首頁 探索 說明
註冊 登入
phyus
/
linux-vybrid_public
8
0
複刻 0
Files 問題管理 0 合併請求 0 Wiki
目錄樹: c45154a3b1
分支列表 標籤列表
linux-vybrid_pu...
/
drivers
/
scsi
/
aacraid
/
commctrl.c

commctrl.c 20 KB
文件歷史 原始文件

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576577578579580581582583584585586587588589590591592593594595596597598599600601602603604605606607608609610611612613614615616617618619620621622623624625626627628629630631632633634635636637638639640641642643644645646647648649650651652653654655656657658659660661662663664665666667668669670671672673674675676677678679680681682683684685686687688689690691692693694695696697698699700701702703704705706707708709710711712713714715716717718719720721722723724725726727728729730731732733734735736737738739740741742743744745746747748749750751 
  1. /*
    2. 

  2.  *	Adaptec AAC series RAID controller driver
    3. 

  3.  *	(c) Copyright 2001 Red Hat Inc.	<alan@redhat.com>
    4. 

  4.  *
    5. 

  5.  * based on the old aacraid driver that is..
    6. 

  6.  * Adaptec aacraid device driver for Linux.
    7. 

  7.  *
    8. 

  8.  * Copyright (c) 2000 Adaptec, Inc. (aacraid@adaptec.com)
    9. 

  9.  *
    10. 

  10.  * This program is free software; you can redistribute it and/or modify
    11. 

  11.  * it under the terms of the GNU General Public License as published by
    12. 

  12.  * the Free Software Foundation; either version 2, or (at your option)
    13. 

  13.  * any later version.
    14. 

  14.  *
    15. 

  15.  * This program is distributed in the hope that it will be useful,
    16. 

  16.  * but WITHOUT ANY WARRANTY; without even the implied warranty of
    17. 

  17.  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
    18. 

  18.  * GNU General Public License for more details.
    19. 

  19.  *
    20. 

  20.  * You should have received a copy of the GNU General Public License
    21. 

  21.  * along with this program; see the file COPYING.  If not, write to
    22. 

  22.  * the Free Software Foundation, 675 Mass Ave, Cambridge, MA 02139, USA.
    23. 

  23.  *
    24. 

  24.  * Module Name:
    25. 

  25.  *  commctrl.c
    26. 

  26.  *
    27. 

  27.  * Abstract: Contains all routines for control of the AFA comm layer
    28. 

  28.  *
    29. 

  29.  */
    30. 

  30. 

  31. #include <linux/kernel.h>
    32. 

  32. #include <linux/init.h>
    33. 

  33. #include <linux/types.h>
    34. 

  34. #include <linux/sched.h>
    35. 

  35. #include <linux/pci.h>
    36. 

  36. #include <linux/spinlock.h>
    37. 

  37. #include <linux/slab.h>
    38. 

  38. #include <linux/completion.h>
    39. 

  39. #include <linux/dma-mapping.h>
    40. 

  40. #include <linux/blkdev.h>
    41. 

  41. #include <asm/semaphore.h>
    42. 

  42. #include <asm/uaccess.h>
    43. 

  43. 

  44. #include "aacraid.h"
    45. 

  45. 

  46. /**
    47. 

  47.  *	ioctl_send_fib	-	send a FIB from userspace
    48. 

  48.  *	@dev:	adapter is being processed
    49. 

  49.  *	@arg:	arguments to the ioctl call
    50. 

  50.  *	
    51. 

  51.  *	This routine sends a fib to the adapter on behalf of a user level
    52. 

  52.  *	program.
    53. 

  53.  */
    54. 

  54. # define AAC_DEBUG_PREAMBLE	KERN_INFO
    55. 

  55. # define AAC_DEBUG_POSTAMBLE
    56. 

  56.  
    57. 

  57. static int ioctl_send_fib(struct aac_dev * dev, void __user *arg)
    58. 

  58. {
    59. 

  59. 	struct hw_fib * kfib;
    60. 

  60. 	struct fib *fibptr;
    61. 

  61. 	struct hw_fib * hw_fib = (struct hw_fib *)0;
    62. 

  62. 	dma_addr_t hw_fib_pa = (dma_addr_t)0LL;
    63. 

  63. 	unsigned size;
    64. 

  64. 	int retval;
    65. 

  65. 

  66. 	fibptr = fib_alloc(dev);
    67. 

  67. 	if(fibptr == NULL) {
    68. 

  68. 		return -ENOMEM;
    69. 

  69. 	}
    70. 

  70. 		
    71. 

  71. 	kfib = fibptr->hw_fib;
    72. 

  72. 	/*
    73. 

  73. 	 *	First copy in the header so that we can check the size field.
    74. 

  74. 	 */
    75. 

  75. 	if (copy_from_user((void *)kfib, arg, sizeof(struct aac_fibhdr))) {
    76. 

  76. 		fib_free(fibptr);
    77. 

  77. 		return -EFAULT;
    78. 

  78. 	}
    79. 

  79. 	/*
    80. 

  80. 	 *	Since we copy based on the fib header size, make sure that we
    81. 

  81. 	 *	will not overrun the buffer when we copy the memory. Return
    82. 

  82. 	 *	an error if we would.
    83. 

  83. 	 */
    84. 

  84. 	size = le16_to_cpu(kfib->header.Size) + sizeof(struct aac_fibhdr);
    85. 

