SRPT_STATE_NEED_DATA:
1149 ioctx->state = SRPT_STATE_DATA_IN;
1151 case SRPT_STATE_CMD_RSP_SENT:
1152 case SRPT_STATE_MGMT_RSP_SENT:
1153 ioctx->state = SRPT_STATE_DONE;
1156 WARN_ONCE(true, "%s: unexpected I/O context state %d\n",
1160 spin_unlock_irqrestore(&ioctx->spinlock, flags);
1162 pr_debug("Aborting cmd with state %d -> %d and tag %lld\n", state,
1163 ioctx->state, ioctx->cmd.tag);
1166 case SRPT_STATE_NEW:
1167 case SRPT_STATE_DATA_IN:
1168 case SRPT_STATE_MGMT:
1169 case SRPT_STATE_DONE:
1171 * Do nothing - defer abort processing until
1172 * srpt_queue_response() is invoked.
1175 case SRPT_STATE_NEED_DATA:
1176 pr_debug("tag %#llx: RDMA read error\n", ioctx->cmd.tag);
1177 transport_generic_request_failure(&ioctx->cmd,
1178 TCM_CHECK_CONDITION_ABORT_CMD);
1180 case SRPT_STATE_CMD_RSP_SENT:
1182 * SRP_RSP sending failed or the SRP_RSP send completion has
1183 * not been received in time.
1185 transport_generic_free_cmd(&ioctx->cmd, 0);
1187 case SRPT_STATE_MGMT_RSP_SENT:
1188 transport_generic_free_cmd(&ioctx->cmd, 0);
1191 WARN(1, "Unexpected command state (%d)", state);
1199 * XXX: what is now target_execute_cmd used to be asynchronous, and unmapping
1200 * the data that has been transferred via IB RDMA had to be postponed until the
1201 * check_stop_free() callback. None of this is necessary anymore and needs to
1204 static void srpt_rdma_read_done(struct ib_cq *cq, struct ib_wc *wc)
1206 struct srpt_rdma_ch *ch = cq->cq_context;
1207 struct srpt_send_ioctx *ioctx =
1208 container_of(wc->wr_cqe, struct srpt_send_ioctx, rdma_cqe);
1210 WARN_ON(ioctx->n_rdma <= 0);
1211 atomic_add(ioctx->n_rdma, &ch->sq_wr_avail);
1214 if (unlikely(wc->status != IB_WC_SUCCESS)) {
1215 pr_info("RDMA_READ for ioctx 0x%p failed with status %d\n",
1217 srpt_abort_cmd(ioctx);
1221 if (srpt_test_and_set_cmd_state(ioctx, SRPT_STATE_NEED_DATA,
1222 SRPT_STATE_DATA_IN))
1223 target_execute_cmd(&ioctx->cmd);
1225 pr_err("%s[%d]: wrong state = %d\n", __func__,
1226 __LINE__, srpt_get_cmd_state(ioctx));
1230 * srpt_build_cmd_rsp() - Build an SRP_RSP response.
1231 * @ch: RDMA channel through which the request has been received.
1232 * @ioctx: I/O context associated with the SRP_CMD request. The response will
1233 * be built in the buffer ioctx->buf points at and hence this function will
1234 * overwrite the request data.
1235 * @tag: tag of the request for which this response is being generated.
1236 * @status: value for the STATUS field of the SRP_RSP information unit.
1238 * Returns the size in bytes of the SRP_RSP response.
1240 * An SRP_RSP response contains a SCSI status or service response. See also
1241 * section 6.9 in the SRP r16a document for the format of an SRP_RSP
1242 * response. See also SPC-2 for more information about sense data.
1244 static int srpt_build_cmd_rsp(struct srpt_rdma_ch *ch,
1245 struct srpt_send_ioctx *ioctx, u64 tag,
1248 struct srp_rsp *srp_rsp;
1249 const u8 *sense_data;
1250 int sense_data_len, max_sense_len;
1253 * The lowest bit of all SAM-3 status codes is zero (see also
1254 * paragraph 5.3 in SAM-3).
1256 WARN_ON(status & 1);
1258 srp_rsp = ioctx->ioctx.buf;
1261 sense_data = ioctx->sense_data;
1262 sense_data_len = ioctx->cmd.scsi_sense_length;
1263 WARN_ON(sense_data_len > sizeof(ioctx->sense_data));
1265 memset(srp_rsp, 0, sizeof(*srp_rsp));
1266 srp_rsp->opcode = SRP_RSP;
1267 srp_rsp->req_lim_delta =
1268 cpu_to_be32(1 + atomic_xchg(&ch->req_lim_delta, 0));
1270 srp_rsp->status = status;
1272 if (sense_data_len) {
1273 BUILD_BUG_ON(MIN_MAX_RSP_SIZE <= sizeof(*srp_rsp));
1274 max_sense_len = ch->max_ti_iu_len - sizeof(*srp_rsp);
1275 if (sense_data_len > max_sense_len) {
1276 pr_warn("truncated sense data from %d to %d"
1277 " bytes\n", sense_data_len, max_sense_len);
1278 sense_data_len = max_sense_len;
1281 srp_rsp->flags |= SRP_RSP_FLAG_SNSVALID;
1282 srp_rsp->sense_data_len = cpu_to_be32(sense_data_len);
1283 memcpy(srp_rsp + 1, sense_data, sense_data_len);
1286 return sizeof(*srp_rsp) + sense_data_len;
1290 * srpt_build_tskmgmt_rsp() - Build a task management response.
1291 * @ch: RDMA channel through which the request has been received.
1292 * @ioctx: I/O context in which the SRP_RSP response will be built.
1293 * @rsp_code: RSP_CODE that will be stored in the response.
1294 * @tag: Tag of the request for which this response is being generated.
1296 * Returns the size in bytes of the SRP_RSP response.
1298 * An SRP_RSP response contains a SCSI status or service response. See also
1299 * section 6.9 in the SRP r16a document for the format of an SRP_RSP
1302 static int srpt_build_tskmgmt_rsp(struct srpt_rdma_ch *ch,
1303 struct srpt_send_ioctx *ioctx,
1304 u8 rsp_code, u64 tag)
1306 struct srp_rsp *srp_rsp;
1311 resp_len = sizeof(*srp_rsp) + resp_data_len;
1313 srp_rsp = ioctx->ioctx.buf;
1315 memset(srp_rsp, 0, sizeof(*srp_rsp));
1317 srp_rsp->opcode = SRP_RSP;
1318 srp_rsp->req_lim_delta =
1319 cpu_to_be32(1 + atomic_xchg(&ch->req_lim_delta, 0));
1322 srp_rsp->flags |= SRP_RSP_FLAG_RSPVALID;
1323 srp_rsp->resp_data_len = cpu_to_be32(resp_data_len);
1324 srp_rsp->data[3] = rsp_code;
1329 static int srpt_check_stop_free(struct se_cmd *cmd)
1331 struct srpt_send_ioctx *ioctx = container_of(cmd,
1332 struct srpt_send_ioctx, cmd);
1334 return target_put_sess_cmd(&ioctx->cmd);
1338 * srpt_handle_cmd() - Process SRP_CMD.
1340 static void srpt_handle_cmd(struct srpt_rdma_ch *ch,
1341 struct srpt_recv_ioctx *recv_ioctx,
1342 struct srpt_send_ioctx *send_ioctx)
1345 struct srp_cmd *srp_cmd;
1346 struct scatterlist *sg = NULL;
1347 unsigned sg_cnt = 0;
1349 enum dma_data_direction dir;
1352 BUG_ON(!send_ioctx);
1354 srp_cmd = recv_ioctx->ioctx.buf;
1355 cmd = &send_ioctx->cmd;
1356 cmd->tag = srp_cmd->tag;
1358 switch (srp_cmd->task_attr) {
1359 case SRP_CMD_SIMPLE_Q:
1360 cmd->sam_task_attr = TCM_SIMPLE_TAG;
1362 case SRP_CMD_ORDERED_Q:
1364 cmd->sam_task_attr = TCM_ORDERED_TAG;
1366 case SRP_CMD_HEAD_OF_Q:
1367 cmd->sam_task_attr = TCM_HEAD_TAG;
1370 cmd->sam_task_attr = TCM_ACA_TAG;
1374 rc = srpt_get_desc_tbl(send_ioctx, srp_cmd, &dir, &sg, &sg_cnt,
1377 if (rc != -EAGAIN) {
1378 pr_err("0x%llx: parsing SRP descriptor table failed.\n",
1384 rc = target_submit_cmd_map_sgls(cmd, ch->sess, srp_cmd->cdb,
1385 &send_ioctx->sense_data[0],
1386 scsilun_to_int(&srp_cmd->lun), data_len,
1387 TCM_SIMPLE_TAG, dir, TARGET_SCF_ACK_KREF,
1388 sg, sg_cnt, NULL, 0, NULL, 0);
1390 pr_debug("target_submit_cmd() returned %d for tag %#llx\n", rc,
1397 send_ioctx->state = SRPT_STATE_DONE;
1398 srpt_release_cmd(cmd);
1401 static int srp_tmr_to_tcm(int fn)
1404 case SRP_TSK_ABORT_TASK:
1405 return TMR_ABORT_TASK;
1406 case SRP_TSK_ABORT_TASK_SET:
1407 return TMR_ABORT_TASK_SET;
1408 case SRP_TSK_CLEAR_TASK_SET:
1409 return TMR_CLEAR_TASK_SET;
1410 case SRP_TSK_LUN_RESET:
1411 return TMR_LUN_RESET;
1412 case SRP_TSK_CLEAR_ACA:
1413 return TMR_CLEAR_ACA;
1420 * srpt_handle_tsk_mgmt() - Process an SRP_TSK_MGMT information unit.
