1 /* SPDX-License-Identifier: BSD-3-Clause 2 * Copyright (C) 2017 Intel Corporation. All rights reserved. 3 * All rights reserved. 4 */ 5 6 #include "spdk/stdinc.h" 7 8 #include <linux/virtio_scsi.h> 9 10 #include "spdk/env.h" 11 #include "spdk/thread.h" 12 #include "spdk/scsi.h" 13 #include "spdk/scsi_spec.h" 14 #include "spdk/util.h" 15 #include "spdk/likely.h" 16 17 #include "spdk/vhost.h" 18 #include "vhost_internal.h" 19 20 /* Features supported by SPDK VHOST lib. */ 21 #define SPDK_VHOST_SCSI_FEATURES (SPDK_VHOST_FEATURES | \ 22 (1ULL << VIRTIO_SCSI_F_INOUT) | \ 23 (1ULL << VIRTIO_SCSI_F_HOTPLUG) | \ 24 (1ULL << VIRTIO_SCSI_F_CHANGE ) | \ 25 (1ULL << VIRTIO_SCSI_F_T10_PI )) 26 27 /* Features that are specified in VIRTIO SCSI but currently not supported: 28 * - Live migration not supported yet 29 * - T10 PI 30 */ 31 #define SPDK_VHOST_SCSI_DISABLED_FEATURES (SPDK_VHOST_DISABLED_FEATURES | \ 32 (1ULL << VIRTIO_SCSI_F_T10_PI )) 33 34 /* Vhost-user-scsi support protocol features */ 35 #define SPDK_VHOST_SCSI_PROTOCOL_FEATURES (1ULL << VHOST_USER_PROTOCOL_F_INFLIGHT_SHMFD) 36 37 #define MGMT_POLL_PERIOD_US (1000 * 5) 38 39 #define VIRTIO_SCSI_CONTROLQ 0 40 #define VIRTIO_SCSI_EVENTQ 1 41 #define VIRTIO_SCSI_REQUESTQ 2 42 43 enum spdk_scsi_dev_vhost_status { 44 /* Target ID is empty. */ 45 VHOST_SCSI_DEV_EMPTY, 46 47 /* Target is still being added. */ 48 VHOST_SCSI_DEV_ADDING, 49 50 /* Target ID occupied. */ 51 VHOST_SCSI_DEV_PRESENT, 52 53 /* Target ID is occupied but removal is in progress. */ 54 VHOST_SCSI_DEV_REMOVING, 55 56 /* In session - device (SCSI target) seen but removed. */ 57 VHOST_SCSI_DEV_REMOVED, 58 }; 59 60 /** Context for a SCSI target in a vhost device */ 61 struct spdk_scsi_dev_vhost_state { 62 struct spdk_scsi_dev *dev; 63 enum spdk_scsi_dev_vhost_status status; 64 spdk_vhost_event_fn remove_cb; 65 void *remove_ctx; 66 }; 67 68 struct spdk_vhost_scsi_dev { 69 int ref; 70 bool registered; 71 struct spdk_vhost_dev vdev; 72 struct spdk_scsi_dev_vhost_state scsi_dev_state[SPDK_VHOST_SCSI_CTRLR_MAX_DEVS]; 73 }; 74 75 /** Context for a SCSI target in a vhost session */ 76 struct spdk_scsi_dev_session_state { 77 struct spdk_scsi_dev *dev; 78 enum spdk_scsi_dev_vhost_status status; 79 }; 80 81 struct spdk_vhost_scsi_session { 82 struct spdk_vhost_session vsession; 83 84 struct spdk_vhost_scsi_dev *svdev; 85 /** Local copy of the device state */ 86 struct spdk_scsi_dev_session_state scsi_dev_state[SPDK_VHOST_SCSI_CTRLR_MAX_DEVS]; 87 struct spdk_poller *requestq_poller; 88 struct spdk_poller *mgmt_poller; 89 struct spdk_poller *stop_poller; 90 }; 91 92 struct spdk_vhost_scsi_task { 93 struct spdk_scsi_task scsi; 94 struct iovec iovs[SPDK_VHOST_IOVS_MAX]; 95 96 union { 97 struct virtio_scsi_cmd_resp *resp; 98 struct virtio_scsi_ctrl_tmf_resp *tmf_resp; 99 }; 100 101 struct spdk_vhost_scsi_session *svsession; 102 struct spdk_scsi_dev *scsi_dev; 103 104 /** Number of bytes that were written. */ 105 uint32_t used_len; 106 107 int req_idx; 108 109 /* If set, the task is currently used for I/O processing. */ 110 bool used; 111 112 struct spdk_vhost_virtqueue *vq; 113 }; 114 115 static int vhost_scsi_start(struct spdk_vhost_dev *vdev, 116 struct spdk_vhost_session *vsession, void *unused); 117 static int vhost_scsi_stop(struct spdk_vhost_session *vsession); 118 static void vhost_scsi_dump_info_json(struct spdk_vhost_dev *vdev, 119 struct spdk_json_write_ctx *w); 120 static void vhost_scsi_write_config_json(struct spdk_vhost_dev *vdev, 121 struct spdk_json_write_ctx *w); 122 static int vhost_scsi_dev_remove(struct spdk_vhost_dev *vdev); 123 static int vhost_scsi_dev_param_changed(struct spdk_vhost_dev *vdev, 124 unsigned scsi_tgt_num); 125 static int alloc_vq_task_pool(struct spdk_vhost_session *vsession, uint16_t qid); 126 127 static const struct spdk_vhost_user_dev_backend spdk_vhost_scsi_user_device_backend = { 128 .session_ctx_size = sizeof(struct spdk_vhost_scsi_session) - sizeof(struct spdk_vhost_session), 129 .start_session = vhost_scsi_start, 130 .stop_session = vhost_scsi_stop, 131 .alloc_vq_tasks = alloc_vq_task_pool, 132 }; 133 134 static const struct spdk_vhost_dev_backend spdk_vhost_scsi_device_backend = { 135 .type = VHOST_BACKEND_SCSI, 136 .dump_info_json = vhost_scsi_dump_info_json, 137 .write_config_json = vhost_scsi_write_config_json, 138 .remove_device = vhost_scsi_dev_remove, 139 .set_coalescing = vhost_user_set_coalescing, 140 .get_coalescing = vhost_user_get_coalescing, 141 }; 142 143 static inline void 144 scsi_task_init(struct spdk_vhost_scsi_task *task) 145 { 146 memset(&task->scsi, 0, sizeof(task->scsi)); 147 /* Tmf_resp pointer and resp pointer are in a union. 148 * Here means task->tmf_resp = task->resp = NULL. 149 */ 150 task->resp = NULL; 151 task->used = true; 152 task->used_len = 0; 153 } 154 155 static void 156 vhost_scsi_task_put(struct spdk_vhost_scsi_task *task) 157 { 158 spdk_scsi_task_put(&task->scsi); 159 } 160 161 static void 162 vhost_scsi_task_free_cb(struct spdk_scsi_task *scsi_task) 163 { 164 struct spdk_vhost_scsi_task *task = SPDK_CONTAINEROF(scsi_task, struct spdk_vhost_scsi_task, scsi); 165 struct spdk_vhost_session *vsession = &task->svsession->vsession; 166 167 assert(vsession->task_cnt > 0); 168 vsession->task_cnt--; 169 task->used = false; 170 } 171 172 static void 173 remove_scsi_tgt(struct spdk_vhost_scsi_dev *svdev, 174 unsigned scsi_tgt_num) 175 { 176 struct spdk_scsi_dev_vhost_state *state; 177 struct spdk_scsi_dev *dev; 178 179 state = &svdev->scsi_dev_state[scsi_tgt_num]; 180 dev = state->dev; 181 state->dev = NULL; 182 assert(state->status == VHOST_SCSI_DEV_REMOVING); 183 state->status = VHOST_SCSI_DEV_EMPTY; 184 spdk_scsi_dev_destruct(dev, NULL, NULL); 185 if (state->remove_cb) { 186 state->remove_cb(&svdev->vdev, state->remove_ctx); 187 state->remove_cb = NULL; 188 } 189 SPDK_INFOLOG(vhost, "removed target 'Target %u'\n", scsi_tgt_num); 190 191 if (--svdev->ref == 0 && svdev->registered == false) { 192 vhost_dev_unregister(&svdev->vdev); 193 free(svdev); 194 } 195 } 196 197 static void 198 vhost_scsi_dev_process_removed_cpl_cb(struct spdk_vhost_dev *vdev, void *ctx) 199 { 200 unsigned scsi_tgt_num = (unsigned)(uintptr_t)ctx; 201 struct spdk_vhost_scsi_dev *svdev = SPDK_CONTAINEROF(vdev, 202 struct spdk_vhost_scsi_dev, vdev); 203 204 /* all sessions have already detached the device */ 205 if (svdev->scsi_dev_state[scsi_tgt_num].status != VHOST_SCSI_DEV_REMOVING) { 206 /* device was already