1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21static int sg_version_num = 30534;
22#define SG_VERSION_STR "3.5.34"
23
24
25
26
27
28
29
30
31#include <linux/module.h>
32
33#include <linux/fs.h>
34#include <linux/kernel.h>
35#include <linux/sched.h>
36#include <linux/string.h>
37#include <linux/mm.h>
38#include <linux/errno.h>
39#include <linux/mtio.h>
40#include <linux/ioctl.h>
41#include <linux/fcntl.h>
42#include <linux/init.h>
43#include <linux/poll.h>
44#include <linux/moduleparam.h>
45#include <linux/cdev.h>
46#include <linux/idr.h>
47#include <linux/seq_file.h>
48#include <linux/blkdev.h>
49#include <linux/delay.h>
50#include <linux/blktrace_api.h>
51#include <linux/smp_lock.h>
52
53#include "scsi.h"
54#include <scsi/scsi_dbg.h>
55#include <scsi/scsi_host.h>
56#include <scsi/scsi_driver.h>
57#include <scsi/scsi_ioctl.h>
58#include <scsi/sg.h>
59
60#include "scsi_logging.h"
61
62#ifdef CONFIG_SCSI_PROC_FS
63#include <linux/proc_fs.h>
64static char *sg_version_date = "20061027";
65
66static int sg_proc_init(void);
67static void sg_proc_cleanup(void);
68#endif
69
70#define SG_ALLOW_DIO_DEF 0
71
72#define SG_MAX_DEVS 32768
73
74
75
76
77
78
79
80
81
82
83#define MULDIV(X,MUL,DIV) ((((X % DIV) * MUL) / DIV) + ((X / DIV) * MUL))
84
85#define SG_DEFAULT_TIMEOUT MULDIV(SG_DEFAULT_TIMEOUT_USER, HZ, USER_HZ)
86
87int sg_big_buff = SG_DEF_RESERVED_SIZE;
88
89
90
91
92
93
94static int def_reserved_size = -1;
95static int sg_allow_dio = SG_ALLOW_DIO_DEF;
96
97static int scatter_elem_sz = SG_SCATTER_SZ;
98static int scatter_elem_sz_prev = SG_SCATTER_SZ;
99
100#define SG_SECTOR_SZ 512
101
102static int sg_add(struct device *, struct class_interface *);
103static void sg_remove(struct device *, struct class_interface *);
104
105static DEFINE_IDR(sg_index_idr);
106static DEFINE_RWLOCK(sg_index_lock);
107
108
109static struct class_interface sg_interface = {
110 .add_dev = sg_add,
111 .remove_dev = sg_remove,
112};
113
114typedef struct sg_scatter_hold {
115 unsigned short k_use_sg;
116 unsigned sglist_len;
117 unsigned bufflen;
118 struct page **pages;
119 int page_order;
120 char dio_in_use;
121 unsigned char cmd_opcode;
122} Sg_scatter_hold;
123
124struct sg_device;
125struct sg_fd;
126
127typedef struct sg_request {
128 struct sg_request *nextrp;
129 struct sg_fd *parentfp;
130 Sg_scatter_hold data;
131 sg_io_hdr_t header;
132 unsigned char sense_b[SCSI_SENSE_BUFFERSIZE];
133 char res_used;
134 char orphan;
135 char sg_io_owned;
136 volatile char done;
137 struct request *rq;
138 struct bio *bio;
139 struct execute_work ew;
140} Sg_request;
141
142typedef struct sg_fd {
143 struct list_head sfd_siblings;
144 struct sg_device *parentdp;
145 wait_queue_head_t read_wait;
146 rwlock_t rq_list_lock;
147 int timeout;
148 int timeout_user;
149 Sg_scatter_hold reserve;
150 unsigned save_scat_len;
151 Sg_request *headrp;
152 struct fasync_struct *async_qp;
153 Sg_request req_arr[SG_MAX_QUEUE];
154 char low_dma;
155 char force_packid;
156 volatile char closed;
157 char cmd_q;
158 char next_cmd_len;
159 char keep_orphan;
160 char mmap_called;
161 struct kref f_ref;
162 struct execute_work ew;
163} Sg_fd;
164
165typedef struct sg_device {
166 struct scsi_device *device;
167 wait_queue_head_t o_excl_wait;
168 int sg_tablesize;
169 u32 index;
170 struct list_head sfds;
171 volatile char detached;
172 volatile char exclude;
173 char sgdebug;
174 struct gendisk *disk;
175 struct cdev * cdev;
176 struct kref d_ref;
177} Sg_device;
178
179
180static void sg_rq_end_io(struct request *rq, int uptodate);
181static int sg_start_req(Sg_request *srp, unsigned char *cmd);
182static int sg_finish_rem_req(Sg_request * srp);
183static int sg_build_indirect(Sg_scatter_hold * schp, Sg_fd * sfp, int buff_size);
184static ssize_t sg_new_read(Sg_fd * sfp, char __user *buf, size_t count,
185 Sg_request * srp);
186static ssize_t sg_new_write(Sg_fd *sfp, struct file *file,
187 const char __user *buf, size_t count, int blocking,
188 int read_only, int sg_io_owned, Sg_request **o_srp);
189static int sg_common_write(Sg_fd * sfp, Sg_request * srp,
190 unsigned char *cmnd, int timeout, int blocking);
191static int sg_read_oxfer(Sg_request * srp, char __user *outp, int num_read_xfer);
192static void sg_remove_scat(Sg_scatter_hold * schp);
193static void sg_build_reserve(Sg_fd * sfp, int req_size);
194static void sg_link_reserve(Sg_fd * sfp, Sg_request * srp, int size);
195static void sg_unlink_reserve(Sg_fd * sfp, Sg_request * srp);
196static Sg_fd *sg_add_sfp(Sg_device * sdp, int dev);
197static void sg_remove_sfp(struct kref *);
198static Sg_request *sg_get_rq_mark(Sg_fd * sfp, int pack_id);
199static Sg_request *sg_add_request(Sg_fd * sfp);
200static int sg_remove_request(Sg_fd * sfp, Sg_request * srp);
201static int sg_res_in_use(Sg_fd * sfp);
202static Sg_device *sg_get_dev(int dev);
203static void sg_put_dev(Sg_device *sdp);
204
205#define SZ_SG_HEADER sizeof(struct sg_header)
206#define SZ_SG_IO_HDR sizeof(sg_io_hdr_t)
207#define SZ_SG_IOVEC sizeof(sg_iovec_t)
208#define SZ_SG_REQ_INFO sizeof(sg_req_info_t)
209
210static int sg_allow_access(struct file *filp, unsigned char *cmd)
211{
212 struct sg_fd *sfp = (struct sg_fd *)filp->private_data;
213
214 if (sfp->parentdp->device->type == TYPE_SCANNER)
215 return 0;
216
217 return blk_verify_command(cmd, filp->f_mode & FMODE_WRITE);
218}
219
220static int
221sg_open(struct inode *inode, struct file *filp)
222{
223 int dev = iminor(inode);
224 int flags = filp->f_flags;
225 struct request_queue *q;
226 Sg_device *sdp;
227 Sg_fd *sfp;
228 int res;
229 int retval;
230
231 lock_kernel();
232 nonseekable_open(inode, filp);
233 SCSI_LOG_TIMEOUT(3, printk("sg_open: dev=%d, flags=0x%x\n", dev, flags));
234 sdp = sg_get_dev(dev);
235 if (IS_ERR(sdp)) {
236 retval = PTR_ERR(sdp);
237 sdp = NULL;
238 goto sg_put;
239 }
240
241
242
243 retval = scsi_device_get(sdp->device);
244 if (retval)
245 goto sg_put;
246
247 if (!((flags & O_NONBLOCK) ||
248 scsi_block_when_processing_errors(sdp->device))) {
249 retval = -ENXIO;
250
251 goto error_out;
252 }
253
254 if (flags & O_EXCL) {
255 if (O_RDONLY == (flags & O_ACCMODE)) {
256 retval = -EPERM;
257 goto error_out;
258 }
259 if (!list_empty(&sdp->sfds) && (flags & O_NONBLOCK)) {
260 retval = -EBUSY;
261 goto error_out;
262 }
263 res = 0;
264 __wait_event_interruptible(sdp->o_excl_wait,
265 ((!list_empty(&sdp->sfds) || sdp->exclude) ? 0 : (sdp->exclude = 1)), res);
266 if (res) {
267 retval = res;
268 goto error_out;
269 }
270 } else if (sdp->exclude) {
271 if (flags & O_NONBLOCK) {
272 retval = -EBUSY;
273 goto error_out;
274 }
275 res = 0;
276 __wait_event_interruptible(sdp->o_excl_wait, (!sdp->exclude),
277 res);
278 if (res) {
279 retval = res;
280 goto error_out;
281 }
282 }
283 if (sdp->detached) {
284 retval = -ENODEV;
285 goto error_out;
286 }
287 if (list_empty(&sdp->sfds)) {
288 sdp->sgdebug = 0;
289 q = sdp->device->request_queue;
290 sdp->sg_tablesize = min(queue_max_hw_segments(q),
291 queue_max_phys_segments(q));
292 }
293 if ((sfp = sg_add_sfp(sdp, dev)))
294 filp->private_data = sfp;
295 else {
296 if (flags & O_EXCL) {
297 sdp->exclude = 0;
298 wake_up_interruptible(&sdp->o_excl_wait);
299 }
300 retval = -ENOMEM;
301 goto error_out;
302 }
303 retval = 0;
304error_out:
305 if (retval)
306 scsi_device_put(sdp->device);
307sg_put:
308 if (sdp)
309 sg_put_dev(sdp);
310 unlock_kernel();
311 return retval;
312}
313
314
315static int
316sg_release(struct inode *inode, struct file *filp)
317{
318 Sg_device *sdp;
319 Sg_fd *sfp;
320
321 if ((!(sfp = (Sg_fd *) filp->private_data)) || (!(sdp = sfp->parentdp)))
322 return -ENXIO;
323 SCSI_LOG_TIMEOUT(3, printk("sg_release: %s\n", sdp->disk->disk_name));
324
325 sfp->closed = 1;
326
327 sdp->exclude = 0;
328 wake_up_interruptible(&sdp->o_excl_wait);
329
330 kref_put(&sfp->f_ref, sg_remove_sfp);
331 return 0;
332}
333
334static ssize_t
335sg_read(struct file *filp, char __user *buf, size_t count, loff_t * ppos)
336{
337 Sg_device *sdp;
338 Sg_fd *sfp;
339 Sg_request *srp;
340 int req_pack_id = -1;
341 sg_io_hdr_t *hp;
342 struct sg_header *old_hdr = NULL;
343 int retval = 0;
344
345 if ((!(sfp = (Sg_fd *) filp->private_data)) || (!(sdp = sfp->parentdp)))
346 return -ENXIO;
347 SCSI_LOG_TIMEOUT(3, printk("sg_read: %s, count=%d\n",
348 sdp->disk->disk_name, (int) count));
349
350 if (!access_ok(VERIFY_WRITE, buf, count))
351 return -EFAULT;
352 if (sfp->force_packid && (count >= SZ_SG_HEADER)) {
353 old_hdr = kmalloc(SZ_SG_HEADER, GFP_KERNEL);
354 if (!old_hdr)
