Linux Kernel  3.7.1
 All Data Structures Namespaces Files Functions Variables Typedefs Enumerations Enumerator Macros Groups Pages
commctrl.c
Go to the documentation of this file.
1 /*
2  * Adaptec AAC series RAID controller driver
3  * (c) Copyright 2001 Red Hat Inc.
4  *
5  * based on the old aacraid driver that is..
6  * Adaptec aacraid device driver for Linux.
7  *
8  * Copyright (c) 2000-2010 Adaptec, Inc.
9  * 2010 PMC-Sierra, Inc. ([email protected])
10  *
11  * This program is free software; you can redistribute it and/or modify
12  * it under the terms of the GNU General Public License as published by
13  * the Free Software Foundation; either version 2, or (at your option)
14  * any later version.
15  *
16  * This program is distributed in the hope that it will be useful,
17  * but WITHOUT ANY WARRANTY; without even the implied warranty of
18  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
19  * GNU General Public License for more details.
20  *
21  * You should have received a copy of the GNU General Public License
22  * along with this program; see the file COPYING. If not, write to
23  * the Free Software Foundation, 675 Mass Ave, Cambridge, MA 02139, USA.
24  *
25  * Module Name:
26  * commctrl.c
27  *
28  * Abstract: Contains all routines for control of the AFA comm layer
29  *
30  */
31 
32 #include <linux/kernel.h>
33 #include <linux/init.h>
34 #include <linux/types.h>
35 #include <linux/pci.h>
36 #include <linux/spinlock.h>
37 #include <linux/slab.h>
38 #include <linux/completion.h>
39 #include <linux/dma-mapping.h>
40 #include <linux/blkdev.h>
41 #include <linux/delay.h> /* ssleep prototype */
42 #include <linux/kthread.h>
43 #include <linux/semaphore.h>
44 #include <asm/uaccess.h>
45 #include <scsi/scsi_host.h>
46 
47 #include "aacraid.h"
48 
57 # define AAC_DEBUG_PREAMBLE KERN_INFO
58 # define AAC_DEBUG_POSTAMBLE
59 
60 static int ioctl_send_fib(struct aac_dev * dev, void __user *arg)
61 {
62  struct hw_fib * kfib;
63  struct fib *fibptr;
64  struct hw_fib * hw_fib = (struct hw_fib *)0;
65  dma_addr_t hw_fib_pa = (dma_addr_t)0LL;
66  unsigned size;
67  int retval;
68 
69  if (dev->in_reset) {
70  return -EBUSY;
71  }
72  fibptr = aac_fib_alloc(dev);
73  if(fibptr == NULL) {
74  return -ENOMEM;
75  }
76 
77  kfib = fibptr->hw_fib_va;
78  /*
79  * First copy in the header so that we can check the size field.
80  */
81  if (copy_from_user((void *)kfib, arg, sizeof(struct aac_fibhdr))) {
82  aac_fib_free(fibptr);
83  return -EFAULT;
84  }
85  /*
86  * Since we copy based on the fib header size, make sure that we
87  * will not overrun the buffer when we copy the memory. Return
88  * an error if we would.
89  */
90  size = le16_to_cpu(kfib->header.Size) + sizeof(struct aac_fibhdr);
91  if (size < le16_to_cpu(kfib->header.SenderSize))
92  size = le16_to_cpu(kfib->header.SenderSize);
93  if (size > dev->max_fib_size) {
94  dma_addr_t daddr;
95 
96  if (size > 2048) {
97  retval = -EINVAL;
98  goto cleanup;
99  }
100 
101  kfib = pci_alloc_consistent(dev->pdev, size, &daddr);
102  if (!kfib) {
103  retval = -ENOMEM;
104  goto cleanup;
105  }
106 
107  /* Highjack the hw_fib */
108  hw_fib = fibptr->hw_fib_va;
109  hw_fib_pa = fibptr->hw_fib_pa;
110  fibptr->hw_fib_va = kfib;
111  fibptr->hw_fib_pa = daddr;
112  memset(((char *)kfib) + dev->max_fib_size, 0, size - dev->max_fib_size);
113  memcpy(kfib, hw_fib, dev->max_fib_size);
114  }
115 
116  if (copy_from_user(kfib, arg, size)) {
117  retval = -EFAULT;
118  goto cleanup;
119  }
120 
121  if (kfib->header.Command == cpu_to_le16(TakeABreakPt)) {
122  aac_adapter_interrupt(dev);
123  /*
124  * Since we didn't really send a fib, zero out the state to allow
125  * cleanup code not to assert.
