The ->seq_assign callback only ever had one implementation,
so call the function directly and drop the callback.
Signed-off-by: NHannes Reinecke <hare@suse.com>
Acked-by: NJohannes Thumshirn <jth@kernel.org>
Signed-off-by: NMartin K. Petersen <martin.petersen@oracle.com>

The ->seq_set_resp callback only ever had one implementation,
so call it directly and drop the callback.
Signed-off-by: NHannes Reinecke <hare@suse.com>
Acked-by: NJohannes Thumshirn <jth@kernel.org>
Signed-off-by: NMartin K. Petersen <martin.petersen@oracle.com>

The ->seq_start_next callback only ever had one implementation,
so call the function directly and drop the callback.
Signed-off-by: NHannes Reinecke <hare@suse.com>
Acked-by: NJohannes Thumshirn <jth@kernel.org>
Signed-off-by: NMartin K. Petersen <martin.petersen@oracle.com>

The ->exch_done callback only ever had one implementation,
so we can as well call it directly and drop the callback.
Signed-off-by: NHannes Reinecke <hare@suse.com>
Acked-by: NJohannes Thumshirn <jth@kernel.org>
Signed-off-by: NMartin K. Petersen <martin.petersen@oracle.com>

The ->seq_exch_abort callback only ever had one implementation,
so we can as well call it directly and drop the callback.
Signed-off-by: NHannes Reinecke <hare@suse.com>
Acked-by: NJohannes Thumshirn <jth@kernel.org>
Signed-off-by: NMartin K. Petersen <martin.petersen@oracle.com>

The ->seq_send callback only ever had one implementation,
so we can as well call it directly and drop the callback.
Signed-off-by: NHannes Reinecke <hare@suse.com>
Acked-by: NJohannes Thumshirn <jth@kernel.org>
Signed-off-by: NMartin K. Petersen <martin.petersen@oracle.com>

The ->exch_seq_send callback only ever had one implementation,
so we can call the function directly and drop the callback.
Signed-off-by: NHannes Reinecke <hare@suse.com>
Acked-by: NJohannes Thumshirn <jth@kernel.org>
Signed-off-by: NMartin K. Petersen <martin.petersen@oracle.com>

The ->lport_recv callback only ever had one implementation,
so call the function directly and remove the callback.
Signed-off-by: NHannes Reinecke <hare@suse.com>
Acked-by: NJohannes Thumshirn <jth@kernel.org>
Signed-off-by: NMartin K. Petersen <martin.petersen@oracle.com>

The 'seq_els_rsp_send' callback only ever had one implementation,
so we might as well drop it and use the function directly.
Signed-off-by: NHannes Reinecke <hare@suse.com>
Acked-by: NJohannes Thumshirn <jth@kernel.org>
Acked-by: NJohannes Thumshirn <jth@kernel.org>
Signed-off-by: NMartin K. Petersen <martin.petersen@oracle.com>

We currently can only lookup the local xid, so we need
to reject REC with empty rxid.
Signed-off-by: NHannes Reinecke <hare@suse.com>
Reviewed-by: NBart Van Assche <bart.vanassche@sandisk.com>
Signed-off-by: NMartin K. Petersen <martin.petersen@oracle.com>

When receiving packets from the network we cannot guarantee any
frame ordering, so we should be receiving all valid frames and
let the upper layers deal with it.
Signed-off-by: NHannes Reinecke <hare@suse.com>
Acked-by: NJohannes Thumshirn <jth@kernel.org>
Signed-off-by: NMartin K. Petersen <martin.petersen@oracle.com>

When a sequence times out we have no idea what happened to the
frame. And we do not know if we will ever receive the frame.
Hence we cannot re-use the xid as we would risk data corruption
if the xid had been re-used and the timed out frame would be
received after that.
So we need to quarantine the xid until the lport is reset.
Yes, I know this will (eventually) deplete the xid pool.
But for now it's the safest method.
Signed-off-by: NHannes Reinecke <hare@suse.com>
Reviewed-by: NBart Van Assche <bart.vanassche@sandisk.com>
Signed-off-by: NMartin K. Petersen <martin.petersen@oracle.com>

