linux/drivers/ata/libata-scsi.c
<<
>>
Prefs
   1/*
   2 *  libata-scsi.c - helper library for ATA
   3 *
   4 *  Maintained by:  Jeff Garzik <jgarzik@pobox.com>
   5 *                  Please ALWAYS copy linux-ide@vger.kernel.org
   6 *                  on emails.
   7 *
   8 *  Copyright 2003-2004 Red Hat, Inc.  All rights reserved.
   9 *  Copyright 2003-2004 Jeff Garzik
  10 *
  11 *
  12 *  This program is free software; you can redistribute it and/or modify
  13 *  it under the terms of the GNU General Public License as published by
  14 *  the Free Software Foundation; either version 2, or (at your option)
  15 *  any later version.
  16 *
  17 *  This program is distributed in the hope that it will be useful,
  18 *  but WITHOUT ANY WARRANTY; without even the implied warranty of
  19 *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  20 *  GNU General Public License for more details.
  21 *
  22 *  You should have received a copy of the GNU General Public License
  23 *  along with this program; see the file COPYING.  If not, write to
  24 *  the Free Software Foundation, 675 Mass Ave, Cambridge, MA 02139, USA.
  25 *
  26 *
  27 *  libata documentation is available via 'make {ps|pdf}docs',
  28 *  as Documentation/DocBook/libata.*
  29 *
  30 *  Hardware documentation available from
  31 *  - http://www.t10.org/
  32 *  - http://www.t13.org/
  33 *
  34 */
  35
  36#include <linux/slab.h>
  37#include <linux/kernel.h>
  38#include <linux/blkdev.h>
  39#include <linux/spinlock.h>
  40#include <linux/export.h>
  41#include <scsi/scsi.h>
  42#include <scsi/scsi_host.h>
  43#include <scsi/scsi_cmnd.h>
  44#include <scsi/scsi_eh.h>
  45#include <scsi/scsi_device.h>
  46#include <scsi/scsi_tcq.h>
  47#include <scsi/scsi_transport.h>
  48#include <linux/libata.h>
  49#include <linux/hdreg.h>
  50#include <linux/uaccess.h>
  51#include <linux/suspend.h>
  52#include <asm/unaligned.h>
  53
  54#include "libata.h"
  55#include "libata-transport.h"
  56
  57#define ATA_SCSI_RBUF_SIZE      4096
  58
  59static DEFINE_SPINLOCK(ata_scsi_rbuf_lock);
  60static u8 ata_scsi_rbuf[ATA_SCSI_RBUF_SIZE];
  61
  62typedef unsigned int (*ata_xlat_func_t)(struct ata_queued_cmd *qc);
  63
  64static struct ata_device *__ata_scsi_find_dev(struct ata_port *ap,
  65                                        const struct scsi_device *scsidev);
  66static struct ata_device *ata_scsi_find_dev(struct ata_port *ap,
  67                                            const struct scsi_device *scsidev);
  68
  69#define RW_RECOVERY_MPAGE 0x1
  70#define RW_RECOVERY_MPAGE_LEN 12
  71#define CACHE_MPAGE 0x8
  72#define CACHE_MPAGE_LEN 20
  73#define CONTROL_MPAGE 0xa
  74#define CONTROL_MPAGE_LEN 12
  75#define ALL_MPAGES 0x3f
  76#define ALL_SUB_MPAGES 0xff
  77
  78
  79static const u8 def_rw_recovery_mpage[RW_RECOVERY_MPAGE_LEN] = {
  80        RW_RECOVERY_MPAGE,
  81        RW_RECOVERY_MPAGE_LEN - 2,
  82        (1 << 7),       /* AWRE */
  83        0,              /* read retry count */
  84        0, 0, 0, 0,
  85        0,              /* write retry count */
  86        0, 0, 0
  87};
  88
  89static const u8 def_cache_mpage[CACHE_MPAGE_LEN] = {
  90        CACHE_MPAGE,
  91        CACHE_MPAGE_LEN - 2,
  92        0,              /* contains WCE, needs to be 0 for logic */
  93        0, 0, 0, 0, 0, 0, 0, 0, 0,
  94        0,              /* contains DRA, needs to be 0 for logic */
  95        0, 0, 0, 0, 0, 0, 0
  96};
  97
  98static const u8 def_control_mpage[CONTROL_MPAGE_LEN] = {
  99        CONTROL_MPAGE,
 100        CONTROL_MPAGE_LEN - 2,
 101        2,      /* DSENSE=0, GLTSD=1 */
 102        0,      /* [QAM+QERR may be 1, see 05-359r1] */
 103        0, 0, 0, 0, 0xff, 0xff,
 104        0, 30   /* extended self test time, see 05-359r1 */
 105};
 106
 107static const char *ata_lpm_policy_names[] = {
 108        [ATA_LPM_UNKNOWN]       = "max_performance",
 109        [ATA_LPM_MAX_POWER]     = "max_performance",
 110        [ATA_LPM_MED_POWER]     = "medium_power",
 111        [ATA_LPM_MIN_POWER]     = "min_power",
 112};
 113
 114static ssize_t ata_scsi_lpm_store(struct device *dev,
 115                                  struct device_attribute *attr,
 116                                  const char *buf, size_t count)
 117{
 118        struct Scsi_Host *shost = class_to_shost(dev);
 119        struct ata_port *ap = ata_shost_to_port(shost);
 120        enum ata_lpm_policy policy;
 121        unsigned long flags;
 122
 123        /* UNKNOWN is internal state, iterate from MAX_POWER */
 124        for (policy = ATA_LPM_MAX_POWER;
 125             policy < ARRAY_SIZE(ata_lpm_policy_names); policy++) {
 126                const char *name = ata_lpm_policy_names[policy];
 127
 128                if (strncmp(name, buf, strlen(name)) == 0)
 129                        break;
 130        }
 131        if (policy == ARRAY_SIZE(ata_lpm_policy_names))
 132                return -EINVAL;
 133
 134        spin_lock_irqsave(ap->lock, flags);
 135        ap->target_lpm_policy = policy;
 136        ata_port_schedule_eh(ap);
 137        spin_unlock_irqrestore(ap->lock, flags);
 138
 139        return count;
 140}
 141
 142static ssize_t ata_scsi_lpm_show(struct device *dev,
 143                                 struct device_attribute *attr, char *buf)
 144{
 145        struct Scsi_Host *shost = class_to_shost(dev);
 146        struct ata_port *ap = ata_shost_to_port(shost);
 147
 148        if (ap->target_lpm_policy >= ARRAY_SIZE(ata_lpm_policy_names))
 149                return -EINVAL;
 150
 151        return snprintf(buf, PAGE_SIZE, "%s\n",
 152                        ata_lpm_policy_names[ap->target_lpm_policy]);
 153}
 154DEVICE_ATTR(link_power_management_policy, S_IRUGO | S_IWUSR,
 155            ata_scsi_lpm_show, ata_scsi_lpm_store);
 156EXPORT_SYMBOL_GPL(dev_attr_link_power_management_policy);
 157
 158static ssize_t ata_scsi_park_show(struct device *device,
 159                                  struct device_attribute *attr, char *buf)
 160{
 161        struct scsi_device *sdev = to_scsi_device(device);
 162        struct ata_port *ap;
 163        struct ata_link *link;
 164        struct ata_device *dev;
 165        unsigned long flags, now;
 166        unsigned int uninitialized_var(msecs);
 167        int rc = 0;
 168
 169        ap = ata_shost_to_port(sdev->host);
 170
 171        spin_lock_irqsave(ap->lock, flags);
 172        dev = ata_scsi_find_dev(ap, sdev);
 173        if (!dev) {
 174                rc = -ENODEV;
 175                goto unlock;
 176        }
 177        if (dev->flags & ATA_DFLAG_NO_UNLOAD) {
 178                rc = -EOPNOTSUPP;
 179                goto unlock;
 180        }
 181
 182        link = dev->link;
 183        now = jiffies;
 184        if (ap->pflags & ATA_PFLAG_EH_IN_PROGRESS &&
 185            link->eh_context.unloaded_mask & (1 << dev->devno) &&
 186            time_after(dev->unpark_deadline, now))
 187                msecs = jiffies_to_msecs(dev->unpark_deadline - now);
 188        else
 189                msecs = 0;
 190
 191unlock:
 192        spin_unlock_irq(ap->lock);
 193
 194        return rc ? rc : snprintf(buf, 20, "%u\n", msecs);
 195}
 196
 197static ssize_t ata_scsi_park_store(struct device *device,
 198                                   struct device_attribute *attr,
 199                                   const char *buf, size_t len)
 200{
 201        struct scsi_device *sdev = to_scsi_device(device);
 202        struct ata_port *ap;
 203        struct ata_device *dev;
 204        long int input;
 205        unsigned long flags;
 206        int rc;
 207
 208        rc = strict_strtol(buf, 10, &input);
 209        if (rc || input < -2)
 210                return -EINVAL;
 211        if (input > ATA_TMOUT_MAX_PARK) {
 212                rc = -EOVERFLOW;
 213                input = ATA_TMOUT_MAX_PARK;
 214        }
 215
 216        ap = ata_shost_to_port(sdev->host);
 217
 218        spin_lock_irqsave(ap->lock, flags);
 219        dev = ata_scsi_find_dev(ap, sdev);
 220        if (unlikely(!dev)) {
 221                rc = -ENODEV;
 222                goto unlock;
 223        }
 224        if (dev->class != ATA_DEV_ATA) {
 225                rc = -EOPNOTSUPP;
 226                goto unlock;
 227        }
 228
 229        if (input >= 0) {
 230                if (dev->flags & ATA_DFLAG_NO_UNLOAD) {
 231                        rc = -EOPNOTSUPP;
 232                        goto unlock;
 233                }
 234
 235                dev->unpark_deadline = ata_deadline(jiffies, input);
 236                dev->link->eh_info.dev_action[dev->devno] |= ATA_EH_PARK;
 237                ata_port_schedule_eh(ap);
 238                complete(&ap->park_req_pending);
 239        } else {
 240                switch (input) {
 241                case -1:
 242                        dev->flags &= ~ATA_DFLAG_NO_UNLOAD;
 243                        break;
 244                case -2:
 245                        dev->flags |= ATA_DFLAG_NO_UNLOAD;
 246                        break;
 247                }
 248        }
 249unlock:
 250        spin_unlock_irqrestore(ap->lock, flags);
 251
 252        return rc ? rc : len;
 253}
 254DEVICE_ATTR(unload_heads, S_IRUGO | S_IWUSR,
 255            ata_scsi_park_show, ata_scsi_park_store);
 256EXPORT_SYMBOL_GPL(dev_attr_unload_heads);
 257
 258static void ata_scsi_set_sense(struct scsi_cmnd *cmd, u8 sk, u8 asc, u8 ascq)
 259{
 260        cmd->result = (DRIVER_SENSE << 24) | SAM_STAT_CHECK_CONDITION;
 261
 262        scsi_build_sense_buffer(0, cmd->sense_buffer, sk, asc, ascq);
 263}
 264
 265static ssize_t
 266ata_scsi_em_message_store(struct device *dev, struct device_attribute *attr,
 267                          const char *buf, size_t count)
 268{
 269        struct Scsi_Host *shost = class_to_shost(dev);
 270        struct ata_port *ap = ata_shost_to_port(shost);
 271        if (ap->ops->em_store && (ap->flags & ATA_FLAG_EM))
 272                return ap->ops->em_store(ap, buf, count);
 273        return -EINVAL;
 274}
 275
 276static ssize_t
 277ata_scsi_em_message_show(struct device *dev, struct device_attribute *attr,
 278                         char *buf)
 279{
 280        struct Scsi_Host *shost = class_to_shost(dev);
 281        struct ata_port *ap = ata_shost_to_port(shost);
 282
 283        if (ap->ops->em_show && (ap->flags & ATA_FLAG_EM))
 284                return ap->ops->em_show(ap, buf);
 285        return -EINVAL;
 286}
 287DEVICE_ATTR(em_message, S_IRUGO | S_IWUSR,
 288                ata_scsi_em_message_show, ata_scsi_em_message_store);
 289EXPORT_SYMBOL_GPL(dev_attr_em_message);
 290
 291static ssize_t
 292ata_scsi_em_message_type_show(struct device *dev, struct device_attribute *attr,
 293                              char *buf)
 294{
 295        struct Scsi_Host *shost = class_to_shost(dev);
 296        struct ata_port *ap = ata_shost_to_port(shost);
 297
 298        return snprintf(buf, 23, "%d\n", ap->em_message_type);
 299}
 300DEVICE_ATTR(em_message_type, S_IRUGO,
 301                  ata_scsi_em_message_type_show, NULL);
 302EXPORT_SYMBOL_GPL(dev_attr_em_message_type);
 303
 304static ssize_t
 305ata_scsi_activity_show(struct device *dev, struct device_attribute *attr,
 306                char *buf)
 307{
 308        struct scsi_device *sdev = to_scsi_device(dev);
 309        struct ata_port *ap = ata_shost_to_port(sdev->host);
 310        struct ata_device *atadev = ata_scsi_find_dev(ap, sdev);
 311
 312        if (atadev && ap->ops->sw_activity_show &&
 313            (ap->flags & ATA_FLAG_SW_ACTIVITY))
 314                return ap->ops->sw_activity_show(atadev, buf);
 315        return -EINVAL;
 316}
 317
 318static ssize_t
 319ata_scsi_activity_store(struct device *dev, struct device_attribute *attr,
 320        const char *buf, size_t count)
 321{
 322        struct scsi_device *sdev = to_scsi_device(dev);
 323        struct ata_port *ap = ata_shost_to_port(sdev->host);
 324        struct ata_device *atadev = ata_scsi_find_dev(ap, sdev);
 325        enum sw_activity val;
 326        int rc;
 327
 328        if (atadev && ap->ops->sw_activity_store &&
 329            (ap->flags & ATA_FLAG_SW_ACTIVITY)) {
 330                val = simple_strtoul(buf, NULL, 0);
 331                switch (val) {
 332                case OFF: case BLINK_ON: case BLINK_OFF:
 333                        rc = ap->ops->sw_activity_store(atadev, val);
 334                        if (!rc)
 335                                return count;
 336                        else
 337                                return rc;
 338                }
 339        }
 340        return -EINVAL;
 341}
 342DEVICE_ATTR(sw_activity, S_IWUSR | S_IRUGO, ata_scsi_activity_show,
 343                        ata_scsi_activity_store);
 344EXPORT_SYMBOL_GPL(dev_attr_sw_activity);
 345
 346struct device_attribute *ata_common_sdev_attrs[] = {
 347        &dev_attr_unload_heads,
 348        NULL
 349};
 350EXPORT_SYMBOL_GPL(ata_common_sdev_attrs);
 351
 352static void ata_scsi_invalid_field(struct scsi_cmnd *cmd)
 353{
 354        ata_scsi_set_sense(cmd, ILLEGAL_REQUEST, 0x24, 0x0);
 355        /* "Invalid field in cbd" */
 356        cmd->scsi_done(cmd);
 357}
 358
 359/**
 360 *      ata_std_bios_param - generic bios head/sector/cylinder calculator used by sd.
 361 *      @sdev: SCSI device for which BIOS geometry is to be determined
 362 *      @bdev: block device associated with @sdev
 363 *      @capacity: capacity of SCSI device
 364 *      @geom: location to which geometry will be output
 365 *
 366 *      Generic bios head/sector/cylinder calculator
 367 *      used by sd. Most BIOSes nowadays expect a XXX/255/16  (CHS)
 368 *      mapping. Some situations may arise where the disk is not
 369 *      bootable if this is not used.
 370 *
 371 *      LOCKING:
 372 *      Defined by the SCSI layer.  We don't really care.
 373 *
 374 *      RETURNS:
 375 *      Zero.
 376 */
 377int ata_std_bios_param(struct scsi_device *sdev, struct block_device *bdev,
 378                       sector_t capacity, int geom[])
 379{
 380        geom[0] = 255;
 381        geom[1] = 63;
 382        sector_div(capacity, 255*63);
 383        geom[2] = capacity;
 384
 385        return 0;
 386}
 387
 388/**
 389 *      ata_scsi_unlock_native_capacity - unlock native capacity
 390 *      @sdev: SCSI device to adjust device capacity for
 391 *
 392 *      This function is called if a partition on @sdev extends beyond
 393 *      the end of the device.  It requests EH to unlock HPA.
 394 *
 395 *      LOCKING:
 396 *      Defined by the SCSI layer.  Might sleep.
 397 */
 398void ata_scsi_unlock_native_capacity(struct scsi_device *sdev)
 399{
 400        struct ata_port *ap = ata_shost_to_port(sdev->host);
 401        struct ata_device *dev;
 402        unsigned long flags;
 403
 404        spin_lock_irqsave(ap->lock, flags);
 405
 406        dev = ata_scsi_find_dev(ap, sdev);
 407        if (dev && dev->n_sectors < dev->n_native_sectors) {
 408                dev->flags |= ATA_DFLAG_UNLOCK_HPA;
 409                dev->link->eh_info.action |= ATA_EH_RESET;
 410                ata_port_schedule_eh(ap);
 411        }
 412
 413        spin_unlock_irqrestore(ap->lock, flags);
 414        ata_port_wait_eh(ap);
 415}
 416
 417/**
 418 *      ata_get_identity - Handler for HDIO_GET_IDENTITY ioctl
 419 *      @ap: target port
 420 *      @sdev: SCSI device to get identify data for
 421 *      @arg: User buffer area for identify data
 422 *
 423 *      LOCKING:
 424 *      Defined by the SCSI layer.  We don't really care.
 425 *
 426 *      RETURNS:
 427 *      Zero on success, negative errno on error.
 428 */
 429static int ata_get_identity(struct ata_port *ap, struct scsi_device *sdev,
 430                            void __user *arg)
 431{
 432        struct ata_device *dev = ata_scsi_find_dev(ap, sdev);
 433        u16 __user *dst = arg;
 434        char buf[40];
 435
 436        if (!dev)
 437                return -ENOMSG;
 438
 439        if (copy_to_user(dst, dev->id, ATA_ID_WORDS * sizeof(u16)))
 440                return -EFAULT;
 441
 442        ata_id_string(dev->id, buf, ATA_ID_PROD, ATA_ID_PROD_LEN);
 443        if (copy_to_user(dst + ATA_ID_PROD, buf, ATA_ID_PROD_LEN))
 444                return -EFAULT;
 445
 446        ata_id_string(dev->id, buf, ATA_ID_FW_REV, ATA_ID_FW_REV_LEN);
 447        if (copy_to_user(dst + ATA_ID_FW_REV, buf, ATA_ID_FW_REV_LEN))
 448                return -EFAULT;
 449
 450        ata_id_string(dev->id, buf, ATA_ID_SERNO, ATA_ID_SERNO_LEN);
 451        if (copy_to_user(dst + ATA_ID_SERNO, buf, ATA_ID_SERNO_LEN))
 452                return -EFAULT;
 453
 454        return 0;
 455}
 456
 457/**
 458 *      ata_cmd_ioctl - Handler for HDIO_DRIVE_CMD ioctl
 459 *      @scsidev: Device to which we are issuing command
 460 *      @arg: User provided data for issuing command
 461 *
 462 *      LOCKING:
 463 *      Defined by the SCSI layer.  We don't really care.
 464 *
 465 *      RETURNS:
 466 *      Zero on success, negative errno on error.
