ClabureDB: Classified Bug-Reports Database

Project: Linux Kernel

Showing error 1690

User:	Jiri Slaby
Error type:	Double Lock
Error type description:	Some lock is locked twice unintentionally in a sequence
File location:	drivers/ide/ide-io.c
Line in file:	1262
Project:	Linux Kernel
Project version:	2.6.28
Tools:	Smatch (1.59)
Entered:	2013-09-10 14:01:52 UTC
Source:

   1/*
   2 *        IDE I/O functions
   3 *
   4 *        Basic PIO and command management functionality.
   5 *
   6 * This code was split off from ide.c. See ide.c for history and original
   7 * copyrights.
   8 *
   9 * This program is free software; you can redistribute it and/or modify it
  10 * under the terms of the GNU General Public License as published by the
  11 * Free Software Foundation; either version 2, or (at your option) any
  12 * later version.
  13 *
  14 * This program is distributed in the hope that it will be useful, but
  15 * WITHOUT ANY WARRANTY; without even the implied warranty of
  16 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
  17 * General Public License for more details.
  18 *
  19 * For the avoidance of doubt the "preferred form" of this code is one which
  20 * is in an open non patent encumbered format. Where cryptographic key signing
  21 * forms part of the process of creating an executable the information
  22 * including keys needed to generate an equivalently functional executable
  23 * are deemed to be part of the source code.
  24 */
  25 
  26 
  27#include <linux/module.h>
  28#include <linux/types.h>
  29#include <linux/string.h>
  30#include <linux/kernel.h>
  31#include <linux/timer.h>
  32#include <linux/mm.h>
  33#include <linux/interrupt.h>
  34#include <linux/major.h>
  35#include <linux/errno.h>
  36#include <linux/genhd.h>
  37#include <linux/blkpg.h>
  38#include <linux/slab.h>
  39#include <linux/init.h>
  40#include <linux/pci.h>
  41#include <linux/delay.h>
  42#include <linux/ide.h>
  43#include <linux/hdreg.h>
  44#include <linux/completion.h>
  45#include <linux/reboot.h>
  46#include <linux/cdrom.h>
  47#include <linux/seq_file.h>
  48#include <linux/device.h>
  49#include <linux/kmod.h>
  50#include <linux/scatterlist.h>
  51#include <linux/bitops.h>
  52
  53#include <asm/byteorder.h>
  54#include <asm/irq.h>
  55#include <asm/uaccess.h>
  56#include <asm/io.h>
  57
  58static int __ide_end_request(ide_drive_t *drive, struct request *rq,
  59                             int uptodate, unsigned int nr_bytes, int dequeue)
  60{
  61        int ret = 1;
  62        int error = 0;
  63
  64        if (uptodate <= 0)
  65                error = uptodate ? uptodate : -EIO;
  66
  67        /*
  68         * if failfast is set on a request, override number of sectors and
  69         * complete the whole request right now
  70         */
  71        if (blk_noretry_request(rq) && error)
  72                nr_bytes = rq->hard_nr_sectors << 9;
  73
  74        if (!blk_fs_request(rq) && error && !rq->errors)
  75                rq->errors = -EIO;
  76
  77        /*
  78         * decide whether to reenable DMA -- 3 is a random magic for now,
  79         * if we DMA timeout more than 3 times, just stay in PIO
  80         */
  81        if ((drive->dev_flags & IDE_DFLAG_DMA_PIO_RETRY) &&
  82            drive->retry_pio <= 3) {
  83                drive->dev_flags &= ~IDE_DFLAG_DMA_PIO_RETRY;
  84                ide_dma_on(drive);
  85        }
  86
  87        if (!__blk_end_request(rq, error, nr_bytes)) {
  88                if (dequeue)
  89                        HWGROUP(drive)->rq = NULL;
  90                ret = 0;
  91        }
  92
  93        return ret;
  94}
  95
  96/**
  97 *        ide_end_request                -        complete an IDE I/O
  98 *        @drive: IDE device for the I/O
  99 *        @uptodate:
 100 *        @nr_sectors: number of sectors completed
 101 *
 102 *        This is our end_request wrapper function. We complete the I/O
 103 *        update random number input and dequeue the request, which if
 104 *        it was tagged may be out of order.
 105 */
 106
 107int ide_end_request (ide_drive_t *drive, int uptodate, int nr_sectors)
 108{
 109        unsigned int nr_bytes = nr_sectors << 9;
 110        struct request *rq;
 111        unsigned long flags;
 112        int ret = 1;
 113
 114        /*
 115         * room for locking improvements here, the calls below don't
 116         * need the queue lock held at all
 117         */
 118        spin_lock_irqsave(&ide_lock, flags);
 119        rq = HWGROUP(drive)->rq;
 120
 121        if (!nr_bytes) {
 122                if (blk_pc_request(rq))
 123                        nr_bytes = rq->data_len;
 124                else
 125                        nr_bytes = rq->hard_cur_sectors << 9;
 126        }
 127
 128        ret = __ide_end_request(drive, rq, uptodate, nr_bytes, 1);
 129
 130        spin_unlock_irqrestore(&ide_lock, flags);
 131        return ret;
 132}
 133EXPORT_SYMBOL(ide_end_request);
 134
 135static void ide_complete_power_step(ide_drive_t *drive, struct request *rq)
 136{
 137        struct request_pm_state *pm = rq->data;
 138
 139#ifdef DEBUG_PM
 140        printk(KERN_INFO "%s: complete_power_step(step: %d)\n",
 141                drive->name, pm->pm_step);
 142#endif
 143        if (drive->media != ide_disk)
 144                return;
 145
 146        switch (pm->pm_step) {
 147        case IDE_PM_FLUSH_CACHE:        /* Suspend step 1 (flush cache) */
 148                if (pm->pm_state == PM_EVENT_FREEZE)
 149                        pm->pm_step = IDE_PM_COMPLETED;
 150                else
 151                        pm->pm_step = IDE_PM_STANDBY;
 152                break;
 153        case IDE_PM_STANDBY:                /* Suspend step 2 (standby) */
 154                pm->pm_step = IDE_PM_COMPLETED;
 155                break;
 156        case IDE_PM_RESTORE_PIO:        /* Resume step 1 (restore PIO) */
 157                pm->pm_step = IDE_PM_IDLE;
 158                break;
 159        case IDE_PM_IDLE:                /* Resume step 2 (idle)*/
 160                pm->pm_step = IDE_PM_RESTORE_DMA;
 161                break;
 162        }
 163}
 164
 165static ide_startstop_t ide_start_power_step(ide_drive_t *drive, struct request *rq)
 166{
 167        struct request_pm_state *pm = rq->data;
 168        ide_task_t *args = rq->special;
 169
 170        memset(args, 0, sizeof(*args));
 171
 172        switch (pm->pm_step) {
 173        case IDE_PM_FLUSH_CACHE:        /* Suspend step 1 (flush cache) */
 174                if (drive->media != ide_disk)
 175                        break;
 176                /* Not supported? Switch to next step now. */
 177                if (ata_id_flush_enabled(drive->id) == 0 ||
 178                    (drive->dev_flags & IDE_DFLAG_WCACHE) == 0) {
 179                        ide_complete_power_step(drive, rq);
 180                        return ide_stopped;
 181                }
 182                if (ata_id_flush_ext_enabled(drive->id))
 183                        args->tf.command = ATA_CMD_FLUSH_EXT;
 184                else
 185                        args->tf.command = ATA_CMD_FLUSH;
 186                goto out_do_tf;
 187        case IDE_PM_STANDBY:                /* Suspend step 2 (standby) */
 188                args->tf.command = ATA_CMD_STANDBYNOW1;
 189                goto out_do_tf;
 190        case IDE_PM_RESTORE_PIO:        /* Resume step 1 (restore PIO) */
 191                ide_set_max_pio(drive);
 192                /*
 193                 * skip IDE_PM_IDLE for ATAPI devices
 194                 */
 195                if (drive->media != ide_disk)
 196                        pm->pm_step = IDE_PM_RESTORE_DMA;
 197                else
 198                        ide_complete_power_step(drive, rq);
 199                return ide_stopped;
 200        case IDE_PM_IDLE:                /* Resume step 2 (idle) */
 201                args->tf.command = ATA_CMD_IDLEIMMEDIATE;
 202                goto out_do_tf;
 203        case IDE_PM_RESTORE_DMA:        /* Resume step 3 (restore DMA) */
 204                /*
 205                 * Right now, all we do is call ide_set_dma(drive),
 206                 * we could be smarter and check for current xfer_speed
 207                 * in struct drive etc...
