]> git.proxmox.com Git - mirror_ubuntu-bionic-kernel.git/blame - drivers/scsi/aacraid/commctrl.c
projects / mirror_ubuntu-bionic-kernel.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
Merge branch 'WIP.x86/boot' into x86/boot, to pick up ready branch
[mirror_ubuntu-bionic-kernel.git] / drivers / scsi / aacraid / commctrl.c
CommitLineData
1da177e4
LT		 1/*
2 * Adaptec AAC series RAID controller driver
fa195afe 3 * (c) Copyright 2001 Red Hat Inc.
1da177e4
LT		 4 *
5 * based on the old aacraid driver that is..
6 * Adaptec aacraid device driver for Linux.
7 *
e8b12f0f 8 * Copyright (c) 2000-2010 Adaptec, Inc.
f4babba0
RAR		 9 * 2010-2015 PMC-Sierra, Inc. (aacraid@pmc-sierra.com)
10 * 2016-2017 Microsemi Corp. (aacraid@microsemi.com)
1da177e4
LT		 11 *
12 * This program is free software; you can redistribute it and/or modify
13 * it under the terms of the GNU General Public License as published by
14 * the Free Software Foundation; either version 2, or (at your option)
15 * any later version.
16 *
17 * This program is distributed in the hope that it will be useful,
18 * but WITHOUT ANY WARRANTY; without even the implied warranty of
19 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
20 * GNU General Public License for more details.
21 *
22 * You should have received a copy of the GNU General Public License
23 * along with this program; see the file COPYING. If not, write to
24 * the Free Software Foundation, 675 Mass Ave, Cambridge, MA 02139, USA.
25 *
26 * Module Name:
27 * commctrl.c
28 *
29 * Abstract: Contains all routines for control of the AFA comm layer
30 *
31 */
32
33#include <linux/kernel.h>
34#include <linux/init.h>
35#include <linux/types.h>
1da177e4
LT		 36#include <linux/pci.h>
37#include <linux/spinlock.h>
38#include <linux/slab.h>
39#include <linux/completion.h>
40#include <linux/dma-mapping.h>
41#include <linux/blkdev.h>
c8f7b073 42#include <linux/delay.h> /* ssleep prototype */
dc4adbf4 43#include <linux/kthread.h>
6188e10d 44#include <linux/semaphore.h>
7c0f6ba6 45#include <linux/uaccess.h>
09050715 46#include <scsi/scsi_host.h>
1da177e4
LT		 47
48#include "aacraid.h"
49
50/**
51 * ioctl_send_fib - send a FIB from userspace
52 * @dev: adapter is being processed
53 * @arg: arguments to the ioctl call
8ce3eca4 54 *
1da177e4
LT		 55 * This routine sends a fib to the adapter on behalf of a user level
56 * program.
57 */
7c00ffa3
MH		 58# define AAC_DEBUG_PREAMBLE KERN_INFO
59# define AAC_DEBUG_POSTAMBLE
8ce3eca4 60
1da177e4
LT		 61static int ioctl_send_fib(struct aac_dev * dev, void __user *arg)
62{
63 struct hw_fib * kfib;
64 struct fib *fibptr;
7c00ffa3
MH		 65 struct hw_fib * hw_fib = (struct hw_fib *)0;
66 dma_addr_t hw_fib_pa = (dma_addr_t)0LL;
fa00c437 67 unsigned int size, osize;
7c00ffa3 68 int retval;
1da177e4 69
33bb3b29
MH		 70 if (dev->in_reset) {
71 return -EBUSY;
72 }
bfb35aa8 73 fibptr = aac_fib_alloc(dev);
7c00ffa3 74 if(fibptr == NULL) {
1da177e4 75 return -ENOMEM;
7c00ffa3 76 }
8ce3eca4 77
a8166a52 78 kfib = fibptr->hw_fib_va;
1da177e4
LT		 79 /*
80 * First copy in the header so that we can check the size field.
81 */
82 if (copy_from_user((void *)kfib, arg, sizeof(struct aac_fibhdr))) {
bfb35aa8 83 aac_fib_free(fibptr);
1da177e4
LT		 84 return -EFAULT;
85 }
86 /*
87 * Since we copy based on the fib header size, make sure that we
88 * will not overrun the buffer when we copy the memory. Return
89 * an error if we would.
90 */
fa00c437
DC		 91 osize = size = le16_to_cpu(kfib->header.Size) +
92 sizeof(struct aac_fibhdr);
7c00ffa3
MH		 93 if (size < le16_to_cpu(kfib->header.SenderSize))
94 size = le16_to_cpu(kfib->header.SenderSize);
95 if (size > dev->max_fib_size) {
e9899113
FT		 96 dma_addr_t daddr;
97
6e289a90
MH		 98 if (size > 2048) {
99 retval = -EINVAL;
100 goto cleanup;
101 }
e9899113
FT		 102
103 kfib = pci_alloc_consistent(dev->pdev, size, &daddr);
104 if (!kfib) {
105 retval = -ENOMEM;
106 goto cleanup;
107 }
108
7c00ffa3 109 /* Highjack the hw_fib */
a8166a52 110 hw_fib = fibptr->hw_fib_va;
7c00ffa3 111 hw_fib_pa = fibptr->hw_fib_pa;
e9899113
FT		 112 fibptr->hw_fib_va = kfib;
113 fibptr->hw_fib_pa = daddr;
7c00ffa3
MH		 114 memset(((char *)kfib) + dev->max_fib_size, 0, size - dev->max_fib_size);
115 memcpy(kfib, hw_fib, dev->max_fib_size);
1da177e4
LT		 116 }
117
7c00ffa3
MH		 118 if (copy_from_user(kfib, arg, size)) {
119 retval = -EFAULT;
120 goto cleanup;
1da177e4
LT		 121 }
122
fa00c437
DC		 123 /* Sanity check the second copy */
124 if ((osize != le16_to_cpu(kfib->header.Size) +
125 sizeof(struct aac_fibhdr))
126 || (size < le16_to_cpu(kfib->header.SenderSize))) {
127 retval = -EINVAL;
128 goto cleanup;
129 }
130
56b58712 131 if (kfib->header.Command == cpu_to_le16(TakeABreakPt)) {
1da177e4
LT		 132 aac_adapter_interrupt(dev);
133 /*
8ce3eca4 134 * Since we didn't really send a fib, zero out the state to allow
1da177e4
LT		 135 * cleanup code not to assert.
