The Linux SG_IO ioctl in the 2.6 series
生活随笔
收集整理的這篇文章主要介紹了
The Linux SG_IO ioctl in the 2.6 series
小編覺得挺不錯的,現在分享給大家,幫大家做個參考.
http://gmd20.blog.163.com/blog/static/1684392320100227396270/
原文地址:http://sg.danny.cz/sg/sg_io.html
The? Linux SG_IO ioctl in the 2.6 series
Introduction
The? SG_IO ?ioctl permits user applications to send SCSI commands to a device. In the linux 2.4 series this ioctl was on ly available via the SCSI generic (sg) driver. In the linux 2.6 series the SG_IO ioctl is additionally available for block devices and SCSI tape (st) devices.? So there are multiple implementations of this ioctl within the kernel with slightly different characteristics and describing these is the purpose of this document.The information in this page is valid for linux kernel 2.6.16 .
SCSI and related command sets
All SCSI devices should respond to an INQUIRY command and part of their response is the so-called peripheral device type. This is used by the linux kernel to decide which upper level driver controls the device. There are also devices that belong to other (i.e. not considered SCSI) transports that use SCSI command sets, the primary examples of this are (S-)ATAPI CD and DVD drives. Not all peripheral device types map to upper level drivers and devices of these types are usually accessed via the SCSI generic (sg) driver.
SCSI (draft) standards are found at? www.t10.org ?. SCSI commands common to all SCSI devices are found in SPC-4 while those specific to block devices are found in SBC-2, those for CD/DVD drives are found in MMC-5 and those for SCSI tape drives are found in SSC-3.
The major non-SCSI command set in the storage area is for ATA? non-packet ?devices which are typically disks. ATA packet ?devices use ATAPI which in the vast majority of cases carry a SCSI command set. The most recent draft ATA command set standard is ATA8-ACS and can be found at? www.t13.org ?. To complicate things (non-packet) ATA devices may have their native command set translated into SCSI. This can happen in the kernel (e.g. libata in linux) or in an intermediate device (e.g. in a USB external disk enclosure). Yet another possibility are disks whose firmware can be changed to allow them to use either the SCSI or ATA command set, this may happen in the SAS/SATA area since the physical (cabling) and phy (electrical signalling) levels are so similar.
SG_IO ioctl overview
The third argument given to the SG_IO ioctl is a pointer to an instance of the sg_io_hdr structure which is defined in the <scsi/sg.h> header file. The execution of the SG_IO ioctl can viewed as going through three phases:Now we will assume that the SCSI command involves user da ta being transferred to or from the device. The SCSI subsystem does not support true bidirectional da ta transfers to a device. All da ta DMA transfers (assuming the hardware supports DMA) occur in phase 2. However, if indirect IO is being used (i.e. neither direct IO nor mmap-ed transfers) then either:
- data is read from the user space in phase 1 into kernel buffers and DMA-ed to the device in phase 2, or
- data is read from the device into kernel buffers in phase 2 and written into the user space in phase 3
The sg_io_hdr structure has 22 fields (members) but typically on ly a small number of them need to be set. The following co de fragment shows the setup for a simple TEST UNIT READY SCSI command which has no associated da ta transfers:
????
??? unsigned char sense_b[32];
??? unsigned char turCmbBlk[] = {TUR_CMD, 0, 0, 0, 0, 0};
??? struct sg_io_hdr io_hdr;
??? memset(&io_hdr, 0, sizeof(struct sg_io_hdr));
??? io_hdr.interface_id = 'S';
??? io_hdr.cmd_len = sizeof(turCmbBlk);
??? io_hdr.mx_sb_len = sizeof(sense_b);
??? io_hdr.dxfer_direction = SG_DXFER_NONE;
??? io_hdr.cmdp = turCmbBlk;
??? io_hdr.sbp = sense_b;
??? io_hdr.timeout = DEF_TIMEOUT;
??? if (ioctl(fd, SG_IO, &io_hdr) < 0) {
The memset() call is pretty imp ortant, setting unused input fields to safe values. Setting the timeout field to zero is not a good idea; 30,000 (for 30 seconds) is a reasonable default for most SCSI commands. As always, good error processing consumes a lot more co de. This is especially the case with SCSI commands that yield "sense da ta" when something goes wrong. For example, if there is a medium error during a disk read, the sense da ta will contain the logical block address (lba) of the failure. Another error processing example is a SCSI command that the device considers an "illegal request", the sense da ta may show the byte and bit position of the field in the command block (usually referred to as a "cdb") that it objects to. For examples on error processing please refer to the sg3_utils package, its "examples" directory and its library components: sg_lib.c (SCSI error processing and tables) and sg_cmds.c (common SCSI commands).