 467 */
 468int ata_cmd_ioctl(struct scsi_device *scsidev, void __user *arg)
 469{
 470        int rc = 0;
 471        u8 scsi_cmd[MAX_COMMAND_SIZE];
 472        u8 args[4], *argbuf = NULL, *sensebuf = NULL;
 473        int argsize = 0;
 474        enum dma_data_direction data_dir;
 475        int cmd_result;
 476
 477        if (arg == NULL)
 478                return -EINVAL;
 479
 480        if (copy_from_user(args, arg, sizeof(args)))
 481                return -EFAULT;
 482
 483        sensebuf = kzalloc(SCSI_SENSE_BUFFERSIZE, GFP_NOIO);
 484        if (!sensebuf)
 485                return -ENOMEM;
 486
 487        memset(scsi_cmd, 0, sizeof(scsi_cmd));
 488
 489        if (args[3]) {
 490                argsize = ATA_SECT_SIZE * args[3];
 491                argbuf = kmalloc(argsize, GFP_KERNEL);
 492                if (argbuf == NULL) {
 493                        rc = -ENOMEM;
 494                        goto error;
 495                }
 496
 497                scsi_cmd[1]  = (4 << 1); /* PIO Data-in */
 498                scsi_cmd[2]  = 0x0e;     /* no off.line or cc, read from dev,
 499                                            block count in sector count field */
 500                data_dir = DMA_FROM_DEVICE;
 501        } else {
 502                scsi_cmd[1]  = (3 << 1); /* Non-data */
 503                scsi_cmd[2]  = 0x20;     /* cc but no off.line or data xfer */
 504                data_dir = DMA_NONE;
 505        }
 506
 507        scsi_cmd[0] = ATA_16;
 508
 509        scsi_cmd[4] = args[2];
 510        if (args[0] == ATA_CMD_SMART) { /* hack -- ide driver does this too */
 511                scsi_cmd[6]  = args[3];
 512                scsi_cmd[8]  = args[1];
 513                scsi_cmd[10] = 0x4f;
 514                scsi_cmd[12] = 0xc2;
 515        } else {
 516                scsi_cmd[6]  = args[1];
 517        }
 518        scsi_cmd[14] = args[0];
 519
 520        /* Good values for timeout and retries?  Values below
 521           from scsi_ioctl_send_command() for default case... */
 522        cmd_result = scsi_execute(scsidev, scsi_cmd, data_dir, argbuf, argsize,
 523                                  sensebuf, (10*HZ), 5, 0, NULL);
 524
 525        if (driver_byte(cmd_result) == DRIVER_SENSE) {/* sense data available */
 526                u8 *desc = sensebuf + 8;
 527                cmd_result &= ~(0xFF<<24); /* DRIVER_SENSE is not an error */
 528
 529                /* If we set cc then ATA pass-through will cause a
 530                 * check condition even if no error. Filter that. */
 531                if (cmd_result & SAM_STAT_CHECK_CONDITION) {
 532                        struct scsi_sense_hdr sshdr;
 533                        scsi_normalize_sense(sensebuf, SCSI_SENSE_BUFFERSIZE,
 534                                             &sshdr);
 535                        if (sshdr.sense_key == 0 &&
 536                            sshdr.asc == 0 && sshdr.ascq == 0)
 537                                cmd_result &= ~SAM_STAT_CHECK_CONDITION;
 538                }
 539
 540                /* Send userspace a few ATA registers (same as drivers/ide) */
 541                if (sensebuf[0] == 0x72 &&      /* format is "descriptor" */
 542                    desc[0] == 0x09) {          /* code is "ATA Descriptor" */
 543                        args[0] = desc[13];     /* status */
 544                        args[1] = desc[3];      /* error */
 545                        args[2] = desc[5];      /* sector count (0:7) */
 546                        if (copy_to_user(arg, args, sizeof(args)))
 547                                rc = -EFAULT;
 548                }
 549        }
 550
 551
 552        if (cmd_result) {
 553                rc = -EIO;
 554                goto error;
 555        }
 556
 557        if ((argbuf)
 558         && copy_to_user(arg + sizeof(args), argbuf, argsize))
 559                rc = -EFAULT;
 560error:
 561        kfree(sensebuf);
 562        kfree(argbuf);
 563        return rc;
 564}
 565
 566/**
 567 *      ata_task_ioctl - Handler for HDIO_DRIVE_TASK ioctl
 568 *      @scsidev: Device to which we are issuing command
 569 *      @arg: User provided data for issuing command
 570 *
 571 *      LOCKING:
 572 *      Defined by the SCSI layer.  We don't really care.
 573 *
 574 *      RETURNS:
 575 *      Zero on success, negative errno on error.
 576 */
 577int ata_task_ioctl(struct scsi_device *scsidev, void __user *arg)
 578{
 579        int rc = 0;
 580        u8 scsi_cmd[MAX_COMMAND_SIZE];
 581        u8 args[7], *sensebuf = NULL;
 582        int cmd_result;
 583
 584        if (arg == NULL)
 585                return -EINVAL;
 586
 587        if (copy_from_user(args, arg, sizeof(args)))
 588                return -EFAULT;
 589
 590        sensebuf = kzalloc(SCSI_SENSE_BUFFERSIZE, GFP_NOIO);
 591        if (!sensebuf)
 592                return -ENOMEM;
 593
 594        memset(scsi_cmd, 0, sizeof(scsi_cmd));
 595        scsi_cmd[0]  = ATA_16;
 596        scsi_cmd[1]  = (3 << 1); /* Non-data */
 597        scsi_cmd[2]  = 0x20;     /* cc but no off.line or data xfer */
 598        scsi_cmd[4]  = args[1];
 599        scsi_cmd[6]  = args[2];
 600        scsi_cmd[8]  = args[3];
 601        scsi_cmd[10] = args[4];
 602        scsi_cmd[12] = args[5];
 603        scsi_cmd[13] = args[6] & 0x4f;
 604        scsi_cmd[14] = args[0];
 605
 606        /* Good values for timeout and retries?  Values below
 607           from scsi_ioctl_send_command() for default case... */
 608        cmd_result = scsi_execute(scsidev, scsi_cmd, DMA_NONE, NULL, 0,
 609                                sensebuf, (10*HZ), 5, 0, NULL);
 610
 611        if (driver_byte(cmd_result) == DRIVER_SENSE) {/* sense data available */
 612                u8 *desc = sensebuf + 8;
 613                cmd_result &= ~(0xFF<<24); /* DRIVER_SENSE is not an error */
 614
 615                /* If we set cc then ATA pass-through will cause a
 616                 * check condition even if no error. Filter that. */
 617                if (cmd_result & SAM_STAT_CHECK_CONDITION) {
 618                        struct scsi_sense_hdr sshdr;
 619                        scsi_normalize_sense(sensebuf, SCSI_SENSE_BUFFERSIZE,
 620                                                &sshdr);
 621                        if (sshdr.sense_key == 0 &&
 622                                sshdr.asc == 0 && sshdr.ascq == 0)
 623                                cmd_result &= ~SAM_STAT_CHECK_CONDITION;
 624                }
 625
 626                /* Send userspace ATA registers */
 627                if (sensebuf[0] == 0x72 &&      /* format is "descriptor" */
 628                                desc[0] == 0x09) {/* code is "ATA Descriptor" */
 629                        args[0] = desc[13];     /* status */
 630                        args[1] = desc[3];      /* error */
 631                        args[2] = desc[5];      /* sector count (0:7) */
 632                        args[3] = desc[7];      /* lbal */
 633                        args[4] = desc[9];      /* lbam */
 634                        args[5] = desc[11];     /* lbah */
 635                        args[6] = desc[12];     /* select */
 636                        if (copy_to_user(arg, args, sizeof(args)))
 637                                rc = -EFAULT;
 638                }
 639        }
 640
 641        if (cmd_result) {
 642                rc = -EIO;
 643                goto error;
 644        }
 645
 646 error:
 647        kfree(sensebuf);
 648        return rc;
 649}
 650
 651static int ata_ioc32(struct ata_port *ap)
 652{
 653        if (ap->flags & ATA_FLAG_PIO_DMA)
 654                return 1;
 655        if (ap->pflags & ATA_PFLAG_PIO32)
 656                return 1;
 657        return 0;
 658}
 659
 660int ata_sas_scsi_ioctl(struct ata_port *ap, struct scsi_device *scsidev,
 661                     int cmd, void __user *arg)
 662{
 663        int val = -EINVAL, rc = -EINVAL;
 664        unsigned long flags;
 665
 666        switch (cmd) {
 667        case ATA_IOC_GET_IO32:
 668                spin_lock_irqsave(ap->lock, flags);
 669                val = ata_ioc32(ap);
 670                spin_unlock_irqrestore(ap->lock, flags);
 671                if (copy_to_user(arg, &val, 1))
 672                        return -EFAULT;
 673                return 0;
 674
 675        case ATA_IOC_SET_IO32:
 676                val = (unsigned long) arg;
 677                rc = 0;
 678                spin_lock_irqsave(ap->lock, flags);
 679                if (ap->pflags & ATA_PFLAG_PIO32CHANGE) {
 680                        if (val)
 681                                ap->pflags |= ATA_PFLAG_PIO32;
 682                        else
 683                                ap->pflags &= ~ATA_PFLAG_PIO32;
 684                } else {
 685                        if (val != ata_ioc32(ap))
 686                                rc = -EINVAL;
 687                }
 688                spin_unlock_irqrestore(ap->lock, flags);
 689                return rc;
 690
 691        case HDIO_GET_IDENTITY:
 692                return ata_get_identity(ap, scsidev, arg);
 693
 694        case HDIO_DRIVE_CMD:
 695                if (!capable(CAP_SYS_ADMIN) || !capable(CAP_SYS_RAWIO))
 696                        return -EACCES;
 697                return ata_cmd_ioctl(scsidev, arg);
 698
 699        case HDIO_DRIVE_TASK:
 700                if (!capable(CAP_SYS_ADMIN) || !capable(CAP_SYS_RAWIO))
 701                        return -EACCES;
 702                return ata_task_ioctl(scsidev, arg);
 703
 704        default:
 705                rc = -ENOTTY;
 706                break;
 707        }
 708
 709        return rc;
 710}
 711EXPORT_SYMBOL_GPL(ata_sas_scsi_ioctl);
 712
 713int ata_scsi_ioctl(struct scsi_device *scsidev, int cmd, void __user *arg)
 714{
 715        return ata_sas_scsi_ioctl(ata_shost_to_port(scsidev->host),
 716                                scsidev, cmd, arg);
 717}
 718EXPORT_SYMBOL_GPL(ata_scsi_ioctl);
 719
 720/**
 721 *      ata_scsi_qc_new - acquire new ata_queued_cmd reference
 722 *      @dev: ATA device to which the new command is attached
 723 *      @cmd: SCSI command that originated this ATA command
 724 *
 725 *      Obtain a reference to an unused ata_queued_cmd structure,
 726 *      which is the basic libata structure representing a single
 727 *      ATA command sent to the hardware.
 728 *
 729 *      If a command was available, fill in the SCSI-specific
 730 *      portions of the structure with information on the
 731 *      current command.
 732 *
 733 *      LOCKING:
 734 *      spin_lock_irqsave(host lock)
 735 *
 736 *      RETURNS:
 737 *      Command allocated, or %NULL if none available.
 738 */
 739static struct ata_queued_cmd *ata_scsi_qc_new(struct ata_device *dev,
 740                                              struct scsi_cmnd *cmd)
 741{
 742        struct ata_queued_cmd *qc;
 743
 744        qc = ata_qc_new_init(dev);
 745        if (qc) {
 746                qc->scsicmd = cmd;
 747                qc->scsidone = cmd->scsi_done;
 748
 749                qc->sg = scsi_sglist(cmd);
 750                qc->n_elem = scsi_sg_count(cmd);
 751        } else {
 752                cmd->result = (DID_OK << 16) | (QUEUE_FULL << 1);
 753                cmd->scsi_done(cmd);
 754        }
 755
 756        return qc;
 757}
 758
 759static void ata_qc_set_pc_nbytes(struct ata_queued_cmd *qc)
 760{
 761        struct scsi_cmnd *scmd = qc->scsicmd;
 762
 763        qc->extrabytes = scmd->request->extra_len;
 764        qc->nbytes = scsi_bufflen(scmd) + qc->extrabytes;
 765}
 766
 767/**
 768 *      ata_dump_status - user friendly display of error info
 769 *      @id: id of the port in question
 770 *      @tf: ptr to filled out taskfile
 771 *
 772 *      Decode and dump the ATA error/status registers for the user so
 773 *      that they have some idea what really happened at the non
 774 *      make-believe layer.
 775 *
 776 *      LOCKING:
 777 *      inherited from caller
 778 */
 779static void ata_dump_status(unsigned id, struct ata_taskfile *tf)
 780{
 781        u8 stat = tf->command, err = tf->feature;
 782
 783        printk(KERN_WARNING "ata%u: status=0x%02x { ", id, stat);
 784        if (stat & ATA_BUSY) {
 785                printk("Busy }\n");     /* Data is not valid in this case */
 786        } else {
 787                if (stat & 0x40)        printk("DriveReady ");
 788                if (stat & 0x20)        printk("DeviceFault ");
 789                if (stat & 0x10)        printk("SeekComplete ");
 790                if (stat & 0x08)        printk("DataRequest ");
 791                if (stat & 0x04)        printk("CorrectedError ");
 792                if (stat & 0x02)        printk("Index ");
 793                if (stat & 0x01)        printk("Error ");
 794                printk("}\n");
 795
 796                if (err) {
 797                        printk(KERN_WARNING "ata%u: error=0x%02x { ", id, err);
 798                        if (err & 0x04)         printk("DriveStatusError ");
 799                        if (err & 0x80) {
 800                                if (err & 0x04) printk("BadCRC ");
 801                                else            printk("Sector ");
 802                        }
 803                        if (err & 0x40)         printk("UncorrectableError ");
 804                        if (err & 0x10)         printk("SectorIdNotFound ");
 805                        if (err & 0x02)         printk("TrackZeroNotFound ");
 806                        if (err & 0x01)         printk("AddrMarkNotFound ");
 807                        printk("}\n");
 808                }
 809        }
 810}
 811
 812/**
 813 *      ata_to_sense_error - convert ATA error to SCSI error
 814 *      @id: ATA device number
 815 *      @drv_stat: value contained in ATA status register
 816 *      @drv_err: value contained in ATA error register
 817 *      @sk: the sense key we'll fill out
 818 *      @asc: the additional sense code we'll fill out
 819 *      @ascq: the additional sense code qualifier we'll fill out
 820 *      @verbose: be verbose
 821 *
 822 *      Converts an ATA error into a SCSI error.  Fill out pointers to
 823 *      SK, ASC, and ASCQ bytes for later use in fixed or descriptor
 824 *      format sense blocks.
 825 *
 826 *      LOCKING:
 827 *      spin_lock_irqsave(host lock)
 828 */
 829static void ata_to_sense_error(unsigned id, u8 drv_stat, u8 drv_err, u8 *sk,
 830                               u8 *asc, u8 *ascq, int verbose)
 831{
 832        int i;
 833
 834        /* Based on the 3ware driver translation table */
 835        static const unsigned char sense_table[][4] = {
 836                /* BBD|ECC|ID|MAR */
 837                {0xd1,          ABORTED_COMMAND, 0x00, 0x00},   // Device busy                  Aborted command
 838                /* BBD|ECC|ID */
 839                {0xd0,          ABORTED_COMMAND, 0x00, 0x00},   // Device busy                  Aborted command
 840                /* ECC|MC|MARK */
 841                {0x61,          HARDWARE_ERROR, 0x00, 0x00},    // Device fault                 Hardware error
 842                /* ICRC|ABRT */         /* NB: ICRC & !ABRT is BBD */
 843                {0x84,          ABORTED_COMMAND, 0x47, 0x00},   // Data CRC error               SCSI parity error
 844                /* MC|ID|ABRT|TRK0|MARK */
 845                {0x37,          NOT_READY, 0x04, 0x00},         // Unit offline                 Not ready
 846                /* MCR|MARK */
 847                {0x09,          NOT_READY, 0x04, 0x00},         // Unrecovered disk error       Not ready
 848                /*  Bad address mark */
 849                {0x01,          MEDIUM_ERROR, 0x13, 0x00},      // Address mark not found       Address mark not found for data field
 850                /* TRK0 */
 851                {0x02,          HARDWARE_ERROR, 0x00, 0x00},    // Track 0 not found              Hardware error
 852                /* Abort & !ICRC */
 853                {0x04,          ABORTED_COMMAND, 0x00, 0x00},   // Aborted command              Aborted command
 854                /* Media change request */
 855                {0x08,          NOT_READY, 0x04, 0x00},         // Media change request   FIXME: faking offline
 856                /* SRV */
 857                {0x10,          ABORTED_COMMAND, 0x14, 0x00},   // ID not found                 Recorded entity not found
 858                /* Media change */
 859                {0x08,          NOT_READY, 0x04, 0x00},         // Media change           FIXME: faking offline
 860                /* ECC */
 861                {0x40,          MEDIUM_ERROR, 0x11, 0x04},      // Uncorrectable ECC error      Unrecovered read error
 862                /* BBD - block marked bad */
 863                {0x80,          MEDIUM_ERROR, 0x11, 0x04},      // Block marked bad               Medium error, unrecovered read error
 864                {0xFF, 0xFF, 0xFF, 0xFF}, // END mark
 865        };
 866        static const unsigned char stat_table[][4] = {
 867                /* Must be first because BUSY means no other bits valid */
 868                {0x80,          ABORTED_COMMAND, 0x47, 0x00},   // Busy, fake parity for now
 869                {0x20,          HARDWARE_ERROR,  0x00, 0x00},   // Device fault
 870                {0x08,          ABORTED_COMMAND, 0x47, 0x00},   // Timed out in xfer, fake parity for now
 871                {0x04,          RECOVERED_ERROR, 0x11, 0x00},   // Recovered ECC error    Medium error, recovered
 872                {0xFF, 0xFF, 0xFF, 0xFF}, // END mark
 873        };
 874
 875        /*
 876         *      Is this an error we can process/parse
 877         */
 878        if (drv_stat & ATA_BUSY) {
 879                drv_err = 0;    /* Ignore the err bits, they're invalid */
 880        }
 881
 882        if (drv_err) {
 883                /* Look for drv_err */
 884                for (i = 0; sense_table[i][0] != 0xFF; i++) {
 885                        /* Look for best matches first */
 886                        if ((sense_table[i][0] & drv_err) ==
 887                            sense_table[i][0]) {
 888                                *sk = sense_table[i][1];
 889                                *asc = sense_table[i][2];
 890                                *ascq = sense_table[i][3];
 891                                goto translate_done;
 892                        }
 893                }
 894                /* No immediate match */
 895                if (verbose)
 896                        printk(KERN_WARNING "ata%u: no sense translation for "
 897                               "error 0x%02x\n", id, drv_err);
 898        }
 899
 900        /* Fall back to interpreting status bits */
 901        for (i = 0; stat_table[i][0] != 0xFF; i++) {
 902                if (stat_table[i][0] & drv_stat) {
 903                        *sk = stat_table[i][1];
 904                        *asc = stat_table[i][2];
 905                        *ascq = stat_table[i][3];
 906                        goto translate_done;
 907                }
 908        }
 909        /* No error?  Undecoded? */
 910        if (verbose)
 911                printk(KERN_WARNING "ata%u: no sense translation for "
 912                       "status: 0x%02x\n", id, drv_stat);
 913
 914        /* We need a sensible error return here, which is tricky, and one
 915           that won't cause people to do things like return a disk wrongly */
 916        *sk = ABORTED_COMMAND;
 917        *asc = 0x00;
 918        *ascq = 0x00;
 919
 920 translate_done:
 921        if (verbose)
 922                printk(KERN_ERR "ata%u: translated ATA stat/err 0x%02x/%02x "
 923                       "to SCSI SK/ASC/ASCQ 0x%x/%02x/%02x\n",
 924                       id, drv_stat, drv_err, *sk, *asc, *ascq);
 925        return;
 926}
 927
 928/*
 929 *      ata_gen_passthru_sense - Generate check condition sense block.
 930 *      @qc: Command that completed.
 931 *
 932 *      This function is specific to the ATA descriptor format sense
 933 *      block specified for the ATA pass through commands.  Regardless
 934 *      of whether the command errored or not, return a sense
 935 *      block. Copy all controller registers into the sense
 936 *      block. Clear sense key, ASC & ASCQ if there is no error.
 937 *
 938 *      LOCKING:
 939 *      None.
 940 */
 941static void ata_gen_passthru_sense(struct ata_queued_cmd *qc)
 942{
 943        struct scsi_cmnd *cmd = qc->scsicmd;
 944        struct ata_taskfile *tf = &qc->result_tf;
 945        unsigned char *sb = cmd->sense_buffer;
 946        unsigned char *desc = sb + 8;
 947        int verbose = qc->ap->ops->error_handler == NULL;
 948
 949        memset(sb, 0, SCSI_SENSE_BUFFERSIZE);
 950
 951        cmd->result = (DRIVER_SENSE << 24) | SAM_STAT_CHECK_CONDITION;
 952
 953        /*
 954         * Use ata_to_sense_error() to map status register bits
 955         * onto sense key, asc & ascq.
 956         */
 957        if (qc->err_mask ||
 958            tf->command & (ATA_BUSY | ATA_DF | ATA_ERR | ATA_DRQ)) {
 959                ata_to_sense_error(qc->ap->print_id, tf->command, tf->feature,
 960                                   &sb[1], &sb[2], &sb[3], verbose);
 961                sb[1] &= 0x0f;
 962        }
 963
 964        /*
 965         * Sense data is current and format is descriptor.
