USB: gadgetfs race fix
[linux-2.6] / drivers / scsi / scsi_debug.c
1 /*
2  * vvvvvvvvvvvvvvvvvvvvvvv Original vvvvvvvvvvvvvvvvvvvvvvvvvvvvvvv
3  *  Copyright (C) 1992  Eric Youngdale
4  *  Simulate a host adapter with 2 disks attached.  Do a lot of checking
5  *  to make sure that we are not getting blocks mixed up, and PANIC if
6  *  anything out of the ordinary is seen.
7  * ^^^^^^^^^^^^^^^^^^^^^^^ Original ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
8  *
9  *  This version is more generic, simulating a variable number of disk
10  *  (or disk like devices) sharing a common amount of RAM. To be more
11  *  realistic, the simulated devices have the transport attributes of
12  *  SAS disks.
13  *
14  *
15  *  For documentation see http://www.torque.net/sg/sdebug26.html
16  *
17  *   D. Gilbert (dpg) work for Magneto-Optical device test [20010421]
18  *   dpg: work for devfs large number of disks [20010809]
19  *        forked for lk 2.5 series [20011216, 20020101]
20  *        use vmalloc() more inquiry+mode_sense [20020302]
21  *        add timers for delayed responses [20020721]
22  *   Patrick Mansfield <patmans@us.ibm.com> max_luns+scsi_level [20021031]
23  *   Mike Anderson <andmike@us.ibm.com> sysfs work [20021118]
24  *   dpg: change style of boot options to "scsi_debug.num_tgts=2" and
25  *        module options to "modprobe scsi_debug num_tgts=2" [20021221]
26  */
27
28 #include <linux/module.h>
29
30 #include <linux/kernel.h>
31 #include <linux/sched.h>
32 #include <linux/errno.h>
33 #include <linux/timer.h>
34 #include <linux/types.h>
35 #include <linux/string.h>
36 #include <linux/genhd.h>
37 #include <linux/fs.h>
38 #include <linux/init.h>
39 #include <linux/proc_fs.h>
40 #include <linux/smp_lock.h>
41 #include <linux/vmalloc.h>
42 #include <linux/moduleparam.h>
43
44 #include <linux/blkdev.h>
45 #include "scsi.h"
46 #include <scsi/scsi_host.h>
47 #include <scsi/scsicam.h>
48
49 #include <linux/stat.h>
50
51 #include "scsi_logging.h"
52 #include "scsi_debug.h"
53
54 #define SCSI_DEBUG_VERSION "1.80"
55 static const char * scsi_debug_version_date = "20061018";
56
57 /* Additional Sense Code (ASC) used */
58 #define NO_ADDITIONAL_SENSE 0x0
59 #define LOGICAL_UNIT_NOT_READY 0x4
60 #define UNRECOVERED_READ_ERR 0x11
61 #define PARAMETER_LIST_LENGTH_ERR 0x1a
62 #define INVALID_OPCODE 0x20
63 #define ADDR_OUT_OF_RANGE 0x21
64 #define INVALID_FIELD_IN_CDB 0x24
65 #define INVALID_FIELD_IN_PARAM_LIST 0x26
66 #define POWERON_RESET 0x29
67 #define SAVING_PARAMS_UNSUP 0x39
68 #define THRESHOLD_EXCEEDED 0x5d
69 #define LOW_POWER_COND_ON 0x5e
70
71 #define SDEBUG_TAGGED_QUEUING 0 /* 0 | MSG_SIMPLE_TAG | MSG_ORDERED_TAG */
72
73 /* Default values for driver parameters */
74 #define DEF_NUM_HOST   1
75 #define DEF_NUM_TGTS   1
76 #define DEF_MAX_LUNS   1
77 /* With these defaults, this driver will make 1 host with 1 target
78  * (id 0) containing 1 logical unit (lun 0). That is 1 device.
79  */
80 #define DEF_DELAY   1
81 #define DEF_DEV_SIZE_MB   8
82 #define DEF_EVERY_NTH   0
83 #define DEF_NUM_PARTS   0
84 #define DEF_OPTS   0
85 #define DEF_SCSI_LEVEL   5    /* INQUIRY, byte2 [5->SPC-3] */
86 #define DEF_PTYPE   0
87 #define DEF_D_SENSE   0
88 #define DEF_NO_LUN_0   0
89 #define DEF_VIRTUAL_GB   0
90 #define DEF_FAKE_RW     0
91 #define DEF_VPD_USE_HOSTNO 1
92
93 /* bit mask values for scsi_debug_opts */
94 #define SCSI_DEBUG_OPT_NOISE   1
95 #define SCSI_DEBUG_OPT_MEDIUM_ERR   2
96 #define SCSI_DEBUG_OPT_TIMEOUT   4
97 #define SCSI_DEBUG_OPT_RECOVERED_ERR   8
98 /* When "every_nth" > 0 then modulo "every_nth" commands:
99  *   - a no response is simulated if SCSI_DEBUG_OPT_TIMEOUT is set
100  *   - a RECOVERED_ERROR is simulated on successful read and write
101  *     commands if SCSI_DEBUG_OPT_RECOVERED_ERR is set.
102  *
103  * When "every_nth" < 0 then after "- every_nth" commands:
104  *   - a no response is simulated if SCSI_DEBUG_OPT_TIMEOUT is set
105  *   - a RECOVERED_ERROR is simulated on successful read and write
106  *     commands if SCSI_DEBUG_OPT_RECOVERED_ERR is set.
107  * This will continue until some other action occurs (e.g. the user
108  * writing a new value (other than -1 or 1) to every_nth via sysfs).
109  */
110
111 /* when 1==SCSI_DEBUG_OPT_MEDIUM_ERR, a medium error is simulated at this
112  * sector on read commands: */
113 #define OPT_MEDIUM_ERR_ADDR   0x1234 /* that's sector 4660 in decimal */
114
115 /* If REPORT LUNS has luns >= 256 it can choose "flat space" (value 1)
116  * or "peripheral device" addressing (value 0) */
117 #define SAM2_LUN_ADDRESS_METHOD 0
118 #define SAM2_WLUN_REPORT_LUNS 0xc101
119
120 static int scsi_debug_add_host = DEF_NUM_HOST;
121 static int scsi_debug_delay = DEF_DELAY;
122 static int scsi_debug_dev_size_mb = DEF_DEV_SIZE_MB;
123 static int scsi_debug_every_nth = DEF_EVERY_NTH;
124 static int scsi_debug_max_luns = DEF_MAX_LUNS;
125 static int scsi_debug_num_parts = DEF_NUM_PARTS;
126 static int scsi_debug_num_tgts = DEF_NUM_TGTS; /* targets per host */
127 static int scsi_debug_opts = DEF_OPTS;
128 static int scsi_debug_scsi_level = DEF_SCSI_LEVEL;
129 static int scsi_debug_ptype = DEF_PTYPE; /* SCSI peripheral type (0==disk) */
130 static int scsi_debug_dsense = DEF_D_SENSE;
131 static int scsi_debug_no_lun_0 = DEF_NO_LUN_0;
132 static int scsi_debug_virtual_gb = DEF_VIRTUAL_GB;
133 static int scsi_debug_fake_rw = DEF_FAKE_RW;
134 static int scsi_debug_vpd_use_hostno = DEF_VPD_USE_HOSTNO;
135
136 static int scsi_debug_cmnd_count = 0;
137
138 #define DEV_READONLY(TGT)      (0)
139 #define DEV_REMOVEABLE(TGT)    (0)
140
141 static unsigned int sdebug_store_size;  /* in bytes */
142 static unsigned int sdebug_store_sectors;
143 static sector_t sdebug_capacity;        /* in sectors */
144
145 /* old BIOS stuff, kernel may get rid of them but some mode sense pages
146    may still need them */
147 static int sdebug_heads;                /* heads per disk */
148 static int sdebug_cylinders_per;        /* cylinders per surface */
149 static int sdebug_sectors_per;          /* sectors per cylinder */
150
151 /* default sector size is 512 bytes, 2**9 bytes */
152 #define POW2_SECT_SIZE 9
153 #define SECT_SIZE (1 << POW2_SECT_SIZE)
154 #define SECT_SIZE_PER(TGT) SECT_SIZE
155
156 #define SDEBUG_MAX_PARTS 4
157
158 #define SDEBUG_SENSE_LEN 32
159
160 struct sdebug_dev_info {
161         struct list_head dev_list;
162         unsigned char sense_buff[SDEBUG_SENSE_LEN];     /* weak nexus */
163         unsigned int channel;
164         unsigned int target;
165         unsigned int lun;
166         struct sdebug_host_info *sdbg_host;
167         unsigned int wlun;
168         char reset;
169         char stopped;
170         char used;
171 };
172
173 struct sdebug_host_info {
174         struct list_head host_list;
175         struct Scsi_Host *shost;
176         struct device dev;
177         struct list_head dev_info_list;
178 };
179
180 #define to_sdebug_host(d)       \
181         container_of(d, struct sdebug_host_info, dev)
182
183 static LIST_HEAD(sdebug_host_list);
184 static DEFINE_SPINLOCK(sdebug_host_list_lock);
185
186 typedef void (* done_funct_t) (struct scsi_cmnd *);
187
188 struct sdebug_queued_cmd {
189         int in_use;
190         struct timer_list cmnd_timer;
191         done_funct_t done_funct;
192         struct scsi_cmnd * a_cmnd;
193         int scsi_result;
194 };
195 static struct sdebug_queued_cmd queued_arr[SCSI_DEBUG_CANQUEUE];
196
197 static struct scsi_host_template sdebug_driver_template = {
198         .proc_info =            scsi_debug_proc_info,
199         .name =                 "SCSI DEBUG",
200         .info =                 scsi_debug_info,
201         .slave_alloc =          scsi_debug_slave_alloc,
202         .slave_configure =      scsi_debug_slave_configure,
203         .slave_destroy =        scsi_debug_slave_destroy,
204         .ioctl =                scsi_debug_ioctl,
205         .queuecommand =         scsi_debug_queuecommand,
206         .eh_abort_handler =     scsi_debug_abort,
207         .eh_bus_reset_handler = scsi_debug_bus_reset,
208         .eh_device_reset_handler = scsi_debug_device_reset,
209         .eh_host_reset_handler = scsi_debug_host_reset,
210         .bios_param =           scsi_debug_biosparam,
211         .can_queue =            SCSI_DEBUG_CANQUEUE,
212         .this_id =              7,
213         .sg_tablesize =         256,
214         .cmd_per_lun =          16,
215         .max_sectors =          0xffff,
216         .unchecked_isa_dma =    0,
217         .use_clustering =       ENABLE_CLUSTERING,
218         .module =               THIS_MODULE,
219 };
220
221 static unsigned char * fake_storep;     /* ramdisk storage */
222
223 static int num_aborts = 0;
224 static int num_dev_resets = 0;
225 static int num_bus_resets = 0;
226 static int num_host_resets = 0;
227
228 static DEFINE_SPINLOCK(queued_arr_lock);
229 static DEFINE_RWLOCK(atomic_rw);
230
231 static char sdebug_proc_name[] = "scsi_debug";
232
233 static int sdebug_driver_probe(struct device *);
234 static int sdebug_driver_remove(struct device *);
235 static struct bus_type pseudo_lld_bus;
236
237 static struct device_driver sdebug_driverfs_driver = {
238         .name           = sdebug_proc_name,
239         .bus            = &pseudo_lld_bus,
240 };
241
242 static const int check_condition_result =
243                 (DRIVER_SENSE << 24) | SAM_STAT_CHECK_CONDITION;
244
245 static unsigned char ctrl_m_pg[] = {0xa, 10, 2, 0, 0, 0, 0, 0,
246                                     0, 0, 0x2, 0x4b};
247 static unsigned char iec_m_pg[] = {0x1c, 0xa, 0x08, 0, 0, 0, 0, 0,
248                                    0, 0, 0x0, 0x0};
249
250 /* function declarations */
251 static int resp_inquiry(struct scsi_cmnd * SCpnt, int target,
252                         struct sdebug_dev_info * devip);
253 static int resp_requests(struct scsi_cmnd * SCpnt,
254                          struct sdebug_dev_info * devip);
255 static int resp_start_stop(struct scsi_cmnd * scp,
256                            struct sdebug_dev_info * devip);
257 static int resp_report_tgtpgs(struct scsi_cmnd * scp,
258                               struct sdebug_dev_info * devip);
259 static int resp_readcap(struct scsi_cmnd * SCpnt,
260                         struct sdebug_dev_info * devip);
261 static int resp_readcap16(struct scsi_cmnd * SCpnt,
262                           struct sdebug_dev_info * devip);
263 static int resp_mode_sense(struct scsi_cmnd * scp, int target,
264                            struct sdebug_dev_info * devip);
265 static int resp_mode_select(struct scsi_cmnd * scp, int mselect6,
266                             struct sdebug_dev_info * devip);
267 static int resp_log_sense(struct scsi_cmnd * scp,
268                           struct sdebug_dev_info * devip);
269 static int resp_read(struct scsi_cmnd * SCpnt, unsigned long long lba,
270                      unsigned int num, struct sdebug_dev_info * devip);
271 static int resp_write(struct scsi_cmnd * SCpnt, unsigned long long lba,
272                       unsigned int num, struct sdebug_dev_info * devip);
273 static int resp_report_luns(struct scsi_cmnd * SCpnt,
274                             struct sdebug_dev_info * devip);
275 static int fill_from_dev_buffer(struct scsi_cmnd * scp, unsigned char * arr,
276                                 int arr_len);
277 static int fetch_to_dev_buffer(struct scsi_cmnd * scp, unsigned char * arr,
278                                int max_arr_len);
279 static void timer_intr_handler(unsigned long);
280 static struct sdebug_dev_info * devInfoReg(struct scsi_device * sdev);
281 static void mk_sense_buffer(struct sdebug_dev_info * devip, int key,
282                             int asc, int asq);
283 static int check_readiness(struct scsi_cmnd * SCpnt, int reset_only,
284                            struct sdebug_dev_info * devip);
285 static int schedule_resp(struct scsi_cmnd * cmnd,
286                          struct sdebug_dev_info * devip,
287                          done_funct_t done, int scsi_result, int delta_jiff);
288 static void __init sdebug_build_parts(unsigned char * ramp);
289 static void __init init_all_queued(void);
290 static void stop_all_queued(void);
291 static int stop_queued_cmnd(struct scsi_cmnd * cmnd);
292 static int inquiry_evpd_83(unsigned char * arr, int port_group_id,
293                            int target_dev_id, int dev_id_num,
294                            const char * dev_id_str, int dev_id_str_len);
295 static int inquiry_evpd_88(unsigned char * arr, int target_dev_id);
296 static int do_create_driverfs_files(void);
297 static void do_remove_driverfs_files(void);
298
299 static int sdebug_add_adapter(void);
300 static void sdebug_remove_adapter(void);
301 static void sdebug_max_tgts_luns(void);
302
303 static struct device pseudo_primary;
304 static struct bus_type pseudo_lld_bus;
305
306
307 static
308 int scsi_debug_queuecommand(struct scsi_cmnd * SCpnt, done_funct_t done)
309 {
310         unsigned char *cmd = (unsigned char *) SCpnt->cmnd;
311         int len, k, j;
312         unsigned int num;
313         unsigned long long lba;
314         int errsts = 0;
315         int target = SCpnt->device->id;
316         struct sdebug_dev_info * devip = NULL;
317         int inj_recovered = 0;
318         int delay_override = 0;
319
320         if (done == NULL)
321                 return 0;       /* assume mid level reprocessing command */
322
323         SCpnt->resid = 0;
324         if ((SCSI_DEBUG_OPT_NOISE & scsi_debug_opts) && cmd) {
325                 printk(KERN_INFO "scsi_debug: cmd ");
326                 for (k = 0, len = SCpnt->cmd_len; k < len; ++k)
327                         printk("%02x ", (int)cmd[k]);
328                 printk("\n");
329         }
330         if(target == sdebug_driver_template.this_id) {
331                 printk(KERN_INFO "scsi_debug: initiator's id used as "
332                        "target!\n");
333                 return schedule_resp(SCpnt, NULL, done,
334                                      DID_NO_CONNECT << 16, 0);
335         }
336
337         if ((SCpnt->device->lun >= scsi_debug_max_luns) &&
338             (SCpnt->device->lun != SAM2_WLUN_REPORT_LUNS))
339                 return schedule_resp(SCpnt, NULL, done,
340                                      DID_NO_CONNECT << 16, 0);
341         devip = devInfoReg(SCpnt->device);
342         if (NULL == devip)
343                 return schedule_resp(SCpnt, NULL, done,
344                                      DID_NO_CONNECT << 16, 0);
345
346         if ((scsi_debug_every_nth != 0) &&
347             (++scsi_debug_cmnd_count >= abs(scsi_debug_every_nth))) {
348                 scsi_debug_cmnd_count = 0;
349                 if (scsi_debug_every_nth < -1)
350                         scsi_debug_every_nth = -1;
351                 if (SCSI_DEBUG_OPT_TIMEOUT & scsi_debug_opts)
352                         return 0; /* ignore command causing timeout */
353                 else if (SCSI_DEBUG_OPT_RECOVERED_ERR & scsi_debug_opts)
354                         inj_recovered = 1; /* to reads and writes below */
355         }
356
357         if (devip->wlun) {
358                 switch (*cmd) {
359                 case INQUIRY:
360                 case REQUEST_SENSE:
361                 case TEST_UNIT_READY:
362                 case REPORT_LUNS:
363                         break;  /* only allowable wlun commands */
364                 default:
365                         if (SCSI_DEBUG_OPT_NOISE & scsi_debug_opts)
366                                 printk(KERN_INFO "scsi_debug: Opcode: 0x%x "
367                                        "not supported for wlun\n", *cmd);
368                         mk_sense_buffer(devip, ILLEGAL_REQUEST,
369                                         INVALID_OPCODE, 0);
370                         errsts = check_condition_result;
371                         return schedule_resp(SCpnt, devip, done, errsts,
372                                              0);
373                 }
374         }
375
376         switch (*cmd) {
377         case INQUIRY:     /* mandatory, ignore unit attention */
378                 delay_override = 1;
379                 errsts = resp_inquiry(SCpnt, target, devip);
380                 break;
381         case REQUEST_SENSE:     /* mandatory, ignore unit attention */
382                 delay_override = 1;
383                 errsts = resp_requests(SCpnt, devip);
384                 break;
385         case REZERO_UNIT:       /* actually this is REWIND for SSC */
386         case START_STOP:
387                 errsts = resp_start_stop(SCpnt, devip);
388                 break;
389         case ALLOW_MEDIUM_REMOVAL:
390                 if ((errsts = check_readiness(SCpnt, 1, devip)))
391                         break;
392                 if (SCSI_DEBUG_OPT_NOISE & scsi_debug_opts)
393                         printk(KERN_INFO "scsi_debug: Medium removal %s\n",
394                                 cmd[4] ? "inhibited" : "enabled");
395                 break;
396         case SEND_DIAGNOSTIC:     /* mandatory */
397                 errsts = check_readiness(SCpnt, 1, devip);
398                 break;
399         case TEST_UNIT_READY:     /* mandatory */
400                 delay_override = 1;
401                 errsts = check_readiness(SCpnt, 0, devip);
402                 break;
403         case RESERVE:
404                 errsts = check_readiness(SCpnt, 1, devip);
405                 break;
406         case RESERVE_10:
407                 errsts = check_readiness(SCpnt, 1, devip);
408                 break;
409         case RELEASE:
410                 errsts = check_readiness(SCpnt, 1, devip);
411                 break;
412         case RELEASE_10:
413                 errsts = check_readiness(SCpnt, 1, devip);
414                 break;
415         case READ_CAPACITY:
416                 errsts = resp_readcap(SCpnt, devip);
417                 break;
418         case SERVICE_ACTION_IN:
419                 if (SAI_READ_CAPACITY_16 != cmd[1]) {
420                         mk_sense_buffer(devip, ILLEGAL_REQUEST,
421                                         INVALID_OPCODE, 0);
422                         errsts = check_condition_result;
423                         break;
424                 }
