projects / linux-2.6-block.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
[SCSI] aacraid: interupt mitigation
[linux-2.6-block.git] / drivers / scsi / aacraid / commctrl.c
CommitLineData
1da177e4
LT		 1/*
2 * Adaptec AAC series RAID controller driver
3 * (c) Copyright 2001 Red Hat Inc. <alan@redhat.com>
4 *
5 * based on the old aacraid driver that is..
6 * Adaptec aacraid device driver for Linux.
7 *
8 * Copyright (c) 2000 Adaptec, Inc. (aacraid@adaptec.com)
9 *
10 * This program is free software; you can redistribute it and/or modify
11 * it under the terms of the GNU General Public License as published by
12 * the Free Software Foundation; either version 2, or (at your option)
13 * any later version.
14 *
15 * This program is distributed in the hope that it will be useful,
16 * but WITHOUT ANY WARRANTY; without even the implied warranty of
17 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
18 * GNU General Public License for more details.
19 *
20 * You should have received a copy of the GNU General Public License
21 * along with this program; see the file COPYING. If not, write to
22 * the Free Software Foundation, 675 Mass Ave, Cambridge, MA 02139, USA.
23 *
24 * Module Name:
25 * commctrl.c
26 *
27 * Abstract: Contains all routines for control of the AFA comm layer
28 *
29 */
30
31#include <linux/kernel.h>
32#include <linux/init.h>
33#include <linux/types.h>
34#include <linux/sched.h>
35#include <linux/pci.h>
36#include <linux/spinlock.h>
37#include <linux/slab.h>
38#include <linux/completion.h>
39#include <linux/dma-mapping.h>
40#include <linux/blkdev.h>
41#include <asm/semaphore.h>
42#include <asm/uaccess.h>
43
44#include "aacraid.h"
45
46/**
47 * ioctl_send_fib - send a FIB from userspace
48 * @dev: adapter is being processed
49 * @arg: arguments to the ioctl call
50 *
51 * This routine sends a fib to the adapter on behalf of a user level
52 * program.
53 */
7c00ffa3
MH		 54# define AAC_DEBUG_PREAMBLE KERN_INFO
55# define AAC_DEBUG_POSTAMBLE
1da177e4
LT		 56
57static int ioctl_send_fib(struct aac_dev * dev, void __user *arg)
58{
59 struct hw_fib * kfib;
60 struct fib *fibptr;
7c00ffa3
MH		 61 struct hw_fib * hw_fib = (struct hw_fib *)0;
62 dma_addr_t hw_fib_pa = (dma_addr_t)0LL;
63 unsigned size;
64 int retval;
1da177e4
LT		 65
66 fibptr = fib_alloc(dev);
7c00ffa3 67 if(fibptr == NULL) {
1da177e4 68 return -ENOMEM;
7c00ffa3 69 }
1da177e4
LT		 70
71 kfib = fibptr->hw_fib;
72 /*
73 * First copy in the header so that we can check the size field.
74 */
75 if (copy_from_user((void *)kfib, arg, sizeof(struct aac_fibhdr))) {
76 fib_free(fibptr);
77 return -EFAULT;
78 }
79 /*
80 * Since we copy based on the fib header size, make sure that we
81 * will not overrun the buffer when we copy the memory. Return
82 * an error if we would.
83 */
7c00ffa3
MH		 84 size = le16_to_cpu(kfib->header.Size) + sizeof(struct aac_fibhdr);
85 if (size < le16_to_cpu(kfib->header.SenderSize))
86 size = le16_to_cpu(kfib->header.SenderSize);
87 if (size > dev->max_fib_size) {
88 /* Highjack the hw_fib */
89 hw_fib = fibptr->hw_fib;
90 hw_fib_pa = fibptr->hw_fib_pa;
91 fibptr->hw_fib = kfib = pci_alloc_consistent(dev->pdev, size, &fibptr->hw_fib_pa);
92 memset(((char *)kfib) + dev->max_fib_size, 0, size - dev->max_fib_size);
93 memcpy(kfib, hw_fib, dev->max_fib_size);
1da177e4
LT		 94 }
95
7c00ffa3
MH		 96 if (copy_from_user(kfib, arg, size)) {
97 retval = -EFAULT;
98 goto cleanup;
1da177e4
LT		 99 }
100
56b58712 101 if (kfib->header.Command == cpu_to_le16(TakeABreakPt)) {
1da177e4
LT		 102 aac_adapter_interrupt(dev);
103 /*
104 * Since we didn't really send a fib, zero out the state to allow
105 * cleanup code not to assert.