126  */
127  kfib->header.XferState = 0;
128  } else {
129  retval = aac_fib_send(le16_to_cpu(kfib->header.Command), fibptr,
130  le16_to_cpu(kfib->header.Size) , FsaNormal,
131  1, 1, NULL, NULL);
132  if (retval) {
133  goto cleanup;
134  }
135  if (aac_fib_complete(fibptr) != 0) {
136  retval = -EINVAL;
137  goto cleanup;
138  }
139  }
140  /*
141  * Make sure that the size returned by the adapter (which includes
142  * the header) is less than or equal to the size of a fib, so we
143  * don't corrupt application data. Then copy that size to the user
144  * buffer. (Don't try to add the header information again, since it
145  * was already included by the adapter.)
146  */
147 
148  retval = 0;
149  if (copy_to_user(arg, (void *)kfib, size))
150  retval = -EFAULT;
151 cleanup:
152  if (hw_fib) {
153  pci_free_consistent(dev->pdev, size, kfib, fibptr->hw_fib_pa);
154  fibptr->hw_fib_pa = hw_fib_pa;
155  fibptr->hw_fib_va = hw_fib;
156  }
157  if (retval != -ERESTARTSYS)
158  aac_fib_free(fibptr);
159  return retval;
160 }
161 
169 static int open_getadapter_fib(struct aac_dev * dev, void __user *arg)
170 {
171  struct aac_fib_context * fibctx;
172  int status;
173 
174  fibctx = kmalloc(sizeof(struct aac_fib_context), GFP_KERNEL);
175  if (fibctx == NULL) {
176  status = -ENOMEM;
177  } else {
178  unsigned long flags;
179  struct list_head * entry;
180  struct aac_fib_context * context;
181 
182  fibctx->type = FSAFS_NTC_GET_ADAPTER_FIB_CONTEXT;
183  fibctx->size = sizeof(struct aac_fib_context);
184  /*
185  * Yes yes, I know this could be an index, but we have a
186  * better guarantee of uniqueness for the locked loop below.
187  * Without the aid of a persistent history, this also helps
188  * reduce the chance that the opaque context would be reused.
189  */
190  fibctx->unique = (u32)((ulong)fibctx & 0xFFFFFFFF);
191  /*
192  * Initialize the mutex used to wait for the next AIF.
193  */
194  sema_init(&fibctx->wait_sem, 0);
195  fibctx->wait = 0;
196  /*
197  * Initialize the fibs and set the count of fibs on
198  * the list to 0.
199  */
200  fibctx->count = 0;
201  INIT_LIST_HEAD(&fibctx->fib_list);
202  fibctx->jiffies = jiffies/HZ;
203  /*
204  * Now add this context onto the adapter's
205  * AdapterFibContext list.
206  */
207  spin_lock_irqsave(&dev->fib_lock, flags);
208  /* Ensure that we have a unique identifier */
209  entry = dev->fib_list.next;
210  while (entry != &dev->fib_list) {
211  context = list_entry(entry, struct aac_fib_context, next);
212  if (context->unique == fibctx->unique) {
213  /* Not unique (32 bits) */
214  fibctx->unique++;
215  entry = dev->fib_list.next;
216  } else {
217  entry = entry->next;
218  }
219  }
220  list_add_tail(&fibctx->next, &dev->fib_list);
221  spin_unlock_irqrestore(&dev->fib_lock, flags);
222  if (copy_to_user(arg, &fibctx->unique,
223  sizeof(fibctx->unique))) {
224  status = -EFAULT;
225  } else {
226  status = 0;
227  }
228  }
229  return status;
230 }
231 
241 static int next_getadapter_fib(struct aac_dev * dev, void __user *arg)
242 {
243  struct fib_ioctl f;
244  struct fib *fib;
245  struct aac_fib_context *fibctx;
246  int status;
247  struct list_head * entry;
248  unsigned long flags;
249 
250  if(copy_from_user((void *)&f, arg, sizeof(struct fib_ioctl)))
251  return -EFAULT;
252  /*
253  * Verify that the HANDLE passed in was a valid AdapterFibContext
254  *
255  * Search the list of AdapterFibContext addresses on the adapter
256  * to be sure this is a valid address
257  */
258  spin_lock_irqsave(&dev->fib_lock, flags);
259  entry = dev->fib_list.next;
260  fibctx = NULL;
261 
262  while (entry != &dev->fib_list) {
263  fibctx = list_entry(entry, struct aac_fib_context, next);
264  /*
265  * Extract the AdapterFibContext from the Input parameters.