 966         */
 967        sb[0] = 0x72;
 968
 969        desc[0] = 0x09;
 970
 971        /* set length of additional sense data */
 972        sb[7] = 14;
 973        desc[1] = 12;
 974
 975        /*
 976         * Copy registers into sense buffer.
 977         */
 978        desc[2] = 0x00;
 979        desc[3] = tf->feature;  /* == error reg */
 980        desc[5] = tf->nsect;
 981        desc[7] = tf->lbal;
 982        desc[9] = tf->lbam;
 983        desc[11] = tf->lbah;
 984        desc[12] = tf->device;
 985        desc[13] = tf->command; /* == status reg */
 986
 987        /*
 988         * Fill in Extend bit, and the high order bytes
 989         * if applicable.
 990         */
 991        if (tf->flags & ATA_TFLAG_LBA48) {
 992                desc[2] |= 0x01;
 993                desc[4] = tf->hob_nsect;
 994                desc[6] = tf->hob_lbal;
 995                desc[8] = tf->hob_lbam;
 996                desc[10] = tf->hob_lbah;
 997        }
 998}
 999
1000/**
1001 *      ata_gen_ata_sense - generate a SCSI fixed sense block
1002 *      @qc: Command that we are erroring out
1003 *
1004 *      Generate sense block for a failed ATA command @qc.  Descriptor
1005 *      format is used to accommodate LBA48 block address.
1006 *
1007 *      LOCKING:
1008 *      None.
1009 */
1010static void ata_gen_ata_sense(struct ata_queued_cmd *qc)
1011{
1012        struct ata_device *dev = qc->dev;
1013        struct scsi_cmnd *cmd = qc->scsicmd;
1014        struct ata_taskfile *tf = &qc->result_tf;
1015        unsigned char *sb = cmd->sense_buffer;
1016        unsigned char *desc = sb + 8;
1017        int verbose = qc->ap->ops->error_handler == NULL;
1018        u64 block;
1019
1020        memset(sb, 0, SCSI_SENSE_BUFFERSIZE);
1021
1022        cmd->result = (DRIVER_SENSE << 24) | SAM_STAT_CHECK_CONDITION;
1023
1024        /* sense data is current and format is descriptor */
1025        sb[0] = 0x72;
1026
1027        /* Use ata_to_sense_error() to map status register bits
1028         * onto sense key, asc & ascq.
1029         */
1030        if (qc->err_mask ||
1031            tf->command & (ATA_BUSY | ATA_DF | ATA_ERR | ATA_DRQ)) {
1032                ata_to_sense_error(qc->ap->print_id, tf->command, tf->feature,
1033                                   &sb[1], &sb[2], &sb[3], verbose);
1034                sb[1] &= 0x0f;
1035        }
1036
1037        block = ata_tf_read_block(&qc->result_tf, dev);
1038
1039        /* information sense data descriptor */
1040        sb[7] = 12;
1041        desc[0] = 0x00;
1042        desc[1] = 10;
1043
1044        desc[2] |= 0x80;        /* valid */
1045        desc[6] = block >> 40;
1046        desc[7] = block >> 32;
1047        desc[8] = block >> 24;
1048        desc[9] = block >> 16;
1049        desc[10] = block >> 8;
1050        desc[11] = block;
1051}
1052
1053static void ata_scsi_sdev_config(struct scsi_device *sdev)
1054{
1055        sdev->use_10_for_rw = 1;
1056        sdev->use_10_for_ms = 1;
1057        sdev->no_report_opcodes = 1;
1058        sdev->no_write_same = 1;
1059
1060        /* Schedule policy is determined by ->qc_defer() callback and
1061         * it needs to see every deferred qc.  Set dev_blocked to 1 to
1062         * prevent SCSI midlayer from automatically deferring
1063         * requests.
1064         */
1065        sdev->max_device_blocked = 1;
1066}
1067
1068/**
1069 *      atapi_drain_needed - Check whether data transfer may overflow
1070 *      @rq: request to be checked
1071 *
1072 *      ATAPI commands which transfer variable length data to host
1073 *      might overflow due to application error or hardare bug.  This
1074 *      function checks whether overflow should be drained and ignored
1075 *      for @request.
1076 *
1077 *      LOCKING:
1078 *      None.
1079 *
1080 *      RETURNS:
1081 *      1 if ; otherwise, 0.
1082 */
1083static int atapi_drain_needed(struct request *rq)
1084{
1085        if (likely(rq->cmd_type != REQ_TYPE_BLOCK_PC))
1086                return 0;
1087
1088        if (!blk_rq_bytes(rq) || (rq->cmd_flags & REQ_WRITE))
1089                return 0;
1090
1091        return atapi_cmd_type(rq->cmd[0]) == ATAPI_MISC;
1092}
1093
1094static int ata_scsi_dev_config(struct scsi_device *sdev,
1095                               struct ata_device *dev)
1096{
1097        struct request_queue *q = sdev->request_queue;
1098
1099        if (!ata_id_has_unload(dev->id))
1100                dev->flags |= ATA_DFLAG_NO_UNLOAD;
1101
1102        /* configure max sectors */
1103        blk_queue_max_hw_sectors(q, dev->max_sectors);
1104
1105        if (dev->class == ATA_DEV_ATAPI) {
1106                void *buf;
1107
1108                sdev->sector_size = ATA_SECT_SIZE;
1109
1110                /* set DMA padding */
1111                blk_queue_update_dma_pad(q, ATA_DMA_PAD_SZ - 1);
1112
1113                /* configure draining */
1114                buf = kmalloc(ATAPI_MAX_DRAIN, q->bounce_gfp | GFP_KERNEL);
1115                if (!buf) {
1116                        ata_dev_err(dev, "drain buffer allocation failed\n");
1117                        return -ENOMEM;
1118                }
1119
1120                blk_queue_dma_drain(q, atapi_drain_needed, buf, ATAPI_MAX_DRAIN);
1121        } else {
1122                sdev->sector_size = ata_id_logical_sector_size(dev->id);
1123                sdev->manage_start_stop = 1;
1124        }
1125
1126        /*
1127         * ata_pio_sectors() expects buffer for each sector to not cross
1128         * page boundary.  Enforce it by requiring buffers to be sector
1129         * aligned, which works iff sector_size is not larger than
1130         * PAGE_SIZE.  ATAPI devices also need the alignment as
1131         * IDENTIFY_PACKET is executed as ATA_PROT_PIO.
1132         */
1133        if (sdev->sector_size > PAGE_SIZE)
1134                ata_dev_warn(dev,
1135                        "sector_size=%u > PAGE_SIZE, PIO may malfunction\n",
1136                        sdev->sector_size);
1137
1138        blk_queue_update_dma_alignment(q, sdev->sector_size - 1);
1139
1140        if (dev->flags & ATA_DFLAG_AN)
1141                set_bit(SDEV_EVT_MEDIA_CHANGE, sdev->supported_events);
1142
1143        if (dev->flags & ATA_DFLAG_NCQ) {
1144                int depth;
1145
1146                depth = min(sdev->host->can_queue, ata_id_queue_depth(dev->id));
1147                depth = min(ATA_MAX_QUEUE - 1, depth);
1148                scsi_adjust_queue_depth(sdev, MSG_SIMPLE_TAG, depth);
1149        }
1150
1151        blk_queue_flush_queueable(q, false);
1152
1153        dev->sdev = sdev;
1154        return 0;
1155}
1156
1157/**
1158 *      ata_scsi_slave_config - Set SCSI device attributes
1159 *      @sdev: SCSI device to examine
1160 *
1161 *      This is called before we actually start reading
1162 *      and writing to the device, to configure certain
1163 *      SCSI mid-layer behaviors.
1164 *
1165 *      LOCKING:
1166 *      Defined by SCSI layer.  We don't really care.
1167 */
1168
1169int ata_scsi_slave_config(struct scsi_device *sdev)
1170{
1171        struct ata_port *ap = ata_shost_to_port(sdev->host);
1172        struct ata_device *dev = __ata_scsi_find_dev(ap, sdev);
1173        int rc = 0;
1174
1175        ata_scsi_sdev_config(sdev);
1176
1177        if (dev)
1178                rc = ata_scsi_dev_config(sdev, dev);
1179
1180        return rc;
1181}
1182
1183/**
1184 *      ata_scsi_slave_destroy - SCSI device is about to be destroyed
1185 *      @sdev: SCSI device to be destroyed
1186 *
1187 *      @sdev is about to be destroyed for hot/warm unplugging.  If
1188 *      this unplugging was initiated by libata as indicated by NULL
1189 *      dev->sdev, this function doesn't have to do anything.
1190 *      Otherwise, SCSI layer initiated warm-unplug is in progress.
1191 *      Clear dev->sdev, schedule the device for ATA detach and invoke
1192 *      EH.
1193 *
1194 *      LOCKING:
1195 *      Defined by SCSI layer.  We don't really care.
1196 */
1197void ata_scsi_slave_destroy(struct scsi_device *sdev)
1198{
1199        struct ata_port *ap = ata_shost_to_port(sdev->host);
1200        struct request_queue *q = sdev->request_queue;
1201        unsigned long flags;
1202        struct ata_device *dev;
1203
1204        if (!ap->ops->error_handler)
1205                return;
1206
1207        spin_lock_irqsave(ap->lock, flags);
1208        dev = __ata_scsi_find_dev(ap, sdev);
1209        if (dev && dev->sdev) {
1210                /* SCSI device already in CANCEL state, no need to offline it */
1211                dev->sdev = NULL;
1212                dev->flags |= ATA_DFLAG_DETACH;
1213                ata_port_schedule_eh(ap);
1214        }
1215        spin_unlock_irqrestore(ap->lock, flags);
1216
1217        kfree(q->dma_drain_buffer);
1218        q->dma_drain_buffer = NULL;
1219        q->dma_drain_size = 0;
1220}
1221
1222/**
1223 *      __ata_change_queue_depth - helper for ata_scsi_change_queue_depth
1224 *      @ap: ATA port to which the device change the queue depth
1225 *      @sdev: SCSI device to configure queue depth for
1226 *      @queue_depth: new queue depth
1227 *      @reason: calling context
1228 *
1229 *      libsas and libata have different approaches for associating a sdev to
1230 *      its ata_port.
1231 *
1232 */
1233int __ata_change_queue_depth(struct ata_port *ap, struct scsi_device *sdev,
1234                             int queue_depth, int reason)
1235{
1236        struct ata_device *dev;
1237        unsigned long flags;
1238
1239        if (reason != SCSI_QDEPTH_DEFAULT)
1240                return -EOPNOTSUPP;
1241
1242        if (queue_depth < 1 || queue_depth == sdev->queue_depth)
1243                return sdev->queue_depth;
1244
1245        dev = ata_scsi_find_dev(ap, sdev);
1246        if (!dev || !ata_dev_enabled(dev))
1247                return sdev->queue_depth;
1248
1249        /* NCQ enabled? */
1250        spin_lock_irqsave(ap->lock, flags);
1251        dev->flags &= ~ATA_DFLAG_NCQ_OFF;
1252        if (queue_depth == 1 || !ata_ncq_enabled(dev)) {
1253                dev->flags |= ATA_DFLAG_NCQ_OFF;
1254                queue_depth = 1;
1255        }
1256        spin_unlock_irqrestore(ap->lock, flags);
1257
1258        /* limit and apply queue depth */
1259        queue_depth = min(queue_depth, sdev->host->can_queue);
1260        queue_depth = min(queue_depth, ata_id_queue_depth(dev->id));
1261        queue_depth = min(queue_depth, ATA_MAX_QUEUE - 1);
1262
1263        if (sdev->queue_depth == queue_depth)
1264                return -EINVAL;
1265
1266        scsi_adjust_queue_depth(sdev, MSG_SIMPLE_TAG, queue_depth);
1267        return queue_depth;
1268}
1269
1270/**
1271 *      ata_scsi_change_queue_depth - SCSI callback for queue depth config
1272 *      @sdev: SCSI device to configure queue depth for
1273 *      @queue_depth: new queue depth
1274 *      @reason: calling context
1275 *
1276 *      This is libata standard hostt->change_queue_depth callback.
1277 *      SCSI will call into this callback when user tries to set queue
1278 *      depth via sysfs.
1279 *
1280 *      LOCKING:
1281 *      SCSI layer (we don't care)
1282 *
1283 *      RETURNS:
1284 *      Newly configured queue depth.
1285 */
1286int ata_scsi_change_queue_depth(struct scsi_device *sdev, int queue_depth,
1287                                int reason)
1288{
1289        struct ata_port *ap = ata_shost_to_port(sdev->host);
1290
1291        return __ata_change_queue_depth(ap, sdev, queue_depth, reason);
1292}
1293
1294/**
1295 *      ata_scsi_start_stop_xlat - Translate SCSI START STOP UNIT command
1296 *      @qc: Storage for translated ATA taskfile
1297 *
1298 *      Sets up an ATA taskfile to issue STANDBY (to stop) or READ VERIFY
1299 *      (to start). Perhaps these commands should be preceded by
1300 *      CHECK POWER MODE to see what power mode the device is already in.
1301 *      [See SAT revision 5 at www.t10.org]
1302 *
1303 *      LOCKING:
1304 *      spin_lock_irqsave(host lock)
1305 *
1306 *      RETURNS:
1307 *      Zero on success, non-zero on error.
1308 */
1309static unsigned int ata_scsi_start_stop_xlat(struct ata_queued_cmd *qc)
1310{
1311        struct scsi_cmnd *scmd = qc->scsicmd;
1312        struct ata_taskfile *tf = &qc->tf;
1313        const u8 *cdb = scmd->cmnd;
1314
1315        if (scmd->cmd_len < 5)
1316                goto invalid_fld;
1317
1318        tf->flags |= ATA_TFLAG_DEVICE | ATA_TFLAG_ISADDR;
1319        tf->protocol = ATA_PROT_NODATA;
1320        if (cdb[1] & 0x1) {
1321                ;       /* ignore IMMED bit, violates sat-r05 */
1322        }
1323        if (cdb[4] & 0x2)
1324                goto invalid_fld;       /* LOEJ bit set not supported */
1325        if (((cdb[4] >> 4) & 0xf) != 0)
1326                goto invalid_fld;       /* power conditions not supported */
1327
1328        if (cdb[4] & 0x1) {
1329                tf->nsect = 1;  /* 1 sector, lba=0 */
1330
1331                if (qc->dev->flags & ATA_DFLAG_LBA) {
1332                        tf->flags |= ATA_TFLAG_LBA;
1333
1334                        tf->lbah = 0x0;
1335                        tf->lbam = 0x0;
1336                        tf->lbal = 0x0;
1337                        tf->device |= ATA_LBA;
1338                } else {
1339                        /* CHS */
1340                        tf->lbal = 0x1; /* sect */
1341                        tf->lbam = 0x0; /* cyl low */
1342                        tf->lbah = 0x0; /* cyl high */
1343                }
1344
1345                tf->command = ATA_CMD_VERIFY;   /* READ VERIFY */
1346        } else {
1347                /* Some odd clown BIOSen issue spindown on power off (ACPI S4
1348                 * or S5) causing some drives to spin up and down again.
1349                 */
1350                if ((qc->ap->flags & ATA_FLAG_NO_POWEROFF_SPINDOWN) &&
1351                    system_state == SYSTEM_POWER_OFF)
1352                        goto skip;
1353
1354                if ((qc->ap->flags & ATA_FLAG_NO_HIBERNATE_SPINDOWN) &&
1355                     system_entering_hibernation())
1356                        goto skip;
1357
1358                /* Issue ATA STANDBY IMMEDIATE command */
1359                tf->command = ATA_CMD_STANDBYNOW1;
1360        }
1361
1362        /*
1363         * Standby and Idle condition timers could be implemented but that
1364         * would require libata to implement the Power condition mode page
1365         * and allow the user to change it. Changing mode pages requires
1366         * MODE SELECT to be implemented.
1367         */
1368
1369        return 0;
1370
1371 invalid_fld:
1372        ata_scsi_set_sense(scmd, ILLEGAL_REQUEST, 0x24, 0x0);
1373        /* "Invalid field in cbd" */
1374        return 1;
1375 skip:
1376        scmd->result = SAM_STAT_GOOD;
1377        return 1;
1378}
1379
1380
1381/**
1382 *      ata_scsi_flush_xlat - Translate SCSI SYNCHRONIZE CACHE command
1383 *      @qc: Storage for translated ATA taskfile
1384 *
1385 *      Sets up an ATA taskfile to issue FLUSH CACHE or
1386 *      FLUSH CACHE EXT.
1387 *
1388 *      LOCKING:
1389 *      spin_lock_irqsave(host lock)
1390 *
1391 *      RETURNS:
1392 *      Zero on success, non-zero on error.
1393 */
1394static unsigned int ata_scsi_flush_xlat(struct ata_queued_cmd *qc)
1395{
1396        struct ata_taskfile *tf = &qc->tf;
1397
1398        tf->flags |= ATA_TFLAG_DEVICE;
1399        tf->protocol = ATA_PROT_NODATA;
1400
1401        if (qc->dev->flags & ATA_DFLAG_FLUSH_EXT)
1402                tf->command = ATA_CMD_FLUSH_EXT;
1403        else
1404                tf->command = ATA_CMD_FLUSH;
1405
1406        /* flush is critical for IO integrity, consider it an IO command */
1407        qc->flags |= ATA_QCFLAG_IO;
1408
1409        return 0;
1410}
1411
1412/**
1413 *      scsi_6_lba_len - Get LBA and transfer length
1414 *      @cdb: SCSI command to translate
1415 *
1416 *      Calculate LBA and transfer length for 6-byte commands.
1417 *
1418 *      RETURNS:
1419 *      @plba: the LBA
1420 *      @plen: the transfer length
1421 */
1422static void scsi_6_lba_len(const u8 *cdb, u64 *plba, u32 *plen)
1423{
1424        u64 lba = 0;
1425        u32 len;
1426
1427        VPRINTK("six-byte command\n");
1428
1429        lba |= ((u64)(cdb[1] & 0x1f)) << 16;
1430        lba |= ((u64)cdb[2]) << 8;
1431        lba |= ((u64)cdb[3]);
1432
1433        len = cdb[4];
1434
1435        *plba = lba;
1436        *plen = len;
1437}
1438
1439/**
1440 *      scsi_10_lba_len - Get LBA and transfer length
1441 *      @cdb: SCSI command to translate
1442 *
1443 *      Calculate LBA and transfer length for 10-byte commands.
1444 *
1445 *      RETURNS:
1446 *      @plba: the LBA
1447 *      @plen: the transfer length
1448 */
1449static void scsi_10_lba_len(const u8 *cdb, u64 *plba, u32 *plen)
1450{
1451        u64 lba = 0;
1452        u32 len = 0;
1453
1454        VPRINTK("ten-byte command\n");
1455
1456        lba |= ((u64)cdb[2]) << 24;
1457        lba |= ((u64)cdb[3]) << 16;
1458        lba |= ((u64)cdb[4]) << 8;
1459        lba |= ((u64)cdb[5]);
1460
1461        len |= ((u32)cdb[7]) << 8;
1462        len |= ((u32)cdb[8]);
1463
1464        *plba = lba;
1465        *plen = len;
1466}
1467
1468/**
1469 *      scsi_16_lba_len - Get LBA and transfer length
1470 *      @cdb: SCSI command to translate
1471 *
1472 *      Calculate LBA and transfer length for 16-byte commands.
1473 *
1474 *      RETURNS:
1475 *      @plba: the LBA
1476 *      @plen: the transfer length
1477 */
1478static void scsi_16_lba_len(const u8 *cdb, u64 *plba, u32 *plen)
1479{
1480        u64 lba = 0;
1481        u32 len = 0;
1482
1483        VPRINTK("sixteen-byte command\n");
1484
1485        lba |= ((u64)cdb[2]) << 56;
1486        lba |= ((u64)cdb[3]) << 48;
1487        lba |= ((u64)cdb[4]) << 40;
1488        lba |= ((u64)cdb[5]) << 32;
1489        lba |= ((u64)cdb[6]) << 24;
1490        lba |= ((u64)cdb[7]) << 16;
1491        lba |= ((u64)cdb[8]) << 8;
1492        lba |= ((u64)cdb[9]);
1493
1494        len |= ((u32)cdb[10]) << 24;
1495        len |= ((u32)cdb[11]) << 16;
1496        len |= ((u32)cdb[12]) << 8;
1497        len |= ((u32)cdb[13]);
1498
1499        *plba = lba;
1500        *plen = len;
1501}
1502
1503/**
1504 *      ata_scsi_verify_xlat - Translate SCSI VERIFY command into an ATA one
1505 *      @qc: Storage for translated ATA taskfile
1506 *
1507 *      Converts SCSI VERIFY command to an ATA READ VERIFY command.