Below is a grouping of imp ortant sg_io_hdr structure fields with brief summaries:
Command block (historically referred to as the "cdb"):
- cmdp - pointer to cdb (the SCSI command block)
- cmd_len - length (in bytes) of cdb
- dxferp - pointer to user data to start reading from or start writing to
- dxfer_len - number of bytes to transfer
- dxfer_direction - whether to read from device (into user memory) or write to device (from user memory) or transfer no data: DXFER_FROM_DEV, DXFER_TO_DEV or DXFER_NONE respectively
- resid - requested number of bytes to transfer (i.e. dxfer_len) less the actual number transferred
- status - SCSI status returned from the device
- host_status - error from Host Bus Adapter including initiator (port)
- driver_status - driver (mid level or low level driver) error and suggestion mask
- sbp - pointer to start writing sense data to
- mx_sb_len - maximum number of bytes to write to sbp
- sb_len_wr - actual number of bytes written to sbp
SG_IO ioctl in the sg driver
Linux kernel 2.4.0 was the first production kernel in which the SG_IO ioctl appeared in the SCSI generic (sg) driver. The sg driver itself has been in linux since around 1993. An instance of the sg_io_hdr structure in the sg driver can either be:
- pointed to by the third argument of the SG_IO ioctl
- pointed to by the second argument of UNIX write() or read() system calls which have a file descriptor of a sg device node as their first argument
- a new metadata structure (sg_io_hdr) as an alternative to the original mixed metadata and data structure (sg_header)
- the SG_IO ioctl that used the new metadata structure and was synchronous: it sent a SCSI command and waited for its reply
A significant feature of the SG_IO ioctl in the sg driver is that it is user interruptible. This means between issuing a command (e.g. a long duration command like a disk format) and its response arriving a user could hit control-C on the associated application. The kernel would remain stable and resources would be cleared up at the appropriate time. The sg driver does not attempt to abort such a command that is "in flight", it simply throws away the response and cleans up. Naturally the user has no direct way of finding out whether an interrupted command succeeded or not, by there may be indirect ways.
A warning may also be in order here: a long duration command such as format would typically be given a long timeout value. If the user interrupted the application that sent the format command then the device may remain busy doing the format (especially if the IMMED bit is not set). So if the user then sent a short duration command such as TEST UNIT READY or REQUEST SENSE to see what the device was doing, these commands may timeout. This would invoke the SCSI subsystem error handler which would most likely send a device reset, thus aborting the format, to get the device's attention. This is probably not what the user had in mind!
SG_IO ioctl differences
In the following table, sg_io_hdr structure fields are listed in the order they appear in that structure. Basically the "in" fields appear at the top of the structure and are read in phase 1. The latter fields are termed as "out" and are written by the SG_IO implementation in phase 3.
?
