search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
mpt2sas: prevent heap overflows and unchecked reads
[linux-2.6/linux-acpi-2.6/ibm-acpi-2.6.git] / drivers / scsi / mpt2sas / mpt2sas_ctl.c
blobe51d6d08da18c5a144bff41e82064069a2fb434a
1 /*
2 * Management Module Support for MPT (Message Passing Technology) based
3 * controllers
4 *
5 * This code is based on drivers/scsi/mpt2sas/mpt2_ctl.c
6 * Copyright (C) 2007-2009 LSI Corporation
7 * (mailto:DL-MPTFusionLinux@lsi.com)
8 *
9 * This program is free software; you can redistribute it and/or
10 * modify it under the terms of the GNU General Public License
11 * as published by the Free Software Foundation; either version 2
12 * of the License, or (at your option) any later version.
13 *
14 * This program is distributed in the hope that it will be useful,
15 * but WITHOUT ANY WARRANTY; without even the implied warranty of
16 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
17 * GNU General Public License for more details.
18 *
19 * NO WARRANTY
20 * THE PROGRAM IS PROVIDED ON AN "AS IS" BASIS, WITHOUT WARRANTIES OR
21 * CONDITIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED INCLUDING, WITHOUT
22 * LIMITATION, ANY WARRANTIES OR CONDITIONS OF TITLE, NON-INFRINGEMENT,
23 * MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. Each Recipient is
24 * solely responsible for determining the appropriateness of using and
25 * distributing the Program and assumes all risks associated with its
26 * exercise of rights under this Agreement, including but not limited to
27 * the risks and costs of program errors, damage to or loss of data,
28 * programs or equipment, and unavailability or interruption of operations.
29
30 * DISCLAIMER OF LIABILITY
31 * NEITHER RECIPIENT NOR ANY CONTRIBUTORS SHALL HAVE ANY LIABILITY FOR ANY
32 * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
33 * DAMAGES (INCLUDING WITHOUT LIMITATION LOST PROFITS), HOWEVER CAUSED AND
34 * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR
35 * TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE
36 * USE OR DISTRIBUTION OF THE PROGRAM OR THE EXERCISE OF ANY RIGHTS GRANTED
37 * HEREUNDER, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGES
38
39 * You should have received a copy of the GNU General Public License
40 * along with this program; if not, write to the Free Software
41 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301,
42 * USA.
43 */
44
45 #include <linux/version.h>
46 #include <linux/kernel.h>
47 #include <linux/module.h>
48 #include <linux/errno.h>
49 #include <linux/init.h>
50 #include <linux/slab.h>
51 #include <linux/types.h>
52 #include <linux/pci.h>
53 #include <linux/delay.h>
54 #include <linux/smp_lock.h>
55 #include <linux/compat.h>
56 #include <linux/poll.h>
57
58 #include <linux/io.h>
59 #include <linux/uaccess.h>
60
61 #include "mpt2sas_base.h"
62 #include "mpt2sas_ctl.h"
63
64 static struct fasync_struct *async_queue;
65 static DECLARE_WAIT_QUEUE_HEAD(ctl_poll_wait);
66
67 static int _ctl_send_release(struct MPT2SAS_ADAPTER *ioc, u8 buffer_type,
68 u8 *issue_reset);
69
70 /**
71 * enum block_state - blocking state
72 * @NON_BLOCKING: non blocking
73 * @BLOCKING: blocking
74 *
75 * These states are for ioctls that need to wait for a response
76 * from firmware, so they probably require sleep.
77 */
78 enum block_state {
79 NON_BLOCKING,
80 BLOCKING,
81 };
82
83 #ifdef CONFIG_SCSI_MPT2SAS_LOGGING
84 /**
85 * _ctl_display_some_debug - debug routine
86 * @ioc: per adapter object
87 * @smid: system request message index
88 * @calling_function_name: string pass from calling function
89 * @mpi_reply: reply message frame
90 * Context: none.
91 *
92 * Function for displaying debug info helpfull when debugging issues
93 * in this module.
94 */
95 static void
96 _ctl_display_some_debug(struct MPT2SAS_ADAPTER *ioc, u16 smid,
97 char *calling_function_name, MPI2DefaultReply_t *mpi_reply)
98 {
99 Mpi2ConfigRequest_t *mpi_request;
100 char *desc = NULL;
101
102 if (!(ioc->logging_level & MPT_DEBUG_IOCTL))
103 return;
104
105 mpi_request = mpt2sas_base_get_msg_frame(ioc, smid);
106 switch (mpi_request->Function) {
107 case MPI2_FUNCTION_SCSI_IO_REQUEST:
108 {
109 Mpi2SCSIIORequest_t *scsi_request =
110 (Mpi2SCSIIORequest_t *)mpi_request;
111
112 snprintf(ioc->tmp_string, MPT_STRING_LENGTH,
113 "scsi_io, cmd(0x%02x), cdb_len(%d)",
114 scsi_request->CDB.CDB32[0],
115 le16_to_cpu(scsi_request->IoFlags) & 0xF);
116 desc = ioc->tmp_string;
117 break;
118 }
119 case MPI2_FUNCTION_SCSI_TASK_MGMT:
120 desc = "task_mgmt";
121 break;
122 case MPI2_FUNCTION_IOC_INIT:
123 desc = "ioc_init";
124 break;
125 case MPI2_FUNCTION_IOC_FACTS:
126 desc = "ioc_facts";
127 break;
128 case MPI2_FUNCTION_CONFIG:
129 {
130 Mpi2ConfigRequest_t *config_request =
131 (Mpi2ConfigRequest_t *)mpi_request;
132
133 snprintf(ioc->tmp_string, MPT_STRING_LENGTH,
134 "config, type(0x%02x), ext_type(0x%02x), number(%d)",
135 (config_request->Header.PageType &
136 MPI2_CONFIG_PAGETYPE_MASK), config_request->ExtPageType,
137 config_request->Header.PageNumber);
138 desc = ioc->tmp_string;
139 break;
140 }
141 case MPI2_FUNCTION_PORT_FACTS:
142 desc = "port_facts";
143 break;
144 case MPI2_FUNCTION_PORT_ENABLE:
145 desc = "port_enable";
146 break;
147 case MPI2_FUNCTION_EVENT_NOTIFICATION:
148 desc = "event_notification";
149 break;
150 case MPI2_FUNCTION_FW_DOWNLOAD:
151 desc = "fw_download";
152 break;
153 case MPI2_FUNCTION_FW_UPLOAD:
154 desc = "fw_upload";
155 break;
156 case MPI2_FUNCTION_RAID_ACTION:
157 desc = "raid_action";
158 break;
159 case MPI2_FUNCTION_RAID_SCSI_IO_PASSTHROUGH:
160 {
161 Mpi2SCSIIORequest_t *scsi_request =
162 (Mpi2SCSIIORequest_t *)mpi_request;
163
164 snprintf(ioc->tmp_string, MPT_STRING_LENGTH,
165 "raid_pass, cmd(0x%02x), cdb_len(%d)",
166 scsi_request->CDB.CDB32[0],
167 le16_to_cpu(scsi_request->IoFlags) & 0xF);
168 desc = ioc->tmp_string;
169 break;
170 }
171 case MPI2_FUNCTION_SAS_IO_UNIT_CONTROL:
172 desc = "sas_iounit_cntl";
173 break;
174 case MPI2_FUNCTION_SATA_PASSTHROUGH:
175 desc = "sata_pass";
176 break;
177 case MPI2_FUNCTION_DIAG_BUFFER_POST:
178 desc = "diag_buffer_post";
179 break;
180 case MPI2_FUNCTION_DIAG_RELEASE:
181 desc = "diag_release";
182 break;
183 case MPI2_FUNCTION_SMP_PASSTHROUGH:
184 desc = "smp_passthrough";
185 break;
186 }
187
188 if (!desc)
189 return;
190
191 printk(MPT2SAS_DEBUG_FMT "%s: %s, smid(%d)\n",
192 ioc->name, calling_function_name, desc, smid);
193
194 if (!mpi_reply)
195 return;
196
197 if (mpi_reply->IOCStatus || mpi_reply->IOCLogInfo)
198 printk(MPT2SAS_DEBUG_FMT
199 "\tiocstatus(0x%04x), loginfo(0x%08x)\n",
200 ioc->name, le16_to_cpu(mpi_reply->IOCStatus),
201 le32_to_cpu(mpi_reply->IOCLogInfo));
202
203 if (mpi_request->Function == MPI2_FUNCTION_SCSI_IO_REQUEST ||
204 mpi_request->Function ==
205 MPI2_FUNCTION_RAID_SCSI_IO_PASSTHROUGH) {
206 Mpi2SCSIIOReply_t *scsi_reply =
207 (Mpi2SCSIIOReply_t *)mpi_reply;
208 if (scsi_reply->SCSIState || scsi_reply->SCSIStatus)
209 printk(MPT2SAS_DEBUG_FMT
210 "\tscsi_state(0x%02x), scsi_status"
211 "(0x%02x)\n", ioc->name,
212 scsi_reply->SCSIState,
213 scsi_reply->SCSIStatus);
214 }
215 }
216 #endif
217
218 /**
219 * mpt2sas_ctl_done - ctl module completion routine
220 * @ioc: per adapter object
221 * @smid: system request message index
222 * @msix_index: MSIX table index supplied by the OS
223 * @reply: reply message frame(lower 32bit addr)
224 * Context: none.
225 *
226 * The callback handler when using ioc->ctl_cb_idx.
227 *
228 * Return 1 meaning mf should be freed from _base_interrupt
229 * 0 means the mf is freed from this function.
230 */
231 u8
232 mpt2sas_ctl_done(struct MPT2SAS_ADAPTER *ioc, u16 smid, u8 msix_index,
233 u32 reply)
234 {
235 MPI2DefaultReply_t *mpi_reply;
236
237 if (ioc->ctl_cmds.status == MPT2_CMD_NOT_USED)
238 return 1;
239 if (ioc->ctl_cmds.smid != smid)
240 return 1;
241 ioc->ctl_cmds.status |= MPT2_CMD_COMPLETE;
242 mpi_reply = mpt2sas_base_get_reply_virt_addr(ioc, reply);
243 if (mpi_reply) {
244 memcpy(ioc->ctl_cmds.reply, mpi_reply, mpi_reply->MsgLength*4);
245 ioc->ctl_cmds.status |= MPT2_CMD_REPLY_VALID;
246 }
247 #ifdef CONFIG_SCSI_MPT2SAS_LOGGING
248 _ctl_display_some_debug(ioc, smid, "ctl_done", mpi_reply);
249 #endif
250 ioc->ctl_cmds.status &= ~MPT2_CMD_PENDING;
251 complete(&ioc->ctl_cmds.done);
252 return 1;
253 }
254
255 /**
256 * _ctl_check_event_type - determines when an event needs logging
257 * @ioc: per adapter object
258 * @event: firmware event
259 *
260 * The bitmask in ioc->event_type[] indicates which events should be
261 * be saved in the driver event_log. This bitmask is set by application.
262 *
263 * Returns 1 when event should be captured, or zero means no match.
264 */
265 static int
266 _ctl_check_event_type(struct MPT2SAS_ADAPTER *ioc, u16 event)
267 {
268 u16 i;
269 u32 desired_event;
270
271 if (event >= 128 || !event || !ioc->event_log)
272 return 0;
273
274 desired_event = (1 << (event % 32));
275 if (!desired_event)
276 desired_event = 1;
277 i = event / 32;
278 return desired_event & ioc->event_type[i];
279 }
280
281 /**
282 * mpt2sas_ctl_add_to_event_log - add event
283 * @ioc: per adapter object
284 * @mpi_reply: reply message frame
285 *
286 * Return nothing.
287 */
288 void
289 mpt2sas_ctl_add_to_event_log(struct MPT2SAS_ADAPTER *ioc,
290 Mpi2EventNotificationReply_t *mpi_reply)
291 {
292 struct MPT2_IOCTL_EVENTS *event_log;
293 u16 event;
294 int i;
295 u32 sz, event_data_sz;
296 u8 send_aen = 0;
297
298 if (!ioc->event_log)
299 return;
300
301 event = le16_to_cpu(mpi_reply->Event);
302
303 if (_ctl_check_event_type(ioc, event)) {
304
305 /* insert entry into circular event_log */
306 i = ioc->event_context % MPT2SAS_CTL_EVENT_LOG_SIZE;
307 event_log = ioc->event_log;
308 event_log[i].event = event;
309 event_log[i].context = ioc->event_context++;
310
311 event_data_sz = le16_to_cpu(mpi_reply->EventDataLength)*4;
312 sz = min_t(u32, event_data_sz, MPT2_EVENT_DATA_SIZE);
313 memset(event_log[i].data, 0, MPT2_EVENT_DATA_SIZE);
314 memcpy(event_log[i].data, mpi_reply->EventData, sz);
315 send_aen = 1;
316 }
317
318 /* This aen_event_read_flag flag is set until the
319 * application has read the event log.
320 * For MPI2_EVENT_LOG_ENTRY_ADDED, we always notify.
321 */
322 if (event == MPI2_EVENT_LOG_ENTRY_ADDED ||
323 (send_aen && !ioc->aen_event_read_flag)) {
324 ioc->aen_event_read_flag = 1;
325 wake_up_interruptible(&ctl_poll_wait);
326 if (async_queue)
327 kill_fasync(&async_queue, SIGIO, POLL_IN);
328 }
329 }
330
331 /**
332 * mpt2sas_ctl_event_callback - firmware event handler (called at ISR time)
333 * @ioc: per adapter object
334 * @msix_index: MSIX table index supplied by the OS
335 * @reply: reply message frame(lower 32bit addr)
336 * Context: interrupt.
337 *
338 * This function merely adds a new work task into ioc->firmware_event_thread.
339 * The tasks are worked from _firmware_event_work in user context.
340 *
341 * Return 1 meaning mf should be freed from _base_interrupt
342 * 0 means the mf is freed from this function.
343 */
344 u8
345 mpt2sas_ctl_event_callback(struct MPT2SAS_ADAPTER *ioc, u8 msix_index,
346 u32 reply)
347 {
348 Mpi2EventNotificationReply_t *mpi_reply;
349
350 mpi_reply = mpt2sas_base_get_reply_virt_addr(ioc, reply);
351 mpt2sas_ctl_add_to_event_log(ioc, mpi_reply);
352 return 1;
353 }
354
355 /**
356 * _ctl_verify_adapter - validates ioc_number passed from application
357 * @ioc: per adapter object
358 * @iocpp: The ioc pointer is returned in this.
359 *
360 * Return (-1) means error, else ioc_number.