removed in the meantime */ 207 return; 208 } 209 210 remove_scsi_tgt(svdev, scsi_tgt_num); 211 } 212 213 static int 214 vhost_scsi_session_process_removed(struct spdk_vhost_dev *vdev, 215 struct spdk_vhost_session *vsession, void *ctx) 216 { 217 unsigned scsi_tgt_num = (unsigned)(uintptr_t)ctx; 218 struct spdk_vhost_scsi_session *svsession = (struct spdk_vhost_scsi_session *)vsession; 219 struct spdk_scsi_dev_session_state *state = &svsession->scsi_dev_state[scsi_tgt_num]; 220 221 if (state->dev != NULL) { 222 /* there's still a session that references this device, 223 * so abort our foreach chain here. We'll be called 224 * again from this session's management poller after it 225 * is removed in there 226 */ 227 return -1; 228 } 229 230 return 0; 231 } 232 233 static void 234 process_removed_devs(struct spdk_vhost_scsi_session *svsession) 235 { 236 struct spdk_scsi_dev *dev; 237 struct spdk_scsi_dev_session_state *state; 238 int i; 239 240 for (i = 0; i < SPDK_VHOST_SCSI_CTRLR_MAX_DEVS; ++i) { 241 state = &svsession->scsi_dev_state[i]; 242 dev = state->dev; 243 244 if (dev && state->status == VHOST_SCSI_DEV_REMOVING && 245 !spdk_scsi_dev_has_pending_tasks(dev, NULL)) { 246 /* detach the device from this session */ 247 spdk_scsi_dev_free_io_channels(dev); 248 state->dev = NULL; 249 state->status = VHOST_SCSI_DEV_REMOVED; 250 /* try to detach it globally */ 251 spdk_vhost_lock(); 252 vhost_user_dev_foreach_session(&svsession->svdev->vdev, 253 vhost_scsi_session_process_removed, 254 vhost_scsi_dev_process_removed_cpl_cb, 255 (void *)(uintptr_t)i); 256 spdk_vhost_unlock(); 257 } 258 } 259 } 260 261 static void 262 eventq_enqueue(struct spdk_vhost_scsi_session *svsession, unsigned scsi_dev_num, 263 uint32_t event, uint32_t reason) 264 { 265 struct spdk_vhost_session *vsession = &svsession->vsession; 266 struct spdk_vhost_virtqueue *vq; 267 struct vring_desc *desc, *desc_table; 268 struct virtio_scsi_event *desc_ev; 269 uint32_t desc_table_size, req_size = 0; 270 uint16_t req; 271 int rc; 272 273 assert(scsi_dev_num < SPDK_VHOST_SCSI_CTRLR_MAX_DEVS); 274 vq = &vsession->virtqueue[VIRTIO_SCSI_EVENTQ]; 275 276 if (vq->vring.desc == NULL || vhost_vq_avail_ring_get(vq, &req, 1) != 1) { 277 SPDK_ERRLOG("%s: failed to send virtio event (no avail ring entries?).\n", 278 vsession->name); 279 return; 280 } 281 282 rc = vhost_vq_get_desc(vsession, vq, req, &desc, &desc_table, &desc_table_size); 283 if (rc != 0 || desc->len < sizeof(*desc_ev)) { 284 SPDK_ERRLOG("%s: invalid eventq descriptor at index %"PRIu16".\n", 285 vsession->name, req); 286 goto out; 287 } 288 289 desc_ev = vhost_gpa_to_vva(vsession, desc->addr, sizeof(*desc_ev)); 290 if (desc_ev == NULL) { 291 SPDK_ERRLOG("%s: eventq descriptor at index %"PRIu16" points " 292 "to unmapped guest memory address %p.\n", 293 vsession->name, req, (void *)(uintptr_t)desc->addr); 294 goto out; 295 } 296 297 desc_ev->event = event; 298 desc_ev->lun[0] = 1; 299 desc_ev->lun[1] = scsi_dev_num; 300 /* virtio LUN id 0 can refer either to the entire device 301 * or actual LUN 0 (the only supported by vhost for now) 302 */ 303 desc_ev->lun[2] = 0 >> 8; 304 desc_ev->lun[3] = 0 & 0xFF; 305 /* virtio doesn't specify any strict format for LUN id (bytes 2 and 3) 306 * current implementation relies on linux kernel sources 307 */ 308 memset(&desc_ev->lun[4], 0, 4); 309 desc_ev->reason = reason; 310 req_size = sizeof(*desc_ev); 311 312 out: 313 vhost_vq_used_ring_enqueue(vsession, vq, req, req_size); 314 } 315 316 static void 317 submit_completion(struct spdk_vhost_scsi_task *task) 318 { 319 struct spdk_vhost_session *vsession = &task->svsession->vsession; 320 321 vhost_vq_used_ring_enqueue(vsession, task->vq, task->req_idx, 322 task->used_len); 323 SPDK_DEBUGLOG(vhost_scsi, "Finished task (%p) req_idx=%d\n", task, task->req_idx); 324 325 vhost_scsi_task_put(task); 326 } 327 328 static void 329 vhost_scsi_task_mgmt_cpl(struct spdk_scsi_task *scsi_task) 330 { 331 struct spdk_vhost_scsi_task *task = SPDK_CONTAINEROF(scsi_task, struct spdk_vhost_scsi_task, scsi); 332 333 submit_completion(task); 334 } 335 336 static void 337 vhost_scsi_task_cpl(struct spdk_scsi_task *scsi_task) 338 { 339 struct spdk_vhost_scsi_task *task = SPDK_CONTAINEROF(scsi_task, struct spdk_vhost_scsi_task, scsi); 340 341 /* The SCSI task has completed. Do final processing and then post 342 notification to the virtqueue's "used" ring. 343 */ 344 task->resp->status = task->scsi.status; 345 346 if (task->scsi.status != SPDK_SCSI_STATUS_GOOD) { 347 memcpy(task->resp->sense, task->scsi.sense_data, task->scsi.sense_data_len); 348 task->resp->sense_len = task->scsi.sense_data_len; 349 SPDK_DEBUGLOG(vhost_scsi, "Task (%p) req_idx=%d failed - status=%u\n", task, task->req_idx, 350 task->scsi.status); 351 } 352 assert(task->scsi.transfer_len == task->scsi.length); 353 task->resp->resid = task->scsi.length - task->scsi.data_transferred; 354 355 submit_completion(task); 356 } 357 358 static void 359 task_submit(struct spdk_vhost_scsi_task *task) 360 { 361 task->resp->response = VIRTIO_SCSI_S_OK; 362 spdk_scsi_dev_queue_task(task->scsi_dev, &task->scsi); 363 } 364 365 static void 366 mgmt_task_submit(struct spdk_vhost_scsi_task *task, enum spdk_scsi_task_func func) 367 { 368 task->tmf_resp->response = VIRTIO_SCSI_S_OK; 369 task->scsi.function = func; 370 spdk_scsi_dev_queue_mgmt_task(task->scsi_dev, &task->scsi); 371 } 372 373 static void 374 invalid_request(struct spdk_vhost_scsi_task *task) 375 { 376 struct spdk_vhost_session *vsession = &task->svsession->vsession; 377 378 vhost_vq_used_ring_enqueue(vsession, task->vq, task->req_idx, 379 task->used_len); 380 vhost_scsi_task_put(task); 381 382 SPDK_DEBUGLOG(vhost_scsi, "Invalid request (status=%" PRIu8")\n", 383 task->resp ? task->resp->response : -1); 384 } 385 386 static int 387 vhost_scsi_task_init_target(struct spdk_vhost_scsi_task *task, const __u8 *lun) 388 { 389 struct spdk_vhost_scsi_session *svsession = task->svsession; 390 struct spdk_scsi_dev_session_state *state; 391 uint16_t lun_id = (((uint16_t)lun[2] << 8) | lun[3]) & 0x3FFF; 392 393 SPDK_LOGDUMP(vhost_scsi_queue, "LUN", lun, 8); 394 395 /* First byte must be 1 and second is target */ 396 if (lun[0] != 1 || lun[1] >= SPDK_VHOST_SCSI_CTRLR_MAX_DEVS) { 397 return -1; 398 } 399 400 state = &svsession->scsi_dev_state[lun[1]]; 401 task->scsi_dev = state->dev; 402 if (state->dev == NULL || state->status != VHOST_SCSI_DEV_PRESENT) { 403 /* If dev has been hotdetached, return 0 to allow sending 404 * additional hotremove event via sense codes. 