~hc/RK356X_SDK_RELEASE.git

..	..	@@ -1,3 +1,4 @@
	1	+// SPDX-License-Identifier: GPL-2.0-only
1	2	/*
2	3	* scsi_error.c Copyright (C) 1997 Eric Youngdale
3	4	*
..	..	@@ -115,6 +116,14 @@
115	116	return 1;
116	117	}
117	118
	119	+static bool scsi_cmd_retry_allowed(struct scsi_cmnd *cmd)
	120	+{
	121	+ if (cmd->allowed == SCSI_CMD_RETRIES_NO_LIMIT)
	122	+ return true;
	123	+
	124	+ return ++cmd->retries <= cmd->allowed;
	125	+}
	126	+
118	127	/**
119	128	* scmd_eh_abort_handler - Handle command aborts
120	129	* @work: command to be aborted.
..	..	@@ -150,7 +159,7 @@
150	159	"eh timeout, not retrying "
151	160	"aborted command\n"));
152	161	} else if (!scsi_noretry_cmd(scmd) &&
153		- (++scmd->retries <= scmd->allowed)) {
	162	+ scsi_cmd_retry_allowed(scmd)) {
154	163	SCSI_LOG_ERROR_RECOVERY(3,
155	164	scmd_printk(KERN_WARNING, scmd,
156	165	"retry aborted command\n"));
..	..	@@ -297,19 +306,19 @@
297	306
298	307	if (rtn == BLK_EH_DONE) {
299	308	/*
300		- * For blk-mq, we must set the request state to complete now
301		- * before sending the request to the scsi error handler. This
302		- * will prevent a use-after-free in the event the LLD manages
303		- * to complete the request before the error handler finishes
304		- * processing this timed out request.
	309	+ * Set the command to complete first in order to prevent a real
	310	+ * completion from releasing the command while error handling
	311	+ * is using it. If the command was already completed, then the
	312	+ * lower level driver beat the timeout handler, and it is safe
	313	+ * to return without escalating error recovery.
305	314	*
306		- * If the request was already completed, then the LLD beat the
307		- * time out handler from transferring the request to the scsi
308		- * error handler. In that case we can return immediately as no
309		- * further action is required.
	315	+ * If timeout handling lost the race to a real completion, the
	316	+ * block layer may ignore that due to a fake timeout injection,
	317	+ * so return RESET_TIMER to allow error handling another shot
	318	+ * at this command.
310	319	*/
311		- if (req->q->mq_ops && !blk_mq_mark_complete(req))
312		- return rtn;
	320	+ if (test_and_set_bit(SCMD_STATE_COMPLETE, &scmd->state))
	321	+ return BLK_EH_RESET_TIMER;
313	322	if (scsi_abort_command(scmd) != SUCCESS) {
314	323	set_host_byte(scmd, DID_TIME_OUT);
315	324	scsi_eh_scmd_add(scmd);
..	..	@@ -337,9 +346,6 @@
337	346	wait_event(sdev->host->host_wait, !scsi_host_in_recovery(sdev->host));
338	347
339	348	online = scsi_device_online(sdev);
340		-
341		- SCSI_LOG_ERROR_RECOVERY(5, sdev_printk(KERN_INFO, sdev,
342		- "%s: rtn: %d\n", __func__, online));
343	349
344	350	return online;
345	351	}
..	..	@@ -601,7 +607,7 @@
601	607	set_host_byte(scmd, DID_ALLOC_FAILURE);
602	608	return SUCCESS;
603	609	}
604		- /* FALLTHROUGH */
	610	+ fallthrough;
605	611	case COPY_ABORTED:
606	612	case VOLUME_OVERFLOW:
607	613	case MISCOMPARE:
..	..	@@ -623,7 +629,7 @@
623	629	return ADD_TO_MLQUEUE;
624	630	else
625	631	set_host_byte(scmd, DID_TARGET_FAILURE);
626		- /* FALLTHROUGH */
