[SCSI] mpt fusion: Code Cleanup patch
[linux-2.6.git] / drivers / message / fusion / mptctl.c
1 /*
2  *  linux/drivers/message/fusion/mptctl.c
3  *      mpt Ioctl driver.
4  *      For use with LSI PCI chip/adapters
5  *      running LSI Fusion MPT (Message Passing Technology) firmware.
6  *
7  *  Copyright (c) 1999-2008 LSI Corporation
8  *  (mailto:DL-MPTFusionLinux@lsi.com)
9  *
10  */
11 /*=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=*/
12 /*
13     This program is free software; you can redistribute it and/or modify
14     it under the terms of the GNU General Public License as published by
15     the Free Software Foundation; version 2 of the License.
16
17     This program is distributed in the hope that it will be useful,
18     but WITHOUT ANY WARRANTY; without even the implied warranty of
19     MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
20     GNU General Public License for more details.
21
22     NO WARRANTY
23     THE PROGRAM IS PROVIDED ON AN "AS IS" BASIS, WITHOUT WARRANTIES OR
24     CONDITIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED INCLUDING, WITHOUT
25     LIMITATION, ANY WARRANTIES OR CONDITIONS OF TITLE, NON-INFRINGEMENT,
26     MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. Each Recipient is
27     solely responsible for determining the appropriateness of using and
28     distributing the Program and assumes all risks associated with its
29     exercise of rights under this Agreement, including but not limited to
30     the risks and costs of program errors, damage to or loss of data,
31     programs or equipment, and unavailability or interruption of operations.
32
33     DISCLAIMER OF LIABILITY
34     NEITHER RECIPIENT NOR ANY CONTRIBUTORS SHALL HAVE ANY LIABILITY FOR ANY
35     DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
36     DAMAGES (INCLUDING WITHOUT LIMITATION LOST PROFITS), HOWEVER CAUSED AND
37     ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR
38     TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE
39     USE OR DISTRIBUTION OF THE PROGRAM OR THE EXERCISE OF ANY RIGHTS GRANTED
40     HEREUNDER, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGES
41
42     You should have received a copy of the GNU General Public License
43     along with this program; if not, write to the Free Software
44     Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
45 */
46 /*=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=*/
47
48 #include <linux/kernel.h>
49 #include <linux/module.h>
50 #include <linux/errno.h>
51 #include <linux/init.h>
52 #include <linux/slab.h>
53 #include <linux/types.h>
54 #include <linux/pci.h>
55 #include <linux/delay.h>        /* for mdelay */
56 #include <linux/miscdevice.h>
57 #include <linux/smp_lock.h>
58 #include <linux/compat.h>
59
60 #include <asm/io.h>
61 #include <asm/uaccess.h>
62
63 #include <scsi/scsi.h>
64 #include <scsi/scsi_cmnd.h>
65 #include <scsi/scsi_device.h>
66 #include <scsi/scsi_host.h>
67 #include <scsi/scsi_tcq.h>
68
69 #define COPYRIGHT       "Copyright (c) 1999-2008 LSI Corporation"
70 #define MODULEAUTHOR    "LSI Corporation"
71 #include "mptbase.h"
72 #include "mptctl.h"
73
74 /*=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=*/
75 #define my_NAME         "Fusion MPT misc device (ioctl) driver"
76 #define my_VERSION      MPT_LINUX_VERSION_COMMON
77 #define MYNAM           "mptctl"
78
79 MODULE_AUTHOR(MODULEAUTHOR);
80 MODULE_DESCRIPTION(my_NAME);
81 MODULE_LICENSE("GPL");
82 MODULE_VERSION(my_VERSION);
83
84 /*=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=*/
85
86 static u8 mptctl_id = MPT_MAX_PROTOCOL_DRIVERS;
87 static u8 mptctl_taskmgmt_id = MPT_MAX_PROTOCOL_DRIVERS;
88
89 static DECLARE_WAIT_QUEUE_HEAD ( mptctl_wait );
90
91 /*=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=*/
92
93 struct buflist {
94         u8      *kptr;
95         int      len;
96 };
97
98 /*
99  * Function prototypes. Called from OS entry point mptctl_ioctl.
100  * arg contents specific to function.
101  */
102 static int mptctl_fw_download(unsigned long arg);
103 static int mptctl_getiocinfo(unsigned long arg, unsigned int cmd);
104 static int mptctl_gettargetinfo(unsigned long arg);
105 static int mptctl_readtest(unsigned long arg);
106 static int mptctl_mpt_command(unsigned long arg);
107 static int mptctl_eventquery(unsigned long arg);
108 static int mptctl_eventenable(unsigned long arg);
109 static int mptctl_eventreport(unsigned long arg);
110 static int mptctl_replace_fw(unsigned long arg);
111
112 static int mptctl_do_reset(unsigned long arg);
113 static int mptctl_hp_hostinfo(unsigned long arg, unsigned int cmd);
114 static int mptctl_hp_targetinfo(unsigned long arg);
115
116 static int  mptctl_probe(struct pci_dev *, const struct pci_device_id *);
117 static void mptctl_remove(struct pci_dev *);
118
119 #ifdef CONFIG_COMPAT
120 static long compat_mpctl_ioctl(struct file *f, unsigned cmd, unsigned long arg);
121 #endif
122 /*
123  * Private function calls.
124  */
125 static int mptctl_do_mpt_command(struct mpt_ioctl_command karg, void __user *mfPtr);
126 static int mptctl_do_fw_download(int ioc, char __user *ufwbuf, size_t fwlen);
127 static MptSge_t *kbuf_alloc_2_sgl(int bytes, u32 dir, int sge_offset, int *frags,
128                 struct buflist **blp, dma_addr_t *sglbuf_dma, MPT_ADAPTER *ioc);
129 static void kfree_sgl(MptSge_t *sgl, dma_addr_t sgl_dma,
130                 struct buflist *buflist, MPT_ADAPTER *ioc);
131 static int mptctl_bus_reset(MPT_ADAPTER *ioc, u8 function);
132
133 /*
134  * Reset Handler cleanup function
135  */
136 static int  mptctl_ioc_reset(MPT_ADAPTER *ioc, int reset_phase);
137
138 /*
139  * Event Handler function
140  */
141 static int mptctl_event_process(MPT_ADAPTER *ioc, EventNotificationReply_t *pEvReply);
142 static struct fasync_struct *async_queue=NULL;
143
144 /*=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=*/
145 /*
146  * Scatter gather list (SGL) sizes and limits...
147  */
148 //#define MAX_SCSI_FRAGS        9
149 #define MAX_FRAGS_SPILL1        9
150 #define MAX_FRAGS_SPILL2        15
151 #define FRAGS_PER_BUCKET        (MAX_FRAGS_SPILL2 + 1)
152
153 //#define MAX_CHAIN_FRAGS       64
154 //#define MAX_CHAIN_FRAGS       (15+15+15+16)
155 #define MAX_CHAIN_FRAGS         (4 * MAX_FRAGS_SPILL2 + 1)
156
157 //  Define max sg LIST bytes ( == (#frags + #chains) * 8 bytes each)
158 //  Works out to: 592d bytes!     (9+1)*8 + 4*(15+1)*8
159 //                  ^----------------- 80 + 512
160 #define MAX_SGL_BYTES           ((MAX_FRAGS_SPILL1 + 1 + (4 * FRAGS_PER_BUCKET)) * 8)
161
162 /* linux only seems to ever give 128kB MAX contiguous (GFP_USER) mem bytes */
163 #define MAX_KMALLOC_SZ          (128*1024)
164
165 #define MPT_IOCTL_DEFAULT_TIMEOUT 10    /* Default timeout value (seconds) */
166
167 /*=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=*/
168 /**
169  *      mptctl_syscall_down - Down the MPT adapter syscall semaphore.
170  *      @ioc: Pointer to MPT adapter
171  *      @nonblock: boolean, non-zero if O_NONBLOCK is set
172  *
173  *      All of the ioctl commands can potentially sleep, which is illegal
174  *      with a spinlock held, thus we perform mutual exclusion here.
175  *
176  *      Returns negative errno on error, or zero for success.
177  */
178 static inline int
179 mptctl_syscall_down(MPT_ADAPTER *ioc, int nonblock)
180 {
181         int rc = 0;
182
183         if (nonblock) {
184                 if (!mutex_trylock(&ioc->ioctl_cmds.mutex))
185                         rc = -EAGAIN;
186         } else {
187                 if (mutex_lock_interruptible(&ioc->ioctl_cmds.mutex))
188                         rc = -ERESTARTSYS;
189         }
190         return rc;
191 }
192
193 /*=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=*/
194 /*
195  *  This is the callback for any message we have posted. The message itself
196  *  will be returned to the message pool when we return from the IRQ
197  *
198  *  This runs in irq context so be short and sweet.
199  */
200 static int
201 mptctl_reply(MPT_ADAPTER *ioc, MPT_FRAME_HDR *req, MPT_FRAME_HDR *reply)
202 {
203         char    *sense_data;
204         int     req_index;
205         int     sz;
206
207         if (!req)
208                 return 0;
209
210         dctlprintk(ioc, printk(MYIOC_s_DEBUG_FMT "completing mpi function "
211             "(0x%02X), req=%p, reply=%p\n", ioc->name,  req->u.hdr.Function,
212             req, reply));
213
214         /*
215          * Handling continuation of the same reply. Processing the first
216          * reply, and eating the other replys that come later.
217          */
218         if (ioc->ioctl_cmds.msg_context != req->u.hdr.MsgContext)
219                 goto out_continuation;
220
221         ioc->ioctl_cmds.status |= MPT_MGMT_STATUS_COMMAND_GOOD;
222
223         if (!reply)
224                 goto out;
225
226         ioc->ioctl_cmds.status |= MPT_MGMT_STATUS_RF_VALID;
227         sz = min(ioc->reply_sz, 4*reply->u.reply.MsgLength);
228         memcpy(ioc->ioctl_cmds.reply, reply, sz);
229
230         if (reply->u.reply.IOCStatus || reply->u.reply.IOCLogInfo)
231                 dctlprintk(ioc, printk(MYIOC_s_DEBUG_FMT
232                     "iocstatus (0x%04X), loginfo (0x%08X)\n", ioc->name,
233                     le16_to_cpu(reply->u.reply.IOCStatus),
234                     le32_to_cpu(reply->u.reply.IOCLogInfo)));
235
236         if ((req->u.hdr.Function == MPI_FUNCTION_SCSI_IO_REQUEST) ||
237                 (req->u.hdr.Function ==
238                  MPI_FUNCTION_RAID_SCSI_IO_PASSTHROUGH)) {
239
240                 if (reply->u.sreply.SCSIStatus || reply->u.sreply.SCSIState)
241                         dctlprintk(ioc, printk(MYIOC_s_DEBUG_FMT
242                         "scsi_status (0x%02x), scsi_state (0x%02x), "
243                         "tag = (0x%04x), transfer_count (0x%08x)\n", ioc->name,
244                         reply->u.sreply.SCSIStatus,
245                         reply->u.sreply.SCSIState,
246                         le16_to_cpu(reply->u.sreply.TaskTag),
247                         le32_to_cpu(reply->u.sreply.TransferCount)));
248
249                 if (reply->u.sreply.SCSIState &
250                         MPI_SCSI_STATE_AUTOSENSE_VALID) {
251                         sz = req->u.scsireq.SenseBufferLength;
252                         req_index =
253                             le16_to_cpu(req->u.frame.hwhdr.msgctxu.fld.req_idx);
254                         sense_data = ((u8 *)ioc->sense_buf_pool +
255                              (req_index * MPT_SENSE_BUFFER_ALLOC));
256                         memcpy(ioc->ioctl_cmds.sense, sense_data, sz);
257                         ioc->ioctl_cmds.status |= MPT_MGMT_STATUS_SENSE_VALID;
258                 }
259         }
260
261  out:
262         /* We are done, issue wake up
263          */
264         if (ioc->ioctl_cmds.status & MPT_MGMT_STATUS_PENDING) {
265                 if (req->u.hdr.Function == MPI_FUNCTION_SCSI_TASK_MGMT)
266                         mpt_clear_taskmgmt_in_progress_flag(ioc);
267                 ioc->ioctl_cmds.status &= ~MPT_MGMT_STATUS_PENDING;
268                 complete(&ioc->ioctl_cmds.done);
269         }
270
271  out_continuation:
272         if (reply && (reply->u.reply.MsgFlags &
273             MPI_MSGFLAGS_CONTINUATION_REPLY))
274                 return 0;
275         return 1;
276 }
277
278 /*=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=*/
279 /* mptctl_timeout_expired
280  *
281  * Expecting an interrupt, however timed out.