405 */ 406 return state->status != VHOST_SCSI_DEV_EMPTY ? 0 : -1; 407 } 408 409 task->scsi.target_port = spdk_scsi_dev_find_port_by_id(task->scsi_dev, 0); 410 task->scsi.lun = spdk_scsi_dev_get_lun(state->dev, lun_id); 411 return 0; 412 } 413 414 static void 415 process_ctrl_request(struct spdk_vhost_scsi_task *task) 416 { 417 struct spdk_vhost_session *vsession = &task->svsession->vsession; 418 struct vring_desc *desc, *desc_table; 419 struct virtio_scsi_ctrl_tmf_req *ctrl_req; 420 struct virtio_scsi_ctrl_an_resp *an_resp; 421 uint32_t desc_table_size, used_len = 0; 422 int rc; 423 424 spdk_scsi_task_construct(&task->scsi, vhost_scsi_task_mgmt_cpl, vhost_scsi_task_free_cb); 425 rc = vhost_vq_get_desc(vsession, task->vq, task->req_idx, &desc, &desc_table, 426 &desc_table_size); 427 if (spdk_unlikely(rc != 0)) { 428 SPDK_ERRLOG("%s: invalid controlq descriptor at index %d.\n", 429 vsession->name, task->req_idx); 430 goto out; 431 } 432 433 ctrl_req = vhost_gpa_to_vva(vsession, desc->addr, sizeof(*ctrl_req)); 434 if (ctrl_req == NULL) { 435 SPDK_ERRLOG("%s: invalid task management request at index %d.\n", 436 vsession->name, task->req_idx); 437 goto out; 438 } 439 440 SPDK_DEBUGLOG(vhost_scsi_queue, 441 "Processing controlq descriptor: desc %d/%p, desc_addr %p, len %d, flags %d, last_used_idx %d; kickfd %d; size %d\n", 442 task->req_idx, desc, (void *)desc->addr, desc->len, desc->flags, task->vq->last_used_idx, 443 task->vq->vring.kickfd, task->vq->vring.size); 444 SPDK_LOGDUMP(vhost_scsi_queue, "Request descriptor", (uint8_t *)ctrl_req, desc->len); 445 446 vhost_scsi_task_init_target(task, ctrl_req->lun); 447 448 vhost_vring_desc_get_next(&desc, desc_table, desc_table_size); 449 if (spdk_unlikely(desc == NULL)) { 450 SPDK_ERRLOG("%s: no response descriptor for controlq request %d.\n", 451 vsession->name, task->req_idx); 452 goto out; 453 } 454 455 /* Process the TMF request */ 456 switch (ctrl_req->type) { 457 case VIRTIO_SCSI_T_TMF: 458 task->tmf_resp = vhost_gpa_to_vva(vsession, desc->addr, sizeof(*task->tmf_resp)); 459 if (spdk_unlikely(desc->len < sizeof(struct virtio_scsi_ctrl_tmf_resp) || task->tmf_resp == NULL)) { 460 SPDK_ERRLOG("%s: TMF response descriptor at index %d points to invalid guest memory region\n", 461 vsession->name, task->req_idx); 462 goto out; 463 } 464 465 /* Check if we are processing a valid request */ 466 if (task->scsi_dev == NULL) { 467 task->tmf_resp->response = VIRTIO_SCSI_S_BAD_TARGET; 468 break; 469 } 470 471 switch (ctrl_req->subtype) { 472 case VIRTIO_SCSI_T_TMF_LOGICAL_UNIT_RESET: 473 /* Handle LUN reset */ 474 SPDK_DEBUGLOG(vhost_scsi_queue, "%s: LUN reset\n", vsession->name); 475 476 mgmt_task_submit(task, SPDK_SCSI_TASK_FUNC_LUN_RESET); 477 return; 478 default: 479 task->tmf_resp->response = VIRTIO_SCSI_S_ABORTED; 480 /* Unsupported command */ 481 SPDK_DEBUGLOG(vhost_scsi_queue, "%s: unsupported TMF command %x\n", 482 vsession->name, ctrl_req->subtype); 483 break; 484 } 485 break; 486 case VIRTIO_SCSI_T_AN_QUERY: 487 case VIRTIO_SCSI_T_AN_SUBSCRIBE: { 488 an_resp = vhost_gpa_to_vva(vsession, desc->addr, sizeof(*an_resp)); 489 if (spdk_unlikely(desc->len < sizeof(struct virtio_scsi_ctrl_an_resp) || an_resp == NULL)) { 490 SPDK_WARNLOG("%s: asynchronous response descriptor points to invalid guest memory region\n", 491 vsession->name); 492 goto out; 493 } 494 495 an_resp->response = VIRTIO_SCSI_S_ABORTED; 496 break; 497 } 498 default: 499 SPDK_DEBUGLOG(vhost_scsi_queue, "%s: Unsupported control command %x\n", 500 vsession->name, ctrl_req->type); 501 break; 502 } 503 504 used_len = sizeof(struct virtio_scsi_ctrl_tmf_resp); 505 out: 506 vhost_vq_used_ring_enqueue(vsession, task->vq, task->req_idx, used_len); 507 vhost_scsi_task_put(task); 508 } 509 510 /* 511 * Process task's descriptor chain and setup data related fields. 512 * Return 513 * -1 if request is invalid and must be aborted, 514 * 0 if all data are set. 515 */ 516 static int 517 task_data_setup(struct spdk_vhost_scsi_task *task, 518 struct virtio_scsi_cmd_req **req) 519 { 520 struct spdk_vhost_session *vsession = &task->svsession->vsession; 521 struct vring_desc *desc, *desc_table; 522 struct iovec *iovs = task->iovs; 523 uint16_t iovcnt = 0; 524 uint32_t desc_table_len, len = 0; 525 int rc; 526 527 spdk_scsi_task_construct(&task->scsi, vhost_scsi_task_cpl, vhost_scsi_task_free_cb); 528 529 rc = vhost_vq_get_desc(vsession, task->vq, task->req_idx, &desc, &desc_table, &desc_table_len); 530 /* First descriptor must be readable */ 531 if (spdk_unlikely(rc != 0 || vhost_vring_desc_is_wr(desc) || 532 desc->len < sizeof(struct virtio_scsi_cmd_req))) { 533 SPDK_WARNLOG("%s: invalid first request descriptor at index %"PRIu16".\n", 534 vsession->name, task->req_idx); 535 goto invalid_task; 536 } 537 538 *req = vhost_gpa_to_vva(vsession, desc->addr, sizeof(**req)); 539 if (spdk_unlikely(*req == NULL)) { 540 SPDK_WARNLOG("%s: request descriptor at index %d points to invalid guest memory region\n", 541 vsession->name, task->req_idx); 542 goto invalid_task; 543 } 544 545 /* Each request must have at least 2 descriptors (e.g. request and response) */ 546 vhost_vring_desc_get_next(&desc, desc_table, desc_table_len); 547 if (desc == NULL) { 548 SPDK_WARNLOG("%s: descriptor chain at index %d contains neither payload nor response buffer.\n", 549 vsession->name, task->req_idx); 550 goto invalid_task; 551 } 552 task->scsi.dxfer_dir = vhost_vring_desc_is_wr(desc) ? SPDK_SCSI_DIR_FROM_DEV : 553 SPDK_SCSI_DIR_TO_DEV; 554 task->scsi.iovs = iovs; 555 556 if (task->scsi.dxfer_dir == SPDK_SCSI_DIR_FROM_DEV) { 557 /* 558 * FROM_DEV (READ): [RD_req][WR_resp][WR_buf0]...[WR_bufN] 559 */ 560 task->resp = vhost_gpa_to_vva(vsession, desc->addr, sizeof(*task->resp)); 561 if (spdk_unlikely(desc->len < sizeof(struct virtio_scsi_cmd_resp) || task->resp == NULL)) { 562 SPDK_WARNLOG("%s: response descriptor at index %d points to invalid guest memory region\n", 563 vsession->name, task->req_idx); 564 goto invalid_task; 565 } 566 rc = vhost_vring_desc_get_next(&desc, desc_table, desc_table_len); 567 if (spdk_unlikely(rc != 0)) { 568 SPDK_WARNLOG("%s: invalid descriptor chain at request index %d (descriptor id overflow?).\n", 569 vsession->name, task->req_idx); 570 goto invalid_task; 571 } 572 573 if (desc == NULL) { 574 /* 575 * TEST UNIT READY command and some others might not contain any payload and this is not an error. 