355 return -ENOMEM;
356 if (__copy_from_user(old_hdr, buf, SZ_SG_HEADER)) {
357 retval = -EFAULT;
358 goto free_old_hdr;
359 }
360 if (old_hdr->reply_len < 0) {
361 if (count >= SZ_SG_IO_HDR) {
362 sg_io_hdr_t *new_hdr;
363 new_hdr = kmalloc(SZ_SG_IO_HDR, GFP_KERNEL);
364 if (!new_hdr) {
365 retval = -ENOMEM;
366 goto free_old_hdr;
367 }
368 retval =__copy_from_user
369 (new_hdr, buf, SZ_SG_IO_HDR);
370 req_pack_id = new_hdr->pack_id;
371 kfree(new_hdr);
372 if (retval) {
373 retval = -EFAULT;
374 goto free_old_hdr;
375 }
376 }
377 } else
378 req_pack_id = old_hdr->pack_id;
379 }
380 srp = sg_get_rq_mark(sfp, req_pack_id);
381 if (!srp) {
382 if (sdp->detached) {
383 retval = -ENODEV;
384 goto free_old_hdr;
385 }
386 if (filp->f_flags & O_NONBLOCK) {
387 retval = -EAGAIN;
388 goto free_old_hdr;
389 }
390 while (1) {
391 retval = 0;
392 __wait_event_interruptible(sfp->read_wait,
393 (sdp->detached ||
394 (srp = sg_get_rq_mark(sfp, req_pack_id))),
395 retval);
396 if (sdp->detached) {
397 retval = -ENODEV;
398 goto free_old_hdr;
399 }
400 if (0 == retval)
401 break;
402
403
404 goto free_old_hdr;
405 }
406 }
407 if (srp->header.interface_id != '\0') {
408 retval = sg_new_read(sfp, buf, count, srp);
409 goto free_old_hdr;
410 }
411
412 hp = &srp->header;
413 if (old_hdr == NULL) {
414 old_hdr = kmalloc(SZ_SG_HEADER, GFP_KERNEL);
415 if (! old_hdr) {
416 retval = -ENOMEM;
417 goto free_old_hdr;
418 }
419 }
420 memset(old_hdr, 0, SZ_SG_HEADER);
421 old_hdr->reply_len = (int) hp->timeout;
422 old_hdr->pack_len = old_hdr->reply_len;
423 old_hdr->pack_id = hp->pack_id;
424 old_hdr->twelve_byte =
425 ((srp->data.cmd_opcode >= 0xc0) && (12 == hp->cmd_len)) ? 1 : 0;
426 old_hdr->target_status = hp->masked_status;
427 old_hdr->host_status = hp->host_status;
428 old_hdr->driver_status = hp->driver_status;
429 if ((CHECK_CONDITION & hp->masked_status) ||
430 (DRIVER_SENSE & hp->driver_status))
431 memcpy(old_hdr->sense_buffer, srp->sense_b,
432 sizeof (old_hdr->sense_buffer));
433 switch (hp->host_status) {
434
435
436 case DID_OK:
437 case DID_PASSTHROUGH:
438 case DID_SOFT_ERROR:
439 old_hdr->result = 0;
440 break;
441 case DID_NO_CONNECT:
442 case DID_BUS_BUSY:
443 case DID_TIME_OUT:
444 old_hdr->result = EBUSY;
445 break;
446 case DID_BAD_TARGET:
447 case DID_ABORT:
448 case DID_PARITY:
449 case DID_RESET:
450 case DID_BAD_INTR:
451 old_hdr->result = EIO;
452 break;
453 case DID_ERROR:
454 old_hdr->result = (srp->sense_b[0] == 0 &&
455 hp->masked_status == GOOD) ? 0 : EIO;
456 break;
457 default:
458 old_hdr->result = EIO;
459 break;
460 }
461
462
463 if (count >= SZ_SG_HEADER) {
464 if (__copy_to_user(buf, old_hdr, SZ_SG_HEADER)) {
465 retval = -EFAULT;
466 goto free_old_hdr;
467 }
468 buf += SZ_SG_HEADER;
469 if (count > old_hdr->reply_len)
470 count = old_hdr->reply_len;
471 if (count > SZ_SG_HEADER) {
472 if (sg_read_oxfer(srp, buf, count - SZ_SG_HEADER)) {
473 retval = -EFAULT;
474 goto free_old_hdr;
475 }
476 }
477 } else
478 count = (old_hdr->result == 0) ? 0 : -EIO;
479 sg_finish_rem_req(srp);
480 retval = count;
481free_old_hdr:
482 kfree(old_hdr);
483 return retval;
484}
485
486static ssize_t
487sg_new_read(Sg_fd * sfp, char __user *buf, size_t count, Sg_request * srp)
488{
489 sg_io_hdr_t *hp = &srp->header;
490 int err = 0;
491 int len;
492
493 if (count < SZ_SG_IO_HDR) {
494 err = -EINVAL;
495 goto err_out;
496 }
497 hp->sb_len_wr = 0;
498 if ((hp->mx_sb_len > 0) && hp->sbp) {
499 if ((CHECK_CONDITION & hp->masked_status) ||
500 (DRIVER_SENSE & hp->driver_status)) {
501 int sb_len = SCSI_SENSE_BUFFERSIZE;
502 sb_len = (hp->mx_sb_len > sb_len) ? sb_len : hp->mx_sb_len;
503 len = 8 + (int) srp->sense_b[7];
504 len = (len > sb_len) ? sb_len : len;
505 if (copy_to_user(hp->sbp, srp->sense_b, len)) {
506 err = -EFAULT;
507 goto err_out;
508 }
509 hp->sb_len_wr = len;
510 }
511 }
512 if (hp->masked_status || hp->host_status || hp->driver_status)
513 hp->info |= SG_INFO_CHECK;
514 if (copy_to_user(buf, hp, SZ_SG_IO_HDR)) {
515 err = -EFAULT;
516 goto err_out;
517 }
518err_out:
519 err = sg_finish_rem_req(srp);
520 return (0 == err) ? count : err;
521}
522
523static ssize_t
524sg_write(struct file *filp, const char __user *buf, size_t count, loff_t * ppos)
525{
526 int mxsize, cmd_size, k;
527 int input_size, blocking;
528 unsigned char opcode;
529 Sg_device *sdp;
530 Sg_fd *sfp;
531 Sg_request *srp;
532 struct sg_header old_hdr;
533 sg_io_hdr_t *hp;
534 unsigned char cmnd[MAX_COMMAND_SIZE];
535
536 if ((!(sfp = (Sg_fd *) filp->private_data)) || (!(sdp = sfp->parentdp)))
537 return -ENXIO;
538 SCSI_LOG_TIMEOUT(3, printk("sg_write: %s, count=%d\n",
539 sdp->disk->disk_name, (int) count));
540 if (sdp->detached)
541 return -ENODEV;
542 if (!((filp->f_flags & O_NONBLOCK) ||
543 scsi_block_when_processing_errors(sdp->device)))
544 return -ENXIO;
545
546 if (!access_ok(VERIFY_READ, buf, count))
547 return -EFAULT;
548 if (count < SZ_SG_HEADER)
549 return -EIO;
550 if (__copy_from_user(&old_hdr, buf, SZ_SG_HEADER))
551 return -EFAULT;
552 blocking = !(filp->f_flags & O_NONBLOCK);
553 if (old_hdr.reply_len < 0)
554 return sg_new_write(sfp, filp, buf, count,
555 blocking, 0, 0, NULL);
556 if (count < (SZ_SG_HEADER + 6))
557 return -EIO;
558
559 if (!(srp = sg_add_request(sfp))) {
560 SCSI_LOG_TIMEOUT(1, printk("sg_write: queue full\n"));
561 return -EDOM;
562 }
563 buf += SZ_SG_HEADER;
564 __get_user(opcode, buf);
565 if (sfp->next_cmd_len > 0) {
566 if (sfp->next_cmd_len > MAX_COMMAND_SIZE) {
567 SCSI_LOG_TIMEOUT(1, printk("sg_write: command length too long\n"));
568 sfp->next_cmd_len = 0;
569 sg_remove_request(sfp, srp);
570 return -EIO;
571 }
572 cmd_size = sfp->next_cmd_len;
573 sfp->next_cmd_len = 0;
574 } else {
575 cmd_size = COMMAND_SIZE(opcode);
576 if ((opcode >= 0xc0) && old_hdr.twelve_byte)
577 cmd_size = 12;
578 }
579 SCSI_LOG_TIMEOUT(4, printk(
580 "sg_write: scsi opcode=0x%02x, cmd_size=%d\n", (int) opcode, cmd_size));
581
582 input_size = count - cmd_size;
583 mxsize = (input_size > old_hdr.reply_len) ? input_size : old_hdr.reply_len;
584 mxsize -= SZ_SG_HEADER;
585 input_size -= SZ_SG_HEADER;
586 if (input_size < 0) {
587 sg_remove_request(sfp, srp);
588 return -EIO;
589 }
590 hp = &srp->header;
591 hp->interface_id = '\0';
592 hp->cmd_len = (unsigned char) cmd_size;
593 hp->iovec_count = 0;
594 hp->mx_sb_len = 0;
595 if (input_size > 0)
596 hp->dxfer_direction = (old_hdr.reply_len > SZ_SG_HEADER) ?
597 SG_DXFER_TO_FROM_DEV : SG_DXFER_TO_DEV;
598 else
599 hp->dxfer_direction = (mxsize > 0) ? SG_DXFER_FROM_DEV : SG_DXFER_NONE;
600 hp->dxfer_len = mxsize;
601 if (hp->dxfer_direction == SG_DXFER_TO_DEV)
602 hp->dxferp = (char __user *)buf + cmd_size;
603 else
604 hp->dxferp = NULL;
605 hp->sbp = NULL;
606 hp->timeout = old_hdr.reply_len;
607 hp->flags = input_size;
608 hp->pack_id = old_hdr.pack_id;
609 hp->usr_ptr = NULL;
610 if (__copy_from_user(cmnd, buf, cmd_size))
611 return -EFAULT;
612
613
614
615
616
617 if (hp->dxfer_direction == SG_DXFER_TO_FROM_DEV) {
618 static char cmd[TASK_COMM_LEN];
619 if (strcmp(current->comm, cmd) && printk_ratelimit()) {
620 printk(KERN_WARNING
621 "sg_write: data in/out %d/%d bytes for SCSI command 0x%x--"
622 "guessing data in;\n "
623 "program %s not setting count and/or reply_len properly\n",
624 old_hdr.reply_len - (int)SZ_SG_HEADER,
625 input_size, (unsigned int) cmnd[0],
626 current->comm);
627 strcpy(cmd, current->comm);
628 }
629 }
630 k = sg_common_write(sfp, srp, cmnd, sfp->timeout, blocking);
631 return (k < 0) ? k : count;
632}
633
634static ssize_t
635sg_new_write(Sg_fd *sfp, struct file *file, const char __user *buf,
636 size_t count, int blocking, int read_only, int sg_io_owned,
637 Sg_request **o_srp)
638{
639 int k;
640 Sg_request *srp;
641 sg_io_hdr_t *hp;
642 unsigned char cmnd[MAX_COMMAND_SIZE];
643 int timeout;
644 unsigned long ul_timeout;
645
646 if (count < SZ_SG_IO_HDR)
647 return -EINVAL;
648 if (!access_ok(VERIFY_READ, buf, count))
649 return -EFAULT;
650
651 sfp->cmd_q = 1;
652 if (!(srp = sg_add_request(sfp))) {
653 SCSI_LOG_TIMEOUT(1, printk("sg_new_write: queue full\n"));
654 return -EDOM;
655 }
656 srp->sg_io_owned = sg_io_owned;
657 hp = &srp->header;
658 if (__copy_from_user(hp, buf, SZ_SG_IO_HDR)) {
659 sg_remove_request(sfp, srp);
660 return -EFAULT;
661 }
662 if (hp->interface_id != 'S') {
663 sg_remove_request(sfp, srp);
664 return -ENOSYS;
665 }
666 if (hp->flags & SG_FLAG_MMAP_IO) {
667 if (hp->dxfer_len > sfp->reserve.bufflen) {
668 sg_remove_request(sfp, srp);
669 return -ENOMEM;
670 }