106 */
107 kfib->header.XferState = 0;
108 } else {
7c00ffa3 109 retval = fib_send(le16_to_cpu(kfib->header.Command), fibptr,
1da177e4
LT		 110 le16_to_cpu(kfib->header.Size) , FsaNormal,
111 1, 1, NULL, NULL);
112 if (retval) {
7c00ffa3 113 goto cleanup;
1da177e4
LT		 114 }
115 if (fib_complete(fibptr) != 0) {
7c00ffa3
MH		 116 retval = -EINVAL;
117 goto cleanup;
1da177e4
LT		 118 }
119 }
120 /*
121 * Make sure that the size returned by the adapter (which includes
122 * the header) is less than or equal to the size of a fib, so we
123 * don't corrupt application data. Then copy that size to the user
124 * buffer. (Don't try to add the header information again, since it
125 * was already included by the adapter.)
126 */
127
7c00ffa3
MH		 128 retval = 0;
129 if (copy_to_user(arg, (void *)kfib, size))
130 retval = -EFAULT;
131cleanup:
132 if (hw_fib) {
133 pci_free_consistent(dev->pdev, size, kfib, fibptr->hw_fib_pa);
134 fibptr->hw_fib_pa = hw_fib_pa;
135 fibptr->hw_fib = hw_fib;
1da177e4
LT		 136 }
137 fib_free(fibptr);
7c00ffa3 138 return retval;
1da177e4
LT		 139}
140
141/**
142 * open_getadapter_fib - Get the next fib
143 *
144 * This routine will get the next Fib, if available, from the AdapterFibContext
145 * passed in from the user.
146 */
147
148static int open_getadapter_fib(struct aac_dev * dev, void __user *arg)
149{
150 struct aac_fib_context * fibctx;
151 int status;
152
153 fibctx = kmalloc(sizeof(struct aac_fib_context), GFP_KERNEL);
154 if (fibctx == NULL) {
155 status = -ENOMEM;
156 } else {
157 unsigned long flags;
158 struct list_head * entry;
159 struct aac_fib_context * context;
160
161 fibctx->type = FSAFS_NTC_GET_ADAPTER_FIB_CONTEXT;
162 fibctx->size = sizeof(struct aac_fib_context);
163 /*
164 * Yes yes, I know this could be an index, but we have a
165 * better guarantee of uniqueness for the locked loop below.
166 * Without the aid of a persistent history, this also helps
167 * reduce the chance that the opaque context would be reused.
168 */
169 fibctx->unique = (u32)((ulong)fibctx & 0xFFFFFFFF);
170 /*
171 * Initialize the mutex used to wait for the next AIF.
172 */
173 init_MUTEX_LOCKED(&fibctx->wait_sem);
174 fibctx->wait = 0;
175 /*
176 * Initialize the fibs and set the count of fibs on
177 * the list to 0.
178 */
179 fibctx->count = 0;
180 INIT_LIST_HEAD(&fibctx->fib_list);
181 fibctx->jiffies = jiffies/HZ;
182 /*
183 * Now add this context onto the adapter's
184 * AdapterFibContext list.
185 */
186 spin_lock_irqsave(&dev->fib_lock, flags);
187 /* Ensure that we have a unique identifier */
188 entry = dev->fib_list.next;
189 while (entry != &dev->fib_list) {
190 context = list_entry(entry, struct aac_fib_context, next);
191 if (context->unique == fibctx->unique) {
192 /* Not unique (32 bits) */
193 fibctx->unique++;
194 entry = dev->fib_list.next;
195 } else {
196 entry = entry->next;
197 }
198 }
199 list_add_tail(&fibctx->next, &dev->fib_list);
200 spin_unlock_irqrestore(&dev->fib_lock, flags);
201 if (copy_to_user(arg, &fibctx->unique,
202 sizeof(fibctx->unique))) {
203 status = -EFAULT;
204 } else {
205 status = 0;
206 }
207 }
208 return status;
209}
210
211/**
212 * next_getadapter_fib - get the next fib
213 * @dev: adapter to use
214 * @arg: ioctl argument
215 *
216 * This routine will get the next Fib, if available, from the AdapterFibContext
217 * passed in from the user.