 208                 */
 209                if (drive->hwif->dma_ops == NULL)
 210                        break;
 211                /*
 212                 * TODO: respect IDE_DFLAG_USING_DMA
 213                 */
 214                ide_set_dma(drive);
 215                break;
 216        }
 217
 218        pm->pm_step = IDE_PM_COMPLETED;
 219        return ide_stopped;
 220
 221out_do_tf:
 222        args->tf_flags         = IDE_TFLAG_TF | IDE_TFLAG_DEVICE;
 223        args->data_phase = TASKFILE_NO_DATA;
 224        return do_rw_taskfile(drive, args);
 225}
 226
 227/**
 228 *        ide_end_dequeued_request        -        complete an IDE I/O
 229 *        @drive: IDE device for the I/O
 230 *        @uptodate:
 231 *        @nr_sectors: number of sectors completed
 232 *
 233 *        Complete an I/O that is no longer on the request queue. This
 234 *        typically occurs when we pull the request and issue a REQUEST_SENSE.
 235 *        We must still finish the old request but we must not tamper with the
 236 *        queue in the meantime.
 237 *
 238 *        NOTE: This path does not handle barrier, but barrier is not supported
 239 *        on ide-cd anyway.
 240 */
 241
 242int ide_end_dequeued_request(ide_drive_t *drive, struct request *rq,
 243                             int uptodate, int nr_sectors)
 244{
 245        unsigned long flags;
 246        int ret;
 247
 248        spin_lock_irqsave(&ide_lock, flags);
 249        BUG_ON(!blk_rq_started(rq));
 250        ret = __ide_end_request(drive, rq, uptodate, nr_sectors << 9, 0);
 251        spin_unlock_irqrestore(&ide_lock, flags);
 252
 253        return ret;
 254}
 255EXPORT_SYMBOL_GPL(ide_end_dequeued_request);
 256
 257
 258/**
 259 *        ide_complete_pm_request - end the current Power Management request
 260 *        @drive: target drive
 261 *        @rq: request
 262 *
 263 *        This function cleans up the current PM request and stops the queue
 264 *        if necessary.
 265 */
 266static void ide_complete_pm_request (ide_drive_t *drive, struct request *rq)
 267{
 268        unsigned long flags;
 269
 270#ifdef DEBUG_PM
 271        printk("%s: completing PM request, %s\n", drive->name,
 272               blk_pm_suspend_request(rq) ? "suspend" : "resume");
 273#endif
 274        spin_lock_irqsave(&ide_lock, flags);
 275        if (blk_pm_suspend_request(rq)) {
 276                blk_stop_queue(drive->queue);
 277        } else {
 278                drive->dev_flags &= ~IDE_DFLAG_BLOCKED;
 279                blk_start_queue(drive->queue);
 280        }
 281        HWGROUP(drive)->rq = NULL;
 282        if (__blk_end_request(rq, 0, 0))
 283                BUG();
 284        spin_unlock_irqrestore(&ide_lock, flags);
 285}
 286
 287/**
 288 *        ide_end_drive_cmd        -        end an explicit drive command
 289 *        @drive: command 
 290 *        @stat: status bits
 291 *        @err: error bits
 292 *
 293 *        Clean up after success/failure of an explicit drive command.
 294 *        These get thrown onto the queue so they are synchronized with
 295 *        real I/O operations on the drive.
 296 *
 297 *        In LBA48 mode we have to read the register set twice to get
 298 *        all the extra information out.
 299 */
 300 
 301void ide_end_drive_cmd (ide_drive_t *drive, u8 stat, u8 err)
 302{
 303        unsigned long flags;
 304        struct request *rq;
 305
 306        spin_lock_irqsave(&ide_lock, flags);
 307        rq = HWGROUP(drive)->rq;
 308        spin_unlock_irqrestore(&ide_lock, flags);
 309
 310        if (rq->cmd_type == REQ_TYPE_ATA_TASKFILE) {
 311                ide_task_t *task = (ide_task_t *)rq->special;
 312
 313                if (rq->errors == 0)
 314                        rq->errors = !OK_STAT(stat, ATA_DRDY, BAD_STAT);
 315
 316                if (task) {
 317                        struct ide_taskfile *tf = &task->tf;
 318
 319                        tf->error = err;
 320                        tf->status = stat;
 321
 322                        drive->hwif->tp_ops->tf_read(drive, task);
 323
 324                        if (task->tf_flags & IDE_TFLAG_DYN)
 325                                kfree(task);
 326                }
 327        } else if (blk_pm_request(rq)) {
 328                struct request_pm_state *pm = rq->data;
 329
 330                ide_complete_power_step(drive, rq);
 331                if (pm->pm_step == IDE_PM_COMPLETED)
 332                        ide_complete_pm_request(drive, rq);
 333                return;
 334        }
 335
 336        spin_lock_irqsave(&ide_lock, flags);
 337        HWGROUP(drive)->rq = NULL;
 338        rq->errors = err;
 339        if (unlikely(__blk_end_request(rq, (rq->errors ? -EIO : 0),
 340                                       blk_rq_bytes(rq))))
 341                BUG();
 342        spin_unlock_irqrestore(&ide_lock, flags);
 343}
 344
 345EXPORT_SYMBOL(ide_end_drive_cmd);
 346
 347static void ide_kill_rq(ide_drive_t *drive, struct request *rq)
 348{
 349        if (rq->rq_disk) {
 350                ide_driver_t *drv;
 351
 352                drv = *(ide_driver_t **)rq->rq_disk->private_data;
 353                drv->end_request(drive, 0, 0);
 354        } else
 355                ide_end_request(drive, 0, 0);
 356}
 357
 358static ide_startstop_t ide_ata_error(ide_drive_t *drive, struct request *rq, u8 stat, u8 err)
 359{
 360        ide_hwif_t *hwif = drive->hwif;
 361
 362        if ((stat & ATA_BUSY) ||
 363            ((stat & ATA_DF) && (drive->dev_flags & IDE_DFLAG_NOWERR) == 0)) {
 364                /* other bits are useless when BUSY */
 365                rq->errors |= ERROR_RESET;
 366        } else if (stat & ATA_ERR) {
 367                /* err has different meaning on cdrom and tape */
 368                if (err == ATA_ABORTED) {
 369                        if ((drive->dev_flags & IDE_DFLAG_LBA) &&
 370                            /* some newer drives don't support ATA_CMD_INIT_DEV_PARAMS */
 371                            hwif->tp_ops->read_status(hwif) == ATA_CMD_INIT_DEV_PARAMS)
 372                                return ide_stopped;
 373                } else if ((err & BAD_CRC) == BAD_CRC) {
 374                        /* UDMA crc error, just retry the operation */
 375                        drive->crc_count++;