1508 *
1509 *      LOCKING:
1510 *      spin_lock_irqsave(host lock)
1511 *
1512 *      RETURNS:
1513 *      Zero on success, non-zero on error.
1514 */
1515static unsigned int ata_scsi_verify_xlat(struct ata_queued_cmd *qc)
1516{
1517        struct scsi_cmnd *scmd = qc->scsicmd;
1518        struct ata_taskfile *tf = &qc->tf;
1519        struct ata_device *dev = qc->dev;
1520        u64 dev_sectors = qc->dev->n_sectors;
1521        const u8 *cdb = scmd->cmnd;
1522        u64 block;
1523        u32 n_block;
1524
1525        tf->flags |= ATA_TFLAG_ISADDR | ATA_TFLAG_DEVICE;
1526        tf->protocol = ATA_PROT_NODATA;
1527
1528        if (cdb[0] == VERIFY) {
1529                if (scmd->cmd_len < 10)
1530                        goto invalid_fld;
1531                scsi_10_lba_len(cdb, &block, &n_block);
1532        } else if (cdb[0] == VERIFY_16) {
1533                if (scmd->cmd_len < 16)
1534                        goto invalid_fld;
1535                scsi_16_lba_len(cdb, &block, &n_block);
1536        } else
1537                goto invalid_fld;
1538
1539        if (!n_block)
1540                goto nothing_to_do;
1541        if (block >= dev_sectors)
1542                goto out_of_range;
1543        if ((block + n_block) > dev_sectors)
1544                goto out_of_range;
1545
1546        if (dev->flags & ATA_DFLAG_LBA) {
1547                tf->flags |= ATA_TFLAG_LBA;
1548
1549                if (lba_28_ok(block, n_block)) {
1550                        /* use LBA28 */
1551                        tf->command = ATA_CMD_VERIFY;
1552                        tf->device |= (block >> 24) & 0xf;
1553                } else if (lba_48_ok(block, n_block)) {
1554                        if (!(dev->flags & ATA_DFLAG_LBA48))
1555                                goto out_of_range;
1556
1557                        /* use LBA48 */
1558                        tf->flags |= ATA_TFLAG_LBA48;
1559                        tf->command = ATA_CMD_VERIFY_EXT;
1560
1561                        tf->hob_nsect = (n_block >> 8) & 0xff;
1562
1563                        tf->hob_lbah = (block >> 40) & 0xff;
1564                        tf->hob_lbam = (block >> 32) & 0xff;
1565                        tf->hob_lbal = (block >> 24) & 0xff;
1566                } else
1567                        /* request too large even for LBA48 */
1568                        goto out_of_range;
1569
1570                tf->nsect = n_block & 0xff;
1571
1572                tf->lbah = (block >> 16) & 0xff;
1573                tf->lbam = (block >> 8) & 0xff;
1574                tf->lbal = block & 0xff;
1575
1576                tf->device |= ATA_LBA;
1577        } else {
1578                /* CHS */
1579                u32 sect, head, cyl, track;
1580
1581                if (!lba_28_ok(block, n_block))
1582                        goto out_of_range;
1583
1584                /* Convert LBA to CHS */
1585                track = (u32)block / dev->sectors;
1586                cyl   = track / dev->heads;
1587                head  = track % dev->heads;
1588                sect  = (u32)block % dev->sectors + 1;
1589
1590                DPRINTK("block %u track %u cyl %u head %u sect %u\n",
1591                        (u32)block, track, cyl, head, sect);
1592
1593                /* Check whether the converted CHS can fit.
1594                   Cylinder: 0-65535
1595                   Head: 0-15
1596                   Sector: 1-255*/
1597                if ((cyl >> 16) || (head >> 4) || (sect >> 8) || (!sect))
1598                        goto out_of_range;
1599
1600                tf->command = ATA_CMD_VERIFY;
1601                tf->nsect = n_block & 0xff; /* Sector count 0 means 256 sectors */
1602                tf->lbal = sect;
1603                tf->lbam = cyl;
1604                tf->lbah = cyl >> 8;
1605                tf->device |= head;
1606        }
1607
1608        return 0;
1609
1610invalid_fld:
1611        ata_scsi_set_sense(scmd, ILLEGAL_REQUEST, 0x24, 0x0);
1612        /* "Invalid field in cbd" */
1613        return 1;
1614
1615out_of_range:
1616        ata_scsi_set_sense(scmd, ILLEGAL_REQUEST, 0x21, 0x0);
1617        /* "Logical Block Address out of range" */
1618        return 1;
1619
1620nothing_to_do:
1621        scmd->result = SAM_STAT_GOOD;
1622        return 1;
1623}
1624
1625/**
1626 *      ata_scsi_rw_xlat - Translate SCSI r/w command into an ATA one
1627 *      @qc: Storage for translated ATA taskfile
1628 *
1629 *      Converts any of six SCSI read/write commands into the
1630 *      ATA counterpart, including starting sector (LBA),
1631 *      sector count, and taking into account the device's LBA48
1632 *      support.
1633 *
1634 *      Commands %READ_6, %READ_10, %READ_16, %WRITE_6, %WRITE_10, and
1635 *      %WRITE_16 are currently supported.
1636 *
1637 *      LOCKING:
1638 *      spin_lock_irqsave(host lock)
1639 *
1640 *      RETURNS:
1641 *      Zero on success, non-zero on error.
1642 */
1643static unsigned int ata_scsi_rw_xlat(struct ata_queued_cmd *qc)
1644{
1645        struct scsi_cmnd *scmd = qc->scsicmd;
1646        const u8 *cdb = scmd->cmnd;
1647        unsigned int tf_flags = 0;
1648        u64 block;
1649        u32 n_block;
1650        int rc;
1651
1652        if (cdb[0] == WRITE_10 || cdb[0] == WRITE_6 || cdb[0] == WRITE_16)
1653                tf_flags |= ATA_TFLAG_WRITE;
1654
1655        /* Calculate the SCSI LBA, transfer length and FUA. */
1656        switch (cdb[0]) {
1657        case READ_10:
1658        case WRITE_10:
1659                if (unlikely(scmd->cmd_len < 10))
1660                        goto invalid_fld;
1661                scsi_10_lba_len(cdb, &block, &n_block);
1662                if (cdb[1] & (1 << 3))
1663                        tf_flags |= ATA_TFLAG_FUA;
1664                break;
1665        case READ_6:
1666        case WRITE_6:
1667                if (unlikely(scmd->cmd_len < 6))
1668                        goto invalid_fld;
1669                scsi_6_lba_len(cdb, &block, &n_block);
1670
1671                /* for 6-byte r/w commands, transfer length 0
1672                 * means 256 blocks of data, not 0 block.
1673                 */
1674                if (!n_block)
1675                        n_block = 256;
1676                break;
1677        case READ_16:
1678        case WRITE_16:
1679                if (unlikely(scmd->cmd_len < 16))
1680                        goto invalid_fld;
1681                scsi_16_lba_len(cdb, &block, &n_block);
1682                if (cdb[1] & (1 << 3))
1683                        tf_flags |= ATA_TFLAG_FUA;
1684                break;
1685        default:
1686                DPRINTK("no-byte command\n");
1687                goto invalid_fld;
1688        }
1689
1690        /* Check and compose ATA command */
1691        if (!n_block)
1692                /* For 10-byte and 16-byte SCSI R/W commands, transfer
1693                 * length 0 means transfer 0 block of data.
1694                 * However, for ATA R/W commands, sector count 0 means
1695                 * 256 or 65536 sectors, not 0 sectors as in SCSI.
1696                 *
1697                 * WARNING: one or two older ATA drives treat 0 as 0...
1698                 */
1699                goto nothing_to_do;
1700
1701        qc->flags |= ATA_QCFLAG_IO;
1702        qc->nbytes = n_block * scmd->device->sector_size;
1703
1704        rc = ata_build_rw_tf(&qc->tf, qc->dev, block, n_block, tf_flags,
1705                             qc->tag);
1706        if (likely(rc == 0))
1707                return 0;
1708
1709        if (rc == -ERANGE)
1710                goto out_of_range;
1711        /* treat all other errors as -EINVAL, fall through */
1712invalid_fld:
1713        ata_scsi_set_sense(scmd, ILLEGAL_REQUEST, 0x24, 0x0);
1714        /* "Invalid field in cbd" */
1715        return 1;
1716
1717out_of_range:
1718        ata_scsi_set_sense(scmd, ILLEGAL_REQUEST, 0x21, 0x0);
1719        /* "Logical Block Address out of range" */
1720        return 1;
1721
1722nothing_to_do:
1723        scmd->result = SAM_STAT_GOOD;
1724        return 1;
1725}
1726
1727static void ata_scsi_qc_complete(struct ata_queued_cmd *qc)
1728{
1729        struct ata_port *ap = qc->ap;
1730        struct scsi_cmnd *cmd = qc->scsicmd;
1731        u8 *cdb = cmd->cmnd;
1732        int need_sense = (qc->err_mask != 0);
1733
1734        /* For ATA pass thru (SAT) commands, generate a sense block if
1735         * user mandated it or if there's an error.  Note that if we
1736         * generate because the user forced us to, a check condition
1737         * is generated and the ATA register values are returned
1738         * whether the command completed successfully or not. If there
1739         * was no error, SK, ASC and ASCQ will all be zero.
1740         */
1741        if (((cdb[0] == ATA_16) || (cdb[0] == ATA_12)) &&
1742            ((cdb[2] & 0x20) || need_sense)) {
1743                ata_gen_passthru_sense(qc);
1744        } else {
1745                if (!need_sense) {
1746                        cmd->result = SAM_STAT_GOOD;
1747                } else {
1748                        /* TODO: decide which descriptor format to use
1749                         * for 48b LBA devices and call that here
1750                         * instead of the fixed desc, which is only
1751                         * good for smaller LBA (and maybe CHS?)
1752                         * devices.
1753                         */
1754                        ata_gen_ata_sense(qc);
1755                }
1756        }
1757
1758        if (need_sense && !ap->ops->error_handler)
1759                ata_dump_status(ap->print_id, &qc->result_tf);
1760
1761        qc->scsidone(cmd);
1762
1763        ata_qc_free(qc);
1764}
1765
1766/**
1767 *      ata_scsi_translate - Translate then issue SCSI command to ATA device
1768 *      @dev: ATA device to which the command is addressed
1769 *      @cmd: SCSI command to execute
1770 *      @xlat_func: Actor which translates @cmd to an ATA taskfile
1771 *
1772 *      Our ->queuecommand() function has decided that the SCSI
1773 *      command issued can be directly translated into an ATA
1774 *      command, rather than handled internally.
1775 *
1776 *      This function sets up an ata_queued_cmd structure for the
1777 *      SCSI command, and sends that ata_queued_cmd to the hardware.
1778 *
1779 *      The xlat_func argument (actor) returns 0 if ready to execute
1780 *      ATA command, else 1 to finish translation. If 1 is returned
1781 *      then cmd->result (and possibly cmd->sense_buffer) are assumed
1782 *      to be set reflecting an error condition or clean (early)
1783 *      termination.
1784 *
1785 *      LOCKING:
1786 *      spin_lock_irqsave(host lock)
1787 *
1788 *      RETURNS:
1789 *      0 on success, SCSI_ML_QUEUE_DEVICE_BUSY if the command
1790 *      needs to be deferred.
1791 */
1792static int ata_scsi_translate(struct ata_device *dev, struct scsi_cmnd *cmd,
1793                              ata_xlat_func_t xlat_func)
1794{
1795        struct ata_port *ap = dev->link->ap;
1796        struct ata_queued_cmd *qc;
1797        int rc;
1798
1799        VPRINTK("ENTER\n");
1800
1801        qc = ata_scsi_qc_new(dev, cmd);
1802        if (!qc)
1803                goto err_mem;
1804
1805        /* data is present; dma-map it */
1806        if (cmd->sc_data_direction == DMA_FROM_DEVICE ||
1807            cmd->sc_data_direction == DMA_TO_DEVICE) {
1808                if (unlikely(scsi_bufflen(cmd) < 1)) {
1809                        ata_dev_warn(dev, "WARNING: zero len r/w req\n");
1810                        goto err_did;
1811                }
1812
1813                ata_sg_init(qc, scsi_sglist(cmd), scsi_sg_count(cmd));
1814
1815                qc->dma_dir = cmd->sc_data_direction;
1816        }
1817
1818        qc->complete_fn = ata_scsi_qc_complete;
1819
1820        if (xlat_func(qc))
1821                goto early_finish;
1822
1823        if (ap->ops->qc_defer) {
1824                if ((rc = ap->ops->qc_defer(qc)))
1825                        goto defer;
1826        }
1827
1828        /* select device, send command to hardware */
1829        ata_qc_issue(qc);
1830
1831        VPRINTK("EXIT\n");
1832        return 0;
1833
1834early_finish:
1835        ata_qc_free(qc);
1836        cmd->scsi_done(cmd);
1837        DPRINTK("EXIT - early finish (good or error)\n");
1838        return 0;
1839
1840err_did:
1841        ata_qc_free(qc);
1842        cmd->result = (DID_ERROR << 16);
1843        cmd->scsi_done(cmd);
1844err_mem:
1845        DPRINTK("EXIT - internal\n");
1846        return 0;
1847
1848defer:
1849        ata_qc_free(qc);
1850        DPRINTK("EXIT - defer\n");
1851        if (rc == ATA_DEFER_LINK)
1852                return SCSI_MLQUEUE_DEVICE_BUSY;
1853        else
1854                return SCSI_MLQUEUE_HOST_BUSY;
1855}
1856
1857/**
1858 *      ata_scsi_rbuf_get - Map response buffer.
1859 *      @cmd: SCSI command containing buffer to be mapped.
1860 *      @flags: unsigned long variable to store irq enable status
1861 *      @copy_in: copy in from user buffer
1862 *
1863 *      Prepare buffer for simulated SCSI commands.
1864 *
1865 *      LOCKING:
1866 *      spin_lock_irqsave(ata_scsi_rbuf_lock) on success
1867 *
1868 *      RETURNS:
1869 *      Pointer to response buffer.
1870 */
1871static void *ata_scsi_rbuf_get(struct scsi_cmnd *cmd, bool copy_in,
1872                               unsigned long *flags)
1873{
1874        spin_lock_irqsave(&ata_scsi_rbuf_lock, *flags);
1875
1876        memset(ata_scsi_rbuf, 0, ATA_SCSI_RBUF_SIZE);
1877        if (copy_in)
1878                sg_copy_to_buffer(scsi_sglist(cmd), scsi_sg_count(cmd),
1879                                  ata_scsi_rbuf, ATA_SCSI_RBUF_SIZE);
1880        return ata_scsi_rbuf;
1881}
1882
1883/**
1884 *      ata_scsi_rbuf_put - Unmap response buffer.
1885 *      @cmd: SCSI command containing buffer to be unmapped.
1886 *      @copy_out: copy out result
1887 *      @flags: @flags passed to ata_scsi_rbuf_get()
1888 *
1889 *      Returns rbuf buffer.  The result is copied to @cmd's buffer if
1890 *      @copy_back is true.
1891 *
1892 *      LOCKING:
1893 *      Unlocks ata_scsi_rbuf_lock.
1894 */
1895static inline void ata_scsi_rbuf_put(struct scsi_cmnd *cmd, bool copy_out,
1896                                     unsigned long *flags)
1897{
1898        if (copy_out)
1899                sg_copy_from_buffer(scsi_sglist(cmd), scsi_sg_count(cmd),
1900                                    ata_scsi_rbuf, ATA_SCSI_RBUF_SIZE);
1901        spin_unlock_irqrestore(&ata_scsi_rbuf_lock, *flags);
1902}
1903
1904/**
1905 *      ata_scsi_rbuf_fill - wrapper for SCSI command simulators
1906 *      @args: device IDENTIFY data / SCSI command of interest.
1907 *      @actor: Callback hook for desired SCSI command simulator
1908 *
1909 *      Takes care of the hard work of simulating a SCSI command...
1910 *      Mapping the response buffer, calling the command's handler,
1911 *      and handling the handler's return value.  This return value
1912 *      indicates whether the handler wishes the SCSI command to be
1913 *      completed successfully (0), or not (in which case cmd->result
1914 *      and sense buffer are assumed to be set).
1915 *
1916 *      LOCKING:
1917 *      spin_lock_irqsave(host lock)
1918 */
1919static void ata_scsi_rbuf_fill(struct ata_scsi_args *args,
1920                unsigned int (*actor)(struct ata_scsi_args *args, u8 *rbuf))
1921{
1922        u8 *rbuf;
1923        unsigned int rc;
1924        struct scsi_cmnd *cmd = args->cmd;
1925        unsigned long flags;
1926
1927        rbuf = ata_scsi_rbuf_get(cmd, false, &flags);
1928        rc = actor(args, rbuf);
1929        ata_scsi_rbuf_put(cmd, rc == 0, &flags);
1930
1931        if (rc == 0)
1932                cmd->result = SAM_STAT_GOOD;
1933        args->done(cmd);
1934}
1935
1936/**
1937 *      ata_scsiop_inq_std - Simulate INQUIRY command
1938 *      @args: device IDENTIFY data / SCSI command of interest.
1939 *      @rbuf: Response buffer, to which simulated SCSI cmd output is sent.
1940 *
1941 *      Returns standard device identification data associated
1942 *      with non-VPD INQUIRY command output.
1943 *
1944 *      LOCKING:
1945 *      spin_lock_irqsave(host lock)
1946 */
1947static unsigned int ata_scsiop_inq_std(struct ata_scsi_args *args, u8 *rbuf)
1948{
1949        const u8 versions[] = {
1950                0x60,   /* SAM-3 (no version claimed) */
1951
1952                0x03,
1953                0x20,   /* SBC-2 (no version claimed) */
1954
1955                0x02,
1956                0x60    /* SPC-3 (no version claimed) */
1957        };
1958        u8 hdr[] = {
1959                TYPE_DISK,
1960                0,
1961                0x5,    /* claim SPC-3 version compatibility */
1962                2,
1963                95 - 4
1964        };
1965
1966        VPRINTK("ENTER\n");
1967
1968        /* set scsi removeable (RMB) bit per ata bit */
1969        if (ata_id_removeable(args->id))
1970                hdr[1] |= (1 << 7);
1971
1972        memcpy(rbuf, hdr, sizeof(hdr));
1973        memcpy(&rbuf[8], "ATA     ", 8);
1974        ata_id_string(args->id, &rbuf[16], ATA_ID_PROD, 16);
1975        ata_id_string(args->id, &rbuf[32], ATA_ID_FW_REV, 4);
1976
1977        if (rbuf[32] == 0 || rbuf[32] == ' ')
1978                memcpy(&rbuf[32], "n/a ", 4);
1979
1980        memcpy(rbuf + 59, versions, sizeof(versions));
1981
1982        return 0;
1983}
1984
1985/**
1986 *      ata_scsiop_inq_00 - Simulate INQUIRY VPD page 0, list of pages
1987 *      @args: device IDENTIFY data / SCSI command of interest.
1988 *      @rbuf: Response buffer, to which simulated SCSI cmd output is sent.
1989 *
1990 *      Returns list of inquiry VPD pages available.
1991 *
1992 *      LOCKING:
1993 *      spin_lock_irqsave(host lock)
1994 */
1995static unsigned int ata_scsiop_inq_00(struct ata_scsi_args *args, u8 *rbuf)
1996{
1997        const u8 pages[] = {
1998                0x00,   /* page 0x00, this page */
1999                0x80,   /* page 0x80, unit serial no page */
2000                0x83,   /* page 0x83, device ident page */
2001                0x89,   /* page 0x89, ata info page */
2002                0xb0,   /* page 0xb0, block limits page */
2003                0xb1,   /* page 0xb1, block device characteristics page */
2004                0xb2,   /* page 0xb2, thin provisioning page */
2005        };
2006
2007        rbuf[3] = sizeof(pages);        /* number of supported VPD pages */
2008        memcpy(rbuf + 4, pages, sizeof(pages));
2009        return 0;
2010}
2011
2012/**
2013 *      ata_scsiop_inq_80 - Simulate INQUIRY VPD page 80, device serial number
2014 *      @args: device IDENTIFY data / SCSI command of interest.
