Home Explore Help
Register Sign In
phyus
/
linux-vybrid_public
8
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Tree: 4feb8f8f45
Branches Tags
linux-vybrid_pu...
/
drivers
/
scsi
/
aacraid
/
commctrl.c

commctrl.c 20 KB
History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576577578579580581582583584585586587588589590591592593594595596597598599600601602603604605606607608609610611612613614615616617618619620621622623624625626627628629630631632633634635636637638639640641642643644645646647648649650651652653654655656657658659660661662663664665666667668669670671672673674675676677678679680681682683684685686687688689690691692693694695696697698699700701702703704705706707708709710711712713714715716717718719720721722723724725726727728729730731732733734735736737738739740741742743744745746747748749750751752753754755 
  1. /*
    2. 

  2.  *	Adaptec AAC series RAID controller driver
    3. 

  3.  *	(c) Copyright 2001 Red Hat Inc.	<alan@redhat.com>
    4. 

  4.  *
    5. 

  5.  * based on the old aacraid driver that is..
    6. 

  6.  * Adaptec aacraid device driver for Linux.
    7. 

  7.  *
    8. 

  8.  * Copyright (c) 2000 Adaptec, Inc. (aacraid@adaptec.com)
    9. 

  9.  *
    10. 

  10.  * This program is free software; you can redistribute it and/or modify
    11. 

  11.  * it under the terms of the GNU General Public License as published by
    12. 

  12.  * the Free Software Foundation; either version 2, or (at your option)
    13. 

  13.  * any later version.
    14. 

  14.  *
    15. 

  15.  * This program is distributed in the hope that it will be useful,
    16. 

  16.  * but WITHOUT ANY WARRANTY; without even the implied warranty of
    17. 

  17.  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
    18. 

  18.  * GNU General Public License for more details.
    19. 

  19.  *
    20. 

  20.  * You should have received a copy of the GNU General Public License
    21. 

  21.  * along with this program; see the file COPYING.  If not, write to
    22. 

  22.  * the Free Software Foundation, 675 Mass Ave, Cambridge, MA 02139, USA.
    23. 

  23.  *
    24. 

  24.  * Module Name:
    25. 

  25.  *  commctrl.c
    26. 

  26.  *
    27. 

  27.  * Abstract: Contains all routines for control of the AFA comm layer
    28. 

  28.  *
    29. 

  29.  */
    30. 

  30. 

  31. #include <linux/kernel.h>
    32. 

  32. #include <linux/init.h>
    33. 

  33. #include <linux/types.h>
    34. 

  34. #include <linux/sched.h>
    35. 

  35. #include <linux/pci.h>
    36. 

  36. #include <linux/spinlock.h>
    37. 

  37. #include <linux/slab.h>
    38. 

  38. #include <linux/completion.h>
    39. 

  39. #include <linux/dma-mapping.h>
    40. 

  40. #include <linux/blkdev.h>
    41. 

  41. #include <asm/semaphore.h>
    42. 

  42. #include <asm/uaccess.h>
    43. 

  43. 

  44. #include "aacraid.h"
    45. 

  45. 

  46. /**
    47. 

  47.  *	ioctl_send_fib	-	send a FIB from userspace
    48. 

  48.  *	@dev:	adapter is being processed
    49. 

  49.  *	@arg:	arguments to the ioctl call
    50. 

  50.  *	
    51. 

  51.  *	This routine sends a fib to the adapter on behalf of a user level
    52. 

  52.  *	program.
    53. 

  53.  */
    54. 

  54. # define AAC_DEBUG_PREAMBLE	KERN_INFO
    55. 

  55. # define AAC_DEBUG_POSTAMBLE
    56. 

  56.  
    57. 

  57. static int ioctl_send_fib(struct aac_dev * dev, void __user *arg)
    58. 

  58. {
    59. 

  59. 	struct hw_fib * kfib;
    60. 

  60. 	struct fib *fibptr;
    61. 

  61. 	struct hw_fib * hw_fib = (struct hw_fib *)0;
    62. 

  62. 	dma_addr_t hw_fib_pa = (dma_addr_t)0LL;
    63. 

  63. 	unsigned size;
    64. 

  64. 	int retval;
    65. 

  65. 

  66. 	fibptr = fib_alloc(dev);
    67. 

  67. 	if(fibptr == NULL) {
    68. 

  68. 		return -ENOMEM;
    69. 

  69. 	}
    70. 

  70. 		
    71. 

  71. 	kfib = fibptr->hw_fib;
    72. 

  72. 	/*
    73. 

  73. 	 *	First copy in the header so that we can check the size field.
    74. 

  74. 	 */
    75. 

  75. 	if (copy_from_user((void *)kfib, arg, sizeof(struct aac_fibhdr))) {
    76. 

  76. 		fib_free(fibptr);
    77. 

  77. 		return -EFAULT;
    78. 

  78. 	}
    79. 

  79. 	/*
    80. 

  80. 	 *	Since we copy based on the fib header size, make sure that we
    81. 

  81. 	 *	will not overrun the buffer when we copy the memory. Return
    82. 

  82. 	 *	an error if we would.
    83. 

  83. 	 */
    84. 

  84. 	size = le16_to_cpu(kfib->header.Size) + sizeof(struct aac_fibhdr);
    85. 

  85. 	if (size < le16_to_cpu(kfib->header.SenderSize))
    86. 

