search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
- pre4:
[davej-history.git] / drivers / scsi / sg.c
blob75493008ed6dc7022b2ed2bfcfe573116efc8782
1 /*
2 * History:
3 * Started: Aug 9 by Lawrence Foard (entropy@world.std.com),
4 * to allow user process control of SCSI devices.
5 * Development Sponsored by Killy Corp. NY NY
6 *
7 * Original driver (sg.c):
8 * Copyright (C) 1992 Lawrence Foard
9 * Version 2 and 3 extensions to driver:
10 * Copyright (C) 1998 - 2000 Douglas Gilbert
11 *
12 * Modified 19-JAN-1998 Richard Gooch <rgooch@atnf.csiro.au> Devfs support
13 *
14 * This program is free software; you can redistribute it and/or modify
15 * it under the terms of the GNU General Public License as published by
16 * the Free Software Foundation; either version 2, or (at your option)
17 * any later version.
18 *
19 */
20 static char * sg_version_str = "Version: 3.1.16 (20000716)";
21 static int sg_version_num = 30116; /* 2 digits for each component */
22 /*
23 * D. P. Gilbert (dgilbert@interlog.com, dougg@triode.net.au), notes:
24 * - scsi logging is available via SCSI_LOG_TIMEOUT macros. First
25 * the kernel/module needs to be built with CONFIG_SCSI_LOGGING
26 * (otherwise the macros compile to empty statements).
27 * Then before running the program to be debugged enter:
28 * # echo "scsi log timeout 7" > /proc/scsi/scsi
29 * This will send copious output to the console and the log which
30 * is usually /var/log/messages. To turn off debugging enter:
31 * # echo "scsi log timeout 0" > /proc/scsi/scsi
32 * The 'timeout' token was chosen because it is relatively unused.
33 * The token 'hlcomplete' should be used but that triggers too
34 * much output from the sd device driver. To dump the current
35 * state of the SCSI mid level data structures enter:
36 * # echo "scsi dump 1" > /proc/scsi/scsi
37 * To dump the state of sg's data structures use:
38 * # cat /proc/scsi/sg/debug
39 *
40 */
41 #include <linux/config.h>
42 #include <linux/module.h>
43
44 #include <linux/fs.h>
45 #include <linux/kernel.h>
46 #include <linux/sched.h>
47 #include <linux/string.h>
48 #include <linux/mm.h>
49 #include <linux/errno.h>
50 #include <linux/mtio.h>
51 #include <linux/ioctl.h>
52 #include <linux/fcntl.h>
53 #include <linux/init.h>
54 #include <linux/poll.h>
55 #include <linux/smp_lock.h>
56
57 #include <asm/io.h>
58 #include <asm/uaccess.h>
59 #include <asm/system.h>
60
61 #include <linux/blk.h>
62 #include "scsi.h"
63 #include "hosts.h"
64 #include <scsi/scsi_ioctl.h>
65 #include <scsi/sg.h>
66
67 #ifdef CONFIG_PROC_FS
68 #include <linux/proc_fs.h>
69 static int sg_proc_init(void);
70 #ifdef MODULE
71 static void sg_proc_cleanup(void);
72 #endif
73 #endif
74
75 #ifndef LINUX_VERSION_CODE
76 #include <linux/version.h>
77 #endif /* LINUX_VERSION_CODE */
78
79 /* #define SG_ALLOW_DIO */
80 #ifdef SG_ALLOW_DIO
81 #include <linux/iobuf.h>
82 #endif
83
84 int sg_big_buff = SG_DEF_RESERVED_SIZE;
85 /* N.B. This variable is readable and writeable via
86 /proc/scsi/sg/def_reserved_size . Each time sg_open() is called a buffer
87 of this size (or less if there is not enough memory) will be reserved
88 for use by this file descriptor. [Deprecated usage: this variable is also
89 readable via /proc/sys/kernel/sg-big-buff if the sg driver is built into
90 the kernel (i.e. it is not a module).] */
91 static int def_reserved_size = -1; /* picks up init parameter */
92
93 #define SG_SECTOR_SZ 512
94 #define SG_SECTOR_MSK (SG_SECTOR_SZ - 1)
95
96 #define SG_LOW_POOL_THRESHHOLD 30
97 #define SG_MAX_POOL_SECTORS 320 /* Max. number of pool sectors to take */
98
99 static int sg_pool_secs_avail = SG_MAX_POOL_SECTORS;
100
101 #define SG_HEAP_PAGE 1 /* heap from kernel via get_free_pages() */
102 #define SG_HEAP_KMAL 2 /* heap from kernel via kmalloc() */
103 #define SG_HEAP_POOL 3 /* heap from scsi dma pool (mid-level) */
104 #define SG_USER_MEM 4 /* memory belongs to user space */
105
106 #define SG_DEV_ARR_LUMP 6 /* amount to over allocate sg_dev_arr by */
107
108
109 static int sg_init(void);
110 static int sg_attach(Scsi_Device *);
111 static void sg_finish(void);
112 static int sg_detect(Scsi_Device *);
113 static void sg_detach(Scsi_Device *);
114
115 static Scsi_Cmnd * dummy_cmdp = 0; /* only used for sizeof */
116
117 static rwlock_t sg_dev_arr_lock = RW_LOCK_UNLOCKED; /* Also used to lock
118 file descriptor list for device */
119
120 struct Scsi_Device_Template sg_template =
121 {
122 tag:"sg",
123 scsi_type:0xff,
124 major:SCSI_GENERIC_MAJOR,
125 detect:sg_detect,
126 init:sg_init,
127 finish:sg_finish,
128 attach:sg_attach,
129 detach:sg_detach
130 };
131
132
133 typedef struct sg_scatter_hold /* holding area for scsi scatter gather info */
134 {
135 unsigned short k_use_sg; /* Count of kernel scatter-gather pieces */
136 unsigned short sglist_len; /* size of malloc'd scatter-gather list */
137 unsigned bufflen; /* Size of (aggregate) data buffer */
138 unsigned b_malloc_len; /* actual len malloc'ed in buffer */
139 void * buffer; /* Data buffer or scatter list,12 bytes each*/
140 struct kiobuf * kiobp; /* for direct IO information */
141 char mapped; /* indicates kiobp has locked pages */
142 char buffer_mem_src; /* heap whereabouts of 'buffer' */
143 unsigned char cmd_opcode; /* first byte of command */
144 } Sg_scatter_hold; /* 24 bytes long on i386 */
145
146 struct sg_device; /* forward declarations */
147 struct sg_fd;
148
149 typedef struct sg_request /* SG_MAX_QUEUE requests outstanding per file */
150 {
151 Scsi_Cmnd * my_cmdp; /* != 0 when request with lower levels */
152 struct sg_request * nextrp; /* NULL -> tail request (slist) */
153 struct sg_fd * parentfp; /* NULL -> not in use */
154 Sg_scatter_hold data; /* hold buffer, perhaps scatter list */
155 sg_io_hdr_t header; /* scsi command+info, see <scsi/sg.h> */
156 unsigned char sense_b[sizeof(dummy_cmdp->sense_buffer)];
157 char res_used; /* 1 -> using reserve buffer, 0 -> not ... */
158 char orphan; /* 1 -> drop on sight, 0 -> normal */
159 char sg_io_owned; /* 1 -> packet belongs to SG_IO */
160 char done; /* 0->before bh, 1->before read, 2->read */
161 } Sg_request; /* 168 bytes long on i386 */
162
163 typedef struct sg_fd /* holds the state of a file descriptor */
164 {
165 struct sg_fd * nextfp; /* NULL when last opened fd on this device */
166 struct sg_device * parentdp; /* owning device */
167 wait_queue_head_t read_wait; /* queue read until command done */
168 rwlock_t rq_list_lock; /* protect access to list in req_arr */
169 int timeout; /* defaults to SG_DEFAULT_TIMEOUT */
170 Sg_scatter_hold reserve; /* buffer held for this file descriptor */
171 unsigned save_scat_len; /* original length of trunc. scat. element */
172 Sg_request * headrp; /* head of request slist, NULL->empty */
173 struct fasync_struct * async_qp; /* used by asynchronous notification */
174 Sg_request req_arr[SG_MAX_QUEUE]; /* used as singly-linked list */
175 char low_dma; /* as in parent but possibly overridden to 1 */
176 char force_packid; /* 1 -> pack_id input to read(), 0 -> ignored */
177 char closed; /* 1 -> fd closed but request(s) outstanding */
178 char fd_mem_src; /* heap whereabouts of this Sg_fd object */
179 char cmd_q; /* 1 -> allow command queuing, 0 -> don't */
180 char next_cmd_len; /* 0 -> automatic (def), >0 -> use on next write() */
181 char keep_orphan; /* 0 -> drop orphan (def), 1 -> keep for read() */
182 } Sg_fd; /* 2768 bytes long on i386 */
183
184 typedef struct sg_device /* holds the state of each scsi generic device */
185 {
186 Scsi_Device * device;
187 wait_queue_head_t o_excl_wait; /* queue open() when O_EXCL in use */
188 int sg_tablesize; /* adapter's max scatter-gather table size */
189 Sg_fd * headfp; /* first open fd belonging to this device */
190 devfs_handle_t de;
191 kdev_t i_rdev; /* holds device major+minor number */
192 char exclude; /* opened for exclusive access */
193 char sgdebug; /* 0->off, 1->sense, 9->dump dev, 10-> all devs */
194 char detached; /* 0->attached, 1->detached pending removal */
195 } Sg_device; /* 44 bytes long on i386 */
196
197
198 static int sg_fasync(int fd, struct file * filp, int mode);
199 static void sg_cmd_done_bh(Scsi_Cmnd * SCpnt);
200 static int sg_start_req(Sg_request * srp);
201 static void sg_finish_rem_req(Sg_request * srp);
202 static int sg_build_indi(Sg_scatter_hold * schp, Sg_fd * sfp, int buff_size);
203 static int sg_build_sgat(Sg_scatter_hold * schp, const Sg_fd * sfp);
204 static ssize_t sg_new_read(Sg_fd * sfp, char * buf, size_t count,
205 Sg_request * srp);
206 static ssize_t sg_new_write(Sg_fd * sfp, const char * buf, size_t count,
207 int blocking, int read_only, Sg_request ** o_srp);
208 static int sg_common_write(Sg_fd * sfp, Sg_request * srp,
209 unsigned char * cmnd, int timeout, int blocking);
210 static int sg_u_iovec(sg_io_hdr_t * hp, int sg_num, int ind,
211 int wr_xf, int * countp, unsigned char ** up);
212 static int sg_write_xfer(Sg_request * srp);
213 static int sg_read_xfer(Sg_request * srp);
214 static void sg_read_oxfer(Sg_request * srp, char * outp, int num_read_xfer);
215 static void sg_remove_scat(Sg_scatter_hold * schp);
216 static char * sg_get_sgat_msa(Sg_scatter_hold * schp);
217 static void sg_build_reserve(Sg_fd * sfp, int req_size);
218 static void sg_link_reserve(Sg_fd * sfp, Sg_request * srp, int size);
219 static void sg_unlink_reserve(Sg_fd * sfp, Sg_request * srp);
220 static char * sg_malloc(const Sg_fd * sfp, int size, int * retSzp,
221 int * mem_srcp);
222 static void sg_free(char * buff, int size, int mem_src);
223 static char * sg_low_malloc(int rqSz, int lowDma, int mem_src,
224 int * retSzp);
225 static void sg_low_free(char * buff, int size, int mem_src);
226 static Sg_fd * sg_add_sfp(Sg_device * sdp, int dev);
227 static int sg_remove_sfp(Sg_device * sdp, Sg_fd * sfp);
228 static Sg_request * sg_get_rq_mark(Sg_fd * sfp, int pack_id);
229 static Sg_request * sg_add_request(Sg_fd * sfp);
230 static int sg_remove_request(Sg_fd * sfp, Sg_request * srp);
231 static int sg_res_in_use(Sg_fd * sfp);
232 static int sg_dio_in_use(Sg_fd * sfp);
233 static void sg_clr_scpnt(Scsi_Cmnd * SCpnt);
234 static void sg_shorten_timeout(Scsi_Cmnd * scpnt);
235 static int sg_ms_to_jif(unsigned int msecs);
236 static unsigned sg_jif_to_ms(int jifs);
237 static int sg_allow_access(unsigned char opcode, char dev_type);
238 static int sg_last_dev(void);
239 static int sg_build_dir(Sg_request * srp, Sg_fd * sfp, int dxfer_len);
240 static void sg_unmap_and(Sg_scatter_hold * schp, int free_also);
241 static Sg_device * sg_get_dev(int dev);
242
243 static Sg_device ** sg_dev_arr = NULL;
244
245 static const int size_sg_header = sizeof(struct sg_header);
246 static const int size_sg_io_hdr = sizeof(sg_io_hdr_t);
247 static const int size_sg_iovec = sizeof(sg_iovec_t);
248 static const int size_sg_req_info = sizeof(sg_req_info_t);
249
250
251 static int sg_open(struct inode * inode, struct file * filp)
252 {
253 int dev = MINOR(inode->i_rdev);
254 int flags = filp->f_flags;
255 Sg_device * sdp;
256 Sg_fd * sfp;
257 int res;
258
259 sdp = sg_get_dev(dev);
260 if ((! sdp) || (! sdp->device) || (! sdp->device->host))
261 return -ENXIO;
262 if (sdp->i_rdev != inode->i_rdev)
263 printk("sg_open: inode maj=%d, min=%d sdp maj=%d, min=%d\n",
264 MAJOR(inode->i_rdev), MINOR(inode->i_rdev),
265 MAJOR(sdp->i_rdev), MINOR(sdp->i_rdev));
266 /* If we are in the middle of error recovery, don't let anyone
267 * else try and use this device. Also, if error recovery fails, it
