1 /*
   2  * CDDL HEADER START
   3  *
   4  * The contents of this file are subject to the terms of the
   5  * Common Development and Distribution License (the "License").
   6  * You may not use this file except in compliance with the License.
   7  *
   8  * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
   9  * or http://www.opensolaris.org/os/licensing.
  10  * See the License for the specific language governing permissions
  11  * and limitations under the License.
  12  *
  13  * When distributing Covered Code, include this CDDL HEADER in each
  14  * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
  15  * If applicable, add the following below this CDDL HEADER, with the
  16  * fields enclosed by brackets "[]" replaced with your own identifying
  17  * information: Portions Copyright [yyyy] [name of copyright owner]
  18  *
  19  * CDDL HEADER END
  20  */
  21 /*
  22  * Copyright (c) 2008, 2010, Oracle and/or its affiliates. All rights reserved.
  23  */
  24 /*
  25  * Copyright 2012, Nexenta Systems, Inc. All rights reserved.
  26  * Copyright (c) 2013 by Delphix. All rights reserved.
  27  * Copyright (c) 2013 by Saso Kiselkov. All rights reserved.
  28  */
  29 
  30 #include <sys/conf.h>
  31 #include <sys/file.h>
  32 #include <sys/ddi.h>
  33 #include <sys/sunddi.h>
  34 #include <sys/modctl.h>
  35 #include <sys/scsi/scsi.h>
  36 #include <sys/scsi/generic/persist.h>
  37 #include <sys/scsi/impl/scsi_reset_notify.h>
  38 #include <sys/disp.h>
  39 #include <sys/byteorder.h>
  40 #include <sys/atomic.h>
  41 #include <sys/ethernet.h>
  42 #include <sys/sdt.h>
  43 #include <sys/nvpair.h>
  44 #include <sys/zone.h>
  45 #include <sys/id_space.h>
  46 
  47 #include <sys/stmf.h>
  48 #include <sys/lpif.h>
  49 #include <sys/portif.h>
  50 #include <sys/stmf_ioctl.h>
  51 #include <sys/pppt_ic_if.h>
  52 
  53 #include "stmf_impl.h"
  54 #include "lun_map.h"
  55 #include "stmf_state.h"
  56 #include "stmf_stats.h"
  57 
  58 /*
  59  * Lock order:
  60  * stmf_state_lock --> ilport_lock/iss_lockp --> ilu_task_lock
  61  */
  62 
  63 static uint64_t stmf_session_counter = 0;
  64 static uint16_t stmf_rtpid_counter = 0;
  65 /* start messages at 1 */
  66 static uint64_t stmf_proxy_msg_id = 1;
  67 #define MSG_ID_TM_BIT   0x8000000000000000
  68 #define ALIGNED_TO_8BYTE_BOUNDARY(i)    (((i) + 7) & ~7)
  69 
  70 /*
  71  * When stmf_io_deadman_enabled is set to B_TRUE, we check that finishing up
  72  * I/O operations on an offlining LU doesn't take longer than stmf_io_deadman
  73  * seconds. If it does, we trigger a panic to inform the user of hung I/O
  74  * blocking us for too long.
  75  */
  76 boolean_t stmf_io_deadman_enabled = B_TRUE;
  77 int stmf_io_deadman = 1000;                     /* seconds */
  78 
  79 struct stmf_svc_clocks;
  80 
  81 static int stmf_attach(dev_info_t *dip, ddi_attach_cmd_t cmd);
  82 static int stmf_detach(dev_info_t *dip, ddi_detach_cmd_t cmd);
  83 static int stmf_getinfo(dev_info_t *dip, ddi_info_cmd_t cmd, void *arg,
  84         void **result);
  85 static int stmf_open(dev_t *devp, int flag, int otype, cred_t *credp);
  86 static int stmf_close(dev_t dev, int flag, int otype, cred_t *credp);
  87 static int stmf_ioctl(dev_t dev, int cmd, intptr_t data, int mode,
  88         cred_t *credp, int *rval);
  89 static int stmf_get_stmf_state(stmf_state_desc_t *std);
  90 static int stmf_set_stmf_state(stmf_state_desc_t *std);
  91 static void stmf_abort_task_offline(scsi_task_t *task, int offline_lu,
  92     char *info);
  93 static int stmf_set_alua_state(stmf_alua_state_desc_t *alua_state);
  94 static void stmf_get_alua_state(stmf_alua_state_desc_t *alua_state);
  95 
  96 static void stmf_task_audit(stmf_i_scsi_task_t *itask,
  97     task_audit_event_t te, uint32_t cmd_or_iof, stmf_data_buf_t *dbuf);
  98 
  99 static boolean_t stmf_base16_str_to_binary(char *c, int dplen, uint8_t *dp);
 100 static char stmf_ctoi(char c);
 101 stmf_xfer_data_t *stmf_prepare_tpgs_data(uint8_t ilu_alua);
 102 void stmf_svc_init();
 103 stmf_status_t stmf_svc_fini();
 104 void stmf_svc(void *arg);
 105 static void stmf_wait_ilu_tasks_finish(stmf_i_lu_t *ilu);
 106 void stmf_svc_queue(int cmd, void *obj, stmf_state_change_info_t *info);
 107 static void stmf_svc_kill_obj_requests(void *obj);
 108 static void stmf_svc_timeout(struct stmf_svc_clocks *);
 109 void stmf_check_freetask();
 110 void stmf_abort_target_reset(scsi_task_t *task);
 111 stmf_status_t stmf_lun_reset_poll(stmf_lu_t *lu, struct scsi_task *task,
 112                                                         int target_reset);
 113 void stmf_target_reset_poll(struct scsi_task *task);
 114 void stmf_handle_lun_reset(scsi_task_t *task);
 115 void stmf_handle_target_reset(scsi_task_t *task);
 116 void stmf_xd_to_dbuf(stmf_data_buf_t *dbuf, int set_rel_off);
 117 int stmf_load_ppd_ioctl(stmf_ppioctl_data_t *ppi, uint64_t *ppi_token,
 118     uint32_t *err_ret);
 119 int stmf_delete_ppd_ioctl(stmf_ppioctl_data_t *ppi);
 120 int stmf_get_ppd_ioctl(stmf_ppioctl_data_t *ppi, stmf_ppioctl_data_t *ppi_out,
 121     uint32_t *err_ret);
 122 void stmf_delete_ppd(stmf_pp_data_t *ppd);
 123 void stmf_delete_all_ppds();
 124 void stmf_trace_clear();
 125 void stmf_worker_init();
 126 stmf_status_t stmf_worker_fini();
 127 void stmf_worker_mgmt();
 128 void stmf_worker_task(void *arg);
 129 static void stmf_task_lu_free(scsi_task_t *task, stmf_i_scsi_session_t *iss);
 130 static stmf_status_t stmf_ic_lu_reg(stmf_ic_reg_dereg_lun_msg_t *msg,
 131     uint32_t type);
 132 static stmf_status_t stmf_ic_lu_dereg(stmf_ic_reg_dereg_lun_msg_t *msg);
 133 static stmf_status_t stmf_ic_rx_scsi_status(stmf_ic_scsi_status_msg_t *msg);
 134 static stmf_status_t stmf_ic_rx_status(stmf_ic_status_msg_t *msg);
 135 static stmf_status_t stmf_ic_rx_scsi_data(stmf_ic_scsi_data_msg_t *msg);
 136 void stmf_task_lu_killall(stmf_lu_t *lu, scsi_task_t *tm_task, stmf_status_t s);
 137 
 138 /* pppt modhandle */
 139 ddi_modhandle_t pppt_mod;
 140 
 141 /* pppt modload imported functions */
 142 stmf_ic_reg_port_msg_alloc_func_t ic_reg_port_msg_alloc;
 143 stmf_ic_dereg_port_msg_alloc_func_t ic_dereg_port_msg_alloc;
 144 stmf_ic_reg_lun_msg_alloc_func_t ic_reg_lun_msg_alloc;
 145 stmf_ic_dereg_lun_msg_alloc_func_t ic_dereg_lun_msg_alloc;
 146 stmf_ic_lun_active_msg_alloc_func_t ic_lun_active_msg_alloc;
 147 stmf_ic_scsi_cmd_msg_alloc_func_t ic_scsi_cmd_msg_alloc;
 148 stmf_ic_scsi_data_xfer_done_msg_alloc_func_t ic_scsi_data_xfer_done_msg_alloc;
 149 stmf_ic_session_create_msg_alloc_func_t ic_session_reg_msg_alloc;
 150 stmf_ic_session_destroy_msg_alloc_func_t ic_session_dereg_msg_alloc;
 151 stmf_ic_tx_msg_func_t ic_tx_msg;
 152 stmf_ic_msg_free_func_t ic_msg_free;
 153 
 154 static void stmf_itl_task_start(stmf_i_scsi_task_t *itask);
 155 static void stmf_itl_lu_new_task(stmf_i_scsi_task_t *itask);
 156 static void stmf_itl_task_done(stmf_i_scsi_task_t *itask);
 157 
 158 static void stmf_lport_xfer_start(stmf_i_scsi_task_t *itask,
 159     stmf_data_buf_t *dbuf);
 160 static void stmf_lport_xfer_done(stmf_i_scsi_task_t *itask,
 161     stmf_data_buf_t *dbuf);
 162 
 163 static void stmf_update_kstat_lu_q(scsi_task_t *, void());
 164 static void stmf_update_kstat_lport_q(scsi_task_t *, void());
 165 static void stmf_update_kstat_lu_io(scsi_task_t *, stmf_data_buf_t *);
 166 static void stmf_update_kstat_lport_io(scsi_task_t *, stmf_data_buf_t *);
 167 
 168 static int stmf_irport_compare(const void *void_irport1,
 169     const void *void_irport2);
 170 static stmf_i_remote_port_t *stmf_irport_create(scsi_devid_desc_t *rport_devid);
 171 static void stmf_irport_destroy(stmf_i_remote_port_t *irport);
 172 static stmf_i_remote_port_t *stmf_irport_register(
 173     scsi_devid_desc_t *rport_devid);
 174 static stmf_i_remote_port_t *stmf_irport_lookup_locked(
 175     scsi_devid_desc_t *rport_devid);
 176 static void stmf_irport_deregister(stmf_i_remote_port_t *irport);
 177 
 178 extern struct mod_ops mod_driverops;
 179 
 180 /* =====[ Tunables ]===== */
 181 /* Internal tracing */
 182 volatile int    stmf_trace_on = 1;
 183 volatile int    stmf_trace_buf_size = (1 * 1024 * 1024);
 184 /*
 185  * The reason default task timeout is 75 is because we want the
 186  * host to timeout 1st and mostly host timeout is 60 seconds.
 187  */
 188 volatile int    stmf_default_task_timeout = 75;
 189 /*
 190  * Setting this to one means, you are responsible for config load and keeping
 191  * things in sync with persistent database.
 192  */
 193 volatile int    stmf_allow_modunload = 0;
 194 
 195 volatile int stmf_max_nworkers = 256;
 196 volatile int stmf_min_nworkers = 4;
 197 volatile int stmf_worker_scale_down_delay = 20;
 198 
 199 /* === [ Debugging and fault injection ] === */
 200 #ifdef  DEBUG
 201 volatile int stmf_drop_task_counter = 0;
 202 volatile int stmf_drop_buf_counter = 0;
 203 
 204 #endif
 205 
 206 stmf_state_t            stmf_state;
 207 static stmf_lu_t        *dlun0;
 208 
 209 static uint8_t stmf_first_zero[] =
 210         { 0, 1, 0, 2, 0, 1, 0, 3, 0, 1, 0, 2, 0, 1, 0, 0xff };
 211 static uint8_t stmf_first_one[] =
 212         { 0xff, 0, 1, 0, 2, 0, 1, 0, 3, 0, 1, 0, 2, 0, 1, 0 };
 213 
 214 static kmutex_t trace_buf_lock;
 215 static int      trace_buf_size;
 216 static int      trace_buf_curndx;
 217 caddr_t stmf_trace_buf;
 218 
 219 static enum {
 220         STMF_WORKERS_DISABLED = 0,
 221         STMF_WORKERS_ENABLING,
 222         STMF_WORKERS_ENABLED
 223 } stmf_workers_state = STMF_WORKERS_DISABLED;
 224 static int stmf_i_max_nworkers;
 225 static int stmf_i_min_nworkers;
 226 static int stmf_nworkers_cur;           /* # of workers currently running */
 227 static int stmf_nworkers_needed;        /* # of workers need to be running */
 228 static int stmf_worker_sel_counter = 0;
 229 static uint32_t stmf_cur_ntasks = 0;
 230 static clock_t stmf_wm_last = 0;
 231 /*
 232  * This is equal to stmf_nworkers_cur while we are increasing # workers and
 233  * stmf_nworkers_needed while we are decreasing the worker count.
 234  */
 235 static int stmf_nworkers_accepting_cmds;
 236 static stmf_worker_t *stmf_workers = NULL;
 237 static clock_t stmf_worker_mgmt_delay = 2;
 238 static clock_t stmf_worker_scale_down_timer = 0;
 239 static int stmf_worker_scale_down_qd = 0;
 240 
 241 static struct cb_ops stmf_cb_ops = {
 242         stmf_open,                      /* open */
 243         stmf_close,                     /* close */
 244         nodev,                          /* strategy */
 245         nodev,                          /* print */
 246         nodev,                          /* dump */
 247         nodev,                          /* read */
 248         nodev,                          /* write */
 249         stmf_ioctl,                     /* ioctl */
 250         nodev,                          /* devmap */
 251         nodev,                          /* mmap */
 252         nodev,                          /* segmap */
 253         nochpoll,                       /* chpoll */
 254         ddi_prop_op,                    /* cb_prop_op */
 255         0,                              /* streamtab */
 256         D_NEW | D_MP,                   /* cb_flag */
 257         CB_REV,                         /* rev */
 258         nodev,                          /* aread */
 259         nodev                           /* awrite */
 260 };
 261 
 262 static struct dev_ops stmf_ops = {
 263         DEVO_REV,
 264         0,
 265         stmf_getinfo,
 266         nulldev,                /* identify */
 267         nulldev,                /* probe */
 268         stmf_attach,
 269         stmf_detach,
 270         nodev,                  /* reset */
 271         &stmf_cb_ops,
 272         NULL,                   /* bus_ops */
 273         NULL                    /* power */
 274 };
 275 
 276 #define STMF_NAME               "COMSTAR STMF"
 277 #define STMF_MODULE_NAME        "stmf"
 278 
 279 static struct modldrv modldrv = {
 280         &mod_driverops,
 281         STMF_NAME,
 282         &stmf_ops
 283 };
 284 
 285 static struct modlinkage modlinkage = {
 286         MODREV_1,
 287         &modldrv,
 288         NULL
 289 };
 290 
 291 int
 292 _init(void)
 293 {
 294         int ret;
 295 
 296         ret = mod_install(&modlinkage);
 297         if (ret)
 298                 return (ret);
 299         stmf_trace_buf = kmem_zalloc(stmf_trace_buf_size, KM_SLEEP);
 300         trace_buf_size = stmf_trace_buf_size;
 301         trace_buf_curndx = 0;
 302         mutex_init(&trace_buf_lock, NULL, MUTEX_DRIVER, 0);
 303         bzero(&stmf_state, sizeof (stmf_state_t));
 304         /* STMF service is off by default */
 305         stmf_state.stmf_service_running = 0;
 306         /* default lu/lport states are online */
 307         stmf_state.stmf_default_lu_state = STMF_STATE_ONLINE;
 308         stmf_state.stmf_default_lport_state = STMF_STATE_ONLINE;
 309         mutex_init(&stmf_state.stmf_lock, NULL, MUTEX_DRIVER, NULL);
 310         cv_init(&stmf_state.stmf_cv, NULL, CV_DRIVER, NULL);
 311         stmf_session_counter = (uint64_t)ddi_get_lbolt();
 312         avl_create(&stmf_state.stmf_irportlist,
 313             stmf_irport_compare, sizeof (stmf_i_remote_port_t),
 314             offsetof(stmf_i_remote_port_t, irport_ln));
 315         stmf_state.stmf_ilport_inst_space =
 316             id_space_create("lport-instances", 0, MAX_ILPORT);
 317         stmf_state.stmf_irport_inst_space =
 318             id_space_create("rport-instances", 0, MAX_IRPORT);
 319         stmf_view_init();
 320         stmf_svc_init();
 321         stmf_dlun_init();
 322         return (ret);
 323 }
 324 
 325 int
 326 _fini(void)
 327 {
 328         int ret;
 329         stmf_i_remote_port_t    *irport;
 330         void                    *avl_dest_cookie = NULL;
 331 
 332         if (stmf_state.stmf_service_running)
 333                 return (EBUSY);
 334         if ((!stmf_allow_modunload) &&
 335             (stmf_state.stmf_config_state != STMF_CONFIG_NONE)) {
 336                 return (EBUSY);
 337         }
 338         if (stmf_state.stmf_nlps || stmf_state.stmf_npps) {
 339                 return (EBUSY);
 340         }
 341         if (stmf_dlun_fini() != STMF_SUCCESS)
 342                 return (EBUSY);
 343         if (stmf_worker_fini() != STMF_SUCCESS) {
 344                 stmf_dlun_init();
 345                 return (EBUSY);
 346         }
 347         if (stmf_svc_fini() != STMF_SUCCESS) {
 348                 stmf_dlun_init();
 349                 stmf_worker_init();
 350                 return (EBUSY);
 351         }
 352 
 353         ret = mod_remove(&modlinkage);
 354         if (ret) {
 355                 stmf_svc_init();
 356                 stmf_dlun_init();
 357                 stmf_worker_init();
 358                 return (ret);
 359         }
 360 
 361         stmf_view_clear_config();
 362 
 363         while ((irport = avl_destroy_nodes(&stmf_state.stmf_irportlist,
 364             &avl_dest_cookie)) != NULL)
 365                 stmf_irport_destroy(irport);
 366         avl_destroy(&stmf_state.stmf_irportlist);
 367         id_space_destroy(stmf_state.stmf_ilport_inst_space);
 368         id_space_destroy(stmf_state.stmf_irport_inst_space);
 369 
 370         kmem_free(stmf_trace_buf, stmf_trace_buf_size);
 371         mutex_destroy(&trace_buf_lock);
 372         mutex_destroy(&stmf_state.stmf_lock);
 373         cv_destroy(&stmf_state.stmf_cv);
 374         return (ret);
 375 }
 376 
 377 int
 378 _info(struct modinfo *modinfop)
 379 {
 380         return (mod_info(&modlinkage, modinfop));
 381 }
 382 
 383 /* ARGSUSED */
 384 static int
 385 stmf_getinfo(dev_info_t *dip, ddi_info_cmd_t cmd, void *arg, void **result)
 386 {
 387         switch (cmd) {
 388         case DDI_INFO_DEVT2DEVINFO:
 389                 *result = stmf_state.stmf_dip;
 390                 break;
 391         case DDI_INFO_DEVT2INSTANCE:
 392                 *result =
 393                     (void *)(uintptr_t)ddi_get_instance(stmf_state.stmf_dip);
 394                 break;
 395         default:
 396                 return (DDI_FAILURE);
 397         }
 398 
 399         return (DDI_SUCCESS);
 400 }
 401 
 402 static int
 403 stmf_attach(dev_info_t *dip, ddi_attach_cmd_t cmd)
 404 {
 405         switch (cmd) {
 406         case DDI_ATTACH:
 407                 stmf_state.stmf_dip = dip;
 408 
 409                 if (ddi_create_minor_node(dip, "admin", S_IFCHR, 0,
 410                     DDI_NT_STMF, 0) != DDI_SUCCESS) {
 411                         break;
 412                 }
 413                 ddi_report_dev(dip);
 414                 return (DDI_SUCCESS);
 415         }
 416 
 417         return (DDI_FAILURE);
 418 }
 419 
 420 static int
 421 stmf_detach(dev_info_t *dip, ddi_detach_cmd_t cmd)
 422 {
 423         switch (cmd) {
 424         case DDI_DETACH:
 425                 ddi_remove_minor_node(dip, 0);
 426                 return (DDI_SUCCESS);
 427         }
 428 
 429         return (DDI_FAILURE);
 430 }
 431 
 432 /* ARGSUSED */
 433 static int
 434 stmf_open(dev_t *devp, int flag, int otype, cred_t *credp)
 435 {
 436         mutex_enter(&stmf_state.stmf_lock);
 437         if (stmf_state.stmf_exclusive_open) {
 438                 mutex_exit(&stmf_state.stmf_lock);
 439                 return (EBUSY);
 440         }
 441         if (flag & FEXCL) {
 442                 if (stmf_state.stmf_opened) {
 443                         mutex_exit(&stmf_state.stmf_lock);
 444                         return (EBUSY);
 445                 }
 446                 stmf_state.stmf_exclusive_open = 1;
 447         }
 448         stmf_state.stmf_opened = 1;
 449         mutex_exit(&stmf_state.stmf_lock);
 450         return (0);
 451 }
 452 
 453 /* ARGSUSED */
 454 static int
 455 stmf_close(dev_t dev, int flag, int otype, cred_t *credp)
 456 {
 457         mutex_enter(&stmf_state.stmf_lock);
 458         stmf_state.stmf_opened = 0;
 459         if (stmf_state.stmf_exclusive_open &&
 460             (stmf_state.stmf_config_state != STMF_CONFIG_INIT_DONE)) {
 461                 stmf_state.stmf_config_state = STMF_CONFIG_NONE;
 462                 stmf_delete_all_ppds();
 463                 stmf_view_clear_config();
 464                 stmf_view_init();
 465         }
 466         stmf_state.stmf_exclusive_open = 0;
 467         mutex_exit(&stmf_state.stmf_lock);
 468         return (0);
 469 }
 470 
 471 int
 472 stmf_copyin_iocdata(intptr_t data, int mode, stmf_iocdata_t **iocd,
 473                                                 void **ibuf, void **obuf)
 474 {
 475         int ret;
 476 
 477         *ibuf = NULL;
 478         *obuf = NULL;
 479         *iocd = kmem_zalloc(sizeof (stmf_iocdata_t), KM_SLEEP);
 480 
 481         ret = ddi_copyin((void *)data, *iocd, sizeof (stmf_iocdata_t), mode);
 482         if (ret)
 483                 return (EFAULT);
 484         if ((*iocd)->stmf_version != STMF_VERSION_1) {
 485                 ret = EINVAL;
 486                 goto copyin_iocdata_done;
 487         }
 488         if ((*iocd)->stmf_ibuf_size) {
 489                 *ibuf = kmem_zalloc((*iocd)->stmf_ibuf_size, KM_SLEEP);
 490                 ret = ddi_copyin((void *)((unsigned long)(*iocd)->stmf_ibuf),
 491                     *ibuf, (*iocd)->stmf_ibuf_size, mode);
 492         }
 493         if ((*iocd)->stmf_obuf_size)
 494                 *obuf = kmem_zalloc((*iocd)->stmf_obuf_size, KM_SLEEP);
 495 
 496         if (ret == 0)
 497                 return (0);
 498         ret = EFAULT;
 499 copyin_iocdata_done:;
 500         if (*obuf) {
 501                 kmem_free(*obuf, (*iocd)->stmf_obuf_size);
 502                 *obuf = NULL;
 503         }
 504         if (*ibuf) {
 505                 kmem_free(*ibuf, (*iocd)->stmf_ibuf_size);
 506                 *ibuf = NULL;
 507         }
 508         kmem_free(*iocd, sizeof (stmf_iocdata_t));
 509         return (ret);
 510 }
 511 
 512 int
 513 stmf_copyout_iocdata(intptr_t data, int mode, stmf_iocdata_t *iocd, void *obuf)
 514 {
 515         int ret;
 516 
 517         if (iocd->stmf_obuf_size) {
 518                 ret = ddi_copyout(obuf, (void *)(unsigned long)iocd->stmf_obuf,
 519                     iocd->stmf_obuf_size, mode);
 520                 if (ret)
 521                         return (EFAULT);
 522         }
 523         ret = ddi_copyout(iocd, (void *)data, sizeof (stmf_iocdata_t), mode);
 524         if (ret)
 525                 return (EFAULT);
 526         return (0);
 527 }
 528 
 529 /* ARGSUSED */
 530 static int
 531 stmf_ioctl(dev_t dev, int cmd, intptr_t data, int mode,
 532         cred_t *credp, int *rval)
 533 {
 534         stmf_iocdata_t *iocd;
 535         void *ibuf = NULL, *obuf = NULL;
 536         slist_lu_t *luid_list;
 537         slist_target_port_t *lportid_list;
 538         stmf_i_lu_t *ilu;
 539         stmf_i_local_port_t *ilport;
 540         stmf_i_scsi_session_t *iss;
 541         slist_scsi_session_t *iss_list;
 542         sioc_lu_props_t *lup;
 543         sioc_target_port_props_t *lportp;
 544         stmf_ppioctl_data_t *ppi, *ppi_out = NULL;
 545         uint64_t *ppi_token = NULL;
 546         uint8_t *p_id, *id;
 547         stmf_state_desc_t *std;
 548         stmf_status_t ctl_ret;
 549         stmf_state_change_info_t ssi;
 550         int ret = 0;
 551         uint32_t n;
 552         int i;
 553         stmf_group_op_data_t *grp_entry;
 554         stmf_group_name_t *grpname;
 555         stmf_view_op_entry_t *ve;
 556         stmf_id_type_t idtype;
 557         stmf_id_data_t *id_entry;
 558         stmf_id_list_t  *id_list;
 559         stmf_view_entry_t *view_entry;
 560         stmf_set_props_t *stmf_set_props;
 561         uint32_t        veid;
 562         if ((cmd & 0xff000000) != STMF_IOCTL) {
 563                 return (ENOTTY);
 564         }
 565 
 566         if (drv_priv(credp) != 0) {
 567                 return (EPERM);
 568         }
 569 
 570         ret = stmf_copyin_iocdata(data, mode, &iocd, &ibuf, &obuf);
 571         if (ret)
 572                 return (ret);
 573         iocd->stmf_error = 0;
 574 
 575         switch (cmd) {
 576         case STMF_IOCTL_LU_LIST:
 577                 /* retrieves both registered/unregistered */
 578                 mutex_enter(&stmf_state.stmf_lock);
 579                 id_list = &stmf_state.stmf_luid_list;
 580                 n = min(id_list->id_count,
 581                     (iocd->stmf_obuf_size)/sizeof (slist_lu_t));
 582                 iocd->stmf_obuf_max_nentries = id_list->id_count;
 583                 luid_list = (slist_lu_t *)obuf;
 584                 id_entry = id_list->idl_head;
 585                 for (i = 0; i < n; i++) {
 586                         bcopy(id_entry->id_data, luid_list[i].lu_guid, 16);
 587                         id_entry = id_entry->id_next;
 588                 }
 589 
 590                 n = iocd->stmf_obuf_size/sizeof (slist_lu_t);
 591                 for (ilu = stmf_state.stmf_ilulist; ilu; ilu = ilu->ilu_next) {
 592                         id = (uint8_t *)ilu->ilu_lu->lu_id;
 593                         if (stmf_lookup_id(id_list, 16, id + 4) == NULL) {
 594                                 iocd->stmf_obuf_max_nentries++;
 595                                 if (i < n) {
 596                                         bcopy(id + 4, luid_list[i].lu_guid,
 597                                             sizeof (slist_lu_t));
 598                                         i++;
 599                                 }
 600                         }
 601                 }
 602                 iocd->stmf_obuf_nentries = i;
 603                 mutex_exit(&stmf_state.stmf_lock);
 604                 break;
 605 
 606         case STMF_IOCTL_REG_LU_LIST:
 607                 mutex_enter(&stmf_state.stmf_lock);
 608                 iocd->stmf_obuf_max_nentries = stmf_state.stmf_nlus;
 609                 n = min(stmf_state.stmf_nlus,
 610                     (iocd->stmf_obuf_size)/sizeof (slist_lu_t));
 611                 iocd->stmf_obuf_nentries = n;
 612                 ilu = stmf_state.stmf_ilulist;
 613                 luid_list = (slist_lu_t *)obuf;
 614                 for (i = 0; i < n; i++) {
 615                         uint8_t *id;
 616                         id = (uint8_t *)ilu->ilu_lu->lu_id;
 617                         bcopy(id + 4, luid_list[i].lu_guid, 16);
 618                         ilu = ilu->ilu_next;
 619                 }
 620                 mutex_exit(&stmf_state.stmf_lock);
 621                 break;
 622 
 623         case STMF_IOCTL_VE_LU_LIST:
 624                 mutex_enter(&stmf_state.stmf_lock);
 625                 id_list = &stmf_state.stmf_luid_list;
 626                 n = min(id_list->id_count,
 627                     (iocd->stmf_obuf_size)/sizeof (slist_lu_t));
 628                 iocd->stmf_obuf_max_nentries = id_list->id_count;
 629                 iocd->stmf_obuf_nentries = n;
 630                 luid_list = (slist_lu_t *)obuf;
 631                 id_entry = id_list->idl_head;
 632                 for (i = 0; i < n; i++) {
 633                         bcopy(id_entry->id_data, luid_list[i].lu_guid, 16);
 634                         id_entry = id_entry->id_next;
 635                 }
 636                 mutex_exit(&stmf_state.stmf_lock);
 637                 break;
 638 
 639         case STMF_IOCTL_TARGET_PORT_LIST:
 640                 mutex_enter(&stmf_state.stmf_lock);
 641                 iocd->stmf_obuf_max_nentries = stmf_state.stmf_nlports;
 642                 n = min(stmf_state.stmf_nlports,
 643                     (iocd->stmf_obuf_size)/sizeof (slist_target_port_t));
 644                 iocd->stmf_obuf_nentries = n;
 645                 ilport = stmf_state.stmf_ilportlist;
 646                 lportid_list = (slist_target_port_t *)obuf;
 647                 for (i = 0; i < n; i++) {
 648                         uint8_t *id;
 649                         id = (uint8_t *)ilport->ilport_lport->lport_id;
 650                         bcopy(id, lportid_list[i].target, id[3] + 4);
 651                         ilport = ilport->ilport_next;
 652                 }
 653                 mutex_exit(&stmf_state.stmf_lock);
 654                 break;
 655 
 656         case STMF_IOCTL_SESSION_LIST:
 657                 p_id = (uint8_t *)ibuf;
 658                 if ((p_id == NULL) || (iocd->stmf_ibuf_size < 4) ||
 659                     (iocd->stmf_ibuf_size < (p_id[3] + 4))) {
 660                         ret = EINVAL;
 661                         break;
 662                 }
 663                 mutex_enter(&stmf_state.stmf_lock);
 664                 for (ilport = stmf_state.stmf_ilportlist; ilport; ilport =
 665                     ilport->ilport_next) {
 666                         uint8_t *id;
 667                         id = (uint8_t *)ilport->ilport_lport->lport_id;
 668                         if ((p_id[3] == id[3]) &&
 669                             (bcmp(p_id + 4, id + 4, id[3]) == 0)) {
 670                                 break;
 671                         }
 672                 }
 673                 if (ilport == NULL) {
 674                         mutex_exit(&stmf_state.stmf_lock);
 675                         ret = ENOENT;
 676                         break;
 677                 }
 678                 iocd->stmf_obuf_max_nentries = ilport->ilport_nsessions;
 679                 n = min(ilport->ilport_nsessions,
 680                     (iocd->stmf_obuf_size)/sizeof (slist_scsi_session_t));
 681                 iocd->stmf_obuf_nentries = n;
 682                 iss = ilport->ilport_ss_list;
 683                 iss_list = (slist_scsi_session_t *)obuf;
 684                 for (i = 0; i < n; i++) {
 685                         uint8_t *id;
 686                         id = (uint8_t *)iss->iss_ss->ss_rport_id;
 687                         bcopy(id, iss_list[i].initiator, id[3] + 4);
 688                         iss_list[i].creation_time = (uint32_t)
 689                             iss->iss_creation_time;
 690                         if (iss->iss_ss->ss_rport_alias) {
 691                                 (void) strncpy(iss_list[i].alias,
 692                                     iss->iss_ss->ss_rport_alias, 255);
 693                                 iss_list[i].alias[255] = 0;
 694                         } else {
 695                                 iss_list[i].alias[0] = 0;
 696                         }
 697                         iss = iss->iss_next;
 698                 }
 699                 mutex_exit(&stmf_state.stmf_lock);
 700                 break;
 701 
 702         case STMF_IOCTL_GET_LU_PROPERTIES:
 703                 p_id = (uint8_t *)ibuf;
 704                 if ((iocd->stmf_ibuf_size < 16) ||
 705                     (iocd->stmf_obuf_size < sizeof (sioc_lu_props_t)) ||
 706                     (p_id[0] == 0)) {
 707                         ret = EINVAL;
 708                         break;
 709                 }
 710                 mutex_enter(&stmf_state.stmf_lock);
 711                 for (ilu = stmf_state.stmf_ilulist; ilu; ilu = ilu->ilu_next) {
 712                         if (bcmp(p_id, ilu->ilu_lu->lu_id->ident, 16) == 0)
 713                                 break;
 714                 }
 715                 if (ilu == NULL) {
 716                         mutex_exit(&stmf_state.stmf_lock);
 717                         ret = ENOENT;
 718                         break;
 719                 }
 720                 lup = (sioc_lu_props_t *)obuf;
 721                 bcopy(ilu->ilu_lu->lu_id->ident, lup->lu_guid, 16);
 722                 lup->lu_state = ilu->ilu_state & 0x0f;
 723                 lup->lu_present = 1; /* XXX */
 724                 (void) strncpy(lup->lu_provider_name,
 725                     ilu->ilu_lu->lu_lp->lp_name, 255);
 726                 lup->lu_provider_name[254] = 0;
 727                 if (ilu->ilu_lu->lu_alias) {
 728                         (void) strncpy(lup->lu_alias,
 729                             ilu->ilu_lu->lu_alias, 255);
 730                         lup->lu_alias[255] = 0;
 731                 } else {
 732                         lup->lu_alias[0] = 0;
 733                 }
 734                 mutex_exit(&stmf_state.stmf_lock);
 735                 break;
 736 
 737         case STMF_IOCTL_GET_TARGET_PORT_PROPERTIES:
 738                 p_id = (uint8_t *)ibuf;
 739                 if ((p_id == NULL) ||
 740                     (iocd->stmf_ibuf_size < (p_id[3] + 4)) ||
 741                     (iocd->stmf_obuf_size <
 742                     sizeof (sioc_target_port_props_t))) {
 743                         ret = EINVAL;
 744                         break;
 745                 }
 746                 mutex_enter(&stmf_state.stmf_lock);
 747                 for (ilport = stmf_state.stmf_ilportlist; ilport;
 748                     ilport = ilport->ilport_next) {
 749                         uint8_t *id;
 750                         id = (uint8_t *)ilport->ilport_lport->lport_id;
 751                         if ((p_id[3] == id[3]) &&
 752                             (bcmp(p_id+4, id+4, id[3]) == 0))
 753                                 break;
 754                 }
 755                 if (ilport == NULL) {
 756                         mutex_exit(&stmf_state.stmf_lock);
 757                         ret = ENOENT;
 758                         break;
 759                 }
 760                 lportp = (sioc_target_port_props_t *)obuf;
 761                 bcopy(ilport->ilport_lport->lport_id, lportp->tgt_id,
 762                     ilport->ilport_lport->lport_id->ident_length + 4);
 763                 lportp->tgt_state = ilport->ilport_state & 0x0f;
 764                 lportp->tgt_present = 1; /* XXX */
 765                 (void) strncpy(lportp->tgt_provider_name,
 766                     ilport->ilport_lport->lport_pp->pp_name, 255);
 767                 lportp->tgt_provider_name[254] = 0;
 768                 if (ilport->ilport_lport->lport_alias) {
 769                         (void) strncpy(lportp->tgt_alias,
 770                             ilport->ilport_lport->lport_alias, 255);
 771                         lportp->tgt_alias[255] = 0;
 772                 } else {
 773                         lportp->tgt_alias[0] = 0;
 774                 }
 775                 mutex_exit(&stmf_state.stmf_lock);
 776                 break;
 777 
 778         case STMF_IOCTL_SET_STMF_STATE:
 779                 if ((ibuf == NULL) ||
 780                     (iocd->stmf_ibuf_size < sizeof (stmf_state_desc_t))) {
 781                         ret = EINVAL;
 782                         break;
 783                 }
 784                 ret = stmf_set_stmf_state((stmf_state_desc_t *)ibuf);
 785                 break;
 786 
 787         case STMF_IOCTL_GET_STMF_STATE:
 788                 if ((obuf == NULL) ||
 789                     (iocd->stmf_obuf_size < sizeof (stmf_state_desc_t))) {
 790                         ret = EINVAL;
 791                         break;
 792                 }
 793                 ret = stmf_get_stmf_state((stmf_state_desc_t *)obuf);
 794                 break;
 795 
 796         case STMF_IOCTL_SET_ALUA_STATE:
 797                 if ((ibuf == NULL) ||
 798                     (iocd->stmf_ibuf_size < sizeof (stmf_alua_state_desc_t))) {
 799                         ret = EINVAL;
 800                         break;
 801                 }
 802                 ret = stmf_set_alua_state((stmf_alua_state_desc_t *)ibuf);
 803                 break;
 804 
 805         case STMF_IOCTL_GET_ALUA_STATE:
 806                 if ((obuf == NULL) ||
 807                     (iocd->stmf_obuf_size < sizeof (stmf_alua_state_desc_t))) {
 808                         ret = EINVAL;
 809                         break;
 810                 }
 811                 stmf_get_alua_state((stmf_alua_state_desc_t *)obuf);
 812                 break;
 813 
 814         case STMF_IOCTL_SET_LU_STATE:
 815                 ssi.st_rflags = STMF_RFLAG_USER_REQUEST;
 816                 ssi.st_additional_info = NULL;
 817                 std = (stmf_state_desc_t *)ibuf;
 818                 if ((ibuf == NULL) ||
 819                     (iocd->stmf_ibuf_size < sizeof (stmf_state_desc_t))) {
 820                         ret = EINVAL;
 821                         break;
 822                 }
 823                 p_id = std->ident;
 824                 mutex_enter(&stmf_state.stmf_lock);
 825                 if (stmf_state.stmf_inventory_locked) {
 826                         mutex_exit(&stmf_state.stmf_lock);
 827                         ret = EBUSY;
 828                         break;
 829                 }
 830                 for (ilu = stmf_state.stmf_ilulist; ilu; ilu = ilu->ilu_next) {
 831                         if (bcmp(p_id, ilu->ilu_lu->lu_id->ident, 16) == 0)
 832                                 break;
 833                 }
 834                 if (ilu == NULL) {
 835                         mutex_exit(&stmf_state.stmf_lock);
 836                         ret = ENOENT;
 837                         break;
 838                 }
 839                 stmf_state.stmf_inventory_locked = 1;
 840                 mutex_exit(&stmf_state.stmf_lock);
 841                 cmd = (std->state == STMF_STATE_ONLINE) ? STMF_CMD_LU_ONLINE :
 842                     STMF_CMD_LU_OFFLINE;
 843                 ctl_ret = stmf_ctl(cmd, (void *)ilu->ilu_lu, &ssi);
 844                 if (ctl_ret == STMF_ALREADY)
 845                         ret = 0;
 846                 else if (ctl_ret == STMF_BUSY)
 847                         ret = EBUSY;
 848                 else if (ctl_ret != STMF_SUCCESS)
 849                         ret = EIO;
 850                 mutex_enter(&stmf_state.stmf_lock);
 851                 stmf_state.stmf_inventory_locked = 0;
 852                 mutex_exit(&stmf_state.stmf_lock);
 853                 break;
 854 
 855         case STMF_IOCTL_SET_STMF_PROPS:
 856                 if ((ibuf == NULL) ||
 857                     (iocd->stmf_ibuf_size < sizeof (stmf_set_props_t))) {
 858                         ret = EINVAL;
 859                         break;
 860                 }
 861                 stmf_set_props = (stmf_set_props_t *)ibuf;
 862                 mutex_enter(&stmf_state.stmf_lock);
 863                 if ((stmf_set_props->default_lu_state_value ==
 864                     STMF_STATE_OFFLINE) ||
 865                     (stmf_set_props->default_lu_state_value ==
 866                     STMF_STATE_ONLINE)) {
 867                         stmf_state.stmf_default_lu_state =
 868                             stmf_set_props->default_lu_state_value;
 869                 }
 870                 if ((stmf_set_props->default_target_state_value ==
 871                     STMF_STATE_OFFLINE) ||
 872                     (stmf_set_props->default_target_state_value ==
 873                     STMF_STATE_ONLINE)) {
 874                         stmf_state.stmf_default_lport_state =
 875                             stmf_set_props->default_target_state_value;
 876                 }
 877 
 878                 mutex_exit(&stmf_state.stmf_lock);
 879                 break;
 880 
 881         case STMF_IOCTL_SET_TARGET_PORT_STATE:
 882                 ssi.st_rflags = STMF_RFLAG_USER_REQUEST;
 883                 ssi.st_additional_info = NULL;
 884                 std = (stmf_state_desc_t *)ibuf;
 885                 if ((ibuf == NULL) ||
 886                     (iocd->stmf_ibuf_size < sizeof (stmf_state_desc_t))) {
 887                         ret = EINVAL;
 888                         break;
 889                 }
 890                 p_id = std->ident;
 891                 mutex_enter(&stmf_state.stmf_lock);
 892                 if (stmf_state.stmf_inventory_locked) {
 893                         mutex_exit(&stmf_state.stmf_lock);
 894                         ret = EBUSY;
 895                         break;
 896                 }
 897                 for (ilport = stmf_state.stmf_ilportlist; ilport;
 898                     ilport = ilport->ilport_next) {
 899                         uint8_t *id;
 900                         id = (uint8_t *)ilport->ilport_lport->lport_id;
 901                         if ((id[3] == p_id[3]) &&
 902                             (bcmp(id+4, p_id+4, id[3]) == 0)) {
 903                                 break;
 904                         }
 905                 }
 906                 if (ilport == NULL) {
 907                         mutex_exit(&stmf_state.stmf_lock);
 908                         ret = ENOENT;
 909                         break;
 910                 }
 911                 stmf_state.stmf_inventory_locked = 1;
 912                 mutex_exit(&stmf_state.stmf_lock);
 913                 cmd = (std->state == STMF_STATE_ONLINE) ?
