1 // SPDX-License-Identifier: GPL-2.0-or-later
2 /*
3 * SCSI Primary Commands (SPC) parsing and emulation.
4 *
5 * (c) Copyright 2002-2013 Datera, Inc.
6 *
7 * Nicholas A. Bellinger <nab@kernel.org>
8 */
9
10 #include <linux/kernel.h>
11 #include <linux/module.h>
12 #include <asm/unaligned.h>
13
14 #include <scsi/scsi_proto.h>
15 #include <scsi/scsi_common.h>
16 #include <scsi/scsi_tcq.h>
17
18 #include <target/target_core_base.h>
19 #include <target/target_core_backend.h>
20 #include <target/target_core_fabric.h>
21
22 #include "target_core_internal.h"
23 #include "target_core_alua.h"
24 #include "target_core_pr.h"
25 #include "target_core_ua.h"
26 #include "target_core_xcopy.h"
27
spc_fill_alua_data(struct se_lun * lun,unsigned char * buf)28 static void spc_fill_alua_data(struct se_lun *lun, unsigned char *buf)
29 {
30 struct t10_alua_tg_pt_gp *tg_pt_gp;
31
32 /*
33 * Set SCCS for MAINTENANCE_IN + REPORT_TARGET_PORT_GROUPS.
34 */
35 buf[5] = 0x80;
36
37 /*
38 * Set TPGS field for explicit and/or implicit ALUA access type
39 * and opteration.
40 *
41 * See spc4r17 section 6.4.2 Table 135
42 */
43 spin_lock(&lun->lun_tg_pt_gp_lock);
44 tg_pt_gp = lun->lun_tg_pt_gp;
45 if (tg_pt_gp)
46 buf[5] |= tg_pt_gp->tg_pt_gp_alua_access_type;
47 spin_unlock(&lun->lun_tg_pt_gp_lock);
48 }
49
50 sense_reason_t
spc_emulate_inquiry_std(struct se_cmd * cmd,unsigned char * buf)51 spc_emulate_inquiry_std(struct se_cmd *cmd, unsigned char *buf)
52 {
53 struct se_lun *lun = cmd->se_lun;
54 struct se_device *dev = cmd->se_dev;
55 struct se_session *sess = cmd->se_sess;
56
57 /* Set RMB (removable media) for tape devices */
58 if (dev->transport->get_device_type(dev) == TYPE_TAPE)
59 buf[1] = 0x80;
60
61 buf[2] = 0x05; /* SPC-3 */
62
63 /*
64 * NORMACA and HISUP = 0, RESPONSE DATA FORMAT = 2
65 *
66 * SPC4 says:
67 * A RESPONSE DATA FORMAT field set to 2h indicates that the
68 * standard INQUIRY data is in the format defined in this
69 * standard. Response data format values less than 2h are
70 * obsolete. Response data format values greater than 2h are
71 * reserved.
72 */
73 buf[3] = 2;
74
75 /*
76 * Enable SCCS and TPGS fields for Emulated ALUA
77 */
78 spc_fill_alua_data(lun, buf);
79
80 /*
81 * Set Third-Party Copy (3PC) bit to indicate support for EXTENDED_COPY
82 */
83 if (dev->dev_attrib.emulate_3pc)
84 buf[5] |= 0x8;
85 /*
86 * Set Protection (PROTECT) bit when DIF has been enabled on the
87 * device, and the fabric supports VERIFY + PASS. Also report
88 * PROTECT=1 if sess_prot_type has been configured to allow T10-PI
89 * to unprotected devices.
90 */
91 if (sess->sup_prot_ops & (TARGET_PROT_DIN_PASS | TARGET_PROT_DOUT_PASS)) {
92 if (dev->dev_attrib.pi_prot_type || cmd->se_sess->sess_prot_type)
93 buf[5] |= 0x1;
94 }
95
96 buf[7] = 0x2; /* CmdQue=1 */
97
98 /*
99 * ASCII data fields described as being left-aligned shall have any
100 * unused bytes at the end of the field (i.e., highest offset) and the
101 * unused bytes shall be filled with ASCII space characters (20h).
102 */
103 memset(&buf[8], 0x20,
104 INQUIRY_VENDOR_LEN + INQUIRY_MODEL_LEN + INQUIRY_REVISION_LEN);
105 memcpy(&buf[8], dev->t10_wwn.vendor,
106 strnlen(dev->t10_wwn.vendor, INQUIRY_VENDOR_LEN));
107 memcpy(&buf[16], dev->t10_wwn.model,
108 strnlen(dev->t10_wwn.model, INQUIRY_MODEL_LEN));
109 memcpy(&buf[32], dev->t10_wwn.revision,
110 strnlen(dev->t10_wwn.revision, INQUIRY_REVISION_LEN));
111 buf[4] = 31; /* Set additional length to 31 */
112
113 return 0;
114 }
115 EXPORT_SYMBOL(spc_emulate_inquiry_std);
116
117 /* unit serial number */
118 static sense_reason_t
spc_emulate_evpd_80(struct se_cmd * cmd,unsigned char * buf)119 spc_emulate_evpd_80(struct se_cmd *cmd, unsigned char *buf)
120 {
121 struct se_device *dev = cmd->se_dev;
122 u16 len;
123
124 if (dev->dev_flags & DF_EMULATED_VPD_UNIT_SERIAL) {
125 len = sprintf(&buf[4], "%s", dev->t10_wwn.unit_serial);
126 len++; /* Extra Byte for NULL Terminator */
127 buf[3] = len;
128 }
129 return 0;
130 }
131
spc_parse_naa_6h_vendor_specific(struct se_device * dev,unsigned char * buf)132 void spc_parse_naa_6h_vendor_specific(struct se_device *dev,
133 unsigned char *buf)
134 {
135 unsigned char *p = &dev->t10_wwn.unit_serial[0];
136 int cnt;
137 bool next = true;
138
139 /*
140 * Generate up to 36 bits of VENDOR SPECIFIC IDENTIFIER starting on
141 * byte 3 bit 3-0 for NAA IEEE Registered Extended DESIGNATOR field
142 * format, followed by 64 bits of VENDOR SPECIFIC IDENTIFIER EXTENSION
143 * to complete the payload. These are based from VPD=0x80 PRODUCT SERIAL
144 * NUMBER set via vpd_unit_serial in target_core_configfs.c to ensure
145 * per device uniqeness.
146 */
147 for (cnt = 0; *p && cnt < 13; p++) {
148 int val = hex_to_bin(*p);
149
150 if (val < 0)
151 continue;
152
153 if (next) {
154 next = false;
155 buf[cnt++] |= val;
156 } else {
157 next = true;
158 buf[cnt] = val << 4;
159 }
160 }
161 }
162
163 /*
164 * Device identification VPD, for a complete list of
165 * DESIGNATOR TYPEs see spc4r17 Table 459.
166 */
167 sense_reason_t
spc_emulate_evpd_83(struct se_cmd * cmd,unsigned char * buf)168 spc_emulate_evpd_83(struct se_cmd *cmd, unsigned char *buf)
169 {
170 struct se_device *dev = cmd->se_dev;
171 struct se_lun *lun = cmd->se_lun;
172 struct se_portal_group *tpg = NULL;
173 struct t10_alua_lu_gp_member *lu_gp_mem;
174 struct t10_alua_tg_pt_gp *tg_pt_gp;
175 unsigned char *prod = &dev->t10_wwn.model[0];
176 u32 prod_len;
177 u32 unit_serial_len, off = 0;
178 u16 len = 0, id_len;
179
180 off = 4;
181
182 /*
183 * NAA IEEE Registered Extended Assigned designator format, see
184 * spc4r17 section 7.7.3.6.5
185 *
186 * We depend upon a target_core_mod/ConfigFS provided
187 * /sys/kernel/config/target/core/$HBA/$DEV/wwn/vpd_unit_serial
188 * value in order to return the NAA id.