136 */
137 kfib->header.XferState = 0;
138 } else {
bfb35aa8 139 retval = aac_fib_send(le16_to_cpu(kfib->header.Command), fibptr,
1da177e4
LT		 140 le16_to_cpu(kfib->header.Size) , FsaNormal,
141 1, 1, NULL, NULL);
142 if (retval) {
7c00ffa3 143 goto cleanup;
1da177e4 144 }
bfb35aa8 145 if (aac_fib_complete(fibptr) != 0) {
7c00ffa3
MH		 146 retval = -EINVAL;
147 goto cleanup;
1da177e4
LT		 148 }
149 }
150 /*
151 * Make sure that the size returned by the adapter (which includes
152 * the header) is less than or equal to the size of a fib, so we
153 * don't corrupt application data. Then copy that size to the user
154 * buffer. (Don't try to add the header information again, since it
155 * was already included by the adapter.)
156 */
157
7c00ffa3
MH		 158 retval = 0;
159 if (copy_to_user(arg, (void *)kfib, size))
160 retval = -EFAULT;
161cleanup:
162 if (hw_fib) {
163 pci_free_consistent(dev->pdev, size, kfib, fibptr->hw_fib_pa);
164 fibptr->hw_fib_pa = hw_fib_pa;
a8166a52 165 fibptr->hw_fib_va = hw_fib;
1da177e4 166 }
cacb6dc3 167 if (retval != -ERESTARTSYS)
c8f7b073 168 aac_fib_free(fibptr);
7c00ffa3 169 return retval;
1da177e4
LT		 170}
171
172/**
173 * open_getadapter_fib - Get the next fib
174 *
175 * This routine will get the next Fib, if available, from the AdapterFibContext
176 * passed in from the user.
177 */
178
179static int open_getadapter_fib(struct aac_dev * dev, void __user *arg)
180{
181 struct aac_fib_context * fibctx;
182 int status;
183
184 fibctx = kmalloc(sizeof(struct aac_fib_context), GFP_KERNEL);
185 if (fibctx == NULL) {
186 status = -ENOMEM;
187 } else {
188 unsigned long flags;
189 struct list_head * entry;
190 struct aac_fib_context * context;
191
192 fibctx->type = FSAFS_NTC_GET_ADAPTER_FIB_CONTEXT;
193 fibctx->size = sizeof(struct aac_fib_context);
8ce3eca4 194 /*
1da177e4
LT		 195 * Yes yes, I know this could be an index, but we have a
196 * better guarantee of uniqueness for the locked loop below.
197 * Without the aid of a persistent history, this also helps
198 * reduce the chance that the opaque context would be reused.
199 */
200 fibctx->unique = (u32)((ulong)fibctx & 0xFFFFFFFF);
201 /*
202 * Initialize the mutex used to wait for the next AIF.
203 */
6de76cfc 204 sema_init(&fibctx->wait_sem, 0);
1da177e4
LT		 205 fibctx->wait = 0;
206 /*
207 * Initialize the fibs and set the count of fibs on
208 * the list to 0.
209 */
210 fibctx->count = 0;
211 INIT_LIST_HEAD(&fibctx->fib_list);
212 fibctx->jiffies = jiffies/HZ;
213 /*
8ce3eca4 214 * Now add this context onto the adapter's
1da177e4
LT		 215 * AdapterFibContext list.
216 */
217 spin_lock_irqsave(&dev->fib_lock, flags);
218 /* Ensure that we have a unique identifier */
219 entry = dev->fib_list.next;
220 while (entry != &dev->fib_list) {
221 context = list_entry(entry, struct aac_fib_context, next);
222 if (context->unique == fibctx->unique) {
223 /* Not unique (32 bits) */
224 fibctx->unique++;
225 entry = dev->fib_list.next;
226 } else {
227 entry = entry->next;
228 }
229 }
230 list_add_tail(&fibctx->next, &dev->fib_list);
231 spin_unlock_irqrestore(&dev->fib_lock, flags);
8ce3eca4 232 if (copy_to_user(arg, &fibctx->unique,
1da177e4
LT		 233 sizeof(fibctx->unique))) {
234 status = -EFAULT;
235 } else {
236 status = 0;
8ce3eca4 237 }
1da177e4
LT		 238 }
239 return status;
240}
241
242/**
243 * next_getadapter_fib - get the next fib
244 * @dev: adapter to use
245 * @arg: ioctl argument
8ce3eca4
SM		 246 *
247 * This routine will get the next Fib, if available, from the AdapterFibContext
1da177e4
LT		 248 * passed in from the user.
249 */
250
251static int next_getadapter_fib(struct aac_dev * dev, void __user *arg)
252{
253 struct fib_ioctl f;
254 struct fib *fib;
255 struct aac_fib_context *fibctx;
256 int status;
257 struct list_head * entry;
258 unsigned long flags;
8ce3eca4 259
1da177e4
LT		 260 if(copy_from_user((void *)&f, arg, sizeof(struct fib_ioctl)))
261 return -EFAULT;
262 /*
263 * Verify that the HANDLE passed in was a valid AdapterFibContext
264 *
265 * Search the list of AdapterFibContext addresses on the adapter
266 * to be sure this is a valid address
267 */
5234e25c 268 spin_lock_irqsave(&dev->fib_lock, flags);
1da177e4
LT		 269 entry = dev->fib_list.next;
270 fibctx = NULL;
271
272 while (entry != &dev->fib_list) {
273 fibctx = list_entry(entry, struct aac_fib_context, next);
274 /*
275 * Extract the AdapterFibContext from the Input parameters.