425                 errsts = resp_readcap16(SCpnt, devip);
426                 break;
427         case MAINTENANCE_IN:
428                 if (MI_REPORT_TARGET_PGS != cmd[1]) {
429                         mk_sense_buffer(devip, ILLEGAL_REQUEST,
430                                         INVALID_OPCODE, 0);
431                         errsts = check_condition_result;
432                         break;
433                 }
434                 errsts = resp_report_tgtpgs(SCpnt, devip);
435                 break;
436         case READ_16:
437         case READ_12:
438         case READ_10:
439         case READ_6:
440                 if ((errsts = check_readiness(SCpnt, 0, devip)))
441                         break;
442                 if (scsi_debug_fake_rw)
443                         break;
444                 if ((*cmd) == READ_16) {
445                         for (lba = 0, j = 0; j < 8; ++j) {
446                                 if (j > 0)
447                                         lba <<= 8;
448                                 lba += cmd[2 + j];
449                         }
450                         num = cmd[13] + (cmd[12] << 8) +
451                                 (cmd[11] << 16) + (cmd[10] << 24);
452                 } else if ((*cmd) == READ_12) {
453                         lba = cmd[5] + (cmd[4] << 8) +
454                                 (cmd[3] << 16) + (cmd[2] << 24);
455                         num = cmd[9] + (cmd[8] << 8) +
456                                 (cmd[7] << 16) + (cmd[6] << 24);
457                 } else if ((*cmd) == READ_10) {
458                         lba = cmd[5] + (cmd[4] << 8) +
459                                 (cmd[3] << 16) + (cmd[2] << 24);
460                         num = cmd[8] + (cmd[7] << 8);
461                 } else {        /* READ (6) */
462                         lba = cmd[3] + (cmd[2] << 8) +
463                                 ((cmd[1] & 0x1f) << 16);
464                         num = (0 == cmd[4]) ? 256 : cmd[4];
465                 }
466                 errsts = resp_read(SCpnt, lba, num, devip);
467                 if (inj_recovered && (0 == errsts)) {
468                         mk_sense_buffer(devip, RECOVERED_ERROR,
469                                         THRESHOLD_EXCEEDED, 0);
470                         errsts = check_condition_result;
471                 }
472                 break;
473         case REPORT_LUNS:       /* mandatory, ignore unit attention */
474                 delay_override = 1;
475                 errsts = resp_report_luns(SCpnt, devip);
476                 break;
477         case VERIFY:            /* 10 byte SBC-2 command */
478                 errsts = check_readiness(SCpnt, 0, devip);
479                 break;
480         case WRITE_16:
481         case WRITE_12:
482         case WRITE_10:
483         case WRITE_6:
484                 if ((errsts = check_readiness(SCpnt, 0, devip)))
485                         break;
486                 if (scsi_debug_fake_rw)
487                         break;
488                 if ((*cmd) == WRITE_16) {
489                         for (lba = 0, j = 0; j < 8; ++j) {
490                                 if (j > 0)
491                                         lba <<= 8;
492                                 lba += cmd[2 + j];
493                         }
494                         num = cmd[13] + (cmd[12] << 8) +
495                                 (cmd[11] << 16) + (cmd[10] << 24);
496                 } else if ((*cmd) == WRITE_12) {
497                         lba = cmd[5] + (cmd[4] << 8) +
498                                 (cmd[3] << 16) + (cmd[2] << 24);
499                         num = cmd[9] + (cmd[8] << 8) +
500                                 (cmd[7] << 16) + (cmd[6] << 24);
501                 } else if ((*cmd) == WRITE_10) {
502                         lba = cmd[5] + (cmd[4] << 8) +
503                                 (cmd[3] << 16) + (cmd[2] << 24);
504                         num = cmd[8] + (cmd[7] << 8);
505                 } else {        /* WRITE (6) */
506                         lba = cmd[3] + (cmd[2] << 8) +
507                                 ((cmd[1] & 0x1f) << 16);
508                         num = (0 == cmd[4]) ? 256 : cmd[4];
509                 }
510                 errsts = resp_write(SCpnt, lba, num, devip);
511                 if (inj_recovered && (0 == errsts)) {
512                         mk_sense_buffer(devip, RECOVERED_ERROR,
513                                         THRESHOLD_EXCEEDED, 0);
514                         errsts = check_condition_result;
515                 }
516                 break;
517         case MODE_SENSE:
518         case MODE_SENSE_10:
519                 errsts = resp_mode_sense(SCpnt, target, devip);
520                 break;
521         case MODE_SELECT:
522                 errsts = resp_mode_select(SCpnt, 1, devip);
523                 break;
524         case MODE_SELECT_10:
525                 errsts = resp_mode_select(SCpnt, 0, devip);
526                 break;
527         case LOG_SENSE:
528                 errsts = resp_log_sense(SCpnt, devip);
529                 break;
530         case SYNCHRONIZE_CACHE:
531                 delay_override = 1;
532                 errsts = check_readiness(SCpnt, 0, devip);
533                 break;
534         default:
535                 if (SCSI_DEBUG_OPT_NOISE & scsi_debug_opts)
536                         printk(KERN_INFO "scsi_debug: Opcode: 0x%x not "
537                                "supported\n", *cmd);
538                 if ((errsts = check_readiness(SCpnt, 1, devip)))
539                         break;  /* Unit attention takes precedence */
540                 mk_sense_buffer(devip, ILLEGAL_REQUEST, INVALID_OPCODE, 0);
541                 errsts = check_condition_result;
542                 break;
543         }
544         return schedule_resp(SCpnt, devip, done, errsts,
545                              (delay_override ? 0 : scsi_debug_delay));
546 }
547
548 static int scsi_debug_ioctl(struct scsi_device *dev, int cmd, void __user *arg)
549 {
550         if (SCSI_DEBUG_OPT_NOISE & scsi_debug_opts) {
551                 printk(KERN_INFO "scsi_debug: ioctl: cmd=0x%x\n", cmd);
552         }
553         return -EINVAL;
554         /* return -ENOTTY; // correct return but upsets fdisk */
555 }
556
557 static int check_readiness(struct scsi_cmnd * SCpnt, int reset_only,
558                            struct sdebug_dev_info * devip)
559 {
560         if (devip->reset) {
561                 if (SCSI_DEBUG_OPT_NOISE & scsi_debug_opts)
562                         printk(KERN_INFO "scsi_debug: Reporting Unit "
563                                "attention: power on reset\n");
564                 devip->reset = 0;
565                 mk_sense_buffer(devip, UNIT_ATTENTION, POWERON_RESET, 0);
566                 return check_condition_result;
567         }
568         if ((0 == reset_only) && devip->stopped) {
569                 if (SCSI_DEBUG_OPT_NOISE & scsi_debug_opts)
570                         printk(KERN_INFO "scsi_debug: Reporting Not "
571                                "ready: initializing command required\n");
572                 mk_sense_buffer(devip, NOT_READY, LOGICAL_UNIT_NOT_READY,
573                                 0x2);
574                 return check_condition_result;
575         }
576         return 0;
577 }
578
579 /* Returns 0 if ok else (DID_ERROR << 16). Sets scp->resid . */
580 static int fill_from_dev_buffer(struct scsi_cmnd * scp, unsigned char * arr,
581                                 int arr_len)
582 {
583         int k, req_len, act_len, len, active;
584         void * kaddr;
585         void * kaddr_off;
586         struct scatterlist * sgpnt;
587
588         if (0 == scp->request_bufflen)
589                 return 0;
590         if (NULL == scp->request_buffer)
591                 return (DID_ERROR << 16);
592         if (! ((scp->sc_data_direction == DMA_BIDIRECTIONAL) ||
593               (scp->sc_data_direction == DMA_FROM_DEVICE)))
594                 return (DID_ERROR << 16);
595         if (0 == scp->use_sg) {
596                 req_len = scp->request_bufflen;
597                 act_len = (req_len < arr_len) ? req_len : arr_len;
598                 memcpy(scp->request_buffer, arr, act_len);
599                 if (scp->resid)
600                         scp->resid -= act_len;
601                 else
602                         scp->resid = req_len - act_len;
603                 return 0;
604         }
605         sgpnt = (struct scatterlist *)scp->request_buffer;
606         active = 1;
607         for (k = 0, req_len = 0, act_len = 0; k < scp->use_sg; ++k, ++sgpnt) {
608                 if (active) {
609                         kaddr = (unsigned char *)
610                                 kmap_atomic(sgpnt->page, KM_USER0);
611                         if (NULL == kaddr)
612                                 return (DID_ERROR << 16);
613                         kaddr_off = (unsigned char *)kaddr + sgpnt->offset;
614                         len = sgpnt->length;
615                         if ((req_len + len) > arr_len) {
616                                 active = 0;
617                                 len = arr_len - req_len;
618                         }
619                         memcpy(kaddr_off, arr + req_len, len);
620                         kunmap_atomic(kaddr, KM_USER0);
621                         act_len += len;
622                 }
623                 req_len += sgpnt->length;
624         }
625         if (scp->resid)
626                 scp->resid -= act_len;
627         else
628                 scp->resid = req_len - act_len;
629         return 0;
630 }
631
632 /* Returns number of bytes fetched into 'arr' or -1 if error. */
633 static int fetch_to_dev_buffer(struct scsi_cmnd * scp, unsigned char * arr,
634                                int max_arr_len)
635 {
636         int k, req_len, len, fin;
637         void * kaddr;
638         void * kaddr_off;
639         struct scatterlist * sgpnt;
640
641         if (0 == scp->request_bufflen)
642                 return 0;
643         if (NULL == scp->request_buffer)
644                 return -1;
645         if (! ((scp->sc_data_direction == DMA_BIDIRECTIONAL) ||
646               (scp->sc_data_direction == DMA_TO_DEVICE)))
647                 return -1;
648         if (0 == scp->use_sg) {
649                 req_len = scp->request_bufflen;
650                 len = (req_len < max_arr_len) ? req_len : max_arr_len;
651                 memcpy(arr, scp->request_buffer, len);
652                 return len;
653         }
654         sgpnt = (struct scatterlist *)scp->request_buffer;
655         for (k = 0, req_len = 0, fin = 0; k < scp->use_sg; ++k, ++sgpnt) {
656                 kaddr = (unsigned char *)kmap_atomic(sgpnt->page, KM_USER0);
657                 if (NULL == kaddr)
658                         return -1;
659                 kaddr_off = (unsigned char *)kaddr + sgpnt->offset;
660                 len = sgpnt->length;
661                 if ((req_len + len) > max_arr_len) {
662                         len = max_arr_len - req_len;
663                         fin = 1;
664                 }
665                 memcpy(arr + req_len, kaddr_off, len);
666                 kunmap_atomic(kaddr, KM_USER0);
667                 if (fin)
668                         return req_len + len;
669                 req_len += sgpnt->length;
670         }
671         return req_len;
672 }
673
674
675 static const char * inq_vendor_id = "Linux   ";
676 static const char * inq_product_id = "scsi_debug      ";
677 static const char * inq_product_rev = "0004";
678
679 static int inquiry_evpd_83(unsigned char * arr, int port_group_id,
680                            int target_dev_id, int dev_id_num,
681                            const char * dev_id_str,
682                            int dev_id_str_len)
683 {
684         int num, port_a;
685         char b[32];
686
687         port_a = target_dev_id + 1;
688         /* T10 vendor identifier field format (faked) */
689         arr[0] = 0x2;   /* ASCII */
690         arr[1] = 0x1;
691         arr[2] = 0x0;
692         memcpy(&arr[4], inq_vendor_id, 8);
693         memcpy(&arr[12], inq_product_id, 16);
694         memcpy(&arr[28], dev_id_str, dev_id_str_len);
695         num = 8 + 16 + dev_id_str_len;
696         arr[3] = num;
697         num += 4;
698         if (dev_id_num >= 0) {
699                 /* NAA-5, Logical unit identifier (binary) */
700                 arr[num++] = 0x1;       /* binary (not necessarily sas) */
701                 arr[num++] = 0x3;       /* PIV=0, lu, naa */
702                 arr[num++] = 0x0;
703                 arr[num++] = 0x8;
704                 arr[num++] = 0x53;  /* naa-5 ieee company id=0x333333 (fake) */
705                 arr[num++] = 0x33;
706                 arr[num++] = 0x33;
707                 arr[num++] = 0x30;
708                 arr[num++] = (dev_id_num >> 24);
709                 arr[num++] = (dev_id_num >> 16) & 0xff;
710                 arr[num++] = (dev_id_num >> 8) & 0xff;
711                 arr[num++] = dev_id_num & 0xff;
712                 /* Target relative port number */
713                 arr[num++] = 0x61;      /* proto=sas, binary */
714                 arr[num++] = 0x94;      /* PIV=1, target port, rel port */
715                 arr[num++] = 0x0;       /* reserved */
716                 arr[num++] = 0x4;       /* length */
717                 arr[num++] = 0x0;       /* reserved */
718                 arr[num++] = 0x0;       /* reserved */
719                 arr[num++] = 0x0;
720                 arr[num++] = 0x1;       /* relative port A */
721         }
722         /* NAA-5, Target port identifier */
723         arr[num++] = 0x61;      /* proto=sas, binary */
724         arr[num++] = 0x93;      /* piv=1, target port, naa */
725         arr[num++] = 0x0;
726         arr[num++] = 0x8;
727         arr[num++] = 0x52;      /* naa-5, company id=0x222222 (fake) */
728         arr[num++] = 0x22;
729         arr[num++] = 0x22;
730         arr[num++] = 0x20;
731         arr[num++] = (port_a >> 24);
732         arr[num++] = (port_a >> 16) & 0xff;
733         arr[num++] = (port_a >> 8) & 0xff;
734         arr[num++] = port_a & 0xff;
735         /* NAA-5, Target port group identifier */
736         arr[num++] = 0x61;      /* proto=sas, binary */
737         arr[num++] = 0x95;      /* piv=1, target port group id */
738         arr[num++] = 0x0;
739         arr[num++] = 0x4;
740         arr[num++] = 0;
741         arr[num++] = 0;
742         arr[num++] = (port_group_id >> 8) & 0xff;
743         arr[num++] = port_group_id & 0xff;
744         /* NAA-5, Target device identifier */
745         arr[num++] = 0x61;      /* proto=sas, binary */
746         arr[num++] = 0xa3;      /* piv=1, target device, naa */
747         arr[num++] = 0x0;
748         arr[num++] = 0x8;
749         arr[num++] = 0x52;      /* naa-5, company id=0x222222 (fake) */
750         arr[num++] = 0x22;
751         arr[num++] = 0x22;
752         arr[num++] = 0x20;
753         arr[num++] = (target_dev_id >> 24);
754         arr[num++] = (target_dev_id >> 16) & 0xff;
755         arr[num++] = (target_dev_id >> 8) & 0xff;
756         arr[num++] = target_dev_id & 0xff;
757         /* SCSI name string: Target device identifier */
758         arr[num++] = 0x63;      /* proto=sas, UTF-8 */
759         arr[num++] = 0xa8;      /* piv=1, target device, SCSI name string */
760         arr[num++] = 0x0;
761         arr[num++] = 24;
762         memcpy(arr + num, "naa.52222220", 12);
763         num += 12;
764         snprintf(b, sizeof(b), "%08X", target_dev_id);
765         memcpy(arr + num, b, 8);
766         num += 8;
767         memset(arr + num, 0, 4);
768         num += 4;
769         return num;
770 }
771
772
773 static unsigned char vpd84_data[] = {
774 /* from 4th byte */ 0x22,0x22,0x22,0x0,0xbb,0x0,
775     0x22,0x22,0x22,0x0,0xbb,0x1,
776     0x22,0x22,0x22,0x0,0xbb,0x2,
777 };
778
779 static int inquiry_evpd_84(unsigned char * arr)
780 {
781         memcpy(arr, vpd84_data, sizeof(vpd84_data));
782         return sizeof(vpd84_data);
783 }
784
785 static int inquiry_evpd_85(unsigned char * arr)
786 {
787         int num = 0;
788         const char * na1 = "https://www.kernel.org/config";
789         const char * na2 = "http://www.kernel.org/log";
790         int plen, olen;
791
792         arr[num++] = 0x1;       /* lu, storage config */
793         arr[num++] = 0x0;       /* reserved */
794         arr[num++] = 0x0;
795         olen = strlen(na1);
796         plen = olen + 1;
797         if (plen % 4)
798                 plen = ((plen / 4) + 1) * 4;
799         arr[num++] = plen;      /* length, null termianted, padded */
800         memcpy(arr + num, na1, olen);
801         memset(arr + num + olen, 0, plen - olen);
802         num += plen;
803
804         arr[num++] = 0x4;       /* lu, logging */
805         arr[num++] = 0x0;       /* reserved */
806         arr[num++] = 0x0;
807         olen = strlen(na2);
808         plen = olen + 1;
809         if (plen % 4)
810                 plen = ((plen / 4) + 1) * 4;
811         arr[num++] = plen;      /* length, null terminated, padded */
812         memcpy(arr + num, na2, olen);
813         memset(arr + num + olen, 0, plen - olen);
814         num += plen;
815
816         return num;
817 }
818
819 /* SCSI ports VPD page */
820 static int inquiry_evpd_88(unsigned char * arr, int target_dev_id)
821 {
822         int num = 0;
823         int port_a, port_b;
824
825         port_a = target_dev_id + 1;
826         port_b = port_a + 1;
827         arr[num++] = 0x0;       /* reserved */
828         arr[num++] = 0x0;       /* reserved */
829         arr[num++] = 0x0;
830         arr[num++] = 0x1;       /* relative port 1 (primary) */
831         memset(arr + num, 0, 6);
832         num += 6;
833         arr[num++] = 0x0;
834         arr[num++] = 12;        /* length tp descriptor */
835         /* naa-5 target port identifier (A) */
836         arr[num++] = 0x61;      /* proto=sas, binary */
837         arr[num++] = 0x93;      /* PIV=1, target port, NAA */
838         arr[num++] = 0x0;       /* reserved */
839         arr[num++] = 0x8;       /* length */
840         arr[num++] = 0x52;      /* NAA-5, company_id=0x222222 (fake) */
