1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21static int sg_version_num = 30534;
22#define SG_VERSION_STR "3.5.34"
23
24
25
26
27
28
29
30
31#include <linux/module.h>
32
33#include <linux/fs.h>
34#include <linux/kernel.h>
35#include <linux/sched.h>
36#include <linux/string.h>
37#include <linux/mm.h>
38#include <linux/errno.h>
39#include <linux/mtio.h>
40#include <linux/ioctl.h>
41#include <linux/fcntl.h>
42#include <linux/init.h>
43#include <linux/poll.h>
44#include <linux/moduleparam.h>
45#include <linux/cdev.h>
46#include <linux/idr.h>
47#include <linux/seq_file.h>
48#include <linux/blkdev.h>
49#include <linux/delay.h>
50#include <linux/blktrace_api.h>
51#include <linux/smp_lock.h>
52
53#include "scsi.h"
54#include <scsi/scsi_dbg.h>
55#include <scsi/scsi_host.h>
56#include <scsi/scsi_driver.h>
57#include <scsi/scsi_ioctl.h>
58#include <scsi/sg.h>
59
60#include "scsi_logging.h"
61
62#ifdef CONFIG_SCSI_PROC_FS
63#include <linux/proc_fs.h>
64static char *sg_version_date = "20061027";
65
66static int sg_proc_init(void);
67static void sg_proc_cleanup(void);
68#endif
69
70#define SG_ALLOW_DIO_DEF 0
71
72#define SG_MAX_DEVS 32768
73
74
75
76
77
78
79
80
81
82
83#define MULDIV(X,MUL,DIV) ((((X % DIV) * MUL) / DIV) + ((X / DIV) * MUL))
84
85#define SG_DEFAULT_TIMEOUT MULDIV(SG_DEFAULT_TIMEOUT_USER, HZ, USER_HZ)
86
87int sg_big_buff = SG_DEF_RESERVED_SIZE;
88
89
90
91
92
93
94static int def_reserved_size = -1;
95static int sg_allow_dio = SG_ALLOW_DIO_DEF;
96
97static int scatter_elem_sz = SG_SCATTER_SZ;
98static int scatter_elem_sz_prev = SG_SCATTER_SZ;
99
100#define SG_SECTOR_SZ 512
101#define SG_SECTOR_MSK (SG_SECTOR_SZ - 1)
102
103static int sg_add(struct device *, struct class_interface *);
104static void sg_remove(struct device *, struct class_interface *);
105
106static DEFINE_IDR(sg_index_idr);
107static DEFINE_RWLOCK(sg_index_lock);
108
109
110static struct class_interface sg_interface = {
111 .add_dev = sg_add,
112 .remove_dev = sg_remove,
113};
114
115typedef struct sg_scatter_hold {
116 unsigned short k_use_sg;
117 unsigned sglist_len;
118 unsigned bufflen;
119 struct page **pages;
120 int page_order;
121 char dio_in_use;
122 unsigned char cmd_opcode;
123} Sg_scatter_hold;
124
125struct sg_device;
126struct sg_fd;
127
128typedef struct sg_request {
129 struct sg_request *nextrp;
130 struct sg_fd *parentfp;
131 Sg_scatter_hold data;
132 sg_io_hdr_t header;
133 unsigned char sense_b[SCSI_SENSE_BUFFERSIZE];
134 char res_used;
135 char orphan;
136 char sg_io_owned;
137 volatile char done;
138 struct request *rq;
139 struct bio *bio;
140} Sg_request;
141
142typedef struct sg_fd {
143 struct sg_fd *nextfp;
144 struct sg_device *parentdp;
145 wait_queue_head_t read_wait;
146 rwlock_t rq_list_lock;
147 int timeout;
148 int timeout_user;
149 Sg_scatter_hold reserve;
150 unsigned save_scat_len;
151 Sg_request *headrp;
152 struct fasync_struct *async_qp;
153 Sg_request req_arr[SG_MAX_QUEUE];
154 char low_dma;
155 char force_packid;
156 volatile char closed;
157 char cmd_q;
158 char next_cmd_len;
159 char keep_orphan;
160 char mmap_called;
161} Sg_fd;
162
163typedef struct sg_device {
164 struct scsi_device *device;
165 wait_queue_head_t o_excl_wait;
166 int sg_tablesize;
167 u32 index;
168 Sg_fd *headfp;
169 volatile char detached;
170 volatile char exclude;
171 char sgdebug;
172 struct gendisk *disk;
173 struct cdev * cdev;
174} Sg_device;
175
176static int sg_fasync(int fd, struct file *filp, int mode);
177
178static void sg_rq_end_io(struct request *rq, int uptodate);
179static int sg_start_req(Sg_request *srp, unsigned char *cmd);
180static void sg_finish_rem_req(Sg_request * srp);
181static int sg_build_indirect(Sg_scatter_hold * schp, Sg_fd * sfp, int buff_size);
182static int sg_build_sgat(Sg_scatter_hold * schp, const Sg_fd * sfp,
183 int tablesize);
184static ssize_t sg_new_read(Sg_fd * sfp, char __user *buf, size_t count,
185 Sg_request * srp);
186static ssize_t sg_new_write(Sg_fd *sfp, struct file *file,
187 const char __user *buf, size_t count, int blocking,
188 int read_only, Sg_request **o_srp);
189static int sg_common_write(Sg_fd * sfp, Sg_request * srp,
190 unsigned char *cmnd, int timeout, int blocking);
191static int sg_read_oxfer(Sg_request * srp, char __user *outp, int num_read_xfer);
192static void sg_remove_scat(Sg_scatter_hold * schp);
193static void sg_build_reserve(Sg_fd * sfp, int req_size);
194static void sg_link_reserve(Sg_fd * sfp, Sg_request * srp, int size);
195static void sg_unlink_reserve(Sg_fd * sfp, Sg_request * srp);
196static Sg_fd *sg_add_sfp(Sg_device * sdp, int dev);
197static int sg_remove_sfp(Sg_device * sdp, Sg_fd * sfp);
198static void __sg_remove_sfp(Sg_device * sdp, Sg_fd * sfp);
199static Sg_request *sg_get_rq_mark(Sg_fd * sfp, int pack_id);
200static Sg_request *sg_add_request(Sg_fd * sfp);
201static int sg_remove_request(Sg_fd * sfp, Sg_request * srp);
202static int sg_res_in_use(Sg_fd * sfp);
203static Sg_device *sg_get_dev(int dev);
204#ifdef CONFIG_SCSI_PROC_FS
205static int sg_last_dev(void);
206#endif
207
208#define SZ_SG_HEADER sizeof(struct sg_header)
209#define SZ_SG_IO_HDR sizeof(sg_io_hdr_t)
210#define SZ_SG_IOVEC sizeof(sg_iovec_t)
211#define SZ_SG_REQ_INFO sizeof(sg_req_info_t)
212
213static int sg_allow_access(struct file *filp, unsigned char *cmd)
214{
215 struct sg_fd *sfp = (struct sg_fd *)filp->private_data;
216 struct request_queue *q = sfp->parentdp->device->request_queue;
217
218 if (sfp->parentdp->device->type == TYPE_SCANNER)
219 return 0;
220
221 return blk_verify_command(&q->cmd_filter,
222 cmd, filp->f_mode & FMODE_WRITE);
223}
224
225static int
226sg_open(struct inode *inode, struct file *filp)
227{
228 int dev = iminor(inode);
229 int flags = filp->f_flags;
230 struct request_queue *q;
231 Sg_device *sdp;
232 Sg_fd *sfp;
233 int res;
234 int retval;
235
236 lock_kernel();
237 nonseekable_open(inode, filp);
238 SCSI_LOG_TIMEOUT(3, printk("sg_open: dev=%d, flags=0x%x\n", dev, flags));
239 sdp = sg_get_dev(dev);
240 if ((!sdp) || (!sdp->device)) {
241 unlock_kernel();
242 return -ENXIO;
243 }
244 if (sdp->detached) {
245 unlock_kernel();
246 return -ENODEV;
247 }
248
249
250
251 retval = scsi_device_get(sdp->device);
252 if (retval) {
253 unlock_kernel();
254 return retval;
255 }
256
257 if (!((flags & O_NONBLOCK) ||
258 scsi_block_when_processing_errors(sdp->device))) {
259 retval = -ENXIO;
260
261 goto error_out;
262 }
263
264 if (flags & O_EXCL) {
265 if (O_RDONLY == (flags & O_ACCMODE)) {
266 retval = -EPERM;
267 goto error_out;
268 }
269 if (sdp->headfp && (flags & O_NONBLOCK)) {
270 retval = -EBUSY;
271 goto error_out;
272 }
273 res = 0;
274 __wait_event_interruptible(sdp->o_excl_wait,
275 ((sdp->headfp || sdp->exclude) ? 0 : (sdp->exclude = 1)), res);
276 if (res) {
277 retval = res;
278 goto error_out;
279 }
280 } else if (sdp->exclude) {
281 if (flags & O_NONBLOCK) {
282 retval = -EBUSY;
283 goto error_out;
284 }
285 res = 0;
286 __wait_event_interruptible(sdp->o_excl_wait, (!sdp->exclude),
287 res);
288 if (res) {
289 retval = res;
290 goto error_out;
291 }
292 }
293 if (sdp->detached) {
294 retval = -ENODEV;
295 goto error_out;
296 }
297 if (!sdp->headfp) {
298 sdp->sgdebug = 0;
299 q = sdp->device->request_queue;
300 sdp->sg_tablesize = min(q->max_hw_segments,
301 q->max_phys_segments);
302 }
303 if ((sfp = sg_add_sfp(sdp, dev)))
304 filp->private_data = sfp;
305 else {
306 if (flags & O_EXCL)
307 sdp->exclude = 0;
308 retval = -ENOMEM;
309 goto error_out;
310 }
311 unlock_kernel();
312 return 0;
313
314 error_out:
315 scsi_device_put(sdp->device);
316 unlock_kernel();
317 return retval;
318}
319
320
321static int
322sg_release(struct inode *inode, struct file *filp)
323{
324 Sg_device *sdp;
325 Sg_fd *sfp;
326
327 if ((!(sfp = (Sg_fd *) filp->private_data)) || (!(sdp = sfp->parentdp)))
328 return -ENXIO;
329 SCSI_LOG_TIMEOUT(3, printk("sg_release: %s\n", sdp->disk->disk_name));
330 if (0 == sg_remove_sfp(sdp, sfp)) {
331 if (!sdp->detached) {
332 scsi_device_put(sdp->device);
333 }
334 sdp->exclude = 0;
335 wake_up_interruptible(&sdp->o_excl_wait);
336 }
337 return 0;
338}
339
340static ssize_t
341sg_read(struct file *filp, char __user *buf, size_t count, loff_t * ppos)
342{
343 Sg_device *sdp;
344 Sg_fd *sfp;
345 Sg_request *srp;
346 int req_pack_id = -1;
347 sg_io_hdr_t *hp;
348 struct sg_header *old_hdr = NULL;
349 int retval = 0;
350
351 if ((!(sfp = (Sg_fd *) filp->private_data)) || (!(sdp = sfp->parentdp)))
352 return -ENXIO;
353 SCSI_LOG_TIMEOUT(3, printk("sg_read: %s, count=%d\n",
354 sdp->disk->disk_name, (int) count));
355
356 if (!access_ok(VERIFY_WRITE, buf, count))
357 return -EFAULT;
358 if (sfp->force_packid && (count >= SZ_SG_HEADER)) {