361 */
362 static int
363 _ctl_verify_adapter(int ioc_number, struct MPT2SAS_ADAPTER **iocpp)
364 {
365 struct MPT2SAS_ADAPTER *ioc;
366
367 list_for_each_entry(ioc, &mpt2sas_ioc_list, list) {
368 if (ioc->id != ioc_number)
369 continue;
370 *iocpp = ioc;
371 return ioc_number;
372 }
373 *iocpp = NULL;
374 return -1;
375 }
376
377 /**
378 * mpt2sas_ctl_reset_handler - reset callback handler (for ctl)
379 * @ioc: per adapter object
380 * @reset_phase: phase
381 *
382 * The handler for doing any required cleanup or initialization.
383 *
384 * The reset phase can be MPT2_IOC_PRE_RESET, MPT2_IOC_AFTER_RESET,
385 * MPT2_IOC_DONE_RESET
386 */
387 void
388 mpt2sas_ctl_reset_handler(struct MPT2SAS_ADAPTER *ioc, int reset_phase)
389 {
390 int i;
391 u8 issue_reset;
392
393 switch (reset_phase) {
394 case MPT2_IOC_PRE_RESET:
395 dtmprintk(ioc, printk(MPT2SAS_DEBUG_FMT "%s: "
396 "MPT2_IOC_PRE_RESET\n", ioc->name, __func__));
397 for (i = 0; i < MPI2_DIAG_BUF_TYPE_COUNT; i++) {
398 if (!(ioc->diag_buffer_status[i] &
399 MPT2_DIAG_BUFFER_IS_REGISTERED))
400 continue;
401 if ((ioc->diag_buffer_status[i] &
402 MPT2_DIAG_BUFFER_IS_RELEASED))
403 continue;
404 _ctl_send_release(ioc, i, &issue_reset);
405 }
406 break;
407 case MPT2_IOC_AFTER_RESET:
408 dtmprintk(ioc, printk(MPT2SAS_DEBUG_FMT "%s: "
409 "MPT2_IOC_AFTER_RESET\n", ioc->name, __func__));
410 if (ioc->ctl_cmds.status & MPT2_CMD_PENDING) {
411 ioc->ctl_cmds.status |= MPT2_CMD_RESET;
412 mpt2sas_base_free_smid(ioc, ioc->ctl_cmds.smid);
413 complete(&ioc->ctl_cmds.done);
414 }
415 break;
416 case MPT2_IOC_DONE_RESET:
417 dtmprintk(ioc, printk(MPT2SAS_DEBUG_FMT "%s: "
418 "MPT2_IOC_DONE_RESET\n", ioc->name, __func__));
419
420 for (i = 0; i < MPI2_DIAG_BUF_TYPE_COUNT; i++) {
421 if (!(ioc->diag_buffer_status[i] &
422 MPT2_DIAG_BUFFER_IS_REGISTERED))
423 continue;
424 if ((ioc->diag_buffer_status[i] &
425 MPT2_DIAG_BUFFER_IS_RELEASED))
426 continue;
427 ioc->diag_buffer_status[i] |=
428 MPT2_DIAG_BUFFER_IS_DIAG_RESET;
429 }
430 break;
431 }
432 }
433
434 /**
435 * _ctl_fasync -
436 * @fd -
437 * @filep -
438 * @mode -
439 *
440 * Called when application request fasyn callback handler.
441 */
442 static int
443 _ctl_fasync(int fd, struct file *filep, int mode)
444 {
445 return fasync_helper(fd, filep, mode, &async_queue);
446 }
447
448 /**
449 * _ctl_release -
450 * @inode -
451 * @filep -
452 *
453 * Called when application releases the fasyn callback handler.
454 */
455 static int
456 _ctl_release(struct inode *inode, struct file *filep)
457 {
458 return fasync_helper(-1, filep, 0, &async_queue);
459 }
460
461 /**
462 * _ctl_poll -
463 * @file -
464 * @wait -
465 *
466 */
467 static unsigned int
468 _ctl_poll(struct file *filep, poll_table *wait)
469 {
470 struct MPT2SAS_ADAPTER *ioc;
471
472 poll_wait(filep, &ctl_poll_wait, wait);
473
474 list_for_each_entry(ioc, &mpt2sas_ioc_list, list) {
475 if (ioc->aen_event_read_flag)
476 return POLLIN | POLLRDNORM;
477 }
478 return 0;
479 }
480
481 /**
482 * _ctl_set_task_mid - assign an active smid to tm request
483 * @ioc: per adapter object
484 * @karg - (struct mpt2_ioctl_command)
485 * @tm_request - pointer to mf from user space
486 *
487 * Returns 0 when an smid if found, else fail.
488 * during failure, the reply frame is filled.
489 */
490 static int
491 _ctl_set_task_mid(struct MPT2SAS_ADAPTER *ioc, struct mpt2_ioctl_command *karg,
492 Mpi2SCSITaskManagementRequest_t *tm_request)
493 {
494 u8 found = 0;
495 u16 i;
496 u16 handle;
497 struct scsi_cmnd *scmd;
498 struct MPT2SAS_DEVICE *priv_data;
499 unsigned long flags;
500 Mpi2SCSITaskManagementReply_t *tm_reply;
501 u32 sz;
502 u32 lun;
503 char *desc = NULL;
504
505 if (tm_request->TaskType == MPI2_SCSITASKMGMT_TASKTYPE_ABORT_TASK)
506 desc = "abort_task";
507 else if (tm_request->TaskType == MPI2_SCSITASKMGMT_TASKTYPE_QUERY_TASK)
508 desc = "query_task";
509 else
510 return 0;
511
512 lun = scsilun_to_int((struct scsi_lun *)tm_request->LUN);
513
514 handle = le16_to_cpu(tm_request->DevHandle);
515 spin_lock_irqsave(&ioc->scsi_lookup_lock, flags);
516 for (i = ioc->scsiio_depth; i && !found; i--) {
517 scmd = ioc->scsi_lookup[i - 1].scmd;
518 if (scmd == NULL || scmd->device == NULL ||
519 scmd->device->hostdata == NULL)
520 continue;
521 if (lun != scmd->device->lun)
522 continue;
523 priv_data = scmd->device->hostdata;
524 if (priv_data->sas_target == NULL)
525 continue;
526 if (priv_data->sas_target->handle != handle)
527 continue;
528 tm_request->TaskMID = cpu_to_le16(ioc->scsi_lookup[i - 1].smid);
529 found = 1;
530 }
531 spin_unlock_irqrestore(&ioc->scsi_lookup_lock, flags);
532
533 if (!found) {
534 dctlprintk(ioc, printk(MPT2SAS_DEBUG_FMT "%s: "
535 "handle(0x%04x), lun(%d), no active mid!!\n", ioc->name,
536 desc, tm_request->DevHandle, lun));
537 tm_reply = ioc->ctl_cmds.reply;
538 tm_reply->DevHandle = tm_request->DevHandle;
539 tm_reply->Function = MPI2_FUNCTION_SCSI_TASK_MGMT;
540 tm_reply->TaskType = tm_request->TaskType;
541 tm_reply->MsgLength = sizeof(Mpi2SCSITaskManagementReply_t)/4;
542 tm_reply->VP_ID = tm_request->VP_ID;
543 tm_reply->VF_ID = tm_request->VF_ID;
544 sz = min_t(u32, karg->max_reply_bytes, ioc->reply_sz);
545 if (copy_to_user(karg->reply_frame_buf_ptr, ioc->ctl_cmds.reply,
546 sz))
547 printk(KERN_ERR "failure at %s:%d/%s()!\n", __FILE__,
548 __LINE__, __func__);
549 return 1;
550 }
551
552 dctlprintk(ioc, printk(MPT2SAS_DEBUG_FMT "%s: "
553 "handle(0x%04x), lun(%d), task_mid(%d)\n", ioc->name,
554 desc, tm_request->DevHandle, lun, tm_request->TaskMID));
555 return 0;
556 }
557
558 /**
559 * _ctl_do_mpt_command - main handler for MPT2COMMAND opcode
560 * @ioc: per adapter object
561 * @karg - (struct mpt2_ioctl_command)
562 * @mf - pointer to mf in user space
563 * @state - NON_BLOCKING or BLOCKING
564 */
565 static long
566 _ctl_do_mpt_command(struct MPT2SAS_ADAPTER *ioc,
567 struct mpt2_ioctl_command karg, void __user *mf, enum block_state state)
568 {
569 MPI2RequestHeader_t *mpi_request;
570 MPI2DefaultReply_t *mpi_reply;
571 u32 ioc_state;
572 u16 ioc_status;
573 u16 smid;
574 unsigned long timeout, timeleft;
575 u8 issue_reset;
576 u32 sz;
577 void *psge;
578 void *priv_sense = NULL;
579 void *data_out = NULL;
580 dma_addr_t data_out_dma;
581 size_t data_out_sz = 0;
582 void *data_in = NULL;
583 dma_addr_t data_in_dma;
584 size_t data_in_sz = 0;
585 u32 sgl_flags;
586 long ret;
587 u16 wait_state_count;
588
589 issue_reset = 0;
590
591 if (state == NON_BLOCKING && !mutex_trylock(&ioc->ctl_cmds.mutex))
592 return -EAGAIN;
593 else if (mutex_lock_interruptible(&ioc->ctl_cmds.mutex))
594 return -ERESTARTSYS;
595
596 if (ioc->ctl_cmds.status != MPT2_CMD_NOT_USED) {
597 printk(MPT2SAS_ERR_FMT "%s: ctl_cmd in use\n",
598 ioc->name, __func__);
599 ret = -EAGAIN;
600 goto out;
601 }
602
603 wait_state_count = 0;
604 ioc_state = mpt2sas_base_get_iocstate(ioc, 1);
605 while (ioc_state != MPI2_IOC_STATE_OPERATIONAL) {
606 if (wait_state_count++ == 10) {
607 printk(MPT2SAS_ERR_FMT
608 "%s: failed due to ioc not operational\n",
609 ioc->name, __func__);
610 ret = -EFAULT;
611 goto out;
612 }
613 ssleep(1);
614 ioc_state = mpt2sas_base_get_iocstate(ioc, 1);
615 printk(MPT2SAS_INFO_FMT "%s: waiting for "
616 "operational state(count=%d)\n", ioc->name,
617 __func__, wait_state_count);
618 }
619 if (wait_state_count)
620 printk(MPT2SAS_INFO_FMT "%s: ioc is operational\n",
621 ioc->name, __func__);
622
623 smid = mpt2sas_base_get_smid_scsiio(ioc, ioc->ctl_cb_idx, NULL);
624 if (!smid) {
625 printk(MPT2SAS_ERR_FMT "%s: failed obtaining a smid\n",
626 ioc->name, __func__);
627 ret = -EAGAIN;
628 goto out;
629 }
630
631 ret = 0;
632 ioc->ctl_cmds.status = MPT2_CMD_PENDING;
633 memset(ioc->ctl_cmds.reply, 0, ioc->reply_sz);
634 mpi_request = mpt2sas_base_get_msg_frame(ioc, smid);
635 ioc->ctl_cmds.smid = smid;
636 data_out_sz = karg.data_out_size;
637 data_in_sz = karg.data_in_size;
638
639 /* Check for overflow and wraparound */
640 if (karg.data_sge_offset * 4 > ioc->request_sz ||
641 karg.data_sge_offset > (UINT_MAX / 4)) {
642 ret = -EINVAL;
643 goto out;
644 }
645
646 /* copy in request message frame from user */
647 if (copy_from_user(mpi_request, mf, karg.data_sge_offset*4)) {
648 printk(KERN_ERR "failure at %s:%d/%s()!\n", __FILE__, __LINE__,
649 __func__);
650 ret = -EFAULT;
651 mpt2sas_base_free_smid(ioc, smid);
652 goto out;
653 }
654
655 if (mpi_request->Function == MPI2_FUNCTION_SCSI_IO_REQUEST ||
656 mpi_request->Function == MPI2_FUNCTION_RAID_SCSI_IO_PASSTHROUGH) {
657 if (!mpi_request->FunctionDependent1 ||
658 mpi_request->FunctionDependent1 >
659 cpu_to_le16(ioc->facts.MaxDevHandle)) {
660 ret = -EINVAL;
661 mpt2sas_base_free_smid(ioc, smid);
662 goto out;
663 }
664 }
665
666 /* obtain dma-able memory for data transfer */
667 if (data_out_sz) /* WRITE */ {
668 data_out = pci_alloc_consistent(ioc->pdev, data_out_sz,
669 &data_out_dma);
670 if (!data_out) {
671 printk(KERN_ERR "failure at %s:%d/%s()!\n", __FILE__,
672 __LINE__, __func__);
673 ret = -ENOMEM;
674 mpt2sas_base_free_smid(ioc, smid);
675 goto out;
676 }
677 if (copy_from_user(data_out, karg.data_out_buf_ptr,
678 data_out_sz)) {
679 printk(KERN_ERR "failure at %s:%d/%s()!\n", __FILE__,
680 __LINE__, __func__);
681 ret = -EFAULT;
682 mpt2sas_base_free_smid(ioc, smid);
683 goto out;
684 }
685 }
686
687 if (data_in_sz) /* READ */ {
688 data_in = pci_alloc_consistent(ioc->pdev, data_in_sz,
689 &data_in_dma);
690 if (!data_in) {
691 printk(KERN_ERR "failure at %s:%d/%s()!\n", __FILE__,
692 __LINE__, __func__);
693 ret = -ENOMEM;
694 mpt2sas_base_free_smid(ioc, smid);
695 goto out;
696 }
697 }
698
699 /* add scatter gather elements */
700 psge = (void *)mpi_request + (karg.data_sge_offset*4);
701
702 if (!data_out_sz && !data_in_sz) {
703 mpt2sas_base_build_zero_len_sge(ioc, psge);
704 } else if (data_out_sz && data_in_sz) {
705 /* WRITE sgel first */
706 sgl_flags = (MPI2_SGE_FLAGS_SIMPLE_ELEMENT |
707 MPI2_SGE_FLAGS_END_OF_BUFFER | MPI2_SGE_FLAGS_HOST_TO_IOC);
708 sgl_flags = sgl_flags << MPI2_SGE_FLAGS_SHIFT;
709 ioc->base_add_sg_single(psge, sgl_flags |
710 data_out_sz, data_out_dma);
711
712 /* incr sgel */
713 psge += ioc->sge_size;
714
715 /* READ sgel last */
716 sgl_flags = (MPI2_SGE_FLAGS_SIMPLE_ELEMENT |
717 MPI2_SGE_FLAGS_LAST_ELEMENT | MPI2_SGE_FLAGS_END_OF_BUFFER |
718 MPI2_SGE_FLAGS_END_OF_LIST);
719 sgl_flags = sgl_flags << MPI2_SGE_FLAGS_SHIFT;
720 ioc->base_add_sg_single(psge, sgl_flags |
721 data_in_sz, data_in_dma);
722 } else if (data_out_sz) /* WRITE */ {
723 sgl_flags = (MPI2_SGE_FLAGS_SIMPLE_ELEMENT |
724 MPI2_SGE_FLAGS_LAST_ELEMENT | MPI2_SGE_FLAGS_END_OF_BUFFER |
725 MPI2_SGE_FLAGS_END_OF_LIST | MPI2_SGE_FLAGS_HOST_TO_IOC);
726 sgl_flags = sgl_flags << MPI2_SGE_FLAGS_SHIFT;
727 ioc->base_add_sg_single(psge, sgl_flags |
728 data_out_sz, data_out_dma);
729 } else if (data_in_sz) /* READ */ {
730 sgl_flags = (MPI2_SGE_FLAGS_SIMPLE_ELEMENT |
731 MPI2_SGE_FLAGS_LAST_ELEMENT | MPI2_SGE_FLAGS_END_OF_BUFFER |
732 MPI2_SGE_FLAGS_END_OF_LIST);
733 sgl_flags = sgl_flags << MPI2_SGE_FLAGS_SHIFT;
734 ioc->base_add_sg_single(psge, sgl_flags |
735 data_in_sz, data_in_dma);
736 }
737
738 /* send command to firmware */