841         arr[num++] = 0x22;
842         arr[num++] = 0x22;
843         arr[num++] = 0x20;
844         arr[num++] = (port_a >> 24);
845         arr[num++] = (port_a >> 16) & 0xff;
846         arr[num++] = (port_a >> 8) & 0xff;
847         arr[num++] = port_a & 0xff;
848
849         arr[num++] = 0x0;       /* reserved */
850         arr[num++] = 0x0;       /* reserved */
851         arr[num++] = 0x0;
852         arr[num++] = 0x2;       /* relative port 2 (secondary) */
853         memset(arr + num, 0, 6);
854         num += 6;
855         arr[num++] = 0x0;
856         arr[num++] = 12;        /* length tp descriptor */
857         /* naa-5 target port identifier (B) */
858         arr[num++] = 0x61;      /* proto=sas, binary */
859         arr[num++] = 0x93;      /* PIV=1, target port, NAA */
860         arr[num++] = 0x0;       /* reserved */
861         arr[num++] = 0x8;       /* length */
862         arr[num++] = 0x52;      /* NAA-5, company_id=0x222222 (fake) */
863         arr[num++] = 0x22;
864         arr[num++] = 0x22;
865         arr[num++] = 0x20;
866         arr[num++] = (port_b >> 24);
867         arr[num++] = (port_b >> 16) & 0xff;
868         arr[num++] = (port_b >> 8) & 0xff;
869         arr[num++] = port_b & 0xff;
870
871         return num;
872 }
873
874
875 static unsigned char vpd89_data[] = {
876 /* from 4th byte */ 0,0,0,0,
877 'l','i','n','u','x',' ',' ',' ',
878 'S','A','T',' ','s','c','s','i','_','d','e','b','u','g',' ',' ',
879 '1','2','3','4',
880 0x34,0,0,0,1,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,
881 0xec,0,0,0,
882 0x5a,0xc,0xff,0x3f,0x37,0xc8,0x10,0,0,0,0,0,0x3f,0,0,0,
883 0,0,0,0,0x58,0x58,0x58,0x58,0x58,0x58,0x58,0x58,0x20,0x20,0x20,0x20,
884 0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,0,0,0,0x40,0x4,0,0x2e,0x33,
885 0x38,0x31,0x20,0x20,0x20,0x20,0x54,0x53,0x38,0x33,0x30,0x30,0x33,0x31,
886 0x53,0x41,
887 0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,
888 0x20,0x20,
889 0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,0x20,
890 0x10,0x80,
891 0,0,0,0x2f,0,0,0,0x2,0,0x2,0x7,0,0xff,0xff,0x1,0,
892 0x3f,0,0xc1,0xff,0x3e,0,0x10,0x1,0xb0,0xf8,0x50,0x9,0,0,0x7,0,
893 0x3,0,0x78,0,0x78,0,0xf0,0,0x78,0,0,0,0,0,0,0,
894 0,0,0,0,0,0,0,0,0x2,0,0,0,0,0,0,0,
895 0x7e,0,0x1b,0,0x6b,0x34,0x1,0x7d,0x3,0x40,0x69,0x34,0x1,0x3c,0x3,0x40,
896 0x7f,0x40,0,0,0,0,0xfe,0xfe,0,0,0,0,0,0xfe,0,0,
897 0,0,0,0,0,0,0,0,0xb0,0xf8,0x50,0x9,0,0,0,0,
898 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
899 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
900 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
901 0x1,0,0xb0,0xf8,0x50,0x9,0xb0,0xf8,0x50,0x9,0x20,0x20,0x2,0,0xb6,0x42,
902 0,0x80,0x8a,0,0x6,0x3c,0xa,0x3c,0xff,0xff,0xc6,0x7,0,0x1,0,0x8,
903 0xf0,0xf,0,0x10,0x2,0,0x30,0,0,0,0,0,0,0,0x6,0xfe,
904 0,0,0x2,0,0x50,0,0x8a,0,0x4f,0x95,0,0,0x21,0,0xb,0,
905 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
906 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
907 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
908 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
909 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
910 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
911 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
912 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
913 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
914 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
915 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
916 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0xa5,0x51,
917 };
918
919 static int inquiry_evpd_89(unsigned char * arr)
920 {
921         memcpy(arr, vpd89_data, sizeof(vpd89_data));
922         return sizeof(vpd89_data);
923 }
924
925
926 static unsigned char vpdb0_data[] = {
927         /* from 4th byte */ 0,0,0,4,
928         0,0,0x4,0,
929         0,0,0,64,
930 };
931
932 static int inquiry_evpd_b0(unsigned char * arr)
933 {
934         memcpy(arr, vpdb0_data, sizeof(vpdb0_data));
935         if (sdebug_store_sectors > 0x400) {
936                 arr[4] = (sdebug_store_sectors >> 24) & 0xff;
937                 arr[5] = (sdebug_store_sectors >> 16) & 0xff;
938                 arr[6] = (sdebug_store_sectors >> 8) & 0xff;
939                 arr[7] = sdebug_store_sectors & 0xff;
940         }
941         return sizeof(vpdb0_data);
942 }
943
944
945 #define SDEBUG_LONG_INQ_SZ 96
946 #define SDEBUG_MAX_INQ_ARR_SZ 584
947
948 static int resp_inquiry(struct scsi_cmnd * scp, int target,
949                         struct sdebug_dev_info * devip)
950 {
951         unsigned char pq_pdt;
952         unsigned char * arr;
953         unsigned char *cmd = (unsigned char *)scp->cmnd;
954         int alloc_len, n, ret;
955
956         alloc_len = (cmd[3] << 8) + cmd[4];
957         arr = kzalloc(SDEBUG_MAX_INQ_ARR_SZ, GFP_KERNEL);
958         if (devip->wlun)
959                 pq_pdt = 0x1e;  /* present, wlun */
960         else if (scsi_debug_no_lun_0 && (0 == devip->lun))
961                 pq_pdt = 0x7f;  /* not present, no device type */
962         else
963                 pq_pdt = (scsi_debug_ptype & 0x1f);
964         arr[0] = pq_pdt;
965         if (0x2 & cmd[1]) {  /* CMDDT bit set */
966                 mk_sense_buffer(devip, ILLEGAL_REQUEST, INVALID_FIELD_IN_CDB,
967                                 0);
968                 kfree(arr);
969                 return check_condition_result;
970         } else if (0x1 & cmd[1]) {  /* EVPD bit set */
971                 int lu_id_num, port_group_id, target_dev_id, len;
972                 char lu_id_str[6];
973                 int host_no = devip->sdbg_host->shost->host_no;
974                 
975                 port_group_id = (((host_no + 1) & 0x7f) << 8) +
976                     (devip->channel & 0x7f);
977                 if (0 == scsi_debug_vpd_use_hostno)
978                         host_no = 0;
979                 lu_id_num = devip->wlun ? -1 : (((host_no + 1) * 2000) +
980                             (devip->target * 1000) + devip->lun);
981                 target_dev_id = ((host_no + 1) * 2000) +
982                                  (devip->target * 1000) - 3;
983                 len = scnprintf(lu_id_str, 6, "%d", lu_id_num);
984                 if (0 == cmd[2]) { /* supported vital product data pages */
985                         arr[1] = cmd[2];        /*sanity */
986                         n = 4;
987                         arr[n++] = 0x0;   /* this page */
988                         arr[n++] = 0x80;  /* unit serial number */
989                         arr[n++] = 0x83;  /* device identification */
990                         arr[n++] = 0x84;  /* software interface ident. */
991                         arr[n++] = 0x85;  /* management network addresses */
992                         arr[n++] = 0x86;  /* extended inquiry */
993                         arr[n++] = 0x87;  /* mode page policy */
994                         arr[n++] = 0x88;  /* SCSI ports */
995                         arr[n++] = 0x89;  /* ATA information */
996                         arr[n++] = 0xb0;  /* Block limits (SBC) */
997                         arr[3] = n - 4;   /* number of supported VPD pages */
998                 } else if (0x80 == cmd[2]) { /* unit serial number */
999                         arr[1] = cmd[2];        /*sanity */
1000                         arr[3] = len;
1001                         memcpy(&arr[4], lu_id_str, len);
1002                 } else if (0x83 == cmd[2]) { /* device identification */
1003                         arr[1] = cmd[2];        /*sanity */
1004                         arr[3] = inquiry_evpd_83(&arr[4], port_group_id,
1005                                                  target_dev_id, lu_id_num,
1006                                                  lu_id_str, len);
1007                 } else if (0x84 == cmd[2]) { /* Software interface ident. */
1008                         arr[1] = cmd[2];        /*sanity */
1009                         arr[3] = inquiry_evpd_84(&arr[4]);
1010                 } else if (0x85 == cmd[2]) { /* Management network addresses */
1011                         arr[1] = cmd[2];        /*sanity */
1012                         arr[3] = inquiry_evpd_85(&arr[4]);
1013                 } else if (0x86 == cmd[2]) { /* extended inquiry */
1014                         arr[1] = cmd[2];        /*sanity */
1015                         arr[3] = 0x3c;  /* number of following entries */
1016                         arr[4] = 0x0;   /* no protection stuff */
1017                         arr[5] = 0x7;   /* head of q, ordered + simple q's */
1018                 } else if (0x87 == cmd[2]) { /* mode page policy */
1019                         arr[1] = cmd[2];        /*sanity */
1020                         arr[3] = 0x8;   /* number of following entries */
1021                         arr[4] = 0x2;   /* disconnect-reconnect mp */
1022                         arr[6] = 0x80;  /* mlus, shared */
1023                         arr[8] = 0x18;   /* protocol specific lu */
1024                         arr[10] = 0x82;  /* mlus, per initiator port */
1025                 } else if (0x88 == cmd[2]) { /* SCSI Ports */
1026                         arr[1] = cmd[2];        /*sanity */
1027                         arr[3] = inquiry_evpd_88(&arr[4], target_dev_id);
1028                 } else if (0x89 == cmd[2]) { /* ATA information */
1029                         arr[1] = cmd[2];        /*sanity */
1030                         n = inquiry_evpd_89(&arr[4]);
1031                         arr[2] = (n >> 8);
1032                         arr[3] = (n & 0xff);
1033                 } else if (0xb0 == cmd[2]) { /* Block limits (SBC) */
1034                         arr[1] = cmd[2];        /*sanity */
1035                         arr[3] = inquiry_evpd_b0(&arr[4]);
1036                 } else {
1037                         /* Illegal request, invalid field in cdb */
1038                         mk_sense_buffer(devip, ILLEGAL_REQUEST,
1039                                         INVALID_FIELD_IN_CDB, 0);
1040                         kfree(arr);
1041                         return check_condition_result;
1042                 }
1043                 len = min(((arr[2] << 8) + arr[3]) + 4, alloc_len);
1044                 ret = fill_from_dev_buffer(scp, arr,
1045                             min(len, SDEBUG_MAX_INQ_ARR_SZ));
1046                 kfree(arr);
1047                 return ret;
1048         }
1049         /* drops through here for a standard inquiry */
1050         arr[1] = DEV_REMOVEABLE(target) ? 0x80 : 0;     /* Removable disk */
1051         arr[2] = scsi_debug_scsi_level;
1052         arr[3] = 2;    /* response_data_format==2 */
1053         arr[4] = SDEBUG_LONG_INQ_SZ - 5;
1054         if (0 == scsi_debug_vpd_use_hostno)
1055                 arr[5] = 0x10; /* claim: implicit TGPS */
1056         arr[6] = 0x10; /* claim: MultiP */
1057         /* arr[6] |= 0x40; ... claim: EncServ (enclosure services) */
1058         arr[7] = 0xa; /* claim: LINKED + CMDQUE */
1059         memcpy(&arr[8], inq_vendor_id, 8);
1060         memcpy(&arr[16], inq_product_id, 16);
1061         memcpy(&arr[32], inq_product_rev, 4);
1062         /* version descriptors (2 bytes each) follow */
1063         arr[58] = 0x0; arr[59] = 0x77; /* SAM-3 ANSI */
1064         arr[60] = 0x3; arr[61] = 0x14;  /* SPC-3 ANSI */
1065         n = 62;
1066         if (scsi_debug_ptype == 0) {
1067                 arr[n++] = 0x3; arr[n++] = 0x3d; /* SBC-2 ANSI */
1068         } else if (scsi_debug_ptype == 1) {
1069                 arr[n++] = 0x3; arr[n++] = 0x60; /* SSC-2 no version */
1070         }
1071         arr[n++] = 0xc; arr[n++] = 0xf;  /* SAS-1.1 rev 10 */
1072         ret = fill_from_dev_buffer(scp, arr,
1073                             min(alloc_len, SDEBUG_LONG_INQ_SZ));
1074         kfree(arr);
1075         return ret;
1076 }
1077
1078 static int resp_requests(struct scsi_cmnd * scp,
1079                          struct sdebug_dev_info * devip)
1080 {
1081         unsigned char * sbuff;
1082         unsigned char *cmd = (unsigned char *)scp->cmnd;
1083         unsigned char arr[SDEBUG_SENSE_LEN];
1084         int want_dsense;
1085         int len = 18;
1086
1087         memset(arr, 0, sizeof(arr));
1088         if (devip->reset == 1)
1089                 mk_sense_buffer(devip, 0, NO_ADDITIONAL_SENSE, 0);
1090         want_dsense = !!(cmd[1] & 1) || scsi_debug_dsense;
1091         sbuff = devip->sense_buff;
1092         if ((iec_m_pg[2] & 0x4) && (6 == (iec_m_pg[3] & 0xf))) {
1093                 if (want_dsense) {
1094                         arr[0] = 0x72;
1095                         arr[1] = 0x0;           /* NO_SENSE in sense_key */
1096                         arr[2] = THRESHOLD_EXCEEDED;
1097                         arr[3] = 0xff;          /* TEST set and MRIE==6 */
1098                 } else {
1099                         arr[0] = 0x70;
1100                         arr[2] = 0x0;           /* NO_SENSE in sense_key */
1101                         arr[7] = 0xa;           /* 18 byte sense buffer */
1102                         arr[12] = THRESHOLD_EXCEEDED;
1103                         arr[13] = 0xff;         /* TEST set and MRIE==6 */
1104                 }
1105         } else {
1106                 memcpy(arr, sbuff, SDEBUG_SENSE_LEN);
1107                 if ((cmd[1] & 1) && (! scsi_debug_dsense)) {
1108                         /* DESC bit set and sense_buff in fixed format */
1109                         memset(arr, 0, sizeof(arr));
1110                         arr[0] = 0x72;
1111                         arr[1] = sbuff[2];     /* sense key */
1112                         arr[2] = sbuff[12];    /* asc */
1113                         arr[3] = sbuff[13];    /* ascq */
1114                         len = 8;
1115                 }
1116         }
1117         mk_sense_buffer(devip, 0, NO_ADDITIONAL_SENSE, 0);
1118         return fill_from_dev_buffer(scp, arr, len);
1119 }
1120
1121 static int resp_start_stop(struct scsi_cmnd * scp,
1122                            struct sdebug_dev_info * devip)
1123 {
1124         unsigned char *cmd = (unsigned char *)scp->cmnd;
1125         int power_cond, errsts, start;
1126
1127         if ((errsts = check_readiness(scp, 1, devip)))
1128                 return errsts;
1129         power_cond = (cmd[4] & 0xf0) >> 4;
1130         if (power_cond) {
1131                 mk_sense_buffer(devip, ILLEGAL_REQUEST, INVALID_FIELD_IN_CDB,
1132                                 0);
1133                 return check_condition_result;
1134         }
1135         start = cmd[4] & 1;
1136         if (start == devip->stopped)
1137                 devip->stopped = !start;
1138         return 0;
1139 }
1140
1141 #define SDEBUG_READCAP_ARR_SZ 8
1142 static int resp_readcap(struct scsi_cmnd * scp,
1143                         struct sdebug_dev_info * devip)
1144 {
1145         unsigned char arr[SDEBUG_READCAP_ARR_SZ];
1146         unsigned int capac;
1147         int errsts;
1148
1149         if ((errsts = check_readiness(scp, 1, devip)))
1150                 return errsts;
1151         /* following just in case virtual_gb changed */
1152         if (scsi_debug_virtual_gb > 0) {
1153                 sdebug_capacity = 2048 * 1024;
1154                 sdebug_capacity *= scsi_debug_virtual_gb;
1155         } else
1156                 sdebug_capacity = sdebug_store_sectors;
1157         memset(arr, 0, SDEBUG_READCAP_ARR_SZ);
1158         if (sdebug_capacity < 0xffffffff) {
1159                 capac = (unsigned int)sdebug_capacity - 1;
1160                 arr[0] = (capac >> 24);
1161                 arr[1] = (capac >> 16) & 0xff;
1162                 arr[2] = (capac >> 8) & 0xff;
1163                 arr[3] = capac & 0xff;
1164         } else {
1165                 arr[0] = 0xff;
1166                 arr[1] = 0xff;
1167                 arr[2] = 0xff;
1168                 arr[3] = 0xff;
1169         }
1170         arr[6] = (SECT_SIZE_PER(target) >> 8) & 0xff;
1171         arr[7] = SECT_SIZE_PER(target) & 0xff;
1172         return fill_from_dev_buffer(scp, arr, SDEBUG_READCAP_ARR_SZ);
1173 }
1174
1175 #define SDEBUG_READCAP16_ARR_SZ 32
1176 static int resp_readcap16(struct scsi_cmnd * scp,
1177                           struct sdebug_dev_info * devip)
1178 {
1179         unsigned char *cmd = (unsigned char *)scp->cmnd;
1180         unsigned char arr[SDEBUG_READCAP16_ARR_SZ];
1181         unsigned long long capac;
1182         int errsts, k, alloc_len;
1183
1184         if ((errsts = check_readiness(scp, 1, devip)))
1185                 return errsts;
1186         alloc_len = ((cmd[10] << 24) + (cmd[11] << 16) + (cmd[12] << 8)
1187                      + cmd[13]);
1188         /* following just in case virtual_gb changed */
1189         if (scsi_debug_virtual_gb > 0) {
1190                 sdebug_capacity = 2048 * 1024;
1191                 sdebug_capacity *= scsi_debug_virtual_gb;
1192         } else
1193                 sdebug_capacity = sdebug_store_sectors;
1194         memset(arr, 0, SDEBUG_READCAP16_ARR_SZ);
1195         capac = sdebug_capacity - 1;
1196         for (k = 0; k < 8; ++k, capac >>= 8)
1197                 arr[7 - k] = capac & 0xff;
1198         arr[8] = (SECT_SIZE_PER(target) >> 24) & 0xff;
1199         arr[9] = (SECT_SIZE_PER(target) >> 16) & 0xff;
1200         arr[10] = (SECT_SIZE_PER(target) >> 8) & 0xff;
1201         arr[11] = SECT_SIZE_PER(target) & 0xff;
1202         return fill_from_dev_buffer(scp, arr,
1203                                     min(alloc_len, SDEBUG_READCAP16_ARR_SZ));
1204 }
1205
1206 #define SDEBUG_MAX_TGTPGS_ARR_SZ 1412
1207
1208 static int resp_report_tgtpgs(struct scsi_cmnd * scp,
1209                               struct sdebug_dev_info * devip)
1210 {
1211         unsigned char *cmd = (unsigned char *)scp->cmnd;
1212         unsigned char * arr;
1213         int host_no = devip->sdbg_host->shost->host_no;
1214         int n, ret, alen, rlen;
1215         int port_group_a, port_group_b, port_a, port_b;
1216
1217         alen = ((cmd[6] << 24) + (cmd[7] << 16) + (cmd[8] << 8)
1218                 + cmd[9]);
1219
1220         arr = kzalloc(SDEBUG_MAX_TGTPGS_ARR_SZ, GFP_KERNEL);
1221         /*
1222          * EVPD page 0x88 states we have two ports, one
1223          * real and a fake port with no device connected.