359 old_hdr = kmalloc(SZ_SG_HEADER, GFP_KERNEL);
360 if (!old_hdr)
361 return -ENOMEM;
362 if (__copy_from_user(old_hdr, buf, SZ_SG_HEADER)) {
363 retval = -EFAULT;
364 goto free_old_hdr;
365 }
366 if (old_hdr->reply_len < 0) {
367 if (count >= SZ_SG_IO_HDR) {
368 sg_io_hdr_t *new_hdr;
369 new_hdr = kmalloc(SZ_SG_IO_HDR, GFP_KERNEL);
370 if (!new_hdr) {
371 retval = -ENOMEM;
372 goto free_old_hdr;
373 }
374 retval =__copy_from_user
375 (new_hdr, buf, SZ_SG_IO_HDR);
376 req_pack_id = new_hdr->pack_id;
377 kfree(new_hdr);
378 if (retval) {
379 retval = -EFAULT;
380 goto free_old_hdr;
381 }
382 }
383 } else
384 req_pack_id = old_hdr->pack_id;
385 }
386 srp = sg_get_rq_mark(sfp, req_pack_id);
387 if (!srp) {
388 if (sdp->detached) {
389 retval = -ENODEV;
390 goto free_old_hdr;
391 }
392 if (filp->f_flags & O_NONBLOCK) {
393 retval = -EAGAIN;
394 goto free_old_hdr;
395 }
396 while (1) {
397 retval = 0;
398 __wait_event_interruptible(sfp->read_wait,
399 (sdp->detached ||
400 (srp = sg_get_rq_mark(sfp, req_pack_id))),
401 retval);
402 if (sdp->detached) {
403 retval = -ENODEV;
404 goto free_old_hdr;
405 }
406 if (0 == retval)
407 break;
408
409
410 goto free_old_hdr;
411 }
412 }
413 if (srp->header.interface_id != '\0') {
414 retval = sg_new_read(sfp, buf, count, srp);
415 goto free_old_hdr;
416 }
417
418 hp = &srp->header;
419 if (old_hdr == NULL) {
420 old_hdr = kmalloc(SZ_SG_HEADER, GFP_KERNEL);
421 if (! old_hdr) {
422 retval = -ENOMEM;
423 goto free_old_hdr;
424 }
425 }
426 memset(old_hdr, 0, SZ_SG_HEADER);
427 old_hdr->reply_len = (int) hp->timeout;
428 old_hdr->pack_len = old_hdr->reply_len;
429 old_hdr->pack_id = hp->pack_id;
430 old_hdr->twelve_byte =
431 ((srp->data.cmd_opcode >= 0xc0) && (12 == hp->cmd_len)) ? 1 : 0;
432 old_hdr->target_status = hp->masked_status;
433 old_hdr->host_status = hp->host_status;
434 old_hdr->driver_status = hp->driver_status;
435 if ((CHECK_CONDITION & hp->masked_status) ||
436 (DRIVER_SENSE & hp->driver_status))
437 memcpy(old_hdr->sense_buffer, srp->sense_b,
438 sizeof (old_hdr->sense_buffer));
439 switch (hp->host_status) {
440
441
442 case DID_OK:
443 case DID_PASSTHROUGH:
444 case DID_SOFT_ERROR:
445 old_hdr->result = 0;
446 break;
447 case DID_NO_CONNECT:
448 case DID_BUS_BUSY:
449 case DID_TIME_OUT:
450 old_hdr->result = EBUSY;
451 break;
452 case DID_BAD_TARGET:
453 case DID_ABORT:
454 case DID_PARITY:
455 case DID_RESET:
456 case DID_BAD_INTR:
457 old_hdr->result = EIO;
458 break;
459 case DID_ERROR:
460 old_hdr->result = (srp->sense_b[0] == 0 &&
461 hp->masked_status == GOOD) ? 0 : EIO;
462 break;
463 default:
464 old_hdr->result = EIO;
465 break;
466 }
467
468
469 if (count >= SZ_SG_HEADER) {
470 if (__copy_to_user(buf, old_hdr, SZ_SG_HEADER)) {
471 retval = -EFAULT;
472 goto free_old_hdr;
473 }
474 buf += SZ_SG_HEADER;
475 if (count > old_hdr->reply_len)
476 count = old_hdr->reply_len;
477 if (count > SZ_SG_HEADER) {
478 if (sg_read_oxfer(srp, buf, count - SZ_SG_HEADER)) {
479 retval = -EFAULT;
480 goto free_old_hdr;
481 }
482 }
483 } else
484 count = (old_hdr->result == 0) ? 0 : -EIO;
485 sg_finish_rem_req(srp);
486 retval = count;
487free_old_hdr:
488 kfree(old_hdr);
489 return retval;
490}
491
492static ssize_t
493sg_new_read(Sg_fd * sfp, char __user *buf, size_t count, Sg_request * srp)
494{
495 sg_io_hdr_t *hp = &srp->header;
496 int err = 0;
497 int len;
498
499 if (count < SZ_SG_IO_HDR) {
500 err = -EINVAL;
501 goto err_out;
502 }
503 hp->sb_len_wr = 0;
504 if ((hp->mx_sb_len > 0) && hp->sbp) {
505 if ((CHECK_CONDITION & hp->masked_status) ||
506 (DRIVER_SENSE & hp->driver_status)) {
507 int sb_len = SCSI_SENSE_BUFFERSIZE;
508 sb_len = (hp->mx_sb_len > sb_len) ? sb_len : hp->mx_sb_len;
509 len = 8 + (int) srp->sense_b[7];
510 len = (len > sb_len) ? sb_len : len;
511 if (copy_to_user(hp->sbp, srp->sense_b, len)) {
512 err = -EFAULT;
513 goto err_out;
514 }
515 hp->sb_len_wr = len;
516 }
517 }
518 if (hp->masked_status || hp->host_status || hp->driver_status)
519 hp->info |= SG_INFO_CHECK;
520 if (copy_to_user(buf, hp, SZ_SG_IO_HDR)) {
521 err = -EFAULT;
522 goto err_out;
523 }
524err_out:
525 sg_finish_rem_req(srp);
526 return (0 == err) ? count : err;
527}
528
529static ssize_t
530sg_write(struct file *filp, const char __user *buf, size_t count, loff_t * ppos)
531{
532 int mxsize, cmd_size, k;
533 int input_size, blocking;
534 unsigned char opcode;
535 Sg_device *sdp;
536 Sg_fd *sfp;
537 Sg_request *srp;
538 struct sg_header old_hdr;
539 sg_io_hdr_t *hp;
540 unsigned char cmnd[MAX_COMMAND_SIZE];
541
542 if ((!(sfp = (Sg_fd *) filp->private_data)) || (!(sdp = sfp->parentdp)))
543 return -ENXIO;
544 SCSI_LOG_TIMEOUT(3, printk("sg_write: %s, count=%d\n",
545 sdp->disk->disk_name, (int) count));
546 if (sdp->detached)
547 return -ENODEV;
548 if (!((filp->f_flags & O_NONBLOCK) ||
549 scsi_block_when_processing_errors(sdp->device)))
550 return -ENXIO;
551
552 if (!access_ok(VERIFY_READ, buf, count))
553 return -EFAULT;
554 if (count < SZ_SG_HEADER)
555 return -EIO;
556 if (__copy_from_user(&old_hdr, buf, SZ_SG_HEADER))
557 return -EFAULT;
558 blocking = !(filp->f_flags & O_NONBLOCK);
559 if (old_hdr.reply_len < 0)
560 return sg_new_write(sfp, filp, buf, count, blocking, 0, NULL);
561 if (count < (SZ_SG_HEADER + 6))
562 return -EIO;
563
564 if (!(srp = sg_add_request(sfp))) {
565 SCSI_LOG_TIMEOUT(1, printk("sg_write: queue full\n"));
566 return -EDOM;
567 }
568 buf += SZ_SG_HEADER;
569 __get_user(opcode, buf);
570 if (sfp->next_cmd_len > 0) {
571 if (sfp->next_cmd_len > MAX_COMMAND_SIZE) {
572 SCSI_LOG_TIMEOUT(1, printk("sg_write: command length too long\n"));
573 sfp->next_cmd_len = 0;
574 sg_remove_request(sfp, srp);
575 return -EIO;
576 }
577 cmd_size = sfp->next_cmd_len;
578 sfp->next_cmd_len = 0;
579 } else {
580 cmd_size = COMMAND_SIZE(opcode);
581 if ((opcode >= 0xc0) && old_hdr.twelve_byte)
582 cmd_size = 12;
583 }
584 SCSI_LOG_TIMEOUT(4, printk(
585 "sg_write: scsi opcode=0x%02x, cmd_size=%d\n", (int) opcode, cmd_size));
586
587 input_size = count - cmd_size;
588 mxsize = (input_size > old_hdr.reply_len) ? input_size : old_hdr.reply_len;
589 mxsize -= SZ_SG_HEADER;
590 input_size -= SZ_SG_HEADER;
591 if (input_size < 0) {
592 sg_remove_request(sfp, srp);
593 return -EIO;
594 }
595 hp = &srp->header;
596 hp->interface_id = '\0';
597 hp->cmd_len = (unsigned char) cmd_size;
598 hp->iovec_count = 0;
599 hp->mx_sb_len = 0;
600 if (input_size > 0)
601 hp->dxfer_direction = (old_hdr.reply_len > SZ_SG_HEADER) ?
602 SG_DXFER_TO_FROM_DEV : SG_DXFER_TO_DEV;
603 else
604 hp->dxfer_direction = (mxsize > 0) ? SG_DXFER_FROM_DEV : SG_DXFER_NONE;
605 hp->dxfer_len = mxsize;
606 if (hp->dxfer_direction == SG_DXFER_TO_DEV)
607 hp->dxferp = (char __user *)buf + cmd_size;
608 else
609 hp->dxferp = NULL;
610 hp->sbp = NULL;
611 hp->timeout = old_hdr.reply_len;
612 hp->flags = input_size;
613 hp->pack_id = old_hdr.pack_id;
614 hp->usr_ptr = NULL;
615 if (__copy_from_user(cmnd, buf, cmd_size))
616 return -EFAULT;
617
618
619
620
621
622 if (hp->dxfer_direction == SG_DXFER_TO_FROM_DEV) {
623 static char cmd[TASK_COMM_LEN];
624 if (strcmp(current->comm, cmd) && printk_ratelimit()) {
625 printk(KERN_WARNING
626 "sg_write: data in/out %d/%d bytes for SCSI command 0x%x--"
627 "guessing data in;\n" KERN_WARNING " "
628 "program %s not setting count and/or reply_len properly\n",
629 old_hdr.reply_len - (int)SZ_SG_HEADER,
630 input_size, (unsigned int) cmnd[0],
631 current->comm);
632 strcpy(cmd, current->comm);
633 }
634 }
635 k = sg_common_write(sfp, srp, cmnd, sfp->timeout, blocking);
636 return (k < 0) ? k : count;
637}
638
639static ssize_t
640sg_new_write(Sg_fd *sfp, struct file *file, const char __user *buf,
641 size_t count, int blocking, int read_only,
642 Sg_request **o_srp)
643{
644 int k;
645 Sg_request *srp;
646 sg_io_hdr_t *hp;
647 unsigned char cmnd[MAX_COMMAND_SIZE];
648 int timeout;
649 unsigned long ul_timeout;
650
651 if (count < SZ_SG_IO_HDR)
652 return -EINVAL;
653 if (!access_ok(VERIFY_READ, buf, count))
654 return -EFAULT;
655
656 sfp->cmd_q = 1;
657 if (!(srp = sg_add_request(sfp))) {
658 SCSI_LOG_TIMEOUT(1, printk("sg_new_write: queue full\n"));
659 return -EDOM;
660 }
661 hp = &srp->header;
662 if (__copy_from_user(hp, buf, SZ_SG_IO_HDR)) {
663 sg_remove_request(sfp, srp);
664 return -EFAULT;
665 }
666 if (hp->interface_id != 'S') {
667 sg_remove_request(sfp, srp);
668 return -ENOSYS;
669 }
670 if (hp->flags & SG_FLAG_MMAP_IO) {
671 if (hp->dxfer_len > sfp->reserve.bufflen) {
672 sg_remove_request(sfp, srp);
673 return -ENOMEM;
674 }
675 if (hp->flags & SG_FLAG_DIRECT_IO) {
676 sg_remove_request(sfp, srp);
677 return -EINVAL;
678 }
679 if (sg_res_in_use(sfp)) {