282  *
283  */
284 static void
285 mptctl_timeout_expired(MPT_ADAPTER *ioc, MPT_FRAME_HDR *mf)
286 {
287         unsigned long flags;
288
289         dtmprintk(ioc, printk(MYIOC_s_DEBUG_FMT ": %s\n",
290                 ioc->name, __func__));
291
292         if (mpt_fwfault_debug)
293                 mpt_halt_firmware(ioc);
294
295         spin_lock_irqsave(&ioc->taskmgmt_lock, flags);
296         if (ioc->ioc_reset_in_progress) {
297                 spin_unlock_irqrestore(&ioc->taskmgmt_lock, flags);
298                 CLEAR_MGMT_PENDING_STATUS(ioc->ioctl_cmds.status)
299                 mpt_free_msg_frame(ioc, mf);
300                 return;
301         }
302         spin_unlock_irqrestore(&ioc->taskmgmt_lock, flags);
303
304
305         if (!mptctl_bus_reset(ioc, mf->u.hdr.Function))
306                 return;
307
308         /* Issue a reset for this device.
309          * The IOC is not responding.
310          */
311         dtmprintk(ioc, printk(MYIOC_s_DEBUG_FMT "Calling HardReset! \n",
312                  ioc->name));
313         CLEAR_MGMT_PENDING_STATUS(ioc->ioctl_cmds.status)
314         mpt_HardResetHandler(ioc, CAN_SLEEP);
315         mpt_free_msg_frame(ioc, mf);
316 }
317
318 static int
319 mptctl_taskmgmt_reply(MPT_ADAPTER *ioc, MPT_FRAME_HDR *mf, MPT_FRAME_HDR *mr)
320 {
321         if (!mf)
322                 return 0;
323
324         dtmprintk(ioc, printk(MYIOC_s_DEBUG_FMT
325                 "TaskMgmt completed (mf=%p, mr=%p)\n",
326                 ioc->name, mf, mr));
327
328         ioc->taskmgmt_cmds.status |= MPT_MGMT_STATUS_COMMAND_GOOD;
329
330         if (!mr)
331                 goto out;
332
333         ioc->taskmgmt_cmds.status |= MPT_MGMT_STATUS_RF_VALID;
334         memcpy(ioc->taskmgmt_cmds.reply, mr,
335             min(MPT_DEFAULT_FRAME_SIZE, 4 * mr->u.reply.MsgLength));
336  out:
337         if (ioc->taskmgmt_cmds.status & MPT_MGMT_STATUS_PENDING) {
338                 mpt_clear_taskmgmt_in_progress_flag(ioc);
339                 ioc->taskmgmt_cmds.status &= ~MPT_MGMT_STATUS_PENDING;
340                 complete(&ioc->taskmgmt_cmds.done);
341                 return 1;
342         }
343         return 0;
344 }
345
346 /* mptctl_bus_reset
347  *
348  * Bus reset code.
349  *
350  */
351 static int mptctl_bus_reset(MPT_ADAPTER *ioc, u8 function)
352 {
353         MPT_FRAME_HDR   *mf;
354         SCSITaskMgmt_t  *pScsiTm;
355         SCSITaskMgmtReply_t *pScsiTmReply;
356         int              ii;
357         int              retval;
358         unsigned long    timeout;
359         unsigned long    time_count;
360         u16              iocstatus;
361
362         /* bus reset is only good for SCSI IO, RAID PASSTHRU */
363         if (!(function == MPI_FUNCTION_RAID_SCSI_IO_PASSTHROUGH) ||
364             (function == MPI_FUNCTION_SCSI_IO_REQUEST)) {
365                 dtmprintk(ioc, printk(MYIOC_s_WARN_FMT
366                         "TaskMgmt, not SCSI_IO!!\n", ioc->name));
367                 return -EPERM;
368         }
369
370         mutex_lock(&ioc->taskmgmt_cmds.mutex);
371         if (mpt_set_taskmgmt_in_progress_flag(ioc) != 0) {
372                 mutex_unlock(&ioc->taskmgmt_cmds.mutex);
373                 return -EPERM;
374         }
375
376         retval = 0;
377
378         /* Send request
379          */
380         mf = mpt_get_msg_frame(mptctl_taskmgmt_id, ioc);
381         if (mf == NULL) {
382                 dtmprintk(ioc, printk(MYIOC_s_WARN_FMT
383                         "TaskMgmt, no msg frames!!\n", ioc->name));
384                 mpt_clear_taskmgmt_in_progress_flag(ioc);
385                 retval = -ENOMEM;
386                 goto mptctl_bus_reset_done;
387         }
388
389         dtmprintk(ioc, printk(MYIOC_s_DEBUG_FMT "TaskMgmt request (mf=%p)\n",
390                 ioc->name, mf));
391
392         pScsiTm = (SCSITaskMgmt_t *) mf;
393         memset(pScsiTm, 0, sizeof(SCSITaskMgmt_t));
394         pScsiTm->Function = MPI_FUNCTION_SCSI_TASK_MGMT;
395         pScsiTm->TaskType = MPI_SCSITASKMGMT_TASKTYPE_RESET_BUS;
396         pScsiTm->MsgFlags = MPI_SCSITASKMGMT_MSGFLAGS_LIPRESET_RESET_OPTION;
397         pScsiTm->TargetID = 0;
398         pScsiTm->Bus = 0;
399         pScsiTm->ChainOffset = 0;
400         pScsiTm->Reserved = 0;
401         pScsiTm->Reserved1 = 0;
402         pScsiTm->TaskMsgContext = 0;
403         for (ii= 0; ii < 8; ii++)
404                 pScsiTm->LUN[ii] = 0;
405         for (ii=0; ii < 7; ii++)
406                 pScsiTm->Reserved2[ii] = 0;
407
408         switch (ioc->bus_type) {
409         case FC:
410                 timeout = 40;
411                 break;
412         case SAS:
413                 timeout = 30;
414                 break;
415         case SPI:
416         default:
417                 timeout = 2;
418                 break;
419         }
420
421         dtmprintk(ioc, printk(MYIOC_s_DEBUG_FMT
422                 "TaskMgmt type=%d timeout=%ld\n",
423                 ioc->name, MPI_SCSITASKMGMT_TASKTYPE_RESET_BUS, timeout));
424
425         INITIALIZE_MGMT_STATUS(ioc->taskmgmt_cmds.status)
426         CLEAR_MGMT_STATUS(ioc->taskmgmt_cmds.status)
427         time_count = jiffies;
428         if ((ioc->facts.IOCCapabilities & MPI_IOCFACTS_CAPABILITY_HIGH_PRI_Q) &&
429             (ioc->facts.MsgVersion >= MPI_VERSION_01_05))
430                 mpt_put_msg_frame_hi_pri(mptctl_taskmgmt_id, ioc, mf);
431         else {
432                 retval = mpt_send_handshake_request(mptctl_taskmgmt_id, ioc,
433                     sizeof(SCSITaskMgmt_t), (u32 *)pScsiTm, CAN_SLEEP);
434                 if (retval != 0) {
435                         dfailprintk(ioc, printk(MYIOC_s_ERR_FMT
436                                 "TaskMgmt send_handshake FAILED!"
437                                 " (ioc %p, mf %p, rc=%d) \n", ioc->name,
438                                 ioc, mf, retval));
439                         mpt_clear_taskmgmt_in_progress_flag(ioc);
440                         goto mptctl_bus_reset_done;
441                 }
442         }
443
444         /* Now wait for the command to complete */
445         ii = wait_for_completion_timeout(&ioc->taskmgmt_cmds.done, timeout*HZ);
446         if (!(ioc->taskmgmt_cmds.status & MPT_MGMT_STATUS_COMMAND_GOOD)) {
447                 dtmprintk(ioc, printk(MYIOC_s_DEBUG_FMT
448                     "TaskMgmt failed\n", ioc->name));
449                 mpt_free_msg_frame(ioc, mf);
450                 mpt_clear_taskmgmt_in_progress_flag(ioc);
451                 if (ioc->taskmgmt_cmds.status & MPT_MGMT_STATUS_DID_IOCRESET)
452                         retval = 0;
453                 else
454                         retval = -1; /* return failure */
455                 goto mptctl_bus_reset_done;
456         }
457
458         if (!(ioc->taskmgmt_cmds.status & MPT_MGMT_STATUS_RF_VALID)) {
459                 dtmprintk(ioc, printk(MYIOC_s_DEBUG_FMT
460                     "TaskMgmt failed\n", ioc->name));
461                 retval = -1; /* return failure */
462                 goto mptctl_bus_reset_done;
463         }
464
465         pScsiTmReply = (SCSITaskMgmtReply_t *) ioc->taskmgmt_cmds.reply;
466         dtmprintk(ioc, printk(MYIOC_s_DEBUG_FMT
467             "TaskMgmt fw_channel = %d, fw_id = %d, task_type=0x%02X, "
468             "iocstatus=0x%04X\n\tloginfo=0x%08X, response_code=0x%02X, "
469             "term_cmnds=%d\n", ioc->name, pScsiTmReply->Bus,
470             pScsiTmReply->TargetID, MPI_SCSITASKMGMT_TASKTYPE_RESET_BUS,
471             le16_to_cpu(pScsiTmReply->IOCStatus),
472             le32_to_cpu(pScsiTmReply->IOCLogInfo),
473             pScsiTmReply->ResponseCode,
474             le32_to_cpu(pScsiTmReply->TerminationCount)));
475
476         iocstatus = le16_to_cpu(pScsiTmReply->IOCStatus) & MPI_IOCSTATUS_MASK;
477
478         if (iocstatus == MPI_IOCSTATUS_SCSI_TASK_TERMINATED ||
479            iocstatus == MPI_IOCSTATUS_SCSI_IOC_TERMINATED ||
480            iocstatus == MPI_IOCSTATUS_SUCCESS)
481                 retval = 0;
482         else {
483                 dtmprintk(ioc, printk(MYIOC_s_DEBUG_FMT
484                     "TaskMgmt failed\n", ioc->name));
485                 retval = -1; /* return failure */
486         }
487
488
489  mptctl_bus_reset_done:
490         mutex_unlock(&ioc->taskmgmt_cmds.mutex);
491         CLEAR_MGMT_STATUS(ioc->taskmgmt_cmds.status)
492         return retval;
493 }
494
495
496 /*=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=*/
497 /* mptctl_ioc_reset
498  *
499  * Clean-up functionality. Used only if there has been a
500  * reload of the FW due.