671 if (hp->flags & SG_FLAG_DIRECT_IO) {
672 sg_remove_request(sfp, srp);
673 return -EINVAL;
674 }
675 if (sg_res_in_use(sfp)) {
676 sg_remove_request(sfp, srp);
677 return -EBUSY;
678 }
679 }
680 ul_timeout = msecs_to_jiffies(srp->header.timeout);
681 timeout = (ul_timeout < INT_MAX) ? ul_timeout : INT_MAX;
682 if ((!hp->cmdp) || (hp->cmd_len < 6) || (hp->cmd_len > sizeof (cmnd))) {
683 sg_remove_request(sfp, srp);
684 return -EMSGSIZE;
685 }
686 if (!access_ok(VERIFY_READ, hp->cmdp, hp->cmd_len)) {
687 sg_remove_request(sfp, srp);
688 return -EFAULT;
689 }
690 if (__copy_from_user(cmnd, hp->cmdp, hp->cmd_len)) {
691 sg_remove_request(sfp, srp);
692 return -EFAULT;
693 }
694 if (read_only && sg_allow_access(file, cmnd)) {
695 sg_remove_request(sfp, srp);
696 return -EPERM;
697 }
698 k = sg_common_write(sfp, srp, cmnd, timeout, blocking);
699 if (k < 0)
700 return k;
701 if (o_srp)
702 *o_srp = srp;
703 return count;
704}
705
706static int
707sg_common_write(Sg_fd * sfp, Sg_request * srp,
708 unsigned char *cmnd, int timeout, int blocking)
709{
710 int k, data_dir;
711 Sg_device *sdp = sfp->parentdp;
712 sg_io_hdr_t *hp = &srp->header;
713
714 srp->data.cmd_opcode = cmnd[0];
715 hp->status = 0;
716 hp->masked_status = 0;
717 hp->msg_status = 0;
718 hp->info = 0;
719 hp->host_status = 0;
720 hp->driver_status = 0;
721 hp->resid = 0;
722 SCSI_LOG_TIMEOUT(4, printk("sg_common_write: scsi opcode=0x%02x, cmd_size=%d\n",
723 (int) cmnd[0], (int) hp->cmd_len));
724
725 k = sg_start_req(srp, cmnd);
726 if (k) {
727 SCSI_LOG_TIMEOUT(1, printk("sg_common_write: start_req err=%d\n", k));
728 sg_finish_rem_req(srp);
729 return k;
730 }
731 if (sdp->detached) {
732 sg_finish_rem_req(srp);
733 return -ENODEV;
734 }
735
736 switch (hp->dxfer_direction) {
737 case SG_DXFER_TO_FROM_DEV:
738 case SG_DXFER_FROM_DEV:
739 data_dir = DMA_FROM_DEVICE;
740 break;
741 case SG_DXFER_TO_DEV:
742 data_dir = DMA_TO_DEVICE;
743 break;
744 case SG_DXFER_UNKNOWN:
745 data_dir = DMA_BIDIRECTIONAL;
746 break;
747 default:
748 data_dir = DMA_NONE;
749 break;
750 }
751 hp->duration = jiffies_to_msecs(jiffies);
752
753 srp->rq->timeout = timeout;
754 kref_get(&sfp->f_ref);
755 blk_execute_rq_nowait(sdp->device->request_queue, sdp->disk,
756 srp->rq, 1, sg_rq_end_io);
757 return 0;
758}
759
760static int
761sg_ioctl(struct inode *inode, struct file *filp,
762 unsigned int cmd_in, unsigned long arg)
763{
764 void __user *p = (void __user *)arg;
765 int __user *ip = p;
766 int result, val, read_only;
767 Sg_device *sdp;
768 Sg_fd *sfp;
769 Sg_request *srp;
770 unsigned long iflags;
771
772 if ((!(sfp = (Sg_fd *) filp->private_data)) || (!(sdp = sfp->parentdp)))
773 return -ENXIO;
774
775 SCSI_LOG_TIMEOUT(3, printk("sg_ioctl: %s, cmd=0x%x\n",
776 sdp->disk->disk_name, (int) cmd_in));
777 read_only = (O_RDWR != (filp->f_flags & O_ACCMODE));
778
779 switch (cmd_in) {
780 case SG_IO:
781 {
782 int blocking = 1;
783
784 if (sdp->detached)
785 return -ENODEV;
786 if (!scsi_block_when_processing_errors(sdp->device))
787 return -ENXIO;
788 if (!access_ok(VERIFY_WRITE, p, SZ_SG_IO_HDR))
789 return -EFAULT;
790 result =
791 sg_new_write(sfp, filp, p, SZ_SG_IO_HDR,
792 blocking, read_only, 1, &srp);
793 if (result < 0)
794 return result;
795 while (1) {
796 result = 0;
797 __wait_event_interruptible(sfp->read_wait,
798 (srp->done || sdp->detached),
799 result);
800 if (sdp->detached)
801 return -ENODEV;
802 write_lock_irq(&sfp->rq_list_lock);
803 if (srp->done) {
804 srp->done = 2;
805 write_unlock_irq(&sfp->rq_list_lock);
806 break;
807 }
808 srp->orphan = 1;
809 write_unlock_irq(&sfp->rq_list_lock);
810 return result;
811 }
812 result = sg_new_read(sfp, p, SZ_SG_IO_HDR, srp);
813 return (result < 0) ? result : 0;
814 }
815 case SG_SET_TIMEOUT:
816 result = get_user(val, ip);
817 if (result)
818 return result;
819 if (val < 0)
820 return -EIO;
821 if (val >= MULDIV (INT_MAX, USER_HZ, HZ))
822 val = MULDIV (INT_MAX, USER_HZ, HZ);
823 sfp->timeout_user = val;
824 sfp->timeout = MULDIV (val, HZ, USER_HZ);
825
826 return 0;
827 case SG_GET_TIMEOUT:
828
829 return sfp->timeout_user;
830 case SG_SET_FORCE_LOW_DMA:
831 result = get_user(val, ip);
832 if (result)
833 return result;
834 if (val) {
835 sfp->low_dma = 1;
836 if ((0 == sfp->low_dma) && (0 == sg_res_in_use(sfp))) {
837 val = (int) sfp->reserve.bufflen;
838 sg_remove_scat(&sfp->reserve);
839 sg_build_reserve(sfp, val);
840 }
841 } else {
842 if (sdp->detached)
843 return -ENODEV;
844 sfp->low_dma = sdp->device->host->unchecked_isa_dma;
845 }
846 return 0;
847 case SG_GET_LOW_DMA:
848 return put_user((int) sfp->low_dma, ip);
849 case SG_GET_SCSI_ID:
850 if (!access_ok(VERIFY_WRITE, p, sizeof (sg_scsi_id_t)))
851 return -EFAULT;
852 else {
853 sg_scsi_id_t __user *sg_idp = p;
854
855 if (sdp->detached)
856 return -ENODEV;
857 __put_user((int) sdp->device->host->host_no,
858 &sg_idp->host_no);
859 __put_user((int) sdp->device->channel,
860 &sg_idp->channel);
861 __put_user((int) sdp->device->id, &sg_idp->scsi_id);
862 __put_user((int) sdp->device->lun, &sg_idp->lun);
863 __put_user((int) sdp->device->type, &sg_idp->scsi_type);
864 __put_user((short) sdp->device->host->cmd_per_lun,
865 &sg_idp->h_cmd_per_lun);
866 __put_user((short) sdp->device->queue_depth,
867 &sg_idp->d_queue_depth);
868 __put_user(0, &sg_idp->unused[0]);
869 __put_user(0, &sg_idp->unused[1]);
870 return 0;
871 }
872 case SG_SET_FORCE_PACK_ID:
873 result = get_user(val, ip);
874 if (result)
875 return result;
876 sfp->force_packid = val ? 1 : 0;
877 return 0;
878 case SG_GET_PACK_ID:
879 if (!access_ok(VERIFY_WRITE, ip, sizeof (int)))
880 return -EFAULT;
881 read_lock_irqsave(&sfp->rq_list_lock, iflags);
882 for (srp = sfp->headrp; srp; srp = srp->nextrp) {
883 if ((1 == srp->done) && (!srp->sg_io_owned)) {
884 read_unlock_irqrestore(&sfp->rq_list_lock,
885 iflags);
886 __put_user(srp->header.pack_id, ip);
887 return 0;
888 }
889 }
890 read_unlock_irqrestore(&sfp->rq_list_lock, iflags);
891 __put_user(-1, ip);
892 return 0;
893 case SG_GET_NUM_WAITING:
894 read_lock_irqsave(&sfp->rq_list_lock, iflags);
895 for (val = 0, srp = sfp->headrp; srp; srp = srp->nextrp) {
896 if ((1 == srp->done) && (!srp->sg_io_owned))
897 ++val;
898 }
899 read_unlock_irqrestore(&sfp->rq_list_lock, iflags);
900 return put_user(val, ip);
901 case SG_GET_SG_TABLESIZE:
902 return put_user(sdp->sg_tablesize, ip);
903 case SG_SET_RESERVED_SIZE:
904 result = get_user(val, ip);
905 if (result)
906 return result;
907 if (val < 0)
908 return -EINVAL;
909 val = min_t(int, val,
910 queue_max_sectors(sdp->device->request_queue) * 512);
911 if (val != sfp->reserve.bufflen) {
912 if (sg_res_in_use(sfp) || sfp->mmap_called)
913 return -EBUSY;
914 sg_remove_scat(&sfp->reserve);
915 sg_build_reserve(sfp, val);
916 }
917 return 0;
918 case SG_GET_RESERVED_SIZE:
919 val = min_t(int, sfp->reserve.bufflen,
920 queue_max_sectors(sdp->device->request_queue) * 512);
921 return put_user(val, ip);
922 case SG_SET_COMMAND_Q:
923 result = get_user(val, ip);
924 if (result)
925 return result;
926 sfp->cmd_q = val ? 1 : 0;
927 return 0;
928 case SG_GET_COMMAND_Q:
929 return put_user((int) sfp->cmd_q, ip);
930 case SG_SET_KEEP_ORPHAN:
931 result = get_user(val, ip);
932 if (result)
933 return result;
934 sfp->keep_orphan = val;
935 return 0;
936 case SG_GET_KEEP_ORPHAN:
937 return put_user((int) sfp->keep_orphan, ip);
938 case SG_NEXT_CMD_LEN:
939 result = get_user(val, ip);
940 if (result)
941 return result;
942 sfp->next_cmd_len = (val > 0) ? val : 0;
943 return 0;
944 case SG_GET_VERSION_NUM:
945 return put_user(sg_version_num, ip);
946 case SG_GET_ACCESS_COUNT:
947
948 val = (sdp->device ? 1 : 0);
949 return put_user(val, ip);
950 case SG_GET_REQUEST_TABLE:
951 if (!access_ok(VERIFY_WRITE, p, SZ_SG_REQ_INFO * SG_MAX_QUEUE))
952 return -EFAULT;
953 else {
954 sg_req_info_t *rinfo;
955 unsigned int ms;
956
957 rinfo = kmalloc(SZ_SG_REQ_INFO * SG_MAX_QUEUE,
958 GFP_KERNEL);
959 if (!rinfo)
960 return -ENOMEM;
961 read_lock_irqsave(&sfp->rq_list_lock, iflags);
962 for (srp = sfp->headrp, val = 0; val < SG_MAX_QUEUE;
963 ++val, srp = srp ? srp->nextrp : srp) {
964 memset(&rinfo[val], 0, SZ_SG_REQ_INFO);
965 if (srp) {
966 rinfo[val].req_state = srp->done + 1;
967 rinfo[val].problem =
968 srp->header.masked_status &
969 srp->header.host_status &
970 srp->header.driver_status;
971 if (srp->done)
972 rinfo[val].duration =
973 srp->header.duration;
974 else {
975 ms = jiffies_to_msecs(jiffies);
976 rinfo[val].duration =
977 (ms > srp->header.duration) ?