680 sg_remove_request(sfp, srp);
681 return -EBUSY;
682 }
683 }
684 ul_timeout = msecs_to_jiffies(srp->header.timeout);
685 timeout = (ul_timeout < INT_MAX) ? ul_timeout : INT_MAX;
686 if ((!hp->cmdp) || (hp->cmd_len < 6) || (hp->cmd_len > sizeof (cmnd))) {
687 sg_remove_request(sfp, srp);
688 return -EMSGSIZE;
689 }
690 if (!access_ok(VERIFY_READ, hp->cmdp, hp->cmd_len)) {
691 sg_remove_request(sfp, srp);
692 return -EFAULT;
693 }
694 if (__copy_from_user(cmnd, hp->cmdp, hp->cmd_len)) {
695 sg_remove_request(sfp, srp);
696 return -EFAULT;
697 }
698 if (read_only && sg_allow_access(file, cmnd)) {
699 sg_remove_request(sfp, srp);
700 return -EPERM;
701 }
702 k = sg_common_write(sfp, srp, cmnd, timeout, blocking);
703 if (k < 0)
704 return k;
705 if (o_srp)
706 *o_srp = srp;
707 return count;
708}
709
710static int
711sg_common_write(Sg_fd * sfp, Sg_request * srp,
712 unsigned char *cmnd, int timeout, int blocking)
713{
714 int k, data_dir;
715 Sg_device *sdp = sfp->parentdp;
716 sg_io_hdr_t *hp = &srp->header;
717
718 srp->data.cmd_opcode = cmnd[0];
719 hp->status = 0;
720 hp->masked_status = 0;
721 hp->msg_status = 0;
722 hp->info = 0;
723 hp->host_status = 0;
724 hp->driver_status = 0;
725 hp->resid = 0;
726 SCSI_LOG_TIMEOUT(4, printk("sg_common_write: scsi opcode=0x%02x, cmd_size=%d\n",
727 (int) cmnd[0], (int) hp->cmd_len));
728
729 k = sg_start_req(srp, cmnd);
730 if (k) {
731 SCSI_LOG_TIMEOUT(1, printk("sg_common_write: start_req err=%d\n", k));
732 sg_finish_rem_req(srp);
733 return k;
734 }
735 if (sdp->detached) {
736 sg_finish_rem_req(srp);
737 return -ENODEV;
738 }
739
740 switch (hp->dxfer_direction) {
741 case SG_DXFER_TO_FROM_DEV:
742 case SG_DXFER_FROM_DEV:
743 data_dir = DMA_FROM_DEVICE;
744 break;
745 case SG_DXFER_TO_DEV:
746 data_dir = DMA_TO_DEVICE;
747 break;
748 case SG_DXFER_UNKNOWN:
749 data_dir = DMA_BIDIRECTIONAL;
750 break;
751 default:
752 data_dir = DMA_NONE;
753 break;
754 }
755 hp->duration = jiffies_to_msecs(jiffies);
756
757 srp->rq->timeout = timeout;
758 blk_execute_rq_nowait(sdp->device->request_queue, sdp->disk,
759 srp->rq, 1, sg_rq_end_io);
760 return 0;
761}
762
763static int
764sg_srp_done(Sg_request *srp, Sg_fd *sfp)
765{
766 unsigned long iflags;
767 int done;
768
769 read_lock_irqsave(&sfp->rq_list_lock, iflags);
770 done = srp->done;
771 read_unlock_irqrestore(&sfp->rq_list_lock, iflags);
772 return done;
773}
774
775static int
776sg_ioctl(struct inode *inode, struct file *filp,
777 unsigned int cmd_in, unsigned long arg)
778{
779 void __user *p = (void __user *)arg;
780 int __user *ip = p;
781 int result, val, read_only;
782 Sg_device *sdp;
783 Sg_fd *sfp;
784 Sg_request *srp;
785 unsigned long iflags;
786
787 if ((!(sfp = (Sg_fd *) filp->private_data)) || (!(sdp = sfp->parentdp)))
788 return -ENXIO;
789
790 SCSI_LOG_TIMEOUT(3, printk("sg_ioctl: %s, cmd=0x%x\n",
791 sdp->disk->disk_name, (int) cmd_in));
792 read_only = (O_RDWR != (filp->f_flags & O_ACCMODE));
793
794 switch (cmd_in) {
795 case SG_IO:
796 {
797 int blocking = 1;
798
799 if (sdp->detached)
800 return -ENODEV;
801 if (!scsi_block_when_processing_errors(sdp->device))
802 return -ENXIO;
803 if (!access_ok(VERIFY_WRITE, p, SZ_SG_IO_HDR))
804 return -EFAULT;
805 result =
806 sg_new_write(sfp, filp, p, SZ_SG_IO_HDR,
807 blocking, read_only, &srp);
808 if (result < 0)
809 return result;
810 srp->sg_io_owned = 1;
811 while (1) {
812 result = 0;
813 __wait_event_interruptible(sfp->read_wait,
814 (sdp->detached || sfp->closed || sg_srp_done(srp, sfp)),
815 result);
816 if (sdp->detached)
817 return -ENODEV;
818 if (sfp->closed)
819 return 0;
820 if (0 == result)
821 break;
822 srp->orphan = 1;
823 return result;
824 }
825 write_lock_irqsave(&sfp->rq_list_lock, iflags);
826 srp->done = 2;
827 write_unlock_irqrestore(&sfp->rq_list_lock, iflags);
828 result = sg_new_read(sfp, p, SZ_SG_IO_HDR, srp);
829 return (result < 0) ? result : 0;
830 }
831 case SG_SET_TIMEOUT:
832 result = get_user(val, ip);
833 if (result)
834 return result;
835 if (val < 0)
836 return -EIO;
837 if (val >= MULDIV (INT_MAX, USER_HZ, HZ))
838 val = MULDIV (INT_MAX, USER_HZ, HZ);
839 sfp->timeout_user = val;
840 sfp->timeout = MULDIV (val, HZ, USER_HZ);
841
842 return 0;
843 case SG_GET_TIMEOUT:
844
845 return sfp->timeout_user;
846 case SG_SET_FORCE_LOW_DMA:
847 result = get_user(val, ip);
848 if (result)
849 return result;
850 if (val) {
851 sfp->low_dma = 1;
852 if ((0 == sfp->low_dma) && (0 == sg_res_in_use(sfp))) {
853 val = (int) sfp->reserve.bufflen;
854 sg_remove_scat(&sfp->reserve);
855 sg_build_reserve(sfp, val);
856 }
857 } else {
858 if (sdp->detached)
859 return -ENODEV;
860 sfp->low_dma = sdp->device->host->unchecked_isa_dma;
861 }
862 return 0;
863 case SG_GET_LOW_DMA:
864 return put_user((int) sfp->low_dma, ip);
865 case SG_GET_SCSI_ID:
866 if (!access_ok(VERIFY_WRITE, p, sizeof (sg_scsi_id_t)))
867 return -EFAULT;
868 else {
869 sg_scsi_id_t __user *sg_idp = p;
870
871 if (sdp->detached)
872 return -ENODEV;
873 __put_user((int) sdp->device->host->host_no,
874 &sg_idp->host_no);
875 __put_user((int) sdp->device->channel,
876 &sg_idp->channel);
877 __put_user((int) sdp->device->id, &sg_idp->scsi_id);
878 __put_user((int) sdp->device->lun, &sg_idp->lun);
879 __put_user((int) sdp->device->type, &sg_idp->scsi_type);
880 __put_user((short) sdp->device->host->cmd_per_lun,
881 &sg_idp->h_cmd_per_lun);
882 __put_user((short) sdp->device->queue_depth,
883 &sg_idp->d_queue_depth);
884 __put_user(0, &sg_idp->unused[0]);
885 __put_user(0, &sg_idp->unused[1]);
886 return 0;
887 }
888 case SG_SET_FORCE_PACK_ID:
889 result = get_user(val, ip);
890 if (result)
891 return result;
892 sfp->force_packid = val ? 1 : 0;
893 return 0;
894 case SG_GET_PACK_ID:
895 if (!access_ok(VERIFY_WRITE, ip, sizeof (int)))
896 return -EFAULT;
897 read_lock_irqsave(&sfp->rq_list_lock, iflags);
898 for (srp = sfp->headrp; srp; srp = srp->nextrp) {
899 if ((1 == srp->done) && (!srp->sg_io_owned)) {
900 read_unlock_irqrestore(&sfp->rq_list_lock,
901 iflags);
902 __put_user(srp->header.pack_id, ip);
903 return 0;
904 }
905 }
906 read_unlock_irqrestore(&sfp->rq_list_lock, iflags);
907 __put_user(-1, ip);
908 return 0;
909 case SG_GET_NUM_WAITING:
910 read_lock_irqsave(&sfp->rq_list_lock, iflags);
911 for (val = 0, srp = sfp->headrp; srp; srp = srp->nextrp) {
912 if ((1 == srp->done) && (!srp->sg_io_owned))
913 ++val;
914 }
915 read_unlock_irqrestore(&sfp->rq_list_lock, iflags);
916 return put_user(val, ip);
917 case SG_GET_SG_TABLESIZE:
918 return put_user(sdp->sg_tablesize, ip);
919 case SG_SET_RESERVED_SIZE:
920 result = get_user(val, ip);
921 if (result)
922 return result;
923 if (val < 0)
924 return -EINVAL;
925 val = min_t(int, val,
926 sdp->device->request_queue->max_sectors * 512);
927 if (val != sfp->reserve.bufflen) {
928 if (sg_res_in_use(sfp) || sfp->mmap_called)
929 return -EBUSY;
930 sg_remove_scat(&sfp->reserve);
931 sg_build_reserve(sfp, val);
932 }
933 return 0;
934 case SG_GET_RESERVED_SIZE:
935 val = min_t(int, sfp->reserve.bufflen,
936 sdp->device->request_queue->max_sectors * 512);
937 return put_user(val, ip);
938 case SG_SET_COMMAND_Q:
939 result = get_user(val, ip);
940 if (result)
941 return result;
942 sfp->cmd_q = val ? 1 : 0;
943 return 0;
944 case SG_GET_COMMAND_Q:
945 return put_user((int) sfp->cmd_q, ip);
946 case SG_SET_KEEP_ORPHAN:
947 result = get_user(val, ip);
948 if (result)
949 return result;
950 sfp->keep_orphan = val;
951 return 0;
952 case SG_GET_KEEP_ORPHAN:
953 return put_user((int) sfp->keep_orphan, ip);
954 case SG_NEXT_CMD_LEN:
955 result = get_user(val, ip);
956 if (result)
957 return result;
958 sfp->next_cmd_len = (val > 0) ? val : 0;
959 return 0;
960 case SG_GET_VERSION_NUM:
961 return put_user(sg_version_num, ip);
962 case SG_GET_ACCESS_COUNT:
963
964 val = (sdp->device ? 1 : 0);
965 return put_user(val, ip);
966 case SG_GET_REQUEST_TABLE:
967 if (!access_ok(VERIFY_WRITE, p, SZ_SG_REQ_INFO * SG_MAX_QUEUE))
968 return -EFAULT;
969 else {
970 sg_req_info_t *rinfo;
971 unsigned int ms;
972
973 rinfo = kmalloc(SZ_SG_REQ_INFO * SG_MAX_QUEUE,
974 GFP_KERNEL);
975 if (!rinfo)
976 return -ENOMEM;
977 read_lock_irqsave(&sfp->rq_list_lock, iflags);
978 for (srp = sfp->headrp, val = 0; val < SG_MAX_QUEUE;
979 ++val, srp = srp ? srp->nextrp : srp) {
980 memset(&rinfo[val], 0, SZ_SG_REQ_INFO);
981 if (srp) {
982 rinfo[val].req_state = srp->done + 1;
983 rinfo[val].problem =
984 srp->header.masked_status &
985 srp->header.host_status &
986 srp->header.driver_status;
987 if (srp->done)
988 rinfo[val].duration =
989 srp->header.duration;
990 else {
991 ms = jiffies_to_msecs(jiffies);
992 rinfo[val].duration =
993 (ms > srp->header.duration) ?