739 #ifdef CONFIG_SCSI_MPT2SAS_LOGGING
740 _ctl_display_some_debug(ioc, smid, "ctl_request", NULL);
741 #endif
742
743 switch (mpi_request->Function) {
744 case MPI2_FUNCTION_SCSI_IO_REQUEST:
745 case MPI2_FUNCTION_RAID_SCSI_IO_PASSTHROUGH:
746 {
747 Mpi2SCSIIORequest_t *scsiio_request =
748 (Mpi2SCSIIORequest_t *)mpi_request;
749 scsiio_request->SenseBufferLowAddress =
750 mpt2sas_base_get_sense_buffer_dma(ioc, smid);
751 priv_sense = mpt2sas_base_get_sense_buffer(ioc, smid);
752 memset(priv_sense, 0, SCSI_SENSE_BUFFERSIZE);
753 mpt2sas_base_put_smid_scsi_io(ioc, smid,
754 le16_to_cpu(mpi_request->FunctionDependent1));
755 break;
756 }
757 case MPI2_FUNCTION_SCSI_TASK_MGMT:
758 {
759 Mpi2SCSITaskManagementRequest_t *tm_request =
760 (Mpi2SCSITaskManagementRequest_t *)mpi_request;
761
762 if (tm_request->TaskType ==
763 MPI2_SCSITASKMGMT_TASKTYPE_ABORT_TASK ||
764 tm_request->TaskType ==
765 MPI2_SCSITASKMGMT_TASKTYPE_QUERY_TASK) {
766 if (_ctl_set_task_mid(ioc, &karg, tm_request)) {
767 mpt2sas_base_free_smid(ioc, smid);
768 goto out;
769 }
770 }
771
772 mutex_lock(&ioc->tm_cmds.mutex);
773 mpt2sas_scsih_set_tm_flag(ioc, le16_to_cpu(
774 tm_request->DevHandle));
775 mpt2sas_base_put_smid_hi_priority(ioc, smid);
776 break;
777 }
778 case MPI2_FUNCTION_SMP_PASSTHROUGH:
779 {
780 Mpi2SmpPassthroughRequest_t *smp_request =
781 (Mpi2SmpPassthroughRequest_t *)mpi_request;
782 u8 *data;
783
784 /* ioc determines which port to use */
785 smp_request->PhysicalPort = 0xFF;
786 if (smp_request->PassthroughFlags &
787 MPI2_SMP_PT_REQ_PT_FLAGS_IMMEDIATE)
788 data = (u8 *)&smp_request->SGL;
789 else
790 data = data_out;
791
792 if (data[1] == 0x91 && (data[10] == 1 || data[10] == 2)) {
793 ioc->ioc_link_reset_in_progress = 1;
794 ioc->ignore_loginfos = 1;
795 }
796 mpt2sas_base_put_smid_default(ioc, smid);
797 break;
798 }
799 case MPI2_FUNCTION_SAS_IO_UNIT_CONTROL:
800 {
801 Mpi2SasIoUnitControlRequest_t *sasiounit_request =
802 (Mpi2SasIoUnitControlRequest_t *)mpi_request;
803
804 if (sasiounit_request->Operation == MPI2_SAS_OP_PHY_HARD_RESET
805 || sasiounit_request->Operation ==
806 MPI2_SAS_OP_PHY_LINK_RESET) {
807 ioc->ioc_link_reset_in_progress = 1;
808 ioc->ignore_loginfos = 1;
809 }
810 mpt2sas_base_put_smid_default(ioc, smid);
811 break;
812 }
813 default:
814 mpt2sas_base_put_smid_default(ioc, smid);
815 break;
816 }
817
818 if (karg.timeout < MPT2_IOCTL_DEFAULT_TIMEOUT)
819 timeout = MPT2_IOCTL_DEFAULT_TIMEOUT;
820 else
821 timeout = karg.timeout;
822 init_completion(&ioc->ctl_cmds.done);
823 timeleft = wait_for_completion_timeout(&ioc->ctl_cmds.done,
824 timeout*HZ);
825 if (mpi_request->Function == MPI2_FUNCTION_SCSI_TASK_MGMT) {
826 Mpi2SCSITaskManagementRequest_t *tm_request =
827 (Mpi2SCSITaskManagementRequest_t *)mpi_request;
828 mutex_unlock(&ioc->tm_cmds.mutex);
829 mpt2sas_scsih_clear_tm_flag(ioc, le16_to_cpu(
830 tm_request->DevHandle));
831 } else if ((mpi_request->Function == MPI2_FUNCTION_SMP_PASSTHROUGH ||
832 mpi_request->Function == MPI2_FUNCTION_SAS_IO_UNIT_CONTROL) &&
833 ioc->ioc_link_reset_in_progress) {
834 ioc->ioc_link_reset_in_progress = 0;
835 ioc->ignore_loginfos = 0;
836 }
837 if (!(ioc->ctl_cmds.status & MPT2_CMD_COMPLETE)) {
838 printk(MPT2SAS_ERR_FMT "%s: timeout\n", ioc->name,
839 __func__);
840 _debug_dump_mf(mpi_request, karg.data_sge_offset);
841 if (!(ioc->ctl_cmds.status & MPT2_CMD_RESET))
842 issue_reset = 1;
843 goto issue_host_reset;
844 }
845
846 mpi_reply = ioc->ctl_cmds.reply;
847 ioc_status = le16_to_cpu(mpi_reply->IOCStatus) & MPI2_IOCSTATUS_MASK;
848
849 #ifdef CONFIG_SCSI_MPT2SAS_LOGGING
850 if (mpi_reply->Function == MPI2_FUNCTION_SCSI_TASK_MGMT &&
851 (ioc->logging_level & MPT_DEBUG_TM)) {
852 Mpi2SCSITaskManagementReply_t *tm_reply =
853 (Mpi2SCSITaskManagementReply_t *)mpi_reply;
854
855 printk(MPT2SAS_DEBUG_FMT "TASK_MGMT: "
856 "IOCStatus(0x%04x), IOCLogInfo(0x%08x), "
857 "TerminationCount(0x%08x)\n", ioc->name,
858 le16_to_cpu(tm_reply->IOCStatus),
859 le32_to_cpu(tm_reply->IOCLogInfo),
860 le32_to_cpu(tm_reply->TerminationCount));
861 }
862 #endif
863 /* copy out xdata to user */
864 if (data_in_sz) {
865 if (copy_to_user(karg.data_in_buf_ptr, data_in,
866 data_in_sz)) {
867 printk(KERN_ERR "failure at %s:%d/%s()!\n", __FILE__,
868 __LINE__, __func__);
869 ret = -ENODATA;
870 goto out;
871 }
872 }
873
874 /* copy out reply message frame to user */
875 if (karg.max_reply_bytes) {
876 sz = min_t(u32, karg.max_reply_bytes, ioc->reply_sz);
877 if (copy_to_user(karg.reply_frame_buf_ptr, ioc->ctl_cmds.reply,
878 sz)) {
879 printk(KERN_ERR "failure at %s:%d/%s()!\n", __FILE__,
880 __LINE__, __func__);
881 ret = -ENODATA;
882 goto out;
883 }
884 }
885
886 /* copy out sense to user */
887 if (karg.max_sense_bytes && (mpi_request->Function ==
888 MPI2_FUNCTION_SCSI_IO_REQUEST || mpi_request->Function ==
889 MPI2_FUNCTION_RAID_SCSI_IO_PASSTHROUGH)) {
890 sz = min_t(u32, karg.max_sense_bytes, SCSI_SENSE_BUFFERSIZE);
891 if (copy_to_user(karg.sense_data_ptr, priv_sense, sz)) {
892 printk(KERN_ERR "failure at %s:%d/%s()!\n", __FILE__,
893 __LINE__, __func__);
894 ret = -ENODATA;
895 goto out;
896 }
897 }
898
899 issue_host_reset:
900 if (issue_reset) {
901 if ((mpi_request->Function == MPI2_FUNCTION_SCSI_IO_REQUEST ||
902 mpi_request->Function ==
903 MPI2_FUNCTION_RAID_SCSI_IO_PASSTHROUGH)) {
904 printk(MPT2SAS_INFO_FMT "issue target reset: handle "
905 "= (0x%04x)\n", ioc->name,
906 mpi_request->FunctionDependent1);
907 mpt2sas_halt_firmware(ioc);
908 mutex_lock(&ioc->tm_cmds.mutex);
909 mpt2sas_scsih_issue_tm(ioc,
910 mpi_request->FunctionDependent1, 0,
911 MPI2_SCSITASKMGMT_TASKTYPE_TARGET_RESET, 0, 10);
912 ioc->tm_cmds.status = MPT2_CMD_NOT_USED;
913 mutex_unlock(&ioc->tm_cmds.mutex);
914 } else
915 mpt2sas_base_hard_reset_handler(ioc, CAN_SLEEP,
916 FORCE_BIG_HAMMER);
917 }
918
919 out:
920
921 /* free memory associated with sg buffers */
922 if (data_in)
923 pci_free_consistent(ioc->pdev, data_in_sz, data_in,
924 data_in_dma);
925
926 if (data_out)
927 pci_free_consistent(ioc->pdev, data_out_sz, data_out,
928 data_out_dma);
929
930 ioc->ctl_cmds.status = MPT2_CMD_NOT_USED;
931 mutex_unlock(&ioc->ctl_cmds.mutex);
932 return ret;
933 }
934
935 /**
936 * _ctl_getiocinfo - main handler for MPT2IOCINFO opcode
937 * @arg - user space buffer containing ioctl content
938 */
939 static long
940 _ctl_getiocinfo(void __user *arg)
941 {
942 struct mpt2_ioctl_iocinfo karg;
943 struct MPT2SAS_ADAPTER *ioc;
944 u8 revision;
945
946 if (copy_from_user(&karg, arg, sizeof(karg))) {
947 printk(KERN_ERR "failure at %s:%d/%s()!\n",
948 __FILE__, __LINE__, __func__);
949 return -EFAULT;
950 }
951 if (_ctl_verify_adapter(karg.hdr.ioc_number, &ioc) == -1 || !ioc)
952 return -ENODEV;
953
954 dctlprintk(ioc, printk(MPT2SAS_DEBUG_FMT "%s: enter\n", ioc->name,
955 __func__));
956
957 memset(&karg, 0 , sizeof(karg));
958 karg.adapter_type = MPT2_IOCTL_INTERFACE_SAS2;
959 if (ioc->pfacts)
960 karg.port_number = ioc->pfacts[0].PortNumber;
961 pci_read_config_byte(ioc->pdev, PCI_CLASS_REVISION, &revision);
962 karg.hw_rev = revision;
963 karg.pci_id = ioc->pdev->device;
964 karg.subsystem_device = ioc->pdev->subsystem_device;
965 karg.subsystem_vendor = ioc->pdev->subsystem_vendor;
966 karg.pci_information.u.bits.bus = ioc->pdev->bus->number;
967 karg.pci_information.u.bits.device = PCI_SLOT(ioc->pdev->devfn);
968 karg.pci_information.u.bits.function = PCI_FUNC(ioc->pdev->devfn);
969 karg.pci_information.segment_id = pci_domain_nr(ioc->pdev->bus);
970 karg.firmware_version = ioc->facts.FWVersion.Word;
971 strcpy(karg.driver_version, MPT2SAS_DRIVER_NAME);
972 strcat(karg.driver_version, "-");
973 strcat(karg.driver_version, MPT2SAS_DRIVER_VERSION);
974 karg.bios_version = le32_to_cpu(ioc->bios_pg3.BiosVersion);
975
976 if (copy_to_user(arg, &karg, sizeof(karg))) {
977 printk(KERN_ERR "failure at %s:%d/%s()!\n",
978 __FILE__, __LINE__, __func__);
979 return -EFAULT;
980 }
981 return 0;
982 }
983
984 /**
985 * _ctl_eventquery - main handler for MPT2EVENTQUERY opcode
986 * @arg - user space buffer containing ioctl content
987 */
988 static long
989 _ctl_eventquery(void __user *arg)
990 {
991 struct mpt2_ioctl_eventquery karg;
992 struct MPT2SAS_ADAPTER *ioc;
993
994 if (copy_from_user(&karg, arg, sizeof(karg))) {
995 printk(KERN_ERR "failure at %s:%d/%s()!\n",
996 __FILE__, __LINE__, __func__);
997 return -EFAULT;
998 }
999 if (_ctl_verify_adapter(karg.hdr.ioc_number, &ioc) == -1 || !ioc)
1000 return -ENODEV;
1001
1002 dctlprintk(ioc, printk(MPT2SAS_DEBUG_FMT "%s: enter\n", ioc->name,
1003 __func__));
1004
1005 karg.event_entries = MPT2SAS_CTL_EVENT_LOG_SIZE;
1006 memcpy(karg.event_types, ioc->event_type,
1007 MPI2_EVENT_NOTIFY_EVENTMASK_WORDS * sizeof(u32));
1008
1009 if (copy_to_user(arg, &karg, sizeof(karg))) {
1010 printk(KERN_ERR "failure at %s:%d/%s()!\n",
1011 __FILE__, __LINE__, __func__);
1012 return -EFAULT;
1013 }
1014 return 0;
1015 }
1016
1017 /**
1018 * _ctl_eventenable - main handler for MPT2EVENTENABLE opcode
1019 * @arg - user space buffer containing ioctl content
1020 */
1021 static long
1022 _ctl_eventenable(void __user *arg)
1023 {
1024 struct mpt2_ioctl_eventenable karg;
1025 struct MPT2SAS_ADAPTER *ioc;
1026
1027 if (copy_from_user(&karg, arg, sizeof(karg))) {
1028 printk(KERN_ERR "failure at %s:%d/%s()!\n",
1029 __FILE__, __LINE__, __func__);
1030 return -EFAULT;
1031 }
1032 if (_ctl_verify_adapter(karg.hdr.ioc_number, &ioc) == -1 || !ioc)
1033 return -ENODEV;
1034
1035 dctlprintk(ioc, printk(MPT2SAS_DEBUG_FMT "%s: enter\n", ioc->name,
1036 __func__));
1037
1038 if (ioc->event_log)
1039 return 0;
1040 memcpy(ioc->event_type, karg.event_types,
1041 MPI2_EVENT_NOTIFY_EVENTMASK_WORDS * sizeof(u32));
1042 mpt2sas_base_validate_event_type(ioc, ioc->event_type);
1043
1044 /* initialize event_log */
1045 ioc->event_context = 0;
1046 ioc->aen_event_read_flag = 0;
1047 ioc->event_log = kcalloc(MPT2SAS_CTL_EVENT_LOG_SIZE,
1048 sizeof(struct MPT2_IOCTL_EVENTS), GFP_KERNEL);
1049 if (!ioc->event_log) {
1050 printk(KERN_ERR "failure at %s:%d/%s()!\n",
1051 __FILE__, __LINE__, __func__);
1052 return -ENOMEM;
1053 }
1054 return 0;
1055 }
1056
1057 /**
1058 * _ctl_eventreport - main handler for MPT2EVENTREPORT opcode
1059 * @arg - user space buffer containing ioctl content
1060 */
1061 static long
1062 _ctl_eventreport(void __user *arg)
1063 {
1064 struct mpt2_ioctl_eventreport karg;
1065 struct MPT2SAS_ADAPTER *ioc;
1066 u32 number_bytes, max_events, max;
1067 struct mpt2_ioctl_eventreport __user *uarg = arg;
1068
1069 if (copy_from_user(&karg, arg, sizeof(karg))) {
1070 printk(KERN_ERR "failure at %s:%d/%s()!\n",
1071 __FILE__, __LINE__, __func__);
1072 return -EFAULT;
1073 }
1074 if (_ctl_verify_adapter(karg.hdr.ioc_number, &ioc) == -1 || !ioc)
1075 return -ENODEV;
1076
1077 dctlprintk(ioc, printk(MPT2SAS_DEBUG_FMT "%s: enter\n", ioc->name,
1078 __func__));
1079
1080 number_bytes = karg.hdr.max_data_size -
1081 sizeof(struct mpt2_ioctl_header);
1082 max_events = number_bytes/sizeof(struct MPT2_IOCTL_EVENTS);
1083 max = min_t(u32, MPT2SAS_CTL_EVENT_LOG_SIZE, max_events);
1084
1085 /* If fewer than 1 event is requested, there must have
1086 * been some type of error.