978 (ms - srp->header.duration) : 0;
979 }
980 rinfo[val].orphan = srp->orphan;
981 rinfo[val].sg_io_owned =
982 srp->sg_io_owned;
983 rinfo[val].pack_id =
984 srp->header.pack_id;
985 rinfo[val].usr_ptr =
986 srp->header.usr_ptr;
987 }
988 }
989 read_unlock_irqrestore(&sfp->rq_list_lock, iflags);
990 result = __copy_to_user(p, rinfo,
991 SZ_SG_REQ_INFO * SG_MAX_QUEUE);
992 result = result ? -EFAULT : 0;
993 kfree(rinfo);
994 return result;
995 }
996 case SG_EMULATED_HOST:
997 if (sdp->detached)
998 return -ENODEV;
999 return put_user(sdp->device->host->hostt->emulated, ip);
1000 case SG_SCSI_RESET:
1001 if (sdp->detached)
1002 return -ENODEV;
1003 if (filp->f_flags & O_NONBLOCK) {
1004 if (scsi_host_in_recovery(sdp->device->host))
1005 return -EBUSY;
1006 } else if (!scsi_block_when_processing_errors(sdp->device))
1007 return -EBUSY;
1008 result = get_user(val, ip);
1009 if (result)
1010 return result;
1011 if (SG_SCSI_RESET_NOTHING == val)
1012 return 0;
1013 switch (val) {
1014 case SG_SCSI_RESET_DEVICE:
1015 val = SCSI_TRY_RESET_DEVICE;
1016 break;
1017 case SG_SCSI_RESET_TARGET:
1018 val = SCSI_TRY_RESET_TARGET;
1019 break;
1020 case SG_SCSI_RESET_BUS:
1021 val = SCSI_TRY_RESET_BUS;
1022 break;
1023 case SG_SCSI_RESET_HOST:
1024 val = SCSI_TRY_RESET_HOST;
1025 break;
1026 default:
1027 return -EINVAL;
1028 }
1029 if (!capable(CAP_SYS_ADMIN) || !capable(CAP_SYS_RAWIO))
1030 return -EACCES;
1031 return (scsi_reset_provider(sdp->device, val) ==
1032 SUCCESS) ? 0 : -EIO;
1033 case SCSI_IOCTL_SEND_COMMAND:
1034 if (sdp->detached)
1035 return -ENODEV;
1036 if (read_only) {
1037 unsigned char opcode = WRITE_6;
1038 Scsi_Ioctl_Command __user *siocp = p;
1039
1040 if (copy_from_user(&opcode, siocp->data, 1))
1041 return -EFAULT;
1042 if (sg_allow_access(filp, &opcode))
1043 return -EPERM;
1044 }
1045 return sg_scsi_ioctl(sdp->device->request_queue, NULL, filp->f_mode, p);
1046 case SG_SET_DEBUG:
1047 result = get_user(val, ip);
1048 if (result)
1049 return result;
1050 sdp->sgdebug = (char) val;
1051 return 0;
1052 case SCSI_IOCTL_GET_IDLUN:
1053 case SCSI_IOCTL_GET_BUS_NUMBER:
1054 case SCSI_IOCTL_PROBE_HOST:
1055 case SG_GET_TRANSFORM:
1056 if (sdp->detached)
1057 return -ENODEV;
1058 return scsi_ioctl(sdp->device, cmd_in, p);
1059 case BLKSECTGET:
1060 return put_user(queue_max_sectors(sdp->device->request_queue) * 512,
1061 ip);
1062 case BLKTRACESETUP:
1063 return blk_trace_setup(sdp->device->request_queue,
1064 sdp->disk->disk_name,
1065 MKDEV(SCSI_GENERIC_MAJOR, sdp->index),
1066 NULL,
1067 (char *)arg);
1068 case BLKTRACESTART:
1069 return blk_trace_startstop(sdp->device->request_queue, 1);
1070 case BLKTRACESTOP:
1071 return blk_trace_startstop(sdp->device->request_queue, 0);
1072 case BLKTRACETEARDOWN:
1073 return blk_trace_remove(sdp->device->request_queue);
1074 default:
1075 if (read_only)
1076 return -EPERM;
1077 return scsi_ioctl(sdp->device, cmd_in, p);
1078 }
1079}
1080
1081#ifdef CONFIG_COMPAT
1082static long sg_compat_ioctl(struct file *filp, unsigned int cmd_in, unsigned long arg)
1083{
1084 Sg_device *sdp;
1085 Sg_fd *sfp;
1086 struct scsi_device *sdev;
1087
1088 if ((!(sfp = (Sg_fd *) filp->private_data)) || (!(sdp = sfp->parentdp)))
1089 return -ENXIO;
1090
1091 sdev = sdp->device;
1092 if (sdev->host->hostt->compat_ioctl) {
1093 int ret;
1094
1095 ret = sdev->host->hostt->compat_ioctl(sdev, cmd_in, (void __user *)arg);
1096
1097 return ret;
1098 }
1099
1100 return -ENOIOCTLCMD;
1101}
1102#endif
1103
1104static unsigned int
1105sg_poll(struct file *filp, poll_table * wait)
1106{
1107 unsigned int res = 0;
1108 Sg_device *sdp;
1109 Sg_fd *sfp;
1110 Sg_request *srp;
1111 int count = 0;
1112 unsigned long iflags;
1113
1114 if ((!(sfp = (Sg_fd *) filp->private_data)) || (!(sdp = sfp->parentdp))
1115 || sfp->closed)
1116 return POLLERR;
1117 poll_wait(filp, &sfp->read_wait, wait);
1118 read_lock_irqsave(&sfp->rq_list_lock, iflags);
1119 for (srp = sfp->headrp; srp; srp = srp->nextrp) {
1120
1121 if ((0 == res) && (1 == srp->done) && (!srp->sg_io_owned))
1122 res = POLLIN | POLLRDNORM;
1123 ++count;
1124 }
1125 read_unlock_irqrestore(&sfp->rq_list_lock, iflags);
1126
1127 if (sdp->detached)
1128 res |= POLLHUP;
1129 else if (!sfp->cmd_q) {
1130 if (0 == count)
1131 res |= POLLOUT | POLLWRNORM;
1132 } else if (count < SG_MAX_QUEUE)
1133 res |= POLLOUT | POLLWRNORM;
1134 SCSI_LOG_TIMEOUT(3, printk("sg_poll: %s, res=0x%x\n",
1135 sdp->disk->disk_name, (int) res));
1136 return res;
1137}
1138
1139static int
1140sg_fasync(int fd, struct file *filp, int mode)
1141{
1142 Sg_device *sdp;
1143 Sg_fd *sfp;
1144
1145 if ((!(sfp = (Sg_fd *) filp->private_data)) || (!(sdp = sfp->parentdp)))
1146 return -ENXIO;
1147 SCSI_LOG_TIMEOUT(3, printk("sg_fasync: %s, mode=%d\n",
1148 sdp->disk->disk_name, mode));
1149
1150 return fasync_helper(fd, filp, mode, &sfp->async_qp);
1151}
1152
1153static int
1154sg_vma_fault(struct vm_area_struct *vma, struct vm_fault *vmf)
1155{
1156 Sg_fd *sfp;
1157 unsigned long offset, len, sa;
1158 Sg_scatter_hold *rsv_schp;
1159 int k, length;
1160
1161 if ((NULL == vma) || (!(sfp = (Sg_fd *) vma->vm_private_data)))
1162 return VM_FAULT_SIGBUS;
1163 rsv_schp = &sfp->reserve;
1164 offset = vmf->pgoff << PAGE_SHIFT;
1165 if (offset >= rsv_schp->bufflen)
1166 return VM_FAULT_SIGBUS;
1167 SCSI_LOG_TIMEOUT(3, printk("sg_vma_fault: offset=%lu, scatg=%d\n",
1168 offset, rsv_schp->k_use_sg));
1169 sa = vma->vm_start;
1170 length = 1 << (PAGE_SHIFT + rsv_schp->page_order);
1171 for (k = 0; k < rsv_schp->k_use_sg && sa < vma->vm_end; k++) {
1172 len = vma->vm_end - sa;
1173 len = (len < length) ? len : length;
1174 if (offset < len) {
1175 struct page *page = nth_page(rsv_schp->pages[k],
1176 offset >> PAGE_SHIFT);
1177 get_page(page);
1178 vmf->page = page;
1179 return 0;
1180 }
1181 sa += len;
1182 offset -= len;
1183 }
1184
1185 return VM_FAULT_SIGBUS;
1186}
1187
1188static const struct vm_operations_struct sg_mmap_vm_ops = {
1189 .fault = sg_vma_fault,
1190};
1191
1192static int
1193sg_mmap(struct file *filp, struct vm_area_struct *vma)
1194{
1195 Sg_fd *sfp;
1196 unsigned long req_sz, len, sa;
1197 Sg_scatter_hold *rsv_schp;
1198 int k, length;
1199
1200 if ((!filp) || (!vma) || (!(sfp = (Sg_fd *) filp->private_data)))
1201 return -ENXIO;
1202 req_sz = vma->vm_end - vma->vm_start;
1203 SCSI_LOG_TIMEOUT(3, printk("sg_mmap starting, vm_start=%p, len=%d\n",
1204 (void *) vma->vm_start, (int) req_sz));
1205 if (vma->vm_pgoff)
1206 return -EINVAL;
1207 rsv_schp = &sfp->reserve;
1208 if (req_sz > rsv_schp->bufflen)
1209 return -ENOMEM;
1210
1211 sa = vma->vm_start;
1212 length = 1 << (PAGE_SHIFT + rsv_schp->page_order);
1213 for (k = 0; k < rsv_schp->k_use_sg && sa < vma->vm_end; k++) {
1214 len = vma->vm_end - sa;
1215 len = (len < length) ? len : length;
1216 sa += len;
1217 }
1218
1219 sfp->mmap_called = 1;
1220 vma->vm_flags |= VM_RESERVED;
1221 vma->vm_private_data = sfp;
1222 vma->vm_ops = &sg_mmap_vm_ops;
1223 return 0;
1224}
1225
1226static void sg_rq_end_io_usercontext(struct work_struct *work)
1227{
1228 struct sg_request *srp = container_of(work, struct sg_request, ew.work);
1229 struct sg_fd *sfp = srp->parentfp;
1230
1231 sg_finish_rem_req(srp);
1232 kref_put(&sfp->f_ref, sg_remove_sfp);
1233}
1234
1235
1236
1237
1238
1239static void sg_rq_end_io(struct request *rq, int uptodate)
1240{
1241 struct sg_request *srp = rq->end_io_data;
1242 Sg_device *sdp;
1243 Sg_fd *sfp;
1244 unsigned long iflags;
1245 unsigned int ms;
1246 char *sense;
1247 int result, resid, done = 1;
1248
1249 if (WARN_ON(srp->done != 0))
1250 return;
1251
1252 sfp = srp->parentfp;
1253 if (WARN_ON(sfp == NULL))
1254 return;
1255
1256 sdp = sfp->parentdp;
1257 if (unlikely(sdp->detached))
1258 printk(KERN_INFO "sg_rq_end_io: device detached\n");
1259
1260 sense = rq->sense;
1261 result = rq->errors;
1262 resid = rq->resid_len;
1263
1264 SCSI_LOG_TIMEOUT(4, printk("sg_cmd_done: %s, pack_id=%d, res=0x%x\n",
1265 sdp->disk->disk_name, srp->header.pack_id, result));
1266 srp->header.resid = resid;
1267 ms = jiffies_to_msecs(jiffies);
1268 srp->header.duration = (ms > srp->header.duration) ?