 914                     STMF_CMD_LPORT_ONLINE : STMF_CMD_LPORT_OFFLINE;
 915                 ctl_ret = stmf_ctl(cmd, (void *)ilport->ilport_lport, &ssi);
 916                 if (ctl_ret == STMF_ALREADY)
 917                         ret = 0;
 918                 else if (ctl_ret == STMF_BUSY)
 919                         ret = EBUSY;
 920                 else if (ctl_ret != STMF_SUCCESS)
 921                         ret = EIO;
 922                 mutex_enter(&stmf_state.stmf_lock);
 923                 stmf_state.stmf_inventory_locked = 0;
 924                 mutex_exit(&stmf_state.stmf_lock);
 925                 break;
 926 
 927         case STMF_IOCTL_ADD_HG_ENTRY:
 928                 idtype = STMF_ID_TYPE_HOST;
 929                 /* FALLTHROUGH */
 930         case STMF_IOCTL_ADD_TG_ENTRY:
 931                 if (stmf_state.stmf_config_state == STMF_CONFIG_NONE) {
 932                         ret = EACCES;
 933                         iocd->stmf_error = STMF_IOCERR_UPDATE_NEED_CFG_INIT;
 934                         break;
 935                 }
 936                 if (cmd == STMF_IOCTL_ADD_TG_ENTRY) {
 937                         idtype = STMF_ID_TYPE_TARGET;
 938                 }
 939                 grp_entry = (stmf_group_op_data_t *)ibuf;
 940                 if ((ibuf == NULL) ||
 941                     (iocd->stmf_ibuf_size < sizeof (stmf_group_op_data_t))) {
 942                         ret = EINVAL;
 943                         break;
 944                 }
 945                 if (grp_entry->group.name[0] == '*') {
 946                         ret = EINVAL;
 947                         break; /* not allowed */
 948                 }
 949                 mutex_enter(&stmf_state.stmf_lock);
 950                 ret = stmf_add_group_member(grp_entry->group.name,
 951                     grp_entry->group.name_size,
 952                     grp_entry->ident + 4,
 953                     grp_entry->ident[3],
 954                     idtype,
 955                     &iocd->stmf_error);
 956                 mutex_exit(&stmf_state.stmf_lock);
 957                 break;
 958         case STMF_IOCTL_REMOVE_HG_ENTRY:
 959                 idtype = STMF_ID_TYPE_HOST;
 960                 /* FALLTHROUGH */
 961         case STMF_IOCTL_REMOVE_TG_ENTRY:
 962                 if (stmf_state.stmf_config_state == STMF_CONFIG_NONE) {
 963                         ret = EACCES;
 964                         iocd->stmf_error = STMF_IOCERR_UPDATE_NEED_CFG_INIT;
 965                         break;
 966                 }
 967                 if (cmd == STMF_IOCTL_REMOVE_TG_ENTRY) {
 968                         idtype = STMF_ID_TYPE_TARGET;
 969                 }
 970                 grp_entry = (stmf_group_op_data_t *)ibuf;
 971                 if ((ibuf == NULL) ||
 972                     (iocd->stmf_ibuf_size < sizeof (stmf_group_op_data_t))) {
 973                         ret = EINVAL;
 974                         break;
 975                 }
 976                 if (grp_entry->group.name[0] == '*') {
 977                         ret = EINVAL;
 978                         break; /* not allowed */
 979                 }
 980                 mutex_enter(&stmf_state.stmf_lock);
 981                 ret = stmf_remove_group_member(grp_entry->group.name,
 982                     grp_entry->group.name_size,
 983                     grp_entry->ident + 4,
 984                     grp_entry->ident[3],
 985                     idtype,
 986                     &iocd->stmf_error);
 987                 mutex_exit(&stmf_state.stmf_lock);
 988                 break;
 989         case STMF_IOCTL_CREATE_HOST_GROUP:
 990                 idtype = STMF_ID_TYPE_HOST_GROUP;
 991                 /* FALLTHROUGH */
 992         case STMF_IOCTL_CREATE_TARGET_GROUP:
 993                 if (stmf_state.stmf_config_state == STMF_CONFIG_NONE) {
 994                         ret = EACCES;
 995                         iocd->stmf_error = STMF_IOCERR_UPDATE_NEED_CFG_INIT;
 996                         break;
 997                 }
 998                 grpname = (stmf_group_name_t *)ibuf;
 999 
1000                 if (cmd == STMF_IOCTL_CREATE_TARGET_GROUP)
1001                         idtype = STMF_ID_TYPE_TARGET_GROUP;
1002                 if ((ibuf == NULL) ||
1003                     (iocd->stmf_ibuf_size < sizeof (stmf_group_name_t))) {
1004                         ret = EINVAL;
1005                         break;
1006                 }
1007                 if (grpname->name[0] == '*') {
1008                         ret = EINVAL;
1009                         break; /* not allowed */
1010                 }
1011                 mutex_enter(&stmf_state.stmf_lock);
1012                 ret = stmf_add_group(grpname->name,
1013                     grpname->name_size, idtype, &iocd->stmf_error);
1014                 mutex_exit(&stmf_state.stmf_lock);
1015                 break;
1016         case STMF_IOCTL_REMOVE_HOST_GROUP:
1017                 idtype = STMF_ID_TYPE_HOST_GROUP;
1018                 /* FALLTHROUGH */
1019         case STMF_IOCTL_REMOVE_TARGET_GROUP:
1020                 if (stmf_state.stmf_config_state == STMF_CONFIG_NONE) {
1021                         ret = EACCES;
1022                         iocd->stmf_error = STMF_IOCERR_UPDATE_NEED_CFG_INIT;
1023                         break;
1024                 }
1025                 grpname = (stmf_group_name_t *)ibuf;
1026                 if (cmd == STMF_IOCTL_REMOVE_TARGET_GROUP)
1027                         idtype = STMF_ID_TYPE_TARGET_GROUP;
1028                 if ((ibuf == NULL) ||
1029                     (iocd->stmf_ibuf_size < sizeof (stmf_group_name_t))) {
1030                         ret = EINVAL;
1031                         break;
1032                 }
1033                 if (grpname->name[0] == '*') {
1034                         ret = EINVAL;
1035                         break; /* not allowed */
1036                 }
1037                 mutex_enter(&stmf_state.stmf_lock);
1038                 ret = stmf_remove_group(grpname->name,
1039                     grpname->name_size, idtype, &iocd->stmf_error);
1040                 mutex_exit(&stmf_state.stmf_lock);
1041                 break;
1042         case STMF_IOCTL_VALIDATE_VIEW:
1043         case STMF_IOCTL_ADD_VIEW_ENTRY:
1044                 if (stmf_state.stmf_config_state == STMF_CONFIG_NONE) {
1045                         ret = EACCES;
1046                         iocd->stmf_error = STMF_IOCERR_UPDATE_NEED_CFG_INIT;
1047                         break;
1048                 }
1049                 ve = (stmf_view_op_entry_t *)ibuf;
1050                 if ((ibuf == NULL) ||
1051                     (iocd->stmf_ibuf_size < sizeof (stmf_view_op_entry_t))) {
1052                         ret = EINVAL;
1053                         break;
1054                 }
1055                 if (!ve->ve_lu_number_valid)
1056                         ve->ve_lu_nbr[2] = 0xFF;
1057                 if (ve->ve_all_hosts) {
1058                         ve->ve_host_group.name[0] = '*';
1059                         ve->ve_host_group.name_size = 1;
1060                 }
1061                 if (ve->ve_all_targets) {
1062                         ve->ve_target_group.name[0] = '*';
1063                         ve->ve_target_group.name_size = 1;
1064                 }
1065                 if (ve->ve_ndx_valid)
1066                         veid = ve->ve_ndx;
1067                 else
1068                         veid = 0xffffffff;
1069                 mutex_enter(&stmf_state.stmf_lock);
1070                 if (cmd == STMF_IOCTL_ADD_VIEW_ENTRY) {
1071                         ret = stmf_add_ve(ve->ve_host_group.name,
1072                             ve->ve_host_group.name_size,
1073                             ve->ve_target_group.name,
1074                             ve->ve_target_group.name_size,
1075                             ve->ve_guid,
1076                             &veid,
1077                             ve->ve_lu_nbr,
1078                             &iocd->stmf_error);
1079                 } else {  /* STMF_IOCTL_VALIDATE_VIEW */
1080                         ret = stmf_validate_lun_ve(ve->ve_host_group.name,
1081                             ve->ve_host_group.name_size,
1082                             ve->ve_target_group.name,
1083                             ve->ve_target_group.name_size,
1084                             ve->ve_lu_nbr,
1085                             &iocd->stmf_error);
1086                 }
1087                 mutex_exit(&stmf_state.stmf_lock);
1088                 if (ret == 0 &&
1089                     (!ve->ve_ndx_valid || !ve->ve_lu_number_valid) &&
1090                     iocd->stmf_obuf_size >= sizeof (stmf_view_op_entry_t)) {
1091                         stmf_view_op_entry_t *ve_ret =
1092                             (stmf_view_op_entry_t *)obuf;
1093                         iocd->stmf_obuf_nentries = 1;
1094                         iocd->stmf_obuf_max_nentries = 1;
1095                         if (!ve->ve_ndx_valid) {
1096                                 ve_ret->ve_ndx = veid;
1097                                 ve_ret->ve_ndx_valid = 1;
1098                         }
1099                         if (!ve->ve_lu_number_valid) {
1100                                 ve_ret->ve_lu_number_valid = 1;
1101                                 bcopy(ve->ve_lu_nbr, ve_ret->ve_lu_nbr, 8);
1102                         }
1103                 }
1104                 break;
1105         case STMF_IOCTL_REMOVE_VIEW_ENTRY:
1106                 if (stmf_state.stmf_config_state == STMF_CONFIG_NONE) {
1107                         ret = EACCES;
1108                         iocd->stmf_error = STMF_IOCERR_UPDATE_NEED_CFG_INIT;
1109                         break;
1110                 }
1111                 ve = (stmf_view_op_entry_t *)ibuf;
1112                 if ((ibuf == NULL) ||
1113                     (iocd->stmf_ibuf_size < sizeof (stmf_view_op_entry_t))) {
1114                         ret = EINVAL;
1115                         break;
1116                 }
1117                 if (!ve->ve_ndx_valid) {
1118                         ret = EINVAL;
1119                         break;
1120                 }
1121                 mutex_enter(&stmf_state.stmf_lock);
1122                 ret = stmf_remove_ve_by_id(ve->ve_guid, ve->ve_ndx,
1123                     &iocd->stmf_error);
1124                 mutex_exit(&stmf_state.stmf_lock);
1125                 break;
1126         case STMF_IOCTL_GET_HG_LIST:
1127                 id_list = &stmf_state.stmf_hg_list;
1128                 /* FALLTHROUGH */
1129         case STMF_IOCTL_GET_TG_LIST:
1130                 if (cmd == STMF_IOCTL_GET_TG_LIST)
1131                         id_list = &stmf_state.stmf_tg_list;
1132                 mutex_enter(&stmf_state.stmf_lock);
1133                 iocd->stmf_obuf_max_nentries = id_list->id_count;
1134                 n = min(id_list->id_count,
1135                     (iocd->stmf_obuf_size)/sizeof (stmf_group_name_t));
1136                 iocd->stmf_obuf_nentries = n;
1137                 id_entry = id_list->idl_head;
1138                 grpname = (stmf_group_name_t *)obuf;
1139                 for (i = 0; i < n; i++) {
1140                         if (id_entry->id_data[0] == '*') {
1141                                 if (iocd->stmf_obuf_nentries > 0) {
1142                                         iocd->stmf_obuf_nentries--;
1143                                 }
1144                                 id_entry = id_entry->id_next;
1145                                 continue;
1146                         }
1147                         grpname->name_size = id_entry->id_data_size;
1148                         bcopy(id_entry->id_data, grpname->name,
1149                             id_entry->id_data_size);
1150                         grpname++;
1151                         id_entry = id_entry->id_next;
1152                 }
1153                 mutex_exit(&stmf_state.stmf_lock);
1154                 break;
1155         case STMF_IOCTL_GET_HG_ENTRIES:
1156                 id_list = &stmf_state.stmf_hg_list;
1157                 /* FALLTHROUGH */
1158         case STMF_IOCTL_GET_TG_ENTRIES:
1159                 grpname = (stmf_group_name_t *)ibuf;
1160                 if ((ibuf == NULL) ||
1161                     (iocd->stmf_ibuf_size < sizeof (stmf_group_name_t))) {
1162                         ret = EINVAL;
1163                         break;
1164                 }
1165                 if (cmd == STMF_IOCTL_GET_TG_ENTRIES) {
1166                         id_list = &stmf_state.stmf_tg_list;
1167                 }
1168                 mutex_enter(&stmf_state.stmf_lock);
1169                 id_entry = stmf_lookup_id(id_list, grpname->name_size,
1170                     grpname->name);
1171                 if (!id_entry)
1172                         ret = ENODEV;
1173                 else {
1174                         stmf_ge_ident_t *grp_entry;
1175                         id_list = (stmf_id_list_t *)id_entry->id_impl_specific;
1176                         iocd->stmf_obuf_max_nentries = id_list->id_count;
1177                         n = min(id_list->id_count,
1178                             iocd->stmf_obuf_size/sizeof (stmf_ge_ident_t));
1179                         iocd->stmf_obuf_nentries = n;
1180                         id_entry = id_list->idl_head;
1181                         grp_entry = (stmf_ge_ident_t *)obuf;
1182                         for (i = 0; i < n; i++) {
1183                                 bcopy(id_entry->id_data, grp_entry->ident,
1184                                     id_entry->id_data_size);
1185                                 grp_entry->ident_size = id_entry->id_data_size;
1186                                 id_entry = id_entry->id_next;
1187                                 grp_entry++;
1188                         }
1189                 }
1190                 mutex_exit(&stmf_state.stmf_lock);
1191                 break;
1192 
1193         case STMF_IOCTL_GET_VE_LIST:
1194                 n = iocd->stmf_obuf_size/sizeof (stmf_view_op_entry_t);
1195                 mutex_enter(&stmf_state.stmf_lock);
1196                 ve = (stmf_view_op_entry_t *)obuf;
1197                 for (id_entry = stmf_state.stmf_luid_list.idl_head;
1198                     id_entry; id_entry = id_entry->id_next) {
1199                         for (view_entry = (stmf_view_entry_t *)
1200                             id_entry->id_impl_specific; view_entry;
1201                             view_entry = view_entry->ve_next) {
1202                                 iocd->stmf_obuf_max_nentries++;
1203                                 if (iocd->stmf_obuf_nentries >= n)
1204                                         continue;
1205                                 ve->ve_ndx_valid = 1;
1206                                 ve->ve_ndx = view_entry->ve_id;
1207                                 ve->ve_lu_number_valid = 1;
1208                                 bcopy(view_entry->ve_lun, ve->ve_lu_nbr, 8);
1209                                 bcopy(view_entry->ve_luid->id_data, ve->ve_guid,
1210                                     view_entry->ve_luid->id_data_size);
1211                                 if (view_entry->ve_hg->id_data[0] == '*') {
1212                                         ve->ve_all_hosts = 1;
1213                                 } else {
1214                                         bcopy(view_entry->ve_hg->id_data,
1215                                             ve->ve_host_group.name,
1216                                             view_entry->ve_hg->id_data_size);
1217                                         ve->ve_host_group.name_size =
1218                                             view_entry->ve_hg->id_data_size;
1219                                 }
1220 
1221                                 if (view_entry->ve_tg->id_data[0] == '*') {
1222                                         ve->ve_all_targets = 1;
1223                                 } else {
1224                                         bcopy(view_entry->ve_tg->id_data,
1225                                             ve->ve_target_group.name,
1226                                             view_entry->ve_tg->id_data_size);
1227                                         ve->ve_target_group.name_size =
1228                                             view_entry->ve_tg->id_data_size;
1229                                 }
1230                                 ve++;
1231                                 iocd->stmf_obuf_nentries++;
1232                         }
1233                 }
1234                 mutex_exit(&stmf_state.stmf_lock);
1235                 break;
1236 
1237         case STMF_IOCTL_LU_VE_LIST:
1238                 p_id = (uint8_t *)ibuf;
1239                 if ((iocd->stmf_ibuf_size != 16) ||
1240                     (iocd->stmf_obuf_size < sizeof (stmf_view_op_entry_t))) {
1241                         ret = EINVAL;
1242                         break;
1243                 }
1244 
1245                 n = iocd->stmf_obuf_size/sizeof (stmf_view_op_entry_t);
1246                 mutex_enter(&stmf_state.stmf_lock);
1247                 ve = (stmf_view_op_entry_t *)obuf;
1248                 for (id_entry = stmf_state.stmf_luid_list.idl_head;
1249                     id_entry; id_entry = id_entry->id_next) {
1250                         if (bcmp(id_entry->id_data, p_id, 16) != 0)
1251                                 continue;
1252                         for (view_entry = (stmf_view_entry_t *)
1253                             id_entry->id_impl_specific; view_entry;
1254                             view_entry = view_entry->ve_next) {
1255                                 iocd->stmf_obuf_max_nentries++;
1256                                 if (iocd->stmf_obuf_nentries >= n)
1257                                         continue;
1258                                 ve->ve_ndx_valid = 1;
1259                                 ve->ve_ndx = view_entry->ve_id;
1260                                 ve->ve_lu_number_valid = 1;
1261                                 bcopy(view_entry->ve_lun, ve->ve_lu_nbr, 8);
1262                                 bcopy(view_entry->ve_luid->id_data, ve->ve_guid,
1263                                     view_entry->ve_luid->id_data_size);
1264                                 if (view_entry->ve_hg->id_data[0] == '*') {
1265                                         ve->ve_all_hosts = 1;
1266                                 } else {
1267                                         bcopy(view_entry->ve_hg->id_data,
1268                                             ve->ve_host_group.name,
1269                                             view_entry->ve_hg->id_data_size);
1270                                         ve->ve_host_group.name_size =
1271                                             view_entry->ve_hg->id_data_size;
1272                                 }
1273 
1274                                 if (view_entry->ve_tg->id_data[0] == '*') {
1275                                         ve->ve_all_targets = 1;
1276                                 } else {
1277                                         bcopy(view_entry->ve_tg->id_data,
1278                                             ve->ve_target_group.name,
1279                                             view_entry->ve_tg->id_data_size);
1280                                         ve->ve_target_group.name_size =
1281                                             view_entry->ve_tg->id_data_size;
1282                                 }
1283                                 ve++;
1284                                 iocd->stmf_obuf_nentries++;
1285                         }
1286                         break;
1287                 }
1288                 mutex_exit(&stmf_state.stmf_lock);
1289                 break;
1290 
1291         case STMF_IOCTL_LOAD_PP_DATA:
1292                 if (stmf_state.stmf_config_state == STMF_CONFIG_NONE) {
1293                         ret = EACCES;
1294                         iocd->stmf_error = STMF_IOCERR_UPDATE_NEED_CFG_INIT;
1295                         break;
1296                 }
1297                 ppi = (stmf_ppioctl_data_t *)ibuf;
1298                 if ((ppi == NULL) ||
1299                     (iocd->stmf_ibuf_size < sizeof (stmf_ppioctl_data_t))) {
1300                         ret = EINVAL;
1301                         break;
1302                 }
1303                 /* returned token */
1304                 ppi_token = (uint64_t *)obuf;
1305                 if ((ppi_token == NULL) ||
1306                     (iocd->stmf_obuf_size < sizeof (uint64_t))) {
1307                         ret = EINVAL;
1308                         break;
1309                 }
1310                 ret = stmf_load_ppd_ioctl(ppi, ppi_token, &iocd->stmf_error);
1311                 break;
1312 
1313         case STMF_IOCTL_GET_PP_DATA:
1314                 if (stmf_state.stmf_config_state == STMF_CONFIG_NONE) {
1315                         ret = EACCES;
1316                         iocd->stmf_error = STMF_IOCERR_UPDATE_NEED_CFG_INIT;
1317                         break;
1318                 }
1319                 ppi = (stmf_ppioctl_data_t *)ibuf;
1320                 if (ppi == NULL ||
1321                     (iocd->stmf_ibuf_size < sizeof (stmf_ppioctl_data_t))) {
1322                         ret = EINVAL;
1323                         break;
1324                 }
1325                 ppi_out = (stmf_ppioctl_data_t *)obuf;
1326                 if ((ppi_out == NULL) ||
1327                     (iocd->stmf_obuf_size < sizeof (stmf_ppioctl_data_t))) {
1328                         ret = EINVAL;
1329                         break;
1330                 }
1331                 ret = stmf_get_ppd_ioctl(ppi, ppi_out, &iocd->stmf_error);
1332                 break;
1333 
1334         case STMF_IOCTL_CLEAR_PP_DATA:
1335                 if (stmf_state.stmf_config_state == STMF_CONFIG_NONE) {
1336                         ret = EACCES;
1337                         iocd->stmf_error = STMF_IOCERR_UPDATE_NEED_CFG_INIT;
1338                         break;
1339                 }
1340                 ppi = (stmf_ppioctl_data_t *)ibuf;
1341                 if ((ppi == NULL) ||
1342                     (iocd->stmf_ibuf_size < sizeof (stmf_ppioctl_data_t))) {
1343                         ret = EINVAL;
1344                         break;
1345                 }
1346                 ret = stmf_delete_ppd_ioctl(ppi);
1347                 break;
1348 
1349         case STMF_IOCTL_CLEAR_TRACE:
1350                 stmf_trace_clear();
1351                 break;
1352 
1353         case STMF_IOCTL_ADD_TRACE:
1354                 if (iocd->stmf_ibuf_size && ibuf) {
1355                         ((uint8_t *)ibuf)[iocd->stmf_ibuf_size - 1] = 0;
1356                         stmf_trace("\nstradm", "%s\n", ibuf);
1357                 }
1358                 break;
1359 
1360         case STMF_IOCTL_GET_TRACE_POSITION:
1361                 if (obuf && (iocd->stmf_obuf_size > 3)) {
1362                         mutex_enter(&trace_buf_lock);
1363                         *((int *)obuf) = trace_buf_curndx;
1364                         mutex_exit(&trace_buf_lock);
1365                 } else {
1366                         ret = EINVAL;
1367                 }
1368                 break;
1369 
1370         case STMF_IOCTL_GET_TRACE:
1371                 if ((iocd->stmf_obuf_size == 0) || (iocd->stmf_ibuf_size < 4)) {
1372                         ret = EINVAL;
1373                         break;
1374                 }
1375                 i = *((int *)ibuf);
1376                 if ((i > trace_buf_size) || ((i + iocd->stmf_obuf_size) >
1377                     trace_buf_size)) {
1378                         ret = EINVAL;
1379                         break;
1380                 }
1381                 mutex_enter(&trace_buf_lock);
1382                 bcopy(stmf_trace_buf + i, obuf, iocd->stmf_obuf_size);
1383                 mutex_exit(&trace_buf_lock);
1384                 break;
1385 
1386         default:
1387                 ret = ENOTTY;
1388         }
1389 
1390         if (ret == 0) {
1391                 ret = stmf_copyout_iocdata(data, mode, iocd, obuf);
1392         } else if (iocd->stmf_error) {
1393                 (void) stmf_copyout_iocdata(data, mode, iocd, obuf);
1394         }
1395         if (obuf) {
1396                 kmem_free(obuf, iocd->stmf_obuf_size);
1397                 obuf = NULL;
1398         }
1399         if (ibuf) {
1400                 kmem_free(ibuf, iocd->stmf_ibuf_size);
1401                 ibuf = NULL;
1402         }
1403         kmem_free(iocd, sizeof (stmf_iocdata_t));
1404         return (ret);
1405 }
1406 
1407 static int
1408 stmf_get_service_state()
1409 {
1410         stmf_i_local_port_t *ilport;
1411         stmf_i_lu_t *ilu;
1412         int online = 0;
1413         int offline = 0;
1414         int onlining = 0;
1415         int offlining = 0;
1416 
1417         ASSERT(mutex_owned(&stmf_state.stmf_lock));
1418         for (ilport = stmf_state.stmf_ilportlist; ilport != NULL;
1419             ilport = ilport->ilport_next) {
1420                 if (ilport->ilport_state == STMF_STATE_OFFLINE)
1421                         offline++;
1422                 else if (ilport->ilport_state == STMF_STATE_ONLINE)
1423                         online++;
1424                 else if (ilport->ilport_state == STMF_STATE_ONLINING)
1425                         onlining++;
1426                 else if (ilport->ilport_state == STMF_STATE_OFFLINING)
1427                         offlining++;
1428         }
1429 
1430         for (ilu = stmf_state.stmf_ilulist; ilu != NULL;
1431             ilu = ilu->ilu_next) {
1432                 if (ilu->ilu_state == STMF_STATE_OFFLINE)
1433                         offline++;
1434                 else if (ilu->ilu_state == STMF_STATE_ONLINE)
1435                         online++;
1436                 else if (ilu->ilu_state == STMF_STATE_ONLINING)
1437                         onlining++;
1438                 else if (ilu->ilu_state == STMF_STATE_OFFLINING)
1439                         offlining++;
1440         }
1441 
1442         if (stmf_state.stmf_service_running) {
1443                 if (onlining)
1444                         return (STMF_STATE_ONLINING);
1445                 else
1446                         return (STMF_STATE_ONLINE);
1447         }
1448 
1449         if (offlining) {
1450                 return (STMF_STATE_OFFLINING);
1451         }
1452 
1453         return (STMF_STATE_OFFLINE);
1454 }
1455 
1456 static int
1457 stmf_set_stmf_state(stmf_state_desc_t *std)
1458 {
1459         stmf_i_local_port_t *ilport;
1460         stmf_i_lu_t *ilu;
1461         stmf_state_change_info_t ssi;
1462         int svc_state;
1463 
1464         ssi.st_rflags = STMF_RFLAG_USER_REQUEST;
1465         ssi.st_additional_info = NULL;
1466 
1467         mutex_enter(&stmf_state.stmf_lock);
1468         if (!stmf_state.stmf_exclusive_open) {
1469                 mutex_exit(&stmf_state.stmf_lock);
1470                 return (EACCES);
1471         }
1472 
1473         if (stmf_state.stmf_inventory_locked) {
1474                 mutex_exit(&stmf_state.stmf_lock);
1475                 return (EBUSY);
1476         }
1477 
1478         if ((std->state != STMF_STATE_ONLINE) &&
1479             (std->state != STMF_STATE_OFFLINE)) {
1480                 mutex_exit(&stmf_state.stmf_lock);
1481                 return (EINVAL);
1482         }
1483 
1484         svc_state = stmf_get_service_state();
1485         if ((svc_state == STMF_STATE_OFFLINING) ||
1486             (svc_state == STMF_STATE_ONLINING)) {
1487                 mutex_exit(&stmf_state.stmf_lock);
1488                 return (EBUSY);
1489         }
1490 
1491         if (svc_state == STMF_STATE_OFFLINE) {
1492                 if (std->config_state == STMF_CONFIG_INIT) {
1493                         if (std->state != STMF_STATE_OFFLINE) {
1494                                 mutex_exit(&stmf_state.stmf_lock);
1495                                 return (EINVAL);
1496                         }
1497                         stmf_state.stmf_config_state = STMF_CONFIG_INIT;
1498                         stmf_delete_all_ppds();
1499                         stmf_view_clear_config();
1500                         stmf_view_init();
1501                         mutex_exit(&stmf_state.stmf_lock);
1502                         return (0);
1503                 }
1504                 if ((stmf_state.stmf_config_state == STMF_CONFIG_INIT) ||
1505                     (stmf_state.stmf_config_state == STMF_CONFIG_NONE)) {
1506                         if (std->config_state != STMF_CONFIG_INIT_DONE) {
1507                                 mutex_exit(&stmf_state.stmf_lock);
1508                                 return (EINVAL);
1509                         }
1510                         stmf_state.stmf_config_state = STMF_CONFIG_INIT_DONE;
1511                 }
1512                 if (std->state == STMF_STATE_OFFLINE) {
1513                         mutex_exit(&stmf_state.stmf_lock);
1514                         return (0);
1515                 }
1516                 if (stmf_state.stmf_config_state == STMF_CONFIG_INIT) {
1517                         mutex_exit(&stmf_state.stmf_lock);
1518                         return (EINVAL);
1519                 }
1520                 stmf_state.stmf_inventory_locked = 1;
1521                 stmf_state.stmf_service_running = 1;
1522                 mutex_exit(&stmf_state.stmf_lock);
1523 
1524                 for (ilport = stmf_state.stmf_ilportlist; ilport != NULL;
1525                     ilport = ilport->ilport_next) {
1526                         if (stmf_state.stmf_default_lport_state !=
1527                             STMF_STATE_ONLINE)
1528                                 continue;
1529                         (void) stmf_ctl(STMF_CMD_LPORT_ONLINE,
1530                             ilport->ilport_lport, &ssi);
1531                 }
1532 
1533                 for (ilu = stmf_state.stmf_ilulist; ilu != NULL;
1534                     ilu = ilu->ilu_next) {
1535                         if (stmf_state.stmf_default_lu_state !=
1536                             STMF_STATE_ONLINE)
1537                                 continue;
1538                         (void) stmf_ctl(STMF_CMD_LU_ONLINE, ilu->ilu_lu, &ssi);
1539                 }
1540                 mutex_enter(&stmf_state.stmf_lock);
1541                 stmf_state.stmf_inventory_locked = 0;
1542                 mutex_exit(&stmf_state.stmf_lock);
1543                 return (0);
1544         }
1545 
1546         /* svc_state is STMF_STATE_ONLINE here */
1547         if ((std->state != STMF_STATE_OFFLINE) ||
1548             (std->config_state == STMF_CONFIG_INIT)) {
1549                 mutex_exit(&stmf_state.stmf_lock);
1550                 return (EACCES);
1551         }
1552 
1553         stmf_state.stmf_inventory_locked = 1;
1554         stmf_state.stmf_service_running = 0;
1555 
1556         mutex_exit(&stmf_state.stmf_lock);
1557         for (ilport = stmf_state.stmf_ilportlist; ilport != NULL;
1558             ilport = ilport->ilport_next) {
1559                 if (ilport->ilport_state != STMF_STATE_ONLINE)
1560                         continue;
1561                 (void) stmf_ctl(STMF_CMD_LPORT_OFFLINE,
1562                     ilport->ilport_lport, &ssi);
1563         }
1564 
1565         for (ilu = stmf_state.stmf_ilulist; ilu != NULL;
1566             ilu = ilu->ilu_next) {
1567                 if (ilu->ilu_state != STMF_STATE_ONLINE)
1568                         continue;
1569                 (void) stmf_ctl(STMF_CMD_LU_OFFLINE, ilu->ilu_lu, &ssi);
1570         }
1571         mutex_enter(&stmf_state.stmf_lock);
1572         stmf_state.stmf_inventory_locked = 0;
1573         mutex_exit(&stmf_state.stmf_lock);
1574         return (0);
1575 }
1576 
1577 static int
1578 stmf_get_stmf_state(stmf_state_desc_t *std)
1579 {
1580         mutex_enter(&stmf_state.stmf_lock);
1581         std->state = stmf_get_service_state();
1582         std->config_state = stmf_state.stmf_config_state;
1583         mutex_exit(&stmf_state.stmf_lock);
1584 
1585         return (0);
1586 }
1587 
1588 /*
1589  * handles registration message from pppt for a logical unit
1590  */
1591 stmf_status_t
1592 stmf_ic_lu_reg(stmf_ic_reg_dereg_lun_msg_t *msg, uint32_t type)
1593 {
1594         stmf_i_lu_provider_t    *ilp;
1595         stmf_lu_provider_t      *lp;
1596         mutex_enter(&stmf_state.stmf_lock);
1597         for (ilp = stmf_state.stmf_ilplist; ilp != NULL; ilp = ilp->ilp_next) {
1598                 if (strcmp(msg->icrl_lu_provider_name,
1599                     ilp->ilp_lp->lp_name) == 0) {
1600                         lp = ilp->ilp_lp;
1601                         mutex_exit(&stmf_state.stmf_lock);
1602                         lp->lp_proxy_msg(msg->icrl_lun_id, msg->icrl_cb_arg,
1603                             msg->icrl_cb_arg_len, type);
1604                         return (STMF_SUCCESS);
1605                 }
1606         }
1607         mutex_exit(&stmf_state.stmf_lock);
1608         return (STMF_SUCCESS);
1609 }
1610 
1611 /*
1612  * handles de-registration message from pppt for a logical unit
1613  */
1614 stmf_status_t
1615 stmf_ic_lu_dereg(stmf_ic_reg_dereg_lun_msg_t *msg)
1616 {
1617         stmf_i_lu_provider_t    *ilp;
1618         stmf_lu_provider_t      *lp;
1619         mutex_enter(&stmf_state.stmf_lock);
1620         for (ilp = stmf_state.stmf_ilplist; ilp != NULL; ilp = ilp->ilp_next) {
1621                 if (strcmp(msg->icrl_lu_provider_name,
1622                     ilp->ilp_lp->lp_name) == 0) {
1623                         lp = ilp->ilp_lp;
1624                         mutex_exit(&stmf_state.stmf_lock);
1625                         lp->lp_proxy_msg(msg->icrl_lun_id, NULL, 0,
1626                             STMF_MSG_LU_DEREGISTER);
1627                         return (STMF_SUCCESS);
1628                 }
1629         }
1630         mutex_exit(&stmf_state.stmf_lock);
1631         return (STMF_SUCCESS);
1632 }
1633 
1634 /*
1635  * helper function to find a task that matches a task_msgid
1636  */
1637 scsi_task_t *
1638 find_task_from_msgid(uint8_t *lu_id, stmf_ic_msgid_t task_msgid)
1639 {
1640         stmf_i_lu_t *ilu;
1641         stmf_i_scsi_task_t *itask;
1642 
1643         mutex_enter(&stmf_state.stmf_lock);
1644         for (ilu = stmf_state.stmf_ilulist; ilu != NULL; ilu = ilu->ilu_next) {
1645                 if (bcmp(lu_id, ilu->ilu_lu->lu_id->ident, 16) == 0) {
1646                         break;
1647                 }
1648         }
1649 
1650         if (ilu == NULL) {
1651                 mutex_exit(&stmf_state.stmf_lock);
1652                 return (NULL);
1653         }
1654 
1655         mutex_enter(&ilu->ilu_task_lock);
1656         for (itask = ilu->ilu_tasks; itask != NULL;
1657             itask = itask->itask_lu_next) {
1658                 if (itask->itask_flags & (ITASK_IN_FREE_LIST |
1659                     ITASK_BEING_ABORTED)) {
1660                         continue;
1661                 }
1662                 if (itask->itask_proxy_msg_id == task_msgid) {
1663                         break;
1664                 }
1665         }
1666         mutex_exit(&ilu->ilu_task_lock);
1667         mutex_exit(&stmf_state.stmf_lock);
1668 
1669         if (itask != NULL) {
1670                 return (itask->itask_task);
1671         } else {
1672                 /* task not found. Likely already aborted. */
1673                 return (NULL);
1674         }
1675 }
1676 
1677 /*
1678  * message received from pppt/ic
1679  */
1680 stmf_status_t
1681 stmf_msg_rx(stmf_ic_msg_t *msg)
1682 {
1683         mutex_enter(&stmf_state.stmf_lock);
1684         if (stmf_state.stmf_alua_state != 1) {
1685                 mutex_exit(&stmf_state.stmf_lock);
1686                 cmn_err(CE_WARN, "stmf alua state is disabled");
1687                 ic_msg_free(msg);
1688                 return (STMF_FAILURE);
1689         }
1690         mutex_exit(&stmf_state.stmf_lock);
1691 
1692         switch (msg->icm_msg_type) {
1693                 case STMF_ICM_REGISTER_LUN:
1694                         (void) stmf_ic_lu_reg(
1695                             (stmf_ic_reg_dereg_lun_msg_t *)msg->icm_msg,
1696                             STMF_MSG_LU_REGISTER);
1697                         break;
1698                 case STMF_ICM_LUN_ACTIVE:
1699                         (void) stmf_ic_lu_reg(
1700                             (stmf_ic_reg_dereg_lun_msg_t *)msg->icm_msg,
1701                             STMF_MSG_LU_ACTIVE);
1702                         break;
1703                 case STMF_ICM_DEREGISTER_LUN:
1704                         (void) stmf_ic_lu_dereg(
1705                             (stmf_ic_reg_dereg_lun_msg_t *)msg->icm_msg);
1706                         break;
1707                 case STMF_ICM_SCSI_DATA:
1708                         (void) stmf_ic_rx_scsi_data(
1709                             (stmf_ic_scsi_data_msg_t *)msg->icm_msg);
1710                         break;
1711                 case STMF_ICM_SCSI_STATUS:
1712                         (void) stmf_ic_rx_scsi_status(
1713                             (stmf_ic_scsi_status_msg_t *)msg->icm_msg);
1714                         break;
1715                 case STMF_ICM_STATUS:
1716                         (void) stmf_ic_rx_status(
1717                             (stmf_ic_status_msg_t *)msg->icm_msg);
1718                         break;
1719                 default:
1720                         cmn_err(CE_WARN, "unknown message received %d",
1721                             msg->icm_msg_type);
1722                         ic_msg_free(msg);
1723                         return (STMF_FAILURE);
1724         }
1725         ic_msg_free(msg);
1726         return (STMF_SUCCESS);
1727 }
1728 
1729 stmf_status_t
1730 stmf_ic_rx_status(stmf_ic_status_msg_t *msg)
1731 {
1732         stmf_i_local_port_t *ilport;
1733 
1734         if (msg->ics_msg_type != STMF_ICM_REGISTER_PROXY_PORT) {
1735                 /* for now, ignore other message status */
1736                 return (STMF_SUCCESS);
1737         }
1738 
1739         if (msg->ics_status != STMF_SUCCESS) {
1740                 return (STMF_SUCCESS);
1741         }
1742 
1743         mutex_enter(&stmf_state.stmf_lock);
1744         for (ilport = stmf_state.stmf_ilportlist; ilport != NULL;
1745             ilport = ilport->ilport_next) {
1746                 if (msg->ics_msgid == ilport->ilport_reg_msgid) {
1747                         ilport->ilport_proxy_registered = 1;
1748                         break;
1749                 }
1750         }
1751         mutex_exit(&stmf_state.stmf_lock);
1752         return (STMF_SUCCESS);
1753 }
1754 
1755 /*
1756  * handles scsi status message from pppt
1757  */
1758 stmf_status_t
1759 stmf_ic_rx_scsi_status(stmf_ic_scsi_status_msg_t *msg)
1760 {
1761         scsi_task_t *task;
1762 
1763         /* is this a task management command */
1764         if (msg->icss_task_msgid & MSG_ID_TM_BIT) {
1765                 return (STMF_SUCCESS);
1766         }
1767 
1768         task = find_task_from_msgid(msg->icss_lun_id, msg->icss_task_msgid);
1769 
1770         if (task == NULL) {
1771                 return (STMF_SUCCESS);
1772         }
1773 
1774         task->task_scsi_status = msg->icss_status;
1775         task->task_sense_data = msg->icss_sense;
1776         task->task_sense_length = msg->icss_sense_len;
1777         (void) stmf_send_scsi_status(task, STMF_IOF_LU_DONE);
1778 
1779         return (STMF_SUCCESS);
1780 }
1781 
1782 /*
1783  * handles scsi data message from pppt
1784  */
1785 stmf_status_t
1786 stmf_ic_rx_scsi_data(stmf_ic_scsi_data_msg_t *msg)
1787 {
1788         stmf_i_scsi_task_t *itask;
1789         scsi_task_t *task;
1790         stmf_xfer_data_t *xd = NULL;
1791         stmf_data_buf_t *dbuf;
1792         uint32_t sz, minsz, xd_sz, asz;
1793 
1794         /* is this a task management command */
1795         if (msg->icsd_task_msgid & MSG_ID_TM_BIT) {
1796                 return (STMF_SUCCESS);
1797         }
1798 
1799         task = find_task_from_msgid(msg->icsd_lun_id, msg->icsd_task_msgid);
1800         if (task == NULL) {
1801                 stmf_ic_msg_t *ic_xfer_done_msg = NULL;
1802                 static uint64_t data_msg_id;
1803                 stmf_status_t ic_ret = STMF_FAILURE;
1804                 mutex_enter(&stmf_state.stmf_lock);
1805                 data_msg_id = stmf_proxy_msg_id++;
1806                 mutex_exit(&stmf_state.stmf_lock);
1807                 /*
1808                  * send xfer done status to pppt
1809                  * for now, set the session id to 0 as we cannot
1810                  * ascertain it since we cannot find the task
1811                  */
1812                 ic_xfer_done_msg = ic_scsi_data_xfer_done_msg_alloc(
1813                     msg->icsd_task_msgid, 0, STMF_FAILURE, data_msg_id);
1814                 if (ic_xfer_done_msg) {
1815                         ic_ret = ic_tx_msg(ic_xfer_done_msg);
1816                         if (ic_ret != STMF_IC_MSG_SUCCESS) {
1817                                 cmn_err(CE_WARN, "unable to xmit proxy msg");
1818                         }
1819                 }
1820                 return (STMF_FAILURE);
1821         }
1822 
1823         itask = (stmf_i_scsi_task_t *)task->task_stmf_private;
1824         dbuf = itask->itask_proxy_dbuf;
1825 
1826         task->task_cmd_xfer_length += msg->icsd_data_len;
1827 
1828         if (task->task_additional_flags &
1829             TASK_AF_NO_EXPECTED_XFER_LENGTH) {
1830                 task->task_expected_xfer_length =
1831                     task->task_cmd_xfer_length;
1832         }
1833 
1834         sz = min(task->task_expected_xfer_length,
1835             task->task_cmd_xfer_length);
1836 
1837         xd_sz = msg->icsd_data_len;
1838         asz = xd_sz + sizeof (*xd) - 4;
1839         xd = (stmf_xfer_data_t *)kmem_zalloc(asz, KM_NOSLEEP);
1840 
1841         if (xd == NULL) {
1842                 stmf_abort(STMF_QUEUE_TASK_ABORT, task,
1843                     STMF_ALLOC_FAILURE, NULL);
1844                 return (STMF_FAILURE);
1845         }
1846 
1847         xd->alloc_size = asz;
1848         xd->size_left = xd_sz;
1849         bcopy(msg->icsd_data, xd->buf, xd_sz);
1850 
1851         sz = min(sz, xd->size_left);
1852         xd->size_left = sz;
1853         minsz = min(512, sz);
1854 
1855         if (dbuf == NULL)
1856                 dbuf = stmf_alloc_dbuf(task, sz, &minsz, 0);
1857         if (dbuf == NULL) {
1858                 kmem_free(xd, xd->alloc_size);
1859                 stmf_abort(STMF_QUEUE_TASK_ABORT, task,
1860                     STMF_ALLOC_FAILURE, NULL);
1861                 return (STMF_FAILURE);
1862         }
1863         dbuf->db_lu_private = xd;
1864         dbuf->db_relative_offset = task->task_nbytes_transferred;
1865         stmf_xd_to_dbuf(dbuf, 0);
1866 
1867         dbuf->db_flags = DB_DIRECTION_TO_RPORT;
1868         (void) stmf_xfer_data(task, dbuf, 0);
1869         return (STMF_SUCCESS);
1870 }
1871 
1872 stmf_status_t
1873 stmf_proxy_scsi_cmd(scsi_task_t *task, stmf_data_buf_t *dbuf)
1874 {
1875         stmf_i_scsi_task_t *itask =
1876             (stmf_i_scsi_task_t *)task->task_stmf_private;
1877         stmf_i_local_port_t *ilport =
1878             (stmf_i_local_port_t *)task->task_lport->lport_stmf_private;
1879         stmf_ic_msg_t *ic_cmd_msg;
1880         stmf_ic_msg_status_t ic_ret;
1881         stmf_status_t ret = STMF_FAILURE;
1882 
1883         if (stmf_state.stmf_alua_state != 1) {
1884                 cmn_err(CE_WARN, "stmf alua state is disabled");
1885                 return (STMF_FAILURE);
1886         }
1887 
1888         if (ilport->ilport_proxy_registered == 0) {
1889                 return (STMF_FAILURE);
1890         }
1891 
1892         mutex_enter(&stmf_state.stmf_lock);
1893         itask->itask_proxy_msg_id = stmf_proxy_msg_id++;
1894         mutex_exit(&stmf_state.stmf_lock);
1895         itask->itask_proxy_dbuf = dbuf;
1896 
1897         /*
1898          * stmf will now take over the task handling for this task
1899          * but it still needs to be treated differently from other
1900          * default handled tasks, hence the ITASK_PROXY_TASK.
1901          * If this is a task management function, we're really just
1902          * duping the command to the peer. Set the TM bit so that
1903          * we can recognize this on return since we won't be completing
1904          * the proxied task in that case.