1422 * Returns 0 if and only if the request will be processed by the target core.
1424 * For more information about SRP_TSK_MGMT information units, see also section
1425 * 6.7 in the SRP r16a document.
1427 static void srpt_handle_tsk_mgmt(struct srpt_rdma_ch *ch,
1428 struct srpt_recv_ioctx *recv_ioctx,
1429 struct srpt_send_ioctx *send_ioctx)
1431 struct srp_tsk_mgmt *srp_tsk;
1433 struct se_session *sess = ch->sess;
1437 BUG_ON(!send_ioctx);
1439 srp_tsk = recv_ioctx->ioctx.buf;
1440 cmd = &send_ioctx->cmd;
1442 pr_debug("recv tsk_mgmt fn %d for task_tag %lld and cmd tag %lld"
1443 " cm_id %p sess %p\n", srp_tsk->tsk_mgmt_func,
1444 srp_tsk->task_tag, srp_tsk->tag, ch->cm_id, ch->sess);
1446 srpt_set_cmd_state(send_ioctx, SRPT_STATE_MGMT);
1447 send_ioctx->cmd.tag = srp_tsk->tag;
1448 tcm_tmr = srp_tmr_to_tcm(srp_tsk->tsk_mgmt_func);
1449 rc = target_submit_tmr(&send_ioctx->cmd, sess, NULL,
1450 scsilun_to_int(&srp_tsk->lun), srp_tsk, tcm_tmr,
1451 GFP_KERNEL, srp_tsk->task_tag,
1452 TARGET_SCF_ACK_KREF);
1454 send_ioctx->cmd.se_tmr_req->response = TMR_FUNCTION_REJECTED;
1459 transport_send_check_condition_and_sense(cmd, 0, 0); // XXX:
1463 * srpt_handle_new_iu() - Process a newly received information unit.
1464 * @ch: RDMA channel through which the information unit has been received.
1465 * @ioctx: SRPT I/O context associated with the information unit.
1467 static void srpt_handle_new_iu(struct srpt_rdma_ch *ch,
1468 struct srpt_recv_ioctx *recv_ioctx,
1469 struct srpt_send_ioctx *send_ioctx)
1471 struct srp_cmd *srp_cmd;
1474 BUG_ON(!recv_ioctx);
1476 ib_dma_sync_single_for_cpu(ch->sport->sdev->device,
1477 recv_ioctx->ioctx.dma, srp_max_req_size,
1480 if (unlikely(ch->state == CH_CONNECTING))
1483 if (unlikely(ch->state != CH_LIVE))
1486 srp_cmd = recv_ioctx->ioctx.buf;
1487 if (srp_cmd->opcode == SRP_CMD || srp_cmd->opcode == SRP_TSK_MGMT) {
1489 if (!list_empty(&ch->cmd_wait_list))
1491 send_ioctx = srpt_get_send_ioctx(ch);
1493 if (unlikely(!send_ioctx))
1497 switch (srp_cmd->opcode) {
1499 srpt_handle_cmd(ch, recv_ioctx, send_ioctx);
1502 srpt_handle_tsk_mgmt(ch, recv_ioctx, send_ioctx);
1505 pr_err("Not yet implemented: SRP_I_LOGOUT\n");
1508 pr_debug("received SRP_CRED_RSP\n");
1511 pr_debug("received SRP_AER_RSP\n");
1514 pr_err("Received SRP_RSP\n");
1517 pr_err("received IU with unknown opcode 0x%x\n",
1522 srpt_post_recv(ch->sport->sdev, recv_ioctx);
1526 list_add_tail(&recv_ioctx->wait_list, &ch->cmd_wait_list);
1529 static void srpt_recv_done(struct ib_cq *cq, struct ib_wc *wc)
1531 struct srpt_rdma_ch *ch = cq->cq_context;
1532 struct srpt_recv_ioctx *ioctx =
1533 container_of(wc->wr_cqe, struct srpt_recv_ioctx, ioctx.cqe);
1535 if (wc->status == IB_WC_SUCCESS) {
1538 req_lim = atomic_dec_return(&ch->req_lim);
1539 if (unlikely(req_lim < 0))
1540 pr_err("req_lim = %d < 0\n", req_lim);
1541 srpt_handle_new_iu(ch, ioctx, NULL);
1543 pr_info("receiving failed for ioctx %p with status %d\n",
1549 * This function must be called from the context in which RDMA completions are
1550 * processed because it accesses the wait list without protection against
1551 * access from other threads.
1553 static void srpt_process_wait_list(struct srpt_rdma_ch *ch)
1555 struct srpt_send_ioctx *ioctx;
1557 while (!list_empty(&ch->cmd_wait_list) &&
1558 ch->state >= CH_LIVE &&
1559 (ioctx = srpt_get_send_ioctx(ch)) != NULL) {
1560 struct srpt_recv_ioctx *recv_ioctx;
1562 recv_ioctx = list_first_entry(&ch->cmd_wait_list,
1563 struct srpt_recv_ioctx,
1565 list_del(&recv_ioctx->wait_list);
1566 srpt_handle_new_iu(ch, recv_ioctx, ioctx);
1571 * Note: Although this has not yet been observed during tests, at least in
1572 * theory it is possible that the srpt_get_send_ioctx() call invoked by
1573 * srpt_handle_new_iu() fails. This is possible because the req_lim_delta
1574 * value in each response is set to one, and it is possible that this response
1575 * makes the initiator send a new request before the send completion for that
1576 * response has been processed. This could e.g. happen if the call to
1577 * srpt_put_send_iotcx() is delayed because of a higher priority interrupt or
1578 * if IB retransmission causes generation of the send completion to be
1579 * delayed. Incoming information units for which srpt_get_send_ioctx() fails
1580 * are queued on cmd_wait_list. The code below processes these delayed
1581 * requests one at a time.
1583 static void srpt_send_done(struct ib_cq *cq, struct ib_wc *wc)
1585 struct srpt_rdma_ch *ch = cq->cq_context;
1586 struct srpt_send_ioctx *ioctx =
1587 container_of(wc->wr_cqe, struct srpt_send_ioctx, ioctx.cqe);
1588 enum srpt_command_state state;
1590 state = srpt_set_cmd_state(ioctx, SRPT_STATE_DONE);
1592 WARN_ON(state != SRPT_STATE_CMD_RSP_SENT &&
1593 state != SRPT_STATE_MGMT_RSP_SENT);
1595 atomic_add(1 + ioctx->n_rdma, &ch->sq_wr_avail);
1597 if (wc->status != IB_WC_SUCCESS)
1598 pr_info("sending response for ioctx 0x%p failed"
1599 " with status %d\n", ioctx, wc->status);
1601 if (state != SRPT_STATE_DONE) {
1602 transport_generic_free_cmd(&ioctx->cmd, 0);
1604 pr_err("IB completion has been received too late for"
1605 " wr_id = %u.\n", ioctx->ioctx.index);
1608 srpt_process_wait_list(ch);
1612 * srpt_create_ch_ib() - Create receive and send completion queues.