  85. 	if (size < le16_to_cpu(kfib->header.SenderSize))
    86. 

  86. 		size = le16_to_cpu(kfib->header.SenderSize);
    87. 

  87. 	if (size > dev->max_fib_size) {
    88. 

  88. 		/* Highjack the hw_fib */
    89. 

  89. 		hw_fib = fibptr->hw_fib;
    90. 

  90. 		hw_fib_pa = fibptr->hw_fib_pa;
    91. 

  91. 		fibptr->hw_fib = kfib = pci_alloc_consistent(dev->pdev, size, &fibptr->hw_fib_pa);
    92. 

  92. 		memset(((char *)kfib) + dev->max_fib_size, 0, size - dev->max_fib_size);
    93. 

  93. 		memcpy(kfib, hw_fib, dev->max_fib_size);
    94. 

  94. 	}
    95. 

  95. 

  96. 	if (copy_from_user(kfib, arg, size)) {
    97. 

  97. 		retval = -EFAULT;
    98. 

  98. 		goto cleanup;
    99. 

  99. 	}
    100. 

  100. 

  101. 	if (kfib->header.Command == cpu_to_le16(TakeABreakPt)) {
    102. 

  102. 		aac_adapter_interrupt(dev);
    103. 

  103. 		/*
    104. 

  104. 		 * Since we didn't really send a fib, zero out the state to allow 
    105. 

  105. 		 * cleanup code not to assert.
    106. 

  106. 		 */
    107. 

  107. 		kfib->header.XferState = 0;
    108. 

  108. 	} else {
    109. 

  109. 		retval = fib_send(le16_to_cpu(kfib->header.Command), fibptr,
    110. 

  110. 				le16_to_cpu(kfib->header.Size) , FsaNormal,
    111. 

  111. 				1, 1, NULL, NULL);
    112. 

  112. 		if (retval) {
    113. 

  113. 			goto cleanup;
    114. 

  114. 		}
    115. 

  115. 		if (fib_complete(fibptr) != 0) {
    116. 

  116. 			retval = -EINVAL;
    117. 

  117. 			goto cleanup;
    118. 

  118. 		}
    119. 

  119. 	}
    120. 

  120. 	/*
    121. 

  121. 	 *	Make sure that the size returned by the adapter (which includes
    122. 

  122. 	 *	the header) is less than or equal to the size of a fib, so we
    123. 

  123. 	 *	don't corrupt application data. Then copy that size to the user
    124. 

  124. 	 *	buffer. (Don't try to add the header information again, since it
    125. 

  125. 	 *	was already included by the adapter.)
    126. 

  126. 	 */
    127. 

  127. 

  128. 	retval = 0;
    129. 

  129. 	if (copy_to_user(arg, (void *)kfib, size))
    130. 

  130. 		retval = -EFAULT;
    131. 

  131. cleanup:
    132. 

  132. 	if (hw_fib) {
    133. 

  133. 		pci_free_consistent(dev->pdev, size, kfib, fibptr->hw_fib_pa);
    134. 

  134. 		fibptr->hw_fib_pa = hw_fib_pa;
    135. 

  135. 		fibptr->hw_fib = hw_fib;
    136. 

  136. 	}
    137. 

  137. 	fib_free(fibptr);
    138. 

  138. 	return retval;
    139. 

  139. }
    140. 

  140. 

  141. /**
    142. 

  142.  *	open_getadapter_fib	-	Get the next fib
    143. 

  143.  *
    144. 

  144.  *	This routine will get the next Fib, if available, from the AdapterFibContext
    145. 

  145.  *	passed in from the user.
    146. 

  146.  */
    147. 

  147. 

  148. static int open_getadapter_fib(struct aac_dev * dev, void __user *arg)
    149. 

  149. {
    150. 

  150. 	struct aac_fib_context * fibctx;
    151. 

  151. 	int status;
    152. 

  152. 

  153. 	fibctx = kmalloc(sizeof(struct aac_fib_context), GFP_KERNEL);
    154. 

  154. 	if (fibctx == NULL) {
    155. 

  155. 		status = -ENOMEM;
    156. 

  156. 	} else {
    157. 

  157. 		unsigned long flags;
    158. 

  158. 		struct list_head * entry;
    159. 

  159. 		struct aac_fib_context * context;
    160. 

  160. 

  161. 		fibctx->type = FSAFS_NTC_GET_ADAPTER_FIB_CONTEXT;
    162. 

  162. 		fibctx->size = sizeof(struct aac_fib_context);
    163. 

  163.  		/*
    164. 

  164. 		 *	Yes yes, I know this could be an index, but we have a
    165. 

  165. 		 * better guarantee of uniqueness for the locked loop below.
    166. 

  166. 		 * Without the aid of a persistent history, this also helps
    167. 

  167. 		 * reduce the chance that the opaque context would be reused.
    168. 

  168. 		 */
    169. 

  169. 		fibctx->unique = (u32)((ulong)fibctx & 0xFFFFFFFF);
    170. 

  170. 		/*
    171. 

  171. 		 *	Initialize the mutex used to wait for the next AIF.
    172. 

  172. 		 */
    173. 

  173. 		init_MUTEX_LOCKED(&fibctx->wait_sem);
    174. 

  174. 		fibctx->wait = 0;
    175. 

  175. 		/*
    176. 

  176. 		 *	Initialize the fibs and set the count of fibs on
    177. 