276 */
5234e25c 277 if (fibctx->unique == f.fibctx) { /* We found a winner */
1da177e4
LT		 278 break;
279 }
280 entry = entry->next;
281 fibctx = NULL;
282 }
283 if (!fibctx) {
5234e25c 284 spin_unlock_irqrestore(&dev->fib_lock, flags);
1da177e4
LT		 285 dprintk ((KERN_INFO "Fib Context not found\n"));
286 return -EINVAL;
287 }
288
289 if((fibctx->type != FSAFS_NTC_GET_ADAPTER_FIB_CONTEXT) ||
290 (fibctx->size != sizeof(struct aac_fib_context))) {
5234e25c 291 spin_unlock_irqrestore(&dev->fib_lock, flags);
1da177e4
LT		 292 dprintk ((KERN_INFO "Fib Context corrupt?\n"));
293 return -EINVAL;
294 }
295 status = 0;
1da177e4
LT		 296 /*
297 * If there are no fibs to send back, then either wait or return
298 * -EAGAIN
299 */
300return_fib:
301 if (!list_empty(&fibctx->fib_list)) {
1da177e4
LT		 302 /*
303 * Pull the next fib from the fibs
304 */
305 entry = fibctx->fib_list.next;
306 list_del(entry);
8ce3eca4 307
1da177e4
LT		 308 fib = list_entry(entry, struct fib, fiblink);
309 fibctx->count--;
310 spin_unlock_irqrestore(&dev->fib_lock, flags);
a8166a52
MH		 311 if (copy_to_user(f.fib, fib->hw_fib_va, sizeof(struct hw_fib))) {
312 kfree(fib->hw_fib_va);
1da177e4
LT		 313 kfree(fib);
314 return -EFAULT;
8ce3eca4 315 }
1da177e4
LT		 316 /*
317 * Free the space occupied by this copy of the fib.
318 */
a8166a52 319 kfree(fib->hw_fib_va);
1da177e4
LT		 320 kfree(fib);
321 status = 0;
1da177e4
LT		 322 } else {
323 spin_unlock_irqrestore(&dev->fib_lock, flags);
dc4adbf4
MH		 324 /* If someone killed the AIF aacraid thread, restart it */
325 status = !dev->aif_thread;
8c867b25 326 if (status && !dev->in_reset && dev->queues && dev->fsa_dev) {
dc4adbf4
MH		 327 /* Be paranoid, be very paranoid! */
328 kthread_stop(dev->thread);
329 ssleep(1);
330 dev->aif_thread = 0;
f170168b
KC		 331 dev->thread = kthread_run(aac_command_thread, dev,
332 "%s", dev->name);
dc4adbf4
MH		 333 ssleep(1);
334 }
1da177e4
LT		 335 if (f.wait) {
336 if(down_interruptible(&fibctx->wait_sem) < 0) {
cacb6dc3 337 status = -ERESTARTSYS;
1da177e4
LT		 338 } else {
339 /* Lock again and retry */
340 spin_lock_irqsave(&dev->fib_lock, flags);
341 goto return_fib;
342 }
343 } else {
344 status = -EAGAIN;
8ce3eca4 345 }
1da177e4 346 }
12a26d08 347 fibctx->jiffies = jiffies/HZ;
1da177e4
LT		 348 return status;
349}
350
351int aac_close_fib_context(struct aac_dev * dev, struct aac_fib_context * fibctx)
352{
353 struct fib *fib;
354
355 /*
356 * First free any FIBs that have not been consumed.
357 */
358 while (!list_empty(&fibctx->fib_list)) {
359 struct list_head * entry;
360 /*
361 * Pull the next fib from the fibs
362 */
363 entry = fibctx->fib_list.next;
364 list_del(entry);
365 fib = list_entry(entry, struct fib, fiblink);
366 fibctx->count--;
367 /*
368 * Free the space occupied by this copy of the fib.
369 */
a8166a52 370 kfree(fib->hw_fib_va);
1da177e4
LT		 371 kfree(fib);
372 }
373 /*
374 * Remove the Context from the AdapterFibContext List
375 */
376 list_del(&fibctx->next);
377 /*
378 * Invalidate context
379 */
380 fibctx->type = 0;
381 /*
382 * Free the space occupied by the Context
383 */
384 kfree(fibctx);
385 return 0;
386}
387
388/**
389 * close_getadapter_fib - close down user fib context
390 * @dev: adapter
391 * @arg: ioctl arguments
392 *
393 * This routine will close down the fibctx passed in from the user.
394 */
8ce3eca4 395
1da177e4
LT		 396static int close_getadapter_fib(struct aac_dev * dev, void __user *arg)
397{
398 struct aac_fib_context *fibctx;
399 int status;
400 unsigned long flags;
401 struct list_head * entry;
402
403 /*
404 * Verify that the HANDLE passed in was a valid AdapterFibContext
405 *
406 * Search the list of AdapterFibContext addresses on the adapter
407 * to be sure this is a valid address
408 */
409
410 entry = dev->fib_list.next;
411 fibctx = NULL;
412
413 while(entry != &dev->fib_list) {
414 fibctx = list_entry(entry, struct aac_fib_context, next);
415 /*
416 * Extract the fibctx from the input parameters
417 */
142956af 418 if (fibctx->unique == (u32)(uintptr_t)arg) /* We found a winner */
1da177e4 419 break;
1da177e4
LT		 420 entry = entry->next;
421 fibctx = NULL;
422 }
423
424 if (!fibctx)
425 return 0; /* Already gone */
426
427 if((fibctx->type != FSAFS_NTC_GET_ADAPTER_FIB_CONTEXT) ||
428 (fibctx->size != sizeof(struct aac_fib_context)))
429 return -EINVAL;
430 spin_lock_irqsave(&dev->fib_lock, flags);
431 status = aac_close_fib_context(dev, fibctx);
432 spin_unlock_irqrestore(&dev->fib_lock, flags);
433 return status;
434}
435
436/**
437 * check_revision - close down user fib context
438 * @dev: adapter
439 * @arg: ioctl arguments
440 *
441 * This routine returns the driver version.
5234e25c
SM		 442 * Under Linux, there have been no version incompatibilities, so this is
443 * simple!