576 */ 577 SPDK_DEBUGLOG(vhost_scsi_data, 578 "No payload descriptors for FROM DEV command req_idx=%"PRIu16".\n", task->req_idx); 579 SPDK_LOGDUMP(vhost_scsi_data, "CDB=", (*req)->cdb, VIRTIO_SCSI_CDB_SIZE); 580 task->used_len = sizeof(struct virtio_scsi_cmd_resp); 581 task->scsi.iovcnt = 1; 582 task->scsi.iovs[0].iov_len = 0; 583 task->scsi.length = 0; 584 task->scsi.transfer_len = 0; 585 return 0; 586 } 587 588 /* All remaining descriptors are data. */ 589 while (desc) { 590 if (spdk_unlikely(!vhost_vring_desc_is_wr(desc))) { 591 SPDK_WARNLOG("%s: FROM DEV cmd: descriptor nr %" PRIu16" in payload chain is read only.\n", 592 vsession->name, iovcnt); 593 goto invalid_task; 594 } 595 596 if (spdk_unlikely(vhost_vring_desc_to_iov(vsession, iovs, &iovcnt, desc))) { 597 goto invalid_task; 598 } 599 len += desc->len; 600 601 rc = vhost_vring_desc_get_next(&desc, desc_table, desc_table_len); 602 if (spdk_unlikely(rc != 0)) { 603 SPDK_WARNLOG("%s: invalid payload in descriptor chain starting at index %d.\n", 604 vsession->name, task->req_idx); 605 goto invalid_task; 606 } 607 } 608 609 task->used_len = sizeof(struct virtio_scsi_cmd_resp) + len; 610 } else { 611 SPDK_DEBUGLOG(vhost_scsi_data, "TO DEV"); 612 /* 613 * TO_DEV (WRITE):[RD_req][RD_buf0]...[RD_bufN][WR_resp] 614 * No need to check descriptor WR flag as this is done while setting scsi.dxfer_dir. 615 */ 616 617 /* Process descriptors up to response. */ 618 while (!vhost_vring_desc_is_wr(desc)) { 619 if (spdk_unlikely(vhost_vring_desc_to_iov(vsession, iovs, &iovcnt, desc))) { 620 goto invalid_task; 621 } 622 len += desc->len; 623 624 vhost_vring_desc_get_next(&desc, desc_table, desc_table_len); 625 if (spdk_unlikely(desc == NULL)) { 626 SPDK_WARNLOG("%s: TO_DEV cmd: no response descriptor.\n", vsession->name); 627 goto invalid_task; 628 } 629 } 630 631 task->resp = vhost_gpa_to_vva(vsession, desc->addr, sizeof(*task->resp)); 632 if (spdk_unlikely(desc->len < sizeof(struct virtio_scsi_cmd_resp) || task->resp == NULL)) { 633 SPDK_WARNLOG("%s: response descriptor at index %d points to invalid guest memory region\n", 634 vsession->name, task->req_idx); 635 goto invalid_task; 636 } 637 638 task->used_len = sizeof(struct virtio_scsi_cmd_resp); 639 } 640 641 task->scsi.iovcnt = iovcnt; 642 task->scsi.length = len; 643 task->scsi.transfer_len = len; 644 return 0; 645 646 invalid_task: 647 SPDK_DEBUGLOG(vhost_scsi_data, "%s: Invalid task at index %"PRIu16".\n", 648 vsession->name, task->req_idx); 649 return -1; 650 } 651 652 static int 653 process_request(struct spdk_vhost_scsi_task *task) 654 { 655 struct virtio_scsi_cmd_req *req; 656 int result; 657 658 result = task_data_setup(task, &req); 659 if (result) { 660 return result; 661 } 662 663 result = vhost_scsi_task_init_target(task, req->lun); 664 if (spdk_unlikely(result != 0)) { 665 task->resp->response = VIRTIO_SCSI_S_BAD_TARGET; 666 return -1; 667 } 668 669 task->scsi.cdb = req->cdb; 670 SPDK_LOGDUMP(vhost_scsi_data, "request CDB", req->cdb, VIRTIO_SCSI_CDB_SIZE); 671 672 if (spdk_unlikely(task->scsi.lun == NULL)) { 673 spdk_scsi_task_process_null_lun(&task->scsi); 674 task->resp->response = VIRTIO_SCSI_S_OK; 675 return 1; 676 } 677 678 return 0; 679 } 680 681 static void 682 process_scsi_task(struct spdk_vhost_session *vsession, 683 struct spdk_vhost_virtqueue *vq, 684 uint16_t req_idx) 685 { 686 struct spdk_vhost_scsi_task *task; 687 int result; 688 689 task = &((struct spdk_vhost_scsi_task *)vq->tasks)[req_idx]; 690 if (spdk_unlikely(task->used)) { 691 SPDK_ERRLOG("%s: request with idx '%"PRIu16"' is already pending.\n", 692 vsession->name, req_idx); 693 vhost_vq_used_ring_enqueue(vsession, vq, req_idx, 0); 694 return; 695 } 696 697 vsession->task_cnt++; 698 scsi_task_init(task); 699 700 if (spdk_unlikely(vq->vring_idx == VIRTIO_SCSI_CONTROLQ)) { 701 process_ctrl_request(task); 702 } else { 703 result = process_request(task); 704 if (likely(result == 0)) { 705 task_submit(task); 706 SPDK_DEBUGLOG(vhost_scsi, "====== Task %p req_idx %d submitted ======\n", task, 707 task->req_idx); 708 } else if (result > 0) { 709 vhost_scsi_task_cpl(&task->scsi); 710 SPDK_DEBUGLOG(vhost_scsi, "====== Task %p req_idx %d finished early ======\n", task, 711 task->req_idx); 712 } else { 713 invalid_request(task); 714 SPDK_DEBUGLOG(vhost_scsi, "====== Task %p req_idx %d failed ======\n", task, 715 task->req_idx); 716 } 717 } 718 } 719 720 static int 721 submit_inflight_desc(struct spdk_vhost_scsi_session *svsession, 722 struct spdk_vhost_virtqueue *vq) 723 { 724 struct spdk_vhost_session *vsession; 725 spdk_vhost_resubmit_info *resubmit; 726 spdk_vhost_resubmit_desc *resubmit_list; 727 uint16_t req_idx; 728 int i, resubmit_cnt; 729 730 resubmit = vq->vring_inflight.resubmit_inflight; 731 if (spdk_likely(resubmit == NULL || resubmit->resubmit_list == NULL || 732 resubmit->resubmit_num == 0)) { 733 return 0; 734 } 735 736 resubmit_list = resubmit->resubmit_list; 737 vsession = &svsession->vsession; 738 739 for (i = resubmit->resubmit_num - 1; i >= 0; --i) { 740 req_idx = resubmit_list[resubmit->resubmit_num].index; 741 SPDK_DEBUGLOG(vhost_scsi, "====== Start processing resubmit request idx %"PRIu16"======\n", 742 req_idx); 743 744 if (spdk_unlikely(req_idx >= vq->vring.size)) { 745 SPDK_ERRLOG("%s: request idx '%"PRIu16"' exceeds virtqueue size (%"PRIu16").\n", 746 vsession->name, req_idx, vq->vring.size); 747 vhost_vq_used_ring_enqueue(vsession, vq, req_idx, 0); 748 continue; 749 } 750 751 process_scsi_task(vsession, vq, req_idx); 752 } 753 resubmit_cnt = resubmit->resubmit_num; 754 resubmit->resubmit_num = 0; 755 return resubmit_cnt; 756 } 757 758 static int 759 process_vq(struct spdk_vhost_scsi_session *svsession, struct spdk_vhost_virtqueue *vq) 760 { 761 struct spdk_vhost_session *vsession = &svsession->vsession; 762 uint16_t reqs[32]; 763 uint16_t reqs_cnt, i; 764 int resubmit_cnt; 765 766 resubmit_cnt = submit_inflight_desc(svsession, vq); 767 768 reqs_cnt = vhost_vq_avail_ring_get(vq, reqs, SPDK_COUNTOF(reqs)); 769 assert(reqs_cnt <= 32); 770 771 for (i = 0; i < reqs_cnt; i++) { 772 SPDK_DEBUGLOG(vhost_scsi, "====== Starting processing request idx %"PRIu16"======\n", 773 reqs[i]); 774 775 if (spdk_unlikely(reqs[i] >= vq->vring.size)) { 776 SPDK_ERRLOG("%s: request idx '%"PRIu16"' exceeds virtqueue size (%"PRIu16").