  177. 		 *	the list to 0.
    178. 

  178. 		 */
    179. 

  179. 		fibctx->count = 0;
    180. 

  180. 		INIT_LIST_HEAD(&fibctx->fib_list);
    181. 

  181. 		fibctx->jiffies = jiffies/HZ;
    182. 

  182. 		/*
    183. 

  183. 		 *	Now add this context onto the adapter's 
    184. 

  184. 		 *	AdapterFibContext list.
    185. 

  185. 		 */
    186. 

  186. 		spin_lock_irqsave(&dev->fib_lock, flags);
    187. 

  187. 		/* Ensure that we have a unique identifier */
    188. 

  188. 		entry = dev->fib_list.next;
    189. 

  189. 		while (entry != &dev->fib_list) {
    190. 

  190. 			context = list_entry(entry, struct aac_fib_context, next);
    191. 

  191. 			if (context->unique == fibctx->unique) {
    192. 

  192. 				/* Not unique (32 bits) */
    193. 

  193. 				fibctx->unique++;
    194. 

  194. 				entry = dev->fib_list.next;
    195. 

  195. 			} else {
    196. 

  196. 				entry = entry->next;
    197. 

  197. 			}
    198. 

  198. 		}
    199. 

  199. 		list_add_tail(&fibctx->next, &dev->fib_list);
    200. 

  200. 		spin_unlock_irqrestore(&dev->fib_lock, flags);
    201. 

  201. 		if (copy_to_user(arg,  &fibctx->unique, 
    202. 

  202. 						sizeof(fibctx->unique))) {
    203. 

  203. 			status = -EFAULT;
    204. 

  204. 		} else {
    205. 

  205. 			status = 0;
    206. 

  206. 		}	
    207. 

  207. 	}
    208. 

  208. 	return status;
    209. 

  209. }
    210. 

  210. 

  211. /**
    212. 

  212.  *	next_getadapter_fib	-	get the next fib
    213. 

  213.  *	@dev: adapter to use
    214. 

  214.  *	@arg: ioctl argument
    215. 

  215.  *	
    216. 

  216.  * 	This routine will get the next Fib, if available, from the AdapterFibContext
    217. 

  217.  *	passed in from the user.
    218. 

  218.  */
    219. 

  219. 

  220. static int next_getadapter_fib(struct aac_dev * dev, void __user *arg)
    221. 

  221. {
    222. 

  222. 	struct fib_ioctl f;
    223. 

  223. 	struct fib *fib;
    224. 

  224. 	struct aac_fib_context *fibctx;
    225. 

  225. 	int status;
    226. 

  226. 	struct list_head * entry;
    227. 

  227. 	unsigned long flags;
    228. 

  228. 	
    229. 

  229. 	if(copy_from_user((void *)&f, arg, sizeof(struct fib_ioctl)))
    230. 

  230. 		return -EFAULT;
    231. 

  231. 	/*
    232. 

  232. 	 *	Verify that the HANDLE passed in was a valid AdapterFibContext
    233. 

  233. 	 *
    234. 

  234. 	 *	Search the list of AdapterFibContext addresses on the adapter
    235. 

  235. 	 *	to be sure this is a valid address
    236. 

  236. 	 */
    237. 

  237. 	entry = dev->fib_list.next;
    238. 

  238. 	fibctx = NULL;
    239. 

  239. 

  240. 	while (entry != &dev->fib_list) {
    241. 

  241. 		fibctx = list_entry(entry, struct aac_fib_context, next);
    242. 

  242. 		/*
    243. 

  243. 		 *	Extract the AdapterFibContext from the Input parameters.
    244. 

  244. 		 */
    245. 

  245. 		if (fibctx->unique == f.fibctx) {   /* We found a winner */
    246. 

  246. 			break;
    247. 

  247. 		}
    248. 

  248. 		entry = entry->next;
    249. 

  249. 		fibctx = NULL;
    250. 

  250. 	}
    251. 

  251. 	if (!fibctx) {
    252. 

  252. 		dprintk ((KERN_INFO "Fib Context not found\n"));
    253. 

  253. 		return -EINVAL;
    254. 

  254. 	}
    255. 

  255. 

  256. 	if((fibctx->type != FSAFS_NTC_GET_ADAPTER_FIB_CONTEXT) ||
    257. 

  257. 		 (fibctx->size != sizeof(struct aac_fib_context))) {
    258. 

  258. 		dprintk ((KERN_INFO "Fib Context corrupt?\n"));
    259. 

  259. 		return -EINVAL;
    260. 

  260. 	}
    261. 

  261. 	status = 0;
    262. 

  262. 	spin_lock_irqsave(&dev->fib_lock, flags);
    263. 

  263. 	/*
    264. 

  264. 	 *	If there are no fibs to send back, then either wait or return
    265. 

  265. 	 *	-EAGAIN
    266. 

  266. 	 */
    267. 

  267. return_fib:
    268. 

  268. 	if (!list_empty(&fibctx->fib_list)) {
    269. 

  269. 		struct list_head * entry;
    270. 

  270. 		/*
    271. 

  271. 		 *	Pull the next fib from the fibs
    272. 

  272. 		 */
    273. 

  273. 		entry = fibctx->fib_list.next;
    274. 

  274. 		list_del(entry);
    275. 

  275. 		
    276. 

  276. 		fib = list_entry(entry, struct fib, fiblink);
    277. 