 376                } else if (err & (ATA_BBK | ATA_UNC)) {
 377                        /* retries won't help these */
 378                        rq->errors = ERROR_MAX;
 379                } else if (err & ATA_TRK0NF) {
 380                        /* help it find track zero */
 381                        rq->errors |= ERROR_RECAL;
 382                }
 383        }
 384
 385        if ((stat & ATA_DRQ) && rq_data_dir(rq) == READ &&
 386            (hwif->host_flags & IDE_HFLAG_ERROR_STOPS_FIFO) == 0) {
 387                int nsect = drive->mult_count ? drive->mult_count : 1;
 388
 389                ide_pad_transfer(drive, READ, nsect * SECTOR_SIZE);
 390        }
 391
 392        if (rq->errors >= ERROR_MAX || blk_noretry_request(rq)) {
 393                ide_kill_rq(drive, rq);
 394                return ide_stopped;
 395        }
 396
 397        if (hwif->tp_ops->read_status(hwif) & (ATA_BUSY | ATA_DRQ))
 398                rq->errors |= ERROR_RESET;
 399
 400        if ((rq->errors & ERROR_RESET) == ERROR_RESET) {
 401                ++rq->errors;
 402                return ide_do_reset(drive);
 403        }
 404
 405        if ((rq->errors & ERROR_RECAL) == ERROR_RECAL)
 406                drive->special.b.recalibrate = 1;
 407
 408        ++rq->errors;
 409
 410        return ide_stopped;
 411}
 412
 413static ide_startstop_t ide_atapi_error(ide_drive_t *drive, struct request *rq, u8 stat, u8 err)
 414{
 415        ide_hwif_t *hwif = drive->hwif;
 416
 417        if ((stat & ATA_BUSY) ||
 418            ((stat & ATA_DF) && (drive->dev_flags & IDE_DFLAG_NOWERR) == 0)) {
 419                /* other bits are useless when BUSY */
 420                rq->errors |= ERROR_RESET;
 421        } else {
 422                /* add decoding error stuff */
 423        }
 424
 425        if (hwif->tp_ops->read_status(hwif) & (ATA_BUSY | ATA_DRQ))
 426                /* force an abort */
 427                hwif->tp_ops->exec_command(hwif, ATA_CMD_IDLEIMMEDIATE);
 428
 429        if (rq->errors >= ERROR_MAX) {
 430                ide_kill_rq(drive, rq);
 431        } else {
 432                if ((rq->errors & ERROR_RESET) == ERROR_RESET) {
 433                        ++rq->errors;
 434                        return ide_do_reset(drive);
 435                }
 436                ++rq->errors;
 437        }
 438
 439        return ide_stopped;
 440}
 441
 442ide_startstop_t
 443__ide_error(ide_drive_t *drive, struct request *rq, u8 stat, u8 err)
 444{
 445        if (drive->media == ide_disk)
 446                return ide_ata_error(drive, rq, stat, err);
 447        return ide_atapi_error(drive, rq, stat, err);
 448}
 449
 450EXPORT_SYMBOL_GPL(__ide_error);
 451
 452/**
 453 *        ide_error        -        handle an error on the IDE
 454 *        @drive: drive the error occurred on
 455 *        @msg: message to report
 456 *        @stat: status bits
 457 *
 458 *        ide_error() takes action based on the error returned by the drive.
 459 *        For normal I/O that may well include retries. We deal with
 460 *        both new-style (taskfile) and old style command handling here.
 461 *        In the case of taskfile command handling there is work left to
 462 *        do
 463 */
 464 
 465ide_startstop_t ide_error (ide_drive_t *drive, const char *msg, u8 stat)
 466{
 467        struct request *rq;
 468        u8 err;
 469
 470        err = ide_dump_status(drive, msg, stat);
 471
 472        if ((rq = HWGROUP(drive)->rq) == NULL)
 473                return ide_stopped;
 474
 475        /* retry only "normal" I/O: */
 476        if (!blk_fs_request(rq)) {
 477                rq->errors = 1;
 478                ide_end_drive_cmd(drive, stat, err);
 479                return ide_stopped;
 480        }
 481
 482        if (rq->rq_disk) {
 483                ide_driver_t *drv;
 484
 485                drv = *(ide_driver_t **)rq->rq_disk->private_data;
 486                return drv->error(drive, rq, stat, err);
 487        } else
 488                return __ide_error(drive, rq, stat, err);
 489}
 490
 491EXPORT_SYMBOL_GPL(ide_error);
 492
 493static void ide_tf_set_specify_cmd(ide_drive_t *drive, struct ide_taskfile *tf)
 494{
 495        tf->nsect   = drive->sect;
 496        tf->lbal    = drive->sect;
 497        tf->lbam    = drive->cyl;
 498        tf->lbah    = drive->cyl >> 8;
 499        tf->device  = (drive->head - 1) | drive->select;
 500        tf->command = ATA_CMD_INIT_DEV_PARAMS;
 501}
 502
 503static void ide_tf_set_restore_cmd(ide_drive_t *drive, struct ide_taskfile *tf)
 504{
 505        tf->nsect   = drive->sect;
 506        tf->command = ATA_CMD_RESTORE;
 507}
 508
 509static void ide_tf_set_setmult_cmd(ide_drive_t *drive, struct ide_taskfile *tf)
 510{
 511        tf->nsect   = drive->mult_req;
 512        tf->command = ATA_CMD_SET_MULTI;
 513}
 514
 515static ide_startstop_t ide_disk_special(ide_drive_t *drive)
 516{
 517        special_t *s = &drive->special;
 518        ide_task_t args;
 519
 520        memset(&args, 0, sizeof(ide_task_t));
 521        args.data_phase = TASKFILE_NO_DATA;
 522
 523        if (s->b.set_geometry) {
 524                s->b.set_geometry = 0;
 525                ide_tf_set_specify_cmd(drive, &args.tf);
 526        } else if (s->b.recalibrate) {
 527                s->b.recalibrate = 0;
 528                ide_tf_set_restore_cmd(drive, &args.tf);
 529        } else if (s->b.set_multmode) {
 530                s->b.set_multmode = 0;
 531                ide_tf_set_setmult_cmd(drive, &args.tf);
 532        } else if (s->all) {
 533                int special = s->all;
 534                s->all = 0;
 535                printk(KERN_ERR "%s: bad special flag: 0x%02x\n", drive->name, special);
 536                return ide_stopped;
 537        }
 538
 539        args.tf_flags = IDE_TFLAG_TF | IDE_TFLAG_DEVICE |
 540                        IDE_TFLAG_CUSTOM_HANDLER;
 541
 542        do_rw_taskfile(drive, &args);
 543
 544        return ide_started;
 545}
 546
 547/**
 548 *        do_special                -        issue some special commands
 549 *        @drive: drive the command is for
 550 *
 551 *        do_special() is used to issue ATA_CMD_INIT_DEV_PARAMS,
 552 *        ATA_CMD_RESTORE and ATA_CMD_SET_MULTI commands to a drive.
 553 *
 554 *        It used to do much more, but has been scaled back.