501  *
502  */
503 static int
504 mptctl_ioc_reset(MPT_ADAPTER *ioc, int reset_phase)
505 {
506         switch(reset_phase) {
507         case MPT_IOC_SETUP_RESET:
508                 dtmprintk(ioc, printk(MYIOC_s_DEBUG_FMT
509                     "%s: MPT_IOC_SETUP_RESET\n", ioc->name, __func__));
510                 break;
511         case MPT_IOC_PRE_RESET:
512                 dtmprintk(ioc, printk(MYIOC_s_DEBUG_FMT
513                     "%s: MPT_IOC_PRE_RESET\n", ioc->name, __func__));
514                 break;
515         case MPT_IOC_POST_RESET:
516                 dtmprintk(ioc, printk(MYIOC_s_DEBUG_FMT
517                     "%s: MPT_IOC_POST_RESET\n", ioc->name, __func__));
518                 if (ioc->ioctl_cmds.status & MPT_MGMT_STATUS_PENDING) {
519                         ioc->ioctl_cmds.status |= MPT_MGMT_STATUS_DID_IOCRESET;
520                         complete(&ioc->ioctl_cmds.done);
521                 }
522                 break;
523         default:
524                 break;
525         }
526
527         return 1;
528 }
529
530 /*=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=*/
531 /* ASYNC Event Notification Support */
532 static int
533 mptctl_event_process(MPT_ADAPTER *ioc, EventNotificationReply_t *pEvReply)
534 {
535         u8 event;
536
537         event = le32_to_cpu(pEvReply->Event) & 0xFF;
538
539         dctlprintk(ioc, printk(MYIOC_s_DEBUG_FMT "%s() called\n",
540             ioc->name, __func__));
541         if(async_queue == NULL)
542                 return 1;
543
544         /* Raise SIGIO for persistent events.
545          * TODO - this define is not in MPI spec yet,
546          * but they plan to set it to 0x21
547          */
548          if (event == 0x21 ) {
549                 ioc->aen_event_read_flag=1;
550                 dctlprintk(ioc, printk(MYIOC_s_DEBUG_FMT "Raised SIGIO to application\n",
551                     ioc->name));
552                 devtverboseprintk(ioc, printk(MYIOC_s_DEBUG_FMT
553                     "Raised SIGIO to application\n", ioc->name));
554                 kill_fasync(&async_queue, SIGIO, POLL_IN);
555                 return 1;
556          }
557
558         /* This flag is set after SIGIO was raised, and
559          * remains set until the application has read
560          * the event log via ioctl=MPTEVENTREPORT
561          */
562         if(ioc->aen_event_read_flag)
563                 return 1;
564
565         /* Signal only for the events that are
566          * requested for by the application
567          */
568         if (ioc->events && (ioc->eventTypes & ( 1 << event))) {
569                 ioc->aen_event_read_flag=1;
570                 dctlprintk(ioc, printk(MYIOC_s_DEBUG_FMT
571                     "Raised SIGIO to application\n", ioc->name));
572                 devtverboseprintk(ioc, printk(MYIOC_s_DEBUG_FMT
573                     "Raised SIGIO to application\n", ioc->name));
574                 kill_fasync(&async_queue, SIGIO, POLL_IN);
575         }
576         return 1;
577 }
578
579 static int
580 mptctl_fasync(int fd, struct file *filep, int mode)
581 {
582         MPT_ADAPTER     *ioc;
583         int ret;
584
585         lock_kernel();
586         list_for_each_entry(ioc, &ioc_list, list)
587                 ioc->aen_event_read_flag=0;
588
589         ret = fasync_helper(fd, filep, mode, &async_queue);
590         unlock_kernel();
591         return ret;
592 }
593
594 /*=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=*/
595 /*
596  *  MPT ioctl handler
597  *  cmd - specify the particular IOCTL command to be issued
598  *  arg - data specific to the command. Must not be null.
599  */
600 static long
601 __mptctl_ioctl(struct file *file, unsigned int cmd, unsigned long arg)
602 {
603         mpt_ioctl_header __user *uhdr = (void __user *) arg;
604         mpt_ioctl_header         khdr;
605         int iocnum;
606         unsigned iocnumX;
607         int nonblock = (file->f_flags & O_NONBLOCK);
608         int ret;
609         MPT_ADAPTER *iocp = NULL;
610
611         if (copy_from_user(&khdr, uhdr, sizeof(khdr))) {
612                 printk(KERN_ERR MYNAM "%s::mptctl_ioctl() @%d - "
613                                 "Unable to copy mpt_ioctl_header data @ %p\n",
614                                 __FILE__, __LINE__, uhdr);
615                 return -EFAULT;
616         }
617         ret = -ENXIO;                           /* (-6) No such device or address */
618
619         /* Verify intended MPT adapter - set iocnum and the adapter
620          * pointer (iocp)
621          */
622         iocnumX = khdr.iocnum & 0xFF;
623         if (((iocnum = mpt_verify_adapter(iocnumX, &iocp)) < 0) ||
624             (iocp == NULL)) {
625                 printk(KERN_DEBUG MYNAM "%s::mptctl_ioctl() @%d - ioc%d not found!\n",
626                                 __FILE__, __LINE__, iocnumX);
627                 return -ENODEV;
628         }
629
630         if (!iocp->active) {
631                 printk(KERN_DEBUG MYNAM "%s::mptctl_ioctl() @%d - Controller disabled.\n",
632                                 __FILE__, __LINE__);
633                 return -EFAULT;
634         }
635
636         /* Handle those commands that are just returning
637          * information stored in the driver.
638          * These commands should never time out and are unaffected
639          * by TM and FW reloads.
640          */
641         if ((cmd & ~IOCSIZE_MASK) == (MPTIOCINFO & ~IOCSIZE_MASK)) {
642                 return mptctl_getiocinfo(arg, _IOC_SIZE(cmd));
643         } else if (cmd == MPTTARGETINFO) {
644                 return mptctl_gettargetinfo(arg);
645         } else if (cmd == MPTTEST) {
646                 return mptctl_readtest(arg);
647         } else if (cmd == MPTEVENTQUERY) {
648                 return mptctl_eventquery(arg);
649         } else if (cmd == MPTEVENTENABLE) {
650                 return mptctl_eventenable(arg);
651         } else if (cmd == MPTEVENTREPORT) {
652                 return mptctl_eventreport(arg);
653         } else if (cmd == MPTFWREPLACE) {
654                 return mptctl_replace_fw(arg);
655         }
656
657         /* All of these commands require an interrupt or
658          * are unknown/illegal.
659          */
660         if ((ret = mptctl_syscall_down(iocp, nonblock)) != 0)
661                 return ret;
662
663         if (cmd == MPTFWDOWNLOAD)
664                 ret = mptctl_fw_download(arg);
665         else if (cmd == MPTCOMMAND)
666                 ret = mptctl_mpt_command(arg);
667         else if (cmd == MPTHARDRESET)
668                 ret = mptctl_do_reset(arg);
669         else if ((cmd & ~IOCSIZE_MASK) == (HP_GETHOSTINFO & ~IOCSIZE_MASK))
670                 ret = mptctl_hp_hostinfo(arg, _IOC_SIZE(cmd));
671         else if (cmd == HP_GETTARGETINFO)
672                 ret = mptctl_hp_targetinfo(arg);
673         else
674                 ret = -EINVAL;
675
676         mutex_unlock(&iocp->ioctl_cmds.mutex);
677
678         return ret;
679 }
680
681 static long
682 mptctl_ioctl(struct file *file, unsigned int cmd, unsigned long arg)
683 {
684         long ret;
685         lock_kernel();
686         ret = __mptctl_ioctl(file, cmd, arg);
687         unlock_kernel();
688         return ret;
689 }
690
691 static int mptctl_do_reset(unsigned long arg)
692 {
693         struct mpt_ioctl_diag_reset __user *urinfo = (void __user *) arg;
694         struct mpt_ioctl_diag_reset krinfo;
695         MPT_ADAPTER             *iocp;
696
697         if (copy_from_user(&krinfo, urinfo, sizeof(struct mpt_ioctl_diag_reset))) {
698                 printk(KERN_ERR MYNAM "%s@%d::mptctl_do_reset - "
699                                 "Unable to copy mpt_ioctl_diag_reset struct @ %p\n",
700                                 __FILE__, __LINE__, urinfo);
701                 return -EFAULT;
702         }
703
704         if (mpt_verify_adapter(krinfo.hdr.iocnum, &iocp) < 0) {
705                 printk(KERN_DEBUG MYNAM "%s@%d::mptctl_do_reset - ioc%d not found!\n",
706                                 __FILE__, __LINE__, krinfo.hdr.iocnum);
707                 return -ENODEV; /* (-6) No such device or address */
708         }
709
710         dctlprintk(iocp, printk(MYIOC_s_DEBUG_FMT "mptctl_do_reset called.\n",
711             iocp->name));
712
713         if (mpt_HardResetHandler(iocp, CAN_SLEEP) != 0) {
714                 printk (MYIOC_s_ERR_FMT "%s@%d::mptctl_do_reset - reset failed.\n",
715                         iocp->name, __FILE__, __LINE__);
716                 return -1;
717         }
718
719         return 0;
720 }
721
722 /*=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=*/
723 /*
724  * MPT FW download function.  Cast the arg into the mpt_fw_xfer structure.
725  * This structure contains: iocnum, firmware length (bytes),
726  *      pointer to user space memory where the fw image is stored.
727  *
728  * Outputs:     None.
729  * Return:      0 if successful
730  *              -EFAULT if data unavailable
731  *              -ENXIO  if no such device
732  *              -EAGAIN if resource problem
733  *              -ENOMEM if no memory for SGE
734  *              -EMLINK if too many chain buffers required
735  *              -EBADRQC if adapter does not support FW download
736  *              -EBUSY if adapter is busy
737  *              -ENOMSG if FW upload returned bad status
738  */
739 static int
740 mptctl_fw_download(unsigned long arg)
741 {
742         struct mpt_fw_xfer __user *ufwdl = (void __user *) arg;
743         struct mpt_fw_xfer       kfwdl;
744
745         if (copy_from_user(&kfwdl, ufwdl, sizeof(struct mpt_fw_xfer))) {
746                 printk(KERN_ERR MYNAM "%s@%d::_ioctl_fwdl - "
747                                 "Unable to copy mpt_fw_xfer struct @ %p\n",
748                                 __FILE__, __LINE__, ufwdl);
749                 return -EFAULT;
750         }
751
752         return mptctl_do_fw_download(kfwdl.iocnum, kfwdl.bufp, kfwdl.fwlen);
753 }
754
755 /*=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=*/
756 /*
757  * FW Download engine.
758  * Outputs:     None.
759  * Return:      0 if successful
760  *              -EFAULT if data unavailable
761  *              -ENXIO  if no such device
762  *              -EAGAIN if resource problem
763  *              -ENOMEM if no memory for SGE
764  *              -EMLINK if too many chain buffers required
765  *              -EBADRQC if adapter does not support FW download
766  *              -EBUSY if adapter is busy
767  *              -ENOMSG if FW upload returned bad status
768  */
769 static int
770 mptctl_do_fw_download(int ioc, char __user *ufwbuf, size_t fwlen)
771 {
772         FWDownload_t            *dlmsg;
773         MPT_FRAME_HDR           *mf;
774         MPT_ADAPTER             *iocp;
775         FWDownloadTCSGE_t       *ptsge;
776         MptSge_t                *sgl, *sgIn;
777         char                    *sgOut;
778         struct buflist          *buflist;
779         struct buflist          *bl;
780         dma_addr_t               sgl_dma;
781         int                      ret;
782         int                      numfrags = 0;
783         int                      maxfrags;
784         int                      n = 0;
785         u32                      sgdir;
786         u32                      nib;
787         int                      fw_bytes_copied = 0;
788         int                      i;
789         int                      sge_offset = 0;
790         u16                      iocstat;
791         pFWDownloadReply_t       ReplyMsg = NULL;
792         unsigned long            timeleft;
793
794         if (mpt_verify_adapter(ioc, &iocp) < 0) {
795                 printk(KERN_DEBUG MYNAM "ioctl_fwdl - ioc%d not found!\n",
796                                  ioc);
797                 return -ENODEV; /* (-6) No such device or address */
798         } else {
799
800                 /*  Valid device. Get a message frame and construct the FW download message.