189 */
190 if (!(dev->dev_flags & DF_EMULATED_VPD_UNIT_SERIAL))
191 goto check_t10_vend_desc;
192
193 /* CODE SET == Binary */
194 buf[off++] = 0x1;
195
196 /* Set ASSOCIATION == addressed logical unit: 0)b */
197 buf[off] = 0x00;
198
199 /* Identifier/Designator type == NAA identifier */
200 buf[off++] |= 0x3;
201 off++;
202
203 /* Identifier/Designator length */
204 buf[off++] = 0x10;
205
206 /*
207 * Start NAA IEEE Registered Extended Identifier/Designator
208 */
209 buf[off++] = (0x6 << 4);
210
211 /*
212 * Use OpenFabrics IEEE Company ID: 00 14 05
213 */
214 buf[off++] = 0x01;
215 buf[off++] = 0x40;
216 buf[off] = (0x5 << 4);
217
218 /*
219 * Return ConfigFS Unit Serial Number information for
220 * VENDOR_SPECIFIC_IDENTIFIER and
221 * VENDOR_SPECIFIC_IDENTIFIER_EXTENTION
222 */
223 spc_parse_naa_6h_vendor_specific(dev, &buf[off]);
224
225 len = 20;
226 off = (len + 4);
227
228 check_t10_vend_desc:
229 /*
230 * T10 Vendor Identifier Page, see spc4r17 section 7.7.3.4
231 */
232 id_len = 8; /* For Vendor field */
233 prod_len = 4; /* For VPD Header */
234 prod_len += 8; /* For Vendor field */
235 prod_len += strlen(prod);
236 prod_len++; /* For : */
237
238 if (dev->dev_flags & DF_EMULATED_VPD_UNIT_SERIAL) {
239 unit_serial_len = strlen(&dev->t10_wwn.unit_serial[0]);
240 unit_serial_len++; /* For NULL Terminator */
241
242 id_len += sprintf(&buf[off+12], "%s:%s", prod,
243 &dev->t10_wwn.unit_serial[0]);
244 }
245 buf[off] = 0x2; /* ASCII */
246 buf[off+1] = 0x1; /* T10 Vendor ID */
247 buf[off+2] = 0x0;
248 /* left align Vendor ID and pad with spaces */
249 memset(&buf[off+4], 0x20, INQUIRY_VENDOR_LEN);
250 memcpy(&buf[off+4], dev->t10_wwn.vendor,
251 strnlen(dev->t10_wwn.vendor, INQUIRY_VENDOR_LEN));
252 /* Extra Byte for NULL Terminator */
253 id_len++;
254 /* Identifier Length */
255 buf[off+3] = id_len;
256 /* Header size for Designation descriptor */
257 len += (id_len + 4);
258 off += (id_len + 4);
259
260 if (1) {
261 struct t10_alua_lu_gp *lu_gp;
262 u32 padding, scsi_name_len, scsi_target_len;
263 u16 lu_gp_id = 0;
264 u16 tg_pt_gp_id = 0;
265 u16 tpgt;
266
267 tpg = lun->lun_tpg;
268 /*
269 * Relative target port identifer, see spc4r17
270 * section 7.7.3.7
271 *
272 * Get the PROTOCOL IDENTIFIER as defined by spc4r17
273 * section 7.5.1 Table 362
274 */
275 buf[off] = tpg->proto_id << 4;
276 buf[off++] |= 0x1; /* CODE SET == Binary */
277 buf[off] = 0x80; /* Set PIV=1 */
278 /* Set ASSOCIATION == target port: 01b */
279 buf[off] |= 0x10;
280 /* DESIGNATOR TYPE == Relative target port identifer */
281 buf[off++] |= 0x4;
282 off++; /* Skip over Reserved */
283 buf[off++] = 4; /* DESIGNATOR LENGTH */
284 /* Skip over Obsolete field in RTPI payload
285 * in Table 472 */
286 off += 2;
287 put_unaligned_be16(lun->lun_rtpi, &buf[off]);
288 off += 2;
289 len += 8; /* Header size + Designation descriptor */
290 /*
291 * Target port group identifier, see spc4r17
292 * section 7.7.3.8
293 *
294 * Get the PROTOCOL IDENTIFIER as defined by spc4r17
295 * section 7.5.1 Table 362
296 */
297 spin_lock(&lun->lun_tg_pt_gp_lock);
298 tg_pt_gp = lun->lun_tg_pt_gp;
299 if (!tg_pt_gp) {
300 spin_unlock(&lun->lun_tg_pt_gp_lock);
301 goto check_lu_gp;
302 }
303 tg_pt_gp_id = tg_pt_gp->tg_pt_gp_id;
304 spin_unlock(&lun->lun_tg_pt_gp_lock);
305
306 buf[off] = tpg->proto_id << 4;
307 buf[off++] |= 0x1; /* CODE SET == Binary */
308 buf[off] = 0x80; /* Set PIV=1 */
309 /* Set ASSOCIATION == target port: 01b */
310 buf[off] |= 0x10;
311 /* DESIGNATOR TYPE == Target port group identifier */
312 buf[off++] |= 0x5;
313 off++; /* Skip over Reserved */
314 buf[off++] = 4; /* DESIGNATOR LENGTH */
315 off += 2; /* Skip over Reserved Field */
316 put_unaligned_be16(tg_pt_gp_id, &buf[off]);
317 off += 2;
318 len += 8; /* Header size + Designation descriptor */
319 /*
320 * Logical Unit Group identifier, see spc4r17
321 * section 7.7.3.8
322 */
323 check_lu_gp:
324 lu_gp_mem = dev->dev_alua_lu_gp_mem;
325 if (!lu_gp_mem)
326 goto check_scsi_name;
327
328 spin_lock(&lu_gp_mem->lu_gp_mem_lock);
329 lu_gp = lu_gp_mem->lu_gp;
330 if (!lu_gp) {
331 spin_unlock(&lu_gp_mem->lu_gp_mem_lock);
332 goto check_scsi_name;
333 }
334 lu_gp_id = lu_gp->lu_gp_id;
335 spin_unlock(&lu_gp_mem->lu_gp_mem_lock);
336
337 buf[off++] |= 0x1; /* CODE SET == Binary */
338 /* DESIGNATOR TYPE == Logical Unit Group identifier */
339 buf[off++] |= 0x6;
340 off++; /* Skip over Reserved */
341 buf[off++] = 4; /* DESIGNATOR LENGTH */
342 off += 2; /* Skip over Reserved Field */
343 put_unaligned_be16(lu_gp_id, &buf[off]);
344 off += 2;
345 len += 8; /* Header size + Designation descriptor */
346 /*
347 * SCSI name string designator, see spc4r17
348 * section 7.7.3.11
349 *
350 * Get the PROTOCOL IDENTIFIER as defined by spc4r17
351 * section 7.5.1 Table 362
352 */
353 check_scsi_name:
354 buf[off] = tpg->proto_id << 4;
355 buf[off++] |= 0x3; /* CODE SET == UTF-8 */
356 buf[off] = 0x80; /* Set PIV=1 */
357 /* Set ASSOCIATION == target port: 01b */
358 buf[off] |= 0x10;
359 /* DESIGNATOR TYPE == SCSI name string */
360 buf[off++] |= 0x8;
361 off += 2; /* Skip over Reserved and length */
362 /*
363 * SCSI name string identifer containing, $FABRIC_MOD
364 * dependent information. For LIO-Target and iSCSI
365 * Target Port, this means "<iSCSI name>,t,0x<TPGT> in
366 * UTF-8 encoding.