  86. 		size = le16_to_cpu(kfib->header.SenderSize);
    87. 

  87. 	if (size > dev->max_fib_size) {
    88. 

  88. 		if (size > 2048) {
    89. 

  89. 			retval = -EINVAL;
    90. 

  90. 			goto cleanup;
    91. 

  91. 		}
    92. 

  92. 		/* Highjack the hw_fib */
    93. 

  93. 		hw_fib = fibptr->hw_fib;
    94. 

  94. 		hw_fib_pa = fibptr->hw_fib_pa;
    95. 

  95. 		fibptr->hw_fib = kfib = pci_alloc_consistent(dev->pdev, size, &fibptr->hw_fib_pa);
    96. 

  96. 		memset(((char *)kfib) + dev->max_fib_size, 0, size - dev->max_fib_size);
    97. 

  97. 		memcpy(kfib, hw_fib, dev->max_fib_size);
    98. 

  98. 	}
    99. 

  99. 

  100. 	if (copy_from_user(kfib, arg, size)) {
    101. 

  101. 		retval = -EFAULT;
    102. 

  102. 		goto cleanup;
    103. 

  103. 	}
    104. 

  104. 

  105. 	if (kfib->header.Command == cpu_to_le16(TakeABreakPt)) {
    106. 

  106. 		aac_adapter_interrupt(dev);
    107. 

  107. 		/*
    108. 

  108. 		 * Since we didn't really send a fib, zero out the state to allow 
    109. 

  109. 		 * cleanup code not to assert.
    110. 

  110. 		 */
    111. 

  111. 		kfib->header.XferState = 0;
    112. 

  112. 	} else {
    113. 

  113. 		retval = fib_send(le16_to_cpu(kfib->header.Command), fibptr,
    114. 

  114. 				le16_to_cpu(kfib->header.Size) , FsaNormal,
    115. 

  115. 				1, 1, NULL, NULL);
    116. 

  116. 		if (retval) {
    117. 

  117. 			goto cleanup;
    118. 

  118. 		}
    119. 

  119. 		if (fib_complete(fibptr) != 0) {
    120. 

  120. 			retval = -EINVAL;
    121. 

  121. 			goto cleanup;
    122. 

  122. 		}
    123. 

  123. 	}
    124. 

  124. 	/*
    125. 

  125. 	 *	Make sure that the size returned by the adapter (which includes
    126. 

  126. 	 *	the header) is less than or equal to the size of a fib, so we
    127. 

  127. 	 *	don't corrupt application data. Then copy that size to the user
    128. 

  128. 	 *	buffer. (Don't try to add the header information again, since it
    129. 

  129. 	 *	was already included by the adapter.)
    130. 

  130. 	 */
    131. 

  131. 

  132. 	retval = 0;
    133. 

  133. 	if (copy_to_user(arg, (void *)kfib, size))
    134. 

  134. 		retval = -EFAULT;
    135. 

  135. cleanup:
    136. 

  136. 	if (hw_fib) {
    137. 

  137. 		pci_free_consistent(dev->pdev, size, kfib, fibptr->hw_fib_pa);
    138. 

  138. 		fibptr->hw_fib_pa = hw_fib_pa;
    139. 

  139. 		fibptr->hw_fib = hw_fib;
    140. 

  140. 	}
    141. 

  141. 	fib_free(fibptr);
    142. 

  142. 	return retval;
    143. 

  143. }
    144. 

  144. 

  145. /**
    146. 

  146.  *	open_getadapter_fib	-	Get the next fib
    147. 

  147.  *
    148. 

  148.  *	This routine will get the next Fib, if available, from the AdapterFibContext
    149. 

  149.  *	passed in from the user.
    150. 

  150.  */
    151. 

  151. 

  152. static int open_getadapter_fib(struct aac_dev * dev, void __user *arg)
    153. 

  153. {
    154. 

  154. 	struct aac_fib_context * fibctx;
    155. 

  155. 	int status;
    156. 

  156. 

  157. 	fibctx = kmalloc(sizeof(struct aac_fib_context), GFP_KERNEL);
    158. 

  158. 	if (fibctx == NULL) {
    159. 

  159. 		status = -ENOMEM;
    160. 

  160. 	} else {
    161. 

  161. 		unsigned long flags;
    162. 

  162. 		struct list_head * entry;
    163. 

  163. 		struct aac_fib_context * context;
    164. 

  164. 

  165. 		fibctx->type = FSAFS_NTC_GET_ADAPTER_FIB_CONTEXT;
    166. 

  166. 		fibctx->size = sizeof(struct aac_fib_context);
    167. 

  167.  		/*
    168. 

  168. 		 *	Yes yes, I know this could be an index, but we have a
    169. 

  169. 		 * better guarantee of uniqueness for the locked loop below.
    170. 

  170. 		 * Without the aid of a persistent history, this also helps
    171. 

  171. 		 * reduce the chance that the opaque context would be reused.
    172. 

  172. 		 */
    173. 

  173. 		fibctx->unique = (u32)((ulong)fibctx & 0xFFFFFFFF);
    174. 

  174. 		/*
    175. 

  175. 		 *	Initialize the mutex used to wait for the next AIF.
    176. 

  176. 		 */
    177. 

  177. 		init_MUTEX_LOCKED(&fibctx->wait_sem);
    178. 

  178. 		fibctx->wait = 0;
    179. 

  179. 		/*
    180. 