266  */
267  if (fibctx->unique == f.fibctx) { /* We found a winner */
268  break;
269  }
270  entry = entry->next;
271  fibctx = NULL;
272  }
273  if (!fibctx) {
274  spin_unlock_irqrestore(&dev->fib_lock, flags);
275  dprintk ((KERN_INFO "Fib Context not found\n"));
276  return -EINVAL;
277  }
278 
279  if((fibctx->type != FSAFS_NTC_GET_ADAPTER_FIB_CONTEXT) ||
280  (fibctx->size != sizeof(struct aac_fib_context))) {
281  spin_unlock_irqrestore(&dev->fib_lock, flags);
282  dprintk ((KERN_INFO "Fib Context corrupt?\n"));
283  return -EINVAL;
284  }
285  status = 0;
286  /*
287  * If there are no fibs to send back, then either wait or return
288  * -EAGAIN
289  */
290 return_fib:
291  if (!list_empty(&fibctx->fib_list)) {
292  /*
293  * Pull the next fib from the fibs
294  */
295  entry = fibctx->fib_list.next;
296  list_del(entry);
297 
298  fib = list_entry(entry, struct fib, fiblink);
299  fibctx->count--;
300  spin_unlock_irqrestore(&dev->fib_lock, flags);
301  if (copy_to_user(f.fib, fib->hw_fib_va, sizeof(struct hw_fib))) {
302  kfree(fib->hw_fib_va);
303  kfree(fib);
304  return -EFAULT;
305  }
306  /*
307  * Free the space occupied by this copy of the fib.
308  */
309  kfree(fib->hw_fib_va);
310  kfree(fib);
311  status = 0;
312  } else {
313  spin_unlock_irqrestore(&dev->fib_lock, flags);
314  /* If someone killed the AIF aacraid thread, restart it */
315  status = !dev->aif_thread;
316  if (status && !dev->in_reset && dev->queues && dev->fsa_dev) {
317  /* Be paranoid, be very paranoid! */
318  kthread_stop(dev->thread);
319  ssleep(1);
320  dev->aif_thread = 0;
321  dev->thread = kthread_run(aac_command_thread, dev, dev->name);
322  ssleep(1);
323  }
324  if (f.wait) {
325  if(down_interruptible(&fibctx->wait_sem) < 0) {
326  status = -ERESTARTSYS;
327  } else {
328  /* Lock again and retry */
329  spin_lock_irqsave(&dev->fib_lock, flags);
330  goto return_fib;
331  }
332  } else {
333  status = -EAGAIN;
334  }
335  }
336  fibctx->jiffies = jiffies/HZ;
337  return status;
338 }
339 
340 int aac_close_fib_context(struct aac_dev * dev, struct aac_fib_context * fibctx)
341 {
342  struct fib *fib;
343 
344  /*
345  * First free any FIBs that have not been consumed.
346  */
347  while (!list_empty(&fibctx->fib_list)) {
348  struct list_head * entry;
349  /*
350  * Pull the next fib from the fibs
351  */
352  entry = fibctx->fib_list.next;
353  list_del(entry);
354  fib = list_entry(entry, struct fib, fiblink);
355  fibctx->count--;
356  /*
357  * Free the space occupied by this copy of the fib.