2015 *      @rbuf: Response buffer, to which simulated SCSI cmd output is sent.
2016 *
2017 *      Returns ATA device serial number.
2018 *
2019 *      LOCKING:
2020 *      spin_lock_irqsave(host lock)
2021 */
2022static unsigned int ata_scsiop_inq_80(struct ata_scsi_args *args, u8 *rbuf)
2023{
2024        const u8 hdr[] = {
2025                0,
2026                0x80,                   /* this page code */
2027                0,
2028                ATA_ID_SERNO_LEN,       /* page len */
2029        };
2030
2031        memcpy(rbuf, hdr, sizeof(hdr));
2032        ata_id_string(args->id, (unsigned char *) &rbuf[4],
2033                      ATA_ID_SERNO, ATA_ID_SERNO_LEN);
2034        return 0;
2035}
2036
2037/**
2038 *      ata_scsiop_inq_83 - Simulate INQUIRY VPD page 83, device identity
2039 *      @args: device IDENTIFY data / SCSI command of interest.
2040 *      @rbuf: Response buffer, to which simulated SCSI cmd output is sent.
2041 *
2042 *      Yields two logical unit device identification designators:
2043 *       - vendor specific ASCII containing the ATA serial number
2044 *       - SAT defined "t10 vendor id based" containing ASCII vendor
2045 *         name ("ATA     "), model and serial numbers.
2046 *
2047 *      LOCKING:
2048 *      spin_lock_irqsave(host lock)
2049 */
2050static unsigned int ata_scsiop_inq_83(struct ata_scsi_args *args, u8 *rbuf)
2051{
2052        const int sat_model_serial_desc_len = 68;
2053        int num;
2054
2055        rbuf[1] = 0x83;                 /* this page code */
2056        num = 4;
2057
2058        /* piv=0, assoc=lu, code_set=ACSII, designator=vendor */
2059        rbuf[num + 0] = 2;
2060        rbuf[num + 3] = ATA_ID_SERNO_LEN;
2061        num += 4;
2062        ata_id_string(args->id, (unsigned char *) rbuf + num,
2063                      ATA_ID_SERNO, ATA_ID_SERNO_LEN);
2064        num += ATA_ID_SERNO_LEN;
2065
2066        /* SAT defined lu model and serial numbers descriptor */
2067        /* piv=0, assoc=lu, code_set=ACSII, designator=t10 vendor id */
2068        rbuf[num + 0] = 2;
2069        rbuf[num + 1] = 1;
2070        rbuf[num + 3] = sat_model_serial_desc_len;
2071        num += 4;
2072        memcpy(rbuf + num, "ATA     ", 8);
2073        num += 8;
2074        ata_id_string(args->id, (unsigned char *) rbuf + num, ATA_ID_PROD,
2075                      ATA_ID_PROD_LEN);
2076        num += ATA_ID_PROD_LEN;
2077        ata_id_string(args->id, (unsigned char *) rbuf + num, ATA_ID_SERNO,
2078                      ATA_ID_SERNO_LEN);
2079        num += ATA_ID_SERNO_LEN;
2080
2081        if (ata_id_has_wwn(args->id)) {
2082                /* SAT defined lu world wide name */
2083                /* piv=0, assoc=lu, code_set=binary, designator=NAA */
2084                rbuf[num + 0] = 1;
2085                rbuf[num + 1] = 3;
2086                rbuf[num + 3] = ATA_ID_WWN_LEN;
2087                num += 4;
2088                ata_id_string(args->id, (unsigned char *) rbuf + num,
2089                              ATA_ID_WWN, ATA_ID_WWN_LEN);
2090                num += ATA_ID_WWN_LEN;
2091        }
2092        rbuf[3] = num - 4;    /* page len (assume less than 256 bytes) */
2093        return 0;
2094}
2095
2096/**
2097 *      ata_scsiop_inq_89 - Simulate INQUIRY VPD page 89, ATA info
2098 *      @args: device IDENTIFY data / SCSI command of interest.
2099 *      @rbuf: Response buffer, to which simulated SCSI cmd output is sent.
2100 *
2101 *      Yields SAT-specified ATA VPD page.
2102 *
2103 *      LOCKING:
2104 *      spin_lock_irqsave(host lock)
2105 */
2106static unsigned int ata_scsiop_inq_89(struct ata_scsi_args *args, u8 *rbuf)
2107{
2108        struct ata_taskfile tf;
2109
2110        memset(&tf, 0, sizeof(tf));
2111
2112        rbuf[1] = 0x89;                 /* our page code */
2113        rbuf[2] = (0x238 >> 8);         /* page size fixed at 238h */
2114        rbuf[3] = (0x238 & 0xff);
2115
2116        memcpy(&rbuf[8], "linux   ", 8);
2117        memcpy(&rbuf[16], "libata          ", 16);
2118        memcpy(&rbuf[32], DRV_VERSION, 4);
2119        ata_id_string(args->id, &rbuf[32], ATA_ID_FW_REV, 4);
2120
2121        /* we don't store the ATA device signature, so we fake it */
2122
2123        tf.command = ATA_DRDY;          /* really, this is Status reg */
2124        tf.lbal = 0x1;
2125        tf.nsect = 0x1;
2126
2127        ata_tf_to_fis(&tf, 0, 1, &rbuf[36]);    /* TODO: PMP? */
2128        rbuf[36] = 0x34;                /* force D2H Reg FIS (34h) */
2129
2130        rbuf[56] = ATA_CMD_ID_ATA;
2131
2132        memcpy(&rbuf[60], &args->id[0], 512);
2133        return 0;
2134}
2135
2136static unsigned int ata_scsiop_inq_b0(struct ata_scsi_args *args, u8 *rbuf)
2137{
2138        u16 min_io_sectors;
2139
2140        rbuf[1] = 0xb0;
2141        rbuf[3] = 0x3c;         /* required VPD size with unmap support */
2142
2143        /*
2144         * Optimal transfer length granularity.
2145         *
2146         * This is always one physical block, but for disks with a smaller
2147         * logical than physical sector size we need to figure out what the
2148         * latter is.
2149         */
2150        min_io_sectors = 1 << ata_id_log2_per_physical_sector(args->id);
2151        put_unaligned_be16(min_io_sectors, &rbuf[6]);
2152
2153        /*
2154         * Optimal unmap granularity.
2155         *
2156         * The ATA spec doesn't even know about a granularity or alignment
2157         * for the TRIM command.  We can leave away most of the unmap related
2158         * VPD page entries, but we have specifify a granularity to signal
2159         * that we support some form of unmap - in thise case via WRITE SAME
2160         * with the unmap bit set.
2161         */
2162        if (ata_id_has_trim(args->id)) {
2163                put_unaligned_be64(65535 * 512 / 8, &rbuf[36]);
2164                put_unaligned_be32(1, &rbuf[28]);
2165        }
2166
2167        return 0;
2168}
2169
2170static unsigned int ata_scsiop_inq_b1(struct ata_scsi_args *args, u8 *rbuf)
2171{
2172        int form_factor = ata_id_form_factor(args->id);
2173        int media_rotation_rate = ata_id_rotation_rate(args->id);
2174
2175        rbuf[1] = 0xb1;
2176        rbuf[3] = 0x3c;
2177        rbuf[4] = media_rotation_rate >> 8;
2178        rbuf[5] = media_rotation_rate;
2179        rbuf[7] = form_factor;
2180
2181        return 0;
2182}
2183
2184static unsigned int ata_scsiop_inq_b2(struct ata_scsi_args *args, u8 *rbuf)
2185{
2186        /* SCSI Thin Provisioning VPD page: SBC-3 rev 22 or later */
2187        rbuf[1] = 0xb2;
2188        rbuf[3] = 0x4;
2189        rbuf[5] = 1 << 6;       /* TPWS */
2190
2191        return 0;
2192}
2193
2194/**
2195 *      ata_scsiop_noop - Command handler that simply returns success.
2196 *      @args: device IDENTIFY data / SCSI command of interest.
2197 *      @rbuf: Response buffer, to which simulated SCSI cmd output is sent.
2198 *
2199 *      No operation.  Simply returns success to caller, to indicate
2200 *      that the caller should successfully complete this SCSI command.
2201 *
2202 *      LOCKING:
2203 *      spin_lock_irqsave(host lock)
2204 */
2205static unsigned int ata_scsiop_noop(struct ata_scsi_args *args, u8 *rbuf)
2206{
2207        VPRINTK("ENTER\n");
2208        return 0;
2209}
2210
2211/**
2212 *      modecpy - Prepare response for MODE SENSE
2213 *      @dest: output buffer
2214 *      @src: data being copied
2215 *      @n: length of mode page
2216 *      @changeable: whether changeable parameters are requested
2217 *
2218 *      Generate a generic MODE SENSE page for either current or changeable
2219 *      parameters.
2220 *
2221 *      LOCKING:
2222 *      None.
2223 */
2224static void modecpy(u8 *dest, const u8 *src, int n, bool changeable)
2225{
2226        if (changeable) {
2227                memcpy(dest, src, 2);
2228                memset(dest + 2, 0, n - 2);
2229        } else {
2230                memcpy(dest, src, n);
2231        }
2232}
2233
2234/**
2235 *      ata_msense_caching - Simulate MODE SENSE caching info page
2236 *      @id: device IDENTIFY data
2237 *      @buf: output buffer
2238 *      @changeable: whether changeable parameters are requested
2239 *
2240 *      Generate a caching info page, which conditionally indicates
2241 *      write caching to the SCSI layer, depending on device
2242 *      capabilities.
2243 *
2244 *      LOCKING:
2245 *      None.
2246 */
2247static unsigned int ata_msense_caching(u16 *id, u8 *buf, bool changeable)
2248{
2249        modecpy(buf, def_cache_mpage, sizeof(def_cache_mpage), changeable);
2250        if (changeable || ata_id_wcache_enabled(id))
2251                buf[2] |= (1 << 2);     /* write cache enable */
2252        if (!changeable && !ata_id_rahead_enabled(id))
2253                buf[12] |= (1 << 5);    /* disable read ahead */
2254        return sizeof(def_cache_mpage);
2255}
2256
2257/**
2258 *      ata_msense_ctl_mode - Simulate MODE SENSE control mode page
2259 *      @buf: output buffer
2260 *      @changeable: whether changeable parameters are requested
2261 *
2262 *      Generate a generic MODE SENSE control mode page.
2263 *
2264 *      LOCKING:
2265 *      None.
2266 */
2267static unsigned int ata_msense_ctl_mode(u8 *buf, bool changeable)
2268{
2269        modecpy(buf, def_control_mpage, sizeof(def_control_mpage), changeable);
2270        return sizeof(def_control_mpage);
2271}
2272
2273/**
2274 *      ata_msense_rw_recovery - Simulate MODE SENSE r/w error recovery page
2275 *      @buf: output buffer
2276 *      @changeable: whether changeable parameters are requested
2277 *
2278 *      Generate a generic MODE SENSE r/w error recovery page.
2279 *
2280 *      LOCKING:
2281 *      None.
2282 */
2283static unsigned int ata_msense_rw_recovery(u8 *buf, bool changeable)
2284{
2285        modecpy(buf, def_rw_recovery_mpage, sizeof(def_rw_recovery_mpage),
2286                changeable);
2287        return sizeof(def_rw_recovery_mpage);
2288}
2289
2290/*
2291 * We can turn this into a real blacklist if it's needed, for now just
2292 * blacklist any Maxtor BANC1G10 revision firmware
2293 */
2294static int ata_dev_supports_fua(u16 *id)
2295{
2296        unsigned char model[ATA_ID_PROD_LEN + 1], fw[ATA_ID_FW_REV_LEN + 1];
2297
2298        if (!libata_fua)
2299                return 0;
2300        if (!ata_id_has_fua(id))
2301                return 0;
2302
2303        ata_id_c_string(id, model, ATA_ID_PROD, sizeof(model));
2304        ata_id_c_string(id, fw, ATA_ID_FW_REV, sizeof(fw));
2305
2306        if (strcmp(model, "Maxtor"))
2307                return 1;
2308        if (strcmp(fw, "BANC1G10"))
2309                return 1;
2310
2311        return 0; /* blacklisted */
2312}
2313
2314/**
2315 *      ata_scsiop_mode_sense - Simulate MODE SENSE 6, 10 commands
2316 *      @args: device IDENTIFY data / SCSI command of interest.
2317 *      @rbuf: Response buffer, to which simulated SCSI cmd output is sent.
2318 *
2319 *      Simulate MODE SENSE commands. Assume this is invoked for direct
2320 *      access devices (e.g. disks) only. There should be no block
2321 *      descriptor for other device types.
2322 *
2323 *      LOCKING:
2324 *      spin_lock_irqsave(host lock)
2325 */
2326static unsigned int ata_scsiop_mode_sense(struct ata_scsi_args *args, u8 *rbuf)
2327{
2328        struct ata_device *dev = args->dev;
2329        u8 *scsicmd = args->cmd->cmnd, *p = rbuf;
2330        const u8 sat_blk_desc[] = {
2331                0, 0, 0, 0,     /* number of blocks: sat unspecified */
2332                0,
2333                0, 0x2, 0x0     /* block length: 512 bytes */
2334        };
2335        u8 pg, spg;
2336        unsigned int ebd, page_control, six_byte;
2337        u8 dpofua;
2338
2339        VPRINTK("ENTER\n");
2340
2341        six_byte = (scsicmd[0] == MODE_SENSE);
2342        ebd = !(scsicmd[1] & 0x8);      /* dbd bit inverted == edb */
2343        /*
2344         * LLBA bit in msense(10) ignored (compliant)
2345         */
2346
2347        page_control = scsicmd[2] >> 6;
2348        switch (page_control) {
2349        case 0: /* current */
2350        case 1: /* changeable */
2351        case 2: /* defaults */
2352                break;  /* supported */
2353        case 3: /* saved */
2354                goto saving_not_supp;
2355        default:
2356                goto invalid_fld;
2357        }
2358
2359        if (six_byte)
2360                p += 4 + (ebd ? 8 : 0);
2361        else
2362                p += 8 + (ebd ? 8 : 0);
2363
2364        pg = scsicmd[2] & 0x3f;
2365        spg = scsicmd[3];
2366        /*
2367         * No mode subpages supported (yet) but asking for _all_
2368         * subpages may be valid
2369         */
2370        if (spg && (spg != ALL_SUB_MPAGES))
2371                goto invalid_fld;
2372
2373        switch(pg) {
2374        case RW_RECOVERY_MPAGE:
2375                p += ata_msense_rw_recovery(p, page_control == 1);
2376                break;
2377
2378        case CACHE_MPAGE:
2379                p += ata_msense_caching(args->id, p, page_control == 1);
2380                break;
2381
2382        case CONTROL_MPAGE:
2383                p += ata_msense_ctl_mode(p, page_control == 1);
2384                break;
2385
2386        case ALL_MPAGES:
2387                p += ata_msense_rw_recovery(p, page_control == 1);
2388                p += ata_msense_caching(args->id, p, page_control == 1);
2389                p += ata_msense_ctl_mode(p, page_control == 1);
2390                break;
2391
2392        default:                /* invalid page code */
2393                goto invalid_fld;
2394        }
2395
2396        dpofua = 0;
2397        if (ata_dev_supports_fua(args->id) && (dev->flags & ATA_DFLAG_LBA48) &&
2398            (!(dev->flags & ATA_DFLAG_PIO) || dev->multi_count))
2399                dpofua = 1 << 4;
2400
2401        if (six_byte) {
2402                rbuf[0] = p - rbuf - 1;
2403                rbuf[2] |= dpofua;
2404                if (ebd) {
2405                        rbuf[3] = sizeof(sat_blk_desc);
2406                        memcpy(rbuf + 4, sat_blk_desc, sizeof(sat_blk_desc));
2407                }
2408        } else {
2409                unsigned int output_len = p - rbuf - 2;
2410
2411                rbuf[0] = output_len >> 8;
2412                rbuf[1] = output_len;
2413                rbuf[3] |= dpofua;
2414                if (ebd) {
2415                        rbuf[7] = sizeof(sat_blk_desc);
2416                        memcpy(rbuf + 8, sat_blk_desc, sizeof(sat_blk_desc));
2417                }
2418        }
2419        return 0;
2420
2421invalid_fld:
2422        ata_scsi_set_sense(args->cmd, ILLEGAL_REQUEST, 0x24, 0x0);
2423        /* "Invalid field in cbd" */
2424        return 1;
2425
2426saving_not_supp:
2427        ata_scsi_set_sense(args->cmd, ILLEGAL_REQUEST, 0x39, 0x0);
2428         /* "Saving parameters not supported" */
2429        return 1;
2430}
2431
2432/**
2433 *      ata_scsiop_read_cap - Simulate READ CAPACITY[ 16] commands
2434 *      @args: device IDENTIFY data / SCSI command of interest.
2435 *      @rbuf: Response buffer, to which simulated SCSI cmd output is sent.
2436 *
2437 *      Simulate READ CAPACITY commands.
2438 *
2439 *      LOCKING:
2440 *      None.
2441 */
2442static unsigned int ata_scsiop_read_cap(struct ata_scsi_args *args, u8 *rbuf)
2443{
2444        struct ata_device *dev = args->dev;
2445        u64 last_lba = dev->n_sectors - 1; /* LBA of the last block */
2446        u32 sector_size; /* physical sector size in bytes */
2447        u8 log2_per_phys;
2448        u16 lowest_aligned;
2449
2450        sector_size = ata_id_logical_sector_size(dev->id);
2451        log2_per_phys = ata_id_log2_per_physical_sector(dev->id);
2452        lowest_aligned = ata_id_logical_sector_offset(dev->id, log2_per_phys);
2453
2454        VPRINTK("ENTER\n");
2455
2456        if (args->cmd->cmnd[0] == READ_CAPACITY) {
2457                if (last_lba >= 0xffffffffULL)
2458                        last_lba = 0xffffffff;
2459
2460                /* sector count, 32-bit */
2461                rbuf[0] = last_lba >> (8 * 3);
2462                rbuf[1] = last_lba >> (8 * 2);
2463                rbuf[2] = last_lba >> (8 * 1);
2464                rbuf[3] = last_lba;
2465
2466                /* sector size */
2467                rbuf[4] = sector_size >> (8 * 3);
2468                rbuf[5] = sector_size >> (8 * 2);
2469                rbuf[6] = sector_size >> (8 * 1);
2470                rbuf[7] = sector_size;
2471        } else {
2472                /* sector count, 64-bit */
2473                rbuf[0] = last_lba >> (8 * 7);
2474                rbuf[1] = last_lba >> (8 * 6);
2475                rbuf[2] = last_lba >> (8 * 5);
2476                rbuf[3] = last_lba >> (8 * 4);
2477                rbuf[4] = last_lba >> (8 * 3);
2478                rbuf[5] = last_lba >> (8 * 2);
2479                rbuf[6] = last_lba >> (8 * 1);
2480                rbuf[7] = last_lba;
2481
2482                /* sector size */
2483                rbuf[ 8] = sector_size >> (8 * 3);
2484                rbuf[ 9] = sector_size >> (8 * 2);
2485                rbuf[10] = sector_size >> (8 * 1);
2486                rbuf[11] = sector_size;
2487
2488                rbuf[12] = 0;
2489                rbuf[13] = log2_per_phys;
2490                rbuf[14] = (lowest_aligned >> 8) & 0x3f;
2491                rbuf[15] = lowest_aligned;
2492
2493                if (ata_id_has_trim(args->id)) {
2494                        rbuf[14] |= 0x80; /* TPE */
2495
2496                        if (ata_id_has_zero_after_trim(args->id))
2497                                rbuf[14] |= 0x40; /* TPRZ */
2498                }
2499        }
2500
2501        return 0;
2502}
2503
2504/**
2505 *      ata_scsiop_report_luns - Simulate REPORT LUNS command
2506 *      @args: device IDENTIFY data / SCSI command of interest.
2507 *      @rbuf: Response buffer, to which simulated SCSI cmd output is sent.
2508 *
2509 *      Simulate REPORT LUNS command.