994 (ms - srp->header.duration) : 0;
995 }
996 rinfo[val].orphan = srp->orphan;
997 rinfo[val].sg_io_owned =
998 srp->sg_io_owned;
999 rinfo[val].pack_id =
1000 srp->header.pack_id;
1001 rinfo[val].usr_ptr =
1002 srp->header.usr_ptr;
1003 }
1004 }
1005 read_unlock_irqrestore(&sfp->rq_list_lock, iflags);
1006 result = __copy_to_user(p, rinfo,
1007 SZ_SG_REQ_INFO * SG_MAX_QUEUE);
1008 result = result ? -EFAULT : 0;
1009 kfree(rinfo);
1010 return result;
1011 }
1012 case SG_EMULATED_HOST:
1013 if (sdp->detached)
1014 return -ENODEV;
1015 return put_user(sdp->device->host->hostt->emulated, ip);
1016 case SG_SCSI_RESET:
1017 if (sdp->detached)
1018 return -ENODEV;
1019 if (filp->f_flags & O_NONBLOCK) {
1020 if (scsi_host_in_recovery(sdp->device->host))
1021 return -EBUSY;
1022 } else if (!scsi_block_when_processing_errors(sdp->device))
1023 return -EBUSY;
1024 result = get_user(val, ip);
1025 if (result)
1026 return result;
1027 if (SG_SCSI_RESET_NOTHING == val)
1028 return 0;
1029 switch (val) {
1030 case SG_SCSI_RESET_DEVICE:
1031 val = SCSI_TRY_RESET_DEVICE;
1032 break;
1033 case SG_SCSI_RESET_TARGET:
1034 val = SCSI_TRY_RESET_TARGET;
1035 break;
1036 case SG_SCSI_RESET_BUS:
1037 val = SCSI_TRY_RESET_BUS;
1038 break;
1039 case SG_SCSI_RESET_HOST:
1040 val = SCSI_TRY_RESET_HOST;
1041 break;
1042 default:
1043 return -EINVAL;
1044 }
1045 if (!capable(CAP_SYS_ADMIN) || !capable(CAP_SYS_RAWIO))
1046 return -EACCES;
1047 return (scsi_reset_provider(sdp->device, val) ==
1048 SUCCESS) ? 0 : -EIO;
1049 case SCSI_IOCTL_SEND_COMMAND:
1050 if (sdp->detached)
1051 return -ENODEV;
1052 if (read_only) {
1053 unsigned char opcode = WRITE_6;
1054 Scsi_Ioctl_Command __user *siocp = p;
1055
1056 if (copy_from_user(&opcode, siocp->data, 1))
1057 return -EFAULT;
1058 if (sg_allow_access(filp, &opcode))
1059 return -EPERM;
1060 }
1061 return sg_scsi_ioctl(sdp->device->request_queue, NULL, filp->f_mode, p);
1062 case SG_SET_DEBUG:
1063 result = get_user(val, ip);
1064 if (result)
1065 return result;
1066 sdp->sgdebug = (char) val;
1067 return 0;
1068 case SCSI_IOCTL_GET_IDLUN:
1069 case SCSI_IOCTL_GET_BUS_NUMBER:
1070 case SCSI_IOCTL_PROBE_HOST:
1071 case SG_GET_TRANSFORM:
1072 if (sdp->detached)
1073 return -ENODEV;
1074 return scsi_ioctl(sdp->device, cmd_in, p);
1075 case BLKSECTGET:
1076 return put_user(sdp->device->request_queue->max_sectors * 512,
1077 ip);
1078 case BLKTRACESETUP:
1079 return blk_trace_setup(sdp->device->request_queue,
1080 sdp->disk->disk_name,
1081 sdp->device->sdev_gendev.devt,
1082 (char *)arg);
1083 case BLKTRACESTART:
1084 return blk_trace_startstop(sdp->device->request_queue, 1);
1085 case BLKTRACESTOP:
1086 return blk_trace_startstop(sdp->device->request_queue, 0);
1087 case BLKTRACETEARDOWN:
1088 return blk_trace_remove(sdp->device->request_queue);
1089 default:
1090 if (read_only)
1091 return -EPERM;
1092 return scsi_ioctl(sdp->device, cmd_in, p);
1093 }
1094}
1095
1096#ifdef CONFIG_COMPAT
1097static long sg_compat_ioctl(struct file *filp, unsigned int cmd_in, unsigned long arg)
1098{
1099 Sg_device *sdp;
1100 Sg_fd *sfp;
1101 struct scsi_device *sdev;
1102
1103 if ((!(sfp = (Sg_fd *) filp->private_data)) || (!(sdp = sfp->parentdp)))
1104 return -ENXIO;
1105
1106 sdev = sdp->device;
1107 if (sdev->host->hostt->compat_ioctl) {
1108 int ret;
1109
1110 ret = sdev->host->hostt->compat_ioctl(sdev, cmd_in, (void __user *)arg);
1111
1112 return ret;
1113 }
1114
1115 return -ENOIOCTLCMD;
1116}
1117#endif
1118
1119static unsigned int
1120sg_poll(struct file *filp, poll_table * wait)
1121{
1122 unsigned int res = 0;
1123 Sg_device *sdp;
1124 Sg_fd *sfp;
1125 Sg_request *srp;
1126 int count = 0;
1127 unsigned long iflags;
1128
1129 if ((!(sfp = (Sg_fd *) filp->private_data)) || (!(sdp = sfp->parentdp))
1130 || sfp->closed)
1131 return POLLERR;
1132 poll_wait(filp, &sfp->read_wait, wait);
1133 read_lock_irqsave(&sfp->rq_list_lock, iflags);
1134 for (srp = sfp->headrp; srp; srp = srp->nextrp) {
1135
1136 if ((0 == res) && (1 == srp->done) && (!srp->sg_io_owned))
1137 res = POLLIN | POLLRDNORM;
1138 ++count;
1139 }
1140 read_unlock_irqrestore(&sfp->rq_list_lock, iflags);
1141
1142 if (sdp->detached)
1143 res |= POLLHUP;
1144 else if (!sfp->cmd_q) {
1145 if (0 == count)
1146 res |= POLLOUT | POLLWRNORM;
1147 } else if (count < SG_MAX_QUEUE)
1148 res |= POLLOUT | POLLWRNORM;
1149 SCSI_LOG_TIMEOUT(3, printk("sg_poll: %s, res=0x%x\n",
1150 sdp->disk->disk_name, (int) res));
1151 return res;
1152}
1153
1154static int
1155sg_fasync(int fd, struct file *filp, int mode)
1156{
1157 int retval;
1158 Sg_device *sdp;
1159 Sg_fd *sfp;
1160
1161 if ((!(sfp = (Sg_fd *) filp->private_data)) || (!(sdp = sfp->parentdp)))
1162 return -ENXIO;
1163 SCSI_LOG_TIMEOUT(3, printk("sg_fasync: %s, mode=%d\n",
1164 sdp->disk->disk_name, mode));
1165
1166 retval = fasync_helper(fd, filp, mode, &sfp->async_qp);
1167 return (retval < 0) ? retval : 0;
1168}
1169
1170static int
1171sg_vma_fault(struct vm_area_struct *vma, struct vm_fault *vmf)
1172{
1173 Sg_fd *sfp;
1174 unsigned long offset, len, sa;
1175 Sg_scatter_hold *rsv_schp;
1176 int k, length;
1177
1178 if ((NULL == vma) || (!(sfp = (Sg_fd *) vma->vm_private_data)))
1179 return VM_FAULT_SIGBUS;
1180 rsv_schp = &sfp->reserve;
1181 offset = vmf->pgoff << PAGE_SHIFT;
1182 if (offset >= rsv_schp->bufflen)
1183 return VM_FAULT_SIGBUS;
1184 SCSI_LOG_TIMEOUT(3, printk("sg_vma_fault: offset=%lu, scatg=%d\n",
1185 offset, rsv_schp->k_use_sg));
1186 sa = vma->vm_start;
1187 length = 1 << (PAGE_SHIFT + rsv_schp->page_order);
1188 for (k = 0; k < rsv_schp->k_use_sg && sa < vma->vm_end; k++) {
1189 len = vma->vm_end - sa;
1190 len = (len < length) ? len : length;
1191 if (offset < len) {
1192 struct page *page = nth_page(rsv_schp->pages[k],
1193 offset >> PAGE_SHIFT);
1194 get_page(page);
1195 vmf->page = page;
1196 return 0;
1197 }
1198 sa += len;
1199 offset -= len;
1200 }
1201
1202 return VM_FAULT_SIGBUS;
1203}
1204
1205static struct vm_operations_struct sg_mmap_vm_ops = {
1206 .fault = sg_vma_fault,
1207};
1208
1209static int
1210sg_mmap(struct file *filp, struct vm_area_struct *vma)
1211{
1212 Sg_fd *sfp;
1213 unsigned long req_sz, len, sa;
1214 Sg_scatter_hold *rsv_schp;
1215 int k, length;
1216
1217 if ((!filp) || (!vma) || (!(sfp = (Sg_fd *) filp->private_data)))
1218 return -ENXIO;
1219 req_sz = vma->vm_end - vma->vm_start;
1220 SCSI_LOG_TIMEOUT(3, printk("sg_mmap starting, vm_start=%p, len=%d\n",
1221 (void *) vma->vm_start, (int) req_sz));
1222 if (vma->vm_pgoff)
1223 return -EINVAL;
1224 rsv_schp = &sfp->reserve;
1225 if (req_sz > rsv_schp->bufflen)
1226 return -ENOMEM;
1227
1228 sa = vma->vm_start;
1229 length = 1 << (PAGE_SHIFT + rsv_schp->page_order);
1230 for (k = 0; k < rsv_schp->k_use_sg && sa < vma->vm_end; k++) {
1231 len = vma->vm_end - sa;
1232 len = (len < length) ? len : length;
1233 sa += len;
1234 }
1235
1236 sfp->mmap_called = 1;
1237 vma->vm_flags |= VM_RESERVED;
1238 vma->vm_private_data = sfp;
1239 vma->vm_ops = &sg_mmap_vm_ops;
1240 return 0;
1241}
1242
1243
1244
1245
1246
1247static void sg_rq_end_io(struct request *rq, int uptodate)
1248{
1249 struct sg_request *srp = rq->end_io_data;
1250 Sg_device *sdp = NULL;
1251 Sg_fd *sfp;
1252 unsigned long iflags;
1253 unsigned int ms;
1254 char *sense;
1255 int result, resid;
1256
1257 if (NULL == srp) {
1258 printk(KERN_ERR "sg_cmd_done: NULL request\n");
1259 return;
1260 }
1261 sfp = srp->parentfp;
1262 if (sfp)
1263 sdp = sfp->parentdp;
1264 if ((NULL == sdp) || sdp->detached) {
1265 printk(KERN_INFO "sg_cmd_done: device detached\n");
1266 return;
1267 }
1268
1269 sense = rq->sense;
1270 result = rq->errors;
1271 resid = rq->data_len;
1272
1273 SCSI_LOG_TIMEOUT(4, printk("sg_cmd_done: %s, pack_id=%d, res=0x%x\n",
1274 sdp->disk->disk_name, srp->header.pack_id, result));
1275 srp->header.resid = resid;
1276 ms = jiffies_to_msecs(jiffies);
1277 srp->header.duration = (ms > srp->header.duration) ?