1087 */
1088 if (!max || !ioc->event_log)
1089 return -ENODATA;
1090
1091 number_bytes = max * sizeof(struct MPT2_IOCTL_EVENTS);
1092 if (copy_to_user(uarg->event_data, ioc->event_log, number_bytes)) {
1093 printk(KERN_ERR "failure at %s:%d/%s()!\n",
1094 __FILE__, __LINE__, __func__);
1095 return -EFAULT;
1096 }
1097
1098 /* reset flag so SIGIO can restart */
1099 ioc->aen_event_read_flag = 0;
1100 return 0;
1101 }
1102
1103 /**
1104 * _ctl_do_reset - main handler for MPT2HARDRESET opcode
1105 * @arg - user space buffer containing ioctl content
1106 */
1107 static long
1108 _ctl_do_reset(void __user *arg)
1109 {
1110 struct mpt2_ioctl_diag_reset karg;
1111 struct MPT2SAS_ADAPTER *ioc;
1112 int retval;
1113
1114 if (copy_from_user(&karg, arg, sizeof(karg))) {
1115 printk(KERN_ERR "failure at %s:%d/%s()!\n",
1116 __FILE__, __LINE__, __func__);
1117 return -EFAULT;
1118 }
1119 if (_ctl_verify_adapter(karg.hdr.ioc_number, &ioc) == -1 || !ioc)
1120 return -ENODEV;
1121
1122 dctlprintk(ioc, printk(MPT2SAS_DEBUG_FMT "%s: enter\n", ioc->name,
1123 __func__));
1124
1125 retval = mpt2sas_base_hard_reset_handler(ioc, CAN_SLEEP,
1126 FORCE_BIG_HAMMER);
1127 printk(MPT2SAS_INFO_FMT "host reset: %s\n",
1128 ioc->name, ((!retval) ? "SUCCESS" : "FAILED"));
1129 return 0;
1130 }
1131
1132 /**
1133 * _ctl_btdh_search_sas_device - searching for sas device
1134 * @ioc: per adapter object
1135 * @btdh: btdh ioctl payload
1136 */
1137 static int
1138 _ctl_btdh_search_sas_device(struct MPT2SAS_ADAPTER *ioc,
1139 struct mpt2_ioctl_btdh_mapping *btdh)
1140 {
1141 struct _sas_device *sas_device;
1142 unsigned long flags;
1143 int rc = 0;
1144
1145 if (list_empty(&ioc->sas_device_list))
1146 return rc;
1147
1148 spin_lock_irqsave(&ioc->sas_device_lock, flags);
1149 list_for_each_entry(sas_device, &ioc->sas_device_list, list) {
1150 if (btdh->bus == 0xFFFFFFFF && btdh->id == 0xFFFFFFFF &&
1151 btdh->handle == sas_device->handle) {
1152 btdh->bus = sas_device->channel;
1153 btdh->id = sas_device->id;
1154 rc = 1;
1155 goto out;
1156 } else if (btdh->bus == sas_device->channel && btdh->id ==
1157 sas_device->id && btdh->handle == 0xFFFF) {
1158 btdh->handle = sas_device->handle;
1159 rc = 1;
1160 goto out;
1161 }
1162 }
1163 out:
1164 spin_unlock_irqrestore(&ioc->sas_device_lock, flags);
1165 return rc;
1166 }
1167
1168 /**
1169 * _ctl_btdh_search_raid_device - searching for raid device
1170 * @ioc: per adapter object
1171 * @btdh: btdh ioctl payload
1172 */
1173 static int
1174 _ctl_btdh_search_raid_device(struct MPT2SAS_ADAPTER *ioc,
1175 struct mpt2_ioctl_btdh_mapping *btdh)
1176 {
1177 struct _raid_device *raid_device;
1178 unsigned long flags;
1179 int rc = 0;
1180
1181 if (list_empty(&ioc->raid_device_list))
1182 return rc;
1183
1184 spin_lock_irqsave(&ioc->raid_device_lock, flags);
1185 list_for_each_entry(raid_device, &ioc->raid_device_list, list) {
1186 if (btdh->bus == 0xFFFFFFFF && btdh->id == 0xFFFFFFFF &&
1187 btdh->handle == raid_device->handle) {
1188 btdh->bus = raid_device->channel;
1189 btdh->id = raid_device->id;
1190 rc = 1;
1191 goto out;
1192 } else if (btdh->bus == raid_device->channel && btdh->id ==
1193 raid_device->id && btdh->handle == 0xFFFF) {
1194 btdh->handle = raid_device->handle;
1195 rc = 1;
1196 goto out;
1197 }
1198 }
1199 out:
1200 spin_unlock_irqrestore(&ioc->raid_device_lock, flags);
1201 return rc;
1202 }
1203
1204 /**
1205 * _ctl_btdh_mapping - main handler for MPT2BTDHMAPPING opcode
1206 * @arg - user space buffer containing ioctl content
1207 */
1208 static long
1209 _ctl_btdh_mapping(void __user *arg)
1210 {
1211 struct mpt2_ioctl_btdh_mapping karg;
1212 struct MPT2SAS_ADAPTER *ioc;
1213 int rc;
1214
1215 if (copy_from_user(&karg, arg, sizeof(karg))) {
1216 printk(KERN_ERR "failure at %s:%d/%s()!\n",
1217 __FILE__, __LINE__, __func__);
1218 return -EFAULT;
1219 }
1220 if (_ctl_verify_adapter(karg.hdr.ioc_number, &ioc) == -1 || !ioc)
1221 return -ENODEV;
1222
1223 dctlprintk(ioc, printk(MPT2SAS_DEBUG_FMT "%s\n", ioc->name,
1224 __func__));
1225
1226 rc = _ctl_btdh_search_sas_device(ioc, &karg);
1227 if (!rc)
1228 _ctl_btdh_search_raid_device(ioc, &karg);
1229
1230 if (copy_to_user(arg, &karg, sizeof(karg))) {
1231 printk(KERN_ERR "failure at %s:%d/%s()!\n",
1232 __FILE__, __LINE__, __func__);
1233 return -EFAULT;
1234 }
1235 return 0;
1236 }
1237
1238 /**
1239 * _ctl_diag_capability - return diag buffer capability
1240 * @ioc: per adapter object
1241 * @buffer_type: specifies either TRACE, SNAPSHOT, or EXTENDED
1242 *
1243 * returns 1 when diag buffer support is enabled in firmware
1244 */
1245 static u8
1246 _ctl_diag_capability(struct MPT2SAS_ADAPTER *ioc, u8 buffer_type)
1247 {
1248 u8 rc = 0;
1249
1250 switch (buffer_type) {
1251 case MPI2_DIAG_BUF_TYPE_TRACE:
1252 if (ioc->facts.IOCCapabilities &
1253 MPI2_IOCFACTS_CAPABILITY_DIAG_TRACE_BUFFER)
1254 rc = 1;
1255 break;
1256 case MPI2_DIAG_BUF_TYPE_SNAPSHOT:
1257 if (ioc->facts.IOCCapabilities &
1258 MPI2_IOCFACTS_CAPABILITY_SNAPSHOT_BUFFER)
1259 rc = 1;
1260 break;
1261 case MPI2_DIAG_BUF_TYPE_EXTENDED:
1262 if (ioc->facts.IOCCapabilities &
1263 MPI2_IOCFACTS_CAPABILITY_EXTENDED_BUFFER)
1264 rc = 1;
1265 }
1266
1267 return rc;
1268 }
1269
1270 /**
1271 * _ctl_diag_register_2 - wrapper for registering diag buffer support
1272 * @ioc: per adapter object
1273 * @diag_register: the diag_register struct passed in from user space
1274 *
1275 */
1276 static long
1277 _ctl_diag_register_2(struct MPT2SAS_ADAPTER *ioc,
1278 struct mpt2_diag_register *diag_register)
1279 {
1280 int rc, i;
1281 void *request_data = NULL;
1282 dma_addr_t request_data_dma;
1283 u32 request_data_sz = 0;
1284 Mpi2DiagBufferPostRequest_t *mpi_request;
1285 Mpi2DiagBufferPostReply_t *mpi_reply;
1286 u8 buffer_type;
1287 unsigned long timeleft;
1288 u16 smid;
1289 u16 ioc_status;
1290 u8 issue_reset = 0;
1291
1292 dctlprintk(ioc, printk(MPT2SAS_DEBUG_FMT "%s\n", ioc->name,
1293 __func__));
1294
1295 if (ioc->ctl_cmds.status != MPT2_CMD_NOT_USED) {
1296 printk(MPT2SAS_ERR_FMT "%s: ctl_cmd in use\n",
1297 ioc->name, __func__);
1298 rc = -EAGAIN;
1299 goto out;
1300 }
1301
1302 buffer_type = diag_register->buffer_type;
1303 if (!_ctl_diag_capability(ioc, buffer_type)) {
1304 printk(MPT2SAS_ERR_FMT "%s: doesn't have capability for "
1305 "buffer_type(0x%02x)\n", ioc->name, __func__, buffer_type);
1306 return -EPERM;
1307 }
1308
1309 if (ioc->diag_buffer_status[buffer_type] &
1310 MPT2_DIAG_BUFFER_IS_REGISTERED) {
1311 printk(MPT2SAS_ERR_FMT "%s: already has a registered "
1312 "buffer for buffer_type(0x%02x)\n", ioc->name, __func__,
1313 buffer_type);
1314 return -EINVAL;
1315 }
1316
1317 if (diag_register->requested_buffer_size % 4) {
1318 printk(MPT2SAS_ERR_FMT "%s: the requested_buffer_size "
1319 "is not 4 byte aligned\n", ioc->name, __func__);
1320 return -EINVAL;
1321 }
1322
1323 smid = mpt2sas_base_get_smid(ioc, ioc->ctl_cb_idx);
1324 if (!smid) {
1325 printk(MPT2SAS_ERR_FMT "%s: failed obtaining a smid\n",
1326 ioc->name, __func__);
1327 rc = -EAGAIN;
1328 goto out;
1329 }
1330
1331 rc = 0;
1332 ioc->ctl_cmds.status = MPT2_CMD_PENDING;
1333 memset(ioc->ctl_cmds.reply, 0, ioc->reply_sz);
1334 mpi_request = mpt2sas_base_get_msg_frame(ioc, smid);
1335 ioc->ctl_cmds.smid = smid;
1336
1337 request_data = ioc->diag_buffer[buffer_type];
1338 request_data_sz = diag_register->requested_buffer_size;
1339 ioc->unique_id[buffer_type] = diag_register->unique_id;
1340 ioc->diag_buffer_status[buffer_type] = 0;
1341 memcpy(ioc->product_specific[buffer_type],
1342 diag_register->product_specific, MPT2_PRODUCT_SPECIFIC_DWORDS);
1343 ioc->diagnostic_flags[buffer_type] = diag_register->diagnostic_flags;
1344
1345 if (request_data) {
1346 request_data_dma = ioc->diag_buffer_dma[buffer_type];
1347 if (request_data_sz != ioc->diag_buffer_sz[buffer_type]) {
1348 pci_free_consistent(ioc->pdev,
1349 ioc->diag_buffer_sz[buffer_type],
1350 request_data, request_data_dma);
1351 request_data = NULL;
1352 }
1353 }
1354
1355 if (request_data == NULL) {
1356 ioc->diag_buffer_sz[buffer_type] = 0;
1357 ioc->diag_buffer_dma[buffer_type] = 0;
1358 request_data = pci_alloc_consistent(
1359 ioc->pdev, request_data_sz, &request_data_dma);
1360 if (request_data == NULL) {
1361 printk(MPT2SAS_ERR_FMT "%s: failed allocating memory"
1362 " for diag buffers, requested size(%d)\n",
1363 ioc->name, __func__, request_data_sz);
1364 mpt2sas_base_free_smid(ioc, smid);
1365 return -ENOMEM;
1366 }
1367 ioc->diag_buffer[buffer_type] = request_data;
1368 ioc->diag_buffer_sz[buffer_type] = request_data_sz;
1369 ioc->diag_buffer_dma[buffer_type] = request_data_dma;
1370 }
1371
1372 mpi_request->Function = MPI2_FUNCTION_DIAG_BUFFER_POST;
1373 mpi_request->BufferType = diag_register->buffer_type;
1374 mpi_request->Flags = cpu_to_le32(diag_register->diagnostic_flags);
1375 mpi_request->BufferAddress = cpu_to_le64(request_data_dma);
1376 mpi_request->BufferLength = cpu_to_le32(request_data_sz);
1377 mpi_request->VF_ID = 0; /* TODO */
1378 mpi_request->VP_ID = 0;
1379
1380 dctlprintk(ioc, printk(MPT2SAS_DEBUG_FMT "%s: diag_buffer(0x%p), "
1381 "dma(0x%llx), sz(%d)\n", ioc->name, __func__, request_data,
1382 (unsigned long long)request_data_dma, mpi_request->BufferLength));
1383
1384 for (i = 0; i < MPT2_PRODUCT_SPECIFIC_DWORDS; i++)
1385 mpi_request->ProductSpecific[i] =
1386 cpu_to_le32(ioc->product_specific[buffer_type][i]);
1387
1388 mpt2sas_base_put_smid_default(ioc, smid);
1389 init_completion(&ioc->ctl_cmds.done);
1390 timeleft = wait_for_completion_timeout(&ioc->ctl_cmds.done,
1391 MPT2_IOCTL_DEFAULT_TIMEOUT*HZ);
1392
1393 if (!(ioc->ctl_cmds.status & MPT2_CMD_COMPLETE)) {
1394 printk(MPT2SAS_ERR_FMT "%s: timeout\n", ioc->name,
1395 __func__);
1396 _debug_dump_mf(mpi_request,
1397 sizeof(Mpi2DiagBufferPostRequest_t)/4);
1398 if (!(ioc->ctl_cmds.status & MPT2_CMD_RESET))
1399 issue_reset = 1;
1400 goto issue_host_reset;
1401 }
1402
1403 /* process the completed Reply Message Frame */
1404 if ((ioc->ctl_cmds.status & MPT2_CMD_REPLY_VALID) == 0) {
1405 printk(MPT2SAS_ERR_FMT "%s: no reply message\n",
1406 ioc->name, __func__);
1407 rc = -EFAULT;
1408 goto out;
1409 }
1410
1411 mpi_reply = ioc->ctl_cmds.reply;
1412 ioc_status = le16_to_cpu(mpi_reply->IOCStatus) & MPI2_IOCSTATUS_MASK;
1413
1414 if (ioc_status == MPI2_IOCSTATUS_SUCCESS) {
1415 ioc->diag_buffer_status[buffer_type] |=
1416 MPT2_DIAG_BUFFER_IS_REGISTERED;
1417 dctlprintk(ioc, printk(MPT2SAS_DEBUG_FMT "%s: success\n",
1418 ioc->name, __func__));
1419 } else {
1420 printk(MPT2SAS_DEBUG_FMT "%s: ioc_status(0x%04x) "
1421 "log_info(0x%08x)\n", ioc->name, __func__,
1422 ioc_status, le32_to_cpu(mpi_reply->IOCLogInfo));
1423 rc = -EFAULT;
1424 }
1425
1426 issue_host_reset:
1427 if (issue_reset)
1428 mpt2sas_base_hard_reset_handler(ioc, CAN_SLEEP,
1429 FORCE_BIG_HAMMER);
1430
1431 out:
1432
1433 if (rc && request_data)
1434 pci_free_consistent(ioc->pdev, request_data_sz,
1435 request_data, request_data_dma);
1436
1437 ioc->ctl_cmds.status = MPT2_CMD_NOT_USED;
1438 return rc;
1439 }
1440
1441 /**
1442 * mpt2sas_enable_diag_buffer - enabling diag_buffers support driver load time
1443 * @ioc: per adapter object
1444 * @bits_to_register: bitwise field where trace is bit 0, and snapshot is bit 1
1445 *
1446 * This is called when command line option diag_buffer_enable is enabled
1447 * at driver load time.