358  */
359  kfree(fib->hw_fib_va);
360  kfree(fib);
361  }
362  /*
363  * Remove the Context from the AdapterFibContext List
364  */
365  list_del(&fibctx->next);
366  /*
367  * Invalidate context
368  */
369  fibctx->type = 0;
370  /*
371  * Free the space occupied by the Context
372  */
373  kfree(fibctx);
374  return 0;
375 }
376 
385 static int close_getadapter_fib(struct aac_dev * dev, void __user *arg)
386 {
387  struct aac_fib_context *fibctx;
388  int status;
389  unsigned long flags;
390  struct list_head * entry;
391 
392  /*
393  * Verify that the HANDLE passed in was a valid AdapterFibContext
394  *
395  * Search the list of AdapterFibContext addresses on the adapter
396  * to be sure this is a valid address
397  */
398 
399  entry = dev->fib_list.next;
400  fibctx = NULL;
401 
402  while(entry != &dev->fib_list) {
403  fibctx = list_entry(entry, struct aac_fib_context, next);
404  /*
405  * Extract the fibctx from the input parameters
406  */
407  if (fibctx->unique == (u32)(uintptr_t)arg) /* We found a winner */
408  break;
409  entry = entry->next;
410  fibctx = NULL;
411  }
412 
413  if (!fibctx)
414  return 0; /* Already gone */
415 
416  if((fibctx->type != FSAFS_NTC_GET_ADAPTER_FIB_CONTEXT) ||
417  (fibctx->size != sizeof(struct aac_fib_context)))
418  return -EINVAL;
419  spin_lock_irqsave(&dev->fib_lock, flags);
420  status = aac_close_fib_context(dev, fibctx);
421  spin_unlock_irqrestore(&dev->fib_lock, flags);
422  return status;
423 }
424 
435 static int check_revision(struct aac_dev *dev, void __user *arg)
436 {
437  struct revision response;
438  char *driver_version = aac_driver_version;
439  u32 version;
440 
441  response.compat = 1;
442  version = (simple_strtol(driver_version,
443  &driver_version, 10) << 24) | 0x00000400;
444  version += simple_strtol(driver_version + 1, &driver_version, 10) << 16;
445  version += simple_strtol(driver_version + 1, NULL, 10);
446  response.version = cpu_to_le32(version);
447 # ifdef AAC_DRIVER_BUILD
448  response.build = cpu_to_le32(AAC_DRIVER_BUILD);
449 # else
450  response.build = cpu_to_le32(9999);
451 # endif
452 
453  if (copy_to_user(arg, &response, sizeof(response)))
454  return -EFAULT;
455  return 0;
456 }
457 
458 
465 static int aac_send_raw_srb(struct aac_dev* dev, void __user * arg)
466 {
467  struct fib* srbfib;
468  int status;
469  struct aac_srb *srbcmd = NULL;
470  struct user_aac_srb *user_srbcmd = NULL;
471  struct user_aac_srb __user *user_srb = arg;
472  struct aac_srb_reply __user *user_reply;
473  struct aac_srb_reply* reply;
474  u32 fibsize = 0;
475  u32 flags = 0;
476  s32 rcode = 0;
477  u32 data_dir;
478  void __user *sg_user[32];
479  void *sg_list[32];
480  u32 sg_indx = 0;
481  u32 byte_count = 0;
482  u32 actual_fibsize64, actual_fibsize = 0;
483  int i;
484 
485 
486  if (dev->in_reset) {
487  dprintk((KERN_DEBUG"aacraid: send raw srb -EBUSY\n"));
488  return -EBUSY;
489  }
490  if (!capable(CAP_SYS_ADMIN)){
491  dprintk((KERN_DEBUG"aacraid: No permission to send raw srb\n"));
492  return -EPERM;
493  }
494  /*
495  * Allocate and initialize a Fib then setup a SRB command
496  */
497  if (!(srbfib = aac_fib_alloc(dev))) {
498  return -ENOMEM;
499  }
500  aac_fib_init(srbfib);
501  /* raw_srb FIB is not FastResponseCapable */
502  srbfib->hw_fib_va->header.XferState &= ~cpu_to_le32(FastResponseCapable);
503 
504  srbcmd = (struct aac_srb*) fib_data(srbfib);