1278 (ms - srp->header.duration) : 0;
1279 if (0 != result) {
1280 struct scsi_sense_hdr sshdr;
1281
1282 srp->header.status = 0xff & result;
1283 srp->header.masked_status = status_byte(result);
1284 srp->header.msg_status = msg_byte(result);
1285 srp->header.host_status = host_byte(result);
1286 srp->header.driver_status = driver_byte(result);
1287 if ((sdp->sgdebug > 0) &&
1288 ((CHECK_CONDITION == srp->header.masked_status) ||
1289 (COMMAND_TERMINATED == srp->header.masked_status)))
1290 __scsi_print_sense("sg_cmd_done", sense,
1291 SCSI_SENSE_BUFFERSIZE);
1292
1293
1294 if (driver_byte(result) != 0
1295 && scsi_normalize_sense(sense, SCSI_SENSE_BUFFERSIZE, &sshdr)
1296 && !scsi_sense_is_deferred(&sshdr)
1297 && sshdr.sense_key == UNIT_ATTENTION
1298 && sdp->device->removable) {
1299
1300
1301 sdp->device->changed = 1;
1302 }
1303 }
1304
1305
1306 if (sfp->closed) {
1307 SCSI_LOG_TIMEOUT(1, printk("sg_cmd_done: already closed, freeing ...\n"));
1308 sg_finish_rem_req(srp);
1309 srp = NULL;
1310 if (NULL == sfp->headrp) {
1311 SCSI_LOG_TIMEOUT(1, printk("sg_cmd_done: already closed, final cleanup\n"));
1312 if (0 == sg_remove_sfp(sdp, sfp)) {
1313 scsi_device_put(sdp->device);
1314 }
1315 sfp = NULL;
1316 }
1317 } else if (srp && srp->orphan) {
1318 if (sfp->keep_orphan)
1319 srp->sg_io_owned = 0;
1320 else {
1321 sg_finish_rem_req(srp);
1322 srp = NULL;
1323 }
1324 }
1325 if (sfp && srp) {
1326
1327 kill_fasync(&sfp->async_qp, SIGPOLL, POLL_IN);
1328 write_lock_irqsave(&sfp->rq_list_lock, iflags);
1329 srp->done = 1;
1330 wake_up_interruptible(&sfp->read_wait);
1331 write_unlock_irqrestore(&sfp->rq_list_lock, iflags);
1332 }
1333}
1334
1335static struct file_operations sg_fops = {
1336 .owner = THIS_MODULE,
1337 .read = sg_read,
1338 .write = sg_write,
1339 .poll = sg_poll,
1340 .ioctl = sg_ioctl,
1341#ifdef CONFIG_COMPAT
1342 .compat_ioctl = sg_compat_ioctl,
1343#endif
1344 .open = sg_open,
1345 .mmap = sg_mmap,
1346 .release = sg_release,
1347 .fasync = sg_fasync,
1348};
1349
1350static struct class *sg_sysfs_class;
1351
1352static int sg_sysfs_valid = 0;
1353
1354static Sg_device *sg_alloc(struct gendisk *disk, struct scsi_device *scsidp)
1355{
1356 struct request_queue *q = scsidp->request_queue;
1357 Sg_device *sdp;
1358 unsigned long iflags;
1359 int error;
1360 u32 k;
1361
1362 sdp = kzalloc(sizeof(Sg_device), GFP_KERNEL);
1363 if (!sdp) {
1364 printk(KERN_WARNING "kmalloc Sg_device failure\n");
1365 return ERR_PTR(-ENOMEM);
1366 }
1367 error = -ENOMEM;
1368 if (!idr_pre_get(&sg_index_idr, GFP_KERNEL)) {
1369 printk(KERN_WARNING "idr expansion Sg_device failure\n");
1370 goto out;
1371 }
1372
1373 write_lock_irqsave(&sg_index_lock, iflags);
1374 error = idr_get_new(&sg_index_idr, sdp, &k);
1375 write_unlock_irqrestore(&sg_index_lock, iflags);
1376
1377 if (error) {
1378 printk(KERN_WARNING "idr allocation Sg_device failure: %d\n",
1379 error);
1380 goto out;
1381 }
1382
1383 if (unlikely(k >= SG_MAX_DEVS))
1384 goto overflow;
1385
1386 SCSI_LOG_TIMEOUT(3, printk("sg_alloc: dev=%d \n", k));
1387 sprintf(disk->disk_name, "sg%d", k);
1388 disk->first_minor = k;
1389 sdp->disk = disk;
1390 sdp->device = scsidp;
1391 init_waitqueue_head(&sdp->o_excl_wait);
1392 sdp->sg_tablesize = min(q->max_hw_segments, q->max_phys_segments);
1393 sdp->index = k;
1394
1395 error = 0;
1396 out:
1397 if (error) {
1398 kfree(sdp);
1399 return ERR_PTR(error);
1400 }
1401 return sdp;
1402
1403 overflow:
1404 sdev_printk(KERN_WARNING, scsidp,
1405 "Unable to attach sg device type=%d, minor "
1406 "number exceeds %d\n", scsidp->type, SG_MAX_DEVS - 1);
1407 error = -ENODEV;
1408 goto out;
1409}
1410
1411static int
1412sg_add(struct device *cl_dev, struct class_interface *cl_intf)
1413{
1414 struct scsi_device *scsidp = to_scsi_device(cl_dev->parent);
1415 struct gendisk *disk;
1416 Sg_device *sdp = NULL;
1417 struct cdev * cdev = NULL;
1418 int error;
1419 unsigned long iflags;
1420
1421 disk = alloc_disk(1);
1422 if (!disk) {
1423 printk(KERN_WARNING "alloc_disk failed\n");
1424 return -ENOMEM;
1425 }
1426 disk->major = SCSI_GENERIC_MAJOR;
1427
1428 error = -ENOMEM;
1429 cdev = cdev_alloc();
1430 if (!cdev) {
1431 printk(KERN_WARNING "cdev_alloc failed\n");
1432 goto out;
1433 }
1434 cdev->owner = THIS_MODULE;
1435 cdev->ops = &sg_fops;
1436
1437 sdp = sg_alloc(disk, scsidp);
1438 if (IS_ERR(sdp)) {
1439 printk(KERN_WARNING "sg_alloc failed\n");
1440 error = PTR_ERR(sdp);
1441 goto out;
1442 }
1443
1444 error = cdev_add(cdev, MKDEV(SCSI_GENERIC_MAJOR, sdp->index), 1);
1445 if (error)
1446 goto cdev_add_err;
1447
1448 sdp->cdev = cdev;
1449 if (sg_sysfs_valid) {
1450 struct device *sg_class_member;
1451
1452 sg_class_member = device_create(sg_sysfs_class, cl_dev->parent,
1453 MKDEV(SCSI_GENERIC_MAJOR,
1454 sdp->index),
1455 sdp, "%s", disk->disk_name);
1456 if (IS_ERR(sg_class_member)) {
1457 printk(KERN_ERR "sg_add: "
1458 "device_create failed\n");
1459 error = PTR_ERR(sg_class_member);
1460 goto cdev_add_err;
1461 }
1462 error = sysfs_create_link(&scsidp->sdev_gendev.kobj,
1463 &sg_class_member->kobj, "generic");
1464 if (error)
1465 printk(KERN_ERR "sg_add: unable to make symlink "
1466 "'generic' back to sg%d\n", sdp->index);
1467 } else
1468 printk(KERN_WARNING "sg_add: sg_sys Invalid\n");
1469
1470 sdev_printk(KERN_NOTICE, scsidp,
1471 "Attached scsi generic sg%d type %d\n", sdp->index,
1472 scsidp->type);
1473
1474 dev_set_drvdata(cl_dev, sdp);
1475
1476 return 0;
1477
1478cdev_add_err:
1479 write_lock_irqsave(&sg_index_lock, iflags);
1480 idr_remove(&sg_index_idr, sdp->index);
1481 write_unlock_irqrestore(&sg_index_lock, iflags);
1482 kfree(sdp);
1483
1484out:
1485 put_disk(disk);
1486 if (cdev)
1487 cdev_del(cdev);
1488 return error;
1489}
1490
1491static void
1492sg_remove(struct device *cl_dev, struct class_interface *cl_intf)
1493{
1494 struct scsi_device *scsidp = to_scsi_device(cl_dev->parent);
1495 Sg_device *sdp = dev_get_drvdata(cl_dev);
1496 unsigned long iflags;
1497 Sg_fd *sfp;
1498 Sg_fd *tsfp;
1499 Sg_request *srp;
1500 Sg_request *tsrp;
1501 int delay;
1502
1503 if (!sdp)
1504 return;
1505
1506 delay = 0;
1507 write_lock_irqsave(&sg_index_lock, iflags);
1508 if (sdp->headfp) {
1509 sdp->detached = 1;
1510 for (sfp = sdp->headfp; sfp; sfp = tsfp) {
1511 tsfp = sfp->nextfp;
1512 for (srp = sfp->headrp; srp; srp = tsrp) {
1513 tsrp = srp->nextrp;
1514 if (sfp->closed || (0 == sg_srp_done(srp, sfp)))
1515 sg_finish_rem_req(srp);
1516 }
1517 if (sfp->closed) {
1518 scsi_device_put(sdp->device);
1519 __sg_remove_sfp(sdp, sfp);
1520 } else {
1521 delay = 1;
1522 wake_up_interruptible(&sfp->read_wait);
1523 kill_fasync(&sfp->async_qp, SIGPOLL,
1524 POLL_HUP);
1525 }
1526 }
1527 SCSI_LOG_TIMEOUT(3, printk("sg_remove: dev=%d, dirty\n", sdp->index));
1528 if (NULL == sdp->headfp) {
1529 idr_remove(&sg_index_idr, sdp->index);
1530 }
1531 } else {
1532 SCSI_LOG_TIMEOUT(3, printk("sg_remove: dev=%d\n", sdp->index));
1533 idr_remove(&sg_index_idr, sdp->index);
1534 }
1535 write_unlock_irqrestore(&sg_index_lock, iflags);
1536
1537 sysfs_remove_link(&scsidp->sdev_gendev.kobj, "generic");
1538 device_destroy(sg_sysfs_class, MKDEV(SCSI_GENERIC_MAJOR, sdp->index));
1539 cdev_del(sdp->cdev);
1540 sdp->cdev = NULL;
1541 put_disk(sdp->disk);
1542 sdp->disk = NULL;
1543 if (NULL == sdp->headfp)
1544 kfree(sdp);
1545
1546 if (delay)
1547 msleep(10);
1548}
1549
1550module_param_named(scatter_elem_sz, scatter_elem_sz, int, S_IRUGO | S_IWUSR);
1551module_param_named(def_reserved_size, def_reserved_size, int,
1552 S_IRUGO | S_IWUSR);
1553module_param_named(allow_dio, sg_allow_dio, int, S_IRUGO | S_IWUSR);
1554
1555MODULE_AUTHOR("Douglas Gilbert");
1556MODULE_DESCRIPTION("SCSI generic (sg) driver");
1557MODULE_LICENSE("GPL");
1558MODULE_VERSION(SG_VERSION_STR);
1559MODULE_ALIAS_CHARDEV_MAJOR(SCSI_GENERIC_MAJOR);
1560
1561MODULE_PARM_DESC(scatter_elem_sz, "scatter gather element "
1562 "size (default: max(SG_SCATTER_SZ, PAGE_SIZE))");
1563MODULE_PARM_DESC(def_reserved_size, "size of buffer reserved for each fd");
1564MODULE_PARM_DESC(allow_dio, "allow direct I/O (default: 0 (disallow))");
1565
1566static int __init
1567init_sg(void)
1568{
1569 int rc;
1570
1571 if (scatter_elem_sz < PAGE_SIZE) {
1572 scatter_elem_sz = PAGE_SIZE;
1573 scatter_elem_sz_prev = scatter_elem_sz;
1574 }
1575 if (def_reserved_size >= 0)
1576 sg_big_buff = def_reserved_size;
1577 else
1578 def_reserved_size = sg_big_buff;
1579
1580 rc = register_chrdev_region(MKDEV(SCSI_GENERIC_MAJOR, 0),
1581 SG_MAX_DEVS, "sg");
1582 if (rc)
1583 return rc;
1584 sg_sysfs_class = class_create(THIS_MODULE, "scsi_generic");
1585 if ( IS_ERR(sg_sysfs_class) ) {
1586 rc = PTR_ERR(sg_sysfs_class);
1587 goto err_out;
1588 }
1589 sg_sysfs_valid = 1;
1590 rc = scsi_register_interface(&sg_interface);
1591 if (0 == rc) {
1592#ifdef CONFIG_SCSI_PROC_FS
1593 sg_proc_init();
1594#endif
1595 return 0;
1596 }
1597 class_destroy(sg_sysfs_class);
1598err_out:
1599 unregister_chrdev_region(MKDEV(SCSI_GENERIC_MAJOR, 0), SG_MAX_DEVS);
1600 return rc;
1601}
1602
1603static void __exit
1604exit_sg(void)
1605{