  277. 		fibctx->count--;
    278. 

  278. 		spin_unlock_irqrestore(&dev->fib_lock, flags);
    279. 

  279. 		if (copy_to_user(f.fib, fib->hw_fib, sizeof(struct hw_fib))) {
    280. 

  280. 			kfree(fib->hw_fib);
    281. 

  281. 			kfree(fib);
    282. 

  282. 			return -EFAULT;
    283. 

  283. 		}	
    284. 

  284. 		/*
    285. 

  285. 		 *	Free the space occupied by this copy of the fib.
    286. 

  286. 		 */
    287. 

  287. 		kfree(fib->hw_fib);
    288. 

  288. 		kfree(fib);
    289. 

  289. 		status = 0;
    290. 

  290. 	} else {
    291. 

  291. 		spin_unlock_irqrestore(&dev->fib_lock, flags);
    292. 

  292. 		if (f.wait) {
    293. 

  293. 			if(down_interruptible(&fibctx->wait_sem) < 0) {
    294. 

  294. 				status = -EINTR;
    295. 

  295. 			} else {
    296. 

  296. 				/* Lock again and retry */
    297. 

  297. 				spin_lock_irqsave(&dev->fib_lock, flags);
    298. 

  298. 				goto return_fib;
    299. 

  299. 			}
    300. 

  300. 		} else {
    301. 

  301. 			status = -EAGAIN;
    302. 

  302. 		}	
    303. 

  303. 	}
    304. 

  304. 	fibctx->jiffies = jiffies/HZ;
    305. 

  305. 	return status;
    306. 

  306. }
    307. 

  307. 

  308. int aac_close_fib_context(struct aac_dev * dev, struct aac_fib_context * fibctx)
    309. 

  309. {
    310. 

  310. 	struct fib *fib;
    311. 

  311. 

  312. 	/*
    313. 

  313. 	 *	First free any FIBs that have not been consumed.
    314. 

  314. 	 */
    315. 

  315. 	while (!list_empty(&fibctx->fib_list)) {
    316. 

  316. 		struct list_head * entry;
    317. 

  317. 		/*
    318. 

  318. 		 *	Pull the next fib from the fibs
    319. 

  319. 		 */
    320. 

  320. 		entry = fibctx->fib_list.next;
    321. 

  321. 		list_del(entry);
    322. 

  322. 		fib = list_entry(entry, struct fib, fiblink);
    323. 

  323. 		fibctx->count--;
    324. 

  324. 		/*
    325. 

  325. 		 *	Free the space occupied by this copy of the fib.
    326. 

  326. 		 */
    327. 

  327. 		kfree(fib->hw_fib);
    328. 

  328. 		kfree(fib);
    329. 

  329. 	}
    330. 

  330. 	/*
    331. 

  331. 	 *	Remove the Context from the AdapterFibContext List
    332. 

  332. 	 */
    333. 

  333. 	list_del(&fibctx->next);
    334. 

  334. 	/*
    335. 

  335. 	 *	Invalidate context
    336. 

  336. 	 */
    337. 

  337. 	fibctx->type = 0;
    338. 

  338. 	/*
    339. 

  339. 	 *	Free the space occupied by the Context
    340. 

  340. 	 */
    341. 

  341. 	kfree(fibctx);
    342. 

  342. 	return 0;
    343. 

  343. }
    344. 

  344. 

  345. /**
    346. 

  346.  *	close_getadapter_fib	-	close down user fib context
    347. 

  347.  *	@dev: adapter
    348. 

  348.  *	@arg: ioctl arguments
    349. 

  349.  *
    350. 

  350.  *	This routine will close down the fibctx passed in from the user.
    351. 

  351.  */
    352. 

  352.  
    353. 

  353. static int close_getadapter_fib(struct aac_dev * dev, void __user *arg)
    354. 

  354. {
    355. 

  355. 	struct aac_fib_context *fibctx;
    356. 

  356. 	int status;
    357. 

  357. 	unsigned long flags;
    358. 

  358. 	struct list_head * entry;
    359. 

  359. 

  360. 	/*
    361. 

  361. 	 *	Verify that the HANDLE passed in was a valid AdapterFibContext
    362. 

  362. 	 *
    363. 

  363. 	 *	Search the list of AdapterFibContext addresses on the adapter
    364. 

  364. 	 *	to be sure this is a valid address
    365. 

  365. 	 */
    366. 

  366. 

  367. 	entry = dev->fib_list.next;
    368. 

  368. 	fibctx = NULL;
    369. 

  369. 

  370. 	while(entry != &dev->fib_list) {
    371. 

  371. 		fibctx = list_entry(entry, struct aac_fib_context, next);
    372. 

  372. 		/*
    373. 

  373. 		 *	Extract the fibctx from the input parameters
    374. 

  374. 		 */
    375. 

  375. 		if (fibctx->unique == (u32)(unsigned long)arg) {   
    376. 

  376. 			/* We found a winner */
    377. 

  377. 			break;
    378. 

  378. 		}
    379. 

  379. 		entry = entry->next;
    380. 

  380. 		fibctx = NULL;
    381. 

  381. 	}
    382. 

  382. 

  383. 	if (!fibctx)
    384. 

  384. 		return 0; /* Already gone */
    385. 

  385. 

  386. 	if((fibctx->type != FSAFS_NTC_GET_ADAPTER_FIB_CONTEXT) ||
    387. 