 555 */
 556
 557static ide_startstop_t do_special (ide_drive_t *drive)
 558{
 559        special_t *s = &drive->special;
 560
 561#ifdef DEBUG
 562        printk("%s: do_special: 0x%02x\n", drive->name, s->all);
 563#endif
 564        if (drive->media == ide_disk)
 565                return ide_disk_special(drive);
 566
 567        s->all = 0;
 568        drive->mult_req = 0;
 569        return ide_stopped;
 570}
 571
 572void ide_map_sg(ide_drive_t *drive, struct request *rq)
 573{
 574        ide_hwif_t *hwif = drive->hwif;
 575        struct scatterlist *sg = hwif->sg_table;
 576
 577        if (hwif->sg_mapped)        /* needed by ide-scsi */
 578                return;
 579
 580        if (rq->cmd_type != REQ_TYPE_ATA_TASKFILE) {
 581                hwif->sg_nents = blk_rq_map_sg(drive->queue, rq, sg);
 582        } else {
 583                sg_init_one(sg, rq->buffer, rq->nr_sectors * SECTOR_SIZE);
 584                hwif->sg_nents = 1;
 585        }
 586}
 587
 588EXPORT_SYMBOL_GPL(ide_map_sg);
 589
 590void ide_init_sg_cmd(ide_drive_t *drive, struct request *rq)
 591{
 592        ide_hwif_t *hwif = drive->hwif;
 593
 594        hwif->nsect = hwif->nleft = rq->nr_sectors;
 595        hwif->cursg_ofs = 0;
 596        hwif->cursg = NULL;
 597}
 598
 599EXPORT_SYMBOL_GPL(ide_init_sg_cmd);
 600
 601/**
 602 *        execute_drive_command        -        issue special drive command
 603 *        @drive: the drive to issue the command on
 604 *        @rq: the request structure holding the command
 605 *
 606 *        execute_drive_cmd() issues a special drive command,  usually 
 607 *        initiated by ioctl() from the external hdparm program. The
 608 *        command can be a drive command, drive task or taskfile 
 609 *        operation. Weirdly you can call it with NULL to wait for
 610 *        all commands to finish. Don't do this as that is due to change
 611 */
 612
 613static ide_startstop_t execute_drive_cmd (ide_drive_t *drive,
 614                struct request *rq)
 615{
 616        ide_hwif_t *hwif = HWIF(drive);
 617        ide_task_t *task = rq->special;
 618
 619        if (task) {
 620                hwif->data_phase = task->data_phase;
 621
 622                switch (hwif->data_phase) {
 623                case TASKFILE_MULTI_OUT:
 624                case TASKFILE_OUT:
 625                case TASKFILE_MULTI_IN:
 626                case TASKFILE_IN:
 627                        ide_init_sg_cmd(drive, rq);
 628                        ide_map_sg(drive, rq);
 629                default:
 630                        break;
 631                }
 632
 633                return do_rw_taskfile(drive, task);
 634        }
 635
 636         /*
 637          * NULL is actually a valid way of waiting for
 638          * all current requests to be flushed from the queue.
 639          */
 640#ifdef DEBUG
 641         printk("%s: DRIVE_CMD (null)\n", drive->name);
 642#endif
 643        ide_end_drive_cmd(drive, hwif->tp_ops->read_status(hwif),
 644                          ide_read_error(drive));
 645
 646         return ide_stopped;
 647}
 648
 649int ide_devset_execute(ide_drive_t *drive, const struct ide_devset *setting,
 650                       int arg)
 651{
 652        struct request_queue *q = drive->queue;
 653        struct request *rq;
 654        int ret = 0;
 655
 656        if (!(setting->flags & DS_SYNC))
 657                return setting->set(drive, arg);
 658
 659        rq = blk_get_request(q, READ, __GFP_WAIT);
 660        rq->cmd_type = REQ_TYPE_SPECIAL;
 661        rq->cmd_len = 5;
 662        rq->cmd[0] = REQ_DEVSET_EXEC;
 663        *(int *)&rq->cmd[1] = arg;
 664        rq->special = setting->set;
 665
 666        if (blk_execute_rq(q, NULL, rq, 0))
 667                ret = rq->errors;
 668        blk_put_request(rq);
 669
 670        return ret;
 671}
 672EXPORT_SYMBOL_GPL(ide_devset_execute);
 673
 674static ide_startstop_t ide_special_rq(ide_drive_t *drive, struct request *rq)
 675{
 676        u8 cmd = rq->cmd[0];
 677
 678        if (cmd == REQ_PARK_HEADS || cmd == REQ_UNPARK_HEADS) {
 679                ide_task_t task;
 680                struct ide_taskfile *tf = &task.tf;
 681
 682                memset(&task, 0, sizeof(task));
 683                if (cmd == REQ_PARK_HEADS) {
 684                        drive->sleep = *(unsigned long *)rq->special;
 685                        drive->dev_flags |= IDE_DFLAG_SLEEPING;
 686                        tf->command = ATA_CMD_IDLEIMMEDIATE;
 687                        tf->feature = 0x44;
 688                        tf->lbal = 0x4c;
 689                        tf->lbam = 0x4e;
 690                        tf->lbah = 0x55;
 691                        task.tf_flags |= IDE_TFLAG_CUSTOM_HANDLER;
 692                } else                /* cmd == REQ_UNPARK_HEADS */
 693                        tf->command = ATA_CMD_CHK_POWER;
 694
 695                task.tf_flags |= IDE_TFLAG_TF | IDE_TFLAG_DEVICE;
 696                task.rq = rq;
 697                drive->hwif->data_phase = task.data_phase = TASKFILE_NO_DATA;
 698                return do_rw_taskfile(drive, &task);
 699        }
 700
 701        switch (cmd) {
 702        case REQ_DEVSET_EXEC:
 703        {
 704                int err, (*setfunc)(ide_drive_t *, int) = rq->special;
 705
 706                err = setfunc(drive, *(int *)&rq->cmd[1]);
 707                if (err)
 708                        rq->errors = err;
 709                else
 710                        err = 1;
 711                ide_end_request(drive, err, 0);
 712                return ide_stopped;
 713        }
 714        case REQ_DRIVE_RESET:
 715                return ide_do_reset(drive);
 716        default:
 717                blk_dump_rq_flags(rq, "ide_special_rq - bad request");
 718                ide_end_request(drive, 0, 0);
 719                return ide_stopped;
 720        }
 721}
 722
 723static void ide_check_pm_state(ide_drive_t *drive, struct request *rq)
 724{
 725        struct request_pm_state *pm = rq->data;
 726
 727        if (blk_pm_suspend_request(rq) &&
 728            pm->pm_step == IDE_PM_START_SUSPEND)
 729                /* Mark drive blocked when starting the suspend sequence. */
 730                drive->dev_flags |= IDE_DFLAG_BLOCKED;
 731        else if (blk_pm_resume_request(rq) &&
 732                 pm->pm_step == IDE_PM_START_RESUME) {
 733                /* 
 734                 * The first thing we do on wakeup is to wait for BSY bit to
 735                 * go away (with a looong timeout) as a drive on this hwif may
 736                 * just be POSTing itself.
 737                 * We do that before even selecting as the "other" device on
 738                 * the bus may be broken enough to walk on our toes at this
 739                 * point.
 740                 */
 741                ide_hwif_t *hwif = drive->hwif;
 742                int rc;
 743#ifdef DEBUG_PM
 744                printk("%s: Wakeup request inited, waiting for !BSY...\n", drive->name);
 745#endif
 746                rc = ide_wait_not_busy(hwif, 35000);
 747                if (rc)
 748                        printk(KERN_WARNING "%s: bus not ready on wakeup\n", drive->name);
 749                SELECT_DRIVE(drive);
 750                hwif->tp_ops->set_irq(hwif, 1);
 751                rc = ide_wait_not_busy(hwif, 100000);
 752                if (rc)
 753                        printk(KERN_WARNING "%s: drive not ready on wakeup\n", drive->name);
 754        }
 755}
 756
 757/**
 758 *        start_request        -        start of I/O and command issuing for IDE
 759 *
 760 *        start_request() initiates handling of a new I/O request. It
 761 *        accepts commands and I/O (read/write) requests.
 762 *
 763 *        FIXME: this function needs a rename
 764 */
 765 
 766static ide_startstop_t start_request (ide_drive_t *drive, struct request *rq)
 767{
 768        ide_startstop_t startstop;
 769
 770        BUG_ON(!blk_rq_started(rq));
 771
 772#ifdef DEBUG
 773        printk("%s: start_request: current=0x%08lx\n",
 774                HWIF(drive)->name, (unsigned long) rq);
 775#endif
 776
 777        /* bail early if we've exceeded max_failures */
 778        if (drive->max_failures && (drive->failures > drive->max_failures)) {
 779                rq->cmd_flags |= REQ_FAILED;
 780                goto kill_rq;
 781        }
 782
 783        if (blk_pm_request(rq))
 784                ide_check_pm_state(drive, rq);
 785
 786        SELECT_DRIVE(drive);
 787        if (ide_wait_stat(&startstop, drive, drive->ready_stat,
 788                          ATA_BUSY | ATA_DRQ, WAIT_READY)) {
 789                printk(KERN_ERR "%s: drive not ready for command\n", drive->name);
 790                return startstop;
 791        }
 792        if (!drive->special.all) {
 793                ide_driver_t *drv;
 794
 795                /*
 796                 * We reset the drive so we need to issue a SETFEATURES.