1224          * So we create two port groups with one port each
1225          * and set the group with port B to unavailable.
1226          */
1227         port_a = 0x1; /* relative port A */
1228         port_b = 0x2; /* relative port B */
1229         port_group_a = (((host_no + 1) & 0x7f) << 8) +
1230             (devip->channel & 0x7f);
1231         port_group_b = (((host_no + 1) & 0x7f) << 8) +
1232             (devip->channel & 0x7f) + 0x80;
1233
1234         /*
1235          * The asymmetric access state is cycled according to the host_id.
1236          */
1237         n = 4;
1238         if (0 == scsi_debug_vpd_use_hostno) {
1239             arr[n++] = host_no % 3; /* Asymm access state */
1240             arr[n++] = 0x0F; /* claim: all states are supported */
1241         } else {
1242             arr[n++] = 0x0; /* Active/Optimized path */
1243             arr[n++] = 0x01; /* claim: only support active/optimized paths */
1244         }
1245         arr[n++] = (port_group_a >> 8) & 0xff;
1246         arr[n++] = port_group_a & 0xff;
1247         arr[n++] = 0;    /* Reserved */
1248         arr[n++] = 0;    /* Status code */
1249         arr[n++] = 0;    /* Vendor unique */
1250         arr[n++] = 0x1;  /* One port per group */
1251         arr[n++] = 0;    /* Reserved */
1252         arr[n++] = 0;    /* Reserved */
1253         arr[n++] = (port_a >> 8) & 0xff;
1254         arr[n++] = port_a & 0xff;
1255         arr[n++] = 3;    /* Port unavailable */
1256         arr[n++] = 0x08; /* claim: only unavailalbe paths are supported */
1257         arr[n++] = (port_group_b >> 8) & 0xff;
1258         arr[n++] = port_group_b & 0xff;
1259         arr[n++] = 0;    /* Reserved */
1260         arr[n++] = 0;    /* Status code */
1261         arr[n++] = 0;    /* Vendor unique */
1262         arr[n++] = 0x1;  /* One port per group */
1263         arr[n++] = 0;    /* Reserved */
1264         arr[n++] = 0;    /* Reserved */
1265         arr[n++] = (port_b >> 8) & 0xff;
1266         arr[n++] = port_b & 0xff;
1267
1268         rlen = n - 4;
1269         arr[0] = (rlen >> 24) & 0xff;
1270         arr[1] = (rlen >> 16) & 0xff;
1271         arr[2] = (rlen >> 8) & 0xff;
1272         arr[3] = rlen & 0xff;
1273
1274         /*
1275          * Return the smallest value of either
1276          * - The allocated length
1277          * - The constructed command length
1278          * - The maximum array size
1279          */
1280         rlen = min(alen,n);
1281         ret = fill_from_dev_buffer(scp, arr,
1282                                    min(rlen, SDEBUG_MAX_TGTPGS_ARR_SZ));
1283         kfree(arr);
1284         return ret;
1285 }
1286
1287 /* <<Following mode page info copied from ST318451LW>> */
1288
1289 static int resp_err_recov_pg(unsigned char * p, int pcontrol, int target)
1290 {       /* Read-Write Error Recovery page for mode_sense */
1291         unsigned char err_recov_pg[] = {0x1, 0xa, 0xc0, 11, 240, 0, 0, 0,
1292                                         5, 0, 0xff, 0xff};
1293
1294         memcpy(p, err_recov_pg, sizeof(err_recov_pg));
1295         if (1 == pcontrol)
1296                 memset(p + 2, 0, sizeof(err_recov_pg) - 2);
1297         return sizeof(err_recov_pg);
1298 }
1299
1300 static int resp_disconnect_pg(unsigned char * p, int pcontrol, int target)
1301 {       /* Disconnect-Reconnect page for mode_sense */
1302         unsigned char disconnect_pg[] = {0x2, 0xe, 128, 128, 0, 10, 0, 0,
1303                                          0, 0, 0, 0, 0, 0, 0, 0};
1304
1305         memcpy(p, disconnect_pg, sizeof(disconnect_pg));
1306         if (1 == pcontrol)
1307                 memset(p + 2, 0, sizeof(disconnect_pg) - 2);
1308         return sizeof(disconnect_pg);
1309 }
1310
1311 static int resp_format_pg(unsigned char * p, int pcontrol, int target)
1312 {       /* Format device page for mode_sense */
1313         unsigned char format_pg[] = {0x3, 0x16, 0, 0, 0, 0, 0, 0,
1314                                      0, 0, 0, 0, 0, 0, 0, 0,
1315                                      0, 0, 0, 0, 0x40, 0, 0, 0};
1316
1317         memcpy(p, format_pg, sizeof(format_pg));
1318         p[10] = (sdebug_sectors_per >> 8) & 0xff;
1319         p[11] = sdebug_sectors_per & 0xff;
1320         p[12] = (SECT_SIZE >> 8) & 0xff;
1321         p[13] = SECT_SIZE & 0xff;
1322         if (DEV_REMOVEABLE(target))
1323                 p[20] |= 0x20; /* should agree with INQUIRY */
1324         if (1 == pcontrol)
1325                 memset(p + 2, 0, sizeof(format_pg) - 2);
1326         return sizeof(format_pg);
1327 }
1328
1329 static int resp_caching_pg(unsigned char * p, int pcontrol, int target)
1330 {       /* Caching page for mode_sense */
1331         unsigned char caching_pg[] = {0x8, 18, 0x14, 0, 0xff, 0xff, 0, 0,
1332                 0xff, 0xff, 0xff, 0xff, 0x80, 0x14, 0, 0,     0, 0, 0, 0};
1333
1334         memcpy(p, caching_pg, sizeof(caching_pg));
1335         if (1 == pcontrol)
1336                 memset(p + 2, 0, sizeof(caching_pg) - 2);
1337         return sizeof(caching_pg);
1338 }
1339
1340 static int resp_ctrl_m_pg(unsigned char * p, int pcontrol, int target)
1341 {       /* Control mode page for mode_sense */
1342         unsigned char ch_ctrl_m_pg[] = {/* 0xa, 10, */ 0x6, 0, 0, 0, 0, 0,
1343                                         0, 0, 0, 0};
1344         unsigned char d_ctrl_m_pg[] = {0xa, 10, 2, 0, 0, 0, 0, 0,
1345                                      0, 0, 0x2, 0x4b};
1346
1347         if (scsi_debug_dsense)
1348                 ctrl_m_pg[2] |= 0x4;
1349         else
1350                 ctrl_m_pg[2] &= ~0x4;
1351         memcpy(p, ctrl_m_pg, sizeof(ctrl_m_pg));
1352         if (1 == pcontrol)
1353                 memcpy(p + 2, ch_ctrl_m_pg, sizeof(ch_ctrl_m_pg));
1354         else if (2 == pcontrol)
1355                 memcpy(p, d_ctrl_m_pg, sizeof(d_ctrl_m_pg));
1356         return sizeof(ctrl_m_pg);
1357 }
1358
1359
1360 static int resp_iec_m_pg(unsigned char * p, int pcontrol, int target)
1361 {       /* Informational Exceptions control mode page for mode_sense */
1362         unsigned char ch_iec_m_pg[] = {/* 0x1c, 0xa, */ 0x4, 0xf, 0, 0, 0, 0,
1363                                        0, 0, 0x0, 0x0};
1364         unsigned char d_iec_m_pg[] = {0x1c, 0xa, 0x08, 0, 0, 0, 0, 0,
1365                                       0, 0, 0x0, 0x0};
1366
1367         memcpy(p, iec_m_pg, sizeof(iec_m_pg));
1368         if (1 == pcontrol)
1369                 memcpy(p + 2, ch_iec_m_pg, sizeof(ch_iec_m_pg));
1370         else if (2 == pcontrol)
1371                 memcpy(p, d_iec_m_pg, sizeof(d_iec_m_pg));
1372         return sizeof(iec_m_pg);
1373 }
1374
1375 static int resp_sas_sf_m_pg(unsigned char * p, int pcontrol, int target)
1376 {       /* SAS SSP mode page - short format for mode_sense */
1377         unsigned char sas_sf_m_pg[] = {0x19, 0x6,
1378                 0x6, 0x0, 0x7, 0xd0, 0x0, 0x0};
1379
1380         memcpy(p, sas_sf_m_pg, sizeof(sas_sf_m_pg));
1381         if (1 == pcontrol)
1382                 memset(p + 2, 0, sizeof(sas_sf_m_pg) - 2);
1383         return sizeof(sas_sf_m_pg);
1384 }
1385
1386
1387 static int resp_sas_pcd_m_spg(unsigned char * p, int pcontrol, int target,
1388                               int target_dev_id)
1389 {       /* SAS phy control and discover mode page for mode_sense */
1390         unsigned char sas_pcd_m_pg[] = {0x59, 0x1, 0, 0x64, 0, 0x6, 0, 2,
1391                     0, 0, 0, 0, 0x10, 0x9, 0x8, 0x0,
1392                     0x52, 0x22, 0x22, 0x20, 0x0, 0x0, 0x0, 0x0,
1393                     0x51, 0x11, 0x11, 0x10, 0x0, 0x0, 0x0, 0x1,
1394                     0x2, 0, 0, 0, 0, 0, 0, 0,
1395                     0x88, 0x99, 0, 0, 0, 0, 0, 0,
1396                     0, 0, 0, 0, 0, 0, 0, 0,
1397                     0, 1, 0, 0, 0x10, 0x9, 0x8, 0x0,
1398                     0x52, 0x22, 0x22, 0x20, 0x0, 0x0, 0x0, 0x0,
1399                     0x51, 0x11, 0x11, 0x10, 0x0, 0x0, 0x0, 0x1,
1400                     0x3, 0, 0, 0, 0, 0, 0, 0,
1401                     0x88, 0x99, 0, 0, 0, 0, 0, 0,
1402                     0, 0, 0, 0, 0, 0, 0, 0,
1403                 };
1404         int port_a, port_b;
1405
1406         port_a = target_dev_id + 1;
1407         port_b = port_a + 1;
1408         memcpy(p, sas_pcd_m_pg, sizeof(sas_pcd_m_pg));
1409         p[20] = (port_a >> 24);
1410         p[21] = (port_a >> 16) & 0xff;
1411         p[22] = (port_a >> 8) & 0xff;
1412         p[23] = port_a & 0xff;
1413         p[48 + 20] = (port_b >> 24);
1414         p[48 + 21] = (port_b >> 16) & 0xff;
1415         p[48 + 22] = (port_b >> 8) & 0xff;
1416         p[48 + 23] = port_b & 0xff;
1417         if (1 == pcontrol)
1418                 memset(p + 4, 0, sizeof(sas_pcd_m_pg) - 4);
1419         return sizeof(sas_pcd_m_pg);
1420 }
1421
1422 static int resp_sas_sha_m_spg(unsigned char * p, int pcontrol)
1423 {       /* SAS SSP shared protocol specific port mode subpage */
1424         unsigned char sas_sha_m_pg[] = {0x59, 0x2, 0, 0xc, 0, 0x6, 0x10, 0,
1425                     0, 0, 0, 0, 0, 0, 0, 0,
1426                 };
1427
1428         memcpy(p, sas_sha_m_pg, sizeof(sas_sha_m_pg));
1429         if (1 == pcontrol)
1430                 memset(p + 4, 0, sizeof(sas_sha_m_pg) - 4);
1431         return sizeof(sas_sha_m_pg);
1432 }
1433
1434 #define SDEBUG_MAX_MSENSE_SZ 256
1435
1436 static int resp_mode_sense(struct scsi_cmnd * scp, int target,
1437                            struct sdebug_dev_info * devip)
1438 {
1439         unsigned char dbd, llbaa;
1440         int pcontrol, pcode, subpcode, bd_len;
1441         unsigned char dev_spec;
1442         int k, alloc_len, msense_6, offset, len, errsts, target_dev_id;
1443         unsigned char * ap;
1444         unsigned char arr[SDEBUG_MAX_MSENSE_SZ];
1445         unsigned char *cmd = (unsigned char *)scp->cmnd;
1446
1447         if ((errsts = check_readiness(scp, 1, devip)))
1448                 return errsts;
1449         dbd = !!(cmd[1] & 0x8);
1450         pcontrol = (cmd[2] & 0xc0) >> 6;
1451         pcode = cmd[2] & 0x3f;
1452         subpcode = cmd[3];
1453         msense_6 = (MODE_SENSE == cmd[0]);
1454         llbaa = msense_6 ? 0 : !!(cmd[1] & 0x10);
1455         if ((0 == scsi_debug_ptype) && (0 == dbd))
1456                 bd_len = llbaa ? 16 : 8;
1457         else
1458                 bd_len = 0;
1459         alloc_len = msense_6 ? cmd[4] : ((cmd[7] << 8) | cmd[8]);
1460         memset(arr, 0, SDEBUG_MAX_MSENSE_SZ);
1461         if (0x3 == pcontrol) {  /* Saving values not supported */
1462                 mk_sense_buffer(devip, ILLEGAL_REQUEST, SAVING_PARAMS_UNSUP,
1463                                 0);
1464                 return check_condition_result;
1465         }
1466         target_dev_id = ((devip->sdbg_host->shost->host_no + 1) * 2000) +
1467                         (devip->target * 1000) - 3;
1468         /* set DPOFUA bit for disks */
1469         if (0 == scsi_debug_ptype)
1470                 dev_spec = (DEV_READONLY(target) ? 0x80 : 0x0) | 0x10;
1471         else
1472                 dev_spec = 0x0;
1473         if (msense_6) {
1474                 arr[2] = dev_spec;
1475                 arr[3] = bd_len;
1476                 offset = 4;
1477         } else {
1478                 arr[3] = dev_spec;
1479                 if (16 == bd_len)
1480                         arr[4] = 0x1;   /* set LONGLBA bit */
1481                 arr[7] = bd_len;        /* assume 255 or less */
1482                 offset = 8;
1483         }
1484         ap = arr + offset;
1485         if ((bd_len > 0) && (0 == sdebug_capacity)) {
1486                 if (scsi_debug_virtual_gb > 0) {
1487                         sdebug_capacity = 2048 * 1024;
1488                         sdebug_capacity *= scsi_debug_virtual_gb;
1489                 } else
1490                         sdebug_capacity = sdebug_store_sectors;
1491         }
1492         if (8 == bd_len) {
1493                 if (sdebug_capacity > 0xfffffffe) {
1494                         ap[0] = 0xff;
1495                         ap[1] = 0xff;
1496                         ap[2] = 0xff;
1497                         ap[3] = 0xff;
1498                 } else {
1499                         ap[0] = (sdebug_capacity >> 24) & 0xff;
1500                         ap[1] = (sdebug_capacity >> 16) & 0xff;
1501                         ap[2] = (sdebug_capacity >> 8) & 0xff;
1502                         ap[3] = sdebug_capacity & 0xff;
1503                 }
1504                 ap[6] = (SECT_SIZE_PER(target) >> 8) & 0xff;
1505                 ap[7] = SECT_SIZE_PER(target) & 0xff;
1506                 offset += bd_len;
1507                 ap = arr + offset;
1508         } else if (16 == bd_len) {
1509                 unsigned long long capac = sdebug_capacity;
1510
1511                 for (k = 0; k < 8; ++k, capac >>= 8)
1512                         ap[7 - k] = capac & 0xff;
1513                 ap[12] = (SECT_SIZE_PER(target) >> 24) & 0xff;
1514                 ap[13] = (SECT_SIZE_PER(target) >> 16) & 0xff;
1515                 ap[14] = (SECT_SIZE_PER(target) >> 8) & 0xff;
1516                 ap[15] = SECT_SIZE_PER(target) & 0xff;
1517                 offset += bd_len;
1518                 ap = arr + offset;
1519         }
1520
1521         if ((subpcode > 0x0) && (subpcode < 0xff) && (0x19 != pcode)) {
1522                 /* TODO: Control Extension page */
1523                 mk_sense_buffer(devip, ILLEGAL_REQUEST, INVALID_FIELD_IN_CDB,
1524                                 0);
1525                 return check_condition_result;
1526         }
1527         switch (pcode) {
1528         case 0x1:       /* Read-Write error recovery page, direct access */
1529                 len = resp_err_recov_pg(ap, pcontrol, target);
1530                 offset += len;
1531                 break;
1532         case 0x2:       /* Disconnect-Reconnect page, all devices */
1533                 len = resp_disconnect_pg(ap, pcontrol, target);
1534                 offset += len;
1535                 break;
1536         case 0x3:       /* Format device page, direct access */
1537                 len = resp_format_pg(ap, pcontrol, target);
1538                 offset += len;
1539                 break;
1540         case 0x8:       /* Caching page, direct access */
1541                 len = resp_caching_pg(ap, pcontrol, target);
1542                 offset += len;
1543                 break;
1544         case 0xa:       /* Control Mode page, all devices */
1545                 len = resp_ctrl_m_pg(ap, pcontrol, target);
1546                 offset += len;
1547                 break;
1548         case 0x19:      /* if spc==1 then sas phy, control+discover */
1549                 if ((subpcode > 0x2) && (subpcode < 0xff)) {
1550                         mk_sense_buffer(devip, ILLEGAL_REQUEST,
1551                                         INVALID_FIELD_IN_CDB, 0);
1552                         return check_condition_result;
1553                 }
1554                 len = 0;
1555                 if ((0x0 == subpcode) || (0xff == subpcode))
1556                         len += resp_sas_sf_m_pg(ap + len, pcontrol, target);
1557                 if ((0x1 == subpcode) || (0xff == subpcode))
1558                         len += resp_sas_pcd_m_spg(ap + len, pcontrol, target,
1559                                                   target_dev_id);
1560                 if ((0x2 == subpcode) || (0xff == subpcode))
1561                         len += resp_sas_sha_m_spg(ap + len, pcontrol);
1562                 offset += len;
1563                 break;
1564         case 0x1c:      /* Informational Exceptions Mode page, all devices */
1565                 len = resp_iec_m_pg(ap, pcontrol, target);
1566                 offset += len;
1567                 break;
1568         case 0x3f:      /* Read all Mode pages */
1569                 if ((0 == subpcode) || (0xff == subpcode)) {
1570                         len = resp_err_recov_pg(ap, pcontrol, target);
1571                         len += resp_disconnect_pg(ap + len, pcontrol, target);
1572                         len += resp_format_pg(ap + len, pcontrol, target);
1573                         len += resp_caching_pg(ap + len, pcontrol, target);
1574                         len += resp_ctrl_m_pg(ap + len, pcontrol, target);
1575                         len += resp_sas_sf_m_pg(ap + len, pcontrol, target);
1576                         if (0xff == subpcode) {