505 
506  memset(sg_list, 0, sizeof(sg_list)); /* cleanup may take issue */
507  if(copy_from_user(&fibsize, &user_srb->count,sizeof(u32))){
508  dprintk((KERN_DEBUG"aacraid: Could not copy data size from user\n"));
509  rcode = -EFAULT;
510  goto cleanup;
511  }
512 
513  if (fibsize > (dev->max_fib_size - sizeof(struct aac_fibhdr))) {
514  rcode = -EINVAL;
515  goto cleanup;
516  }
517 
518  user_srbcmd = kmalloc(fibsize, GFP_KERNEL);
519  if (!user_srbcmd) {
520  dprintk((KERN_DEBUG"aacraid: Could not make a copy of the srb\n"));
521  rcode = -ENOMEM;
522  goto cleanup;
523  }
524  if(copy_from_user(user_srbcmd, user_srb,fibsize)){
525  dprintk((KERN_DEBUG"aacraid: Could not copy srb from user\n"));
526  rcode = -EFAULT;
527  goto cleanup;
528  }
529 
530  user_reply = arg+fibsize;
531 
532  flags = user_srbcmd->flags; /* from user in cpu order */
533  // Fix up srb for endian and force some values
534 
535  srbcmd->function = cpu_to_le32(SRBF_ExecuteScsi); // Force this
536  srbcmd->channel = cpu_to_le32(user_srbcmd->channel);
537  srbcmd->id = cpu_to_le32(user_srbcmd->id);
538  srbcmd->lun = cpu_to_le32(user_srbcmd->lun);
539  srbcmd->timeout = cpu_to_le32(user_srbcmd->timeout);
540  srbcmd->flags = cpu_to_le32(flags);
541  srbcmd->retry_limit = 0; // Obsolete parameter
542  srbcmd->cdb_size = cpu_to_le32(user_srbcmd->cdb_size);
543  memcpy(srbcmd->cdb, user_srbcmd->cdb, sizeof(srbcmd->cdb));
544 
545  switch (flags & (SRB_DataIn | SRB_DataOut)) {
546  case SRB_DataOut:
547  data_dir = DMA_TO_DEVICE;
548  break;
549  case (SRB_DataIn | SRB_DataOut):
550  data_dir = DMA_BIDIRECTIONAL;
551  break;
552  case SRB_DataIn:
553  data_dir = DMA_FROM_DEVICE;
554  break;
555  default:
556  data_dir = DMA_NONE;
557  }
558  if (user_srbcmd->sg.count > ARRAY_SIZE(sg_list)) {
559  dprintk((KERN_DEBUG"aacraid: too many sg entries %d\n",
560  le32_to_cpu(srbcmd->sg.count)));
561  rcode = -EINVAL;
562  goto cleanup;
563  }
564  actual_fibsize = sizeof(struct aac_srb) - sizeof(struct sgentry) +
565  ((user_srbcmd->sg.count & 0xff) * sizeof(struct sgentry));
566  actual_fibsize64 = actual_fibsize + (user_srbcmd->sg.count & 0xff) *
567  (sizeof(struct sgentry64) - sizeof(struct sgentry));
568  /* User made a mistake - should not continue */
569  if ((actual_fibsize != fibsize) && (actual_fibsize64 != fibsize)) {
570  dprintk((KERN_DEBUG"aacraid: Bad Size specified in "
571  "Raw SRB command calculated fibsize=%lu;%lu "
572  "user_srbcmd->sg.count=%d aac_srb=%lu sgentry=%lu;%lu "
573  "issued fibsize=%d\n",
574  actual_fibsize, actual_fibsize64, user_srbcmd->sg.count,
575  sizeof(struct aac_srb), sizeof(struct sgentry),
576  sizeof(struct sgentry64), fibsize));
577  rcode = -EINVAL;
578  goto cleanup;
579  }
580  if ((data_dir == DMA_NONE) && user_srbcmd->sg.count) {
581  dprintk((KERN_DEBUG"aacraid: SG with no direction specified in Raw SRB command\n"));
582  rcode = -EINVAL;
583  goto cleanup;
584  }
585  byte_count = 0;
586  if (dev->adapter_info.options & AAC_OPT_SGMAP_HOST64) {
587  struct user_sgmap64* upsg = (struct user_sgmap64*)&user_srbcmd->sg;
588  struct sgmap64* psg = (struct sgmap64*)&srbcmd->sg;
589 
590  /*
591  * This should also catch if user used the 32 bit sgmap
592  */
593  if (actual_fibsize64 == fibsize) {
594  actual_fibsize = actual_fibsize64;
595  for (i = 0; i < upsg->count; i++) {
596  u64 addr;
597  void* p;