1614 static int srpt_create_ch_ib(struct srpt_rdma_ch *ch)
1616 struct ib_qp_init_attr *qp_init;
1617 struct srpt_port *sport = ch->sport;
1618 struct srpt_device *sdev = sport->sdev;
1619 const struct ib_device_attr *attrs = &sdev->device->attrs;
1620 u32 srp_sq_size = sport->port_attrib.srp_sq_size;
1623 WARN_ON(ch->rq_size < 1);
1626 qp_init = kzalloc(sizeof(*qp_init), GFP_KERNEL);
1631 ch->cq = ib_alloc_cq(sdev->device, ch, ch->rq_size + srp_sq_size,
1632 0 /* XXX: spread CQs */, IB_POLL_WORKQUEUE);
1633 if (IS_ERR(ch->cq)) {
1634 ret = PTR_ERR(ch->cq);
1635 pr_err("failed to create CQ cqe= %d ret= %d\n",
1636 ch->rq_size + srp_sq_size, ret);
1640 qp_init->qp_context = (void *)ch;
1641 qp_init->event_handler
1642 = (void(*)(struct ib_event *, void*))srpt_qp_event;
1643 qp_init->send_cq = ch->cq;
1644 qp_init->recv_cq = ch->cq;
1645 qp_init->srq = sdev->srq;
1646 qp_init->sq_sig_type = IB_SIGNAL_REQ_WR;
1647 qp_init->qp_type = IB_QPT_RC;
1649 * We divide up our send queue size into half SEND WRs to send the
1650 * completions, and half R/W contexts to actually do the RDMA
1651 * READ/WRITE transfers. Note that we need to allocate CQ slots for
1652 * both both, as RDMA contexts will also post completions for the
1655 qp_init->cap.max_send_wr = srp_sq_size / 2;
1656 qp_init->cap.max_rdma_ctxs = srp_sq_size / 2;
1657 qp_init->cap.max_send_sge = min(attrs->max_sge, SRPT_MAX_SG_PER_WQE);
1658 qp_init->port_num = ch->sport->port;
1660 ch->qp = ib_create_qp(sdev->pd, qp_init);
1661 if (IS_ERR(ch->qp)) {
1662 ret = PTR_ERR(ch->qp);
1663 if (ret == -ENOMEM) {
1665 if (srp_sq_size >= MIN_SRPT_SQ_SIZE) {
1666 ib_destroy_cq(ch->cq);
1670 pr_err("failed to create_qp ret= %d\n", ret);
1671 goto err_destroy_cq;
1674 atomic_set(&ch->sq_wr_avail, qp_init->cap.max_send_wr);
1676 pr_debug("%s: max_cqe= %d max_sge= %d sq_size = %d cm_id= %p\n",
1677 __func__, ch->cq->cqe, qp_init->cap.max_send_sge,
1678 qp_init->cap.max_send_wr, ch->cm_id);
1680 ret = srpt_init_ch_qp(ch, ch->qp);
1682 goto err_destroy_qp;
1689 ib_destroy_qp(ch->qp);
1695 static void srpt_destroy_ch_ib(struct srpt_rdma_ch *ch)
1697 ib_destroy_qp(ch->qp);
1702 * srpt_close_ch() - Close an RDMA channel.
1704 * Make sure all resources associated with the channel will be deallocated at
1705 * an appropriate time.
1707 * Returns true if and only if the channel state has been modified into
1710 static bool srpt_close_ch(struct srpt_rdma_ch *ch)
1714 if (!srpt_set_ch_state(ch, CH_DRAINING)) {
1715 pr_debug("%s-%d: already closed\n", ch->sess_name,
1720 kref_get(&ch->kref);
1722 ret = srpt_ch_qp_err(ch);
1724 pr_err("%s-%d: changing queue pair into error state failed: %d\n",
1725 ch->sess_name, ch->qp->qp_num, ret);
1727 pr_debug("%s-%d: queued zerolength write\n", ch->sess_name,
1729 ret = srpt_zerolength_write(ch);
1731 pr_err("%s-%d: queuing zero-length write failed: %d\n",
1732 ch->sess_name, ch->qp->qp_num, ret);
1733 if (srpt_set_ch_state(ch, CH_DISCONNECTED))
1734 schedule_work(&ch->release_work);
1739 kref_put(&ch->kref, srpt_free_ch);
1745 * Change the channel state into CH_DISCONNECTING. If a channel has not yet
1746 * reached the connected state, close it. If a channel is in the connected
1747 * state, send a DREQ. If a DREQ has been received, send a DREP. Note: it is
1748 * the responsibility of the caller to ensure that this function is not
1749 * invoked concurrently with the code that accepts a connection. This means
1750 * that this function must either be invoked from inside a CM callback
1751 * function or that it must be invoked with the srpt_port.mutex held.
1753 static int srpt_disconnect_ch(struct srpt_rdma_ch *ch)
1757 if (!srpt_set_ch_state(ch, CH_DISCONNECTING))
1760 ret = ib_send_cm_dreq(ch->cm_id, NULL, 0);
1762 ret = ib_send_cm_drep(ch->cm_id, NULL, 0);
1764 if (ret < 0 && srpt_close_ch(ch))
1770 static void __srpt_close_all_ch(struct srpt_device *sdev)
1772 struct srpt_rdma_ch *ch;
1774 lockdep_assert_held(&sdev->mutex);
1776 list_for_each_entry(ch, &sdev->rch_list, list) {
1777 if (srpt_disconnect_ch(ch) >= 0)
1778 pr_info("Closing channel %s-%d because target %s has been disabled\n",
1779 ch->sess_name, ch->qp->qp_num,
1780 sdev->device->name);
1785 static void srpt_free_ch(struct kref *kref)
1787 struct srpt_rdma_ch *ch = container_of(kref, struct srpt_rdma_ch, kref);
1792 static void srpt_release_channel_work(struct work_struct *w)
1794 struct srpt_rdma_ch *ch;
1795 struct srpt_device *sdev;
1796 struct se_session *se_sess;
1798 ch = container_of(w, struct srpt_rdma_ch, release_work);
1799 pr_debug("%s: %s-%d; release_done = %p\n", __func__, ch->sess_name,
1800 ch->qp->qp_num, ch->release_done);
1802 sdev = ch->sport->sdev;
1808 target_sess_cmd_list_set_waiting(se_sess);
1809 target_wait_for_sess_cmds(se_sess);
1811 transport_deregister_session_configfs(se_sess);
1812 transport_deregister_session(se_sess);
1815 ib_destroy_cm_id(ch->cm_id);
1817 srpt_destroy_ch_ib(ch);
1819 srpt_free_ioctx_ring((struct srpt_ioctx **)ch->ioctx_ring,
1820 ch->sport->sdev, ch->rq_size,
1821 ch->rsp_size, DMA_TO_DEVICE);
1823 mutex_lock(&sdev->mutex);
1824 list_del_init(&ch->list);
1825 if (ch->release_done)
1826 complete(ch->release_done);
1827 mutex_unlock(&sdev->mutex);
1829 wake_up(&sdev->ch_releaseQ);
1831 kref_put(&ch->kref, srpt_free_ch);
1835 * srpt_cm_req_recv() - Process the event IB_CM_REQ_RECEIVED.
1837 * Ownership of the cm_id is transferred to the target session if this
1838 * functions returns zero. Otherwise the caller remains the owner of cm_id.