268 * may try and take the device offline, in which case all further
269 * access to the device is prohibited. */
270 if(! scsi_block_when_processing_errors(sdp->device))
271 return -ENXIO;
272
273 SCSI_LOG_TIMEOUT(3, printk("sg_open: dev=%d, flags=0x%x\n", dev, flags));
274
275 if (flags & O_EXCL) {
276 if (O_RDONLY == (flags & O_ACCMODE))
277 return -EACCES; /* Can't lock it with read only access */
278 if (sdp->headfp && (filp->f_flags & O_NONBLOCK))
279 return -EBUSY;
280 res = 0; /* following is a macro that beats race condition */
281 __wait_event_interruptible(sdp->o_excl_wait,
282 ((sdp->headfp || sdp->exclude) ? 0 : (sdp->exclude = 1)),
283 res);
284 if (res)
285 return res; /* -ERESTARTSYS because signal hit process */
286 }
287 else if (sdp->exclude) { /* some other fd has an exclusive lock on dev */
288 if (filp->f_flags & O_NONBLOCK)
289 return -EBUSY;
290 res = 0; /* following is a macro that beats race condition */
291 __wait_event_interruptible(sdp->o_excl_wait, (! sdp->exclude), res);
292 if (res)
293 return res; /* -ERESTARTSYS because signal hit process */
294 }
295 if (! sdp->headfp) { /* no existing opens on this device */
296 sdp->sgdebug = 0;
297 sdp->sg_tablesize = sdp->device->host->sg_tablesize;
298 }
299 if ((sfp = sg_add_sfp(sdp, dev)))
300 filp->private_data = sfp;
301 else {
302 if (flags & O_EXCL) sdp->exclude = 0; /* undo if error */
303 return -ENOMEM;
304 }
305
306 if (sdp->device->host->hostt->module)
307 __MOD_INC_USE_COUNT(sdp->device->host->hostt->module);
308 return 0;
309 }
310
311 /* Following function was formerly called 'sg_close' */
312 static int sg_release(struct inode * inode, struct file * filp)
313 {
314 Sg_device * sdp;
315 Sg_fd * sfp;
316
317 lock_kernel();
318 if ((! (sfp = (Sg_fd *)filp->private_data)) || (! (sdp = sfp->parentdp))) {
319 unlock_kernel();
320 return -ENXIO;
321 }
322 SCSI_LOG_TIMEOUT(3, printk("sg_release: dev=%d\n", MINOR(sdp->i_rdev)));
323 sg_fasync(-1, filp, 0); /* remove filp from async notification list */
324 sg_remove_sfp(sdp, sfp);
325 if (! sdp->headfp)
326 filp->private_data = NULL;
327
328 if (sdp->device->host->hostt->module)
329 __MOD_DEC_USE_COUNT(sdp->device->host->hostt->module);
330 sdp->exclude = 0;
331 wake_up_interruptible(&sdp->o_excl_wait);
332 unlock_kernel();
333 return 0;
334 }
335
336 static ssize_t sg_read(struct file * filp, char * buf,
337 size_t count, loff_t *ppos)
338 {
339 int k, res;
340 Sg_device * sdp;
341 Sg_fd * sfp;
342 Sg_request * srp;
343 int req_pack_id = -1;
344 struct sg_header old_hdr;
345 sg_io_hdr_t new_hdr;
346 sg_io_hdr_t * hp;
347
348 if ((! (sfp = (Sg_fd *)filp->private_data)) || (! (sdp = sfp->parentdp)))
349 return -ENXIO;
350 SCSI_LOG_TIMEOUT(3, printk("sg_read: dev=%d, count=%d\n",
351 MINOR(sdp->i_rdev), (int)count));
352
353 if(! scsi_block_when_processing_errors(sdp->device))
354 return -ENXIO;
355 if (ppos != &filp->f_pos)
356 ; /* FIXME: Hmm. Seek to the right place, or fail? */
357 if ((k = verify_area(VERIFY_WRITE, buf, count)))
358 return k;
359 if (sfp->force_packid && (count >= size_sg_header)) {
360 __copy_from_user(&old_hdr, buf, size_sg_header);
361 if (old_hdr.reply_len < 0) {
362 if (count >= size_sg_io_hdr) {
363 __copy_from_user(&new_hdr, buf, size_sg_io_hdr);
364 req_pack_id = new_hdr.pack_id;
365 }
366 }
367 else
368 req_pack_id = old_hdr.pack_id;
369 }
370 srp = sg_get_rq_mark(sfp, req_pack_id);
371 if (! srp) { /* now wait on packet to arrive */
372 if (filp->f_flags & O_NONBLOCK)
373 return -EAGAIN;
374 while (1) {
375 int dio = sg_dio_in_use(sfp);
376 res = 0; /* following is a macro that beats race condition */
377 __wait_event_interruptible(sfp->read_wait,
378 (srp = sg_get_rq_mark(sfp, req_pack_id)),
379 res);
380 if (0 == res)
381 break;
382 else if (! dio) /* only let signal out if no dio */
383 return res; /* -ERESTARTSYS because signal hit process */
384 }
385 }
386 if (srp->header.interface_id != '\0')
387 return sg_new_read(sfp, buf, count, srp);
388
389 hp = &srp->header;
390 memset(&old_hdr, 0, size_sg_header);
391 old_hdr.reply_len = (int)hp->timeout;
392 old_hdr.pack_len = old_hdr.reply_len; /* very old, strange behaviour */
393 old_hdr.pack_id = hp->pack_id;
394 old_hdr.twelve_byte =
395 ((srp->data.cmd_opcode >= 0xc0) && (12 == hp->cmd_len)) ? 1 : 0;
396 old_hdr.target_status = hp->masked_status;
397 old_hdr.host_status = hp->host_status;
398 old_hdr.driver_status = hp->driver_status;
399 if ((CHECK_CONDITION & hp->masked_status) ||
400 (DRIVER_SENSE & hp->driver_status))
401 memcpy(old_hdr.sense_buffer, srp->sense_b,
402 sizeof(old_hdr.sense_buffer));
403 switch (hp->host_status)
404 { /* This setup of 'result' is for backward compatibility and is best
405 ignored by the user who should use target, host + driver status */
406 case DID_OK:
407 case DID_PASSTHROUGH:
408 case DID_SOFT_ERROR:
409 old_hdr.result = 0;
410 break;
411 case DID_NO_CONNECT:
412 case DID_BUS_BUSY:
413 case DID_TIME_OUT:
414 old_hdr.result = EBUSY;
415 break;
416 case DID_BAD_TARGET:
417 case DID_ABORT:
418 case DID_PARITY:
419 case DID_RESET:
420 case DID_BAD_INTR:
421 old_hdr.result = EIO;
422 break;
423 case DID_ERROR:
424 old_hdr.result =
425 (srp->sense_b[0] == 0 && hp->masked_status == GOOD) ? 0 : EIO;
426 break;
427 default:
428 old_hdr.result = EIO;
429 break;
430 }
431
432 /* Now copy the result back to the user buffer. */
433 if (count >= size_sg_header) {
434 __copy_to_user(buf, &old_hdr, size_sg_header);
435 buf += size_sg_header;
436 if (count > old_hdr.reply_len)
437 count = old_hdr.reply_len;
438 if (count > size_sg_header)
439 sg_read_oxfer(srp, buf, count - size_sg_header);
440 }
441 else
442 count = (old_hdr.result == 0) ? 0 : -EIO;
443 sg_finish_rem_req(srp);
444 return count;
445 }
446
447 static ssize_t sg_new_read(Sg_fd * sfp, char * buf, size_t count,
448 Sg_request * srp)
449 {
450 Sg_device * sdp = sfp->parentdp;
451 sg_io_hdr_t * hp = &srp->header;
452 int k, len;
453
454 if(! scsi_block_when_processing_errors(sdp->device) )
455 return -ENXIO;
456 if (count < size_sg_io_hdr)
457 return -EINVAL;
458
459 hp->sb_len_wr = 0;
460 if ((hp->mx_sb_len > 0) && hp->sbp) {
461 if ((CHECK_CONDITION & hp->masked_status) ||
462 (DRIVER_SENSE & hp->driver_status)) {
463 int sb_len = sizeof(dummy_cmdp->sense_buffer);
464 sb_len = (hp->mx_sb_len > sb_len) ? sb_len : hp->mx_sb_len;
465 len = 8 + (int)srp->sense_b[7]; /* Additional sense length field */
466 len = (len > sb_len) ? sb_len : len;
467 if ((k = verify_area(VERIFY_WRITE, hp->sbp, len)))
468 return k;
469 __copy_to_user(hp->sbp, srp->sense_b, len);
470 hp->sb_len_wr = len;
471 }
472 }
473 if (hp->masked_status || hp->host_status || hp->driver_status)
474 hp->info |= SG_INFO_CHECK;
475 copy_to_user(buf, hp, size_sg_io_hdr);
476
477 k = sg_read_xfer(srp);
478 if (k) return k; /* probably -EFAULT, bad addr in dxferp or iovec list */
479 sg_finish_rem_req(srp);
480 return count;
481 }
482
483
484 static ssize_t sg_write(struct file * filp, const char * buf,
485 size_t count, loff_t *ppos)
486 {
487 int mxsize, cmd_size, k;
488 int input_size, blocking;
489 unsigned char opcode;
490 Sg_device * sdp;
491 Sg_fd * sfp;
492 Sg_request * srp;
493 struct sg_header old_hdr;
494 sg_io_hdr_t * hp;
495 unsigned char cmnd[sizeof(dummy_cmdp->cmnd)];
496
497 if ((! (sfp = (Sg_fd *)filp->private_data)) || (! (sdp = sfp->parentdp)))
498 return -ENXIO;
499 SCSI_LOG_TIMEOUT(3, printk("sg_write: dev=%d, count=%d\n",
500 MINOR(sdp->i_rdev), (int)count));
501
502 if(! scsi_block_when_processing_errors(sdp->device) )
503 return -ENXIO;
504 if (ppos != &filp->f_pos)
505 ; /* FIXME: Hmm. Seek to the right place, or fail? */
506
507 if ((k = verify_area(VERIFY_READ, buf, count)))
508 return k; /* protects following copy_from_user()s + get_user()s */
509 if (count < size_sg_header)
510 return -EIO;
511 __copy_from_user(&old_hdr, buf, size_sg_header);
512 blocking = !(filp->f_flags & O_NONBLOCK);
513 if (old_hdr.reply_len < 0)
514 return sg_new_write(sfp, buf, count, blocking, 0, NULL);
515 if (count < (size_sg_header + 6))
516 return -EIO; /* The minimum scsi command length is 6 bytes. */
517
518 if (! (srp = sg_add_request(sfp))) {
519 SCSI_LOG_TIMEOUT(1, printk("sg_write: queue full\n"));
520 return -EDOM;
521 }
522 buf += size_sg_header;
523 __get_user(opcode, buf);
524 if (sfp->next_cmd_len > 0) {
525 if (sfp->next_cmd_len > MAX_COMMAND_SIZE) {
526 SCSI_LOG_TIMEOUT(1, printk("sg_write: command length too long\n"));
527 sfp->next_cmd_len = 0;
528 sg_remove_request(sfp, srp);
529 return -EIO;
530 }
531 cmd_size = sfp->next_cmd_len;
532 sfp->next_cmd_len = 0; /* reset so only this write() effected */
533 }
534 else {
535 cmd_size = COMMAND_SIZE(opcode); /* based on SCSI command group */
536 if ((opcode >= 0xc0) && old_hdr.twelve_byte)
537 cmd_size = 12;
538 }
539 SCSI_LOG_TIMEOUT(4, printk("sg_write: scsi opcode=0x%02x, cmd_size=%d\n",
540 (int)opcode, cmd_size));
541 /* Determine buffer size. */
542 input_size = count - cmd_size;
543 mxsize = (input_size > old_hdr.reply_len) ? input_size :
544 old_hdr.reply_len;
545 mxsize -= size_sg_header;
546 input_size -= size_sg_header;
547 if (input_size < 0) {
548 sg_remove_request(sfp, srp);
549 return -EIO; /* User did not pass enough bytes for this command. */
550 }
551 hp = &srp->header;
552 hp->interface_id = '\0'; /* indicator of old interface tunnelled */
553 hp->cmd_len = (unsigned char)cmd_size;
554 hp->iovec_count = 0;
555 hp->mx_sb_len = 0;
556 #if 0
557 hp->dxfer_direction = SG_DXFER_UNKNOWN;
558 #else
559 if (input_size > 0)
560 hp->dxfer_direction = ((old_hdr.reply_len - size_sg_header) > 0) ?
561 SG_DXFER_TO_FROM_DEV : SG_DXFER_TO_DEV;
562 else
563 hp->dxfer_direction = (mxsize > 0) ? SG_DXFER_FROM_DEV :
564 SG_DXFER_NONE;
565 #endif
566 hp->dxfer_len = mxsize;
567 hp->dxferp = (unsigned char *)buf + cmd_size;
568 hp->sbp = NULL;
569 hp->timeout = old_hdr.reply_len; /* structure abuse ... */
570 hp->flags = input_size; /* structure abuse ... */
571 hp->pack_id = old_hdr.pack_id;
572 hp->usr_ptr = NULL;
573 __copy_from_user(cmnd, buf, cmd_size);
574 k = sg_common_write(sfp, srp, cmnd, sfp->timeout, blocking);
575 return (k < 0) ? k : count;
576 }
577
578 static ssize_t sg_new_write(Sg_fd * sfp, const char * buf, size_t count,
579 int blocking, int read_only, Sg_request ** o_srp)
580 {
581 int k;
582 Sg_request * srp;
583 sg_io_hdr_t * hp;
584 unsigned char cmnd[sizeof(dummy_cmdp->cmnd)];
585 int timeout;
586
587 if (count < size_sg_io_hdr)
588 return -EINVAL;
589 if ((k = verify_area(VERIFY_READ, buf, count)))
590 return k; /* protects following copy_from_user()s + get_user()s */
591
592 sfp->cmd_q = 1; /* when sg_io_hdr seen, set command queuing on */
593 if (! (srp = sg_add_request(sfp))) {
594 SCSI_LOG_TIMEOUT(1, printk("sg_new_write: queue full\n"));
595 return -EDOM;
596 }
597 hp = &srp->header;
598 __copy_from_user(hp, buf, size_sg_io_hdr);
599 if (hp->interface_id != 'S') {
600 sg_remove_request(sfp, srp);
601 return -ENOSYS;
602 }
603 timeout = sg_ms_to_jif(srp->header.timeout);
604 if ((! hp->cmdp) || (hp->cmd_len < 6) || (hp->cmd_len > sizeof(cmnd))) {
605 sg_remove_request(sfp, srp);
606 return -EMSGSIZE;
607 }
608 if ((k = verify_area(VERIFY_READ, hp->cmdp, hp->cmd_len))) {
609 sg_remove_request(sfp, srp);
610 return k; /* protects following copy_from_user()s + get_user()s */
611 }
612 __copy_from_user(cmnd, hp->cmdp, hp->cmd_len);
613 if (read_only &&
614 (! sg_allow_access(cmnd[0], sfp->parentdp->device->type))) {
615 sg_remove_request(sfp, srp);
616 return -EACCES;
617 }