1905          */
1906         if (task->task_mgmt_function) {
1907                 itask->itask_proxy_msg_id |= MSG_ID_TM_BIT;
1908         } else {
1909                 uint32_t new, old;
1910                 do {
1911                         new = old = itask->itask_flags;
1912                         if (new & ITASK_BEING_ABORTED)
1913                                 return (STMF_FAILURE);
1914                         new |= ITASK_DEFAULT_HANDLING | ITASK_PROXY_TASK;
1915                 } while (atomic_cas_32(&itask->itask_flags, old, new) != old);
1916         }
1917         if (dbuf) {
1918                 ic_cmd_msg = ic_scsi_cmd_msg_alloc(itask->itask_proxy_msg_id,
1919                     task, dbuf->db_data_size, dbuf->db_sglist[0].seg_addr,
1920                     itask->itask_proxy_msg_id);
1921         } else {
1922                 ic_cmd_msg = ic_scsi_cmd_msg_alloc(itask->itask_proxy_msg_id,
1923                     task, 0, NULL, itask->itask_proxy_msg_id);
1924         }
1925         if (ic_cmd_msg) {
1926                 ic_ret = ic_tx_msg(ic_cmd_msg);
1927                 if (ic_ret == STMF_IC_MSG_SUCCESS) {
1928                         ret = STMF_SUCCESS;
1929                 }
1930         }
1931         return (ret);
1932 }
1933 
1934 
1935 stmf_status_t
1936 pppt_modload()
1937 {
1938         int error;
1939 
1940         if (pppt_mod == NULL && ((pppt_mod =
1941             ddi_modopen("drv/pppt", KRTLD_MODE_FIRST, &error)) == NULL)) {
1942                 cmn_err(CE_WARN, "Unable to load pppt");
1943                 return (STMF_FAILURE);
1944         }
1945 
1946         if (ic_reg_port_msg_alloc == NULL && ((ic_reg_port_msg_alloc =
1947             (stmf_ic_reg_port_msg_alloc_func_t)
1948             ddi_modsym(pppt_mod, "stmf_ic_reg_port_msg_alloc",
1949             &error)) == NULL)) {
1950                 cmn_err(CE_WARN,
1951                     "Unable to find symbol - stmf_ic_reg_port_msg_alloc");
1952                 return (STMF_FAILURE);
1953         }
1954 
1955 
1956         if (ic_dereg_port_msg_alloc == NULL && ((ic_dereg_port_msg_alloc =
1957             (stmf_ic_dereg_port_msg_alloc_func_t)
1958             ddi_modsym(pppt_mod, "stmf_ic_dereg_port_msg_alloc",
1959             &error)) == NULL)) {
1960                 cmn_err(CE_WARN,
1961                     "Unable to find symbol - stmf_ic_dereg_port_msg_alloc");
1962                 return (STMF_FAILURE);
1963         }
1964 
1965         if (ic_reg_lun_msg_alloc == NULL && ((ic_reg_lun_msg_alloc =
1966             (stmf_ic_reg_lun_msg_alloc_func_t)
1967             ddi_modsym(pppt_mod, "stmf_ic_reg_lun_msg_alloc",
1968             &error)) == NULL)) {
1969                 cmn_err(CE_WARN,
1970                     "Unable to find symbol - stmf_ic_reg_lun_msg_alloc");
1971                 return (STMF_FAILURE);
1972         }
1973 
1974         if (ic_lun_active_msg_alloc == NULL && ((ic_lun_active_msg_alloc =
1975             (stmf_ic_lun_active_msg_alloc_func_t)
1976             ddi_modsym(pppt_mod, "stmf_ic_lun_active_msg_alloc",
1977             &error)) == NULL)) {
1978                 cmn_err(CE_WARN,
1979                     "Unable to find symbol - stmf_ic_lun_active_msg_alloc");
1980                 return (STMF_FAILURE);
1981         }
1982 
1983         if (ic_dereg_lun_msg_alloc == NULL && ((ic_dereg_lun_msg_alloc =
1984             (stmf_ic_dereg_lun_msg_alloc_func_t)
1985             ddi_modsym(pppt_mod, "stmf_ic_dereg_lun_msg_alloc",
1986             &error)) == NULL)) {
1987                 cmn_err(CE_WARN,
1988                     "Unable to find symbol - stmf_ic_dereg_lun_msg_alloc");
1989                 return (STMF_FAILURE);
1990         }
1991 
1992         if (ic_scsi_cmd_msg_alloc == NULL && ((ic_scsi_cmd_msg_alloc =
1993             (stmf_ic_scsi_cmd_msg_alloc_func_t)
1994             ddi_modsym(pppt_mod, "stmf_ic_scsi_cmd_msg_alloc",
1995             &error)) == NULL)) {
1996                 cmn_err(CE_WARN,
1997                     "Unable to find symbol - stmf_ic_scsi_cmd_msg_alloc");
1998                 return (STMF_FAILURE);
1999         }
2000 
2001         if (ic_scsi_data_xfer_done_msg_alloc == NULL &&
2002             ((ic_scsi_data_xfer_done_msg_alloc =
2003             (stmf_ic_scsi_data_xfer_done_msg_alloc_func_t)
2004             ddi_modsym(pppt_mod, "stmf_ic_scsi_data_xfer_done_msg_alloc",
2005             &error)) == NULL)) {
2006                 cmn_err(CE_WARN,
2007                     "Unable to find symbol -"
2008                     "stmf_ic_scsi_data_xfer_done_msg_alloc");
2009                 return (STMF_FAILURE);
2010         }
2011 
2012         if (ic_session_reg_msg_alloc == NULL &&
2013             ((ic_session_reg_msg_alloc =
2014             (stmf_ic_session_create_msg_alloc_func_t)
2015             ddi_modsym(pppt_mod, "stmf_ic_session_create_msg_alloc",
2016             &error)) == NULL)) {
2017                 cmn_err(CE_WARN,
2018                     "Unable to find symbol -"
2019                     "stmf_ic_session_create_msg_alloc");
2020                 return (STMF_FAILURE);
2021         }
2022 
2023         if (ic_session_dereg_msg_alloc == NULL &&
2024             ((ic_session_dereg_msg_alloc =
2025             (stmf_ic_session_destroy_msg_alloc_func_t)
2026             ddi_modsym(pppt_mod, "stmf_ic_session_destroy_msg_alloc",
2027             &error)) == NULL)) {
2028                 cmn_err(CE_WARN,
2029                     "Unable to find symbol -"
2030                     "stmf_ic_session_destroy_msg_alloc");
2031                 return (STMF_FAILURE);
2032         }
2033 
2034         if (ic_tx_msg == NULL && ((ic_tx_msg =
2035             (stmf_ic_tx_msg_func_t)ddi_modsym(pppt_mod, "stmf_ic_tx_msg",
2036             &error)) == NULL)) {
2037                 cmn_err(CE_WARN, "Unable to find symbol - stmf_ic_tx_msg");
2038                 return (STMF_FAILURE);
2039         }
2040 
2041         if (ic_msg_free == NULL && ((ic_msg_free =
2042             (stmf_ic_msg_free_func_t)ddi_modsym(pppt_mod, "stmf_ic_msg_free",
2043             &error)) == NULL)) {
2044                 cmn_err(CE_WARN, "Unable to find symbol - stmf_ic_msg_free");
2045                 return (STMF_FAILURE);
2046         }
2047         return (STMF_SUCCESS);
2048 }
2049 
2050 static void
2051 stmf_get_alua_state(stmf_alua_state_desc_t *alua_state)
2052 {
2053         mutex_enter(&stmf_state.stmf_lock);
2054         alua_state->alua_node = stmf_state.stmf_alua_node;
2055         alua_state->alua_state = stmf_state.stmf_alua_state;
2056         mutex_exit(&stmf_state.stmf_lock);
2057 }
2058 
2059 
2060 static int
2061 stmf_set_alua_state(stmf_alua_state_desc_t *alua_state)
2062 {
2063         stmf_i_local_port_t *ilport;
2064         stmf_i_lu_t *ilu;
2065         stmf_lu_t *lu;
2066         stmf_ic_msg_status_t ic_ret;
2067         stmf_ic_msg_t *ic_reg_lun, *ic_reg_port;
2068         stmf_local_port_t *lport;
2069         int ret = 0;
2070 
2071         if (alua_state->alua_state > 1 || alua_state->alua_node > 1) {
2072                 return (EINVAL);
2073         }
2074 
2075         mutex_enter(&stmf_state.stmf_lock);
2076         if (alua_state->alua_state == 1) {
2077                 if (pppt_modload() == STMF_FAILURE) {
2078                         ret = EIO;
2079                         goto err;
2080                 }
2081                 if (alua_state->alua_node != 0) {
2082                         /* reset existing rtpids to new base */
2083                         stmf_rtpid_counter = 255;
2084                 }
2085                 stmf_state.stmf_alua_node = alua_state->alua_node;
2086                 stmf_state.stmf_alua_state = 1;
2087                 /* register existing local ports with ppp */
2088                 for (ilport = stmf_state.stmf_ilportlist; ilport != NULL;
2089                     ilport = ilport->ilport_next) {
2090                         /* skip standby ports and non-alua participants */
2091                         if (ilport->ilport_standby == 1 ||
2092                             ilport->ilport_alua == 0) {
2093                                 continue;
2094                         }
2095                         if (alua_state->alua_node != 0) {
2096                                 ilport->ilport_rtpid =
2097                                     atomic_inc_16_nv(&stmf_rtpid_counter);
2098                         }
2099                         lport = ilport->ilport_lport;
2100                         ic_reg_port = ic_reg_port_msg_alloc(
2101                             lport->lport_id, ilport->ilport_rtpid,
2102                             0, NULL, stmf_proxy_msg_id);
2103                         if (ic_reg_port) {
2104                                 ic_ret = ic_tx_msg(ic_reg_port);
2105                                 if (ic_ret == STMF_IC_MSG_SUCCESS) {
2106                                         ilport->ilport_reg_msgid =
2107                                             stmf_proxy_msg_id++;
2108                                 } else {
2109                                         cmn_err(CE_WARN,
2110                                             "error on port registration "
2111                                             "port - %s",
2112                                             ilport->ilport_kstat_tgt_name);
2113                                 }
2114                         }
2115                 }
2116                 /* register existing logical units */
2117                 for (ilu = stmf_state.stmf_ilulist; ilu != NULL;
2118                     ilu = ilu->ilu_next) {
2119                         if (ilu->ilu_access != STMF_LU_ACTIVE) {
2120                                 continue;
2121                         }
2122                         /* register with proxy module */
2123                         lu = ilu->ilu_lu;
2124                         if (lu->lu_lp && lu->lu_lp->lp_lpif_rev == LPIF_REV_2 &&
2125                             lu->lu_lp->lp_alua_support) {
2126                                 ilu->ilu_alua = 1;
2127                                 /* allocate the register message */
2128                                 ic_reg_lun = ic_reg_lun_msg_alloc(
2129                                     lu->lu_id->ident, lu->lu_lp->lp_name,
2130                                     lu->lu_proxy_reg_arg_len,
2131                                     (uint8_t *)lu->lu_proxy_reg_arg,
2132                                     stmf_proxy_msg_id);
2133                                 /* send the message */
2134                                 if (ic_reg_lun) {
2135                                         ic_ret = ic_tx_msg(ic_reg_lun);
2136                                         if (ic_ret == STMF_IC_MSG_SUCCESS) {
2137                                                 stmf_proxy_msg_id++;
2138                                         }
2139                                 }
2140                         }
2141                 }
2142         } else {
2143                 stmf_state.stmf_alua_state = 0;
2144         }
2145 
2146 err:
2147         mutex_exit(&stmf_state.stmf_lock);
2148         return (ret);
2149 }
2150 
2151 
2152 typedef struct {
2153         void    *bp;    /* back pointer from internal struct to main struct */
2154         int     alloc_size;
2155 } __istmf_t;
2156 
2157 typedef struct {
2158         __istmf_t       *fp;    /* Framework private */
2159         void            *cp;    /* Caller private */
2160         void            *ss;    /* struct specific */
2161 } __stmf_t;
2162 
2163 static struct {
2164         int shared;
2165         int fw_private;
2166 } stmf_sizes[] = { { 0, 0 },
2167         { GET_STRUCT_SIZE(stmf_lu_provider_t),
2168                 GET_STRUCT_SIZE(stmf_i_lu_provider_t) },
2169         { GET_STRUCT_SIZE(stmf_port_provider_t),
2170                 GET_STRUCT_SIZE(stmf_i_port_provider_t) },
2171         { GET_STRUCT_SIZE(stmf_local_port_t),
2172                 GET_STRUCT_SIZE(stmf_i_local_port_t) },
2173         { GET_STRUCT_SIZE(stmf_lu_t),
2174                 GET_STRUCT_SIZE(stmf_i_lu_t) },
2175         { GET_STRUCT_SIZE(stmf_scsi_session_t),
2176                 GET_STRUCT_SIZE(stmf_i_scsi_session_t) },
2177         { GET_STRUCT_SIZE(scsi_task_t),
2178                 GET_STRUCT_SIZE(stmf_i_scsi_task_t) },
2179         { GET_STRUCT_SIZE(stmf_data_buf_t),
2180                 GET_STRUCT_SIZE(__istmf_t) },
2181         { GET_STRUCT_SIZE(stmf_dbuf_store_t),
2182                 GET_STRUCT_SIZE(__istmf_t) }
2183 
2184 };
2185 
2186 void *
2187 stmf_alloc(stmf_struct_id_t struct_id, int additional_size, int flags)
2188 {
2189         int stmf_size;
2190         int kmem_flag;
2191         __stmf_t *sh;
2192 
2193         if ((struct_id == 0) || (struct_id >= STMF_MAX_STRUCT_IDS))
2194                 return (NULL);
2195 
2196         if ((curthread->t_flag & T_INTR_THREAD) || (flags & AF_FORCE_NOSLEEP)) {
2197                 kmem_flag = KM_NOSLEEP;
2198         } else {
2199                 kmem_flag = KM_SLEEP;
2200         }
2201 
2202         additional_size = (additional_size + 7) & (~7);
2203         stmf_size = stmf_sizes[struct_id].shared +
2204             stmf_sizes[struct_id].fw_private + additional_size;
2205 
2206         if (flags & AF_DONTZERO)
2207                 sh = (__stmf_t *)kmem_alloc(stmf_size, kmem_flag);
2208         else
2209                 sh = (__stmf_t *)kmem_zalloc(stmf_size, kmem_flag);
2210 
2211         if (sh == NULL)
2212                 return (NULL);
2213 
2214         /*
2215          * In principle, the implementation inside stmf_alloc should not
2216          * be changed anyway. But the original order of framework private
2217          * data and caller private data does not support sglist in the caller
2218          * private data.
2219          * To work around this, the memory segments of framework private
2220          * data and caller private data are re-ordered here.
2221          * A better solution is to provide a specific interface to allocate
2222          * the sglist, then we will not need this workaround any more.
2223          * But before the new interface is available, the memory segment
2224          * ordering should be kept as is.
2225          */
2226         sh->cp = GET_BYTE_OFFSET(sh, stmf_sizes[struct_id].shared);
2227         sh->fp = (__istmf_t *)GET_BYTE_OFFSET(sh,
2228             stmf_sizes[struct_id].shared + additional_size);
2229 
2230         sh->fp->bp = sh;
2231         /* Just store the total size instead of storing additional size */
2232         sh->fp->alloc_size = stmf_size;
2233 
2234         return (sh);
2235 }
2236 
2237 void
2238 stmf_free(void *ptr)
2239 {
2240         __stmf_t *sh = (__stmf_t *)ptr;
2241 
2242         /*
2243          * So far we dont need any struct specific processing. If such
2244          * a need ever arises, then store the struct id in the framework
2245          * private section and get it here as sh->fp->struct_id.
2246          */
2247         kmem_free(ptr, sh->fp->alloc_size);
2248 }
2249 
2250 /*
2251  * Given a pointer to stmf_lu_t, verifies if this lu is registered with the
2252  * framework and returns a pointer to framework private data for the lu.
2253  * Returns NULL if the lu was not found.
2254  */
2255 stmf_i_lu_t *
2256 stmf_lookup_lu(stmf_lu_t *lu)
2257 {
2258         stmf_i_lu_t *ilu;
2259         ASSERT(mutex_owned(&stmf_state.stmf_lock));
2260 
2261         for (ilu = stmf_state.stmf_ilulist; ilu != NULL; ilu = ilu->ilu_next) {
2262                 if (ilu->ilu_lu == lu)
2263                         return (ilu);
2264         }
2265         return (NULL);
2266 }
2267 
2268 /*
2269  * Given a pointer to stmf_local_port_t, verifies if this lport is registered
2270  * with the framework and returns a pointer to framework private data for
2271  * the lport.
2272  * Returns NULL if the lport was not found.
2273  */
2274 stmf_i_local_port_t *
2275 stmf_lookup_lport(stmf_local_port_t *lport)
2276 {
2277         stmf_i_local_port_t *ilport;
2278         ASSERT(mutex_owned(&stmf_state.stmf_lock));
2279 
2280         for (ilport = stmf_state.stmf_ilportlist; ilport != NULL;
2281             ilport = ilport->ilport_next) {
2282                 if (ilport->ilport_lport == lport)
2283                         return (ilport);
2284         }
2285         return (NULL);
2286 }
2287 
2288 stmf_status_t
2289 stmf_register_lu_provider(stmf_lu_provider_t *lp)
2290 {
2291         stmf_i_lu_provider_t *ilp = (stmf_i_lu_provider_t *)lp->lp_stmf_private;
2292         stmf_pp_data_t *ppd;
2293         uint32_t cb_flags;
2294 
2295         if (lp->lp_lpif_rev != LPIF_REV_1 && lp->lp_lpif_rev != LPIF_REV_2)
2296                 return (STMF_FAILURE);
2297 
2298         mutex_enter(&stmf_state.stmf_lock);
2299         ilp->ilp_next = stmf_state.stmf_ilplist;
2300         stmf_state.stmf_ilplist = ilp;
2301         stmf_state.stmf_nlps++;
2302 
2303         /* See if we need to do a callback */
2304         for (ppd = stmf_state.stmf_ppdlist; ppd != NULL; ppd = ppd->ppd_next) {
2305                 if (strcmp(ppd->ppd_name, lp->lp_name) == 0) {
2306                         break;
2307                 }
2308         }
2309         if ((ppd == NULL) || (ppd->ppd_nv == NULL)) {
2310                 goto rlp_bail_out;
2311         }
2312         ilp->ilp_ppd = ppd;
2313         ppd->ppd_provider = ilp;
2314         if (lp->lp_cb == NULL)
2315                 goto rlp_bail_out;
2316         ilp->ilp_cb_in_progress = 1;
2317         cb_flags = STMF_PCB_PREG_COMPLETE;
2318         if (stmf_state.stmf_config_state == STMF_CONFIG_INIT)
2319                 cb_flags |= STMF_PCB_STMF_ONLINING;
2320         mutex_exit(&stmf_state.stmf_lock);
2321         lp->lp_cb(lp, STMF_PROVIDER_DATA_UPDATED, ppd->ppd_nv, cb_flags);
2322         mutex_enter(&stmf_state.stmf_lock);
2323         ilp->ilp_cb_in_progress = 0;
2324 
2325 rlp_bail_out:
2326         mutex_exit(&stmf_state.stmf_lock);
2327 
2328         return (STMF_SUCCESS);
2329 }
2330 
2331 stmf_status_t
2332 stmf_deregister_lu_provider(stmf_lu_provider_t *lp)
2333 {
2334         stmf_i_lu_provider_t    **ppilp;
2335         stmf_i_lu_provider_t *ilp = (stmf_i_lu_provider_t *)lp->lp_stmf_private;
2336 
2337         mutex_enter(&stmf_state.stmf_lock);
2338         if (ilp->ilp_nlus || ilp->ilp_cb_in_progress) {
2339                 mutex_exit(&stmf_state.stmf_lock);
2340                 return (STMF_BUSY);
2341         }
2342         for (ppilp = &stmf_state.stmf_ilplist; *ppilp != NULL;
2343             ppilp = &((*ppilp)->ilp_next)) {
2344                 if (*ppilp == ilp) {
2345                         *ppilp = ilp->ilp_next;
2346                         stmf_state.stmf_nlps--;
2347                         if (ilp->ilp_ppd) {
2348                                 ilp->ilp_ppd->ppd_provider = NULL;
2349                                 ilp->ilp_ppd = NULL;
2350                         }
2351                         mutex_exit(&stmf_state.stmf_lock);
2352                         return (STMF_SUCCESS);
2353                 }
2354         }
2355         mutex_exit(&stmf_state.stmf_lock);
2356         return (STMF_NOT_FOUND);
2357 }
2358 
2359 stmf_status_t
2360 stmf_register_port_provider(stmf_port_provider_t *pp)
2361 {
2362         stmf_i_port_provider_t *ipp =
2363             (stmf_i_port_provider_t *)pp->pp_stmf_private;
2364         stmf_pp_data_t *ppd;
2365         uint32_t cb_flags;
2366 
2367         if (pp->pp_portif_rev != PORTIF_REV_1)
2368                 return (STMF_FAILURE);
2369 
2370         mutex_enter(&stmf_state.stmf_lock);
2371         ipp->ipp_next = stmf_state.stmf_ipplist;
2372         stmf_state.stmf_ipplist = ipp;
2373         stmf_state.stmf_npps++;
2374         /* See if we need to do a callback */
2375         for (ppd = stmf_state.stmf_ppdlist; ppd != NULL; ppd = ppd->ppd_next) {
2376                 if (strcmp(ppd->ppd_name, pp->pp_name) == 0) {
2377                         break;
2378                 }
2379         }
2380         if ((ppd == NULL) || (ppd->ppd_nv == NULL)) {
2381                 goto rpp_bail_out;
2382         }
2383         ipp->ipp_ppd = ppd;
2384         ppd->ppd_provider = ipp;
2385         if (pp->pp_cb == NULL)
2386                 goto rpp_bail_out;
2387         ipp->ipp_cb_in_progress = 1;
2388         cb_flags = STMF_PCB_PREG_COMPLETE;
2389         if (stmf_state.stmf_config_state == STMF_CONFIG_INIT)
2390                 cb_flags |= STMF_PCB_STMF_ONLINING;
2391         mutex_exit(&stmf_state.stmf_lock);
2392         pp->pp_cb(pp, STMF_PROVIDER_DATA_UPDATED, ppd->ppd_nv, cb_flags);
2393         mutex_enter(&stmf_state.stmf_lock);
2394         ipp->ipp_cb_in_progress = 0;
2395 
2396 rpp_bail_out:
2397         mutex_exit(&stmf_state.stmf_lock);
2398 
2399         return (STMF_SUCCESS);
2400 }
2401 
2402 stmf_status_t
2403 stmf_deregister_port_provider(stmf_port_provider_t *pp)
2404 {
2405         stmf_i_port_provider_t *ipp =
2406             (stmf_i_port_provider_t *)pp->pp_stmf_private;
2407         stmf_i_port_provider_t **ppipp;
2408 
2409         mutex_enter(&stmf_state.stmf_lock);
2410         if (ipp->ipp_npps || ipp->ipp_cb_in_progress) {
2411                 mutex_exit(&stmf_state.stmf_lock);
2412                 return (STMF_BUSY);
2413         }
2414         for (ppipp = &stmf_state.stmf_ipplist; *ppipp != NULL;
2415             ppipp = &((*ppipp)->ipp_next)) {
2416                 if (*ppipp == ipp) {
2417                         *ppipp = ipp->ipp_next;
2418                         stmf_state.stmf_npps--;
2419                         if (ipp->ipp_ppd) {
2420                                 ipp->ipp_ppd->ppd_provider = NULL;
2421                                 ipp->ipp_ppd = NULL;
2422                         }
2423                         mutex_exit(&stmf_state.stmf_lock);
2424                         return (STMF_SUCCESS);
2425                 }
2426         }
2427         mutex_exit(&stmf_state.stmf_lock);
2428         return (STMF_NOT_FOUND);
2429 }
2430 
2431 int
2432 stmf_load_ppd_ioctl(stmf_ppioctl_data_t *ppi, uint64_t *ppi_token,
2433     uint32_t *err_ret)
2434 {
2435         stmf_i_port_provider_t          *ipp;
2436         stmf_i_lu_provider_t            *ilp;
2437         stmf_pp_data_t                  *ppd;
2438         nvlist_t                        *nv;
2439         int                             s;
2440         int                             ret;
2441 
2442         *err_ret = 0;
2443 
2444         if ((ppi->ppi_lu_provider + ppi->ppi_port_provider) != 1) {
2445                 return (EINVAL);
2446         }
2447 
2448         mutex_enter(&stmf_state.stmf_lock);
2449         for (ppd = stmf_state.stmf_ppdlist; ppd != NULL; ppd = ppd->ppd_next) {
2450                 if (ppi->ppi_lu_provider) {
2451                         if (!ppd->ppd_lu_provider)
2452                                 continue;
2453                 } else if (ppi->ppi_port_provider) {
2454                         if (!ppd->ppd_port_provider)
2455                                 continue;
2456                 }
2457                 if (strncmp(ppi->ppi_name, ppd->ppd_name, 254) == 0)
2458                         break;
2459         }
2460 
2461         if (ppd == NULL) {
2462                 /* New provider */
2463                 s = strlen(ppi->ppi_name);
2464                 if (s > 254) {
2465                         mutex_exit(&stmf_state.stmf_lock);
2466                         return (EINVAL);
2467                 }
2468                 s += sizeof (stmf_pp_data_t) - 7;
2469 
2470                 ppd = kmem_zalloc(s, KM_NOSLEEP);
2471                 if (ppd == NULL) {
2472                         mutex_exit(&stmf_state.stmf_lock);
2473                         return (ENOMEM);
2474                 }
2475                 ppd->ppd_alloc_size = s;
2476                 (void) strcpy(ppd->ppd_name, ppi->ppi_name);
2477 
2478                 /* See if this provider already exists */
2479                 if (ppi->ppi_lu_provider) {
2480                         ppd->ppd_lu_provider = 1;
2481                         for (ilp = stmf_state.stmf_ilplist; ilp != NULL;
2482                             ilp = ilp->ilp_next) {
2483                                 if (strcmp(ppi->ppi_name,
2484                                     ilp->ilp_lp->lp_name) == 0) {
2485                                         ppd->ppd_provider = ilp;
2486                                         ilp->ilp_ppd = ppd;
2487                                         break;
2488                                 }
2489                         }
2490                 } else {
2491                         ppd->ppd_port_provider = 1;
2492                         for (ipp = stmf_state.stmf_ipplist; ipp != NULL;
2493                             ipp = ipp->ipp_next) {
2494                                 if (strcmp(ppi->ppi_name,
2495                                     ipp->ipp_pp->pp_name) == 0) {
2496                                         ppd->ppd_provider = ipp;
2497                                         ipp->ipp_ppd = ppd;
2498                                         break;
2499                                 }
2500                         }
2501                 }
2502 
2503                 /* Link this ppd in */
2504                 ppd->ppd_next = stmf_state.stmf_ppdlist;
2505                 stmf_state.stmf_ppdlist = ppd;
2506         }
2507 
2508         /*
2509          * User is requesting that the token be checked.
2510          * If there was another set after the user's get
2511          * it's an error
2512          */
2513         if (ppi->ppi_token_valid) {
2514                 if (ppi->ppi_token != ppd->ppd_token) {
2515                         *err_ret = STMF_IOCERR_PPD_UPDATED;
2516                         mutex_exit(&stmf_state.stmf_lock);
2517                         return (EINVAL);
2518                 }
2519         }
2520 
2521         if ((ret = nvlist_unpack((char *)ppi->ppi_data,
2522             (size_t)ppi->ppi_data_size, &nv, KM_NOSLEEP)) != 0) {
2523                 mutex_exit(&stmf_state.stmf_lock);
2524                 return (ret);
2525         }
2526 
2527         /* Free any existing lists and add this one to the ppd */
2528         if (ppd->ppd_nv)
2529                 nvlist_free(ppd->ppd_nv);
2530         ppd->ppd_nv = nv;
2531 
2532         /* set the token for writes */
2533         ppd->ppd_token++;
2534         /* return token to caller */
2535         if (ppi_token) {
2536                 *ppi_token = ppd->ppd_token;
2537         }
2538 
2539         /* If there is a provider registered, do the notifications */
2540         if (ppd->ppd_provider) {
2541                 uint32_t cb_flags = 0;
2542 
2543                 if (stmf_state.stmf_config_state == STMF_CONFIG_INIT)
2544                         cb_flags |= STMF_PCB_STMF_ONLINING;
2545                 if (ppi->ppi_lu_provider) {
2546                         ilp = (stmf_i_lu_provider_t *)ppd->ppd_provider;
2547                         if (ilp->ilp_lp->lp_cb == NULL)
2548                                 goto bail_out;
2549                         ilp->ilp_cb_in_progress = 1;
2550                         mutex_exit(&stmf_state.stmf_lock);
2551                         ilp->ilp_lp->lp_cb(ilp->ilp_lp,
2552                             STMF_PROVIDER_DATA_UPDATED, ppd->ppd_nv, cb_flags);
2553                         mutex_enter(&stmf_state.stmf_lock);
2554                         ilp->ilp_cb_in_progress = 0;
2555                 } else {
2556                         ipp = (stmf_i_port_provider_t *)ppd->ppd_provider;
2557                         if (ipp->ipp_pp->pp_cb == NULL)
2558                                 goto bail_out;
2559                         ipp->ipp_cb_in_progress = 1;
2560                         mutex_exit(&stmf_state.stmf_lock);
2561                         ipp->ipp_pp->pp_cb(ipp->ipp_pp,
2562                             STMF_PROVIDER_DATA_UPDATED, ppd->ppd_nv, cb_flags);
2563                         mutex_enter(&stmf_state.stmf_lock);
2564                         ipp->ipp_cb_in_progress = 0;
2565                 }
2566         }
2567 
2568 bail_out:
2569         mutex_exit(&stmf_state.stmf_lock);
2570 
2571         return (0);
2572 }
2573 
2574 void
2575 stmf_delete_ppd(stmf_pp_data_t *ppd)
2576 {
2577         stmf_pp_data_t **pppd;
2578 
2579         ASSERT(mutex_owned(&stmf_state.stmf_lock));
2580         if (ppd->ppd_provider) {
2581                 if (ppd->ppd_lu_provider) {
2582                         ((stmf_i_lu_provider_t *)
2583                             ppd->ppd_provider)->ilp_ppd = NULL;
2584                 } else {
2585                         ((stmf_i_port_provider_t *)
2586                             ppd->ppd_provider)->ipp_ppd = NULL;
2587                 }
2588                 ppd->ppd_provider = NULL;
2589         }
2590 
2591         for (pppd = &stmf_state.stmf_ppdlist; *pppd != NULL;
2592             pppd = &((*pppd)->ppd_next)) {
2593                 if (*pppd == ppd)
2594                         break;
2595         }
2596 
2597         if (*pppd == NULL)
2598                 return;
2599 
2600         *pppd = ppd->ppd_next;
2601         if (ppd->ppd_nv)
2602                 nvlist_free(ppd->ppd_nv);
2603 
2604         kmem_free(ppd, ppd->ppd_alloc_size);
2605 }
2606 
2607 int
2608 stmf_delete_ppd_ioctl(stmf_ppioctl_data_t *ppi)
2609 {
2610         stmf_pp_data_t *ppd;
2611         int ret = ENOENT;
2612 
2613         if ((ppi->ppi_lu_provider + ppi->ppi_port_provider) != 1) {
2614                 return (EINVAL);
2615         }
2616 
2617         mutex_enter(&stmf_state.stmf_lock);
2618 
2619         for (ppd = stmf_state.stmf_ppdlist; ppd != NULL; ppd = ppd->ppd_next) {
2620                 if (ppi->ppi_lu_provider) {
2621                         if (!ppd->ppd_lu_provider)
2622                                 continue;
2623                 } else if (ppi->ppi_port_provider) {
2624                         if (!ppd->ppd_port_provider)
2625                                 continue;
2626                 }
2627                 if (strncmp(ppi->ppi_name, ppd->ppd_name, 254) == 0)
2628                         break;
2629         }
2630 
2631         if (ppd) {
2632                 ret = 0;
2633                 stmf_delete_ppd(ppd);
2634         }
2635         mutex_exit(&stmf_state.stmf_lock);
2636 
2637         return (ret);
2638 }
2639 
2640 int
2641 stmf_get_ppd_ioctl(stmf_ppioctl_data_t *ppi, stmf_ppioctl_data_t *ppi_out,
2642     uint32_t *err_ret)
2643 {
2644         stmf_pp_data_t *ppd;
2645         size_t req_size;
2646         int ret = ENOENT;
2647         char *bufp = (char *)ppi_out->ppi_data;
2648 
2649         if ((ppi->ppi_lu_provider + ppi->ppi_port_provider) != 1) {
2650                 return (EINVAL);
2651         }
2652 
2653         mutex_enter(&stmf_state.stmf_lock);
2654 
2655         for (ppd = stmf_state.stmf_ppdlist; ppd != NULL; ppd = ppd->ppd_next) {
2656                 if (ppi->ppi_lu_provider) {
2657                         if (!ppd->ppd_lu_provider)
2658                                 continue;
2659                 } else if (ppi->ppi_port_provider) {
2660                         if (!ppd->ppd_port_provider)
2661                                 continue;
2662                 }
2663                 if (strncmp(ppi->ppi_name, ppd->ppd_name, 254) == 0)
2664                         break;
2665         }
2666 
2667         if (ppd && ppd->ppd_nv) {
2668                 ppi_out->ppi_token = ppd->ppd_token;
2669                 if ((ret = nvlist_size(ppd->ppd_nv, &req_size,
2670                     NV_ENCODE_XDR)) != 0) {
2671                         goto done;
2672                 }
2673                 ppi_out->ppi_data_size = req_size;
2674                 if (req_size > ppi->ppi_data_size) {
2675                         *err_ret = STMF_IOCERR_INSUFFICIENT_BUF;
2676                         ret = EINVAL;
2677                         goto done;
2678                 }
2679 
2680                 if ((ret = nvlist_pack(ppd->ppd_nv, &bufp, &req_size,
2681                     NV_ENCODE_XDR, 0)) != 0) {
2682                         goto done;
2683                 }
2684                 ret = 0;
2685         }
2686 
2687 done:
2688         mutex_exit(&stmf_state.stmf_lock);
2689 
2690         return (ret);
2691 }
2692 
2693 void
2694 stmf_delete_all_ppds()
2695 {
2696         stmf_pp_data_t *ppd, *nppd;
2697 
2698         ASSERT(mutex_owned(&stmf_state.stmf_lock));
2699         for (ppd = stmf_state.stmf_ppdlist; ppd != NULL; ppd = nppd) {
2700                 nppd = ppd->ppd_next;
2701                 stmf_delete_ppd(ppd);
2702         }
2703 }
2704 
2705 /*
2706  * 16 is the max string length of a protocol_ident, increase
2707  * the size if needed.
2708  */
2709 #define STMF_KSTAT_LU_SZ        (STMF_GUID_INPUT + 1 + 256)
2710 #define STMF_KSTAT_TGT_SZ       (256 * 2 + 16)
2711 
2712 /*
2713  * This array matches the Protocol Identifier in stmf_ioctl.h
2714  */
2715 #define MAX_PROTO_STR_LEN       32
2716 
2717 char *protocol_ident[PROTOCOL_ANY] = {
2718         "Fibre Channel",
2719         "Parallel SCSI",
2720         "SSA",
2721         "IEEE_1394",
2722         "SRP",
2723         "iSCSI",
2724         "SAS",
2725         "ADT",
2726         "ATAPI",
2727         "UNKNOWN", "UNKNOWN", "UNKNOWN", "UNKNOWN", "UNKNOWN", "UNKNOWN"
2728 };
2729 
2730 /*
2731  * Update the lun wait/run queue count
2732  */
2733 static void
2734 stmf_update_kstat_lu_q(scsi_task_t *task, void func())
2735 {
2736         stmf_i_lu_t             *ilu;
2737         kstat_io_t              *kip;
2738 
2739         if (task->task_lu == dlun0)
2740                 return;
2741         ilu = (stmf_i_lu_t *)task->task_lu->lu_stmf_private;
2742         if (ilu != NULL && ilu->ilu_kstat_io != NULL) {
2743                 kip = KSTAT_IO_PTR(ilu->ilu_kstat_io);
2744                 if (kip != NULL) {
2745                         func(kip);
2746                 }
2747         }
2748 }
2749 
2750 /*
2751  * Update the target(lport) wait/run queue count
2752  */
2753 static void
2754 stmf_update_kstat_lport_q(scsi_task_t *task, void func())
2755 {
2756         stmf_i_local_port_t     *ilp;
2757         kstat_io_t              *kip;
2758 
2759         ilp = (stmf_i_local_port_t *)task->task_lport->lport_stmf_private;
2760         if (ilp != NULL && ilp->ilport_kstat_io != NULL) {
2761                 kip = KSTAT_IO_PTR(ilp->ilport_kstat_io);
2762                 if (kip != NULL) {
2763                         mutex_enter(ilp->ilport_kstat_io->ks_lock);
2764                         func(kip);
2765                         mutex_exit(ilp->ilport_kstat_io->ks_lock);
2766                 }
2767         }
2768 }
2769 
2770 static void
2771 stmf_update_kstat_lport_io(scsi_task_t *task, stmf_data_buf_t *dbuf)
2772 {
2773         stmf_i_local_port_t     *ilp;
2774         kstat_io_t              *kip;
2775 
2776         ilp = (stmf_i_local_port_t *)task->task_lport->lport_stmf_private;
2777         if (ilp != NULL && ilp->ilport_kstat_io != NULL) {
2778                 kip = KSTAT_IO_PTR(ilp->ilport_kstat_io);
2779                 if (kip != NULL) {
2780                         mutex_enter(ilp->ilport_kstat_io->ks_lock);
2781                         STMF_UPDATE_KSTAT_IO(kip, dbuf);
2782                         mutex_exit(ilp->ilport_kstat_io->ks_lock);
2783                 }
2784         }
2785 }
2786 
2787 static void
2788 stmf_update_kstat_lu_io(scsi_task_t *task, stmf_data_buf_t *dbuf)
2789 {
2790         stmf_i_lu_t             *ilu;
2791         kstat_io_t              *kip;
2792 
2793         ilu = (stmf_i_lu_t *)task->task_lu->lu_stmf_private;
2794         if (ilu != NULL && ilu->ilu_kstat_io != NULL) {
2795                 kip = KSTAT_IO_PTR(ilu->ilu_kstat_io);
2796                 if (kip != NULL) {
2797                         mutex_enter(ilu->ilu_kstat_io->ks_lock);
2798                         STMF_UPDATE_KSTAT_IO(kip, dbuf);
2799                         mutex_exit(ilu->ilu_kstat_io->ks_lock);
2800                 }
2801         }
2802 }
2803 
2804 static void
2805 stmf_create_kstat_lu(stmf_i_lu_t *ilu)
2806 {
2807         char                            ks_nm[KSTAT_STRLEN];
2808         stmf_kstat_lu_info_t            *ks_lu;
2809 
2810         /* create kstat lun info */
2811         ks_lu = (stmf_kstat_lu_info_t *)kmem_zalloc(STMF_KSTAT_LU_SZ,
2812             KM_NOSLEEP);
2813         if (ks_lu == NULL) {
2814                 cmn_err(CE_WARN, "STMF: kmem_zalloc failed");
2815                 return;
2816         }
2817 
2818         bzero(ks_nm, sizeof (ks_nm));
2819         (void) sprintf(ks_nm, "stmf_lu_%"PRIxPTR"", (uintptr_t)ilu);
2820         if ((ilu->ilu_kstat_info = kstat_create(STMF_MODULE_NAME, 0,
2821             ks_nm, "misc", KSTAT_TYPE_NAMED,
2822             sizeof (stmf_kstat_lu_info_t) / sizeof (kstat_named_t),
2823             KSTAT_FLAG_VIRTUAL)) == NULL) {
2824                 kmem_free(ks_lu, STMF_KSTAT_LU_SZ);
2825                 cmn_err(CE_WARN, "STMF: kstat_create lu failed");
2826                 return;
2827         }
2828 
2829         ilu->ilu_kstat_info->ks_data_size = STMF_KSTAT_LU_SZ;
2830         ilu->ilu_kstat_info->ks_data = ks_lu;
2831 
2832         kstat_named_init(&ks_lu->i_lun_guid, "lun-guid",
2833             KSTAT_DATA_STRING);
2834         kstat_named_init(&ks_lu->i_lun_alias, "lun-alias",
2835             KSTAT_DATA_STRING);
2836 
2837         /* convert guid to hex string */
2838         int             i;
2839         uint8_t         *p = ilu->ilu_lu->lu_id->ident;
2840         bzero(ilu->ilu_ascii_hex_guid, sizeof (ilu->ilu_ascii_hex_guid));
2841         for (i = 0; i < STMF_GUID_INPUT / 2; i++) {
2842                 (void) sprintf(&ilu->ilu_ascii_hex_guid[i * 2], "%02x", p[i]);
2843         }
2844         kstat_named_setstr(&ks_lu->i_lun_guid,
2845             (const char *)ilu->ilu_ascii_hex_guid);
2846         kstat_named_setstr(&ks_lu->i_lun_alias,
2847             (const char *)ilu->ilu_lu->lu_alias);
2848         kstat_install(ilu->ilu_kstat_info);
2849 
2850         /* create kstat lun io */
2851         bzero(ks_nm, sizeof (ks_nm));
2852         (void) sprintf(ks_nm, "stmf_lu_io_%"PRIxPTR"", (uintptr_t)ilu);
2853         if ((ilu->ilu_kstat_io = kstat_create(STMF_MODULE_NAME, 0,
2854             ks_nm, "io", KSTAT_TYPE_IO, 1, 0)) == NULL) {
2855                 cmn_err(CE_WARN, "STMF: kstat_create lu_io failed");
2856                 return;
2857         }
2858         mutex_init(&ilu->ilu_kstat_lock, NULL, MUTEX_DRIVER, 0);
2859         ilu->ilu_kstat_io->ks_lock = &ilu->ilu_kstat_lock;
2860         kstat_install(ilu->ilu_kstat_io);
2861 }
2862 
2863 static void
2864 stmf_create_kstat_lport(stmf_i_local_port_t *ilport)
2865 {
2866         char                            ks_nm[KSTAT_STRLEN];
2867         stmf_kstat_tgt_info_t           *ks_tgt;
2868         int                             id, len;
2869 
2870         /* create kstat lport info */
2871         ks_tgt = (stmf_kstat_tgt_info_t *)kmem_zalloc(STMF_KSTAT_TGT_SZ,
2872             KM_NOSLEEP);
2873         if (ks_tgt == NULL) {
2874                 cmn_err(CE_WARN, "STMF: kmem_zalloc failed");
2875                 return;
2876         }
2877 
2878         bzero(ks_nm, sizeof (ks_nm));
2879         (void) sprintf(ks_nm, "stmf_tgt_%"PRIxPTR"", (uintptr_t)ilport);
2880         if ((ilport->ilport_kstat_info = kstat_create(STMF_MODULE_NAME,
2881             0, ks_nm, "misc", KSTAT_TYPE_NAMED,
2882             sizeof (stmf_kstat_tgt_info_t) / sizeof (kstat_named_t),
2883             KSTAT_FLAG_VIRTUAL)) == NULL) {
2884                 kmem_free(ks_tgt, STMF_KSTAT_TGT_SZ);
2885                 cmn_err(CE_WARN, "STMF: kstat_create target failed");
2886                 return;
2887         }
2888 
2889         ilport->ilport_kstat_info->ks_data_size = STMF_KSTAT_TGT_SZ;
2890         ilport->ilport_kstat_info->ks_data = ks_tgt;
2891 
2892         kstat_named_init(&ks_tgt->i_tgt_name, "target-name",
2893             KSTAT_DATA_STRING);
2894         kstat_named_init(&ks_tgt->i_tgt_alias, "target-alias",
2895             KSTAT_DATA_STRING);
2896         kstat_named_init(&ks_tgt->i_protocol, "protocol",
2897             KSTAT_DATA_STRING);
2898 
2899         /* ident might not be null terminated */
2900         len = ilport->ilport_lport->lport_id->ident_length;
2901         bcopy(ilport->ilport_lport->lport_id->ident,
2902             ilport->ilport_kstat_tgt_name, len);
2903         ilport->ilport_kstat_tgt_name[len + 1] = NULL;
2904         kstat_named_setstr(&ks_tgt->i_tgt_name,
2905             (const char *)ilport->ilport_kstat_tgt_name);
2906         kstat_named_setstr(&ks_tgt->i_tgt_alias,
2907             (const char *)ilport->ilport_lport->lport_alias);
2908         /* protocol */
2909         if ((id = ilport->ilport_lport->lport_id->protocol_id) > PROTOCOL_ANY) {
2910                 cmn_err(CE_WARN, "STMF: protocol_id out of bound");
2911                 id = PROTOCOL_ANY;
2912         }
2913         kstat_named_setstr(&ks_tgt->i_protocol, protocol_ident[id]);
2914         kstat_install(ilport->ilport_kstat_info);
2915 
2916         /* create kstat lport io */
2917         bzero(ks_nm, sizeof (ks_nm));
2918         (void) sprintf(ks_nm, "stmf_tgt_io_%"PRIxPTR"", (uintptr_t)ilport);
2919         if ((ilport->ilport_kstat_io = kstat_create(STMF_MODULE_NAME, 0,
2920             ks_nm, "io", KSTAT_TYPE_IO, 1, 0)) == NULL) {
2921                 cmn_err(CE_WARN, "STMF: kstat_create target_io failed");
2922                 return;
2923         }
2924         mutex_init(&ilport->ilport_kstat_lock, NULL, MUTEX_DRIVER, 0);
2925         ilport->ilport_kstat_io->ks_lock = &ilport->ilport_kstat_lock;
2926         kstat_install(ilport->ilport_kstat_io);
2927 }
2928 
2929 /*
2930  * set the asymmetric access state for a logical unit
2931  * caller is responsible for establishing SCSI unit attention on
2932  * state change
2933  */
2934 stmf_status_t
2935 stmf_set_lu_access(stmf_lu_t *lu, uint8_t access_state)
2936 {
2937         stmf_i_lu_t *ilu;
2938         uint8_t *p1, *p2;
2939 
2940         if ((access_state != STMF_LU_STANDBY) &&
2941             (access_state != STMF_LU_ACTIVE)) {
2942                 return (STMF_INVALID_ARG);
2943         }
2944 
2945         p1 = &lu->lu_id->ident[0];
2946         mutex_enter(&stmf_state.stmf_lock);
2947         if (stmf_state.stmf_inventory_locked) {
2948                 mutex_exit(&stmf_state.stmf_lock);
2949                 return (STMF_BUSY);
2950         }
2951 
2952         for (ilu = stmf_state.stmf_ilulist; ilu != NULL; ilu = ilu->ilu_next) {
2953                 p2 = &ilu->ilu_lu->lu_id->ident[0];
2954                 if (bcmp(p1, p2, 16) == 0) {
2955                         break;
2956                 }
2957         }
2958 
2959         if (!ilu) {
2960                 ilu = (stmf_i_lu_t *)lu->lu_stmf_private;
2961         } else {
2962                 /*
2963                  * We're changing access state on an existing logical unit
2964                  * Send the proxy registration message for this logical unit
2965                  * if we're in alua mode.