1840 static int srpt_cm_req_recv(struct ib_cm_id *cm_id,
1841 struct ib_cm_req_event_param *param,
1844 struct srpt_device *sdev = cm_id->context;
1845 struct srpt_port *sport = &sdev->port[param->port - 1];
1846 struct srp_login_req *req;
1847 struct srp_login_rsp *rsp;
1848 struct srp_login_rej *rej;
1849 struct ib_cm_rep_param *rep_param;
1850 struct srpt_rdma_ch *ch, *tmp_ch;
1855 WARN_ON_ONCE(irqs_disabled());
1857 if (WARN_ON(!sdev || !private_data))
1860 req = (struct srp_login_req *)private_data;
1862 it_iu_len = be32_to_cpu(req->req_it_iu_len);
1864 pr_info("Received SRP_LOGIN_REQ with i_port_id 0x%llx:0x%llx,"
1865 " t_port_id 0x%llx:0x%llx and it_iu_len %d on port %d"
1866 " (guid=0x%llx:0x%llx)\n",
1867 be64_to_cpu(*(__be64 *)&req->initiator_port_id[0]),
1868 be64_to_cpu(*(__be64 *)&req->initiator_port_id[8]),
1869 be64_to_cpu(*(__be64 *)&req->target_port_id[0]),
1870 be64_to_cpu(*(__be64 *)&req->target_port_id[8]),
1873 be64_to_cpu(*(__be64 *)&sdev->port[param->port - 1].gid.raw[0]),
1874 be64_to_cpu(*(__be64 *)&sdev->port[param->port - 1].gid.raw[8]));
1876 rsp = kzalloc(sizeof(*rsp), GFP_KERNEL);
1877 rej = kzalloc(sizeof(*rej), GFP_KERNEL);
1878 rep_param = kzalloc(sizeof(*rep_param), GFP_KERNEL);
1880 if (!rsp || !rej || !rep_param) {
1885 if (it_iu_len > srp_max_req_size || it_iu_len < 64) {
1886 rej->reason = cpu_to_be32(
1887 SRP_LOGIN_REJ_REQ_IT_IU_LENGTH_TOO_LARGE);
1889 pr_err("rejected SRP_LOGIN_REQ because its"
1890 " length (%d bytes) is out of range (%d .. %d)\n",
1891 it_iu_len, 64, srp_max_req_size);
1895 if (!sport->enabled) {
1896 rej->reason = cpu_to_be32(
1897 SRP_LOGIN_REJ_INSUFFICIENT_RESOURCES);
1899 pr_err("rejected SRP_LOGIN_REQ because the target port"
1900 " has not yet been enabled\n");
1904 if ((req->req_flags & SRP_MTCH_ACTION) == SRP_MULTICHAN_SINGLE) {
1905 rsp->rsp_flags = SRP_LOGIN_RSP_MULTICHAN_NO_CHAN;
1907 mutex_lock(&sdev->mutex);
1909 list_for_each_entry_safe(ch, tmp_ch, &sdev->rch_list, list) {
1910 if (!memcmp(ch->i_port_id, req->initiator_port_id, 16)
1911 && !memcmp(ch->t_port_id, req->target_port_id, 16)
1912 && param->port == ch->sport->port
1913 && param->listen_id == ch->sport->sdev->cm_id
1915 if (srpt_disconnect_ch(ch) < 0)
1917 pr_info("Relogin - closed existing channel %s\n",
1920 SRP_LOGIN_RSP_MULTICHAN_TERMINATED;
1924 mutex_unlock(&sdev->mutex);
1927 rsp->rsp_flags = SRP_LOGIN_RSP_MULTICHAN_MAINTAINED;
1929 if (*(__be64 *)req->target_port_id != cpu_to_be64(srpt_service_guid)
1930 || *(__be64 *)(req->target_port_id + 8) !=
1931 cpu_to_be64(srpt_service_guid)) {
1932 rej->reason = cpu_to_be32(
1933 SRP_LOGIN_REJ_UNABLE_ASSOCIATE_CHANNEL);
1935 pr_err("rejected SRP_LOGIN_REQ because it"
1936 " has an invalid target port identifier.\n");
1940 ch = kzalloc(sizeof(*ch), GFP_KERNEL);
1942 rej->reason = cpu_to_be32(
1943 SRP_LOGIN_REJ_INSUFFICIENT_RESOURCES);
1944 pr_err("rejected SRP_LOGIN_REQ because no memory.\n");
1949 kref_init(&ch->kref);
1950 ch->zw_cqe.done = srpt_zerolength_write_done;
1951 INIT_WORK(&ch->release_work, srpt_release_channel_work);
1952 memcpy(ch->i_port_id, req->initiator_port_id, 16);
1953 memcpy(ch->t_port_id, req->target_port_id, 16);
1954 ch->sport = &sdev->port[param->port - 1];
1956 cm_id->context = ch;
1958 * Avoid QUEUE_FULL conditions by limiting the number of buffers used
1959 * for the SRP protocol to the command queue size.
1961 ch->rq_size = SRPT_RQ_SIZE;
1962 spin_lock_init(&ch->spinlock);
1963 ch->state = CH_CONNECTING;
1964 INIT_LIST_HEAD(&ch->cmd_wait_list);
1965 ch->rsp_size = ch->sport->port_attrib.srp_max_rsp_size;
1967 ch->ioctx_ring = (struct srpt_send_ioctx **)
1968 srpt_alloc_ioctx_ring(ch->sport->sdev, ch->rq_size,
1969 sizeof(*ch->ioctx_ring[0]),
1970 ch->rsp_size, DMA_TO_DEVICE);
1971 if (!ch->ioctx_ring)
1974 INIT_LIST_HEAD(&ch->free_list);
1975 for (i = 0; i < ch->rq_size; i++) {
1976 ch->ioctx_ring[i]->ch = ch;
1977 list_add_tail(&ch->ioctx_ring[i]->free_list, &ch->free_list);
1980 ret = srpt_create_ch_ib(ch);
1982 rej->reason = cpu_to_be32(
1983 SRP_LOGIN_REJ_INSUFFICIENT_RESOURCES);
1984 pr_err("rejected SRP_LOGIN_REQ because creating"
1985 " a new RDMA channel failed.\n");
1989 ret = srpt_ch_qp_rtr(ch, ch->qp);
1991 rej->reason = cpu_to_be32(SRP_LOGIN_REJ_INSUFFICIENT_RESOURCES);
1992 pr_err("rejected SRP_LOGIN_REQ because enabling"
1993 " RTR failed (error code = %d)\n", ret);
1997 guid = (__be16 *)¶m->primary_path->dgid.global.interface_id;
1998 snprintf(ch->ini_guid, sizeof(ch->ini_guid), "%04x:%04x:%04x:%04x",
1999 be16_to_cpu(guid[0]), be16_to_cpu(guid[1]),
2000 be16_to_cpu(guid[2]), be16_to_cpu(guid[3]));
2001 snprintf(ch->sess_name, sizeof(ch->sess_name), "0x%016llx%016llx",
2002 be64_to_cpu(*(__be64 *)ch->i_port_id),
2003 be64_to_cpu(*(__be64 *)(ch->i_port_id + 8)));
2005 pr_debug("registering session %s\n", ch->sess_name);
2007 if (sport->port_guid_tpg.se_tpg_wwn)
2008 ch->sess = target_alloc_session(&sport->port_guid_tpg, 0, 0,
2010 ch->ini_guid, ch, NULL);
2011 if (sport->port_gid_tpg.se_tpg_wwn && IS_ERR_OR_NULL(ch->sess))
2012 ch->sess = target_alloc_session(&sport->port_gid_tpg, 0, 0,
2013 TARGET_PROT_NORMAL, ch->sess_name, ch,
2015 /* Retry without leading "0x" */
2016 if (sport->port_gid_tpg.se_tpg_wwn && IS_ERR_OR_NULL(ch->sess))
2017 ch->sess = target_alloc_session(&sport->port_gid_tpg, 0, 0,
2019 ch->sess_name + 2, ch, NULL);
2020 if (IS_ERR_OR_NULL(ch->sess)) {
2021 pr_info("Rejected login because no ACL has been configured yet for initiator %s.\n",
2023 rej->reason = cpu_to_be32((PTR_ERR(ch->sess) == -ENOMEM) ?
2024 SRP_LOGIN_REJ_INSUFFICIENT_RESOURCES :
2025 SRP_LOGIN_REJ_CHANNEL_LIMIT_REACHED);
2029 pr_debug("Establish connection sess=%p name=%s cm_id=%p\n", ch->sess,
2030 ch->sess_name, ch->cm_id);
2032 /* create srp_login_response */
2033 rsp->opcode = SRP_LOGIN_RSP;
2034 rsp->tag = req->tag;
2035 rsp->max_it_iu_len = req->req_it_iu_len;
2036 rsp->max_ti_iu_len = req->req_it_iu_len;
2037 ch->max_ti_iu_len = it_iu_len;
2038 rsp->buf_fmt = cpu_to_be16(SRP_BUF_FORMAT_DIRECT
2039 | SRP_BUF_FORMAT_INDIRECT);
2040 rsp->req_lim_delta = cpu_to_be32(ch->rq_size);
2041 atomic_set(&ch->req_lim, ch->rq_size);
2042 atomic_set(&ch->req_lim_delta, 0);
2044 /* create cm reply */
2045 rep_param->qp_num = ch->qp->qp_num;
2046 rep_param->private_data = (void *)rsp;
2047 rep_param->private_data_len = sizeof(*rsp);
2048 rep_param->rnr_retry_count = 7;
2049 rep_param->flow_control = 1;
2050 rep_param->failover_accepted = 0;
2052 rep_param->responder_resources = 4;
2053 rep_param->initiator_depth = 4;
2055 ret = ib_send_cm_rep(cm_id, rep_param);
2057 pr_err("sending SRP_LOGIN_REQ response failed"
2058 " (error code = %d)\n", ret);
2059 goto release_channel;
2062 mutex_lock(&sdev->mutex);
2063 list_add_tail(&ch->list, &sdev->rch_list);
2064 mutex_unlock(&sdev->mutex);
2069 srpt_disconnect_ch(ch);
2070 transport_deregister_session_configfs(ch->sess);
2071 transport_deregister_session(ch->sess);
2075 srpt_destroy_ch_ib(ch);
2078 srpt_free_ioctx_ring((struct srpt_ioctx **)ch->ioctx_ring,
2079 ch->sport->sdev, ch->rq_size,
2080 ch->rsp_size, DMA_TO_DEVICE);
2085 rej->opcode = SRP_LOGIN_REJ;
2086 rej->tag = req->tag;
2087 rej->buf_fmt = cpu_to_be16(SRP_BUF_FORMAT_DIRECT
2088 | SRP_BUF_FORMAT_INDIRECT);
2090 ib_send_cm_rej(cm_id, IB_CM_REJ_CONSUMER_DEFINED, NULL, 0,
2091 (void *)rej, sizeof(*rej));
2101 static void srpt_cm_rej_recv(struct srpt_rdma_ch *ch,
2102 enum ib_cm_rej_reason reason,
2103 const u8 *private_data,
2104 u8 private_data_len)
2109 if (private_data_len && (priv = kmalloc(private_data_len * 3 + 1,
2111 for (i = 0; i < private_data_len; i++)
2112 sprintf(priv + 3 * i, " %02x", private_data[i]);
2114 pr_info("Received CM REJ for ch %s-%d; reason %d%s%s.\n",
2115 ch->sess_name, ch->qp->qp_num, reason, private_data_len ?