1577                                 len += resp_sas_pcd_m_spg(ap + len, pcontrol,
1578                                                   target, target_dev_id);
1579                                 len += resp_sas_sha_m_spg(ap + len, pcontrol);
1580                         }
1581                         len += resp_iec_m_pg(ap + len, pcontrol, target);
1582                 } else {
1583                         mk_sense_buffer(devip, ILLEGAL_REQUEST,
1584                                         INVALID_FIELD_IN_CDB, 0);
1585                         return check_condition_result;
1586                 }
1587                 offset += len;
1588                 break;
1589         default:
1590                 mk_sense_buffer(devip, ILLEGAL_REQUEST, INVALID_FIELD_IN_CDB,
1591                                 0);
1592                 return check_condition_result;
1593         }
1594         if (msense_6)
1595                 arr[0] = offset - 1;
1596         else {
1597                 arr[0] = ((offset - 2) >> 8) & 0xff;
1598                 arr[1] = (offset - 2) & 0xff;
1599         }
1600         return fill_from_dev_buffer(scp, arr, min(alloc_len, offset));
1601 }
1602
1603 #define SDEBUG_MAX_MSELECT_SZ 512
1604
1605 static int resp_mode_select(struct scsi_cmnd * scp, int mselect6,
1606                             struct sdebug_dev_info * devip)
1607 {
1608         int pf, sp, ps, md_len, bd_len, off, spf, pg_len;
1609         int param_len, res, errsts, mpage;
1610         unsigned char arr[SDEBUG_MAX_MSELECT_SZ];
1611         unsigned char *cmd = (unsigned char *)scp->cmnd;
1612
1613         if ((errsts = check_readiness(scp, 1, devip)))
1614                 return errsts;
1615         memset(arr, 0, sizeof(arr));
1616         pf = cmd[1] & 0x10;
1617         sp = cmd[1] & 0x1;
1618         param_len = mselect6 ? cmd[4] : ((cmd[7] << 8) + cmd[8]);
1619         if ((0 == pf) || sp || (param_len > SDEBUG_MAX_MSELECT_SZ)) {
1620                 mk_sense_buffer(devip, ILLEGAL_REQUEST,
1621                                 INVALID_FIELD_IN_CDB, 0);
1622                 return check_condition_result;
1623         }
1624         res = fetch_to_dev_buffer(scp, arr, param_len);
1625         if (-1 == res)
1626                 return (DID_ERROR << 16);
1627         else if ((res < param_len) &&
1628                  (SCSI_DEBUG_OPT_NOISE & scsi_debug_opts))
1629                 printk(KERN_INFO "scsi_debug: mode_select: cdb indicated=%d, "
1630                        " IO sent=%d bytes\n", param_len, res);
1631         md_len = mselect6 ? (arr[0] + 1) : ((arr[0] << 8) + arr[1] + 2);
1632         bd_len = mselect6 ? arr[3] : ((arr[6] << 8) + arr[7]);
1633         if (md_len > 2) {
1634                 mk_sense_buffer(devip, ILLEGAL_REQUEST,
1635                                 INVALID_FIELD_IN_PARAM_LIST, 0);
1636                 return check_condition_result;
1637         }
1638         off = bd_len + (mselect6 ? 4 : 8);
1639         mpage = arr[off] & 0x3f;
1640         ps = !!(arr[off] & 0x80);
1641         if (ps) {
1642                 mk_sense_buffer(devip, ILLEGAL_REQUEST,
1643                                 INVALID_FIELD_IN_PARAM_LIST, 0);
1644                 return check_condition_result;
1645         }
1646         spf = !!(arr[off] & 0x40);
1647         pg_len = spf ? ((arr[off + 2] << 8) + arr[off + 3] + 4) :
1648                        (arr[off + 1] + 2);
1649         if ((pg_len + off) > param_len) {
1650                 mk_sense_buffer(devip, ILLEGAL_REQUEST,
1651                                 PARAMETER_LIST_LENGTH_ERR, 0);
1652                 return check_condition_result;
1653         }
1654         switch (mpage) {
1655         case 0xa:      /* Control Mode page */
1656                 if (ctrl_m_pg[1] == arr[off + 1]) {
1657                         memcpy(ctrl_m_pg + 2, arr + off + 2,
1658                                sizeof(ctrl_m_pg) - 2);
1659                         scsi_debug_dsense = !!(ctrl_m_pg[2] & 0x4);
1660                         return 0;
1661                 }
1662                 break;
1663         case 0x1c:      /* Informational Exceptions Mode page */
1664                 if (iec_m_pg[1] == arr[off + 1]) {
1665                         memcpy(iec_m_pg + 2, arr + off + 2,
1666                                sizeof(iec_m_pg) - 2);
1667                         return 0;
1668                 }
1669                 break;
1670         default:
1671                 break;
1672         }
1673         mk_sense_buffer(devip, ILLEGAL_REQUEST,
1674                         INVALID_FIELD_IN_PARAM_LIST, 0);
1675         return check_condition_result;
1676 }
1677
1678 static int resp_temp_l_pg(unsigned char * arr)
1679 {
1680         unsigned char temp_l_pg[] = {0x0, 0x0, 0x3, 0x2, 0x0, 38,
1681                                      0x0, 0x1, 0x3, 0x2, 0x0, 65,
1682                 };
1683
1684         memcpy(arr, temp_l_pg, sizeof(temp_l_pg));
1685         return sizeof(temp_l_pg);
1686 }
1687
1688 static int resp_ie_l_pg(unsigned char * arr)
1689 {
1690         unsigned char ie_l_pg[] = {0x0, 0x0, 0x3, 0x3, 0x0, 0x0, 38,
1691                 };
1692
1693         memcpy(arr, ie_l_pg, sizeof(ie_l_pg));
1694         if (iec_m_pg[2] & 0x4) {        /* TEST bit set */
1695                 arr[4] = THRESHOLD_EXCEEDED;
1696                 arr[5] = 0xff;
1697         }
1698         return sizeof(ie_l_pg);
1699 }
1700
1701 #define SDEBUG_MAX_LSENSE_SZ 512
1702
1703 static int resp_log_sense(struct scsi_cmnd * scp,
1704                           struct sdebug_dev_info * devip)
1705 {
1706         int ppc, sp, pcontrol, pcode, subpcode, alloc_len, errsts, len, n;
1707         unsigned char arr[SDEBUG_MAX_LSENSE_SZ];
1708         unsigned char *cmd = (unsigned char *)scp->cmnd;
1709
1710         if ((errsts = check_readiness(scp, 1, devip)))
1711                 return errsts;
1712         memset(arr, 0, sizeof(arr));
1713         ppc = cmd[1] & 0x2;
1714         sp = cmd[1] & 0x1;
1715         if (ppc || sp) {
1716                 mk_sense_buffer(devip, ILLEGAL_REQUEST,
1717                                 INVALID_FIELD_IN_CDB, 0);
1718                 return check_condition_result;
1719         }
1720         pcontrol = (cmd[2] & 0xc0) >> 6;
1721         pcode = cmd[2] & 0x3f;
1722         subpcode = cmd[3] & 0xff;
1723         alloc_len = (cmd[7] << 8) + cmd[8];
1724         arr[0] = pcode;
1725         if (0 == subpcode) {
1726                 switch (pcode) {
1727                 case 0x0:       /* Supported log pages log page */
1728                         n = 4;
1729                         arr[n++] = 0x0;         /* this page */
1730                         arr[n++] = 0xd;         /* Temperature */
1731                         arr[n++] = 0x2f;        /* Informational exceptions */
1732                         arr[3] = n - 4;
1733                         break;
1734                 case 0xd:       /* Temperature log page */
1735                         arr[3] = resp_temp_l_pg(arr + 4);
1736                         break;
1737                 case 0x2f:      /* Informational exceptions log page */
1738                         arr[3] = resp_ie_l_pg(arr + 4);
1739                         break;
1740                 default:
1741                         mk_sense_buffer(devip, ILLEGAL_REQUEST,
1742                                         INVALID_FIELD_IN_CDB, 0);
1743                         return check_condition_result;
1744                 }
1745         } else if (0xff == subpcode) {
1746                 arr[0] |= 0x40;
1747                 arr[1] = subpcode;
1748                 switch (pcode) {
1749                 case 0x0:       /* Supported log pages and subpages log page */
1750                         n = 4;
1751                         arr[n++] = 0x0;
1752                         arr[n++] = 0x0;         /* 0,0 page */
1753                         arr[n++] = 0x0;
1754                         arr[n++] = 0xff;        /* this page */
1755                         arr[n++] = 0xd;
1756                         arr[n++] = 0x0;         /* Temperature */
1757                         arr[n++] = 0x2f;
1758                         arr[n++] = 0x0; /* Informational exceptions */
1759                         arr[3] = n - 4;
1760                         break;
1761                 case 0xd:       /* Temperature subpages */
1762                         n = 4;
1763                         arr[n++] = 0xd;
1764                         arr[n++] = 0x0;         /* Temperature */
1765                         arr[3] = n - 4;
1766                         break;
1767                 case 0x2f:      /* Informational exceptions subpages */
1768                         n = 4;
1769                         arr[n++] = 0x2f;
1770                         arr[n++] = 0x0;         /* Informational exceptions */
1771                         arr[3] = n - 4;
1772                         break;
1773                 default:
1774                         mk_sense_buffer(devip, ILLEGAL_REQUEST,
1775                                         INVALID_FIELD_IN_CDB, 0);
1776                         return check_condition_result;
1777                 }
1778         } else {
1779                 mk_sense_buffer(devip, ILLEGAL_REQUEST,
1780                                 INVALID_FIELD_IN_CDB, 0);
1781                 return check_condition_result;
1782         }
1783         len = min(((arr[2] << 8) + arr[3]) + 4, alloc_len);
1784         return fill_from_dev_buffer(scp, arr,
1785                     min(len, SDEBUG_MAX_INQ_ARR_SZ));
1786 }
1787
1788 static int resp_read(struct scsi_cmnd * SCpnt, unsigned long long lba,
1789                      unsigned int num, struct sdebug_dev_info * devip)
1790 {
1791         unsigned long iflags;
1792         unsigned int block, from_bottom;
1793         unsigned long long u;
1794         int ret;
1795
1796         if (lba + num > sdebug_capacity) {
1797                 mk_sense_buffer(devip, ILLEGAL_REQUEST, ADDR_OUT_OF_RANGE,
1798                                 0);
1799                 return check_condition_result;
1800         }
1801         /* transfer length excessive (tie in to block limits VPD page) */
1802         if (num > sdebug_store_sectors) {
1803                 mk_sense_buffer(devip, ILLEGAL_REQUEST, INVALID_FIELD_IN_CDB,
1804                                 0);
1805                 return check_condition_result;
1806         }
1807         if ((SCSI_DEBUG_OPT_MEDIUM_ERR & scsi_debug_opts) &&
1808             (lba <= OPT_MEDIUM_ERR_ADDR) &&
1809             ((lba + num) > OPT_MEDIUM_ERR_ADDR)) {
1810                 /* claim unrecoverable read error */
1811                 mk_sense_buffer(devip, MEDIUM_ERROR, UNRECOVERED_READ_ERR,
1812                                 0);
1813                 /* set info field and valid bit for fixed descriptor */
1814                 if (0x70 == (devip->sense_buff[0] & 0x7f)) {
1815                         devip->sense_buff[0] |= 0x80;   /* Valid bit */
1816                         ret = OPT_MEDIUM_ERR_ADDR;
1817                         devip->sense_buff[3] = (ret >> 24) & 0xff;
1818                         devip->sense_buff[4] = (ret >> 16) & 0xff;
1819                         devip->sense_buff[5] = (ret >> 8) & 0xff;
1820                         devip->sense_buff[6] = ret & 0xff;
1821                 }
1822                 return check_condition_result;
1823         }
1824         read_lock_irqsave(&atomic_rw, iflags);
1825         if ((lba + num) <= sdebug_store_sectors)
1826                 ret = fill_from_dev_buffer(SCpnt,
1827                                            fake_storep + (lba * SECT_SIZE),
1828                                            num * SECT_SIZE);
1829         else {
1830                 /* modulo when one arg is 64 bits needs do_div() */
1831                 u = lba;
1832                 block = do_div(u, sdebug_store_sectors);
1833                 from_bottom = 0;
1834                 if ((block + num) > sdebug_store_sectors)
1835                         from_bottom = (block + num) - sdebug_store_sectors;
1836                 ret = fill_from_dev_buffer(SCpnt,
1837                                            fake_storep + (block * SECT_SIZE),
1838                                            (num - from_bottom) * SECT_SIZE);
1839                 if ((0 == ret) && (from_bottom > 0))
1840                         ret = fill_from_dev_buffer(SCpnt, fake_storep,
1841                                                    from_bottom * SECT_SIZE);
1842         }
1843         read_unlock_irqrestore(&atomic_rw, iflags);
1844         return ret;
1845 }
1846
1847 static int resp_write(struct scsi_cmnd * SCpnt, unsigned long long lba,
1848                       unsigned int num, struct sdebug_dev_info * devip)
1849 {
1850         unsigned long iflags;
1851         unsigned int block, to_bottom;
1852         unsigned long long u;
1853         int res;
1854
1855         if (lba + num > sdebug_capacity) {
1856                 mk_sense_buffer(devip, ILLEGAL_REQUEST, ADDR_OUT_OF_RANGE,
1857                                 0);
1858                 return check_condition_result;
1859         }
1860         /* transfer length excessive (tie in to block limits VPD page) */
1861         if (num > sdebug_store_sectors) {
1862                 mk_sense_buffer(devip, ILLEGAL_REQUEST, INVALID_FIELD_IN_CDB,
1863                                 0);
1864                 return check_condition_result;
1865         }
1866
1867         write_lock_irqsave(&atomic_rw, iflags);
1868         if ((lba + num) <= sdebug_store_sectors)
1869                 res = fetch_to_dev_buffer(SCpnt,
1870                                           fake_storep + (lba * SECT_SIZE),
1871                                           num * SECT_SIZE);
1872         else {
1873                 /* modulo when one arg is 64 bits needs do_div() */
1874                 u = lba;
1875                 block = do_div(u, sdebug_store_sectors);
1876                 to_bottom = 0;
1877                 if ((block + num) > sdebug_store_sectors)
1878                         to_bottom = (block + num) - sdebug_store_sectors;
1879                 res = fetch_to_dev_buffer(SCpnt,
1880                                           fake_storep + (block * SECT_SIZE),
1881                                           (num - to_bottom) * SECT_SIZE);
1882                 if ((0 == res) && (to_bottom > 0))
1883                         res = fetch_to_dev_buffer(SCpnt, fake_storep,
1884                                                   to_bottom * SECT_SIZE);
1885         }
1886         write_unlock_irqrestore(&atomic_rw, iflags);
1887         if (-1 == res)
1888                 return (DID_ERROR << 16);
1889         else if ((res < (num * SECT_SIZE)) &&
1890                  (SCSI_DEBUG_OPT_NOISE & scsi_debug_opts))
1891                 printk(KERN_INFO "scsi_debug: write: cdb indicated=%u, "
1892                        " IO sent=%d bytes\n", num * SECT_SIZE, res);
1893         return 0;
1894 }
1895
1896 #define SDEBUG_RLUN_ARR_SZ 256
1897
1898 static int resp_report_luns(struct scsi_cmnd * scp,
1899                             struct sdebug_dev_info * devip)
1900 {
1901         unsigned int alloc_len;
1902         int lun_cnt, i, upper, num, n, wlun, lun;
1903         unsigned char *cmd = (unsigned char *)scp->cmnd;
1904         int select_report = (int)cmd[2];
1905         struct scsi_lun *one_lun;
1906         unsigned char arr[SDEBUG_RLUN_ARR_SZ];
1907         unsigned char * max_addr;
1908
1909         alloc_len = cmd[9] + (cmd[8] << 8) + (cmd[7] << 16) + (cmd[6] << 24);
1910         if ((alloc_len < 4) || (select_report > 2)) {
1911                 mk_sense_buffer(devip, ILLEGAL_REQUEST, INVALID_FIELD_IN_CDB,
1912                                 0);
1913                 return check_condition_result;
1914         }
1915         /* can produce response with up to 16k luns (lun 0 to lun 16383) */
1916         memset(arr, 0, SDEBUG_RLUN_ARR_SZ);
1917         lun_cnt = scsi_debug_max_luns;
1918         if (1 == select_report)
1919                 lun_cnt = 0;
1920         else if (scsi_debug_no_lun_0 && (lun_cnt > 0))
1921                 --lun_cnt;
1922         wlun = (select_report > 0) ? 1 : 0;
1923         num = lun_cnt + wlun;
1924         arr[2] = ((sizeof(struct scsi_lun) * num) >> 8) & 0xff;
1925         arr[3] = (sizeof(struct scsi_lun) * num) & 0xff;
1926         n = min((int)((SDEBUG_RLUN_ARR_SZ - 8) /