1448 */
1449 void
1450 mpt2sas_enable_diag_buffer(struct MPT2SAS_ADAPTER *ioc, u8 bits_to_register)
1451 {
1452 struct mpt2_diag_register diag_register;
1453
1454 memset(&diag_register, 0, sizeof(struct mpt2_diag_register));
1455
1456 if (bits_to_register & 1) {
1457 printk(MPT2SAS_INFO_FMT "registering trace buffer support\n",
1458 ioc->name);
1459 diag_register.buffer_type = MPI2_DIAG_BUF_TYPE_TRACE;
1460 /* register for 1MB buffers */
1461 diag_register.requested_buffer_size = (1024 * 1024);
1462 diag_register.unique_id = 0x7075900;
1463 _ctl_diag_register_2(ioc, &diag_register);
1464 }
1465
1466 if (bits_to_register & 2) {
1467 printk(MPT2SAS_INFO_FMT "registering snapshot buffer support\n",
1468 ioc->name);
1469 diag_register.buffer_type = MPI2_DIAG_BUF_TYPE_SNAPSHOT;
1470 /* register for 2MB buffers */
1471 diag_register.requested_buffer_size = 2 * (1024 * 1024);
1472 diag_register.unique_id = 0x7075901;
1473 _ctl_diag_register_2(ioc, &diag_register);
1474 }
1475
1476 if (bits_to_register & 4) {
1477 printk(MPT2SAS_INFO_FMT "registering extended buffer support\n",
1478 ioc->name);
1479 diag_register.buffer_type = MPI2_DIAG_BUF_TYPE_EXTENDED;
1480 /* register for 2MB buffers */
1481 diag_register.requested_buffer_size = 2 * (1024 * 1024);
1482 diag_register.unique_id = 0x7075901;
1483 _ctl_diag_register_2(ioc, &diag_register);
1484 }
1485 }
1486
1487 /**
1488 * _ctl_diag_register - application register with driver
1489 * @arg - user space buffer containing ioctl content
1490 * @state - NON_BLOCKING or BLOCKING
1491 *
1492 * This will allow the driver to setup any required buffers that will be
1493 * needed by firmware to communicate with the driver.
1494 */
1495 static long
1496 _ctl_diag_register(void __user *arg, enum block_state state)
1497 {
1498 struct mpt2_diag_register karg;
1499 struct MPT2SAS_ADAPTER *ioc;
1500 long rc;
1501
1502 if (copy_from_user(&karg, arg, sizeof(karg))) {
1503 printk(KERN_ERR "failure at %s:%d/%s()!\n",
1504 __FILE__, __LINE__, __func__);
1505 return -EFAULT;
1506 }
1507 if (_ctl_verify_adapter(karg.hdr.ioc_number, &ioc) == -1 || !ioc)
1508 return -ENODEV;
1509
1510 if (state == NON_BLOCKING && !mutex_trylock(&ioc->ctl_cmds.mutex))
1511 return -EAGAIN;
1512 else if (mutex_lock_interruptible(&ioc->ctl_cmds.mutex))
1513 return -ERESTARTSYS;
1514 rc = _ctl_diag_register_2(ioc, &karg);
1515 mutex_unlock(&ioc->ctl_cmds.mutex);
1516 return rc;
1517 }
1518
1519 /**
1520 * _ctl_diag_unregister - application unregister with driver
1521 * @arg - user space buffer containing ioctl content
1522 *
1523 * This will allow the driver to cleanup any memory allocated for diag
1524 * messages and to free up any resources.
1525 */
1526 static long
1527 _ctl_diag_unregister(void __user *arg)
1528 {
1529 struct mpt2_diag_unregister karg;
1530 struct MPT2SAS_ADAPTER *ioc;
1531 void *request_data;
1532 dma_addr_t request_data_dma;
1533 u32 request_data_sz;
1534 u8 buffer_type;
1535
1536 if (copy_from_user(&karg, arg, sizeof(karg))) {
1537 printk(KERN_ERR "failure at %s:%d/%s()!\n",
1538 __FILE__, __LINE__, __func__);
1539 return -EFAULT;
1540 }
1541 if (_ctl_verify_adapter(karg.hdr.ioc_number, &ioc) == -1 || !ioc)
1542 return -ENODEV;
1543
1544 dctlprintk(ioc, printk(MPT2SAS_DEBUG_FMT "%s\n", ioc->name,
1545 __func__));
1546
1547 buffer_type = karg.unique_id & 0x000000ff;
1548 if (!_ctl_diag_capability(ioc, buffer_type)) {
1549 printk(MPT2SAS_ERR_FMT "%s: doesn't have capability for "
1550 "buffer_type(0x%02x)\n", ioc->name, __func__, buffer_type);
1551 return -EPERM;
1552 }
1553
1554 if ((ioc->diag_buffer_status[buffer_type] &
1555 MPT2_DIAG_BUFFER_IS_REGISTERED) == 0) {
1556 printk(MPT2SAS_ERR_FMT "%s: buffer_type(0x%02x) is not "
1557 "registered\n", ioc->name, __func__, buffer_type);
1558 return -EINVAL;
1559 }
1560 if ((ioc->diag_buffer_status[buffer_type] &
1561 MPT2_DIAG_BUFFER_IS_RELEASED) == 0) {
1562 printk(MPT2SAS_ERR_FMT "%s: buffer_type(0x%02x) has not been "
1563 "released\n", ioc->name, __func__, buffer_type);
1564 return -EINVAL;
1565 }
1566
1567 if (karg.unique_id != ioc->unique_id[buffer_type]) {
1568 printk(MPT2SAS_ERR_FMT "%s: unique_id(0x%08x) is not "
1569 "registered\n", ioc->name, __func__, karg.unique_id);
1570 return -EINVAL;
1571 }
1572
1573 request_data = ioc->diag_buffer[buffer_type];
1574 if (!request_data) {
1575 printk(MPT2SAS_ERR_FMT "%s: doesn't have memory allocated for "
1576 "buffer_type(0x%02x)\n", ioc->name, __func__, buffer_type);
1577 return -ENOMEM;
1578 }
1579
1580 request_data_sz = ioc->diag_buffer_sz[buffer_type];
1581 request_data_dma = ioc->diag_buffer_dma[buffer_type];
1582 pci_free_consistent(ioc->pdev, request_data_sz,
1583 request_data, request_data_dma);
1584 ioc->diag_buffer[buffer_type] = NULL;
1585 ioc->diag_buffer_status[buffer_type] = 0;
1586 return 0;
1587 }
1588
1589 /**
1590 * _ctl_diag_query - query relevant info associated with diag buffers
1591 * @arg - user space buffer containing ioctl content
1592 *
1593 * The application will send only buffer_type and unique_id. Driver will
1594 * inspect unique_id first, if valid, fill in all the info. If unique_id is
1595 * 0x00, the driver will return info specified by Buffer Type.
1596 */
1597 static long
1598 _ctl_diag_query(void __user *arg)
1599 {
1600 struct mpt2_diag_query karg;
1601 struct MPT2SAS_ADAPTER *ioc;
1602 void *request_data;
1603 int i;
1604 u8 buffer_type;
1605
1606 if (copy_from_user(&karg, arg, sizeof(karg))) {
1607 printk(KERN_ERR "failure at %s:%d/%s()!\n",
1608 __FILE__, __LINE__, __func__);
1609 return -EFAULT;
1610 }
1611 if (_ctl_verify_adapter(karg.hdr.ioc_number, &ioc) == -1 || !ioc)
1612 return -ENODEV;
1613
1614 dctlprintk(ioc, printk(MPT2SAS_DEBUG_FMT "%s\n", ioc->name,
1615 __func__));
1616
1617 karg.application_flags = 0;
1618 buffer_type = karg.buffer_type;
1619
1620 if (!_ctl_diag_capability(ioc, buffer_type)) {
1621 printk(MPT2SAS_ERR_FMT "%s: doesn't have capability for "
1622 "buffer_type(0x%02x)\n", ioc->name, __func__, buffer_type);
1623 return -EPERM;
1624 }
1625
1626 if ((ioc->diag_buffer_status[buffer_type] &
1627 MPT2_DIAG_BUFFER_IS_REGISTERED) == 0) {
1628 printk(MPT2SAS_ERR_FMT "%s: buffer_type(0x%02x) is not "
1629 "registered\n", ioc->name, __func__, buffer_type);
1630 return -EINVAL;
1631 }
1632
1633 if (karg.unique_id & 0xffffff00) {
1634 if (karg.unique_id != ioc->unique_id[buffer_type]) {
1635 printk(MPT2SAS_ERR_FMT "%s: unique_id(0x%08x) is not "
1636 "registered\n", ioc->name, __func__,
1637 karg.unique_id);
1638 return -EINVAL;
1639 }
1640 }
1641
1642 request_data = ioc->diag_buffer[buffer_type];
1643 if (!request_data) {
1644 printk(MPT2SAS_ERR_FMT "%s: doesn't have buffer for "
1645 "buffer_type(0x%02x)\n", ioc->name, __func__, buffer_type);
1646 return -ENOMEM;
1647 }
1648
1649 if (ioc->diag_buffer_status[buffer_type] & MPT2_DIAG_BUFFER_IS_RELEASED)
1650 karg.application_flags = (MPT2_APP_FLAGS_APP_OWNED |
1651 MPT2_APP_FLAGS_BUFFER_VALID);
1652 else
1653 karg.application_flags = (MPT2_APP_FLAGS_APP_OWNED |
1654 MPT2_APP_FLAGS_BUFFER_VALID |
1655 MPT2_APP_FLAGS_FW_BUFFER_ACCESS);
1656
1657 for (i = 0; i < MPT2_PRODUCT_SPECIFIC_DWORDS; i++)
1658 karg.product_specific[i] =
1659 ioc->product_specific[buffer_type][i];
1660
1661 karg.total_buffer_size = ioc->diag_buffer_sz[buffer_type];
1662 karg.driver_added_buffer_size = 0;
1663 karg.unique_id = ioc->unique_id[buffer_type];
1664 karg.diagnostic_flags = ioc->diagnostic_flags[buffer_type];
1665
1666 if (copy_to_user(arg, &karg, sizeof(struct mpt2_diag_query))) {
1667 printk(MPT2SAS_ERR_FMT "%s: unable to write mpt2_diag_query "
1668 "data @ %p\n", ioc->name, __func__, arg);
1669 return -EFAULT;
1670 }
1671 return 0;
1672 }
1673
1674 /**
1675 * _ctl_send_release - Diag Release Message
1676 * @ioc: per adapter object
1677 * @buffer_type - specifies either TRACE, SNAPSHOT, or EXTENDED
1678 * @issue_reset - specifies whether host reset is required.