2116 "; private data" : "", priv ? priv : " (?)");
2121 * srpt_cm_rtu_recv() - Process an IB_CM_RTU_RECEIVED or USER_ESTABLISHED event.
2123 * An IB_CM_RTU_RECEIVED message indicates that the connection is established
2124 * and that the recipient may begin transmitting (RTU = ready to use).
2126 static void srpt_cm_rtu_recv(struct srpt_rdma_ch *ch)
2130 if (srpt_set_ch_state(ch, CH_LIVE)) {
2131 ret = srpt_ch_qp_rts(ch, ch->qp);
2134 /* Trigger wait list processing. */
2135 ret = srpt_zerolength_write(ch);
2136 WARN_ONCE(ret < 0, "%d\n", ret);
2144 * srpt_cm_handler() - IB connection manager callback function.
2146 * A non-zero return value will cause the caller destroy the CM ID.
2148 * Note: srpt_cm_handler() must only return a non-zero value when transferring
2149 * ownership of the cm_id to a channel by srpt_cm_req_recv() failed. Returning
2150 * a non-zero value in any other case will trigger a race with the
2151 * ib_destroy_cm_id() call in srpt_release_channel().
2153 static int srpt_cm_handler(struct ib_cm_id *cm_id, struct ib_cm_event *event)
2155 struct srpt_rdma_ch *ch = cm_id->context;
2159 switch (event->event) {
2160 case IB_CM_REQ_RECEIVED:
2161 ret = srpt_cm_req_recv(cm_id, &event->param.req_rcvd,
2162 event->private_data);
2164 case IB_CM_REJ_RECEIVED:
2165 srpt_cm_rej_recv(ch, event->param.rej_rcvd.reason,
2166 event->private_data,
2167 IB_CM_REJ_PRIVATE_DATA_SIZE);
2169 case IB_CM_RTU_RECEIVED:
2170 case IB_CM_USER_ESTABLISHED:
2171 srpt_cm_rtu_recv(ch);
2173 case IB_CM_DREQ_RECEIVED:
2174 srpt_disconnect_ch(ch);
2176 case IB_CM_DREP_RECEIVED:
2177 pr_info("Received CM DREP message for ch %s-%d.\n",
2178 ch->sess_name, ch->qp->qp_num);
2181 case IB_CM_TIMEWAIT_EXIT:
2182 pr_info("Received CM TimeWait exit for ch %s-%d.\n",
2183 ch->sess_name, ch->qp->qp_num);
2186 case IB_CM_REP_ERROR:
2187 pr_info("Received CM REP error for ch %s-%d.\n", ch->sess_name,
2190 case IB_CM_DREQ_ERROR:
2191 pr_info("Received CM DREQ ERROR event.\n");
2193 case IB_CM_MRA_RECEIVED:
2194 pr_info("Received CM MRA event\n");
2197 pr_err("received unrecognized CM event %d\n", event->event);
2204 static int srpt_write_pending_status(struct se_cmd *se_cmd)
2206 struct srpt_send_ioctx *ioctx;
2208 ioctx = container_of(se_cmd, struct srpt_send_ioctx, cmd);
2209 return srpt_get_cmd_state(ioctx) == SRPT_STATE_NEED_DATA;
2213 * srpt_write_pending() - Start data transfer from initiator to target (write).
2215 static int srpt_write_pending(struct se_cmd *se_cmd)
2217 struct srpt_send_ioctx *ioctx =
2218 container_of(se_cmd, struct srpt_send_ioctx, cmd);
2219 struct srpt_rdma_ch *ch = ioctx->ch;
2220 struct ib_send_wr *first_wr = NULL, *bad_wr;
2221 struct ib_cqe *cqe = &ioctx->rdma_cqe;
2222 enum srpt_command_state new_state;
2225 new_state = srpt_set_cmd_state(ioctx, SRPT_STATE_NEED_DATA);
2226 WARN_ON(new_state == SRPT_STATE_DONE);
2228 if (atomic_sub_return(ioctx->n_rdma, &ch->sq_wr_avail) < 0) {
2229 pr_warn("%s: IB send queue full (needed %d)\n",
2230 __func__, ioctx->n_rdma);
2235 cqe->done = srpt_rdma_read_done;
2236 for (i = ioctx->n_rw_ctx - 1; i >= 0; i--) {
2237 struct srpt_rw_ctx *ctx = &ioctx->rw_ctxs[i];
2239 first_wr = rdma_rw_ctx_wrs(&ctx->rw, ch->qp, ch->sport->port,
2244 ret = ib_post_send(ch->qp, first_wr, &bad_wr);
2246 pr_err("%s: ib_post_send() returned %d for %d (avail: %d)\n",
2247 __func__, ret, ioctx->n_rdma,
2248 atomic_read(&ch->sq_wr_avail));
2254 atomic_add(ioctx->n_rdma, &ch->sq_wr_avail);
2258 static u8 tcm_to_srp_tsk_mgmt_status(const int tcm_mgmt_status)
2260 switch (tcm_mgmt_status) {
2261 case TMR_FUNCTION_COMPLETE:
2262 return SRP_TSK_MGMT_SUCCESS;
2263 case TMR_FUNCTION_REJECTED:
2264 return SRP_TSK_MGMT_FUNC_NOT_SUPP;
2266 return SRP_TSK_MGMT_FAILED;
2270 * srpt_queue_response() - Transmits the response to a SCSI command.
2272 * Callback function called by the TCM core. Must not block since it can be
2273 * invoked on the context of the IB completion handler.
2275 static void srpt_queue_response(struct se_cmd *cmd)
2277 struct srpt_send_ioctx *ioctx =
2278 container_of(cmd, struct srpt_send_ioctx, cmd);
2279 struct srpt_rdma_ch *ch = ioctx->ch;
2280 struct srpt_device *sdev = ch->sport->sdev;
2281 struct ib_send_wr send_wr, *first_wr = &send_wr, *bad_wr;
2283 enum srpt_command_state state;
2284 unsigned long flags;
2285 int resp_len, ret, i;
2290 spin_lock_irqsave(&ioctx->spinlock, flags);
2291 state = ioctx->state;
2293 case SRPT_STATE_NEW:
2294 case SRPT_STATE_DATA_IN:
2295 ioctx->state = SRPT_STATE_CMD_RSP_SENT;
2297 case SRPT_STATE_MGMT:
2298 ioctx->state = SRPT_STATE_MGMT_RSP_SENT;
2301 WARN(true, "ch %p; cmd %d: unexpected command state %d\n",
2302 ch, ioctx->ioctx.index, ioctx->state);
2305 spin_unlock_irqrestore(&ioctx->spinlock, flags);
2307 if (unlikely(WARN_ON_ONCE(state == SRPT_STATE_CMD_RSP_SENT)))
2310 /* For read commands, transfer the data to the initiator. */
2311 if (ioctx->cmd.data_direction == DMA_FROM_DEVICE &&
2312 ioctx->cmd.data_length &&
2313 !ioctx->queue_status_only) {
2314 for (i = ioctx->n_rw_ctx - 1; i >= 0; i--) {
2315 struct srpt_rw_ctx *ctx = &ioctx->rw_ctxs[i];
2317 first_wr = rdma_rw_ctx_wrs(&ctx->rw, ch->qp,
2318 ch->sport->port, NULL, first_wr);
2322 if (state != SRPT_STATE_MGMT)
2323 resp_len = srpt_build_cmd_rsp(ch, ioctx, ioctx->cmd.tag,
2327 = tcm_to_srp_tsk_mgmt_status(cmd->se_tmr_req->response);
2328 resp_len = srpt_build_tskmgmt_rsp(ch, ioctx, srp_tm_status,
2332 atomic_inc(&ch->req_lim);
2334 if (unlikely(atomic_sub_return(1 + ioctx->n_rdma,
2335 &ch->sq_wr_avail) < 0)) {
2336 pr_warn("%s: IB send queue full (needed %d)\n",
2337 __func__, ioctx->n_rdma);
2342 ib_dma_sync_single_for_device(sdev->device, ioctx->ioctx.dma, resp_len,
2345 sge.addr = ioctx->ioctx.dma;
2346 sge.length = resp_len;
2347 sge.lkey = sdev->pd->local_dma_lkey;
2349 ioctx->ioctx.cqe.done = srpt_send_done;
2350 send_wr.next = NULL;
2351 send_wr.wr_cqe = &ioctx->ioctx.cqe;
2352 send_wr.sg_list = &sge;
2353 send_wr.num_sge = 1;
2354 send_wr.opcode = IB_WR_SEND;
2355 send_wr.send_flags = IB_SEND_SIGNALED;
2357 ret = ib_post_send(ch->qp, first_wr, &bad_wr);
2359 pr_err("%s: sending cmd response failed for tag %llu (%d)\n",
2360 __func__, ioctx->cmd.tag, ret);
2367 atomic_add(1 + ioctx->n_rdma, &ch->sq_wr_avail);
2368 atomic_dec(&ch->req_lim);
2369 srpt_set_cmd_state(ioctx, SRPT_STATE_DONE);
2370 target_put_sess_cmd(&ioctx->cmd);
2373 static int srpt_queue_data_in(struct se_cmd *cmd)
2375 srpt_queue_response(cmd);
2379 static void srpt_queue_tm_rsp(struct se_cmd *cmd)
2381 srpt_queue_response(cmd);
2384 static void srpt_aborted_task(struct se_cmd *cmd)
2388 static int srpt_queue_status(struct se_cmd *cmd)
2390 struct srpt_send_ioctx *ioctx;
2392 ioctx = container_of(cmd, struct srpt_send_ioctx, cmd);
2393 BUG_ON(ioctx->sense_data != cmd->sense_buffer);
2394 if (cmd->se_cmd_flags &
2395 (SCF_TRANSPORT_TASK_SENSE | SCF_EMULATED_TASK_SENSE))
2396 WARN_ON(cmd->scsi_status != SAM_STAT_CHECK_CONDITION);
2397 ioctx->queue_status_only = true;
2398 srpt_queue_response(cmd);
2402 static void srpt_refresh_port_work(struct work_struct *work)
2404 struct srpt_port *sport = container_of(work, struct srpt_port, work);
2406 srpt_refresh_port(sport);
2410 * srpt_release_sdev() - Free the channel resources associated with a target.