367 */
368 tpgt = tpg->se_tpg_tfo->tpg_get_tag(tpg);
369 scsi_name_len = sprintf(&buf[off], "%s,t,0x%04x",
370 tpg->se_tpg_tfo->tpg_get_wwn(tpg), tpgt);
371 scsi_name_len += 1 /* Include NULL terminator */;
372 /*
373 * The null-terminated, null-padded (see 4.4.2) SCSI
374 * NAME STRING field contains a UTF-8 format string.
375 * The number of bytes in the SCSI NAME STRING field
376 * (i.e., the value in the DESIGNATOR LENGTH field)
377 * shall be no larger than 256 and shall be a multiple
378 * of four.
379 */
380 padding = ((-scsi_name_len) & 3);
381 if (padding)
382 scsi_name_len += padding;
383 if (scsi_name_len > 256)
384 scsi_name_len = 256;
385
386 buf[off-1] = scsi_name_len;
387 off += scsi_name_len;
388 /* Header size + Designation descriptor */
389 len += (scsi_name_len + 4);
390
391 /*
392 * Target device designator
393 */
394 buf[off] = tpg->proto_id << 4;
395 buf[off++] |= 0x3; /* CODE SET == UTF-8 */
396 buf[off] = 0x80; /* Set PIV=1 */
397 /* Set ASSOCIATION == target device: 10b */
398 buf[off] |= 0x20;
399 /* DESIGNATOR TYPE == SCSI name string */
400 buf[off++] |= 0x8;
401 off += 2; /* Skip over Reserved and length */
402 /*
403 * SCSI name string identifer containing, $FABRIC_MOD
404 * dependent information. For LIO-Target and iSCSI
405 * Target Port, this means "<iSCSI name>" in
406 * UTF-8 encoding.
407 */
408 scsi_target_len = sprintf(&buf[off], "%s",
409 tpg->se_tpg_tfo->tpg_get_wwn(tpg));
410 scsi_target_len += 1 /* Include NULL terminator */;
411 /*
412 * The null-terminated, null-padded (see 4.4.2) SCSI
413 * NAME STRING field contains a UTF-8 format string.
414 * The number of bytes in the SCSI NAME STRING field
415 * (i.e., the value in the DESIGNATOR LENGTH field)
416 * shall be no larger than 256 and shall be a multiple
417 * of four.
418 */
419 padding = ((-scsi_target_len) & 3);
420 if (padding)
421 scsi_target_len += padding;
422 if (scsi_target_len > 256)
423 scsi_target_len = 256;
424
425 buf[off-1] = scsi_target_len;
426 off += scsi_target_len;
427
428 /* Header size + Designation descriptor */
429 len += (scsi_target_len + 4);
430 }
431 put_unaligned_be16(len, &buf[2]); /* Page Length for VPD 0x83 */
432 return 0;
433 }
434 EXPORT_SYMBOL(spc_emulate_evpd_83);
435
436 /* Extended INQUIRY Data VPD Page */
437 static sense_reason_t
spc_emulate_evpd_86(struct se_cmd * cmd,unsigned char * buf)438 spc_emulate_evpd_86(struct se_cmd *cmd, unsigned char *buf)
439 {
440 struct se_device *dev = cmd->se_dev;
441 struct se_session *sess = cmd->se_sess;
442
443 buf[3] = 0x3c;
444 /*
445 * Set GRD_CHK + REF_CHK for TYPE1 protection, or GRD_CHK
446 * only for TYPE3 protection.
447 */
448 if (sess->sup_prot_ops & (TARGET_PROT_DIN_PASS | TARGET_PROT_DOUT_PASS)) {
449 if (dev->dev_attrib.pi_prot_type == TARGET_DIF_TYPE1_PROT ||
450 cmd->se_sess->sess_prot_type == TARGET_DIF_TYPE1_PROT)
451 buf[4] = 0x5;
452 else if (dev->dev_attrib.pi_prot_type == TARGET_DIF_TYPE3_PROT ||
453 cmd->se_sess->sess_prot_type == TARGET_DIF_TYPE3_PROT)
454 buf[4] = 0x4;
455 }
456
457 /* logical unit supports type 1 and type 3 protection */
458 if ((dev->transport->get_device_type(dev) == TYPE_DISK) &&
459 (sess->sup_prot_ops & (TARGET_PROT_DIN_PASS | TARGET_PROT_DOUT_PASS)) &&
460 (dev->dev_attrib.pi_prot_type || cmd->se_sess->sess_prot_type)) {
461 buf[4] |= (0x3 << 3);
462 }
463
464 /* Set HEADSUP, ORDSUP, SIMPSUP */
465 buf[5] = 0x07;
466
467 /* If WriteCache emulation is enabled, set V_SUP */
468 if (target_check_wce(dev))
469 buf[6] = 0x01;
470 /* If an LBA map is present set R_SUP */
471 spin_lock(&cmd->se_dev->t10_alua.lba_map_lock);
472 if (!list_empty(&dev->t10_alua.lba_map_list))
473 buf[8] = 0x10;
474 spin_unlock(&cmd->se_dev->t10_alua.lba_map_lock);
475 return 0;
476 }
477
478 /* Block Limits VPD page */
479 static sense_reason_t
spc_emulate_evpd_b0(struct se_cmd * cmd,unsigned char * buf)480 spc_emulate_evpd_b0(struct se_cmd *cmd, unsigned char *buf)
481 {
482 struct se_device *dev = cmd->se_dev;
483 u32 mtl = 0;
484 int have_tp = 0, opt, min;
485
486 /*
487 * Following spc3r22 section 6.5.3 Block Limits VPD page, when
488 * emulate_tpu=1 or emulate_tpws=1 we will be expect a
489 * different page length for Thin Provisioning.
490 */
491 if (dev->dev_attrib.emulate_tpu || dev->dev_attrib.emulate_tpws)
492 have_tp = 1;
493
494 buf[0] = dev->transport->get_device_type(dev);
495 buf[3] = have_tp ? 0x3c : 0x10;
496
497 /* Set WSNZ to 1 */
498 buf[4] = 0x01;
499 /*
500 * Set MAXIMUM COMPARE AND WRITE LENGTH
501 */
502 if (dev->dev_attrib.emulate_caw)
503 buf[5] = 0x01;
504
505 /*
506 * Set OPTIMAL TRANSFER LENGTH GRANULARITY
507 */
508 if (dev->transport->get_io_min && (min = dev->transport->get_io_min(dev)))
509 put_unaligned_be16(min / dev->dev_attrib.block_size, &buf[6]);
510 else
511 put_unaligned_be16(1, &buf[6]);
512
513 /*
514 * Set MAXIMUM TRANSFER LENGTH
515 *
516 * XXX: Currently assumes single PAGE_SIZE per scatterlist for fabrics
517 * enforcing maximum HW scatter-gather-list entry limit
518 */
519 if (cmd->se_tfo->max_data_sg_nents) {
520 mtl = (cmd->se_tfo->max_data_sg_nents * PAGE_SIZE) /
521 dev->dev_attrib.block_size;
522 }
523 put_unaligned_be32(min_not_zero(mtl, dev->dev_attrib.hw_max_sectors), &buf[8]);
524
525 /*
526 * Set OPTIMAL TRANSFER LENGTH
527 */
528 if (dev->transport->get_io_opt && (opt = dev->transport->get_io_opt(dev)))
529 put_unaligned_be32(opt / dev->dev_attrib.block_size, &buf[12]);
530 else
531 put_unaligned_be32(dev->dev_attrib.optimal_sectors, &buf[12]);
532
533 /*
534 * Exit now if we don't support TP.