618 k = sg_common_write(sfp, srp, cmnd, timeout, blocking);
619 if (k < 0) return k;
620 if (o_srp) *o_srp = srp;
621 return count;
622 }
623
624 static int sg_common_write(Sg_fd * sfp, Sg_request * srp,
625 unsigned char * cmnd, int timeout, int blocking)
626 {
627 int k;
628 Scsi_Cmnd * SCpnt;
629 Sg_device * sdp = sfp->parentdp;
630 sg_io_hdr_t * hp = &srp->header;
631
632 srp->data.cmd_opcode = cmnd[0]; /* hold opcode of command */
633 hp->status = 0;
634 hp->masked_status = 0;
635 hp->msg_status = 0;
636 hp->info = 0;
637 hp->host_status = 0;
638 hp->driver_status = 0;
639 hp->resid = 0;
640 SCSI_LOG_TIMEOUT(4,
641 printk("sg_common_write: scsi opcode=0x%02x, cmd_size=%d\n",
642 (int)cmnd[0], (int)hp->cmd_len));
643
644 if ((k = sg_start_req(srp))) {
645 SCSI_LOG_TIMEOUT(1, printk("sg_write: start_req err=%d\n", k));
646 sg_finish_rem_req(srp);
647 return k; /* probably out of space --> ENOMEM */
648 }
649 if ((k = sg_write_xfer(srp))) {
650 SCSI_LOG_TIMEOUT(1, printk("sg_write: write_xfer, bad address\n"));
651 sg_finish_rem_req(srp);
652 return k;
653 }
654 /* SCSI_LOG_TIMEOUT(7, printk("sg_write: allocating device\n")); */
655 SCpnt = scsi_allocate_device(sdp->device, blocking, TRUE);
656 if (! SCpnt) {
657 sg_finish_rem_req(srp);
658 return (signal_pending(current)) ? -EINTR : -EAGAIN;
659 /* No available command blocks, or, interrupted while waiting */
660 }
661 /* SCSI_LOG_TIMEOUT(7, printk("sg_write: device allocated\n")); */
662 srp->my_cmdp = SCpnt;
663 SCpnt->request.rq_dev = sdp->i_rdev;
664 SCpnt->request.rq_status = RQ_ACTIVE;
665 SCpnt->sense_buffer[0] = 0;
666 SCpnt->cmd_len = hp->cmd_len;
667 /* Set the LUN field in the command structure, overriding user input */
668 if (! (hp->flags & SG_FLAG_LUN_INHIBIT))
669 cmnd[1] = (cmnd[1] & 0x1f) | (sdp->device->lun << 5);
670
671 /* SCSI_LOG_TIMEOUT(7, printk("sg_write: do cmd\n")); */
672 SCpnt->use_sg = srp->data.k_use_sg;
673 SCpnt->sglist_len = srp->data.sglist_len;
674 SCpnt->bufflen = srp->data.bufflen;
675 SCpnt->underflow = 0;
676 SCpnt->buffer = srp->data.buffer;
677 switch (hp->dxfer_direction) {
678 case SG_DXFER_TO_FROM_DEV:
679 case SG_DXFER_FROM_DEV:
680 SCpnt->sc_data_direction = SCSI_DATA_READ; break;
681 case SG_DXFER_TO_DEV:
682 SCpnt->sc_data_direction = SCSI_DATA_WRITE; break;
683 case SG_DXFER_UNKNOWN:
684 SCpnt->sc_data_direction = SCSI_DATA_UNKNOWN; break;
685 default:
686 SCpnt->sc_data_direction = SCSI_DATA_NONE; break;
687 }
688 srp->data.k_use_sg = 0;
689 srp->data.sglist_len = 0;
690 srp->data.bufflen = 0;
691 srp->data.buffer = NULL;
692 hp->duration = jiffies; /* unit jiffies now, millisecs after done */
693 /* Now send everything of to mid-level. The next time we hear about this
694 packet is when sg_cmd_done_bh() is called (i.e. a callback). */
695 scsi_do_cmd(SCpnt, (void *)cmnd,
696 (void *)SCpnt->buffer, hp->dxfer_len,
697 sg_cmd_done_bh, timeout, SG_DEFAULT_RETRIES);
698 /* dxfer_len overwrites SCpnt->bufflen, hence need for b_malloc_len */
699 return 0;
700 }
701
702 static int sg_ioctl(struct inode * inode, struct file * filp,
703 unsigned int cmd_in, unsigned long arg)
704 {
705 int result, val, read_only;
706 Sg_device * sdp;
707 Sg_fd * sfp;
708 Sg_request * srp;
709 unsigned long iflags;
710
711 if ((! (sfp = (Sg_fd *)filp->private_data)) || (! (sdp = sfp->parentdp)))
712 return -ENXIO;
713 SCSI_LOG_TIMEOUT(3, printk("sg_ioctl: dev=%d, cmd=0x%x\n",
714 MINOR(sdp->i_rdev), (int)cmd_in));
715 if(! scsi_block_when_processing_errors(sdp->device) )
716 return -ENXIO;
717 read_only = (O_RDWR != (filp->f_flags & O_ACCMODE));
718
719 switch(cmd_in)
720 {
721 case SG_IO:
722 {
723 int blocking = 1; /* ignore O_NONBLOCK flag */
724
725 if(! scsi_block_when_processing_errors(sdp->device) )
726 return -ENXIO;
727 result = verify_area(VERIFY_WRITE, (void *)arg, size_sg_io_hdr);
728 if (result) return result;
729 result = sg_new_write(sfp, (const char *)arg, size_sg_io_hdr,
730 blocking, read_only, &srp);
731 if (result < 0) return result;
732 srp->sg_io_owned = 1;
733 while (1) {
734 int dio = sg_dio_in_use(sfp);
735 result = 0; /* following macro to beat race condition */
736 __wait_event_interruptible(sfp->read_wait,
737 (sfp->closed || srp->done), result);
738 if (sfp->closed)
739 return 0; /* request packet dropped already */
740 if (0 == result)
741 break;
742 else if (! dio) { /* only let signal out if no dio */
743 srp->orphan = 1;
744 return result; /* -ERESTARTSYS because signal hit process */
745 }
746 }
747 srp->done = 2;
748 result = sg_new_read(sfp, (char *)arg, size_sg_io_hdr, srp);
749 return (result < 0) ? result : 0;
750 }
751 case SG_SET_TIMEOUT:
752 result = get_user(val, (int *)arg);
753 if (result) return result;
754 if (val < 0)
755 return -EIO;
756 sfp->timeout = val;
757 return 0;
758 case SG_GET_TIMEOUT: /* N.B. User receives timeout as return value */
759 return sfp->timeout; /* strange ..., for backward compatibility */
760 case SG_SET_FORCE_LOW_DMA:
761 result = get_user(val, (int *)arg);
762 if (result) return result;
763 if (val) {
764 sfp->low_dma = 1;
765 if ((0 == sfp->low_dma) && (0 == sg_res_in_use(sfp))) {
766 val = (int)sfp->reserve.bufflen;
767 sg_remove_scat(&sfp->reserve);
768 sg_build_reserve(sfp, val);
769 }
770 }
771 else
772 sfp->low_dma = sdp->device->host->unchecked_isa_dma;
773 return 0;
774 case SG_GET_LOW_DMA:
775 return put_user((int)sfp->low_dma, (int *)arg);
776 case SG_GET_SCSI_ID:
777 result = verify_area(VERIFY_WRITE, (void *)arg, sizeof(sg_scsi_id_t));
778 if (result) return result;
779 else {
780 sg_scsi_id_t * sg_idp = (sg_scsi_id_t *)arg;
781 __put_user((int)sdp->device->host->host_no, &sg_idp->host_no);
782 __put_user((int)sdp->device->channel, &sg_idp->channel);
783 __put_user((int)sdp->device->id, &sg_idp->scsi_id);
784 __put_user((int)sdp->device->lun, &sg_idp->lun);
785 __put_user((int)sdp->device->type, &sg_idp->scsi_type);
786 __put_user((short)sdp->device->host->cmd_per_lun,
787 &sg_idp->h_cmd_per_lun);
788 __put_user((short)sdp->device->queue_depth,
789 &sg_idp->d_queue_depth);
790 __put_user(0, &sg_idp->unused[0]);
791 __put_user(0, &sg_idp->unused[1]);
792 return 0;
793 }
794 case SG_SET_FORCE_PACK_ID:
795 result = get_user(val, (int *)arg);
796 if (result) return result;
797 sfp->force_packid = val ? 1 : 0;
798 return 0;
799 case SG_GET_PACK_ID:
800 result = verify_area(VERIFY_WRITE, (void *) arg, sizeof(int));
801 if (result) return result;
802 read_lock_irqsave(&sfp->rq_list_lock, iflags);
803 for (srp = sfp->headrp; srp; srp = srp->nextrp) {
804 if ((1 == srp->done) && (! srp->sg_io_owned)) {
805 read_unlock_irqrestore(&sfp->rq_list_lock, iflags);
806 __put_user(srp->header.pack_id, (int *)arg);
807 return 0;
808 }
809 }
810 read_unlock_irqrestore(&sfp->rq_list_lock, iflags);
811 __put_user(-1, (int *)arg);
812 return 0;
813 case SG_GET_NUM_WAITING:
814 read_lock_irqsave(&sfp->rq_list_lock, iflags);
815 for (val = 0, srp = sfp->headrp; srp; srp = srp->nextrp) {
816 if ((1 == srp->done) && (! srp->sg_io_owned))
817 ++val;
818 }
819 read_unlock_irqrestore(&sfp->rq_list_lock, iflags);
820 return put_user(val, (int *)arg);
821 case SG_GET_SG_TABLESIZE:
822 return put_user(sdp->sg_tablesize, (int *)arg);
823 case SG_SET_RESERVED_SIZE:
824 result = get_user(val, (int *)arg);
825 if (result) return result;
826 if (val != sfp->reserve.bufflen) {
827 if (sg_res_in_use(sfp))
828 return -EBUSY;
829 sg_remove_scat(&sfp->reserve);
830 sg_build_reserve(sfp, val);
831 }
832 return 0;
833 case SG_GET_RESERVED_SIZE:
834 val = (int)sfp->reserve.bufflen;
835 return put_user(val, (int *)arg);
836 case SG_SET_COMMAND_Q:
837 result = get_user(val, (int *)arg);
838 if (result) return result;
839 sfp->cmd_q = val ? 1 : 0;
840 return 0;
841 case SG_GET_COMMAND_Q:
842 return put_user((int)sfp->cmd_q, (int *)arg);
843 case SG_SET_KEEP_ORPHAN:
844 result = get_user(val, (int *)arg);
845 if (result) return result;
846 sfp->keep_orphan = val;
847 return 0;
848 case SG_GET_KEEP_ORPHAN:
849 return put_user((int)sfp->keep_orphan, (int *)arg);
850 case SG_NEXT_CMD_LEN:
851 result = get_user(val, (int *)arg);
852 if (result) return result;
853 sfp->next_cmd_len = (val > 0) ? val : 0;
854 return 0;
855 case SG_GET_VERSION_NUM:
856 return put_user(sg_version_num, (int *)arg);
857 case SG_GET_REQUEST_TABLE:
858 result = verify_area(VERIFY_WRITE, (void *) arg,
859 size_sg_req_info * SG_MAX_QUEUE);
860 if (result) return result;
861 else {
862 sg_req_info_t rinfo[SG_MAX_QUEUE];
863 Sg_request * srp;
864 read_lock_irqsave(&sfp->rq_list_lock, iflags);
865 for (srp = sfp->headrp, val = 0; val < SG_MAX_QUEUE;
866 ++val, srp = srp ? srp->nextrp : srp) {
867 memset(&rinfo[val], 0, size_sg_req_info);
868 if (srp) {
869 rinfo[val].req_state = srp->done + 1;
870 rinfo[val].problem = srp->header.masked_status &
871 srp->header.host_status & srp->header.driver_status;
872 rinfo[val].duration = srp->done ?
873 srp->header.duration :
874 sg_jif_to_ms(jiffies - srp->header.duration);
875 rinfo[val].orphan = srp->orphan;
876 rinfo[val].sg_io_owned = srp->sg_io_owned;
877 rinfo[val].pack_id = srp->header.pack_id;
878 rinfo[val].usr_ptr = srp->header.usr_ptr;
879 }
880 }
881 read_unlock_irqrestore(&sfp->rq_list_lock, iflags);
882 __copy_to_user((void *)arg, rinfo, size_sg_req_info * SG_MAX_QUEUE);
883 return 0;
884 }
885 case SG_EMULATED_HOST:
886 return put_user(sdp->device->host->hostt->emulated, (int *)arg);
887 case SG_SCSI_RESET:
888 if (! scsi_block_when_processing_errors(sdp->device))
889 return -EBUSY;
890 result = get_user(val, (int *)arg);
891 if (result) return result;
892 if (SG_SCSI_RESET_NOTHING == val)
893 return 0;
894 #ifdef SCSI_TRY_RESET_DEVICE
895 switch (val)
896 {
897 case SG_SCSI_RESET_DEVICE:
898 val = SCSI_TRY_RESET_DEVICE;
899 break;
900 case SG_SCSI_RESET_BUS:
901 val = SCSI_TRY_RESET_BUS;
902 break;
903 case SG_SCSI_RESET_HOST:
904 val = SCSI_TRY_RESET_HOST;
905 break;
906 default:
907 return -EINVAL;
908 }
909 if(! capable(CAP_SYS_ADMIN)) return -EACCES;
910 return (scsi_reset_provider(sdp->device, val) == SUCCESS) ? 0 : -EIO;
911 #else
912 SCSI_LOG_TIMEOUT(1, printk("sg_ioctl: SG_RESET_SCSI not supported\n"));
913 result = -EINVAL;
914 #endif
915 case SCSI_IOCTL_SEND_COMMAND:
916 if (read_only) {
917 unsigned char opcode = WRITE_6;
918 Scsi_Ioctl_Command * siocp = (void *)arg;
919
920 copy_from_user(&opcode, siocp->data, 1);
921 if (! sg_allow_access(opcode, sdp->device->type))
922 return -EACCES;
923 }
924 return scsi_ioctl_send_command(sdp->device, (void *)arg);
925 case SG_SET_DEBUG:
926 result = get_user(val, (int *)arg);
927 if (result) return result;
928 sdp->sgdebug = (char)val;
929 return 0;
930 case SCSI_IOCTL_GET_IDLUN:
931 case SCSI_IOCTL_GET_BUS_NUMBER:
932 case SCSI_IOCTL_PROBE_HOST:
933 case SG_GET_TRANSFORM:
934 return scsi_ioctl(sdp->device, cmd_in, (void *)arg);
935 default:
936 if (read_only)
937 return -EACCES; /* don't know so take safe approach */
938 return scsi_ioctl(sdp->device, cmd_in, (void *)arg);
939 }
940 }
941
942 static unsigned int sg_poll(struct file * filp, poll_table * wait)
943 {
944 unsigned int res = 0;
945 Sg_device * sdp;
946 Sg_fd * sfp;
947 Sg_request * srp;
948 int count = 0;
949 unsigned long iflags;
950
951 if ((! (sfp = (Sg_fd *)filp->private_data)) || (! (sdp = sfp->parentdp)))
952 return POLLERR;
953 poll_wait(filp, &sfp->read_wait, wait);
954 read_lock_irqsave(&sfp->rq_list_lock, iflags);
955 for (srp = sfp->headrp; srp; srp = srp->nextrp) {
956 /* if any read waiting, flag it */
957 if ((0 == res) && (1 == srp->done) && (! srp->sg_io_owned))
958 res = POLLIN | POLLRDNORM;