\n", 777 vsession->name, reqs[i], vq->vring.size); 778 vhost_vq_used_ring_enqueue(vsession, vq, reqs[i], 0); 779 continue; 780 } 781 782 rte_vhost_set_inflight_desc_split(vsession->vid, vq->vring_idx, reqs[i]); 783 784 process_scsi_task(vsession, vq, reqs[i]); 785 } 786 787 return reqs_cnt > 0 ? reqs_cnt : resubmit_cnt; 788 } 789 790 static int 791 vdev_mgmt_worker(void *arg) 792 { 793 struct spdk_vhost_scsi_session *svsession = arg; 794 struct spdk_vhost_session *vsession = &svsession->vsession; 795 int rc = 0; 796 797 process_removed_devs(svsession); 798 799 if (vsession->virtqueue[VIRTIO_SCSI_EVENTQ].vring.desc) { 800 vhost_vq_used_signal(vsession, &vsession->virtqueue[VIRTIO_SCSI_EVENTQ]); 801 } 802 803 if (vsession->virtqueue[VIRTIO_SCSI_CONTROLQ].vring.desc) { 804 rc = process_vq(svsession, &vsession->virtqueue[VIRTIO_SCSI_CONTROLQ]); 805 vhost_vq_used_signal(vsession, &vsession->virtqueue[VIRTIO_SCSI_CONTROLQ]); 806 } 807 808 return rc > 0 ? SPDK_POLLER_BUSY : SPDK_POLLER_IDLE; 809 } 810 811 static int 812 vdev_worker(void *arg) 813 { 814 struct spdk_vhost_scsi_session *svsession = arg; 815 struct spdk_vhost_session *vsession = &svsession->vsession; 816 uint32_t q_idx; 817 int rc = 0; 818 819 for (q_idx = VIRTIO_SCSI_REQUESTQ; q_idx < vsession->max_queues; q_idx++) { 820 rc = process_vq(svsession, &vsession->virtqueue[q_idx]); 821 vhost_session_vq_used_signal(&vsession->virtqueue[q_idx]); 822 } 823 824 return rc > 0 ? SPDK_POLLER_BUSY : SPDK_POLLER_IDLE; 825 } 826 827 static struct spdk_vhost_scsi_dev * 828 to_scsi_dev(struct spdk_vhost_dev *ctrlr) 829 { 830 if (ctrlr == NULL) { 831 return NULL; 832 } 833 834 if (ctrlr->backend->type != VHOST_BACKEND_SCSI) { 835 SPDK_ERRLOG("%s: not a vhost-scsi device.\n", ctrlr->name); 836 return NULL; 837 } 838 839 return SPDK_CONTAINEROF(ctrlr, struct spdk_vhost_scsi_dev, vdev); 840 } 841 842 static struct spdk_vhost_scsi_session * 843 to_scsi_session(struct spdk_vhost_session *vsession) 844 { 845 assert(vsession->vdev->backend->type == VHOST_BACKEND_SCSI); 846 return (struct spdk_vhost_scsi_session *)vsession; 847 } 848 849 int 850 spdk_vhost_scsi_dev_construct(const char *name, const char *cpumask) 851 { 852 struct spdk_vhost_scsi_dev *svdev = calloc(1, sizeof(*svdev)); 853 int rc; 854 855 if (svdev == NULL) { 856 return -ENOMEM; 857 } 858 859 svdev->vdev.virtio_features = SPDK_VHOST_SCSI_FEATURES; 860 svdev->vdev.disabled_features = SPDK_VHOST_SCSI_DISABLED_FEATURES; 861 svdev->vdev.protocol_features = SPDK_VHOST_SCSI_PROTOCOL_FEATURES; 862 863 spdk_vhost_lock(); 864 rc = vhost_dev_register(&svdev->vdev, name, cpumask, NULL, 865 &spdk_vhost_scsi_device_backend, 866 &spdk_vhost_scsi_user_device_backend); 867 if (rc) { 868 free(svdev); 869 spdk_vhost_unlock(); 870 return rc; 871 } 872 873 svdev->registered = true; 874 875 spdk_vhost_unlock(); 876 return rc; 877 } 878 879 static int 880 vhost_scsi_dev_remove(struct spdk_vhost_dev *vdev) 881 { 882 struct spdk_vhost_scsi_dev *svdev = to_scsi_dev(vdev); 883 int rc = 0, i; 884 885 assert(svdev != NULL); 886 for (i = 0; i < SPDK_VHOST_SCSI_CTRLR_MAX_DEVS; ++i) { 887 if (svdev->scsi_dev_state[i].dev) { 888 rc = spdk_vhost_scsi_dev_remove_tgt(vdev, i, NULL, NULL); 889 if (rc != 0) { 890 SPDK_ERRLOG("%s: failed to force-remove target %d\n", vdev->name, i); 891 return rc; 892 } 893 } 894 } 895 896 svdev->registered = false; 897 898 if (svdev->ref == 0) { 899 rc = vhost_dev_unregister(vdev); 900 free(svdev); 901 } 902 903 return rc; 904 } 905 906 struct spdk_scsi_dev * 907 spdk_vhost_scsi_dev_get_tgt(struct spdk_vhost_dev *vdev, uint8_t num) 908 { 909 struct spdk_vhost_scsi_dev *svdev; 910 911 assert(num < SPDK_VHOST_SCSI_CTRLR_MAX_DEVS); 912 svdev = to_scsi_dev(vdev); 913 assert(svdev != NULL); 914 if (svdev->scsi_dev_state[num].status != VHOST_SCSI_DEV_PRESENT) { 915 return NULL; 916 } 917 918 assert(svdev->scsi_dev_state[num].dev != NULL); 919 return svdev->scsi_dev_state[num].dev; 920 } 921 922 static unsigned 923 get_scsi_dev_num(const struct spdk_vhost_scsi_dev *svdev, 924 const struct spdk_scsi_lun *lun) 925 { 926 const struct spdk_scsi_dev *scsi_dev; 927 unsigned scsi_dev_num; 928 929 assert(lun != NULL); 930 assert(svdev != NULL); 931 scsi_dev = spdk_scsi_lun_get_dev(lun); 932 for (scsi_dev_num = 0; scsi_dev_num < SPDK_VHOST_SCSI_CTRLR_MAX_DEVS; scsi_dev_num++) { 933 if (svdev->scsi_dev_state[scsi_dev_num].dev == scsi_dev) { 934 break; 935 } 936 } 937 938 return scsi_dev_num; 939 } 940 941 static void 942 vhost_scsi_lun_resize(const struct spdk_scsi_lun *lun, void *arg) 943 { 944 struct spdk_vhost_scsi_dev *svdev = arg; 945 unsigned scsi_dev_num; 946 947 scsi_dev_num = get_scsi_dev_num(svdev, lun); 948 if (scsi_dev_num == SPDK_VHOST_SCSI_CTRLR_MAX_DEVS) { 949 /* The entire device has been already removed. */ 950 return; 951 } 952 953 vhost_scsi_dev_param_changed(&svdev->vdev, scsi_dev_num); 954 } 955 956 static void 957 vhost_scsi_lun_hotremove(const struct spdk_scsi_lun *lun, void *arg) 958 { 959 struct spdk_vhost_scsi_dev *svdev = arg; 960 unsigned scsi_dev_num; 961 962 scsi_dev_num = get_scsi_dev_num(svdev, lun); 963 if (scsi_dev_num == SPDK_VHOST_SCSI_CTRLR_MAX_DEVS) { 964 /* The entire device has been already removed. */ 965 return; 966 } 967 968 /* remove entire device */ 969 spdk_vhost_scsi_dev_remove_tgt(&svdev->vdev, scsi_dev_num, NULL, NULL); 970 } 971 972 static void 973 vhost_scsi_dev_add_tgt_cpl_cb(struct spdk_vhost_dev *vdev, void *ctx) 974 { 975 unsigned scsi_tgt_num = (unsigned)(uintptr_t)ctx; 976 struct spdk_vhost_scsi_dev *svdev = SPDK_CONTAINEROF(vdev, 977 struct spdk_vhost_scsi_dev, vdev); 978 struct spdk_scsi_dev_vhost_state *vhost_sdev; 979 980 vhost_sdev = &svdev->scsi_dev_state[scsi_tgt_num]; 981 982 /* All sessions have added the target */ 983 assert(vhost_sdev->status == VHOST_SCSI_DEV_ADDING); 984 vhost_sdev->status = VHOST_SCSI_DEV_PRESENT; 985 svdev->ref++; 986 } 987 988 static int 989 vhost_scsi_session_add_tgt(struct spdk_vhost_dev *vdev, 990 struct spdk_vhost_session *vsession, void *ctx) 991 { 992 unsigned scsi_tgt_num = (unsigned)(uintptr_t)ctx; 993 struct spdk_vhost_scsi_session *svsession = (struct spdk_vhost_scsi_session *)vsession; 994 struct spdk_scsi_dev_session_state *session_sdev = &svsession->scsi_dev_state[scsi_tgt_num]; 995 struct spdk_scsi_dev_vhost_state *vhost_sdev; 996 int rc; 997 998 if (!vsession->started || session_sdev->dev != NULL) { 999 /* Nothing to do. */ 1000 return 0; 1001 } 1002 1003 vhost_sdev = &svsession->svdev->scsi_dev_state[scsi_tgt_num]; 1004 session_sdev->dev = vhost_sdev->dev; 1005 session_sdev->status = VHOST_SCSI_DEV_PRESENT; 1006 1007 rc = spdk_scsi_dev_allocate_io_channels(svsession->scsi_dev_state[scsi_tgt_num].dev); 1008 if (rc != 0) { 1009 SPDK_ERRLOG("%s: Couldn't allocate io channel for SCSI target %u.