535 */
536 if (!have_tp)
537 goto max_write_same;
538
539 /*
540 * Set MAXIMUM UNMAP LBA COUNT
541 */
542 put_unaligned_be32(dev->dev_attrib.max_unmap_lba_count, &buf[20]);
543
544 /*
545 * Set MAXIMUM UNMAP BLOCK DESCRIPTOR COUNT
546 */
547 put_unaligned_be32(dev->dev_attrib.max_unmap_block_desc_count,
548 &buf[24]);
549
550 /*
551 * Set OPTIMAL UNMAP GRANULARITY
552 */
553 put_unaligned_be32(dev->dev_attrib.unmap_granularity, &buf[28]);
554
555 /*
556 * UNMAP GRANULARITY ALIGNMENT
557 */
558 put_unaligned_be32(dev->dev_attrib.unmap_granularity_alignment,
559 &buf[32]);
560 if (dev->dev_attrib.unmap_granularity_alignment != 0)
561 buf[32] |= 0x80; /* Set the UGAVALID bit */
562
563 /*
564 * MAXIMUM WRITE SAME LENGTH
565 */
566 max_write_same:
567 put_unaligned_be64(dev->dev_attrib.max_write_same_len, &buf[36]);
568
569 return 0;
570 }
571
572 /* Block Device Characteristics VPD page */
573 static sense_reason_t
spc_emulate_evpd_b1(struct se_cmd * cmd,unsigned char * buf)574 spc_emulate_evpd_b1(struct se_cmd *cmd, unsigned char *buf)
575 {
576 struct se_device *dev = cmd->se_dev;
577
578 buf[0] = dev->transport->get_device_type(dev);
579 buf[3] = 0x3c;
580 buf[5] = dev->dev_attrib.is_nonrot ? 1 : 0;
581
582 return 0;
583 }
584
585 /* Thin Provisioning VPD */
586 static sense_reason_t
spc_emulate_evpd_b2(struct se_cmd * cmd,unsigned char * buf)587 spc_emulate_evpd_b2(struct se_cmd *cmd, unsigned char *buf)
588 {
589 struct se_device *dev = cmd->se_dev;
590
591 /*
592 * From spc3r22 section 6.5.4 Thin Provisioning VPD page:
593 *
594 * The PAGE LENGTH field is defined in SPC-4. If the DP bit is set to
595 * zero, then the page length shall be set to 0004h. If the DP bit
596 * is set to one, then the page length shall be set to the value
597 * defined in table 162.
598 */
599 buf[0] = dev->transport->get_device_type(dev);
600
601 /*
602 * Set Hardcoded length mentioned above for DP=0
603 */
604 put_unaligned_be16(0x0004, &buf[2]);
605
606 /*
607 * The THRESHOLD EXPONENT field indicates the threshold set size in
608 * LBAs as a power of 2 (i.e., the threshold set size is equal to
609 * 2(threshold exponent)).
610 *
611 * Note that this is currently set to 0x00 as mkp says it will be
612 * changing again. We can enable this once it has settled in T10
613 * and is actually used by Linux/SCSI ML code.
614 */
615 buf[4] = 0x00;
616
617 /*
618 * A TPU bit set to one indicates that the device server supports
619 * the UNMAP command (see 5.25). A TPU bit set to zero indicates
620 * that the device server does not support the UNMAP command.
621 */
622 if (dev->dev_attrib.emulate_tpu != 0)
623 buf[5] = 0x80;
624
625 /*
626 * A TPWS bit set to one indicates that the device server supports
627 * the use of the WRITE SAME (16) command (see 5.42) to unmap LBAs.
628 * A TPWS bit set to zero indicates that the device server does not
629 * support the use of the WRITE SAME (16) command to unmap LBAs.
630 */
631 if (dev->dev_attrib.emulate_tpws != 0)
632 buf[5] |= 0x40 | 0x20;
633
634 /*
635 * The unmap_zeroes_data set means that the underlying device supports
636 * REQ_OP_DISCARD and has the discard_zeroes_data bit set. This
637 * satisfies the SBC requirements for LBPRZ, meaning that a subsequent
638 * read will return zeroes after an UNMAP or WRITE SAME (16) to an LBA
639 * See sbc4r36 6.6.4.
640 */
641 if (((dev->dev_attrib.emulate_tpu != 0) ||
642 (dev->dev_attrib.emulate_tpws != 0)) &&
643 (dev->dev_attrib.unmap_zeroes_data != 0))
644 buf[5] |= 0x04;
645
646 return 0;
647 }
648
649 /* Referrals VPD page */
650 static sense_reason_t
spc_emulate_evpd_b3(struct se_cmd * cmd,unsigned char * buf)651 spc_emulate_evpd_b3(struct se_cmd *cmd, unsigned char *buf)
652 {
653 struct se_device *dev = cmd->se_dev;
654
655 buf[0] = dev->transport->get_device_type(dev);
656 buf[3] = 0x0c;
657 put_unaligned_be32(dev->t10_alua.lba_map_segment_size, &buf[8]);
658 put_unaligned_be32(dev->t10_alua.lba_map_segment_multiplier, &buf[12]);
659
660 return 0;
661 }
662
663 static sense_reason_t
664 spc_emulate_evpd_00(struct se_cmd *cmd, unsigned char *buf);
665
666 static struct {
667 uint8_t page;
668 sense_reason_t (*emulate)(struct se_cmd *, unsigned char *);
669 } evpd_handlers[] = {
670 { .page = 0x00, .emulate = spc_emulate_evpd_00 },
671 { .page = 0x80, .emulate = spc_emulate_evpd_80 },
672 { .page = 0x83, .emulate = spc_emulate_evpd_83 },
673 { .page = 0x86, .emulate = spc_emulate_evpd_86 },
674 { .page = 0xb0, .emulate = spc_emulate_evpd_b0 },
675 { .page = 0xb1, .emulate = spc_emulate_evpd_b1 },
676 { .page = 0xb2, .emulate = spc_emulate_evpd_b2 },
677 { .page = 0xb3, .emulate = spc_emulate_evpd_b3 },
678 };
679
680 /* supported vital product data pages */
681 static sense_reason_t
spc_emulate_evpd_00(struct se_cmd * cmd,unsigned char * buf)682 spc_emulate_evpd_00(struct se_cmd *cmd, unsigned char *buf)
683 {
684 int p;
685
686 /*
687 * Only report the INQUIRY EVPD=1 pages after a valid NAA
688 * Registered Extended LUN WWN has been set via ConfigFS
689 * during device creation/restart.