959 ++count;
960 }
961 read_unlock_irqrestore(&sfp->rq_list_lock, iflags);
962 if (! sfp->cmd_q) {
963 if (0 == count)
964 res |= POLLOUT | POLLWRNORM;
965 }
966 else if (count < SG_MAX_QUEUE)
967 res |= POLLOUT | POLLWRNORM;
968 SCSI_LOG_TIMEOUT(3, printk("sg_poll: dev=%d, res=0x%x\n",
969 MINOR(sdp->i_rdev), (int)res));
970 return res;
971 }
972
973 static int sg_fasync(int fd, struct file * filp, int mode)
974 {
975 int retval;
976 Sg_device * sdp;
977 Sg_fd * sfp;
978
979 if ((! (sfp = (Sg_fd *)filp->private_data)) || (! (sdp = sfp->parentdp)))
980 return -ENXIO;
981 SCSI_LOG_TIMEOUT(3, printk("sg_fasync: dev=%d, mode=%d\n",
982 MINOR(sdp->i_rdev), mode));
983
984 retval = fasync_helper(fd, filp, mode, &sfp->async_qp);
985 return (retval < 0) ? retval : 0;
986 }
987
988 /* This function is a "bottom half" handler that is called by the
989 * mid level when a command is completed (or has failed). */
990 static void sg_cmd_done_bh(Scsi_Cmnd * SCpnt)
991 {
992 int dev = MINOR(SCpnt->request.rq_dev);
993 Sg_device * sdp = NULL;
994 Sg_fd * sfp;
995 Sg_request * srp = NULL;
996
997 read_lock(&sg_dev_arr_lock);
998 if (sg_dev_arr && (dev >= 0)) {
999 if (dev < sg_template.dev_max)
1000 sdp = sg_dev_arr[dev];
1001 }
1002 if (NULL == sdp) {
1003 read_unlock(&sg_dev_arr_lock);
1004 SCSI_LOG_TIMEOUT(1, printk("sg...bh: bad args dev=%d\n", dev));
1005 scsi_release_command(SCpnt);
1006 SCpnt = NULL;
1007 return;
1008 }
1009 sfp = sdp->headfp;
1010 while (sfp) {
1011 read_lock(&sfp->rq_list_lock);
1012 for (srp = sfp->headrp; srp; srp = srp->nextrp) {
1013 if (SCpnt == srp->my_cmdp)
1014 break;
1015 }
1016 read_unlock(&sfp->rq_list_lock);
1017 if (srp)
1018 break;
1019 sfp = sfp->nextfp;
1020 }
1021 read_unlock(&sg_dev_arr_lock);
1022 if (! srp) {
1023 SCSI_LOG_TIMEOUT(1, printk("sg...bh: req missing, dev=%d\n", dev));
1024 scsi_release_command(SCpnt);
1025 SCpnt = NULL;
1026 return;
1027 }
1028 /* First transfer ownership of data buffers to sg_device object. */
1029 srp->data.k_use_sg = SCpnt->use_sg;
1030 srp->data.sglist_len = SCpnt->sglist_len;
1031 srp->data.bufflen = SCpnt->bufflen;
1032 srp->data.buffer = SCpnt->buffer;
1033 sg_clr_scpnt(SCpnt);
1034 srp->my_cmdp = NULL;
1035 srp->done = 1;
1036
1037 SCSI_LOG_TIMEOUT(4, printk("sg...bh: dev=%d, pack_id=%d, res=0x%x\n",
1038 dev, srp->header.pack_id, (int)SCpnt->result));
1039 srp->header.resid = SCpnt->resid;
1040 /* sg_unmap_and(&srp->data, 0); */ /* unmap locked pages a.s.a.p. */
1041 /* N.B. unit of duration changes here from jiffies to millisecs */
1042 srp->header.duration = sg_jif_to_ms(jiffies - (int)srp->header.duration);
1043 if (0 != SCpnt->result) {
1044 memcpy(srp->sense_b, SCpnt->sense_buffer, sizeof(srp->sense_b));
1045 srp->header.status = 0xff & SCpnt->result;
1046 srp->header.masked_status = status_byte(SCpnt->result);
1047 srp->header.msg_status = msg_byte(SCpnt->result);
1048 srp->header.host_status = host_byte(SCpnt->result);
1049 srp->header.driver_status = driver_byte(SCpnt->result);
1050 if ((sdp->sgdebug > 0) &&
1051 ((CHECK_CONDITION == srp->header.masked_status) ||
1052 (COMMAND_TERMINATED == srp->header.masked_status)))
1053 print_sense("sg_cmd_done_bh", SCpnt);
1054
1055 /* Following if statement is a patch supplied by Eric Youngdale */
1056 if (driver_byte(SCpnt->result) != 0
1057 && (SCpnt->sense_buffer[0] & 0x7f) == 0x70
1058 && (SCpnt->sense_buffer[2] & 0xf) == UNIT_ATTENTION
1059 && sdp->device->removable) {
1060 /* Detected disc change. Set the bit - this may be used if */
1061 /* there are filesystems using this device. */
1062 sdp->device->changed = 1;
1063 }
1064 }
1065 /* Rely on write phase to clean out srp status values, so no "else" */
1066
1067 scsi_release_command(SCpnt);
1068 SCpnt = NULL;
1069 if (sfp->closed) { /* whoops this fd already released, cleanup */
1070 SCSI_LOG_TIMEOUT(1,
1071 printk("sg...bh: already closed, freeing ...\n"));
1072 /* should check if module is unloaded <<<<<<< */
1073 sg_finish_rem_req(srp);
1074 srp = NULL;
1075 if (NULL == sfp->headrp) {
1076 SCSI_LOG_TIMEOUT(1,
1077 printk("sg...bh: already closed, final cleanup\n"));
1078 sg_remove_sfp(sdp, sfp);
1079 sfp = NULL;
1080 }
1081 }
1082 else if (srp && srp->orphan) {
1083 if (sfp->keep_orphan)
1084 srp->sg_io_owned = 0;
1085 else {
1086 sg_finish_rem_req(srp);
1087 srp = NULL;
1088 }
1089 }
1090 if (sfp && srp) {
1091 /* Now wake up any sg_read() that is waiting for this packet. */
1092 wake_up_interruptible(&sfp->read_wait);
1093 kill_fasync(&sfp->async_qp, SIGPOLL, POLL_IN);
1094 }
1095 }
1096
1097 static struct file_operations sg_fops = {
1098 owner: THIS_MODULE,
1099 read: sg_read,
1100 write: sg_write,
1101 poll: sg_poll,
1102 ioctl: sg_ioctl,
1103 open: sg_open,
1104 release: sg_release,
1105 fasync: sg_fasync,
1106 };
1107
1108
1109 static int sg_detect(Scsi_Device * scsidp)
1110 {
1111 switch (scsidp->type) {
1112 case TYPE_DISK:
1113 case TYPE_MOD:
1114 case TYPE_ROM:
1115 case TYPE_WORM:
1116 case TYPE_TAPE: break;
1117 default:
1118 printk("Detected scsi generic sg%d at scsi%d,"
1119 " channel %d, id %d, lun %d, type %d\n",
1120 sg_template.dev_noticed,
1121 scsidp->host->host_no, scsidp->channel,
1122 scsidp->id, scsidp->lun, scsidp->type);
1123 }
1124 sg_template.dev_noticed++;
1125 return 1;
1126 }
1127
1128 /* Driver initialization */
1129 static int sg_init()
1130 {
1131 static int sg_registered = 0;
1132 unsigned long iflags;
1133
1134 if ((sg_template.dev_noticed == 0) || sg_dev_arr)
1135 return 0;
1136
1137 write_lock_irqsave(&sg_dev_arr_lock, iflags);
1138 if(!sg_registered) {
1139 if (devfs_register_chrdev(SCSI_GENERIC_MAJOR,"sg",&sg_fops))
1140 {
1141 printk("Unable to get major %d for generic SCSI device\n",
1142 SCSI_GENERIC_MAJOR);
1143 write_unlock_irqrestore(&sg_dev_arr_lock, iflags);
1144 return 1;
1145 }
1146 sg_registered++;
1147 }
1148
1149 SCSI_LOG_TIMEOUT(3, printk("sg_init\n"));
1150 sg_template.dev_max = sg_template.dev_noticed + SG_DEV_ARR_LUMP;
1151 sg_dev_arr = (Sg_device **)kmalloc(sg_template.dev_max *
1152 sizeof(Sg_device *), GFP_ATOMIC);
1153 if (NULL == sg_dev_arr) {
1154 printk("sg_init: no space for sg_dev_arr\n");
1155 write_unlock_irqrestore(&sg_dev_arr_lock, iflags);
1156 return 1;
1157 }
1158 memset(sg_dev_arr, 0, sg_template.dev_max * sizeof(Sg_device *));
1159 write_unlock_irqrestore(&sg_dev_arr_lock, iflags);
1160 #ifdef CONFIG_PROC_FS
1161 sg_proc_init();
1162 #endif /* CONFIG_PROC_FS */
1163 return 0;
1164 }
1165
1166 #ifndef MODULE
1167 static int __init sg_def_reserved_size_setup(char *str)
1168 {
1169 int tmp;
1170
1171 if (get_option(&str, &tmp) == 1) {
1172 def_reserved_size = tmp;
1173 if (tmp >= 0)
1174 sg_big_buff = tmp;
1175 return 1;
1176 } else {
1177 printk("sg_def_reserved_size : usage sg_def_reserved_size=n "
1178 "(n could be 65536, 131072 or 262144)\n");
1179 return 0;
1180 }
1181 }
1182
1183 __setup("sg_def_reserved_size=", sg_def_reserved_size_setup);
1184 #endif
1185
1186
1187 static int sg_attach(Scsi_Device * scsidp)
1188 {
1189 Sg_device * sdp;
1190 unsigned long iflags;
1191 int k;
1192
1193 write_lock_irqsave(&sg_dev_arr_lock, iflags);
1194 if (sg_template.nr_dev >= sg_template.dev_max) { /* try to resize */
1195 Sg_device ** tmp_da;
1196 int tmp_dev_max = sg_template.nr_dev + SG_DEV_ARR_LUMP;
1197
1198 tmp_da = (Sg_device **)kmalloc(tmp_dev_max *
1199 sizeof(Sg_device *), GFP_ATOMIC);
1200 if (NULL == tmp_da) {
1201 scsidp->attached--;
1202 write_unlock_irqrestore(&sg_dev_arr_lock, iflags);
1203 printk("sg_attach: device array cannot be resized\n");
1204 return 1;
1205 }
1206 memset(tmp_da, 0, tmp_dev_max * sizeof(Sg_device *));
1207 memcpy(tmp_da, sg_dev_arr, sg_template.dev_max * sizeof(Sg_device *));
1208 kfree((char *)sg_dev_arr);
1209 sg_dev_arr = tmp_da;
1210 sg_template.dev_max = tmp_dev_max;
1211 }
1212
1213 for(k = 0; k < sg_template.dev_max; k++)
1214 if(! sg_dev_arr[k]) break;
1215 if(k < sg_template.dev_max)
1216 sdp = (Sg_device *)kmalloc(sizeof(Sg_device), GFP_ATOMIC);
1217 else
1218 sdp = NULL;
1219 if (NULL == sdp) {
1220 scsidp->attached--;
1221 write_unlock_irqrestore(&sg_dev_arr_lock, iflags);
1222 printk("sg_attach: Sg_device cannot be allocated\n");
1223 return 1;
1224 }
1225
1226 SCSI_LOG_TIMEOUT(3, printk("sg_attach: dev=%d \n", k));
1227 sdp->device = scsidp;
1228 init_waitqueue_head(&sdp->o_excl_wait);
1229 sdp->headfp= NULL;
1230 sdp->exclude = 0;
1231 sdp->sgdebug = 0;
1232 sdp->detached = 0;
1233 sdp->sg_tablesize = scsidp->host ? scsidp->host->sg_tablesize : 0;
1234 sdp->i_rdev = MKDEV(SCSI_GENERIC_MAJOR, k);
1235 sdp->de = devfs_register (scsidp->de, "generic", DEVFS_FL_DEFAULT,
1236 SCSI_GENERIC_MAJOR, k,
1237 S_IFCHR | S_IRUSR | S_IWUSR | S_IRGRP,
1238 &sg_fops, NULL);
1239 sg_template.nr_dev++;
1240 sg_dev_arr[k] = sdp;
1241 write_unlock_irqrestore(&sg_dev_arr_lock, iflags);
1242 return 0;
1243 }
1244
1245 /* Called at 'finish' of init process, after all attaches */
1246 static void sg_finish(void)
1247 {
1248 SCSI_LOG_TIMEOUT(3, printk("sg_finish: dma_free_sectors=%u\n",
1249 scsi_dma_free_sectors));
1250 }
1251
1252 static void sg_detach(Scsi_Device * scsidp)
1253 {
1254 Sg_device * sdp;
1255 unsigned long iflags;
1256 Sg_fd * sfp;
1257 Sg_request * srp;
1258 int k;
1259
1260 if (NULL == sg_dev_arr)
1261 return;
1262 write_lock_irqsave(&sg_dev_arr_lock, iflags);
1263 for (k = 0; k < sg_template.dev_max; k++) {
1264 sdp = sg_dev_arr[k];
1265 if ((NULL == sdp) || (sdp->device != scsidp))
1266 continue; /* dirty but lowers nesting */
1267 if (sdp->headfp) {
1268 for (sfp = sdp->headfp; sfp; sfp = sfp->nextfp) {
1269 /* no lock on request list here */
1270 for (srp = sfp->headrp; srp; srp = srp->nextrp) {
1271 if (! srp->done) {
1272 write_unlock_irqrestore(&sg_dev_arr_lock, iflags);
1273 sg_shorten_timeout(srp->my_cmdp);
1274 write_lock_irqsave(&sg_dev_arr_lock, iflags);
1275 }
1276 }
1277 }
1278 write_unlock_irqrestore(&sg_dev_arr_lock, iflags);
1279 SCSI_LOG_TIMEOUT(3, printk("sg_detach: dev=%d, dirty, sleep(3)\n", k));
1280 scsi_sleep(3); /* sleep 3 jiffies, hoping for timeout to go off */
1281 devfs_unregister (sdp->de);
1282 sdp->de = NULL;
1283 sdp->detached = 1;
1284 write_lock_irqsave(&sg_dev_arr_lock, iflags);
1285 }
1286 else {
1287 SCSI_LOG_TIMEOUT(3, printk("sg_detach: dev=%d\n", k));
1288 devfs_unregister (sdp->de);
1289 kfree((char *)sdp);
1290 sg_dev_arr[k] = NULL;
1291 }
1292 scsidp->attached--;
1293 sg_template.nr_dev--;
1294 /* avoid associated device /dev/sg? being incremented
1295 * each time module is inserted/removed , <dan@lectra.fr> */
1296 sg_template.dev_noticed--;
1297 break;
1298 }
1299 write_unlock_irqrestore(&sg_dev_arr_lock, iflags);
1300 return;
1301 }
1302
1303 #ifdef MODULE
1304
1305 MODULE_PARM(def_reserved_size, "i");
1306 MODULE_PARM_DESC(def_reserved_size, "size of buffer reserved for each fd");
1307
1308 int init_module(void) {
1309 if (def_reserved_size >= 0)
1310 sg_big_buff = def_reserved_size;
1311 sg_template.module = &__this_module;
1312 return scsi_register_module(MODULE_SCSI_DEV, &sg_template);
1313 }
1314
1315 void cleanup_module( void)
1316 {
1317 #ifdef CONFIG_PROC_FS
1318 sg_proc_cleanup();
1319 #endif /* CONFIG_PROC_FS */
1320 scsi_unregister_module(MODULE_SCSI_DEV, &sg_template);
1321 devfs_unregister_chrdev(SCSI_GENERIC_MAJOR, "sg");
1322 if(sg_dev_arr != NULL) {
1323 /* Really worrying situation of writes still pending and get here */
1324 /* Strategy: shorten timeout on release + wait on detach ... */
1325 kfree((char *)sg_dev_arr);
1326 sg_dev_arr = NULL;
1327 }