801                 */
802                 if ((mf = mpt_get_msg_frame(mptctl_id, iocp)) == NULL)
803                         return -EAGAIN;
804         }
805
806         dctlprintk(iocp, printk(MYIOC_s_DEBUG_FMT
807             "mptctl_do_fwdl called. mptctl_id = %xh.\n", iocp->name, mptctl_id));
808         dctlprintk(iocp, printk(MYIOC_s_DEBUG_FMT "DbG: kfwdl.bufp  = %p\n",
809             iocp->name, ufwbuf));
810         dctlprintk(iocp, printk(MYIOC_s_DEBUG_FMT "DbG: kfwdl.fwlen = %d\n",
811             iocp->name, (int)fwlen));
812         dctlprintk(iocp, printk(MYIOC_s_DEBUG_FMT "DbG: kfwdl.ioc   = %04xh\n",
813             iocp->name, ioc));
814
815         dlmsg = (FWDownload_t*) mf;
816         ptsge = (FWDownloadTCSGE_t *) &dlmsg->SGL;
817         sgOut = (char *) (ptsge + 1);
818
819         /*
820          * Construct f/w download request
821          */
822         dlmsg->ImageType = MPI_FW_DOWNLOAD_ITYPE_FW;
823         dlmsg->Reserved = 0;
824         dlmsg->ChainOffset = 0;
825         dlmsg->Function = MPI_FUNCTION_FW_DOWNLOAD;
826         dlmsg->Reserved1[0] = dlmsg->Reserved1[1] = dlmsg->Reserved1[2] = 0;
827         if (iocp->facts.MsgVersion >= MPI_VERSION_01_05)
828                 dlmsg->MsgFlags = MPI_FW_DOWNLOAD_MSGFLGS_LAST_SEGMENT;
829         else
830                 dlmsg->MsgFlags = 0;
831
832
833         /* Set up the Transaction SGE.
834          */
835         ptsge->Reserved = 0;
836         ptsge->ContextSize = 0;
837         ptsge->DetailsLength = 12;
838         ptsge->Flags = MPI_SGE_FLAGS_TRANSACTION_ELEMENT;
839         ptsge->Reserved_0100_Checksum = 0;
840         ptsge->ImageOffset = 0;
841         ptsge->ImageSize = cpu_to_le32(fwlen);
842
843         /* Add the SGL
844          */
845
846         /*
847          * Need to kmalloc area(s) for holding firmware image bytes.
848          * But we need to do it piece meal, using a proper
849          * scatter gather list (with 128kB MAX hunks).
850          *
851          * A practical limit here might be # of sg hunks that fit into
852          * a single IOC request frame; 12 or 8 (see below), so:
853          * For FC9xx: 12 x 128kB == 1.5 mB (max)
854          * For C1030:  8 x 128kB == 1   mB (max)
855          * We could support chaining, but things get ugly(ier:)
856          *
857          * Set the sge_offset to the start of the sgl (bytes).
858          */
859         sgdir = 0x04000000;             /* IOC will READ from sys mem */
860         sge_offset = sizeof(MPIHeader_t) + sizeof(FWDownloadTCSGE_t);
861         if ((sgl = kbuf_alloc_2_sgl(fwlen, sgdir, sge_offset,
862                                     &numfrags, &buflist, &sgl_dma, iocp)) == NULL)
863                 return -ENOMEM;
864
865         /*
866          * We should only need SGL with 2 simple_32bit entries (up to 256 kB)
867          * for FC9xx f/w image, but calculate max number of sge hunks
868          * we can fit into a request frame, and limit ourselves to that.
869          * (currently no chain support)
870          * maxfrags = (Request Size - FWdownload Size ) / Size of 32 bit SGE
871          *      Request         maxfrags
872          *      128             12
873          *      96              8
874          *      64              4
875          */
876         maxfrags = (iocp->req_sz - sizeof(MPIHeader_t) -
877                         sizeof(FWDownloadTCSGE_t))
878                         / iocp->SGE_size;
879         if (numfrags > maxfrags) {
880                 ret = -EMLINK;
881                 goto fwdl_out;
882         }
883
884         dctlprintk(iocp, printk(MYIOC_s_DEBUG_FMT "DbG: sgl buffer = %p, sgfrags = %d\n",
885             iocp->name, sgl, numfrags));
886
887         /*
888          * Parse SG list, copying sgl itself,
889          * plus f/w image hunks from user space as we go...
890          */
891         ret = -EFAULT;
892         sgIn = sgl;
893         bl = buflist;
894         for (i=0; i < numfrags; i++) {
895
896                 /* Get the SGE type: 0 - TCSGE, 3 - Chain, 1 - Simple SGE
897                  * Skip everything but Simple. If simple, copy from
898                  *      user space into kernel space.
899                  * Note: we should not have anything but Simple as
900                  *      Chain SGE are illegal.
901                  */
902                 nib = (sgIn->FlagsLength & 0x30000000) >> 28;
903                 if (nib == 0 || nib == 3) {
904                         ;
905                 } else if (sgIn->Address) {
906                         iocp->add_sge(sgOut, sgIn->FlagsLength, sgIn->Address);
907                         n++;
908                         if (copy_from_user(bl->kptr, ufwbuf+fw_bytes_copied, bl->len)) {
909                                 printk(MYIOC_s_ERR_FMT "%s@%d::_ioctl_fwdl - "
910                                         "Unable to copy f/w buffer hunk#%d @ %p\n",
911                                         iocp->name, __FILE__, __LINE__, n, ufwbuf);
912                                 goto fwdl_out;
913                         }
914                         fw_bytes_copied += bl->len;
915                 }
916                 sgIn++;
917                 bl++;
918                 sgOut += iocp->SGE_size;
919         }
920
921         DBG_DUMP_FW_DOWNLOAD(iocp, (u32 *)mf, numfrags);
922
923         /*
924          * Finally, perform firmware download.
925          */
926         ReplyMsg = NULL;
927         SET_MGMT_MSG_CONTEXT(iocp->ioctl_cmds.msg_context, dlmsg->MsgContext);
928         INITIALIZE_MGMT_STATUS(iocp->ioctl_cmds.status)
929         mpt_put_msg_frame(mptctl_id, iocp, mf);
930
931         /* Now wait for the command to complete */
932 retry_wait:
933         timeleft = wait_for_completion_timeout(&iocp->ioctl_cmds.done, HZ*60);
934         if (!(iocp->ioctl_cmds.status & MPT_MGMT_STATUS_COMMAND_GOOD)) {
935                 ret = -ETIME;
936                 printk(MYIOC_s_WARN_FMT "%s: failed\n", iocp->name, __func__);
937                 if (iocp->ioctl_cmds.status & MPT_MGMT_STATUS_DID_IOCRESET) {
938                         mpt_free_msg_frame(iocp, mf);
939                         goto fwdl_out;
940                 }
941                 if (!timeleft)
942                         mptctl_timeout_expired(iocp, mf);
943                 else
944                         goto retry_wait;
945                 goto fwdl_out;
946         }
947
948         if (!(iocp->ioctl_cmds.status & MPT_MGMT_STATUS_RF_VALID)) {
949                 printk(MYIOC_s_WARN_FMT "%s: failed\n", iocp->name, __func__);
950                 mpt_free_msg_frame(iocp, mf);
951                 ret = -ENODATA;
952                 goto fwdl_out;
953         }
954
955         if (sgl)
956                 kfree_sgl(sgl, sgl_dma, buflist, iocp);
957
958         ReplyMsg = (pFWDownloadReply_t)iocp->ioctl_cmds.reply;
959         iocstat = le16_to_cpu(ReplyMsg->IOCStatus) & MPI_IOCSTATUS_MASK;
960         if (iocstat == MPI_IOCSTATUS_SUCCESS) {
961                 printk(MYIOC_s_INFO_FMT "F/W update successfull!\n", iocp->name);
962                 return 0;
963         } else if (iocstat == MPI_IOCSTATUS_INVALID_FUNCTION) {
964                 printk(MYIOC_s_WARN_FMT "Hmmm...  F/W download not supported!?!\n",
965                         iocp->name);
966                 printk(MYIOC_s_WARN_FMT "(time to go bang on somebodies door)\n",
967                         iocp->name);
968                 return -EBADRQC;
969         } else if (iocstat == MPI_IOCSTATUS_BUSY) {
970                 printk(MYIOC_s_WARN_FMT "IOC_BUSY!\n", iocp->name);
971                 printk(MYIOC_s_WARN_FMT "(try again later?)\n", iocp->name);
972                 return -EBUSY;
973         } else {
974                 printk(MYIOC_s_WARN_FMT "ioctl_fwdl() returned [bad] status = %04xh\n",
975                         iocp->name, iocstat);
976                 printk(MYIOC_s_WARN_FMT "(bad VooDoo)\n", iocp->name);
977                 return -ENOMSG;
978         }
979         return 0;
980
981 fwdl_out:
982
983         CLEAR_MGMT_STATUS(iocp->ioctl_cmds.status);
984         SET_MGMT_MSG_CONTEXT(iocp->ioctl_cmds.msg_context, 0);
985         kfree_sgl(sgl, sgl_dma, buflist, iocp);
986         return ret;
987 }
988
989 /*=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=*/
990 /*
991  * SGE Allocation routine
992  *
993  * Inputs:      bytes - number of bytes to be transferred
994  *              sgdir - data direction
995  *              sge_offset - offset (in bytes) from the start of the request
996  *                      frame to the first SGE
997  *              ioc - pointer to the mptadapter
998  * Outputs:     frags - number of scatter gather elements
999  *              blp - point to the buflist pointer
1000  *              sglbuf_dma - pointer to the (dma) sgl
1001  * Returns:     Null if failes
1002  *              pointer to the (virtual) sgl if successful.
1003  */
1004 static MptSge_t *
1005 kbuf_alloc_2_sgl(int bytes, u32 sgdir, int sge_offset, int *frags,
1006                  struct buflist **blp, dma_addr_t *sglbuf_dma, MPT_ADAPTER *ioc)
1007 {
1008         MptSge_t        *sglbuf = NULL;         /* pointer to array of SGE */
1009                                                 /* and chain buffers */
1010         struct buflist  *buflist = NULL;        /* kernel routine */
1011         MptSge_t        *sgl;
1012         int              numfrags = 0;
1013         int              fragcnt = 0;
1014         int              alloc_sz = min(bytes,MAX_KMALLOC_SZ);  // avoid kernel warning msg!
1015         int              bytes_allocd = 0;
1016         int              this_alloc;
1017         dma_addr_t       pa;                                    // phys addr
1018         int              i, buflist_ent;
1019         int              sg_spill = MAX_FRAGS_SPILL1;
1020         int              dir;
1021         /* initialization */
1022         *frags = 0;
1023         *blp = NULL;
1024
1025         /* Allocate and initialize an array of kernel
1026          * structures for the SG elements.
1027          */
1028         i = MAX_SGL_BYTES / 8;
1029         buflist = kzalloc(i, GFP_USER);
1030         if (!buflist)
1031                 return NULL;
1032         buflist_ent = 0;
1033
1034         /* Allocate a single block of memory to store the sg elements and
1035          * the chain buffers.  The calling routine is responsible for
1036          * copying the data in this array into the correct place in the
1037          * request and chain buffers.