1269 (ms - srp->header.duration) : 0;
1270 if (0 != result) {
1271 struct scsi_sense_hdr sshdr;
1272
1273 srp->header.status = 0xff & result;
1274 srp->header.masked_status = status_byte(result);
1275 srp->header.msg_status = msg_byte(result);
1276 srp->header.host_status = host_byte(result);
1277 srp->header.driver_status = driver_byte(result);
1278 if ((sdp->sgdebug > 0) &&
1279 ((CHECK_CONDITION == srp->header.masked_status) ||
1280 (COMMAND_TERMINATED == srp->header.masked_status)))
1281 __scsi_print_sense("sg_cmd_done", sense,
1282 SCSI_SENSE_BUFFERSIZE);
1283
1284
1285 if (driver_byte(result) != 0
1286 && scsi_normalize_sense(sense, SCSI_SENSE_BUFFERSIZE, &sshdr)
1287 && !scsi_sense_is_deferred(&sshdr)
1288 && sshdr.sense_key == UNIT_ATTENTION
1289 && sdp->device->removable) {
1290
1291
1292 sdp->device->changed = 1;
1293 }
1294 }
1295
1296
1297 write_lock_irqsave(&sfp->rq_list_lock, iflags);
1298 if (unlikely(srp->orphan)) {
1299 if (sfp->keep_orphan)
1300 srp->sg_io_owned = 0;
1301 else
1302 done = 0;
1303 }
1304 srp->done = done;
1305 write_unlock_irqrestore(&sfp->rq_list_lock, iflags);
1306
1307 if (likely(done)) {
1308
1309
1310
1311 wake_up_interruptible(&sfp->read_wait);
1312 kill_fasync(&sfp->async_qp, SIGPOLL, POLL_IN);
1313 kref_put(&sfp->f_ref, sg_remove_sfp);
1314 } else {
1315 INIT_WORK(&srp->ew.work, sg_rq_end_io_usercontext);
1316 schedule_work(&srp->ew.work);
1317 }
1318}
1319
1320static const struct file_operations sg_fops = {
1321 .owner = THIS_MODULE,
1322 .read = sg_read,
1323 .write = sg_write,
1324 .poll = sg_poll,
1325 .ioctl = sg_ioctl,
1326#ifdef CONFIG_COMPAT
1327 .compat_ioctl = sg_compat_ioctl,
1328#endif
1329 .open = sg_open,
1330 .mmap = sg_mmap,
1331 .release = sg_release,
1332 .fasync = sg_fasync,
1333};
1334
1335static struct class *sg_sysfs_class;
1336
1337static int sg_sysfs_valid = 0;
1338
1339static Sg_device *sg_alloc(struct gendisk *disk, struct scsi_device *scsidp)
1340{
1341 struct request_queue *q = scsidp->request_queue;
1342 Sg_device *sdp;
1343 unsigned long iflags;
1344 int error;
1345 u32 k;
1346
1347 sdp = kzalloc(sizeof(Sg_device), GFP_KERNEL);
1348 if (!sdp) {
1349 printk(KERN_WARNING "kmalloc Sg_device failure\n");
1350 return ERR_PTR(-ENOMEM);
1351 }
1352
1353 if (!idr_pre_get(&sg_index_idr, GFP_KERNEL)) {
1354 printk(KERN_WARNING "idr expansion Sg_device failure\n");
1355 error = -ENOMEM;
1356 goto out;
1357 }
1358
1359 write_lock_irqsave(&sg_index_lock, iflags);
1360
1361 error = idr_get_new(&sg_index_idr, sdp, &k);
1362 if (error) {
1363 write_unlock_irqrestore(&sg_index_lock, iflags);
1364 printk(KERN_WARNING "idr allocation Sg_device failure: %d\n",
1365 error);
1366 goto out;
1367 }
1368
1369 if (unlikely(k >= SG_MAX_DEVS))
1370 goto overflow;
1371
1372 SCSI_LOG_TIMEOUT(3, printk("sg_alloc: dev=%d \n", k));
1373 sprintf(disk->disk_name, "sg%d", k);
1374 disk->first_minor = k;
1375 sdp->disk = disk;
1376 sdp->device = scsidp;
1377 INIT_LIST_HEAD(&sdp->sfds);
1378 init_waitqueue_head(&sdp->o_excl_wait);
1379 sdp->sg_tablesize = min(queue_max_hw_segments(q),
1380 queue_max_phys_segments(q));
1381 sdp->index = k;
1382 kref_init(&sdp->d_ref);
1383
1384 write_unlock_irqrestore(&sg_index_lock, iflags);
1385
1386 error = 0;
1387 out:
1388 if (error) {
1389 kfree(sdp);
1390 return ERR_PTR(error);
1391 }
1392 return sdp;
1393
1394 overflow:
1395 idr_remove(&sg_index_idr, k);
1396 write_unlock_irqrestore(&sg_index_lock, iflags);
1397 sdev_printk(KERN_WARNING, scsidp,
1398 "Unable to attach sg device type=%d, minor "
1399 "number exceeds %d\n", scsidp->type, SG_MAX_DEVS - 1);
1400 error = -ENODEV;
1401 goto out;
1402}
1403
1404static int
1405sg_add(struct device *cl_dev, struct class_interface *cl_intf)
1406{
1407 struct scsi_device *scsidp = to_scsi_device(cl_dev->parent);
1408 struct gendisk *disk;
1409 Sg_device *sdp = NULL;
1410 struct cdev * cdev = NULL;
1411 int error;
1412 unsigned long iflags;
1413
1414 disk = alloc_disk(1);
1415 if (!disk) {
1416 printk(KERN_WARNING "alloc_disk failed\n");
1417 return -ENOMEM;
1418 }
1419 disk->major = SCSI_GENERIC_MAJOR;
1420
1421 error = -ENOMEM;
1422 cdev = cdev_alloc();
1423 if (!cdev) {
1424 printk(KERN_WARNING "cdev_alloc failed\n");
1425 goto out;
1426 }
1427 cdev->owner = THIS_MODULE;
1428 cdev->ops = &sg_fops;
1429
1430 sdp = sg_alloc(disk, scsidp);
1431 if (IS_ERR(sdp)) {
1432 printk(KERN_WARNING "sg_alloc failed\n");
1433 error = PTR_ERR(sdp);
1434 goto out;
1435 }
1436
1437 error = cdev_add(cdev, MKDEV(SCSI_GENERIC_MAJOR, sdp->index), 1);
1438 if (error)
1439 goto cdev_add_err;
1440
1441 sdp->cdev = cdev;
1442 if (sg_sysfs_valid) {
1443 struct device *sg_class_member;
1444
1445 sg_class_member = device_create(sg_sysfs_class, cl_dev->parent,
1446 MKDEV(SCSI_GENERIC_MAJOR,
1447 sdp->index),
1448 sdp, "%s", disk->disk_name);
1449 if (IS_ERR(sg_class_member)) {
1450 printk(KERN_ERR "sg_add: "
1451 "device_create failed\n");
1452 error = PTR_ERR(sg_class_member);
1453 goto cdev_add_err;
1454 }
1455 error = sysfs_create_link(&scsidp->sdev_gendev.kobj,
1456 &sg_class_member->kobj, "generic");
1457 if (error)
1458 printk(KERN_ERR "sg_add: unable to make symlink "
1459 "'generic' back to sg%d\n", sdp->index);
1460 } else
1461 printk(KERN_WARNING "sg_add: sg_sys Invalid\n");
1462
1463 sdev_printk(KERN_NOTICE, scsidp,
1464 "Attached scsi generic sg%d type %d\n", sdp->index,
1465 scsidp->type);
1466
1467 dev_set_drvdata(cl_dev, sdp);
1468
1469 return 0;
1470
1471cdev_add_err:
1472 write_lock_irqsave(&sg_index_lock, iflags);
1473 idr_remove(&sg_index_idr, sdp->index);
1474 write_unlock_irqrestore(&sg_index_lock, iflags);
1475 kfree(sdp);
1476
1477out:
1478 put_disk(disk);
1479 if (cdev)
1480 cdev_del(cdev);
1481 return error;
1482}
1483
1484static void sg_device_destroy(struct kref *kref)
1485{
1486 struct sg_device *sdp = container_of(kref, struct sg_device, d_ref);
1487 unsigned long flags;
1488
1489
1490
1491
1492
1493
1494 write_lock_irqsave(&sg_index_lock, flags);
1495 idr_remove(&sg_index_idr, sdp->index);
1496 write_unlock_irqrestore(&sg_index_lock, flags);
1497
1498 SCSI_LOG_TIMEOUT(3,
1499 printk("sg_device_destroy: %s\n",
1500 sdp->disk->disk_name));
1501
1502 put_disk(sdp->disk);
1503 kfree(sdp);
1504}
1505
1506static void sg_remove(struct device *cl_dev, struct class_interface *cl_intf)
1507{
1508 struct scsi_device *scsidp = to_scsi_device(cl_dev->parent);
1509 Sg_device *sdp = dev_get_drvdata(cl_dev);
1510 unsigned long iflags;
1511 Sg_fd *sfp;
1512
1513 if (!sdp || sdp->detached)
1514 return;
1515
1516 SCSI_LOG_TIMEOUT(3, printk("sg_remove: %s\n", sdp->disk->disk_name));
1517
1518
1519 write_lock_irqsave(&sg_index_lock, iflags);
1520 sdp->detached = 1;
1521 list_for_each_entry(sfp, &sdp->sfds, sfd_siblings) {
1522 wake_up_interruptible(&sfp->read_wait);
1523 kill_fasync(&sfp->async_qp, SIGPOLL, POLL_HUP);
1524 }
1525 write_unlock_irqrestore(&sg_index_lock, iflags);
1526
1527 sysfs_remove_link(&scsidp->sdev_gendev.kobj, "generic");
1528 device_destroy(sg_sysfs_class, MKDEV(SCSI_GENERIC_MAJOR, sdp->index));
1529 cdev_del(sdp->cdev);
1530 sdp->cdev = NULL;
1531
1532 sg_put_dev(sdp);
1533}
1534
1535module_param_named(scatter_elem_sz, scatter_elem_sz, int, S_IRUGO | S_IWUSR);
1536module_param_named(def_reserved_size, def_reserved_size, int,
1537 S_IRUGO | S_IWUSR);
1538module_param_named(allow_dio, sg_allow_dio, int, S_IRUGO | S_IWUSR);
1539
1540MODULE_AUTHOR("Douglas Gilbert");
1541MODULE_DESCRIPTION("SCSI generic (sg) driver");
1542MODULE_LICENSE("GPL");
1543MODULE_VERSION(SG_VERSION_STR);
1544MODULE_ALIAS_CHARDEV_MAJOR(SCSI_GENERIC_MAJOR);
1545
1546MODULE_PARM_DESC(scatter_elem_sz, "scatter gather element "
1547 "size (default: max(SG_SCATTER_SZ, PAGE_SIZE))");
1548MODULE_PARM_DESC(def_reserved_size, "size of buffer reserved for each fd");
1549MODULE_PARM_DESC(allow_dio, "allow direct I/O (default: 0 (disallow))");
1550
1551static int __init
1552init_sg(void)
1553{
1554 int rc;
1555
1556 if (scatter_elem_sz < PAGE_SIZE) {
1557 scatter_elem_sz = PAGE_SIZE;
1558 scatter_elem_sz_prev = scatter_elem_sz;
1559 }
1560 if (def_reserved_size >= 0)
1561 sg_big_buff = def_reserved_size;
1562 else
1563 def_reserved_size = sg_big_buff;
1564
1565 rc = register_chrdev_region(MKDEV(SCSI_GENERIC_MAJOR, 0),
1566 SG_MAX_DEVS, "sg");
1567 if (rc)
1568 return rc;
1569 sg_sysfs_class = class_create(THIS_MODULE, "scsi_generic");
1570 if ( IS_ERR(sg_sysfs_class) ) {
1571 rc = PTR_ERR(sg_sysfs_class);
1572 goto err_out;
1573 }
1574 sg_sysfs_valid = 1;
1575 rc = scsi_register_interface(&sg_interface);
1576 if (0 == rc) {
1577#ifdef CONFIG_SCSI_PROC_FS
1578 sg_proc_init();
1579#endif
1580 return 0;
1581 }
1582 class_destroy(sg_sysfs_class);
1583err_out:
1584 unregister_chrdev_region(MKDEV(SCSI_GENERIC_MAJOR, 0), SG_MAX_DEVS);
1585 return rc;
1586}
1587
1588static void __exit
1589exit_sg(void)
1590{
1591#ifdef CONFIG_SCSI_PROC_FS
1592 sg_proc_cleanup();
1593#endif
1594 scsi_unregister_interface(&sg_interface);
1595 class_destroy(sg_sysfs_class);
1596 sg_sysfs_valid = 0;
1597 unregister_chrdev_region(MKDEV(SCSI_GENERIC_MAJOR, 0),
1598 SG_MAX_DEVS);
1599 idr_destroy(&sg_index_idr);
1600}
1601
1602static int sg_start_req(Sg_request *srp, unsigned char *cmd)
1603{
1604 int res;
1605 struct request *rq;
1606 Sg_fd *sfp = srp->parentfp;
1607 sg_io_hdr_t *hp = &srp->header;
1608 int dxfer_len = (int) hp->dxfer_len;
1609 int dxfer_dir = hp->dxfer_direction;
1610 unsigned int iov_count = hp->iovec_count;
1611 Sg_scatter_hold *req_schp = &srp->data;
1612 Sg_scatter_hold *rsv_schp = &sfp->reserve;
1613 struct request_queue *q = sfp->parentdp->device->request_queue;
1614 struct rq_map_data *md, map_data;
1615 int rw = hp->dxfer_direction == SG_DXFER_TO_DEV ? WRITE : READ;
1616
1617 SCSI_LOG_TIMEOUT(4, printk(KERN_INFO "sg_start_req: dxfer_len=%d\n",
1618 dxfer_len));
1619
1620 rq = blk_get_request(q, rw, GFP_ATOMIC);
1621 if (!rq)
1622 return -ENOMEM;
1623
1624 memcpy(rq->cmd, cmd, hp->cmd_len);
1625
1626 rq->cmd_len = hp->cmd_len;
1627 rq->cmd_type = REQ_TYPE_BLOCK_PC;
1628
1629 srp->rq = rq;
1630 rq->end_io_data = srp;
1631 rq->sense = srp->sense_b;
1632 rq->retries = SG_DEFAULT_RETRIES;
1633
1634 if ((dxfer_len <= 0) || (dxfer_dir == SG_DXFER_NONE))
1635 return 0;
1636
1637 if (sg_allow_dio && hp->flags & SG_FLAG_DIRECT_IO &&
1638 dxfer_dir != SG_DXFER_UNKNOWN && !iov_count &&