1927                             sizeof(struct scsi_lun)), num);
1928         if (n < num) {
1929                 wlun = 0;
1930                 lun_cnt = n;
1931         }
1932         one_lun = (struct scsi_lun *) &arr[8];
1933         max_addr = arr + SDEBUG_RLUN_ARR_SZ;
1934         for (i = 0, lun = (scsi_debug_no_lun_0 ? 1 : 0);
1935              ((i < lun_cnt) && ((unsigned char *)(one_lun + i) < max_addr));
1936              i++, lun++) {
1937                 upper = (lun >> 8) & 0x3f;
1938                 if (upper)
1939                         one_lun[i].scsi_lun[0] =
1940                             (upper | (SAM2_LUN_ADDRESS_METHOD << 6));
1941                 one_lun[i].scsi_lun[1] = lun & 0xff;
1942         }
1943         if (wlun) {
1944                 one_lun[i].scsi_lun[0] = (SAM2_WLUN_REPORT_LUNS >> 8) & 0xff;
1945                 one_lun[i].scsi_lun[1] = SAM2_WLUN_REPORT_LUNS & 0xff;
1946                 i++;
1947         }
1948         alloc_len = (unsigned char *)(one_lun + i) - arr;
1949         return fill_from_dev_buffer(scp, arr,
1950                                     min((int)alloc_len, SDEBUG_RLUN_ARR_SZ));
1951 }
1952
1953 /* When timer goes off this function is called. */
1954 static void timer_intr_handler(unsigned long indx)
1955 {
1956         struct sdebug_queued_cmd * sqcp;
1957         unsigned long iflags;
1958
1959         if (indx >= SCSI_DEBUG_CANQUEUE) {
1960                 printk(KERN_ERR "scsi_debug:timer_intr_handler: indx too "
1961                        "large\n");
1962                 return;
1963         }
1964         spin_lock_irqsave(&queued_arr_lock, iflags);
1965         sqcp = &queued_arr[(int)indx];
1966         if (! sqcp->in_use) {
1967                 printk(KERN_ERR "scsi_debug:timer_intr_handler: Unexpected "
1968                        "interrupt\n");
1969                 spin_unlock_irqrestore(&queued_arr_lock, iflags);
1970                 return;
1971         }
1972         sqcp->in_use = 0;
1973         if (sqcp->done_funct) {
1974                 sqcp->a_cmnd->result = sqcp->scsi_result;
1975                 sqcp->done_funct(sqcp->a_cmnd); /* callback to mid level */
1976         }
1977         sqcp->done_funct = NULL;
1978         spin_unlock_irqrestore(&queued_arr_lock, iflags);
1979 }
1980
1981 static int scsi_debug_slave_alloc(struct scsi_device * sdp)
1982 {
1983         if (SCSI_DEBUG_OPT_NOISE & scsi_debug_opts)
1984                 printk(KERN_INFO "scsi_debug: slave_alloc <%u %u %u %u>\n",
1985                        sdp->host->host_no, sdp->channel, sdp->id, sdp->lun);
1986         return 0;
1987 }
1988
1989 static int scsi_debug_slave_configure(struct scsi_device * sdp)
1990 {
1991         struct sdebug_dev_info * devip;
1992
1993         if (SCSI_DEBUG_OPT_NOISE & scsi_debug_opts)
1994                 printk(KERN_INFO "scsi_debug: slave_configure <%u %u %u %u>\n",
1995                        sdp->host->host_no, sdp->channel, sdp->id, sdp->lun);
1996         if (sdp->host->max_cmd_len != SCSI_DEBUG_MAX_CMD_LEN)
1997                 sdp->host->max_cmd_len = SCSI_DEBUG_MAX_CMD_LEN;
1998         devip = devInfoReg(sdp);
1999         sdp->hostdata = devip;
2000         if (sdp->host->cmd_per_lun)
2001                 scsi_adjust_queue_depth(sdp, SDEBUG_TAGGED_QUEUING,
2002                                         sdp->host->cmd_per_lun);
2003         blk_queue_max_segment_size(sdp->request_queue, 256 * 1024);
2004         return 0;
2005 }
2006
2007 static void scsi_debug_slave_destroy(struct scsi_device * sdp)
2008 {
2009         struct sdebug_dev_info * devip =
2010                                 (struct sdebug_dev_info *)sdp->hostdata;
2011
2012         if (SCSI_DEBUG_OPT_NOISE & scsi_debug_opts)
2013                 printk(KERN_INFO "scsi_debug: slave_destroy <%u %u %u %u>\n",
2014                        sdp->host->host_no, sdp->channel, sdp->id, sdp->lun);
2015         if (devip) {
2016                 /* make this slot avaliable for re-use */
2017                 devip->used = 0;
2018                 sdp->hostdata = NULL;
2019         }
2020 }
2021
2022 static struct sdebug_dev_info * devInfoReg(struct scsi_device * sdev)
2023 {
2024         struct sdebug_host_info * sdbg_host;
2025         struct sdebug_dev_info * open_devip = NULL;
2026         struct sdebug_dev_info * devip =
2027                         (struct sdebug_dev_info *)sdev->hostdata;
2028
2029         if (devip)
2030                 return devip;
2031         sdbg_host = *(struct sdebug_host_info **) sdev->host->hostdata;
2032         if(! sdbg_host) {
2033                 printk(KERN_ERR "Host info NULL\n");
2034                 return NULL;
2035         }
2036         list_for_each_entry(devip, &sdbg_host->dev_info_list, dev_list) {
2037                 if ((devip->used) && (devip->channel == sdev->channel) &&
2038                     (devip->target == sdev->id) &&
2039                     (devip->lun == sdev->lun))
2040                         return devip;
2041                 else {
2042                         if ((!devip->used) && (!open_devip))
2043                                 open_devip = devip;
2044                 }
2045         }
2046         if (NULL == open_devip) { /* try and make a new one */
2047                 open_devip = kzalloc(sizeof(*open_devip),GFP_KERNEL);
2048                 if (NULL == open_devip) {
2049                         printk(KERN_ERR "%s: out of memory at line %d\n",
2050                                 __FUNCTION__, __LINE__);
2051                         return NULL;
2052                 }
2053                 open_devip->sdbg_host = sdbg_host;
2054                 list_add_tail(&open_devip->dev_list,
2055                 &sdbg_host->dev_info_list);
2056         }
2057         if (open_devip) {
2058                 open_devip->channel = sdev->channel;
2059                 open_devip->target = sdev->id;
2060                 open_devip->lun = sdev->lun;
2061                 open_devip->sdbg_host = sdbg_host;
2062                 open_devip->reset = 1;
2063                 open_devip->used = 1;
2064                 memset(open_devip->sense_buff, 0, SDEBUG_SENSE_LEN);
2065                 if (scsi_debug_dsense)
2066                         open_devip->sense_buff[0] = 0x72;
2067                 else {
2068                         open_devip->sense_buff[0] = 0x70;
2069                         open_devip->sense_buff[7] = 0xa;
2070                 }
2071                 if (sdev->lun == SAM2_WLUN_REPORT_LUNS)
2072                         open_devip->wlun = SAM2_WLUN_REPORT_LUNS & 0xff;
2073                 return open_devip;
2074         }
2075         return NULL;
2076 }
2077
2078 static void mk_sense_buffer(struct sdebug_dev_info * devip, int key,
2079                             int asc, int asq)
2080 {
2081         unsigned char * sbuff;
2082
2083         sbuff = devip->sense_buff;
2084         memset(sbuff, 0, SDEBUG_SENSE_LEN);
2085         if (scsi_debug_dsense) {
2086                 sbuff[0] = 0x72;  /* descriptor, current */
2087                 sbuff[1] = key;
2088                 sbuff[2] = asc;
2089                 sbuff[3] = asq;
2090         } else {
2091                 sbuff[0] = 0x70;  /* fixed, current */
2092                 sbuff[2] = key;
2093                 sbuff[7] = 0xa;   /* implies 18 byte sense buffer */
2094                 sbuff[12] = asc;
2095                 sbuff[13] = asq;
2096         }
2097         if (SCSI_DEBUG_OPT_NOISE & scsi_debug_opts)
2098                 printk(KERN_INFO "scsi_debug:    [sense_key,asc,ascq]: "
2099                       "[0x%x,0x%x,0x%x]\n", key, asc, asq);
2100 }
2101
2102 static int scsi_debug_abort(struct scsi_cmnd * SCpnt)
2103 {
2104         if (SCSI_DEBUG_OPT_NOISE & scsi_debug_opts)
2105                 printk(KERN_INFO "scsi_debug: abort\n");
2106         ++num_aborts;
2107         stop_queued_cmnd(SCpnt);
2108         return SUCCESS;
2109 }
2110
2111 static int scsi_debug_biosparam(struct scsi_device *sdev,
2112                 struct block_device * bdev, sector_t capacity, int *info)
2113 {
2114         int res;
2115         unsigned char *buf;
2116
2117         if (SCSI_DEBUG_OPT_NOISE & scsi_debug_opts)
2118                 printk(KERN_INFO "scsi_debug: biosparam\n");
2119         buf = scsi_bios_ptable(bdev);
2120         if (buf) {
2121                 res = scsi_partsize(buf, capacity,
2122                                     &info[2], &info[0], &info[1]);
2123                 kfree(buf);
2124                 if (! res)
2125                         return res;
2126         }
2127         info[0] = sdebug_heads;
2128         info[1] = sdebug_sectors_per;
2129         info[2] = sdebug_cylinders_per;
2130         return 0;
2131 }
2132
2133 static int scsi_debug_device_reset(struct scsi_cmnd * SCpnt)
2134 {
2135         struct sdebug_dev_info * devip;
2136
2137         if (SCSI_DEBUG_OPT_NOISE & scsi_debug_opts)
2138                 printk(KERN_INFO "scsi_debug: device_reset\n");
2139         ++num_dev_resets;
2140         if (SCpnt) {
2141                 devip = devInfoReg(SCpnt->device);
2142                 if (devip)
2143                         devip->reset = 1;
2144         }
2145         return SUCCESS;
2146 }
2147
2148 static int scsi_debug_bus_reset(struct scsi_cmnd * SCpnt)
2149 {
2150         struct sdebug_host_info *sdbg_host;
2151         struct sdebug_dev_info * dev_info;
2152         struct scsi_device * sdp;
2153         struct Scsi_Host * hp;
2154
2155         if (SCSI_DEBUG_OPT_NOISE & scsi_debug_opts)
2156                 printk(KERN_INFO "scsi_debug: bus_reset\n");
2157         ++num_bus_resets;
2158         if (SCpnt && ((sdp = SCpnt->device)) && ((hp = sdp->host))) {
2159                 sdbg_host = *(struct sdebug_host_info **) hp->hostdata;
2160                 if (sdbg_host) {
2161                         list_for_each_entry(dev_info,
2162                                             &sdbg_host->dev_info_list,
2163                                             dev_list)
2164                                 dev_info->reset = 1;
2165                 }
2166         }
2167         return SUCCESS;
2168 }
2169
2170 static int scsi_debug_host_reset(struct scsi_cmnd * SCpnt)
2171 {
2172         struct sdebug_host_info * sdbg_host;
2173         struct sdebug_dev_info * dev_info;
2174
2175         if (SCSI_DEBUG_OPT_NOISE & scsi_debug_opts)
2176                 printk(KERN_INFO "scsi_debug: host_reset\n");
2177         ++num_host_resets;
2178         spin_lock(&sdebug_host_list_lock);
2179         list_for_each_entry(sdbg_host, &sdebug_host_list, host_list) {
2180                 list_for_each_entry(dev_info, &sdbg_host->dev_info_list,
2181                                     dev_list)
2182                         dev_info->reset = 1;
2183         }
2184         spin_unlock(&sdebug_host_list_lock);
2185         stop_all_queued();
2186         return SUCCESS;
2187 }
2188
2189 /* Returns 1 if found 'cmnd' and deleted its timer. else returns 0 */
2190 static int stop_queued_cmnd(struct scsi_cmnd * cmnd)
2191 {
2192         unsigned long iflags;
2193         int k;
2194         struct sdebug_queued_cmd * sqcp;
2195
2196         spin_lock_irqsave(&queued_arr_lock, iflags);
2197         for (k = 0; k < SCSI_DEBUG_CANQUEUE; ++k) {
2198                 sqcp = &queued_arr[k];
2199                 if (sqcp->in_use && (cmnd == sqcp->a_cmnd)) {
2200                         del_timer_sync(&sqcp->cmnd_timer);
2201                         sqcp->in_use = 0;
2202                         sqcp->a_cmnd = NULL;
2203                         break;
2204                 }
2205         }
2206         spin_unlock_irqrestore(&queued_arr_lock, iflags);
2207         return (k < SCSI_DEBUG_CANQUEUE) ? 1 : 0;
2208 }
2209
2210 /* Deletes (stops) timers of all queued commands */
2211 static void stop_all_queued(void)
2212 {
2213         unsigned long iflags;
2214         int k;
2215         struct sdebug_queued_cmd * sqcp;
2216
2217         spin_lock_irqsave(&queued_arr_lock, iflags);
2218         for (k = 0; k < SCSI_DEBUG_CANQUEUE; ++k) {
2219                 sqcp = &queued_arr[k];
2220                 if (sqcp->in_use && sqcp->a_cmnd) {
2221                         del_timer_sync(&sqcp->cmnd_timer);
2222                         sqcp->in_use = 0;
2223                         sqcp->a_cmnd = NULL;
2224                 }
2225         }
2226         spin_unlock_irqrestore(&queued_arr_lock, iflags);
2227 }
2228
2229 /* Initializes timers in queued array */
2230 static void __init init_all_queued(void)
2231 {
2232         unsigned long iflags;
2233         int k;
2234         struct sdebug_queued_cmd * sqcp;
2235
2236         spin_lock_irqsave(&queued_arr_lock, iflags);
2237         for (k = 0; k < SCSI_DEBUG_CANQUEUE; ++k) {
2238                 sqcp = &queued_arr[k];
2239                 init_timer(&sqcp->cmnd_timer);
2240                 sqcp->in_use = 0;
2241                 sqcp->a_cmnd = NULL;
2242         }
2243         spin_unlock_irqrestore(&queued_arr_lock, iflags);
2244 }
2245
2246 static void __init sdebug_build_parts(unsigned char * ramp)
2247 {
2248         struct partition * pp;
2249         int starts[SDEBUG_MAX_PARTS + 2];
2250         int sectors_per_part, num_sectors, k;
2251         int heads_by_sects, start_sec, end_sec;
2252
2253         /* assume partition table already zeroed */
2254         if ((scsi_debug_num_parts < 1) || (sdebug_store_size < 1048576))
2255                 return;
2256         if (scsi_debug_num_parts > SDEBUG_MAX_PARTS) {
2257                 scsi_debug_num_parts = SDEBUG_MAX_PARTS;
2258                 printk(KERN_WARNING "scsi_debug:build_parts: reducing "
2259                                     "partitions to %d\n", SDEBUG_MAX_PARTS);
2260         }
2261         num_sectors = (int)sdebug_store_sectors;
2262         sectors_per_part = (num_sectors - sdebug_sectors_per)
2263                            / scsi_debug_num_parts;
2264         heads_by_sects = sdebug_heads * sdebug_sectors_per;
2265         starts[0] = sdebug_sectors_per;
2266         for (k = 1; k < scsi_debug_num_parts; ++k)
2267                 starts[k] = ((k * sectors_per_part) / heads_by_sects)
2268                             * heads_by_sects;
2269         starts[scsi_debug_num_parts] = num_sectors;
2270         starts[scsi_debug_num_parts + 1] = 0;
2271
2272         ramp[510] = 0x55;       /* magic partition markings */
2273         ramp[511] = 0xAA;
2274         pp = (struct partition *)(ramp + 0x1be);
2275         for (k = 0; starts[k + 1]; ++k, ++pp) {
2276                 start_sec = starts[k];
2277                 end_sec = starts[k + 1] - 1;
2278                 pp->boot_ind = 0;
2279
2280                 pp->cyl = start_sec / heads_by_sects;
2281                 pp->head = (start_sec - (pp->cyl * heads_by_sects))
2282                            / sdebug_sectors_per;
2283                 pp->sector = (start_sec % sdebug_sectors_per) + 1;
2284
2285                 pp->end_cyl = end_sec / heads_by_sects;
2286                 pp->end_head = (end_sec - (pp->end_cyl * heads_by_sects))
2287                                / sdebug_sectors_per;
2288                 pp->end_sector = (end_sec % sdebug_sectors_per) + 1;
2289
2290                 pp->start_sect = start_sec;
2291                 pp->nr_sects = end_sec - start_sec + 1;
2292                 pp->sys_ind = 0x83;     /* plain Linux partition */
2293         }
2294 }
2295
2296 static int schedule_resp(struct scsi_cmnd * cmnd,
2297                          struct sdebug_dev_info * devip,
2298                          done_funct_t done, int scsi_result, int delta_jiff)
2299 {
2300         if ((SCSI_DEBUG_OPT_NOISE & scsi_debug_opts) && cmnd) {
2301                 if (scsi_result) {
2302                         struct scsi_device * sdp = cmnd->device;
2303
2304                         printk(KERN_INFO "scsi_debug:    <%u %u %u %u> "
2305                                "non-zero result=0x%x\n", sdp->host->host_no,
2306                                sdp->channel, sdp->id, sdp->lun, scsi_result);
2307                 }
2308         }
2309         if (cmnd && devip) {
2310                 /* simulate autosense by this driver */
2311                 if (SAM_STAT_CHECK_CONDITION == (scsi_result & 0xff))
2312                         memcpy(cmnd->sense_buffer, devip->sense_buff,
2313                                (SCSI_SENSE_BUFFERSIZE > SDEBUG_SENSE_LEN) ?