  387. 		 (fibctx->size != sizeof(struct aac_fib_context)))
    388. 

  388. 		return -EINVAL;
    389. 

  389. 	spin_lock_irqsave(&dev->fib_lock, flags);
    390. 

  390. 	status = aac_close_fib_context(dev, fibctx);
    391. 

  391. 	spin_unlock_irqrestore(&dev->fib_lock, flags);
    392. 

  392. 	return status;
    393. 

  393. }
    394. 

  394. 

  395. /**
    396. 

  396.  *	check_revision	-	close down user fib context
    397. 

  397.  *	@dev: adapter
    398. 

  398.  *	@arg: ioctl arguments
    399. 

  399.  *
    400. 

  400.  *	This routine returns the driver version.
    401. 

  401.  *      Under Linux, there have been no version incompatibilities, so this is 
    402. 

  402.  *      simple!
    403. 

  403.  */
    404. 

  404. 

  405. static int check_revision(struct aac_dev *dev, void __user *arg)
    406. 

  406. {
    407. 

  407. 	struct revision response;
    408. 

  408. 	char *driver_version = aac_driver_version;
    409. 

  409. 	u32 version;
    410. 

  410. 

  411. 	response.compat = cpu_to_le32(1);
    412. 

  412. 	version = (simple_strtol(driver_version, 
    413. 

  413. 				&driver_version, 10) << 24) | 0x00000400;
    414. 

  414. 	version += simple_strtol(driver_version + 1, &driver_version, 10) << 16;
    415. 

  415. 	version += simple_strtol(driver_version + 1, NULL, 10);
    416. 

  416. 	response.version = cpu_to_le32(version);
    417. 

  417. #	if (defined(AAC_DRIVER_BUILD))
    418. 

  418. 		response.build = cpu_to_le32(AAC_DRIVER_BUILD);
    419. 

  419. #	else
    420. 

  420. 		response.build = cpu_to_le32(9999);
    421. 

  421. #	endif
    422. 

  422. 

  423. 	if (copy_to_user(arg, &response, sizeof(response)))
    424. 

  424. 		return -EFAULT;
    425. 

  425. 	return 0;
    426. 

  426. }
    427. 

  427. 

  428. 

  429. /**
    430. 

  430.  *
    431. 

  431.  * aac_send_raw_scb
    432. 

  432.  *
    433. 

  433.  */
    434. 

  434. 

  435. static int aac_send_raw_srb(struct aac_dev* dev, void __user * arg)
    436. 

  436. {
    437. 

  437. 	struct fib* srbfib;
    438. 

  438. 	int status;
    439. 

  439. 	struct aac_srb *srbcmd = NULL;
    440. 

  440. 	struct user_aac_srb *user_srbcmd = NULL;
    441. 

  441. 	struct user_aac_srb __user *user_srb = arg;
    442. 

  442. 	struct aac_srb_reply __user *user_reply;
    443. 

  443. 	struct aac_srb_reply* reply;
    444. 

  444. 	u32 fibsize = 0;
    445. 

  445. 	u32 flags = 0;
    446. 

  446. 	s32 rcode = 0;
    447. 

  447. 	u32 data_dir;
    448. 

  448. 	void __user *sg_user[32];
    449. 

  449. 	void *sg_list[32];
    450. 

  450. 	u32   sg_indx = 0;
    451. 

  451. 	u32 byte_count = 0;
    452. 

  452. 	u32 actual_fibsize = 0;
    453. 

  453. 	int i;
    454. 

  454. 

  455. 

  456. 	if (!capable(CAP_SYS_ADMIN)){
    457. 

  457. 		dprintk((KERN_DEBUG"aacraid: No permission to send raw srb\n")); 
    458. 

  458. 		return -EPERM;
    459. 

  459. 	}
    460. 

  460. 	/*
    461. 

  461. 	 *	Allocate and initialize a Fib then setup a BlockWrite command
    462. 

  462. 	 */
    463. 

  463. 	if (!(srbfib = fib_alloc(dev))) {
    464. 

  464. 		return -ENOMEM;
    465. 

  465. 	}
    466. 

  466. 	fib_init(srbfib);
    467. 

  467. 

  468. 	srbcmd = (struct aac_srb*) fib_data(srbfib);
    469. 

  469. 

  470. 	memset(sg_list, 0, sizeof(sg_list)); /* cleanup may take issue */
    471. 

  471. 	if(copy_from_user(&fibsize, &user_srb->count,sizeof(u32))){
    472. 

  472. 		dprintk((KERN_DEBUG"aacraid: Could not copy data size from user\n")); 
    473. 

  473. 		rcode = -EFAULT;
    474. 

  474. 		goto cleanup;
    475. 

  475. 	}
    476. 

  476. 

  477. 	if (fibsize > (dev->max_fib_size - sizeof(struct aac_fibhdr))) {
    478. 

  478. 		rcode = -EINVAL;
    479. 

  479. 		goto cleanup;
    480. 

  480. 	}
    481. 

  481. 

  482. 	user_srbcmd = kmalloc(fibsize, GFP_KERNEL);
    483. 

  483. 	if (!user_srbcmd) {
    484. 

  484. 		dprintk((KERN_DEBUG"aacraid: Could not make a copy of the srb\n"));
    485. 

  485. 		rcode = -ENOMEM;
    486. 

  486. 		goto cleanup;
    487. 

  487. 	}
    488. 