218 */
219
220static int next_getadapter_fib(struct aac_dev * dev, void __user *arg)
221{
222 struct fib_ioctl f;
223 struct fib *fib;
224 struct aac_fib_context *fibctx;
225 int status;
226 struct list_head * entry;
227 unsigned long flags;
228
229 if(copy_from_user((void *)&f, arg, sizeof(struct fib_ioctl)))
230 return -EFAULT;
231 /*
232 * Verify that the HANDLE passed in was a valid AdapterFibContext
233 *
234 * Search the list of AdapterFibContext addresses on the adapter
235 * to be sure this is a valid address
236 */
237 entry = dev->fib_list.next;
238 fibctx = NULL;
239
240 while (entry != &dev->fib_list) {
241 fibctx = list_entry(entry, struct aac_fib_context, next);
242 /*
243 * Extract the AdapterFibContext from the Input parameters.
244 */
245 if (fibctx->unique == f.fibctx) { /* We found a winner */
246 break;
247 }
248 entry = entry->next;
249 fibctx = NULL;
250 }
251 if (!fibctx) {
252 dprintk ((KERN_INFO "Fib Context not found\n"));
253 return -EINVAL;
254 }
255
256 if((fibctx->type != FSAFS_NTC_GET_ADAPTER_FIB_CONTEXT) ||
257 (fibctx->size != sizeof(struct aac_fib_context))) {
258 dprintk ((KERN_INFO "Fib Context corrupt?\n"));
259 return -EINVAL;
260 }
261 status = 0;
262 spin_lock_irqsave(&dev->fib_lock, flags);
263 /*
264 * If there are no fibs to send back, then either wait or return
265 * -EAGAIN
266 */
267return_fib:
268 if (!list_empty(&fibctx->fib_list)) {
269 struct list_head * entry;
270 /*
271 * Pull the next fib from the fibs
272 */
273 entry = fibctx->fib_list.next;
274 list_del(entry);
275
276 fib = list_entry(entry, struct fib, fiblink);
277 fibctx->count--;
278 spin_unlock_irqrestore(&dev->fib_lock, flags);
279 if (copy_to_user(f.fib, fib->hw_fib, sizeof(struct hw_fib))) {
280 kfree(fib->hw_fib);
281 kfree(fib);
282 return -EFAULT;
283 }
284 /*
285 * Free the space occupied by this copy of the fib.
286 */
287 kfree(fib->hw_fib);
288 kfree(fib);
289 status = 0;
290 fibctx->jiffies = jiffies/HZ;
291 } else {
292 spin_unlock_irqrestore(&dev->fib_lock, flags);
293 if (f.wait) {
294 if(down_interruptible(&fibctx->wait_sem) < 0) {
295 status = -EINTR;
296 } else {
297 /* Lock again and retry */
298 spin_lock_irqsave(&dev->fib_lock, flags);
299 goto return_fib;
300 }
301 } else {
302 status = -EAGAIN;
303 }
304 }
305 return status;
306}
307
308int aac_close_fib_context(struct aac_dev * dev, struct aac_fib_context * fibctx)
309{
310 struct fib *fib;
311
312 /*
313 * First free any FIBs that have not been consumed.
314 */
315 while (!list_empty(&fibctx->fib_list)) {
316 struct list_head * entry;
317 /*
318 * Pull the next fib from the fibs
319 */
320 entry = fibctx->fib_list.next;
321 list_del(entry);
322 fib = list_entry(entry, struct fib, fiblink);
323 fibctx->count--;
324 /*
325 * Free the space occupied by this copy of the fib.
326 */
327 kfree(fib->hw_fib);
328 kfree(fib);
329 }
330 /*
331 * Remove the Context from the AdapterFibContext List
332 */
333 list_del(&fibctx->next);
334 /*
335 * Invalidate context
336 */
337 fibctx->type = 0;
338 /*
339 * Free the space occupied by the Context
340 */
341 kfree(fibctx);
342 return 0;
343}
344
345/**
346 * close_getadapter_fib - close down user fib context
347 * @dev: adapter
348 * @arg: ioctl arguments
349 *
350 * This routine will close down the fibctx passed in from the user.