	632	+ fallthrough;
627	633
628	634	case ILLEGAL_REQUEST:
629	635	if (sshdr.asc == 0x20 \|\| /* Invalid command operation code */
..	..	@@ -736,7 +742,7 @@
736	742	switch (status_byte(scmd->result)) {
737	743	case GOOD:
738	744	scsi_handle_queue_ramp_up(scmd->device);
739		- /* FALLTHROUGH */
	745	+ fallthrough;
740	746	case COMMAND_TERMINATED:
741	747	return SUCCESS;
742	748	case CHECK_CONDITION:
..	..	@@ -757,7 +763,7 @@
757	763	return FAILED;
758	764	case QUEUE_FULL:
759	765	scsi_handle_queue_full(scmd->device);
760		- /* fall through */
	766	+ fallthrough;
761	767	case BUSY:
762	768	return NEEDS_RETRY;
763	769	default:
..	..	@@ -968,7 +974,6 @@
968	974	ses->cmnd = scmd->cmnd;
969	975	ses->data_direction = scmd->sc_data_direction;
970	976	ses->sdb = scmd->sdb;
971		- ses->next_rq = scmd->request->next_rq;
972	977	ses->result = scmd->result;
973	978	ses->resid_len = scmd->req.resid_len;
974	979	ses->underflow = scmd->underflow;
..	..	@@ -980,7 +985,6 @@
980	985	scmd->cmnd = ses->eh_cmnd;
981	986	memset(scmd->cmnd, 0, BLK_MAX_CDB);
982	987	memset(&scmd->sdb, 0, sizeof(scmd->sdb));
983		- scmd->request->next_rq = NULL;
984	988	scmd->result = 0;
985	989	scmd->req.resid_len = 0;
986	990
..	..	@@ -1034,7 +1038,6 @@
1034	1038	scmd->cmnd = ses->cmnd;
1035	1039	scmd->sc_data_direction = ses->data_direction;
1036	1040	scmd->sdb = ses->sdb;
1037		- scmd->request->next_rq = ses->next_rq;
1038	1041	scmd->result = ses->result;
1039	1042	scmd->req.resid_len = ses->resid_len;
1040	1043	scmd->underflow = ses->underflow;
..	..	@@ -1063,7 +1066,7 @@
1063	1066	struct scsi_device *sdev = scmd->device;
1064	1067	struct Scsi_Host *shost = sdev->host;
1065	1068	DECLARE_COMPLETION_ONSTACK(done);
1066		- unsigned long timeleft = timeout;
	1069	+ unsigned long timeleft = timeout, delay;
1067	1070	struct scsi_eh_save ses;
1068	1071	const unsigned long stall_for = msecs_to_jiffies(100);
1069	1072	int rtn;
..	..	@@ -1074,7 +1077,29 @@
1074	1077
1075	1078	scsi_log_send(scmd);
1076	1079	scmd->scsi_done = scsi_eh_done;
1077		- rtn = shost->hostt->queuecommand(shost, scmd);
	1080	+
	1081	+ /*
	1082	+ * Lock sdev->state_mutex to avoid that scsi_device_quiesce() can
	1083	+ * change the SCSI device state after we have examined it and before
	1084	+ * .queuecommand() is called.
	1085	+ */
	1086	+ mutex_lock(&sdev->state_mutex);
	1087	+ while (sdev->sdev_state == SDEV_BLOCK && timeleft > 0) {
	1088	+ mutex_unlock(&sdev->state_mutex);
	1089	+ SCSI_LOG_ERROR_RECOVERY(5, sdev_printk(KERN_DEBUG, sdev,
	1090	+ "%s: state %d <> %d\n", __func__, sdev->sdev_state,
	1091	+ SDEV_BLOCK));
	1092	+ delay = min(timeleft, stall_for);
	1093	+ timeleft -= delay;
	1094	+ msleep(jiffies_to_msecs(delay));
	1095	+ mutex_lock(&sdev->state_mutex);
	1096	+ }
	1097	+ if (sdev->sdev_state != SDEV_BLOCK)
	1098	+ rtn = shost->hostt->queuecommand(shost, scmd);
	1099	+ else
	1100	+ rtn = SCSI_MLQUEUE_DEVICE_BUSY;
	1101	+ mutex_unlock(&sdev->state_mutex);
	1102	+
1078	1103	if (rtn) {
1079	1104	if (timeleft > stall_for) {
1080	1105	scsi_eh_restore_cmnd(scmd, &ses);
..	..	@@ -1247,11 +1272,18 @@
1247	1272	* upper level.