690 */
691 if (cmd->se_dev->dev_flags & DF_EMULATED_VPD_UNIT_SERIAL) {
692 buf[3] = ARRAY_SIZE(evpd_handlers);
693 for (p = 0; p < ARRAY_SIZE(evpd_handlers); ++p)
694 buf[p + 4] = evpd_handlers[p].page;
695 }
696
697 return 0;
698 }
699
700 static sense_reason_t
spc_emulate_inquiry(struct se_cmd * cmd)701 spc_emulate_inquiry(struct se_cmd *cmd)
702 {
703 struct se_device *dev = cmd->se_dev;
704 struct se_portal_group *tpg = cmd->se_lun->lun_tpg;
705 unsigned char *rbuf;
706 unsigned char *cdb = cmd->t_task_cdb;
707 unsigned char *buf;
708 sense_reason_t ret;
709 int p;
710 int len = 0;
711
712 buf = kzalloc(SE_INQUIRY_BUF, GFP_KERNEL);
713 if (!buf) {
714 pr_err("Unable to allocate response buffer for INQUIRY\n");
715 return TCM_LOGICAL_UNIT_COMMUNICATION_FAILURE;
716 }
717
718 if (dev == rcu_access_pointer(tpg->tpg_virt_lun0->lun_se_dev))
719 buf[0] = 0x3f; /* Not connected */
720 else
721 buf[0] = dev->transport->get_device_type(dev);
722
723 if (!(cdb[1] & 0x1)) {
724 if (cdb[2]) {
725 pr_err("INQUIRY with EVPD==0 but PAGE CODE=%02x\n",
726 cdb[2]);
727 ret = TCM_INVALID_CDB_FIELD;
728 goto out;
729 }
730
731 ret = spc_emulate_inquiry_std(cmd, buf);
732 len = buf[4] + 5;
733 goto out;
734 }
735
736 for (p = 0; p < ARRAY_SIZE(evpd_handlers); ++p) {
737 if (cdb[2] == evpd_handlers[p].page) {
738 buf[1] = cdb[2];
739 ret = evpd_handlers[p].emulate(cmd, buf);
740 len = get_unaligned_be16(&buf[2]) + 4;
741 goto out;
742 }
743 }
744
745 pr_err("Unknown VPD Code: 0x%02x\n", cdb[2]);
746 ret = TCM_INVALID_CDB_FIELD;
747
748 out:
749 rbuf = transport_kmap_data_sg(cmd);
750 if (rbuf) {
751 memcpy(rbuf, buf, min_t(u32, SE_INQUIRY_BUF, cmd->data_length));
752 transport_kunmap_data_sg(cmd);
753 }
754 kfree(buf);
755
756 if (!ret)
757 target_complete_cmd_with_length(cmd, GOOD, len);
758 return ret;
759 }
760
spc_modesense_rwrecovery(struct se_cmd * cmd,u8 pc,u8 * p)761 static int spc_modesense_rwrecovery(struct se_cmd *cmd, u8 pc, u8 *p)
762 {
763 p[0] = 0x01;
764 p[1] = 0x0a;
765
766 /* No changeable values for now */
767 if (pc == 1)
768 goto out;
769
770 out:
771 return 12;
772 }
773
spc_modesense_control(struct se_cmd * cmd,u8 pc,u8 * p)774 static int spc_modesense_control(struct se_cmd *cmd, u8 pc, u8 *p)
775 {
776 struct se_device *dev = cmd->se_dev;
777 struct se_session *sess = cmd->se_sess;
778
779 p[0] = 0x0a;
780 p[1] = 0x0a;
781
782 /* No changeable values for now */
783 if (pc == 1)
784 goto out;
785
786 /* GLTSD: No implicit save of log parameters */
787 p[2] = (1 << 1);
788 if (target_sense_desc_format(dev))
789 /* D_SENSE: Descriptor format sense data for 64bit sectors */
790 p[2] |= (1 << 2);
791
792 /*
793 * From spc4r23, 7.4.7 Control mode page
794 *
795 * The QUEUE ALGORITHM MODIFIER field (see table 368) specifies
796 * restrictions on the algorithm used for reordering commands
797 * having the SIMPLE task attribute (see SAM-4).
798 *
799 * Table 368 -- QUEUE ALGORITHM MODIFIER field
800 * Code Description
801 * 0h Restricted reordering
802 * 1h Unrestricted reordering allowed
803 * 2h to 7h Reserved
804 * 8h to Fh Vendor specific
805 *
806 * A value of zero in the QUEUE ALGORITHM MODIFIER field specifies that
807 * the device server shall order the processing sequence of commands
808 * having the SIMPLE task attribute such that data integrity is maintained
809 * for that I_T nexus (i.e., if the transmission of new SCSI transport protocol
810 * requests is halted at any time, the final value of all data observable
811 * on the medium shall be the same as if all the commands had been processed
812 * with the ORDERED task attribute).
813 *
814 * A value of one in the QUEUE ALGORITHM MODIFIER field specifies that the
815 * device server may reorder the processing sequence of commands having the
816 * SIMPLE task attribute in any manner. Any data integrity exposures related to
817 * command sequence order shall be explicitly handled by the application client
818 * through the selection of appropriate ommands and task attributes.
819 */
820 p[3] = (dev->dev_attrib.emulate_rest_reord == 1) ? 0x00 : 0x10;
821 /*
822 * From spc4r17, section 7.4.6 Control mode Page
823 *
824 * Unit Attention interlocks control (UN_INTLCK_CTRL) to code 00b
825 *
826 * 00b: The logical unit shall clear any unit attention condition
827 * reported in the same I_T_L_Q nexus transaction as a CHECK CONDITION
828 * status and shall not establish a unit attention condition when a com-
829 * mand is completed with BUSY, TASK SET FULL, or RESERVATION CONFLICT
830 * status.
831 *
832 * 10b: The logical unit shall not clear any unit attention condition
833 * reported in the same I_T_L_Q nexus transaction as a CHECK CONDITION
834 * status and shall not establish a unit attention condition when
835 * a command is completed with BUSY, TASK SET FULL, or RESERVATION
836 * CONFLICT status.
837 *
838 * 11b a The logical unit shall not clear any unit attention condition
839 * reported in the same I_T_L_Q nexus transaction as a CHECK CONDITION
840 * status and shall establish a unit attention condition for the
841 * initiator port associated with the I_T nexus on which the BUSY,
842 * TASK SET FULL, or RESERVATION CONFLICT status is being returned.
843 * Depending on the status, the additional sense code shall be set to
844 * PREVIOUS BUSY STATUS, PREVIOUS TASK SET FULL STATUS, or PREVIOUS
845 * RESERVATION CONFLICT STATUS. Until it is cleared by a REQUEST SENSE
846 * command, a unit attention condition shall be established only once
847 * for a BUSY, TASK SET FULL, or RESERVATION CONFLICT status regardless
848 * to the number of commands completed with one of those status codes.
849 */
850 p[4] = (dev->dev_attrib.emulate_ua_intlck_ctrl == 2) ? 0x30 :
851 (dev->dev_attrib.emulate_ua_intlck_ctrl == 1) ? 0x20 : 0x00;
852 /*
853 * From spc4r17, section 7.4.6 Control mode Page
854 *
855 * Task Aborted Status (TAS) bit set to zero.
856 *
857 * A task aborted status (TAS) bit set to zero specifies that aborted
858 * tasks shall be terminated by the device server without any response
859 * to the application client. A TAS bit set to one specifies that tasks
860 * aborted by the actions of an I_T nexus other than the I_T nexus on
861 * which the command was received shall be completed with TASK ABORTED
862 * status (see SAM-4).