351 */
352
353static int close_getadapter_fib(struct aac_dev * dev, void __user *arg)
354{
355 struct aac_fib_context *fibctx;
356 int status;
357 unsigned long flags;
358 struct list_head * entry;
359
360 /*
361 * Verify that the HANDLE passed in was a valid AdapterFibContext
362 *
363 * Search the list of AdapterFibContext addresses on the adapter
364 * to be sure this is a valid address
365 */
366
367 entry = dev->fib_list.next;
368 fibctx = NULL;
369
370 while(entry != &dev->fib_list) {
371 fibctx = list_entry(entry, struct aac_fib_context, next);
372 /*
373 * Extract the fibctx from the input parameters
374 */
375 if (fibctx->unique == (u32)(unsigned long)arg) {
376 /* We found a winner */
377 break;
378 }
379 entry = entry->next;
380 fibctx = NULL;
381 }
382
383 if (!fibctx)
384 return 0; /* Already gone */
385
386 if((fibctx->type != FSAFS_NTC_GET_ADAPTER_FIB_CONTEXT) ||
387 (fibctx->size != sizeof(struct aac_fib_context)))
388 return -EINVAL;
389 spin_lock_irqsave(&dev->fib_lock, flags);
390 status = aac_close_fib_context(dev, fibctx);
391 spin_unlock_irqrestore(&dev->fib_lock, flags);
392 return status;
393}
394
395/**
396 * check_revision - close down user fib context
397 * @dev: adapter
398 * @arg: ioctl arguments
399 *
400 * This routine returns the driver version.
401 * Under Linux, there have been no version incompatibilities, so this is
402 * simple!
403 */
404
405static int check_revision(struct aac_dev *dev, void __user *arg)
406{
407 struct revision response;
408
409 response.compat = 1;
56b58712
MH		 410 response.version = le32_to_cpu(dev->adapter_info.kernelrev);
411 response.build = le32_to_cpu(dev->adapter_info.kernelbuild);
1da177e4
LT		 412
413 if (copy_to_user(arg, &response, sizeof(response)))
414 return -EFAULT;
415 return 0;
416}
417
7c00ffa3 418
1da177e4
LT		 419/**
420 *
421 * aac_send_raw_scb
422 *
423 */
424
4833869e 425static int aac_send_raw_srb(struct aac_dev* dev, void __user * arg)
1da177e4
LT		 426{
427 struct fib* srbfib;
428 int status;
56b58712
MH		 429 struct aac_srb *srbcmd = NULL;
430 struct user_aac_srb *user_srbcmd = NULL;
431 struct user_aac_srb __user *user_srb = arg;
1da177e4
LT		 432 struct aac_srb_reply __user *user_reply;
433 struct aac_srb_reply* reply;
434 u32 fibsize = 0;
435 u32 flags = 0;
436 s32 rcode = 0;
437 u32 data_dir;
438 void __user *sg_user[32];
439 void *sg_list[32];
440 u32 sg_indx = 0;
441 u32 byte_count = 0;
442 u32 actual_fibsize = 0;
443 int i;
444
445
446 if (!capable(CAP_SYS_ADMIN)){
7c00ffa3 447 dprintk((KERN_DEBUG"aacraid: No permission to send raw srb\n"));
1da177e4
LT		 448 return -EPERM;
449 }
450 /*
451 * Allocate and initialize a Fib then setup a BlockWrite command
452 */
453 if (!(srbfib = fib_alloc(dev))) {
5d497cec 454 return -ENOMEM;
1da177e4
LT		 455 }
456 fib_init(srbfib);
457
458 srbcmd = (struct aac_srb*) fib_data(srbfib);
459
7c00ffa3 460 memset(sg_list, 0, sizeof(sg_list)); /* cleanup may take issue */
1da177e4 461 if(copy_from_user(&fibsize, &user_srb->count,sizeof(u32))){
7c00ffa3 462 dprintk((KERN_DEBUG"aacraid: Could not copy data size from user\n"));
1da177e4
LT		 463 rcode = -EFAULT;