  488. 	if(copy_from_user(user_srbcmd, user_srb,fibsize)){
    489. 

  489. 		dprintk((KERN_DEBUG"aacraid: Could not copy srb from user\n")); 
    490. 

  490. 		rcode = -EFAULT;
    491. 

  491. 		goto cleanup;
    492. 

  492. 	}
    493. 

  493. 

  494. 	user_reply = arg+fibsize;
    495. 

  495. 

  496. 	flags = user_srbcmd->flags; /* from user in cpu order */
    497. 

  497. 	// Fix up srb for endian and force some values
    498. 

  498. 

  499. 	srbcmd->function = cpu_to_le32(SRBF_ExecuteScsi);	// Force this
    500. 

  500. 	srbcmd->channel  = cpu_to_le32(user_srbcmd->channel);
    501. 

  501. 	srbcmd->id	 = cpu_to_le32(user_srbcmd->id);
    502. 

  502. 	srbcmd->lun      = cpu_to_le32(user_srbcmd->lun);
    503. 

  503. 	srbcmd->timeout  = cpu_to_le32(user_srbcmd->timeout);
    504. 

  504. 	srbcmd->flags    = cpu_to_le32(flags);
    505. 

  505. 	srbcmd->retry_limit = 0; // Obsolete parameter
    506. 

  506. 	srbcmd->cdb_size = cpu_to_le32(user_srbcmd->cdb_size);
    507. 

  507. 	memcpy(srbcmd->cdb, user_srbcmd->cdb, sizeof(srbcmd->cdb));
    508. 

  508. 	
    509. 

  509. 	switch (flags & (SRB_DataIn | SRB_DataOut)) {
    510. 

  510. 	case SRB_DataOut:
    511. 

  511. 		data_dir = DMA_TO_DEVICE;
    512. 

  512. 		break;
    513. 

  513. 	case (SRB_DataIn | SRB_DataOut):
    514. 

  514. 		data_dir = DMA_BIDIRECTIONAL;
    515. 

  515. 		break;
    516. 

  516. 	case SRB_DataIn:
    517. 

  517. 		data_dir = DMA_FROM_DEVICE;
    518. 

  518. 		break;
    519. 

  519. 	default:
    520. 

  520. 		data_dir = DMA_NONE;
    521. 

  521. 	}
    522. 

  522. 	if (user_srbcmd->sg.count > (sizeof(sg_list)/sizeof(sg_list[0]))) {
    523. 

  523. 		dprintk((KERN_DEBUG"aacraid: too many sg entries %d\n",
    524. 

  524. 		  le32_to_cpu(srbcmd->sg.count)));
    525. 

  525. 		rcode = -EINVAL;
    526. 

  526. 		goto cleanup;
    527. 

  527. 	}
    528. 

  528. 	if (dev->dac_support == 1) {
    529. 

  529. 		struct user_sgmap64* upsg = (struct user_sgmap64*)&user_srbcmd->sg;
    530. 

  530. 		struct sgmap64* psg = (struct sgmap64*)&srbcmd->sg;
    531. 

  531. 		struct user_sgmap* usg;
    532. 

  532. 		byte_count = 0;
    533. 

  533. 

  534. 		/*
    535. 

  535. 		 * This should also catch if user used the 32 bit sgmap
    536. 

  536. 		 */
    537. 

  537. 		actual_fibsize = sizeof(struct aac_srb) - 
    538. 

  538. 			sizeof(struct sgentry) +
    539. 

  539. 			((upsg->count & 0xff) * 
    540. 

  540. 		 	sizeof(struct sgentry));
    541. 

  541. 		if(actual_fibsize != fibsize){ // User made a mistake - should not continue
    542. 

  542. 			dprintk((KERN_DEBUG"aacraid: Bad Size specified in Raw SRB command\n"));
    543. 

  543. 			rcode = -EINVAL;
    544. 

  544. 			goto cleanup;
    545. 

  545. 		}
    546. 

  546. 		usg = kmalloc(actual_fibsize - sizeof(struct aac_srb)
    547. 

  547. 		  + sizeof(struct sgmap), GFP_KERNEL);
    548. 

  548. 		if (!usg) {
    549. 

  549. 			dprintk((KERN_DEBUG"aacraid: Allocation error in Raw SRB command\n"));
    550. 

  550. 			rcode = -ENOMEM;
    551. 

  551. 			goto cleanup;
    552. 

  552. 		}
    553. 

  553. 		memcpy (usg, upsg, actual_fibsize - sizeof(struct aac_srb)
    554. 

  554. 		  + sizeof(struct sgmap));
    555. 

  555. 		actual_fibsize = sizeof(struct aac_srb) - 
    556. 

  556. 			sizeof(struct sgentry) + ((usg->count & 0xff) * 
    557. 

  557. 			 	sizeof(struct sgentry64));
    558. 

  558. 		if ((data_dir == DMA_NONE) && upsg->count) {
    559. 

  559. 			kfree (usg);
    560. 

  560. 			dprintk((KERN_DEBUG"aacraid: SG with no direction specified in Raw SRB command\n"));
    561. 

  561. 			rcode = -EINVAL;
    562. 

  562. 			goto cleanup;
    563. 

  563. 		}
    564. 

  564. 

  565. 		for (i = 0; i < usg->count; i++) {
    566. 

  566. 			u64 addr;
    567. 

  567. 			void* p;
    568. 