1328 sg_template.dev_max = 0;
1329 }
1330 #endif /* MODULE */
1331
1332
1333 #if 0
1334 extern void scsi_times_out (Scsi_Cmnd * SCpnt);
1335 extern void scsi_old_times_out (Scsi_Cmnd * SCpnt);
1336 #endif
1337
1338 /* Can't see clean way to abort a command so shorten timeout to 1 jiffy */
1339 static void sg_shorten_timeout(Scsi_Cmnd * scpnt)
1340 {
1341 #if 0 /* scsi_syms.c is very miserly about exported functions */
1342 scsi_delete_timer(scpnt);
1343 if (! scpnt)
1344 return;
1345 scpnt->timeout_per_command = 1; /* try 1 jiffy (perhaps 0 jiffies) */
1346 if (scpnt->host->hostt->use_new_eh_code)
1347 scsi_add_timer(scpnt, scpnt->timeout_per_command, scsi_times_out);
1348 else
1349 scsi_add_timer(scpnt, scpnt->timeout_per_command,
1350 scsi_old_times_out);
1351 #else
1352 scsi_sleep(HZ); /* just sleep 1 second and hope ... */
1353 #endif
1354 }
1355
1356 static int sg_start_req(Sg_request * srp)
1357 {
1358 int res;
1359 Sg_fd * sfp = srp->parentfp;
1360 sg_io_hdr_t * hp = &srp->header;
1361 int dxfer_len = (int)hp->dxfer_len;
1362 int dxfer_dir = hp->dxfer_direction;
1363 Sg_scatter_hold * req_schp = &srp->data;
1364 Sg_scatter_hold * rsv_schp = &sfp->reserve;
1365
1366 SCSI_LOG_TIMEOUT(4, printk("sg_start_req: dxfer_len=%d\n", dxfer_len));
1367 if ((dxfer_len <= 0) || (dxfer_dir == SG_DXFER_NONE))
1368 return 0;
1369 if ((hp->flags & SG_FLAG_DIRECT_IO) &&
1370 (dxfer_dir != SG_DXFER_UNKNOWN) &&
1371 (0 == hp->iovec_count) &&
1372 (! sfp->parentdp->device->host->unchecked_isa_dma)) {
1373 res = sg_build_dir(srp, sfp, dxfer_len);
1374 if (res <= 0) /* -ve -> error, 0 -> done, 1 -> try indirect */
1375 return res;
1376 }
1377 if ((! sg_res_in_use(sfp)) && (dxfer_len <= rsv_schp->bufflen)) {
1378 sg_link_reserve(sfp, srp, dxfer_len);
1379 }
1380 else {
1381 res = sg_build_indi(req_schp, sfp, dxfer_len);
1382 if (res) {
1383 sg_remove_scat(req_schp);
1384 return res;
1385 }
1386 }
1387 return 0;
1388 }
1389
1390 static void sg_finish_rem_req(Sg_request * srp)
1391 {
1392 Sg_fd * sfp = srp->parentfp;
1393 Sg_scatter_hold * req_schp = &srp->data;
1394
1395 SCSI_LOG_TIMEOUT(4, printk("sg_finish_rem_req: res_used=%d\n",
1396 (int)srp->res_used));
1397 sg_unmap_and(&srp->data, 1);
1398 if (srp->res_used)
1399 sg_unlink_reserve(sfp, srp);
1400 else
1401 sg_remove_scat(req_schp);
1402 sg_remove_request(sfp, srp);
1403 }
1404
1405 static int sg_build_sgat(Sg_scatter_hold * schp, const Sg_fd * sfp)
1406 {
1407 int mem_src, ret_sz;
1408 int sg_bufflen = PAGE_SIZE;
1409 int elem_sz = sizeof(struct scatterlist) + sizeof(char);
1410 int mx_sc_elems = (sg_bufflen / elem_sz) - 1;
1411
1412 mem_src = SG_HEAP_KMAL;
1413 schp->buffer = (struct scatterlist *)sg_malloc(sfp, sg_bufflen,
1414 &ret_sz, &mem_src);
1415 schp->buffer_mem_src = (char)mem_src;
1416 if (! schp->buffer)
1417 return -ENOMEM;
1418 else if (ret_sz != sg_bufflen) {
1419 sg_bufflen = ret_sz;
1420 mx_sc_elems = (sg_bufflen / elem_sz) - 1;
1421 }
1422 schp->sglist_len = sg_bufflen;
1423 memset(schp->buffer, 0, sg_bufflen);
1424 return mx_sc_elems; /* number of scat_gath elements allocated */
1425 }
1426
1427 static void sg_unmap_and(Sg_scatter_hold * schp, int free_also)
1428 {
1429 #ifdef SG_ALLOW_DIO
1430 if (schp && schp->kiobp) {
1431 if (schp->mapped) {
1432 unmap_kiobuf(schp->kiobp);
1433 schp->mapped = 0;
1434 }
1435 if (free_also) {
1436 free_kiovec(1, &schp->kiobp);
1437 schp->kiobp = NULL;
1438 }
1439 }
1440 #endif
1441 }
1442
1443 static int sg_build_dir(Sg_request * srp, Sg_fd * sfp, int dxfer_len)
1444 {
1445 #ifdef SG_ALLOW_DIO
1446 int res, k, split, offset, num, mx_sc_elems, rem_sz;
1447 struct kiobuf * kp;
1448 char * mem_src_arr;
1449 struct scatterlist * sclp;
1450 unsigned long addr, prev_addr;
1451 sg_io_hdr_t * hp = &srp->header;
1452 Sg_scatter_hold * schp = &srp->data;
1453 int sg_tablesize = sfp->parentdp->sg_tablesize;
1454
1455 res = alloc_kiovec(1, &schp->kiobp);
1456 if (0 != res) {
1457 SCSI_LOG_TIMEOUT(5, printk("sg_build_dir: alloc_kiovec res=%d\n", res));
1458 return 1;
1459 }
1460 res = map_user_kiobuf((SG_DXFER_TO_DEV == hp->dxfer_direction) ? 1 : 0,
1461 schp->kiobp, (unsigned long)hp->dxferp, dxfer_len);
1462 if (0 != res) {
1463 SCSI_LOG_TIMEOUT(5,
1464 printk("sg_build_dir: map_user_kiobuf res=%d\n", res));
1465 sg_unmap_and(schp, 1);
1466 return 1;
1467 }
1468 schp->mapped = 1;
1469 kp = schp->kiobp;
1470 prev_addr = (unsigned long) page_address(kp->maplist[0]);
1471 for (k = 1, split = 0; k < kp->nr_pages; ++k, prev_addr = addr) {
1472 addr = (unsigned long) page_address(kp->maplist[k]);
1473 if ((prev_addr + PAGE_SIZE) != addr) {
1474 split = k;
1475 break;
1476 }
1477 }
1478 if (! split) {
1479 schp->k_use_sg = 0;
1480 schp->buffer = page_address(kp->maplist[0]) + kp->offset;
1481 schp->bufflen = dxfer_len;
1482 schp->buffer_mem_src = SG_USER_MEM;
1483 schp->b_malloc_len = dxfer_len;
1484 hp->info |= SG_INFO_DIRECT_IO;
1485 return 0;
1486 }
1487 mx_sc_elems = sg_build_sgat(schp, sfp);
1488 if (mx_sc_elems <= 1) {
1489 sg_unmap_and(schp, 1);
1490 sg_remove_scat(schp);
1491 return 1;
1492 }
1493 mem_src_arr = schp->buffer + (mx_sc_elems * sizeof(struct scatterlist));
1494 for (k = 0, sclp = schp->buffer, rem_sz = dxfer_len;
1495 (k < sg_tablesize) && (rem_sz > 0) && (k < mx_sc_elems);
1496 ++k, ++sclp) {
1497 offset = (0 == k) ? kp->offset : 0;
1498 num = (rem_sz > (PAGE_SIZE - offset)) ? (PAGE_SIZE - offset) :
1499 rem_sz;
1500 sclp->address = page_address(kp->maplist[k]) + offset;
1501 sclp->length = num;
1502 mem_src_arr[k] = SG_USER_MEM;
1503 rem_sz -= num;
1504 SCSI_LOG_TIMEOUT(5,
1505 printk("sg_build_dir: k=%d, a=0x%p, len=%d, ms=%d\n",
1506 k, sclp->address, num, mem_src_arr[k]));
1507 }
1508 schp->k_use_sg = k;
1509 SCSI_LOG_TIMEOUT(5,
1510 printk("sg_build_dir: k_use_sg=%d, rem_sz=%d\n", k, rem_sz));
1511 schp->bufflen = dxfer_len;
1512 if (rem_sz > 0) { /* must have failed */
1513 sg_unmap_and(schp, 1);
1514 sg_remove_scat(schp);
1515 return 1; /* out of scatter gather elements, try indirect */
1516 }
1517 hp->info |= SG_INFO_DIRECT_IO;
1518 return 0;
1519 #else
1520 return 1;
1521 #endif /* SG_ALLOW_DIO */
1522 }
1523
1524 static int sg_build_indi(Sg_scatter_hold * schp, Sg_fd * sfp, int buff_size)
1525 {
1526 int ret_sz, mem_src;
1527 int blk_size = buff_size;
1528 char * p = NULL;
1529
1530 if ((blk_size < 0) || (! sfp))
1531 return -EFAULT;
1532 if (0 == blk_size)
1533 ++blk_size; /* don't know why */
1534 /* round request up to next highest SG_SECTOR_SZ byte boundary */
1535 blk_size = (blk_size + SG_SECTOR_MSK) & (~SG_SECTOR_MSK);
1536 SCSI_LOG_TIMEOUT(4, printk("sg_build_indi: buff_size=%d, blk_size=%d\n",
1537 buff_size, blk_size));
1538 if (blk_size <= SG_SCATTER_SZ) {
1539 mem_src = SG_HEAP_PAGE;
1540 p = sg_malloc(sfp, blk_size, &ret_sz, &mem_src);
1541 if (! p)
1542 return -ENOMEM;
1543 if (blk_size == ret_sz) { /* got it on the first attempt */
1544 schp->k_use_sg = 0;
1545 schp->buffer = p;
1546 schp->bufflen = blk_size;
1547 schp->buffer_mem_src = (char)mem_src;
1548 schp->b_malloc_len = blk_size;
1549 return 0;
1550 }
1551 }
1552 else {
1553 mem_src = SG_HEAP_PAGE;
1554 p = sg_malloc(sfp, SG_SCATTER_SZ, &ret_sz, &mem_src);
1555 if (! p)
1556 return -ENOMEM;
1557 }
1558 /* Want some local declarations, so start new block ... */
1559 { /* lets try and build a scatter gather list */
1560 struct scatterlist * sclp;
1561 int k, rem_sz, num;
1562 int mx_sc_elems;
1563 int sg_tablesize = sfp->parentdp->sg_tablesize;
1564 int first = 1;
1565 char * mem_src_arr;
1566
1567 /* N.B. ret_sz and mem_src carried into this block ... */
1568 mx_sc_elems = sg_build_sgat(schp, sfp);
1569 if (mx_sc_elems < 0)
1570 return mx_sc_elems; /* most likely -ENOMEM */
1571 mem_src_arr = schp->buffer +
1572 (mx_sc_elems * sizeof(struct scatterlist));
1573
1574 for (k = 0, sclp = schp->buffer, rem_sz = blk_size;
1575 (k < sg_tablesize) && (rem_sz > 0) && (k < mx_sc_elems);
1576 ++k, rem_sz -= ret_sz, ++sclp) {
1577 if (first)
1578 first = 0;
1579 else {
1580 num = (rem_sz > SG_SCATTER_SZ) ? SG_SCATTER_SZ : rem_sz;
1581 mem_src = SG_HEAP_PAGE;
1582 p = sg_malloc(sfp, num, &ret_sz, &mem_src);
1583 if (! p)
1584 break;
1585 }
1586 sclp->address = p;
1587 sclp->length = ret_sz;
1588 mem_src_arr[k] = mem_src;
1589
1590 SCSI_LOG_TIMEOUT(5,
1591 printk("sg_build_build: k=%d, a=0x%p, len=%d, ms=%d\n",
1592 k, sclp->address, ret_sz, mem_src));
1593 } /* end of for loop */
1594 schp->k_use_sg = k;
1595 SCSI_LOG_TIMEOUT(5,
1596 printk("sg_build_indi: k_use_sg=%d, rem_sz=%d\n", k, rem_sz));
1597 schp->bufflen = blk_size;
1598 if (rem_sz > 0) /* must have failed */
1599 return -ENOMEM;
1600 }
1601 return 0;
1602 }
1603
1604 static int sg_write_xfer(Sg_request * srp)
1605 {
1606 sg_io_hdr_t * hp = &srp->header;
1607 Sg_scatter_hold * schp = &srp->data;
1608 int num_xfer = 0;
1609 int j, k, onum, usglen, ksglen, res, ok;
1610 int iovec_count = (int)hp->iovec_count;
1611 int dxfer_dir = hp->dxfer_direction;
1612 unsigned char * p;
1613 unsigned char * up;
1614 int new_interface = ('\0' == hp->interface_id) ? 0 : 1;
1615
1616 if ((SG_DXFER_UNKNOWN == dxfer_dir) || (SG_DXFER_TO_DEV == dxfer_dir) ||
1617 (SG_DXFER_TO_FROM_DEV == dxfer_dir)) {
1618 num_xfer = (int)(new_interface ? hp->dxfer_len : hp->flags);
1619 if (schp->bufflen < num_xfer)
1620 num_xfer = schp->bufflen;
1621 }
1622 if ((num_xfer <= 0) || (new_interface && (SG_FLAG_NO_DXFER & hp->flags)))
1623 return 0;
1624
1625 SCSI_LOG_TIMEOUT(4,
1626 printk("sg_write_xfer: num_xfer=%d, iovec_count=%d, k_use_sg=%d\n",
1627 num_xfer, iovec_count, schp->k_use_sg));
1628 if (iovec_count) {
1629 onum = iovec_count;
1630 if ((k = verify_area(VERIFY_READ, hp->dxferp,
1631 size_sg_iovec * onum)))
1632 return k;
1633 }
1634 else
1635 onum = 1;
1636
1637 if (0 == schp->k_use_sg) { /* kernel has single buffer */
1638 if (SG_USER_MEM != schp->buffer_mem_src) { /* else nothing to do */
1639
1640 for (j = 0, p = schp->buffer; j < onum; ++j) {
1641 res = sg_u_iovec(hp, iovec_count, j, 1, &usglen, &up);
1642 if (res) return res;
1643 usglen = (num_xfer > usglen) ? usglen : num_xfer;
1644 __copy_from_user(p, up, usglen);
1645 p += usglen;
1646 num_xfer -= usglen;
1647 if (num_xfer <= 0)
1648 return 0;
1649 }
1650 }
1651 }
1652 else { /* kernel using scatter gather list */
1653 struct scatterlist * sclp = (struct scatterlist *)schp->buffer;
1654 char * mem_src_arr = sg_get_sgat_msa(schp);
1655 ksglen = (int)sclp->length;
1656 p = sclp->address;
1657
1658 for (j = 0, k = 0; j < onum; ++j) {
1659 res = sg_u_iovec(hp, iovec_count, j, 1, &usglen, &up);
1660 if (res) return res;
1661
1662 for (; (k < schp->k_use_sg) && p;
1663 ++k, ++sclp, ksglen = (int)sclp->length, p = sclp->address) {
1664 ok = (SG_USER_MEM != mem_src_arr[k]);
1665 if (usglen <= 0)
1666 break;
1667 if (ksglen > usglen) {
1668 if (usglen >= num_xfer) {
1669 if (ok) __copy_from_user(p, up, num_xfer);
1670 return 0;
1671 }
1672 if (ok) __copy_from_user(p, up, usglen);
1673 p += usglen;
1674 ksglen -= usglen;
1675 break;
1676 }
1677 else {
1678 if (ksglen >= num_xfer) {
1679 if (ok) __copy_from_user(p, up, num_xfer);
1680 return 0;
1681 }
1682 if (ok) __copy_from_user(p, up, ksglen);
1683 up += ksglen;
1684 usglen -= ksglen;
1685 }
1686 }
1687 }
1688 }
1689 return 0;
1690 }
1691
1692 static int sg_u_iovec(sg_io_hdr_t * hp, int sg_num, int ind,
1693 int wr_xf, int * countp, unsigned char ** up)
1694 {
1695 int num_xfer = (int)hp->dxfer_len;
1696 unsigned char * p;
1697 int count, k;
1698 sg_iovec_t u_iovec;
1699
1700 if (0 == sg_num) {
1701 p = (unsigned char *)hp->dxferp;