The cached exchange index might be invalid, in which case
we should drop down to allocate a new one.
And we should not try to access an invalid exchange when
responding to a BA_ABTS.
Signed-off-by: NHannes Reinecke <hare@suse.com>
Reviewed-by: NBart Van Assche <bart.vanassche@sandisk.com>
Signed-off-by: NMartin K. Petersen <martin.petersen@oracle.com>

We should be using the configured R_A_TOV value when sending the
exchange.
Signed-off-by: NHannes Reinecke <hare@suse.com>
Acked-by: NJohannes Thumshirn <jth@kernel.org>
Signed-off-by: NMartin K. Petersen <martin.petersen@oracle.com>

Signed-off-by: NHannes Reinecke <hare@suse.com>
Acked-by: NJohannes Thumshirn <jth@kernel.org>
Signed-off-by: NMartin K. Petersen <martin.petersen@oracle.com>

This reverts commit 3e22760d.

This revert came about because of efforts by Ewan Milne, Curtis Taylor
and I.  In researching this issue, significant performance issues were
seen on large CPU count systems using the software FCOE stack.  Hannes
also weighed in.

The same was not apparent on much smaller low count CPU systems.  The
behavior introduced by commit 3e22760d
lands sup with large count CPU systems seeing continual
blk_requeue_request() calls due to ML_QUEUE_HOST_BUSY.

fc_exch_alloc() used to try all the available exchange managers in the
list for an available exchange id, but this was changed in 2010 so that
if the first matched exchange manager couldn't allocate one, it fails
and we end up returning host busy.  This was due to commit:

Setting the ddp_min module parameter to fcoe to 128MB prevents the
->match function from permitting the use of the offload exchange manager
for the frame, and we no longer see the problem with host busy status,
since it uses the larger non-offloaded pool.

Reverting commit 3e22760d was tested to
also prevent the host busy issue due to failing allocations.
Suggested-by: NEwan Milne <emilne@redhat.com>
Suggested-by: NCurtis Taylor <cjt@us.ibm.com>
Tested-by: NLaurence Oberman <loberman@redhat.com>
Signed-off-by: NLaurence Oberman <loberman@redhat.com>

When all exchanges are reset the upper layers have already logged out of
the remote port, so the exchanges can be reset without sending any ABTS.
Signed-off-by: NHannes Reinecke <hare@suse.com>
Reviewed-by: NChad Dupuis <chad.dupuis@qlogic.com>
Tested-by: NChad Dupuis <chad.dupuis@qlogic.com>
Signed-off-by: NMartin K. Petersen <martin.petersen@oracle.com>

In the receive path libfc extracts a cpu number from the ox_id in the
fiber channel header and uses that to do a per_cpu_ptr conversion.  If,
for some reason, a frame is received with an invalid ox_id, per_cpu_ptr
will return an invalid pointer and the libfc receive path will panic the
system trying to use it.

I'm currently looking at such a case, and I don't yet know why a cpu
number > nr_cpu_ids is appearing in an exchange id.  But adding a sanity
check in libfc prevents a system panic, and seems like good idea when
dealing with frames coming in from the network.
Signed-off-by: NChris Leech <cleech@redhat.com>
Acked-by: NJohannes Thumshirn <jth@kernel.org>
Signed-off-by: NMartin K. Petersen <martin.petersen@oracle.com>

Due to patch "libfc: Do not invoke the response handler after
fc_exch_done()" (commit ID 7030fd62) the lport_recv() call
in fc_exch_recv_req() is passed a dangling pointer. Avoid this
by moving the fc_frame_free() call from fc_invoke_resp() to its
callers. This patch fixes the following crash:

general protection fault: 0000 [#3] PREEMPT SMP
RIP: fc_lport_recv_req+0x72/0x280 [libfc]
Call Trace:
 fc_exch_recv+0x642/0xde0 [libfc]
 fcoe_percpu_receive_thread+0x46a/0x5ed [fcoe]
 kthread+0x10a/0x120
 ret_from_fork+0x42/0x70
Signed-off-by: NBart Van Assche <bart.vanassche@sandisk.com>
Cc: stable <stable@vger.kernel.org>
Signed-off-by: NVasu Dev <vasu.dev@intel.com>
Signed-off-by: NJames Bottomley <JBottomley@Odin.com>