1248	1273	*/
1249	1274	if (rtn == SUCCESS)
1250		- /* we don't want this command reissued, just
1251		- * finished with the sense data, so set
1252		- * retries to the max allowed to ensure it
1253		- * won't get reissued */
1254		- scmd->retries = scmd->allowed;
	1275	+ /*
	1276	+ * We don't want this command reissued, just finished
	1277	+ * with the sense data, so set retries to the max
	1278	+ * allowed to ensure it won't get reissued. If the user
	1279	+ * has requested infinite retries, we also want to
	1280	+ * finish this command, so force completion by setting
	1281	+ * retries and allowed to the same value.
	1282	+ */
	1283	+ if (scmd->allowed == SCSI_CMD_RETRIES_NO_LIMIT)
	1284	+ scmd->retries = scmd->allowed = 1;
	1285	+ else
	1286	+ scmd->retries = scmd->allowed;
1255	1287	else if (rtn != NEEDS_RETRY)
1256	1288	continue;
1257	1289
..	..	@@ -1285,7 +1317,7 @@
1285	1317	case NEEDS_RETRY:
1286	1318	if (retry_cnt--)
1287	1319	goto retry_tur;
1288		- /FALLTHRU/
	1320	+ fallthrough;
1289	1321	case SUCCESS:
1290	1322	return 0;
1291	1323	default:
..	..	@@ -1395,6 +1427,7 @@
1395	1427	sdev_printk(KERN_INFO, sdev,
1396	1428	"%s: skip START_UNIT, past eh deadline\n",
1397	1429	current->comm));
	1430	+ scsi_device_put(sdev);
1398	1431	break;
1399	1432	}
1400	1433	stu_scmd = NULL;
..	..	@@ -1461,6 +1494,7 @@
1461	1494	sdev_printk(KERN_INFO, sdev,
1462	1495	"%s: skip BDR, past eh deadline\n",
1463	1496	current->comm));
	1497	+ scsi_device_put(sdev);
1464	1498	break;
1465	1499	}
1466	1500	bdr_scmd = NULL;
..	..	@@ -1720,7 +1754,7 @@
1720	1754	if (msg_byte(scmd->result) == COMMAND_COMPLETE &&
1721	1755	status_byte(scmd->result) == RESERVATION_CONFLICT)
1722	1756	return 0;
1723		- /* fall through */
	1757	+ fallthrough;
1724	1758	case DID_SOFT_ERROR:
1725	1759	return (scmd->request->cmd_flags & REQ_FAILFAST_DRIVER);
1726	1760	}
..	..	@@ -1736,8 +1770,8 @@
1736	1770	if (scmd->request->cmd_flags & REQ_FAILFAST_DEV \|\|
1737	1771	blk_rq_is_passthrough(scmd->request))
1738	1772	return 1;
1739		- else
1740		- return 0;
	1773	+
	1774	+ return 0;
1741	1775	}
1742	1776
1743	1777	/**
..	..	@@ -1791,7 +1825,7 @@
1791	1825	set_host_byte(scmd, DID_TIME_OUT);
1792	1826	return SUCCESS;
1793	1827	}
1794		- /* FALLTHROUGH */
	1828	+ fallthrough;
1795	1829	case DID_NO_CONNECT:
1796	1830	case DID_BAD_TARGET:
1797	1831	/*
..	..	@@ -1835,7 +1869,7 @@
1835	1869	* lower down
1836	1870	*/
1837	1871	break;
1838		- /* fallthrough */
	1872	+ fallthrough;
1839	1873	case DID_BUS_BUSY:
1840	1874	case DID_PARITY:
1841	1875	goto maybe_retry;
..	..	@@ -1873,7 +1907,7 @@
1873	1907	* the case of trying to send too many commands to a
1874	1908	* tagged queueing device.