1da177e4
LT		 444 */
445
446static int check_revision(struct aac_dev *dev, void __user *arg)
447{
448 struct revision response;
c7f47602
MH		 449 char *driver_version = aac_driver_version;
450 u32 version;
451
9f30a323 452 response.compat = 1;
8ce3eca4 453 version = (simple_strtol(driver_version,
c7f47602
MH		 454 &driver_version, 10) << 24) | 0x00000400;
455 version += simple_strtol(driver_version + 1, &driver_version, 10) << 16;
456 version += simple_strtol(driver_version + 1, NULL, 10);
457 response.version = cpu_to_le32(version);
8ce3eca4 458# ifdef AAC_DRIVER_BUILD
c7f47602
MH		 459 response.build = cpu_to_le32(AAC_DRIVER_BUILD);
460# else
461 response.build = cpu_to_le32(9999);
462# endif
1da177e4
LT		 463
464 if (copy_to_user(arg, &response, sizeof(response)))
465 return -EFAULT;
466 return 0;
467}
468
7c00ffa3 469
1da177e4
LT		 470/**
471 *
472 * aac_send_raw_scb
473 *
474 */
475
4833869e 476static int aac_send_raw_srb(struct aac_dev* dev, void __user * arg)
1da177e4
LT		 477{
478 struct fib* srbfib;
479 int status;
56b58712 480 struct aac_srb *srbcmd = NULL;
423400e6 481 struct aac_hba_cmd_req *hbacmd = NULL;
56b58712
MH		 482 struct user_aac_srb *user_srbcmd = NULL;
483 struct user_aac_srb __user *user_srb = arg;
1da177e4 484 struct aac_srb_reply __user *user_reply;
423400e6 485 u32 chn;
1da177e4
LT		 486 u32 fibsize = 0;
487 u32 flags = 0;
488 s32 rcode = 0;
489 u32 data_dir;
423400e6
RAR		 490 void __user *sg_user[HBA_MAX_SG_EMBEDDED];
491 void *sg_list[HBA_MAX_SG_EMBEDDED];
492 u32 sg_count[HBA_MAX_SG_EMBEDDED];
5234e25c 493 u32 sg_indx = 0;
1da177e4 494 u32 byte_count = 0;
f2b1a06a 495 u32 actual_fibsize64, actual_fibsize = 0;
1da177e4 496 int i;
423400e6
RAR		 497 int is_native_device;
498 u64 address;
1da177e4
LT		 499
500
33bb3b29
MH		 501 if (dev->in_reset) {
502 dprintk((KERN_DEBUG"aacraid: send raw srb -EBUSY\n"));
503 return -EBUSY;
504 }
1da177e4 505 if (!capable(CAP_SYS_ADMIN)){
8ce3eca4 506 dprintk((KERN_DEBUG"aacraid: No permission to send raw srb\n"));
1da177e4
LT		 507 return -EPERM;
508 }
509 /*
f2b1a06a 510 * Allocate and initialize a Fib then setup a SRB command
1da177e4 511 */
bfb35aa8 512 if (!(srbfib = aac_fib_alloc(dev))) {
5d497cec 513 return -ENOMEM;
1da177e4 514 }
1da177e4 515
7c00ffa3 516 memset(sg_list, 0, sizeof(sg_list)); /* cleanup may take issue */
1da177e4 517 if(copy_from_user(&fibsize, &user_srb->count,sizeof(u32))){
8ce3eca4 518 dprintk((KERN_DEBUG"aacraid: Could not copy data size from user\n"));
1da177e4
LT		 519 rcode = -EFAULT;
520 goto cleanup;
521 }
522
b4789b8e
MR		 523 if ((fibsize < (sizeof(struct user_aac_srb) - sizeof(struct user_sgentry))) ||
524 (fibsize > (dev->max_fib_size - sizeof(struct aac_fibhdr)))) {
1da177e4
LT		 525 rcode = -EINVAL;
526 goto cleanup;
527 }
528
4645df10 529 user_srbcmd = kmalloc(fibsize, GFP_KERNEL);
7c00ffa3
MH		 530 if (!user_srbcmd) {
531 dprintk((KERN_DEBUG"aacraid: Could not make a copy of the srb\n"));
532 rcode = -ENOMEM;
533 goto cleanup;
534 }
56b58712 535 if(copy_from_user(user_srbcmd, user_srb,fibsize)){
8ce3eca4 536 dprintk((KERN_DEBUG"aacraid: Could not copy srb from user\n"));
1da177e4
LT		 537 rcode = -EFAULT;
538 goto cleanup;
539 }
540
56b58712 541 flags = user_srbcmd->flags; /* from user in cpu order */
56b58712 542 switch (flags & (SRB_DataIn | SRB_DataOut)) {
1da177e4
LT		 543 case SRB_DataOut:
544 data_dir = DMA_TO_DEVICE;
545 break;
546 case (SRB_DataIn | SRB_DataOut):
547 data_dir = DMA_BIDIRECTIONAL;
548 break;
549 case SRB_DataIn:
550 data_dir = DMA_FROM_DEVICE;
551 break;
552 default:
553 data_dir = DMA_NONE;
554 }
6391a113 555 if (user_srbcmd->sg.count > ARRAY_SIZE(sg_list)) {
7c00ffa3 556 dprintk((KERN_DEBUG"aacraid: too many sg entries %d\n",
423400e6
RAR		 557 user_srbcmd->sg.count));
558 rcode = -EINVAL;
559 goto cleanup;
560 }
561 if ((data_dir == DMA_NONE) && user_srbcmd->sg.count) {
562 dprintk((KERN_DEBUG"aacraid:SG with no direction specified\n"));
7c00ffa3
MH		 563 rcode = -EINVAL;
564 goto cleanup;
565 }
f2b1a06a
MH		 566 actual_fibsize = sizeof(struct aac_srb) - sizeof(struct sgentry) +
567 ((user_srbcmd->sg.count & 0xff) * sizeof(struct sgentry));
568 actual_fibsize64 = actual_fibsize + (user_srbcmd->sg.count & 0xff) *
569 (sizeof(struct sgentry64) - sizeof(struct sgentry));
570 /* User made a mistake - should not continue */
571 if ((actual_fibsize != fibsize) && (actual_fibsize64 != fibsize)) {
572 dprintk((KERN_DEBUG"aacraid: Bad Size specified in "
573 "Raw SRB command calculated fibsize=%lu;%lu "
574 "user_srbcmd->sg.count=%d aac_srb=%lu sgentry=%lu;%lu "
575 "issued fibsize=%d\n",
576 actual_fibsize, actual_fibsize64, user_srbcmd->sg.count,
577 sizeof(struct aac_srb), sizeof(struct sgentry),