2314                                SDEBUG_SENSE_LEN : SCSI_SENSE_BUFFERSIZE);
2315         }
2316         if (delta_jiff <= 0) {
2317                 if (cmnd)
2318                         cmnd->result = scsi_result;
2319                 if (done)
2320                         done(cmnd);
2321                 return 0;
2322         } else {
2323                 unsigned long iflags;
2324                 int k;
2325                 struct sdebug_queued_cmd * sqcp = NULL;
2326
2327                 spin_lock_irqsave(&queued_arr_lock, iflags);
2328                 for (k = 0; k < SCSI_DEBUG_CANQUEUE; ++k) {
2329                         sqcp = &queued_arr[k];
2330                         if (! sqcp->in_use)
2331                                 break;
2332                 }
2333                 if (k >= SCSI_DEBUG_CANQUEUE) {
2334                         spin_unlock_irqrestore(&queued_arr_lock, iflags);
2335                         printk(KERN_WARNING "scsi_debug: can_queue exceeded\n");
2336                         return 1;       /* report busy to mid level */
2337                 }
2338                 sqcp->in_use = 1;
2339                 sqcp->a_cmnd = cmnd;
2340                 sqcp->scsi_result = scsi_result;
2341                 sqcp->done_funct = done;
2342                 sqcp->cmnd_timer.function = timer_intr_handler;
2343                 sqcp->cmnd_timer.data = k;
2344                 sqcp->cmnd_timer.expires = jiffies + delta_jiff;
2345                 add_timer(&sqcp->cmnd_timer);
2346                 spin_unlock_irqrestore(&queued_arr_lock, iflags);
2347                 if (cmnd)
2348                         cmnd->result = 0;
2349                 return 0;
2350         }
2351 }
2352
2353 /* Note: The following macros create attribute files in the
2354    /sys/module/scsi_debug/parameters directory. Unfortunately this
2355    driver is unaware of a change and cannot trigger auxiliary actions
2356    as it can when the corresponding attribute in the
2357    /sys/bus/pseudo/drivers/scsi_debug directory is changed.
2358  */
2359 module_param_named(add_host, scsi_debug_add_host, int, S_IRUGO | S_IWUSR);
2360 module_param_named(delay, scsi_debug_delay, int, S_IRUGO | S_IWUSR);
2361 module_param_named(dev_size_mb, scsi_debug_dev_size_mb, int, S_IRUGO);
2362 module_param_named(dsense, scsi_debug_dsense, int, S_IRUGO | S_IWUSR);
2363 module_param_named(every_nth, scsi_debug_every_nth, int, S_IRUGO | S_IWUSR);
2364 module_param_named(fake_rw, scsi_debug_fake_rw, int, S_IRUGO | S_IWUSR);
2365 module_param_named(max_luns, scsi_debug_max_luns, int, S_IRUGO | S_IWUSR);
2366 module_param_named(no_lun_0, scsi_debug_no_lun_0, int, S_IRUGO | S_IWUSR);
2367 module_param_named(num_parts, scsi_debug_num_parts, int, S_IRUGO);
2368 module_param_named(num_tgts, scsi_debug_num_tgts, int, S_IRUGO | S_IWUSR);
2369 module_param_named(opts, scsi_debug_opts, int, S_IRUGO | S_IWUSR);
2370 module_param_named(ptype, scsi_debug_ptype, int, S_IRUGO | S_IWUSR);
2371 module_param_named(scsi_level, scsi_debug_scsi_level, int, S_IRUGO);
2372 module_param_named(virtual_gb, scsi_debug_virtual_gb, int, S_IRUGO | S_IWUSR);
2373 module_param_named(vpd_use_hostno, scsi_debug_vpd_use_hostno, int,
2374                    S_IRUGO | S_IWUSR);
2375
2376 MODULE_AUTHOR("Eric Youngdale + Douglas Gilbert");
2377 MODULE_DESCRIPTION("SCSI debug adapter driver");
2378 MODULE_LICENSE("GPL");
2379 MODULE_VERSION(SCSI_DEBUG_VERSION);
2380
2381 MODULE_PARM_DESC(add_host, "0..127 hosts allowed(def=1)");
2382 MODULE_PARM_DESC(delay, "# of jiffies to delay response(def=1)");
2383 MODULE_PARM_DESC(dev_size_mb, "size in MB of ram shared by devs(def=8)");
2384 MODULE_PARM_DESC(dsense, "use descriptor sense format(def=0 -> fixed)");
2385 MODULE_PARM_DESC(every_nth, "timeout every nth command(def=100)");
2386 MODULE_PARM_DESC(fake_rw, "fake reads/writes instead of copying (def=0)");
2387 MODULE_PARM_DESC(max_luns, "number of LUNs per target to simulate(def=1)");
2388 MODULE_PARM_DESC(no_lun_0, "no LU number 0 (def=0 -> have lun 0)");
2389 MODULE_PARM_DESC(num_parts, "number of partitions(def=0)");
2390 MODULE_PARM_DESC(num_tgts, "number of targets per host to simulate(def=1)");
2391 MODULE_PARM_DESC(opts, "1->noise, 2->medium_error, 4->... (def=0)");
2392 MODULE_PARM_DESC(ptype, "SCSI peripheral type(def=0[disk])");
2393 MODULE_PARM_DESC(scsi_level, "SCSI level to simulate(def=5[SPC-3])");
2394 MODULE_PARM_DESC(virtual_gb, "virtual gigabyte size (def=0 -> use dev_size_mb)");
2395 MODULE_PARM_DESC(vpd_use_hostno, "0 -> dev ids ignore hostno (def=1 -> unique dev ids)");
2396
2397
2398 static char sdebug_info[256];
2399
2400 static const char * scsi_debug_info(struct Scsi_Host * shp)
2401 {
2402         sprintf(sdebug_info, "scsi_debug, version %s [%s], "
2403                 "dev_size_mb=%d, opts=0x%x", SCSI_DEBUG_VERSION,
2404                 scsi_debug_version_date, scsi_debug_dev_size_mb,
2405                 scsi_debug_opts);
2406         return sdebug_info;
2407 }
2408
2409 /* scsi_debug_proc_info
2410  * Used if the driver currently has no own support for /proc/scsi
2411  */
2412 static int scsi_debug_proc_info(struct Scsi_Host *host, char *buffer, char **start, off_t offset,
2413                                 int length, int inout)
2414 {
2415         int len, pos, begin;
2416         int orig_length;
2417
2418         orig_length = length;
2419
2420         if (inout == 1) {
2421                 char arr[16];
2422                 int minLen = length > 15 ? 15 : length;
2423
2424                 if (!capable(CAP_SYS_ADMIN) || !capable(CAP_SYS_RAWIO))
2425                         return -EACCES;
2426                 memcpy(arr, buffer, minLen);
2427                 arr[minLen] = '\0';
2428                 if (1 != sscanf(arr, "%d", &pos))
2429                         return -EINVAL;
2430                 scsi_debug_opts = pos;
2431                 if (scsi_debug_every_nth != 0)
2432                         scsi_debug_cmnd_count = 0;
2433                 return length;
2434         }
2435         begin = 0;
2436         pos = len = sprintf(buffer, "scsi_debug adapter driver, version "
2437             "%s [%s]\n"
2438             "num_tgts=%d, shared (ram) size=%d MB, opts=0x%x, "
2439             "every_nth=%d(curr:%d)\n"
2440             "delay=%d, max_luns=%d, scsi_level=%d\n"
2441             "sector_size=%d bytes, cylinders=%d, heads=%d, sectors=%d\n"
2442             "number of aborts=%d, device_reset=%d, bus_resets=%d, "
2443             "host_resets=%d\n",
2444             SCSI_DEBUG_VERSION, scsi_debug_version_date, scsi_debug_num_tgts,
2445             scsi_debug_dev_size_mb, scsi_debug_opts, scsi_debug_every_nth,
2446             scsi_debug_cmnd_count, scsi_debug_delay,
2447             scsi_debug_max_luns, scsi_debug_scsi_level,
2448             SECT_SIZE, sdebug_cylinders_per, sdebug_heads, sdebug_sectors_per,
2449             num_aborts, num_dev_resets, num_bus_resets, num_host_resets);
2450         if (pos < offset) {
2451                 len = 0;
2452                 begin = pos;
2453         }
2454         *start = buffer + (offset - begin);     /* Start of wanted data */
2455         len -= (offset - begin);
2456         if (len > length)
2457                 len = length;
2458         return len;
2459 }
2460
2461 static ssize_t sdebug_delay_show(struct device_driver * ddp, char * buf)
2462 {
2463         return scnprintf(buf, PAGE_SIZE, "%d\n", scsi_debug_delay);
2464 }
2465
2466 static ssize_t sdebug_delay_store(struct device_driver * ddp,
2467                                   const char * buf, size_t count)
2468 {
2469         int delay;
2470         char work[20];
2471
2472         if (1 == sscanf(buf, "%10s", work)) {
2473                 if ((1 == sscanf(work, "%d", &delay)) && (delay >= 0)) {
2474                         scsi_debug_delay = delay;
2475                         return count;
2476                 }
2477         }
2478         return -EINVAL;
2479 }
2480 DRIVER_ATTR(delay, S_IRUGO | S_IWUSR, sdebug_delay_show,
2481             sdebug_delay_store);
2482
2483 static ssize_t sdebug_opts_show(struct device_driver * ddp, char * buf)
2484 {
2485         return scnprintf(buf, PAGE_SIZE, "0x%x\n", scsi_debug_opts);
2486 }
2487
2488 static ssize_t sdebug_opts_store(struct device_driver * ddp,
2489                                  const char * buf, size_t count)
2490 {
2491         int opts;
2492         char work[20];
2493
2494         if (1 == sscanf(buf, "%10s", work)) {
2495                 if (0 == strnicmp(work,"0x", 2)) {
2496                         if (1 == sscanf(&work[2], "%x", &opts))
2497                                 goto opts_done;
2498                 } else {
2499                         if (1 == sscanf(work, "%d", &opts))
2500                                 goto opts_done;
2501                 }
2502         }
2503         return -EINVAL;
2504 opts_done:
2505         scsi_debug_opts = opts;
2506         scsi_debug_cmnd_count = 0;
2507         return count;
2508 }
2509 DRIVER_ATTR(opts, S_IRUGO | S_IWUSR, sdebug_opts_show,
2510             sdebug_opts_store);
2511
2512 static ssize_t sdebug_ptype_show(struct device_driver * ddp, char * buf)
2513 {
2514         return scnprintf(buf, PAGE_SIZE, "%d\n", scsi_debug_ptype);
2515 }
2516 static ssize_t sdebug_ptype_store(struct device_driver * ddp,
2517                                   const char * buf, size_t count)
2518 {
2519         int n;
2520
2521         if ((count > 0) && (1 == sscanf(buf, "%d", &n)) && (n >= 0)) {
2522                 scsi_debug_ptype = n;
2523                 return count;
2524         }
2525         return -EINVAL;
2526 }
2527 DRIVER_ATTR(ptype, S_IRUGO | S_IWUSR, sdebug_ptype_show, sdebug_ptype_store);
2528
2529 static ssize_t sdebug_dsense_show(struct device_driver * ddp, char * buf)
2530 {
2531         return scnprintf(buf, PAGE_SIZE, "%d\n", scsi_debug_dsense);
2532 }
2533 static ssize_t sdebug_dsense_store(struct device_driver * ddp,
2534                                   const char * buf, size_t count)
2535 {
2536         int n;
2537
2538         if ((count > 0) && (1 == sscanf(buf, "%d", &n)) && (n >= 0)) {
2539                 scsi_debug_dsense = n;
2540                 return count;
2541         }
2542         return -EINVAL;
2543 }
2544 DRIVER_ATTR(dsense, S_IRUGO | S_IWUSR, sdebug_dsense_show,
2545             sdebug_dsense_store);
2546
2547 static ssize_t sdebug_fake_rw_show(struct device_driver * ddp, char * buf)
2548 {
2549         return scnprintf(buf, PAGE_SIZE, "%d\n", scsi_debug_fake_rw);
2550 }
2551 static ssize_t sdebug_fake_rw_store(struct device_driver * ddp,
2552                                     const char * buf, size_t count)
2553 {
2554         int n;
2555
2556         if ((count > 0) && (1 == sscanf(buf, "%d", &n)) && (n >= 0)) {
2557                 scsi_debug_fake_rw = n;
2558                 return count;
2559         }
2560         return -EINVAL;
2561 }
2562 DRIVER_ATTR(fake_rw, S_IRUGO | S_IWUSR, sdebug_fake_rw_show,
2563             sdebug_fake_rw_store);
2564
2565 static ssize_t sdebug_no_lun_0_show(struct device_driver * ddp, char * buf)
2566 {
2567         return scnprintf(buf, PAGE_SIZE, "%d\n", scsi_debug_no_lun_0);
2568 }
2569 static ssize_t sdebug_no_lun_0_store(struct device_driver * ddp,
2570                                      const char * buf, size_t count)
2571 {
2572         int n;
2573
2574         if ((count > 0) && (1 == sscanf(buf, "%d", &n)) && (n >= 0)) {
2575                 scsi_debug_no_lun_0 = n;
2576                 return count;
2577         }
2578         return -EINVAL;
2579 }
2580 DRIVER_ATTR(no_lun_0, S_IRUGO | S_IWUSR, sdebug_no_lun_0_show,
2581             sdebug_no_lun_0_store);
2582
2583 static ssize_t sdebug_num_tgts_show(struct device_driver * ddp, char * buf)
2584 {
2585         return scnprintf(buf, PAGE_SIZE, "%d\n", scsi_debug_num_tgts);
2586 }
2587 static ssize_t sdebug_num_tgts_store(struct device_driver * ddp,
2588                                      const char * buf, size_t count)
2589 {
2590         int n;
2591
2592         if ((count > 0) && (1 == sscanf(buf, "%d", &n)) && (n >= 0)) {
2593                 scsi_debug_num_tgts = n;
2594                 sdebug_max_tgts_luns();
2595                 return count;
2596         }
2597         return -EINVAL;
2598 }
2599 DRIVER_ATTR(num_tgts, S_IRUGO | S_IWUSR, sdebug_num_tgts_show,
2600             sdebug_num_tgts_store);
2601
2602 static ssize_t sdebug_dev_size_mb_show(struct device_driver * ddp, char * buf)
2603 {
2604         return scnprintf(buf, PAGE_SIZE, "%d\n", scsi_debug_dev_size_mb);
2605 }
2606 DRIVER_ATTR(dev_size_mb, S_IRUGO, sdebug_dev_size_mb_show, NULL);
2607
2608 static ssize_t sdebug_num_parts_show(struct device_driver * ddp, char * buf)
2609 {
2610         return scnprintf(buf, PAGE_SIZE, "%d\n", scsi_debug_num_parts);
2611 }
2612 DRIVER_ATTR(num_parts, S_IRUGO, sdebug_num_parts_show, NULL);
2613
2614 static ssize_t sdebug_every_nth_show(struct device_driver * ddp, char * buf)
2615 {
2616         return scnprintf(buf, PAGE_SIZE, "%d\n", scsi_debug_every_nth);
2617 }
2618 static ssize_t sdebug_every_nth_store(struct device_driver * ddp,
2619                                       const char * buf, size_t count)
2620 {
2621         int nth;
2622
2623         if ((count > 0) && (1 == sscanf(buf, "%d", &nth))) {
2624                 scsi_debug_every_nth = nth;
2625                 scsi_debug_cmnd_count = 0;
2626                 return count;
2627         }
2628         return -EINVAL;
2629 }
2630 DRIVER_ATTR(every_nth, S_IRUGO | S_IWUSR, sdebug_every_nth_show,
2631             sdebug_every_nth_store);
2632
2633 static ssize_t sdebug_max_luns_show(struct device_driver * ddp, char * buf)
2634 {
2635         return scnprintf(buf, PAGE_SIZE, "%d\n", scsi_debug_max_luns);
2636 }
2637 static ssize_t sdebug_max_luns_store(struct device_driver * ddp,
2638                                      const char * buf, size_t count)
2639 {
2640         int n;
2641
2642         if ((count > 0) && (1 == sscanf(buf, "%d", &n)) && (n >= 0)) {
2643                 scsi_debug_max_luns = n;
2644                 sdebug_max_tgts_luns();
2645                 return count;
2646         }
2647         return -EINVAL;
2648 }
2649 DRIVER_ATTR(max_luns, S_IRUGO | S_IWUSR, sdebug_max_luns_show,
2650             sdebug_max_luns_store);
2651
2652 static ssize_t sdebug_scsi_level_show(struct device_driver * ddp, char * buf)
2653 {
2654         return scnprintf(buf, PAGE_SIZE, "%d\n", scsi_debug_scsi_level);
2655 }
2656 DRIVER_ATTR(scsi_level, S_IRUGO, sdebug_scsi_level_show, NULL);
2657
2658 static ssize_t sdebug_virtual_gb_show(struct device_driver * ddp, char * buf)
2659 {
2660         return scnprintf(buf, PAGE_SIZE, "%d\n", scsi_debug_virtual_gb);
2661 }
2662 static ssize_t sdebug_virtual_gb_store(struct device_driver * ddp,
2663                                        const char * buf, size_t count)
2664 {
2665         int n;
2666
2667         if ((count > 0) && (1 == sscanf(buf, "%d", &n)) && (n >= 0)) {
2668                 scsi_debug_virtual_gb = n;
2669                 if (scsi_debug_virtual_gb > 0) {
2670                         sdebug_capacity = 2048 * 1024;
2671                         sdebug_capacity *= scsi_debug_virtual_gb;
2672                 } else
2673                         sdebug_capacity = sdebug_store_sectors;
2674                 return count;
2675         }
2676         return -EINVAL;
2677 }
2678 DRIVER_ATTR(virtual_gb, S_IRUGO | S_IWUSR, sdebug_virtual_gb_show,
2679             sdebug_virtual_gb_store);
2680
2681 static ssize_t sdebug_add_host_show(struct device_driver * ddp, char * buf)
2682 {
2683         return scnprintf(buf, PAGE_SIZE, "%d\n", scsi_debug_add_host);
2684 }
2685
2686 static ssize_t sdebug_add_host_store(struct device_driver * ddp,
2687                                      const char * buf, size_t count)
2688 {
2689         int delta_hosts;
2690         char work[20];
2691
2692         if (1 != sscanf(buf, "%10s", work))
2693                 return -EINVAL;
2694         {       /* temporary hack around sscanf() problem with -ve nums */
2695                 int neg = 0;
2696
2697                 if ('-' == *work)
2698                         neg = 1;
2699                 if (1 != sscanf(work + neg, "%d", &delta_hosts))
2700                         return -EINVAL;
2701                 if (neg)
2702                         delta_hosts = -delta_hosts;
2703         }
2704         if (delta_hosts > 0) {
2705                 do {
2706                         sdebug_add_adapter();
2707                 } while (--delta_hosts);
2708         } else if (delta_hosts < 0) {
2709                 do {
2710                         sdebug_remove_adapter();
2711                 } while (++delta_hosts);
2712         }
2713         return count;
2714 }
2715 DRIVER_ATTR(add_host, S_IRUGO | S_IWUSR, sdebug_add_host_show, 
2716             sdebug_add_host_store);
2717
2718 static ssize_t sdebug_vpd_use_hostno_show(struct device_driver * ddp,
2719                                           char * buf)
2720 {
2721         return scnprintf(buf, PAGE_SIZE, "%d\n", scsi_debug_vpd_use_hostno);
2722 }
2723 static ssize_t sdebug_vpd_use_hostno_store(struct device_driver * ddp,
2724                                            const char * buf, size_t count)
2725 {
2726         int n;
2727
2728         if ((count > 0) && (1 == sscanf(buf, "%d", &n)) && (n >= 0)) {
2729                 scsi_debug_vpd_use_hostno = n;
2730                 return count;
2731         }
2732         return -EINVAL;
2733 }
2734 DRIVER_ATTR(vpd_use_hostno, S_IRUGO | S_IWUSR, sdebug_vpd_use_hostno_show,
2735             sdebug_vpd_use_hostno_store);
2736
2737 /* Note: The following function creates attribute files in the
2738    /sys/bus/pseudo/drivers/scsi_debug directory. The advantage of these
2739    files (over those found in the /sys/module/scsi_debug/parameters
2740    directory) is that auxiliary actions can be triggered when an attribute
2741    is changed. For example see: sdebug_add_host_store() above.