598  if (upsg->sg[i].count >
599  ((dev->adapter_info.options &
600  AAC_OPT_NEW_COMM) ?
601  (dev->scsi_host_ptr->max_sectors << 9) :
602  65536)) {
603  rcode = -EINVAL;
604  goto cleanup;
605  }
606  /* Does this really need to be GFP_DMA? */
607  p = kmalloc(upsg->sg[i].count,GFP_KERNEL|__GFP_DMA);
608  if(!p) {
609  dprintk((KERN_DEBUG"aacraid: Could not allocate SG buffer - size = %d buffer number %d of %d\n",
610  upsg->sg[i].count,i,upsg->count));
611  rcode = -ENOMEM;
612  goto cleanup;
613  }
614  addr = (u64)upsg->sg[i].addr[0];
615  addr += ((u64)upsg->sg[i].addr[1]) << 32;
616  sg_user[i] = (void __user *)(uintptr_t)addr;
617  sg_list[i] = p; // save so we can clean up later
618  sg_indx = i;
619 
620  if (flags & SRB_DataOut) {
621  if(copy_from_user(p,sg_user[i],upsg->sg[i].count)){
622  dprintk((KERN_DEBUG"aacraid: Could not copy sg data from user\n"));
623  rcode = -EFAULT;
624  goto cleanup;
625  }
626  }
627  addr = pci_map_single(dev->pdev, p, upsg->sg[i].count, data_dir);
628 
629  psg->sg[i].addr[0] = cpu_to_le32(addr & 0xffffffff);
630  psg->sg[i].addr[1] = cpu_to_le32(addr>>32);
631  byte_count += upsg->sg[i].count;
632  psg->sg[i].count = cpu_to_le32(upsg->sg[i].count);
633  }
634  } else {
635  struct user_sgmap* usg;
636  usg = kmalloc(actual_fibsize - sizeof(struct aac_srb)
637  + sizeof(struct sgmap), GFP_KERNEL);
638  if (!usg) {
639  dprintk((KERN_DEBUG"aacraid: Allocation error in Raw SRB command\n"));
640  rcode = -ENOMEM;
641  goto cleanup;
642  }
643  memcpy (usg, upsg, actual_fibsize - sizeof(struct aac_srb)
644  + sizeof(struct sgmap));
645  actual_fibsize = actual_fibsize64;
646 
647  for (i = 0; i < usg->count; i++) {
648  u64 addr;
649  void* p;
650  if (usg->sg[i].count >
651  ((dev->adapter_info.options &
652  AAC_OPT_NEW_COMM) ?
653  (dev->scsi_host_ptr->max_sectors << 9) :
654  65536)) {
655  kfree(usg);
656  rcode = -EINVAL;
657  goto cleanup;
658  }
659  /* Does this really need to be GFP_DMA? */
660  p = kmalloc(usg->sg[i].count,GFP_KERNEL|__GFP_DMA);
661  if(!p) {
662  dprintk((KERN_DEBUG "aacraid: Could not allocate SG buffer - size = %d buffer number %d of %d\n",
663  usg->sg[i].count,i,usg->count));
664  kfree(usg);
665  rcode = -ENOMEM;
666  goto cleanup;
667  }
668  sg_user[i] = (void __user *)(uintptr_t)usg->sg[i].addr;
669  sg_list[i] = p; // save so we can clean up later
670  sg_indx = i;
671 
672  if (flags & SRB_DataOut) {
673  if(copy_from_user(p,sg_user[i],upsg->sg[i].count)){
674  kfree (usg);
675  dprintk((KERN_DEBUG"aacraid: Could not copy sg data from user\n"));
676  rcode = -EFAULT;
677  goto cleanup;
678  }
679  }
680  addr = pci_map_single(dev->pdev, p, usg->sg[i].count, data_dir);
681 
682  psg->sg[i].addr[0] = cpu_to_le32(addr & 0xffffffff);
683  psg->sg[i].addr[1] = cpu_to_le32(addr>>32);
684  byte_count += usg->sg[i].count;
685  psg->sg[i].count = cpu_to_le32(usg->sg[i].count);
686  }
687  kfree (usg);
688  }
689  srbcmd->count = cpu_to_le32(byte_count);
690  psg->count = cpu_to_le32(sg_indx+1);
691  status = aac_fib_send(ScsiPortCommand64, srbfib, actual_fibsize, FsaNormal, 1, 1,NULL,NULL);
692  } else {
693  struct user_sgmap* upsg = &user_srbcmd->sg;
694  struct sgmap* psg = &srbcmd->sg;
695 
696  if (actual_fibsize64 == fibsize) {
697  struct user_sgmap64* usg = (struct user_sgmap64 *)upsg;
698  for (i = 0; i < upsg->count; i++) {
699  uintptr_t addr;
700  void* p;