\n", 1010 vsession->name, scsi_tgt_num); 1011 1012 /* unset the SCSI target so that all I/O to it will be rejected */ 1013 session_sdev->dev = NULL; 1014 /* Set status to EMPTY so that we won't reply with SCSI hotremove 1015 * sense codes - the device hasn't ever been added. 1016 */ 1017 session_sdev->status = VHOST_SCSI_DEV_EMPTY; 1018 1019 /* Return with no error. We'll continue allocating io_channels for 1020 * other sessions on this device in hopes they succeed. The sessions 1021 * that failed to allocate io_channels simply won't be able to 1022 * detect the SCSI target, nor do any I/O to it. 1023 */ 1024 return 0; 1025 } 1026 1027 if (vhost_dev_has_feature(vsession, VIRTIO_SCSI_F_HOTPLUG)) { 1028 eventq_enqueue(svsession, scsi_tgt_num, 1029 VIRTIO_SCSI_T_TRANSPORT_RESET, VIRTIO_SCSI_EVT_RESET_RESCAN); 1030 } else { 1031 SPDK_NOTICELOG("%s: driver does not support hotplug. " 1032 "Please restart it or perform a rescan.\n", 1033 vsession->name); 1034 } 1035 1036 return 0; 1037 } 1038 1039 int 1040 spdk_vhost_scsi_dev_add_tgt(struct spdk_vhost_dev *vdev, int scsi_tgt_num, 1041 const char *bdev_name) 1042 { 1043 struct spdk_vhost_scsi_dev *svdev; 1044 struct spdk_scsi_dev_vhost_state *state; 1045 char target_name[SPDK_SCSI_DEV_MAX_NAME]; 1046 int lun_id_list[1]; 1047 const char *bdev_names_list[1]; 1048 1049 svdev = to_scsi_dev(vdev); 1050 if (!svdev) { 1051 SPDK_ERRLOG("Before adding a SCSI target, there should be a SCSI device."); 1052 return -EINVAL; 1053 } 1054 1055 if (scsi_tgt_num < 0) { 1056 for (scsi_tgt_num = 0; scsi_tgt_num < SPDK_VHOST_SCSI_CTRLR_MAX_DEVS; scsi_tgt_num++) { 1057 if (svdev->scsi_dev_state[scsi_tgt_num].dev == NULL) { 1058 break; 1059 } 1060 } 1061 1062 if (scsi_tgt_num == SPDK_VHOST_SCSI_CTRLR_MAX_DEVS) { 1063 SPDK_ERRLOG("%s: all SCSI target slots are already in use.\n", vdev->name); 1064 return -ENOSPC; 1065 } 1066 } else { 1067 if (scsi_tgt_num >= SPDK_VHOST_SCSI_CTRLR_MAX_DEVS) { 1068 SPDK_ERRLOG("%s: SCSI target number is too big (got %d, max %d), started from 0.\n", 1069 vdev->name, scsi_tgt_num, SPDK_VHOST_SCSI_CTRLR_MAX_DEVS - 1); 1070 return -EINVAL; 1071 } 1072 } 1073 1074 if (bdev_name == NULL) { 1075 SPDK_ERRLOG("No lun name specified\n"); 1076 return -EINVAL; 1077 } 1078 1079 state = &svdev->scsi_dev_state[scsi_tgt_num]; 1080 if (state->dev != NULL) { 1081 SPDK_ERRLOG("%s: SCSI target %u already occupied\n", vdev->name, scsi_tgt_num); 1082 return -EEXIST; 1083 } 1084 1085 /* 1086 * At this stage only one LUN per target 1087 */ 1088 snprintf(target_name, sizeof(target_name), "Target %u", scsi_tgt_num); 1089 lun_id_list[0] = 0; 1090 bdev_names_list[0] = (char *)bdev_name; 1091 1092 state->status = VHOST_SCSI_DEV_ADDING; 1093 state->dev = spdk_scsi_dev_construct_ext(target_name, bdev_names_list, lun_id_list, 1, 1094 SPDK_SPC_PROTOCOL_IDENTIFIER_SAS, 1095 vhost_scsi_lun_resize, svdev, 1096 vhost_scsi_lun_hotremove, svdev); 1097 1098 if (state->dev == NULL) { 1099 state->status = VHOST_SCSI_DEV_EMPTY; 1100 SPDK_ERRLOG("%s: couldn't create SCSI target %u using bdev '%s'\n", 1101 vdev->name, scsi_tgt_num, bdev_name); 1102 return -EINVAL; 1103 } 1104 spdk_scsi_dev_add_port(state->dev, 0, "vhost"); 1105 1106 SPDK_INFOLOG(vhost, "%s: added SCSI target %u using bdev '%s'\n", 1107 vdev->name, scsi_tgt_num, bdev_name); 1108 1109 vhost_user_dev_foreach_session(vdev, vhost_scsi_session_add_tgt, 1110 vhost_scsi_dev_add_tgt_cpl_cb, 1111 (void *)(uintptr_t)scsi_tgt_num); 1112 return scsi_tgt_num; 1113 } 1114 1115 struct scsi_tgt_hotplug_ctx { 1116 unsigned scsi_tgt_num; 1117 bool async_fini; 1118 }; 1119 1120 static void 1121 vhost_scsi_dev_remove_tgt_cpl_cb(struct spdk_vhost_dev *vdev, void *_ctx) 1122 { 1123 struct scsi_tgt_hotplug_ctx *ctx = _ctx; 1124 struct spdk_vhost_scsi_dev *svdev = SPDK_CONTAINEROF(vdev, 1125 struct spdk_vhost_scsi_dev, vdev); 1126 1127 if (!ctx->async_fini) { 1128 /* there aren't any active sessions, so remove the dev and exit */ 1129 remove_scsi_tgt(svdev, ctx->scsi_tgt_num); 1130 } 1131 1132 free(ctx); 1133 } 1134 1135 static int 1136 vhost_scsi_session_remove_tgt(struct spdk_vhost_dev *vdev, 1137 struct spdk_vhost_session *vsession, void *_ctx) 1138 { 1139 struct scsi_tgt_hotplug_ctx *ctx = _ctx; 1140 unsigned scsi_tgt_num = ctx->scsi_tgt_num; 1141 struct spdk_vhost_scsi_session *svsession = (struct spdk_vhost_scsi_session *)vsession; 1142 struct spdk_scsi_dev_session_state *state = &svsession->scsi_dev_state[scsi_tgt_num]; 1143 1144 if (!vsession->started || state->dev == NULL) { 1145 /* Nothing to do */ 1146 return 0; 1147 } 1148 1149 /* Mark the target for removal */ 1150 assert(state->status == VHOST_SCSI_DEV_PRESENT); 1151 state->status = VHOST_SCSI_DEV_REMOVING; 1152 1153 /* Send a hotremove virtio event */ 1154 if (vhost_dev_has_feature(vsession, VIRTIO_SCSI_F_HOTPLUG)) { 1155 eventq_enqueue(svsession, scsi_tgt_num, 1156 VIRTIO_SCSI_T_TRANSPORT_RESET, VIRTIO_SCSI_EVT_RESET_REMOVED); 1157 } 1158 1159 /* Wait for the session's management poller to remove the target after 1160 * all its pending I/O has finished. 1161 */ 1162 ctx->async_fini = true; 1163 return 0; 1164 } 1165 1166 int 1167 spdk_vhost_scsi_dev_remove_tgt(struct spdk_vhost_dev *vdev, unsigned scsi_tgt_num, 1168 spdk_vhost_event_fn cb_fn, void *cb_arg) 1169 { 1170 struct spdk_vhost_scsi_dev *svdev; 1171 struct spdk_scsi_dev_vhost_state *scsi_dev_state; 1172 struct scsi_tgt_hotplug_ctx *ctx; 1173 1174 if (scsi_tgt_num >= SPDK_VHOST_SCSI_CTRLR_MAX_DEVS) { 1175 SPDK_ERRLOG("%s: invalid SCSI target number %d\n", vdev->name, scsi_tgt_num); 1176 return -EINVAL; 1177 } 1178 1179 svdev = to_scsi_dev(vdev); 1180 if (!svdev) { 1181 SPDK_ERRLOG("An invalid SCSI device that removing from a SCSI target."); 1182 return -EINVAL; 1183 } 1184 1185 scsi_dev_state = &svdev->scsi_dev_state[scsi_tgt_num]; 1186 1187 if (scsi_dev_state->status != VHOST_SCSI_DEV_PRESENT) { 1188 return -EBUSY; 1189 } 1190 1191 if (scsi_dev_state->dev == NULL || scsi_dev_state->status == VHOST_SCSI_DEV_ADDING) { 1192 SPDK_ERRLOG("%s: SCSI target %u is not occupied\n", vdev->name, scsi_tgt_num); 1193 return -ENODEV; 1194 } 1195 1196 assert(scsi_dev_state->status != VHOST_SCSI_DEV_EMPTY); 1197 ctx = calloc(1, sizeof(*ctx)); 1198 if (ctx == NULL) { 1199 SPDK_ERRLOG("calloc failed\n"); 1200 return -ENOMEM; 1201 } 1202 