1679 *
1680 */
1681 static int
1682 _ctl_send_release(struct MPT2SAS_ADAPTER *ioc, u8 buffer_type, u8 *issue_reset)
1683 {
1684 Mpi2DiagReleaseRequest_t *mpi_request;
1685 Mpi2DiagReleaseReply_t *mpi_reply;
1686 u16 smid;
1687 u16 ioc_status;
1688 u32 ioc_state;
1689 int rc;
1690 unsigned long timeleft;
1691
1692 dctlprintk(ioc, printk(MPT2SAS_DEBUG_FMT "%s\n", ioc->name,
1693 __func__));
1694
1695 rc = 0;
1696 *issue_reset = 0;
1697
1698 ioc_state = mpt2sas_base_get_iocstate(ioc, 1);
1699 if (ioc_state != MPI2_IOC_STATE_OPERATIONAL) {
1700 dctlprintk(ioc, printk(MPT2SAS_DEBUG_FMT "%s: "
1701 "skipping due to FAULT state\n", ioc->name,
1702 __func__));
1703 rc = -EAGAIN;
1704 goto out;
1705 }
1706
1707 if (ioc->ctl_cmds.status != MPT2_CMD_NOT_USED) {
1708 printk(MPT2SAS_ERR_FMT "%s: ctl_cmd in use\n",
1709 ioc->name, __func__);
1710 rc = -EAGAIN;
1711 goto out;
1712 }
1713
1714 smid = mpt2sas_base_get_smid(ioc, ioc->ctl_cb_idx);
1715 if (!smid) {
1716 printk(MPT2SAS_ERR_FMT "%s: failed obtaining a smid\n",
1717 ioc->name, __func__);
1718 rc = -EAGAIN;
1719 goto out;
1720 }
1721
1722 ioc->ctl_cmds.status = MPT2_CMD_PENDING;
1723 memset(ioc->ctl_cmds.reply, 0, ioc->reply_sz);
1724 mpi_request = mpt2sas_base_get_msg_frame(ioc, smid);
1725 ioc->ctl_cmds.smid = smid;
1726
1727 mpi_request->Function = MPI2_FUNCTION_DIAG_RELEASE;
1728 mpi_request->BufferType = buffer_type;
1729 mpi_request->VF_ID = 0; /* TODO */
1730 mpi_request->VP_ID = 0;
1731
1732 mpt2sas_base_put_smid_default(ioc, smid);
1733 init_completion(&ioc->ctl_cmds.done);
1734 timeleft = wait_for_completion_timeout(&ioc->ctl_cmds.done,
1735 MPT2_IOCTL_DEFAULT_TIMEOUT*HZ);
1736
1737 if (!(ioc->ctl_cmds.status & MPT2_CMD_COMPLETE)) {
1738 printk(MPT2SAS_ERR_FMT "%s: timeout\n", ioc->name,
1739 __func__);
1740 _debug_dump_mf(mpi_request,
1741 sizeof(Mpi2DiagReleaseRequest_t)/4);
1742 if (!(ioc->ctl_cmds.status & MPT2_CMD_RESET))
1743 *issue_reset = 1;
1744 rc = -EFAULT;
1745 goto out;
1746 }
1747
1748 /* process the completed Reply Message Frame */
1749 if ((ioc->ctl_cmds.status & MPT2_CMD_REPLY_VALID) == 0) {
1750 printk(MPT2SAS_ERR_FMT "%s: no reply message\n",
1751 ioc->name, __func__);
1752 rc = -EFAULT;
1753 goto out;
1754 }
1755
1756 mpi_reply = ioc->ctl_cmds.reply;
1757 ioc_status = le16_to_cpu(mpi_reply->IOCStatus) & MPI2_IOCSTATUS_MASK;
1758
1759 if (ioc_status == MPI2_IOCSTATUS_SUCCESS) {
1760 ioc->diag_buffer_status[buffer_type] |=
1761 MPT2_DIAG_BUFFER_IS_RELEASED;
1762 dctlprintk(ioc, printk(MPT2SAS_DEBUG_FMT "%s: success\n",
1763 ioc->name, __func__));
1764 } else {
1765 printk(MPT2SAS_DEBUG_FMT "%s: ioc_status(0x%04x) "
1766 "log_info(0x%08x)\n", ioc->name, __func__,
1767 ioc_status, le32_to_cpu(mpi_reply->IOCLogInfo));
1768 rc = -EFAULT;
1769 }
1770
1771 out:
1772 ioc->ctl_cmds.status = MPT2_CMD_NOT_USED;
1773 return rc;
1774 }
1775
1776 /**
1777 * _ctl_diag_release - request to send Diag Release Message to firmware
1778 * @arg - user space buffer containing ioctl content
1779 * @state - NON_BLOCKING or BLOCKING
1780 *
1781 * This allows ownership of the specified buffer to returned to the driver,
1782 * allowing an application to read the buffer without fear that firmware is
1783 * overwritting information in the buffer.
1784 */
1785 static long
1786 _ctl_diag_release(void __user *arg, enum block_state state)
1787 {
1788 struct mpt2_diag_release karg;
1789 struct MPT2SAS_ADAPTER *ioc;
1790 void *request_data;
1791 int rc;
1792 u8 buffer_type;
1793 u8 issue_reset = 0;
1794
1795 if (copy_from_user(&karg, arg, sizeof(karg))) {
1796 printk(KERN_ERR "failure at %s:%d/%s()!\n",
1797 __FILE__, __LINE__, __func__);
1798 return -EFAULT;
1799 }
1800 if (_ctl_verify_adapter(karg.hdr.ioc_number, &ioc) == -1 || !ioc)
1801 return -ENODEV;
1802
1803 dctlprintk(ioc, printk(MPT2SAS_DEBUG_FMT "%s\n", ioc->name,
1804 __func__));
1805
1806 buffer_type = karg.unique_id & 0x000000ff;
1807 if (!_ctl_diag_capability(ioc, buffer_type)) {
1808 printk(MPT2SAS_ERR_FMT "%s: doesn't have capability for "
1809 "buffer_type(0x%02x)\n", ioc->name, __func__, buffer_type);
1810 return -EPERM;
1811 }
1812
1813 if ((ioc->diag_buffer_status[buffer_type] &
1814 MPT2_DIAG_BUFFER_IS_REGISTERED) == 0) {
1815 printk(MPT2SAS_ERR_FMT "%s: buffer_type(0x%02x) is not "
1816 "registered\n", ioc->name, __func__, buffer_type);
1817 return -EINVAL;
1818 }
1819
1820 if (karg.unique_id != ioc->unique_id[buffer_type]) {
1821 printk(MPT2SAS_ERR_FMT "%s: unique_id(0x%08x) is not "
1822 "registered\n", ioc->name, __func__, karg.unique_id);
1823 return -EINVAL;
1824 }
1825
1826 if (ioc->diag_buffer_status[buffer_type] &
1827 MPT2_DIAG_BUFFER_IS_RELEASED) {
1828 printk(MPT2SAS_ERR_FMT "%s: buffer_type(0x%02x) "
1829 "is already released\n", ioc->name, __func__,
1830 buffer_type);
1831 return 0;
1832 }
1833
1834 request_data = ioc->diag_buffer[buffer_type];
1835
1836 if (!request_data) {
1837 printk(MPT2SAS_ERR_FMT "%s: doesn't have memory allocated for "
1838 "buffer_type(0x%02x)\n", ioc->name, __func__, buffer_type);
1839 return -ENOMEM;
1840 }
1841
1842 /* buffers were released by due to host reset */
1843 if ((ioc->diag_buffer_status[buffer_type] &
1844 MPT2_DIAG_BUFFER_IS_DIAG_RESET)) {
1845 ioc->diag_buffer_status[buffer_type] |=
1846 MPT2_DIAG_BUFFER_IS_RELEASED;
1847 ioc->diag_buffer_status[buffer_type] &=
1848 ~MPT2_DIAG_BUFFER_IS_DIAG_RESET;
1849 printk(MPT2SAS_ERR_FMT "%s: buffer_type(0x%02x) "
1850 "was released due to host reset\n", ioc->name, __func__,
1851 buffer_type);
1852 return 0;
1853 }
1854
1855 if (state == NON_BLOCKING && !mutex_trylock(&ioc->ctl_cmds.mutex))
1856 return -EAGAIN;
1857 else if (mutex_lock_interruptible(&ioc->ctl_cmds.mutex))
1858 return -ERESTARTSYS;
1859
1860 rc = _ctl_send_release(ioc, buffer_type, &issue_reset);
1861
1862 if (issue_reset)
1863 mpt2sas_base_hard_reset_handler(ioc, CAN_SLEEP,
1864 FORCE_BIG_HAMMER);
1865
1866 mutex_unlock(&ioc->ctl_cmds.mutex);
1867 return rc;
1868 }
1869
1870 /**
1871 * _ctl_diag_read_buffer - request for copy of the diag buffer
1872 * @arg - user space buffer containing ioctl content
1873 * @state - NON_BLOCKING or BLOCKING
1874 */
1875 static long
1876 _ctl_diag_read_buffer(void __user *arg, enum block_state state)
1877 {
1878 struct mpt2_diag_read_buffer karg;
1879 struct mpt2_diag_read_buffer __user *uarg = arg;
1880 struct MPT2SAS_ADAPTER *ioc;
1881 void *request_data, *diag_data;
1882 Mpi2DiagBufferPostRequest_t *mpi_request;
1883 Mpi2DiagBufferPostReply_t *mpi_reply;
1884 int rc, i;
1885 u8 buffer_type;
1886 unsigned long timeleft, request_size, copy_size;
1887 u16 smid;
1888 u16 ioc_status;
1889 u8 issue_reset = 0;
1890
1891 if (copy_from_user(&karg, arg, sizeof(karg))) {
1892 printk(KERN_ERR "failure at %s:%d/%s()!\n",
1893 __FILE__, __LINE__, __func__);
1894 return -EFAULT;
1895 }
1896 if (_ctl_verify_adapter(karg.hdr.ioc_number, &ioc) == -1 || !ioc)
1897 return -ENODEV;
1898
1899 dctlprintk(ioc, printk(MPT2SAS_DEBUG_FMT "%s\n", ioc->name,
1900 __func__));
1901
1902 buffer_type = karg.unique_id & 0x000000ff;
1903 if (!_ctl_diag_capability(ioc, buffer_type)) {
1904 printk(MPT2SAS_ERR_FMT "%s: doesn't have capability for "
1905 "buffer_type(0x%02x)\n", ioc->name, __func__, buffer_type);
1906 return -EPERM;
1907 }
1908
1909 if (karg.unique_id != ioc->unique_id[buffer_type]) {
1910 printk(MPT2SAS_ERR_FMT "%s: unique_id(0x%08x) is not "
1911 "registered\n", ioc->name, __func__, karg.unique_id);
1912 return -EINVAL;
1913 }
1914
1915 request_data = ioc->diag_buffer[buffer_type];
1916 if (!request_data) {
1917 printk(MPT2SAS_ERR_FMT "%s: doesn't have buffer for "
1918 "buffer_type(0x%02x)\n", ioc->name, __func__, buffer_type);
1919 return -ENOMEM;
1920 }
1921
1922 request_size = ioc->diag_buffer_sz[buffer_type];
1923
1924 if ((karg.starting_offset % 4) || (karg.bytes_to_read % 4)) {
1925 printk(MPT2SAS_ERR_FMT "%s: either the starting_offset "
1926 "or bytes_to_read are not 4 byte aligned\n", ioc->name,
1927 __func__);
1928 return -EINVAL;
1929 }
1930
1931 if (karg.starting_offset > request_size)
1932 return -EINVAL;
1933
1934 diag_data = (void *)(request_data + karg.starting_offset);
1935 dctlprintk(ioc, printk(MPT2SAS_DEBUG_FMT "%s: diag_buffer(%p), "
1936 "offset(%d), sz(%d)\n", ioc->name, __func__,
1937 diag_data, karg.starting_offset, karg.bytes_to_read));
1938
1939 /* Truncate data on requests that are too large */
1940 if ((diag_data + karg.bytes_to_read < diag_data) ||
1941 (diag_data + karg.bytes_to_read > request_data + request_size))
1942 copy_size = request_size - karg.starting_offset;
1943 else
1944 copy_size = karg.bytes_to_read;
1945
1946 if (copy_to_user((void __user *)uarg->diagnostic_data,
1947 diag_data, copy_size)) {
1948 printk(MPT2SAS_ERR_FMT "%s: Unable to write "
1949 "mpt_diag_read_buffer_t data @ %p\n", ioc->name,
1950 __func__, diag_data);
1951 return -EFAULT;
1952 }
1953
1954 if ((karg.flags & MPT2_FLAGS_REREGISTER) == 0)
1955 return 0;
1956
1957 dctlprintk(ioc, printk(MPT2SAS_DEBUG_FMT "%s: Reregister "
1958 "buffer_type(0x%02x)\n", ioc->name, __func__, buffer_type));
1959 if ((ioc->diag_buffer_status[buffer_type] &
1960 MPT2_DIAG_BUFFER_IS_RELEASED) == 0) {
1961 dctlprintk(ioc, printk(MPT2SAS_DEBUG_FMT "%s: "
1962 "buffer_type(0x%02x) is still registered\n", ioc->name,
1963 __func__, buffer_type));
1964 return 0;
1965 }
1966 /* Get a free request frame and save the message context.