1038          */
1039         sglbuf = pci_alloc_consistent(ioc->pcidev, MAX_SGL_BYTES, sglbuf_dma);
1040         if (sglbuf == NULL)
1041                 goto free_and_fail;
1042
1043         if (sgdir & 0x04000000)
1044                 dir = PCI_DMA_TODEVICE;
1045         else
1046                 dir = PCI_DMA_FROMDEVICE;
1047
1048         /* At start:
1049          *      sgl = sglbuf = point to beginning of sg buffer
1050          *      buflist_ent = 0 = first kernel structure
1051          *      sg_spill = number of SGE that can be written before the first
1052          *              chain element.
1053          *
1054          */
1055         sgl = sglbuf;
1056         sg_spill = ((ioc->req_sz - sge_offset)/ioc->SGE_size) - 1;
1057         while (bytes_allocd < bytes) {
1058                 this_alloc = min(alloc_sz, bytes-bytes_allocd);
1059                 buflist[buflist_ent].len = this_alloc;
1060                 buflist[buflist_ent].kptr = pci_alloc_consistent(ioc->pcidev,
1061                                                                  this_alloc,
1062                                                                  &pa);
1063                 if (buflist[buflist_ent].kptr == NULL) {
1064                         alloc_sz = alloc_sz / 2;
1065                         if (alloc_sz == 0) {
1066                                 printk(MYIOC_s_WARN_FMT "-SG: No can do - "
1067                                     "not enough memory!   :-(\n", ioc->name);
1068                                 printk(MYIOC_s_WARN_FMT "-SG: (freeing %d frags)\n",
1069                                         ioc->name, numfrags);
1070                                 goto free_and_fail;
1071                         }
1072                         continue;
1073                 } else {
1074                         dma_addr_t dma_addr;
1075
1076                         bytes_allocd += this_alloc;
1077                         sgl->FlagsLength = (0x10000000|sgdir|this_alloc);
1078                         dma_addr = pci_map_single(ioc->pcidev,
1079                                 buflist[buflist_ent].kptr, this_alloc, dir);
1080                         sgl->Address = dma_addr;
1081
1082                         fragcnt++;
1083                         numfrags++;
1084                         sgl++;
1085                         buflist_ent++;
1086                 }
1087
1088                 if (bytes_allocd >= bytes)
1089                         break;
1090
1091                 /* Need to chain? */
1092                 if (fragcnt == sg_spill) {
1093                         printk(MYIOC_s_WARN_FMT
1094                             "-SG: No can do - " "Chain required!   :-(\n", ioc->name);
1095                         printk(MYIOC_s_WARN_FMT "(freeing %d frags)\n", ioc->name, numfrags);
1096                         goto free_and_fail;
1097                 }
1098
1099                 /* overflow check... */
1100                 if (numfrags*8 > MAX_SGL_BYTES){
1101                         /* GRRRRR... */
1102                         printk(MYIOC_s_WARN_FMT "-SG: No can do - "
1103                                 "too many SG frags!   :-(\n", ioc->name);
1104                         printk(MYIOC_s_WARN_FMT "-SG: (freeing %d frags)\n",
1105                                 ioc->name, numfrags);
1106                         goto free_and_fail;
1107                 }
1108         }
1109
1110         /* Last sge fixup: set LE+eol+eob bits */
1111         sgl[-1].FlagsLength |= 0xC1000000;
1112
1113         *frags = numfrags;
1114         *blp = buflist;
1115
1116         dctlprintk(ioc, printk(MYIOC_s_DEBUG_FMT "-SG: kbuf_alloc_2_sgl() - "
1117            "%d SG frags generated!\n", ioc->name, numfrags));
1118
1119         dctlprintk(ioc, printk(MYIOC_s_DEBUG_FMT "-SG: kbuf_alloc_2_sgl() - "
1120            "last (big) alloc_sz=%d\n", ioc->name, alloc_sz));
1121
1122         return sglbuf;
1123
1124 free_and_fail:
1125         if (sglbuf != NULL) {
1126                 for (i = 0; i < numfrags; i++) {
1127                         dma_addr_t dma_addr;
1128                         u8 *kptr;
1129                         int len;
1130
1131                         if ((sglbuf[i].FlagsLength >> 24) == 0x30)
1132                                 continue;
1133
1134                         dma_addr = sglbuf[i].Address;
1135                         kptr = buflist[i].kptr;
1136                         len = buflist[i].len;
1137
1138                         pci_free_consistent(ioc->pcidev, len, kptr, dma_addr);
1139                 }
1140                 pci_free_consistent(ioc->pcidev, MAX_SGL_BYTES, sglbuf, *sglbuf_dma);
1141         }
1142         kfree(buflist);
1143         return NULL;
1144 }
1145
1146 /*=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=*/
1147 /*
1148  * Routine to free the SGL elements.
1149  */
1150 static void
1151 kfree_sgl(MptSge_t *sgl, dma_addr_t sgl_dma, struct buflist *buflist, MPT_ADAPTER *ioc)
1152 {
1153         MptSge_t        *sg = sgl;
1154         struct buflist  *bl = buflist;
1155         u32              nib;
1156         int              dir;
1157         int              n = 0;
1158
1159         if (sg->FlagsLength & 0x04000000)
1160                 dir = PCI_DMA_TODEVICE;
1161         else
1162                 dir = PCI_DMA_FROMDEVICE;
1163
1164         nib = (sg->FlagsLength & 0xF0000000) >> 28;
1165         while (! (nib & 0x4)) { /* eob */
1166                 /* skip ignore/chain. */
1167                 if (nib == 0 || nib == 3) {
1168                         ;
1169                 } else if (sg->Address) {
1170                         dma_addr_t dma_addr;
1171                         void *kptr;
1172                         int len;
1173
1174                         dma_addr = sg->Address;
1175                         kptr = bl->kptr;
1176                         len = bl->len;
1177                         pci_unmap_single(ioc->pcidev, dma_addr, len, dir);
1178                         pci_free_consistent(ioc->pcidev, len, kptr, dma_addr);
1179                         n++;
1180                 }
1181                 sg++;
1182                 bl++;
1183                 nib = (le32_to_cpu(sg->FlagsLength) & 0xF0000000) >> 28;
1184         }
1185
1186         /* we're at eob! */
1187         if (sg->Address) {
1188                 dma_addr_t dma_addr;
1189                 void *kptr;
1190                 int len;
1191
1192                 dma_addr = sg->Address;
1193                 kptr = bl->kptr;
1194                 len = bl->len;
1195                 pci_unmap_single(ioc->pcidev, dma_addr, len, dir);
1196                 pci_free_consistent(ioc->pcidev, len, kptr, dma_addr);
1197                 n++;
1198         }
1199
1200         pci_free_consistent(ioc->pcidev, MAX_SGL_BYTES, sgl, sgl_dma);
1201         kfree(buflist);
1202         dctlprintk(ioc, printk(MYIOC_s_DEBUG_FMT "-SG: Free'd 1 SGL buf + %d kbufs!\n",
1203             ioc->name, n));
1204 }
1205
1206 /*=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=*/
1207 /*
1208  *      mptctl_getiocinfo - Query the host adapter for IOC information.
1209  *      @arg: User space argument
1210  *
1211  * Outputs:     None.
1212  * Return:      0 if successful
1213  *              -EFAULT if data unavailable
1214  *              -ENODEV  if no such device/adapter
1215  */
1216 static int
1217 mptctl_getiocinfo (unsigned long arg, unsigned int data_size)
1218 {
1219         struct mpt_ioctl_iocinfo __user *uarg = (void __user *) arg;
1220         struct mpt_ioctl_iocinfo *karg;
1221         MPT_ADAPTER             *ioc;
1222         struct pci_dev          *pdev;
1223         int                     iocnum;
1224         unsigned int            port;
1225         int                     cim_rev;
1226         u8                      revision;
1227         struct scsi_device      *sdev;
1228         VirtDevice              *vdevice;
1229
1230         /* Add of PCI INFO results in unaligned access for
1231          * IA64 and Sparc. Reset long to int. Return no PCI
1232          * data for obsolete format.
1233          */
1234         if (data_size == sizeof(struct mpt_ioctl_iocinfo_rev0))
1235                 cim_rev = 0;
1236         else if (data_size == sizeof(struct mpt_ioctl_iocinfo_rev1))
1237                 cim_rev = 1;
1238         else if (data_size == sizeof(struct mpt_ioctl_iocinfo))
1239                 cim_rev = 2;
1240         else if (data_size == (sizeof(struct mpt_ioctl_iocinfo_rev0)+12))
1241                 cim_rev = 0;    /* obsolete */
1242         else
1243                 return -EFAULT;
1244
1245         karg = kmalloc(data_size, GFP_KERNEL);
1246         if (karg == NULL) {
1247                 printk(KERN_ERR MYNAM "%s::mpt_ioctl_iocinfo() @%d - no memory available!\n",
1248                                 __FILE__, __LINE__);
1249                 return -ENOMEM;
1250         }
1251
1252         if (copy_from_user(karg, uarg, data_size)) {
1253                 printk(KERN_ERR MYNAM "%s@%d::mptctl_getiocinfo - "
1254                         "Unable to read in mpt_ioctl_iocinfo struct @ %p\n",
1255                                 __FILE__, __LINE__, uarg);
1256                 kfree(karg);
1257                 return -EFAULT;
1258         }
1259
1260         if (((iocnum = mpt_verify_adapter(karg->hdr.iocnum, &ioc)) < 0) ||
1261             (ioc == NULL)) {
1262                 printk(KERN_DEBUG MYNAM "%s::mptctl_getiocinfo() @%d - ioc%d not found!\n",
1263                                 __FILE__, __LINE__, iocnum);
1264                 kfree(karg);
1265                 return -ENODEV;
1266         }
1267
1268         /* Verify the data transfer size is correct. */
1269         if (karg->hdr.maxDataSize != data_size) {
1270                 printk(MYIOC_s_ERR_FMT "%s@%d::mptctl_getiocinfo - "
1271                         "Structure size mismatch. Command not completed.\n",
1272                         ioc->name, __FILE__, __LINE__);
1273                 kfree(karg);
1274                 return -EFAULT;
1275         }
1276
1277         dctlprintk(ioc, printk(MYIOC_s_DEBUG_FMT "mptctl_getiocinfo called.\n",
1278             ioc->name));
1279
1280         /* Fill in the data and return the structure to the calling
1281          * program
1282          */
1283         if (ioc->bus_type == SAS)
1284                 karg->adapterType = MPT_IOCTL_INTERFACE_SAS;
1285         else if (ioc->bus_type == FC)
1286                 karg->adapterType = MPT_IOCTL_INTERFACE_FC;
1287         else
1288                 karg->adapterType = MPT_IOCTL_INTERFACE_SCSI;
1289
1290         if (karg->hdr.port > 1)
1291                 return -EINVAL;
1292         port = karg->hdr.port;
1293
1294         karg->port = port;
1295         pdev = (struct pci_dev *) ioc->pcidev;
1296
1297         karg->pciId = pdev->device;
1298         pci_read_config_byte(pdev, PCI_CLASS_REVISION, &revision);
1299         karg->hwRev = revision;
1300         karg->subSystemDevice = pdev->subsystem_device;
1301         karg->subSystemVendor = pdev->subsystem_vendor;
1302
1303         if (cim_rev == 1) {
1304                 /* Get the PCI bus, device, and function numbers for the IOC
1305                  */
1306                 karg->pciInfo.u.bits.busNumber = pdev->bus->number;
1307                 karg->pciInfo.u.bits.deviceNumber = PCI_SLOT( pdev->devfn );
1308                 karg->pciInfo.u.bits.functionNumber = PCI_FUNC( pdev->devfn );
1309         } else if (cim_rev == 2) {
1310                 /* Get the PCI bus, device, function and segment ID numbers
1311                    for the IOC */
1312                 karg->pciInfo.u.bits.busNumber = pdev->bus->number;
1313                 karg->pciInfo.u.bits.deviceNumber = PCI_SLOT( pdev->devfn );
1314                 karg->pciInfo.u.bits.functionNumber = PCI_FUNC( pdev->devfn );
1315                 karg->pciInfo.segmentID = pci_domain_nr(pdev->bus);
1316         }
1317
1318         /* Get number of devices
1319          */
1320         karg->numDevices = 0;
1321         if (ioc->sh) {
1322                 shost_for_each_device(sdev, ioc->sh) {
1323                         vdevice = sdev->hostdata;
1324                         if (vdevice->vtarget->tflags &
1325                             MPT_TARGET_FLAGS_RAID_COMPONENT)
1326                                 continue;
1327                         karg->numDevices++;
1328                 }
1329         }
1330
1331         /* Set the BIOS and FW Version
1332          */
1333         karg->FWVersion = ioc->facts.FWVersion.Word;
1334         karg->BIOSVersion = ioc->biosVersion;
1335
1336         /* Set the Version Strings.