1203 ctx->scsi_tgt_num = scsi_tgt_num; 1204 ctx->async_fini = false; 1205 1206 scsi_dev_state->remove_cb = cb_fn; 1207 scsi_dev_state->remove_ctx = cb_arg; 1208 scsi_dev_state->status = VHOST_SCSI_DEV_REMOVING; 1209 1210 vhost_user_dev_foreach_session(vdev, vhost_scsi_session_remove_tgt, 1211 vhost_scsi_dev_remove_tgt_cpl_cb, ctx); 1212 return 0; 1213 } 1214 1215 static int 1216 vhost_scsi_session_param_changed(struct spdk_vhost_dev *vdev, 1217 struct spdk_vhost_session *vsession, void *ctx) 1218 { 1219 unsigned scsi_tgt_num = (unsigned)(uintptr_t)ctx; 1220 struct spdk_vhost_scsi_session *svsession = (struct spdk_vhost_scsi_session *)vsession; 1221 struct spdk_scsi_dev_session_state *state = &svsession->scsi_dev_state[scsi_tgt_num]; 1222 1223 if (!vsession->started || state->dev == NULL) { 1224 /* Nothing to do */ 1225 return 0; 1226 } 1227 1228 /* Send a parameter change virtio event */ 1229 if (vhost_dev_has_feature(vsession, VIRTIO_SCSI_F_CHANGE)) { 1230 /* 1231 * virtio 1.0 spec says: 1232 * By sending this event, the device signals a change in the configuration 1233 * parameters of a logical unit, for example the capacity or cache mode. 1234 * event is set to VIRTIO_SCSI_T_PARAM_CHANGE. lun addresses a logical unit 1235 * in the SCSI host. The same event SHOULD also be reported as a unit 1236 * attention condition. reason contains the additional sense code and 1237 * additional sense code qualifier, respectively in bits 0…7 and 8…15. 1238 * Note: For example, a change in * capacity will be reported as asc 1239 * 0x2a, ascq 0x09 (CAPACITY DATA HAS CHANGED). 1240 */ 1241 eventq_enqueue(svsession, scsi_tgt_num, VIRTIO_SCSI_T_PARAM_CHANGE, 0x2a | (0x09 << 8)); 1242 } 1243 1244 return 0; 1245 } 1246 1247 static int 1248 vhost_scsi_dev_param_changed(struct spdk_vhost_dev *vdev, unsigned scsi_tgt_num) 1249 { 1250 struct spdk_vhost_scsi_dev *svdev; 1251 struct spdk_scsi_dev_vhost_state *scsi_dev_state; 1252 1253 if (scsi_tgt_num >= SPDK_VHOST_SCSI_CTRLR_MAX_DEVS) { 1254 SPDK_ERRLOG("%s: invalid SCSI target number %d\n", vdev->name, scsi_tgt_num); 1255 return -EINVAL; 1256 } 1257 1258 svdev = to_scsi_dev(vdev); 1259 if (!svdev) { 1260 SPDK_ERRLOG("An invalid SCSI device that removing from a SCSI target."); 1261 return -EINVAL; 1262 } 1263 1264 scsi_dev_state = &svdev->scsi_dev_state[scsi_tgt_num]; 1265 1266 if (scsi_dev_state->status != VHOST_SCSI_DEV_PRESENT) { 1267 return -EBUSY; 1268 } 1269 1270 if (scsi_dev_state->dev == NULL || scsi_dev_state->status == VHOST_SCSI_DEV_ADDING) { 1271 SPDK_ERRLOG("%s: SCSI target %u is not occupied\n", vdev->name, scsi_tgt_num); 1272 return -ENODEV; 1273 } 1274 1275 assert(scsi_dev_state->status != VHOST_SCSI_DEV_EMPTY); 1276 1277 vhost_user_dev_foreach_session(vdev, vhost_scsi_session_param_changed, 1278 NULL, (void *)(uintptr_t)scsi_tgt_num); 1279 return 0; 1280 } 1281 1282 static void 1283 free_task_pool(struct spdk_vhost_scsi_session *svsession) 1284 { 1285 struct spdk_vhost_session *vsession = &svsession->vsession; 1286 struct spdk_vhost_virtqueue *vq; 1287 uint16_t i; 1288 1289 for (i = 0; i < vsession->max_queues; i++) { 1290 vq = &vsession->virtqueue[i]; 1291 if (vq->tasks == NULL) { 1292 continue; 1293 } 1294 1295 spdk_free(vq->tasks); 1296 vq->tasks = NULL; 1297 } 1298 } 1299 1300 static int 1301 alloc_vq_task_pool(struct spdk_vhost_session *vsession, uint16_t qid) 1302 { 1303 struct spdk_vhost_scsi_session *svsession = to_scsi_session(vsession); 1304 struct spdk_vhost_virtqueue *vq; 1305 struct spdk_vhost_scsi_task *task; 1306 uint32_t task_cnt; 1307 uint32_t j; 1308 1309 if (qid >= SPDK_VHOST_MAX_VQUEUES) { 1310 return -EINVAL; 1311 } 1312 1313 vq = &vsession->virtqueue[qid]; 1314 if (vq->vring.desc == NULL) { 1315 return 0; 1316 } 1317 1318 task_cnt = vq->vring.size; 1319 if (task_cnt > SPDK_VHOST_MAX_VQ_SIZE) { 1320 /* sanity check */ 1321 SPDK_ERRLOG("%s: virtqueue %"PRIu16" is too big. (size = %"PRIu32", max = %"PRIu32")\n", 1322 vsession->name, qid, task_cnt, SPDK_VHOST_MAX_VQ_SIZE); 1323 return -1; 1324 } 1325 vq->tasks = spdk_zmalloc(sizeof(struct spdk_vhost_scsi_task) * task_cnt, 1326 SPDK_CACHE_LINE_SIZE, NULL, 1327 SPDK_ENV_LCORE_ID_ANY, SPDK_MALLOC_DMA); 1328 if (vq->tasks == NULL) { 1329 SPDK_ERRLOG("%s: failed to allocate %"PRIu32" tasks for virtqueue %"PRIu16"\n", 1330 vsession->name, task_cnt, qid); 1331 return -1; 1332 } 1333 1334 for (j = 0; j < task_cnt; j++) { 1335 task = &((struct spdk_vhost_scsi_task *)vq->tasks)[j]; 1336 task->svsession = svsession; 1337 task->vq = vq; 1338 task->req_idx = j; 1339 } 1340 1341 return 0; 1342 } 1343 1344 static int 1345 vhost_scsi_start(struct spdk_vhost_dev *vdev, 1346 struct spdk_vhost_session *vsession, void *unused) 1347 { 1348 struct spdk_vhost_scsi_session *svsession = to_scsi_session(vsession); 1349 struct spdk_vhost_scsi_dev *svdev; 1350 struct spdk_scsi_dev_vhost_state *state; 1351 uint32_t i; 1352 int rc; 1353 1354 /* return if start is already in progress */ 1355 if (svsession->requestq_poller) { 1356 SPDK_INFOLOG(vhost, "%s: start in progress\n", vsession->name); 1357 return -EINPROGRESS; 1358 } 1359 1360 /* validate all I/O queues are in a contiguous index range */ 1361 if (vsession->max_queues < VIRTIO_SCSI_REQUESTQ + 1) { 1362 SPDK_INFOLOG(vhost, "%s: max_queues %u, no I/O queues\n", vsession->name, vsession->max_queues); 1363 return -1; 1364 } 1365 for (i = VIRTIO_SCSI_REQUESTQ; i < vsession->max_queues; i++) { 1366 if (vsession->virtqueue[i].vring.desc == NULL) { 1367 SPDK_ERRLOG("%s: queue %"PRIu32" is empty\n", vsession->name, i); 1368 return -1; 1369 } 1370 } 1371 1372 svdev = to_scsi_dev(vsession->vdev); 1373 assert(svdev != NULL); 1374 svsession->svdev = svdev; 1375 1376 for (i = 0; i < SPDK_VHOST_SCSI_CTRLR_MAX_DEVS; i++) { 1377 state = &svdev->scsi_dev_state[i]; 1378 if (state->dev == NULL || state->status == VHOST_SCSI_DEV_REMOVING) { 1379 continue; 1380 } 1381 1382 assert(svsession->scsi_dev_state[i].status == VHOST_SCSI_DEV_EMPTY); 1383 svsession->scsi_dev_state[i].dev = state->dev; 1384 svsession->scsi_dev_state[i].status = VHOST_SCSI_DEV_PRESENT; 1385 rc = spdk_scsi_dev_allocate_io_channels(state->dev); 1386 if (rc != 0) { 1387 SPDK_ERRLOG("%s: failed to alloc io_channel for SCSI target %"PRIu32"\n", 1388 vsession->name, i); 1389 /* unset the SCSI target so that all I/O to it will be rejected */ 1390 svsession->scsi_dev_state[i].dev = NULL; 1391 /* set EMPTY state so that we won't reply with SCSI hotremove 1392 * sense codes - the device hasn't ever been added. 