2412 static int srpt_release_sdev(struct srpt_device *sdev)
2416 WARN_ON_ONCE(irqs_disabled());
2420 mutex_lock(&sdev->mutex);
2421 for (i = 0; i < ARRAY_SIZE(sdev->port); i++)
2422 sdev->port[i].enabled = false;
2423 __srpt_close_all_ch(sdev);
2424 mutex_unlock(&sdev->mutex);
2426 res = wait_event_interruptible(sdev->ch_releaseQ,
2427 list_empty_careful(&sdev->rch_list));
2429 pr_err("%s: interrupted.\n", __func__);
2434 static struct se_wwn *__srpt_lookup_wwn(const char *name)
2436 struct ib_device *dev;
2437 struct srpt_device *sdev;
2438 struct srpt_port *sport;
2441 list_for_each_entry(sdev, &srpt_dev_list, list) {
2446 for (i = 0; i < dev->phys_port_cnt; i++) {
2447 sport = &sdev->port[i];
2449 if (strcmp(sport->port_guid, name) == 0)
2450 return &sport->port_guid_wwn;
2451 if (strcmp(sport->port_gid, name) == 0)
2452 return &sport->port_gid_wwn;
2459 static struct se_wwn *srpt_lookup_wwn(const char *name)
2463 spin_lock(&srpt_dev_lock);
2464 wwn = __srpt_lookup_wwn(name);
2465 spin_unlock(&srpt_dev_lock);
2471 * srpt_add_one() - Infiniband device addition callback function.
2473 static void srpt_add_one(struct ib_device *device)
2475 struct srpt_device *sdev;
2476 struct srpt_port *sport;
2477 struct ib_srq_init_attr srq_attr;
2480 pr_debug("device = %p\n", device);
2482 sdev = kzalloc(sizeof(*sdev), GFP_KERNEL);
2486 sdev->device = device;
2487 INIT_LIST_HEAD(&sdev->rch_list);
2488 init_waitqueue_head(&sdev->ch_releaseQ);
2489 mutex_init(&sdev->mutex);
2491 sdev->pd = ib_alloc_pd(device, 0);
2492 if (IS_ERR(sdev->pd))
2495 sdev->srq_size = min(srpt_srq_size, sdev->device->attrs.max_srq_wr);
2497 srq_attr.event_handler = srpt_srq_event;
2498 srq_attr.srq_context = (void *)sdev;
2499 srq_attr.attr.max_wr = sdev->srq_size;
2500 srq_attr.attr.max_sge = 1;
2501 srq_attr.attr.srq_limit = 0;
2502 srq_attr.srq_type = IB_SRQT_BASIC;
2504 sdev->srq = ib_create_srq(sdev->pd, &srq_attr);
2505 if (IS_ERR(sdev->srq))
2508 pr_debug("%s: create SRQ #wr= %d max_allow=%d dev= %s\n",
2509 __func__, sdev->srq_size, sdev->device->attrs.max_srq_wr,
2512 if (!srpt_service_guid)
2513 srpt_service_guid = be64_to_cpu(device->node_guid);
2515 sdev->cm_id = ib_create_cm_id(device, srpt_cm_handler, sdev);
2516 if (IS_ERR(sdev->cm_id))
2519 /* print out target login information */
2520 pr_debug("Target login info: id_ext=%016llx,ioc_guid=%016llx,"
2521 "pkey=ffff,service_id=%016llx\n", srpt_service_guid,
2522 srpt_service_guid, srpt_service_guid);
2525 * We do not have a consistent service_id (ie. also id_ext of target_id)
2526 * to identify this target. We currently use the guid of the first HCA
2527 * in the system as service_id; therefore, the target_id will change
2528 * if this HCA is gone bad and replaced by different HCA
2530 if (ib_cm_listen(sdev->cm_id, cpu_to_be64(srpt_service_guid), 0))
2533 INIT_IB_EVENT_HANDLER(&sdev->event_handler, sdev->device,
2534 srpt_event_handler);
2535 ib_register_event_handler(&sdev->event_handler);
2537 sdev->ioctx_ring = (struct srpt_recv_ioctx **)
2538 srpt_alloc_ioctx_ring(sdev, sdev->srq_size,
2539 sizeof(*sdev->ioctx_ring[0]),
2540 srp_max_req_size, DMA_FROM_DEVICE);
2541 if (!sdev->ioctx_ring)
2544 for (i = 0; i < sdev->srq_size; ++i)
2545 srpt_post_recv(sdev, sdev->ioctx_ring[i]);
2547 WARN_ON(sdev->device->phys_port_cnt > ARRAY_SIZE(sdev->port));
2549 for (i = 1; i <= sdev->device->phys_port_cnt; i++) {
2550 sport = &sdev->port[i - 1];
2553 sport->port_attrib.srp_max_rdma_size = DEFAULT_MAX_RDMA_SIZE;
2554 sport->port_attrib.srp_max_rsp_size = DEFAULT_MAX_RSP_SIZE;
2555 sport->port_attrib.srp_sq_size = DEF_SRPT_SQ_SIZE;
2556 INIT_WORK(&sport->work, srpt_refresh_port_work);
2558 if (srpt_refresh_port(sport)) {
2559 pr_err("MAD registration failed for %s-%d.\n",
2560 sdev->device->name, i);
2565 spin_lock(&srpt_dev_lock);
2566 list_add_tail(&sdev->list, &srpt_dev_list);
2567 spin_unlock(&srpt_dev_lock);
2570 ib_set_client_data(device, &srpt_client, sdev);
2571 pr_debug("added %s.\n", device->name);
2575 srpt_free_ioctx_ring((struct srpt_ioctx **)sdev->ioctx_ring, sdev,
2576 sdev->srq_size, srp_max_req_size,
2579 ib_unregister_event_handler(&sdev->event_handler);
2581 ib_destroy_cm_id(sdev->cm_id);
2583 ib_destroy_srq(sdev->srq);
2585 ib_dealloc_pd(sdev->pd);
2590 pr_info("%s(%s) failed.\n", __func__, device->name);
2595 * srpt_remove_one() - InfiniBand device removal callback function.
2597 static void srpt_remove_one(struct ib_device *device, void *client_data)
2599 struct srpt_device *sdev = client_data;
2603 pr_info("%s(%s): nothing to do.\n", __func__, device->name);
2607 srpt_unregister_mad_agent(sdev);
2609 ib_unregister_event_handler(&sdev->event_handler);
2611 /* Cancel any work queued by the just unregistered IB event handler. */
2612 for (i = 0; i < sdev->device->phys_port_cnt; i++)
2613 cancel_work_sync(&sdev->port[i].work);
2615 ib_destroy_cm_id(sdev->cm_id);
2618 * Unregistering a target must happen after destroying sdev->cm_id
2619 * such that no new SRP_LOGIN_REQ information units can arrive while
2620 * destroying the target.