863 */
864 p[5] = (dev->dev_attrib.emulate_tas) ? 0x40 : 0x00;
865 /*
866 * From spc4r30, section 7.5.7 Control mode page
867 *
868 * Application Tag Owner (ATO) bit set to one.
869 *
870 * If the ATO bit is set to one the device server shall not modify the
871 * LOGICAL BLOCK APPLICATION TAG field and, depending on the protection
872 * type, shall not modify the contents of the LOGICAL BLOCK REFERENCE
873 * TAG field.
874 */
875 if (sess->sup_prot_ops & (TARGET_PROT_DIN_PASS | TARGET_PROT_DOUT_PASS)) {
876 if (dev->dev_attrib.pi_prot_type || sess->sess_prot_type)
877 p[5] |= 0x80;
878 }
879
880 p[8] = 0xff;
881 p[9] = 0xff;
882 p[11] = 30;
883
884 out:
885 return 12;
886 }
887
spc_modesense_caching(struct se_cmd * cmd,u8 pc,u8 * p)888 static int spc_modesense_caching(struct se_cmd *cmd, u8 pc, u8 *p)
889 {
890 struct se_device *dev = cmd->se_dev;
891
892 p[0] = 0x08;
893 p[1] = 0x12;
894
895 /* No changeable values for now */
896 if (pc == 1)
897 goto out;
898
899 if (target_check_wce(dev))
900 p[2] = 0x04; /* Write Cache Enable */
901 p[12] = 0x20; /* Disabled Read Ahead */
902
903 out:
904 return 20;
905 }
906
spc_modesense_informational_exceptions(struct se_cmd * cmd,u8 pc,unsigned char * p)907 static int spc_modesense_informational_exceptions(struct se_cmd *cmd, u8 pc, unsigned char *p)
908 {
909 p[0] = 0x1c;
910 p[1] = 0x0a;
911
912 /* No changeable values for now */
913 if (pc == 1)
914 goto out;
915
916 out:
917 return 12;
918 }
919
920 static struct {
921 uint8_t page;
922 uint8_t subpage;
923 int (*emulate)(struct se_cmd *, u8, unsigned char *);
924 } modesense_handlers[] = {
925 { .page = 0x01, .subpage = 0x00, .emulate = spc_modesense_rwrecovery },
926 { .page = 0x08, .subpage = 0x00, .emulate = spc_modesense_caching },
927 { .page = 0x0a, .subpage = 0x00, .emulate = spc_modesense_control },
928 { .page = 0x1c, .subpage = 0x00, .emulate = spc_modesense_informational_exceptions },
929 };
930
spc_modesense_write_protect(unsigned char * buf,int type)931 static void spc_modesense_write_protect(unsigned char *buf, int type)
932 {
933 /*
934 * I believe that the WP bit (bit 7) in the mode header is the same for
935 * all device types..
936 */
937 switch (type) {
938 case TYPE_DISK:
939 case TYPE_TAPE:
940 default:
941 buf[0] |= 0x80; /* WP bit */
942 break;
943 }
944 }
945
spc_modesense_dpofua(unsigned char * buf,int type)946 static void spc_modesense_dpofua(unsigned char *buf, int type)
947 {
948 switch (type) {
949 case TYPE_DISK:
950 buf[0] |= 0x10; /* DPOFUA bit */
951 break;
952 default:
953 break;
954 }
955 }
956
spc_modesense_blockdesc(unsigned char * buf,u64 blocks,u32 block_size)957 static int spc_modesense_blockdesc(unsigned char *buf, u64 blocks, u32 block_size)
958 {
959 *buf++ = 8;
960 put_unaligned_be32(min(blocks, 0xffffffffull), buf);
961 buf += 4;
962 put_unaligned_be32(block_size, buf);
963 return 9;
964 }
965
spc_modesense_long_blockdesc(unsigned char * buf,u64 blocks,u32 block_size)966 static int spc_modesense_long_blockdesc(unsigned char *buf, u64 blocks, u32 block_size)
967 {
968 if (blocks <= 0xffffffff)
969 return spc_modesense_blockdesc(buf + 3, blocks, block_size) + 3;
970
971 *buf++ = 1; /* LONGLBA */
972 buf += 2;
973 *buf++ = 16;
974 put_unaligned_be64(blocks, buf);
975 buf += 12;
976 put_unaligned_be32(block_size, buf);
977
978 return 17;
979 }
980
spc_emulate_modesense(struct se_cmd * cmd)981 static sense_reason_t spc_emulate_modesense(struct se_cmd *cmd)
982 {
983 struct se_device *dev = cmd->se_dev;
984 char *cdb = cmd->t_task_cdb;
985 unsigned char buf[SE_MODE_PAGE_BUF], *rbuf;
986 int type = dev->transport->get_device_type(dev);
987 int ten = (cmd->t_task_cdb[0] == MODE_SENSE_10);
988 bool dbd = !!(cdb[1] & 0x08);
989 bool llba = ten ? !!(cdb[1] & 0x10) : false;
990 u8 pc = cdb[2] >> 6;
991 u8 page = cdb[2] & 0x3f;
992 u8 subpage = cdb[3];
993 int length = 0;
994 int ret;
995 int i;
996
997 memset(buf, 0, SE_MODE_PAGE_BUF);
998
999 /*
1000 * Skip over MODE DATA LENGTH + MEDIUM TYPE fields to byte 3 for
1001 * MODE_SENSE_10 and byte 2 for MODE_SENSE (6).
1002 */
1003 length = ten ? 3 : 2;
1004
1005 /* DEVICE-SPECIFIC PARAMETER */
1006 if (cmd->se_lun->lun_access_ro || target_lun_is_rdonly(cmd))
1007 spc_modesense_write_protect(&buf[length], type);
1008
1009 /*
1010 * SBC only allows us to enable FUA and DPO together. Fortunately
1011 * DPO is explicitly specified as a hint, so a noop is a perfectly
1012 * valid implementation.
1013 */
1014 if (target_check_fua(dev))
1015 spc_modesense_dpofua(&buf[length], type);
1016
1017 ++length;
1018
1019 /* BLOCK DESCRIPTOR */
1020
1021 /*
1022 * For now we only include a block descriptor for disk (SBC)
1023 * devices; other command sets use a slightly different format.
1024 */
1025 if (!dbd && type == TYPE_DISK) {
1026 u64 blocks = dev->transport->get_blocks(dev);
1027 u32 block_size = dev->dev_attrib.block_size;
1028
1029 if (ten) {
1030 if (llba) {
1031 length += spc_modesense_long_blockdesc(&buf[length],
1032 blocks, block_size);
1033 } else {
1034 length += 3;
1035 length += spc_modesense_blockdesc(&buf[length],
1036 blocks, block_size);
1037 }
1038 } else {
1039 length += spc_modesense_blockdesc(&buf[length], blocks,
1040 block_size);
1041 }
1042 } else {
1043 if (ten)
1044 length += 4;
1045 else
1046 length += 1;
1047 }
1048
1049 if (page == 0x3f) {
1050 if (subpage != 0x00 && subpage != 0xff) {
1051 pr_warn("MODE_SENSE: Invalid subpage code: 0x%02x\n", subpage);
1052 return TCM_INVALID_CDB_FIELD;
1053 }
1054
1055 for (i = 0; i < ARRAY_SIZE(modesense_handlers); ++i) {
1056 /*
1057 * Tricky way to say all subpage 00h for
1058 * subpage==0, all subpages for subpage==0xff
1059 * (and we just checked above that those are
1060 * the only two possibilities).