1606#ifdef CONFIG_SCSI_PROC_FS
1607 sg_proc_cleanup();
1608#endif
1609 scsi_unregister_interface(&sg_interface);
1610 class_destroy(sg_sysfs_class);
1611 sg_sysfs_valid = 0;
1612 unregister_chrdev_region(MKDEV(SCSI_GENERIC_MAJOR, 0),
1613 SG_MAX_DEVS);
1614 idr_destroy(&sg_index_idr);
1615}
1616
1617static int sg_start_req(Sg_request *srp, unsigned char *cmd)
1618{
1619 int res;
1620 struct request *rq;
1621 Sg_fd *sfp = srp->parentfp;
1622 sg_io_hdr_t *hp = &srp->header;
1623 int dxfer_len = (int) hp->dxfer_len;
1624 int dxfer_dir = hp->dxfer_direction;
1625 unsigned int iov_count = hp->iovec_count;
1626 Sg_scatter_hold *req_schp = &srp->data;
1627 Sg_scatter_hold *rsv_schp = &sfp->reserve;
1628 struct request_queue *q = sfp->parentdp->device->request_queue;
1629 struct rq_map_data *md, map_data;
1630 int rw = hp->dxfer_direction == SG_DXFER_TO_DEV ? WRITE : READ;
1631
1632 SCSI_LOG_TIMEOUT(4, printk(KERN_INFO "sg_start_req: dxfer_len=%d\n",
1633 dxfer_len));
1634
1635 rq = blk_get_request(q, rw, GFP_ATOMIC);
1636 if (!rq)
1637 return -ENOMEM;
1638
1639 memcpy(rq->cmd, cmd, hp->cmd_len);
1640
1641 rq->cmd_len = hp->cmd_len;
1642 rq->cmd_type = REQ_TYPE_BLOCK_PC;
1643
1644 srp->rq = rq;
1645 rq->end_io_data = srp;
1646 rq->sense = srp->sense_b;
1647 rq->retries = SG_DEFAULT_RETRIES;
1648
1649 if ((dxfer_len <= 0) || (dxfer_dir == SG_DXFER_NONE))
1650 return 0;
1651
1652 if (sg_allow_dio && hp->flags & SG_FLAG_DIRECT_IO &&
1653 dxfer_dir != SG_DXFER_UNKNOWN && !iov_count &&
1654 !sfp->parentdp->device->host->unchecked_isa_dma &&
1655 blk_rq_aligned(q, hp->dxferp, dxfer_len))
1656 md = NULL;
1657 else
1658 md = &map_data;
1659
1660 if (md) {
1661 if (!sg_res_in_use(sfp) && dxfer_len <= rsv_schp->bufflen)
1662 sg_link_reserve(sfp, srp, dxfer_len);
1663 else {
1664 res = sg_build_indirect(req_schp, sfp, dxfer_len);
1665 if (res)
1666 return res;
1667 }
1668
1669 md->pages = req_schp->pages;
1670 md->page_order = req_schp->page_order;
1671 md->nr_entries = req_schp->k_use_sg;
1672 }
1673
1674 if (iov_count)
1675 res = blk_rq_map_user_iov(q, rq, md, hp->dxferp, iov_count,
1676 hp->dxfer_len, GFP_ATOMIC);
1677 else
1678 res = blk_rq_map_user(q, rq, md, hp->dxferp,
1679 hp->dxfer_len, GFP_ATOMIC);
1680
1681 if (!res) {
1682 srp->bio = rq->bio;
1683
1684 if (!md) {
1685 req_schp->dio_in_use = 1;
1686 hp->info |= SG_INFO_DIRECT_IO;
1687 }
1688 }
1689 return res;
1690}
1691
1692static void
1693sg_finish_rem_req(Sg_request * srp)
1694{
1695 Sg_fd *sfp = srp->parentfp;
1696 Sg_scatter_hold *req_schp = &srp->data;
1697
1698 SCSI_LOG_TIMEOUT(4, printk("sg_finish_rem_req: res_used=%d\n", (int) srp->res_used));
1699 if (srp->res_used)
1700 sg_unlink_reserve(sfp, srp);
1701 else
1702 sg_remove_scat(req_schp);
1703
1704 if (srp->rq) {
1705 if (srp->bio)
1706 blk_rq_unmap_user(srp->bio);
1707
1708 blk_put_request(srp->rq);
1709 }
1710
1711 sg_remove_request(sfp, srp);
1712}
1713
1714static int
1715sg_build_sgat(Sg_scatter_hold * schp, const Sg_fd * sfp, int tablesize)
1716{
1717 int sg_bufflen = tablesize * sizeof(struct page *);
1718 gfp_t gfp_flags = GFP_ATOMIC | __GFP_NOWARN;
1719
1720 schp->pages = kzalloc(sg_bufflen, gfp_flags);
1721 if (!schp->pages)
1722 return -ENOMEM;
1723 schp->sglist_len = sg_bufflen;
1724 return tablesize;
1725}
1726
1727static int
1728sg_build_indirect(Sg_scatter_hold * schp, Sg_fd * sfp, int buff_size)
1729{
1730 int ret_sz = 0, i, k, rem_sz, num, mx_sc_elems;
1731 int sg_tablesize = sfp->parentdp->sg_tablesize;
1732 int blk_size = buff_size, order;
1733 gfp_t gfp_mask = GFP_ATOMIC | __GFP_COMP | __GFP_NOWARN;
1734
1735 if (blk_size < 0)
1736 return -EFAULT;
1737 if (0 == blk_size)
1738 ++blk_size;
1739
1740 blk_size = (blk_size + SG_SECTOR_MSK) & (~SG_SECTOR_MSK);
1741 SCSI_LOG_TIMEOUT(4, printk("sg_build_indirect: buff_size=%d, blk_size=%d\n",
1742 buff_size, blk_size));
1743
1744
1745 mx_sc_elems = sg_build_sgat(schp, sfp, sg_tablesize);
1746 if (mx_sc_elems < 0)
1747 return mx_sc_elems;
1748
1749 num = scatter_elem_sz;
1750 if (unlikely(num != scatter_elem_sz_prev)) {
1751 if (num < PAGE_SIZE) {
1752 scatter_elem_sz = PAGE_SIZE;
1753 scatter_elem_sz_prev = PAGE_SIZE;
1754 } else
1755 scatter_elem_sz_prev = num;
1756 }
1757
1758 if (sfp->low_dma)
1759 gfp_mask |= GFP_DMA;
1760
1761 if (!capable(CAP_SYS_ADMIN) || !capable(CAP_SYS_RAWIO))
1762 gfp_mask |= __GFP_ZERO;
1763
1764 order = get_order(num);
1765retry:
1766 ret_sz = 1 << (PAGE_SHIFT + order);
1767
1768 for (k = 0, rem_sz = blk_size; rem_sz > 0 && k < mx_sc_elems;
1769 k++, rem_sz -= ret_sz) {
1770
1771 num = (rem_sz > scatter_elem_sz_prev) ?
1772 scatter_elem_sz_prev : rem_sz;
1773
1774 schp->pages[k] = alloc_pages(gfp_mask, order);
1775 if (!schp->pages[k])
1776 goto out;
1777
1778 if (num == scatter_elem_sz_prev) {
1779 if (unlikely(ret_sz > scatter_elem_sz_prev)) {
1780 scatter_elem_sz = ret_sz;
1781 scatter_elem_sz_prev = ret_sz;
1782 }
1783 }
1784
1785 SCSI_LOG_TIMEOUT(5, printk("sg_build_indirect: k=%d, num=%d, "
1786 "ret_sz=%d\n", k, num, ret_sz));
1787 }
1788
1789 schp->page_order = order;
1790 schp->k_use_sg = k;
1791 SCSI_LOG_TIMEOUT(5, printk("sg_build_indirect: k_use_sg=%d, "
1792 "rem_sz=%d\n", k, rem_sz));
1793
1794 schp->bufflen = blk_size;
1795 if (rem_sz > 0)
1796 return -ENOMEM;
1797 return 0;
1798out:
1799 for (i = 0; i < k; i++)
1800 __free_pages(schp->pages[k], order);
1801
1802 if (--order >= 0)
1803 goto retry;
1804
1805 return -ENOMEM;
1806}
1807
1808static void
1809sg_remove_scat(Sg_scatter_hold * schp)
1810{
1811 SCSI_LOG_TIMEOUT(4, printk("sg_remove_scat: k_use_sg=%d\n", schp->k_use_sg));
1812 if (schp->pages && schp->sglist_len > 0) {
1813 if (!schp->dio_in_use) {
1814 int k;
1815
1816 for (k = 0; k < schp->k_use_sg && schp->pages[k]; k++) {
1817 SCSI_LOG_TIMEOUT(5, printk(
1818 "sg_remove_scat: k=%d, pg=0x%p\n",
1819 k, schp->pages[k]));
1820 __free_pages(schp->pages[k], schp->page_order);
1821 }
1822
1823 kfree(schp->pages);
1824 }
1825 }
1826 memset(schp, 0, sizeof (*schp));
1827}
1828
1829static int
1830sg_read_oxfer(Sg_request * srp, char __user *outp, int num_read_xfer)
1831{
1832 Sg_scatter_hold *schp = &srp->data;
1833 int k, num;
1834
1835 SCSI_LOG_TIMEOUT(4, printk("sg_read_oxfer: num_read_xfer=%d\n",
1836 num_read_xfer));
1837 if ((!outp) || (num_read_xfer <= 0))
1838 return 0;
1839
1840 num = 1 << (PAGE_SHIFT + schp->page_order);
1841 for (k = 0; k < schp->k_use_sg && schp->pages[k]; k++) {
1842 if (num > num_read_xfer) {
1843 if (__copy_to_user(outp, page_address(schp->pages[k]),
1844 num_read_xfer))
1845 return -EFAULT;
1846 break;
1847 } else {
1848 if (__copy_to_user(outp, page_address(schp->pages[k]),
1849 num))
1850 return -EFAULT;
1851 num_read_xfer -= num;
1852 if (num_read_xfer <= 0)
1853 break;
1854 outp += num;
1855 }
1856 }
1857
1858 return 0;
1859}
1860
1861static void
1862sg_build_reserve(Sg_fd * sfp, int req_size)
1863{
1864 Sg_scatter_hold *schp = &sfp->reserve;
1865
1866 SCSI_LOG_TIMEOUT(4, printk("sg_build_reserve: req_size=%d\n", req_size));
1867 do {
1868 if (req_size < PAGE_SIZE)
1869 req_size = PAGE_SIZE;
1870 if (0 == sg_build_indirect(schp, sfp, req_size))
1871 return;
1872 else
1873 sg_remove_scat(schp);
1874 req_size >>= 1;
1875 } while (req_size > (PAGE_SIZE / 2));
1876}
1877
1878static void
1879sg_link_reserve(Sg_fd * sfp, Sg_request * srp, int size)
1880{
1881 Sg_scatter_hold *req_schp = &srp->data;
1882 Sg_scatter_hold *rsv_schp = &sfp->reserve;
1883 int k, num, rem;
1884
1885 srp->res_used = 1;
1886 SCSI_LOG_TIMEOUT(4, printk("sg_link_reserve: size=%d\n", size));
1887 rem = size;
1888
1889 num = 1 << (PAGE_SHIFT + rsv_schp->page_order);
1890 for (k = 0; k < rsv_schp->k_use_sg; k++) {
1891 if (rem <= num) {
1892 req_schp->k_use_sg = k + 1;
1893 req_schp->sglist_len = rsv_schp->sglist_len;
1894 req_schp->pages = rsv_schp->pages;
1895
1896 req_schp->bufflen = size;
1897 req_schp->page_order = rsv_schp->page_order;
1898 break;
1899 } else
1900 rem -= num;
1901 }
1902
1903 if (k >= rsv_schp->k_use_sg)
1904 SCSI_LOG_TIMEOUT(1, printk("sg_link_reserve: BAD size\n"));
1905}
1906
1907static void
1908sg_unlink_reserve(Sg_fd * sfp, Sg_request * srp)
1909{
1910 Sg_scatter_hold *req_schp = &srp->data;
1911
1912 SCSI_LOG_TIMEOUT(4, printk("sg_unlink_reserve: req->k_use_sg=%d\n",
1913 (int) req_schp->k_use_sg));
1914 req_schp->k_use_sg = 0;
1915 req_schp->bufflen = 0;
1916 req_schp->pages = NULL;
1917 req_schp->page_order = 0;
1918 req_schp->sglist_len = 0;
1919 sfp->save_scat_len = 0;
1920 srp->res_used = 0;
1921}
1922
1923static Sg_request *
1924sg_get_rq_mark(Sg_fd * sfp, int pack_id)
1925{
1926 Sg_request *resp;
1927 unsigned long iflags;
1928
1929 write_lock_irqsave(&sfp->rq_list_lock, iflags);
1930 for (resp = sfp->headrp; resp; resp = resp->nextrp) {
1931
1932 if ((1 == resp->done) && (!resp->sg_io_owned) &&
1933 ((-1 == pack_id) || (resp->header.pack_id == pack_id))) {
1934 resp->done = 2;
1935 break;
1936 }
1937 }
1938 write_unlock_irqrestore(&sfp->rq_list_lock, iflags);
1939 return resp;
1940}
1941
1942#ifdef CONFIG_SCSI_PROC_FS
1943static Sg_request *
1944sg_get_nth_request(Sg_fd * sfp, int nth)
1945{