1639 !sfp->parentdp->device->host->unchecked_isa_dma &&
1640 blk_rq_aligned(q, hp->dxferp, dxfer_len))
1641 md = NULL;
1642 else
1643 md = &map_data;
1644
1645 if (md) {
1646 if (!sg_res_in_use(sfp) && dxfer_len <= rsv_schp->bufflen)
1647 sg_link_reserve(sfp, srp, dxfer_len);
1648 else {
1649 res = sg_build_indirect(req_schp, sfp, dxfer_len);
1650 if (res)
1651 return res;
1652 }
1653
1654 md->pages = req_schp->pages;
1655 md->page_order = req_schp->page_order;
1656 md->nr_entries = req_schp->k_use_sg;
1657 md->offset = 0;
1658 md->null_mapped = hp->dxferp ? 0 : 1;
1659 if (dxfer_dir == SG_DXFER_TO_FROM_DEV)
1660 md->from_user = 1;
1661 else
1662 md->from_user = 0;
1663 }
1664
1665 if (iov_count) {
1666 int len, size = sizeof(struct sg_iovec) * iov_count;
1667 struct iovec *iov;
1668
1669 iov = kmalloc(size, GFP_ATOMIC);
1670 if (!iov)
1671 return -ENOMEM;
1672
1673 if (copy_from_user(iov, hp->dxferp, size)) {
1674 kfree(iov);
1675 return -EFAULT;
1676 }
1677
1678 len = iov_length(iov, iov_count);
1679 if (hp->dxfer_len < len) {
1680 iov_count = iov_shorten(iov, iov_count, hp->dxfer_len);
1681 len = hp->dxfer_len;
1682 }
1683
1684 res = blk_rq_map_user_iov(q, rq, md, (struct sg_iovec *)iov,
1685 iov_count,
1686 len, GFP_ATOMIC);
1687 kfree(iov);
1688 } else
1689 res = blk_rq_map_user(q, rq, md, hp->dxferp,
1690 hp->dxfer_len, GFP_ATOMIC);
1691
1692 if (!res) {
1693 srp->bio = rq->bio;
1694
1695 if (!md) {
1696 req_schp->dio_in_use = 1;
1697 hp->info |= SG_INFO_DIRECT_IO;
1698 }
1699 }
1700 return res;
1701}
1702
1703static int sg_finish_rem_req(Sg_request * srp)
1704{
1705 int ret = 0;
1706
1707 Sg_fd *sfp = srp->parentfp;
1708 Sg_scatter_hold *req_schp = &srp->data;
1709
1710 SCSI_LOG_TIMEOUT(4, printk("sg_finish_rem_req: res_used=%d\n", (int) srp->res_used));
1711 if (srp->rq) {
1712 if (srp->bio)
1713 ret = blk_rq_unmap_user(srp->bio);
1714
1715 blk_put_request(srp->rq);
1716 }
1717
1718 if (srp->res_used)
1719 sg_unlink_reserve(sfp, srp);
1720 else
1721 sg_remove_scat(req_schp);
1722
1723 sg_remove_request(sfp, srp);
1724
1725 return ret;
1726}
1727
1728static int
1729sg_build_sgat(Sg_scatter_hold * schp, const Sg_fd * sfp, int tablesize)
1730{
1731 int sg_bufflen = tablesize * sizeof(struct page *);
1732 gfp_t gfp_flags = GFP_ATOMIC | __GFP_NOWARN;
1733
1734 schp->pages = kzalloc(sg_bufflen, gfp_flags);
1735 if (!schp->pages)
1736 return -ENOMEM;
1737 schp->sglist_len = sg_bufflen;
1738 return tablesize;
1739}
1740
1741static int
1742sg_build_indirect(Sg_scatter_hold * schp, Sg_fd * sfp, int buff_size)
1743{
1744 int ret_sz = 0, i, k, rem_sz, num, mx_sc_elems;
1745 int sg_tablesize = sfp->parentdp->sg_tablesize;
1746 int blk_size = buff_size, order;
1747 gfp_t gfp_mask = GFP_ATOMIC | __GFP_COMP | __GFP_NOWARN;
1748
1749 if (blk_size < 0)
1750 return -EFAULT;
1751 if (0 == blk_size)
1752 ++blk_size;
1753
1754 blk_size = ALIGN(blk_size, SG_SECTOR_SZ);
1755 SCSI_LOG_TIMEOUT(4, printk("sg_build_indirect: buff_size=%d, blk_size=%d\n",
1756 buff_size, blk_size));
1757
1758
1759 mx_sc_elems = sg_build_sgat(schp, sfp, sg_tablesize);
1760 if (mx_sc_elems < 0)
1761 return mx_sc_elems;
1762
1763 num = scatter_elem_sz;
1764 if (unlikely(num != scatter_elem_sz_prev)) {
1765 if (num < PAGE_SIZE) {
1766 scatter_elem_sz = PAGE_SIZE;
1767 scatter_elem_sz_prev = PAGE_SIZE;
1768 } else
1769 scatter_elem_sz_prev = num;
1770 }
1771
1772 if (sfp->low_dma)
1773 gfp_mask |= GFP_DMA;
1774
1775 if (!capable(CAP_SYS_ADMIN) || !capable(CAP_SYS_RAWIO))
1776 gfp_mask |= __GFP_ZERO;
1777
1778 order = get_order(num);
1779retry:
1780 ret_sz = 1 << (PAGE_SHIFT + order);
1781
1782 for (k = 0, rem_sz = blk_size; rem_sz > 0 && k < mx_sc_elems;
1783 k++, rem_sz -= ret_sz) {
1784
1785 num = (rem_sz > scatter_elem_sz_prev) ?
1786 scatter_elem_sz_prev : rem_sz;
1787
1788 schp->pages[k] = alloc_pages(gfp_mask, order);
1789 if (!schp->pages[k])
1790 goto out;
1791
1792 if (num == scatter_elem_sz_prev) {
1793 if (unlikely(ret_sz > scatter_elem_sz_prev)) {
1794 scatter_elem_sz = ret_sz;
1795 scatter_elem_sz_prev = ret_sz;
1796 }
1797 }
1798
1799 SCSI_LOG_TIMEOUT(5, printk("sg_build_indirect: k=%d, num=%d, "
1800 "ret_sz=%d\n", k, num, ret_sz));
1801 }
1802
1803 schp->page_order = order;
1804 schp->k_use_sg = k;
1805 SCSI_LOG_TIMEOUT(5, printk("sg_build_indirect: k_use_sg=%d, "
1806 "rem_sz=%d\n", k, rem_sz));
1807
1808 schp->bufflen = blk_size;
1809 if (rem_sz > 0)
1810 return -ENOMEM;
1811 return 0;
1812out:
1813 for (i = 0; i < k; i++)
1814 __free_pages(schp->pages[i], order);
1815
1816 if (--order >= 0)
1817 goto retry;
1818
1819 return -ENOMEM;
1820}
1821
1822static void
1823sg_remove_scat(Sg_scatter_hold * schp)
1824{
1825 SCSI_LOG_TIMEOUT(4, printk("sg_remove_scat: k_use_sg=%d\n", schp->k_use_sg));
1826 if (schp->pages && schp->sglist_len > 0) {
1827 if (!schp->dio_in_use) {
1828 int k;
1829
1830 for (k = 0; k < schp->k_use_sg && schp->pages[k]; k++) {
1831 SCSI_LOG_TIMEOUT(5, printk(
1832 "sg_remove_scat: k=%d, pg=0x%p\n",
1833 k, schp->pages[k]));
1834 __free_pages(schp->pages[k], schp->page_order);
1835 }
1836
1837 kfree(schp->pages);
1838 }
1839 }
1840 memset(schp, 0, sizeof (*schp));
1841}
1842
1843static int
1844sg_read_oxfer(Sg_request * srp, char __user *outp, int num_read_xfer)
1845{
1846 Sg_scatter_hold *schp = &srp->data;
1847 int k, num;
1848
1849 SCSI_LOG_TIMEOUT(4, printk("sg_read_oxfer: num_read_xfer=%d\n",
1850 num_read_xfer));
1851 if ((!outp) || (num_read_xfer <= 0))
1852 return 0;
1853
1854 num = 1 << (PAGE_SHIFT + schp->page_order);
1855 for (k = 0; k < schp->k_use_sg && schp->pages[k]; k++) {
1856 if (num > num_read_xfer) {
1857 if (__copy_to_user(outp, page_address(schp->pages[k]),
1858 num_read_xfer))
1859 return -EFAULT;
1860 break;
1861 } else {
1862 if (__copy_to_user(outp, page_address(schp->pages[k]),
1863 num))
1864 return -EFAULT;
1865 num_read_xfer -= num;
1866 if (num_read_xfer <= 0)
1867 break;
1868 outp += num;
1869 }
1870 }
1871
1872 return 0;
1873}
1874
1875static void
1876sg_build_reserve(Sg_fd * sfp, int req_size)
1877{
1878 Sg_scatter_hold *schp = &sfp->reserve;
1879
1880 SCSI_LOG_TIMEOUT(4, printk("sg_build_reserve: req_size=%d\n", req_size));
1881 do {
1882 if (req_size < PAGE_SIZE)
1883 req_size = PAGE_SIZE;
1884 if (0 == sg_build_indirect(schp, sfp, req_size))
1885 return;
1886 else
1887 sg_remove_scat(schp);
1888 req_size >>= 1;
1889 } while (req_size > (PAGE_SIZE / 2));
1890}
1891
1892static void
1893sg_link_reserve(Sg_fd * sfp, Sg_request * srp, int size)
1894{
1895 Sg_scatter_hold *req_schp = &srp->data;
1896 Sg_scatter_hold *rsv_schp = &sfp->reserve;
1897 int k, num, rem;
1898
1899 srp->res_used = 1;
1900 SCSI_LOG_TIMEOUT(4, printk("sg_link_reserve: size=%d\n", size));
1901 rem = size;
1902
1903 num = 1 << (PAGE_SHIFT + rsv_schp->page_order);
1904 for (k = 0; k < rsv_schp->k_use_sg; k++) {
1905 if (rem <= num) {
1906 req_schp->k_use_sg = k + 1;
1907 req_schp->sglist_len = rsv_schp->sglist_len;
1908 req_schp->pages = rsv_schp->pages;
1909
1910 req_schp->bufflen = size;
1911 req_schp->page_order = rsv_schp->page_order;
1912 break;
1913 } else
1914 rem -= num;
1915 }
1916
1917 if (k >= rsv_schp->k_use_sg)
1918 SCSI_LOG_TIMEOUT(1, printk("sg_link_reserve: BAD size\n"));
1919}
1920
1921static void
1922sg_unlink_reserve(Sg_fd * sfp, Sg_request * srp)
1923{
1924 Sg_scatter_hold *req_schp = &srp->data;
1925
1926 SCSI_LOG_TIMEOUT(4, printk("sg_unlink_reserve: req->k_use_sg=%d\n",
1927 (int) req_schp->k_use_sg));
1928 req_schp->k_use_sg = 0;
1929 req_schp->bufflen = 0;
1930 req_schp->pages = NULL;
1931 req_schp->page_order = 0;
1932 req_schp->sglist_len = 0;
1933 sfp->save_scat_len = 0;
1934 srp->res_used = 0;
1935}
1936
1937static Sg_request *
1938sg_get_rq_mark(Sg_fd * sfp, int pack_id)
1939{
1940 Sg_request *resp;
1941 unsigned long iflags;
1942
1943 write_lock_irqsave(&sfp->rq_list_lock, iflags);
1944 for (resp = sfp->headrp; resp; resp = resp->nextrp) {
1945
1946 if ((1 == resp->done) && (!resp->sg_io_owned) &&
1947 ((-1 == pack_id) || (resp->header.pack_id == pack_id))) {
1948 resp->done = 2;
1949 break;
1950 }
1951 }
1952 write_unlock_irqrestore(&sfp->rq_list_lock, iflags);
1953 return resp;
1954}
1955
1956
1957static Sg_request *
1958sg_add_request(Sg_fd * sfp)
1959{
1960 int k;
1961 unsigned long iflags;
1962 Sg_request *resp;
1963 Sg_request *rp = sfp->req_arr;
1964
1965 write_lock_irqsave(&sfp->rq_list_lock, iflags);
1966 resp = sfp->headrp;
1967 if (!resp) {
1968 memset(rp, 0, sizeof (Sg_request));
1969 rp->parentfp = sfp;
1970 resp = rp;
1971 sfp->headrp = resp;
1972 } else {
1973 if (0 == sfp->cmd_q)
1974 resp = NULL;
1975 else {
1976 for (k = 0; k < SG_MAX_QUEUE; ++k, ++rp) {
1977 if (!rp->parentfp)
1978 break;
1979 }
1980 if (k < SG_MAX_QUEUE) {
1981 memset(rp, 0, sizeof (Sg_request));
1982 rp->parentfp = sfp;
1983 while (resp->nextrp)
1984 resp = resp->nextrp;
1985 resp->nextrp = rp;
1986 resp = rp;
1987 } else
1988 resp = NULL;
1989 }
1990 }
1991 if (resp) {
1992 resp->nextrp = NULL;
1993 resp->header.duration = jiffies_to_msecs(jiffies);
1994 }
1995 write_unlock_irqrestore(&sfp->rq_list_lock, iflags);
1996 return resp;
1997}
1998
1999
2000static int
2001sg_remove_request(Sg_fd * sfp, Sg_request * srp)
2002{
2003 Sg_request *prev_rp;
2004 Sg_request *rp;
2005 unsigned long iflags;
2006 int res = 0;
2007
2008 if ((!sfp) || (!srp) || (!sfp->headrp))
2009 return res;
2010 write_lock_irqsave(&sfp->rq_list_lock, iflags);
2011 prev_rp = sfp->headrp;
2012 if (srp == prev_rp) {
2013 sfp->headrp = prev_rp->nextrp;
2014 prev_rp->parentfp = NULL;
2015 res = 1;
2016 } else {
2017 while ((rp = prev_rp->nextrp)) {
2018 if (srp == rp) {
2019 prev_rp->nextrp = rp->nextrp;
2020 rp->parentfp = NULL;
2021 res = 1;
2022 break;
2023 }
2024 prev_rp = rp;
2025 }
2026 }
2027 write_unlock_irqrestore(&sfp->rq_list_lock, iflags);
2028 return res;
2029}
2030
2031static Sg_fd *
2032sg_add_sfp(Sg_device * sdp, int dev)
2033{
2034 Sg_fd *sfp;
2035 unsigned long iflags;
2036 int bufflen;
2037
2038 sfp = kzalloc(sizeof(*sfp), GFP_ATOMIC | __GFP_NOWARN);
2039 if (!sfp)
2040 return NULL;
2041
2042 init_waitqueue_head(&sfp->read_wait);
2043 rwlock_init(&sfp->rq_list_lock);
2044
2045 kref_init(&sfp->f_ref);
2046 sfp->timeout = SG_DEFAULT_TIMEOUT;
2047 sfp->timeout_user = SG_DEFAULT_TIMEOUT_USER;
2048 sfp->force_packid = SG_DEF_FORCE_PACK_ID;
2049 sfp->low_dma = (SG_DEF_FORCE_LOW_DMA == 0) ?
