[PATCH 0/1] nvme: add retry for media not ready error

[gjoyce@linux.ibm.com]

From: Greg Joyce <gjoyce@linux.ibm.com>


The NVMe host driver sets the config NVME_CC_CRIME if the capablities
NVME_CAP_CRMS_CRWMS and NVME_CAP_CRMS_CRIMS are both set. This config is
written to the controller before NVME_CC_ENABLE is asserted.

The function nvme_wait_ready() then waits for the controller to indicate
CSTS.RDY. Subsequently, SED Opal init code issues a TCG level 0 discovery
command to determine if the NVMe drive is SED capable. However, there is a
period of time between CSTS.RDY and when the commands listed in Figure 103
may not be successfully executed. If the controller is not ready to process
these commands it may return a status code of Admin Command Media Not Ready.

This code is returned for the level 0 discovery and the NVMe driver marks
the drive as not being SED capable even if it is capable. Subsequent calls
to sed_ioctl() all result in failure and a CLI is unable to manage the drive.

The patch proposed here retries security read/write commands if they fail
with NVME_SC_ADMIN_COMMAND_MEDIA_NOT_READY. The maximum retry period is
capped by the value provided by the controller value NVME_CRTO_CRIMT.


------------ relevant NVMe Base Specification version 2.0 passages-----------

Controller Ready Independent of Media Enable (CRIME):
        This field controls the controller ready mode. The controller ready
        mode is determined by the state of this bit at the time the controller
        is enabled by transitioning the CC.EN bit from ‘0’ to ‘1’.

Figure 36: Controller Capabilities

        Controllers that support the CRTO register (refer to Figure 62) are
        able to indicate larger timeouts for enabling the controller. Host
        software should use the value in CRTO.CRWMT or CRTO.CRIMT depending
        on the controller ready mode indicated by CC.CRIME to determine the
        worst-case timeout for CSTS.RDY to transition from ‘0’ to ‘1’ after
        CC.EN transitions from ‘0’ to ‘1’.

Figure 94: Status Code – Generic Command Status Values
Admin Command Media Not Ready: (24h)
        The Admin command requires access to media and the media is not ready.
        The Do Not Retry bit indicates whether re-issuing the command at a
        later time may succeed. This status code shall only be returned:
                a) or Admin commands; and
                b) if the controller is in Controller Ready Independent of
                   Media mode (CC.CRIME is bit is set to ‘1’).

Figure 103: Admin Commands Permitted to Return a Status Code of Admin Command
Media Not Ready
        Includes Security Send and Security Receive that are used by
        TCG Level 0 Discovery.


Greg Joyce (1):
  nvme: retry security commands if media not ready

 drivers/nvme/host/core.c | 82 ++++++++++++++++++++++++++--------------
 1 file changed, 54 insertions(+), 28 deletions(-)

-- 
gjoyce@linux.ibm.com