464 goto cleanup;
465 }
466
7c00ffa3 467 if (fibsize > (dev->max_fib_size - sizeof(struct aac_fibhdr))) {
1da177e4
LT		 468 rcode = -EINVAL;
469 goto cleanup;
470 }
471
4645df10 472 user_srbcmd = kmalloc(fibsize, GFP_KERNEL);
7c00ffa3
MH		 473 if (!user_srbcmd) {
474 dprintk((KERN_DEBUG"aacraid: Could not make a copy of the srb\n"));
475 rcode = -ENOMEM;
476 goto cleanup;
477 }
56b58712 478 if(copy_from_user(user_srbcmd, user_srb,fibsize)){
7c00ffa3 479 dprintk((KERN_DEBUG"aacraid: Could not copy srb from user\n"));
1da177e4
LT		 480 rcode = -EFAULT;
481 goto cleanup;
482 }
483
484 user_reply = arg+fibsize;
485
56b58712 486 flags = user_srbcmd->flags; /* from user in cpu order */
1da177e4 487 // Fix up srb for endian and force some values
56b58712 488
1da177e4 489 srbcmd->function = cpu_to_le32(SRBF_ExecuteScsi); // Force this
7c00ffa3
MH		 490 srbcmd->channel = cpu_to_le32(user_srbcmd->channel);
491 srbcmd->id = cpu_to_le32(user_srbcmd->id);
492 srbcmd->lun = cpu_to_le32(user_srbcmd->lun);
7c00ffa3 493 srbcmd->timeout = cpu_to_le32(user_srbcmd->timeout);
5d497cec
MH		 494 srbcmd->flags = cpu_to_le32(flags);
495 srbcmd->retry_limit = 0; // Obsolete parameter
56b58712 496 srbcmd->cdb_size = cpu_to_le32(user_srbcmd->cdb_size);
5d497cec 497 memcpy(srbcmd->cdb, user_srbcmd->cdb, sizeof(srbcmd->cdb));
1da177e4 498
56b58712 499 switch (flags & (SRB_DataIn | SRB_DataOut)) {
1da177e4
LT		 500 case SRB_DataOut:
501 data_dir = DMA_TO_DEVICE;
502 break;
503 case (SRB_DataIn | SRB_DataOut):
504 data_dir = DMA_BIDIRECTIONAL;
505 break;
506 case SRB_DataIn:
507 data_dir = DMA_FROM_DEVICE;
508 break;
509 default:
510 data_dir = DMA_NONE;
511 }
5d497cec 512 if (user_srbcmd->sg.count > (sizeof(sg_list)/sizeof(sg_list[0]))) {
7c00ffa3
MH		 513 dprintk((KERN_DEBUG"aacraid: too many sg entries %d\n",
514 le32_to_cpu(srbcmd->sg.count)));
515 rcode = -EINVAL;
516 goto cleanup;
517 }
1da177e4 518 if (dev->dac_support == 1) {
56b58712 519 struct user_sgmap64* upsg = (struct user_sgmap64*)&user_srbcmd->sg;
84e29308 520 struct sgmap64* psg = (struct sgmap64*)&srbcmd->sg;
7c00ffa3 521 struct user_sgmap* usg;
1da177e4
LT		 522 byte_count = 0;
523
524 /*
525 * This should also catch if user used the 32 bit sgmap
526 */
527 actual_fibsize = sizeof(struct aac_srb) -
7c00ffa3
MH		 528 sizeof(struct sgentry) +
529 ((upsg->count & 0xff) *
530 sizeof(struct sgentry));
1da177e4 531 if(actual_fibsize != fibsize){ // User made a mistake - should not continue
7c00ffa3 532 dprintk((KERN_DEBUG"aacraid: Bad Size specified in Raw SRB command\n"));
1da177e4
LT		 533 rcode = -EINVAL;
534 goto cleanup;
535 }
7c00ffa3
MH		 536 usg = kmalloc(actual_fibsize - sizeof(struct aac_srb)
537 + sizeof(struct sgmap), GFP_KERNEL);
538 if (!usg) {
539 dprintk((KERN_DEBUG"aacraid: Allocation error in Raw SRB command\n"));
540 rcode = -ENOMEM;
541 goto cleanup;
542 }
543 memcpy (usg, upsg, actual_fibsize - sizeof(struct aac_srb)
544 + sizeof(struct sgmap));
545 actual_fibsize = sizeof(struct aac_srb) -
546 sizeof(struct sgentry) + ((usg->count & 0xff) *
547 sizeof(struct sgentry64));
548 if ((data_dir == DMA_NONE) && upsg->count) {