  180. 		 *	Initialize the fibs and set the count of fibs on
    181. 

  181. 		 *	the list to 0.
    182. 

  182. 		 */
    183. 

  183. 		fibctx->count = 0;
    184. 

  184. 		INIT_LIST_HEAD(&fibctx->fib_list);
    185. 

  185. 		fibctx->jiffies = jiffies/HZ;
    186. 

  186. 		/*
    187. 

  187. 		 *	Now add this context onto the adapter's 
    188. 

  188. 		 *	AdapterFibContext list.
    189. 

  189. 		 */
    190. 

  190. 		spin_lock_irqsave(&dev->fib_lock, flags);
    191. 

  191. 		/* Ensure that we have a unique identifier */
    192. 

  192. 		entry = dev->fib_list.next;
    193. 

  193. 		while (entry != &dev->fib_list) {
    194. 

  194. 			context = list_entry(entry, struct aac_fib_context, next);
    195. 

  195. 			if (context->unique == fibctx->unique) {
    196. 

  196. 				/* Not unique (32 bits) */
    197. 

  197. 				fibctx->unique++;
    198. 

  198. 				entry = dev->fib_list.next;
    199. 

  199. 			} else {
    200. 

  200. 				entry = entry->next;
    201. 

  201. 			}
    202. 

  202. 		}
    203. 

  203. 		list_add_tail(&fibctx->next, &dev->fib_list);
    204. 

  204. 		spin_unlock_irqrestore(&dev->fib_lock, flags);
    205. 

  205. 		if (copy_to_user(arg,  &fibctx->unique, 
    206. 

  206. 						sizeof(fibctx->unique))) {
    207. 

  207. 			status = -EFAULT;
    208. 

  208. 		} else {
    209. 

  209. 			status = 0;
    210. 

  210. 		}	
    211. 

  211. 	}
    212. 

  212. 	return status;
    213. 

  213. }
    214. 

  214. 

  215. /**
    216. 

  216.  *	next_getadapter_fib	-	get the next fib
    217. 

  217.  *	@dev: adapter to use
    218. 

  218.  *	@arg: ioctl argument
    219. 

  219.  *	
    220. 

  220.  * 	This routine will get the next Fib, if available, from the AdapterFibContext
    221. 

  221.  *	passed in from the user.
    222. 

  222.  */
    223. 

  223. 

  224. static int next_getadapter_fib(struct aac_dev * dev, void __user *arg)
    225. 

  225. {
    226. 

  226. 	struct fib_ioctl f;
    227. 

  227. 	struct fib *fib;
    228. 

  228. 	struct aac_fib_context *fibctx;
    229. 

  229. 	int status;
    230. 

  230. 	struct list_head * entry;
    231. 

  231. 	unsigned long flags;
    232. 

  232. 	
    233. 

  233. 	if(copy_from_user((void *)&f, arg, sizeof(struct fib_ioctl)))
    234. 

  234. 		return -EFAULT;
    235. 

  235. 	/*
    236. 

  236. 	 *	Verify that the HANDLE passed in was a valid AdapterFibContext
    237. 

  237. 	 *
    238. 

  238. 	 *	Search the list of AdapterFibContext addresses on the adapter
    239. 

  239. 	 *	to be sure this is a valid address
    240. 

  240. 	 */
    241. 

  241. 	entry = dev->fib_list.next;
    242. 

  242. 	fibctx = NULL;
    243. 

  243. 

  244. 	while (entry != &dev->fib_list) {
    245. 

  245. 		fibctx = list_entry(entry, struct aac_fib_context, next);
    246. 

  246. 		/*
    247. 

  247. 		 *	Extract the AdapterFibContext from the Input parameters.
    248. 

  248. 		 */
    249. 

  249. 		if (fibctx->unique == f.fibctx) {   /* We found a winner */
    250. 

  250. 			break;
    251. 

  251. 		}
    252. 

  252. 		entry = entry->next;
    253. 

  253. 		fibctx = NULL;
    254. 

  254. 	}
    255. 

  255. 	if (!fibctx) {
    256. 

  256. 		dprintk ((KERN_INFO "Fib Context not found\n"));
    257. 

  257. 		return -EINVAL;
    258. 

  258. 	}
    259. 

  259. 

  260. 	if((fibctx->type != FSAFS_NTC_GET_ADAPTER_FIB_CONTEXT) ||
    261. 

  261. 		 (fibctx->size != sizeof(struct aac_fib_context))) {
    262. 

  262. 		dprintk ((KERN_INFO "Fib Context corrupt?\n"));
    263. 

  263. 		return -EINVAL;
    264. 

  264. 	}
    265. 

  265. 	status = 0;
    266. 

  266. 	spin_lock_irqsave(&dev->fib_lock, flags);
    267. 

  267. 	/*
    268. 

  268. 	 *	If there are no fibs to send back, then either wait or return
    269. 

  269. 	 *	-EAGAIN
    270. 

  270. 	 */
    271. 

  271. return_fib:
    272. 

  272. 	if (!list_empty(&fibctx->fib_list)) {
    273. 

  273. 		struct list_head * entry;
    274. 

  274. 		/*
    275. 

  275. 		 *	Pull the next fib from the fibs
    276. 

  276. 		 */
    277. 

  277. 		entry = fibctx->fib_list.next;
    278. 

  278. 		list_del(entry);
    279. 

  279. 		
    280. 

  280. 		fib = list_entry(entry, struct fib, fiblink);
    281. 