1967 */
1968 if (state == NON_BLOCKING && !mutex_trylock(&ioc->ctl_cmds.mutex))
1969 return -EAGAIN;
1970 else if (mutex_lock_interruptible(&ioc->ctl_cmds.mutex))
1971 return -ERESTARTSYS;
1972
1973 if (ioc->ctl_cmds.status != MPT2_CMD_NOT_USED) {
1974 printk(MPT2SAS_ERR_FMT "%s: ctl_cmd in use\n",
1975 ioc->name, __func__);
1976 rc = -EAGAIN;
1977 goto out;
1978 }
1979
1980 smid = mpt2sas_base_get_smid(ioc, ioc->ctl_cb_idx);
1981 if (!smid) {
1982 printk(MPT2SAS_ERR_FMT "%s: failed obtaining a smid\n",
1983 ioc->name, __func__);
1984 rc = -EAGAIN;
1985 goto out;
1986 }
1987
1988 rc = 0;
1989 ioc->ctl_cmds.status = MPT2_CMD_PENDING;
1990 memset(ioc->ctl_cmds.reply, 0, ioc->reply_sz);
1991 mpi_request = mpt2sas_base_get_msg_frame(ioc, smid);
1992 ioc->ctl_cmds.smid = smid;
1993
1994 mpi_request->Function = MPI2_FUNCTION_DIAG_BUFFER_POST;
1995 mpi_request->BufferType = buffer_type;
1996 mpi_request->BufferLength =
1997 cpu_to_le32(ioc->diag_buffer_sz[buffer_type]);
1998 mpi_request->BufferAddress =
1999 cpu_to_le64(ioc->diag_buffer_dma[buffer_type]);
2000 for (i = 0; i < MPT2_PRODUCT_SPECIFIC_DWORDS; i++)
2001 mpi_request->ProductSpecific[i] =
2002 cpu_to_le32(ioc->product_specific[buffer_type][i]);
2003 mpi_request->VF_ID = 0; /* TODO */
2004 mpi_request->VP_ID = 0;
2005
2006 mpt2sas_base_put_smid_default(ioc, smid);
2007 init_completion(&ioc->ctl_cmds.done);
2008 timeleft = wait_for_completion_timeout(&ioc->ctl_cmds.done,
2009 MPT2_IOCTL_DEFAULT_TIMEOUT*HZ);
2010
2011 if (!(ioc->ctl_cmds.status & MPT2_CMD_COMPLETE)) {
2012 printk(MPT2SAS_ERR_FMT "%s: timeout\n", ioc->name,
2013 __func__);
2014 _debug_dump_mf(mpi_request,
2015 sizeof(Mpi2DiagBufferPostRequest_t)/4);
2016 if (!(ioc->ctl_cmds.status & MPT2_CMD_RESET))
2017 issue_reset = 1;
2018 goto issue_host_reset;
2019 }
2020
2021 /* process the completed Reply Message Frame */
2022 if ((ioc->ctl_cmds.status & MPT2_CMD_REPLY_VALID) == 0) {
2023 printk(MPT2SAS_ERR_FMT "%s: no reply message\n",
2024 ioc->name, __func__);
2025 rc = -EFAULT;
2026 goto out;
2027 }
2028
2029 mpi_reply = ioc->ctl_cmds.reply;
2030 ioc_status = le16_to_cpu(mpi_reply->IOCStatus) & MPI2_IOCSTATUS_MASK;
2031
2032 if (ioc_status == MPI2_IOCSTATUS_SUCCESS) {
2033 ioc->diag_buffer_status[buffer_type] |=
2034 MPT2_DIAG_BUFFER_IS_REGISTERED;
2035 dctlprintk(ioc, printk(MPT2SAS_DEBUG_FMT "%s: success\n",
2036 ioc->name, __func__));
2037 } else {
2038 printk(MPT2SAS_DEBUG_FMT "%s: ioc_status(0x%04x) "
2039 "log_info(0x%08x)\n", ioc->name, __func__,
2040 ioc_status, le32_to_cpu(mpi_reply->IOCLogInfo));
2041 rc = -EFAULT;
2042 }
2043
2044 issue_host_reset:
2045 if (issue_reset)
2046 mpt2sas_base_hard_reset_handler(ioc, CAN_SLEEP,
2047 FORCE_BIG_HAMMER);
2048
2049 out:
2050
2051 ioc->ctl_cmds.status = MPT2_CMD_NOT_USED;
2052 mutex_unlock(&ioc->ctl_cmds.mutex);
2053 return rc;
2054 }
2055
2056 /**
2057 * _ctl_ioctl_main - main ioctl entry point
2058 * @file - (struct file)
2059 * @cmd - ioctl opcode
2060 * @arg -
2061 */
2062 static long
2063 _ctl_ioctl_main(struct file *file, unsigned int cmd, void __user *arg)
2064 {
2065 enum block_state state;
2066 long ret = -EINVAL;
2067
2068 state = (file->f_flags & O_NONBLOCK) ? NON_BLOCKING :
2069 BLOCKING;
2070
2071 switch (cmd) {
2072 case MPT2IOCINFO:
2073 if (_IOC_SIZE(cmd) == sizeof(struct mpt2_ioctl_iocinfo))
2074 ret = _ctl_getiocinfo(arg);
2075 break;
2076 case MPT2COMMAND:
2077 {
2078 struct mpt2_ioctl_command karg;
2079 struct mpt2_ioctl_command __user *uarg;
2080 struct MPT2SAS_ADAPTER *ioc;
2081
2082 if (copy_from_user(&karg, arg, sizeof(karg))) {
2083 printk(KERN_ERR "failure at %s:%d/%s()!\n",
2084 __FILE__, __LINE__, __func__);
2085 return -EFAULT;
2086 }
2087
2088 if (_ctl_verify_adapter(karg.hdr.ioc_number, &ioc) == -1 ||
2089 !ioc)
2090 return -ENODEV;
2091
2092 if (ioc->shost_recovery)
2093 return -EAGAIN;
2094
2095 if (_IOC_SIZE(cmd) == sizeof(struct mpt2_ioctl_command)) {
2096 uarg = arg;
2097 ret = _ctl_do_mpt_command(ioc, karg, &uarg->mf, state);
2098 }
2099 break;
2100 }
2101 case MPT2EVENTQUERY:
2102 if (_IOC_SIZE(cmd) == sizeof(struct mpt2_ioctl_eventquery))
2103 ret = _ctl_eventquery(arg);
2104 break;
2105 case MPT2EVENTENABLE:
2106 if (_IOC_SIZE(cmd) == sizeof(struct mpt2_ioctl_eventenable))
2107 ret = _ctl_eventenable(arg);
2108 break;
2109 case MPT2EVENTREPORT:
2110 ret = _ctl_eventreport(arg);
2111 break;
2112 case MPT2HARDRESET:
2113 if (_IOC_SIZE(cmd) == sizeof(struct mpt2_ioctl_diag_reset))
2114 ret = _ctl_do_reset(arg);
2115 break;
2116 case MPT2BTDHMAPPING:
2117 if (_IOC_SIZE(cmd) == sizeof(struct mpt2_ioctl_btdh_mapping))
2118 ret = _ctl_btdh_mapping(arg);
2119 break;
2120 case MPT2DIAGREGISTER:
2121 if (_IOC_SIZE(cmd) == sizeof(struct mpt2_diag_register))
2122 ret = _ctl_diag_register(arg, state);
2123 break;
2124 case MPT2DIAGUNREGISTER:
2125 if (_IOC_SIZE(cmd) == sizeof(struct mpt2_diag_unregister))
2126 ret = _ctl_diag_unregister(arg);
2127 break;
2128 case MPT2DIAGQUERY:
2129 if (_IOC_SIZE(cmd) == sizeof(struct mpt2_diag_query))
2130 ret = _ctl_diag_query(arg);
2131 break;
2132 case MPT2DIAGRELEASE:
2133 if (_IOC_SIZE(cmd) == sizeof(struct mpt2_diag_release))
2134 ret = _ctl_diag_release(arg, state);
2135 break;
2136 case MPT2DIAGREADBUFFER:
2137 if (_IOC_SIZE(cmd) == sizeof(struct mpt2_diag_read_buffer))
2138 ret = _ctl_diag_read_buffer(arg, state);
2139 break;
2140 default:
2141 {
2142 struct mpt2_ioctl_command karg;
2143 struct MPT2SAS_ADAPTER *ioc;
2144
2145 if (copy_from_user(&karg, arg, sizeof(karg))) {
2146 printk(KERN_ERR "failure at %s:%d/%s()!\n",
2147 __FILE__, __LINE__, __func__);
2148 return -EFAULT;
2149 }
2150
2151 if (_ctl_verify_adapter(karg.hdr.ioc_number, &ioc) == -1 ||
2152 !ioc)
2153 return -ENODEV;
2154
2155 dctlprintk(ioc, printk(MPT2SAS_DEBUG_FMT
2156 "unsupported ioctl opcode(0x%08x)\n", ioc->name, cmd));
2157 break;
2158 }
2159 }
2160 return ret;
2161 }
2162
2163 /**
2164 * _ctl_ioctl - main ioctl entry point (unlocked)
2165 * @file - (struct file)
2166 * @cmd - ioctl opcode
2167 * @arg -
2168 */
2169 static long
2170 _ctl_ioctl(struct file *file, unsigned int cmd, unsigned long arg)
2171 {
2172 long ret;
2173
2174 lock_kernel();
2175 ret = _ctl_ioctl_main(file, cmd, (void __user *)arg);
2176 unlock_kernel();
2177 return ret;
2178 }
2179
2180 #ifdef CONFIG_COMPAT
2181 /**
2182 * _ctl_compat_mpt_command - convert 32bit pointers to 64bit.
2183 * @file - (struct file)
2184 * @cmd - ioctl opcode
2185 * @arg - (struct mpt2_ioctl_command32)
2186 *
2187 * MPT2COMMAND32 - Handle 32bit applications running on 64bit os.
2188 */
2189 static long
2190 _ctl_compat_mpt_command(struct file *file, unsigned cmd, unsigned long arg)
2191 {
2192 struct mpt2_ioctl_command32 karg32;
2193 struct mpt2_ioctl_command32 __user *uarg;
2194 struct mpt2_ioctl_command karg;
2195 struct MPT2SAS_ADAPTER *ioc;
2196 enum block_state state;
2197
2198 if (_IOC_SIZE(cmd) != sizeof(struct mpt2_ioctl_command32))
2199 return -EINVAL;
2200
2201 uarg = (struct mpt2_ioctl_command32 __user *) arg;
2202
2203 if (copy_from_user(&karg32, (char __user *)arg, sizeof(karg32))) {
2204 printk(KERN_ERR "failure at %s:%d/%s()!\n",
2205 __FILE__, __LINE__, __func__);
2206 return -EFAULT;
2207 }
2208 if (_ctl_verify_adapter(karg32.hdr.ioc_number, &ioc) == -1 || !ioc)
2209 return -ENODEV;
2210
2211 if (ioc->shost_recovery)
2212 return -EAGAIN;
2213
2214 memset(&karg, 0, sizeof(struct mpt2_ioctl_command));
2215 karg.hdr.ioc_number = karg32.hdr.ioc_number;
2216 karg.hdr.port_number = karg32.hdr.port_number;
2217 karg.hdr.max_data_size = karg32.hdr.max_data_size;
2218 karg.timeout = karg32.timeout;
2219 karg.max_reply_bytes = karg32.max_reply_bytes;
2220 karg.data_in_size = karg32.data_in_size;
2221 karg.data_out_size = karg32.data_out_size;
2222 karg.max_sense_bytes = karg32.max_sense_bytes;
2223 karg.data_sge_offset = karg32.data_sge_offset;
2224 memcpy(&karg.reply_frame_buf_ptr, &karg32.reply_frame_buf_ptr,
2225 sizeof(uint32_t));
2226 memcpy(&karg.data_in_buf_ptr, &karg32.data_in_buf_ptr,
2227 sizeof(uint32_t));
2228 memcpy(&karg.data_out_buf_ptr, &karg32.data_out_buf_ptr,
2229 sizeof(uint32_t));
2230 memcpy(&karg.sense_data_ptr, &karg32.sense_data_ptr,
2231 sizeof(uint32_t));
2232 state = (file->f_flags & O_NONBLOCK) ? NON_BLOCKING : BLOCKING;
2233 return _ctl_do_mpt_command(ioc, karg, &uarg->mf, state);
2234 }
2235
2236 /**
2237 * _ctl_ioctl_compat - main ioctl entry point (compat)
2238 * @file -
2239 * @cmd -
2240 * @arg -
2241 *
2242 * This routine handles 32 bit applications in 64bit os.
2243 */
2244 static long
2245 _ctl_ioctl_compat(struct file *file, unsigned cmd, unsigned long arg)
2246 {
2247 long ret;
2248
2249 lock_kernel();
2250 if (cmd == MPT2COMMAND32)
2251 ret = _ctl_compat_mpt_command(file, cmd, arg);
2252 else
2253 ret = _ctl_ioctl_main(file, cmd, (void __user *)arg);
2254 unlock_kernel();
2255 return ret;
2256 }
2257 #endif
2258
2259 /* scsi host attributes */
2260
2261 /**
2262 * _ctl_version_fw_show - firmware version
2263 * @cdev - pointer to embedded class device
2264 * @buf - the buffer returned
2265 *
2266 * A sysfs 'read-only' shost attribute.
2267 */
2268 static ssize_t
2269 _ctl_version_fw_show(struct device *cdev, struct device_attribute *attr,
2270 char *buf)
2271 {
2272 struct Scsi_Host *shost = class_to_shost(cdev);
2273 struct MPT2SAS_ADAPTER *ioc = shost_priv(shost);
2274
2275 return snprintf(buf, PAGE_SIZE, "%02d.%02d.%02d.%02d\n",
2276 (ioc->facts.FWVersion.Word & 0xFF000000) >> 24,
2277 (ioc->facts.FWVersion.Word & 0x00FF0000) >> 16,
2278 (ioc->facts.FWVersion.Word & 0x0000FF00) >> 8,
2279 ioc->facts.FWVersion.Word & 0x000000FF);
2280 }
2281 static DEVICE_ATTR(version_fw, S_IRUGO, _ctl_version_fw_show, NULL);
2282
2283 /**
2284 * _ctl_version_bios_show - bios version
2285 * @cdev - pointer to embedded class device
2286 * @buf - the buffer returned
2287 *
2288 * A sysfs 'read-only' shost attribute.
2289 */
2290 static ssize_t
2291 _ctl_version_bios_show(struct device *cdev, struct device_attribute *attr,
2292 char *buf)
2293 {
2294 struct Scsi_Host *shost = class_to_shost(cdev);
2295 struct MPT2SAS_ADAPTER *ioc = shost_priv(shost);
2296
2297 u32 version = le32_to_cpu(ioc->bios_pg3.BiosVersion);
2298
2299 return snprintf(buf, PAGE_SIZE, "%02d.%02d.%02d.%02d\n",
2300 (version & 0xFF000000) >> 24,
2301 (version & 0x00FF0000) >> 16,
2302 (version & 0x0000FF00) >> 8,
2303 version & 0x000000FF);
2304 }
2305 static DEVICE_ATTR(version_bios, S_IRUGO, _ctl_version_bios_show, NULL);
2306
2307 /**
2308 * _ctl_version_mpi_show - MPI (message passing interface) version
2309 * @cdev - pointer to embedded class device
2310 * @buf - the buffer returned
2311 *
2312 * A sysfs 'read-only' shost attribute.
2313 */
2314 static ssize_t
2315 _ctl_version_mpi_show(struct device *cdev, struct device_attribute *attr,
2316 char *buf)
2317 {
2318 struct Scsi_Host *shost = class_to_shost(cdev);
2319 struct MPT2SAS_ADAPTER *ioc = shost_priv(shost);
2320
2321 return snprintf(buf, PAGE_SIZE, "%03x.%02x\n",
2322 ioc->facts.MsgVersion, ioc->facts.HeaderVersion >> 8);
2323 }
2324 static DEVICE_ATTR(version_mpi, S_IRUGO, _ctl_version_mpi_show, NULL);
2325
2326 /**
2327 * _ctl_version_product_show - product name
2328 * @cdev - pointer to embedded class device
2329 * @buf - the buffer returned
2330 *
2331 * A sysfs 'read-only' shost attribute.
2332 */
2333 static ssize_t
2334 _ctl_version_product_show(struct device *cdev, struct device_attribute *attr,
2335 char *buf)
2336 {
2337 struct Scsi_Host *shost = class_to_shost(cdev);
2338 struct MPT2SAS_ADAPTER *ioc = shost_priv(shost);
2339
2340 return snprintf(buf, 16, "%s\n", ioc->manu_pg0.ChipName);
2341 }
2342 static DEVICE_ATTR(version_product, S_IRUGO,
2343 _ctl_version_product_show, NULL);
2344
2345 /**
2346 * _ctl_version_nvdata_persistent_show - ndvata persistent version
2347 * @cdev - pointer to embedded class device
2348 * @buf - the buffer returned
2349 *
2350 * A sysfs 'read-only' shost attribute.