549 kfree (usg);
550 dprintk((KERN_DEBUG"aacraid: SG with no direction specified in Raw SRB command\n"));
1da177e4
LT		 551 rcode = -EINVAL;
552 goto cleanup;
553 }
554
7c00ffa3
MH		 555 for (i = 0; i < usg->count; i++) {
556 u64 addr;
1da177e4 557 void* p;
7c00ffa3
MH		 558 /* Does this really need to be GFP_DMA? */
559 p = kmalloc(usg->sg[i].count,GFP_KERNEL|__GFP_DMA);
1da177e4 560 if(p == 0) {
7c00ffa3
MH		 561 kfree (usg);
562 dprintk((KERN_DEBUG"aacraid: Could not allocate SG buffer - size = %d buffer number %d of %d\n",
563 usg->sg[i].count,i,usg->count));
1da177e4
LT		 564 rcode = -ENOMEM;
565 goto cleanup;
566 }
7c00ffa3 567 sg_user[i] = (void __user *)usg->sg[i].addr;
1da177e4
LT		 568 sg_list[i] = p; // save so we can clean up later
569 sg_indx = i;
570
571 if( flags & SRB_DataOut ){
56b58712 572 if(copy_from_user(p,sg_user[i],upsg->sg[i].count)){
7c00ffa3
MH		 573 kfree (usg);
574 dprintk((KERN_DEBUG"aacraid: Could not copy sg data from user\n"));
1da177e4
LT		 575 rcode = -EFAULT;
576 goto cleanup;
577 }
578 }
7c00ffa3 579 addr = pci_map_single(dev->pdev, p, usg->sg[i].count, data_dir);
1da177e4 580
56b58712 581 psg->sg[i].addr[0] = cpu_to_le32(addr & 0xffffffff);
7c00ffa3
MH		 582 psg->sg[i].addr[1] = cpu_to_le32(addr>>32);
583 psg->sg[i].count = cpu_to_le32(usg->sg[i].count);
584 byte_count += usg->sg[i].count;
1da177e4 585 }
7c00ffa3 586 kfree (usg);
1da177e4
LT		 587
588 srbcmd->count = cpu_to_le32(byte_count);
7c00ffa3 589 psg->count = cpu_to_le32(sg_indx+1);
1da177e4
LT		 590 status = fib_send(ScsiPortCommand64, srbfib, actual_fibsize, FsaNormal, 1, 1,NULL,NULL);
591 } else {
56b58712 592 struct user_sgmap* upsg = &user_srbcmd->sg;
1da177e4
LT		 593 struct sgmap* psg = &srbcmd->sg;
594 byte_count = 0;
595
5d497cec 596 actual_fibsize = sizeof (struct aac_srb) + (((user_srbcmd->sg.count & 0xff) - 1) * sizeof (struct sgentry));
1da177e4 597 if(actual_fibsize != fibsize){ // User made a mistake - should not continue
7c00ffa3 598 dprintk((KERN_DEBUG"aacraid: Bad Size specified in Raw SRB command\n"));
1da177e4
LT		 599 rcode = -EINVAL;
600 goto cleanup;
601 }
56b58712 602 if ((data_dir == DMA_NONE) && upsg->count) {
7c00ffa3 603 dprintk((KERN_DEBUG"aacraid: SG with no direction specified in Raw SRB command\n"));
1da177e4
LT		 604 rcode = -EINVAL;
605 goto cleanup;
606 }
56b58712 607 for (i = 0; i < upsg->count; i++) {
1da177e4
LT		 608 dma_addr_t addr;
609 void* p;
56b58712 610 p = kmalloc(upsg->sg[i].count, GFP_KERNEL);
1da177e4 611 if(p == 0) {
7c00ffa3
MH		 612 dprintk((KERN_DEBUG"aacraid: Could not allocate SG buffer - size = %d buffer number %d of %d\n",
613 upsg->sg[i].count, i, upsg->count));
1da177e4
LT		 614 rcode = -ENOMEM;
615 goto cleanup;
616 }
7c00ffa3 617 sg_user[i] = (void __user *)upsg->sg[i].addr;
1da177e4
LT		 618 sg_list[i] = p; // save so we can clean up later
619 sg_indx = i;
620
621 if( flags & SRB_DataOut ){
7c00ffa3
MH		 622 if(copy_from_user(p, sg_user[i],
623 upsg->sg[i].count)) {
624 dprintk((KERN_DEBUG"aacraid: Could not copy sg data from user\n"));
1da177e4
LT		 625 rcode = -EFAULT;
626 goto cleanup;
627 }