| sg_io_hdr field | in or out | type | different | brief description including differences between implementations |
| interface_id | in | int | ? | guard field. Current implementations only accept " (int)'S' ". If not set, the sg driver sets errno to ENOSYS while the block layer sets it to EINVAL |
| dxfer_direction | in | (-ve) int | minor | direction of data transfer. SG_DXFER_NONE and friends are defined as negative integers so the sg driver can discriminate between sg_io_hdr instances and those of sg_header. This nuance is irrelevant to non-sg driver usage of SG_IO. See below. |
| cmd_len | in | unsigned char | ? | limits command length to 255 bytes. No SCSI commands (even variable length ones in OSD) are this long (yet) |
| max_sb_len | in | unsigned char | ? | maximum number of bytes of sense data that the driver can output via the sbp pointer |
| iovec_count | in | unsigned short | yes | if not sg driver and greater than zero then the SG_IO ioctl fails with errno set to EOPNOTSUPP; sg driver treats dxferp as a pointer to an array struct sg_iovec when this field is greater than zero |
| dxfer_len | in | unsigned int | minor | number of bytes of data to transfer to or from the device. Upper limit for block devices related to/sys/block/<device>/queue/max_sectors_kb |
| dxferp | in [*in or *out] | void * | minor | pointer to (user space) data to transfer to (if reading from device) or transfer from (if writing to device). Further level of indirection in the sg driver when iovec_count is greater than 0 . |
| cmdp | in [*in] | unsigned char * | ? | pointer to SCSI command. The SG_IO ioctl in the sg drive fails with errno set to? EMSGSIZE if cmdp is NULL and EFAULT if it is invalid; the block layer sets errno to EFAULT? in both cases. |
| sbp | in [*out] | unsigned char * | ? | pointer to user data area where no more than max_sb_len bytes of sense data from the device will be written if the SCSI status is CHECK CONDITION.? |
| timeout | in | unsigned int | yes? (if = 0) | time in milliseconds that the SCSI mid-level will wait for a response. If that timer expires before the command finishes, then the command may be aborted, the device (and maybe others on the same interconnect) may be reset depending on error handler settings. Dangerous stuff, the SG_IO ioctl has no control (through this interface) of exactly what happens. In the sg driver a timeout value of 0 means 0 milliseconds, in the block layer (currently) it means 60 seconds. |
| flags | in | unsigned int | yes | Block layer SG_IO ioctl ignores this field; the sg driver uses it to request special services like direct IO or mmap-ed transfers. It is a bit mask. |
| pack_id | in -> out | int | ? | unused (for user space program tag) |
| usr_ptr | in -> out | void * | ? | unused (for user space pointer tag) |
| status | out | unsigned char | ? | SCSI command status, zero implies GOOD |
| masked_status | out | unsigned char | ? | Logically: masked_status == ((status & 0x3e) >> 1). Old linux SCSI subsystem usage, deprecated. |
| msg_status | out | unsigned char | ? | SCSI parallel interface (SPI) message status (very old, deprecated) |
| sb_len_wr | out | unsigned char | ? | actual length of sense data (in bytes) output via sbp pointer. |
| host_status | out | unsigned short | ? | error reported by the initiator (port). These are the "DID_*" error codes in scsi.h |
| driver_status | out | unsigned short | ? | bit mask: error and suggestion reported by the low level driver (LLD). These are the "DRIVER_*" error codes in scsi.h |
| resid | out | int | ? | (dxfer_len - number_of_bytes_actually_transferred). Typically only set when there is a shortened DMA transfer from the device.? Not necessarily an error. Older LLDs always yield zero. |
| duration | out | unsigned int | ? | number of milliseconds that elapsed between when the command was injected into the SCSI mid level and the corresponding "done" callback was invoked. Roughly the duration of the SCSI command in milliseconds. |
| info | out | unsigned int | minor | bit mask indicating what was done (or not) and whether any error was detected. Block layer SG_IO ioctl only sets SG_INFO_CHECK if an error was detected |
The DID_* and DRIVER_* error and suggestion codes (associated with host_status and driver_status) are discussed in more detail in the? SCSI-Generic-HOWTO ?document.
open() considerations
Various drivers have different characteristics when a device node is opened. On e problem with the ioctl system call is that a user on ly needs read permissions to execute it but may, with the ioctls like SG_IO, write to a device (e.g. format it).? Command (operation co de) sniffing logic is used to overcome this security problem. Also users of the SG_IO ioctl need to be aware when they "share" a device with sd, st or a cdrom driver that state machines within those drivers may be tricked. This may be unavoidable but the users of the SG_IO ioctl should take appropriate care.Opening a file in linux with flags of zero implies the O_RDONLY flag and hence read on ly access. All open() system calls can yield ENOENT (no such file or directory); ENODEV (no such device) if the file exists but there is no attached device and EACCES (permission denied) if the user doesn't have appropriate permissions.
A user with CAP_SYS_RAWIO capability (normally associated with the "root" user) bypasses all command sniffing and other access controls that would otherwise lead to EACCES or EPERM errors. With the sg driver such a user may still need to open() a device node with O_RDWR (rather than O_RDONLY) to use all SCSI commands.