1393 */ 1394 svsession->scsi_dev_state[i].status = VHOST_SCSI_DEV_EMPTY; 1395 continue; 1396 } 1397 } 1398 SPDK_INFOLOG(vhost, "%s: started poller on lcore %d\n", 1399 vsession->name, spdk_env_get_current_core()); 1400 1401 svsession->requestq_poller = SPDK_POLLER_REGISTER(vdev_worker, svsession, 0); 1402 svsession->mgmt_poller = SPDK_POLLER_REGISTER(vdev_mgmt_worker, svsession, 1403 MGMT_POLL_PERIOD_US); 1404 return 0; 1405 } 1406 1407 static int 1408 destroy_session_poller_cb(void *arg) 1409 { 1410 struct spdk_vhost_scsi_session *svsession = arg; 1411 struct spdk_vhost_session *vsession = &svsession->vsession; 1412 struct spdk_scsi_dev_session_state *state; 1413 uint32_t i; 1414 1415 if (vsession->task_cnt > 0 || spdk_vhost_trylock() != 0) { 1416 assert(vsession->stop_retry_count > 0); 1417 vsession->stop_retry_count--; 1418 if (vsession->stop_retry_count == 0) { 1419 SPDK_ERRLOG("%s: Timedout when destroy session (task_cnt %d)\n", vsession->name, 1420 vsession->task_cnt); 1421 spdk_poller_unregister(&svsession->stop_poller); 1422 vhost_user_session_stop_done(vsession, -ETIMEDOUT); 1423 } 1424 1425 return SPDK_POLLER_BUSY; 1426 } 1427 1428 for (i = 0; i < vsession->max_queues; i++) { 1429 vhost_vq_used_signal(vsession, &vsession->virtqueue[i]); 1430 } 1431 1432 for (i = 0; i < SPDK_VHOST_SCSI_CTRLR_MAX_DEVS; i++) { 1433 enum spdk_scsi_dev_vhost_status prev_status; 1434 1435 state = &svsession->scsi_dev_state[i]; 1436 /* clear the REMOVED status so that we won't send hotremove events anymore */ 1437 prev_status = state->status; 1438 state->status = VHOST_SCSI_DEV_EMPTY; 1439 if (state->dev == NULL) { 1440 continue; 1441 } 1442 1443 spdk_scsi_dev_free_io_channels(state->dev); 1444 1445 state->dev = NULL; 1446 1447 if (prev_status == VHOST_SCSI_DEV_REMOVING) { 1448 /* try to detach it globally */ 1449 vhost_user_dev_foreach_session(vsession->vdev, 1450 vhost_scsi_session_process_removed, 1451 vhost_scsi_dev_process_removed_cpl_cb, 1452 (void *)(uintptr_t)i); 1453 } 1454 } 1455 1456 SPDK_INFOLOG(vhost, "%s: stopping poller on lcore %d\n", 1457 vsession->name, spdk_env_get_current_core()); 1458 1459 free_task_pool(svsession); 1460 1461 spdk_poller_unregister(&svsession->stop_poller); 1462 vhost_user_session_stop_done(vsession, 0); 1463 1464 spdk_vhost_unlock(); 1465 return SPDK_POLLER_BUSY; 1466 } 1467 1468 static int 1469 vhost_scsi_stop_cb(struct spdk_vhost_dev *vdev, 1470 struct spdk_vhost_session *vsession, void *unused) 1471 { 1472 struct spdk_vhost_scsi_session *svsession = to_scsi_session(vsession); 1473 1474 /* return if stop is already in progress */ 1475 if (svsession->stop_poller) { 1476 return -EINPROGRESS; 1477 } 1478 1479 /* Stop receiving new I/O requests */ 1480 spdk_poller_unregister(&svsession->requestq_poller); 1481 1482 /* Stop receiving controlq requests, also stop processing the 1483 * asynchronous hotremove events. All the remaining events 1484 * will be finalized by the stop_poller below. 1485 */ 1486 spdk_poller_unregister(&svsession->mgmt_poller); 1487 1488 /* vhost_user_session_send_event timeout is 3 seconds, here set retry within 4 seconds */ 1489 svsession->vsession.stop_retry_count = 4000; 1490 1491 /* Wait for all pending I/Os to complete, then process all the 1492 * remaining hotremove events one last time. 1493 */ 1494 svsession->stop_poller = SPDK_POLLER_REGISTER(destroy_session_poller_cb, 1495 svsession, 1000); 1496 1497 return 0; 1498 } 1499 1500 static int 1501 vhost_scsi_stop(struct spdk_vhost_session *vsession) 1502 { 1503 return vhost_user_session_send_event(vsession, vhost_scsi_stop_cb, 1504 3, "stop session"); 1505 } 1506 1507 static void 1508 vhost_scsi_dump_info_json(struct spdk_vhost_dev *vdev, struct spdk_json_write_ctx *w) 1509 { 1510 struct spdk_scsi_dev *sdev; 1511 struct spdk_scsi_lun *lun; 1512 uint32_t dev_idx; 1513 1514 assert(vdev != NULL); 1515 spdk_json_write_named_array_begin(w, "scsi"); 1516 for (dev_idx = 0; dev_idx < SPDK_VHOST_SCSI_CTRLR_MAX_DEVS; dev_idx++) { 1517 sdev = spdk_vhost_scsi_dev_get_tgt(vdev, dev_idx); 1518 if (!sdev) { 1519 continue; 1520 } 1521 1522 spdk_json_write_object_begin(w); 1523 1524 spdk_json_write_named_uint32(w, "scsi_dev_num", dev_idx); 1525 1526 spdk_json_write_named_uint32(w, "id", spdk_scsi_dev_get_id(sdev)); 1527 1528 spdk_json_write_named_string(w, "target_name", spdk_scsi_dev_get_name(sdev)); 1529 1530 spdk_json_write_named_array_begin(w, "luns"); 1531 1532 for (lun = spdk_scsi_dev_get_first_lun(sdev); lun != NULL; 1533 lun = spdk_scsi_dev_get_next_lun(lun)) { 1534 spdk_json_write_object_begin(w); 1535 1536 spdk_json_write_named_int32(w, "id", spdk_scsi_lun_get_id(lun)); 1537 1538 spdk_json_write_named_string(w, "bdev_name", spdk_scsi_lun_get_bdev_name(lun)); 1539 1540 spdk_json_write_object_end(w); 1541 } 1542 1543 spdk_json_write_array_end(w); 1544 spdk_json_write_object_end(w); 1545 } 1546 1547 spdk_json_write_array_end(w); 1548 } 1549 1550 static void 1551 vhost_scsi_write_config_json(struct spdk_vhost_dev *vdev, struct spdk_json_write_ctx *w) 1552 { 1553 struct spdk_scsi_dev *scsi_dev; 1554 struct spdk_scsi_lun *lun; 1555 uint32_t i; 1556 1557 spdk_json_write_object_begin(w); 1558 spdk_json_write_named_string(w, "method", "vhost_create_scsi_controller"); 1559 1560 spdk_json_write_named_object_begin(w, "params"); 1561 spdk_json_write_named_string(w, "ctrlr", vdev->name); 1562 spdk_json_write_named_string(w, "cpumask", 1563 spdk_cpuset_fmt(spdk_thread_get_cpumask(vdev->thread))); 1564 spdk_json_write_object_end(w); 1565 1566 spdk_json_write_object_end(w); 1567 1568 for (i = 0; i < SPDK_VHOST_SCSI_CTRLR_MAX_DEVS; i++) { 1569 scsi_dev = spdk_vhost_scsi_dev_get_tgt(vdev, i); 1570 if (scsi_dev == NULL) { 1571 continue; 1572 } 1573 1574 lun = spdk_scsi_dev_get_lun(scsi_dev, 0); 1575 assert(lun != NULL); 1576 1577 spdk_json_write_object_begin(w); 1578 spdk_json_write_named_string(w, "method", "vhost_scsi_controller_add_target"); 1579 1580 spdk_json_write_named_object_begin(w, "params"); 1581 spdk_json_write_named_string(w, "ctrlr", vdev->name); 1582 spdk_json_write_named_uint32(w, "scsi_target_num", i); 1583 1584 spdk_json_write_named_string(w, "bdev_name", spdk_scsi_lun_get_bdev_name(lun)); 1585 spdk_json_write_object_end(w); 1586 1587 spdk_json_write_object_end(w); 1588 } 1589 } 1590 1591 SPDK_LOG_REGISTER_COMPONENT(vhost_scsi) 1592 SPDK_LOG_REGISTER_COMPONENT(vhost_scsi_queue) 1593 SPDK_LOG_REGISTER_COMPONENT(vhost_scsi_data) 1594