2050 sdp->device->host->unchecked_isa_dma : 1;
2051 sfp->cmd_q = SG_DEF_COMMAND_Q;
2052 sfp->keep_orphan = SG_DEF_KEEP_ORPHAN;
2053 sfp->parentdp = sdp;
2054 write_lock_irqsave(&sg_index_lock, iflags);
2055 list_add_tail(&sfp->sfd_siblings, &sdp->sfds);
2056 write_unlock_irqrestore(&sg_index_lock, iflags);
2057 SCSI_LOG_TIMEOUT(3, printk("sg_add_sfp: sfp=0x%p\n", sfp));
2058 if (unlikely(sg_big_buff != def_reserved_size))
2059 sg_big_buff = def_reserved_size;
2060
2061 bufflen = min_t(int, sg_big_buff,
2062 queue_max_sectors(sdp->device->request_queue) * 512);
2063 sg_build_reserve(sfp, bufflen);
2064 SCSI_LOG_TIMEOUT(3, printk("sg_add_sfp: bufflen=%d, k_use_sg=%d\n",
2065 sfp->reserve.bufflen, sfp->reserve.k_use_sg));
2066
2067 kref_get(&sdp->d_ref);
2068 __module_get(THIS_MODULE);
2069 return sfp;
2070}
2071
2072static void sg_remove_sfp_usercontext(struct work_struct *work)
2073{
2074 struct sg_fd *sfp = container_of(work, struct sg_fd, ew.work);
2075 struct sg_device *sdp = sfp->parentdp;
2076
2077
2078 while (sfp->headrp)
2079 sg_finish_rem_req(sfp->headrp);
2080
2081 if (sfp->reserve.bufflen > 0) {
2082 SCSI_LOG_TIMEOUT(6,
2083 printk("sg_remove_sfp: bufflen=%d, k_use_sg=%d\n",
2084 (int) sfp->reserve.bufflen,
2085 (int) sfp->reserve.k_use_sg));
2086 sg_remove_scat(&sfp->reserve);
2087 }
2088
2089 SCSI_LOG_TIMEOUT(6,
2090 printk("sg_remove_sfp: %s, sfp=0x%p\n",
2091 sdp->disk->disk_name,
2092 sfp));
2093 kfree(sfp);
2094
2095 scsi_device_put(sdp->device);
2096 sg_put_dev(sdp);
2097 module_put(THIS_MODULE);
2098}
2099
2100static void sg_remove_sfp(struct kref *kref)
2101{
2102 struct sg_fd *sfp = container_of(kref, struct sg_fd, f_ref);
2103 struct sg_device *sdp = sfp->parentdp;
2104 unsigned long iflags;
2105
2106 write_lock_irqsave(&sg_index_lock, iflags);
2107 list_del(&sfp->sfd_siblings);
2108 write_unlock_irqrestore(&sg_index_lock, iflags);
2109 wake_up_interruptible(&sdp->o_excl_wait);
2110
2111 INIT_WORK(&sfp->ew.work, sg_remove_sfp_usercontext);
2112 schedule_work(&sfp->ew.work);
2113}
2114
2115static int
2116sg_res_in_use(Sg_fd * sfp)
2117{
2118 const Sg_request *srp;
2119 unsigned long iflags;
2120
2121 read_lock_irqsave(&sfp->rq_list_lock, iflags);
2122 for (srp = sfp->headrp; srp; srp = srp->nextrp)
2123 if (srp->res_used)
2124 break;
2125 read_unlock_irqrestore(&sfp->rq_list_lock, iflags);
2126 return srp ? 1 : 0;
2127}
2128
2129#ifdef CONFIG_SCSI_PROC_FS
2130static int
2131sg_idr_max_id(int id, void *p, void *data)
2132{
2133 int *k = data;
2134
2135 if (*k < id)
2136 *k = id;
2137
2138 return 0;
2139}
2140
2141static int
2142sg_last_dev(void)
2143{
2144 int k = -1;
2145 unsigned long iflags;
2146
2147 read_lock_irqsave(&sg_index_lock, iflags);
2148 idr_for_each(&sg_index_idr, sg_idr_max_id, &k);
2149 read_unlock_irqrestore(&sg_index_lock, iflags);
2150 return k + 1;
2151}
2152#endif
2153
2154
2155static Sg_device *sg_lookup_dev(int dev)
2156{
2157 return idr_find(&sg_index_idr, dev);
2158}
2159
2160static Sg_device *sg_get_dev(int dev)
2161{
2162 struct sg_device *sdp;
2163 unsigned long flags;
2164
2165 read_lock_irqsave(&sg_index_lock, flags);
2166 sdp = sg_lookup_dev(dev);
2167 if (!sdp)
2168 sdp = ERR_PTR(-ENXIO);
2169 else if (sdp->detached) {
2170
2171
2172
2173 sdp = ERR_PTR(-ENODEV);
2174 } else
2175 kref_get(&sdp->d_ref);
2176 read_unlock_irqrestore(&sg_index_lock, flags);
2177
2178 return sdp;
2179}
2180
2181static void sg_put_dev(struct sg_device *sdp)
2182{
2183 kref_put(&sdp->d_ref, sg_device_destroy);
2184}
2185
2186#ifdef CONFIG_SCSI_PROC_FS
2187
2188static struct proc_dir_entry *sg_proc_sgp = NULL;
2189
2190static char sg_proc_sg_dirname[] = "scsi/sg";
2191
2192static int sg_proc_seq_show_int(struct seq_file *s, void *v);
2193
2194static int sg_proc_single_open_adio(struct inode *inode, struct file *file);
2195static ssize_t sg_proc_write_adio(struct file *filp, const char __user *buffer,
2196 size_t count, loff_t *off);
2197static const struct file_operations adio_fops = {
2198 .owner = THIS_MODULE,
2199 .open = sg_proc_single_open_adio,
2200 .read = seq_read,
2201 .llseek = seq_lseek,
2202 .write = sg_proc_write_adio,
2203 .release = single_release,
2204};
2205
2206static int sg_proc_single_open_dressz(struct inode *inode, struct file *file);
2207static ssize_t sg_proc_write_dressz(struct file *filp,
2208 const char __user *buffer, size_t count, loff_t *off);
2209static const struct file_operations dressz_fops = {
2210 .owner = THIS_MODULE,
2211 .open = sg_proc_single_open_dressz,
2212 .read = seq_read,
2213 .llseek = seq_lseek,
2214 .write = sg_proc_write_dressz,
2215 .release = single_release,
2216};
2217
2218static int sg_proc_seq_show_version(struct seq_file *s, void *v);
2219static int sg_proc_single_open_version(struct inode *inode, struct file *file);
2220static const struct file_operations version_fops = {
2221 .owner = THIS_MODULE,
2222 .open = sg_proc_single_open_version,
2223 .read = seq_read,
2224 .llseek = seq_lseek,
2225 .release = single_release,
2226};
2227
2228static int sg_proc_seq_show_devhdr(struct seq_file *s, void *v);
2229static int sg_proc_single_open_devhdr(struct inode *inode, struct file *file);
2230static const struct file_operations devhdr_fops = {
2231 .owner = THIS_MODULE,
2232 .open = sg_proc_single_open_devhdr,
2233 .read = seq_read,
2234 .llseek = seq_lseek,
2235 .release = single_release,
2236};
2237
2238static int sg_proc_seq_show_dev(struct seq_file *s, void *v);
2239static int sg_proc_open_dev(struct inode *inode, struct file *file);
2240static void * dev_seq_start(struct seq_file *s, loff_t *pos);
2241static void * dev_seq_next(struct seq_file *s, void *v, loff_t *pos);
2242static void dev_seq_stop(struct seq_file *s, void *v);
2243static const struct file_operations dev_fops = {
2244 .owner = THIS_MODULE,
2245 .open = sg_proc_open_dev,
2246 .read = seq_read,
2247 .llseek = seq_lseek,
2248 .release = seq_release,
2249};
2250static const struct seq_operations dev_seq_ops = {
2251 .start = dev_seq_start,
2252 .next = dev_seq_next,
2253 .stop = dev_seq_stop,
2254 .show = sg_proc_seq_show_dev,
2255};
2256
2257static int sg_proc_seq_show_devstrs(struct seq_file *s, void *v);
2258static int sg_proc_open_devstrs(struct inode *inode, struct file *file);
2259static const struct file_operations devstrs_fops = {
2260 .owner = THIS_MODULE,
2261 .open = sg_proc_open_devstrs,
2262 .read = seq_read,
2263 .llseek = seq_lseek,
2264 .release = seq_release,
2265};
2266static const struct seq_operations devstrs_seq_ops = {
2267 .start = dev_seq_start,
2268 .next = dev_seq_next,
2269 .stop = dev_seq_stop,
2270 .show = sg_proc_seq_show_devstrs,
2271};
2272
2273static int sg_proc_seq_show_debug(struct seq_file *s, void *v);
2274static int sg_proc_open_debug(struct inode *inode, struct file *file);
2275static const struct file_operations debug_fops = {
2276 .owner = THIS_MODULE,
2277 .open = sg_proc_open_debug,
2278 .read = seq_read,
2279 .llseek = seq_lseek,
2280 .release = seq_release,
2281};
2282static const struct seq_operations debug_seq_ops = {
2283 .start = dev_seq_start,
2284 .next = dev_seq_next,
2285 .stop = dev_seq_stop,
2286 .show = sg_proc_seq_show_debug,
2287};
2288
2289
2290struct sg_proc_leaf {
2291 const char * name;
2292 const struct file_operations * fops;
2293};
2294
2295static struct sg_proc_leaf sg_proc_leaf_arr[] = {
2296 {"allow_dio", &adio_fops},
2297 {"debug", &debug_fops},
2298 {"def_reserved_size", &dressz_fops},
2299 {"device_hdr", &devhdr_fops},
2300 {"devices", &dev_fops},
2301 {"device_strs", &devstrs_fops},
2302 {"version", &version_fops}
2303};
2304
2305static int
2306sg_proc_init(void)
2307{
2308 int k, mask;
2309 int num_leaves = ARRAY_SIZE(sg_proc_leaf_arr);
2310 struct sg_proc_leaf * leaf;
2311
2312 sg_proc_sgp = proc_mkdir(sg_proc_sg_dirname, NULL);
2313 if (!sg_proc_sgp)
2314 return 1;
2315 for (k = 0; k < num_leaves; ++k) {
2316 leaf = &sg_proc_leaf_arr[k];
2317 mask = leaf->fops->write ? S_IRUGO | S_IWUSR : S_IRUGO;
2318 proc_create(leaf->name, mask, sg_proc_sgp, leaf->fops);
2319 }
2320 return 0;
2321}
2322
2323static void