| open() flags | sg notes | sd notes | st notes | cdrom notes | Comments |
| <none> or O_RDONLY | 1, 2 | 3,4 | 3,5 | 3,6 | best to add O_NONBLOCK. For a device with removable media (e.g. tape drive) that depends on whether the drive or its media is being accessed. |
| O_RDONLY | O_NONBLOCK | 1,7 | 3 | 3,13 | 3 | recommended when SCSI commands are recognized as reading information from the device |
| O_RDWR | 2 | 4,8,9 | 5,8,9 | 6,8,9 | again, could be better to add O_NONBLOCK |
| O_RDWR | O_NONBLOCK | 7 | 8,9 | 8,9,13 | 8,9 | recommended when arbitrary (including vendor specific) SCSI commands are to be sent |
| << interaction with O_EXCL>> | 10 | 11 | 12 | 11 | only use when sure that no other application may want to access the device (or partition). A surprising number of applications do "poke around" devices. |
| << interaction with O_DIRECT>> | - | --> | - | --> | requires sector alignment on data transfers (ignored by sg and st) |
Notes :
The first successful open on a sd or a cdrom device node that has removable media will send a PREVENT ALLOW MEDIUM REMOVAL (prevent) SCSI command to the device. If successful, this will inhibit a subsequent START STOP UNIT (eject) SCSI command and de-activate the eject button on the drive. In emergencies, the SG_IO ioctl can be used to defeat this act ion, an example of this is the? sdparm ?utility, specifically "sdparm --command=unlock".
The open() flag O_NDELAY has the same value and meaning as O_NONBLOCK. Other flags such as O_DIRECT, O_TRUNC and O_APPEND have no effect on the SG_IO ioctl.
SCSI command permissions
In linux a user on ly needs read permissions on a file descriptor to execute an ioctl() system command. In the case of the SG_IO ioctl, a SCSI command could be sent that obviously changes the state of a device (e.g. WRITE to a disk). So both implementations of the SG_IO ioctl require more than read permissions for some commands, especially those that are known to change the state of a device or those that have some unknown act ion (e.g. vendor specific commands).Here is a table of SCSI commands that don't need the user to have write permissions (or in some cases CAP_SYS_RAWIO capability which usually equates to "root" user):
| SCSI command | (draft) standard | sg driver requires | block layer SG_IO requires (except st) | Comments |
| BLANK | MMC-4 | O_RDWR | O_RDWR | ? |
| CLOSE TRACK/SESSION | MMC-4 | O_RDWR | O_RDWR | ? |
| ERASE | MMC-4 | O_RDWR | O_RDWR | ? |
| FLUSH CACHE | SBC-3, MMC-4 | O_RDWR | O_RDWR | Really SYNCHRONIZE CACHE command |
| FORMAT UNIT | SBC-3, MMC-4 | O_RDWR | O_RDWR | default command timeout may not be long enough |
| GET CONFIGURATION | MMC-4 | O_RDWR | O_RDONLY | reads CD/DVD metadata |
| GET EVENT STATUS NOTIFICATION | MMC-4 | O_RDWR | O_RDONLY | ? |
| GET PERFORMANCE | MMC-4 | O_RDWR | O_RDONLY | ? |
| INQUIRY | SPC-4 | O_RDONLY | O_RDONLY | All SCSI devices should respond to this command |
| LOAD UNLOAD MEDIUM | MMC-4 | O_RDWR | O_RDWR | MEDIUM may be replaced by CD, DVD or nothing |
| LOG SELECT | SPC-4 | O_RDWR | O_RDWR | used to change logging or clear logged data |
| LOG SENSE | SPC-4 | O_RDONLY | O_RDONLY | used to fetch logged data |
| MAINTENANCE COMMAND IN | SPC-4 | O_RDONLY | CAP_SYS_RAWIO | various "REPORT ..." commands such as REPORT SUPPORTED OPERATION CODES in here |
| MODE SELECT (6+10) | SPC-4 | O_RDWR | O_RDWR | Used to change SCSI device metadata |
| MODE SENSE (6+10) | SPC-4 | O_RDONLY | O_RDONLY | Used to read SCSI device metadata |
| PAUSE RESUME | MMC-4 | O_RDWR | O_RDONLY | ? |
| PLAY AUDIO (10) | MMC-4 | O_RDWR | O_RDONLY | ? |
| PLAY AUDIO MSF | MMC-4 | O_RDWR | O_RDONLY | ? |