1337          */
1338         strncpy (karg->driverVersion, MPT_LINUX_PACKAGE_NAME, MPT_IOCTL_VERSION_LENGTH);
1339         karg->driverVersion[MPT_IOCTL_VERSION_LENGTH-1]='\0';
1340
1341         karg->busChangeEvent = 0;
1342         karg->hostId = ioc->pfacts[port].PortSCSIID;
1343         karg->rsvd[0] = karg->rsvd[1] = 0;
1344
1345         /* Copy the data from kernel memory to user memory
1346          */
1347         if (copy_to_user((char __user *)arg, karg, data_size)) {
1348                 printk(MYIOC_s_ERR_FMT "%s@%d::mptctl_getiocinfo - "
1349                         "Unable to write out mpt_ioctl_iocinfo struct @ %p\n",
1350                         ioc->name, __FILE__, __LINE__, uarg);
1351                 kfree(karg);
1352                 return -EFAULT;
1353         }
1354
1355         kfree(karg);
1356         return 0;
1357 }
1358
1359 /*=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=*/
1360 /*
1361  *      mptctl_gettargetinfo - Query the host adapter for target information.
1362  *      @arg: User space argument
1363  *
1364  * Outputs:     None.
1365  * Return:      0 if successful
1366  *              -EFAULT if data unavailable
1367  *              -ENODEV  if no such device/adapter
1368  */
1369 static int
1370 mptctl_gettargetinfo (unsigned long arg)
1371 {
1372         struct mpt_ioctl_targetinfo __user *uarg = (void __user *) arg;
1373         struct mpt_ioctl_targetinfo karg;
1374         MPT_ADAPTER             *ioc;
1375         VirtDevice              *vdevice;
1376         char                    *pmem;
1377         int                     *pdata;
1378         int                     iocnum;
1379         int                     numDevices = 0;
1380         int                     lun;
1381         int                     maxWordsLeft;
1382         int                     numBytes;
1383         u8                      port;
1384         struct scsi_device      *sdev;
1385
1386         if (copy_from_user(&karg, uarg, sizeof(struct mpt_ioctl_targetinfo))) {
1387                 printk(KERN_ERR MYNAM "%s@%d::mptctl_gettargetinfo - "
1388                         "Unable to read in mpt_ioctl_targetinfo struct @ %p\n",
1389                                 __FILE__, __LINE__, uarg);
1390                 return -EFAULT;
1391         }
1392
1393         if (((iocnum = mpt_verify_adapter(karg.hdr.iocnum, &ioc)) < 0) ||
1394             (ioc == NULL)) {
1395                 printk(KERN_DEBUG MYNAM "%s::mptctl_gettargetinfo() @%d - ioc%d not found!\n",
1396                                 __FILE__, __LINE__, iocnum);
1397                 return -ENODEV;
1398         }
1399
1400         dctlprintk(ioc, printk(MYIOC_s_DEBUG_FMT "mptctl_gettargetinfo called.\n",
1401             ioc->name));
1402         /* Get the port number and set the maximum number of bytes
1403          * in the returned structure.
1404          * Ignore the port setting.
1405          */
1406         numBytes = karg.hdr.maxDataSize - sizeof(mpt_ioctl_header);
1407         maxWordsLeft = numBytes/sizeof(int);
1408         port = karg.hdr.port;
1409
1410         if (maxWordsLeft <= 0) {
1411                 printk(MYIOC_s_ERR_FMT "%s@%d::mptctl_gettargetinfo() - no memory available!\n",
1412                         ioc->name, __FILE__, __LINE__);
1413                 return -ENOMEM;
1414         }
1415
1416         /* Fill in the data and return the structure to the calling
1417          * program
1418          */
1419
1420         /* struct mpt_ioctl_targetinfo does not contain sufficient space
1421          * for the target structures so when the IOCTL is called, there is
1422          * not sufficient stack space for the structure. Allocate memory,
1423          * populate the memory, copy back to the user, then free memory.
1424          * targetInfo format:
1425          * bits 31-24: reserved
1426          *      23-16: LUN
1427          *      15- 8: Bus Number
1428          *       7- 0: Target ID
1429          */
1430         pmem = kzalloc(numBytes, GFP_KERNEL);
1431         if (!pmem) {
1432                 printk(MYIOC_s_ERR_FMT "%s@%d::mptctl_gettargetinfo() - no memory available!\n",
1433                         ioc->name, __FILE__, __LINE__);
1434                 return -ENOMEM;
1435         }
1436         pdata =  (int *) pmem;
1437
1438         /* Get number of devices
1439          */
1440         if (ioc->sh){
1441                 shost_for_each_device(sdev, ioc->sh) {
1442                         if (!maxWordsLeft)
1443                                 continue;
1444                         vdevice = sdev->hostdata;
1445                         if (vdevice->vtarget->tflags &
1446                             MPT_TARGET_FLAGS_RAID_COMPONENT)
1447                                 continue;
1448                         lun = (vdevice->vtarget->raidVolume) ? 0x80 : vdevice->lun;
1449                         *pdata = (((u8)lun << 16) + (vdevice->vtarget->channel << 8) +
1450                             (vdevice->vtarget->id ));
1451                         pdata++;
1452                         numDevices++;
1453                         --maxWordsLeft;
1454                 }
1455         }
1456         karg.numDevices = numDevices;
1457
1458         /* Copy part of the data from kernel memory to user memory
1459          */
1460         if (copy_to_user((char __user *)arg, &karg,
1461                                 sizeof(struct mpt_ioctl_targetinfo))) {
1462                 printk(MYIOC_s_ERR_FMT "%s@%d::mptctl_gettargetinfo - "
1463                         "Unable to write out mpt_ioctl_targetinfo struct @ %p\n",
1464                         ioc->name, __FILE__, __LINE__, uarg);
1465                 kfree(pmem);
1466                 return -EFAULT;
1467         }
1468
1469         /* Copy the remaining data from kernel memory to user memory
1470          */
1471         if (copy_to_user(uarg->targetInfo, pmem, numBytes)) {
1472                 printk(MYIOC_s_ERR_FMT "%s@%d::mptctl_gettargetinfo - "
1473                         "Unable to write out mpt_ioctl_targetinfo struct @ %p\n",
1474                         ioc->name, __FILE__, __LINE__, pdata);
1475                 kfree(pmem);
1476                 return -EFAULT;
1477         }
1478
1479         kfree(pmem);
1480
1481         return 0;
1482 }
1483
1484 /*=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=*/
1485 /* MPT IOCTL Test function.
1486  *
1487  * Outputs:     None.
1488  * Return:      0 if successful
1489  *              -EFAULT if data unavailable
1490  *              -ENODEV  if no such device/adapter
1491  */
1492 static int
1493 mptctl_readtest (unsigned long arg)
1494 {
1495         struct mpt_ioctl_test __user *uarg = (void __user *) arg;
1496         struct mpt_ioctl_test    karg;
1497         MPT_ADAPTER *ioc;
1498         int iocnum;
1499
1500         if (copy_from_user(&karg, uarg, sizeof(struct mpt_ioctl_test))) {
1501                 printk(KERN_ERR MYNAM "%s@%d::mptctl_readtest - "
1502                         "Unable to read in mpt_ioctl_test struct @ %p\n",
1503                                 __FILE__, __LINE__, uarg);
1504                 return -EFAULT;
1505         }
1506
1507         if (((iocnum = mpt_verify_adapter(karg.hdr.iocnum, &ioc)) < 0) ||
1508             (ioc == NULL)) {
1509                 printk(KERN_DEBUG MYNAM "%s::mptctl_readtest() @%d - ioc%d not found!\n",
1510                                 __FILE__, __LINE__, iocnum);
1511                 return -ENODEV;
1512         }
1513
1514         dctlprintk(ioc, printk(MYIOC_s_DEBUG_FMT "mptctl_readtest called.\n",
1515             ioc->name));
1516         /* Fill in the data and return the structure to the calling
1517          * program
1518          */
1519
1520 #ifdef MFCNT
1521         karg.chip_type = ioc->mfcnt;
1522 #else
1523         karg.chip_type = ioc->pcidev->device;
1524 #endif
1525         strncpy (karg.name, ioc->name, MPT_MAX_NAME);
1526         karg.name[MPT_MAX_NAME-1]='\0';
1527         strncpy (karg.product, ioc->prod_name, MPT_PRODUCT_LENGTH);
1528         karg.product[MPT_PRODUCT_LENGTH-1]='\0';
1529
1530         /* Copy the data from kernel memory to user memory
1531          */
1532         if (copy_to_user((char __user *)arg, &karg, sizeof(struct mpt_ioctl_test))) {
1533                 printk(MYIOC_s_ERR_FMT "%s@%d::mptctl_readtest - "
1534                         "Unable to write out mpt_ioctl_test struct @ %p\n",
1535                         ioc->name, __FILE__, __LINE__, uarg);
1536                 return -EFAULT;
1537         }
1538
1539         return 0;
1540 }
1541
1542 /*=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=*/
1543 /*
1544  *      mptctl_eventquery - Query the host adapter for the event types
1545  *      that are being logged.
1546  *      @arg: User space argument
1547  *
1548  * Outputs:     None.