2510 *
2511 *      LOCKING:
2512 *      spin_lock_irqsave(host lock)
2513 */
2514static unsigned int ata_scsiop_report_luns(struct ata_scsi_args *args, u8 *rbuf)
2515{
2516        VPRINTK("ENTER\n");
2517        rbuf[3] = 8;    /* just one lun, LUN 0, size 8 bytes */
2518
2519        return 0;
2520}
2521
2522static void atapi_sense_complete(struct ata_queued_cmd *qc)
2523{
2524        if (qc->err_mask && ((qc->err_mask & AC_ERR_DEV) == 0)) {
2525                /* FIXME: not quite right; we don't want the
2526                 * translation of taskfile registers into
2527                 * a sense descriptors, since that's only
2528                 * correct for ATA, not ATAPI
2529                 */
2530                ata_gen_passthru_sense(qc);
2531        }
2532
2533        qc->scsidone(qc->scsicmd);
2534        ata_qc_free(qc);
2535}
2536
2537/* is it pointless to prefer PIO for "safety reasons"? */
2538static inline int ata_pio_use_silly(struct ata_port *ap)
2539{
2540        return (ap->flags & ATA_FLAG_PIO_DMA);
2541}
2542
2543static void atapi_request_sense(struct ata_queued_cmd *qc)
2544{
2545        struct ata_port *ap = qc->ap;
2546        struct scsi_cmnd *cmd = qc->scsicmd;
2547
2548        DPRINTK("ATAPI request sense\n");
2549
2550        /* FIXME: is this needed? */
2551        memset(cmd->sense_buffer, 0, SCSI_SENSE_BUFFERSIZE);
2552
2553#ifdef CONFIG_ATA_SFF
2554        if (ap->ops->sff_tf_read)
2555                ap->ops->sff_tf_read(ap, &qc->tf);
2556#endif
2557
2558        /* fill these in, for the case where they are -not- overwritten */
2559        cmd->sense_buffer[0] = 0x70;
2560        cmd->sense_buffer[2] = qc->tf.feature >> 4;
2561
2562        ata_qc_reinit(qc);
2563
2564        /* setup sg table and init transfer direction */
2565        sg_init_one(&qc->sgent, cmd->sense_buffer, SCSI_SENSE_BUFFERSIZE);
2566        ata_sg_init(qc, &qc->sgent, 1);
2567        qc->dma_dir = DMA_FROM_DEVICE;
2568
2569        memset(&qc->cdb, 0, qc->dev->cdb_len);
2570        qc->cdb[0] = REQUEST_SENSE;
2571        qc->cdb[4] = SCSI_SENSE_BUFFERSIZE;
2572
2573        qc->tf.flags |= ATA_TFLAG_ISADDR | ATA_TFLAG_DEVICE;
2574        qc->tf.command = ATA_CMD_PACKET;
2575
2576        if (ata_pio_use_silly(ap)) {
2577                qc->tf.protocol = ATAPI_PROT_DMA;
2578                qc->tf.feature |= ATAPI_PKT_DMA;
2579        } else {
2580                qc->tf.protocol = ATAPI_PROT_PIO;
2581                qc->tf.lbam = SCSI_SENSE_BUFFERSIZE;
2582                qc->tf.lbah = 0;
2583        }
2584        qc->nbytes = SCSI_SENSE_BUFFERSIZE;
2585
2586        qc->complete_fn = atapi_sense_complete;
2587
2588        ata_qc_issue(qc);
2589
2590        DPRINTK("EXIT\n");
2591}
2592
2593static void atapi_qc_complete(struct ata_queued_cmd *qc)
2594{
2595        struct scsi_cmnd *cmd = qc->scsicmd;
2596        unsigned int err_mask = qc->err_mask;
2597
2598        VPRINTK("ENTER, err_mask 0x%X\n", err_mask);
2599
2600        /* handle completion from new EH */
2601        if (unlikely(qc->ap->ops->error_handler &&
2602                     (err_mask || qc->flags & ATA_QCFLAG_SENSE_VALID))) {
2603
2604                if (!(qc->flags & ATA_QCFLAG_SENSE_VALID)) {
2605                        /* FIXME: not quite right; we don't want the
2606                         * translation of taskfile registers into a
2607                         * sense descriptors, since that's only
2608                         * correct for ATA, not ATAPI
2609                         */
2610                        ata_gen_passthru_sense(qc);
2611                }
2612
2613                /* SCSI EH automatically locks door if sdev->locked is
2614                 * set.  Sometimes door lock request continues to
2615                 * fail, for example, when no media is present.  This
2616                 * creates a loop - SCSI EH issues door lock which
2617                 * fails and gets invoked again to acquire sense data
2618                 * for the failed command.
2619                 *
2620                 * If door lock fails, always clear sdev->locked to
2621                 * avoid this infinite loop.
2622                 *
2623                 * This may happen before SCSI scan is complete.  Make
2624                 * sure qc->dev->sdev isn't NULL before dereferencing.
2625                 */
2626                if (qc->cdb[0] == ALLOW_MEDIUM_REMOVAL && qc->dev->sdev)
2627                        qc->dev->sdev->locked = 0;
2628
2629                qc->scsicmd->result = SAM_STAT_CHECK_CONDITION;
2630                qc->scsidone(cmd);
2631                ata_qc_free(qc);
2632                return;
2633        }
2634
2635        /* successful completion or old EH failure path */
2636        if (unlikely(err_mask & AC_ERR_DEV)) {
2637                cmd->result = SAM_STAT_CHECK_CONDITION;
2638                atapi_request_sense(qc);
2639                return;
2640        } else if (unlikely(err_mask)) {
2641                /* FIXME: not quite right; we don't want the
2642                 * translation of taskfile registers into
2643                 * a sense descriptors, since that's only
2644                 * correct for ATA, not ATAPI
2645                 */
2646                ata_gen_passthru_sense(qc);
2647        } else {
2648                u8 *scsicmd = cmd->cmnd;
2649
2650                if ((scsicmd[0] == INQUIRY) && ((scsicmd[1] & 0x03) == 0)) {
2651                        unsigned long flags;
2652                        u8 *buf;
2653
2654                        buf = ata_scsi_rbuf_get(cmd, true, &flags);
2655
2656        /* ATAPI devices typically report zero for their SCSI version,
2657         * and sometimes deviate from the spec WRT response data
2658         * format.  If SCSI version is reported as zero like normal,
2659         * then we make the following fixups:  1) Fake MMC-5 version,
2660         * to indicate to the Linux scsi midlayer this is a modern
2661         * device.  2) Ensure response data format / ATAPI information
2662         * are always correct.
2663         */
2664                        if (buf[2] == 0) {
2665                                buf[2] = 0x5;
2666                                buf[3] = 0x32;
2667                        }
2668
2669                        ata_scsi_rbuf_put(cmd, true, &flags);
2670                }
2671
2672                cmd->result = SAM_STAT_GOOD;
2673        }
2674
2675        qc->scsidone(cmd);
2676        ata_qc_free(qc);
2677}
2678/**
2679 *      atapi_xlat - Initialize PACKET taskfile
2680 *      @qc: command structure to be initialized
2681 *
2682 *      LOCKING:
2683 *      spin_lock_irqsave(host lock)
2684 *
2685 *      RETURNS:
2686 *      Zero on success, non-zero on failure.
2687 */
2688static unsigned int atapi_xlat(struct ata_queued_cmd *qc)
2689{
2690        struct scsi_cmnd *scmd = qc->scsicmd;
2691        struct ata_device *dev = qc->dev;
2692        int nodata = (scmd->sc_data_direction == DMA_NONE);
2693        int using_pio = !nodata && (dev->flags & ATA_DFLAG_PIO);
2694        unsigned int nbytes;
2695
2696        memset(qc->cdb, 0, dev->cdb_len);
2697        memcpy(qc->cdb, scmd->cmnd, scmd->cmd_len);
2698
2699        qc->complete_fn = atapi_qc_complete;
2700
2701        qc->tf.flags |= ATA_TFLAG_ISADDR | ATA_TFLAG_DEVICE;
2702        if (scmd->sc_data_direction == DMA_TO_DEVICE) {
2703                qc->tf.flags |= ATA_TFLAG_WRITE;
2704                DPRINTK("direction: write\n");
2705        }
2706
2707        qc->tf.command = ATA_CMD_PACKET;
2708        ata_qc_set_pc_nbytes(qc);
2709
2710        /* check whether ATAPI DMA is safe */
2711        if (!nodata && !using_pio && atapi_check_dma(qc))
2712                using_pio = 1;
2713
2714        /* Some controller variants snoop this value for Packet
2715         * transfers to do state machine and FIFO management.  Thus we
2716         * want to set it properly, and for DMA where it is
2717         * effectively meaningless.
2718         */
2719        nbytes = min(ata_qc_raw_nbytes(qc), (unsigned int)63 * 1024);
2720
2721        /* Most ATAPI devices which honor transfer chunk size don't
2722         * behave according to the spec when odd chunk size which
2723         * matches the transfer length is specified.  If the number of
2724         * bytes to transfer is 2n+1.  According to the spec, what
2725         * should happen is to indicate that 2n+1 is going to be
2726         * transferred and transfer 2n+2 bytes where the last byte is
2727         * padding.
2728         *
2729         * In practice, this doesn't happen.  ATAPI devices first
2730         * indicate and transfer 2n bytes and then indicate and
2731         * transfer 2 bytes where the last byte is padding.
2732         *
2733         * This inconsistency confuses several controllers which
2734         * perform PIO using DMA such as Intel AHCIs and sil3124/32.
2735         * These controllers use actual number of transferred bytes to
2736         * update DMA poitner and transfer of 4n+2 bytes make those
2737         * controller push DMA pointer by 4n+4 bytes because SATA data
2738         * FISes are aligned to 4 bytes.  This causes data corruption
2739         * and buffer overrun.
2740         *
2741         * Always setting nbytes to even number solves this problem
2742         * because then ATAPI devices don't have to split data at 2n
2743         * boundaries.
2744         */
2745        if (nbytes & 0x1)
2746                nbytes++;
2747
2748        qc->tf.lbam = (nbytes & 0xFF);
2749        qc->tf.lbah = (nbytes >> 8);
2750
2751        if (nodata)
2752                qc->tf.protocol = ATAPI_PROT_NODATA;
2753        else if (using_pio)
2754                qc->tf.protocol = ATAPI_PROT_PIO;
2755        else {
2756                /* DMA data xfer */
2757                qc->tf.protocol = ATAPI_PROT_DMA;
2758                qc->tf.feature |= ATAPI_PKT_DMA;
2759
2760                if ((dev->flags & ATA_DFLAG_DMADIR) &&
2761                    (scmd->sc_data_direction != DMA_TO_DEVICE))
2762                        /* some SATA bridges need us to indicate data xfer direction */
2763                        qc->tf.feature |= ATAPI_DMADIR;
2764        }
2765
2766
2767        /* FIXME: We need to translate 0x05 READ_BLOCK_LIMITS to a MODE_SENSE
2768           as ATAPI tape drives don't get this right otherwise */
2769        return 0;
2770}
2771
2772static struct ata_device *ata_find_dev(struct ata_port *ap, int devno)
2773{
2774        if (!sata_pmp_attached(ap)) {
2775                if (likely(devno < ata_link_max_devices(&ap->link)))
2776                        return &ap->link.device[devno];
2777        } else {
2778                if (likely(devno < ap->nr_pmp_links))
2779                        return &ap->pmp_link[devno].device[0];
2780        }
2781
2782        return NULL;
2783}
2784
2785static struct ata_device *__ata_scsi_find_dev(struct ata_port *ap,
2786                                              const struct scsi_device *scsidev)
2787{
2788        int devno;
2789
2790        /* skip commands not addressed to targets we simulate */
2791        if (!sata_pmp_attached(ap)) {
2792                if (unlikely(scsidev->channel || scsidev->lun))
2793                        return NULL;
2794                devno = scsidev->id;
2795        } else {
2796                if (unlikely(scsidev->id || scsidev->lun))
2797                        return NULL;
2798                devno = scsidev->channel;
2799        }
2800
2801        return ata_find_dev(ap, devno);
2802}
2803
2804/**
2805 *      ata_scsi_find_dev - lookup ata_device from scsi_cmnd
2806 *      @ap: ATA port to which the device is attached
2807 *      @scsidev: SCSI device from which we derive the ATA device
2808 *
2809 *      Given various information provided in struct scsi_cmnd,
2810 *      map that onto an ATA bus, and using that mapping
2811 *      determine which ata_device is associated with the
2812 *      SCSI command to be sent.
2813 *
2814 *      LOCKING:
2815 *      spin_lock_irqsave(host lock)
2816 *
2817 *      RETURNS:
2818 *      Associated ATA device, or %NULL if not found.
2819 */
2820static struct ata_device *
2821ata_scsi_find_dev(struct ata_port *ap, const struct scsi_device *scsidev)
2822{
2823        struct ata_device *dev = __ata_scsi_find_dev(ap, scsidev);
2824
2825        if (unlikely(!dev || !ata_dev_enabled(dev)))
2826                return NULL;
2827
2828        return dev;
2829}
2830
2831/*
2832 *      ata_scsi_map_proto - Map pass-thru protocol value to taskfile value.
2833 *      @byte1: Byte 1 from pass-thru CDB.
2834 *
2835 *      RETURNS:
2836 *      ATA_PROT_UNKNOWN if mapping failed/unimplemented, protocol otherwise.
2837 */
2838static u8
2839ata_scsi_map_proto(u8 byte1)
2840{
2841        switch((byte1 & 0x1e) >> 1) {
2842        case 3:         /* Non-data */
2843                return ATA_PROT_NODATA;
2844
2845        case 6:         /* DMA */
2846        case 10:        /* UDMA Data-in */
2847        case 11:        /* UDMA Data-Out */
2848                return ATA_PROT_DMA;
2849
2850        case 4:         /* PIO Data-in */
2851        case 5:         /* PIO Data-out */
2852                return ATA_PROT_PIO;
2853
2854        case 0:         /* Hard Reset */
2855        case 1:         /* SRST */
2856        case 8:         /* Device Diagnostic */
2857        case 9:         /* Device Reset */
2858        case 7:         /* DMA Queued */
2859        case 12:        /* FPDMA */
2860        case 15:        /* Return Response Info */
2861        default:        /* Reserved */
2862                break;
2863        }
2864
2865        return ATA_PROT_UNKNOWN;
2866}
2867
2868/**
2869 *      ata_scsi_pass_thru - convert ATA pass-thru CDB to taskfile
2870 *      @qc: command structure to be initialized
2871 *
2872 *      Handles either 12 or 16-byte versions of the CDB.
2873 *
2874 *      RETURNS:
2875 *      Zero on success, non-zero on failure.
2876 */
2877static unsigned int ata_scsi_pass_thru(struct ata_queued_cmd *qc)
2878{
2879        struct ata_taskfile *tf = &(qc->tf);
2880        struct scsi_cmnd *scmd = qc->scsicmd;
2881        struct ata_device *dev = qc->dev;
2882        const u8 *cdb = scmd->cmnd;
2883
2884        if ((tf->protocol = ata_scsi_map_proto(cdb[1])) == ATA_PROT_UNKNOWN)
2885                goto invalid_fld;
2886
2887        /*
2888         * 12 and 16 byte CDBs use different offsets to
2889         * provide the various register values.
2890         */
2891        if (cdb[0] == ATA_16) {
2892                /*
2893                 * 16-byte CDB - may contain extended commands.
2894                 *
2895                 * If that is the case, copy the upper byte register values.
2896                 */
2897                if (cdb[1] & 0x01) {
2898                        tf->hob_feature = cdb[3];
2899                        tf->hob_nsect = cdb[5];
2900                        tf->hob_lbal = cdb[7];
2901                        tf->hob_lbam = cdb[9];
2902                        tf->hob_lbah = cdb[11];
2903                        tf->flags |= ATA_TFLAG_LBA48;
2904                } else
2905                        tf->flags &= ~ATA_TFLAG_LBA48;
2906
2907                /*
2908                 * Always copy low byte, device and command registers.
2909                 */
2910                tf->feature = cdb[4];
2911                tf->nsect = cdb[6];
2912                tf->lbal = cdb[8];
2913                tf->lbam = cdb[10];
2914                tf->lbah = cdb[12];
2915                tf->device = cdb[13];
2916                tf->command = cdb[14];
2917        } else {
2918                /*
2919                 * 12-byte CDB - incapable of extended commands.
2920                 */
2921                tf->flags &= ~ATA_TFLAG_LBA48;
2922
2923                tf->feature = cdb[3];
2924                tf->nsect = cdb[4];
2925                tf->lbal = cdb[5];
2926                tf->lbam = cdb[6];
2927                tf->lbah = cdb[7];
2928                tf->device = cdb[8];
2929                tf->command = cdb[9];
2930        }
2931
2932        /* enforce correct master/slave bit */
2933        tf->device = dev->devno ?
2934                tf->device | ATA_DEV1 : tf->device & ~ATA_DEV1;
2935
2936        switch (tf->command) {
2937        /* READ/WRITE LONG use a non-standard sect_size */
2938        case ATA_CMD_READ_LONG:
2939        case ATA_CMD_READ_LONG_ONCE:
2940        case ATA_CMD_WRITE_LONG:
2941        case ATA_CMD_WRITE_LONG_ONCE:
2942                if (tf->protocol != ATA_PROT_PIO || tf->nsect != 1)
2943                        goto invalid_fld;
2944                qc->sect_size = scsi_bufflen(scmd);
2945                break;
2946
2947        /* commands using reported Logical Block size (e.g. 512 or 4K) */
2948        case ATA_CMD_CFA_WRITE_NE:
2949        case ATA_CMD_CFA_TRANS_SECT:
2950        case ATA_CMD_CFA_WRITE_MULT_NE:
2951        /* XXX: case ATA_CMD_CFA_WRITE_SECTORS_WITHOUT_ERASE: */
2952        case ATA_CMD_READ:
2953        case ATA_CMD_READ_EXT:
2954        case ATA_CMD_READ_QUEUED:
2955        /* XXX: case ATA_CMD_READ_QUEUED_EXT: */
2956        case ATA_CMD_FPDMA_READ:
2957        case ATA_CMD_READ_MULTI:
2958        case ATA_CMD_READ_MULTI_EXT:
2959        case ATA_CMD_PIO_READ:
2960        case ATA_CMD_PIO_READ_EXT:
2961        case ATA_CMD_READ_STREAM_DMA_EXT:
2962        case ATA_CMD_READ_STREAM_EXT:
2963        case ATA_CMD_VERIFY:
2964        case ATA_CMD_VERIFY_EXT:
2965        case ATA_CMD_WRITE:
2966        case ATA_CMD_WRITE_EXT:
2967        case ATA_CMD_WRITE_FUA_EXT:
2968        case ATA_CMD_WRITE_QUEUED:
2969        case ATA_CMD_WRITE_QUEUED_FUA_EXT:
2970        case ATA_CMD_FPDMA_WRITE:
2971        case ATA_CMD_WRITE_MULTI:
2972        case ATA_CMD_WRITE_MULTI_EXT:
2973        case ATA_CMD_WRITE_MULTI_FUA_EXT:
2974        case ATA_CMD_PIO_WRITE:
2975        case ATA_CMD_PIO_WRITE_EXT:
2976        case ATA_CMD_WRITE_STREAM_DMA_EXT:
2977        case ATA_CMD_WRITE_STREAM_EXT:
2978                qc->sect_size = scmd->device->sector_size;
2979                break;
2980
2981        /* Everything else uses 512 byte "sectors" */
2982        default:
2983                qc->sect_size = ATA_SECT_SIZE;
2984        }
2985
2986        /*
2987         * Set flags so that all registers will be written, pass on
2988         * write indication (used for PIO/DMA setup), result TF is
2989         * copied back and we don't whine too much about its failure.
2990         */
2991        tf->flags |= ATA_TFLAG_ISADDR | ATA_TFLAG_DEVICE;
2992        if (scmd->sc_data_direction == DMA_TO_DEVICE)
2993                tf->flags |= ATA_TFLAG_WRITE;
2994
2995        qc->flags |= ATA_QCFLAG_RESULT_TF | ATA_QCFLAG_QUIET;
2996
2997        /*
2998         * Set transfer length.
2999         *
3000         * TODO: find out if we need to do more here to
3001         *       cover scatter/gather case.