 797                 * Do it _after_ do_special() restored device parameters.
 798                 */
 799                if (drive->current_speed == 0xff)
 800                        ide_config_drive_speed(drive, drive->desired_speed);
 801
 802                if (rq->cmd_type == REQ_TYPE_ATA_TASKFILE)
 803                        return execute_drive_cmd(drive, rq);
 804                else if (blk_pm_request(rq)) {
 805                        struct request_pm_state *pm = rq->data;
 806#ifdef DEBUG_PM
 807                        printk("%s: start_power_step(step: %d)\n",
 808                                drive->name, pm->pm_step);
 809#endif
 810                        startstop = ide_start_power_step(drive, rq);
 811                        if (startstop == ide_stopped &&
 812                            pm->pm_step == IDE_PM_COMPLETED)
 813                                ide_complete_pm_request(drive, rq);
 814                        return startstop;
 815                } else if (!rq->rq_disk && blk_special_request(rq))
 816                        /*
 817                         * TODO: Once all ULDs have been modified to
 818                         * check for specific op codes rather than
 819                         * blindly accepting any special request, the
 820                         * check for ->rq_disk above may be replaced
 821                         * by a more suitable mechanism or even
 822                         * dropped entirely.
 823                         */
 824                        return ide_special_rq(drive, rq);
 825
 826                drv = *(ide_driver_t **)rq->rq_disk->private_data;
 827
 828                return drv->do_request(drive, rq, rq->sector);
 829        }
 830        return do_special(drive);
 831kill_rq:
 832        ide_kill_rq(drive, rq);
 833        return ide_stopped;
 834}
 835
 836/**
 837 *        ide_stall_queue                -        pause an IDE device
 838 *        @drive: drive to stall
 839 *        @timeout: time to stall for (jiffies)
 840 *
 841 *        ide_stall_queue() can be used by a drive to give excess bandwidth back
 842 *        to the hwgroup by sleeping for timeout jiffies.
 843 */
 844 
 845void ide_stall_queue (ide_drive_t *drive, unsigned long timeout)
 846{
 847        if (timeout > WAIT_WORSTCASE)
 848                timeout = WAIT_WORSTCASE;
 849        drive->sleep = timeout + jiffies;
 850        drive->dev_flags |= IDE_DFLAG_SLEEPING;
 851}
 852
 853EXPORT_SYMBOL(ide_stall_queue);
 854
 855#define WAKEUP(drive)        ((drive)->service_start + 2 * (drive)->service_time)
 856
 857/**
 858 *        choose_drive                -        select a drive to service
 859 *        @hwgroup: hardware group to select on
 860 *
 861 *        choose_drive() selects the next drive which will be serviced.
 862 *        This is necessary because the IDE layer can't issue commands
 863 *        to both drives on the same cable, unlike SCSI.
 864 */
 865 
 866static inline ide_drive_t *choose_drive (ide_hwgroup_t *hwgroup)
 867{
 868        ide_drive_t *drive, *best;
 869
 870repeat:        
 871        best = NULL;
 872        drive = hwgroup->drive;
 873
 874        /*
 875         * drive is doing pre-flush, ordered write, post-flush sequence. even
 876         * though that is 3 requests, it must be seen as a single transaction.
 877         * we must not preempt this drive until that is complete
 878         */
 879        if (blk_queue_flushing(drive->queue)) {
 880                /*
 881                 * small race where queue could get replugged during
 882                 * the 3-request flush cycle, just yank the plug since
 883                 * we want it to finish asap
 884                 */
 885                blk_remove_plug(drive->queue);
 886                return drive;
 887        }
 888
 889        do {
 890                u8 dev_s = !!(drive->dev_flags & IDE_DFLAG_SLEEPING);
 891                u8 best_s = (best && !!(best->dev_flags & IDE_DFLAG_SLEEPING));
 892
 893                if ((dev_s == 0 || time_after_eq(jiffies, drive->sleep)) &&
 894                    !elv_queue_empty(drive->queue)) {
 895                        if (best == NULL ||
 896                            (dev_s && (best_s == 0 || time_before(drive->sleep, best->sleep))) ||
 897                            (best_s == 0 && time_before(WAKEUP(drive), WAKEUP(best)))) {
 898                                if (!blk_queue_plugged(drive->queue))
 899                                        best = drive;
 900                        }
 901                }
 902        } while ((drive = drive->next) != hwgroup->drive);
 903
 904        if (best && (best->dev_flags & IDE_DFLAG_NICE1) &&
 905            (best->dev_flags & IDE_DFLAG_SLEEPING) == 0 &&
 906            best != hwgroup->drive && best->service_time > WAIT_MIN_SLEEP) {
 907                long t = (signed long)(WAKEUP(best) - jiffies);
 908                if (t >= WAIT_MIN_SLEEP) {
 909                /*
 910                 * We *may* have some time to spare, but first let's see if
 911                 * someone can potentially benefit from our nice mood today..
 912                 */
 913                        drive = best->next;
 914                        do {
 915                                if ((drive->dev_flags & IDE_DFLAG_SLEEPING) == 0
 916                                 && time_before(jiffies - best->service_time, WAKEUP(drive))
 917                                 && time_before(WAKEUP(drive), jiffies + t))
 918                                {
 919                                        ide_stall_queue(best, min_t(long, t, 10 * WAIT_MIN_SLEEP));
 920                                        goto repeat;
 921                                }
 922                        } while ((drive = drive->next) != best);
 923                }
 924        }
 925        return best;
 926}
 927
 928/*
 929 * Issue a new request to a drive from hwgroup
 930 * Caller must have already done spin_lock_irqsave(&ide_lock, ..);
 931 *
 932 * A hwgroup is a serialized group of IDE interfaces.  Usually there is
 933 * exactly one hwif (interface) per hwgroup, but buggy controllers (eg. CMD640)
 934 * may have both interfaces in a single hwgroup to "serialize" access.
 935 * Or possibly multiple ISA interfaces can share a common IRQ by being grouped
 936 * together into one hwgroup for serialized access.
 937 *
 938 * Note also that several hwgroups can end up sharing a single IRQ,
 939 * possibly along with many other devices.  This is especially common in
 940 * PCI-based systems with off-board IDE controller cards.
 941 *
 942 * The IDE driver uses the single global ide_lock spinlock to protect
 943 * access to the request queues, and to protect the hwgroup->busy flag.
 944 *
 945 * The first thread into the driver for a particular hwgroup sets the
 946 * hwgroup->busy flag to indicate that this hwgroup is now active,
 947 * and then initiates processing of the top request from the request queue.
 948 *
 949 * Other threads attempting entry notice the busy setting, and will simply
 950 * queue their new requests and exit immediately.  Note that hwgroup->busy
 951 * remains set even when the driver is merely awaiting the next interrupt.
 952 * Thus, the meaning is "this hwgroup is busy processing a request".
 953 *
 954 * When processing of a request completes, the completing thread or IRQ-handler
 955 * will start the next request from the queue.  If no more work remains,
 956 * the driver will clear the hwgroup->busy flag and exit.
 957 *
 958 * The ide_lock (spinlock) is used to protect all access to the
 959 * hwgroup->busy flag, but is otherwise not needed for most processing in
 960 * the driver.  This makes the driver much more friendlier to shared IRQs
 961 * than previous designs, while remaining 100% (?) SMP safe and capable.