2622 spin_lock(&srpt_dev_lock);
2623 list_del(&sdev->list);
2624 spin_unlock(&srpt_dev_lock);
2625 srpt_release_sdev(sdev);
2627 ib_destroy_srq(sdev->srq);
2628 ib_dealloc_pd(sdev->pd);
2630 srpt_free_ioctx_ring((struct srpt_ioctx **)sdev->ioctx_ring, sdev,
2631 sdev->srq_size, srp_max_req_size, DMA_FROM_DEVICE);
2632 sdev->ioctx_ring = NULL;
2636 static struct ib_client srpt_client = {
2638 .add = srpt_add_one,
2639 .remove = srpt_remove_one
2642 static int srpt_check_true(struct se_portal_group *se_tpg)
2647 static int srpt_check_false(struct se_portal_group *se_tpg)
2652 static char *srpt_get_fabric_name(void)
2657 static struct srpt_port *srpt_tpg_to_sport(struct se_portal_group *tpg)
2659 return tpg->se_tpg_wwn->priv;
2662 static char *srpt_get_fabric_wwn(struct se_portal_group *tpg)
2664 struct srpt_port *sport = srpt_tpg_to_sport(tpg);
2666 WARN_ON_ONCE(tpg != &sport->port_guid_tpg &&
2667 tpg != &sport->port_gid_tpg);
2668 return tpg == &sport->port_guid_tpg ? sport->port_guid :
2672 static u16 srpt_get_tag(struct se_portal_group *tpg)
2677 static u32 srpt_tpg_get_inst_index(struct se_portal_group *se_tpg)
2682 static void srpt_release_cmd(struct se_cmd *se_cmd)
2684 struct srpt_send_ioctx *ioctx = container_of(se_cmd,
2685 struct srpt_send_ioctx, cmd);
2686 struct srpt_rdma_ch *ch = ioctx->ch;
2687 unsigned long flags;
2689 WARN_ON_ONCE(ioctx->state != SRPT_STATE_DONE &&
2690 !(ioctx->cmd.transport_state & CMD_T_ABORTED));
2692 if (ioctx->n_rw_ctx) {
2693 srpt_free_rw_ctxs(ch, ioctx);
2694 ioctx->n_rw_ctx = 0;
2697 spin_lock_irqsave(&ch->spinlock, flags);
2698 list_add(&ioctx->free_list, &ch->free_list);
2699 spin_unlock_irqrestore(&ch->spinlock, flags);
2703 * srpt_close_session() - Forcibly close a session.
2705 * Callback function invoked by the TCM core to clean up sessions associated
2706 * with a node ACL when the user invokes
2707 * rmdir /sys/kernel/config/target/$driver/$port/$tpg/acls/$i_port_id
2709 static void srpt_close_session(struct se_session *se_sess)
2711 DECLARE_COMPLETION_ONSTACK(release_done);
2712 struct srpt_rdma_ch *ch = se_sess->fabric_sess_ptr;
2713 struct srpt_device *sdev = ch->sport->sdev;
2716 pr_debug("ch %s-%d state %d\n", ch->sess_name, ch->qp->qp_num,
2719 mutex_lock(&sdev->mutex);
2720 BUG_ON(ch->release_done);
2721 ch->release_done = &release_done;
2722 wait = !list_empty(&ch->list);
2723 srpt_disconnect_ch(ch);
2724 mutex_unlock(&sdev->mutex);
2729 while (wait_for_completion_timeout(&release_done, 180 * HZ) == 0)
2730 pr_info("%s(%s-%d state %d): still waiting ...\n", __func__,
2731 ch->sess_name, ch->qp->qp_num, ch->state);
2735 * srpt_sess_get_index() - Return the value of scsiAttIntrPortIndex (SCSI-MIB).
2737 * A quote from RFC 4455 (SCSI-MIB) about this MIB object:
2738 * This object represents an arbitrary integer used to uniquely identify a
2739 * particular attached remote initiator port to a particular SCSI target port
2740 * within a particular SCSI target device within a particular SCSI instance.
2742 static u32 srpt_sess_get_index(struct se_session *se_sess)
2747 static void srpt_set_default_node_attrs(struct se_node_acl *nacl)
2751 /* Note: only used from inside debug printk's by the TCM core. */
2752 static int srpt_get_tcm_cmd_state(struct se_cmd *se_cmd)
2754 struct srpt_send_ioctx *ioctx;
2756 ioctx = container_of(se_cmd, struct srpt_send_ioctx, cmd);
2757 return srpt_get_cmd_state(ioctx);
2760 static int srpt_parse_guid(u64 *guid, const char *name)
2765 if (sscanf(name, "%hx:%hx:%hx:%hx", &w[0], &w[1], &w[2], &w[3]) != 4)
2767 *guid = get_unaligned_be64(w);
2774 * srpt_parse_i_port_id() - Parse an initiator port ID.
2775 * @name: ASCII representation of a 128-bit initiator port ID.
2776 * @i_port_id: Binary 128-bit port ID.
2778 static int srpt_parse_i_port_id(u8 i_port_id[16], const char *name)
2781 unsigned len, count, leading_zero_bytes;
2785 if (strncasecmp(p, "0x", 2) == 0)
2791 count = min(len / 2, 16U);
2792 leading_zero_bytes = 16 - count;
2793 memset(i_port_id, 0, leading_zero_bytes);
2794 ret = hex2bin(i_port_id + leading_zero_bytes, p, count);
2796 pr_debug("hex2bin failed for srpt_parse_i_port_id: %d\n", ret);
2802 * configfs callback function invoked for
2803 * mkdir /sys/kernel/config/target/$driver/$port/$tpg/acls/$i_port_id
2805 static int srpt_init_nodeacl(struct se_node_acl *se_nacl, const char *name)
2811 ret = srpt_parse_guid(&guid, name);
2813 ret = srpt_parse_i_port_id(i_port_id, name);
2815 pr_err("invalid initiator port ID %s\n", name);
2819 static ssize_t srpt_tpg_attrib_srp_max_rdma_size_show(struct config_item *item,
2822 struct se_portal_group *se_tpg = attrib_to_tpg(item);
2823 struct srpt_port *sport = srpt_tpg_to_sport(se_tpg);
2825 return sprintf(page, "%u\n", sport->port_attrib.srp_max_rdma_size);
2828 static ssize_t srpt_tpg_attrib_srp_max_rdma_size_store(struct config_item *item,
2829 const char *page, size_t count)
2831 struct se_portal_group *se_tpg = attrib_to_tpg(item);
2832 struct srpt_port *sport = srpt_tpg_to_sport(se_tpg);
2836 ret = kstrtoul(page, 0, &val);
2838 pr_err("kstrtoul() failed with ret: %d\n", ret);
2841 if (val > MAX_SRPT_RDMA_SIZE) {
2842 pr_err("val: %lu exceeds MAX_SRPT_RDMA_SIZE: %d\n", val,
2843 MAX_SRPT_RDMA_SIZE);
2846 if (val < DEFAULT_MAX_RDMA_SIZE) {
2847 pr_err("val: %lu smaller than DEFAULT_MAX_RDMA_SIZE: %d\n",
2848 val, DEFAULT_MAX_RDMA_SIZE);
2851 sport->port_attrib.srp_max_rdma_size = val;
2856 static ssize_t srpt_tpg_attrib_srp_max_rsp_size_show(struct config_item *item,
2859 struct se_portal_group *se_tpg = attrib_to_tpg(item);
2860 struct srpt_port *sport = srpt_tpg_to_sport(se_tpg);
2862 return sprintf(page, "%u\n", sport->port_attrib.srp_max_rsp_size);
2865 static ssize_t srpt_tpg_attrib_srp_max_rsp_size_store(struct config_item *item,
2866 const char *page, size_t count)
2868 struct se_portal_group *se_tpg = attrib_to_tpg(item);
2869 struct srpt_port *sport = srpt_tpg_to_sport(se_tpg);
2873 ret = kstrtoul(page, 0, &val);
2875 pr_err("kstrtoul() failed with ret: %d\n", ret);
2878 if (val > MAX_SRPT_RSP_SIZE) {
2879 pr_err("val: %lu exceeds MAX_SRPT_RSP_SIZE: %d\n", val,
2883 if (val < MIN_MAX_RSP_SIZE) {
2884 pr_err("val: %lu smaller than MIN_MAX_RSP_SIZE: %d\n", val,
2888 sport->port_attrib.srp_max_rsp_size = val;
2893 static ssize_t srpt_tpg_attrib_srp_sq_size_show(struct config_item *item,
2896 struct se_portal_group *se_tpg = attrib_to_tpg(item);
2897 struct srpt_port *sport = srpt_tpg_to_sport(se_tpg);