2324sg_proc_cleanup(void)
2325{
2326 int k;
2327 int num_leaves = ARRAY_SIZE(sg_proc_leaf_arr);
2328
2329 if (!sg_proc_sgp)
2330 return;
2331 for (k = 0; k < num_leaves; ++k)
2332 remove_proc_entry(sg_proc_leaf_arr[k].name, sg_proc_sgp);
2333 remove_proc_entry(sg_proc_sg_dirname, NULL);
2334}
2335
2336
2337static int sg_proc_seq_show_int(struct seq_file *s, void *v)
2338{
2339 seq_printf(s, "%d\n", *((int *)s->private));
2340 return 0;
2341}
2342
2343static int sg_proc_single_open_adio(struct inode *inode, struct file *file)
2344{
2345 return single_open(file, sg_proc_seq_show_int, &sg_allow_dio);
2346}
2347
2348static ssize_t
2349sg_proc_write_adio(struct file *filp, const char __user *buffer,
2350 size_t count, loff_t *off)
2351{
2352 int num;
2353 char buff[11];
2354
2355 if (!capable(CAP_SYS_ADMIN) || !capable(CAP_SYS_RAWIO))
2356 return -EACCES;
2357 num = (count < 10) ? count : 10;
2358 if (copy_from_user(buff, buffer, num))
2359 return -EFAULT;
2360 buff[num] = '\0';
2361 sg_allow_dio = simple_strtoul(buff, NULL, 10) ? 1 : 0;
2362 return count;
2363}
2364
2365static int sg_proc_single_open_dressz(struct inode *inode, struct file *file)
2366{
2367 return single_open(file, sg_proc_seq_show_int, &sg_big_buff);
2368}
2369
2370static ssize_t
2371sg_proc_write_dressz(struct file *filp, const char __user *buffer,
2372 size_t count, loff_t *off)
2373{
2374 int num;
2375 unsigned long k = ULONG_MAX;
2376 char buff[11];
2377
2378 if (!capable(CAP_SYS_ADMIN) || !capable(CAP_SYS_RAWIO))
2379 return -EACCES;
2380 num = (count < 10) ? count : 10;
2381 if (copy_from_user(buff, buffer, num))
2382 return -EFAULT;
2383 buff[num] = '\0';
2384 k = simple_strtoul(buff, NULL, 10);
2385 if (k <= 1048576) {
2386 sg_big_buff = k;
2387 return count;
2388 }
2389 return -ERANGE;
2390}
2391
2392static int sg_proc_seq_show_version(struct seq_file *s, void *v)
2393{
2394 seq_printf(s, "%d\t%s [%s]\n", sg_version_num, SG_VERSION_STR,
2395 sg_version_date);
2396 return 0;
2397}
2398
2399static int sg_proc_single_open_version(struct inode *inode, struct file *file)
2400{
2401 return single_open(file, sg_proc_seq_show_version, NULL);
2402}
2403
2404static int sg_proc_seq_show_devhdr(struct seq_file *s, void *v)
2405{
2406 seq_printf(s, "host\tchan\tid\tlun\ttype\topens\tqdepth\tbusy\t"
2407 "online\n");
2408 return 0;
2409}
2410
2411static int sg_proc_single_open_devhdr(struct inode *inode, struct file *file)
2412{
2413 return single_open(file, sg_proc_seq_show_devhdr, NULL);
2414}
2415
2416struct sg_proc_deviter {
2417 loff_t index;
2418 size_t max;
2419};
2420
2421static void * dev_seq_start(struct seq_file *s, loff_t *pos)
2422{
2423 struct sg_proc_deviter * it = kmalloc(sizeof(*it), GFP_KERNEL);
2424
2425 s->private = it;
2426 if (! it)
2427 return NULL;
2428
2429 it->index = *pos;
2430 it->max = sg_last_dev();
2431 if (it->index >= it->max)
2432 return NULL;
2433 return it;
2434}
2435
2436static void * dev_seq_next(struct seq_file *s, void *v, loff_t *pos)
2437{
2438 struct sg_proc_deviter * it = s->private;
2439
2440 *pos = ++it->index;
2441 return (it->index < it->max) ? it : NULL;
2442}
2443
2444static void dev_seq_stop(struct seq_file *s, void *v)
2445{
2446 kfree(s->private);
2447}
2448
2449static int sg_proc_open_dev(struct inode *inode, struct file *file)
2450{
2451 return seq_open(file, &dev_seq_ops);
2452}
2453
2454static int sg_proc_seq_show_dev(struct seq_file *s, void *v)
2455{
2456 struct sg_proc_deviter * it = (struct sg_proc_deviter *) v;
2457 Sg_device *sdp;
2458 struct scsi_device *scsidp;
2459 unsigned long iflags;
2460
2461 read_lock_irqsave(&sg_index_lock, iflags);
2462 sdp = it ? sg_lookup_dev(it->index) : NULL;
2463 if (sdp && (scsidp = sdp->device) && (!sdp->detached))
2464 seq_printf(s, "%d\t%d\t%d\t%d\t%d\t%d\t%d\t%d\t%d\n",
2465 scsidp->host->host_no, scsidp->channel,
2466 scsidp->id, scsidp->lun, (int) scsidp->type,
2467 1,
2468 (int) scsidp->queue_depth,
2469 (int) scsidp->device_busy,
2470 (int) scsi_device_online(scsidp));
2471 else
2472 seq_printf(s, "-1\t-1\t-1\t-1\t-1\t-1\t-1\t-1\t-1\n");
2473 read_unlock_irqrestore(&sg_index_lock, iflags);
2474 return 0;
2475}
2476
2477static int sg_proc_open_devstrs(struct inode *inode, struct file *file)
2478{
2479 return seq_open(file, &devstrs_seq_ops);
2480}
2481
2482static int sg_proc_seq_show_devstrs(struct seq_file *s, void *v)
2483{
2484 struct sg_proc_deviter * it = (struct sg_proc_deviter *) v;
2485 Sg_device *sdp;
2486 struct scsi_device *scsidp;
2487 unsigned long iflags;
2488
2489 read_lock_irqsave(&sg_index_lock, iflags);
2490 sdp = it ? sg_lookup_dev(it->index) : NULL;
2491 if (sdp && (scsidp = sdp->device) && (!sdp->detached))
2492 seq_printf(s, "%8.8s\t%16.16s\t%4.4s\n",
2493 scsidp->vendor, scsidp->model, scsidp->rev);
2494 else
2495 seq_printf(s, "<no active device>\n");
2496 read_unlock_irqrestore(&sg_index_lock, iflags);
2497 return 0;
2498}
2499
2500
2501static void sg_proc_debug_helper(struct seq_file *s, Sg_device * sdp)
2502{
2503 int k, m, new_interface, blen, usg;
2504 Sg_request *srp;
2505 Sg_fd *fp;
2506 const sg_io_hdr_t *hp;
2507 const char * cp;
2508 unsigned int ms;
2509
2510 k = 0;
2511 list_for_each_entry(fp, &sdp->sfds, sfd_siblings) {
2512 k++;
2513 read_lock(&fp->rq_list_lock);
2514 seq_printf(s, " FD(%d): timeout=%dms bufflen=%d "
2515 "(res)sgat=%d low_dma=%d\n", k,
2516 jiffies_to_msecs(fp->timeout),
2517 fp->reserve.bufflen,
2518 (int) fp->reserve.k_use_sg,
2519 (int) fp->low_dma);
2520 seq_printf(s, " cmd_q=%d f_packid=%d k_orphan=%d closed=%d\n",
2521 (int) fp->cmd_q, (int) fp->force_packid,
2522 (int) fp->keep_orphan, (int) fp->closed);
2523 for (m = 0, srp = fp->headrp;
2524 srp != NULL;
2525 ++m, srp = srp->nextrp) {
2526 hp = &srp->header;
2527 new_interface = (hp->interface_id == '\0') ? 0 : 1;
2528 if (srp->res_used) {
2529 if (new_interface &&
2530 (SG_FLAG_MMAP_IO & hp->flags))
2531 cp = " mmap>> ";
2532 else
2533 cp = " rb>> ";
2534 } else {
2535 if (SG_INFO_DIRECT_IO_MASK & hp->info)
2536 cp = " dio>> ";
2537 else
2538 cp = " ";
2539 }
2540 seq_printf(s, cp);
2541 blen = srp->data.bufflen;
2542 usg = srp->data.k_use_sg;
2543 seq_printf(s, srp->done ?
2544 ((1 == srp->done) ? "rcv:" : "fin:")
2545 : "act:");
2546 seq_printf(s, " id=%d blen=%d",
2547 srp->header.pack_id, blen);
2548 if (srp->done)
2549 seq_printf(s, " dur=%d", hp->duration);
2550 else {
2551 ms = jiffies_to_msecs(jiffies);
2552 seq_printf(s, " t_o/elap=%d/%d",
2553 (new_interface ? hp->timeout :
2554 jiffies_to_msecs(fp->timeout)),
2555 (ms > hp->duration ? ms - hp->duration : 0));
2556 }
2557 seq_printf(s, "ms sgat=%d op=0x%02x\n", usg,
2558 (int) srp->data.cmd_opcode);
2559 }
2560 if (0 == m)
2561 seq_printf(s, " No requests active\n");
2562 read_unlock(&fp->rq_list_lock);
2563 }
2564}
2565
2566static int sg_proc_open_debug(struct inode *inode, struct file *file)
2567{
2568 return seq_open(file, &debug_seq_ops);
2569}
2570
2571static int sg_proc_seq_show_debug(struct seq_file *s, void *v)
2572{
2573 struct sg_proc_deviter * it = (struct sg_proc_deviter *) v;
2574 Sg_device *sdp;
2575 unsigned long iflags;
2576
2577 if (it && (0 == it->index)) {
2578 seq_printf(s, "max_active_device=%d(origin 1)\n",
2579 (int)it->max);
2580 seq_printf(s, " def_reserved_size=%d\n", sg_big_buff);
2581 }
2582
2583 read_lock_irqsave(&sg_index_lock, iflags);
2584 sdp = it ? sg_lookup_dev(it->index) : NULL;
2585 if (sdp && !list_empty(&sdp->sfds)) {
2586 struct scsi_device *scsidp = sdp->device;
2587
2588 seq_printf(s, " >>> device=%s ", sdp->disk->disk_name);
2589 if (sdp->detached)
2590 seq_printf(s, "detached pending close ");
2591 else
2592 seq_printf
2593 (s, "scsi%d chan=%d id=%d lun=%d em=%d",
2594 scsidp->host->host_no,
2595 scsidp->channel, scsidp->id,
2596 scsidp->lun,
2597 scsidp->host->hostt->emulated);
2598 seq_printf(s, " sg_tablesize=%d excl=%d\n",
2599 sdp->sg_tablesize, sdp->exclude);
2600 sg_proc_debug_helper(s, sdp);
2601 }
2602 read_unlock_irqrestore(&sg_index_lock, iflags);
2603 return 0;
2604}
2605
2606#endif
2607
2608module_init(init_sg);
2609module_exit(exit_sg);
2610