While the FCoE initiator driver invokes fc_exch_done() from inside
the libfc response handler, FCoE target drivers typically invoke
fc_exch_done() from outside the libfc response handler. The object
fc_exch.arg points at may disappear as soon as fc_exch_done() has
finished. So it's important not to invoke the response handler
function after fc_exch_done() has finished. Modify libfc such that
this guarantee is provided if fc_exch_done() is invoked from
outside a response handler. This patch fixes a sporadic crash in
FCoE target implementations after a command has been aborted.
Signed-off-by: NBart Van Assche <bvanassche@acm.org>
Cc: Neil Horman <nhorman@tuxdriver.com>
Signed-off-by: NRobert Love <robert.w.love@intel.com>

Reduce the time during which the exchange lock is held by allocating
a frame before obtaining the exchange lock.
Signed-off-by: NBart Van Assche <bvanassche@acm.org>
Cc: Neil Horman <nhorman@tuxdriver.com>
Signed-off-by: NRobert Love <robert.w.love@intel.com>

Calling fc_seq_send() after an ABTS message has been received triggers
a kernel warning (WARN_ON(!(ep->esb_stat & ESB_ST_SEQ_INIT))). Avoid
this by returning -ENXIO to the caller if fc_seq_send() is invoked after
an ABTS message has been received.
Signed-off-by: NBart Van Assche <bvanassche@acm.org>
Cc: Neil Horman <nhorman@tuxdriver.com>
Signed-off-by: NRobert Love <robert.w.love@intel.com>

This patch avoids that the WARN_ON(!(ep->esb_stat & ESB_ST_SEQ_INIT))
statement in fc_seq_send_locked() gets triggered sporadically when
running FCoE target code due to concurrent ep->esb_stat modifications.
Signed-off-by: NBart Van Assche <bvanassche@acm.org>
Cc: Neil Horman <nhorman@tuxdriver.com>
Signed-off-by: NRobert Love <robert.w.love@intel.com>

It is allowed to pass a zero timeout value to fc_seq_exch_abort().
Avoid that this can cause the timeout function to drop the exchange
reference before it has been increased by fc_exch_timer_set_locked().
This patch fixes a crash when running FCoE target code with poisoning
enabled in the memory allocator.
Signed-off-by: NBart Van Assche <bvanassche@acm.org>
Cc: Neil Horman <nhorman@tuxdriver.com>
Signed-off-by: NRobert Love <robert.w.love@intel.com>

The condition ep != NULL && ep->xid != xid can never be met. Make
this explicit.
Signed-off-by: NBart Van Assche <bvanassche@acm.org>
Cc: Neil Horman <nhorman@tuxdriver.com>
Signed-off-by: NRobert Love <robert.w.love@intel.com>

Convert a loop into an ilog2() call. Although this code is not performance
sensitive this conversion makes this code easier to read.
Signed-off-by: NBart Van Assche <bvanassche@acm.org>
Cc: Neil Horman <nhorman@tuxdriver.com>
Signed-off-by: NRobert Love <robert.w.love@intel.com>

The second argument of fc_lport_error() may be a valid frame pointer.
Hence only print it as an error code if it really is an error code.

Debug statements must end in a newline. Add one where it is missing.
Signed-off-by: NBart Van Assche <bvanassche@acm.org>
Cc: Neil Horman <nhorman@tuxdriver.com>
Signed-off-by: NRobert Love <robert.w.love@intel.com>

Change 'initiaive' into 'initiative', 'remainig' into 'remaining'
and change 'exected' into 'expected'.
Signed-off-by: NBart Van Assche <bvanassche@acm.org>
Signed-off-by: NRobert Love <robert.w.love@intel.com>

There are two debug statements with the same output string regarding
echange timer cancellation. This patch simply changes the output of
one string so that they can be differentiated.
Signed-off-by: NRobert Love <robert.w.love@intel.com>
Tested-by: NJack Morgan <jack.morgan@intel.com>
Acked-by: NNeil Horman <nhorman@tuxdriver.com>