1946 Sg_request *resp;
1947 unsigned long iflags;
1948 int k;
1949
1950 read_lock_irqsave(&sfp->rq_list_lock, iflags);
1951 for (k = 0, resp = sfp->headrp; resp && (k < nth);
1952 ++k, resp = resp->nextrp) ;
1953 read_unlock_irqrestore(&sfp->rq_list_lock, iflags);
1954 return resp;
1955}
1956#endif
1957
1958
1959static Sg_request *
1960sg_add_request(Sg_fd * sfp)
1961{
1962 int k;
1963 unsigned long iflags;
1964 Sg_request *resp;
1965 Sg_request *rp = sfp->req_arr;
1966
1967 write_lock_irqsave(&sfp->rq_list_lock, iflags);
1968 resp = sfp->headrp;
1969 if (!resp) {
1970 memset(rp, 0, sizeof (Sg_request));
1971 rp->parentfp = sfp;
1972 resp = rp;
1973 sfp->headrp = resp;
1974 } else {
1975 if (0 == sfp->cmd_q)
1976 resp = NULL;
1977 else {
1978 for (k = 0; k < SG_MAX_QUEUE; ++k, ++rp) {
1979 if (!rp->parentfp)
1980 break;
1981 }
1982 if (k < SG_MAX_QUEUE) {
1983 memset(rp, 0, sizeof (Sg_request));
1984 rp->parentfp = sfp;
1985 while (resp->nextrp)
1986 resp = resp->nextrp;
1987 resp->nextrp = rp;
1988 resp = rp;
1989 } else
1990 resp = NULL;
1991 }
1992 }
1993 if (resp) {
1994 resp->nextrp = NULL;
1995 resp->header.duration = jiffies_to_msecs(jiffies);
1996 }
1997 write_unlock_irqrestore(&sfp->rq_list_lock, iflags);
1998 return resp;
1999}
2000
2001
2002static int
2003sg_remove_request(Sg_fd * sfp, Sg_request * srp)
2004{
2005 Sg_request *prev_rp;
2006 Sg_request *rp;
2007 unsigned long iflags;
2008 int res = 0;
2009
2010 if ((!sfp) || (!srp) || (!sfp->headrp))
2011 return res;
2012 write_lock_irqsave(&sfp->rq_list_lock, iflags);
2013 prev_rp = sfp->headrp;
2014 if (srp == prev_rp) {
2015 sfp->headrp = prev_rp->nextrp;
2016 prev_rp->parentfp = NULL;
2017 res = 1;
2018 } else {
2019 while ((rp = prev_rp->nextrp)) {
2020 if (srp == rp) {
2021 prev_rp->nextrp = rp->nextrp;
2022 rp->parentfp = NULL;
2023 res = 1;
2024 break;
2025 }
2026 prev_rp = rp;
2027 }
2028 }
2029 write_unlock_irqrestore(&sfp->rq_list_lock, iflags);
2030 return res;
2031}
2032
2033#ifdef CONFIG_SCSI_PROC_FS
2034static Sg_fd *
2035sg_get_nth_sfp(Sg_device * sdp, int nth)
2036{
2037 Sg_fd *resp;
2038 unsigned long iflags;
2039 int k;
2040
2041 read_lock_irqsave(&sg_index_lock, iflags);
2042 for (k = 0, resp = sdp->headfp; resp && (k < nth);
2043 ++k, resp = resp->nextfp) ;
2044 read_unlock_irqrestore(&sg_index_lock, iflags);
2045 return resp;
2046}
2047#endif
2048
2049static Sg_fd *
2050sg_add_sfp(Sg_device * sdp, int dev)
2051{
2052 Sg_fd *sfp;
2053 unsigned long iflags;
2054 int bufflen;
2055
2056 sfp = kzalloc(sizeof(*sfp), GFP_ATOMIC | __GFP_NOWARN);
2057 if (!sfp)
2058 return NULL;
2059
2060 init_waitqueue_head(&sfp->read_wait);
2061 rwlock_init(&sfp->rq_list_lock);
2062
2063 sfp->timeout = SG_DEFAULT_TIMEOUT;
2064 sfp->timeout_user = SG_DEFAULT_TIMEOUT_USER;
2065 sfp->force_packid = SG_DEF_FORCE_PACK_ID;
2066 sfp->low_dma = (SG_DEF_FORCE_LOW_DMA == 0) ?
2067 sdp->device->host->unchecked_isa_dma : 1;
2068 sfp->cmd_q = SG_DEF_COMMAND_Q;
2069 sfp->keep_orphan = SG_DEF_KEEP_ORPHAN;
2070 sfp->parentdp = sdp;
2071 write_lock_irqsave(&sg_index_lock, iflags);
2072 if (!sdp->headfp)
2073 sdp->headfp = sfp;
2074 else {
2075 Sg_fd *pfp = sdp->headfp;
2076 while (pfp->nextfp)
2077 pfp = pfp->nextfp;
2078 pfp->nextfp = sfp;
2079 }
2080 write_unlock_irqrestore(&sg_index_lock, iflags);
2081 SCSI_LOG_TIMEOUT(3, printk("sg_add_sfp: sfp=0x%p\n", sfp));
2082 if (unlikely(sg_big_buff != def_reserved_size))
2083 sg_big_buff = def_reserved_size;
2084
2085 bufflen = min_t(int, sg_big_buff,
2086 sdp->device->request_queue->max_sectors * 512);
2087 sg_build_reserve(sfp, bufflen);
2088 SCSI_LOG_TIMEOUT(3, printk("sg_add_sfp: bufflen=%d, k_use_sg=%d\n",
2089 sfp->reserve.bufflen, sfp->reserve.k_use_sg));
2090 return sfp;
2091}
2092
2093static void
2094__sg_remove_sfp(Sg_device * sdp, Sg_fd * sfp)
2095{
2096 Sg_fd *fp;
2097 Sg_fd *prev_fp;
2098
2099 prev_fp = sdp->headfp;
2100 if (sfp == prev_fp)
2101 sdp->headfp = prev_fp->nextfp;
2102 else {
2103 while ((fp = prev_fp->nextfp)) {
2104 if (sfp == fp) {
2105 prev_fp->nextfp = fp->nextfp;
2106 break;
2107 }
2108 prev_fp = fp;
2109 }
2110 }
2111 if (sfp->reserve.bufflen > 0) {
2112 SCSI_LOG_TIMEOUT(6,
2113 printk("__sg_remove_sfp: bufflen=%d, k_use_sg=%d\n",
2114 (int) sfp->reserve.bufflen, (int) sfp->reserve.k_use_sg));
2115 sg_remove_scat(&sfp->reserve);
2116 }
2117 sfp->parentdp = NULL;
2118 SCSI_LOG_TIMEOUT(6, printk("__sg_remove_sfp: sfp=0x%p\n", sfp));
2119 kfree(sfp);
2120}
2121
2122
2123static int
2124sg_remove_sfp(Sg_device * sdp, Sg_fd * sfp)
2125{
2126 Sg_request *srp;
2127 Sg_request *tsrp;
2128 int dirty = 0;
2129 int res = 0;
2130
2131 for (srp = sfp->headrp; srp; srp = tsrp) {
2132 tsrp = srp->nextrp;
2133 if (sg_srp_done(srp, sfp))
2134 sg_finish_rem_req(srp);
2135 else
2136 ++dirty;
2137 }
2138 if (0 == dirty) {
2139 unsigned long iflags;
2140
2141 write_lock_irqsave(&sg_index_lock, iflags);
2142 __sg_remove_sfp(sdp, sfp);
2143 if (sdp->detached && (NULL == sdp->headfp)) {
2144 idr_remove(&sg_index_idr, sdp->index);
2145 kfree(sdp);
2146 res = 1;
2147 }
2148 write_unlock_irqrestore(&sg_index_lock, iflags);
2149 } else {
2150
2151
2152
2153 scsi_device_get(sdp->device);
2154 sfp->closed = 1;
2155 SCSI_LOG_TIMEOUT(1, printk("sg_remove_sfp: worrisome, %d writes pending\n",
2156 dirty));
2157 }
2158 return res;
2159}
2160
2161static int
2162sg_res_in_use(Sg_fd * sfp)
2163{
2164 const Sg_request *srp;
2165 unsigned long iflags;
2166
2167 read_lock_irqsave(&sfp->rq_list_lock, iflags);
2168 for (srp = sfp->headrp; srp; srp = srp->nextrp)
2169 if (srp->res_used)
2170 break;
2171 read_unlock_irqrestore(&sfp->rq_list_lock, iflags);
2172 return srp ? 1 : 0;
2173}
2174
2175#ifdef CONFIG_SCSI_PROC_FS
2176static int
2177sg_idr_max_id(int id, void *p, void *data)
2178{
2179 int *k = data;
2180
2181 if (*k < id)
2182 *k = id;
2183
2184 return 0;
2185}
2186
2187static int
2188sg_last_dev(void)
2189{
2190 int k = -1;
2191 unsigned long iflags;
2192
2193 read_lock_irqsave(&sg_index_lock, iflags);
2194 idr_for_each(&sg_index_idr, sg_idr_max_id, &k);
2195 read_unlock_irqrestore(&sg_index_lock, iflags);
2196 return k + 1;
2197}
2198#endif
2199
2200static Sg_device *
2201sg_get_dev(int dev)
2202{
2203 Sg_device *sdp;
2204 unsigned long iflags;
2205
2206 read_lock_irqsave(&sg_index_lock, iflags);
2207 sdp = idr_find(&sg_index_idr, dev);
2208 read_unlock_irqrestore(&sg_index_lock, iflags);
2209
2210 return sdp;
2211}
2212
2213#ifdef CONFIG_SCSI_PROC_FS
2214
2215static struct proc_dir_entry *sg_proc_sgp = NULL;
2216
2217static char sg_proc_sg_dirname[] = "scsi/sg";
2218
2219static int sg_proc_seq_show_int(struct seq_file *s, void *v);
2220
2221static int sg_proc_single_open_adio(struct inode *inode, struct file *file);
2222static ssize_t sg_proc_write_adio(struct file *filp, const char __user *buffer,
2223 size_t count, loff_t *off);
2224static struct file_operations adio_fops = {
2225
2226 .open = sg_proc_single_open_adio,
2227 .write = sg_proc_write_adio,
2228 .release = single_release,
2229};
2230
2231static int sg_proc_single_open_dressz(struct inode *inode, struct file *file);
2232static ssize_t sg_proc_write_dressz(struct file *filp,
2233 const char __user *buffer, size_t count, loff_t *off);
2234static struct file_operations dressz_fops = {
2235 .open = sg_proc_single_open_dressz,
2236 .write = sg_proc_write_dressz,
2237 .release = single_release,
2238};
2239
2240static int sg_proc_seq_show_version(struct seq_file *s, void *v);
2241static int sg_proc_single_open_version(struct inode *inode, struct file *file);
2242static struct file_operations version_fops = {
2243 .open = sg_proc_single_open_version,
2244 .release = single_release,
2245};
2246
2247static int sg_proc_seq_show_devhdr(struct seq_file *s, void *v);
2248static int sg_proc_single_open_devhdr(struct inode *inode, struct file *file);
2249static struct file_operations devhdr_fops = {
2250 .open = sg_proc_single_open_devhdr,
2251 .release = single_release,
2252};
2253
2254static int sg_proc_seq_show_dev(struct seq_file *s, void *v);
2255static int sg_proc_open_dev(struct inode *inode, struct file *file);
2256static void * dev_seq_start(struct seq_file *s, loff_t *pos);
2257static void * dev_seq_next(struct seq_file *s, void *v, loff_t *pos);
2258static void dev_seq_stop(struct seq_file *s, void *v);
2259static struct file_operations dev_fops = {
2260 .open = sg_proc_open_dev,
2261 .release = seq_release,
2262};
2263static struct seq_operations dev_seq_ops = {
2264 .start = dev_seq_start,
2265 .next = dev_seq_next,
2266 .stop = dev_seq_stop,
2267 .show = sg_proc_seq_show_dev,
2268};
2269
2270static int sg_proc_seq_show_devstrs(struct seq_file *s, void *v);
2271static int sg_proc_open_devstrs(struct inode *inode, struct file *file);
2272static struct file_operations devstrs_fops = {
2273 .open = sg_proc_open_devstrs,
2274 .release = seq_release,
2275};
2276static struct seq_operations devstrs_seq_ops = {
2277 .start = dev_seq_start,
2278 .next = dev_seq_next,
2279 .stop = dev_seq_stop,
2280 .show = sg_proc_seq_show_devstrs,
2281};
2282
2283static int sg_proc_seq_show_debug(struct seq_file *s, void *v);