| PLAY AUDIO TI | ?? | O_RDWR | O_RDONLY | opcode 0x48, unassigned to? any spec in SPC-4 |
| PLAY CD | MMC-2 | O_RDWR | O_RDONLY | old, now SPARE IN in SPC-4 |
| PREVENT ALLOW MEDIUM REMOVAL | SPC-4, MMC-4 | O_RDWR | O_RDWR | sd, st and cdrom drivers use this internally |
| READ (6+10+12+16) | SBC-3 | O_RDONLY | O_RDONLY | READ(16) requires O_RDWR with the sg driver before lk2.6.11 |
| READ BUFFER | SPC-4 | O_RDONLY | O_RDONLY | ? |
| READ BUFFER CAPACITY | MMC-4 | O_RDWR | O_RDONLY | ? |
| READ CAPACITY(10) | SBC-3, MMC-4 | O_RDONLY | O_RDONLY | ? |
| READ CAPACITY(16) | SBC-3, MMC-4 | O_RDONLY | CAP_SYS_RAWIO | within SERVICE ACTION IN command. Needed for RAIDs larger than 2 TB |
| READ CD | MMC-4 | O_RDWR | O_RDONLY | ? |
| READ CD MSF | MMC-4 | O_RDWR | O_RDONLY | ? |
| READ CDVD CAPACITY | SBC-3, MMC-4 | O_RDONLY | O_RDONLY | Strange (old ?) name from cdrom.h . Actually is READ CAPACITY. |
| READ DEFECT (10) | SBC-3 | O_RDWR | O_RDONLY | ? |
| READ DISC INFO | MMC-4 | O_RDWR | O_RDONLY | ? |
| READ DVD STRUCTURE | MMC-4 | O_RDWR | O_RDONLY | ? |
| READ FORMAT CAPACITIES | MMC-4 | O_RDWR | O_RDONLY | ? |
| READ HEADER | MMC-2 | O_RDWR | O_RDONLY | ? |
| READ LONG (10) | SBC-3 | O_RDONLY | O_RDONLY | but not READ LONG (16) |
| READ SUB-CHANNEL | MMC-4 | O_RDWR | O_RDONLY | ? |
| READ TOC/PMA/ATIP | MMC-4 | O_RDWR | O_RDONLY | ? |
| READ TRACK (RZONE) INFO | MMC-4 | O_RDWR | O_RDONLY | In MMC-4 called READ TRACK INFO |
| RECEIVE DIAGNOSTIC | SPC-4 | O_RDONLY | CAP_SYS_RAWIO | the SES command set uses this command a lot. An SES device is only accessible via an sg device node |
| REPAIR (RZONE) TRACK | MMC-4 | O_RDWR | O_RDWR | ? |
| REPORT KEY | MMC-4 | O_RDWR | O_RDONLY | ? |
| REPORT LUNS | SPC-4 | O_RDONLY | CAP_SYS_RAWIO | mandatory since SPC-3 |
| REQUEST SENSE | SPC-4 | O_RDONLY | O_RDONLY | has uses other than those displaced by autosense |
| RESERVE (RZONE) TRACK | MMC-4 | O_RDWR | O_RDWR | ? |
| SCAN | MMC-4 | O_RDWR | O_RDONLY | ? |
| SEEK | MMC-4 | O_RDWR | O_RDONLY | ? |
| SEND CUE SHEET | MMC-4 | O_RDWR | O_RDWR | ? |
| SEND DVD STRUCTURE | MMC-4 | O_RDWR | O_RDWR | ? |
| [SEND EVENT] | MMC-2 | ? | O_RDWR | cdrom.h associates opcode 0xa2 but MMC-2 uses opcode 0x5d ?? |
| SEND KEY | MMC-4 | O_RDWR | O_RDWR | ? |
| SEND OPC INFORMATION | MMC-4 | O_RDWR | O_RDWR | ? |
| SERVICE ACTION IN | SPC-4, SBC-3 | O_RDONLY | CAP_SYS_RAWIO | READ CAPACITY (16) service action in here |
| SET CD SPEED | MMC-4 | O_RDWR | O_RDWR | cdrom.h calls this SET SPEED |
| SET STREAMING | MMC-4 | O_RDWR | O_RDWR | ? |
| START STOP UNIT | SBC-3, MMC-4 | O_RDWR | O_RDONLY | hmm |
| STOP PLAY/SCAN | MMC-4 | O_RDWR | O_RDONLY | ? |
| SYNCHRONIZE CACHE | SBC-3, MMC-4 | O_RDWR | O_RDWR | cdrom.h calls this FLUSH CACHE |
| TEST UNIT READY | SPC-4 | O_RDONLY | O_RDONLY | All SCSI devices should respond to this command |
| VERIFY (10+16) | SBC-3, MMC-4 | O_RDWR | O_RDONLY | ? |
| WRITE (6+10+12+16) | SBC-3 | O_RDWR | O_RDWR | ? |
| WRITE LONG (10+16) | SBC-3 | O_RDWR | O_RDWR | ? |
| WRITE VERIFY (10+16) | SBC-3, MMC-4 | O_RDWR | O_RDWR | only WRITE VERIFY(10) is in MMC-4 |
Any other SCSI command (opcode) not mentioned for the sg driver needs O_RDWR. Any other SCSI command (opcode) not mentioned for the block layer SG_IO ioctl needs a user with CAP_SYS_RAWIO capability. All "block" SG_IO ioctl calls on st device nodes need a user with CAP_SYS_RAWIO capability. If a user does not have sufficient permissions to execute a SCSI command via the SG_IO ioctl then the system calls fails (i.e. no SCSI command is sent) and errno is set to EPERM (operation not permitted).