  568. 			/* Does this really need to be GFP_DMA? */
    569. 

  569. 			p = kmalloc(usg->sg[i].count,GFP_KERNEL|__GFP_DMA);
    570. 

  570. 			if(p == 0) {
    571. 

  571. 				kfree (usg);
    572. 

  572. 				dprintk((KERN_DEBUG"aacraid: Could not allocate SG buffer - size = %d buffer number %d of %d\n",
    573. 

  573. 				  usg->sg[i].count,i,usg->count));
    574. 

  574. 				rcode = -ENOMEM;
    575. 

  575. 				goto cleanup;
    576. 

  576. 			}
    577. 

  577. 			sg_user[i] = (void __user *)usg->sg[i].addr;
    578. 

  578. 			sg_list[i] = p; // save so we can clean up later
    579. 

  579. 			sg_indx = i;
    580. 

  580. 

  581. 			if( flags & SRB_DataOut ){
    582. 

  582. 				if(copy_from_user(p,sg_user[i],upsg->sg[i].count)){
    583. 

  583. 					kfree (usg);
    584. 

  584. 					dprintk((KERN_DEBUG"aacraid: Could not copy sg data from user\n")); 
    585. 

  585. 					rcode = -EFAULT;
    586. 

  586. 					goto cleanup;
    587. 

  587. 				}
    588. 

  588. 			}
    589. 

  589. 			addr = pci_map_single(dev->pdev, p, usg->sg[i].count, data_dir);
    590. 

  590. 

  591. 			psg->sg[i].addr[0] = cpu_to_le32(addr & 0xffffffff);
    592. 

  592. 			psg->sg[i].addr[1] = cpu_to_le32(addr>>32);
    593. 

  593. 			psg->sg[i].count = cpu_to_le32(usg->sg[i].count);  
    594. 

  594. 			byte_count += usg->sg[i].count;
    595. 

  595. 		}
    596. 

  596. 		kfree (usg);
    597. 

  597. 

  598. 		srbcmd->count = cpu_to_le32(byte_count);
    599. 

  599. 		psg->count = cpu_to_le32(sg_indx+1);
    600. 

  600. 		status = fib_send(ScsiPortCommand64, srbfib, actual_fibsize, FsaNormal, 1, 1,NULL,NULL);
    601. 

  601. 	} else {
    602. 

  602. 		struct user_sgmap* upsg = &user_srbcmd->sg;
    603. 

  603. 		struct sgmap* psg = &srbcmd->sg;
    604. 

  604. 		byte_count = 0;
    605. 

  605. 

  606. 		actual_fibsize = sizeof (struct aac_srb) + (((user_srbcmd->sg.count & 0xff) - 1) * sizeof (struct sgentry));
    607. 

  607. 		if(actual_fibsize != fibsize){ // User made a mistake - should not continue
    608. 

  608. 			dprintk((KERN_DEBUG"aacraid: Bad Size specified in Raw SRB command\n"));
    609. 

  609. 			rcode = -EINVAL;
    610. 

  610. 			goto cleanup;
    611. 

  611. 		}
    612. 

  612. 		if ((data_dir == DMA_NONE) && upsg->count) {
    613. 

  613. 			dprintk((KERN_DEBUG"aacraid: SG with no direction specified in Raw SRB command\n"));
    614. 

  614. 			rcode = -EINVAL;
    615. 

  615. 			goto cleanup;
    616. 

  616. 		}
    617. 

  617. 		for (i = 0; i < upsg->count; i++) {
    618. 

  618. 			dma_addr_t addr; 
    619. 

  619. 			void* p;
    620. 

  620. 			p = kmalloc(upsg->sg[i].count, GFP_KERNEL);
    621. 

  621. 			if(p == 0) {
    622. 

  622. 				dprintk((KERN_DEBUG"aacraid: Could not allocate SG buffer - size = %d buffer number %d of %d\n",
    623. 

  623. 				  upsg->sg[i].count, i, upsg->count));
    624. 

  624. 				rcode = -ENOMEM;
    625. 

  625. 				goto cleanup;
    626. 

  626. 			}
    627. 

  627. 			sg_user[i] = (void __user *)upsg->sg[i].addr;
    628. 

  628. 			sg_list[i] = p; // save so we can clean up later
    629. 

  629. 			sg_indx = i;
    630. 

  630. 

  631. 			if( flags & SRB_DataOut ){
    632. 

  632. 				if(copy_from_user(p, sg_user[i],
    633. 

  633. 						upsg->sg[i].count)) {
    634. 

  634. 					dprintk((KERN_DEBUG"aacraid: Could not copy sg data from user\n")); 
    635. 

  635. 					rcode = -EFAULT;
    636. 

  636. 					goto cleanup;
    637. 

  637. 				}
    638. 

  638. 			}
    639. 

  639. 			addr = pci_map_single(dev->pdev, p,
    640. 

  640. 				upsg->sg[i].count, data_dir);
    641. 

  641. 

  642. 			psg->sg[i].addr = cpu_to_le32(addr);
    643. 

  643. 			psg->sg[i].count = cpu_to_le32(upsg->sg[i].count);  
    644. 

  644. 			byte_count += upsg->sg[i].count;
    645. 

  645. 		}
    646. 

  646. 		srbcmd->count = cpu_to_le32(byte_count);
    647. 

  647. 		psg->count = cpu_to_le32(sg_indx+1);
    648. 