  281. 		fibctx->count--;
    282. 

  282. 		spin_unlock_irqrestore(&dev->fib_lock, flags);
    283. 

  283. 		if (copy_to_user(f.fib, fib->hw_fib, sizeof(struct hw_fib))) {
    284. 

  284. 			kfree(fib->hw_fib);
    285. 

  285. 			kfree(fib);
    286. 

  286. 			return -EFAULT;
    287. 

  287. 		}	
    288. 

  288. 		/*
    289. 

  289. 		 *	Free the space occupied by this copy of the fib.
    290. 

  290. 		 */
    291. 

  291. 		kfree(fib->hw_fib);
    292. 

  292. 		kfree(fib);
    293. 

  293. 		status = 0;
    294. 

  294. 	} else {
    295. 

  295. 		spin_unlock_irqrestore(&dev->fib_lock, flags);
    296. 

  296. 		if (f.wait) {
    297. 

  297. 			if(down_interruptible(&fibctx->wait_sem) < 0) {
    298. 

  298. 				status = -EINTR;
    299. 

  299. 			} else {
    300. 

  300. 				/* Lock again and retry */
    301. 

  301. 				spin_lock_irqsave(&dev->fib_lock, flags);
    302. 

  302. 				goto return_fib;
    303. 

  303. 			}
    304. 

  304. 		} else {
    305. 

  305. 			status = -EAGAIN;
    306. 

  306. 		}	
    307. 

  307. 	}
    308. 

  308. 	fibctx->jiffies = jiffies/HZ;
    309. 

  309. 	return status;
    310. 

  310. }
    311. 

  311. 

  312. int aac_close_fib_context(struct aac_dev * dev, struct aac_fib_context * fibctx)
    313. 

  313. {
    314. 

  314. 	struct fib *fib;
    315. 

  315. 

  316. 	/*
    317. 

  317. 	 *	First free any FIBs that have not been consumed.
    318. 

  318. 	 */
    319. 

  319. 	while (!list_empty(&fibctx->fib_list)) {
    320. 

  320. 		struct list_head * entry;
    321. 

  321. 		/*
    322. 

  322. 		 *	Pull the next fib from the fibs
    323. 

  323. 		 */
    324. 

  324. 		entry = fibctx->fib_list.next;
    325. 

  325. 		list_del(entry);
    326. 

  326. 		fib = list_entry(entry, struct fib, fiblink);
    327. 

  327. 		fibctx->count--;
    328. 

  328. 		/*
    329. 

  329. 		 *	Free the space occupied by this copy of the fib.
    330. 

  330. 		 */
    331. 

  331. 		kfree(fib->hw_fib);
    332. 

  332. 		kfree(fib);
    333. 

  333. 	}
    334. 

  334. 	/*
    335. 

  335. 	 *	Remove the Context from the AdapterFibContext List
    336. 

  336. 	 */
    337. 

  337. 	list_del(&fibctx->next);
    338. 

  338. 	/*
    339. 

  339. 	 *	Invalidate context
    340. 

  340. 	 */
    341. 

  341. 	fibctx->type = 0;
    342. 

  342. 	/*
    343. 

  343. 	 *	Free the space occupied by the Context
    344. 

  344. 	 */
    345. 

  345. 	kfree(fibctx);
    346. 

  346. 	return 0;
    347. 

  347. }
    348. 

  348. 

  349. /**
    350. 

  350.  *	close_getadapter_fib	-	close down user fib context
    351. 

  351.  *	@dev: adapter
    352. 

  352.  *	@arg: ioctl arguments
    353. 

  353.  *
    354. 

  354.  *	This routine will close down the fibctx passed in from the user.
    355. 

  355.  */
    356. 

  356.  
    357. 

  357. static int close_getadapter_fib(struct aac_dev * dev, void __user *arg)
    358. 

  358. {
    359. 

  359. 	struct aac_fib_context *fibctx;
    360. 

  360. 	int status;
    361. 

  361. 	unsigned long flags;
    362. 

  362. 	struct list_head * entry;
    363. 

  363. 

  364. 	/*
    365. 

  365. 	 *	Verify that the HANDLE passed in was a valid AdapterFibContext
    366. 

  366. 	 *
    367. 

  367. 	 *	Search the list of AdapterFibContext addresses on the adapter
    368. 

  368. 	 *	to be sure this is a valid address
    369. 

  369. 	 */
    370. 

  370. 

  371. 	entry = dev->fib_list.next;
    372. 

  372. 	fibctx = NULL;
    373. 

  373. 

  374. 	while(entry != &dev->fib_list) {
    375. 

  375. 		fibctx = list_entry(entry, struct aac_fib_context, next);
    376. 

  376. 		/*
    377. 

  377. 		 *	Extract the fibctx from the input parameters
    378. 

  378. 		 */
    379. 

  379. 		if (fibctx->unique == (u32)(unsigned long)arg) {   
    380. 

  380. 			/* We found a winner */
    381. 

  381. 			break;
    382. 

  382. 		}
    383. 

  383. 		entry = entry->next;
    384. 

  384. 		fibctx = NULL;
    385. 

  385. 	}
    386. 

  386. 

  387. 	if (!fibctx)
    388. 

  388. 		return 0; /* Already gone */
    389. 

  389. 

  390. 	if((fibctx->type != FSAFS_NTC_GET_ADAPTER_FIB_CONTEXT) ||
    391. 