3002         */
3003        ata_qc_set_pc_nbytes(qc);
3004
3005        /* We may not issue DMA commands if no DMA mode is set */
3006        if (tf->protocol == ATA_PROT_DMA && dev->dma_mode == 0)
3007                goto invalid_fld;
3008
3009        /* sanity check for pio multi commands */
3010        if ((cdb[1] & 0xe0) && !is_multi_taskfile(tf))
3011                goto invalid_fld;
3012
3013        if (is_multi_taskfile(tf)) {
3014                unsigned int multi_count = 1 << (cdb[1] >> 5);
3015
3016                /* compare the passed through multi_count
3017                 * with the cached multi_count of libata
3018                 */
3019                if (multi_count != dev->multi_count)
3020                        ata_dev_warn(dev, "invalid multi_count %u ignored\n",
3021                                     multi_count);
3022        }
3023
3024        /*
3025         * Filter SET_FEATURES - XFER MODE command -- otherwise,
3026         * SET_FEATURES - XFER MODE must be preceded/succeeded
3027         * by an update to hardware-specific registers for each
3028         * controller (i.e. the reason for ->set_piomode(),
3029         * ->set_dmamode(), and ->post_set_mode() hooks).
3030         */
3031        if (tf->command == ATA_CMD_SET_FEATURES &&
3032            tf->feature == SETFEATURES_XFER)
3033                goto invalid_fld;
3034
3035        /*
3036         * Filter TPM commands by default. These provide an
3037         * essentially uncontrolled encrypted "back door" between
3038         * applications and the disk. Set libata.allow_tpm=1 if you
3039         * have a real reason for wanting to use them. This ensures
3040         * that installed software cannot easily mess stuff up without
3041         * user intent. DVR type users will probably ship with this enabled
3042         * for movie content management.
3043         *
3044         * Note that for ATA8 we can issue a DCS change and DCS freeze lock
3045         * for this and should do in future but that it is not sufficient as
3046         * DCS is an optional feature set. Thus we also do the software filter
3047         * so that we comply with the TC consortium stated goal that the user
3048         * can turn off TC features of their system.
3049         */
3050        if (tf->command >= 0x5C && tf->command <= 0x5F && !libata_allow_tpm)
3051                goto invalid_fld;
3052
3053        return 0;
3054
3055 invalid_fld:
3056        ata_scsi_set_sense(scmd, ILLEGAL_REQUEST, 0x24, 0x00);
3057        /* "Invalid field in cdb" */
3058        return 1;
3059}
3060
3061static unsigned int ata_scsi_write_same_xlat(struct ata_queued_cmd *qc)
3062{
3063        struct ata_taskfile *tf = &qc->tf;
3064        struct scsi_cmnd *scmd = qc->scsicmd;
3065        struct ata_device *dev = qc->dev;
3066        const u8 *cdb = scmd->cmnd;
3067        u64 block;
3068        u32 n_block;
3069        u32 size;
3070        void *buf;
3071
3072        /* we may not issue DMA commands if no DMA mode is set */
3073        if (unlikely(!dev->dma_mode))
3074                goto invalid_fld;
3075
3076        if (unlikely(scmd->cmd_len < 16))
3077                goto invalid_fld;
3078        scsi_16_lba_len(cdb, &block, &n_block);
3079
3080        /* for now we only support WRITE SAME with the unmap bit set */
3081        if (unlikely(!(cdb[1] & 0x8)))
3082                goto invalid_fld;
3083
3084        /*
3085         * WRITE SAME always has a sector sized buffer as payload, this
3086         * should never be a multiple entry S/G list.
3087         */
3088        if (!scsi_sg_count(scmd))
3089                goto invalid_fld;
3090
3091        buf = page_address(sg_page(scsi_sglist(scmd)));
3092        size = ata_set_lba_range_entries(buf, 512, block, n_block);
3093
3094        tf->protocol = ATA_PROT_DMA;
3095        tf->hob_feature = 0;
3096        tf->feature = ATA_DSM_TRIM;
3097        tf->hob_nsect = (size / 512) >> 8;
3098        tf->nsect = size / 512;
3099        tf->command = ATA_CMD_DSM;
3100        tf->flags |= ATA_TFLAG_ISADDR | ATA_TFLAG_DEVICE | ATA_TFLAG_LBA48 |
3101                     ATA_TFLAG_WRITE;
3102
3103        ata_qc_set_pc_nbytes(qc);
3104
3105        return 0;
3106
3107 invalid_fld:
3108        ata_scsi_set_sense(scmd, ILLEGAL_REQUEST, 0x24, 0x00);
3109        /* "Invalid field in cdb" */
3110        return 1;
3111}
3112
3113/**
3114 *      ata_mselect_caching - Simulate MODE SELECT for caching info page
3115 *      @qc: Storage for translated ATA taskfile
3116 *      @buf: input buffer
3117 *      @len: number of valid bytes in the input buffer
3118 *
3119 *      Prepare a taskfile to modify caching information for the device.
3120 *
3121 *      LOCKING:
3122 *      None.
3123 */
3124static int ata_mselect_caching(struct ata_queued_cmd *qc,
3125                               const u8 *buf, int len)
3126{
3127        struct ata_taskfile *tf = &qc->tf;
3128        struct ata_device *dev = qc->dev;
3129        char mpage[CACHE_MPAGE_LEN];
3130        u8 wce;
3131
3132        /*
3133         * The first two bytes of def_cache_mpage are a header, so offsets
3134         * in mpage are off by 2 compared to buf.  Same for len.
3135         */
3136
3137        if (len != CACHE_MPAGE_LEN - 2)
3138                return -EINVAL;
3139
3140        wce = buf[0] & (1 << 2);
3141
3142        /*
3143         * Check that read-only bits are not modified.
3144         */
3145        ata_msense_caching(dev->id, mpage, false);
3146        mpage[2] &= ~(1 << 2);
3147        mpage[2] |= wce;
3148        if (memcmp(mpage + 2, buf, CACHE_MPAGE_LEN - 2) != 0)
3149                return -EINVAL;
3150
3151        tf->flags |= ATA_TFLAG_DEVICE | ATA_TFLAG_ISADDR;
3152        tf->protocol = ATA_PROT_NODATA;
3153        tf->nsect = 0;
3154        tf->command = ATA_CMD_SET_FEATURES;
3155        tf->feature = wce ? SETFEATURES_WC_ON : SETFEATURES_WC_OFF;
3156        return 0;
3157}
3158
3159/**
3160 *      ata_scsiop_mode_select - Simulate MODE SELECT 6, 10 commands
3161 *      @qc: Storage for translated ATA taskfile
3162 *
3163 *      Converts a MODE SELECT command to an ATA SET FEATURES taskfile.
3164 *      Assume this is invoked for direct access devices (e.g. disks) only.
3165 *      There should be no block descriptor for other device types.
3166 *
3167 *      LOCKING:
3168 *      spin_lock_irqsave(host lock)
3169 */
3170static unsigned int ata_scsi_mode_select_xlat(struct ata_queued_cmd *qc)
3171{
3172        struct scsi_cmnd *scmd = qc->scsicmd;
3173        const u8 *cdb = scmd->cmnd;
3174        const u8 *p;
3175        u8 pg, spg;
3176        unsigned six_byte, pg_len, hdr_len, bd_len;
3177        int len;
3178
3179        VPRINTK("ENTER\n");
3180
3181        six_byte = (cdb[0] == MODE_SELECT);
3182        if (six_byte) {
3183                if (scmd->cmd_len < 5)
3184                        goto invalid_fld;
3185
3186                len = cdb[4];
3187                hdr_len = 4;
3188        } else {
3189                if (scmd->cmd_len < 9)
3190                        goto invalid_fld;
3191
3192                len = (cdb[7] << 8) + cdb[8];
3193                hdr_len = 8;
3194        }
3195
3196        /* We only support PF=1, SP=0.  */
3197        if ((cdb[1] & 0x11) != 0x10)
3198                goto invalid_fld;
3199
3200        /* Test early for possible overrun.  */
3201        if (!scsi_sg_count(scmd) || scsi_sglist(scmd)->length < len)
3202                goto invalid_param_len;
3203
3204        p = page_address(sg_page(scsi_sglist(scmd)));
3205
3206        /* Move past header and block descriptors.  */
3207        if (len < hdr_len)
3208                goto invalid_param_len;
3209
3210        if (six_byte)
3211                bd_len = p[3];
3212        else
3213                bd_len = (p[6] << 8) + p[7];
3214
3215        len -= hdr_len;
3216        p += hdr_len;
3217        if (len < bd_len)
3218                goto invalid_param_len;
3219        if (bd_len != 0 && bd_len != 8)
3220                goto invalid_param;
3221
3222        len -= bd_len;
3223        p += bd_len;
3224        if (len == 0)
3225                goto skip;
3226
3227        /* Parse both possible formats for the mode page headers.  */
3228        pg = p[0] & 0x3f;
3229        if (p[0] & 0x40) {
3230                if (len < 4)
3231                        goto invalid_param_len;
3232
3233                spg = p[1];
3234                pg_len = (p[2] << 8) | p[3];
3235                p += 4;
3236                len -= 4;
3237        } else {
3238                if (len < 2)
3239                        goto invalid_param_len;
3240
3241                spg = 0;
3242                pg_len = p[1];
3243                p += 2;
3244                len -= 2;
3245        }
3246
3247        /*
3248         * No mode subpages supported (yet) but asking for _all_
3249         * subpages may be valid
3250         */
3251        if (spg && (spg != ALL_SUB_MPAGES))
3252                goto invalid_param;
3253        if (pg_len > len)
3254                goto invalid_param_len;
3255
3256        switch (pg) {
3257        case CACHE_MPAGE:
3258                if (ata_mselect_caching(qc, p, pg_len) < 0)
3259                        goto invalid_param;
3260                break;
3261
3262        default:                /* invalid page code */
3263                goto invalid_param;
3264        }
3265
3266        /*
3267         * Only one page has changeable data, so we only support setting one
3268         * page at a time.
3269         */
3270        if (len > pg_len)
3271                goto invalid_param;
3272
3273        return 0;
3274
3275 invalid_fld:
3276        /* "Invalid field in CDB" */
3277        ata_scsi_set_sense(scmd, ILLEGAL_REQUEST, 0x24, 0x0);
3278        return 1;
3279
3280 invalid_param:
3281        /* "Invalid field in parameter list" */
3282        ata_scsi_set_sense(scmd, ILLEGAL_REQUEST, 0x26, 0x0);
3283        return 1;
3284
3285 invalid_param_len:
3286        /* "Parameter list length error" */
3287        ata_scsi_set_sense(scmd, ILLEGAL_REQUEST, 0x1a, 0x0);
3288        return 1;
3289
3290 skip:
3291        scmd->result = SAM_STAT_GOOD;
3292        return 1;
3293}
3294
3295/**
3296 *      ata_get_xlat_func - check if SCSI to ATA translation is possible
3297 *      @dev: ATA device
3298 *      @cmd: SCSI command opcode to consider
3299 *
3300 *      Look up the SCSI command given, and determine whether the
3301 *      SCSI command is to be translated or simulated.
3302 *
3303 *      RETURNS:
3304 *      Pointer to translation function if possible, %NULL if not.
3305 */
3306
3307static inline ata_xlat_func_t ata_get_xlat_func(struct ata_device *dev, u8 cmd)
3308{
3309        switch (cmd) {
3310        case READ_6:
3311        case READ_10:
3312        case READ_16:
3313
3314        case WRITE_6:
3315        case WRITE_10:
3316        case WRITE_16:
3317                return ata_scsi_rw_xlat;
3318
3319        case WRITE_SAME_16:
3320                return ata_scsi_write_same_xlat;
3321
3322        case SYNCHRONIZE_CACHE:
3323                if (ata_try_flush_cache(dev))
3324                        return ata_scsi_flush_xlat;
3325                break;
3326
3327        case VERIFY:
3328        case VERIFY_16:
3329                return ata_scsi_verify_xlat;
3330
3331        case ATA_12:
3332        case ATA_16:
3333                return ata_scsi_pass_thru;
3334
3335        case MODE_SELECT:
3336        case MODE_SELECT_10:
3337                return ata_scsi_mode_select_xlat;
3338                break;
3339
3340        case START_STOP:
3341                return ata_scsi_start_stop_xlat;
3342        }
3343
3344        return NULL;
3345}
3346
3347/**
3348 *      ata_scsi_dump_cdb - dump SCSI command contents to dmesg
3349 *      @ap: ATA port to which the command was being sent
3350 *      @cmd: SCSI command to dump
3351 *
3352 *      Prints the contents of a SCSI command via printk().
3353 */
3354
3355static inline void ata_scsi_dump_cdb(struct ata_port *ap,
3356                                     struct scsi_cmnd *cmd)
3357{
3358#ifdef ATA_DEBUG
3359        struct scsi_device *scsidev = cmd->device;
3360        u8 *scsicmd = cmd->cmnd;
3361
3362        DPRINTK("CDB (%u:%d,%d,%d) %02x %02x %02x %02x %02x %02x %02x %02x %02x\n",
3363                ap->print_id,
3364                scsidev->channel, scsidev->id, scsidev->lun,
3365                scsicmd[0], scsicmd[1], scsicmd[2], scsicmd[3],
3366                scsicmd[4], scsicmd[5], scsicmd[6], scsicmd[7],
3367                scsicmd[8]);
3368#endif
3369}
3370
3371static inline int __ata_scsi_queuecmd(struct scsi_cmnd *scmd,
3372                                      struct ata_device *dev)
3373{
3374        u8 scsi_op = scmd->cmnd[0];
3375        ata_xlat_func_t xlat_func;
3376        int rc = 0;
3377
3378        if (dev->class == ATA_DEV_ATA) {
3379                if (unlikely(!scmd->cmd_len || scmd->cmd_len > dev->cdb_len))
3380                        goto bad_cdb_len;
3381
3382                xlat_func = ata_get_xlat_func(dev, scsi_op);
3383        } else {
3384                if (unlikely(!scmd->cmd_len))
3385                        goto bad_cdb_len;
3386
3387                xlat_func = NULL;
3388                if (likely((scsi_op != ATA_16) || !atapi_passthru16)) {
3389                        /* relay SCSI command to ATAPI device */
3390                        int len = COMMAND_SIZE(scsi_op);
3391                        if (unlikely(len > scmd->cmd_len || len > dev->cdb_len))
3392                                goto bad_cdb_len;
3393
3394                        xlat_func = atapi_xlat;
3395                } else {
3396                        /* ATA_16 passthru, treat as an ATA command */
3397                        if (unlikely(scmd->cmd_len > 16))
3398                                goto bad_cdb_len;
3399
3400                        xlat_func = ata_get_xlat_func(dev, scsi_op);
3401                }
3402        }
3403
3404        if (xlat_func)
3405                rc = ata_scsi_translate(dev, scmd, xlat_func);
3406        else
3407                ata_scsi_simulate(dev, scmd);
3408
3409        return rc;
3410
3411 bad_cdb_len:
3412        DPRINTK("bad CDB len=%u, scsi_op=0x%02x, max=%u\n",
3413                scmd->cmd_len, scsi_op, dev->cdb_len);
3414        scmd->result = DID_ERROR << 16;
3415        scmd->scsi_done(scmd);
3416        return 0;
3417}
3418
3419/**
3420 *      ata_scsi_queuecmd - Issue SCSI cdb to libata-managed device
3421 *      @shost: SCSI host of command to be sent
3422 *      @cmd: SCSI command to be sent
3423 *
3424 *      In some cases, this function translates SCSI commands into
3425 *      ATA taskfiles, and queues the taskfiles to be sent to
3426 *      hardware.  In other cases, this function simulates a
3427 *      SCSI device by evaluating and responding to certain
3428 *      SCSI commands.  This creates the overall effect of
3429 *      ATA and ATAPI devices appearing as SCSI devices.
3430 *
3431 *      LOCKING:
3432 *      ATA host lock
3433 *
3434 *      RETURNS:
3435 *      Return value from __ata_scsi_queuecmd() if @cmd can be queued,
3436 *      0 otherwise.
3437 */
3438int ata_scsi_queuecmd(struct Scsi_Host *shost, struct scsi_cmnd *cmd)
3439{
3440        struct ata_port *ap;
3441        struct ata_device *dev;
3442        struct scsi_device *scsidev = cmd->device;
3443        int rc = 0;
3444        unsigned long irq_flags;
3445
3446        ap = ata_shost_to_port(shost);
3447
3448        spin_lock_irqsave(ap->lock, irq_flags);
3449
3450        ata_scsi_dump_cdb(ap, cmd);
3451
3452        dev = ata_scsi_find_dev(ap, scsidev);
3453        if (likely(dev))
3454                rc = __ata_scsi_queuecmd(cmd, dev);
3455        else {
3456                cmd->result = (DID_BAD_TARGET << 16);
3457                cmd->scsi_done(cmd);
3458        }
3459
3460        spin_unlock_irqrestore(ap->lock, irq_flags);
3461
3462        return rc;
3463}
3464
3465/**
3466 *      ata_scsi_simulate - simulate SCSI command on ATA device
3467 *      @dev: the target device
3468 *      @cmd: SCSI command being sent to device.
3469 *
3470 *      Interprets and directly executes a select list of SCSI commands
3471 *      that can be handled internally.
3472 *
3473 *      LOCKING:
3474 *      spin_lock_irqsave(host lock)
3475 */
3476
3477void ata_scsi_simulate(struct ata_device *dev, struct scsi_cmnd *cmd)
3478{
3479        struct ata_scsi_args args;
3480        const u8 *scsicmd = cmd->cmnd;
3481        u8 tmp8;
3482
3483        args.dev = dev;
3484        args.id = dev->id;
3485        args.cmd = cmd;
3486        args.done = cmd->scsi_done;
3487
3488        switch(scsicmd[0]) {
3489        /* TODO: worth improving? */
3490        case FORMAT_UNIT:
3491                ata_scsi_invalid_field(cmd);
3492                break;
3493
3494        case INQUIRY:
3495                if (scsicmd[1] & 2)                /* is CmdDt set?  */
3496                        ata_scsi_invalid_field(cmd);
3497                else if ((scsicmd[1] & 1) == 0)    /* is EVPD clear? */
3498                        ata_scsi_rbuf_fill(&args, ata_scsiop_inq_std);
3499                else switch (scsicmd[2]) {
3500                case 0x00:
3501                        ata_scsi_rbuf_fill(&args, ata_scsiop_inq_00);
3502                        break;
3503                case 0x80:
3504                        ata_scsi_rbuf_fill(&args, ata_scsiop_inq_80);
3505                        break;
3506                case 0x83:
3507                        ata_scsi_rbuf_fill(&args, ata_scsiop_inq_83);
3508                        break;
3509                case 0x89:
3510                        ata_scsi_rbuf_fill(&args, ata_scsiop_inq_89);
3511                        break;
3512                case 0xb0:
3513                        ata_scsi_rbuf_fill(&args, ata_scsiop_inq_b0);
3514                        break;
3515                case 0xb1:
3516                        ata_scsi_rbuf_fill(&args, ata_scsiop_inq_b1);
3517                        break;
3518                case 0xb2:
3519                        ata_scsi_rbuf_fill(&args, ata_scsiop_inq_b2);
3520                        break;
3521                default:
3522                        ata_scsi_invalid_field(cmd);
3523                        break;
3524                }
3525                break;
3526
3527        case MODE_SENSE:
3528        case MODE_SENSE_10:
3529                ata_scsi_rbuf_fill(&args, ata_scsiop_mode_sense);
3530                break;
3531
3532        case READ_CAPACITY:
3533                ata_scsi_rbuf_fill(&args, ata_scsiop_read_cap);
3534                break;
3535
3536        case SERVICE_ACTION_IN:
3537                if ((scsicmd[1] & 0x1f) == SAI_READ_CAPACITY_16)
3538                        ata_scsi_rbuf_fill(&args, ata_scsiop_read_cap);
3539                else
3540                        ata_scsi_invalid_field(cmd);
3541                break;
3542
3543        case REPORT_LUNS:
3544                ata_scsi_rbuf_fill(&args, ata_scsiop_report_luns);
3545                break;
3546
3547        case REQUEST_SENSE:
3548                ata_scsi_set_sense(cmd, 0, 0, 0);
3549                cmd->result = (DRIVER_SENSE << 24);
3550                cmd->scsi_done(cmd);
3551                break;
3552
3553        /* if we reach this, then writeback caching is disabled,
3554         * turning this into a no-op.