Simply remove an extra space that violates coding style.
Signed-off-by: NRobert Love <robert.w.love@intel.com>
Tested-by: NJack Morgan <jack.morgan@intel.com>
Acked-by: NNeil Horman <nhorman@tuxdriver.com>

This warning was reported recently:

WARNING: at drivers/scsi/libfc/fc_exch.c:478 fc_seq_send+0x14f/0x160 [libfc]()
(Not tainted)
Hardware name: ProLiant DL120 G7
Modules linked in: tcm_fc target_core_iblock target_core_file target_core_pscsi
target_core_mod configfs dm_round_robin dm_multipath 8021q garp stp llc bnx2fc
cnic uio fcoe libfcoe libfc scsi_transport_fc scsi_tgt autofs4 sunrpc
pcc_cpufreq ipv6 hpilo hpwdt e1000e microcode iTCO_wdt iTCO_vendor_support
serio_raw shpchp ixgbe dca mdio sg ext4 mbcache jbd2 sd_mod crc_t10dif pata_acpi
ata_generic ata_piix hpsa dm_mirror dm_region_hash dm_log dm_mod [last unloaded:
scsi_wait_scan]
Pid: 5464, comm: target_completi Not tainted 2.6.32-272.el6.x86_64 #1
Call Trace:
 [<ffffffff8106b747>] ? warn_slowpath_common+0x87/0xc0
 [<ffffffff8106b79a>] ? warn_slowpath_null+0x1a/0x20
 [<ffffffffa025f7df>] ? fc_seq_send+0x14f/0x160 [libfc]
 [<ffffffffa035cbce>] ? ft_queue_status+0x16e/0x210 [tcm_fc]
 [<ffffffffa030a660>] ? target_complete_ok_work+0x0/0x4b0 [target_core_mod]
 [<ffffffffa030a766>] ? target_complete_ok_work+0x106/0x4b0 [target_core_mod]
 [<ffffffffa030a660>] ? target_complete_ok_work+0x0/0x4b0 [target_core_mod]
 [<ffffffff8108c760>] ? worker_thread+0x170/0x2a0
 [<ffffffff810920d0>] ? autoremove_wake_function+0x0/0x40
 [<ffffffff8108c5f0>] ? worker_thread+0x0/0x2a0
 [<ffffffff81091d66>] ? kthread+0x96/0xa0
 [<ffffffff8100c14a>] ? child_rip+0xa/0x20
 [<ffffffff81091cd0>] ? kthread+0x0/0xa0
 [<ffffffff8100c140>] ? child_rip+0x0/0x20

It occurs because fc_seq_send can have multiple contexts executing within it at
the same time, and fc_seq_send doesn't consistently use the ep->ex_lock that
protects this structure.  Because of that, its possible for one context to clear
the INIT bit in the ep->esb_state field while another checks it, leading to the
above stack trace generated by the WARN_ON in the function.

We should probably undertake the effort to convert access to the fc_exch
structures to use rcu, but that a larger work item.  To just fix this specific
issue, we can just extend the ex_lock protection through the entire fc_seq_send
path
Signed-off-by: NNeil Horman <nhorman@tuxdriver.com>
Reported-by: NGris Ge <fge@redhat.com>
CC: Robert Love <robert.w.love@intel.com>
Signed-off-by: NRobert Love <robert.w.love@intel.com>

Add exch timeout info to have debug log with exch timeout
value to match with retries, also add debug info
on exch timer cancel.

Added common fc_exch_timer_cancel() func and grouped this
along with fc_exch_timer_set() function, so that
added debug code is not repeated.
Signed-off-by: NVasu Dev <vasu.dev@intel.com>
Signed-off-by: NRobert Love <robert.w.love@intel.com>
Signed-off-by: NJames Bottomley <JBottomley@Parallels.com>

Updates newly added stats from fc_get_host_stats,
added new function fc_exch_update_stats to
update exches related stats from fc_exch.c
by going thru internal ema_list elements.
Signed-off-by: NVasu Dev <vasu.dev@intel.com>
Acked-by : Robert Love <robert.w.love@intel.com>
Tested-by: NRoss Brattain <ross.b.brattain@intel.com>
Signed-off-by: NJames Bottomley <JBottomley@Parallels.com>

The libfc is used by fcoe but fcoe agnostic,
and therefore should not have any fcoe references.