578 sizeof(struct sgentry64), fibsize));
579 rcode = -EINVAL;
580 goto cleanup;
581 }
423400e6 582
f3ef4a74 583 chn = user_srbcmd->channel;
423400e6
RAR		 584 if (chn < AAC_MAX_BUSES && user_srbcmd->id < AAC_MAX_TARGETS &&
585 dev->hba_map[chn][user_srbcmd->id].devtype ==
586 AAC_DEVTYPE_NATIVE_RAW) {
587 is_native_device = 1;
588 hbacmd = (struct aac_hba_cmd_req *)srbfib->hw_fib_va;
589 memset(hbacmd, 0, 96); /* sizeof(*hbacmd) is not necessary */
590
591 /* iu_type is a parameter of aac_hba_send */
592 switch (data_dir) {
593 case DMA_TO_DEVICE:
594 hbacmd->byte1 = 2;
595 break;
596 case DMA_FROM_DEVICE:
597 case DMA_BIDIRECTIONAL:
598 hbacmd->byte1 = 1;
599 break;
600 case DMA_NONE:
601 default:
602 break;
603 }
604 hbacmd->lun[1] = cpu_to_le32(user_srbcmd->lun);
605 hbacmd->it_nexus = dev->hba_map[chn][user_srbcmd->id].rmw_nexus;
606
607 /*
608 * we fill in reply_qid later in aac_src_deliver_message
609 * we fill in iu_type, request_id later in aac_hba_send
610 * we fill in emb_data_desc_count, data_length later
611 * in sg list build
612 */
613
614 memcpy(hbacmd->cdb, user_srbcmd->cdb, sizeof(hbacmd->cdb));
615
616 address = (u64)srbfib->hw_error_pa;
617 hbacmd->error_ptr_hi = cpu_to_le32((u32)(address >> 32));
618 hbacmd->error_ptr_lo = cpu_to_le32((u32)(address & 0xffffffff));
619 hbacmd->error_length = cpu_to_le32(FW_ERROR_BUFFER_SIZE);
620 hbacmd->emb_data_desc_count =
621 cpu_to_le32(user_srbcmd->sg.count);
622 srbfib->hbacmd_size = 64 +
623 user_srbcmd->sg.count * sizeof(struct aac_hba_sgl);
624
625 } else {
626 is_native_device = 0;
627 aac_fib_init(srbfib);
628
629 /* raw_srb FIB is not FastResponseCapable */
630 srbfib->hw_fib_va->header.XferState &=
631 ~cpu_to_le32(FastResponseCapable);
632
633 srbcmd = (struct aac_srb *) fib_data(srbfib);
634
635 // Fix up srb for endian and force some values
636
637 srbcmd->function = cpu_to_le32(SRBF_ExecuteScsi); // Force this
638 srbcmd->channel = cpu_to_le32(user_srbcmd->channel);
639 srbcmd->id = cpu_to_le32(user_srbcmd->id);
640 srbcmd->lun = cpu_to_le32(user_srbcmd->lun);
641 srbcmd->timeout = cpu_to_le32(user_srbcmd->timeout);
642 srbcmd->flags = cpu_to_le32(flags);
643 srbcmd->retry_limit = 0; // Obsolete parameter
644 srbcmd->cdb_size = cpu_to_le32(user_srbcmd->cdb_size);
645 memcpy(srbcmd->cdb, user_srbcmd->cdb, sizeof(srbcmd->cdb));
f2b1a06a 646 }
423400e6 647
f2b1a06a 648 byte_count = 0;
423400e6
RAR		 649 if (is_native_device) {
650 struct user_sgmap *usg32 = &user_srbcmd->sg;
651 struct user_sgmap64 *usg64 =
652 (struct user_sgmap64 *)&user_srbcmd->sg;
653
654 for (i = 0; i < usg32->count; i++) {
655 void *p;
656 u64 addr;
657
658 sg_count[i] = (actual_fibsize64 == fibsize) ?
659 usg64->sg[i].count : usg32->sg[i].count;
660 if (sg_count[i] >
661 (dev->scsi_host_ptr->max_sectors << 9)) {
662 pr_err("aacraid: upsg->sg[%d].count=%u>%u\n",
663 i, sg_count[i],
664 dev->scsi_host_ptr->max_sectors << 9);
665 rcode = -EINVAL;
666 goto cleanup;
667 }
668
669 p = kmalloc(sg_count[i], GFP_KERNEL|__GFP_DMA);
670 if (!p) {
671 rcode = -ENOMEM;
672 goto cleanup;
673 }
674
675 if (actual_fibsize64 == fibsize) {
676 addr = (u64)usg64->sg[i].addr[0];
677 addr += ((u64)usg64->sg[i].addr[1]) << 32;
678 } else {
679 addr = (u64)usg32->sg[i].addr;
680 }
681
682 sg_user[i] = (void __user *)(uintptr_t)addr;
683 sg_list[i] = p; // save so we can clean up later
684 sg_indx = i;
685
686 if (flags & SRB_DataOut) {
687 if (copy_from_user(p, sg_user[i],
688 sg_count[i])) {
689 rcode = -EFAULT;
690 goto cleanup;
691 }
692 }
693 addr = pci_map_single(dev->pdev, p, sg_count[i],
694 data_dir);
695 hbacmd->sge[i].addr_hi = cpu_to_le32((u32)(addr>>32));
696 hbacmd->sge[i].addr_lo = cpu_to_le32(
697 (u32)(addr & 0xffffffff));
698 hbacmd->sge[i].len = cpu_to_le32(sg_count[i]);
699 hbacmd->sge[i].flags = 0;
700 byte_count += sg_count[i];
701 }
702
703 if (usg32->count > 0) /* embedded sglist */
704 hbacmd->sge[usg32->count-1].flags =
705 cpu_to_le32(0x40000000);
706 hbacmd->data_length = cpu_to_le32(byte_count);
707
708 status = aac_hba_send(HBA_IU_TYPE_SCSI_CMD_REQ, srbfib,
709 NULL, NULL);
710
711 } else if (dev->adapter_info.options & AAC_OPT_SGMAP_HOST64) {
56b58712 712 struct user_sgmap64* upsg = (struct user_sgmap64*)&user_srbcmd->sg;
84e29308 713 struct sgmap64* psg = (struct sgmap64*)&srbcmd->sg;
1da177e4
LT		 714
715 /*
716 * This should also catch if user used the 32 bit sgmap
717 */
f2b1a06a
MH		 718 if (actual_fibsize64 == fibsize) {
719 actual_fibsize = actual_fibsize64;
720 for (i = 0; i < upsg->count; i++) {
721 u64 addr;
722 void* p;
423400e6
RAR		 723
724 sg_count[i] = upsg->sg[i].count;
725 if (sg_count[i] >
cacb6dc3 726 ((dev->adapter_info.options &
09050715
MS		 727 AAC_OPT_NEW_COMM) ?