2899 return sprintf(page, "%u\n", sport->port_attrib.srp_sq_size);
2902 static ssize_t srpt_tpg_attrib_srp_sq_size_store(struct config_item *item,
2903 const char *page, size_t count)
2905 struct se_portal_group *se_tpg = attrib_to_tpg(item);
2906 struct srpt_port *sport = srpt_tpg_to_sport(se_tpg);
2910 ret = kstrtoul(page, 0, &val);
2912 pr_err("kstrtoul() failed with ret: %d\n", ret);
2915 if (val > MAX_SRPT_SRQ_SIZE) {
2916 pr_err("val: %lu exceeds MAX_SRPT_SRQ_SIZE: %d\n", val,
2920 if (val < MIN_SRPT_SRQ_SIZE) {
2921 pr_err("val: %lu smaller than MIN_SRPT_SRQ_SIZE: %d\n", val,
2925 sport->port_attrib.srp_sq_size = val;
2930 CONFIGFS_ATTR(srpt_tpg_attrib_, srp_max_rdma_size);
2931 CONFIGFS_ATTR(srpt_tpg_attrib_, srp_max_rsp_size);
2932 CONFIGFS_ATTR(srpt_tpg_attrib_, srp_sq_size);
2934 static struct configfs_attribute *srpt_tpg_attrib_attrs[] = {
2935 &srpt_tpg_attrib_attr_srp_max_rdma_size,
2936 &srpt_tpg_attrib_attr_srp_max_rsp_size,
2937 &srpt_tpg_attrib_attr_srp_sq_size,
2941 static ssize_t srpt_tpg_enable_show(struct config_item *item, char *page)
2943 struct se_portal_group *se_tpg = to_tpg(item);
2944 struct srpt_port *sport = srpt_tpg_to_sport(se_tpg);
2946 return snprintf(page, PAGE_SIZE, "%d\n", (sport->enabled) ? 1: 0);
2949 static ssize_t srpt_tpg_enable_store(struct config_item *item,
2950 const char *page, size_t count)
2952 struct se_portal_group *se_tpg = to_tpg(item);
2953 struct srpt_port *sport = srpt_tpg_to_sport(se_tpg);
2954 struct srpt_device *sdev = sport->sdev;
2955 struct srpt_rdma_ch *ch;
2959 ret = kstrtoul(page, 0, &tmp);
2961 pr_err("Unable to extract srpt_tpg_store_enable\n");
2965 if ((tmp != 0) && (tmp != 1)) {
2966 pr_err("Illegal value for srpt_tpg_store_enable: %lu\n", tmp);
2969 if (sport->enabled == tmp)
2971 sport->enabled = tmp;
2975 mutex_lock(&sdev->mutex);
2976 list_for_each_entry(ch, &sdev->rch_list, list) {
2977 if (ch->sport == sport) {
2978 pr_debug("%s: ch %p %s-%d\n", __func__, ch,
2979 ch->sess_name, ch->qp->qp_num);
2980 srpt_disconnect_ch(ch);
2984 mutex_unlock(&sdev->mutex);
2990 CONFIGFS_ATTR(srpt_tpg_, enable);
2992 static struct configfs_attribute *srpt_tpg_attrs[] = {
2993 &srpt_tpg_attr_enable,
2998 * configfs callback invoked for
2999 * mkdir /sys/kernel/config/target/$driver/$port/$tpg
3001 static struct se_portal_group *srpt_make_tpg(struct se_wwn *wwn,
3002 struct config_group *group,
3005 struct srpt_port *sport = wwn->priv;
3006 static struct se_portal_group *tpg;
3009 WARN_ON_ONCE(wwn != &sport->port_guid_wwn &&
3010 wwn != &sport->port_gid_wwn);
3011 tpg = wwn == &sport->port_guid_wwn ? &sport->port_guid_tpg :
3012 &sport->port_gid_tpg;
3013 res = core_tpg_register(wwn, tpg, SCSI_PROTOCOL_SRP);
3015 return ERR_PTR(res);
3021 * configfs callback invoked for
3022 * rmdir /sys/kernel/config/target/$driver/$port/$tpg
3024 static void srpt_drop_tpg(struct se_portal_group *tpg)
3026 struct srpt_port *sport = srpt_tpg_to_sport(tpg);
3028 sport->enabled = false;
3029 core_tpg_deregister(tpg);
3033 * configfs callback invoked for
3034 * mkdir /sys/kernel/config/target/$driver/$port
3036 static struct se_wwn *srpt_make_tport(struct target_fabric_configfs *tf,
3037 struct config_group *group,
3040 return srpt_lookup_wwn(name) ? : ERR_PTR(-EINVAL);
3044 * configfs callback invoked for
3045 * rmdir /sys/kernel/config/target/$driver/$port
3047 static void srpt_drop_tport(struct se_wwn *wwn)
3051 static ssize_t srpt_wwn_version_show(struct config_item *item, char *buf)
3053 return scnprintf(buf, PAGE_SIZE, "%s\n", DRV_VERSION);
3056 CONFIGFS_ATTR_RO(srpt_wwn_, version);
3058 static struct configfs_attribute *srpt_wwn_attrs[] = {
3059 &srpt_wwn_attr_version,
3063 static const struct target_core_fabric_ops srpt_template = {
3064 .module = THIS_MODULE,
3066 .get_fabric_name = srpt_get_fabric_name,
3067 .tpg_get_wwn = srpt_get_fabric_wwn,
3068 .tpg_get_tag = srpt_get_tag,
3069 .tpg_check_demo_mode = srpt_check_false,
3070 .tpg_check_demo_mode_cache = srpt_check_true,
3071 .tpg_check_demo_mode_write_protect = srpt_check_true,
3072 .tpg_check_prod_mode_write_protect = srpt_check_false,
3073 .tpg_get_inst_index = srpt_tpg_get_inst_index,
3074 .release_cmd = srpt_release_cmd,
3075 .check_stop_free = srpt_check_stop_free,
3076 .close_session = srpt_close_session,
3077 .sess_get_index = srpt_sess_get_index,
3078 .sess_get_initiator_sid = NULL,
3079 .write_pending = srpt_write_pending,
3080 .write_pending_status = srpt_write_pending_status,
3081 .set_default_node_attributes = srpt_set_default_node_attrs,
3082 .get_cmd_state = srpt_get_tcm_cmd_state,
3083 .queue_data_in = srpt_queue_data_in,
3084 .queue_status = srpt_queue_status,
3085 .queue_tm_rsp = srpt_queue_tm_rsp,
3086 .aborted_task = srpt_aborted_task,
3088 * Setup function pointers for generic logic in
3089 * target_core_fabric_configfs.c
3091 .fabric_make_wwn = srpt_make_tport,
3092 .fabric_drop_wwn = srpt_drop_tport,
3093 .fabric_make_tpg = srpt_make_tpg,
3094 .fabric_drop_tpg = srpt_drop_tpg,
3095 .fabric_init_nodeacl = srpt_init_nodeacl,
3097 .tfc_wwn_attrs = srpt_wwn_attrs,
3098 .tfc_tpg_base_attrs = srpt_tpg_attrs,
3099 .tfc_tpg_attrib_attrs = srpt_tpg_attrib_attrs,
3103 * srpt_init_module() - Kernel module initialization.
3105 * Note: Since ib_register_client() registers callback functions, and since at
3106 * least one of these callback functions (srpt_add_one()) calls target core
3107 * functions, this driver must be registered with the target core before
3108 * ib_register_client() is called.
3110 static int __init srpt_init_module(void)
3115 if (srp_max_req_size < MIN_MAX_REQ_SIZE) {
3116 pr_err("invalid value %d for kernel module parameter"
3117 " srp_max_req_size -- must be at least %d.\n",
3118 srp_max_req_size, MIN_MAX_REQ_SIZE);
3122 if (srpt_srq_size < MIN_SRPT_SRQ_SIZE
3123 || srpt_srq_size > MAX_SRPT_SRQ_SIZE) {
3124 pr_err("invalid value %d for kernel module parameter"
3125 " srpt_srq_size -- must be in the range [%d..%d].\n",
3126 srpt_srq_size, MIN_SRPT_SRQ_SIZE, MAX_SRPT_SRQ_SIZE);
3130 ret = target_register_template(&srpt_template);
3134 ret = ib_register_client(&srpt_client);
3136 pr_err("couldn't register IB client\n");
3137 goto out_unregister_target;
3142 out_unregister_target:
3143 target_unregister_template(&srpt_template);
3148 static void __exit srpt_cleanup_module(void)
3150 ib_unregister_client(&srpt_client);
3151 target_unregister_template(&srpt_template);
3154 module_init(srpt_init_module);
3155 module_exit(srpt_cleanup_module);