1549  * Return:      0 if successful
1550  *              -EFAULT if data unavailable
1551  *              -ENODEV  if no such device/adapter
1552  */
1553 static int
1554 mptctl_eventquery (unsigned long arg)
1555 {
1556         struct mpt_ioctl_eventquery __user *uarg = (void __user *) arg;
1557         struct mpt_ioctl_eventquery      karg;
1558         MPT_ADAPTER *ioc;
1559         int iocnum;
1560
1561         if (copy_from_user(&karg, uarg, sizeof(struct mpt_ioctl_eventquery))) {
1562                 printk(KERN_ERR MYNAM "%s@%d::mptctl_eventquery - "
1563                         "Unable to read in mpt_ioctl_eventquery struct @ %p\n",
1564                                 __FILE__, __LINE__, uarg);
1565                 return -EFAULT;
1566         }
1567
1568         if (((iocnum = mpt_verify_adapter(karg.hdr.iocnum, &ioc)) < 0) ||
1569             (ioc == NULL)) {
1570                 printk(KERN_DEBUG MYNAM "%s::mptctl_eventquery() @%d - ioc%d not found!\n",
1571                                 __FILE__, __LINE__, iocnum);
1572                 return -ENODEV;
1573         }
1574
1575         dctlprintk(ioc, printk(MYIOC_s_DEBUG_FMT "mptctl_eventquery called.\n",
1576             ioc->name));
1577         karg.eventEntries = MPTCTL_EVENT_LOG_SIZE;
1578         karg.eventTypes = ioc->eventTypes;
1579
1580         /* Copy the data from kernel memory to user memory
1581          */
1582         if (copy_to_user((char __user *)arg, &karg, sizeof(struct mpt_ioctl_eventquery))) {
1583                 printk(MYIOC_s_ERR_FMT "%s@%d::mptctl_eventquery - "
1584                         "Unable to write out mpt_ioctl_eventquery struct @ %p\n",
1585                         ioc->name, __FILE__, __LINE__, uarg);
1586                 return -EFAULT;
1587         }
1588         return 0;
1589 }
1590
1591 /*=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=*/
1592 static int
1593 mptctl_eventenable (unsigned long arg)
1594 {
1595         struct mpt_ioctl_eventenable __user *uarg = (void __user *) arg;
1596         struct mpt_ioctl_eventenable     karg;
1597         MPT_ADAPTER *ioc;
1598         int iocnum;
1599
1600         if (copy_from_user(&karg, uarg, sizeof(struct mpt_ioctl_eventenable))) {
1601                 printk(KERN_ERR MYNAM "%s@%d::mptctl_eventenable - "
1602                         "Unable to read in mpt_ioctl_eventenable struct @ %p\n",
1603                                 __FILE__, __LINE__, uarg);
1604                 return -EFAULT;
1605         }
1606
1607         if (((iocnum = mpt_verify_adapter(karg.hdr.iocnum, &ioc)) < 0) ||
1608             (ioc == NULL)) {
1609                 printk(KERN_DEBUG MYNAM "%s::mptctl_eventenable() @%d - ioc%d not found!\n",
1610                                 __FILE__, __LINE__, iocnum);
1611                 return -ENODEV;
1612         }
1613
1614         dctlprintk(ioc, printk(MYIOC_s_DEBUG_FMT "mptctl_eventenable called.\n",
1615             ioc->name));
1616         if (ioc->events == NULL) {
1617                 /* Have not yet allocated memory - do so now.
1618                  */
1619                 int sz = MPTCTL_EVENT_LOG_SIZE * sizeof(MPT_IOCTL_EVENTS);
1620                 ioc->events = kzalloc(sz, GFP_KERNEL);
1621                 if (!ioc->events) {
1622                         printk(MYIOC_s_ERR_FMT
1623                             ": ERROR - Insufficient memory to add adapter!\n",
1624                             ioc->name);
1625                         return -ENOMEM;
1626                 }
1627                 ioc->alloc_total += sz;
1628
1629                 ioc->eventContext = 0;
1630         }
1631
1632         /* Update the IOC event logging flag.
1633          */
1634         ioc->eventTypes = karg.eventTypes;
1635
1636         return 0;
1637 }
1638
1639 /*=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=*/
1640 static int
1641 mptctl_eventreport (unsigned long arg)
1642 {
1643         struct mpt_ioctl_eventreport __user *uarg = (void __user *) arg;
1644         struct mpt_ioctl_eventreport     karg;
1645         MPT_ADAPTER              *ioc;
1646         int                      iocnum;
1647         int                      numBytes, maxEvents, max;
1648
1649         if (copy_from_user(&karg, uarg, sizeof(struct mpt_ioctl_eventreport))) {
1650                 printk(KERN_ERR MYNAM "%s@%d::mptctl_eventreport - "
1651                         "Unable to read in mpt_ioctl_eventreport struct @ %p\n",
1652                                 __FILE__, __LINE__, uarg);
1653                 return -EFAULT;
1654         }
1655
1656         if (((iocnum = mpt_verify_adapter(karg.hdr.iocnum, &ioc)) < 0) ||
1657             (ioc == NULL)) {
1658                 printk(KERN_DEBUG MYNAM "%s::mptctl_eventreport() @%d - ioc%d not found!\n",
1659                                 __FILE__, __LINE__, iocnum);
1660                 return -ENODEV;
1661         }
1662         dctlprintk(ioc, printk(MYIOC_s_DEBUG_FMT "mptctl_eventreport called.\n",
1663             ioc->name));
1664
1665         numBytes = karg.hdr.maxDataSize - sizeof(mpt_ioctl_header);
1666         maxEvents = numBytes/sizeof(MPT_IOCTL_EVENTS);
1667
1668
1669         max = MPTCTL_EVENT_LOG_SIZE < maxEvents ? MPTCTL_EVENT_LOG_SIZE : maxEvents;
1670
1671         /* If fewer than 1 event is requested, there must have
1672          * been some type of error.
1673          */
1674         if ((max < 1) || !ioc->events)
1675                 return -ENODATA;
1676
1677         /* reset this flag so SIGIO can restart */
1678         ioc->aen_event_read_flag=0;
1679
1680         /* Copy the data from kernel memory to user memory
1681          */
1682         numBytes = max * sizeof(MPT_IOCTL_EVENTS);
1683         if (copy_to_user(uarg->eventData, ioc->events, numBytes)) {
1684                 printk(MYIOC_s_ERR_FMT "%s@%d::mptctl_eventreport - "
1685                         "Unable to write out mpt_ioctl_eventreport struct @ %p\n",
1686                         ioc->name, __FILE__, __LINE__, ioc->events);
1687                 return -EFAULT;
1688         }
1689
1690         return 0;
1691 }
1692
1693 /*=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=*/
1694 static int
1695 mptctl_replace_fw (unsigned long arg)
1696 {
1697         struct mpt_ioctl_replace_fw __user *uarg = (void __user *) arg;
1698         struct mpt_ioctl_replace_fw      karg;
1699         MPT_ADAPTER              *ioc;
1700         int                      iocnum;
1701         int                      newFwSize;
1702
1703         if (copy_from_user(&karg, uarg, sizeof(struct mpt_ioctl_replace_fw))) {
1704                 printk(KERN_ERR MYNAM "%s@%d::mptctl_replace_fw - "
1705                         "Unable to read in mpt_ioctl_replace_fw struct @ %p\n",
1706                                 __FILE__, __LINE__, uarg);
1707                 return -EFAULT;
1708         }
1709
1710         if (((iocnum = mpt_verify_adapter(karg.hdr.iocnum, &ioc)) < 0) ||
1711             (ioc == NULL)) {
1712                 printk(KERN_DEBUG MYNAM "%s::mptctl_replace_fw() @%d - ioc%d not found!\n",
1713                                 __FILE__, __LINE__, iocnum);
1714                 return -ENODEV;
1715         }
1716
1717         dctlprintk(ioc, printk(MYIOC_s_DEBUG_FMT "mptctl_replace_fw called.\n",
1718             ioc->name));
1719         /* If caching FW, Free the old FW image
1720          */
1721         if (ioc->cached_fw == NULL)
1722                 return 0;
1723
1724         mpt_free_fw_memory(ioc);
1725
1726         /* Allocate memory for the new FW image
1727          */
1728         newFwSize = karg.newImageSize;
1729
1730         if (newFwSize & 0x01)
1731                 newFwSize += 1;
1732         if (newFwSize & 0x02)
1733                 newFwSize += 2;
1734
1735         mpt_alloc_fw_memory(ioc, newFwSize);
1736         if (ioc->cached_fw == NULL)
1737                 return -ENOMEM;
1738
1739         /* Copy the data from user memory to kernel space
1740          */
1741         if (copy_from_user(ioc->cached_fw, uarg->newImage, newFwSize)) {
1742                 printk(MYIOC_s_ERR_FMT "%s@%d::mptctl_replace_fw - "
1743                                 "Unable to read in mpt_ioctl_replace_fw image "
1744                                 "@ %p\n", ioc->name, __FILE__, __LINE__, uarg);
1745                 mpt_free_fw_memory(ioc);
1746                 return -EFAULT;
1747         }
1748
1749         /* Update IOCFactsReply
1750          */
1751         ioc->facts.FWImageSize = newFwSize;
1752         return 0;
1753 }
1754
1755 /*=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=*/
1756 /* MPT IOCTL MPTCOMMAND function.
1757  * Cast the arg into the mpt_ioctl_mpt_command structure.
1758  *
1759  * Outputs:     None.
1760  * Return:      0 if successful
1761  *              -EBUSY  if previous command timeout and IOC reset is not complete.
1762  *              -EFAULT if data unavailable
1763  *              -ENODEV if no such device/adapter
1764  *              -ETIME  if timer expires
1765  *              -ENOMEM if memory allocation error
1766  */
1767 static int
1768 mptctl_mpt_command (unsigned long arg)
1769 {
1770         struct mpt_ioctl_command __user *uarg = (void __user *) arg;
1771         struct mpt_ioctl_command  karg;
1772         MPT_ADAPTER     *ioc;
1773         int             iocnum;
1774         int             rc;
1775
1776
1777         if (copy_from_user(&karg, uarg, sizeof(struct mpt_ioctl_command))) {
1778                 printk(KERN_ERR MYNAM "%s@%d::mptctl_mpt_command - "
1779                         "Unable to read in mpt_ioctl_command struct @ %p\n",
1780                                 __FILE__, __LINE__, uarg);
1781                 return -EFAULT;
1782         }
1783
1784         if (((iocnum = mpt_verify_adapter(karg.hdr.iocnum, &ioc)) < 0) ||
1785             (ioc == NULL)) {
1786                 printk(KERN_DEBUG MYNAM "%s::mptctl_mpt_command() @%d - ioc%d not found!\n",
1787                                 __FILE__, __LINE__, iocnum);
1788                 return -ENODEV;
1789         }
1790
1791         rc = mptctl_do_mpt_command (karg, &uarg->MF);
1792
1793         return rc;
1794 }
1795
1796 /*=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=*/
1797 /* Worker routine for the IOCTL MPTCOMMAND and MPTCOMMAND32 (sparc) commands.
1798  *
1799  * Outputs:     None.
1800  * Return:      0 if successful
1801  *              -EBUSY  if previous command timeout and IOC reset is not complete.
1802  *              -EFAULT if data unavailable
1803  *              -ENODEV if no such device/adapter
1804  *              -ETIME  if timer expires
1805  *              -ENOMEM if memory allocation error
1806  *              -EPERM if SCSI I/O and target is untagged
1807  */
1808 static int
1809 mptctl_do_mpt_command (struct mpt_ioctl_command karg, void __user *mfPtr)
1810 {
1811         MPT_ADAPTER     *ioc;
1812         MPT_FRAME_HDR   *mf = NULL;
1813         MPIHeader_t     *hdr;
1814         char            *psge;
1815         struct buflist  bufIn;  /* data In buffer */
1816         struct buflist  bufOut; /* data Out buffer */
1817         dma_addr_t      dma_addr_in;
1818         dma_addr_t      dma_addr_out;
1819         int             sgSize = 0;     /* Num SG elements */
1820         int             iocnum, flagsLength;
1821         int             sz, rc = 0;
1822         int             msgContext;
1823         u16             req_idx;
1824         ulong           timeout;
1825         unsigned long   timeleft;
1826         struct scsi_device *sdev;
1827         unsigned long    flags;
1828         u8               function;
1829
1830         /* bufIn and bufOut are used for user to kernel space transfers
1831          */
1832         bufIn.kptr = bufOut.kptr = NULL;
1833         bufIn.len = bufOut.len = 0;
1834
1835         if (((iocnum = mpt_verify_adapter(karg.hdr.iocnum, &ioc)) < 0) ||
1836             (ioc == NULL)) {
1837                 printk(KERN_DEBUG MYNAM "%s::mptctl_do_mpt_command() @%d - ioc%d not found!\n",
1838                                 __FILE__, __LINE__, iocnum);
1839                 return -ENODEV;
1840         }
1841
1842         spin_lock_irqsave(&ioc->taskmgmt_lock, flags);
1843         if (ioc->ioc_reset_in_progress) {
1844                 spin_unlock_irqrestore(&ioc->taskmgmt_lock, flags);
1845                 printk(KERN_ERR MYNAM "%s@%d::mptctl_do_mpt_command - "
1846                         "Busy with diagnostic reset\n", __FILE__, __LINE__);
1847                 return -EBUSY;
1848         }
1849         spin_unlock_irqrestore(&ioc->taskmgmt_lock, flags);
1850
1851         /* Verify that the final request frame will not be too large.