728 (dev->scsi_host_ptr->max_sectors << 9) :
cacb6dc3 729 65536)) {
09050715
MS		 730 rcode = -EINVAL;
731 goto cleanup;
732 }
f2b1a06a 733 /* Does this really need to be GFP_DMA? */
423400e6 734 p = kmalloc(sg_count[i], GFP_KERNEL|__GFP_DMA);
6dcd4a7f 735 if(!p) {
f2b1a06a 736 dprintk((KERN_DEBUG"aacraid: Could not allocate SG buffer - size = %d buffer number %d of %d\n",
423400e6 737 sg_count[i], i, upsg->count));
f2b1a06a
MH		 738 rcode = -ENOMEM;
739 goto cleanup;
740 }
741 addr = (u64)upsg->sg[i].addr[0];
742 addr += ((u64)upsg->sg[i].addr[1]) << 32;
142956af 743 sg_user[i] = (void __user *)(uintptr_t)addr;
f2b1a06a
MH		 744 sg_list[i] = p; // save so we can clean up later
745 sg_indx = i;
746
8ce3eca4 747 if (flags & SRB_DataOut) {
423400e6
RAR		 748 if (copy_from_user(p, sg_user[i],
749 sg_count[i])){
f2b1a06a
MH		 750 dprintk((KERN_DEBUG"aacraid: Could not copy sg data from user\n"));
751 rcode = -EFAULT;
752 goto cleanup;
753 }
754 }
423400e6
RAR		 755 addr = pci_map_single(dev->pdev, p,
756 sg_count[i], data_dir);
1da177e4 757
f2b1a06a
MH		 758 psg->sg[i].addr[0] = cpu_to_le32(addr & 0xffffffff);
759 psg->sg[i].addr[1] = cpu_to_le32(addr>>32);
423400e6
RAR		 760 byte_count += sg_count[i];
761 psg->sg[i].count = cpu_to_le32(sg_count[i]);
f2b1a06a
MH		 762 }
763 } else {
764 struct user_sgmap* usg;
22e9f5a6
MFW		 765 usg = kmemdup(upsg,
766 actual_fibsize - sizeof(struct aac_srb)
767 + sizeof(struct sgmap), GFP_KERNEL);
f2b1a06a
MH		 768 if (!usg) {
769 dprintk((KERN_DEBUG"aacraid: Allocation error in Raw SRB command\n"));
1da177e4
LT		 770 rcode = -ENOMEM;
771 goto cleanup;
772 }
f2b1a06a
MH		 773 actual_fibsize = actual_fibsize64;
774
775 for (i = 0; i < usg->count; i++) {
776 u64 addr;
777 void* p;
423400e6
RAR		 778
779 sg_count[i] = usg->sg[i].count;
780 if (sg_count[i] >
cacb6dc3 781 ((dev->adapter_info.options &
09050715
MS		 782 AAC_OPT_NEW_COMM) ?
783 (dev->scsi_host_ptr->max_sectors << 9) :
cacb6dc3 784 65536)) {
7dd72f51 785 kfree(usg);
09050715
MS		 786 rcode = -EINVAL;
787 goto cleanup;
788 }
f2b1a06a 789 /* Does this really need to be GFP_DMA? */
423400e6 790 p = kmalloc(sg_count[i], GFP_KERNEL|__GFP_DMA);
6dcd4a7f 791 if(!p) {
8a52da63 792 dprintk((KERN_DEBUG "aacraid: Could not allocate SG buffer - size = %d buffer number %d of %d\n",
423400e6 793 sg_count[i], i, usg->count));
8a52da63 794 kfree(usg);
f2b1a06a 795 rcode = -ENOMEM;
1da177e4
LT		 796 goto cleanup;
797 }
142956af 798 sg_user[i] = (void __user *)(uintptr_t)usg->sg[i].addr;
f2b1a06a
MH		 799 sg_list[i] = p; // save so we can clean up later
800 sg_indx = i;
801
8ce3eca4 802 if (flags & SRB_DataOut) {
423400e6
RAR		 803 if (copy_from_user(p, sg_user[i],
804 sg_count[i])) {
f2b1a06a
MH		 805 kfree (usg);
806 dprintk((KERN_DEBUG"aacraid: Could not copy sg data from user\n"));
807 rcode = -EFAULT;
808 goto cleanup;
809 }
810 }
423400e6
RAR		 811 addr = pci_map_single(dev->pdev, p,
812 sg_count[i], data_dir);
1da177e4 813
f2b1a06a
MH		 814 psg->sg[i].addr[0] = cpu_to_le32(addr & 0xffffffff);
815 psg->sg[i].addr[1] = cpu_to_le32(addr>>32);
423400e6
RAR		 816 byte_count += sg_count[i];
817 psg->sg[i].count = cpu_to_le32(sg_count[i]);
f2b1a06a
MH		 818 }
819 kfree (usg);
1da177e4 820 }
1da177e4 821 srbcmd->count = cpu_to_le32(byte_count);
2f5d1f79
MR		 822 if (user_srbcmd->sg.count)
823 psg->count = cpu_to_le32(sg_indx+1);
824 else
825 psg->count = 0;
bfb35aa8 826 status = aac_fib_send(ScsiPortCommand64, srbfib, actual_fibsize, FsaNormal, 1, 1,NULL,NULL);
1da177e4 827 } else {
56b58712 828 struct user_sgmap* upsg = &user_srbcmd->sg;
1da177e4 829 struct sgmap* psg = &srbcmd->sg;
f2b1a06a
MH		 830
831 if (actual_fibsize64 == fibsize) {
832 struct user_sgmap64* usg = (struct user_sgmap64 *)upsg;
833 for (i = 0; i < upsg->count; i++) {
142956af 834 uintptr_t addr;
f2b1a06a 835 void* p;
423400e6
RAR		 836
837 sg_count[i] = usg->sg[i].count;
838 if (sg_count[i] >
cacb6dc3 839 ((dev->adapter_info.options &
09050715
MS		 840 AAC_OPT_NEW_COMM) ?