701  if (usg->sg[i].count >
702  ((dev->adapter_info.options &
703  AAC_OPT_NEW_COMM) ?
704  (dev->scsi_host_ptr->max_sectors << 9) :
705  65536)) {
706  rcode = -EINVAL;
707  goto cleanup;
708  }
709  /* Does this really need to be GFP_DMA? */
710  p = kmalloc(usg->sg[i].count,GFP_KERNEL|__GFP_DMA);
711  if(!p) {
712  dprintk((KERN_DEBUG"aacraid: Could not allocate SG buffer - size = %d buffer number %d of %d\n",
713  usg->sg[i].count,i,usg->count));
714  rcode = -ENOMEM;
715  goto cleanup;
716  }
717  addr = (u64)usg->sg[i].addr[0];
718  addr += ((u64)usg->sg[i].addr[1]) << 32;
719  sg_user[i] = (void __user *)addr;
720  sg_list[i] = p; // save so we can clean up later
721  sg_indx = i;
722 
723  if (flags & SRB_DataOut) {
724  if(copy_from_user(p,sg_user[i],usg->sg[i].count)){
725  dprintk((KERN_DEBUG"aacraid: Could not copy sg data from user\n"));
726  rcode = -EFAULT;
727  goto cleanup;
728  }
729  }
730  addr = pci_map_single(dev->pdev, p, usg->sg[i].count, data_dir);
731 
732  psg->sg[i].addr = cpu_to_le32(addr & 0xffffffff);
733  byte_count += usg->sg[i].count;
734  psg->sg[i].count = cpu_to_le32(usg->sg[i].count);
735  }
736  } else {
737  for (i = 0; i < upsg->count; i++) {
738  dma_addr_t addr;
739  void* p;
740  if (upsg->sg[i].count >
741  ((dev->adapter_info.options &
742  AAC_OPT_NEW_COMM) ?
743  (dev->scsi_host_ptr->max_sectors << 9) :
744  65536)) {
745  rcode = -EINVAL;
746  goto cleanup;
747  }
748  p = kmalloc(upsg->sg[i].count, GFP_KERNEL);
749  if (!p) {
750  dprintk((KERN_DEBUG"aacraid: Could not allocate SG buffer - size = %d buffer number %d of %d\n",
751  upsg->sg[i].count, i, upsg->count));
752  rcode = -ENOMEM;
753  goto cleanup;
754  }
755  sg_user[i] = (void __user *)(uintptr_t)upsg->sg[i].addr;
756  sg_list[i] = p; // save so we can clean up later
757  sg_indx = i;
758 
759  if (flags & SRB_DataOut) {
760  if(copy_from_user(p, sg_user[i],
761  upsg->sg[i].count)) {
762  dprintk((KERN_DEBUG"aacraid: Could not copy sg data from user\n"));
763  rcode = -EFAULT;
764  goto cleanup;
765  }
766  }
767  addr = pci_map_single(dev->pdev, p,
768  upsg->sg[i].count, data_dir);
769 
770  psg->sg[i].addr = cpu_to_le32(addr);
771  byte_count += upsg->sg[i].count;
772  psg->sg[i].count = cpu_to_le32(upsg->sg[i].count);
773  }
774  }
775  srbcmd->count = cpu_to_le32(byte_count);
776  psg->count = cpu_to_le32(sg_indx+1);
777  status = aac_fib_send(ScsiPortCommand, srbfib, actual_fibsize, FsaNormal, 1, 1, NULL, NULL);
778  }
779  if (status == -ERESTARTSYS) {
780  rcode = -ERESTARTSYS;
781  goto cleanup;
782  }
783 
784  if (status != 0){