1702 if (wr_xf && ('\0' == hp->interface_id))
1703 count = (int)hp->flags; /* holds "old" input_size */
1704 else
1705 count = num_xfer;
1706 }
1707 else {
1708 __copy_from_user(&u_iovec,
1709 (unsigned char *)hp->dxferp + (ind * size_sg_iovec),
1710 size_sg_iovec);
1711 p = (unsigned char *)u_iovec.iov_base;
1712 count = (int)u_iovec.iov_len;
1713 }
1714 if ((k = verify_area(wr_xf ? VERIFY_READ : VERIFY_WRITE, p, count)))
1715 return k;
1716 if (up) *up = p;
1717 if (countp) *countp = count;
1718 return 0;
1719 }
1720
1721 static char * sg_get_sgat_msa(Sg_scatter_hold * schp)
1722 {
1723 int elem_sz = sizeof(struct scatterlist) + sizeof(char);
1724 int mx_sc_elems = (schp->sglist_len / elem_sz) - 1;
1725 return schp->buffer + (sizeof(struct scatterlist) * mx_sc_elems);
1726 }
1727
1728 static void sg_remove_scat(Sg_scatter_hold * schp)
1729 {
1730 SCSI_LOG_TIMEOUT(4, printk("sg_remove_scat: k_use_sg=%d\n",
1731 schp->k_use_sg));
1732 if (schp->buffer && schp->sglist_len) {
1733 int k, mem_src;
1734 struct scatterlist * sclp = (struct scatterlist *)schp->buffer;
1735 char * mem_src_arr = sg_get_sgat_msa(schp);
1736
1737 for (k = 0; (k < schp->k_use_sg) && sclp->address; ++k, ++sclp) {
1738 mem_src = mem_src_arr[k];
1739 SCSI_LOG_TIMEOUT(5,
1740 printk("sg_remove_scat: k=%d, a=0x%p, len=%d, ms=%d\n",
1741 k, sclp->address, sclp->length, mem_src));
1742 sg_free(sclp->address, sclp->length, mem_src);
1743 sclp->address = NULL;
1744 sclp->length = 0;
1745 }
1746 sg_free(schp->buffer, schp->sglist_len, schp->buffer_mem_src);
1747 }
1748 else if (schp->buffer)
1749 sg_free(schp->buffer, schp->b_malloc_len, schp->buffer_mem_src);
1750 memset(schp, 0, sizeof(*schp));
1751 }
1752
1753 static int sg_read_xfer(Sg_request * srp)
1754 {
1755 sg_io_hdr_t * hp = &srp->header;
1756 Sg_scatter_hold * schp = &srp->data;
1757 int num_xfer = 0;
1758 int j, k, onum, usglen, ksglen, res, ok;
1759 int iovec_count = (int)hp->iovec_count;
1760 int dxfer_dir = hp->dxfer_direction;
1761 unsigned char * p;
1762 unsigned char * up;
1763 int new_interface = ('\0' == hp->interface_id) ? 0 : 1;
1764
1765 if ((SG_DXFER_UNKNOWN == dxfer_dir) || (SG_DXFER_FROM_DEV == dxfer_dir) ||
1766 (SG_DXFER_TO_FROM_DEV == dxfer_dir)) {
1767 num_xfer = hp->dxfer_len;
1768 if (schp->bufflen < num_xfer)
1769 num_xfer = schp->bufflen;
1770 }
1771 if ((num_xfer <= 0) || (new_interface && (SG_FLAG_NO_DXFER & hp->flags)))
1772 return 0;
1773
1774 SCSI_LOG_TIMEOUT(4,
1775 printk("sg_read_xfer: num_xfer=%d, iovec_count=%d, k_use_sg=%d\n",
1776 num_xfer, iovec_count, schp->k_use_sg));
1777 if (iovec_count) {
1778 onum = iovec_count;
1779 if ((k = verify_area(VERIFY_READ, hp->dxferp,
1780 size_sg_iovec * onum)))
1781 return k;
1782 }
1783 else
1784 onum = 1;
1785
1786 if (0 == schp->k_use_sg) { /* kernel has single buffer */
1787 if (SG_USER_MEM != schp->buffer_mem_src) { /* else nothing to do */
1788
1789 for (j = 0, p = schp->buffer; j < onum; ++j) {
1790 res = sg_u_iovec(hp, iovec_count, j, 0, &usglen, &up);
1791 if (res) return res;
1792 usglen = (num_xfer > usglen) ? usglen : num_xfer;
1793 __copy_to_user(up, p, usglen);
1794 p += usglen;
1795 num_xfer -= usglen;
1796 if (num_xfer <= 0)
1797 return 0;
1798 }
1799 }
1800 }
1801 else { /* kernel using scatter gather list */
1802 struct scatterlist * sclp = (struct scatterlist *)schp->buffer;
1803 char * mem_src_arr = sg_get_sgat_msa(schp);
1804 ksglen = (int)sclp->length;
1805 p = sclp->address;
1806
1807 for (j = 0, k = 0; j < onum; ++j) {
1808 res = sg_u_iovec(hp, iovec_count, j, 0, &usglen, &up);
1809 if (res) return res;
1810
1811 for (; (k < schp->k_use_sg) && p;
1812 ++k, ++sclp, ksglen = (int)sclp->length, p = sclp->address) {
1813 ok = (SG_USER_MEM != mem_src_arr[k]);
1814 if (usglen <= 0)
1815 break;
1816 if (ksglen > usglen) {
1817 if (usglen >= num_xfer) {
1818 if (ok) __copy_to_user(up, p, num_xfer);
1819 return 0;
1820 }
1821 if (ok) __copy_to_user(up, p, usglen);
1822 p += usglen;
1823 ksglen -= usglen;
1824 break;
1825 }
1826 else {
1827 if (ksglen >= num_xfer) {
1828 if (ok) __copy_to_user(up, p, num_xfer);
1829 return 0;
1830 }
1831 if (ok) __copy_to_user(up, p, ksglen);
1832 up += ksglen;
1833 usglen -= ksglen;
1834 }
1835 }
1836 }
1837 }
1838 return 0;
1839 }
1840
1841 static void sg_read_oxfer(Sg_request * srp, char * outp, int num_read_xfer)
1842 {
1843 Sg_scatter_hold * schp = &srp->data;
1844
1845 SCSI_LOG_TIMEOUT(4, printk("sg_read_oxfer: num_read_xfer=%d\n",
1846 num_read_xfer));
1847 if ((! outp) || (num_read_xfer <= 0))
1848 return;
1849 if(schp->k_use_sg > 0) {
1850 int k, num;
1851 struct scatterlist * sclp = (struct scatterlist *)schp->buffer;
1852
1853 for (k = 0; (k < schp->k_use_sg) && sclp->address; ++k, ++sclp) {
1854 num = (int)sclp->length;
1855 if (num > num_read_xfer) {
1856 __copy_to_user(outp, sclp->address, num_read_xfer);
1857 break;
1858 }
1859 else {
1860 __copy_to_user(outp, sclp->address, num);
1861 num_read_xfer -= num;
1862 if (num_read_xfer <= 0)
1863 break;
1864 outp += num;
1865 }
1866 }
1867 }
1868 else
1869 __copy_to_user(outp, schp->buffer, num_read_xfer);
1870 }
1871
1872 static void sg_build_reserve(Sg_fd * sfp, int req_size)
1873 {
1874 Sg_scatter_hold * schp = &sfp->reserve;
1875
1876 SCSI_LOG_TIMEOUT(4, printk("sg_build_reserve: req_size=%d\n", req_size));
1877 do {
1878 if (req_size < PAGE_SIZE)
1879 req_size = PAGE_SIZE;
1880 if (0 == sg_build_indi(schp, sfp, req_size))
1881 return;
1882 else
1883 sg_remove_scat(schp);
1884 req_size >>= 1; /* divide by 2 */
1885 } while (req_size > (PAGE_SIZE / 2));
1886 }
1887
1888 static void sg_link_reserve(Sg_fd * sfp, Sg_request * srp, int size)
1889 {
1890 Sg_scatter_hold * req_schp = &srp->data;
1891 Sg_scatter_hold * rsv_schp = &sfp->reserve;
1892
1893 srp->res_used = 1;
1894 SCSI_LOG_TIMEOUT(4, printk("sg_link_reserve: size=%d\n", size));
1895 size = (size + 1) & (~1); /* round to even for aha1542 */
1896 if (rsv_schp->k_use_sg > 0) {
1897 int k, num;
1898 int rem = size;
1899 struct scatterlist * sclp = (struct scatterlist *)rsv_schp->buffer;
1900
1901 for (k = 0; k < rsv_schp->k_use_sg; ++k, ++sclp) {
1902 num = (int)sclp->length;
1903 if (rem <= num) {
1904 if (0 == k) {
1905 req_schp->k_use_sg = 0;
1906 req_schp->buffer = sclp->address;
1907 }
1908 else {
1909 sfp->save_scat_len = num;
1910 sclp->length = (unsigned)rem;
1911 req_schp->k_use_sg = k + 1;
1912 req_schp->sglist_len = rsv_schp->sglist_len;
1913 req_schp->buffer = rsv_schp->buffer;
1914 }
1915 req_schp->bufflen = size;
1916 req_schp->buffer_mem_src = rsv_schp->buffer_mem_src;
1917 req_schp->b_malloc_len = rsv_schp->b_malloc_len;
1918 break;
1919 }
1920 else
1921 rem -= num;
1922 }
1923 if (k >= rsv_schp->k_use_sg)
1924 SCSI_LOG_TIMEOUT(1, printk("sg_link_reserve: BAD size\n"));
1925 }
1926 else {
1927 req_schp->k_use_sg = 0;
1928 req_schp->bufflen = size;
1929 req_schp->buffer = rsv_schp->buffer;
1930 req_schp->buffer_mem_src = rsv_schp->buffer_mem_src;
1931 req_schp->b_malloc_len = rsv_schp->b_malloc_len;
1932 }
1933 }
1934
1935 static void sg_unlink_reserve(Sg_fd * sfp, Sg_request * srp)
1936 {
1937 Sg_scatter_hold * req_schp = &srp->data;
1938 Sg_scatter_hold * rsv_schp = &sfp->reserve;
1939
1940 SCSI_LOG_TIMEOUT(4, printk("sg_unlink_reserve: req->k_use_sg=%d\n",
1941 (int)req_schp->k_use_sg));
1942 if ((rsv_schp->k_use_sg > 0) && (req_schp->k_use_sg > 0)) {
1943 struct scatterlist * sclp = (struct scatterlist *)rsv_schp->buffer;
1944
1945 if (sfp->save_scat_len > 0)
1946 (sclp + (req_schp->k_use_sg - 1))->length =
1947 (unsigned)sfp->save_scat_len;
1948 else
1949 SCSI_LOG_TIMEOUT(1, printk(
1950 "sg_unlink_reserve: BAD save_scat_len\n"));
1951 }
1952 req_schp->k_use_sg = 0;
1953 req_schp->bufflen = 0;
1954 req_schp->buffer = NULL;
1955 req_schp->sglist_len = 0;
1956 sfp->save_scat_len = 0;
1957 srp->res_used = 0;
1958 }
1959
1960 static Sg_request * sg_get_rq_mark(Sg_fd * sfp, int pack_id)
1961 {
1962 Sg_request * resp;
1963 unsigned long iflags;
1964
1965 write_lock_irqsave(&sfp->rq_list_lock, iflags);
1966 for (resp = sfp->headrp; resp; resp = resp->nextrp) {
1967 /* look for requests that are ready + not SG_IO owned */
1968 if ((1 == resp->done) && (! resp->sg_io_owned) &&
1969 ((-1 == pack_id) || (resp->header.pack_id == pack_id))) {
1970 resp->done = 2; /* guard against other readers */
1971 break;
1972 }
1973 }
1974 write_unlock_irqrestore(&sfp->rq_list_lock, iflags);
1975 return resp;
1976 }
1977
1978 static Sg_request * sg_get_nth_request(Sg_fd * sfp, int nth)
1979 {
1980 Sg_request * resp;
1981 unsigned long iflags;
1982 int k;
1983
1984 read_lock_irqsave(&sfp->rq_list_lock, iflags);
1985 for (k = 0, resp = sfp->headrp; resp && (k < nth);
1986 ++k, resp = resp->nextrp)
1987 ;
1988 read_unlock_irqrestore(&sfp->rq_list_lock, iflags);
1989 return resp;
1990 }
1991
1992 /* always adds to end of list */
1993 static Sg_request * sg_add_request(Sg_fd * sfp)
1994 {
1995 int k;
1996 unsigned long iflags;
1997 Sg_request * resp;
1998 Sg_request * rp = sfp->req_arr;
1999
2000 write_lock_irqsave(&sfp->rq_list_lock, iflags);
2001 resp = sfp->headrp;
2002 if (! resp) {
2003 memset(rp, 0, sizeof(Sg_request));
2004 rp->parentfp = sfp;
2005 resp = rp;
2006 sfp->headrp = resp;
2007 }
2008 else {
2009 if (0 == sfp->cmd_q)
2010 resp = NULL; /* command queuing disallowed */
2011 else {
2012 for (k = 0; k < SG_MAX_QUEUE; ++k, ++rp) {
2013 if (! rp->parentfp)
2014 break;
2015 }
2016 if (k < SG_MAX_QUEUE) {
2017 memset(rp, 0, sizeof(Sg_request));
2018 rp->parentfp = sfp;
2019 while (resp->nextrp)
2020 resp = resp->nextrp;
2021 resp->nextrp = rp;
2022 resp = rp;
2023 }
2024 else
2025 resp = NULL;
2026 }
2027 }
2028 if (resp) {
2029 resp->nextrp = NULL;
2030 resp->header.duration = jiffies;
2031 resp->my_cmdp = NULL;
2032 resp->data.kiobp = NULL;
2033 }
2034 write_unlock_irqrestore(&sfp->rq_list_lock, iflags);
2035 return resp;
2036 }
2037
2038 /* Return of 1 for found; 0 for not found */
2039 static int sg_remove_request(Sg_fd * sfp, Sg_request * srp)
2040 {
2041 Sg_request * prev_rp;
2042 Sg_request * rp;
2043 unsigned long iflags;
2044 int res = 0;
2045
2046 if ((! sfp) || (! srp) || (! sfp->headrp))
2047 return res;
2048 write_lock_irqsave(&sfp->rq_list_lock, iflags);
2049 prev_rp = sfp->headrp;
2050 if (srp == prev_rp) {
2051 sfp->headrp = prev_rp->nextrp;
2052 prev_rp->parentfp = NULL;
2053 res = 1;
2054 }
2055 else {
2056 while ((rp = prev_rp->nextrp)) {
2057 if (srp == rp) {
2058 prev_rp->nextrp = rp->nextrp;
2059 rp->parentfp = NULL;
2060 res = 1;
2061 break;
2062 }
2063 prev_rp = rp;
2064 }
2065 }
2066 write_unlock_irqrestore(&sfp->rq_list_lock, iflags);
2067 return res;
2068 }
2069
2070 static Sg_fd * sg_get_nth_sfp(Sg_device * sdp, int nth)
2071 {
2072 Sg_fd * resp;
2073 unsigned long iflags;
2074 int k;
2075
2076 read_lock_irqsave(&sg_dev_arr_lock, iflags);
2077 for (k = 0, resp = sdp->headfp; resp && (k < nth);
2078 ++k, resp = resp->nextfp)
2079 ;
2080 read_unlock_irqrestore(&sg_dev_arr_lock, iflags);
2081 return resp;
2082 }
2083
2084 static Sg_fd * sg_add_sfp(Sg_device * sdp, int dev)
2085 {
2086 Sg_fd * sfp;
2087 unsigned long iflags;
2088
2089 sfp = (Sg_fd *)sg_low_malloc(sizeof(Sg_fd), 0, SG_HEAP_KMAL, 0);
2090 if (! sfp)
2091 return NULL;
2092 memset(sfp, 0, sizeof(Sg_fd));
2093 sfp->fd_mem_src = SG_HEAP_KMAL;
2094 init_waitqueue_head(&sfp->read_wait);
2095 sfp->rq_list_lock = RW_LOCK_UNLOCKED;
2096
2097 sfp->timeout = SG_DEFAULT_TIMEOUT;
2098 sfp->force_packid = SG_DEF_FORCE_PACK_ID;
2099 sfp->low_dma = (SG_DEF_FORCE_LOW_DMA == 0) ?