841 (dev->scsi_host_ptr->max_sectors << 9) :
cacb6dc3 842 65536)) {
09050715
MS		 843 rcode = -EINVAL;
844 goto cleanup;
845 }
f2b1a06a 846 /* Does this really need to be GFP_DMA? */
423400e6
RAR		 847 p = kmalloc(sg_count[i], GFP_KERNEL|__GFP_DMA);
848 if (!p) {
f2b1a06a 849 dprintk((KERN_DEBUG"aacraid: Could not allocate SG buffer - size = %d buffer number %d of %d\n",
423400e6 850 sg_count[i], i, usg->count));
f2b1a06a 851 rcode = -ENOMEM;
1da177e4
LT		 852 goto cleanup;
853 }
f2b1a06a
MH		 854 addr = (u64)usg->sg[i].addr[0];
855 addr += ((u64)usg->sg[i].addr[1]) << 32;
142956af 856 sg_user[i] = (void __user *)addr;
f2b1a06a
MH		 857 sg_list[i] = p; // save so we can clean up later
858 sg_indx = i;
859
8ce3eca4 860 if (flags & SRB_DataOut) {
423400e6
RAR		 861 if (copy_from_user(p, sg_user[i],
862 sg_count[i])){
f2b1a06a
MH		 863 dprintk((KERN_DEBUG"aacraid: Could not copy sg data from user\n"));
864 rcode = -EFAULT;
865 goto cleanup;
866 }
867 }
868 addr = pci_map_single(dev->pdev, p, usg->sg[i].count, data_dir);
869
870 psg->sg[i].addr = cpu_to_le32(addr & 0xffffffff);
871 byte_count += usg->sg[i].count;
423400e6 872 psg->sg[i].count = cpu_to_le32(sg_count[i]);
1da177e4 873 }
f2b1a06a
MH		 874 } else {
875 for (i = 0; i < upsg->count; i++) {
876 dma_addr_t addr;
877 void* p;
423400e6
RAR		 878
879 sg_count[i] = upsg->sg[i].count;
880 if (sg_count[i] >
cacb6dc3 881 ((dev->adapter_info.options &
09050715
MS		 882 AAC_OPT_NEW_COMM) ?
883 (dev->scsi_host_ptr->max_sectors << 9) :
cacb6dc3 884 65536)) {
09050715
MS		 885 rcode = -EINVAL;
886 goto cleanup;
887 }
423400e6 888 p = kmalloc(sg_count[i], GFP_KERNEL);
6dcd4a7f 889 if (!p) {
f2b1a06a 890 dprintk((KERN_DEBUG"aacraid: Could not allocate SG buffer - size = %d buffer number %d of %d\n",
423400e6 891 sg_count[i], i, upsg->count));
f2b1a06a
MH		 892 rcode = -ENOMEM;
893 goto cleanup;
894 }
142956af 895 sg_user[i] = (void __user *)(uintptr_t)upsg->sg[i].addr;
f2b1a06a
MH		 896 sg_list[i] = p; // save so we can clean up later
897 sg_indx = i;
898
8ce3eca4 899 if (flags & SRB_DataOut) {
423400e6
RAR		 900 if (copy_from_user(p, sg_user[i],
901 sg_count[i])) {
f2b1a06a
MH		 902 dprintk((KERN_DEBUG"aacraid: Could not copy sg data from user\n"));
903 rcode = -EFAULT;
904 goto cleanup;
905 }
906 }
907 addr = pci_map_single(dev->pdev, p,
423400e6 908 sg_count[i], data_dir);
1da177e4 909
f2b1a06a 910 psg->sg[i].addr = cpu_to_le32(addr);
423400e6
RAR		 911 byte_count += sg_count[i];
912 psg->sg[i].count = cpu_to_le32(sg_count[i]);
f2b1a06a 913 }
1da177e4
LT		 914 }
915 srbcmd->count = cpu_to_le32(byte_count);
2f5d1f79
MR		 916 if (user_srbcmd->sg.count)
917 psg->count = cpu_to_le32(sg_indx+1);
918 else
919 psg->count = 0;
bfb35aa8 920 status = aac_fib_send(ScsiPortCommand, srbfib, actual_fibsize, FsaNormal, 1, 1, NULL, NULL);
1da177e4 921 }
423400e6 922
cacb6dc3
PNRCEH		 923 if (status == -ERESTARTSYS) {
924 rcode = -ERESTARTSYS;
c8f7b073
MH		 925 goto cleanup;
926 }
1da177e4 927
423400e6 928 if (status != 0) {
8ce3eca4 929 dprintk((KERN_DEBUG"aacraid: Could not send raw srb fib to hba\n"));
5d497cec 930 rcode = -ENXIO;
1da177e4
LT		 931 goto cleanup;
932 }
933
8ce3eca4 934 if (flags & SRB_DataIn) {
1da177e4 935 for(i = 0 ; i <= sg_indx; i++){
423400e6 936 if (copy_to_user(sg_user[i], sg_list[i], sg_count[i])) {
8ce3eca4 937 dprintk((KERN_DEBUG"aacraid: Could not copy sg data to user\n"));
1da177e4
LT		 938 rcode = -EFAULT;
939 goto cleanup;
940
941 }
942 }
943 }
944
423400e6
RAR		 945 user_reply = arg + fibsize;
946 if (is_native_device) {
947 struct aac_hba_resp *err =
948 &((struct aac_native_hba *)srbfib->hw_fib_va)->resp.err;
949 struct aac_srb_reply reply;
950
951 reply.status = ST_OK;
952 if (srbfib->flags & FIB_CONTEXT_FLAG_FASTRESP) {
953 /* fast response */
954 reply.srb_status = SRB_STATUS_SUCCESS;
955 reply.scsi_status = 0;
956 reply.data_xfer_length = byte_count;
957 } else {
958 reply.srb_status = err->service_response;
959 reply.scsi_status = err->status;
960 reply.data_xfer_length = byte_count -
961 le32_to_cpu(err->residual_count);
962 reply.sense_data_size = err->sense_response_data_len;
963 memcpy(reply.sense_data, err->sense_response_buf,
964 AAC_SENSE_BUFFERSIZE);