2284static int sg_proc_open_debug(struct inode *inode, struct file *file);
2285static struct file_operations debug_fops = {
2286 .open = sg_proc_open_debug,
2287 .release = seq_release,
2288};
2289static struct seq_operations debug_seq_ops = {
2290 .start = dev_seq_start,
2291 .next = dev_seq_next,
2292 .stop = dev_seq_stop,
2293 .show = sg_proc_seq_show_debug,
2294};
2295
2296
2297struct sg_proc_leaf {
2298 const char * name;
2299 struct file_operations * fops;
2300};
2301
2302static struct sg_proc_leaf sg_proc_leaf_arr[] = {
2303 {"allow_dio", &adio_fops},
2304 {"debug", &debug_fops},
2305 {"def_reserved_size", &dressz_fops},
2306 {"device_hdr", &devhdr_fops},
2307 {"devices", &dev_fops},
2308 {"device_strs", &devstrs_fops},
2309 {"version", &version_fops}
2310};
2311
2312static int
2313sg_proc_init(void)
2314{
2315 int k, mask;
2316 int num_leaves = ARRAY_SIZE(sg_proc_leaf_arr);
2317 struct sg_proc_leaf * leaf;
2318
2319 sg_proc_sgp = proc_mkdir(sg_proc_sg_dirname, NULL);
2320 if (!sg_proc_sgp)
2321 return 1;
2322 for (k = 0; k < num_leaves; ++k) {
2323 leaf = &sg_proc_leaf_arr[k];
2324 mask = leaf->fops->write ? S_IRUGO | S_IWUSR : S_IRUGO;
2325 leaf->fops->owner = THIS_MODULE;
2326 leaf->fops->read = seq_read;
2327 leaf->fops->llseek = seq_lseek;
2328 proc_create(leaf->name, mask, sg_proc_sgp, leaf->fops);
2329 }
2330 return 0;
2331}
2332
2333static void
2334sg_proc_cleanup(void)
2335{
2336 int k;
2337 int num_leaves = ARRAY_SIZE(sg_proc_leaf_arr);
2338
2339 if (!sg_proc_sgp)
2340 return;
2341 for (k = 0; k < num_leaves; ++k)
2342 remove_proc_entry(sg_proc_leaf_arr[k].name, sg_proc_sgp);
2343 remove_proc_entry(sg_proc_sg_dirname, NULL);
2344}
2345
2346
2347static int sg_proc_seq_show_int(struct seq_file *s, void *v)
2348{
2349 seq_printf(s, "%d\n", *((int *)s->private));
2350 return 0;
2351}
2352
2353static int sg_proc_single_open_adio(struct inode *inode, struct file *file)
2354{
2355 return single_open(file, sg_proc_seq_show_int, &sg_allow_dio);
2356}
2357
2358static ssize_t
2359sg_proc_write_adio(struct file *filp, const char __user *buffer,
2360 size_t count, loff_t *off)
2361{
2362 int num;
2363 char buff[11];
2364
2365 if (!capable(CAP_SYS_ADMIN) || !capable(CAP_SYS_RAWIO))
2366 return -EACCES;
2367 num = (count < 10) ? count : 10;
2368 if (copy_from_user(buff, buffer, num))
2369 return -EFAULT;
2370 buff[num] = '\0';
2371 sg_allow_dio = simple_strtoul(buff, NULL, 10) ? 1 : 0;
2372 return count;
2373}
2374
2375static int sg_proc_single_open_dressz(struct inode *inode, struct file *file)
2376{
2377 return single_open(file, sg_proc_seq_show_int, &sg_big_buff);
2378}
2379
2380static ssize_t
2381sg_proc_write_dressz(struct file *filp, const char __user *buffer,
2382 size_t count, loff_t *off)
2383{
2384 int num;
2385 unsigned long k = ULONG_MAX;
2386 char buff[11];
2387
2388 if (!capable(CAP_SYS_ADMIN) || !capable(CAP_SYS_RAWIO))
2389 return -EACCES;
2390 num = (count < 10) ? count : 10;
2391 if (copy_from_user(buff, buffer, num))
2392 return -EFAULT;
2393 buff[num] = '\0';
2394 k = simple_strtoul(buff, NULL, 10);
2395 if (k <= 1048576) {
2396 sg_big_buff = k;
2397 return count;
2398 }
2399 return -ERANGE;
2400}
2401
2402static int sg_proc_seq_show_version(struct seq_file *s, void *v)
2403{
2404 seq_printf(s, "%d\t%s [%s]\n", sg_version_num, SG_VERSION_STR,
2405 sg_version_date);
2406 return 0;
2407}
2408
2409static int sg_proc_single_open_version(struct inode *inode, struct file *file)
2410{
2411 return single_open(file, sg_proc_seq_show_version, NULL);
2412}
2413
2414static int sg_proc_seq_show_devhdr(struct seq_file *s, void *v)
2415{
2416 seq_printf(s, "host\tchan\tid\tlun\ttype\topens\tqdepth\tbusy\t"
2417 "online\n");
2418 return 0;
2419}
2420
2421static int sg_proc_single_open_devhdr(struct inode *inode, struct file *file)
2422{
2423 return single_open(file, sg_proc_seq_show_devhdr, NULL);
2424}
2425
2426struct sg_proc_deviter {
2427 loff_t index;
2428 size_t max;
2429};
2430
2431static void * dev_seq_start(struct seq_file *s, loff_t *pos)
2432{
2433 struct sg_proc_deviter * it = kmalloc(sizeof(*it), GFP_KERNEL);
2434
2435 s->private = it;
2436 if (! it)
2437 return NULL;
2438
2439 it->index = *pos;
2440 it->max = sg_last_dev();
2441 if (it->index >= it->max)
2442 return NULL;
2443 return it;
2444}
2445
2446static void * dev_seq_next(struct seq_file *s, void *v, loff_t *pos)
2447{
2448 struct sg_proc_deviter * it = s->private;
2449
2450 *pos = ++it->index;
2451 return (it->index < it->max) ? it : NULL;
2452}
2453
2454static void dev_seq_stop(struct seq_file *s, void *v)
2455{
2456 kfree(s->private);
2457}
2458
2459static int sg_proc_open_dev(struct inode *inode, struct file *file)
2460{
2461 return seq_open(file, &dev_seq_ops);
2462}
2463
2464static int sg_proc_seq_show_dev(struct seq_file *s, void *v)
2465{
2466 struct sg_proc_deviter * it = (struct sg_proc_deviter *) v;
2467 Sg_device *sdp;
2468 struct scsi_device *scsidp;
2469
2470 sdp = it ? sg_get_dev(it->index) : NULL;
2471 if (sdp && (scsidp = sdp->device) && (!sdp->detached))
2472 seq_printf(s, "%d\t%d\t%d\t%d\t%d\t%d\t%d\t%d\t%d\n",
2473 scsidp->host->host_no, scsidp->channel,
2474 scsidp->id, scsidp->lun, (int) scsidp->type,
2475 1,
2476 (int) scsidp->queue_depth,
2477 (int) scsidp->device_busy,
2478 (int) scsi_device_online(scsidp));
2479 else
2480 seq_printf(s, "-1\t-1\t-1\t-1\t-1\t-1\t-1\t-1\t-1\n");
2481 return 0;
2482}
2483
2484static int sg_proc_open_devstrs(struct inode *inode, struct file *file)
2485{
2486 return seq_open(file, &devstrs_seq_ops);
2487}
2488
2489static int sg_proc_seq_show_devstrs(struct seq_file *s, void *v)
2490{
2491 struct sg_proc_deviter * it = (struct sg_proc_deviter *) v;
2492 Sg_device *sdp;
2493 struct scsi_device *scsidp;
2494
2495 sdp = it ? sg_get_dev(it->index) : NULL;
2496 if (sdp && (scsidp = sdp->device) && (!sdp->detached))
2497 seq_printf(s, "%8.8s\t%16.16s\t%4.4s\n",
2498 scsidp->vendor, scsidp->model, scsidp->rev);
2499 else
2500 seq_printf(s, "<no active device>\n");
2501 return 0;
2502}
2503
2504static void sg_proc_debug_helper(struct seq_file *s, Sg_device * sdp)
2505{
2506 int k, m, new_interface, blen, usg;
2507 Sg_request *srp;
2508 Sg_fd *fp;
2509 const sg_io_hdr_t *hp;
2510 const char * cp;
2511 unsigned int ms;
2512
2513 for (k = 0; (fp = sg_get_nth_sfp(sdp, k)); ++k) {
2514 seq_printf(s, " FD(%d): timeout=%dms bufflen=%d "
2515 "(res)sgat=%d low_dma=%d\n", k + 1,
2516 jiffies_to_msecs(fp->timeout),
2517 fp->reserve.bufflen,
2518 (int) fp->reserve.k_use_sg,
2519 (int) fp->low_dma);
2520 seq_printf(s, " cmd_q=%d f_packid=%d k_orphan=%d closed=%d\n",
2521 (int) fp->cmd_q, (int) fp->force_packid,
2522 (int) fp->keep_orphan, (int) fp->closed);
2523 for (m = 0; (srp = sg_get_nth_request(fp, m)); ++m) {
2524 hp = &srp->header;
2525 new_interface = (hp->interface_id == '\0') ? 0 : 1;
2526 if (srp->res_used) {
2527 if (new_interface &&
2528 (SG_FLAG_MMAP_IO & hp->flags))
2529 cp = " mmap>> ";
2530 else
2531 cp = " rb>> ";
2532 } else {
2533 if (SG_INFO_DIRECT_IO_MASK & hp->info)
2534 cp = " dio>> ";
2535 else
2536 cp = " ";
2537 }
2538 seq_printf(s, cp);
2539 blen = srp->data.bufflen;
2540 usg = srp->data.k_use_sg;
2541 seq_printf(s, srp->done ?
2542 ((1 == srp->done) ? "rcv:" : "fin:")
2543 : "act:");
2544 seq_printf(s, " id=%d blen=%d",
2545 srp->header.pack_id, blen);
2546 if (srp->done)
2547 seq_printf(s, " dur=%d", hp->duration);
2548 else {
2549 ms = jiffies_to_msecs(jiffies);
2550 seq_printf(s, " t_o/elap=%d/%d",
2551 (new_interface ? hp->timeout :
2552 jiffies_to_msecs(fp->timeout)),
2553 (ms > hp->duration ? ms - hp->duration : 0));
2554 }
2555 seq_printf(s, "ms sgat=%d op=0x%02x\n", usg,
2556 (int) srp->data.cmd_opcode);
2557 }
2558 if (0 == m)
2559 seq_printf(s, " No requests active\n");
2560 }
2561}
2562
2563static int sg_proc_open_debug(struct inode *inode, struct file *file)
2564{
2565 return seq_open(file, &debug_seq_ops);
2566}
2567
2568static int sg_proc_seq_show_debug(struct seq_file *s, void *v)
2569{
2570 struct sg_proc_deviter * it = (struct sg_proc_deviter *) v;
2571 Sg_device *sdp;
2572
2573 if (it && (0 == it->index)) {
2574 seq_printf(s, "max_active_device=%d(origin 1)\n",
2575 (int)it->max);
2576 seq_printf(s, " def_reserved_size=%d\n", sg_big_buff);
2577 }
2578 sdp = it ? sg_get_dev(it->index) : NULL;
2579 if (sdp) {
2580 struct scsi_device *scsidp = sdp->device;
2581
2582 if (NULL == scsidp) {
2583 seq_printf(s, "device %d detached ??\n",
2584 (int)it->index);
2585 return 0;
2586 }
2587
2588 if (sg_get_nth_sfp(sdp, 0)) {
2589 seq_printf(s, " >>> device=%s ",
2590 sdp->disk->disk_name);
2591 if (sdp->detached)
2592 seq_printf(s, "detached pending close ");
2593 else
2594 seq_printf
2595 (s, "scsi%d chan=%d id=%d lun=%d em=%d",
2596 scsidp->host->host_no,
2597 scsidp->channel, scsidp->id,
2598 scsidp->lun,
2599 scsidp->host->hostt->emulated);
2600 seq_printf(s, " sg_tablesize=%d excl=%d\n",
2601 sdp->sg_tablesize, sdp->exclude);
2602 }
2603 sg_proc_debug_helper(s, sdp);
2604 }
2605 return 0;
2606}
2607
2608#endif
2609
2610module_init(init_sg);
2611module_exit(exit_sg);