2966                  * If the requested state is STMF_LU_ACTIVE, we want to register
2967                  * this logical unit.
2968                  * If the requested state is STMF_LU_STANDBY, we're going to
2969                  * abort all tasks for this logical unit.
2970                  */
2971                 if (stmf_state.stmf_alua_state == 1 &&
2972                     access_state == STMF_LU_ACTIVE) {
2973                         stmf_ic_msg_status_t ic_ret = STMF_IC_MSG_SUCCESS;
2974                         stmf_ic_msg_t *ic_reg_lun;
2975                         if (lu->lu_lp && lu->lu_lp->lp_lpif_rev == LPIF_REV_2 &&
2976                             lu->lu_lp->lp_alua_support) {
2977                                 ilu->ilu_alua = 1;
2978                                 /* allocate the register message */
2979                                 ic_reg_lun = ic_lun_active_msg_alloc(p1,
2980                                     lu->lu_lp->lp_name,
2981                                     lu->lu_proxy_reg_arg_len,
2982                                     (uint8_t *)lu->lu_proxy_reg_arg,
2983                                     stmf_proxy_msg_id);
2984                                 /* send the message */
2985                                 if (ic_reg_lun) {
2986                                         ic_ret = ic_tx_msg(ic_reg_lun);
2987                                         if (ic_ret == STMF_IC_MSG_SUCCESS) {
2988                                                 stmf_proxy_msg_id++;
2989                                         }
2990                                 }
2991                         }
2992                 } else if (stmf_state.stmf_alua_state == 1 &&
2993                     access_state == STMF_LU_STANDBY) {
2994                         /* abort all tasks for this lu */
2995                         stmf_task_lu_killall(lu, NULL, STMF_ABORTED);
2996                 }
2997         }
2998 
2999         ilu->ilu_access = access_state;
3000 
3001         mutex_exit(&stmf_state.stmf_lock);
3002         return (STMF_SUCCESS);
3003 }
3004 
3005 
3006 stmf_status_t
3007 stmf_register_lu(stmf_lu_t *lu)
3008 {
3009         stmf_i_lu_t *ilu;
3010         uint8_t *p1, *p2;
3011         stmf_state_change_info_t ssci;
3012         stmf_id_data_t *luid;
3013 
3014         if ((lu->lu_id->ident_type != ID_TYPE_NAA) ||
3015             (lu->lu_id->ident_length != 16) ||
3016             ((lu->lu_id->ident[0] & 0xf0) != 0x60)) {
3017                 return (STMF_INVALID_ARG);
3018         }
3019         p1 = &lu->lu_id->ident[0];
3020         mutex_enter(&stmf_state.stmf_lock);
3021         if (stmf_state.stmf_inventory_locked) {
3022                 mutex_exit(&stmf_state.stmf_lock);
3023                 return (STMF_BUSY);
3024         }
3025 
3026         for (ilu = stmf_state.stmf_ilulist; ilu != NULL; ilu = ilu->ilu_next) {
3027                 p2 = &ilu->ilu_lu->lu_id->ident[0];
3028                 if (bcmp(p1, p2, 16) == 0) {
3029                         mutex_exit(&stmf_state.stmf_lock);
3030                         return (STMF_ALREADY);
3031                 }
3032         }
3033 
3034         ilu = (stmf_i_lu_t *)lu->lu_stmf_private;
3035         luid = stmf_lookup_id(&stmf_state.stmf_luid_list,
3036             lu->lu_id->ident_length, lu->lu_id->ident);
3037         if (luid) {
3038                 luid->id_pt_to_object = (void *)ilu;
3039                 ilu->ilu_luid = luid;
3040         }
3041         ilu->ilu_alias = NULL;
3042 
3043         ilu->ilu_next = stmf_state.stmf_ilulist;
3044         ilu->ilu_prev = NULL;
3045         if (ilu->ilu_next)
3046                 ilu->ilu_next->ilu_prev = ilu;
3047         stmf_state.stmf_ilulist = ilu;
3048         stmf_state.stmf_nlus++;
3049         if (lu->lu_lp) {
3050                 ((stmf_i_lu_provider_t *)
3051                     (lu->lu_lp->lp_stmf_private))->ilp_nlus++;
3052         }
3053         ilu->ilu_cur_task_cntr = &ilu->ilu_task_cntr1;
3054         STMF_EVENT_ALLOC_HANDLE(ilu->ilu_event_hdl);
3055         cv_init(&ilu->ilu_offline_pending_cv, NULL, CV_DRIVER, NULL);
3056         stmf_create_kstat_lu(ilu);
3057         /*
3058          * register with proxy module if available and logical unit
3059          * is in active state
3060          */
3061         if (stmf_state.stmf_alua_state == 1 &&
3062             ilu->ilu_access == STMF_LU_ACTIVE) {
3063                 stmf_ic_msg_status_t ic_ret = STMF_IC_MSG_SUCCESS;
3064                 stmf_ic_msg_t *ic_reg_lun;
3065                 if (lu->lu_lp && lu->lu_lp->lp_lpif_rev == LPIF_REV_2 &&
3066                     lu->lu_lp->lp_alua_support) {
3067                         ilu->ilu_alua = 1;
3068                         /* allocate the register message */
3069                         ic_reg_lun = ic_reg_lun_msg_alloc(p1,
3070                             lu->lu_lp->lp_name, lu->lu_proxy_reg_arg_len,
3071                             (uint8_t *)lu->lu_proxy_reg_arg, stmf_proxy_msg_id);
3072                         /* send the message */
3073                         if (ic_reg_lun) {
3074                                 ic_ret = ic_tx_msg(ic_reg_lun);
3075                                 if (ic_ret == STMF_IC_MSG_SUCCESS) {
3076                                         stmf_proxy_msg_id++;
3077                                 }
3078                         }
3079                 }
3080         }
3081         mutex_exit(&stmf_state.stmf_lock);
3082 
3083         /*  check the default state for lu */
3084         if (stmf_state.stmf_default_lu_state == STMF_STATE_OFFLINE) {
3085                 ilu->ilu_prev_state = STMF_STATE_OFFLINE;
3086         } else {
3087                 ilu->ilu_prev_state = STMF_STATE_ONLINE;
3088                 if (stmf_state.stmf_service_running) {
3089                         ssci.st_rflags = 0;
3090                         ssci.st_additional_info = NULL;
3091                         (void) stmf_ctl(STMF_CMD_LU_ONLINE, lu, &ssci);
3092                 }
3093         }
3094 
3095         /* XXX: Generate event */
3096         return (STMF_SUCCESS);
3097 }
3098 
3099 stmf_status_t
3100 stmf_deregister_lu(stmf_lu_t *lu)
3101 {
3102         stmf_i_lu_t *ilu;
3103 
3104         mutex_enter(&stmf_state.stmf_lock);
3105         if (stmf_state.stmf_inventory_locked) {
3106                 mutex_exit(&stmf_state.stmf_lock);
3107                 return (STMF_BUSY);
3108         }
3109         ilu = stmf_lookup_lu(lu);
3110         if (ilu == NULL) {
3111                 mutex_exit(&stmf_state.stmf_lock);
3112                 return (STMF_INVALID_ARG);
3113         }
3114         if (ilu->ilu_state == STMF_STATE_OFFLINE) {
3115                 ASSERT(ilu->ilu_ntasks == ilu->ilu_ntasks_free);
3116                 while (ilu->ilu_flags & ILU_STALL_DEREGISTER) {
3117                         cv_wait(&stmf_state.stmf_cv, &stmf_state.stmf_lock);
3118                 }
3119                 if (ilu->ilu_ntasks) {
3120                         stmf_i_scsi_task_t *itask, *nitask;
3121 
3122                         nitask = ilu->ilu_tasks;
3123                         do {
3124                                 itask = nitask;
3125                                 nitask = itask->itask_lu_next;
3126                                 lu->lu_task_free(itask->itask_task);
3127                                 stmf_free(itask->itask_task);
3128                         } while (nitask != NULL);
3129 
3130                         ilu->ilu_tasks = ilu->ilu_free_tasks = NULL;
3131                         ilu->ilu_ntasks = ilu->ilu_ntasks_free = 0;
3132                 }
3133                 /* de-register with proxy if available */
3134                 if (ilu->ilu_access == STMF_LU_ACTIVE &&
3135                     stmf_state.stmf_alua_state == 1) {
3136                         /* de-register with proxy module */
3137                         stmf_ic_msg_status_t ic_ret = STMF_IC_MSG_SUCCESS;
3138                         stmf_ic_msg_t *ic_dereg_lun;
3139                         if (lu->lu_lp && lu->lu_lp->lp_lpif_rev == LPIF_REV_2 &&
3140                             lu->lu_lp->lp_alua_support) {
3141                                 ilu->ilu_alua = 1;
3142                                 /* allocate the de-register message */
3143                                 ic_dereg_lun = ic_dereg_lun_msg_alloc(
3144                                     lu->lu_id->ident, lu->lu_lp->lp_name, 0,
3145                                     NULL, stmf_proxy_msg_id);
3146                                 /* send the message */
3147                                 if (ic_dereg_lun) {
3148                                         ic_ret = ic_tx_msg(ic_dereg_lun);
3149                                         if (ic_ret == STMF_IC_MSG_SUCCESS) {
3150                                                 stmf_proxy_msg_id++;
3151                                         }
3152                                 }
3153                         }
3154                 }
3155 
3156                 if (ilu->ilu_next)
3157                         ilu->ilu_next->ilu_prev = ilu->ilu_prev;
3158                 if (ilu->ilu_prev)
3159                         ilu->ilu_prev->ilu_next = ilu->ilu_next;
3160                 else
3161                         stmf_state.stmf_ilulist = ilu->ilu_next;
3162                 stmf_state.stmf_nlus--;
3163 
3164                 if (ilu == stmf_state.stmf_svc_ilu_draining) {
3165                         stmf_state.stmf_svc_ilu_draining = ilu->ilu_next;
3166                 }
3167                 if (ilu == stmf_state.stmf_svc_ilu_timing) {
3168                         stmf_state.stmf_svc_ilu_timing = ilu->ilu_next;
3169                 }
3170                 if (lu->lu_lp) {
3171                         ((stmf_i_lu_provider_t *)
3172                             (lu->lu_lp->lp_stmf_private))->ilp_nlus--;
3173                 }
3174                 if (ilu->ilu_luid) {
3175                         ((stmf_id_data_t *)ilu->ilu_luid)->id_pt_to_object =
3176                             NULL;
3177                         ilu->ilu_luid = NULL;
3178                 }
3179                 STMF_EVENT_FREE_HANDLE(ilu->ilu_event_hdl);
3180         } else {
3181                 mutex_exit(&stmf_state.stmf_lock);
3182                 return (STMF_BUSY);
3183         }
3184         if (ilu->ilu_kstat_info) {
3185                 kmem_free(ilu->ilu_kstat_info->ks_data,
3186                     ilu->ilu_kstat_info->ks_data_size);
3187                 kstat_delete(ilu->ilu_kstat_info);
3188         }
3189         if (ilu->ilu_kstat_io) {
3190                 kstat_delete(ilu->ilu_kstat_io);
3191                 mutex_destroy(&ilu->ilu_kstat_lock);
3192         }
3193         cv_destroy(&ilu->ilu_offline_pending_cv);
3194         mutex_exit(&stmf_state.stmf_lock);
3195         return (STMF_SUCCESS);
3196 }
3197 
3198 void
3199 stmf_set_port_standby(stmf_local_port_t *lport, uint16_t rtpid)
3200 {
3201         stmf_i_local_port_t *ilport =
3202             (stmf_i_local_port_t *)lport->lport_stmf_private;
3203         ilport->ilport_rtpid = rtpid;
3204         ilport->ilport_standby = 1;
3205 }
3206 
3207 void
3208 stmf_set_port_alua(stmf_local_port_t *lport)
3209 {
3210         stmf_i_local_port_t *ilport =
3211             (stmf_i_local_port_t *)lport->lport_stmf_private;
3212         ilport->ilport_alua = 1;
3213 }
3214 
3215 stmf_status_t
3216 stmf_register_local_port(stmf_local_port_t *lport)
3217 {
3218         stmf_i_local_port_t *ilport;
3219         stmf_state_change_info_t ssci;
3220         int start_workers = 0;
3221 
3222         mutex_enter(&stmf_state.stmf_lock);
3223         if (stmf_state.stmf_inventory_locked) {
3224                 mutex_exit(&stmf_state.stmf_lock);
3225                 return (STMF_BUSY);
3226         }
3227         ilport = (stmf_i_local_port_t *)lport->lport_stmf_private;
3228         rw_init(&ilport->ilport_lock, NULL, RW_DRIVER, NULL);
3229 
3230         ilport->ilport_instance =
3231             id_alloc_nosleep(stmf_state.stmf_ilport_inst_space);
3232         if (ilport->ilport_instance == -1) {
3233                 mutex_exit(&stmf_state.stmf_lock);
3234                 return (STMF_FAILURE);
3235         }
3236         ilport->ilport_next = stmf_state.stmf_ilportlist;
3237         ilport->ilport_prev = NULL;
3238         if (ilport->ilport_next)
3239                 ilport->ilport_next->ilport_prev = ilport;
3240         stmf_state.stmf_ilportlist = ilport;
3241         stmf_state.stmf_nlports++;
3242         if (lport->lport_pp) {
3243                 ((stmf_i_port_provider_t *)
3244                     (lport->lport_pp->pp_stmf_private))->ipp_npps++;
3245         }
3246         ilport->ilport_tg =
3247             stmf_lookup_group_for_target(lport->lport_id->ident,
3248             lport->lport_id->ident_length);
3249 
3250         /*
3251          * rtpid will/must be set if this is a standby port
3252          * only register ports that are not standby (proxy) ports
3253          * and ports that are alua participants (ilport_alua == 1)
3254          */
3255         if (ilport->ilport_standby == 0) {
3256                 ilport->ilport_rtpid = atomic_inc_16_nv(&stmf_rtpid_counter);
3257         }
3258 
3259         if (stmf_state.stmf_alua_state == 1 &&
3260             ilport->ilport_standby == 0 &&
3261             ilport->ilport_alua == 1) {
3262                 stmf_ic_msg_t *ic_reg_port;
3263                 stmf_ic_msg_status_t ic_ret;
3264                 stmf_local_port_t *lport;
3265                 lport = ilport->ilport_lport;
3266                 ic_reg_port = ic_reg_port_msg_alloc(
3267                     lport->lport_id, ilport->ilport_rtpid,
3268                     0, NULL, stmf_proxy_msg_id);
3269                 if (ic_reg_port) {
3270                         ic_ret = ic_tx_msg(ic_reg_port);
3271                         if (ic_ret == STMF_IC_MSG_SUCCESS) {
3272                                 ilport->ilport_reg_msgid = stmf_proxy_msg_id++;
3273                         } else {
3274                                 cmn_err(CE_WARN, "error on port registration "
3275                                 "port - %s", ilport->ilport_kstat_tgt_name);
3276                         }
3277                 }
3278         }
3279         STMF_EVENT_ALLOC_HANDLE(ilport->ilport_event_hdl);
3280         stmf_create_kstat_lport(ilport);
3281         if (stmf_workers_state == STMF_WORKERS_DISABLED) {
3282                 stmf_workers_state = STMF_WORKERS_ENABLING;
3283                 start_workers = 1;
3284         }
3285         mutex_exit(&stmf_state.stmf_lock);
3286 
3287         if (start_workers)
3288                 stmf_worker_init();
3289 
3290         /*  the default state of LPORT */
3291 
3292         if (stmf_state.stmf_default_lport_state == STMF_STATE_OFFLINE) {
3293                 ilport->ilport_prev_state = STMF_STATE_OFFLINE;
3294         } else {
3295                 ilport->ilport_prev_state = STMF_STATE_ONLINE;
3296                 if (stmf_state.stmf_service_running) {
3297                         ssci.st_rflags = 0;
3298                         ssci.st_additional_info = NULL;
3299                         (void) stmf_ctl(STMF_CMD_LPORT_ONLINE, lport, &ssci);
3300                 }
3301         }
3302 
3303         /* XXX: Generate event */
3304         return (STMF_SUCCESS);
3305 }
3306 
3307 stmf_status_t
3308 stmf_deregister_local_port(stmf_local_port_t *lport)
3309 {
3310         stmf_i_local_port_t *ilport;
3311 
3312         mutex_enter(&stmf_state.stmf_lock);
3313         if (stmf_state.stmf_inventory_locked) {
3314                 mutex_exit(&stmf_state.stmf_lock);
3315                 return (STMF_BUSY);
3316         }
3317 
3318         /* dequeue all object requests from active queue */
3319         stmf_svc_kill_obj_requests(lport);
3320 
3321         ilport = (stmf_i_local_port_t *)lport->lport_stmf_private;
3322 
3323         /*
3324          * deregister ports that are not standby (proxy)
3325          */
3326         if (stmf_state.stmf_alua_state == 1 &&
3327             ilport->ilport_standby == 0 &&
3328             ilport->ilport_alua == 1) {
3329                 stmf_ic_msg_t *ic_dereg_port;
3330                 stmf_ic_msg_status_t ic_ret;
3331                 ic_dereg_port = ic_dereg_port_msg_alloc(
3332                     lport->lport_id, 0, NULL, stmf_proxy_msg_id);
3333                 if (ic_dereg_port) {
3334                         ic_ret = ic_tx_msg(ic_dereg_port);
3335                         if (ic_ret == STMF_IC_MSG_SUCCESS) {
3336                                 stmf_proxy_msg_id++;
3337                         }
3338                 }
3339         }
3340 
3341         if (ilport->ilport_nsessions == 0) {
3342                 if (ilport->ilport_next)
3343                         ilport->ilport_next->ilport_prev = ilport->ilport_prev;
3344                 if (ilport->ilport_prev)
3345                         ilport->ilport_prev->ilport_next = ilport->ilport_next;
3346                 else
3347                         stmf_state.stmf_ilportlist = ilport->ilport_next;
3348                 id_free(stmf_state.stmf_ilport_inst_space,
3349                     ilport->ilport_instance);
3350                 rw_destroy(&ilport->ilport_lock);
3351                 stmf_state.stmf_nlports--;
3352                 if (lport->lport_pp) {
3353                         ((stmf_i_port_provider_t *)
3354                             (lport->lport_pp->pp_stmf_private))->ipp_npps--;
3355                 }
3356                 ilport->ilport_tg = NULL;
3357                 STMF_EVENT_FREE_HANDLE(ilport->ilport_event_hdl);
3358         } else {
3359                 mutex_exit(&stmf_state.stmf_lock);
3360                 return (STMF_BUSY);
3361         }
3362         if (ilport->ilport_kstat_info) {
3363                 kmem_free(ilport->ilport_kstat_info->ks_data,
3364                     ilport->ilport_kstat_info->ks_data_size);
3365                 kstat_delete(ilport->ilport_kstat_info);
3366         }
3367         if (ilport->ilport_kstat_io) {
3368                 kstat_delete(ilport->ilport_kstat_io);
3369                 mutex_destroy(&ilport->ilport_kstat_lock);
3370         }
3371         mutex_exit(&stmf_state.stmf_lock);
3372         return (STMF_SUCCESS);
3373 }
3374 
3375 /*
3376  * Rport id/instance mappings remain valid until STMF is unloaded
3377  */
3378 static int
3379 stmf_irport_compare(const void *void_irport1, const void *void_irport2)
3380 {
3381         const   stmf_i_remote_port_t    *irport1 = void_irport1;
3382         const   stmf_i_remote_port_t    *irport2 = void_irport2;
3383         int                     result;
3384 
3385         /* Sort by code set then ident */
3386         if (irport1->irport_id->code_set <
3387             irport2->irport_id->code_set) {
3388                 return (-1);
3389         } else if (irport1->irport_id->code_set >
3390             irport2->irport_id->code_set) {
3391                 return (1);
3392         }
3393 
3394         /* Next by ident length */
3395         if (irport1->irport_id->ident_length <
3396             irport2->irport_id->ident_length) {
3397                 return (-1);
3398         } else if (irport1->irport_id->ident_length >
3399             irport2->irport_id->ident_length) {
3400                 return (1);
3401         }
3402 
3403         /* Code set and ident length both match, now compare idents */
3404         result = memcmp(irport1->irport_id->ident,
3405             irport2->irport_id->ident,
3406             irport1->irport_id->ident_length);
3407 
3408         if (result < 0) {
3409                 return (-1);
3410         } else if (result > 0) {
3411                 return (1);
3412         }
3413 
3414         return (0);
3415 }
3416 
3417 static stmf_i_remote_port_t *
3418 stmf_irport_create(scsi_devid_desc_t *rport_devid)
3419 {
3420         int                     alloc_len;
3421         stmf_i_remote_port_t    *irport;
3422 
3423         /*
3424          * Lookup will bump the refcnt if there's an existing rport
3425          * context for this identifier.
3426          */
3427         ASSERT(mutex_owned(&stmf_state.stmf_lock));
3428 
3429         alloc_len = sizeof (*irport) + sizeof (scsi_devid_desc_t) +
3430             rport_devid->ident_length - 1;
3431         irport = kmem_zalloc(alloc_len, KM_NOSLEEP);
3432         if (irport == NULL) {
3433                 return (NULL);
3434         }
3435 
3436         irport->irport_instance =
3437             id_alloc_nosleep(stmf_state.stmf_irport_inst_space);
3438         if (irport->irport_instance == -1) {
3439                 kmem_free(irport, alloc_len);
3440                 return (NULL);
3441         }
3442 
3443         irport->irport_id =
3444             (struct scsi_devid_desc *)(irport + 1); /* Ptr. Arith. */
3445         bcopy(rport_devid, irport->irport_id,
3446             sizeof (scsi_devid_desc_t) + rport_devid->ident_length - 1);
3447         irport->irport_refcnt = 1;
3448         mutex_init(&irport->irport_mutex, NULL, MUTEX_DEFAULT, NULL);
3449 
3450         return (irport);
3451 }
3452 
3453 static void
3454 stmf_irport_destroy(stmf_i_remote_port_t *irport)
3455 {
3456         id_free(stmf_state.stmf_irport_inst_space, irport->irport_instance);
3457         mutex_destroy(&irport->irport_mutex);
3458         kmem_free(irport, sizeof (*irport) + sizeof (scsi_devid_desc_t) +
3459             irport->irport_id->ident_length - 1);
3460 }
3461 
3462 static stmf_i_remote_port_t *
3463 stmf_irport_register(scsi_devid_desc_t *rport_devid)
3464 {
3465         stmf_i_remote_port_t    *irport;
3466 
3467         mutex_enter(&stmf_state.stmf_lock);
3468 
3469         /*
3470          * Lookup will bump the refcnt if there's an existing rport
3471          * context for this identifier.
3472          */
3473         if ((irport = stmf_irport_lookup_locked(rport_devid)) != NULL) {
3474                 mutex_exit(&stmf_state.stmf_lock);
3475                 return (irport);
3476         }
3477 
3478         irport = stmf_irport_create(rport_devid);
3479         if (irport == NULL) {
3480                 mutex_exit(&stmf_state.stmf_lock);
3481                 return (NULL);
3482         }
3483 
3484         avl_add(&stmf_state.stmf_irportlist, irport);
3485         mutex_exit(&stmf_state.stmf_lock);
3486 
3487         return (irport);
3488 }
3489 
3490 static stmf_i_remote_port_t *
3491 stmf_irport_lookup_locked(scsi_devid_desc_t *rport_devid)
3492 {
3493         stmf_i_remote_port_t    *irport;
3494         stmf_i_remote_port_t    tmp_irport;
3495 
3496         ASSERT(mutex_owned(&stmf_state.stmf_lock));
3497         tmp_irport.irport_id = rport_devid;
3498         irport = avl_find(&stmf_state.stmf_irportlist, &tmp_irport, NULL);
3499         if (irport != NULL) {
3500                 mutex_enter(&irport->irport_mutex);
3501                 irport->irport_refcnt++;
3502                 mutex_exit(&irport->irport_mutex);
3503         }
3504 
3505         return (irport);
3506 }
3507 
3508 static void
3509 stmf_irport_deregister(stmf_i_remote_port_t *irport)
3510 {
3511         /*
3512          * If we were actually going to remove unreferenced remote ports
3513          * we would want to acquire stmf_state.stmf_lock before getting
3514          * the irport mutex.
3515          *
3516          * Instead we're just going to leave it there even if unreferenced.
3517          */
3518         mutex_enter(&irport->irport_mutex);
3519         irport->irport_refcnt--;
3520         mutex_exit(&irport->irport_mutex);
3521 }
3522 
3523 /*
3524  * Port provider has to make sure that register/deregister session and
3525  * port are serialized calls.
3526  */
3527 stmf_status_t
3528 stmf_register_scsi_session(stmf_local_port_t *lport, stmf_scsi_session_t *ss)
3529 {
3530         stmf_i_scsi_session_t *iss;
3531         stmf_i_local_port_t *ilport = (stmf_i_local_port_t *)
3532             lport->lport_stmf_private;
3533         uint8_t         lun[8];
3534 
3535         /*
3536          * Port state has to be online to register a scsi session. It is
3537          * possible that we started an offline operation and a new SCSI
3538          * session started at the same time (in that case also we are going
3539          * to fail the registeration). But any other state is simply
3540          * a bad port provider implementation.
3541          */
3542         if (ilport->ilport_state != STMF_STATE_ONLINE) {
3543                 if (ilport->ilport_state != STMF_STATE_OFFLINING) {
3544                         stmf_trace(lport->lport_alias, "Port is trying to "
3545                             "register a session while the state is neither "
3546                             "online nor offlining");
3547                 }
3548                 return (STMF_FAILURE);
3549         }
3550         bzero(lun, 8);
3551         iss = (stmf_i_scsi_session_t *)ss->ss_stmf_private;
3552         if ((iss->iss_irport = stmf_irport_register(ss->ss_rport_id)) == NULL) {
3553                 stmf_trace(lport->lport_alias, "Could not register "
3554                     "remote port during session registration");
3555                 return (STMF_FAILURE);
3556         }
3557 
3558         iss->iss_flags |= ISS_BEING_CREATED;
3559 
3560         if (ss->ss_rport == NULL) {
3561                 iss->iss_flags |= ISS_NULL_TPTID;
3562                 ss->ss_rport = stmf_scsilib_devid_to_remote_port(
3563                     ss->ss_rport_id);
3564                 if (ss->ss_rport == NULL) {
3565                         iss->iss_flags &= ~(ISS_NULL_TPTID | ISS_BEING_CREATED);
3566                         stmf_trace(lport->lport_alias, "Device id to "
3567                             "remote port conversion failed");
3568                         return (STMF_FAILURE);
3569                 }
3570         } else {
3571                 if (!stmf_scsilib_tptid_validate(ss->ss_rport->rport_tptid,
3572                     ss->ss_rport->rport_tptid_sz, NULL)) {
3573                         iss->iss_flags &= ~ISS_BEING_CREATED;
3574                         stmf_trace(lport->lport_alias, "Remote port "
3575                             "transport id validation failed");
3576                         return (STMF_FAILURE);
3577                 }
3578         }
3579 
3580         /* sessions use the ilport_lock. No separate lock is required */
3581         iss->iss_lockp = &ilport->ilport_lock;
3582 
3583         if (iss->iss_sm != NULL)
3584                 cmn_err(CE_PANIC, "create lun map called with non NULL map");
3585         iss->iss_sm = (stmf_lun_map_t *)kmem_zalloc(sizeof (stmf_lun_map_t),
3586             KM_SLEEP);
3587 
3588         mutex_enter(&stmf_state.stmf_lock);
3589         rw_enter(&ilport->ilport_lock, RW_WRITER);
3590         (void) stmf_session_create_lun_map(ilport, iss);
3591         ilport->ilport_nsessions++;
3592         iss->iss_next = ilport->ilport_ss_list;
3593         ilport->ilport_ss_list = iss;
3594         rw_exit(&ilport->ilport_lock);
3595         mutex_exit(&stmf_state.stmf_lock);
3596 
3597         iss->iss_creation_time = ddi_get_time();
3598         ss->ss_session_id = atomic_inc_64_nv(&stmf_session_counter);
3599         iss->iss_flags &= ~ISS_BEING_CREATED;
3600         /* XXX should we remove ISS_LUN_INVENTORY_CHANGED on new session? */
3601         iss->iss_flags &= ~ISS_LUN_INVENTORY_CHANGED;
3602         DTRACE_PROBE2(session__online, stmf_local_port_t *, lport,
3603             stmf_scsi_session_t *, ss);
3604         return (STMF_SUCCESS);
3605 }
3606 
3607 void
3608 stmf_deregister_scsi_session(stmf_local_port_t *lport, stmf_scsi_session_t *ss)
3609 {
3610         stmf_i_local_port_t *ilport = (stmf_i_local_port_t *)
3611             lport->lport_stmf_private;
3612         stmf_i_scsi_session_t *iss, **ppss;
3613         int found = 0;
3614         stmf_ic_msg_t *ic_session_dereg;
3615         stmf_status_t ic_ret = STMF_FAILURE;
3616 
3617         DTRACE_PROBE2(session__offline, stmf_local_port_t *, lport,
3618             stmf_scsi_session_t *, ss);
3619 
3620         iss = (stmf_i_scsi_session_t *)ss->ss_stmf_private;
3621         if (ss->ss_rport_alias) {
3622                 ss->ss_rport_alias = NULL;
3623         }
3624 
3625 try_dereg_ss_again:
3626         mutex_enter(&stmf_state.stmf_lock);
3627         atomic_and_32(&iss->iss_flags,
3628             ~(ISS_LUN_INVENTORY_CHANGED | ISS_GOT_INITIAL_LUNS));
3629         if (iss->iss_flags & ISS_EVENT_ACTIVE) {
3630                 mutex_exit(&stmf_state.stmf_lock);
3631                 delay(1);
3632                 goto try_dereg_ss_again;
3633         }
3634 
3635         /* dereg proxy session if not standby port */
3636         if (stmf_state.stmf_alua_state == 1 &&
3637             ilport->ilport_standby == 0 &&
3638             ilport->ilport_alua == 1) {
3639                 ic_session_dereg = ic_session_dereg_msg_alloc(
3640                     ss, stmf_proxy_msg_id);
3641                 if (ic_session_dereg) {
3642                         ic_ret = ic_tx_msg(ic_session_dereg);
3643                         if (ic_ret == STMF_IC_MSG_SUCCESS) {
3644                                 stmf_proxy_msg_id++;
3645                         }
3646                 }
3647         }
3648 
3649         rw_enter(&ilport->ilport_lock, RW_WRITER);
3650         for (ppss = &ilport->ilport_ss_list; *ppss != NULL;
3651             ppss = &((*ppss)->iss_next)) {
3652                 if (iss == (*ppss)) {
3653                         *ppss = (*ppss)->iss_next;
3654                         found = 1;
3655                         break;
3656                 }
3657         }
3658         if (!found) {
3659                 cmn_err(CE_PANIC, "Deregister session called for non existent"
3660                     " session");
3661         }
3662         ilport->ilport_nsessions--;
3663 
3664         stmf_irport_deregister(iss->iss_irport);
3665         (void) stmf_session_destroy_lun_map(ilport, iss);
3666         rw_exit(&ilport->ilport_lock);
3667         mutex_exit(&stmf_state.stmf_lock);
3668 
3669         if (iss->iss_flags & ISS_NULL_TPTID) {
3670                 stmf_remote_port_free(ss->ss_rport);
3671         }
3672 }
3673 
3674 stmf_i_scsi_session_t *
3675 stmf_session_id_to_issptr(uint64_t session_id, int stay_locked)
3676 {
3677         stmf_i_local_port_t *ilport;
3678         stmf_i_scsi_session_t *iss;
3679 
3680         mutex_enter(&stmf_state.stmf_lock);
3681         for (ilport = stmf_state.stmf_ilportlist; ilport != NULL;
3682             ilport = ilport->ilport_next) {
3683                 rw_enter(&ilport->ilport_lock, RW_WRITER);
3684                 for (iss = ilport->ilport_ss_list; iss != NULL;
3685                     iss = iss->iss_next) {
3686                         if (iss->iss_ss->ss_session_id == session_id) {
3687                                 if (!stay_locked)
3688                                         rw_exit(&ilport->ilport_lock);
3689                                 mutex_exit(&stmf_state.stmf_lock);
3690                                 return (iss);
3691                         }
3692                 }
3693                 rw_exit(&ilport->ilport_lock);
3694         }
3695         mutex_exit(&stmf_state.stmf_lock);
3696         return (NULL);
3697 }
3698 
3699 void
3700 stmf_release_itl_handle(stmf_lu_t *lu, stmf_itl_data_t *itl)
3701 {
3702         stmf_itl_data_t **itlpp;
3703         stmf_i_lu_t *ilu;
3704 
3705         ASSERT(itl->itl_flags & STMF_ITL_BEING_TERMINATED);
3706 
3707         ilu = (stmf_i_lu_t *)lu->lu_stmf_private;
3708         mutex_enter(&ilu->ilu_task_lock);
3709         for (itlpp = &ilu->ilu_itl_list; (*itlpp) != NULL;
3710             itlpp = &(*itlpp)->itl_next) {
3711                 if ((*itlpp) == itl)
3712                         break;
3713         }
3714         ASSERT((*itlpp) != NULL);
3715         *itlpp = itl->itl_next;
3716         mutex_exit(&ilu->ilu_task_lock);
3717         lu->lu_abort(lu, STMF_LU_ITL_HANDLE_REMOVED, itl->itl_handle,
3718             (uint32_t)itl->itl_hdlrm_reason);
3719 
3720         kmem_free(itl, sizeof (*itl));
3721 }
3722 
3723 stmf_status_t
3724 stmf_register_itl_handle(stmf_lu_t *lu, uint8_t *lun,
3725     stmf_scsi_session_t *ss, uint64_t session_id, void *itl_handle)
3726 {
3727         stmf_itl_data_t *itl;
3728         stmf_i_scsi_session_t *iss;
3729         stmf_lun_map_ent_t *lun_map_ent;
3730         stmf_i_lu_t *ilu;
3731         uint16_t n;
3732 
3733         ilu = (stmf_i_lu_t *)lu->lu_stmf_private;
3734         if (ss == NULL) {
3735                 iss = stmf_session_id_to_issptr(session_id, 1);
3736                 if (iss == NULL)
3737                         return (STMF_NOT_FOUND);
3738         } else {
3739                 iss = (stmf_i_scsi_session_t *)ss->ss_stmf_private;
3740         }
3741 
3742         mutex_enter(&stmf_state.stmf_lock);
3743         rw_enter(iss->iss_lockp, RW_WRITER);
3744         n = ((uint16_t)lun[1] | (((uint16_t)(lun[0] & 0x3F)) << 8));
3745         lun_map_ent = (stmf_lun_map_ent_t *)
3746             stmf_get_ent_from_map(iss->iss_sm, n);
3747         if ((lun_map_ent == NULL) || (lun_map_ent->ent_lu != lu)) {
3748                 rw_exit(iss->iss_lockp);
3749                 mutex_exit(&stmf_state.stmf_lock);
3750                 return (STMF_NOT_FOUND);
3751         }
3752         if (lun_map_ent->ent_itl_datap != NULL) {
3753                 rw_exit(iss->iss_lockp);
3754                 mutex_exit(&stmf_state.stmf_lock);
3755                 return (STMF_ALREADY);
3756         }
3757 
3758         itl = (stmf_itl_data_t *)kmem_zalloc(sizeof (*itl), KM_NOSLEEP);
3759         if (itl == NULL) {
3760                 rw_exit(iss->iss_lockp);
3761                 mutex_exit(&stmf_state.stmf_lock);
3762                 return (STMF_ALLOC_FAILURE);
3763         }
3764 
3765         itl->itl_ilu = ilu;
3766         itl->itl_session = iss;
3767         itl->itl_counter = 1;
3768         itl->itl_lun = n;
3769         itl->itl_handle = itl_handle;
3770 
3771         mutex_enter(&ilu->ilu_task_lock);
3772         itl->itl_next = ilu->ilu_itl_list;
3773         ilu->ilu_itl_list = itl;
3774         mutex_exit(&ilu->ilu_task_lock);
3775         lun_map_ent->ent_itl_datap = itl;
3776         rw_exit(iss->iss_lockp);
3777         mutex_exit(&stmf_state.stmf_lock);
3778 
3779         return (STMF_SUCCESS);
3780 }
3781 
3782 void
3783 stmf_do_itl_dereg(stmf_lu_t *lu, stmf_itl_data_t *itl, uint8_t hdlrm_reason)
3784 {
3785         uint8_t old, new;
3786 
3787         do {
3788                 old = new = itl->itl_flags;
3789                 if (old & STMF_ITL_BEING_TERMINATED)
3790                         return;
3791                 new |= STMF_ITL_BEING_TERMINATED;
3792         } while (atomic_cas_8(&itl->itl_flags, old, new) != old);
3793         itl->itl_hdlrm_reason = hdlrm_reason;
3794 
3795         ASSERT(itl->itl_counter);
3796 
3797         if (atomic_dec_32_nv(&itl->itl_counter))
3798                 return;
3799 
3800         stmf_release_itl_handle(lu, itl);
3801 }
3802 
3803 stmf_status_t
3804 stmf_deregister_all_lu_itl_handles(stmf_lu_t *lu)
3805 {
3806         stmf_i_lu_t *ilu;
3807         stmf_i_local_port_t *ilport;
3808         stmf_i_scsi_session_t *iss;
3809         stmf_lun_map_t *lm;
3810         stmf_lun_map_ent_t *ent;
3811         uint32_t nmaps, nu;
3812         stmf_itl_data_t **itl_list;
3813         int i;
3814 
3815         ilu = (stmf_i_lu_t *)lu->lu_stmf_private;
3816 
3817 dereg_itl_start:;
3818         nmaps = ilu->ilu_ref_cnt;
3819         if (nmaps == 0)
3820                 return (STMF_NOT_FOUND);
3821         itl_list = (stmf_itl_data_t **)kmem_zalloc(
3822             nmaps * sizeof (stmf_itl_data_t *), KM_SLEEP);
3823         mutex_enter(&stmf_state.stmf_lock);
3824         if (nmaps != ilu->ilu_ref_cnt) {
3825                 /* Something changed, start all over */
3826                 mutex_exit(&stmf_state.stmf_lock);
3827                 kmem_free(itl_list, nmaps * sizeof (stmf_itl_data_t *));
3828                 goto dereg_itl_start;
3829         }
3830         nu = 0;
3831         for (ilport = stmf_state.stmf_ilportlist; ilport != NULL;
3832             ilport = ilport->ilport_next) {
3833                 rw_enter(&ilport->ilport_lock, RW_WRITER);
3834                 for (iss = ilport->ilport_ss_list; iss != NULL;
3835                     iss = iss->iss_next) {
3836                         lm = iss->iss_sm;
3837                         if (!lm)
3838                                 continue;
3839                         for (i = 0; i < lm->lm_nentries; i++) {
3840                                 if (lm->lm_plus[i] == NULL)
3841                                         continue;
3842                                 ent = (stmf_lun_map_ent_t *)lm->lm_plus[i];
3843                                 if ((ent->ent_lu == lu) &&
3844                                     (ent->ent_itl_datap)) {
3845                                         itl_list[nu++] = ent->ent_itl_datap;
3846                                         ent->ent_itl_datap = NULL;
3847                                         if (nu == nmaps) {
3848                                                 rw_exit(&ilport->ilport_lock);
3849                                                 goto dai_scan_done;
3850                                         }
3851                                 }
3852                         } /* lun table for a session */
3853                 } /* sessions */
3854                 rw_exit(&ilport->ilport_lock);
3855         } /* ports */
3856 
3857 dai_scan_done:
3858         mutex_exit(&stmf_state.stmf_lock);
3859 
3860         for (i = 0; i < nu; i++) {
3861                 stmf_do_itl_dereg(lu, itl_list[i],
3862                     STMF_ITL_REASON_DEREG_REQUEST);
3863         }
3864         kmem_free(itl_list, nmaps * sizeof (stmf_itl_data_t *));
3865 
3866         return (STMF_SUCCESS);
3867 }
3868 
3869 stmf_status_t
3870 stmf_get_itl_handle(stmf_lu_t *lu, uint8_t *lun, stmf_scsi_session_t *ss,
3871     uint64_t session_id, void **itl_handle_retp)
3872 {
3873         stmf_i_scsi_session_t *iss;
3874         stmf_lun_map_ent_t *ent;
3875         stmf_lun_map_t *lm;
3876         stmf_status_t ret;
3877         int i;
3878         uint16_t n;
3879 
3880         if (ss == NULL) {
3881                 iss = stmf_session_id_to_issptr(session_id, 1);
3882                 if (iss == NULL)
3883                         return (STMF_NOT_FOUND);
3884         } else {
3885                 iss = (stmf_i_scsi_session_t *)ss->ss_stmf_private;
3886                 rw_enter(iss->iss_lockp, RW_WRITER);
3887         }
3888 
3889         ent = NULL;
3890         if (lun == NULL) {
3891                 lm = iss->iss_sm;
3892                 for (i = 0; i < lm->lm_nentries; i++) {
3893                         if (lm->lm_plus[i] == NULL)
3894                                 continue;
3895                         ent = (stmf_lun_map_ent_t *)lm->lm_plus[i];
3896                         if (ent->ent_lu == lu)
3897                                 break;
3898                 }
3899         } else {
3900                 n = ((uint16_t)lun[1] | (((uint16_t)(lun[0] & 0x3F)) << 8));
3901                 ent = (stmf_lun_map_ent_t *)
3902                     stmf_get_ent_from_map(iss->iss_sm, n);
3903                 if (lu && (ent->ent_lu != lu))
3904                         ent = NULL;
3905         }
3906         if (ent && ent->ent_itl_datap) {
3907                 *itl_handle_retp = ent->ent_itl_datap->itl_handle;
3908                 ret = STMF_SUCCESS;
3909         } else {
3910                 ret = STMF_NOT_FOUND;
3911         }
3912 
3913         rw_exit(iss->iss_lockp);
3914         return (ret);
3915 }
3916 
3917 stmf_data_buf_t *
3918 stmf_alloc_dbuf(scsi_task_t *task, uint32_t size, uint32_t *pminsize,
3919     uint32_t flags)
3920 {
3921         stmf_i_scsi_task_t *itask =
3922             (stmf_i_scsi_task_t *)task->task_stmf_private;
3923         stmf_local_port_t *lport = task->task_lport;
3924         stmf_data_buf_t *dbuf;
3925         uint8_t ndx;
3926 
3927         ndx = stmf_first_zero[itask->itask_allocated_buf_map];
3928         if (ndx == 0xff)
3929                 return (NULL);
3930         dbuf = itask->itask_dbufs[ndx] = lport->lport_ds->ds_alloc_data_buf(
3931             task, size, pminsize, flags);
3932         if (dbuf) {
3933                 task->task_cur_nbufs++;
3934                 itask->itask_allocated_buf_map |= (1 << ndx);
3935                 dbuf->db_flags &= ~DB_LPORT_XFER_ACTIVE;
3936                 dbuf->db_handle = ndx;
3937                 return (dbuf);
3938         }
3939 
3940         return (NULL);
3941 }
3942 
3943 stmf_status_t
3944 stmf_setup_dbuf(scsi_task_t *task, stmf_data_buf_t *dbuf, uint32_t flags)
3945 {
3946         stmf_i_scsi_task_t *itask =
3947             (stmf_i_scsi_task_t *)task->task_stmf_private;
3948         stmf_local_port_t *lport = task->task_lport;
3949         uint8_t ndx;
3950         stmf_status_t ret;
3951 
3952         ASSERT(task->task_additional_flags & TASK_AF_ACCEPT_LU_DBUF);
3953         ASSERT(lport->lport_ds->ds_setup_dbuf != NULL);
3954         ASSERT(dbuf->db_flags & DB_LU_DATA_BUF);
3955 
3956         if ((task->task_additional_flags & TASK_AF_ACCEPT_LU_DBUF) == 0)
3957                 return (STMF_FAILURE);
3958         if (lport->lport_ds->ds_setup_dbuf == NULL)
3959                 return (STMF_FAILURE);
3960 
3961         ndx = stmf_first_zero[itask->itask_allocated_buf_map];
3962         if (ndx == 0xff)
3963                 return (STMF_FAILURE);
3964         ret = lport->lport_ds->ds_setup_dbuf(task, dbuf, flags);
3965         if (ret == STMF_FAILURE)
3966                 return (STMF_FAILURE);
3967         itask->itask_dbufs[ndx] = dbuf;
3968         task->task_cur_nbufs++;
3969         itask->itask_allocated_buf_map |= (1 << ndx);
3970         dbuf->db_handle = ndx;
3971 
3972         return (STMF_SUCCESS);
3973 }
3974 
3975 void
3976 stmf_teardown_dbuf(scsi_task_t *task, stmf_data_buf_t *dbuf)
3977 {
3978         stmf_i_scsi_task_t *itask =
3979             (stmf_i_scsi_task_t *)task->task_stmf_private;
3980         stmf_local_port_t *lport = task->task_lport;
3981 
3982         ASSERT(task->task_additional_flags & TASK_AF_ACCEPT_LU_DBUF);
3983         ASSERT(lport->lport_ds->ds_teardown_dbuf != NULL);
3984         ASSERT(dbuf->db_flags & DB_LU_DATA_BUF);
3985 
3986         itask->itask_allocated_buf_map &= ~(1 << dbuf->db_handle);
3987         task->task_cur_nbufs--;
3988         lport->lport_ds->ds_teardown_dbuf(lport->lport_ds, dbuf);
3989 }
3990 
3991 void
3992 stmf_free_dbuf(scsi_task_t *task, stmf_data_buf_t *dbuf)
3993 {
3994         stmf_i_scsi_task_t *itask =
3995             (stmf_i_scsi_task_t *)task->task_stmf_private;
3996         stmf_local_port_t *lport = task->task_lport;
3997 
3998         itask->itask_allocated_buf_map &= ~(1 << dbuf->db_handle);
3999         task->task_cur_nbufs--;
4000         lport->lport_ds->ds_free_data_buf(lport->lport_ds, dbuf);
4001 }
4002 
4003 stmf_data_buf_t *
4004 stmf_handle_to_buf(scsi_task_t *task, uint8_t h)
4005 {
4006         stmf_i_scsi_task_t *itask;
4007 
4008         itask = (stmf_i_scsi_task_t *)task->task_stmf_private;
4009         if (h > 3)
4010                 return (NULL);
4011         return (itask->itask_dbufs[h]);
4012 }
4013 
4014 /* ARGSUSED */
4015 struct scsi_task *
4016 stmf_task_alloc(struct stmf_local_port *lport, stmf_scsi_session_t *ss,
4017                         uint8_t *lun, uint16_t cdb_length_in, uint16_t ext_id)
4018 {
4019         stmf_lu_t *lu;
4020         stmf_i_scsi_session_t *iss;
4021         stmf_i_lu_t *ilu;
4022         stmf_i_scsi_task_t *itask;
4023         stmf_i_scsi_task_t **ppitask;
4024         scsi_task_t *task;
4025         uint8_t *l;
4026         stmf_lun_map_ent_t *lun_map_ent;
4027         uint16_t cdb_length;
4028         uint16_t luNbr;
4029         uint8_t new_task = 0;
4030 
4031         /*
4032          * We allocate 7 extra bytes for CDB to provide a cdb pointer which
4033          * is guaranteed to be 8 byte aligned. Some LU providers like OSD
4034          * depend upon this alignment.