965 }
966 if (copy_to_user(user_reply, &reply,
967 sizeof(struct aac_srb_reply))) {
968 dprintk((KERN_DEBUG"aacraid: Copy to user failed\n"));
969 rcode = -EFAULT;
970 goto cleanup;
971 }
972 } else {
973 struct aac_srb_reply *reply;
974
975 reply = (struct aac_srb_reply *) fib_data(srbfib);
976 if (copy_to_user(user_reply, reply,
977 sizeof(struct aac_srb_reply))) {
978 dprintk((KERN_DEBUG"aacraid: Copy to user failed\n"));
979 rcode = -EFAULT;
980 goto cleanup;
981 }
1da177e4
LT		 982 }
983
984cleanup:
56b58712 985 kfree(user_srbcmd);
cacb6dc3 986 if (rcode != -ERESTARTSYS) {
423400e6
RAR		 987 for (i = 0; i <= sg_indx; i++)
988 kfree(sg_list[i]);
c8f7b073
MH		 989 aac_fib_complete(srbfib);
990 aac_fib_free(srbfib);
991 }
1da177e4
LT		 992
993 return rcode;
994}
995
1da177e4 996struct aac_pci_info {
8ce3eca4
SM		 997 u32 bus;
998 u32 slot;
1da177e4
LT		 999};
1000
1001
4833869e 1002static int aac_get_pci_info(struct aac_dev* dev, void __user *arg)
1da177e4 1003{
8ce3eca4 1004 struct aac_pci_info pci_info;
1da177e4
LT		 1005
1006 pci_info.bus = dev->pdev->bus->number;
1007 pci_info.slot = PCI_SLOT(dev->pdev->devfn);
1008
5234e25c
SM		 1009 if (copy_to_user(arg, &pci_info, sizeof(struct aac_pci_info))) {
1010 dprintk((KERN_DEBUG "aacraid: Could not copy pci info\n"));
1011 return -EFAULT;
1da177e4 1012 }
8ce3eca4 1013 return 0;
7c00ffa3 1014}
c799d519
RAR		 1015
1016static int aac_get_hba_info(struct aac_dev *dev, void __user *arg)
1017{
1018 struct aac_hba_info hbainfo;
1019
1020 hbainfo.adapter_number = (u8) dev->id;
1021 hbainfo.system_io_bus_number = dev->pdev->bus->number;
1022 hbainfo.device_number = (dev->pdev->devfn >> 3);
1023 hbainfo.function_number = (dev->pdev->devfn & 0x0007);
1024
1025 hbainfo.vendor_id = dev->pdev->vendor;
1026 hbainfo.device_id = dev->pdev->device;
1027 hbainfo.sub_vendor_id = dev->pdev->subsystem_vendor;
1028 hbainfo.sub_system_id = dev->pdev->subsystem_device;
1029
1030 if (copy_to_user(arg, &hbainfo, sizeof(struct aac_hba_info))) {
1031 dprintk((KERN_DEBUG "aacraid: Could not copy hba info\n"));
1032 return -EFAULT;
1033 }
1034
1035 return 0;
1036}
1037
09867a0e
RAR		 1038struct aac_reset_iop {
1039 u8 reset_type;
1040};
1041
1042static int aac_send_reset_adapter(struct aac_dev *dev, void __user *arg)
1043{
1044 struct aac_reset_iop reset;
1045 int retval;
8ce3eca4 1046
09867a0e
RAR		 1047 if (copy_from_user((void *)&reset, arg, sizeof(struct aac_reset_iop)))
1048 return -EFAULT;
1049
1050 retval = aac_reset_adapter(dev, 0, reset.reset_type);
1051 return retval;
1052
1053}
1da177e4
LT		 1054
1055int aac_do_ioctl(struct aac_dev * dev, int cmd, void __user *arg)
1056{
1057 int status;
8ce3eca4 1058
222a9fb3
RAR		 1059 mutex_lock(&dev->ioctl_mutex);
1060
fbd18598
RAR		 1061 if (dev->adapter_shutdown) {
1062 status = -EACCES;
1063 goto cleanup;
1064 }
1065
1da177e4
LT		 1066 /*
1067 * HBA gets first crack
1068 */
8ce3eca4 1069
1da177e4 1070 status = aac_dev_ioctl(dev, cmd, arg);
cacb6dc3 1071 if (status != -ENOTTY)
222a9fb3 1072 goto cleanup;
1da177e4
LT		 1073
1074 switch (cmd) {
1075 case FSACTL_MINIPORT_REV_CHECK:
1076 status = check_revision(dev, arg);
1077 break;
7c00ffa3 1078 case FSACTL_SEND_LARGE_FIB:
1da177e4
LT		 1079 case FSACTL_SENDFIB:
1080 status = ioctl_send_fib(dev, arg);
1081 break;
1082 case FSACTL_OPEN_GET_ADAPTER_FIB:
1083 status = open_getadapter_fib(dev, arg);
1084 break;
1085 case FSACTL_GET_NEXT_ADAPTER_FIB:
1086 status = next_getadapter_fib(dev, arg);
1087 break;
1088 case FSACTL_CLOSE_GET_ADAPTER_FIB:
1089 status = close_getadapter_fib(dev, arg);
1090 break;
1091 case FSACTL_SEND_RAW_SRB:
1092 status = aac_send_raw_srb(dev,arg);
1093 break;
1094 case FSACTL_GET_PCI_INFO:
1095 status = aac_get_pci_info(dev,arg);
1096 break;
c799d519
RAR		 1097 case FSACTL_GET_HBA_INFO:
1098 status = aac_get_hba_info(dev, arg);
1099 break;
09867a0e
RAR		 1100 case FSACTL_RESET_IOP:
1101 status = aac_send_reset_adapter(dev, arg);
1102 break;
1103
1da177e4
LT		 1104 default:
1105 status = -ENOTTY;
8ce3eca4 1106 break;
1da177e4 1107 }
222a9fb3
RAR		 1108
1109cleanup:
1110 mutex_unlock(&dev->ioctl_mutex);
1111
1da177e4
LT		 1112 return status;
1113}
1114
ubuntu-bionic-kernel mirror