  648. 		status = fib_send(ScsiPortCommand, srbfib, actual_fibsize, FsaNormal, 1, 1, NULL, NULL);
    649. 

  649. 	}
    650. 

  650. 

  651. 	if (status != 0){
    652. 

  652. 		dprintk((KERN_DEBUG"aacraid: Could not send raw srb fib to hba\n")); 
    653. 

  653. 		rcode = -ENXIO;
    654. 

  654. 		goto cleanup;
    655. 

  655. 	}
    656. 

  656. 

  657. 	if( flags & SRB_DataIn ) {
    658. 

  658. 		for(i = 0 ; i <= sg_indx; i++){
    659. 

  659. 			byte_count = le32_to_cpu((dev->dac_support == 1)
    660. 

  660. 			      ? ((struct sgmap64*)&srbcmd->sg)->sg[i].count
    661. 

  661. 			      : srbcmd->sg.sg[i].count);
    662. 

  662. 			if(copy_to_user(sg_user[i], sg_list[i], byte_count)){
    663. 

  663. 				dprintk((KERN_DEBUG"aacraid: Could not copy sg data to user\n")); 
    664. 

  664. 				rcode = -EFAULT;
    665. 

  665. 				goto cleanup;
    666. 

  666. 

  667. 			}
    668. 

  668. 		}
    669. 

  669. 	}
    670. 

  670. 

  671. 	reply = (struct aac_srb_reply *) fib_data(srbfib);
    672. 

  672. 	if(copy_to_user(user_reply,reply,sizeof(struct aac_srb_reply))){
    673. 

  673. 		dprintk((KERN_DEBUG"aacraid: Could not copy reply to user\n")); 
    674. 

  674. 		rcode = -EFAULT;
    675. 

  675. 		goto cleanup;
    676. 

  676. 	}
    677. 

  677. 

  678. cleanup:
    679. 

  679. 	kfree(user_srbcmd);
    680. 

  680. 	for(i=0; i <= sg_indx; i++){
    681. 

  681. 		kfree(sg_list[i]);
    682. 

  682. 	}
    683. 

  683. 	fib_complete(srbfib);
    684. 

  684. 	fib_free(srbfib);
    685. 

  685. 

  686. 	return rcode;
    687. 

  687. }
    688. 

  688. 

  689. struct aac_pci_info {
    690. 

  690.         u32 bus;
    691. 

  691.         u32 slot;
    692. 

  692. };
    693. 

  693. 

  694. 

  695. static int aac_get_pci_info(struct aac_dev* dev, void __user *arg)
    696. 

  696. {
    697. 

  697.         struct aac_pci_info pci_info;
    698. 

  698. 

  699. 	pci_info.bus = dev->pdev->bus->number;
    700. 

  700. 	pci_info.slot = PCI_SLOT(dev->pdev->devfn);
    701. 

  701. 

  702.        if (copy_to_user(arg, &pci_info, sizeof(struct aac_pci_info))) {
    703. 

  703.                dprintk((KERN_DEBUG "aacraid: Could not copy pci info\n"));
    704. 

  704.                return -EFAULT;
    705. 

  705. 	}
    706. 

  706.         return 0;
    707. 

  707. }
    708. 

  708.  
    709. 

  709. 

  710. int aac_do_ioctl(struct aac_dev * dev, int cmd, void __user *arg)
    711. 

  711. {
    712. 

  712. 	int status;
    713. 

  713. 	
    714. 

  714. 	/*
    715. 

  715. 	 *	HBA gets first crack
    716. 

  716. 	 */
    717. 

  717. 	 
    718. 

  718. 	status = aac_dev_ioctl(dev, cmd, arg);
    719. 

  719. 	if(status != -ENOTTY)
    720. 

  720. 		return status;
    721. 

  721. 

  722. 	switch (cmd) {
    723. 

  723. 	case FSACTL_MINIPORT_REV_CHECK:
    724. 

  724. 		status = check_revision(dev, arg);
    725. 

  725. 		break;
    726. 

  726. 	case FSACTL_SEND_LARGE_FIB:
    727. 

  727. 	case FSACTL_SENDFIB:
    728. 

  728. 		status = ioctl_send_fib(dev, arg);
    729. 

  729. 		break;
    730. 

  730. 	case FSACTL_OPEN_GET_ADAPTER_FIB:
    731. 

  731. 		status = open_getadapter_fib(dev, arg);
    732. 

  732. 		break;
    733. 

  733. 	case FSACTL_GET_NEXT_ADAPTER_FIB:
    734. 

  734. 		status = next_getadapter_fib(dev, arg);
    735. 

  735. 		break;
    736. 

  736. 	case FSACTL_CLOSE_GET_ADAPTER_FIB:
    737. 

  737. 		status = close_getadapter_fib(dev, arg);
    738. 

  738. 		break;
    739. 

  739. 	case FSACTL_SEND_RAW_SRB:
    740. 

  740. 		status = aac_send_raw_srb(dev,arg);
    741. 

  741. 		break;
    742. 

  742. 	case FSACTL_GET_PCI_INFO:
    743. 

  743. 		status = aac_get_pci_info(dev,arg);
    744. 

  744. 		break;
    745. 

  745. 	default:
    746. 

  746. 		status = -ENOTTY;
    747. 

  747. 	  	break;	
    748. 

  748. 	}
    749. 

  749. 	return status;
    750. 

  750. }
    751. 

  751.