2351 */
2352 static ssize_t
2353 _ctl_version_nvdata_persistent_show(struct device *cdev,
2354 struct device_attribute *attr, char *buf)
2355 {
2356 struct Scsi_Host *shost = class_to_shost(cdev);
2357 struct MPT2SAS_ADAPTER *ioc = shost_priv(shost);
2358
2359 return snprintf(buf, PAGE_SIZE, "%02xh\n",
2360 le16_to_cpu(ioc->iounit_pg0.NvdataVersionPersistent.Word));
2361 }
2362 static DEVICE_ATTR(version_nvdata_persistent, S_IRUGO,
2363 _ctl_version_nvdata_persistent_show, NULL);
2364
2365 /**
2366 * _ctl_version_nvdata_default_show - nvdata default version
2367 * @cdev - pointer to embedded class device
2368 * @buf - the buffer returned
2369 *
2370 * A sysfs 'read-only' shost attribute.
2371 */
2372 static ssize_t
2373 _ctl_version_nvdata_default_show(struct device *cdev,
2374 struct device_attribute *attr, char *buf)
2375 {
2376 struct Scsi_Host *shost = class_to_shost(cdev);
2377 struct MPT2SAS_ADAPTER *ioc = shost_priv(shost);
2378
2379 return snprintf(buf, PAGE_SIZE, "%02xh\n",
2380 le16_to_cpu(ioc->iounit_pg0.NvdataVersionDefault.Word));
2381 }
2382 static DEVICE_ATTR(version_nvdata_default, S_IRUGO,
2383 _ctl_version_nvdata_default_show, NULL);
2384
2385 /**
2386 * _ctl_board_name_show - board name
2387 * @cdev - pointer to embedded class device
2388 * @buf - the buffer returned
2389 *
2390 * A sysfs 'read-only' shost attribute.
2391 */
2392 static ssize_t
2393 _ctl_board_name_show(struct device *cdev, struct device_attribute *attr,
2394 char *buf)
2395 {
2396 struct Scsi_Host *shost = class_to_shost(cdev);
2397 struct MPT2SAS_ADAPTER *ioc = shost_priv(shost);
2398
2399 return snprintf(buf, 16, "%s\n", ioc->manu_pg0.BoardName);
2400 }
2401 static DEVICE_ATTR(board_name, S_IRUGO, _ctl_board_name_show, NULL);
2402
2403 /**
2404 * _ctl_board_assembly_show - board assembly name
2405 * @cdev - pointer to embedded class device
2406 * @buf - the buffer returned
2407 *
2408 * A sysfs 'read-only' shost attribute.
2409 */
2410 static ssize_t
2411 _ctl_board_assembly_show(struct device *cdev, struct device_attribute *attr,
2412 char *buf)
2413 {
2414 struct Scsi_Host *shost = class_to_shost(cdev);
2415 struct MPT2SAS_ADAPTER *ioc = shost_priv(shost);
2416
2417 return snprintf(buf, 16, "%s\n", ioc->manu_pg0.BoardAssembly);
2418 }
2419 static DEVICE_ATTR(board_assembly, S_IRUGO,
2420 _ctl_board_assembly_show, NULL);
2421
2422 /**
2423 * _ctl_board_tracer_show - board tracer number
2424 * @cdev - pointer to embedded class device
2425 * @buf - the buffer returned
2426 *
2427 * A sysfs 'read-only' shost attribute.
2428 */
2429 static ssize_t
2430 _ctl_board_tracer_show(struct device *cdev, struct device_attribute *attr,
2431 char *buf)
2432 {
2433 struct Scsi_Host *shost = class_to_shost(cdev);
2434 struct MPT2SAS_ADAPTER *ioc = shost_priv(shost);
2435
2436 return snprintf(buf, 16, "%s\n", ioc->manu_pg0.BoardTracerNumber);
2437 }
2438 static DEVICE_ATTR(board_tracer, S_IRUGO,
2439 _ctl_board_tracer_show, NULL);
2440
2441 /**
2442 * _ctl_io_delay_show - io missing delay
2443 * @cdev - pointer to embedded class device
2444 * @buf - the buffer returned
2445 *
2446 * This is for firmware implemention for deboucing device
2447 * removal events.
2448 *
2449 * A sysfs 'read-only' shost attribute.
2450 */
2451 static ssize_t
2452 _ctl_io_delay_show(struct device *cdev, struct device_attribute *attr,
2453 char *buf)
2454 {
2455 struct Scsi_Host *shost = class_to_shost(cdev);
2456 struct MPT2SAS_ADAPTER *ioc = shost_priv(shost);
2457
2458 return snprintf(buf, PAGE_SIZE, "%02d\n", ioc->io_missing_delay);
2459 }
2460 static DEVICE_ATTR(io_delay, S_IRUGO,
2461 _ctl_io_delay_show, NULL);
2462
2463 /**
2464 * _ctl_device_delay_show - device missing delay
2465 * @cdev - pointer to embedded class device
2466 * @buf - the buffer returned
2467 *
2468 * This is for firmware implemention for deboucing device
2469 * removal events.
2470 *
2471 * A sysfs 'read-only' shost attribute.
2472 */
2473 static ssize_t
2474 _ctl_device_delay_show(struct device *cdev, struct device_attribute *attr,
2475 char *buf)
2476 {
2477 struct Scsi_Host *shost = class_to_shost(cdev);
2478 struct MPT2SAS_ADAPTER *ioc = shost_priv(shost);
2479
2480 return snprintf(buf, PAGE_SIZE, "%02d\n", ioc->device_missing_delay);
2481 }
2482 static DEVICE_ATTR(device_delay, S_IRUGO,
2483 _ctl_device_delay_show, NULL);
2484
2485 /**
2486 * _ctl_fw_queue_depth_show - global credits
2487 * @cdev - pointer to embedded class device
2488 * @buf - the buffer returned
2489 *
2490 * This is firmware queue depth limit
2491 *
2492 * A sysfs 'read-only' shost attribute.
2493 */
2494 static ssize_t
2495 _ctl_fw_queue_depth_show(struct device *cdev, struct device_attribute *attr,
2496 char *buf)
2497 {
2498 struct Scsi_Host *shost = class_to_shost(cdev);
2499 struct MPT2SAS_ADAPTER *ioc = shost_priv(shost);
2500
2501 return snprintf(buf, PAGE_SIZE, "%02d\n", ioc->facts.RequestCredit);
2502 }
2503 static DEVICE_ATTR(fw_queue_depth, S_IRUGO,
2504 _ctl_fw_queue_depth_show, NULL);
2505
2506 /**
2507 * _ctl_sas_address_show - sas address
2508 * @cdev - pointer to embedded class device
2509 * @buf - the buffer returned
2510 *
2511 * This is the controller sas address
2512 *
2513 * A sysfs 'read-only' shost attribute.
2514 */
2515 static ssize_t
2516 _ctl_host_sas_address_show(struct device *cdev, struct device_attribute *attr,
2517 char *buf)
2518 {
2519 struct Scsi_Host *shost = class_to_shost(cdev);
2520 struct MPT2SAS_ADAPTER *ioc = shost_priv(shost);
2521
2522 return snprintf(buf, PAGE_SIZE, "0x%016llx\n",
2523 (unsigned long long)ioc->sas_hba.sas_address);
2524 }
2525 static DEVICE_ATTR(host_sas_address, S_IRUGO,
2526 _ctl_host_sas_address_show, NULL);
2527
2528 /**
2529 * _ctl_logging_level_show - logging level
2530 * @cdev - pointer to embedded class device
2531 * @buf - the buffer returned
2532 *
2533 * A sysfs 'read/write' shost attribute.
2534 */
2535 static ssize_t
2536 _ctl_logging_level_show(struct device *cdev, struct device_attribute *attr,
2537 char *buf)
2538 {
2539 struct Scsi_Host *shost = class_to_shost(cdev);
2540 struct MPT2SAS_ADAPTER *ioc = shost_priv(shost);
2541
2542 return snprintf(buf, PAGE_SIZE, "%08xh\n", ioc->logging_level);
2543 }
2544 static ssize_t
2545 _ctl_logging_level_store(struct device *cdev, struct device_attribute *attr,
2546 const char *buf, size_t count)
2547 {
2548 struct Scsi_Host *shost = class_to_shost(cdev);
2549 struct MPT2SAS_ADAPTER *ioc = shost_priv(shost);
2550 int val = 0;
2551
2552 if (sscanf(buf, "%x", &val) != 1)
2553 return -EINVAL;
2554
2555 ioc->logging_level = val;
2556 printk(MPT2SAS_INFO_FMT "logging_level=%08xh\n", ioc->name,
2557 ioc->logging_level);
2558 return strlen(buf);
2559 }
2560 static DEVICE_ATTR(logging_level, S_IRUGO | S_IWUSR,
2561 _ctl_logging_level_show, _ctl_logging_level_store);
2562
2563 /* device attributes */
2564 /*
2565 * _ctl_fwfault_debug_show - show/store fwfault_debug
2566 * @cdev - pointer to embedded class device
2567 * @buf - the buffer returned
2568 *
2569 * mpt2sas_fwfault_debug is command line option
2570 * A sysfs 'read/write' shost attribute.
2571 */
2572 static ssize_t
2573 _ctl_fwfault_debug_show(struct device *cdev,
2574 struct device_attribute *attr, char *buf)
2575 {
2576 struct Scsi_Host *shost = class_to_shost(cdev);
2577 struct MPT2SAS_ADAPTER *ioc = shost_priv(shost);
2578
2579 return snprintf(buf, PAGE_SIZE, "%d\n", ioc->fwfault_debug);
2580 }
2581 static ssize_t
2582 _ctl_fwfault_debug_store(struct device *cdev,
2583 struct device_attribute *attr, const char *buf, size_t count)
2584 {
2585 struct Scsi_Host *shost = class_to_shost(cdev);
2586 struct MPT2SAS_ADAPTER *ioc = shost_priv(shost);
2587 int val = 0;
2588
2589 if (sscanf(buf, "%d", &val) != 1)
2590 return -EINVAL;
2591
2592 ioc->fwfault_debug = val;
2593 printk(MPT2SAS_INFO_FMT "fwfault_debug=%d\n", ioc->name,
2594 ioc->fwfault_debug);
2595 return strlen(buf);
2596 }
2597 static DEVICE_ATTR(fwfault_debug, S_IRUGO | S_IWUSR,
2598 _ctl_fwfault_debug_show, _ctl_fwfault_debug_store);
2599
2600 struct device_attribute *mpt2sas_host_attrs[] = {
2601 &dev_attr_version_fw,
2602 &dev_attr_version_bios,
2603 &dev_attr_version_mpi,
2604 &dev_attr_version_product,
2605 &dev_attr_version_nvdata_persistent,
2606 &dev_attr_version_nvdata_default,
2607 &dev_attr_board_name,
2608 &dev_attr_board_assembly,
2609 &dev_attr_board_tracer,
2610 &dev_attr_io_delay,
2611 &dev_attr_device_delay,
2612 &dev_attr_logging_level,
2613 &dev_attr_fwfault_debug,
2614 &dev_attr_fw_queue_depth,
2615 &dev_attr_host_sas_address,
2616 NULL,
2617 };
2618
2619 /**
2620 * _ctl_device_sas_address_show - sas address
2621 * @cdev - pointer to embedded class device
2622 * @buf - the buffer returned
2623 *
2624 * This is the sas address for the target
2625 *
2626 * A sysfs 'read-only' shost attribute.
2627 */
2628 static ssize_t
2629 _ctl_device_sas_address_show(struct device *dev, struct device_attribute *attr,
2630 char *buf)
2631 {
2632 struct scsi_device *sdev = to_scsi_device(dev);
2633 struct MPT2SAS_DEVICE *sas_device_priv_data = sdev->hostdata;
2634
2635 return snprintf(buf, PAGE_SIZE, "0x%016llx\n",
2636 (unsigned long long)sas_device_priv_data->sas_target->sas_address);
2637 }
2638 static DEVICE_ATTR(sas_address, S_IRUGO, _ctl_device_sas_address_show, NULL);
2639
2640 /**
2641 * _ctl_device_handle_show - device handle
2642 * @cdev - pointer to embedded class device
2643 * @buf - the buffer returned
2644 *
2645 * This is the firmware assigned device handle
2646 *
2647 * A sysfs 'read-only' shost attribute.
2648 */
2649 static ssize_t
2650 _ctl_device_handle_show(struct device *dev, struct device_attribute *attr,
2651 char *buf)
2652 {
2653 struct scsi_device *sdev = to_scsi_device(dev);
2654 struct MPT2SAS_DEVICE *sas_device_priv_data = sdev->hostdata;
2655
2656 return snprintf(buf, PAGE_SIZE, "0x%04x\n",
2657 sas_device_priv_data->sas_target->handle);
2658 }
2659 static DEVICE_ATTR(sas_device_handle, S_IRUGO, _ctl_device_handle_show, NULL);
2660
2661 struct device_attribute *mpt2sas_dev_attrs[] = {
2662 &dev_attr_sas_address,
2663 &dev_attr_sas_device_handle,
2664 NULL,
2665 };
2666
2667 static const struct file_operations ctl_fops = {
2668 .owner = THIS_MODULE,
2669 .unlocked_ioctl = _ctl_ioctl,
2670 .release = _ctl_release,
2671 .poll = _ctl_poll,
2672 .fasync = _ctl_fasync,
2673 #ifdef CONFIG_COMPAT
2674 .compat_ioctl = _ctl_ioctl_compat,
2675 #endif
2676 };
2677
2678 static struct miscdevice ctl_dev = {
2679 .minor = MPT2SAS_MINOR,
2680 .name = MPT2SAS_DEV_NAME,
2681 .fops = &ctl_fops,
2682 };
2683
2684 /**
2685 * mpt2sas_ctl_init - main entry point for ctl.
2686 *
2687 */
2688 void
2689 mpt2sas_ctl_init(void)
2690 {
2691 async_queue = NULL;
2692 if (misc_register(&ctl_dev) < 0)
2693 printk(KERN_ERR "%s can't register misc device [minor=%d]\n",
2694 MPT2SAS_DRIVER_NAME, MPT2SAS_MINOR);
2695
2696 init_waitqueue_head(&ctl_poll_wait);
2697 }
2698
2699 /**
2700 * mpt2sas_ctl_exit - exit point for ctl
2701 *
2702 */
2703 void
2704 mpt2sas_ctl_exit(void)
2705 {
2706 struct MPT2SAS_ADAPTER *ioc;
2707 int i;
2708
2709 list_for_each_entry(ioc, &mpt2sas_ioc_list, list) {
2710
2711 /* free memory associated to diag buffers */
2712 for (i = 0; i < MPI2_DIAG_BUF_TYPE_COUNT; i++) {
2713 if (!ioc->diag_buffer[i])
2714 continue;
2715 pci_free_consistent(ioc->pdev, ioc->diag_buffer_sz[i],
2716 ioc->diag_buffer[i], ioc->diag_buffer_dma[i]);
2717 ioc->diag_buffer[i] = NULL;
2718 ioc->diag_buffer_status[i] = 0;
2719 }
2720
2721 kfree(ioc->event_log);
2722 }
2723 misc_deregister(&ctl_dev);
2724 }
2725
Linux 2.6 ibm-acpi/thinkpad-acpi driver git tree