 962 */
 963static void ide_do_request (ide_hwgroup_t *hwgroup, int masked_irq)
 964{
 965        ide_drive_t        *drive;
 966        ide_hwif_t        *hwif;
 967        struct request        *rq;
 968        ide_startstop_t        startstop;
 969        int             loops = 0;
 970
 971        /* caller must own ide_lock */
 972        BUG_ON(!irqs_disabled());
 973
 974        while (!hwgroup->busy) {
 975                hwgroup->busy = 1;
 976                /* for atari only */
 977                ide_get_lock(ide_intr, hwgroup);
 978                drive = choose_drive(hwgroup);
 979                if (drive == NULL) {
 980                        int sleeping = 0;
 981                        unsigned long sleep = 0; /* shut up, gcc */
 982                        hwgroup->rq = NULL;
 983                        drive = hwgroup->drive;
 984                        do {
 985                                if ((drive->dev_flags & IDE_DFLAG_SLEEPING) &&
 986                                    (sleeping == 0 ||
 987                                     time_before(drive->sleep, sleep))) {
 988                                        sleeping = 1;
 989                                        sleep = drive->sleep;
 990                                }
 991                        } while ((drive = drive->next) != hwgroup->drive);
 992                        if (sleeping) {
 993                /*
 994                 * Take a short snooze, and then wake up this hwgroup again.
 995                 * This gives other hwgroups on the same a chance to
 996                 * play fairly with us, just in case there are big differences
 997                 * in relative throughputs.. don't want to hog the cpu too much.
 998                 */
 999                                if (time_before(sleep, jiffies + WAIT_MIN_SLEEP))
1000                                        sleep = jiffies + WAIT_MIN_SLEEP;
1001#if 1
1002                                if (timer_pending(&hwgroup->timer))
1003                                        printk(KERN_CRIT "ide_set_handler: timer already active\n");
1004#endif
1005                                /* so that ide_timer_expiry knows what to do */
1006                                hwgroup->sleeping = 1;
1007                                hwgroup->req_gen_timer = hwgroup->req_gen;
1008                                mod_timer(&hwgroup->timer, sleep);
1009                                /* we purposely leave hwgroup->busy==1
1010                                 * while sleeping */
1011                        } else {
1012                                /* Ugly, but how can we sleep for the lock
1013                                 * otherwise? perhaps from tq_disk?
1014                                 */
1015
1016                                /* for atari only */
1017                                ide_release_lock();
1018                                hwgroup->busy = 0;
1019                        }
1020
1021                        /* no more work for this hwgroup (for now) */
1022                        return;
1023                }
1024        again:
1025                hwif = HWIF(drive);
1026                if (hwgroup->hwif->sharing_irq && hwif != hwgroup->hwif) {
1027                        /*
1028                         * set nIEN for previous hwif, drives in the
1029                         * quirk_list may not like intr setups/cleanups
1030                         */
1031                        if (drive->quirk_list != 1)
1032                                hwif->tp_ops->set_irq(hwif, 0);
1033                }
1034                hwgroup->hwif = hwif;
1035                hwgroup->drive = drive;
1036                drive->dev_flags &= ~(IDE_DFLAG_SLEEPING | IDE_DFLAG_PARKED);
1037                drive->service_start = jiffies;
1038
1039                if (blk_queue_plugged(drive->queue)) {
1040                        printk(KERN_ERR "ide: huh? queue was plugged!\n");
1041                        break;
1042                }
1043
1044                /*
1045                 * we know that the queue isn't empty, but this can happen
1046                 * if the q->prep_rq_fn() decides to kill a request
1047                 */
1048                rq = elv_next_request(drive->queue);
1049                if (!rq) {
1050                        hwgroup->busy = 0;
1051                        break;
1052                }
1053
1054                /*
1055                 * Sanity: don't accept a request that isn't a PM request
1056                 * if we are currently power managed. This is very important as
1057                 * blk_stop_queue() doesn't prevent the elv_next_request()
1058                 * above to return us whatever is in the queue. Since we call
1059                 * ide_do_request() ourselves, we end up taking requests while
1060                 * the queue is blocked...
1061                 * 
1062                 * We let requests forced at head of queue with ide-preempt
1063                 * though. I hope that doesn't happen too much, hopefully not
1064                 * unless the subdriver triggers such a thing in its own PM
1065                 * state machine.
1066                 *
1067                 * We count how many times we loop here to make sure we service
1068                 * all drives in the hwgroup without looping for ever
1069                 */
1070                if ((drive->dev_flags & IDE_DFLAG_BLOCKED) &&
1071                    blk_pm_request(rq) == 0 &&
1072                    (rq->cmd_flags & REQ_PREEMPT) == 0) {
1073                        drive = drive->next ? drive->next : hwgroup->drive;
1074                        if (loops++ < 4 && !blk_queue_plugged(drive->queue))
1075                                goto again;
1076                        /* We clear busy, there should be no pending ATA command at this point. */
1077                        hwgroup->busy = 0;
1078                        break;
1079                }
1080
1081                hwgroup->rq = rq;
1082
1083                /*
1084                 * Some systems have trouble with IDE IRQs arriving while
1085                 * the driver is still setting things up.  So, here we disable
1086                 * the IRQ used by this interface while the request is being started.
1087                 * This may look bad at first, but pretty much the same thing
1088                 * happens anyway when any interrupt comes in, IDE or otherwise
1089                 *  -- the kernel masks the IRQ while it is being handled.
1090                 */
1091                if (masked_irq != IDE_NO_IRQ && hwif->irq != masked_irq)
1092                        disable_irq_nosync(hwif->irq);
1093                spin_unlock(&ide_lock);
1094                local_irq_enable_in_hardirq();
1095                        /* allow other IRQs while we start this request */
1096                startstop = start_request(drive, rq);
1097                spin_lock_irq(&ide_lock);
1098                if (masked_irq != IDE_NO_IRQ && hwif->irq != masked_irq)
1099                        enable_irq(hwif->irq);
1100                if (startstop == ide_stopped)
1101                        hwgroup->busy = 0;
1102        }
1103}
1104
1105/*
1106 * Passes the stuff to ide_do_request
1107 */
1108void do_ide_request(struct request_queue *q)
1109{
1110        ide_drive_t *drive = q->queuedata;
1111
1112        ide_do_request(HWGROUP(drive), IDE_NO_IRQ);
1113}
1114
1115/*
1116 * un-busy the hwgroup etc, and clear any pending DMA status. we want to
1117 * retry the current request in pio mode instead of risking tossing it
1118 * all away
1119 */
1120static ide_startstop_t ide_dma_timeout_retry(ide_drive_t *drive, int error)
1121{
1122        ide_hwif_t *hwif = HWIF(drive);
1123        struct request *rq;
1124        ide_startstop_t ret = ide_stopped;
1125
1126        /*
1127         * end current dma transaction
1128         */
1129
1130        if (error < 0) {
1131                printk(KERN_WARNING "%s: DMA timeout error\n", drive->name);
1132                (void)hwif->dma_ops->dma_end(drive);
1133                ret = ide_error(drive, "dma timeout error",
1134                                hwif->tp_ops->read_status(hwif));
1135        } else {
1136                printk(KERN_WARNING "%s: DMA timeout retry\n", drive->name);
1137                hwif->dma_ops->dma_timeout(drive);
1138        }
1139
1140        /*
1141         * disable dma for now, but remember that we did so because of
1142         * a timeout -- we'll reenable after we finish this next request
1143         * (or rather the first chunk of it) in pio.
1144         */
1145        drive->dev_flags |= IDE_DFLAG_DMA_PIO_RETRY;
1146        drive->retry_pio++;
1147        ide_dma_off_quietly(drive);
1148
1149        /*
1150         * un-busy drive etc (hwgroup->busy is cleared on return) and
1151         * make sure request is sane
1152         */
1153        rq = HWGROUP(drive)->rq;
1154
1155        if (!rq)
1156                goto out;
1157
1158        HWGROUP(drive)->rq = NULL;
1159
1160        rq->errors = 0;
1161
1162        if (!rq->bio)
1163                goto out;
1164
1165        rq->sector = rq->bio->bi_sector;
1166        rq->current_nr_sectors = bio_iovec(rq->bio)->bv_len >> 9;
1167        rq->hard_cur_sectors = rq->current_nr_sectors;
1168        rq->buffer = bio_data(rq->bio);
1169out:
1170        return ret;
1171}
1172
1173/**
1174 *        ide_timer_expiry        -        handle lack of an IDE interrupt
1175 *        @data: timer callback magic (hwgroup)
1176 *
1177 *        An IDE command has timed out before the expected drive return
1178 *        occurred. At this point we attempt to clean up the current
1179 *        mess. If the current handler includes an expiry handler then
1180 *        we invoke the expiry handler, and providing it is happy the
1181 *        work is done. If that fails we apply generic recovery rules
1182 *        invoking the handler and checking the drive DMA status. We
1183 *        have an excessively incestuous relationship with the DMA
1184 *        logic that wants cleaning up.