4035          */
4036         if (cdb_length_in >= 16)
4037                 cdb_length = cdb_length_in + 7;
4038         else
4039                 cdb_length = 16 + 7;
4040         iss = (stmf_i_scsi_session_t *)ss->ss_stmf_private;
4041         luNbr = ((uint16_t)lun[1] | (((uint16_t)(lun[0] & 0x3F)) << 8));
4042         rw_enter(iss->iss_lockp, RW_READER);
4043         lun_map_ent =
4044             (stmf_lun_map_ent_t *)stmf_get_ent_from_map(iss->iss_sm, luNbr);
4045         if (!lun_map_ent) {
4046                 lu = dlun0;
4047         } else {
4048                 lu = lun_map_ent->ent_lu;
4049         }
4050         ilu = lu->lu_stmf_private;
4051         if (ilu->ilu_flags & ILU_RESET_ACTIVE) {
4052                 rw_exit(iss->iss_lockp);
4053                 return (NULL);
4054         }
4055         ASSERT(lu == dlun0 || (ilu->ilu_state != STMF_STATE_OFFLINING &&
4056             ilu->ilu_state != STMF_STATE_OFFLINE));
4057         do {
4058                 if (ilu->ilu_free_tasks == NULL) {
4059                         new_task = 1;
4060                         break;
4061                 }
4062                 mutex_enter(&ilu->ilu_task_lock);
4063                 for (ppitask = &ilu->ilu_free_tasks; (*ppitask != NULL) &&
4064                     ((*ppitask)->itask_cdb_buf_size < cdb_length);
4065                     ppitask = &((*ppitask)->itask_lu_free_next))
4066                         ;
4067                 if (*ppitask) {
4068                         itask = *ppitask;
4069                         *ppitask = (*ppitask)->itask_lu_free_next;
4070                         ilu->ilu_ntasks_free--;
4071                         if (ilu->ilu_ntasks_free < ilu->ilu_ntasks_min_free)
4072                                 ilu->ilu_ntasks_min_free = ilu->ilu_ntasks_free;
4073                 } else {
4074                         new_task = 1;
4075                 }
4076                 mutex_exit(&ilu->ilu_task_lock);
4077         /* CONSTCOND */
4078         } while (0);
4079 
4080         if (!new_task) {
4081                 /*
4082                  * Save the task_cdb pointer and zero per cmd fields.
4083                  * We know the task_cdb_length is large enough by task
4084                  * selection process above.
4085                  */
4086                 uint8_t *save_cdb;
4087                 uintptr_t t_start, t_end;
4088 
4089                 task = itask->itask_task;
4090                 save_cdb = task->task_cdb;   /* save */
4091                 t_start = (uintptr_t)&task->task_flags;
4092                 t_end = (uintptr_t)&task->task_extended_cmd;
4093                 bzero((void *)t_start, (size_t)(t_end - t_start));
4094                 task->task_cdb = save_cdb;   /* restore */
4095                 itask->itask_ncmds = 0;
4096         } else {
4097                 task = (scsi_task_t *)stmf_alloc(STMF_STRUCT_SCSI_TASK,
4098                     cdb_length, AF_FORCE_NOSLEEP);
4099                 if (task == NULL) {
4100                         rw_exit(iss->iss_lockp);
4101                         return (NULL);
4102                 }
4103                 task->task_lu = lu;
4104                 l = task->task_lun_no;
4105                 l[0] = lun[0];
4106                 l[1] = lun[1];
4107                 l[2] = lun[2];
4108                 l[3] = lun[3];
4109                 l[4] = lun[4];
4110                 l[5] = lun[5];
4111                 l[6] = lun[6];
4112                 l[7] = lun[7];
4113                 task->task_cdb = (uint8_t *)task->task_port_private;
4114                 if ((ulong_t)(task->task_cdb) & 7ul) {
4115                         task->task_cdb = (uint8_t *)(((ulong_t)
4116                             (task->task_cdb) + 7ul) & ~(7ul));
4117                 }
4118                 itask = (stmf_i_scsi_task_t *)task->task_stmf_private;
4119                 itask->itask_cdb_buf_size = cdb_length;
4120                 mutex_init(&itask->itask_audit_mutex, NULL, MUTEX_DRIVER, NULL);
4121         }
4122         task->task_session = ss;
4123         task->task_lport = lport;
4124         task->task_cdb_length = cdb_length_in;
4125         itask->itask_flags = ITASK_IN_TRANSITION;
4126         itask->itask_waitq_time = 0;
4127         itask->itask_lu_read_time = itask->itask_lu_write_time = 0;
4128         itask->itask_lport_read_time = itask->itask_lport_write_time = 0;
4129         itask->itask_read_xfer = itask->itask_write_xfer = 0;
4130         itask->itask_audit_index = 0;
4131 
4132         if (new_task) {
4133                 if (lu->lu_task_alloc(task) != STMF_SUCCESS) {
4134                         rw_exit(iss->iss_lockp);
4135                         stmf_free(task);
4136                         return (NULL);
4137                 }
4138                 mutex_enter(&ilu->ilu_task_lock);
4139                 if (ilu->ilu_flags & ILU_RESET_ACTIVE) {
4140                         mutex_exit(&ilu->ilu_task_lock);
4141                         rw_exit(iss->iss_lockp);
4142                         stmf_free(task);
4143                         return (NULL);
4144                 }
4145                 itask->itask_lu_next = ilu->ilu_tasks;
4146                 if (ilu->ilu_tasks)
4147                         ilu->ilu_tasks->itask_lu_prev = itask;
4148                 ilu->ilu_tasks = itask;
4149                 /* kmem_zalloc automatically makes itask->itask_lu_prev NULL */
4150                 ilu->ilu_ntasks++;
4151                 mutex_exit(&ilu->ilu_task_lock);
4152         }
4153 
4154         itask->itask_ilu_task_cntr = ilu->ilu_cur_task_cntr;
4155         atomic_inc_32(itask->itask_ilu_task_cntr);
4156         itask->itask_start_time = ddi_get_lbolt();
4157 
4158         if ((lun_map_ent != NULL) && ((itask->itask_itl_datap =
4159             lun_map_ent->ent_itl_datap) != NULL)) {
4160                 atomic_inc_32(&itask->itask_itl_datap->itl_counter);
4161                 task->task_lu_itl_handle = itask->itask_itl_datap->itl_handle;
4162         } else {
4163                 itask->itask_itl_datap = NULL;
4164                 task->task_lu_itl_handle = NULL;
4165         }
4166 
4167         rw_exit(iss->iss_lockp);
4168         return (task);
4169 }
4170 
4171 static void
4172 stmf_task_lu_free(scsi_task_t *task, stmf_i_scsi_session_t *iss)
4173 {
4174         stmf_i_scsi_task_t *itask =
4175             (stmf_i_scsi_task_t *)task->task_stmf_private;
4176         stmf_i_lu_t *ilu = (stmf_i_lu_t *)task->task_lu->lu_stmf_private;
4177 
4178         ASSERT(rw_lock_held(iss->iss_lockp));
4179         itask->itask_flags = ITASK_IN_FREE_LIST;
4180         itask->itask_proxy_msg_id = 0;
4181         mutex_enter(&ilu->ilu_task_lock);
4182         itask->itask_lu_free_next = ilu->ilu_free_tasks;
4183         ilu->ilu_free_tasks = itask;
4184         ilu->ilu_ntasks_free++;
4185         if (ilu->ilu_ntasks == ilu->ilu_ntasks_free)
4186                 cv_signal(&ilu->ilu_offline_pending_cv);
4187         mutex_exit(&ilu->ilu_task_lock);
4188         atomic_dec_32(itask->itask_ilu_task_cntr);
4189 }
4190 
4191 void
4192 stmf_task_lu_check_freelist(stmf_i_lu_t *ilu)
4193 {
4194         uint32_t        num_to_release, ndx;
4195         stmf_i_scsi_task_t *itask;
4196         stmf_lu_t       *lu = ilu->ilu_lu;
4197 
4198         ASSERT(ilu->ilu_ntasks_min_free <= ilu->ilu_ntasks_free);
4199 
4200         /* free half of the minimal free of the free tasks */
4201         num_to_release = (ilu->ilu_ntasks_min_free + 1) / 2;
4202         if (!num_to_release) {
4203                 return;
4204         }
4205         for (ndx = 0; ndx < num_to_release; ndx++) {
4206                 mutex_enter(&ilu->ilu_task_lock);
4207                 itask = ilu->ilu_free_tasks;
4208                 if (itask == NULL) {
4209                         mutex_exit(&ilu->ilu_task_lock);
4210                         break;
4211                 }
4212                 ilu->ilu_free_tasks = itask->itask_lu_free_next;
4213                 ilu->ilu_ntasks_free--;
4214                 mutex_exit(&ilu->ilu_task_lock);
4215 
4216                 lu->lu_task_free(itask->itask_task);
4217                 mutex_enter(&ilu->ilu_task_lock);
4218                 if (itask->itask_lu_next)
4219                         itask->itask_lu_next->itask_lu_prev =
4220                             itask->itask_lu_prev;
4221                 if (itask->itask_lu_prev)
4222                         itask->itask_lu_prev->itask_lu_next =
4223                             itask->itask_lu_next;
4224                 else
4225                         ilu->ilu_tasks = itask->itask_lu_next;
4226 
4227                 ilu->ilu_ntasks--;
4228                 mutex_exit(&ilu->ilu_task_lock);
4229                 stmf_free(itask->itask_task);
4230         }
4231 }
4232 
4233 /*
4234  * Called with stmf_lock held
4235  */
4236 void
4237 stmf_check_freetask()
4238 {
4239         stmf_i_lu_t *ilu;
4240         clock_t endtime = ddi_get_lbolt() + drv_usectohz(10000);
4241 
4242         /* stmf_svc_ilu_draining may get changed after stmf_lock is released */
4243         while ((ilu = stmf_state.stmf_svc_ilu_draining) != NULL) {
4244                 stmf_state.stmf_svc_ilu_draining = ilu->ilu_next;
4245                 if (!ilu->ilu_ntasks_min_free) {
4246                         ilu->ilu_ntasks_min_free = ilu->ilu_ntasks_free;
4247                         continue;
4248                 }
4249                 ilu->ilu_flags |= ILU_STALL_DEREGISTER;
4250                 mutex_exit(&stmf_state.stmf_lock);
4251                 stmf_task_lu_check_freelist(ilu);
4252                 /*
4253                  * we do not care about the accuracy of
4254                  * ilu_ntasks_min_free, so we don't lock here
4255                  */
4256                 ilu->ilu_ntasks_min_free = ilu->ilu_ntasks_free;
4257                 mutex_enter(&stmf_state.stmf_lock);
4258                 ilu->ilu_flags &= ~ILU_STALL_DEREGISTER;
4259                 cv_broadcast(&stmf_state.stmf_cv);
4260                 if (ddi_get_lbolt() >= endtime)
4261                         break;
4262         }
4263 }
4264 
4265 void
4266 stmf_do_ilu_timeouts(stmf_i_lu_t *ilu)
4267 {
4268         clock_t l = ddi_get_lbolt();
4269         clock_t ps = drv_usectohz(1000000);
4270         stmf_i_scsi_task_t *itask;
4271         scsi_task_t *task;
4272         uint32_t to;
4273 
4274         mutex_enter(&ilu->ilu_task_lock);
4275         for (itask = ilu->ilu_tasks; itask != NULL;
4276             itask = itask->itask_lu_next) {
4277                 if (itask->itask_flags & (ITASK_IN_FREE_LIST |
4278                     ITASK_BEING_ABORTED)) {
4279                         continue;
4280                 }
4281                 task = itask->itask_task;
4282                 if (task->task_timeout == 0)
4283                         to = stmf_default_task_timeout;
4284                 else
4285                         to = task->task_timeout;
4286                 if ((itask->itask_start_time + (to * ps)) > l)
4287                         continue;
4288                 stmf_abort(STMF_QUEUE_TASK_ABORT, task,
4289                     STMF_TIMEOUT, NULL);
4290         }
4291         mutex_exit(&ilu->ilu_task_lock);
4292 }
4293 
4294 /*
4295  * Called with stmf_lock held
4296  */
4297 void
4298 stmf_check_ilu_timing()
4299 {
4300         stmf_i_lu_t *ilu;
4301         clock_t endtime = ddi_get_lbolt() + drv_usectohz(10000);
4302 
4303         /* stmf_svc_ilu_timing may get changed after stmf_lock is released */
4304         while ((ilu = stmf_state.stmf_svc_ilu_timing) != NULL) {
4305                 stmf_state.stmf_svc_ilu_timing = ilu->ilu_next;
4306                 if (ilu->ilu_cur_task_cntr == (&ilu->ilu_task_cntr1)) {
4307                         if (ilu->ilu_task_cntr2 == 0) {
4308                                 ilu->ilu_cur_task_cntr = &ilu->ilu_task_cntr2;
4309                                 continue;
4310                         }
4311                 } else {
4312                         if (ilu->ilu_task_cntr1 == 0) {
4313                                 ilu->ilu_cur_task_cntr = &ilu->ilu_task_cntr1;
4314                                 continue;
4315                         }
4316                 }
4317                 /*
4318                  * If we are here then it means that there is some slowdown
4319                  * in tasks on this lu. We need to check.
4320                  */
4321                 ilu->ilu_flags |= ILU_STALL_DEREGISTER;
4322                 mutex_exit(&stmf_state.stmf_lock);
4323                 stmf_do_ilu_timeouts(ilu);
4324                 mutex_enter(&stmf_state.stmf_lock);
4325                 ilu->ilu_flags &= ~ILU_STALL_DEREGISTER;
4326                 cv_broadcast(&stmf_state.stmf_cv);
4327                 if (ddi_get_lbolt() >= endtime)
4328                         break;
4329         }
4330 }
4331 
4332 /*
4333  * Kills all tasks on a lu except tm_task
4334  */
4335 void
4336 stmf_task_lu_killall(stmf_lu_t *lu, scsi_task_t *tm_task, stmf_status_t s)
4337 {
4338         stmf_i_lu_t *ilu = (stmf_i_lu_t *)lu->lu_stmf_private;
4339         stmf_i_scsi_task_t *itask;
4340 
4341         mutex_enter(&ilu->ilu_task_lock);
4342 
4343         for (itask = ilu->ilu_tasks; itask != NULL;
4344             itask = itask->itask_lu_next) {
4345                 if (itask->itask_flags & ITASK_IN_FREE_LIST)
4346                         continue;
4347                 if (itask->itask_task == tm_task)
4348                         continue;
4349                 stmf_abort(STMF_QUEUE_TASK_ABORT, itask->itask_task, s, NULL);
4350         }
4351         mutex_exit(&ilu->ilu_task_lock);
4352 }
4353 
4354 void
4355 stmf_free_task_bufs(stmf_i_scsi_task_t *itask, stmf_local_port_t *lport)
4356 {
4357         int i;
4358         uint8_t map;
4359 
4360         if ((map = itask->itask_allocated_buf_map) == 0)
4361                 return;
4362         for (i = 0; i < 4; i++) {
4363                 if (map & 1) {
4364                         stmf_data_buf_t *dbuf;
4365 
4366                         dbuf = itask->itask_dbufs[i];
4367                         if (dbuf->db_xfer_start_timestamp) {
4368                                 stmf_lport_xfer_done(itask, dbuf);
4369                         }
4370                         if (dbuf->db_flags & DB_LU_DATA_BUF) {
4371                                 /*
4372                                  * LU needs to clean up buffer.
4373                                  * LU is required to free the buffer
4374                                  * in the xfer_done handler.
4375                                  */
4376                                 scsi_task_t *task = itask->itask_task;
4377                                 stmf_lu_t *lu = task->task_lu;
4378 
4379                                 lu->lu_dbuf_free(task, dbuf);
4380                                 ASSERT(((itask->itask_allocated_buf_map>>i)
4381                                     & 1) == 0); /* must be gone */
4382                         } else {
4383                                 ASSERT(dbuf->db_lu_private == NULL);
4384                                 dbuf->db_lu_private = NULL;
4385                                 lport->lport_ds->ds_free_data_buf(
4386                                     lport->lport_ds, dbuf);
4387                         }
4388                 }
4389                 map >>= 1;
4390         }
4391         itask->itask_allocated_buf_map = 0;
4392 }
4393 
4394 void
4395 stmf_task_free(scsi_task_t *task)
4396 {
4397         stmf_local_port_t *lport = task->task_lport;
4398         stmf_i_scsi_task_t *itask = (stmf_i_scsi_task_t *)
4399             task->task_stmf_private;
4400         stmf_i_scsi_session_t *iss = (stmf_i_scsi_session_t *)
4401             task->task_session->ss_stmf_private;
4402 
4403         stmf_task_audit(itask, TE_TASK_FREE, CMD_OR_IOF_NA, NULL);
4404 
4405         stmf_free_task_bufs(itask, lport);
4406         stmf_itl_task_done(itask);
4407         DTRACE_PROBE2(stmf__task__end, scsi_task_t *, task,
4408             hrtime_t,
4409             itask->itask_done_timestamp - itask->itask_start_timestamp);
4410         if (itask->itask_itl_datap) {
4411                 if (atomic_dec_32_nv(&itask->itask_itl_datap->itl_counter) ==
4412                     0) {
4413                         stmf_release_itl_handle(task->task_lu,
4414                             itask->itask_itl_datap);
4415                 }
4416         }
4417 
4418         rw_enter(iss->iss_lockp, RW_READER);
4419         lport->lport_task_free(task);
4420         if (itask->itask_worker) {
4421                 atomic_dec_32(&stmf_cur_ntasks);
4422                 atomic_dec_32(&itask->itask_worker->worker_ref_count);
4423         }
4424         /*
4425          * After calling stmf_task_lu_free, the task pointer can no longer
4426          * be trusted.
4427          */
4428         stmf_task_lu_free(task, iss);
4429         rw_exit(iss->iss_lockp);
4430 }
4431 
4432 void
4433 stmf_post_task(scsi_task_t *task, stmf_data_buf_t *dbuf)
4434 {
4435         stmf_i_scsi_task_t *itask = (stmf_i_scsi_task_t *)
4436             task->task_stmf_private;
4437         stmf_i_lu_t *ilu = (stmf_i_lu_t *)task->task_lu->lu_stmf_private;
4438         int nv;
4439         uint32_t old, new;
4440         uint32_t ct;
4441         stmf_worker_t *w, *w1;
4442         uint8_t tm;
4443 
4444         if (task->task_max_nbufs > 4)
4445                 task->task_max_nbufs = 4;
4446         task->task_cur_nbufs = 0;
4447         /* Latest value of currently running tasks */
4448         ct = atomic_inc_32_nv(&stmf_cur_ntasks);
4449 
4450         /* Select the next worker using round robin */
4451         nv = (int)atomic_inc_32_nv((uint32_t *)&stmf_worker_sel_counter);
4452         if (nv >= stmf_nworkers_accepting_cmds) {
4453                 int s = nv;
4454                 do {
4455                         nv -= stmf_nworkers_accepting_cmds;
4456                 } while (nv >= stmf_nworkers_accepting_cmds);
4457                 if (nv < 0)
4458                         nv = 0;
4459                 /* Its ok if this cas fails */
4460                 (void) atomic_cas_32((uint32_t *)&stmf_worker_sel_counter,
4461                     s, nv);
4462         }
4463         w = &stmf_workers[nv];
4464 
4465         /*
4466          * A worker can be pinned by interrupt. So select the next one
4467          * if it has lower load.
4468          */
4469         if ((nv + 1) >= stmf_nworkers_accepting_cmds) {
4470                 w1 = stmf_workers;
4471         } else {
4472                 w1 = &stmf_workers[nv + 1];
4473         }
4474         if (w1->worker_queue_depth < w->worker_queue_depth)
4475                 w = w1;
4476 
4477         mutex_enter(&w->worker_lock);
4478         if (((w->worker_flags & STMF_WORKER_STARTED) == 0) ||
4479             (w->worker_flags & STMF_WORKER_TERMINATE)) {
4480                 /*
4481                  * Maybe we are in the middle of a change. Just go to
4482                  * the 1st worker.
4483                  */
4484                 mutex_exit(&w->worker_lock);
4485                 w = stmf_workers;
4486                 mutex_enter(&w->worker_lock);
4487         }
4488         itask->itask_worker = w;
4489         /*
4490          * Track max system load inside the worker as we already have the
4491          * worker lock (no point implementing another lock). The service
4492          * thread will do the comparisons and figure out the max overall
4493          * system load.
4494          */
4495         if (w->worker_max_sys_qdepth_pu < ct)
4496                 w->worker_max_sys_qdepth_pu = ct;
4497 
4498         do {
4499                 old = new = itask->itask_flags;
4500                 new |= ITASK_KNOWN_TO_TGT_PORT | ITASK_IN_WORKER_QUEUE;
4501                 if (task->task_mgmt_function) {
4502                         tm = task->task_mgmt_function;
4503                         if ((tm == TM_TARGET_RESET) ||
4504                             (tm == TM_TARGET_COLD_RESET) ||
4505                             (tm == TM_TARGET_WARM_RESET)) {
4506                                 new |= ITASK_DEFAULT_HANDLING;
4507                         }
4508                 } else if (task->task_cdb[0] == SCMD_REPORT_LUNS) {
4509                         new |= ITASK_DEFAULT_HANDLING;
4510                 }
4511                 new &= ~ITASK_IN_TRANSITION;
4512         } while (atomic_cas_32(&itask->itask_flags, old, new) != old);
4513 
4514         stmf_itl_task_start(itask);
4515 
4516         itask->itask_worker_next = NULL;
4517         if (w->worker_task_tail) {
4518                 w->worker_task_tail->itask_worker_next = itask;
4519         } else {
4520                 w->worker_task_head = itask;
4521         }
4522         w->worker_task_tail = itask;
4523         if (++(w->worker_queue_depth) > w->worker_max_qdepth_pu) {
4524                 w->worker_max_qdepth_pu = w->worker_queue_depth;
4525         }
4526         /* Measure task waitq time */
4527         itask->itask_waitq_enter_timestamp = gethrtime();
4528         atomic_inc_32(&w->worker_ref_count);
4529         itask->itask_cmd_stack[0] = ITASK_CMD_NEW_TASK;
4530         itask->itask_ncmds = 1;
4531         stmf_task_audit(itask, TE_TASK_START, CMD_OR_IOF_NA, dbuf);
4532         if (dbuf) {
4533                 itask->itask_allocated_buf_map = 1;
4534                 itask->itask_dbufs[0] = dbuf;
4535                 dbuf->db_handle = 0;
4536         } else {
4537                 itask->itask_allocated_buf_map = 0;
4538                 itask->itask_dbufs[0] = NULL;
4539         }
4540 
4541         if ((w->worker_flags & STMF_WORKER_ACTIVE) == 0) {
4542                 w->worker_signal_timestamp = gethrtime();
4543                 DTRACE_PROBE2(worker__signal, stmf_worker_t *, w,
4544                     scsi_task_t *, task);
4545                 cv_signal(&w->worker_cv);
4546         }
4547         mutex_exit(&w->worker_lock);
4548 
4549         /*
4550          * This can only happen if during stmf_task_alloc(), ILU_RESET_ACTIVE
4551          * was set between checking of ILU_RESET_ACTIVE and clearing of the
4552          * ITASK_IN_FREE_LIST flag. Take care of these "sneaked-in" tasks here.
4553          */
4554         if (ilu->ilu_flags & ILU_RESET_ACTIVE) {
4555                 stmf_abort(STMF_QUEUE_TASK_ABORT, task, STMF_ABORTED, NULL);
4556         }
4557 }
4558 
4559 static void
4560 stmf_task_audit(stmf_i_scsi_task_t *itask,
4561     task_audit_event_t te, uint32_t cmd_or_iof, stmf_data_buf_t *dbuf)
4562 {
4563         stmf_task_audit_rec_t *ar;
4564 
4565         mutex_enter(&itask->itask_audit_mutex);
4566         ar = &itask->itask_audit_records[itask->itask_audit_index++];
4567         itask->itask_audit_index &= (ITASK_TASK_AUDIT_DEPTH - 1);
4568         ar->ta_event = te;
4569         ar->ta_cmd_or_iof = cmd_or_iof;
4570         ar->ta_itask_flags = itask->itask_flags;
4571         ar->ta_dbuf = dbuf;
4572         gethrestime(&ar->ta_timestamp);
4573         mutex_exit(&itask->itask_audit_mutex);
4574 }
4575 
4576 
4577 /*
4578  * ++++++++++++++ ABORT LOGIC ++++++++++++++++++++
4579  * Once ITASK_BEING_ABORTED is set, ITASK_KNOWN_TO_LU can be reset already
4580  * i.e. before ITASK_BEING_ABORTED being set. But if it was not, it cannot
4581  * be reset until the LU explicitly calls stmf_task_lu_aborted(). Of course
4582  * the LU will make this call only if we call the LU's abort entry point.
4583  * we will only call that entry point if ITASK_KNOWN_TO_LU was set.
4584  *
4585  * Same logic applies for the port.
4586  *
4587  * Also ITASK_BEING_ABORTED will not be allowed to set if both KNOWN_TO_LU
4588  * and KNOWN_TO_TGT_PORT are reset.
4589  *
4590  * +++++++++++++++++++++++++++++++++++++++++++++++
4591  */
4592 
4593 stmf_status_t
4594 stmf_xfer_data(scsi_task_t *task, stmf_data_buf_t *dbuf, uint32_t ioflags)
4595 {
4596         stmf_status_t ret = STMF_SUCCESS;
4597 
4598         stmf_i_scsi_task_t *itask =
4599             (stmf_i_scsi_task_t *)task->task_stmf_private;
4600 
4601         stmf_task_audit(itask, TE_XFER_START, ioflags, dbuf);
4602 
4603         if (ioflags & STMF_IOF_LU_DONE) {
4604                 uint32_t new, old;
4605                 do {
4606                         new = old = itask->itask_flags;
4607                         if (new & ITASK_BEING_ABORTED)
4608                                 return (STMF_ABORTED);
4609                         new &= ~ITASK_KNOWN_TO_LU;
4610                 } while (atomic_cas_32(&itask->itask_flags, old, new) != old);
4611         }
4612         if (itask->itask_flags & ITASK_BEING_ABORTED)
4613                 return (STMF_ABORTED);
4614 #ifdef  DEBUG
4615         if (!(ioflags & STMF_IOF_STATS_ONLY) && stmf_drop_buf_counter > 0) {
4616                 if (atomic_dec_32_nv((uint32_t *)&stmf_drop_buf_counter) ==
4617                     1)
4618                         return (STMF_SUCCESS);
4619         }
4620 #endif
4621 
4622         stmf_update_kstat_lu_io(task, dbuf);
4623         stmf_update_kstat_lport_io(task, dbuf);
4624         stmf_lport_xfer_start(itask, dbuf);
4625         if (ioflags & STMF_IOF_STATS_ONLY) {
4626                 stmf_lport_xfer_done(itask, dbuf);
4627                 return (STMF_SUCCESS);
4628         }
4629 
4630         dbuf->db_flags |= DB_LPORT_XFER_ACTIVE;
4631         ret = task->task_lport->lport_xfer_data(task, dbuf, ioflags);
4632 
4633         /*
4634          * Port provider may have already called the buffer callback in
4635          * which case dbuf->db_xfer_start_timestamp will be 0.
4636          */
4637         if (ret != STMF_SUCCESS) {
4638                 dbuf->db_flags &= ~DB_LPORT_XFER_ACTIVE;
4639                 if (dbuf->db_xfer_start_timestamp != 0)
4640                         stmf_lport_xfer_done(itask, dbuf);
4641         }
4642 
4643         return (ret);
4644 }
4645 
4646 void
4647 stmf_data_xfer_done(scsi_task_t *task, stmf_data_buf_t *dbuf, uint32_t iof)
4648 {
4649         stmf_i_scsi_task_t *itask =
4650             (stmf_i_scsi_task_t *)task->task_stmf_private;
4651         stmf_i_local_port_t *ilport;
4652         stmf_worker_t *w = itask->itask_worker;
4653         uint32_t new, old;
4654         uint8_t update_queue_flags, free_it, queue_it;
4655 
4656         stmf_lport_xfer_done(itask, dbuf);
4657 
4658         stmf_task_audit(itask, TE_XFER_DONE, iof, dbuf);
4659 
4660         /* Guard against unexpected completions from the lport */
4661         if (dbuf->db_flags & DB_LPORT_XFER_ACTIVE) {
4662                 dbuf->db_flags &= ~DB_LPORT_XFER_ACTIVE;
4663         } else {
4664                 /*
4665                  * This should never happen.
4666                  */
4667                 ilport = task->task_lport->lport_stmf_private;
4668                 ilport->ilport_unexpected_comp++;
4669                 cmn_err(CE_PANIC, "Unexpected xfer completion task %p dbuf %p",
4670                     (void *)task, (void *)dbuf);
4671                 return;
4672         }
4673 
4674         mutex_enter(&w->worker_lock);
4675         do {
4676                 new = old = itask->itask_flags;
4677                 if (old & ITASK_BEING_ABORTED) {
4678                         mutex_exit(&w->worker_lock);
4679                         return;
4680                 }
4681                 free_it = 0;
4682                 if (iof & STMF_IOF_LPORT_DONE) {
4683                         new &= ~ITASK_KNOWN_TO_TGT_PORT;
4684                         task->task_completion_status = dbuf->db_xfer_status;
4685                         free_it = 1;
4686                 }
4687                 /*
4688                  * If the task is known to LU then queue it. But if
4689                  * it is already queued (multiple completions) then
4690                  * just update the buffer information by grabbing the
4691                  * worker lock. If the task is not known to LU,
4692                  * completed/aborted, then see if we need to
4693                  * free this task.
4694                  */
4695                 if (old & ITASK_KNOWN_TO_LU) {
4696                         free_it = 0;
4697                         update_queue_flags = 1;
4698                         if (old & ITASK_IN_WORKER_QUEUE) {
4699                                 queue_it = 0;
4700                         } else {
4701                                 queue_it = 1;
4702                                 new |= ITASK_IN_WORKER_QUEUE;
4703                         }
4704                 } else {
4705                         update_queue_flags = 0;
4706                         queue_it = 0;
4707                 }
4708         } while (atomic_cas_32(&itask->itask_flags, old, new) != old);
4709 
4710         if (update_queue_flags) {
4711                 uint8_t cmd = (dbuf->db_handle << 5) | ITASK_CMD_DATA_XFER_DONE;
4712 
4713                 ASSERT(itask->itask_ncmds < ITASK_MAX_NCMDS);
4714                 itask->itask_cmd_stack[itask->itask_ncmds++] = cmd;
4715                 if (queue_it) {
4716                         itask->itask_worker_next = NULL;
4717                         if (w->worker_task_tail) {
4718                                 w->worker_task_tail->itask_worker_next = itask;
4719                         } else {
4720                                 w->worker_task_head = itask;
4721                         }
4722                         w->worker_task_tail = itask;
4723                         /* Measure task waitq time */
4724                         itask->itask_waitq_enter_timestamp = gethrtime();
4725                         if (++(w->worker_queue_depth) >
4726                             w->worker_max_qdepth_pu) {
4727                                 w->worker_max_qdepth_pu = w->worker_queue_depth;
4728                         }
4729                         if ((w->worker_flags & STMF_WORKER_ACTIVE) == 0)
4730                                 cv_signal(&w->worker_cv);
4731                 }
4732         }
4733         mutex_exit(&w->worker_lock);
4734 
4735         if (free_it) {
4736                 if ((itask->itask_flags & (ITASK_KNOWN_TO_LU |
4737                     ITASK_KNOWN_TO_TGT_PORT | ITASK_IN_WORKER_QUEUE |
4738                     ITASK_BEING_ABORTED)) == 0) {
4739                         stmf_task_free(task);
4740                 }
4741         }
4742 }
4743 
4744 stmf_status_t
4745 stmf_send_scsi_status(scsi_task_t *task, uint32_t ioflags)
4746 {
4747         DTRACE_PROBE1(scsi__send__status, scsi_task_t *, task);
4748 
4749         stmf_i_scsi_task_t *itask =
4750             (stmf_i_scsi_task_t *)task->task_stmf_private;
4751 
4752         stmf_task_audit(itask, TE_SEND_STATUS, ioflags, NULL);
4753 
4754         if (ioflags & STMF_IOF_LU_DONE) {
4755                 uint32_t new, old;
4756                 do {
4757                         new = old = itask->itask_flags;
4758                         if (new & ITASK_BEING_ABORTED)
4759                                 return (STMF_ABORTED);
4760                         new &= ~ITASK_KNOWN_TO_LU;
4761                 } while (atomic_cas_32(&itask->itask_flags, old, new) != old);
4762         }
4763 
4764         if (!(itask->itask_flags & ITASK_KNOWN_TO_TGT_PORT)) {
4765                 return (STMF_SUCCESS);
4766         }
4767 
4768         if (itask->itask_flags & ITASK_BEING_ABORTED)
4769                 return (STMF_ABORTED);
4770 
4771         if (task->task_additional_flags & TASK_AF_NO_EXPECTED_XFER_LENGTH) {
4772                 task->task_status_ctrl = 0;
4773                 task->task_resid = 0;
4774         } else if (task->task_cmd_xfer_length >
4775             task->task_expected_xfer_length) {
4776                 task->task_status_ctrl = TASK_SCTRL_OVER;
4777                 task->task_resid = task->task_cmd_xfer_length -
4778                     task->task_expected_xfer_length;
4779         } else if (task->task_nbytes_transferred <
4780             task->task_expected_xfer_length) {
4781                 task->task_status_ctrl = TASK_SCTRL_UNDER;
4782                 task->task_resid = task->task_expected_xfer_length -
4783                     task->task_nbytes_transferred;
4784         } else {
4785                 task->task_status_ctrl = 0;
4786                 task->task_resid = 0;
4787         }
4788         return (task->task_lport->lport_send_status(task, ioflags));
4789 }
4790 
4791 void
4792 stmf_send_status_done(scsi_task_t *task, stmf_status_t s, uint32_t iof)
4793 {
4794         stmf_i_scsi_task_t *itask =
4795             (stmf_i_scsi_task_t *)task->task_stmf_private;
4796         stmf_worker_t *w = itask->itask_worker;
4797         uint32_t new, old;
4798         uint8_t free_it, queue_it;
4799 
4800         stmf_task_audit(itask, TE_SEND_STATUS_DONE, iof, NULL);
4801 
4802         mutex_enter(&w->worker_lock);
4803         do {
4804                 new = old = itask->itask_flags;
4805                 if (old & ITASK_BEING_ABORTED) {
4806                         mutex_exit(&w->worker_lock);
4807                         return;
4808                 }
4809                 free_it = 0;
4810                 if (iof & STMF_IOF_LPORT_DONE) {
4811                         new &= ~ITASK_KNOWN_TO_TGT_PORT;
4812                         free_it = 1;
4813                 }
4814                 /*
4815                  * If the task is known to LU then queue it. But if
4816                  * it is already queued (multiple completions) then
4817                  * just update the buffer information by grabbing the
4818                  * worker lock. If the task is not known to LU,
4819                  * completed/aborted, then see if we need to
4820                  * free this task.