  391. 		 (fibctx->size != sizeof(struct aac_fib_context)))
    392. 

  392. 		return -EINVAL;
    393. 

  393. 	spin_lock_irqsave(&dev->fib_lock, flags);
    394. 

  394. 	status = aac_close_fib_context(dev, fibctx);
    395. 

  395. 	spin_unlock_irqrestore(&dev->fib_lock, flags);
    396. 

  396. 	return status;
    397. 

  397. }
    398. 

  398. 

  399. /**
    400. 

  400.  *	check_revision	-	close down user fib context
    401. 

  401.  *	@dev: adapter
    402. 

  402.  *	@arg: ioctl arguments
    403. 

  403.  *
    404. 

  404.  *	This routine returns the driver version.
    405. 

  405.  *      Under Linux, there have been no version incompatibilities, so this is 
    406. 

  406.  *      simple!
    407. 

  407.  */
    408. 

  408. 

  409. static int check_revision(struct aac_dev *dev, void __user *arg)
    410. 

  410. {
    411. 

  411. 	struct revision response;
    412. 

  412. 	char *driver_version = aac_driver_version;
    413. 

  413. 	u32 version;
    414. 

  414. 

  415. 	response.compat = 1;
    416. 

  416. 	version = (simple_strtol(driver_version, 
    417. 

  417. 				&driver_version, 10) << 24) | 0x00000400;
    418. 

  418. 	version += simple_strtol(driver_version + 1, &driver_version, 10) << 16;
    419. 

  419. 	version += simple_strtol(driver_version + 1, NULL, 10);
    420. 

  420. 	response.version = cpu_to_le32(version);
    421. 

  421. #	if (defined(AAC_DRIVER_BUILD))
    422. 

  422. 		response.build = cpu_to_le32(AAC_DRIVER_BUILD);
    423. 

  423. #	else
    424. 

  424. 		response.build = cpu_to_le32(9999);
    425. 

  425. #	endif
    426. 

  426. 

  427. 	if (copy_to_user(arg, &response, sizeof(response)))
    428. 

  428. 		return -EFAULT;
    429. 

  429. 	return 0;
    430. 

  430. }
    431. 

  431. 

  432. 

  433. /**
    434. 

  434.  *
    435. 

  435.  * aac_send_raw_scb
    436. 

  436.  *
    437. 

  437.  */
    438. 

  438. 

  439. static int aac_send_raw_srb(struct aac_dev* dev, void __user * arg)
    440. 

  440. {
    441. 

  441. 	struct fib* srbfib;
    442. 

  442. 	int status;
    443. 

  443. 	struct aac_srb *srbcmd = NULL;
    444. 

  444. 	struct user_aac_srb *user_srbcmd = NULL;
    445. 

  445. 	struct user_aac_srb __user *user_srb = arg;
    446. 

  446. 	struct aac_srb_reply __user *user_reply;
    447. 

  447. 	struct aac_srb_reply* reply;
    448. 

  448. 	u32 fibsize = 0;
    449. 

  449. 	u32 flags = 0;
    450. 

  450. 	s32 rcode = 0;
    451. 

  451. 	u32 data_dir;
    452. 

  452. 	void __user *sg_user[32];
    453. 

  453. 	void *sg_list[32];
    454. 

  454. 	u32   sg_indx = 0;
    455. 

  455. 	u32 byte_count = 0;
    456. 

  456. 	u32 actual_fibsize = 0;
    457. 

  457. 	int i;
    458. 

  458. 

  459. 

  460. 	if (!capable(CAP_SYS_ADMIN)){
    461. 

  461. 		dprintk((KERN_DEBUG"aacraid: No permission to send raw srb\n")); 
    462. 

  462. 		return -EPERM;
    463. 

  463. 	}
    464. 

  464. 	/*
    465. 

  465. 	 *	Allocate and initialize a Fib then setup a BlockWrite command
    466. 

  466. 	 */
    467. 

  467. 	if (!(srbfib = fib_alloc(dev))) {
    468. 

  468. 		return -ENOMEM;
    469. 

  469. 	}
    470. 

  470. 	fib_init(srbfib);
    471. 

  471. 

  472. 	srbcmd = (struct aac_srb*) fib_data(srbfib);
    473. 

  473. 

  474. 	memset(sg_list, 0, sizeof(sg_list)); /* cleanup may take issue */
    475. 

  475. 	if(copy_from_user(&fibsize, &user_srb->count,sizeof(u32))){
    476. 

  476. 		dprintk((KERN_DEBUG"aacraid: Could not copy data size from user\n")); 
    477. 

  477. 		rcode = -EFAULT;
    478. 

  478. 		goto cleanup;
    479. 

  479. 	}
    480. 

  480. 

  481. 	if (fibsize > (dev->max_fib_size - sizeof(struct aac_fibhdr))) {
    482. 

  482. 		rcode = -EINVAL;
    483. 

  483. 		goto cleanup;
    484. 

  484. 	}
    485. 

  485. 

  486. 	user_srbcmd = kmalloc(fibsize, GFP_KERNEL);
    487. 

  487. 	if (!user_srbcmd) {
    488. 

  488. 		dprintk((KERN_DEBUG"aacraid: Could not make a copy of the srb\n"));
    489. 

  489. 		rcode = -ENOMEM;
    490. 

  490. 		goto cleanup;
    491. 

  491. 	}
    492. 