2100 sdp->device->host->unchecked_isa_dma : 1;
2101 sfp->cmd_q = SG_DEF_COMMAND_Q;
2102 sfp->keep_orphan = SG_DEF_KEEP_ORPHAN;
2103 sfp->parentdp = sdp;
2104 write_lock_irqsave(&sg_dev_arr_lock, iflags);
2105 if (! sdp->headfp)
2106 sdp->headfp = sfp;
2107 else { /* add to tail of existing list */
2108 Sg_fd * pfp = sdp->headfp;
2109 while (pfp->nextfp)
2110 pfp = pfp->nextfp;
2111 pfp->nextfp = sfp;
2112 }
2113 write_unlock_irqrestore(&sg_dev_arr_lock, iflags);
2114 SCSI_LOG_TIMEOUT(3, printk("sg_add_sfp: sfp=0x%p, m_s=%d\n",
2115 sfp, (int)sfp->fd_mem_src));
2116 sg_build_reserve(sfp, sg_big_buff);
2117 SCSI_LOG_TIMEOUT(3, printk("sg_add_sfp: bufflen=%d, k_use_sg=%d\n",
2118 sfp->reserve.bufflen, sfp->reserve.k_use_sg));
2119 return sfp;
2120 }
2121
2122 static int sg_remove_sfp(Sg_device * sdp, Sg_fd * sfp)
2123 {
2124 Sg_request * srp;
2125 Sg_request * tsrp;
2126 int dirty = 0;
2127 int res = 0;
2128
2129 srp = sfp->headrp;
2130 if (srp) {
2131 while (srp) {
2132 tsrp = srp->nextrp;
2133 if (srp->done)
2134 sg_finish_rem_req(srp);
2135 else
2136 ++dirty;
2137 srp = tsrp;
2138 }
2139 }
2140 if (0 == dirty) {
2141 Sg_fd * fp;
2142 Sg_fd * prev_fp;
2143 unsigned long iflags;
2144
2145 write_lock_irqsave(&sg_dev_arr_lock, iflags);
2146 prev_fp = sdp->headfp;
2147 if (sfp == prev_fp)
2148 sdp->headfp = prev_fp->nextfp;
2149 else {
2150 while ((fp = prev_fp->nextfp)) {
2151 if (sfp == fp) {
2152 prev_fp->nextfp = fp->nextfp;
2153 break;
2154 }
2155 prev_fp = fp;
2156 }
2157 }
2158 write_unlock_irqrestore(&sg_dev_arr_lock, iflags);
2159 if (sfp->reserve.bufflen > 0) {
2160 SCSI_LOG_TIMEOUT(6, printk("sg_remove_sfp: bufflen=%d, k_use_sg=%d\n",
2161 (int)sfp->reserve.bufflen, (int)sfp->reserve.k_use_sg));
2162 sg_remove_scat(&sfp->reserve);
2163 }
2164 sfp->parentdp = NULL;
2165 SCSI_LOG_TIMEOUT(6, printk("sg_remove_sfp: sfp=0x%p\n", sfp));
2166 sg_low_free((char *)sfp, sizeof(Sg_fd), sfp->fd_mem_src);
2167 if (sdp->detached && (NULL == sdp->headfp)) {
2168 int k, maxd;
2169
2170 maxd = sg_template.dev_max;
2171 for (k = 0; k < maxd; ++k) {
2172 if (sdp == sg_dev_arr[k])
2173 break;
2174 }
2175 if (k < maxd)
2176 sg_dev_arr[k] = NULL;
2177 kfree((char *)sdp);
2178 }
2179 res = 1;
2180 }
2181 else {
2182 sfp->closed = 1; /* flag dirty state on this fd */
2183 SCSI_LOG_TIMEOUT(1, printk(
2184 "sg_remove_sfp: worrisome, %d writes pending\n", dirty));
2185 }
2186 return res;
2187 }
2188
2189 static int sg_res_in_use(Sg_fd * sfp)
2190 {
2191 const Sg_request * srp;
2192 unsigned long iflags;
2193
2194 read_lock_irqsave(&sfp->rq_list_lock, iflags);
2195 for (srp = sfp->headrp; srp; srp = srp->nextrp)
2196 if (srp->res_used) break;
2197 read_unlock_irqrestore(&sfp->rq_list_lock, iflags);
2198 return srp ? 1 : 0;
2199 }
2200
2201 static int sg_dio_in_use(Sg_fd * sfp)
2202 {
2203 const Sg_request * srp;
2204 unsigned long iflags;
2205
2206 read_lock_irqsave(&sfp->rq_list_lock, iflags);
2207 for (srp = sfp->headrp; srp; srp = srp->nextrp)
2208 if ((! srp->done) && srp->data.kiobp) break;
2209 read_unlock_irqrestore(&sfp->rq_list_lock, iflags);
2210 return srp ? 1 : 0;
2211 }
2212
2213 /* If retSzp==NULL want exact size or fail */
2214 /* sg_low_malloc() should always be called from a process context allowing
2215 GFP_KERNEL to be used instead of GFP_ATOMIC */
2216 static char * sg_low_malloc(int rqSz, int lowDma, int mem_src, int * retSzp)
2217 {
2218 char * resp = NULL;
2219 int page_mask = lowDma ? (GFP_KERNEL | GFP_DMA) : GFP_KERNEL;
2220
2221 if (rqSz <= 0)
2222 return resp;
2223 if (SG_HEAP_KMAL == mem_src) {
2224 page_mask = lowDma ? (GFP_ATOMIC | GFP_DMA) : GFP_ATOMIC;
2225 /* Seen kmalloc(..,GFP_KERNEL) hang for 40 secs! */
2226 resp = kmalloc(rqSz, page_mask);
2227 if (resp && retSzp) *retSzp = rqSz;
2228 return resp;
2229 }
2230 if (SG_HEAP_POOL == mem_src) {
2231 int num_sect = rqSz / SG_SECTOR_SZ;
2232
2233 if (0 != (rqSz & SG_SECTOR_MSK)) {
2234 if (! retSzp)
2235 return resp;
2236 ++num_sect;
2237 rqSz = num_sect * SG_SECTOR_SZ;
2238 }
2239 while (num_sect > 0) {
2240 if ((num_sect <= sg_pool_secs_avail) &&
2241 (scsi_dma_free_sectors > (SG_LOW_POOL_THRESHHOLD + num_sect))) {
2242 resp = scsi_malloc(rqSz);
2243 if (resp) {
2244 if (retSzp) *retSzp = rqSz;
2245 sg_pool_secs_avail -= num_sect;
2246 return resp;
2247 }
2248 }
2249 if (! retSzp)
2250 return resp;
2251 num_sect /= 2; /* try half as many */
2252 rqSz = num_sect * SG_SECTOR_SZ;
2253 }
2254 }
2255 else if (SG_HEAP_PAGE == mem_src) {
2256 int order, a_size;
2257 int resSz = rqSz;
2258
2259 for (order = 0, a_size = PAGE_SIZE;
2260 a_size < rqSz; order++, a_size <<= 1)
2261 ;
2262 resp = (char *)__get_free_pages(page_mask, order);
2263 while ((! resp) && order && retSzp) {
2264 --order;
2265 a_size >>= 1; /* divide by 2, until PAGE_SIZE */
2266 resp = (char *)__get_free_pages(page_mask, order); /* try half */
2267 resSz = a_size;
2268 }
2269 if (retSzp) *retSzp = resSz;
2270 }
2271 else
2272 printk("sg_low_malloc: bad mem_src=%d, rqSz=%df\n", mem_src, rqSz);
2273 return resp;
2274 }
2275
2276 static char * sg_malloc(const Sg_fd * sfp, int size, int * retSzp,
2277 int * mem_srcp)
2278 {
2279 char * resp = NULL;
2280
2281 if (retSzp) *retSzp = size;
2282 if (size <= 0)
2283 ;
2284 else {
2285 int low_dma = sfp->low_dma;
2286 int l_ms = -1; /* invalid value */
2287
2288 switch (*mem_srcp)
2289 {
2290 case SG_HEAP_PAGE:
2291 l_ms = (size < PAGE_SIZE) ? SG_HEAP_POOL : SG_HEAP_PAGE;
2292 resp = sg_low_malloc(size, low_dma, l_ms, 0);
2293 if (resp)
2294 break;
2295 resp = sg_low_malloc(size, low_dma, l_ms, &size);
2296 if (! resp) {
2297 l_ms = (SG_HEAP_POOL == l_ms) ? SG_HEAP_PAGE : SG_HEAP_POOL;
2298 resp = sg_low_malloc(size, low_dma, l_ms, &size);
2299 if (! resp) {
2300 l_ms = SG_HEAP_KMAL;
2301 resp = sg_low_malloc(size, low_dma, l_ms, &size);
2302 }
2303 }
2304 if (resp && retSzp) *retSzp = size;
2305 break;
2306 case SG_HEAP_KMAL:
2307 l_ms = SG_HEAP_PAGE;
2308 resp = sg_low_malloc(size, low_dma, l_ms, 0);
2309 if (resp)
2310 break;
2311 l_ms = SG_HEAP_POOL;
2312 resp = sg_low_malloc(size, low_dma, l_ms, &size);
2313 if (resp && retSzp) *retSzp = size;
2314 break;
2315 default:
2316 SCSI_LOG_TIMEOUT(1, printk("sg_malloc: bad ms=%d\n", *mem_srcp));
2317 break;
2318 }
2319 if (resp) *mem_srcp = l_ms;
2320 }
2321 SCSI_LOG_TIMEOUT(6, printk("sg_malloc: size=%d, ms=%d, ret=0x%p\n",
2322 size, *mem_srcp, resp));
2323 return resp;
2324 }
2325
2326 static void sg_low_free(char * buff, int size, int mem_src)
2327 {
2328 if (! buff) return;
2329 switch (mem_src) {
2330 case SG_HEAP_POOL:
2331 {
2332 int num_sect = size / SG_SECTOR_SZ;
2333
2334 scsi_free(buff, size);
2335 sg_pool_secs_avail += num_sect;
2336 }
2337 break;
2338 case SG_HEAP_KMAL:
2339 kfree(buff); /* size not used */
2340 break;
2341 case SG_HEAP_PAGE:
2342 {
2343 int order, a_size;
2344 for (order = 0, a_size = PAGE_SIZE;
2345 a_size < size; order++, a_size <<= 1)
2346 ;
2347 free_pages((unsigned long)buff, order);
2348 }
2349 break;
2350 case SG_USER_MEM:
2351 break; /* nothing to do */
2352 default:
2353 printk("sg_low_free: bad mem_src=%d, buff=0x%p, rqSz=%df\n",
2354 mem_src, buff, size);
2355 break;
2356 }
2357 }
2358
2359 static void sg_free(char * buff, int size, int mem_src)
2360 {
2361 SCSI_LOG_TIMEOUT(6,
2362 printk("sg_free: buff=0x%p, size=%d\n", buff, size));
2363 if ((! buff) || (size <= 0))
2364 ;
2365 else
2366 sg_low_free(buff, size, mem_src);
2367 }
2368
2369 static void sg_clr_scpnt(Scsi_Cmnd * SCpnt)
2370 {
2371 SCpnt->use_sg = 0;
2372 SCpnt->sglist_len = 0;
2373 SCpnt->bufflen = 0;
2374 SCpnt->buffer = NULL;
2375 SCpnt->underflow = 0;
2376 SCpnt->request.rq_dev = MKDEV(0, 0); /* "sg" _disowns_ command blk */
2377 }
2378
2379 static int sg_ms_to_jif(unsigned int msecs)
2380 {
2381 if ((UINT_MAX / 2U) < msecs)
2382 return INT_MAX; /* special case, set largest possible */
2383 else
2384 return ((int)msecs < (INT_MAX / 1000)) ? (((int)msecs * HZ) / 1000)
2385 : (((int)msecs / 1000) * HZ);
2386 }
2387
2388 static unsigned sg_jif_to_ms(int jifs)
2389 {
2390 if (jifs <= 0)
2391 return 0U;
2392 else {
2393 unsigned int j = (unsigned int)jifs;
2394 return (j < (UINT_MAX / 1000)) ? ((j * 1000) / HZ) : ((j / HZ) * 1000);
2395 }
2396 }
2397
2398 static unsigned char allow_ops[] = {TEST_UNIT_READY, INQUIRY,
2399 READ_CAPACITY, READ_BUFFER, READ_6, READ_10, READ_12,
2400 MODE_SENSE, MODE_SENSE_10};
2401
2402 static int sg_allow_access(unsigned char opcode, char dev_type)
2403 {
2404 int k;
2405
2406 if (TYPE_SCANNER == dev_type) /* TYPE_ROM maybe burner */
2407 return 1;
2408 for (k = 0; k < sizeof(allow_ops); ++k) {
2409 if (opcode == allow_ops[k])
2410 return 1;
2411 }
2412 return 0;
2413 }
2414
2415
2416 static int sg_last_dev()
2417 {
2418 int k;
2419 unsigned long iflags;
2420
2421 read_lock_irqsave(&sg_dev_arr_lock, iflags);
2422 for (k = sg_template.dev_max - 1; k >= 0; --k)
2423 if (sg_dev_arr[k] && sg_dev_arr[k]->device) break;
2424 read_unlock_irqrestore(&sg_dev_arr_lock, iflags);
2425 return k + 1; /* origin 1 */
2426 }
2427
2428 static Sg_device * sg_get_dev(int dev)
2429 {
2430 Sg_device * sdp = NULL;
2431 unsigned long iflags;
2432
2433 if (sg_dev_arr && (dev >= 0))
2434 {
2435 read_lock_irqsave(&sg_dev_arr_lock, iflags);
2436 if (dev < sg_template.dev_max)
2437 sdp = sg_dev_arr[dev];
2438 read_unlock_irqrestore(&sg_dev_arr_lock, iflags);
2439 }
2440 return sdp;
2441 }
2442
2443 #ifdef CONFIG_PROC_FS
2444
2445 static struct proc_dir_entry * sg_proc_sgp = NULL;
2446
2447 static const char * sg_proc_sg_dirname = "sg";
2448 static const char * sg_proc_leaf_names[] = {"def_reserved_size", "debug",
2449 "devices", "device_hdr", "device_strs",
2450 "hosts", "host_hdr", "host_strs", "version"};
2451
2452 static int sg_proc_dressz_read(char * buffer, char ** start, off_t offset,
2453 int size, int * eof, void * data);
2454 static int sg_proc_dressz_info(char * buffer, int * len, off_t * begin,
2455 off_t offset, int size);
2456 static int sg_proc_dressz_write(struct file * filp, const char * buffer,
2457 unsigned long count, void * data);
2458 static int sg_proc_debug_read(char * buffer, char ** start, off_t offset,
2459 int size, int * eof, void * data);
2460 static int sg_proc_debug_info(char * buffer, int * len, off_t * begin,
2461 off_t offset, int size);
2462 static int sg_proc_dev_read(char * buffer, char ** start, off_t offset,
2463 int size, int * eof, void * data);
2464 static int sg_proc_dev_info(char * buffer, int * len, off_t * begin,
2465 off_t offset, int size);
2466 static int sg_proc_devhdr_read(char * buffer, char ** start, off_t offset,
2467 int size, int * eof, void * data);
2468 static int sg_proc_devhdr_info(char * buffer, int * len, off_t * begin,
2469 off_t offset, int size);
2470 static int sg_proc_devstrs_read(char * buffer, char ** start, off_t offset,
2471 int size, int * eof, void * data);