1061 */
1062 if ((modesense_handlers[i].subpage & ~subpage) == 0) {
1063 ret = modesense_handlers[i].emulate(cmd, pc, &buf[length]);
1064 if (!ten && length + ret >= 255)
1065 break;
1066 length += ret;
1067 }
1068 }
1069
1070 goto set_length;
1071 }
1072
1073 for (i = 0; i < ARRAY_SIZE(modesense_handlers); ++i)
1074 if (modesense_handlers[i].page == page &&
1075 modesense_handlers[i].subpage == subpage) {
1076 length += modesense_handlers[i].emulate(cmd, pc, &buf[length]);
1077 goto set_length;
1078 }
1079
1080 /*
1081 * We don't intend to implement:
1082 * - obsolete page 03h "format parameters" (checked by Solaris)
1083 */
1084 if (page != 0x03)
1085 pr_err("MODE SENSE: unimplemented page/subpage: 0x%02x/0x%02x\n",
1086 page, subpage);
1087
1088 return TCM_UNKNOWN_MODE_PAGE;
1089
1090 set_length:
1091 if (ten)
1092 put_unaligned_be16(length - 2, buf);
1093 else
1094 buf[0] = length - 1;
1095
1096 rbuf = transport_kmap_data_sg(cmd);
1097 if (rbuf) {
1098 memcpy(rbuf, buf, min_t(u32, SE_MODE_PAGE_BUF, cmd->data_length));
1099 transport_kunmap_data_sg(cmd);
1100 }
1101
1102 target_complete_cmd_with_length(cmd, GOOD, length);
1103 return 0;
1104 }
1105
spc_emulate_modeselect(struct se_cmd * cmd)1106 static sense_reason_t spc_emulate_modeselect(struct se_cmd *cmd)
1107 {
1108 char *cdb = cmd->t_task_cdb;
1109 bool ten = cdb[0] == MODE_SELECT_10;
1110 int off = ten ? 8 : 4;
1111 bool pf = !!(cdb[1] & 0x10);
1112 u8 page, subpage;
1113 unsigned char *buf;
1114 unsigned char tbuf[SE_MODE_PAGE_BUF];
1115 int length;
1116 sense_reason_t ret = 0;
1117 int i;
1118
1119 if (!cmd->data_length) {
1120 target_complete_cmd(cmd, GOOD);
1121 return 0;
1122 }
1123
1124 if (cmd->data_length < off + 2)
1125 return TCM_PARAMETER_LIST_LENGTH_ERROR;
1126
1127 buf = transport_kmap_data_sg(cmd);
1128 if (!buf)
1129 return TCM_LOGICAL_UNIT_COMMUNICATION_FAILURE;
1130
1131 if (!pf) {
1132 ret = TCM_INVALID_CDB_FIELD;
1133 goto out;
1134 }
1135
1136 page = buf[off] & 0x3f;
1137 subpage = buf[off] & 0x40 ? buf[off + 1] : 0;
1138
1139 for (i = 0; i < ARRAY_SIZE(modesense_handlers); ++i)
1140 if (modesense_handlers[i].page == page &&
1141 modesense_handlers[i].subpage == subpage) {
1142 memset(tbuf, 0, SE_MODE_PAGE_BUF);
1143 length = modesense_handlers[i].emulate(cmd, 0, tbuf);
1144 goto check_contents;
1145 }
1146
1147 ret = TCM_UNKNOWN_MODE_PAGE;
1148 goto out;
1149
1150 check_contents:
1151 if (cmd->data_length < off + length) {
1152 ret = TCM_PARAMETER_LIST_LENGTH_ERROR;
1153 goto out;
1154 }
1155
1156 if (memcmp(buf + off, tbuf, length))
1157 ret = TCM_INVALID_PARAMETER_LIST;
1158
1159 out:
1160 transport_kunmap_data_sg(cmd);
1161
1162 if (!ret)
1163 target_complete_cmd(cmd, GOOD);
1164 return ret;
1165 }
1166
spc_emulate_request_sense(struct se_cmd * cmd)1167 static sense_reason_t spc_emulate_request_sense(struct se_cmd *cmd)
1168 {
1169 unsigned char *cdb = cmd->t_task_cdb;
1170 unsigned char *rbuf;
1171 u8 ua_asc = 0, ua_ascq = 0;
1172 unsigned char buf[SE_SENSE_BUF];
1173 bool desc_format = target_sense_desc_format(cmd->se_dev);
1174
1175 memset(buf, 0, SE_SENSE_BUF);
1176
1177 if (cdb[1] & 0x01) {
1178 pr_err("REQUEST_SENSE description emulation not"
1179 " supported\n");
1180 return TCM_INVALID_CDB_FIELD;
1181 }
1182
1183 rbuf = transport_kmap_data_sg(cmd);
1184 if (!rbuf)
1185 return TCM_LOGICAL_UNIT_COMMUNICATION_FAILURE;
1186
1187 if (!core_scsi3_ua_clear_for_request_sense(cmd, &ua_asc, &ua_ascq))
1188 scsi_build_sense_buffer(desc_format, buf, UNIT_ATTENTION,
1189 ua_asc, ua_ascq);
1190 else
1191 scsi_build_sense_buffer(desc_format, buf, NO_SENSE, 0x0, 0x0);
1192
1193 memcpy(rbuf, buf, min_t(u32, sizeof(buf), cmd->data_length));
1194 transport_kunmap_data_sg(cmd);
1195
1196 target_complete_cmd(cmd, GOOD);
1197 return 0;
1198 }
1199
spc_emulate_report_luns(struct se_cmd * cmd)1200 sense_reason_t spc_emulate_report_luns(struct se_cmd *cmd)
1201 {
1202 struct se_dev_entry *deve;
1203 struct se_session *sess = cmd->se_sess;
1204 struct se_node_acl *nacl;
1205 struct scsi_lun slun;
1206 unsigned char *buf;
1207 u32 lun_count = 0, offset = 8;
1208 __be32 len;
1209
1210 buf = transport_kmap_data_sg(cmd);
1211 if (cmd->data_length && !buf)
1212 return TCM_LOGICAL_UNIT_COMMUNICATION_FAILURE;
1213
1214 /*
1215 * If no struct se_session pointer is present, this struct se_cmd is
1216 * coming via a target_core_mod PASSTHROUGH op, and not through
1217 * a $FABRIC_MOD. In that case, report LUN=0 only.
1218 */
1219 if (!sess)
1220 goto done;
1221
1222 nacl = sess->se_node_acl;
1223
1224 rcu_read_lock();
1225 hlist_for_each_entry_rcu(deve, &nacl->lun_entry_hlist, link) {
1226 /*
1227 * We determine the correct LUN LIST LENGTH even once we
1228 * have reached the initial allocation length.
1229 * See SPC2-R20 7.19.
1230 */
1231 lun_count++;
1232 if (offset >= cmd->data_length)
1233 continue;
1234
1235 int_to_scsilun(deve->mapped_lun, &slun);
1236 memcpy(buf + offset, &slun,
1237 min(8u, cmd->data_length - offset));
1238 offset += 8;
1239 }
1240 rcu_read_unlock();
1241
1242 /*
1243 * See SPC3 r07, page 159.
1244 */
1245 done:
1246 /*
1247 * If no LUNs are accessible, report virtual LUN 0.