4821                  */
4822                 if (old & ITASK_KNOWN_TO_LU) {
4823                         free_it = 0;
4824                         queue_it = 1;
4825                         if (old & ITASK_IN_WORKER_QUEUE) {
4826                                 cmn_err(CE_PANIC, "status completion received"
4827                                     " when task is already in worker queue "
4828                                     " task = %p", (void *)task);
4829                         }
4830                         new |= ITASK_IN_WORKER_QUEUE;
4831                 } else {
4832                         queue_it = 0;
4833                 }
4834         } while (atomic_cas_32(&itask->itask_flags, old, new) != old);
4835         task->task_completion_status = s;
4836 
4837 
4838         if (queue_it) {
4839                 ASSERT(itask->itask_ncmds < ITASK_MAX_NCMDS);
4840                 itask->itask_cmd_stack[itask->itask_ncmds++] =
4841                     ITASK_CMD_STATUS_DONE;
4842                 itask->itask_worker_next = NULL;
4843                 if (w->worker_task_tail) {
4844                         w->worker_task_tail->itask_worker_next = itask;
4845                 } else {
4846                         w->worker_task_head = itask;
4847                 }
4848                 w->worker_task_tail = itask;
4849                 /* Measure task waitq time */
4850                 itask->itask_waitq_enter_timestamp = gethrtime();
4851                 if (++(w->worker_queue_depth) > w->worker_max_qdepth_pu) {
4852                         w->worker_max_qdepth_pu = w->worker_queue_depth;
4853                 }
4854                 if ((w->worker_flags & STMF_WORKER_ACTIVE) == 0)
4855                         cv_signal(&w->worker_cv);
4856         }
4857         mutex_exit(&w->worker_lock);
4858 
4859         if (free_it) {
4860                 if ((itask->itask_flags & (ITASK_KNOWN_TO_LU |
4861                     ITASK_KNOWN_TO_TGT_PORT | ITASK_IN_WORKER_QUEUE |
4862                     ITASK_BEING_ABORTED)) == 0) {
4863                         stmf_task_free(task);
4864                 } else {
4865                         cmn_err(CE_PANIC, "LU is done with the task but LPORT "
4866                             " is not done, itask %p itask_flags %x",
4867                             (void *)itask, itask->itask_flags);
4868                 }
4869         }
4870 }
4871 
4872 void
4873 stmf_task_lu_done(scsi_task_t *task)
4874 {
4875         stmf_i_scsi_task_t *itask =
4876             (stmf_i_scsi_task_t *)task->task_stmf_private;
4877         stmf_worker_t *w = itask->itask_worker;
4878         uint32_t new, old;
4879 
4880         mutex_enter(&w->worker_lock);
4881         do {
4882                 new = old = itask->itask_flags;
4883                 if (old & ITASK_BEING_ABORTED) {
4884                         mutex_exit(&w->worker_lock);
4885                         return;
4886                 }
4887                 if (old & ITASK_IN_WORKER_QUEUE) {
4888                         cmn_err(CE_PANIC, "task_lu_done received"
4889                             " when task is in worker queue "
4890                             " task = %p", (void *)task);
4891                 }
4892                 new &= ~ITASK_KNOWN_TO_LU;
4893         } while (atomic_cas_32(&itask->itask_flags, old, new) != old);
4894 
4895         mutex_exit(&w->worker_lock);
4896 
4897         if ((itask->itask_flags & (ITASK_KNOWN_TO_LU |
4898             ITASK_KNOWN_TO_TGT_PORT | ITASK_IN_WORKER_QUEUE |
4899             ITASK_BEING_ABORTED)) == 0) {
4900                 stmf_task_free(task);
4901         } else {
4902                 cmn_err(CE_PANIC, "stmf_lu_done should be the last stage but "
4903                     " the task is still not done, task = %p", (void *)task);
4904         }
4905 }
4906 
4907 void
4908 stmf_queue_task_for_abort(scsi_task_t *task, stmf_status_t s)
4909 {
4910         stmf_i_scsi_task_t *itask =
4911             (stmf_i_scsi_task_t *)task->task_stmf_private;
4912         stmf_worker_t *w;
4913         uint32_t old, new;
4914 
4915         stmf_task_audit(itask, TE_TASK_ABORT, CMD_OR_IOF_NA, NULL);
4916 
4917         do {
4918                 old = new = itask->itask_flags;
4919                 if ((old & ITASK_BEING_ABORTED) ||
4920                     ((old & (ITASK_KNOWN_TO_TGT_PORT |
4921                     ITASK_KNOWN_TO_LU)) == 0)) {
4922                         return;
4923                 }
4924                 new |= ITASK_BEING_ABORTED;
4925         } while (atomic_cas_32(&itask->itask_flags, old, new) != old);
4926         task->task_completion_status = s;
4927         itask->itask_start_time = ddi_get_lbolt();
4928 
4929         if (((w = itask->itask_worker) == NULL) ||
4930             (itask->itask_flags & ITASK_IN_TRANSITION)) {
4931                 return;
4932         }
4933 
4934         /* Queue it and get out */
4935         mutex_enter(&w->worker_lock);
4936         if (itask->itask_flags & ITASK_IN_WORKER_QUEUE) {
4937                 mutex_exit(&w->worker_lock);
4938                 return;
4939         }
4940         atomic_or_32(&itask->itask_flags, ITASK_IN_WORKER_QUEUE);
4941         itask->itask_worker_next = NULL;
4942         if (w->worker_task_tail) {
4943                 w->worker_task_tail->itask_worker_next = itask;
4944         } else {
4945                 w->worker_task_head = itask;
4946         }
4947         w->worker_task_tail = itask;
4948         if (++(w->worker_queue_depth) > w->worker_max_qdepth_pu) {
4949                 w->worker_max_qdepth_pu = w->worker_queue_depth;
4950         }
4951         if ((w->worker_flags & STMF_WORKER_ACTIVE) == 0)
4952                 cv_signal(&w->worker_cv);
4953         mutex_exit(&w->worker_lock);
4954 }
4955 
4956 void
4957 stmf_abort(int abort_cmd, scsi_task_t *task, stmf_status_t s, void *arg)
4958 {
4959         stmf_i_scsi_task_t *itask = NULL;
4960         uint32_t old, new, f, rf;
4961 
4962         DTRACE_PROBE2(scsi__task__abort, scsi_task_t *, task,
4963             stmf_status_t, s);
4964 
4965         switch (abort_cmd) {
4966         case STMF_QUEUE_ABORT_LU:
4967                 stmf_task_lu_killall((stmf_lu_t *)arg, task, s);
4968                 return;
4969         case STMF_QUEUE_TASK_ABORT:
4970                 stmf_queue_task_for_abort(task, s);
4971                 return;
4972         case STMF_REQUEUE_TASK_ABORT_LPORT:
4973                 rf = ITASK_TGT_PORT_ABORT_CALLED;
4974                 f = ITASK_KNOWN_TO_TGT_PORT;
4975                 break;
4976         case STMF_REQUEUE_TASK_ABORT_LU:
4977                 rf = ITASK_LU_ABORT_CALLED;
4978                 f = ITASK_KNOWN_TO_LU;
4979                 break;
4980         default:
4981                 return;
4982         }
4983         itask = (stmf_i_scsi_task_t *)task->task_stmf_private;
4984         f |= ITASK_BEING_ABORTED | rf;
4985         do {
4986                 old = new = itask->itask_flags;
4987                 if ((old & f) != f) {
4988                         return;
4989                 }
4990                 new &= ~rf;
4991         } while (atomic_cas_32(&itask->itask_flags, old, new) != old);
4992 }
4993 
4994 void
4995 stmf_task_lu_aborted(scsi_task_t *task, stmf_status_t s, uint32_t iof)
4996 {
4997         char                     info[STMF_CHANGE_INFO_LEN];
4998         stmf_i_scsi_task_t      *itask = TASK_TO_ITASK(task);
4999         unsigned long long      st;
5000 
5001         stmf_task_audit(itask, TE_TASK_LU_ABORTED, iof, NULL);
5002 
5003         st = s; /* gcc fix */
5004         if ((s != STMF_ABORT_SUCCESS) && (s != STMF_NOT_FOUND)) {
5005                 (void) snprintf(info, sizeof (info),
5006                     "task %p, lu failed to abort ret=%llx", (void *)task, st);
5007         } else if ((iof & STMF_IOF_LU_DONE) == 0) {
5008                 (void) snprintf(info, sizeof (info),
5009                     "Task aborted but LU is not finished, task ="
5010                     "%p, s=%llx, iof=%x", (void *)task, st, iof);
5011         } else {
5012                 /*
5013                  * LU abort successfully
5014                  */
5015                 atomic_and_32(&itask->itask_flags, ~ITASK_KNOWN_TO_LU);
5016                 return;
5017         }
5018 
5019         stmf_abort_task_offline(task, 1, info);
5020 }
5021 
5022 void
5023 stmf_task_lport_aborted(scsi_task_t *task, stmf_status_t s, uint32_t iof)
5024 {
5025         char                    info[STMF_CHANGE_INFO_LEN];
5026         stmf_i_scsi_task_t      *itask = TASK_TO_ITASK(task);
5027         unsigned long long      st;
5028         uint32_t                old, new;
5029 
5030         stmf_task_audit(itask, TE_TASK_LPORT_ABORTED, iof, NULL);
5031 
5032         st = s;
5033         if ((s != STMF_ABORT_SUCCESS) && (s != STMF_NOT_FOUND)) {
5034                 (void) snprintf(info, sizeof (info),
5035                     "task %p, tgt port failed to abort ret=%llx", (void *)task,
5036                     st);
5037         } else if ((iof & STMF_IOF_LPORT_DONE) == 0) {
5038                 (void) snprintf(info, sizeof (info),
5039                     "Task aborted but tgt port is not finished, "
5040                     "task=%p, s=%llx, iof=%x", (void *)task, st, iof);
5041         } else {
5042                 /*
5043                  * LPORT abort successfully
5044                  */
5045                 do {
5046                         old = new = itask->itask_flags;
5047                         if (!(old & ITASK_KNOWN_TO_TGT_PORT))
5048                                 return;
5049                         new &= ~ITASK_KNOWN_TO_TGT_PORT;
5050                 } while (atomic_cas_32(&itask->itask_flags, old, new) != old);
5051                 return;
5052         }
5053 
5054         stmf_abort_task_offline(task, 0, info);
5055 }
5056 
5057 stmf_status_t
5058 stmf_task_poll_lu(scsi_task_t *task, uint32_t timeout)
5059 {
5060         stmf_i_scsi_task_t *itask = (stmf_i_scsi_task_t *)
5061             task->task_stmf_private;
5062         stmf_worker_t *w = itask->itask_worker;
5063         int i;
5064 
5065         ASSERT(itask->itask_flags & ITASK_KNOWN_TO_LU);
5066         mutex_enter(&w->worker_lock);
5067         if (itask->itask_ncmds >= ITASK_MAX_NCMDS) {
5068                 mutex_exit(&w->worker_lock);
5069                 return (STMF_BUSY);
5070         }
5071         for (i = 0; i < itask->itask_ncmds; i++) {
5072                 if (itask->itask_cmd_stack[i] == ITASK_CMD_POLL_LU) {
5073                         mutex_exit(&w->worker_lock);
5074                         return (STMF_SUCCESS);
5075                 }
5076         }
5077         itask->itask_cmd_stack[itask->itask_ncmds++] = ITASK_CMD_POLL_LU;
5078         if (timeout == ITASK_DEFAULT_POLL_TIMEOUT) {
5079                 itask->itask_poll_timeout = ddi_get_lbolt() + 1;
5080         } else {
5081                 clock_t t = drv_usectohz(timeout * 1000);
5082                 if (t == 0)
5083                         t = 1;
5084                 itask->itask_poll_timeout = ddi_get_lbolt() + t;
5085         }
5086         if ((itask->itask_flags & ITASK_IN_WORKER_QUEUE) == 0) {
5087                 itask->itask_worker_next = NULL;
5088                 if (w->worker_task_tail) {
5089                         w->worker_task_tail->itask_worker_next = itask;
5090                 } else {
5091                         w->worker_task_head = itask;
5092                 }
5093                 w->worker_task_tail = itask;
5094                 if (++(w->worker_queue_depth) > w->worker_max_qdepth_pu) {
5095                         w->worker_max_qdepth_pu = w->worker_queue_depth;
5096                 }
5097                 atomic_or_32(&itask->itask_flags, ITASK_IN_WORKER_QUEUE);
5098                 if ((w->worker_flags & STMF_WORKER_ACTIVE) == 0)
5099                         cv_signal(&w->worker_cv);
5100         }
5101         mutex_exit(&w->worker_lock);
5102         return (STMF_SUCCESS);
5103 }
5104 
5105 stmf_status_t
5106 stmf_task_poll_lport(scsi_task_t *task, uint32_t timeout)
5107 {
5108         stmf_i_scsi_task_t *itask = (stmf_i_scsi_task_t *)
5109             task->task_stmf_private;
5110         stmf_worker_t *w = itask->itask_worker;
5111         int i;
5112 
5113         ASSERT(itask->itask_flags & ITASK_KNOWN_TO_TGT_PORT);
5114         mutex_enter(&w->worker_lock);
5115         if (itask->itask_ncmds >= ITASK_MAX_NCMDS) {
5116                 mutex_exit(&w->worker_lock);
5117                 return (STMF_BUSY);
5118         }
5119         for (i = 0; i < itask->itask_ncmds; i++) {
5120                 if (itask->itask_cmd_stack[i] == ITASK_CMD_POLL_LPORT) {
5121                         mutex_exit(&w->worker_lock);
5122                         return (STMF_SUCCESS);
5123                 }
5124         }
5125         itask->itask_cmd_stack[itask->itask_ncmds++] = ITASK_CMD_POLL_LPORT;
5126         if (timeout == ITASK_DEFAULT_POLL_TIMEOUT) {
5127                 itask->itask_poll_timeout = ddi_get_lbolt() + 1;
5128         } else {
5129                 clock_t t = drv_usectohz(timeout * 1000);
5130                 if (t == 0)
5131                         t = 1;
5132                 itask->itask_poll_timeout = ddi_get_lbolt() + t;
5133         }
5134         if ((itask->itask_flags & ITASK_IN_WORKER_QUEUE) == 0) {
5135                 itask->itask_worker_next = NULL;
5136                 if (w->worker_task_tail) {
5137                         w->worker_task_tail->itask_worker_next = itask;
5138                 } else {
5139                         w->worker_task_head = itask;
5140                 }
5141                 w->worker_task_tail = itask;
5142                 if (++(w->worker_queue_depth) > w->worker_max_qdepth_pu) {
5143                         w->worker_max_qdepth_pu = w->worker_queue_depth;
5144                 }
5145                 if ((w->worker_flags & STMF_WORKER_ACTIVE) == 0)
5146                         cv_signal(&w->worker_cv);
5147         }
5148         mutex_exit(&w->worker_lock);
5149         return (STMF_SUCCESS);
5150 }
5151 
5152 void
5153 stmf_do_task_abort(scsi_task_t *task)
5154 {
5155         stmf_i_scsi_task_t      *itask = TASK_TO_ITASK(task);
5156         stmf_lu_t               *lu;
5157         stmf_local_port_t       *lport;
5158         unsigned long long       ret;
5159         uint32_t                 old, new;
5160         uint8_t                  call_lu_abort, call_port_abort;
5161         char                     info[STMF_CHANGE_INFO_LEN];
5162 
5163         lu = task->task_lu;
5164         lport = task->task_lport;
5165         do {
5166                 old = new = itask->itask_flags;
5167                 if ((old & (ITASK_KNOWN_TO_LU | ITASK_LU_ABORT_CALLED)) ==
5168                     ITASK_KNOWN_TO_LU) {
5169                         new |= ITASK_LU_ABORT_CALLED;
5170                         call_lu_abort = 1;
5171                 } else {
5172                         call_lu_abort = 0;
5173                 }
5174         } while (atomic_cas_32(&itask->itask_flags, old, new) != old);
5175 
5176         if (call_lu_abort) {
5177                 if ((itask->itask_flags & ITASK_DEFAULT_HANDLING) == 0) {
5178                         ret = lu->lu_abort(lu, STMF_LU_ABORT_TASK, task, 0);
5179                 } else {
5180                         ret = dlun0->lu_abort(lu, STMF_LU_ABORT_TASK, task, 0);
5181                 }
5182                 if ((ret == STMF_ABORT_SUCCESS) || (ret == STMF_NOT_FOUND)) {
5183                         stmf_task_lu_aborted(task, ret, STMF_IOF_LU_DONE);
5184                 } else if (ret == STMF_BUSY) {
5185                         atomic_and_32(&itask->itask_flags,
5186                             ~ITASK_LU_ABORT_CALLED);
5187                 } else if (ret != STMF_SUCCESS) {
5188                         (void) snprintf(info, sizeof (info),
5189                             "Abort failed by LU %p, ret %llx", (void *)lu, ret);
5190                         stmf_abort_task_offline(task, 1, info);
5191                 }
5192         } else if (itask->itask_flags & ITASK_KNOWN_TO_LU) {
5193                 if (ddi_get_lbolt() > (itask->itask_start_time +
5194                     STMF_SEC2TICK(lu->lu_abort_timeout?
5195                     lu->lu_abort_timeout : ITASK_DEFAULT_ABORT_TIMEOUT))) {
5196                         (void) snprintf(info, sizeof (info),
5197                             "lu abort timed out");
5198                         stmf_abort_task_offline(itask->itask_task, 1, info);
5199                 }
5200         }
5201 
5202         do {
5203                 old = new = itask->itask_flags;
5204                 if ((old & (ITASK_KNOWN_TO_TGT_PORT |
5205                     ITASK_TGT_PORT_ABORT_CALLED)) == ITASK_KNOWN_TO_TGT_PORT) {
5206                         new |= ITASK_TGT_PORT_ABORT_CALLED;
5207                         call_port_abort = 1;
5208                 } else {
5209                         call_port_abort = 0;
5210                 }
5211         } while (atomic_cas_32(&itask->itask_flags, old, new) != old);
5212         if (call_port_abort) {
5213                 ret = lport->lport_abort(lport, STMF_LPORT_ABORT_TASK, task, 0);
5214                 if ((ret == STMF_ABORT_SUCCESS) || (ret == STMF_NOT_FOUND)) {
5215                         stmf_task_lport_aborted(task, ret, STMF_IOF_LPORT_DONE);
5216                 } else if (ret == STMF_BUSY) {
5217                         atomic_and_32(&itask->itask_flags,
5218                             ~ITASK_TGT_PORT_ABORT_CALLED);
5219                 } else if (ret != STMF_SUCCESS) {
5220                         (void) snprintf(info, sizeof (info),
5221                             "Abort failed by tgt port %p ret %llx",
5222                             (void *)lport, ret);
5223                         stmf_abort_task_offline(task, 0, info);
5224                 }
5225         } else if (itask->itask_flags & ITASK_KNOWN_TO_TGT_PORT) {
5226                 if (ddi_get_lbolt() > (itask->itask_start_time +
5227                     STMF_SEC2TICK(lport->lport_abort_timeout?
5228                     lport->lport_abort_timeout :
5229                     ITASK_DEFAULT_ABORT_TIMEOUT))) {
5230                         (void) snprintf(info, sizeof (info),
5231                             "lport abort timed out");
5232                         stmf_abort_task_offline(itask->itask_task, 0, info);
5233                 }
5234         }
5235 }
5236 
5237 stmf_status_t
5238 stmf_ctl(int cmd, void *obj, void *arg)
5239 {
5240         stmf_status_t                   ret;
5241         stmf_i_lu_t                     *ilu;
5242         stmf_i_local_port_t             *ilport;
5243         stmf_state_change_info_t        *ssci = (stmf_state_change_info_t *)arg;
5244 
5245         mutex_enter(&stmf_state.stmf_lock);
5246         ret = STMF_INVALID_ARG;
5247         if (cmd & STMF_CMD_LU_OP) {
5248                 ilu = stmf_lookup_lu((stmf_lu_t *)obj);
5249                 if (ilu == NULL) {
5250                         goto stmf_ctl_lock_exit;
5251                 }
5252                 DTRACE_PROBE3(lu__state__change,
5253                     stmf_lu_t *, ilu->ilu_lu,
5254                     int, cmd, stmf_state_change_info_t *, ssci);
5255         } else if (cmd & STMF_CMD_LPORT_OP) {
5256                 ilport = stmf_lookup_lport((stmf_local_port_t *)obj);
5257                 if (ilport == NULL) {
5258                         goto stmf_ctl_lock_exit;
5259                 }
5260                 DTRACE_PROBE3(lport__state__change,
5261                     stmf_local_port_t *, ilport->ilport_lport,
5262                     int, cmd, stmf_state_change_info_t *, ssci);
5263         } else {
5264                 goto stmf_ctl_lock_exit;
5265         }
5266 
5267         switch (cmd) {
5268         case STMF_CMD_LU_ONLINE:
5269                 switch (ilu->ilu_state) {
5270                         case STMF_STATE_OFFLINE:
5271                                 ret = STMF_SUCCESS;
5272                                 break;
5273                         case STMF_STATE_ONLINE:
5274                         case STMF_STATE_ONLINING:
5275                                 ret = STMF_ALREADY;
5276                                 break;
5277                         case STMF_STATE_OFFLINING:
5278                                 ret = STMF_BUSY;
5279                                 break;
5280                         default:
5281                                 ret = STMF_BADSTATE;
5282                                 break;
5283                 }
5284                 if (ret != STMF_SUCCESS)
5285                         goto stmf_ctl_lock_exit;
5286 
5287                 ilu->ilu_state = STMF_STATE_ONLINING;
5288                 mutex_exit(&stmf_state.stmf_lock);
5289                 stmf_svc_queue(cmd, obj, (stmf_state_change_info_t *)arg);
5290                 break;
5291 
5292         case STMF_CMD_LU_ONLINE_COMPLETE:
5293                 if (ilu->ilu_state != STMF_STATE_ONLINING) {
5294                         ret = STMF_BADSTATE;
5295                         goto stmf_ctl_lock_exit;
5296                 }
5297                 if (((stmf_change_status_t *)arg)->st_completion_status ==
5298                     STMF_SUCCESS) {
5299                         ilu->ilu_state = STMF_STATE_ONLINE;
5300                         mutex_exit(&stmf_state.stmf_lock);
5301                         ((stmf_lu_t *)obj)->lu_ctl((stmf_lu_t *)obj,
5302                             STMF_ACK_LU_ONLINE_COMPLETE, arg);
5303                         mutex_enter(&stmf_state.stmf_lock);
5304                         stmf_add_lu_to_active_sessions((stmf_lu_t *)obj);
5305                 } else {
5306                         /* XXX: should throw a meesage an record more data */
5307                         ilu->ilu_state = STMF_STATE_OFFLINE;
5308                 }
5309                 ret = STMF_SUCCESS;
5310                 goto stmf_ctl_lock_exit;
5311 
5312         case STMF_CMD_LU_OFFLINE:
5313                 switch (ilu->ilu_state) {
5314                         case STMF_STATE_ONLINE:
5315                                 ret = STMF_SUCCESS;
5316                                 break;
5317                         case STMF_STATE_OFFLINE:
5318                         case STMF_STATE_OFFLINING:
5319                                 ret = STMF_ALREADY;
5320                                 break;
5321                         case STMF_STATE_ONLINING:
5322                                 ret = STMF_BUSY;
5323                                 break;
5324                         default:
5325                                 ret = STMF_BADSTATE;
5326                                 break;
5327                 }
5328                 if (ret != STMF_SUCCESS)
5329                         goto stmf_ctl_lock_exit;
5330                 ilu->ilu_state = STMF_STATE_OFFLINING;
5331                 mutex_exit(&stmf_state.stmf_lock);
5332                 stmf_svc_queue(cmd, obj, (stmf_state_change_info_t *)arg);
5333                 break;
5334 
5335         case STMF_CMD_LU_OFFLINE_COMPLETE:
5336                 if (ilu->ilu_state != STMF_STATE_OFFLINING) {
5337                         ret = STMF_BADSTATE;
5338                         goto stmf_ctl_lock_exit;
5339                 }
5340                 if (((stmf_change_status_t *)arg)->st_completion_status ==
5341                     STMF_SUCCESS) {
5342                         ilu->ilu_state = STMF_STATE_OFFLINE;
5343                         mutex_exit(&stmf_state.stmf_lock);
5344                         ((stmf_lu_t *)obj)->lu_ctl((stmf_lu_t *)obj,
5345                             STMF_ACK_LU_OFFLINE_COMPLETE, arg);
5346                         mutex_enter(&stmf_state.stmf_lock);
5347                 } else {
5348                         ilu->ilu_state = STMF_STATE_ONLINE;
5349                         stmf_add_lu_to_active_sessions((stmf_lu_t *)obj);
5350                 }
5351                 mutex_exit(&stmf_state.stmf_lock);
5352                 break;
5353 
5354         /*
5355          * LPORT_ONLINE/OFFLINE has nothing to do with link offline/online.
5356          * It's related with hardware disable/enable.
5357          */
5358         case STMF_CMD_LPORT_ONLINE:
5359                 switch (ilport->ilport_state) {
5360                         case STMF_STATE_OFFLINE:
5361                                 ret = STMF_SUCCESS;
5362                                 break;
5363                         case STMF_STATE_ONLINE:
5364                         case STMF_STATE_ONLINING:
5365                                 ret = STMF_ALREADY;
5366                                 break;
5367                         case STMF_STATE_OFFLINING:
5368                                 ret = STMF_BUSY;
5369                                 break;
5370                         default:
5371                                 ret = STMF_BADSTATE;
5372                                 break;
5373                 }
5374                 if (ret != STMF_SUCCESS)
5375                         goto stmf_ctl_lock_exit;
5376 
5377                 /*
5378                  * Only user request can recover the port from the
5379                  * FORCED_OFFLINE state
5380                  */
5381                 if (ilport->ilport_flags & ILPORT_FORCED_OFFLINE) {
5382                         if (!(ssci->st_rflags & STMF_RFLAG_USER_REQUEST)) {
5383                                 ret = STMF_FAILURE;
5384                                 goto stmf_ctl_lock_exit;
5385                         }
5386                 }
5387 
5388                 /*
5389                  * Avoid too frequent request to online
5390                  */
5391                 if (ssci->st_rflags & STMF_RFLAG_USER_REQUEST) {
5392                         ilport->ilport_online_times = 0;
5393                         ilport->ilport_avg_interval = 0;
5394                 }
5395                 if ((ilport->ilport_avg_interval < STMF_AVG_ONLINE_INTERVAL) &&
5396                     (ilport->ilport_online_times >= 4)) {
5397                         ret = STMF_FAILURE;
5398                         ilport->ilport_flags |= ILPORT_FORCED_OFFLINE;
5399                         stmf_trace(NULL, "stmf_ctl: too frequent request to "
5400                             "online the port");
5401                         cmn_err(CE_WARN, "stmf_ctl: too frequent request to "
5402                             "online the port, set FORCED_OFFLINE now");
5403                         goto stmf_ctl_lock_exit;
5404                 }
5405                 if (ilport->ilport_online_times > 0) {
5406                         if (ilport->ilport_online_times == 1) {
5407                                 ilport->ilport_avg_interval = ddi_get_lbolt() -
5408                                     ilport->ilport_last_online_clock;
5409                         } else {
5410                                 ilport->ilport_avg_interval =
5411                                     (ilport->ilport_avg_interval +
5412                                     ddi_get_lbolt() -
5413                                     ilport->ilport_last_online_clock) >> 1;
5414                         }
5415                 }
5416                 ilport->ilport_last_online_clock = ddi_get_lbolt();
5417                 ilport->ilport_online_times++;
5418 
5419                 /*
5420                  * Submit online service request
5421                  */
5422                 ilport->ilport_flags &= ~ILPORT_FORCED_OFFLINE;
5423                 ilport->ilport_state = STMF_STATE_ONLINING;
5424                 mutex_exit(&stmf_state.stmf_lock);
5425                 stmf_svc_queue(cmd, obj, (stmf_state_change_info_t *)arg);
5426                 break;
5427 
5428         case STMF_CMD_LPORT_ONLINE_COMPLETE:
5429                 if (ilport->ilport_state != STMF_STATE_ONLINING) {
5430                         ret = STMF_BADSTATE;
5431                         goto stmf_ctl_lock_exit;
5432                 }
5433                 if (((stmf_change_status_t *)arg)->st_completion_status ==
5434                     STMF_SUCCESS) {
5435                         ilport->ilport_state = STMF_STATE_ONLINE;
5436                         mutex_exit(&stmf_state.stmf_lock);
5437                         ((stmf_local_port_t *)obj)->lport_ctl(
5438                             (stmf_local_port_t *)obj,
5439                             STMF_ACK_LPORT_ONLINE_COMPLETE, arg);
5440                         mutex_enter(&stmf_state.stmf_lock);
5441                 } else {
5442                         ilport->ilport_state = STMF_STATE_OFFLINE;
5443                 }
5444                 ret = STMF_SUCCESS;
5445                 goto stmf_ctl_lock_exit;
5446 
5447         case STMF_CMD_LPORT_OFFLINE:
5448                 switch (ilport->ilport_state) {
5449                         case STMF_STATE_ONLINE:
5450                                 ret = STMF_SUCCESS;
5451                                 break;
5452                         case STMF_STATE_OFFLINE:
5453                         case STMF_STATE_OFFLINING:
5454                                 ret = STMF_ALREADY;
5455                                 break;
5456                         case STMF_STATE_ONLINING:
5457                                 ret = STMF_BUSY;
5458                                 break;
5459                         default:
5460                                 ret = STMF_BADSTATE;
5461                                 break;
5462                 }
5463                 if (ret != STMF_SUCCESS)
5464                         goto stmf_ctl_lock_exit;
5465 
5466                 ilport->ilport_state = STMF_STATE_OFFLINING;
5467                 mutex_exit(&stmf_state.stmf_lock);
5468                 stmf_svc_queue(cmd, obj, (stmf_state_change_info_t *)arg);
5469                 break;
5470 
5471         case STMF_CMD_LPORT_OFFLINE_COMPLETE:
5472                 if (ilport->ilport_state != STMF_STATE_OFFLINING) {
5473                         ret = STMF_BADSTATE;
5474                         goto stmf_ctl_lock_exit;
5475                 }
5476                 if (((stmf_change_status_t *)arg)->st_completion_status ==
5477                     STMF_SUCCESS) {
5478                         ilport->ilport_state = STMF_STATE_OFFLINE;
5479                         mutex_exit(&stmf_state.stmf_lock);
5480                         ((stmf_local_port_t *)obj)->lport_ctl(
5481                             (stmf_local_port_t *)obj,
5482                             STMF_ACK_LPORT_OFFLINE_COMPLETE, arg);
5483                         mutex_enter(&stmf_state.stmf_lock);
5484                 } else {
5485                         ilport->ilport_state = STMF_STATE_ONLINE;
5486                 }
5487                 mutex_exit(&stmf_state.stmf_lock);
5488                 break;
5489 
5490         default:
5491                 cmn_err(CE_WARN, "Invalid ctl cmd received %x", cmd);
5492                 ret = STMF_INVALID_ARG;
5493                 goto stmf_ctl_lock_exit;
5494         }
5495 
5496         return (STMF_SUCCESS);
5497 
5498 stmf_ctl_lock_exit:;
5499         mutex_exit(&stmf_state.stmf_lock);
5500         return (ret);
5501 }
5502 
5503 /* ARGSUSED */
5504 stmf_status_t
5505 stmf_info_impl(uint32_t cmd, void *arg1, void *arg2, uint8_t *buf,
5506                                                 uint32_t *bufsizep)
5507 {
5508         return (STMF_NOT_SUPPORTED);
5509 }
5510 
5511 /* ARGSUSED */
5512 stmf_status_t
5513 stmf_info(uint32_t cmd, void *arg1, void *arg2, uint8_t *buf,
5514                                                 uint32_t *bufsizep)
5515 {
5516         uint32_t cl = SI_GET_CLASS(cmd);
5517 
5518         if (cl == SI_STMF) {
5519                 return (stmf_info_impl(cmd, arg1, arg2, buf, bufsizep));
5520         }
5521         if (cl == SI_LPORT) {
5522                 return (((stmf_local_port_t *)arg1)->lport_info(cmd, arg1,
5523                     arg2, buf, bufsizep));
5524         } else if (cl == SI_LU) {
5525                 return (((stmf_lu_t *)arg1)->lu_info(cmd, arg1, arg2, buf,
5526                     bufsizep));
5527         }
5528 
5529         return (STMF_NOT_SUPPORTED);
5530 }
5531 
5532 /*
5533  * Used by port providers. pwwn is 8 byte wwn, sdid is the devid used by
5534  * stmf to register local ports. The ident should have 20 bytes in buffer
5535  * space to convert the wwn to "wwn.xxxxxxxxxxxxxxxx" string.
5536  */
5537 void
5538 stmf_wwn_to_devid_desc(scsi_devid_desc_t *sdid, uint8_t *wwn,
5539     uint8_t protocol_id)
5540 {
5541         char wwn_str[20+1];
5542 
5543         sdid->protocol_id = protocol_id;
5544         sdid->piv = 1;
5545         sdid->code_set = CODE_SET_ASCII;
5546         sdid->association = ID_IS_TARGET_PORT;
5547         sdid->ident_length = 20;
5548         /* Convert wwn value to "wwn.XXXXXXXXXXXXXXXX" format */
5549         (void) snprintf(wwn_str, sizeof (wwn_str),
5550             "wwn.%02X%02X%02X%02X%02X%02X%02X%02X",
5551             wwn[0], wwn[1], wwn[2], wwn[3], wwn[4], wwn[5], wwn[6], wwn[7]);
5552         bcopy(wwn_str, (char *)sdid->ident, 20);
5553 }
5554 
5555 
5556 stmf_xfer_data_t *
5557 stmf_prepare_tpgs_data(uint8_t ilu_alua)
5558 {
5559         stmf_xfer_data_t *xd;
5560         stmf_i_local_port_t *ilport;
5561         uint8_t *p;
5562         uint32_t sz, asz, nports = 0, nports_standby = 0;
5563 
5564         mutex_enter(&stmf_state.stmf_lock);
5565         /* check if any ports are standby and create second group */
5566         for (ilport = stmf_state.stmf_ilportlist; ilport;
5567             ilport = ilport->ilport_next) {
5568                 if (ilport->ilport_standby == 1) {
5569                         nports_standby++;
5570                 } else {
5571                         nports++;
5572                 }
5573         }
5574 
5575         /* The spec only allows for 255 ports to be reported per group */
5576         nports = min(nports, 255);
5577         nports_standby = min(nports_standby, 255);
5578         sz = (nports * 4) + 12;
5579         if (nports_standby && ilu_alua) {
5580                 sz += (nports_standby * 4) + 8;
5581         }
5582         asz = sz + sizeof (*xd) - 4;
5583         xd = (stmf_xfer_data_t *)kmem_zalloc(asz, KM_NOSLEEP);
5584         if (xd == NULL) {
5585                 mutex_exit(&stmf_state.stmf_lock);
5586                 return (NULL);
5587         }
5588         xd->alloc_size = asz;
5589         xd->size_left = sz;
5590 
5591         p = xd->buf;
5592 
5593         *((uint32_t *)p) = BE_32(sz - 4);
5594         p += 4;
5595         p[0] = 0x80;    /* PREF */
5596         p[1] = 5;       /* AO_SUP, S_SUP */
5597         if (stmf_state.stmf_alua_node == 1) {
5598                 p[3] = 1;       /* Group 1 */
5599         } else {
5600                 p[3] = 0;       /* Group 0 */
5601         }
5602         p[7] = nports & 0xff;
5603         p += 8;
5604         for (ilport = stmf_state.stmf_ilportlist; ilport;
5605             ilport = ilport->ilport_next) {
5606                 if (ilport->ilport_standby == 1) {
5607                         continue;
5608                 }
5609                 ((uint16_t *)p)[1] = BE_16(ilport->ilport_rtpid);
5610                 p += 4;
5611         }
5612         if (nports_standby && ilu_alua) {
5613                 p[0] = 0x02;    /* Non PREF, Standby */
5614                 p[1] = 5;       /* AO_SUP, S_SUP */
5615                 if (stmf_state.stmf_alua_node == 1) {
5616                         p[3] = 0;       /* Group 0 */
5617                 } else {
5618                         p[3] = 1;       /* Group 1 */
5619                 }
5620                 p[7] = nports_standby & 0xff;
5621                 p += 8;
5622                 for (ilport = stmf_state.stmf_ilportlist; ilport;
5623                     ilport = ilport->ilport_next) {
5624                         if (ilport->ilport_standby == 0) {
5625                                 continue;
5626                         }
5627                         ((uint16_t *)p)[1] = BE_16(ilport->ilport_rtpid);
5628                         p += 4;
5629                 }
5630         }
5631 
5632         mutex_exit(&stmf_state.stmf_lock);
5633 
5634         return (xd);
5635 }
5636 
5637 struct scsi_devid_desc *
5638 stmf_scsilib_get_devid_desc(uint16_t rtpid)
5639 {
5640         scsi_devid_desc_t *devid = NULL;
5641         stmf_i_local_port_t *ilport;
5642 
5643         mutex_enter(&stmf_state.stmf_lock);
5644 
5645         for (ilport = stmf_state.stmf_ilportlist; ilport;
5646             ilport = ilport->ilport_next) {
5647                 if (ilport->ilport_rtpid == rtpid) {
5648                         scsi_devid_desc_t *id = ilport->ilport_lport->lport_id;
5649                         uint32_t id_sz = sizeof (scsi_devid_desc_t) +
5650                             id->ident_length;
5651                         devid = (scsi_devid_desc_t *)kmem_zalloc(id_sz,
5652                             KM_NOSLEEP);
5653                         if (devid != NULL) {
5654                                 bcopy(id, devid, id_sz);
5655                         }
5656                         break;
5657                 }
5658         }
5659 
5660         mutex_exit(&stmf_state.stmf_lock);
5661         return (devid);
5662 }
5663 
5664 uint16_t
5665 stmf_scsilib_get_lport_rtid(struct scsi_devid_desc *devid)
5666 {
5667         stmf_i_local_port_t     *ilport;
5668         scsi_devid_desc_t       *id;
5669         uint16_t                rtpid = 0;
5670 
5671         mutex_enter(&stmf_state.stmf_lock);
5672         for (ilport = stmf_state.stmf_ilportlist; ilport;
5673             ilport = ilport->ilport_next) {
5674                 id = ilport->ilport_lport->lport_id;
5675                 if ((devid->ident_length == id->ident_length) &&
5676                     (memcmp(devid->ident, id->ident, id->ident_length) == 0)) {
5677                         rtpid = ilport->ilport_rtpid;
5678                         break;
5679                 }
5680         }
5681         mutex_exit(&stmf_state.stmf_lock);
5682         return (rtpid);
5683 }
5684 
5685 static uint16_t stmf_lu_id_gen_number = 0;
5686 
5687 stmf_status_t
5688 stmf_scsilib_uniq_lu_id(uint32_t company_id, scsi_devid_desc_t *lu_id)
5689 {
5690         return (stmf_scsilib_uniq_lu_id2(company_id, 0, lu_id));
5691 }
5692 
5693 stmf_status_t
5694 stmf_scsilib_uniq_lu_id2(uint32_t company_id, uint32_t host_id,
5695     scsi_devid_desc_t *lu_id)
5696 {
5697         uint8_t *p;
5698         struct timeval32 timestamp32;
5699         uint32_t *t = (uint32_t *)&timestamp32;
5700         struct ether_addr mac;
5701         uint8_t *e = (uint8_t *)&mac;
5702         int hid = (int)host_id;
5703         uint16_t gen_number;
5704 
5705         if (company_id == COMPANY_ID_NONE)
5706                 company_id = COMPANY_ID_SUN;
5707 
5708         if (lu_id->ident_length != 0x10)
5709                 return (STMF_INVALID_ARG);
5710 
5711         p = (uint8_t *)lu_id;
5712 
5713         gen_number = atomic_inc_16_nv(&stmf_lu_id_gen_number);
5714 
5715         p[0] = 0xf1; p[1] = 3; p[2] = 0; p[3] = 0x10;
5716         p[4] = ((company_id >> 20) & 0xf) | 0x60;
5717         p[5] = (company_id >> 12) & 0xff;
5718         p[6] = (company_id >> 4) & 0xff;
5719         p[7] = (company_id << 4) & 0xf0;
5720         if (hid == 0 && !localetheraddr((struct ether_addr *)NULL, &mac)) {
5721                 hid = BE_32((int)zone_get_hostid(NULL));
5722         }
5723         if (hid != 0) {
5724                 e[0] = (hid >> 24) & 0xff;
5725                 e[1] = (hid >> 16) & 0xff;
5726                 e[2] = (hid >> 8) & 0xff;
5727                 e[3] = hid & 0xff;
5728                 e[4] = e[5] = 0;
5729         }
5730         bcopy(e, p+8, 6);
5731         uniqtime32(&timestamp32);
5732         *t = BE_32(*t);
5733         bcopy(t, p+14, 4);
5734         p[18] = (gen_number >> 8) & 0xff;
5735         p[19] = gen_number & 0xff;
5736 
5737         return (STMF_SUCCESS);
5738 }
5739 
5740 /*
5741  * saa is sense key, ASC, ASCQ
5742  */
5743 void
5744 stmf_scsilib_send_status(scsi_task_t *task, uint8_t st, uint32_t saa)
5745 {
5746         uint8_t sd[18];
5747         task->task_scsi_status = st;
5748         if (st == 2) {
5749                 bzero(sd, 18);
5750                 sd[0] = 0x70;
5751                 sd[2] = (saa >> 16) & 0xf;
5752                 sd[7] = 10;
5753                 sd[12] = (saa >> 8) & 0xff;
5754                 sd[13] = saa & 0xff;
5755                 task->task_sense_data = sd;
5756                 task->task_sense_length = 18;
5757         } else {
5758                 task->task_sense_data = NULL;
5759                 task->task_sense_length = 0;
5760         }
5761         (void) stmf_send_scsi_status(task, STMF_IOF_LU_DONE);
5762 }
5763 
5764 uint32_t
5765 stmf_scsilib_prepare_vpd_page83(scsi_task_t *task, uint8_t *page,
5766     uint32_t page_len, uint8_t byte0, uint32_t vpd_mask)
5767 {
5768         uint8_t         *p = NULL;
5769         uint8_t         small_buf[32];
5770         uint32_t        sz = 0;
5771         uint32_t        n = 4;
5772         uint32_t        m = 0;
5773         uint32_t        last_bit = 0;
5774 
5775         if (page_len < 4)
5776                 return (0);
5777         if (page_len > 65535)
5778                 page_len = 65535;
5779 
5780         page[0] = byte0;
5781         page[1] = 0x83;
5782 
5783         /* CONSTCOND */
5784         while (1) {
5785                 m += sz;
5786                 if (sz && (page_len > n)) {
5787                         uint32_t copysz;
5788                         copysz = page_len > (n + sz) ? sz : page_len - n;
5789                         bcopy(p, page + n, copysz);
5790                         n += copysz;
5791                 }
5792                 vpd_mask &= ~last_bit;
5793                 if (vpd_mask == 0)
5794                         break;
5795 
5796                 if (vpd_mask & STMF_VPD_LU_ID) {
5797                         last_bit = STMF_VPD_LU_ID;
5798                         sz = task->task_lu->lu_id->ident_length + 4;
5799                         p = (uint8_t *)task->task_lu->lu_id;
5800                         continue;
5801                 } else if (vpd_mask & STMF_VPD_TARGET_ID) {
5802                         last_bit = STMF_VPD_TARGET_ID;
5803                         sz = task->task_lport->lport_id->ident_length + 4;
5804                         p = (uint8_t *)task->task_lport->lport_id;
5805                         continue;
5806                 } else if (vpd_mask & STMF_VPD_TP_GROUP) {
5807                         stmf_i_local_port_t *ilport;
5808                         last_bit = STMF_VPD_TP_GROUP;
5809                         p = small_buf;
5810                         bzero(p, 8);
5811                         p[0] = 1;
5812                         p[1] = 0x15;
5813                         p[3] = 4;
5814                         ilport = (stmf_i_local_port_t *)
5815                             task->task_lport->lport_stmf_private;
5816                         /*
5817                          * If we're in alua mode, group 1 contains all alua
5818                          * participating ports and all standby ports
5819                          * > 255. Otherwise, if we're in alua mode, any local
5820                          * ports (non standby/pppt) are also in group 1 if the
5821                          * alua node is 1. Otherwise the group is 0.
5822                          */
5823                         if ((stmf_state.stmf_alua_state &&
5824                             (ilport->ilport_alua || ilport->ilport_standby) &&
5825                             ilport->ilport_rtpid > 255) ||
5826                             (stmf_state.stmf_alua_node == 1 &&
5827                             ilport->ilport_standby != 1)) {
5828                                 p[7] = 1;       /* Group 1 */
5829                         }
5830                         sz = 8;
5831                         continue;
5832                 } else if (vpd_mask & STMF_VPD_RELATIVE_TP_ID) {
5833                         stmf_i_local_port_t *ilport;
5834 
5835                         last_bit = STMF_VPD_RELATIVE_TP_ID;
5836                         p = small_buf;
5837                         bzero(p, 8);
5838                         p[0] = 1;
5839                         p[1] = 0x14;
5840                         p[3] = 4;
5841                         ilport = (stmf_i_local_port_t *)
5842                             task->task_lport->lport_stmf_private;
5843                         p[6] = (ilport->ilport_rtpid >> 8) & 0xff;
5844                         p[7] = ilport->ilport_rtpid & 0xff;
5845                         sz = 8;
5846                         continue;
5847                 } else {
5848                         cmn_err(CE_WARN, "Invalid vpd_mask");
5849                         break;
5850                 }
5851         }
5852 
5853         page[2] = (m >> 8) & 0xff;
5854         page[3] = m & 0xff;
5855 
5856         return (n);
5857 }
5858 
5859 void
5860 stmf_scsilib_handle_report_tpgs(scsi_task_t *task, stmf_data_buf_t *dbuf)
5861 {
5862         stmf_i_scsi_task_t *itask =
5863             (stmf_i_scsi_task_t *)task->task_stmf_private;
5864         stmf_i_lu_t *ilu =
5865             (stmf_i_lu_t *)task->task_lu->lu_stmf_private;
5866         stmf_xfer_data_t *xd;
5867         uint32_t sz, minsz;
5868 
5869         itask->itask_flags |= ITASK_DEFAULT_HANDLING;
5870         task->task_cmd_xfer_length =
5871             ((((uint32_t)task->task_cdb[6]) << 24) |
5872             (((uint32_t)task->task_cdb[7]) << 16) |
5873             (((uint32_t)task->task_cdb[8]) << 8) |
5874             ((uint32_t)task->task_cdb[9]));
5875 
5876         if (task->task_additional_flags &
5877             TASK_AF_NO_EXPECTED_XFER_LENGTH) {
5878                 task->task_expected_xfer_length =
5879                     task->task_cmd_xfer_length;
5880         }
5881 
5882         if (task->task_cmd_xfer_length == 0) {
5883                 stmf_scsilib_send_status(task, STATUS_GOOD, 0);
5884                 return;
5885         }
5886         if (task->task_cmd_xfer_length < 4) {
5887                 stmf_scsilib_send_status(task, STATUS_CHECK,
5888                     STMF_SAA_INVALID_FIELD_IN_CDB);
5889                 return;
5890         }
5891 
5892         sz = min(task->task_expected_xfer_length,
5893             task->task_cmd_xfer_length);
5894 
5895         xd = stmf_prepare_tpgs_data(ilu->ilu_alua);
5896 
5897         if (xd == NULL) {
5898                 stmf_abort(STMF_QUEUE_TASK_ABORT, task,
5899                     STMF_ALLOC_FAILURE, NULL);
5900                 return;
5901         }
5902 
5903         sz = min(sz, xd->size_left);
5904         xd->size_left = sz;
5905         minsz = min(512, sz);
5906 
5907         if (dbuf == NULL)
5908                 dbuf = stmf_alloc_dbuf(task, sz, &minsz, 0);
5909         if (dbuf == NULL) {
5910                 kmem_free(xd, xd->alloc_size);
5911                 stmf_abort(STMF_QUEUE_TASK_ABORT, task,
5912                     STMF_ALLOC_FAILURE, NULL);
5913                 return;
5914         }
5915         dbuf->db_lu_private = xd;
5916         stmf_xd_to_dbuf(dbuf, 1);
5917 
5918         dbuf->db_flags = DB_DIRECTION_TO_RPORT;
5919         (void) stmf_xfer_data(task, dbuf, 0);
5920 
5921 }
5922 
5923 void
5924 stmf_scsilib_handle_task_mgmt(scsi_task_t *task)
5925 {
5926 
5927         switch (task->task_mgmt_function) {
5928         /*
5929          * For now we will abort all I/Os on the LU in case of ABORT_TASK_SET
5930          * and ABORT_TASK. But unlike LUN_RESET we will not reset LU state
5931          * in these cases. This needs to be changed to abort only the required
5932          * set.
5933          */
5934         case TM_ABORT_TASK:
5935         case TM_ABORT_TASK_SET:
5936         case TM_CLEAR_TASK_SET:
5937         case TM_LUN_RESET:
5938                 stmf_handle_lun_reset(task);
5939                 /* issue the reset to the proxy node as well */
5940                 if (stmf_state.stmf_alua_state == 1) {
5941                         (void) stmf_proxy_scsi_cmd(task, NULL);
5942                 }
5943                 return;
5944         case TM_TARGET_RESET:
5945         case TM_TARGET_COLD_RESET:
5946         case TM_TARGET_WARM_RESET:
5947                 stmf_handle_target_reset(task);
5948                 return;
5949         default:
5950                 /* We dont support this task mgmt function */
5951                 stmf_scsilib_send_status(task, STATUS_CHECK,
5952                     STMF_SAA_INVALID_FIELD_IN_CMD_IU);
5953                 return;
5954         }
5955 }
5956 
5957 void
5958 stmf_handle_lun_reset(scsi_task_t *task)
5959 {
5960         stmf_i_scsi_task_t *itask;
5961         stmf_i_lu_t *ilu;
5962 
5963         itask = (stmf_i_scsi_task_t *)task->task_stmf_private;
5964         ilu = (stmf_i_lu_t *)task->task_lu->lu_stmf_private;
5965 
5966         /*
5967          * To sync with target reset, grab this lock. The LU is not going
5968          * anywhere as there is atleast one task pending (this task).