1185 */
1186 
1187void ide_timer_expiry (unsigned long data)
1188{
1189        ide_hwgroup_t        *hwgroup = (ide_hwgroup_t *) data;
1190        ide_handler_t        *handler;
1191        ide_expiry_t        *expiry;
1192        unsigned long        flags;
1193        unsigned long        wait = -1;
1194
1195        spin_lock_irqsave(&ide_lock, flags);
1196
1197        if (((handler = hwgroup->handler) == NULL) ||
1198            (hwgroup->req_gen != hwgroup->req_gen_timer)) {
1199                /*
1200                 * Either a marginal timeout occurred
1201                 * (got the interrupt just as timer expired),
1202                 * or we were "sleeping" to give other devices a chance.
1203                 * Either way, we don't really want to complain about anything.
1204                 */
1205                if (hwgroup->sleeping) {
1206                        hwgroup->sleeping = 0;
1207                        hwgroup->busy = 0;
1208                }
1209        } else {
1210                ide_drive_t *drive = hwgroup->drive;
1211                if (!drive) {
1212                        printk(KERN_ERR "ide_timer_expiry: hwgroup->drive was NULL\n");
1213                        hwgroup->handler = NULL;
1214                } else {
1215                        ide_hwif_t *hwif;
1216                        ide_startstop_t startstop = ide_stopped;
1217                        if (!hwgroup->busy) {
1218                                hwgroup->busy = 1;        /* paranoia */
1219                                printk(KERN_ERR "%s: ide_timer_expiry: hwgroup->busy was 0 ??\n", drive->name);
1220                        }
1221                        if ((expiry = hwgroup->expiry) != NULL) {
1222                                /* continue */
1223                                if ((wait = expiry(drive)) > 0) {
1224                                        /* reset timer */
1225                                        hwgroup->timer.expires  = jiffies + wait;
1226                                        hwgroup->req_gen_timer = hwgroup->req_gen;
1227                                        add_timer(&hwgroup->timer);
1228                                        spin_unlock_irqrestore(&ide_lock, flags);
1229                                        return;
1230                                }
1231                        }
1232                        hwgroup->handler = NULL;
1233                        /*
1234                         * We need to simulate a real interrupt when invoking
1235                         * the handler() function, which means we need to
1236                         * globally mask the specific IRQ:
1237                         */
1238                        spin_unlock(&ide_lock);
1239                        hwif  = HWIF(drive);
1240                        /* disable_irq_nosync ?? */
1241                        disable_irq(hwif->irq);
1242                        /* local CPU only,
1243                         * as if we were handling an interrupt */
1244                        local_irq_disable();
1245                        if (hwgroup->polling) {
1246                                startstop = handler(drive);
1247                        } else if (drive_is_ready(drive)) {
1248                                if (drive->waiting_for_dma)
1249                                        hwif->dma_ops->dma_lost_irq(drive);
1250                                (void)ide_ack_intr(hwif);
1251                                printk(KERN_WARNING "%s: lost interrupt\n", drive->name);
1252                                startstop = handler(drive);
1253                        } else {
1254                                if (drive->waiting_for_dma) {
1255                                        startstop = ide_dma_timeout_retry(drive, wait);
1256                                } else
1257                                        startstop =
1258                                        ide_error(drive, "irq timeout",
1259                                                  hwif->tp_ops->read_status(hwif));
1260                        }
1261                        drive->service_time = jiffies - drive->service_start;
1262                        spin_lock_irq(&ide_lock);
1263                        enable_irq(hwif->irq);
1264                        if (startstop == ide_stopped)
1265                                hwgroup->busy = 0;
1266                }
1267        }
1268        ide_do_request(hwgroup, IDE_NO_IRQ);
1269        spin_unlock_irqrestore(&ide_lock, flags);
1270}
1271
1272/**
1273 *        unexpected_intr                -        handle an unexpected IDE interrupt
1274 *        @irq: interrupt line
1275 *        @hwgroup: hwgroup being processed
1276 *
1277 *        There's nothing really useful we can do with an unexpected interrupt,
1278 *        other than reading the status register (to clear it), and logging it.
1279 *        There should be no way that an irq can happen before we're ready for it,
1280 *        so we needn't worry much about losing an "important" interrupt here.
1281 *
1282 *        On laptops (and "green" PCs), an unexpected interrupt occurs whenever
1283 *        the drive enters "idle", "standby", or "sleep" mode, so if the status
1284 *        looks "good", we just ignore the interrupt completely.
1285 *
1286 *        This routine assumes __cli() is in effect when called.
1287 *
1288 *        If an unexpected interrupt happens on irq15 while we are handling irq14
1289 *        and if the two interfaces are "serialized" (CMD640), then it looks like
1290 *        we could screw up by interfering with a new request being set up for 
1291 *        irq15.
1292 *
1293 *        In reality, this is a non-issue.  The new command is not sent unless 
1294 *        the drive is ready to accept one, in which case we know the drive is
1295 *        not trying to interrupt us.  And ide_set_handler() is always invoked
1296 *        before completing the issuance of any new drive command, so we will not
1297 *        be accidentally invoked as a result of any valid command completion
1298 *        interrupt.
1299 *
1300 *        Note that we must walk the entire hwgroup here. We know which hwif
1301 *        is doing the current command, but we don't know which hwif burped
1302 *        mysteriously.
1303 */
1304 
1305static void unexpected_intr (int irq, ide_hwgroup_t *hwgroup)
1306{
1307        u8 stat;
1308        ide_hwif_t *hwif = hwgroup->hwif;
1309
1310        /*
1311         * handle the unexpected interrupt
1312         */
1313        do {
1314                if (hwif->irq == irq) {
1315                        stat = hwif->tp_ops->read_status(hwif);
1316
1317                        if (!OK_STAT(stat, ATA_DRDY, BAD_STAT)) {
1318                                /* Try to not flood the console with msgs */
1319                                static unsigned long last_msgtime, count;
1320                                ++count;
1321                                if (time_after(jiffies, last_msgtime + HZ)) {
1322                                        last_msgtime = jiffies;
1323                                        printk(KERN_ERR "%s%s: unexpected interrupt, "
1324                                                "status=0x%02x, count=%ld\n",
1325                                                hwif->name,
1326                                                (hwif->next==hwgroup->hwif) ? "" : "(?)", stat, count);
1327                                }
1328                        }
1329                }
1330        } while ((hwif = hwif->next) != hwgroup->hwif);
1331}
1332
1333/**
1334 *        ide_intr        -        default IDE interrupt handler
1335 *        @irq: interrupt number
1336 *        @dev_id: hwif group
1337 *        @regs: unused weirdness from the kernel irq layer
1338 *
1339 *        This is the default IRQ handler for the IDE layer. You should
1340 *        not need to override it. If you do be aware it is subtle in
1341 *        places
1342 *
1343 *        hwgroup->hwif is the interface in the group currently performing
1344 *        a command. hwgroup->drive is the drive and hwgroup->handler is
1345 *        the IRQ handler to call. As we issue a command the handlers
1346 *        step through multiple states, reassigning the handler to the
1347 *        next step in the process. Unlike a smart SCSI controller IDE
1348 *        expects the main processor to sequence the various transfer
1349 *        stages. We also manage a poll timer to catch up with most
1350 *        timeout situations. There are still a few where the handlers
1351 *        don't ever decide to give up.