  492. 	if(copy_from_user(user_srbcmd, user_srb,fibsize)){
    493. 

  493. 		dprintk((KERN_DEBUG"aacraid: Could not copy srb from user\n")); 
    494. 

  494. 		rcode = -EFAULT;
    495. 

  495. 		goto cleanup;
    496. 

  496. 	}
    497. 

  497. 

  498. 	user_reply = arg+fibsize;
    499. 

  499. 

  500. 	flags = user_srbcmd->flags; /* from user in cpu order */
    501. 

  501. 	// Fix up srb for endian and force some values
    502. 

  502. 

  503. 	srbcmd->function = cpu_to_le32(SRBF_ExecuteScsi);	// Force this
    504. 

  504. 	srbcmd->channel  = cpu_to_le32(user_srbcmd->channel);
    505. 

  505. 	srbcmd->id	 = cpu_to_le32(user_srbcmd->id);
    506. 

  506. 	srbcmd->lun      = cpu_to_le32(user_srbcmd->lun);
    507. 

  507. 	srbcmd->timeout  = cpu_to_le32(user_srbcmd->timeout);
    508. 

  508. 	srbcmd->flags    = cpu_to_le32(flags);
    509. 

  509. 	srbcmd->retry_limit = 0; // Obsolete parameter
    510. 

  510. 	srbcmd->cdb_size = cpu_to_le32(user_srbcmd->cdb_size);
    511. 

  511. 	memcpy(srbcmd->cdb, user_srbcmd->cdb, sizeof(srbcmd->cdb));
    512. 

  512. 	
    513. 

  513. 	switch (flags & (SRB_DataIn | SRB_DataOut)) {
    514. 

  514. 	case SRB_DataOut:
    515. 

  515. 		data_dir = DMA_TO_DEVICE;
    516. 

  516. 		break;
    517. 

  517. 	case (SRB_DataIn | SRB_DataOut):
    518. 

  518. 		data_dir = DMA_BIDIRECTIONAL;
    519. 

  519. 		break;
    520. 

  520. 	case SRB_DataIn:
    521. 

  521. 		data_dir = DMA_FROM_DEVICE;
    522. 

  522. 		break;
    523. 

  523. 	default:
    524. 

  524. 		data_dir = DMA_NONE;
    525. 

  525. 	}
    526. 

  526. 	if (user_srbcmd->sg.count > (sizeof(sg_list)/sizeof(sg_list[0]))) {
    527. 

  527. 		dprintk((KERN_DEBUG"aacraid: too many sg entries %d\n",
    528. 

  528. 		  le32_to_cpu(srbcmd->sg.count)));
    529. 

  529. 		rcode = -EINVAL;
    530. 

  530. 		goto cleanup;
    531. 

  531. 	}
    532. 

  532. 	if (dev->dac_support == 1) {
    533. 

  533. 		struct user_sgmap64* upsg = (struct user_sgmap64*)&user_srbcmd->sg;
    534. 

  534. 		struct sgmap64* psg = (struct sgmap64*)&srbcmd->sg;
    535. 

  535. 		struct user_sgmap* usg;
    536. 

  536. 		byte_count = 0;
    537. 

  537. 

  538. 		/*
    539. 

  539. 		 * This should also catch if user used the 32 bit sgmap
    540. 

  540. 		 */
    541. 

  541. 		actual_fibsize = sizeof(struct aac_srb) - 
    542. 

  542. 			sizeof(struct sgentry) +
    543. 

  543. 			((upsg->count & 0xff) * 
    544. 

  544. 		 	sizeof(struct sgentry));
    545. 

  545. 		if(actual_fibsize != fibsize){ // User made a mistake - should not continue
    546. 

  546. 			dprintk((KERN_DEBUG"aacraid: Bad Size specified in Raw SRB command\n"));
    547. 

  547. 			rcode = -EINVAL;
    548. 

  548. 			goto cleanup;
    549. 

  549. 		}
    550. 

  550. 		usg = kmalloc(actual_fibsize - sizeof(struct aac_srb)
    551. 

  551. 		  + sizeof(struct sgmap), GFP_KERNEL);
    552. 

  552. 		if (!usg) {
    553. 

  553. 			dprintk((KERN_DEBUG"aacraid: Allocation error in Raw SRB command\n"));
    554. 

  554. 			rcode = -ENOMEM;
    555. 

  555. 			goto cleanup;
    556. 

  556. 		}
    557. 

  557. 		memcpy (usg, upsg, actual_fibsize - sizeof(struct aac_srb)
    558. 

  558. 		  + sizeof(struct sgmap));
    559. 

  559. 		actual_fibsize = sizeof(struct aac_srb) - 
    560. 

  560. 			sizeof(struct sgentry) + ((usg->count & 0xff) * 
    561. 

  561. 			 	sizeof(struct sgentry64));
    562. 

  562. 		if ((data_dir == DMA_NONE) && upsg->count) {
    563. 

  563. 			kfree (usg);
    564. 

  564. 			dprintk((KERN_DEBUG"aacraid: SG with no direction specified in Raw SRB command\n"));
    565. 

  565. 			rcode = -EINVAL;
    566. 

  566. 			goto cleanup;
    567. 

  567. 		}
    568. 

  568. 

  569. 		for (i = 0; i < usg->count; i++) {
    570. 

  570. 			u64 addr;
    571. 

  571. 			void* p;
    572. 