2742  */
2743 static int do_create_driverfs_files(void)
2744 {
2745         int ret;
2746
2747         ret = driver_create_file(&sdebug_driverfs_driver, &driver_attr_add_host);
2748         ret |= driver_create_file(&sdebug_driverfs_driver, &driver_attr_delay);
2749         ret |= driver_create_file(&sdebug_driverfs_driver, &driver_attr_dev_size_mb);
2750         ret |= driver_create_file(&sdebug_driverfs_driver, &driver_attr_dsense);
2751         ret |= driver_create_file(&sdebug_driverfs_driver, &driver_attr_every_nth);
2752         ret |= driver_create_file(&sdebug_driverfs_driver, &driver_attr_fake_rw);
2753         ret |= driver_create_file(&sdebug_driverfs_driver, &driver_attr_max_luns);
2754         ret |= driver_create_file(&sdebug_driverfs_driver, &driver_attr_no_lun_0);
2755         ret |= driver_create_file(&sdebug_driverfs_driver, &driver_attr_num_parts);
2756         ret |= driver_create_file(&sdebug_driverfs_driver, &driver_attr_num_tgts);
2757         ret |= driver_create_file(&sdebug_driverfs_driver, &driver_attr_ptype);
2758         ret |= driver_create_file(&sdebug_driverfs_driver, &driver_attr_opts);
2759         ret |= driver_create_file(&sdebug_driverfs_driver, &driver_attr_scsi_level);
2760         ret |= driver_create_file(&sdebug_driverfs_driver, &driver_attr_virtual_gb);
2761         ret |= driver_create_file(&sdebug_driverfs_driver, &driver_attr_vpd_use_hostno);
2762         return ret;
2763 }
2764
2765 static void do_remove_driverfs_files(void)
2766 {
2767         driver_remove_file(&sdebug_driverfs_driver, &driver_attr_vpd_use_hostno);
2768         driver_remove_file(&sdebug_driverfs_driver, &driver_attr_virtual_gb);
2769         driver_remove_file(&sdebug_driverfs_driver, &driver_attr_scsi_level);
2770         driver_remove_file(&sdebug_driverfs_driver, &driver_attr_opts);
2771         driver_remove_file(&sdebug_driverfs_driver, &driver_attr_ptype);
2772         driver_remove_file(&sdebug_driverfs_driver, &driver_attr_num_tgts);
2773         driver_remove_file(&sdebug_driverfs_driver, &driver_attr_num_parts);
2774         driver_remove_file(&sdebug_driverfs_driver, &driver_attr_no_lun_0);
2775         driver_remove_file(&sdebug_driverfs_driver, &driver_attr_max_luns);
2776         driver_remove_file(&sdebug_driverfs_driver, &driver_attr_fake_rw);
2777         driver_remove_file(&sdebug_driverfs_driver, &driver_attr_every_nth);
2778         driver_remove_file(&sdebug_driverfs_driver, &driver_attr_dsense);
2779         driver_remove_file(&sdebug_driverfs_driver, &driver_attr_dev_size_mb);
2780         driver_remove_file(&sdebug_driverfs_driver, &driver_attr_delay);
2781         driver_remove_file(&sdebug_driverfs_driver, &driver_attr_add_host);
2782 }
2783
2784 static int __init scsi_debug_init(void)
2785 {
2786         unsigned int sz;
2787         int host_to_add;
2788         int k;
2789         int ret;
2790
2791         if (scsi_debug_dev_size_mb < 1)
2792                 scsi_debug_dev_size_mb = 1;  /* force minimum 1 MB ramdisk */
2793         sdebug_store_size = (unsigned int)scsi_debug_dev_size_mb * 1048576;
2794         sdebug_store_sectors = sdebug_store_size / SECT_SIZE;
2795         if (scsi_debug_virtual_gb > 0) {
2796                 sdebug_capacity = 2048 * 1024;
2797                 sdebug_capacity *= scsi_debug_virtual_gb;
2798         } else
2799                 sdebug_capacity = sdebug_store_sectors;
2800
2801         /* play around with geometry, don't waste too much on track 0 */
2802         sdebug_heads = 8;
2803         sdebug_sectors_per = 32;
2804         if (scsi_debug_dev_size_mb >= 16)
2805                 sdebug_heads = 32;
2806         else if (scsi_debug_dev_size_mb >= 256)
2807                 sdebug_heads = 64;
2808         sdebug_cylinders_per = (unsigned long)sdebug_capacity /
2809                                (sdebug_sectors_per * sdebug_heads);
2810         if (sdebug_cylinders_per >= 1024) {
2811                 /* other LLDs do this; implies >= 1GB ram disk ... */
2812                 sdebug_heads = 255;
2813                 sdebug_sectors_per = 63;
2814                 sdebug_cylinders_per = (unsigned long)sdebug_capacity /
2815                                (sdebug_sectors_per * sdebug_heads);
2816         }
2817
2818         sz = sdebug_store_size;
2819         fake_storep = vmalloc(sz);
2820         if (NULL == fake_storep) {
2821                 printk(KERN_ERR "scsi_debug_init: out of memory, 1\n");
2822                 return -ENOMEM;
2823         }
2824         memset(fake_storep, 0, sz);
2825         if (scsi_debug_num_parts > 0)
2826                 sdebug_build_parts(fake_storep);
2827
2828         ret = device_register(&pseudo_primary);
2829         if (ret < 0) {
2830                 printk(KERN_WARNING "scsi_debug: device_register error: %d\n",
2831                         ret);
2832                 goto free_vm;
2833         }
2834         ret = bus_register(&pseudo_lld_bus);
2835         if (ret < 0) {
2836                 printk(KERN_WARNING "scsi_debug: bus_register error: %d\n",
2837                         ret);
2838                 goto dev_unreg;
2839         }
2840         ret = driver_register(&sdebug_driverfs_driver);
2841         if (ret < 0) {
2842                 printk(KERN_WARNING "scsi_debug: driver_register error: %d\n",
2843                         ret);
2844                 goto bus_unreg;
2845         }
2846         ret = do_create_driverfs_files();
2847         if (ret < 0) {
2848                 printk(KERN_WARNING "scsi_debug: driver_create_file error: %d\n",
2849                         ret);
2850                 goto del_files;
2851         }
2852
2853         init_all_queued();
2854
2855         sdebug_driver_template.proc_name = (char *)sdebug_proc_name;
2856
2857         host_to_add = scsi_debug_add_host;
2858         scsi_debug_add_host = 0;
2859
2860         for (k = 0; k < host_to_add; k++) {
2861                 if (sdebug_add_adapter()) {
2862                         printk(KERN_ERR "scsi_debug_init: "
2863                                "sdebug_add_adapter failed k=%d\n", k);
2864                         break;
2865                 }
2866         }
2867
2868         if (SCSI_DEBUG_OPT_NOISE & scsi_debug_opts) {
2869                 printk(KERN_INFO "scsi_debug_init: built %d host(s)\n",
2870                        scsi_debug_add_host);
2871         }
2872         return 0;
2873
2874 del_files:
2875         do_remove_driverfs_files();
2876         driver_unregister(&sdebug_driverfs_driver);
2877 bus_unreg:
2878         bus_unregister(&pseudo_lld_bus);
2879 dev_unreg:
2880         device_unregister(&pseudo_primary);
2881 free_vm:
2882         vfree(fake_storep);
2883
2884         return ret;
2885 }
2886
2887 static void __exit scsi_debug_exit(void)
2888 {
2889         int k = scsi_debug_add_host;
2890
2891         stop_all_queued();
2892         for (; k; k--)
2893                 sdebug_remove_adapter();
2894         do_remove_driverfs_files();
2895         driver_unregister(&sdebug_driverfs_driver);
2896         bus_unregister(&pseudo_lld_bus);
2897         device_unregister(&pseudo_primary);
2898
2899         vfree(fake_storep);
2900 }
2901
2902 device_initcall(scsi_debug_init);
2903 module_exit(scsi_debug_exit);
2904
2905 static void pseudo_0_release(struct device * dev)
2906 {
2907         if (SCSI_DEBUG_OPT_NOISE & scsi_debug_opts)
2908                 printk(KERN_INFO "scsi_debug: pseudo_0_release() called\n");
2909 }
2910
2911 static struct device pseudo_primary = {
2912         .bus_id         = "pseudo_0",
2913         .release        = pseudo_0_release,
2914 };
2915
2916 static int pseudo_lld_bus_match(struct device *dev,
2917                           struct device_driver *dev_driver)
2918 {
2919         return 1;
2920 }
2921
2922 static struct bus_type pseudo_lld_bus = {
2923         .name = "pseudo",
2924         .match = pseudo_lld_bus_match,
2925         .probe = sdebug_driver_probe,
2926         .remove = sdebug_driver_remove,
2927 };
2928
2929 static void sdebug_release_adapter(struct device * dev)
2930 {
2931         struct sdebug_host_info *sdbg_host;
2932
2933         sdbg_host = to_sdebug_host(dev);
2934         kfree(sdbg_host);
2935 }
2936
2937 static int sdebug_add_adapter(void)
2938 {
2939         int k, devs_per_host;
2940         int error = 0;
2941         struct sdebug_host_info *sdbg_host;
2942         struct sdebug_dev_info *sdbg_devinfo;
2943         struct list_head *lh, *lh_sf;
2944
2945         sdbg_host = kzalloc(sizeof(*sdbg_host),GFP_KERNEL);
2946
2947         if (NULL == sdbg_host) {
2948                 printk(KERN_ERR "%s: out of memory at line %d\n",
2949                        __FUNCTION__, __LINE__);
2950                 return -ENOMEM;
2951         }
2952
2953         INIT_LIST_HEAD(&sdbg_host->dev_info_list);
2954
2955         devs_per_host = scsi_debug_num_tgts * scsi_debug_max_luns;
2956         for (k = 0; k < devs_per_host; k++) {
2957                 sdbg_devinfo = kzalloc(sizeof(*sdbg_devinfo),GFP_KERNEL);
2958                 if (NULL == sdbg_devinfo) {
2959                         printk(KERN_ERR "%s: out of memory at line %d\n",
2960                                __FUNCTION__, __LINE__);
2961                         error = -ENOMEM;
2962                         goto clean;
2963                 }
2964                 sdbg_devinfo->sdbg_host = sdbg_host;
2965                 list_add_tail(&sdbg_devinfo->dev_list,
2966                               &sdbg_host->dev_info_list);
2967         }
2968
2969         spin_lock(&sdebug_host_list_lock);
2970         list_add_tail(&sdbg_host->host_list, &sdebug_host_list);
2971         spin_unlock(&sdebug_host_list_lock);
2972
2973         sdbg_host->dev.bus = &pseudo_lld_bus;
2974         sdbg_host->dev.parent = &pseudo_primary;
2975         sdbg_host->dev.release = &sdebug_release_adapter;
2976         sprintf(sdbg_host->dev.bus_id, "adapter%d", scsi_debug_add_host);
2977
2978         error = device_register(&sdbg_host->dev);
2979
2980         if (error)
2981                 goto clean;
2982
2983         ++scsi_debug_add_host;
2984         return error;
2985
2986 clean:
2987         list_for_each_safe(lh, lh_sf, &sdbg_host->dev_info_list) {
2988                 sdbg_devinfo = list_entry(lh, struct sdebug_dev_info,
2989                                           dev_list);
2990                 list_del(&sdbg_devinfo->dev_list);
2991                 kfree(sdbg_devinfo);
2992         }
2993
2994         kfree(sdbg_host);
2995         return error;
2996 }
2997
2998 static void sdebug_remove_adapter(void)
2999 {
3000         struct sdebug_host_info * sdbg_host = NULL;
3001
3002         spin_lock(&sdebug_host_list_lock);
3003         if (!list_empty(&sdebug_host_list)) {
3004                 sdbg_host = list_entry(sdebug_host_list.prev,
3005                                        struct sdebug_host_info, host_list);
3006                 list_del(&sdbg_host->host_list);
3007         }
3008         spin_unlock(&sdebug_host_list_lock);
3009
3010         if (!sdbg_host)
3011                 return;
3012
3013         device_unregister(&sdbg_host->dev);
3014         --scsi_debug_add_host;
3015 }
3016
3017 static int sdebug_driver_probe(struct device * dev)
3018 {
3019         int error = 0;
3020         struct sdebug_host_info *sdbg_host;
3021         struct Scsi_Host *hpnt;
3022
3023         sdbg_host = to_sdebug_host(dev);
3024
3025         hpnt = scsi_host_alloc(&sdebug_driver_template, sizeof(sdbg_host));
3026         if (NULL == hpnt) {
3027                 printk(KERN_ERR "%s: scsi_register failed\n", __FUNCTION__);
3028                 error = -ENODEV;
3029                 return error;
3030         }
3031
3032         sdbg_host->shost = hpnt;
3033         *((struct sdebug_host_info **)hpnt->hostdata) = sdbg_host;
3034         if ((hpnt->this_id >= 0) && (scsi_debug_num_tgts > hpnt->this_id))
3035                 hpnt->max_id = scsi_debug_num_tgts + 1;
3036         else
3037                 hpnt->max_id = scsi_debug_num_tgts;
3038         hpnt->max_lun = SAM2_WLUN_REPORT_LUNS;  /* = scsi_debug_max_luns; */
3039
3040         error = scsi_add_host(hpnt, &sdbg_host->dev);
3041         if (error) {
3042                 printk(KERN_ERR "%s: scsi_add_host failed\n", __FUNCTION__);
3043                 error = -ENODEV;
3044                 scsi_host_put(hpnt);
3045         } else
3046                 scsi_scan_host(hpnt);
3047
3048
3049         return error;
3050 }
3051
3052 static int sdebug_driver_remove(struct device * dev)
3053 {
3054         struct list_head *lh, *lh_sf;
3055         struct sdebug_host_info *sdbg_host;
3056         struct sdebug_dev_info *sdbg_devinfo;
3057
3058         sdbg_host = to_sdebug_host(dev);
3059
3060         if (!sdbg_host) {
3061                 printk(KERN_ERR "%s: Unable to locate host info\n",
3062                        __FUNCTION__);
3063                 return -ENODEV;
3064         }
3065
3066         scsi_remove_host(sdbg_host->shost);
3067
3068         list_for_each_safe(lh, lh_sf, &sdbg_host->dev_info_list) {
3069                 sdbg_devinfo = list_entry(lh, struct sdebug_dev_info,
3070                                           dev_list);
3071                 list_del(&sdbg_devinfo->dev_list);
3072                 kfree(sdbg_devinfo);
3073         }
3074
3075         scsi_host_put(sdbg_host->shost);
3076         return 0;
3077 }
3078
3079 static void sdebug_max_tgts_luns(void)
3080 {
3081         struct sdebug_host_info * sdbg_host;
3082         struct Scsi_Host *hpnt;
3083
3084         spin_lock(&sdebug_host_list_lock);
3085         list_for_each_entry(sdbg_host, &sdebug_host_list, host_list) {
3086                 hpnt = sdbg_host->shost;
3087                 if ((hpnt->this_id >= 0) &&
3088                     (scsi_debug_num_tgts > hpnt->this_id))
3089                         hpnt->max_id = scsi_debug_num_tgts + 1;
3090                 else
3091                         hpnt->max_id = scsi_debug_num_tgts;
3092                 hpnt->max_lun = SAM2_WLUN_REPORT_LUNS; /* scsi_debug_max_luns; */
3093         }
3094         spin_unlock(&sdebug_host_list_lock);
3095 }