Both the sg driver and the block layer SG_IO co de use internal tables to enforce the permissions shown in the above table (allow_ops and cmd_type [safe_for_read and safe_for_write] respectively). This technique doesn't scale well, since more advanced command sets (e.g. OSD) use service actions (and on e opcode: 0x7f in the case of OSD). There may also be overlap in opcode usage between command sets, for example between SBC, MMC and SSC.
CAP_SYS_RAWIO from a user process
While root processes usually have CAP_SYS_RAWIO, processes running under a user's ID (i.e. non-root) typically don't. Hence non-root processes may not be able to use SG_IO to send SCSI commands that require CAP_SYS_RAWIO. This may occur even if the permission bits of the device node file allow for read or write access, user processes will receive EPERM when using SG_IO.?By default the capability to assign capabilities to other processes (CAP_SETPCAP) is limited to very few processes, such as certain kernel threads. Changing this default would require to change and recompile the kernel.
Processes which are forked by a root process and call setuid later will lose the CAP_SYS_RAWIO capability the parent root process (and the child before the setuid) had. However, the child can preserve the capabilities of the root process in the permitted set and raise it after the call of setuid:
/* ... in child after fork(), still running as root ... */
prctl(PR_SET_KEEPCAPS, 1, 0, 0, 0);
setuid(...);
cap_set_proc(cap_from_text("cap_sys_rawio+ep"));
This way a user process with a parent root process can 'get back' the required capabilities to directly send SCSI commands to a device via SG_IO.
The above technique may be of use to daemons that are started with root permissions (most are) and then changes to another user after a fork(). It is not obvious to the author how utilities that use the SG_IO ioctl on device nodes that require CAP_SYS_RAWIO for some or all SCSI commands (e.g. nodes associated with the sd and st drivers) can use the above technique.
SG_IO and the st driver
In order to implement its user space API, the st driver has to maintain information about where the read head is with respect to the structural elements of the tape (filemarks, beginning of tape, end of da ta). Because the streaming device SCSI commands don't have addresses, the st driver has to know what commands have been sent. When reading, the filemarks are noticed when a read fails and sense da ta is fethed. If SG_IO is mixed with tape commands, the st driver may lose information (it does not look at the SG_IO commands and results). Because of this, the st driver may not implement the semantics the user expects. If the user accepts this or knows when using? SG_IO does not cause information loss, then using SG_IO is OK.So mixing st driver read, write and ioctl commands with SCSI commands sent via SG_IO that change the state of the tape is not recommended. This applies whether the SG_IO SCSI commands are sent via st or sg device nodes.
Maximum transfer size per command
The largest amount of da ta that can be transferred by a single SCSI command is often a concern. Various SCSI command sets (e.g. SBC-3 for disk READs and WRITEs, SSC-3 for tape READs and WRITEs, and SPC-4 for READ+WRITE BUFFER) allow very large da ta transfer sizes but Linux is not so accommodating. The Host Bus Adapter (HBA) could have transfer size limits as could the transport and finally the SCSI device itself. In the latter case SBC-3 defines a "Block Limits" Vital Product Da ta (VPD) while SSC has the READ BLOCK LIMITS SCSI command. SBC-3's optional Block Limits VPD page contains both maximum and optimal counts. In the author's opinion that latter distinction is very imp ortant: the block susbsystem should try and use optimal sizes while pass through users should on ly be constrained by maximum sizes. Also if a pass through user exceeds a maximum transfer size imposed by a SCSI device, then the device can report an error. There is an underlying assumption that the applications using a pass through interface know what they are doing, or at least know more than the various kernel susbsystems. On the other hand, the kernel has the responsibility to allocate critical shared resources such as memory.In the past, Linux used a single, "big-enough", block of memory for the source or destination of large da ta transfers. Then scatter-gather lists where added to break transfers up into smaller (often "page" size (4 KB on i386 architecture)) chunks which made memory management easier for the kernel. Now, in the lk 2.6 series, the single block of memory option is being phased out.?