  572. 			/* Does this really need to be GFP_DMA? */
    573. 

  573. 			p = kmalloc(usg->sg[i].count,GFP_KERNEL|__GFP_DMA);
    574. 

  574. 			if(p == 0) {
    575. 

  575. 				kfree (usg);
    576. 

  576. 				dprintk((KERN_DEBUG"aacraid: Could not allocate SG buffer - size = %d buffer number %d of %d\n",
    577. 

  577. 				  usg->sg[i].count,i,usg->count));
    578. 

  578. 				rcode = -ENOMEM;
    579. 

  579. 				goto cleanup;
    580. 

  580. 			}
    581. 

  581. 			sg_user[i] = (void __user *)(long)usg->sg[i].addr;
    582. 

  582. 			sg_list[i] = p; // save so we can clean up later
    583. 

  583. 			sg_indx = i;
    584. 

  584. 

  585. 			if( flags & SRB_DataOut ){
    586. 

  586. 				if(copy_from_user(p,sg_user[i],upsg->sg[i].count)){
    587. 

  587. 					kfree (usg);
    588. 

  588. 					dprintk((KERN_DEBUG"aacraid: Could not copy sg data from user\n")); 
    589. 

  589. 					rcode = -EFAULT;
    590. 

  590. 					goto cleanup;
    591. 

  591. 				}
    592. 

  592. 			}
    593. 

  593. 			addr = pci_map_single(dev->pdev, p, usg->sg[i].count, data_dir);
    594. 

  594. 

  595. 			psg->sg[i].addr[0] = cpu_to_le32(addr & 0xffffffff);
    596. 

  596. 			psg->sg[i].addr[1] = cpu_to_le32(addr>>32);
    597. 

  597. 			psg->sg[i].count = cpu_to_le32(usg->sg[i].count);  
    598. 

  598. 			byte_count += usg->sg[i].count;
    599. 

  599. 		}
    600. 

  600. 		kfree (usg);
    601. 

  601. 

  602. 		srbcmd->count = cpu_to_le32(byte_count);
    603. 

  603. 		psg->count = cpu_to_le32(sg_indx+1);
    604. 

  604. 		status = fib_send(ScsiPortCommand64, srbfib, actual_fibsize, FsaNormal, 1, 1,NULL,NULL);
    605. 

  605. 	} else {
    606. 

  606. 		struct user_sgmap* upsg = &user_srbcmd->sg;
    607. 

  607. 		struct sgmap* psg = &srbcmd->sg;
    608. 

  608. 		byte_count = 0;
    609. 

  609. 

  610. 		actual_fibsize = sizeof (struct aac_srb) + (((user_srbcmd->sg.count & 0xff) - 1) * sizeof (struct sgentry));
    611. 

  611. 		if(actual_fibsize != fibsize){ // User made a mistake - should not continue
    612. 

  612. 			dprintk((KERN_DEBUG"aacraid: Bad Size specified in Raw SRB command\n"));
    613. 

  613. 			rcode = -EINVAL;
    614. 

  614. 			goto cleanup;
    615. 

  615. 		}
    616. 

  616. 		if ((data_dir == DMA_NONE) && upsg->count) {
    617. 

  617. 			dprintk((KERN_DEBUG"aacraid: SG with no direction specified in Raw SRB command\n"));
    618. 

  618. 			rcode = -EINVAL;
    619. 

  619. 			goto cleanup;
    620. 

  620. 		}
    621. 

  621. 		for (i = 0; i < upsg->count; i++) {
    622. 

  622. 			dma_addr_t addr; 
    623. 

  623. 			void* p;
    624. 

  624. 			p = kmalloc(upsg->sg[i].count, GFP_KERNEL);
    625. 

  625. 			if(p == 0) {
    626. 

  626. 				dprintk((KERN_DEBUG"aacraid: Could not allocate SG buffer - size = %d buffer number %d of %d\n",
    627. 

  627. 				  upsg->sg[i].count, i, upsg->count));
    628. 

  628. 				rcode = -ENOMEM;
    629. 

  629. 				goto cleanup;
    630. 

  630. 			}
    631. 

  631. 			sg_user[i] = (void __user *)(long)upsg->sg[i].addr;
    632. 

  632. 			sg_list[i] = p; // save so we can clean up later
    633. 

  633. 			sg_indx = i;
    634. 

  634. 

  635. 			if( flags & SRB_DataOut ){
    636. 

  636. 				if(copy_from_user(p, sg_user[i],
    637. 

  637. 						upsg->sg[i].count)) {
    638. 

  638. 					dprintk((KERN_DEBUG"aacraid: Could not copy sg data from user\n")); 
    639. 

  639. 					rcode = -EFAULT;
    640. 

  640. 					goto cleanup;
    641. 

  641. 				}
    642. 

  642. 			}
    643. 

  643. 			addr = pci_map_single(dev->pdev, p,
    644. 

  644. 				upsg->sg[i].count, data_dir);
    645. 

  645. 

  646. 			psg->sg[i].addr = cpu_to_le32(addr);
    647. 

  647. 			psg->sg[i].count = cpu_to_le32(upsg->sg[i].count);  
    648. 

  648. 			byte_count += upsg->sg[i].count;
    649. 

  649. 		}
    650. 

  650. 		srbcmd->count = cpu_to_le32(byte_count);
    651. 

  651. 		psg->count = cpu_to_le32(sg_indx+1);
    652. 