628 }
7c00ffa3
MH		 629 addr = pci_map_single(dev->pdev, p,
630 upsg->sg[i].count, data_dir);
1da177e4
LT		 631
632 psg->sg[i].addr = cpu_to_le32(addr);
56b58712
MH		 633 psg->sg[i].count = cpu_to_le32(upsg->sg[i].count);
634 byte_count += upsg->sg[i].count;
1da177e4
LT		 635 }
636 srbcmd->count = cpu_to_le32(byte_count);
7c00ffa3 637 psg->count = cpu_to_le32(sg_indx+1);
1da177e4
LT		 638 status = fib_send(ScsiPortCommand, srbfib, actual_fibsize, FsaNormal, 1, 1, NULL, NULL);
639 }
640
641 if (status != 0){
7c00ffa3 642 dprintk((KERN_DEBUG"aacraid: Could not send raw srb fib to hba\n"));
5d497cec 643 rcode = -ENXIO;
1da177e4
LT		 644 goto cleanup;
645 }
646
647 if( flags & SRB_DataIn ) {
648 for(i = 0 ; i <= sg_indx; i++){
7c00ffa3
MH		 649 byte_count = le32_to_cpu((dev->dac_support == 1)
650 ? ((struct sgmap64*)&srbcmd->sg)->sg[i].count
651 : srbcmd->sg.sg[i].count);
652 if(copy_to_user(sg_user[i], sg_list[i], byte_count)){
653 dprintk((KERN_DEBUG"aacraid: Could not copy sg data to user\n"));
1da177e4
LT		 654 rcode = -EFAULT;
655 goto cleanup;
656
657 }
658 }
659 }
660
661 reply = (struct aac_srb_reply *) fib_data(srbfib);
662 if(copy_to_user(user_reply,reply,sizeof(struct aac_srb_reply))){
7c00ffa3 663 dprintk((KERN_DEBUG"aacraid: Could not copy reply to user\n"));
1da177e4
LT		 664 rcode = -EFAULT;
665 goto cleanup;
666 }
667
668cleanup:
56b58712 669 kfree(user_srbcmd);
1da177e4
LT		 670 for(i=0; i <= sg_indx; i++){
671 kfree(sg_list[i]);
672 }
673 fib_complete(srbfib);
674 fib_free(srbfib);
675
676 return rcode;
677}
678
1da177e4
LT		 679struct aac_pci_info {
680 u32 bus;
681 u32 slot;
682};
683
684
4833869e 685static int aac_get_pci_info(struct aac_dev* dev, void __user *arg)
1da177e4
LT		 686{
687 struct aac_pci_info pci_info;
688
689 pci_info.bus = dev->pdev->bus->number;
690 pci_info.slot = PCI_SLOT(dev->pdev->devfn);
691
692 if (copy_to_user(arg, &pci_info, sizeof(struct aac_pci_info))) {
7c00ffa3 693 dprintk((KERN_DEBUG "aacraid: Could not copy pci info\n"));
1da177e4
LT		 694 return -EFAULT;
695 }
696 return 0;
7c00ffa3 697}
1da177e4
LT		 698
699
700int aac_do_ioctl(struct aac_dev * dev, int cmd, void __user *arg)
701{
702 int status;
703
704 /*
705 * HBA gets first crack
706 */
707
708 status = aac_dev_ioctl(dev, cmd, arg);
709 if(status != -ENOTTY)
710 return status;
711
712 switch (cmd) {
713 case FSACTL_MINIPORT_REV_CHECK:
714 status = check_revision(dev, arg);
715 break;
7c00ffa3 716 case FSACTL_SEND_LARGE_FIB:
1da177e4
LT		 717 case FSACTL_SENDFIB:
718 status = ioctl_send_fib(dev, arg);
719 break;
720 case FSACTL_OPEN_GET_ADAPTER_FIB:
721 status = open_getadapter_fib(dev, arg);
722 break;
723 case FSACTL_GET_NEXT_ADAPTER_FIB:
724 status = next_getadapter_fib(dev, arg);
725 break;
726 case FSACTL_CLOSE_GET_ADAPTER_FIB:
727 status = close_getadapter_fib(dev, arg);
728 break;
729 case FSACTL_SEND_RAW_SRB:
730 status = aac_send_raw_srb(dev,arg);
731 break;
732 case FSACTL_GET_PCI_INFO:
733 status = aac_get_pci_info(dev,arg);
734 break;
735 default:
736 status = -ENOTTY;
737 break;
738 }
739 return status;
740}
741
Linux 6.x block layer and io_uring tree(s)