The Linux SCSI subsystem imposes a 128 element limit on scatter gather lists via its SCSI_MAX_PHYS_SEGMENTS define. The way various memory pools are allocated by the linux SCSI subsystem, SCSI_MAX_PHYS_SEGMENTS could be increased to 256. Associated with each type of HBA there is normally a low level driver (LLD). Each LLD can further limit the maximum number of elements with the scsi_host_template::sg_tablesize field. Prior to lk 2.6.16 the sg and st drivers used the .sg_tablesize field on ly, since lk 2.6.16 those drivers are also constrained by SCSI_MAX_PHYS_SEGMENTS. This leads to a potential halving of the maximum transfer size. Many LLDs set the .sg_tablesize field to SG_ALL (which is 255) but they may as well set that field to 256 unless the HBA hardware has a constraint.
User space memory may be allocated as the source and/or destination for DMA transfers from the HBA (i.e. direct IO). Even if the user space allocated a large amount of memory with a single malloc(), the HBA DMA element typically has a different view of memory. This view may well contain many "page" size discontinuous pieces. This has the effect of using up, or perhaps exhausting, scatter-gather elements.
The sg driver attempts to build scatter gather lists with each element up to SG_SCATTER_SZ bytes large. This define is found in include/scsi/sg.h and has been set to 32 KB for some years. That is 8 times the page size (of 4 KB) on the i386 architecture. Some users who need really large transfers increase this define (and it is best to keep it a power of 2). However since lk 2.6.16 another limit comes into play: the MAX_SEGMENT_SIZE define which is set to 64 KB. MAX_SEGMENT_SIZE is a default and can be overridden by the LLD calling blk_queue_max_segment_size().
In lk 2.6.16 two further LLD parameters come into play even when the sg (and st) driver is used. These are scsi_host_template::max_sectors and scsi_host_template::use_clustering .??
The .max_sectors setting in the LLD is the maximum number of 512 byte sectors allowed in a single SCSI command's scatter gather lists (for da ta transfers). Yes, that is a strange limit when trying to send a SCSI WRITE BUFFER command to upload firmware. Sysfs makes the LLD's .max_sectors setting visible (converted to kilobytes) in /sys/block/sd<x>/queue/max_hw_sectors_kb . The maximum allowable value in a LLD's .max_sector seems to be 65535 (0xffff in hexadecimal). This limits the maximum transfer size to (32*1024*1024 - 512) bytes, assuming other limitations have been overcome. [The 65535 sector limit is because Scsi_Host::max_sectors has type "unsigned short". Hopefully this type is expanded to "int" in the future (or removed).]
The .use_clustering field should be set to ENABLE_CLUSTERING . If not, the block subsystem rebuilds the scatter gather list it gets from the sg driver with page size (e.g. 4 KB) elements. [Actually is does that anyway, but when ENABLE_CLUSTERING is set, it coalesces them again!]
Conclusion
In some situations, sending commands via the SG_IO ioctl may interfere with a higher level driver's use of a device. Users of the SG_IO ioctl should be aware that they are using a powerful, but low level facility, and write co de accordingly. An example of this would be a utility to perform self tests on a disk: "background" self tests should be preferred over "foreground" self tests if there is a chance the computer may be using a file system on that disk at the time. Even a short foreground self test may take up to two minutes which is a long time to lock out a file system.Return to?main?page.
Last updated: 26th July 2008
總結
以上是生活随笔為你收集整理的The Linux SG_IO ioctl in the 2.6 series的全部內容,希望文章能夠幫你解決所遇到的問題。
- 上一篇: 使用SG_IO发送SCSI 指令测试底层
- 下一篇: 看django视频笔记