  652. 		status = fib_send(ScsiPortCommand, srbfib, actual_fibsize, FsaNormal, 1, 1, NULL, NULL);
    653. 

  653. 	}
    654. 

  654. 

  655. 	if (status != 0){
    656. 

  656. 		dprintk((KERN_DEBUG"aacraid: Could not send raw srb fib to hba\n")); 
    657. 

  657. 		rcode = -ENXIO;
    658. 

  658. 		goto cleanup;
    659. 

  659. 	}
    660. 

  660. 

  661. 	if( flags & SRB_DataIn ) {
    662. 

  662. 		for(i = 0 ; i <= sg_indx; i++){
    663. 

  663. 			byte_count = le32_to_cpu((dev->dac_support == 1)
    664. 

  664. 			      ? ((struct sgmap64*)&srbcmd->sg)->sg[i].count
    665. 

  665. 			      : srbcmd->sg.sg[i].count);
    666. 

  666. 			if(copy_to_user(sg_user[i], sg_list[i], byte_count)){
    667. 

  667. 				dprintk((KERN_DEBUG"aacraid: Could not copy sg data to user\n")); 
    668. 

  668. 				rcode = -EFAULT;
    669. 

  669. 				goto cleanup;
    670. 

  670. 

  671. 			}
    672. 

  672. 		}
    673. 

  673. 	}
    674. 

  674. 

  675. 	reply = (struct aac_srb_reply *) fib_data(srbfib);
    676. 

  676. 	if(copy_to_user(user_reply,reply,sizeof(struct aac_srb_reply))){
    677. 

  677. 		dprintk((KERN_DEBUG"aacraid: Could not copy reply to user\n")); 
    678. 

  678. 		rcode = -EFAULT;
    679. 

  679. 		goto cleanup;
    680. 

  680. 	}
    681. 

  681. 

  682. cleanup:
    683. 

  683. 	kfree(user_srbcmd);
    684. 

  684. 	for(i=0; i <= sg_indx; i++){
    685. 

  685. 		kfree(sg_list[i]);
    686. 

  686. 	}
    687. 

  687. 	fib_complete(srbfib);
    688. 

  688. 	fib_free(srbfib);
    689. 

  689. 

  690. 	return rcode;
    691. 

  691. }
    692. 

  692. 

  693. struct aac_pci_info {
    694. 

  694.         u32 bus;
    695. 

  695.         u32 slot;
    696. 

  696. };
    697. 

  697. 

  698. 

  699. static int aac_get_pci_info(struct aac_dev* dev, void __user *arg)
    700. 

  700. {
    701. 

  701.         struct aac_pci_info pci_info;
    702. 

  702. 

  703. 	pci_info.bus = dev->pdev->bus->number;
    704. 

  704. 	pci_info.slot = PCI_SLOT(dev->pdev->devfn);
    705. 

  705. 

  706.        if (copy_to_user(arg, &pci_info, sizeof(struct aac_pci_info))) {
    707. 

  707.                dprintk((KERN_DEBUG "aacraid: Could not copy pci info\n"));
    708. 

  708.                return -EFAULT;
    709. 

  709. 	}
    710. 

  710.         return 0;
    711. 

  711. }
    712. 

  712.  
    713. 

  713. 

  714. int aac_do_ioctl(struct aac_dev * dev, int cmd, void __user *arg)
    715. 

  715. {
    716. 

  716. 	int status;
    717. 

  717. 	
    718. 

  718. 	/*
    719. 

  719. 	 *	HBA gets first crack
    720. 

  720. 	 */
    721. 

  721. 	 
    722. 

  722. 	status = aac_dev_ioctl(dev, cmd, arg);
    723. 

  723. 	if(status != -ENOTTY)
    724. 

  724. 		return status;
    725. 

  725. 

  726. 	switch (cmd) {
    727. 

  727. 	case FSACTL_MINIPORT_REV_CHECK:
    728. 

  728. 		status = check_revision(dev, arg);
    729. 

  729. 		break;
    730. 

  730. 	case FSACTL_SEND_LARGE_FIB:
    731. 

  731. 	case FSACTL_SENDFIB:
    732. 

  732. 		status = ioctl_send_fib(dev, arg);
    733. 

  733. 		break;
    734. 

  734. 	case FSACTL_OPEN_GET_ADAPTER_FIB:
    735. 

  735. 		status = open_getadapter_fib(dev, arg);
    736. 

  736. 		break;
    737. 

  737. 	case FSACTL_GET_NEXT_ADAPTER_FIB:
    738. 

  738. 		status = next_getadapter_fib(dev, arg);
    739. 

  739. 		break;
    740. 

  740. 	case FSACTL_CLOSE_GET_ADAPTER_FIB:
    741. 

  741. 		status = close_getadapter_fib(dev, arg);
    742. 

  742. 		break;
    743. 

  743. 	case FSACTL_SEND_RAW_SRB:
    744. 

  744. 		status = aac_send_raw_srb(dev,arg);
    745. 

  745. 		break;
    746. 

  746. 	case FSACTL_GET_PCI_INFO:
    747. 

  747. 		status = aac_get_pci_info(dev,arg);
    748. 

  748. 		break;
    749. 

  749. 	default:
    750. 

  750. 		status = -ENOTTY;
    751. 

  751. 	  	break;	
    752. 

  752. 	}
    753. 

  753. 	return status;
    754. 

  754. }
    755. 

  755.