1875	1909	*/
1876		- /* FALLTHROUGH */
	1910	+ fallthrough;
1877	1911	case BUSY:
1878	1912	/*
1879	1913	* device can't talk to us at the moment. Should only
..	..	@@ -1886,7 +1920,7 @@
1886	1920	if (scmd->cmnd[0] == REPORT_LUNS)
1887	1921	scmd->device->sdev_target->expecting_lun_change = 0;
1888	1922	scsi_handle_queue_ramp_up(scmd->device);
1889		- /* FALLTHROUGH */
	1923	+ fallthrough;
1890	1924	case COMMAND_TERMINATED:
1891	1925	return SUCCESS;
1892	1926	case TASK_ABORTED:
..	..	@@ -1925,8 +1959,7 @@
1925	1959	* the request was not marked fast fail. Note that above,
1926	1960	* even if the request is marked fast fail, we still requeue
1927	1961	* for queue congestion conditions (QUEUE_FULL or BUSY) */
1928		- if ((++scmd->retries) <= scmd->allowed
1929		- && !scsi_noretry_cmd(scmd)) {
	1962	+ if (scsi_cmd_retry_allowed(scmd) && !scsi_noretry_cmd(scmd)) {
1930	1963	return NEEDS_RETRY;
1931	1964	} else {
1932	1965	/*
..	..	@@ -1938,7 +1971,7 @@
1938	1971
1939	1972	static void eh_lock_door_done(struct request *req, blk_status_t status)
1940	1973	{
1941		- __blk_put_request(req->q, req);
	1974	+ blk_put_request(req);
1942	1975	}
1943	1976
1944	1977	/**
..	..	@@ -2072,8 +2105,7 @@
2072	2105	list_for_each_entry_safe(scmd, next, done_q, eh_entry) {
2073	2106	list_del_init(&scmd->eh_entry);
2074	2107	if (scsi_device_online(scmd->device) &&
2075		- !scsi_noretry_cmd(scmd) &&
2076		- (++scmd->retries <= scmd->allowed)) {
	2108	+ !scsi_noretry_cmd(scmd) && scsi_cmd_retry_allowed(scmd)) {
2077	2109	SCSI_LOG_ERROR_RECOVERY(3,
2078	2110	scmd_printk(KERN_INFO, scmd,
2079	2111	"%s: flush retry cmd\n",
..	..	@@ -2357,22 +2389,22 @@
2357	2389	rtn = scsi_try_bus_device_reset(scmd);
2358	2390	if (rtn == SUCCESS \|\| (val & SG_SCSI_RESET_NO_ESCALATE))
2359	2391	break;
2360		- /* FALLTHROUGH */
	2392	+ fallthrough;
2361	2393	case SG_SCSI_RESET_TARGET:
2362	2394	rtn = scsi_try_target_reset(scmd);
2363	2395	if (rtn == SUCCESS \|\| (val & SG_SCSI_RESET_NO_ESCALATE))
2364	2396	break;
2365		- /* FALLTHROUGH */
	2397	+ fallthrough;
2366	2398	case SG_SCSI_RESET_BUS:
2367	2399	rtn = scsi_try_bus_reset(scmd);
2368	2400	if (rtn == SUCCESS \|\| (val & SG_SCSI_RESET_NO_ESCALATE))
2369	2401	break;
2370		- /* FALLTHROUGH */
	2402	+ fallthrough;
2371	2403	case SG_SCSI_RESET_HOST:
2372	2404	rtn = scsi_try_host_reset(scmd);
2373	2405	if (rtn == SUCCESS)
2374	2406	break;
2375		- /* FALLTHROUGH */
	2407	+ fallthrough;
2376	2408	default:
2377	2409	rtn = FAILED;
2378	2410	break;
..	..	@@ -2395,14 +2427,12 @@
2395	2427	wake_up(&shost->host_wait);
2396	2428	scsi_run_host_queues(shost);
2397	2429
2398		- scsi_put_command(scmd);
2399	2430	kfree(rq);
2400	2431
2401	2432	out_put_autopm_host:
2402	2433	scsi_autopm_put_host(shost);
2403	2434	return error;
2404	2435	}
2405		-EXPORT_SYMBOL(scsi_ioctl_reset);
2406	2436
2407	2437	bool scsi_command_normalize_sense(const struct scsi_cmnd *cmd,
2408	2438	struct scsi_sense_hdr *sshdr)