So renaming fcoe_dev_stats from libfc as its for fc_stats.
After that libfc is fcoe string free except some strings for
Open-FCoE.org.
Signed-off-by: NVasu Dev <vasu.dev@intel.com>
Acked-by : Robert Love <robert.w.love@intel.com>
Tested-by: NRoss Brattain <ross.b.brattain@intel.com>
Acked-by: NBhanu Prakash Gollapudi <bprakash@broadcom.com>
Signed-off-by: NJames Bottomley <JBottomley@Parallels.com>

Starting fcoe fails at fcoe_transport_create when attempting to allocate a
pool of 4K exchanges on a 64-bit single-CPU environment because the call to
__alloc_percpu() is greater than the max of 32K.  This patch reduces the
number of exchanges to fit within the maximum allowed space.

[ Whitespace problems fixed by Robert Love to satisfy chechpatch.pl ]
Signed-off-by: NSteven Clark <sclark@crossbeam.com>
Signed-off-by: NRobert Love <robert.w.love@intel.com>
Signed-off-by: NJames Bottomley <JBottomley@Parallels.com>

Adding and removing the host into the zone causes this panic.

BUG: unable to handle kernel NULL pointer dereference at 00000000000000a0
IP: [<ffffffffa0491707>] fc_exch_recv+0xc57/0xe70 [libfc]
Call Trace:
[<ffffffffa050e04b>] bnx2fc_l2_rcv_thread+0x37b/0x430 [bnx2fc]
[<ffffffffa050dcd0>] ? bnx2fc_l2_rcv_thread+0x0/0x430 [bnx2fc]
[<ffffffff81090886>] kthread+0x96/0xa0
[<ffffffff8100c14a>] child_rip+0xa/0x20
[<ffffffff810907f0>] ? kthread+0x0/0xa0
[<ffffffff8100c140>] ? child_rip+0x0/0x20

During fc_exch_reset, the active exchanges are aborted and the exch is deleted.
As part of processing ABTS response, due to 'ep' being NULL, any access to ep in
fc_exch_recv_bls() causes this panic. Fixed to access 'ep' only if non-NULL.
Reviewed-by: NNeerav Parikh <neerav.parikh@intel.com>
Signed-off-by: NBhanu Prakash Gollapudi <bprakash@broadcom.com>
Signed-off-by: NRobert Love <robert.w.love@intel.com>
Signed-off-by: NJames Bottomley <JBottomley@Parallels.com>

Avoid that sparse complains about missing declarations for local
functions by declaring these static or by adding an #include directive.
Add the __percpu annotation where it is missing.
Signed-off-by: NBart Van Assche <bvanassche@acm.org>
Reviewed-by: NYi Zou <yi.zou@intel.com>
Signed-off-by: NRobert Love <robert.w.love@intel.com>
Signed-off-by: NJames Bottomley <JBottomley@Parallels.com>

For the basic SCSI infrastructure files that are exporting symbols
but not modules themselves, add in the basic export.h header file
to allow the exports.
Signed-off-by: NPaul Gortmaker <paul.gortmaker@windriver.com>

Currently timer delay is large and is using msleep to avoid
avoid exchanges collision across lport reset, so instead
do this by initializing exches pool indexes during
reset also.
Signed-off-by: NVasu Dev <vasu.dev@intel.com>
Tested-by: NBhanu Prakash Gollapudi <bprakash@broadcom.com>
Signed-off-by: NYi Zou <yi.zou@intel.com>
Signed-off-by: NJames Bottomley <JBottomley@Parallels.com>

Its checked after skb freed, so instead have fh_type
cached and then check FC_TYPE_BLS against cached
fh_type value.

This wrong check was causing double exch locking as
reported by Bhanu at
https://lists.open-fcoe.org/pipermail/devel/2011-October/011793.htmlSigned-off-by: NVasu Dev <vasu.dev@intel.com>
Tested-by: NBhanu Prakash Gollapudi <bprakash@broadcom.com>
Signed-off-by: NYi Zou <yi.zou@intel.com>
Signed-off-by: NJames Bottomley <JBottomley@Parallels.com>