2472 static int sg_proc_devstrs_info(char * buffer, int * len, off_t * begin,
2473 off_t offset, int size);
2474 static int sg_proc_host_read(char * buffer, char ** start, off_t offset,
2475 int size, int * eof, void * data);
2476 static int sg_proc_host_info(char * buffer, int * len, off_t * begin,
2477 off_t offset, int size);
2478 static int sg_proc_hosthdr_read(char * buffer, char ** start, off_t offset,
2479 int size, int * eof, void * data);
2480 static int sg_proc_hosthdr_info(char * buffer, int * len, off_t * begin,
2481 off_t offset, int size);
2482 static int sg_proc_hoststrs_read(char * buffer, char ** start, off_t offset,
2483 int size, int * eof, void * data);
2484 static int sg_proc_hoststrs_info(char * buffer, int * len, off_t * begin,
2485 off_t offset, int size);
2486 static int sg_proc_version_read(char * buffer, char ** start, off_t offset,
2487 int size, int * eof, void * data);
2488 static int sg_proc_version_info(char * buffer, int * len, off_t * begin,
2489 off_t offset, int size);
2490 static read_proc_t * sg_proc_leaf_reads[] = {
2491 sg_proc_dressz_read, sg_proc_debug_read,
2492 sg_proc_dev_read, sg_proc_devhdr_read, sg_proc_devstrs_read,
2493 sg_proc_host_read, sg_proc_hosthdr_read, sg_proc_hoststrs_read,
2494 sg_proc_version_read};
2495 static write_proc_t * sg_proc_leaf_writes[] = {
2496 sg_proc_dressz_write, 0, 0, 0, 0, 0, 0, 0, 0};
2497
2498 #define PRINT_PROC(fmt,args...) \
2499 do { \
2500 *len += sprintf(buffer + *len, fmt, ##args); \
2501 if (*begin + *len > offset + size) \
2502 return 0; \
2503 if (*begin + *len < offset) { \
2504 *begin += *len; \
2505 *len = 0; \
2506 } \
2507 } while(0)
2508
2509 #define SG_PROC_READ_FN(infofp) \
2510 do { \
2511 int len = 0; \
2512 off_t begin = 0; \
2513 *eof = infofp(buffer, &len, &begin, offset, size); \
2514 if (offset >= (begin + len)) \
2515 return 0; \
2516 *start = buffer + offset - begin; \
2517 return (size < (begin + len - offset)) ? \
2518 size : begin + len - offset; \
2519 } while(0)
2520
2521
2522 static int sg_proc_init()
2523 {
2524 int k, mask;
2525 int leaves = sizeof(sg_proc_leaf_names) / sizeof(sg_proc_leaf_names[0]);
2526 struct proc_dir_entry * pdep;
2527
2528 if (! proc_scsi)
2529 return 1;
2530 sg_proc_sgp = create_proc_entry(sg_proc_sg_dirname,
2531 S_IFDIR | S_IRUGO | S_IXUGO, proc_scsi);
2532 if (! sg_proc_sgp)
2533 return 1;
2534 for (k = 0; k < leaves; ++k) {
2535 mask = sg_proc_leaf_writes[k] ? S_IRUGO | S_IWUSR : S_IRUGO;
2536 pdep = create_proc_entry(sg_proc_leaf_names[k], mask, sg_proc_sgp);
2537 if (pdep) {
2538 pdep->read_proc = sg_proc_leaf_reads[k];
2539 if (sg_proc_leaf_writes[k])
2540 pdep->write_proc = sg_proc_leaf_writes[k];
2541 }
2542 }
2543 return 0;
2544 }
2545
2546 #ifdef MODULE
2547 static void sg_proc_cleanup()
2548 {
2549 int k;
2550 int leaves = sizeof(sg_proc_leaf_names) / sizeof(sg_proc_leaf_names[0]);
2551
2552 if ((! proc_scsi) || (! sg_proc_sgp))
2553 return;
2554 for (k = 0; k < leaves; ++k)
2555 remove_proc_entry(sg_proc_leaf_names[k], sg_proc_sgp);
2556 remove_proc_entry(sg_proc_sg_dirname, proc_scsi);
2557 }
2558 #endif
2559
2560 static int sg_proc_dressz_read(char * buffer, char ** start, off_t offset,
2561 int size, int * eof, void * data)
2562 { SG_PROC_READ_FN(sg_proc_dressz_info); }
2563
2564 static int sg_proc_dressz_info(char * buffer, int * len, off_t * begin,
2565 off_t offset, int size)
2566 {
2567 PRINT_PROC("%d\n", sg_big_buff);
2568 return 1;
2569 }
2570
2571 static int sg_proc_dressz_write(struct file * filp, const char * buffer,
2572 unsigned long count, void * data)
2573 {
2574 int num;
2575 unsigned long k = ULONG_MAX;
2576 char buff[11];
2577
2578 if (! capable(CAP_SYS_ADMIN))
2579 return -EACCES;
2580 num = (count < 10) ? count : 10;
2581 copy_from_user(buff, buffer, num);
2582 buff[count] = '\0';
2583 k = simple_strtoul(buff, 0, 10);
2584 if (k <= 1048576) {
2585 sg_big_buff = k;
2586 return count;
2587 }
2588 return -ERANGE;
2589 }
2590
2591 static int sg_proc_debug_read(char * buffer, char ** start, off_t offset,
2592 int size, int * eof, void * data)
2593 { SG_PROC_READ_FN(sg_proc_debug_info); }
2594
2595 static int sg_proc_debug_info(char * buffer, int * len, off_t * begin,
2596 off_t offset, int size)
2597 {
2598 Sg_device * sdp;
2599 const sg_io_hdr_t * hp;
2600 int j, max_dev;
2601
2602 if (NULL == sg_dev_arr) {
2603 PRINT_PROC("sg_dev_arr NULL, driver not initialized\n");
2604 return 1;
2605 }
2606 max_dev = sg_last_dev();
2607 PRINT_PROC("dev_max(currently)=%d max_active_device=%d (origin 1)\n",
2608 sg_template.dev_max, max_dev);
2609 PRINT_PROC(" scsi_dma_free_sectors=%u sg_pool_secs_aval=%d "
2610 "def_reserved_size=%d\n",
2611 scsi_dma_free_sectors, sg_pool_secs_avail, sg_big_buff);
2612 for (j = 0; j < max_dev; ++j) {
2613 if ((sdp = sg_get_dev(j))) {
2614 Sg_fd * fp;
2615 Sg_request * srp;
2616 struct scsi_device * scsidp;
2617 int dev, k, m, blen, usg;
2618
2619 if (! (scsidp = sdp->device)) {
2620 PRINT_PROC("device %d detached ??\n", j);
2621 continue;
2622 }
2623 dev = MINOR(sdp->i_rdev);
2624
2625 if (sg_get_nth_sfp(sdp, 0)) {
2626 PRINT_PROC(" >>> device=sg%d ", dev);
2627 PRINT_PROC("scsi%d chan=%d id=%d lun=%d em=%d sg_tablesize=%d"
2628 " excl=%d\n", scsidp->host->host_no, scsidp->channel,
2629 scsidp->id, scsidp->lun, scsidp->host->hostt->emulated,
2630 sdp->sg_tablesize, sdp->exclude);
2631 }
2632 for (k = 0; (fp = sg_get_nth_sfp(sdp, k)); ++k) {
2633 PRINT_PROC(" FD(%d): timeout=%dms bufflen=%d "
2634 "(res)sgat=%d low_dma=%d\n", k + 1,
2635 sg_jif_to_ms(fp->timeout), fp->reserve.bufflen,
2636 (int)fp->reserve.k_use_sg, (int)fp->low_dma);
2637 PRINT_PROC(" cmd_q=%d f_packid=%d k_orphan=%d closed=%d\n",
2638 (int)fp->cmd_q, (int)fp->force_packid,
2639 (int)fp->keep_orphan, (int)fp->closed);
2640 for (m = 0; (srp = sg_get_nth_request(fp, m)); ++m) {
2641 hp = &srp->header;
2642 /* stop indenting so far ... */
2643 PRINT_PROC(srp->res_used ? " rb>> " :
2644 ((SG_INFO_DIRECT_IO_MASK & hp->info) ? " dio>> " : " "));
2645 blen = srp->my_cmdp ? srp->my_cmdp->bufflen : srp->data.bufflen;
2646 usg = srp->my_cmdp ? srp->my_cmdp->use_sg : srp->data.k_use_sg;
2647 PRINT_PROC(srp->done ? ((1 == srp->done) ? "rcv:" : "fin:")
2648 : (srp->my_cmdp ? "act:" : "prior:"));
2649 PRINT_PROC(" id=%d blen=%d", srp->header.pack_id, blen);
2650 if (srp->done)
2651 PRINT_PROC(" dur=%d", hp->duration);
2652 else
2653 PRINT_PROC(" t_o/elap=%d/%d", ((hp->interface_id == '\0') ?
2654 sg_jif_to_ms(fp->timeout) : hp->timeout),
2655 sg_jif_to_ms(hp->duration ? (jiffies - hp->duration) : 0));
2656 PRINT_PROC("ms sgat=%d op=0x%02x\n", usg, (int)srp->data.cmd_opcode);
2657 /* reset indenting */
2658 }
2659 if (0 == m)
2660 PRINT_PROC(" No requests active\n");
2661 }
2662 }
2663 }
2664 return 1;
2665 }
2666
2667 static int sg_proc_dev_read(char * buffer, char ** start, off_t offset,
2668 int size, int * eof, void * data)
2669 { SG_PROC_READ_FN(sg_proc_dev_info); }
2670
2671 static int sg_proc_dev_info(char * buffer, int * len, off_t * begin,
2672 off_t offset, int size)
2673 {
2674 Sg_device * sdp;
2675 int j, max_dev;
2676 struct scsi_device * scsidp;
2677
2678 max_dev = sg_last_dev();
2679 for (j = 0; j < max_dev; ++j) {
2680 sdp = sg_get_dev(j);
2681 if (sdp && (scsidp = sdp->device))
2682 PRINT_PROC("%d\t%d\t%d\t%d\t%d\t%d\t%d\t%d\n",
2683 scsidp->host->host_no, scsidp->channel, scsidp->id,
2684 scsidp->lun, (int)scsidp->type, (int)scsidp->access_count,
2685 (int)scsidp->queue_depth, (int)scsidp->device_busy);
2686 else
2687 PRINT_PROC("-1\t-1\t-1\t-1\t-1\t-1\t-1\t-1\n");
2688 }
2689 return 1;
2690 }
2691
2692 static int sg_proc_devhdr_read(char * buffer, char ** start, off_t offset,
2693 int size, int * eof, void * data)
2694 { SG_PROC_READ_FN(sg_proc_devhdr_info); }
2695
2696 static int sg_proc_devhdr_info(char * buffer, int * len, off_t * begin,
2697 off_t offset, int size)
2698 {
2699 PRINT_PROC("host\tchan\tid\tlun\ttype\tbopens\tqdepth\tbusy\n");
2700 return 1;
2701 }
2702
2703 static int sg_proc_devstrs_read(char * buffer, char ** start, off_t offset,
2704 int size, int * eof, void * data)
2705 { SG_PROC_READ_FN(sg_proc_devstrs_info); }
2706
2707 static int sg_proc_devstrs_info(char * buffer, int * len, off_t * begin,
2708 off_t offset, int size)
2709 {
2710 Sg_device * sdp;
2711 int j, max_dev;
2712 struct scsi_device * scsidp;
2713
2714 max_dev = sg_last_dev();
2715 for (j = 0; j < max_dev; ++j) {
2716 sdp = sg_get_dev(j);
2717 if (sdp && (scsidp = sdp->device))
2718 PRINT_PROC("%8.8s\t%16.16s\t%4.4s\n",
2719 scsidp->vendor, scsidp->model, scsidp->rev);
2720 else
2721 PRINT_PROC("<no active device>\n");
2722 }
2723 return 1;
2724 }
2725
2726 static int sg_proc_host_read(char * buffer, char ** start, off_t offset,
2727 int size, int * eof, void * data)
2728 { SG_PROC_READ_FN(sg_proc_host_info); }
2729
2730 static int sg_proc_host_info(char * buffer, int * len, off_t * begin,
2731 off_t offset, int size)
2732 {
2733 struct Scsi_Host * shp;
2734 int k;
2735
2736 for (k = 0, shp = scsi_hostlist; shp; shp = shp->next, ++k) {
2737 for ( ; k < shp->host_no; ++k)
2738 PRINT_PROC("-1\t-1\t-1\t-1\t-1\t-1\n");
2739 PRINT_PROC("%u\t%hu\t%hd\t%hu\t%d\t%d\n",
2740 shp->unique_id, shp->host_busy, shp->cmd_per_lun,
2741 shp->sg_tablesize, (int)shp->unchecked_isa_dma,
2742 (int)shp->hostt->emulated);
2743 }
2744 return 1;
2745 }
2746
2747 static int sg_proc_hosthdr_read(char * buffer, char ** start, off_t offset,
2748 int size, int * eof, void * data)
2749 { SG_PROC_READ_FN(sg_proc_hosthdr_info); }
2750
2751 static int sg_proc_hosthdr_info(char * buffer, int * len, off_t * begin,
2752 off_t offset, int size)
2753 {
2754 PRINT_PROC("uid\tbusy\tcpl\tscatg\tisa\temul\n");
2755 return 1;
2756 }
2757
2758 static int sg_proc_hoststrs_read(char * buffer, char ** start, off_t offset,
2759 int size, int * eof, void * data)
2760 { SG_PROC_READ_FN(sg_proc_hoststrs_info); }
2761
2762 static int sg_proc_hoststrs_info(char * buffer, int * len, off_t * begin,
2763 off_t offset, int size)
2764 {
2765 struct Scsi_Host * shp;
2766 int k;
2767
2768 for (k = 0, shp = scsi_hostlist; shp; shp = shp->next, ++k) {
2769 for ( ; k < shp->host_no; ++k)
2770 PRINT_PROC("<no active host>\n");
2771 PRINT_PROC("%s\n", shp->hostt->info ? shp->hostt->info(shp) :
2772 (shp->hostt->name ? shp->hostt->name : "<no name>"));
2773 }
2774 return 1;
2775 }
2776
2777 static int sg_proc_version_read(char * buffer, char ** start, off_t offset,
2778 int size, int * eof, void * data)
2779 { SG_PROC_READ_FN(sg_proc_version_info); }
2780
2781 static int sg_proc_version_info(char * buffer, int * len, off_t * begin,
2782 off_t offset, int size)
2783 {
2784 PRINT_PROC("%d\t%s\n", sg_version_num, sg_version_str);
2785 return 1;
2786 }
2787 #endif /* CONFIG_PROC_FS */
Copy of Dave Jones history.git as used by http://archive.org/details/git-history-of-linux