785  dprintk((KERN_DEBUG"aacraid: Could not send raw srb fib to hba\n"));
786  rcode = -ENXIO;
787  goto cleanup;
788  }
789 
790  if (flags & SRB_DataIn) {
791  for(i = 0 ; i <= sg_indx; i++){
792  byte_count = le32_to_cpu(
793  (dev->adapter_info.options & AAC_OPT_SGMAP_HOST64)
794  ? ((struct sgmap64*)&srbcmd->sg)->sg[i].count
795  : srbcmd->sg.sg[i].count);
796  if(copy_to_user(sg_user[i], sg_list[i], byte_count)){
797  dprintk((KERN_DEBUG"aacraid: Could not copy sg data to user\n"));
798  rcode = -EFAULT;
799  goto cleanup;
800 
801  }
802  }
803  }
804 
805  reply = (struct aac_srb_reply *) fib_data(srbfib);
806  if(copy_to_user(user_reply,reply,sizeof(struct aac_srb_reply))){
807  dprintk((KERN_DEBUG"aacraid: Could not copy reply to user\n"));
808  rcode = -EFAULT;
809  goto cleanup;
810  }
811 
812 cleanup:
813  kfree(user_srbcmd);
814  for(i=0; i <= sg_indx; i++){
815  kfree(sg_list[i]);
816  }
817  if (rcode != -ERESTARTSYS) {
818  aac_fib_complete(srbfib);
819  aac_fib_free(srbfib);
820  }
821 
822  return rcode;
823 }
824 
825 struct aac_pci_info {
826  u32 bus;
827  u32 slot;
828 };
829 
830 
831 static int aac_get_pci_info(struct aac_dev* dev, void __user *arg)
832 {
833  struct aac_pci_info pci_info;
834 
835  pci_info.bus = dev->pdev->bus->number;
836  pci_info.slot = PCI_SLOT(dev->pdev->devfn);
837 
838  if (copy_to_user(arg, &pci_info, sizeof(struct aac_pci_info))) {
839  dprintk((KERN_DEBUG "aacraid: Could not copy pci info\n"));
840  return -EFAULT;
841  }
842  return 0;
843 }
844 
845 
846 int aac_do_ioctl(struct aac_dev * dev, int cmd, void __user *arg)
847 {
848  int status;
849 
850  /*
851  * HBA gets first crack
852  */
853 
854  status = aac_dev_ioctl(dev, cmd, arg);
855  if (status != -ENOTTY)
856  return status;
857 
858  switch (cmd) {
859  case FSACTL_MINIPORT_REV_CHECK:
860  status = check_revision(dev, arg);
861  break;
862  case FSACTL_SEND_LARGE_FIB:
863  case FSACTL_SENDFIB:
864  status = ioctl_send_fib(dev, arg);
865  break;
866  case FSACTL_OPEN_GET_ADAPTER_FIB:
867  status = open_getadapter_fib(dev, arg);
868  break;
869  case FSACTL_GET_NEXT_ADAPTER_FIB:
870  status = next_getadapter_fib(dev, arg);
871  break;
872  case FSACTL_CLOSE_GET_ADAPTER_FIB:
873  status = close_getadapter_fib(dev, arg);
874  break;
875  case FSACTL_SEND_RAW_SRB:
876  status = aac_send_raw_srb(dev,arg);
877  break;
878  case FSACTL_GET_PCI_INFO:
879  status = aac_get_pci_info(dev,arg);
880  break;
881  default:
882  status = -ENOTTY;
883  break;
884  }
885  return status;
886 }
887 
Generated on Thu Jan 10 2013 14:18:42 for Linux Kernel by   doxygen 1.8.2