5969          */
5970         mutex_enter(&stmf_state.stmf_lock);
5971 
5972         if (ilu->ilu_flags & ILU_RESET_ACTIVE) {
5973                 mutex_exit(&stmf_state.stmf_lock);
5974                 stmf_scsilib_send_status(task, STATUS_CHECK,
5975                     STMF_SAA_OPERATION_IN_PROGRESS);
5976                 return;
5977         }
5978         atomic_or_32(&ilu->ilu_flags, ILU_RESET_ACTIVE);
5979         mutex_exit(&stmf_state.stmf_lock);
5980 
5981         /*
5982          * Mark this task as the one causing LU reset so that we know who
5983          * was responsible for setting the ILU_RESET_ACTIVE. In case this
5984          * task itself gets aborted, we will clear ILU_RESET_ACTIVE.
5985          */
5986         itask->itask_flags |= ITASK_DEFAULT_HANDLING | ITASK_CAUSING_LU_RESET;
5987 
5988         /* Initiatiate abort on all commands on this LU except this one */
5989         stmf_abort(STMF_QUEUE_ABORT_LU, task, STMF_ABORTED, task->task_lu);
5990 
5991         /* Start polling on this task */
5992         if (stmf_task_poll_lu(task, ITASK_DEFAULT_POLL_TIMEOUT)
5993             != STMF_SUCCESS) {
5994                 stmf_abort(STMF_QUEUE_TASK_ABORT, task, STMF_ALLOC_FAILURE,
5995                     NULL);
5996                 return;
5997         }
5998 }
5999 
6000 void
6001 stmf_handle_target_reset(scsi_task_t *task)
6002 {
6003         stmf_i_scsi_task_t *itask;
6004         stmf_i_lu_t *ilu;
6005         stmf_i_scsi_session_t *iss;
6006         stmf_lun_map_t *lm;
6007         stmf_lun_map_ent_t *lm_ent;
6008         int i, lf;
6009 
6010         itask = (stmf_i_scsi_task_t *)task->task_stmf_private;
6011         iss = (stmf_i_scsi_session_t *)task->task_session->ss_stmf_private;
6012         ilu = (stmf_i_lu_t *)task->task_lu->lu_stmf_private;
6013 
6014         /*
6015          * To sync with LUN reset, grab this lock. The session is not going
6016          * anywhere as there is atleast one task pending (this task).
6017          */
6018         mutex_enter(&stmf_state.stmf_lock);
6019 
6020         /* Grab the session lock as a writer to prevent any changes in it */
6021         rw_enter(iss->iss_lockp, RW_WRITER);
6022 
6023         if (iss->iss_flags & ISS_RESET_ACTIVE) {
6024                 rw_exit(iss->iss_lockp);
6025                 mutex_exit(&stmf_state.stmf_lock);
6026                 stmf_scsilib_send_status(task, STATUS_CHECK,
6027                     STMF_SAA_OPERATION_IN_PROGRESS);
6028                 return;
6029         }
6030         atomic_or_32(&iss->iss_flags, ISS_RESET_ACTIVE);
6031 
6032         /*
6033          * Now go through each LUN in this session and make sure all of them
6034          * can be reset.
6035          */
6036         lm = iss->iss_sm;
6037         for (i = 0, lf = 0; i < lm->lm_nentries; i++) {
6038                 if (lm->lm_plus[i] == NULL)
6039                         continue;
6040                 lf++;
6041                 lm_ent = (stmf_lun_map_ent_t *)lm->lm_plus[i];
6042                 ilu = (stmf_i_lu_t *)(lm_ent->ent_lu->lu_stmf_private);
6043                 if (ilu->ilu_flags & ILU_RESET_ACTIVE) {
6044                         atomic_and_32(&iss->iss_flags, ~ISS_RESET_ACTIVE);
6045                         rw_exit(iss->iss_lockp);
6046                         mutex_exit(&stmf_state.stmf_lock);
6047                         stmf_scsilib_send_status(task, STATUS_CHECK,
6048                             STMF_SAA_OPERATION_IN_PROGRESS);
6049                         return;
6050                 }
6051         }
6052         if (lf == 0) {
6053                 /* No luns in this session */
6054                 atomic_and_32(&iss->iss_flags, ~ISS_RESET_ACTIVE);
6055                 rw_exit(iss->iss_lockp);
6056                 mutex_exit(&stmf_state.stmf_lock);
6057                 stmf_scsilib_send_status(task, STATUS_GOOD, 0);
6058                 return;
6059         }
6060 
6061         /* ok, start the damage */
6062         itask->itask_flags |= ITASK_DEFAULT_HANDLING |
6063             ITASK_CAUSING_TARGET_RESET;
6064         for (i = 0; i < lm->lm_nentries; i++) {
6065                 if (lm->lm_plus[i] == NULL)
6066                         continue;
6067                 lm_ent = (stmf_lun_map_ent_t *)lm->lm_plus[i];
6068                 ilu = (stmf_i_lu_t *)(lm_ent->ent_lu->lu_stmf_private);
6069                 atomic_or_32(&ilu->ilu_flags, ILU_RESET_ACTIVE);
6070         }
6071 
6072         for (i = 0; i < lm->lm_nentries; i++) {
6073                 if (lm->lm_plus[i] == NULL)
6074                         continue;
6075                 lm_ent = (stmf_lun_map_ent_t *)lm->lm_plus[i];
6076                 stmf_abort(STMF_QUEUE_ABORT_LU, task, STMF_ABORTED,
6077                     lm_ent->ent_lu);
6078         }
6079 
6080         rw_exit(iss->iss_lockp);
6081         mutex_exit(&stmf_state.stmf_lock);
6082 
6083         /* Start polling on this task */
6084         if (stmf_task_poll_lu(task, ITASK_DEFAULT_POLL_TIMEOUT)
6085             != STMF_SUCCESS) {
6086                 stmf_abort(STMF_QUEUE_TASK_ABORT, task, STMF_ALLOC_FAILURE,
6087                     NULL);
6088                 return;
6089         }
6090 }
6091 
6092 int
6093 stmf_handle_cmd_during_ic(stmf_i_scsi_task_t *itask)
6094 {
6095         scsi_task_t *task = itask->itask_task;
6096         stmf_i_scsi_session_t *iss = (stmf_i_scsi_session_t *)
6097             task->task_session->ss_stmf_private;
6098 
6099         rw_enter(iss->iss_lockp, RW_WRITER);
6100         if (((iss->iss_flags & ISS_LUN_INVENTORY_CHANGED) == 0) ||
6101             (task->task_cdb[0] == SCMD_INQUIRY)) {
6102                 rw_exit(iss->iss_lockp);
6103                 return (0);
6104         }
6105         atomic_and_32(&iss->iss_flags,
6106             ~(ISS_LUN_INVENTORY_CHANGED | ISS_GOT_INITIAL_LUNS));
6107         rw_exit(iss->iss_lockp);
6108 
6109         if (task->task_cdb[0] == SCMD_REPORT_LUNS) {
6110                 return (0);
6111         }
6112         stmf_scsilib_send_status(task, STATUS_CHECK,
6113             STMF_SAA_REPORT_LUN_DATA_HAS_CHANGED);
6114         return (1);
6115 }
6116 
6117 void
6118 stmf_worker_init()
6119 {
6120         uint32_t i;
6121 
6122         /* Make local copy of global tunables */
6123         stmf_i_max_nworkers = stmf_max_nworkers;
6124         stmf_i_min_nworkers = stmf_min_nworkers;
6125 
6126         ASSERT(stmf_workers == NULL);
6127         if (stmf_i_min_nworkers < 4) {
6128                 stmf_i_min_nworkers = 4;
6129         }
6130         if (stmf_i_max_nworkers < stmf_i_min_nworkers) {
6131                 stmf_i_max_nworkers = stmf_i_min_nworkers;
6132         }
6133         stmf_workers = (stmf_worker_t *)kmem_zalloc(
6134             sizeof (stmf_worker_t) * stmf_i_max_nworkers, KM_SLEEP);
6135         for (i = 0; i < stmf_i_max_nworkers; i++) {
6136                 stmf_worker_t *w = &stmf_workers[i];
6137                 mutex_init(&w->worker_lock, NULL, MUTEX_DRIVER, NULL);
6138                 cv_init(&w->worker_cv, NULL, CV_DRIVER, NULL);
6139         }
6140         stmf_worker_mgmt_delay = drv_usectohz(20 * 1000);
6141         stmf_workers_state = STMF_WORKERS_ENABLED;
6142 
6143         /* Workers will be started by stmf_worker_mgmt() */
6144 
6145         /* Lets wait for atleast one worker to start */
6146         while (stmf_nworkers_cur == 0)
6147                 delay(drv_usectohz(20 * 1000));
6148         stmf_worker_mgmt_delay = drv_usectohz(3 * 1000 * 1000);
6149 }
6150 
6151 stmf_status_t
6152 stmf_worker_fini()
6153 {
6154         int i;
6155         clock_t sb;
6156 
6157         if (stmf_workers_state == STMF_WORKERS_DISABLED)
6158                 return (STMF_SUCCESS);
6159         ASSERT(stmf_workers);
6160         stmf_workers_state = STMF_WORKERS_DISABLED;
6161         stmf_worker_mgmt_delay = drv_usectohz(20 * 1000);
6162         cv_signal(&stmf_state.stmf_cv);
6163 
6164         sb = ddi_get_lbolt() + drv_usectohz(10 * 1000 * 1000);
6165         /* Wait for all the threads to die */
6166         while (stmf_nworkers_cur != 0) {
6167                 if (ddi_get_lbolt() > sb) {
6168                         stmf_workers_state = STMF_WORKERS_ENABLED;
6169                         return (STMF_BUSY);
6170                 }
6171                 delay(drv_usectohz(100 * 1000));
6172         }
6173         for (i = 0; i < stmf_i_max_nworkers; i++) {
6174                 stmf_worker_t *w = &stmf_workers[i];
6175                 mutex_destroy(&w->worker_lock);
6176                 cv_destroy(&w->worker_cv);
6177         }
6178         kmem_free(stmf_workers, sizeof (stmf_worker_t) * stmf_i_max_nworkers);
6179         stmf_workers = NULL;
6180 
6181         return (STMF_SUCCESS);
6182 }
6183 
6184 void
6185 stmf_worker_task(void *arg)
6186 {
6187         stmf_worker_t *w;
6188         stmf_i_scsi_session_t *iss;
6189         scsi_task_t *task;
6190         stmf_i_scsi_task_t *itask;
6191         stmf_data_buf_t *dbuf;
6192         stmf_lu_t *lu;
6193         clock_t wait_timer = 0;
6194         clock_t wait_ticks, wait_delta = 0;
6195         uint32_t old, new;
6196         uint8_t curcmd;
6197         uint8_t abort_free;
6198         uint8_t wait_queue;
6199         uint8_t dec_qdepth;
6200 
6201         w = (stmf_worker_t *)arg;
6202         wait_ticks = drv_usectohz(10000);
6203 
6204         DTRACE_PROBE1(worker__create, stmf_worker_t, w);
6205         mutex_enter(&w->worker_lock);
6206         w->worker_flags |= STMF_WORKER_STARTED | STMF_WORKER_ACTIVE;
6207 stmf_worker_loop:;
6208         if ((w->worker_ref_count == 0) &&
6209             (w->worker_flags & STMF_WORKER_TERMINATE)) {
6210                 w->worker_flags &= ~(STMF_WORKER_STARTED |
6211                     STMF_WORKER_ACTIVE | STMF_WORKER_TERMINATE);
6212                 w->worker_tid = NULL;
6213                 mutex_exit(&w->worker_lock);
6214                 DTRACE_PROBE1(worker__destroy, stmf_worker_t, w);
6215                 thread_exit();
6216         }
6217         /* CONSTCOND */
6218         while (1) {
6219                 dec_qdepth = 0;
6220                 if (wait_timer && (ddi_get_lbolt() >= wait_timer)) {
6221                         wait_timer = 0;
6222                         wait_delta = 0;
6223                         if (w->worker_wait_head) {
6224                                 ASSERT(w->worker_wait_tail);
6225                                 if (w->worker_task_head == NULL)
6226                                         w->worker_task_head =
6227                                             w->worker_wait_head;
6228                                 else
6229                                         w->worker_task_tail->itask_worker_next =
6230                                             w->worker_wait_head;
6231                                 w->worker_task_tail = w->worker_wait_tail;
6232                                 w->worker_wait_head = w->worker_wait_tail =
6233                                     NULL;
6234                         }
6235                 }
6236                 if ((itask = w->worker_task_head) == NULL) {
6237                         break;
6238                 }
6239                 task = itask->itask_task;
6240                 DTRACE_PROBE2(worker__active, stmf_worker_t, w,
6241                     scsi_task_t *, task);
6242                 w->worker_task_head = itask->itask_worker_next;
6243                 if (w->worker_task_head == NULL)
6244                         w->worker_task_tail = NULL;
6245 
6246                 wait_queue = 0;
6247                 abort_free = 0;
6248                 if (itask->itask_ncmds > 0) {
6249                         curcmd = itask->itask_cmd_stack[itask->itask_ncmds - 1];
6250                 } else {
6251                         ASSERT(itask->itask_flags & ITASK_BEING_ABORTED);
6252                 }
6253                 do {
6254                         old = itask->itask_flags;
6255                         if (old & ITASK_BEING_ABORTED) {
6256                                 itask->itask_ncmds = 1;
6257                                 curcmd = itask->itask_cmd_stack[0] =
6258                                     ITASK_CMD_ABORT;
6259                                 goto out_itask_flag_loop;
6260                         } else if ((curcmd & ITASK_CMD_MASK) ==
6261                             ITASK_CMD_NEW_TASK) {
6262                                 /*
6263                                  * set ITASK_KSTAT_IN_RUNQ, this flag
6264                                  * will not reset until task completed
6265                                  */
6266                                 new = old | ITASK_KNOWN_TO_LU |
6267                                     ITASK_KSTAT_IN_RUNQ;
6268                         } else {
6269                                 goto out_itask_flag_loop;
6270                         }
6271                 } while (atomic_cas_32(&itask->itask_flags, old, new) != old);
6272 
6273 out_itask_flag_loop:
6274 
6275                 /*
6276                  * Decide if this task needs to go to a queue and/or if
6277                  * we can decrement the itask_cmd_stack.
6278                  */
6279                 if (curcmd == ITASK_CMD_ABORT) {
6280                         if (itask->itask_flags & (ITASK_KNOWN_TO_LU |
6281                             ITASK_KNOWN_TO_TGT_PORT)) {
6282                                 wait_queue = 1;
6283                         } else {
6284                                 abort_free = 1;
6285                         }
6286                 } else if ((curcmd & ITASK_CMD_POLL) &&
6287                     (itask->itask_poll_timeout > ddi_get_lbolt())) {
6288                         wait_queue = 1;
6289                 }
6290 
6291                 if (wait_queue) {
6292                         itask->itask_worker_next = NULL;
6293                         if (w->worker_wait_tail) {
6294                                 w->worker_wait_tail->itask_worker_next = itask;
6295                         } else {
6296                                 w->worker_wait_head = itask;
6297                         }
6298                         w->worker_wait_tail = itask;
6299                         if (wait_timer == 0) {
6300                                 wait_timer = ddi_get_lbolt() + wait_ticks;
6301                                 wait_delta = wait_ticks;
6302                         }
6303                 } else if ((--(itask->itask_ncmds)) != 0) {
6304                         itask->itask_worker_next = NULL;
6305                         if (w->worker_task_tail) {
6306                                 w->worker_task_tail->itask_worker_next = itask;
6307                         } else {
6308                                 w->worker_task_head = itask;
6309                         }
6310                         w->worker_task_tail = itask;
6311                 } else {
6312                         atomic_and_32(&itask->itask_flags,
6313                             ~ITASK_IN_WORKER_QUEUE);
6314                         /*
6315                          * This is where the queue depth should go down by
6316                          * one but we delay that on purpose to account for
6317                          * the call into the provider. The actual decrement
6318                          * happens after the worker has done its job.
6319                          */
6320                         dec_qdepth = 1;
6321                         itask->itask_waitq_time +=
6322                             gethrtime() - itask->itask_waitq_enter_timestamp;
6323                 }
6324 
6325                 /* We made it here means we are going to call LU */
6326                 if ((itask->itask_flags & ITASK_DEFAULT_HANDLING) == 0)
6327                         lu = task->task_lu;
6328                 else
6329                         lu = dlun0;
6330                 dbuf = itask->itask_dbufs[ITASK_CMD_BUF_NDX(curcmd)];
6331                 mutex_exit(&w->worker_lock);
6332                 curcmd &= ITASK_CMD_MASK;
6333                 stmf_task_audit(itask, TE_PROCESS_CMD, curcmd, dbuf);
6334                 switch (curcmd) {
6335                 case ITASK_CMD_NEW_TASK:
6336                         iss = (stmf_i_scsi_session_t *)
6337                             task->task_session->ss_stmf_private;
6338                         stmf_itl_lu_new_task(itask);
6339                         if (iss->iss_flags & ISS_LUN_INVENTORY_CHANGED) {
6340                                 if (stmf_handle_cmd_during_ic(itask))
6341                                         break;
6342                         }
6343 #ifdef  DEBUG
6344                         if (stmf_drop_task_counter > 0) {
6345                                 if (atomic_dec_32_nv((uint32_t *)&stmf_drop_task_counter) ==
6346                                     1) {
6347                                         break;
6348                                 }
6349                         }
6350 #endif
6351                         DTRACE_PROBE1(scsi__task__start, scsi_task_t *, task);
6352                         lu->lu_new_task(task, dbuf);
6353                         break;
6354                 case ITASK_CMD_DATA_XFER_DONE:
6355                         lu->lu_dbuf_xfer_done(task, dbuf);
6356                         break;
6357                 case ITASK_CMD_STATUS_DONE:
6358                         lu->lu_send_status_done(task);
6359                         break;
6360                 case ITASK_CMD_ABORT:
6361                         if (abort_free) {
6362                                 stmf_task_free(task);
6363                         } else {
6364                                 stmf_do_task_abort(task);
6365                         }
6366                         break;
6367                 case ITASK_CMD_POLL_LU:
6368                         if (!wait_queue) {
6369                                 lu->lu_task_poll(task);
6370                         }
6371                         break;
6372                 case ITASK_CMD_POLL_LPORT:
6373                         if (!wait_queue)
6374                                 task->task_lport->lport_task_poll(task);
6375                         break;
6376                 case ITASK_CMD_SEND_STATUS:
6377                 /* case ITASK_CMD_XFER_DATA: */
6378                         break;
6379                 }
6380                 mutex_enter(&w->worker_lock);
6381                 if (dec_qdepth) {
6382                         w->worker_queue_depth--;
6383                 }
6384         }
6385         if ((w->worker_flags & STMF_WORKER_TERMINATE) && (wait_timer == 0)) {
6386                 if (w->worker_ref_count == 0)
6387                         goto stmf_worker_loop;
6388                 else {
6389                         wait_timer = ddi_get_lbolt() + 1;
6390                         wait_delta = 1;
6391                 }
6392         }
6393         w->worker_flags &= ~STMF_WORKER_ACTIVE;
6394         if (wait_timer) {
6395                 DTRACE_PROBE1(worker__timed__sleep, stmf_worker_t, w);
6396                 (void) cv_reltimedwait(&w->worker_cv, &w->worker_lock,
6397                     wait_delta, TR_CLOCK_TICK);
6398         } else {
6399                 DTRACE_PROBE1(worker__sleep, stmf_worker_t, w);
6400                 cv_wait(&w->worker_cv, &w->worker_lock);
6401         }
6402         DTRACE_PROBE1(worker__wakeup, stmf_worker_t, w);
6403         w->worker_flags |= STMF_WORKER_ACTIVE;
6404         goto stmf_worker_loop;
6405 }
6406 
6407 void
6408 stmf_worker_mgmt()
6409 {
6410         int i;
6411         int workers_needed;
6412         uint32_t qd;
6413         clock_t tps, d = 0;
6414         uint32_t cur_max_ntasks = 0;
6415         stmf_worker_t *w;
6416 
6417         /* Check if we are trying to increase the # of threads */
6418         for (i = stmf_nworkers_cur; i < stmf_nworkers_needed; i++) {
6419                 if (stmf_workers[i].worker_flags & STMF_WORKER_STARTED) {
6420                         stmf_nworkers_cur++;
6421                         stmf_nworkers_accepting_cmds++;
6422                 } else {
6423                         /* Wait for transition to complete */
6424                         return;
6425                 }
6426         }
6427         /* Check if we are trying to decrease the # of workers */
6428         for (i = (stmf_nworkers_cur - 1); i >= stmf_nworkers_needed; i--) {
6429                 if ((stmf_workers[i].worker_flags & STMF_WORKER_STARTED) == 0) {
6430                         stmf_nworkers_cur--;
6431                         /*
6432                          * stmf_nworkers_accepting_cmds has already been
6433                          * updated by the request to reduce the # of workers.
6434                          */
6435                 } else {
6436                         /* Wait for transition to complete */
6437                         return;
6438                 }
6439         }
6440         /* Check if we are being asked to quit */
6441         if (stmf_workers_state != STMF_WORKERS_ENABLED) {
6442                 if (stmf_nworkers_cur) {
6443                         workers_needed = 0;
6444                         goto worker_mgmt_trigger_change;
6445                 }
6446                 return;
6447         }
6448         /* Check if we are starting */
6449         if (stmf_nworkers_cur < stmf_i_min_nworkers) {
6450                 workers_needed = stmf_i_min_nworkers;
6451                 goto worker_mgmt_trigger_change;
6452         }
6453 
6454         tps = drv_usectohz(1 * 1000 * 1000);
6455         if ((stmf_wm_last != 0) &&
6456             ((d = ddi_get_lbolt() - stmf_wm_last) > tps)) {
6457                 qd = 0;
6458                 for (i = 0; i < stmf_nworkers_accepting_cmds; i++) {
6459                         qd += stmf_workers[i].worker_max_qdepth_pu;
6460                         stmf_workers[i].worker_max_qdepth_pu = 0;
6461                         if (stmf_workers[i].worker_max_sys_qdepth_pu >
6462                             cur_max_ntasks) {
6463                                 cur_max_ntasks =
6464                                     stmf_workers[i].worker_max_sys_qdepth_pu;
6465                         }
6466                         stmf_workers[i].worker_max_sys_qdepth_pu = 0;
6467                 }
6468         }
6469         stmf_wm_last = ddi_get_lbolt();
6470         if (d <= tps) {
6471                 /* still ramping up */
6472                 return;
6473         }
6474         /* max qdepth cannot be more than max tasks */
6475         if (qd > cur_max_ntasks)
6476                 qd = cur_max_ntasks;
6477 
6478         /* See if we have more workers */
6479         if (qd < stmf_nworkers_accepting_cmds) {
6480                 /*
6481                  * Since we dont reduce the worker count right away, monitor
6482                  * the highest load during the scale_down_delay.
6483                  */
6484                 if (qd > stmf_worker_scale_down_qd)
6485                         stmf_worker_scale_down_qd = qd;
6486                 if (stmf_worker_scale_down_timer == 0) {
6487                         stmf_worker_scale_down_timer = ddi_get_lbolt() +
6488                             drv_usectohz(stmf_worker_scale_down_delay *
6489                             1000 * 1000);
6490                         return;
6491                 }
6492                 if (ddi_get_lbolt() < stmf_worker_scale_down_timer) {
6493                         return;
6494                 }
6495                 /* Its time to reduce the workers */
6496                 if (stmf_worker_scale_down_qd < stmf_i_min_nworkers)
6497                         stmf_worker_scale_down_qd = stmf_i_min_nworkers;
6498                 if (stmf_worker_scale_down_qd > stmf_i_max_nworkers)
6499                         stmf_worker_scale_down_qd = stmf_i_max_nworkers;
6500                 if (stmf_worker_scale_down_qd == stmf_nworkers_cur)
6501                         return;
6502                 workers_needed = stmf_worker_scale_down_qd;
6503                 stmf_worker_scale_down_qd = 0;
6504                 goto worker_mgmt_trigger_change;
6505         }
6506         stmf_worker_scale_down_qd = 0;
6507         stmf_worker_scale_down_timer = 0;
6508         if (qd > stmf_i_max_nworkers)
6509                 qd = stmf_i_max_nworkers;
6510         if (qd < stmf_i_min_nworkers)
6511                 qd = stmf_i_min_nworkers;
6512         if (qd == stmf_nworkers_cur)
6513                 return;
6514         workers_needed = qd;
6515         goto worker_mgmt_trigger_change;
6516 
6517         /* NOTREACHED */
6518         return;
6519 
6520 worker_mgmt_trigger_change:
6521         ASSERT(workers_needed != stmf_nworkers_cur);
6522         if (workers_needed > stmf_nworkers_cur) {
6523                 stmf_nworkers_needed = workers_needed;
6524                 for (i = stmf_nworkers_cur; i < workers_needed; i++) {
6525                         w = &stmf_workers[i];
6526                         w->worker_tid = thread_create(NULL, 0, stmf_worker_task,
6527                             (void *)&stmf_workers[i], 0, &p0, TS_RUN,
6528                             minclsyspri);
6529                 }
6530                 return;
6531         }
6532         /* At this point we know that we are decreasing the # of workers */
6533         stmf_nworkers_accepting_cmds = workers_needed;
6534         stmf_nworkers_needed = workers_needed;
6535         /* Signal the workers that its time to quit */
6536         for (i = (stmf_nworkers_cur - 1); i >= stmf_nworkers_needed; i--) {
6537                 w = &stmf_workers[i];
6538                 ASSERT(w && (w->worker_flags & STMF_WORKER_STARTED));
6539                 mutex_enter(&w->worker_lock);
6540                 w->worker_flags |= STMF_WORKER_TERMINATE;
6541                 if ((w->worker_flags & STMF_WORKER_ACTIVE) == 0)
6542                         cv_signal(&w->worker_cv);
6543                 mutex_exit(&w->worker_lock);
6544         }
6545 }
6546 
6547 /*
6548  * Fills out a dbuf from stmf_xfer_data_t (contained in the db_lu_private).
6549  * If all the data has been filled out, frees the xd and makes
6550  * db_lu_private NULL.
6551  */
6552 void
6553 stmf_xd_to_dbuf(stmf_data_buf_t *dbuf, int set_rel_off)
6554 {
6555         stmf_xfer_data_t *xd;
6556         uint8_t *p;
6557         int i;
6558         uint32_t s;
6559 
6560         xd = (stmf_xfer_data_t *)dbuf->db_lu_private;
6561         dbuf->db_data_size = 0;
6562         if (set_rel_off)
6563                 dbuf->db_relative_offset = xd->size_done;
6564         for (i = 0; i < dbuf->db_sglist_length; i++) {
6565                 s = min(xd->size_left, dbuf->db_sglist[i].seg_length);
6566                 p = &xd->buf[xd->size_done];
6567                 bcopy(p, dbuf->db_sglist[i].seg_addr, s);
6568                 xd->size_left -= s;
6569                 xd->size_done += s;
6570                 dbuf->db_data_size += s;
6571                 if (xd->size_left == 0) {
6572                         kmem_free(xd, xd->alloc_size);
6573                         dbuf->db_lu_private = NULL;
6574                         return;
6575                 }
6576         }
6577 }
6578 
6579 /* ARGSUSED */
6580 stmf_status_t
6581 stmf_dlun0_task_alloc(scsi_task_t *task)
6582 {
6583         return (STMF_SUCCESS);
6584 }
6585 
6586 void
6587 stmf_dlun0_new_task(scsi_task_t *task, stmf_data_buf_t *dbuf)
6588 {
6589         uint8_t *cdbp = (uint8_t *)&task->task_cdb[0];
6590         stmf_i_scsi_session_t *iss;
6591         uint32_t sz, minsz;
6592         uint8_t *p;
6593         stmf_xfer_data_t *xd;
6594         uint8_t inq_page_length = 31;
6595 
6596         if (task->task_mgmt_function) {
6597                 stmf_scsilib_handle_task_mgmt(task);
6598                 return;
6599         }
6600 
6601         switch (cdbp[0]) {
6602         case SCMD_INQUIRY:
6603                 /*
6604                  * Basic protocol checks.  In addition, only reply to
6605                  * standard inquiry.  Otherwise, the LU provider needs
6606                  * to respond.
6607                  */
6608 
6609                 if (cdbp[2] || (cdbp[1] & 1) || cdbp[5]) {
6610                         stmf_scsilib_send_status(task, STATUS_CHECK,
6611                             STMF_SAA_INVALID_FIELD_IN_CDB);
6612                         return;
6613                 }
6614 
6615                 task->task_cmd_xfer_length =
6616                     (((uint32_t)cdbp[3]) << 8) | cdbp[4];
6617 
6618                 if (task->task_additional_flags &
6619                     TASK_AF_NO_EXPECTED_XFER_LENGTH) {
6620                         task->task_expected_xfer_length =
6621                             task->task_cmd_xfer_length;
6622                 }
6623 
6624                 sz = min(task->task_expected_xfer_length,
6625                     min(36, task->task_cmd_xfer_length));
6626                 minsz = 36;
6627 
6628                 if (sz == 0) {
6629                         stmf_scsilib_send_status(task, STATUS_GOOD, 0);
6630                         return;
6631                 }
6632 
6633                 if (dbuf && (dbuf->db_sglist[0].seg_length < 36)) {
6634                         /*
6635                          * Ignore any preallocated dbuf if the size is less
6636                          * than 36. It will be freed during the task_free.
6637                          */
6638                         dbuf = NULL;
6639                 }
6640                 if (dbuf == NULL)
6641                         dbuf = stmf_alloc_dbuf(task, minsz, &minsz, 0);
6642                 if ((dbuf == NULL) || (dbuf->db_sglist[0].seg_length < sz)) {
6643                         stmf_abort(STMF_QUEUE_TASK_ABORT, task,
6644                             STMF_ALLOC_FAILURE, NULL);
6645                         return;
6646                 }
6647                 dbuf->db_lu_private = NULL;
6648 
6649                 p = dbuf->db_sglist[0].seg_addr;
6650 
6651                 /*
6652                  * Standard inquiry handling only.
6653                  */
6654 
6655                 bzero(p, inq_page_length + 5);
6656 
6657                 p[0] = DPQ_SUPPORTED | DTYPE_UNKNOWN;
6658                 p[2] = 5;
6659                 p[3] = 0x12;
6660                 p[4] = inq_page_length;
6661                 p[6] = 0x80;
6662 
6663                 (void) strncpy((char *)p+8, "SUN     ", 8);
6664                 (void) strncpy((char *)p+16, "COMSTAR          ", 16);
6665                 (void) strncpy((char *)p+32, "1.0 ", 4);
6666 
6667                 dbuf->db_data_size = sz;
6668                 dbuf->db_relative_offset = 0;
6669                 dbuf->db_flags = DB_DIRECTION_TO_RPORT;
6670                 (void) stmf_xfer_data(task, dbuf, 0);
6671 
6672                 return;
6673 
6674         case SCMD_REPORT_LUNS:
6675                 task->task_cmd_xfer_length =
6676                     ((((uint32_t)task->task_cdb[6]) << 24) |
6677                     (((uint32_t)task->task_cdb[7]) << 16) |
6678                     (((uint32_t)task->task_cdb[8]) << 8) |
6679                     ((uint32_t)task->task_cdb[9]));
6680 
6681                 if (task->task_additional_flags &
6682                     TASK_AF_NO_EXPECTED_XFER_LENGTH) {
6683                         task->task_expected_xfer_length =
6684                             task->task_cmd_xfer_length;
6685                 }
6686 
6687                 sz = min(task->task_expected_xfer_length,
6688                     task->task_cmd_xfer_length);
6689 
6690                 if (sz < 16) {
6691                         stmf_scsilib_send_status(task, STATUS_CHECK,
6692                             STMF_SAA_INVALID_FIELD_IN_CDB);
6693                         return;
6694                 }
6695 
6696                 iss = (stmf_i_scsi_session_t *)
6697                     task->task_session->ss_stmf_private;
6698                 rw_enter(iss->iss_lockp, RW_WRITER);
6699                 xd = stmf_session_prepare_report_lun_data(iss->iss_sm);
6700                 rw_exit(iss->iss_lockp);
6701 
6702                 if (xd == NULL) {
6703                         stmf_abort(STMF_QUEUE_TASK_ABORT, task,
6704                             STMF_ALLOC_FAILURE, NULL);
6705                         return;
6706                 }
6707 
6708                 sz = min(sz, xd->size_left);
6709                 xd->size_left = sz;
6710                 minsz = min(512, sz);
6711 
6712                 if (dbuf == NULL)
6713                         dbuf = stmf_alloc_dbuf(task, sz, &minsz, 0);
6714                 if (dbuf == NULL) {
6715                         kmem_free(xd, xd->alloc_size);
6716                         stmf_abort(STMF_QUEUE_TASK_ABORT, task,
6717                             STMF_ALLOC_FAILURE, NULL);
6718                         return;
6719                 }
6720                 dbuf->db_lu_private = xd;
6721                 stmf_xd_to_dbuf(dbuf, 1);
6722 
6723                 atomic_and_32(&iss->iss_flags,
6724                     ~(ISS_LUN_INVENTORY_CHANGED | ISS_GOT_INITIAL_LUNS));
6725                 dbuf->db_flags = DB_DIRECTION_TO_RPORT;
6726                 (void) stmf_xfer_data(task, dbuf, 0);
6727                 return;
6728         }
6729 
6730         stmf_scsilib_send_status(task, STATUS_CHECK, STMF_SAA_INVALID_OPCODE);
6731 }
6732 
6733 void
6734 stmf_dlun0_dbuf_done(scsi_task_t *task, stmf_data_buf_t *dbuf)
6735 {
6736         stmf_i_scsi_task_t *itask =
6737             (stmf_i_scsi_task_t *)task->task_stmf_private;
6738 
6739         if (dbuf->db_xfer_status != STMF_SUCCESS) {
6740                 stmf_abort(STMF_QUEUE_TASK_ABORT, task,
6741                     dbuf->db_xfer_status, NULL);
6742                 return;
6743         }
6744         task->task_nbytes_transferred += dbuf->db_data_size;
6745         if (dbuf->db_lu_private) {
6746                 /* There is more */
6747                 stmf_xd_to_dbuf(dbuf, 1);
6748                 (void) stmf_xfer_data(task, dbuf, 0);
6749                 return;
6750         }
6751 
6752         stmf_free_dbuf(task, dbuf);
6753         /*
6754          * If this is a proxy task, it will need to be completed from the
6755          * proxy port provider. This message lets pppt know that the xfer
6756          * is complete. When we receive the status from pppt, we will
6757          * then relay that status back to the lport.
6758          */
6759         if (itask->itask_flags & ITASK_PROXY_TASK) {
6760                 stmf_ic_msg_t *ic_xfer_done_msg = NULL;
6761                 stmf_status_t ic_ret = STMF_FAILURE;
6762                 uint64_t session_msg_id;
6763                 mutex_enter(&stmf_state.stmf_lock);
6764                 session_msg_id = stmf_proxy_msg_id++;
6765                 mutex_exit(&stmf_state.stmf_lock);
6766                 /* send xfer done status to pppt */
6767                 ic_xfer_done_msg = ic_scsi_data_xfer_done_msg_alloc(
6768                     itask->itask_proxy_msg_id,
6769                     task->task_session->ss_session_id,
6770                     STMF_SUCCESS, session_msg_id);
6771                 if (ic_xfer_done_msg) {
6772                         ic_ret = ic_tx_msg(ic_xfer_done_msg);
6773                         if (ic_ret != STMF_IC_MSG_SUCCESS) {
6774                                 cmn_err(CE_WARN, "unable to xmit session msg");
6775                         }
6776                 }
6777                 /* task will be completed from pppt */
6778                 return;
6779         }
6780         stmf_scsilib_send_status(task, STATUS_GOOD, 0);
6781 }
6782 
6783 /* ARGSUSED */
6784 void
6785 stmf_dlun0_status_done(scsi_task_t *task)
6786 {
6787 }
6788 
6789 /* ARGSUSED */
6790 void
6791 stmf_dlun0_task_free(scsi_task_t *task)
6792 {
6793 }
6794 
6795 /* ARGSUSED */
6796 stmf_status_t
6797 stmf_dlun0_abort(struct stmf_lu *lu, int abort_cmd, void *arg, uint32_t flags)
6798 {
6799         scsi_task_t *task = (scsi_task_t *)arg;
6800         stmf_i_scsi_task_t *itask =
6801             (stmf_i_scsi_task_t *)task->task_stmf_private;
6802         stmf_i_lu_t *ilu = (stmf_i_lu_t *)task->task_lu->lu_stmf_private;
6803         int i;
6804         uint8_t map;
6805 
6806         if ((task->task_mgmt_function) && (itask->itask_flags &
6807             (ITASK_CAUSING_LU_RESET | ITASK_CAUSING_TARGET_RESET))) {
6808                 switch (task->task_mgmt_function) {
6809                 case TM_ABORT_TASK:
6810                 case TM_ABORT_TASK_SET:
6811                 case TM_CLEAR_TASK_SET:
6812                 case TM_LUN_RESET:
6813                         atomic_and_32(&ilu->ilu_flags, ~ILU_RESET_ACTIVE);
6814                         break;
6815                 case TM_TARGET_RESET:
6816                 case TM_TARGET_COLD_RESET:
6817                 case TM_TARGET_WARM_RESET:
6818                         stmf_abort_target_reset(task);
6819                         break;
6820                 }
6821                 return (STMF_ABORT_SUCCESS);
6822         }
6823 
6824         /*
6825          * OK so its not a task mgmt. Make sure we free any xd sitting
6826          * inside any dbuf.
6827          */
6828         if ((map = itask->itask_allocated_buf_map) != 0) {
6829                 for (i = 0; i < 4; i++) {
6830                         if ((map & 1) &&
6831                             ((itask->itask_dbufs[i])->db_lu_private)) {
6832                                 stmf_xfer_data_t *xd;
6833                                 stmf_data_buf_t *dbuf;
6834 
6835                                 dbuf = itask->itask_dbufs[i];
6836                                 xd = (stmf_xfer_data_t *)dbuf->db_lu_private;
6837                                 dbuf->db_lu_private = NULL;
6838                                 kmem_free(xd, xd->alloc_size);
6839                         }
6840                         map >>= 1;
6841                 }
6842         }
6843         return (STMF_ABORT_SUCCESS);
6844 }
6845 
6846 void
6847 stmf_dlun0_task_poll(struct scsi_task *task)
6848 {
6849         /* Right now we only do this for handling task management functions */
6850         ASSERT(task->task_mgmt_function);
6851 
6852         switch (task->task_mgmt_function) {
6853         case TM_ABORT_TASK:
6854         case TM_ABORT_TASK_SET:
6855         case TM_CLEAR_TASK_SET:
6856         case TM_LUN_RESET:
6857                 (void) stmf_lun_reset_poll(task->task_lu, task, 0);
6858                 return;
6859         case TM_TARGET_RESET:
6860         case TM_TARGET_COLD_RESET:
6861         case TM_TARGET_WARM_RESET:
6862                 stmf_target_reset_poll(task);
6863                 return;
6864         }
6865 }
6866 
6867 /* ARGSUSED */
6868 void
6869 stmf_dlun0_ctl(struct stmf_lu *lu, int cmd, void *arg)
6870 {
6871         /* This function will never be called */
6872         cmn_err(CE_WARN, "stmf_dlun0_ctl called with cmd %x", cmd);
6873 }
6874 
6875 void
6876 stmf_dlun_init()
6877 {
6878         stmf_i_lu_t *ilu;
6879 
6880         dlun0 = stmf_alloc(STMF_STRUCT_STMF_LU, 0, 0);
6881         dlun0->lu_task_alloc = stmf_dlun0_task_alloc;
6882         dlun0->lu_new_task = stmf_dlun0_new_task;
6883         dlun0->lu_dbuf_xfer_done = stmf_dlun0_dbuf_done;
6884         dlun0->lu_send_status_done = stmf_dlun0_status_done;
6885         dlun0->lu_task_free = stmf_dlun0_task_free;
6886         dlun0->lu_abort = stmf_dlun0_abort;
6887         dlun0->lu_task_poll = stmf_dlun0_task_poll;
6888         dlun0->lu_ctl = stmf_dlun0_ctl;
6889 
6890         ilu = (stmf_i_lu_t *)dlun0->lu_stmf_private;
6891         ilu->ilu_cur_task_cntr = &ilu->ilu_task_cntr1;
6892 }
6893 
6894 stmf_status_t
6895 stmf_dlun_fini()
6896 {
6897         stmf_i_lu_t *ilu;
6898 
6899         ilu = (stmf_i_lu_t *)dlun0->lu_stmf_private;
6900 
6901         ASSERT(ilu->ilu_ntasks == ilu->ilu_ntasks_free);
6902         if (ilu->ilu_ntasks) {
6903                 stmf_i_scsi_task_t *itask, *nitask;
6904 
6905                 nitask = ilu->ilu_tasks;
6906                 do {
6907                         itask = nitask;
6908                         nitask = itask->itask_lu_next;
6909                         dlun0->lu_task_free(itask->itask_task);
6910                         stmf_free(itask->itask_task);
6911                 } while (nitask != NULL);
6912 
6913         }
6914         stmf_free(dlun0);
6915         return (STMF_SUCCESS);
6916 }
6917 
6918 void
6919 stmf_abort_target_reset(scsi_task_t *task)
6920 {
6921         stmf_i_scsi_session_t *iss = (stmf_i_scsi_session_t *)
6922             task->task_session->ss_stmf_private;
6923         stmf_lun_map_t *lm;
6924         stmf_lun_map_ent_t *lm_ent;
6925         stmf_i_lu_t *ilu;
6926         int i;
6927 
6928         rw_enter(iss->iss_lockp, RW_READER);
6929         lm = iss->iss_sm;
6930         for (i = 0; i < lm->lm_nentries; i++) {
6931                 if (lm->lm_plus[i] == NULL)
6932                         continue;
6933                 lm_ent = (stmf_lun_map_ent_t *)lm->lm_plus[i];
6934                 ilu = (stmf_i_lu_t *)lm_ent->ent_lu->lu_stmf_private;
6935                 if (ilu->ilu_flags & ILU_RESET_ACTIVE) {
6936                         atomic_and_32(&ilu->ilu_flags, ~ILU_RESET_ACTIVE);
6937                 }
6938         }
6939         atomic_and_32(&iss->iss_flags, ~ISS_RESET_ACTIVE);
6940         rw_exit(iss->iss_lockp);
6941 }
6942 
6943 /*
6944  * The return value is only used by function managing target reset.
6945  */
6946 stmf_status_t
6947 stmf_lun_reset_poll(stmf_lu_t *lu, struct scsi_task *task, int target_reset)
6948 {
6949         stmf_i_lu_t *ilu = (stmf_i_lu_t *)lu->lu_stmf_private;
6950         int ntasks_pending;
6951 
6952         ntasks_pending = ilu->ilu_ntasks - ilu->ilu_ntasks_free;
6953         /*
6954          * This function is also used during Target reset. The idea is that
6955          * once all the commands are aborted, call the LU's reset entry
6956          * point (abort entry point with a reset flag). But if this Task
6957          * mgmt is running on this LU then all the tasks cannot be aborted.
6958          * one task (this task) will still be running which is OK.