3555         */
3556        case SYNCHRONIZE_CACHE:
3557                /* fall through */
3558
3559        /* no-op's, complete with success */
3560        case REZERO_UNIT:
3561        case SEEK_6:
3562        case SEEK_10:
3563        case TEST_UNIT_READY:
3564                ata_scsi_rbuf_fill(&args, ata_scsiop_noop);
3565                break;
3566
3567        case SEND_DIAGNOSTIC:
3568                tmp8 = scsicmd[1] & ~(1 << 3);
3569                if ((tmp8 == 0x4) && (!scsicmd[3]) && (!scsicmd[4]))
3570                        ata_scsi_rbuf_fill(&args, ata_scsiop_noop);
3571                else
3572                        ata_scsi_invalid_field(cmd);
3573                break;
3574
3575        /* all other commands */
3576        default:
3577                ata_scsi_set_sense(cmd, ILLEGAL_REQUEST, 0x20, 0x0);
3578                /* "Invalid command operation code" */
3579                cmd->scsi_done(cmd);
3580                break;
3581        }
3582}
3583
3584int ata_scsi_add_hosts(struct ata_host *host, struct scsi_host_template *sht)
3585{
3586        int i, rc;
3587
3588        for (i = 0; i < host->n_ports; i++) {
3589                struct ata_port *ap = host->ports[i];
3590                struct Scsi_Host *shost;
3591
3592                rc = -ENOMEM;
3593                shost = scsi_host_alloc(sht, sizeof(struct ata_port *));
3594                if (!shost)
3595                        goto err_alloc;
3596
3597                shost->eh_noresume = 1;
3598                *(struct ata_port **)&shost->hostdata[0] = ap;
3599                ap->scsi_host = shost;
3600
3601                shost->transportt = ata_scsi_transport_template;
3602                shost->unique_id = ap->print_id;
3603                shost->max_id = 16;
3604                shost->max_lun = 1;
3605                shost->max_channel = 1;
3606                shost->max_cmd_len = 16;
3607
3608                /* Schedule policy is determined by ->qc_defer()
3609                 * callback and it needs to see every deferred qc.
3610                 * Set host_blocked to 1 to prevent SCSI midlayer from
3611                 * automatically deferring requests.
3612                 */
3613                shost->max_host_blocked = 1;
3614
3615                rc = scsi_add_host_with_dma(ap->scsi_host,
3616                                                &ap->tdev, ap->host->dev);
3617                if (rc)
3618                        goto err_add;
3619        }
3620
3621        return 0;
3622
3623 err_add:
3624        scsi_host_put(host->ports[i]->scsi_host);
3625 err_alloc:
3626        while (--i >= 0) {
3627                struct Scsi_Host *shost = host->ports[i]->scsi_host;
3628
3629                scsi_remove_host(shost);
3630                scsi_host_put(shost);
3631        }
3632        return rc;
3633}
3634
3635void ata_scsi_scan_host(struct ata_port *ap, int sync)
3636{
3637        int tries = 5;
3638        struct ata_device *last_failed_dev = NULL;
3639        struct ata_link *link;
3640        struct ata_device *dev;
3641
3642 repeat:
3643        ata_for_each_link(link, ap, EDGE) {
3644                ata_for_each_dev(dev, link, ENABLED) {
3645                        struct scsi_device *sdev;
3646                        int channel = 0, id = 0;
3647
3648                        if (dev->sdev)
3649                                continue;
3650
3651                        if (ata_is_host_link(link))
3652                                id = dev->devno;
3653                        else
3654                                channel = link->pmp;
3655
3656                        sdev = __scsi_add_device(ap->scsi_host, channel, id, 0,
3657                                                 NULL);
3658                        if (!IS_ERR(sdev)) {
3659                                dev->sdev = sdev;
3660                                scsi_device_put(sdev);
3661                                ata_acpi_bind(dev);
3662                        } else {
3663                                dev->sdev = NULL;
3664                        }
3665                }
3666        }
3667
3668        /* If we scanned while EH was in progress or allocation
3669         * failure occurred, scan would have failed silently.  Check
3670         * whether all devices are attached.
3671         */
3672        ata_for_each_link(link, ap, EDGE) {
3673                ata_for_each_dev(dev, link, ENABLED) {
3674                        if (!dev->sdev)
3675                                goto exit_loop;
3676                }
3677        }
3678 exit_loop:
3679        if (!link)
3680                return;
3681
3682        /* we're missing some SCSI devices */
3683        if (sync) {
3684                /* If caller requested synchrnous scan && we've made
3685                 * any progress, sleep briefly and repeat.
3686                 */
3687                if (dev != last_failed_dev) {
3688                        msleep(100);
3689                        last_failed_dev = dev;
3690                        goto repeat;
3691                }
3692
3693                /* We might be failing to detect boot device, give it
3694                 * a few more chances.
3695                 */
3696                if (--tries) {
3697                        msleep(100);
3698                        goto repeat;
3699                }
3700
3701                ata_port_err(ap,
3702                             "WARNING: synchronous SCSI scan failed without making any progress, switching to async\n");
3703        }
3704
3705        queue_delayed_work(system_long_wq, &ap->hotplug_task,
3706                           round_jiffies_relative(HZ));
3707}
3708
3709/**
3710 *      ata_scsi_offline_dev - offline attached SCSI device
3711 *      @dev: ATA device to offline attached SCSI device for
3712 *
3713 *      This function is called from ata_eh_hotplug() and responsible
3714 *      for taking the SCSI device attached to @dev offline.  This
3715 *      function is called with host lock which protects dev->sdev
3716 *      against clearing.
3717 *
3718 *      LOCKING:
3719 *      spin_lock_irqsave(host lock)
3720 *
3721 *      RETURNS:
3722 *      1 if attached SCSI device exists, 0 otherwise.
3723 */
3724int ata_scsi_offline_dev(struct ata_device *dev)
3725{
3726        if (dev->sdev) {
3727                scsi_device_set_state(dev->sdev, SDEV_OFFLINE);
3728                return 1;
3729        }
3730        return 0;
3731}
3732
3733/**
3734 *      ata_scsi_remove_dev - remove attached SCSI device
3735 *      @dev: ATA device to remove attached SCSI device for
3736 *
3737 *      This function is called from ata_eh_scsi_hotplug() and
3738 *      responsible for removing the SCSI device attached to @dev.
3739 *
3740 *      LOCKING:
3741 *      Kernel thread context (may sleep).
3742 */
3743static void ata_scsi_remove_dev(struct ata_device *dev)
3744{
3745        struct ata_port *ap = dev->link->ap;
3746        struct scsi_device *sdev;
3747        unsigned long flags;
3748
3749        /* Alas, we need to grab scan_mutex to ensure SCSI device
3750         * state doesn't change underneath us and thus
3751         * scsi_device_get() always succeeds.  The mutex locking can
3752         * be removed if there is __scsi_device_get() interface which
3753         * increments reference counts regardless of device state.
3754         */
3755        mutex_lock(&ap->scsi_host->scan_mutex);
3756        spin_lock_irqsave(ap->lock, flags);
3757
3758        ata_acpi_unbind(dev);
3759
3760        /* clearing dev->sdev is protected by host lock */
3761        sdev = dev->sdev;
3762        dev->sdev = NULL;
3763
3764        if (sdev) {
3765                /* If user initiated unplug races with us, sdev can go
3766                 * away underneath us after the host lock and
3767                 * scan_mutex are released.  Hold onto it.
3768                 */
3769                if (scsi_device_get(sdev) == 0) {
3770                        /* The following ensures the attached sdev is
3771                         * offline on return from ata_scsi_offline_dev()
3772                         * regardless it wins or loses the race
3773                         * against this function.
3774                         */
3775                        scsi_device_set_state(sdev, SDEV_OFFLINE);
3776                } else {
3777                        WARN_ON(1);
3778                        sdev = NULL;
3779                }
3780        }
3781
3782        spin_unlock_irqrestore(ap->lock, flags);
3783        mutex_unlock(&ap->scsi_host->scan_mutex);
3784
3785        if (sdev) {
3786                ata_dev_info(dev, "detaching (SCSI %s)\n",
3787                             dev_name(&sdev->sdev_gendev));
3788
3789                scsi_remove_device(sdev);
3790                scsi_device_put(sdev);
3791        }
3792}
3793
3794static void ata_scsi_handle_link_detach(struct ata_link *link)
3795{
3796        struct ata_port *ap = link->ap;
3797        struct ata_device *dev;
3798
3799        ata_for_each_dev(dev, link, ALL) {
3800                unsigned long flags;
3801
3802                if (!(dev->flags & ATA_DFLAG_DETACHED))
3803                        continue;
3804
3805                spin_lock_irqsave(ap->lock, flags);
3806                dev->flags &= ~ATA_DFLAG_DETACHED;
3807                spin_unlock_irqrestore(ap->lock, flags);
3808
3809                ata_scsi_remove_dev(dev);
3810        }
3811}
3812
3813/**
3814 *      ata_scsi_media_change_notify - send media change event
3815 *      @dev: Pointer to the disk device with media change event
3816 *
3817 *      Tell the block layer to send a media change notification
3818 *      event.
3819 *
3820 *      LOCKING:
3821 *      spin_lock_irqsave(host lock)
3822 */
3823void ata_scsi_media_change_notify(struct ata_device *dev)
3824{
3825        if (dev->sdev)
3826                sdev_evt_send_simple(dev->sdev, SDEV_EVT_MEDIA_CHANGE,
3827                                     GFP_ATOMIC);
3828}
3829
3830/**
3831 *      ata_scsi_hotplug - SCSI part of hotplug
3832 *      @work: Pointer to ATA port to perform SCSI hotplug on
3833 *
3834 *      Perform SCSI part of hotplug.  It's executed from a separate
3835 *      workqueue after EH completes.  This is necessary because SCSI
3836 *      hot plugging requires working EH and hot unplugging is
3837 *      synchronized with hot plugging with a mutex.
3838 *
3839 *      LOCKING:
3840 *      Kernel thread context (may sleep).
3841 */
3842void ata_scsi_hotplug(struct work_struct *work)
3843{
3844        struct ata_port *ap =
3845                container_of(work, struct ata_port, hotplug_task.work);
3846        int i;
3847
3848        if (ap->pflags & ATA_PFLAG_UNLOADING) {
3849                DPRINTK("ENTER/EXIT - unloading\n");
3850                return;
3851        }
3852
3853        DPRINTK("ENTER\n");
3854        mutex_lock(&ap->scsi_scan_mutex);
3855
3856        /* Unplug detached devices.  We cannot use link iterator here
3857         * because PMP links have to be scanned even if PMP is
3858         * currently not attached.  Iterate manually.
3859         */
3860        ata_scsi_handle_link_detach(&ap->link);
3861        if (ap->pmp_link)
3862                for (i = 0; i < SATA_PMP_MAX_PORTS; i++)
3863                        ata_scsi_handle_link_detach(&ap->pmp_link[i]);
3864
3865        /* scan for new ones */
3866        ata_scsi_scan_host(ap, 0);
3867
3868        mutex_unlock(&ap->scsi_scan_mutex);
3869        DPRINTK("EXIT\n");
3870}
3871
3872/**
3873 *      ata_scsi_user_scan - indication for user-initiated bus scan
3874 *      @shost: SCSI host to scan
3875 *      @channel: Channel to scan
3876 *      @id: ID to scan
3877 *      @lun: LUN to scan
3878 *
3879 *      This function is called when user explicitly requests bus
3880 *      scan.  Set probe pending flag and invoke EH.
3881 *
3882 *      LOCKING:
3883 *      SCSI layer (we don't care)
3884 *
3885 *      RETURNS:
3886 *      Zero.
3887 */
3888int ata_scsi_user_scan(struct Scsi_Host *shost, unsigned int channel,
3889                       unsigned int id, unsigned int lun)
3890{
3891        struct ata_port *ap = ata_shost_to_port(shost);
3892        unsigned long flags;
3893        int devno, rc = 0;
3894
3895        if (!ap->ops->error_handler)
3896                return -EOPNOTSUPP;
3897
3898        if (lun != SCAN_WILD_CARD && lun)
3899                return -EINVAL;
3900
3901        if (!sata_pmp_attached(ap)) {
3902                if (channel != SCAN_WILD_CARD && channel)
3903                        return -EINVAL;
3904                devno = id;
3905        } else {
3906                if (id != SCAN_WILD_CARD && id)
3907                        return -EINVAL;
3908                devno = channel;
3909        }
3910
3911        spin_lock_irqsave(ap->lock, flags);
3912
3913        if (devno == SCAN_WILD_CARD) {
3914                struct ata_link *link;
3915
3916                ata_for_each_link(link, ap, EDGE) {
3917                        struct ata_eh_info *ehi = &link->eh_info;
3918                        ehi->probe_mask |= ATA_ALL_DEVICES;
3919                        ehi->action |= ATA_EH_RESET;
3920                }
3921        } else {
3922                struct ata_device *dev = ata_find_dev(ap, devno);
3923
3924                if (dev) {
3925                        struct ata_eh_info *ehi = &dev->link->eh_info;
3926                        ehi->probe_mask |= 1 << dev->devno;
3927                        ehi->action |= ATA_EH_RESET;
3928                } else
3929                        rc = -EINVAL;
3930        }
3931
3932        if (rc == 0) {
3933                ata_port_schedule_eh(ap);
3934                spin_unlock_irqrestore(ap->lock, flags);
3935                ata_port_wait_eh(ap);
3936        } else
3937                spin_unlock_irqrestore(ap->lock, flags);
3938
3939        return rc;
3940}
3941
3942/**
3943 *      ata_scsi_dev_rescan - initiate scsi_rescan_device()
3944 *      @work: Pointer to ATA port to perform scsi_rescan_device()
3945 *
3946 *      After ATA pass thru (SAT) commands are executed successfully,
3947 *      libata need to propagate the changes to SCSI layer.
3948 *
3949 *      LOCKING:
3950 *      Kernel thread context (may sleep).
3951 */
3952void ata_scsi_dev_rescan(struct work_struct *work)
3953{
3954        struct ata_port *ap =
3955                container_of(work, struct ata_port, scsi_rescan_task);
3956        struct ata_link *link;
3957        struct ata_device *dev;
3958        unsigned long flags;
3959
3960        mutex_lock(&ap->scsi_scan_mutex);
3961        spin_lock_irqsave(ap->lock, flags);
3962
3963        ata_for_each_link(link, ap, EDGE) {
3964                ata_for_each_dev(dev, link, ENABLED) {
3965                        struct scsi_device *sdev = dev->sdev;
3966
3967                        if (!sdev)
3968                                continue;
3969                        if (scsi_device_get(sdev))
3970                                continue;
3971
3972                        spin_unlock_irqrestore(ap->lock, flags);
3973                        scsi_rescan_device(&(sdev->sdev_gendev));
3974                        scsi_device_put(sdev);
3975                        spin_lock_irqsave(ap->lock, flags);
3976                }
3977        }
3978
3979        spin_unlock_irqrestore(ap->lock, flags);
3980        mutex_unlock(&ap->scsi_scan_mutex);
3981}
3982
3983/**
3984 *      ata_sas_port_alloc - Allocate port for a SAS attached SATA device
3985 *      @host: ATA host container for all SAS ports
3986 *      @port_info: Information from low-level host driver
3987 *      @shost: SCSI host that the scsi device is attached to
3988 *
3989 *      LOCKING:
3990 *      PCI/etc. bus probe sem.
3991 *
3992 *      RETURNS:
3993 *      ata_port pointer on success / NULL on failure.
3994 */
3995
3996struct ata_port *ata_sas_port_alloc(struct ata_host *host,
3997                                    struct ata_port_info *port_info,
3998                                    struct Scsi_Host *shost)
3999{
4000        struct ata_port *ap;
4001
4002        ap = ata_port_alloc(host);
4003        if (!ap)
4004                return NULL;
4005
4006        ap->port_no = 0;
4007        ap->lock = &host->lock;
4008        ap->pio_mask = port_info->pio_mask;
4009        ap->mwdma_mask = port_info->mwdma_mask;
4010        ap->udma_mask = port_info->udma_mask;
4011        ap->flags |= port_info->flags;
4012        ap->ops = port_info->port_ops;
4013        ap->cbl = ATA_CBL_SATA;
4014
4015        return ap;
4016}
4017EXPORT_SYMBOL_GPL(ata_sas_port_alloc);
4018
4019/**
4020 *      ata_sas_port_start - Set port up for dma.
4021 *      @ap: Port to initialize
4022 *
4023 *      Called just after data structures for each port are
4024 *      initialized.
4025 *
4026 *      May be used as the port_start() entry in ata_port_operations.
4027 *
4028 *      LOCKING:
4029 *      Inherited from caller.
4030 */
4031int ata_sas_port_start(struct ata_port *ap)
4032{
4033        /*
4034         * the port is marked as frozen at allocation time, but if we don't
4035         * have new eh, we won't thaw it
4036         */
4037        if (!ap->ops->error_handler)
4038                ap->pflags &= ~ATA_PFLAG_FROZEN;
4039        return 0;
4040}
4041EXPORT_SYMBOL_GPL(ata_sas_port_start);
4042
4043/**
4044 *      ata_port_stop - Undo ata_sas_port_start()
4045 *      @ap: Port to shut down
4046 *
4047 *      May be used as the port_stop() entry in ata_port_operations.
4048 *
4049 *      LOCKING:
4050 *      Inherited from caller.
4051 */
4052
4053void ata_sas_port_stop(struct ata_port *ap)
4054{
4055}
4056EXPORT_SYMBOL_GPL(ata_sas_port_stop);
4057
4058/**
4059 * ata_sas_async_probe - simply schedule probing and return
4060 * @ap: Port to probe
4061 *
4062 * For batch scheduling of probe for sas attached ata devices, assumes
4063 * the port has already been through ata_sas_port_init()
4064 */
4065void ata_sas_async_probe(struct ata_port *ap)
4066{
4067        __ata_port_probe(ap);
4068}
4069EXPORT_SYMBOL_GPL(ata_sas_async_probe);
4070
4071int ata_sas_sync_probe(struct ata_port *ap)
4072{
4073        return ata_port_probe(ap);
4074}
4075EXPORT_SYMBOL_GPL(ata_sas_sync_probe);
4076
4077
4078/**
4079 *      ata_sas_port_init - Initialize a SATA device
4080 *      @ap: SATA port to initialize
4081 *
4082 *      LOCKING:
4083 *      PCI/etc. bus probe sem.
4084 *
4085 *      RETURNS:
4086 *      Zero on success, non-zero on error.
4087 */
4088
4089int ata_sas_port_init(struct ata_port *ap)
4090{
4091        int rc = ap->ops->port_start(ap);
4092
4093        if (rc)
4094                return rc;
4095        ap->print_id = atomic_inc_return(&ata_print_id);
4096        return 0;
4097}
4098EXPORT_SYMBOL_GPL(ata_sas_port_init);
4099
4100/**
4101 *      ata_sas_port_destroy - Destroy a SATA port allocated by ata_sas_port_alloc
4102 *      @ap: SATA port to destroy
4103 *
4104 */
4105
4106void ata_sas_port_destroy(struct ata_port *ap)
4107{
4108        if (ap->ops->port_stop)
4109                ap->ops->port_stop(ap);
4110        kfree(ap);
4111}
4112EXPORT_SYMBOL_GPL(ata_sas_port_destroy);
4113
4114/**
4115 *      ata_sas_slave_configure - Default slave_config routine for libata devices
4116 *      @sdev: SCSI device to configure
4117 *      @ap: ATA port to which SCSI device is attached
4118 *
4119 *      RETURNS:
4120 *      Zero.
4121 */
4122
4123int ata_sas_slave_configure(struct scsi_device *sdev, struct ata_port *ap)
4124{
4125        ata_scsi_sdev_config(sdev);
4126        ata_scsi_dev_config(sdev, ap->link.device);
4127        return 0;
4128}
4129EXPORT_SYMBOL_GPL(ata_sas_slave_configure);
4130
4131/**
4132 *      ata_sas_queuecmd - Issue SCSI cdb to libata-managed device
4133 *      @cmd: SCSI command to be sent
4134 *      @ap:    ATA port to which the command is being sent
4135 *
4136 *      RETURNS:
4137 *      Return value from __ata_scsi_queuecmd() if @cmd can be queued,
4138 *      0 otherwise.
4139 */
4140
4141int ata_sas_queuecmd(struct scsi_cmnd *cmd, struct ata_port *ap)
4142{
4143        int rc = 0;
4144
4145        ata_scsi_dump_cdb(ap, cmd);
4146
4147        if (likely(ata_dev_enabled(ap->link.device)))
4148                rc = __ata_scsi_queuecmd(cmd, ap->link.device);
4149        else {
4150                cmd->result = (DID_BAD_TARGET << 16);
4151                cmd->scsi_done(cmd);
4152        }
4153        return rc;
4154}
4155EXPORT_SYMBOL_GPL(ata_sas_queuecmd);
4156
lxr.linux.no kindly hosted by Redpill Linpro AS, provider of Linux consulting and operations services since 1995.