1248 */
1249 if (lun_count == 0) {
1250 int_to_scsilun(0, &slun);
1251 if (cmd->data_length > 8)
1252 memcpy(buf + offset, &slun,
1253 min(8u, cmd->data_length - offset));
1254 lun_count = 1;
1255 }
1256
1257 if (buf) {
1258 len = cpu_to_be32(lun_count * 8);
1259 memcpy(buf, &len, min_t(int, sizeof len, cmd->data_length));
1260 transport_kunmap_data_sg(cmd);
1261 }
1262
1263 target_complete_cmd_with_length(cmd, GOOD, 8 + lun_count * 8);
1264 return 0;
1265 }
1266 EXPORT_SYMBOL(spc_emulate_report_luns);
1267
1268 static sense_reason_t
spc_emulate_testunitready(struct se_cmd * cmd)1269 spc_emulate_testunitready(struct se_cmd *cmd)
1270 {
1271 target_complete_cmd(cmd, GOOD);
1272 return 0;
1273 }
1274
1275 sense_reason_t
spc_parse_cdb(struct se_cmd * cmd,unsigned int * size)1276 spc_parse_cdb(struct se_cmd *cmd, unsigned int *size)
1277 {
1278 struct se_device *dev = cmd->se_dev;
1279 unsigned char *cdb = cmd->t_task_cdb;
1280
1281 if (!dev->dev_attrib.emulate_pr &&
1282 ((cdb[0] == PERSISTENT_RESERVE_IN) ||
1283 (cdb[0] == PERSISTENT_RESERVE_OUT) ||
1284 (cdb[0] == RELEASE || cdb[0] == RELEASE_10) ||
1285 (cdb[0] == RESERVE || cdb[0] == RESERVE_10))) {
1286 return TCM_UNSUPPORTED_SCSI_OPCODE;
1287 }
1288
1289 switch (cdb[0]) {
1290 case MODE_SELECT:
1291 *size = cdb[4];
1292 cmd->execute_cmd = spc_emulate_modeselect;
1293 break;
1294 case MODE_SELECT_10:
1295 *size = get_unaligned_be16(&cdb[7]);
1296 cmd->execute_cmd = spc_emulate_modeselect;
1297 break;
1298 case MODE_SENSE:
1299 *size = cdb[4];
1300 cmd->execute_cmd = spc_emulate_modesense;
1301 break;
1302 case MODE_SENSE_10:
1303 *size = get_unaligned_be16(&cdb[7]);
1304 cmd->execute_cmd = spc_emulate_modesense;
1305 break;
1306 case LOG_SELECT:
1307 case LOG_SENSE:
1308 *size = get_unaligned_be16(&cdb[7]);
1309 break;
1310 case PERSISTENT_RESERVE_IN:
1311 *size = get_unaligned_be16(&cdb[7]);
1312 cmd->execute_cmd = target_scsi3_emulate_pr_in;
1313 break;
1314 case PERSISTENT_RESERVE_OUT:
1315 *size = get_unaligned_be32(&cdb[5]);
1316 cmd->execute_cmd = target_scsi3_emulate_pr_out;
1317 break;
1318 case RELEASE:
1319 case RELEASE_10:
1320 if (cdb[0] == RELEASE_10)
1321 *size = get_unaligned_be16(&cdb[7]);
1322 else
1323 *size = cmd->data_length;
1324
1325 cmd->execute_cmd = target_scsi2_reservation_release;
1326 break;
1327 case RESERVE:
1328 case RESERVE_10:
1329 /*
1330 * The SPC-2 RESERVE does not contain a size in the SCSI CDB.
1331 * Assume the passthrough or $FABRIC_MOD will tell us about it.
1332 */
1333 if (cdb[0] == RESERVE_10)
1334 *size = get_unaligned_be16(&cdb[7]);
1335 else
1336 *size = cmd->data_length;
1337
1338 cmd->execute_cmd = target_scsi2_reservation_reserve;
1339 break;
1340 case REQUEST_SENSE:
1341 *size = cdb[4];
1342 cmd->execute_cmd = spc_emulate_request_sense;
1343 break;
1344 case INQUIRY:
1345 *size = get_unaligned_be16(&cdb[3]);
1346
1347 /*
1348 * Do implicit HEAD_OF_QUEUE processing for INQUIRY.
1349 * See spc4r17 section 5.3
1350 */
1351 cmd->sam_task_attr = TCM_HEAD_TAG;
1352 cmd->execute_cmd = spc_emulate_inquiry;
1353 break;
1354 case SECURITY_PROTOCOL_IN:
1355 case SECURITY_PROTOCOL_OUT:
1356 *size = get_unaligned_be32(&cdb[6]);
1357 break;
1358 case EXTENDED_COPY:
1359 *size = get_unaligned_be32(&cdb[10]);
1360 cmd->execute_cmd = target_do_xcopy;
1361 break;
1362 case RECEIVE_COPY_RESULTS:
1363 *size = get_unaligned_be32(&cdb[10]);
1364 cmd->execute_cmd = target_do_receive_copy_results;
1365 break;
1366 case READ_ATTRIBUTE:
1367 case WRITE_ATTRIBUTE:
1368 *size = get_unaligned_be32(&cdb[10]);
1369 break;
1370 case RECEIVE_DIAGNOSTIC:
1371 case SEND_DIAGNOSTIC:
1372 *size = get_unaligned_be16(&cdb[3]);
1373 break;
1374 case WRITE_BUFFER:
1375 *size = get_unaligned_be24(&cdb[6]);
1376 break;
1377 case REPORT_LUNS:
1378 cmd->execute_cmd = spc_emulate_report_luns;
1379 *size = get_unaligned_be32(&cdb[6]);
1380 /*
1381 * Do implicit HEAD_OF_QUEUE processing for REPORT_LUNS
1382 * See spc4r17 section 5.3
1383 */
1384 cmd->sam_task_attr = TCM_HEAD_TAG;
1385 break;
1386 case TEST_UNIT_READY:
1387 cmd->execute_cmd = spc_emulate_testunitready;
1388 *size = 0;
1389 break;
1390 case MAINTENANCE_IN:
1391 if (dev->transport->get_device_type(dev) != TYPE_ROM) {
1392 /*
1393 * MAINTENANCE_IN from SCC-2
1394 * Check for emulated MI_REPORT_TARGET_PGS
1395 */
1396 if ((cdb[1] & 0x1f) == MI_REPORT_TARGET_PGS) {
1397 cmd->execute_cmd =
1398 target_emulate_report_target_port_groups;
1399 }
1400 *size = get_unaligned_be32(&cdb[6]);
1401 } else {
1402 /*
1403 * GPCMD_SEND_KEY from multi media commands
1404 */
1405 *size = get_unaligned_be16(&cdb[8]);
1406 }
1407 break;
1408 case MAINTENANCE_OUT:
1409 if (dev->transport->get_device_type(dev) != TYPE_ROM) {
1410 /*
1411 * MAINTENANCE_OUT from SCC-2
1412 * Check for emulated MO_SET_TARGET_PGS.
1413 */
1414 if (cdb[1] == MO_SET_TARGET_PGS) {
1415 cmd->execute_cmd =
1416 target_emulate_set_target_port_groups;
1417 }
1418 *size = get_unaligned_be32(&cdb[6]);
1419 } else {
1420 /*
1421 * GPCMD_SEND_KEY from multi media commands
1422 */
1423 *size = get_unaligned_be16(&cdb[8]);
1424 }
1425 break;
1426 default:
1427 return TCM_UNSUPPORTED_SCSI_OPCODE;
1428 }
1429
1430 return 0;
1431 }
1432 EXPORT_SYMBOL(spc_parse_cdb);
1433