6959          */
6960         if ((ntasks_pending == 0) || ((task->task_lu == lu) &&
6961             (ntasks_pending == 1))) {
6962                 stmf_status_t ret;
6963 
6964                 if ((task->task_mgmt_function == TM_LUN_RESET) ||
6965                     (task->task_mgmt_function == TM_TARGET_RESET) ||
6966                     (task->task_mgmt_function == TM_TARGET_WARM_RESET) ||
6967                     (task->task_mgmt_function == TM_TARGET_COLD_RESET)) {
6968                         ret = lu->lu_abort(lu, STMF_LU_RESET_STATE, task, 0);
6969                 } else {
6970                         ret = STMF_SUCCESS;
6971                 }
6972                 if (ret == STMF_SUCCESS) {
6973                         atomic_and_32(&ilu->ilu_flags, ~ILU_RESET_ACTIVE);
6974                 }
6975                 if (target_reset) {
6976                         return (ret);
6977                 }
6978                 if (ret == STMF_SUCCESS) {
6979                         stmf_scsilib_send_status(task, STATUS_GOOD, 0);
6980                         return (ret);
6981                 }
6982                 if (ret != STMF_BUSY) {
6983                         stmf_abort(STMF_QUEUE_TASK_ABORT, task, ret, NULL);
6984                         return (ret);
6985                 }
6986         }
6987 
6988         if (target_reset) {
6989                 /* Tell target reset polling code that we are not done */
6990                 return (STMF_BUSY);
6991         }
6992 
6993         if (stmf_task_poll_lu(task, ITASK_DEFAULT_POLL_TIMEOUT)
6994             != STMF_SUCCESS) {
6995                 stmf_abort(STMF_QUEUE_TASK_ABORT, task,
6996                     STMF_ALLOC_FAILURE, NULL);
6997                 return (STMF_SUCCESS);
6998         }
6999 
7000         return (STMF_SUCCESS);
7001 }
7002 
7003 void
7004 stmf_target_reset_poll(struct scsi_task *task)
7005 {
7006         stmf_i_scsi_session_t *iss = (stmf_i_scsi_session_t *)
7007             task->task_session->ss_stmf_private;
7008         stmf_lun_map_t *lm;
7009         stmf_lun_map_ent_t *lm_ent;
7010         stmf_i_lu_t *ilu;
7011         stmf_status_t ret;
7012         int i;
7013         int not_done = 0;
7014 
7015         ASSERT(iss->iss_flags & ISS_RESET_ACTIVE);
7016 
7017         rw_enter(iss->iss_lockp, RW_READER);
7018         lm = iss->iss_sm;
7019         for (i = 0; i < lm->lm_nentries; i++) {
7020                 if (lm->lm_plus[i] == NULL)
7021                         continue;
7022                 lm_ent = (stmf_lun_map_ent_t *)lm->lm_plus[i];
7023                 ilu = (stmf_i_lu_t *)lm_ent->ent_lu->lu_stmf_private;
7024                 if (ilu->ilu_flags & ILU_RESET_ACTIVE) {
7025                         rw_exit(iss->iss_lockp);
7026                         ret = stmf_lun_reset_poll(lm_ent->ent_lu, task, 1);
7027                         rw_enter(iss->iss_lockp, RW_READER);
7028                         if (ret == STMF_SUCCESS)
7029                                 continue;
7030                         not_done = 1;
7031                         if (ret != STMF_BUSY) {
7032                                 rw_exit(iss->iss_lockp);
7033                                 stmf_abort(STMF_QUEUE_TASK_ABORT, task,
7034                                     STMF_ABORTED, NULL);
7035                                 return;
7036                         }
7037                 }
7038         }
7039         rw_exit(iss->iss_lockp);
7040 
7041         if (not_done) {
7042                 if (stmf_task_poll_lu(task, ITASK_DEFAULT_POLL_TIMEOUT)
7043                     != STMF_SUCCESS) {
7044                         stmf_abort(STMF_QUEUE_TASK_ABORT, task,
7045                             STMF_ALLOC_FAILURE, NULL);
7046                         return;
7047                 }
7048                 return;
7049         }
7050 
7051         atomic_and_32(&iss->iss_flags, ~ISS_RESET_ACTIVE);
7052 
7053         stmf_scsilib_send_status(task, STATUS_GOOD, 0);
7054 }
7055 
7056 stmf_status_t
7057 stmf_lu_add_event(stmf_lu_t *lu, int eventid)
7058 {
7059         stmf_i_lu_t *ilu = (stmf_i_lu_t *)lu->lu_stmf_private;
7060 
7061         if ((eventid < 0) || (eventid >= STMF_MAX_NUM_EVENTS)) {
7062                 return (STMF_INVALID_ARG);
7063         }
7064 
7065         STMF_EVENT_ADD(ilu->ilu_event_hdl, eventid);
7066         return (STMF_SUCCESS);
7067 }
7068 
7069 stmf_status_t
7070 stmf_lu_remove_event(stmf_lu_t *lu, int eventid)
7071 {
7072         stmf_i_lu_t *ilu = (stmf_i_lu_t *)lu->lu_stmf_private;
7073 
7074         if (eventid == STMF_EVENT_ALL) {
7075                 STMF_EVENT_CLEAR_ALL(ilu->ilu_event_hdl);
7076                 return (STMF_SUCCESS);
7077         }
7078 
7079         if ((eventid < 0) || (eventid >= STMF_MAX_NUM_EVENTS)) {
7080                 return (STMF_INVALID_ARG);
7081         }
7082 
7083         STMF_EVENT_REMOVE(ilu->ilu_event_hdl, eventid);
7084         return (STMF_SUCCESS);
7085 }
7086 
7087 stmf_status_t
7088 stmf_lport_add_event(stmf_local_port_t *lport, int eventid)
7089 {
7090         stmf_i_local_port_t *ilport =
7091             (stmf_i_local_port_t *)lport->lport_stmf_private;
7092 
7093         if ((eventid < 0) || (eventid >= STMF_MAX_NUM_EVENTS)) {
7094                 return (STMF_INVALID_ARG);
7095         }
7096 
7097         STMF_EVENT_ADD(ilport->ilport_event_hdl, eventid);
7098         return (STMF_SUCCESS);
7099 }
7100 
7101 stmf_status_t
7102 stmf_lport_remove_event(stmf_local_port_t *lport, int eventid)
7103 {
7104         stmf_i_local_port_t *ilport =
7105             (stmf_i_local_port_t *)lport->lport_stmf_private;
7106 
7107         if (eventid == STMF_EVENT_ALL) {
7108                 STMF_EVENT_CLEAR_ALL(ilport->ilport_event_hdl);
7109                 return (STMF_SUCCESS);
7110         }
7111 
7112         if ((eventid < 0) || (eventid >= STMF_MAX_NUM_EVENTS)) {
7113                 return (STMF_INVALID_ARG);
7114         }
7115 
7116         STMF_EVENT_REMOVE(ilport->ilport_event_hdl, eventid);
7117         return (STMF_SUCCESS);
7118 }
7119 
7120 void
7121 stmf_generate_lu_event(stmf_i_lu_t *ilu, int eventid, void *arg, uint32_t flags)
7122 {
7123         if (STMF_EVENT_ENABLED(ilu->ilu_event_hdl, eventid) &&
7124             (ilu->ilu_lu->lu_event_handler != NULL)) {
7125                 ilu->ilu_lu->lu_event_handler(ilu->ilu_lu, eventid, arg, flags);
7126         }
7127 }
7128 
7129 void
7130 stmf_generate_lport_event(stmf_i_local_port_t *ilport, int eventid, void *arg,
7131                                 uint32_t flags)
7132 {
7133         if (STMF_EVENT_ENABLED(ilport->ilport_event_hdl, eventid) &&
7134             (ilport->ilport_lport->lport_event_handler != NULL)) {
7135                 ilport->ilport_lport->lport_event_handler(
7136                     ilport->ilport_lport, eventid, arg, flags);
7137         }
7138 }
7139 
7140 /*
7141  * With the possibility of having multiple itl sessions pointing to the
7142  * same itl_kstat_info, the ilu_kstat_lock mutex is used to synchronize
7143  * the kstat update of the ilu_kstat_io, itl_kstat_taskq and itl_kstat_lu_xfer
7144  * statistics.
7145  */
7146 void
7147 stmf_itl_task_start(stmf_i_scsi_task_t *itask)
7148 {
7149         stmf_itl_data_t *itl = itask->itask_itl_datap;
7150         scsi_task_t     *task = itask->itask_task;
7151         stmf_i_lu_t     *ilu;
7152 
7153         if (itl == NULL || task->task_lu == dlun0)
7154                 return;
7155         ilu = (stmf_i_lu_t *)task->task_lu->lu_stmf_private;
7156         itask->itask_start_timestamp = gethrtime();
7157         if (ilu->ilu_kstat_io != NULL) {
7158                 mutex_enter(ilu->ilu_kstat_io->ks_lock);
7159                 stmf_update_kstat_lu_q(itask->itask_task, kstat_waitq_enter);
7160                 mutex_exit(ilu->ilu_kstat_io->ks_lock);
7161         }
7162 
7163         stmf_update_kstat_lport_q(itask->itask_task, kstat_waitq_enter);
7164 }
7165 
7166 void
7167 stmf_itl_lu_new_task(stmf_i_scsi_task_t *itask)
7168 {
7169         stmf_itl_data_t *itl = itask->itask_itl_datap;
7170         scsi_task_t     *task = itask->itask_task;
7171         stmf_i_lu_t     *ilu;
7172 
7173         if (itl == NULL || task->task_lu == dlun0)
7174                 return;
7175         ilu = (stmf_i_lu_t *)task->task_lu->lu_stmf_private;
7176         if (ilu->ilu_kstat_io != NULL) {
7177                 mutex_enter(ilu->ilu_kstat_io->ks_lock);
7178                 stmf_update_kstat_lu_q(itask->itask_task, kstat_waitq_to_runq);
7179                 mutex_exit(ilu->ilu_kstat_io->ks_lock);
7180         }
7181 
7182         stmf_update_kstat_lport_q(itask->itask_task, kstat_waitq_to_runq);
7183 }
7184 
7185 void
7186 stmf_itl_task_done(stmf_i_scsi_task_t *itask)
7187 {
7188         stmf_itl_data_t         *itl = itask->itask_itl_datap;
7189         scsi_task_t             *task = itask->itask_task;
7190         stmf_i_lu_t     *ilu;
7191 
7192         itask->itask_done_timestamp = gethrtime();
7193 
7194         if (itl == NULL || task->task_lu == dlun0)
7195                 return;
7196         ilu = (stmf_i_lu_t *)task->task_lu->lu_stmf_private;
7197 
7198         if (ilu->ilu_kstat_io == NULL)
7199                 return;
7200 
7201         mutex_enter(ilu->ilu_kstat_io->ks_lock);
7202 
7203         if (itask->itask_flags & ITASK_KSTAT_IN_RUNQ) {
7204                 stmf_update_kstat_lu_q(task, kstat_runq_exit);
7205                 mutex_exit(ilu->ilu_kstat_io->ks_lock);
7206                 stmf_update_kstat_lport_q(task, kstat_runq_exit);
7207         } else {
7208                 stmf_update_kstat_lu_q(task, kstat_waitq_exit);
7209                 mutex_exit(ilu->ilu_kstat_io->ks_lock);
7210                 stmf_update_kstat_lport_q(task, kstat_waitq_exit);
7211         }
7212 }
7213 
7214 static void
7215 stmf_lport_xfer_start(stmf_i_scsi_task_t *itask, stmf_data_buf_t *dbuf)
7216 {
7217         stmf_itl_data_t         *itl = itask->itask_itl_datap;
7218 
7219         if (itl == NULL)
7220                 return;
7221 
7222         DTRACE_PROBE2(scsi__xfer__start, scsi_task_t *, itask->itask_task,
7223             stmf_data_buf_t *, dbuf);
7224 
7225         dbuf->db_xfer_start_timestamp = gethrtime();
7226 }
7227 
7228 static void
7229 stmf_lport_xfer_done(stmf_i_scsi_task_t *itask, stmf_data_buf_t *dbuf)
7230 {
7231         stmf_itl_data_t         *itl = itask->itask_itl_datap;
7232         hrtime_t                elapsed_time;
7233         uint64_t                xfer_size;
7234 
7235         if (itl == NULL)
7236                 return;
7237 
7238         xfer_size = (dbuf->db_xfer_status == STMF_SUCCESS) ?
7239             dbuf->db_data_size : 0;
7240 
7241         elapsed_time = gethrtime() - dbuf->db_xfer_start_timestamp;
7242         if (dbuf->db_flags & DB_DIRECTION_TO_RPORT) {
7243                 atomic_add_64((uint64_t *)&itask->itask_lport_read_time,
7244                     elapsed_time);
7245                 atomic_add_64((uint64_t *)&itask->itask_read_xfer,
7246                     xfer_size);
7247         } else {
7248                 atomic_add_64((uint64_t *)&itask->itask_lport_write_time,
7249                     elapsed_time);
7250                 atomic_add_64((uint64_t *)&itask->itask_write_xfer,
7251                     xfer_size);
7252         }
7253 
7254         DTRACE_PROBE3(scsi__xfer__end, scsi_task_t *, itask->itask_task,
7255             stmf_data_buf_t *, dbuf, hrtime_t, elapsed_time);
7256 
7257         dbuf->db_xfer_start_timestamp = 0;
7258 }
7259 
7260 void
7261 stmf_svc_init()
7262 {
7263         if (stmf_state.stmf_svc_flags & STMF_SVC_STARTED)
7264                 return;
7265         stmf_state.stmf_svc_tailp = &stmf_state.stmf_svc_active;
7266         stmf_state.stmf_svc_taskq = ddi_taskq_create(0, "STMF_SVC_TASKQ", 1,
7267             TASKQ_DEFAULTPRI, 0);
7268         (void) ddi_taskq_dispatch(stmf_state.stmf_svc_taskq,
7269             stmf_svc, 0, DDI_SLEEP);
7270 }
7271 
7272 stmf_status_t
7273 stmf_svc_fini()
7274 {
7275         uint32_t i;
7276 
7277         mutex_enter(&stmf_state.stmf_lock);
7278         if (stmf_state.stmf_svc_flags & STMF_SVC_STARTED) {
7279                 stmf_state.stmf_svc_flags |= STMF_SVC_TERMINATE;
7280                 cv_signal(&stmf_state.stmf_cv);
7281         }
7282         mutex_exit(&stmf_state.stmf_lock);
7283 
7284         /* Wait for 5 seconds */
7285         for (i = 0; i < 500; i++) {
7286                 if (stmf_state.stmf_svc_flags & STMF_SVC_STARTED)
7287                         delay(drv_usectohz(10000));
7288                 else
7289                         break;
7290         }
7291         if (i == 500)
7292                 return (STMF_BUSY);
7293 
7294         ddi_taskq_destroy(stmf_state.stmf_svc_taskq);
7295 
7296         return (STMF_SUCCESS);
7297 }
7298 
7299 struct stmf_svc_clocks {
7300         clock_t drain_start, drain_next;
7301         clock_t timing_start, timing_next;
7302         clock_t worker_delay;
7303 };
7304 
7305 /* ARGSUSED */
7306 void
7307 stmf_svc(void *arg)
7308 {
7309         stmf_svc_req_t *req;
7310         stmf_lu_t *lu;
7311         stmf_i_lu_t *ilu;
7312         stmf_local_port_t *lport;
7313         struct stmf_svc_clocks clks = { 0 };
7314 
7315         mutex_enter(&stmf_state.stmf_lock);
7316         stmf_state.stmf_svc_flags |= STMF_SVC_STARTED | STMF_SVC_ACTIVE;
7317 
7318         while (!(stmf_state.stmf_svc_flags & STMF_SVC_TERMINATE)) {
7319                 if (stmf_state.stmf_svc_active == NULL) {
7320                         stmf_svc_timeout(&clks);
7321                         continue;
7322                 }
7323 
7324                 /*
7325                  * Pop the front request from the active list.  After this,
7326                  * the request will no longer be referenced by global state,
7327                  * so it should be safe to access it without holding the
7328                  * stmf state lock.
7329                  */
7330                 req = stmf_state.stmf_svc_active;
7331                 stmf_state.stmf_svc_active = req->svc_next;
7332 
7333                 if (stmf_state.stmf_svc_active == NULL)
7334                         stmf_state.stmf_svc_tailp = &stmf_state.stmf_svc_active;
7335 
7336                 switch (req->svc_cmd) {
7337                 case STMF_CMD_LPORT_ONLINE:
7338                         /* Fallthrough */
7339                 case STMF_CMD_LPORT_OFFLINE:
7340                         mutex_exit(&stmf_state.stmf_lock);
7341                         lport = (stmf_local_port_t *)req->svc_obj;
7342                         lport->lport_ctl(lport, req->svc_cmd, &req->svc_info);
7343                         break;
7344                 case STMF_CMD_LU_ONLINE:
7345                         mutex_exit(&stmf_state.stmf_lock);
7346                         lu = (stmf_lu_t *)req->svc_obj;
7347                         lu->lu_ctl(lu, req->svc_cmd, &req->svc_info);
7348                         break;
7349                 case STMF_CMD_LU_OFFLINE:
7350                         /* Remove all mappings of this LU */
7351                         stmf_session_lu_unmapall((stmf_lu_t *)req->svc_obj);
7352                         /* Kill all the pending I/Os for this LU */
7353                         mutex_exit(&stmf_state.stmf_lock);
7354                         stmf_task_lu_killall((stmf_lu_t *)req->svc_obj, NULL,
7355                             STMF_ABORTED);
7356                         lu = (stmf_lu_t *)req->svc_obj;
7357                         ilu = (stmf_i_lu_t *)lu->lu_stmf_private;
7358                         stmf_wait_ilu_tasks_finish(ilu);
7359                         lu->lu_ctl(lu, req->svc_cmd, &req->svc_info);
7360                         break;
7361                 default:
7362                         cmn_err(CE_PANIC, "stmf_svc: unknown cmd %d",
7363                             req->svc_cmd);
7364                 }
7365 
7366                 kmem_free(req, req->svc_req_alloc_size);
7367                 mutex_enter(&stmf_state.stmf_lock);
7368         }
7369 
7370         stmf_state.stmf_svc_flags &= ~(STMF_SVC_STARTED | STMF_SVC_ACTIVE);
7371         mutex_exit(&stmf_state.stmf_lock);
7372 }
7373 
7374 static void
7375 stmf_svc_timeout(struct stmf_svc_clocks *clks)
7376 {
7377         clock_t td;
7378         stmf_i_local_port_t *ilport, *next_ilport;
7379         stmf_i_scsi_session_t *iss;
7380 
7381         ASSERT(mutex_owned(&stmf_state.stmf_lock));
7382 
7383         td = drv_usectohz(20000);
7384 
7385         /* Do timeouts */
7386         if (stmf_state.stmf_nlus &&
7387             ((!clks->timing_next) || (ddi_get_lbolt() >= clks->timing_next))) {
7388                 if (!stmf_state.stmf_svc_ilu_timing) {
7389                         /* we are starting a new round */
7390                         stmf_state.stmf_svc_ilu_timing =
7391                             stmf_state.stmf_ilulist;
7392                         clks->timing_start = ddi_get_lbolt();
7393                 }
7394 
7395                 stmf_check_ilu_timing();
7396                 if (!stmf_state.stmf_svc_ilu_timing) {
7397                         /* we finished a complete round */
7398                         clks->timing_next =
7399                             clks->timing_start + drv_usectohz(5*1000*1000);
7400                 } else {
7401                         /* we still have some ilu items to check */
7402                         clks->timing_next =
7403                             ddi_get_lbolt() + drv_usectohz(1*1000*1000);
7404                 }
7405 
7406                 if (stmf_state.stmf_svc_active)
7407                         return;
7408         }
7409 
7410         /* Check if there are free tasks to clear */
7411         if (stmf_state.stmf_nlus &&
7412             ((!clks->drain_next) || (ddi_get_lbolt() >= clks->drain_next))) {
7413                 if (!stmf_state.stmf_svc_ilu_draining) {
7414                         /* we are starting a new round */
7415                         stmf_state.stmf_svc_ilu_draining =
7416                             stmf_state.stmf_ilulist;
7417                         clks->drain_start = ddi_get_lbolt();
7418                 }
7419 
7420                 stmf_check_freetask();
7421                 if (!stmf_state.stmf_svc_ilu_draining) {
7422                         /* we finished a complete round */
7423                         clks->drain_next =
7424                             clks->drain_start + drv_usectohz(10*1000*1000);
7425                 } else {
7426                         /* we still have some ilu items to check */
7427                         clks->drain_next =
7428                             ddi_get_lbolt() + drv_usectohz(1*1000*1000);
7429                 }
7430 
7431                 if (stmf_state.stmf_svc_active)
7432                         return;
7433         }
7434 
7435         /* Check if we need to run worker_mgmt */
7436         if (ddi_get_lbolt() > clks->worker_delay) {
7437                 stmf_worker_mgmt();
7438                 clks->worker_delay = ddi_get_lbolt() +
7439                     stmf_worker_mgmt_delay;
7440         }
7441 
7442         /* Check if any active session got its 1st LUN */
7443         if (stmf_state.stmf_process_initial_luns) {
7444                 int stmf_level = 0;
7445                 int port_level;
7446 
7447                 for (ilport = stmf_state.stmf_ilportlist; ilport;
7448                     ilport = next_ilport) {
7449                         int ilport_lock_held;
7450                         next_ilport = ilport->ilport_next;
7451 
7452                         if ((ilport->ilport_flags &
7453                             ILPORT_SS_GOT_INITIAL_LUNS) == 0)
7454                                 continue;
7455 
7456                         port_level = 0;
7457                         rw_enter(&ilport->ilport_lock, RW_READER);
7458                         ilport_lock_held = 1;
7459 
7460                         for (iss = ilport->ilport_ss_list; iss;
7461                             iss = iss->iss_next) {
7462                                 if ((iss->iss_flags &
7463                                     ISS_GOT_INITIAL_LUNS) == 0)
7464                                         continue;
7465 
7466                                 port_level++;
7467                                 stmf_level++;
7468                                 atomic_and_32(&iss->iss_flags,
7469                                     ~ISS_GOT_INITIAL_LUNS);
7470                                 atomic_or_32(&iss->iss_flags,
7471                                     ISS_EVENT_ACTIVE);
7472                                 rw_exit(&ilport->ilport_lock);
7473                                 ilport_lock_held = 0;
7474                                 mutex_exit(&stmf_state.stmf_lock);
7475                                 stmf_generate_lport_event(ilport,
7476                                     LPORT_EVENT_INITIAL_LUN_MAPPED,
7477                                     iss->iss_ss, 0);
7478                                 atomic_and_32(&iss->iss_flags,
7479                                     ~ISS_EVENT_ACTIVE);
7480                                 mutex_enter(&stmf_state.stmf_lock);
7481                                 /*
7482                                  * scan all the ilports again as the
7483                                  * ilport list might have changed.
7484                                  */
7485                                 next_ilport = stmf_state.stmf_ilportlist;
7486                                 break;
7487                         }
7488 
7489                         if (port_level == 0)
7490                                 atomic_and_32(&ilport->ilport_flags,
7491                                     ~ILPORT_SS_GOT_INITIAL_LUNS);
7492                         /* drop the lock if we are holding it. */
7493                         if (ilport_lock_held == 1)
7494                                 rw_exit(&ilport->ilport_lock);
7495 
7496                         /* Max 4 session at a time */
7497                         if (stmf_level >= 4)
7498                                 break;
7499                 }
7500 
7501                 if (stmf_level == 0)
7502                         stmf_state.stmf_process_initial_luns = 0;
7503         }
7504 
7505         stmf_state.stmf_svc_flags &= ~STMF_SVC_ACTIVE;
7506         (void) cv_reltimedwait(&stmf_state.stmf_cv,
7507             &stmf_state.stmf_lock, td, TR_CLOCK_TICK);
7508         stmf_state.stmf_svc_flags |= STMF_SVC_ACTIVE;
7509 }
7510 
7511 /*
7512  * Waits for ongoing I/O tasks to finish on an LU in preparation for
7513  * the LU's offlining. The LU should already be in an Offlining state
7514  * (otherwise I/O to the LU might never end). There is an additional
7515  * enforcement of this via a deadman timer check.
7516  */
7517 static void
7518 stmf_wait_ilu_tasks_finish(stmf_i_lu_t *ilu)
7519 {
7520         clock_t start, now, deadline;
7521 
7522         start = now = ddi_get_lbolt();
7523         deadline = start + drv_usectohz(stmf_io_deadman * 1000000llu);
7524         mutex_enter(&ilu->ilu_task_lock);
7525         while (ilu->ilu_ntasks != ilu->ilu_ntasks_free) {
7526                 (void) cv_timedwait(&ilu->ilu_offline_pending_cv,
7527                     &ilu->ilu_task_lock, deadline);
7528                 now = ddi_get_lbolt();
7529                 if (now > deadline) {
7530                         if (stmf_io_deadman_enabled) {
7531                                 cmn_err(CE_PANIC, "stmf_svc: I/O deadman hit "
7532                                     "on STMF_CMD_LU_OFFLINE after %d seconds",
7533                                     stmf_io_deadman);
7534                         } else {
7535                                 /* keep on spinning */
7536                                 deadline = now + drv_usectohz(stmf_io_deadman *
7537                                     1000000llu);
7538                         }
7539                 }
7540         }
7541         mutex_exit(&ilu->ilu_task_lock);
7542         DTRACE_PROBE1(deadman__timeout__wait, clock_t, now - start);
7543 }
7544 
7545 void
7546 stmf_svc_queue(int cmd, void *obj, stmf_state_change_info_t *info)
7547 {
7548         stmf_svc_req_t *req;
7549         int s;
7550 
7551         ASSERT(!mutex_owned(&stmf_state.stmf_lock));
7552         s = sizeof (stmf_svc_req_t);
7553         if (info->st_additional_info) {
7554                 s += strlen(info->st_additional_info) + 1;
7555         }
7556         req = kmem_zalloc(s, KM_SLEEP);
7557 
7558         req->svc_cmd = cmd;
7559         req->svc_obj = obj;
7560         req->svc_info.st_rflags = info->st_rflags;
7561         if (info->st_additional_info) {
7562                 req->svc_info.st_additional_info = (char *)(GET_BYTE_OFFSET(req,
7563                     sizeof (stmf_svc_req_t)));
7564                 (void) strcpy(req->svc_info.st_additional_info,
7565                     info->st_additional_info);
7566         }
7567         req->svc_req_alloc_size = s;
7568         req->svc_next = NULL;
7569 
7570         mutex_enter(&stmf_state.stmf_lock);
7571         *stmf_state.stmf_svc_tailp = req;
7572         stmf_state.stmf_svc_tailp = &req->svc_next;
7573         if ((stmf_state.stmf_svc_flags & STMF_SVC_ACTIVE) == 0) {
7574                 cv_signal(&stmf_state.stmf_cv);
7575         }
7576         mutex_exit(&stmf_state.stmf_lock);
7577 }
7578 
7579 static void
7580 stmf_svc_kill_obj_requests(void *obj)
7581 {
7582         stmf_svc_req_t *prev_req = NULL;
7583         stmf_svc_req_t *next_req;
7584         stmf_svc_req_t *req;
7585 
7586         ASSERT(mutex_owned(&stmf_state.stmf_lock));
7587 
7588         for (req = stmf_state.stmf_svc_active; req != NULL; req = next_req) {
7589                 next_req = req->svc_next;
7590 
7591                 if (req->svc_obj == obj) {
7592                         if (prev_req != NULL)
7593                                 prev_req->svc_next = next_req;
7594                         else
7595                                 stmf_state.stmf_svc_active = next_req;
7596 
7597                         if (next_req == NULL)
7598                                 stmf_state.stmf_svc_tailp = (prev_req != NULL) ?
7599                                     &prev_req->svc_next :
7600                                     &stmf_state.stmf_svc_active;
7601 
7602                         kmem_free(req, req->svc_req_alloc_size);
7603                 } else {
7604                         prev_req = req;
7605                 }
7606         }
7607 }
7608 
7609 void
7610 stmf_trace(caddr_t ident, const char *fmt, ...)
7611 {
7612         va_list args;
7613         char tbuf[160];
7614         int len;
7615 
7616         if (!stmf_trace_on)
7617                 return;
7618         len = snprintf(tbuf, 158, "%s:%07lu: ", ident ? ident : "",
7619             ddi_get_lbolt());
7620         va_start(args, fmt);
7621         len += vsnprintf(tbuf + len, 158 - len, fmt, args);
7622         va_end(args);
7623 
7624         if (len > 158) {
7625                 len = 158;
7626         }
7627         tbuf[len++] = '\n';
7628         tbuf[len] = 0;
7629 
7630         mutex_enter(&trace_buf_lock);
7631         bcopy(tbuf, &stmf_trace_buf[trace_buf_curndx], len+1);
7632         trace_buf_curndx += len;
7633         if (trace_buf_curndx > (trace_buf_size - 320))
7634                 trace_buf_curndx = 0;
7635         mutex_exit(&trace_buf_lock);
7636 }
7637 
7638 void
7639 stmf_trace_clear()
7640 {
7641         if (!stmf_trace_on)
7642                 return;
7643         mutex_enter(&trace_buf_lock);
7644         trace_buf_curndx = 0;
7645         if (trace_buf_size > 0)
7646                 stmf_trace_buf[0] = 0;
7647         mutex_exit(&trace_buf_lock);
7648 }
7649 
7650 static void
7651 stmf_abort_task_offline(scsi_task_t *task, int offline_lu, char *info)
7652 {
7653         stmf_state_change_info_t        change_info;
7654         void                            *ctl_private;
7655         uint32_t                        ctl_cmd;
7656         int                             msg = 0;
7657 
7658         stmf_trace("FROM STMF", "abort_task_offline called for %s: %s",
7659             offline_lu ? "LU" : "LPORT", info ? info : "no additional info");
7660         change_info.st_additional_info = info;
7661         if (offline_lu) {
7662                 change_info.st_rflags = STMF_RFLAG_RESET |
7663                     STMF_RFLAG_LU_ABORT;
7664                 ctl_private = task->task_lu;
7665                 if (((stmf_i_lu_t *)
7666                     task->task_lu->lu_stmf_private)->ilu_state ==
7667                     STMF_STATE_ONLINE) {
7668                         msg = 1;
7669                 }
7670                 ctl_cmd = STMF_CMD_LU_OFFLINE;
7671         } else {
7672                 change_info.st_rflags = STMF_RFLAG_RESET |
7673                     STMF_RFLAG_LPORT_ABORT;
7674                 ctl_private = task->task_lport;
7675                 if (((stmf_i_local_port_t *)
7676                     task->task_lport->lport_stmf_private)->ilport_state ==
7677                     STMF_STATE_ONLINE) {
7678                         msg = 1;
7679                 }
7680                 ctl_cmd = STMF_CMD_LPORT_OFFLINE;
7681         }
7682 
7683         if (msg) {
7684                 stmf_trace(0, "Calling stmf_ctl to offline %s : %s",
7685                     offline_lu ? "LU" : "LPORT", info ? info :
7686                     "<no additional info>");
7687         }
7688         (void) stmf_ctl(ctl_cmd, ctl_private, &change_info);
7689 }
7690 
7691 static char
7692 stmf_ctoi(char c)
7693 {
7694         if ((c >= '0') && (c <= '9'))
7695                 c -= '0';
7696         else if ((c >= 'A') && (c <= 'F'))
7697                 c = c - 'A' + 10;
7698         else if ((c >= 'a') && (c <= 'f'))
7699                 c = c - 'a' + 10;
7700         else
7701                 c = -1;
7702         return (c);
7703 }
7704 
7705 /* Convert from Hex value in ASCII format to the equivalent bytes */
7706 static boolean_t
7707 stmf_base16_str_to_binary(char *c, int dplen, uint8_t *dp)
7708 {
7709         int             ii;
7710 
7711         for (ii = 0; ii < dplen; ii++) {
7712                 char nibble1, nibble2;
7713                 char enc_char = *c++;
7714                 nibble1 = stmf_ctoi(enc_char);
7715 
7716                 enc_char = *c++;
7717                 nibble2 = stmf_ctoi(enc_char);
7718                 if (nibble1 == -1 || nibble2 == -1)
7719                         return (B_FALSE);
7720 
7721                 dp[ii] = (nibble1 << 4) | nibble2;
7722         }
7723         return (B_TRUE);
7724 }
7725 
7726 boolean_t
7727 stmf_scsilib_tptid_validate(scsi_transport_id_t *tptid, uint32_t total_sz,
7728                                 uint16_t *tptid_sz)
7729 {
7730         uint16_t tpd_len = SCSI_TPTID_SIZE;
7731 
7732         if (tptid_sz)
7733                 *tptid_sz = 0;
7734         if (total_sz < sizeof (scsi_transport_id_t))
7735                 return (B_FALSE);
7736 
7737         switch (tptid->protocol_id) {
7738 
7739         case PROTOCOL_FIBRE_CHANNEL:
7740                 /* FC Transport ID validation checks. SPC3 rev23, Table 284 */
7741                 if (total_sz < tpd_len || tptid->format_code != 0)
7742                         return (B_FALSE);
7743                 break;
7744 
7745         case PROTOCOL_iSCSI:
7746                 {
7747                 iscsi_transport_id_t    *iscsiid;
7748                 uint16_t                adn_len, name_len;
7749 
7750                 /* Check for valid format code, SPC3 rev 23 Table 288 */
7751                 if ((total_sz < tpd_len) ||
7752                     (tptid->format_code != 0 && tptid->format_code != 1))
7753                         return (B_FALSE);
7754 
7755                 iscsiid = (iscsi_transport_id_t *)tptid;
7756                 adn_len = READ_SCSI16(iscsiid->add_len, uint16_t);
7757                 tpd_len = sizeof (iscsi_transport_id_t) + adn_len - 1;
7758 
7759                 /*
7760                  * iSCSI Transport ID validation checks.
7761                  * As per SPC3 rev 23 Section 7.5.4.6 and Table 289 & Table 290
7762                  */
7763                 if (adn_len < 20 || (adn_len % 4 != 0))
7764                         return (B_FALSE);
7765 
7766                 name_len = strnlen(iscsiid->iscsi_name, adn_len);
7767                 if (name_len == 0 || name_len >= adn_len)
7768                         return (B_FALSE);
7769 
7770                 /* If the format_code is 1 check for ISID seperator */
7771                 if ((tptid->format_code == 1) && (strstr(iscsiid->iscsi_name,
7772                     SCSI_TPTID_ISCSI_ISID_SEPERATOR) == NULL))
7773                         return (B_FALSE);
7774 
7775                 }
7776                 break;
7777 
7778         case PROTOCOL_SRP:
7779                 /* SRP Transport ID validation checks. SPC3 rev23, Table 287 */
7780                 if (total_sz < tpd_len || tptid->format_code != 0)
7781                         return (B_FALSE);
7782                 break;
7783 
7784         case PROTOCOL_PARALLEL_SCSI:
7785         case PROTOCOL_SSA:
7786         case PROTOCOL_IEEE_1394:
7787         case PROTOCOL_SAS:
7788         case PROTOCOL_ADT:
7789         case PROTOCOL_ATAPI:
7790         default:
7791                 {
7792                 stmf_dflt_scsi_tptid_t *dflttpd;
7793 
7794                 tpd_len = sizeof (stmf_dflt_scsi_tptid_t);
7795                 if (total_sz < tpd_len)
7796                         return (B_FALSE);
7797                 dflttpd = (stmf_dflt_scsi_tptid_t *)tptid;
7798                 tpd_len = tpd_len + SCSI_READ16(&dflttpd->ident_len) - 1;
7799                 if (total_sz < tpd_len)
7800                         return (B_FALSE);
7801                 }
7802                 break;
7803         }
7804         if (tptid_sz)
7805                 *tptid_sz = tpd_len;
7806         return (B_TRUE);
7807 }
7808 
7809 boolean_t
7810 stmf_scsilib_tptid_compare(scsi_transport_id_t *tpd1,
7811                                 scsi_transport_id_t *tpd2)
7812 {
7813         if ((tpd1->protocol_id != tpd2->protocol_id) ||
7814             (tpd1->format_code != tpd2->format_code))
7815                 return (B_FALSE);
7816 
7817         switch (tpd1->protocol_id) {
7818 
7819         case PROTOCOL_iSCSI:
7820                 {
7821                 iscsi_transport_id_t *iscsitpd1, *iscsitpd2;
7822                 uint16_t len;
7823 
7824                 iscsitpd1 = (iscsi_transport_id_t *)tpd1;
7825                 iscsitpd2 = (iscsi_transport_id_t *)tpd2;
7826                 len = SCSI_READ16(&iscsitpd1->add_len);
7827                 if ((memcmp(iscsitpd1->add_len, iscsitpd2->add_len, 2) != 0) ||
7828                     (memcmp(iscsitpd1->iscsi_name, iscsitpd2->iscsi_name, len)
7829                     != 0))
7830                         return (B_FALSE);
7831                 }
7832                 break;
7833 
7834         case PROTOCOL_SRP:
7835                 {
7836                 scsi_srp_transport_id_t *srptpd1, *srptpd2;
7837 
7838                 srptpd1 = (scsi_srp_transport_id_t *)tpd1;
7839                 srptpd2 = (scsi_srp_transport_id_t *)tpd2;
7840                 if (memcmp(srptpd1->srp_name, srptpd2->srp_name,
7841                     sizeof (srptpd1->srp_name)) != 0)
7842                         return (B_FALSE);
7843                 }
7844                 break;
7845 
7846         case PROTOCOL_FIBRE_CHANNEL:
7847                 {
7848                 scsi_fc_transport_id_t *fctpd1, *fctpd2;
7849 
7850                 fctpd1 = (scsi_fc_transport_id_t *)tpd1;
7851                 fctpd2 = (scsi_fc_transport_id_t *)tpd2;
7852                 if (memcmp(fctpd1->port_name, fctpd2->port_name,
7853                     sizeof (fctpd1->port_name)) != 0)
7854                         return (B_FALSE);
7855                 }
7856                 break;
7857 
7858         case PROTOCOL_PARALLEL_SCSI:
7859         case PROTOCOL_SSA:
7860         case PROTOCOL_IEEE_1394:
7861         case PROTOCOL_SAS:
7862         case PROTOCOL_ADT:
7863         case PROTOCOL_ATAPI:
7864         default:
7865                 {
7866                 stmf_dflt_scsi_tptid_t *dflt1, *dflt2;
7867                 uint16_t len;
7868 
7869                 dflt1 = (stmf_dflt_scsi_tptid_t *)tpd1;
7870                 dflt2 = (stmf_dflt_scsi_tptid_t *)tpd2;
7871                 len = SCSI_READ16(&dflt1->ident_len);
7872                 if ((memcmp(dflt1->ident_len, dflt2->ident_len, 2) != 0) ||
7873                     (memcmp(dflt1->ident, dflt2->ident, len) != 0))
7874                         return (B_FALSE);
7875                 }
7876                 break;
7877         }
7878         return (B_TRUE);
7879 }
7880 
7881 /*
7882  * Changes devid_desc to corresponding TransportID format
7883  * Returns :- pointer to stmf_remote_port_t
7884  * Note    :- Allocates continous memory for stmf_remote_port_t and TransportID,
7885  *            This memory need to be freed when this remote_port is no longer
7886  *            used.
7887  */
7888 stmf_remote_port_t *
7889 stmf_scsilib_devid_to_remote_port(scsi_devid_desc_t *devid)
7890 {
7891         struct scsi_fc_transport_id     *fc_tpd;
7892         struct iscsi_transport_id       *iscsi_tpd;
7893         struct scsi_srp_transport_id    *srp_tpd;
7894         struct stmf_dflt_scsi_tptid     *dflt_tpd;
7895         uint16_t ident_len,  sz = 0;
7896         stmf_remote_port_t *rpt = NULL;
7897 
7898         ident_len = devid->ident_length;
7899         ASSERT(ident_len);
7900         switch (devid->protocol_id) {
7901         case PROTOCOL_FIBRE_CHANNEL:
7902                 sz = sizeof (scsi_fc_transport_id_t);
7903                 rpt = stmf_remote_port_alloc(sz);
7904                 rpt->rport_tptid->format_code = 0;
7905                 rpt->rport_tptid->protocol_id = devid->protocol_id;
7906                 fc_tpd = (scsi_fc_transport_id_t *)rpt->rport_tptid;
7907                 /*
7908                  * convert from "wwn.xxxxxxxxxxxxxxxx" to 8-byte binary
7909                  * skip first 4 byte for "wwn."
7910                  */
7911                 ASSERT(strncmp("wwn.", (char *)devid->ident, 4) == 0);
7912                 if ((ident_len < SCSI_TPTID_FC_PORT_NAME_SIZE * 2 + 4) ||
7913                     !stmf_base16_str_to_binary((char *)devid->ident + 4,
7914                     SCSI_TPTID_FC_PORT_NAME_SIZE, fc_tpd->port_name))
7915                         goto devid_to_remote_port_fail;
7916                 break;
7917 
7918         case PROTOCOL_iSCSI:
7919                 sz = ALIGNED_TO_8BYTE_BOUNDARY(sizeof (iscsi_transport_id_t) +
7920                     ident_len - 1);
7921                 rpt = stmf_remote_port_alloc(sz);
7922                 rpt->rport_tptid->format_code = 0;
7923                 rpt->rport_tptid->protocol_id = devid->protocol_id;
7924                 iscsi_tpd = (iscsi_transport_id_t *)rpt->rport_tptid;
7925                 SCSI_WRITE16(iscsi_tpd->add_len, ident_len);
7926                 (void) memcpy(iscsi_tpd->iscsi_name, devid->ident, ident_len);
7927                 break;
7928 
7929         case PROTOCOL_SRP:
7930                 sz = sizeof (scsi_srp_transport_id_t);
7931                 rpt = stmf_remote_port_alloc(sz);
7932                 rpt->rport_tptid->format_code = 0;
7933                 rpt->rport_tptid->protocol_id = devid->protocol_id;
7934                 srp_tpd = (scsi_srp_transport_id_t *)rpt->rport_tptid;
7935                 /*
7936                  * convert from "eui.xxxxxxxxxxxxxxx" to 8-byte binary
7937                  * skip first 4 byte for "eui."
7938                  * Assume 8-byte initiator-extension part of srp_name is NOT
7939                  * stored in devid and hence will be set as zero
7940                  */
7941                 ASSERT(strncmp("eui.", (char *)devid->ident, 4) == 0);
7942                 if ((ident_len < (SCSI_TPTID_SRP_PORT_NAME_LEN - 8) * 2 + 4) ||
7943                     !stmf_base16_str_to_binary((char *)devid->ident+4,
7944                     SCSI_TPTID_SRP_PORT_NAME_LEN, srp_tpd->srp_name))
7945                         goto devid_to_remote_port_fail;
7946                 break;
7947 
7948         case PROTOCOL_PARALLEL_SCSI:
7949         case PROTOCOL_SSA:
7950         case PROTOCOL_IEEE_1394:
7951         case PROTOCOL_SAS:
7952         case PROTOCOL_ADT:
7953         case PROTOCOL_ATAPI:
7954         default :
7955                 ident_len = devid->ident_length;
7956                 sz = ALIGNED_TO_8BYTE_BOUNDARY(sizeof (stmf_dflt_scsi_tptid_t) +
7957                     ident_len - 1);
7958                 rpt = stmf_remote_port_alloc(sz);
7959                 rpt->rport_tptid->format_code = 0;
7960                 rpt->rport_tptid->protocol_id = devid->protocol_id;
7961                 dflt_tpd = (stmf_dflt_scsi_tptid_t *)rpt->rport_tptid;
7962                 SCSI_WRITE16(dflt_tpd->ident_len, ident_len);
7963                 (void) memcpy(dflt_tpd->ident, devid->ident, ident_len);
7964                 break;
7965         }
7966         return (rpt);
7967 
7968 devid_to_remote_port_fail:
7969         stmf_remote_port_free(rpt);
7970         return (NULL);
7971 
7972 }
7973 
7974 stmf_remote_port_t *
7975 stmf_remote_port_alloc(uint16_t tptid_sz) {
7976         stmf_remote_port_t *rpt;
7977         rpt = (stmf_remote_port_t *)kmem_zalloc(
7978             sizeof (stmf_remote_port_t) + tptid_sz, KM_SLEEP);
7979         rpt->rport_tptid_sz = tptid_sz;
7980         rpt->rport_tptid = (scsi_transport_id_t *)(rpt + 1);
7981         return (rpt);
7982 }
7983 
7984 void
7985 stmf_remote_port_free(stmf_remote_port_t *rpt)
7986 {
7987         /*
7988          * Note: stmf_scsilib_devid_to_remote_port() function allocates
7989          *      remote port structures for all transports in the same way, So
7990          *      it is safe to deallocate it in a protocol independent manner.
7991          *      If any of the allocation method changes, corresponding changes
7992          *      need to be made here too.
7993          */
7994         kmem_free(rpt, sizeof (stmf_remote_port_t) + rpt->rport_tptid_sz);
7995 }