1352 *
1353 *        The handler eventually returns ide_stopped to indicate the
1354 *        request completed. At this point we issue the next request
1355 *        on the hwgroup and the process begins again.
1356 */
1357 
1358irqreturn_t ide_intr (int irq, void *dev_id)
1359{
1360        unsigned long flags;
1361        ide_hwgroup_t *hwgroup = (ide_hwgroup_t *)dev_id;
1362        ide_hwif_t *hwif;
1363        ide_drive_t *drive;
1364        ide_handler_t *handler;
1365        ide_startstop_t startstop;
1366
1367        spin_lock_irqsave(&ide_lock, flags);
1368        hwif = hwgroup->hwif;
1369
1370        if (!ide_ack_intr(hwif)) {
1371                spin_unlock_irqrestore(&ide_lock, flags);
1372                return IRQ_NONE;
1373        }
1374
1375        if ((handler = hwgroup->handler) == NULL || hwgroup->polling) {
1376                /*
1377                 * Not expecting an interrupt from this drive.
1378                 * That means this could be:
1379                 *        (1) an interrupt from another PCI device
1380                 *        sharing the same PCI INT# as us.
1381                 * or        (2) a drive just entered sleep or standby mode,
1382                 *        and is interrupting to let us know.
1383                 * or        (3) a spurious interrupt of unknown origin.
1384                 *
1385                 * For PCI, we cannot tell the difference,
1386                 * so in that case we just ignore it and hope it goes away.
1387                 *
1388                 * FIXME: unexpected_intr should be hwif-> then we can
1389                 * remove all the ifdef PCI crap
1390                 */
1391#ifdef CONFIG_BLK_DEV_IDEPCI
1392                if (hwif->chipset != ide_pci)
1393#endif        /* CONFIG_BLK_DEV_IDEPCI */
1394                {
1395                        /*
1396                         * Probably not a shared PCI interrupt,
1397                         * so we can safely try to do something about it:
1398                         */
1399                        unexpected_intr(irq, hwgroup);
1400#ifdef CONFIG_BLK_DEV_IDEPCI
1401                } else {
1402                        /*
1403                         * Whack the status register, just in case
1404                         * we have a leftover pending IRQ.
1405                         */
1406                        (void)hwif->tp_ops->read_status(hwif);
1407#endif /* CONFIG_BLK_DEV_IDEPCI */
1408                }
1409                spin_unlock_irqrestore(&ide_lock, flags);
1410                return IRQ_NONE;
1411        }
1412        drive = hwgroup->drive;
1413        if (!drive) {
1414                /*
1415                 * This should NEVER happen, and there isn't much
1416                 * we could do about it here.
1417                 *
1418                 * [Note - this can occur if the drive is hot unplugged]
1419                 */
1420                spin_unlock_irqrestore(&ide_lock, flags);
1421                return IRQ_HANDLED;
1422        }
1423        if (!drive_is_ready(drive)) {
1424                /*
1425                 * This happens regularly when we share a PCI IRQ with
1426                 * another device.  Unfortunately, it can also happen
1427                 * with some buggy drives that trigger the IRQ before
1428                 * their status register is up to date.  Hopefully we have
1429                 * enough advance overhead that the latter isn't a problem.
1430                 */
1431                spin_unlock_irqrestore(&ide_lock, flags);
1432                return IRQ_NONE;
1433        }
1434        if (!hwgroup->busy) {
1435                hwgroup->busy = 1;        /* paranoia */
1436                printk(KERN_ERR "%s: ide_intr: hwgroup->busy was 0 ??\n", drive->name);
1437        }
1438        hwgroup->handler = NULL;
1439        hwgroup->req_gen++;
1440        del_timer(&hwgroup->timer);
1441        spin_unlock(&ide_lock);
1442
1443        if (hwif->port_ops && hwif->port_ops->clear_irq)
1444                hwif->port_ops->clear_irq(drive);
1445
1446        if (drive->dev_flags & IDE_DFLAG_UNMASK)
1447                local_irq_enable_in_hardirq();
1448
1449        /* service this interrupt, may set handler for next interrupt */
1450        startstop = handler(drive);
1451
1452        spin_lock_irq(&ide_lock);
1453        /*
1454         * Note that handler() may have set things up for another
1455         * interrupt to occur soon, but it cannot happen until
1456         * we exit from this routine, because it will be the
1457         * same irq as is currently being serviced here, and Linux
1458         * won't allow another of the same (on any CPU) until we return.
1459         */
1460        drive->service_time = jiffies - drive->service_start;
1461        if (startstop == ide_stopped) {
1462                if (hwgroup->handler == NULL) {        /* paranoia */
1463                        hwgroup->busy = 0;
1464                        ide_do_request(hwgroup, hwif->irq);
1465                } else {
1466                        printk(KERN_ERR "%s: ide_intr: huh? expected NULL handler "
1467                                "on exit\n", drive->name);
1468                }
1469        }
1470        spin_unlock_irqrestore(&ide_lock, flags);
1471        return IRQ_HANDLED;
1472}
1473
1474/**
1475 *        ide_do_drive_cmd        -        issue IDE special command
1476 *        @drive: device to issue command
1477 *        @rq: request to issue
1478 *
1479 *        This function issues a special IDE device request
1480 *        onto the request queue.
1481 *
1482 *        the rq is queued at the head of the request queue, displacing
1483 *        the currently-being-processed request and this function
1484 *        returns immediately without waiting for the new rq to be
1485 *        completed.  This is VERY DANGEROUS, and is intended for
1486 *        careful use by the ATAPI tape/cdrom driver code.
1487 */
1488
1489void ide_do_drive_cmd(ide_drive_t *drive, struct request *rq)
1490{
1491        unsigned long flags;
1492        ide_hwgroup_t *hwgroup = HWGROUP(drive);
1493
1494        spin_lock_irqsave(&ide_lock, flags);
1495        hwgroup->rq = NULL;
1496        __elv_add_request(drive->queue, rq, ELEVATOR_INSERT_FRONT, 0);
1497        blk_start_queueing(drive->queue);
1498        spin_unlock_irqrestore(&ide_lock, flags);
1499}
1500
1501EXPORT_SYMBOL(ide_do_drive_cmd);
1502
1503void ide_pktcmd_tf_load(ide_drive_t *drive, u32 tf_flags, u16 bcount, u8 dma)
1504{
1505        ide_hwif_t *hwif = drive->hwif;
1506        ide_task_t task;
1507
1508        memset(&task, 0, sizeof(task));
1509        task.tf_flags = IDE_TFLAG_OUT_LBAH | IDE_TFLAG_OUT_LBAM |
1510                        IDE_TFLAG_OUT_FEATURE | tf_flags;
1511        task.tf.feature = dma;                /* Use PIO/DMA */
1512        task.tf.lbam    = bcount & 0xff;
1513        task.tf.lbah    = (bcount >> 8) & 0xff;
1514
1515        ide_tf_dump(drive->name, &task.tf);
1516        hwif->tp_ops->set_irq(hwif, 1);
1517        SELECT_MASK(drive, 0);
1518        hwif->tp_ops->tf_load(drive, &task);
1519}
1520
1521EXPORT_SYMBOL_GPL(ide_pktcmd_tf_load);
1522
1523void ide_pad_transfer(ide_drive_t *drive, int write, int len)
1524{
1525        ide_hwif_t *hwif = drive->hwif;
1526        u8 buf[4] = { 0 };
1527
1528        while (len > 0) {
1529                if (write)
1530                        hwif->tp_ops->output_data(drive, NULL, buf, min(4, len));
1531                else
1532                        hwif->tp_ops->input_data(drive, NULL, buf, min(4, len));
1533                len -= 4;
1534        }
1535}
1536EXPORT_SYMBOL_GPL(ide_pad_transfer);