1852          */
1853         sz = karg.dataSgeOffset * 4;
1854         if (karg.dataInSize > 0)
1855                 sz += ioc->SGE_size;
1856         if (karg.dataOutSize > 0)
1857                 sz += ioc->SGE_size;
1858
1859         if (sz > ioc->req_sz) {
1860                 printk(MYIOC_s_ERR_FMT "%s@%d::mptctl_do_mpt_command - "
1861                         "Request frame too large (%d) maximum (%d)\n",
1862                         ioc->name, __FILE__, __LINE__, sz, ioc->req_sz);
1863                 return -EFAULT;
1864         }
1865
1866         /* Get a free request frame and save the message context.
1867          */
1868         if ((mf = mpt_get_msg_frame(mptctl_id, ioc)) == NULL)
1869                 return -EAGAIN;
1870
1871         hdr = (MPIHeader_t *) mf;
1872         msgContext = le32_to_cpu(hdr->MsgContext);
1873         req_idx = le16_to_cpu(mf->u.frame.hwhdr.msgctxu.fld.req_idx);
1874
1875         /* Copy the request frame
1876          * Reset the saved message context.
1877          * Request frame in user space
1878          */
1879         if (copy_from_user(mf, mfPtr, karg.dataSgeOffset * 4)) {
1880                 printk(MYIOC_s_ERR_FMT "%s@%d::mptctl_do_mpt_command - "
1881                         "Unable to read MF from mpt_ioctl_command struct @ %p\n",
1882                         ioc->name, __FILE__, __LINE__, mfPtr);
1883                 function = -1;
1884                 rc = -EFAULT;
1885                 goto done_free_mem;
1886         }
1887         hdr->MsgContext = cpu_to_le32(msgContext);
1888         function = hdr->Function;
1889
1890
1891         /* Verify that this request is allowed.
1892          */
1893         dctlprintk(ioc, printk(MYIOC_s_DEBUG_FMT "sending mpi function (0x%02X), req=%p\n",
1894             ioc->name, hdr->Function, mf));
1895
1896         switch (function) {
1897         case MPI_FUNCTION_IOC_FACTS:
1898         case MPI_FUNCTION_PORT_FACTS:
1899                 karg.dataOutSize  = karg.dataInSize = 0;
1900                 break;
1901
1902         case MPI_FUNCTION_CONFIG:
1903         {
1904                 Config_t *config_frame;
1905                 config_frame = (Config_t *)mf;
1906                 dctlprintk(ioc, printk(MYIOC_s_DEBUG_FMT "\ttype=0x%02x ext_type=0x%02x "
1907                     "number=0x%02x action=0x%02x\n", ioc->name,
1908                     config_frame->Header.PageType,
1909                     config_frame->ExtPageType,
1910                     config_frame->Header.PageNumber,
1911                     config_frame->Action));
1912                 break;
1913         }
1914
1915         case MPI_FUNCTION_FC_COMMON_TRANSPORT_SEND:
1916         case MPI_FUNCTION_FC_EX_LINK_SRVC_SEND:
1917         case MPI_FUNCTION_FW_UPLOAD:
1918         case MPI_FUNCTION_SCSI_ENCLOSURE_PROCESSOR:
1919         case MPI_FUNCTION_FW_DOWNLOAD:
1920         case MPI_FUNCTION_FC_PRIMITIVE_SEND:
1921         case MPI_FUNCTION_TOOLBOX:
1922         case MPI_FUNCTION_SAS_IO_UNIT_CONTROL:
1923                 break;
1924
1925         case MPI_FUNCTION_SCSI_IO_REQUEST:
1926                 if (ioc->sh) {
1927                         SCSIIORequest_t *pScsiReq = (SCSIIORequest_t *) mf;
1928                         int qtag = MPI_SCSIIO_CONTROL_UNTAGGED;
1929                         int scsidir = 0;
1930                         int dataSize;
1931                         u32 id;
1932
1933                         id = (ioc->devices_per_bus == 0) ? 256 : ioc->devices_per_bus;
1934                         if (pScsiReq->TargetID > id) {
1935                                 printk(MYIOC_s_ERR_FMT "%s@%d::mptctl_do_mpt_command - "
1936                                         "Target ID out of bounds. \n",
1937                                         ioc->name, __FILE__, __LINE__);
1938                                 rc = -ENODEV;
1939                                 goto done_free_mem;
1940                         }
1941
1942                         if (pScsiReq->Bus >= ioc->number_of_buses) {
1943                                 printk(MYIOC_s_ERR_FMT "%s@%d::mptctl_do_mpt_command - "
1944                                         "Target Bus out of bounds. \n",
1945                                         ioc->name, __FILE__, __LINE__);
1946                                 rc = -ENODEV;
1947                                 goto done_free_mem;
1948                         }
1949
1950                         pScsiReq->MsgFlags &= ~MPI_SCSIIO_MSGFLGS_SENSE_WIDTH;
1951                         pScsiReq->MsgFlags |= mpt_msg_flags(ioc);
1952
1953
1954                         /* verify that app has not requested
1955                          *      more sense data than driver
1956                          *      can provide, if so, reset this parameter
1957                          * set the sense buffer pointer low address
1958                          * update the control field to specify Q type
1959                          */
1960                         if (karg.maxSenseBytes > MPT_SENSE_BUFFER_SIZE)
1961                                 pScsiReq->SenseBufferLength = MPT_SENSE_BUFFER_SIZE;
1962                         else
1963                                 pScsiReq->SenseBufferLength = karg.maxSenseBytes;
1964
1965                         pScsiReq->SenseBufferLowAddr =
1966                                 cpu_to_le32(ioc->sense_buf_low_dma
1967                                    + (req_idx * MPT_SENSE_BUFFER_ALLOC));
1968
1969                         shost_for_each_device(sdev, ioc->sh) {
1970                                 struct scsi_target *starget = scsi_target(sdev);
1971                                 VirtTarget *vtarget = starget->hostdata;
1972
1973                                 if ((pScsiReq->TargetID == vtarget->id) &&
1974                                     (pScsiReq->Bus == vtarget->channel) &&
1975                                     (vtarget->tflags & MPT_TARGET_FLAGS_Q_YES))
1976                                         qtag = MPI_SCSIIO_CONTROL_SIMPLEQ;
1977                         }
1978
1979                         /* Have the IOCTL driver set the direction based
1980                          * on the dataOutSize (ordering issue with Sparc).
1981                          */
1982                         if (karg.dataOutSize > 0) {
1983                                 scsidir = MPI_SCSIIO_CONTROL_WRITE;
1984                                 dataSize = karg.dataOutSize;
1985                         } else {
1986                                 scsidir = MPI_SCSIIO_CONTROL_READ;
1987                                 dataSize = karg.dataInSize;
1988                         }
1989
1990                         pScsiReq->Control = cpu_to_le32(scsidir | qtag);
1991                         pScsiReq->DataLength = cpu_to_le32(dataSize);
1992
1993
1994                 } else {
1995                         printk(MYIOC_s_ERR_FMT "%s@%d::mptctl_do_mpt_command - "
1996                                 "SCSI driver is not loaded. \n",
1997                                 ioc->name, __FILE__, __LINE__);
1998                         rc = -EFAULT;
1999                         goto done_free_mem;
2000                 }
2001                 break;
2002
2003         case MPI_FUNCTION_SMP_PASSTHROUGH:
2004                 /* Check mf->PassthruFlags to determine if
2005                  * transfer is ImmediateMode or not.
2006                  * Immediate mode returns data in the ReplyFrame.
2007                  * Else, we are sending request and response data
2008                  * in two SGLs at the end of the mf.
2009                  */
2010                 break;
2011
2012         case MPI_FUNCTION_SATA_PASSTHROUGH:
2013                 if (!ioc->sh) {
2014                         printk(MYIOC_s_ERR_FMT "%s@%d::mptctl_do_mpt_command - "
2015                                 "SCSI driver is not loaded. \n",
2016                                 ioc->name, __FILE__, __LINE__);
2017                         rc = -EFAULT;
2018                         goto done_free_mem;
2019                 }
2020                 break;
2021
2022         case MPI_FUNCTION_RAID_ACTION:
2023                 /* Just add a SGE
2024                  */
2025                 break;
2026
2027         case MPI_FUNCTION_RAID_SCSI_IO_PASSTHROUGH:
2028                 if (ioc->sh) {
2029                         SCSIIORequest_t *pScsiReq = (SCSIIORequest_t *) mf;
2030                         int qtag = MPI_SCSIIO_CONTROL_SIMPLEQ;
2031                         int scsidir = MPI_SCSIIO_CONTROL_READ;
2032                         int dataSize;
2033
2034                         pScsiReq->MsgFlags &= ~MPI_SCSIIO_MSGFLGS_SENSE_WIDTH;
2035                         pScsiReq->MsgFlags |= mpt_msg_flags(ioc);
2036
2037
2038                         /* verify that app has not requested
2039                          *      more sense data than driver
2040                          *      can provide, if so, reset this parameter
2041                          * set the sense buffer pointer low address
2042                          * update the control field to specify Q type
2043                          */
2044                         if (karg.maxSenseBytes > MPT_SENSE_BUFFER_SIZE)
2045                                 pScsiReq->SenseBufferLength = MPT_SENSE_BUFFER_SIZE;
2046                         else
2047                                 pScsiReq->SenseBufferLength = karg.maxSenseBytes;
2048
2049                         pScsiReq->SenseBufferLowAddr =
2050                                 cpu_to_le32(ioc->sense_buf_low_dma
2051                                    + (req_idx * MPT_SENSE_BUFFER_ALLOC));
2052
2053                         /* All commands to physical devices are tagged
2054                          */
2055
2056                         /* Have the IOCTL driver set the direction based
2057                          * on the dataOutSize (ordering issue with Sparc).
2058                          */
2059                         if (karg.dataOutSize > 0) {
2060                                 scsidir = MPI_SCSIIO_CONTROL_WRITE;
2061                                 dataSize = karg.dataOutSize;
2062                         } else {
2063                                 scsidir = MPI_SCSIIO_CONTROL_READ;
2064                                 dataSize = karg.dataInSize;
2065                         }
2066
2067                         pScsiReq->Control = cpu_to_le32(scsidir | qtag);
2068                         pScsiReq->DataLength = cpu_to_le32(dataSize);
2069
2070                 } else {
2071                         printk(MYIOC_s_ERR_FMT "%s@%d::mptctl_do_mpt_command - "
2072                                 "SCSI driver is not loaded. \n",
2073                                 ioc->name, __FILE__, __LINE__);
2074                         rc = -EFAULT;
2075                         goto done_free_mem;
2076                 }
2077                 break;
2078
2079         case MPI_FUNCTION_SCSI_TASK_MGMT:
2080         {
2081                 SCSITaskMgmt_t  *pScsiTm;
2082                 pScsiTm = (SCSITaskMgmt_t *)mf;
2083                 dctlprintk(ioc, printk(MYIOC_s_DEBUG_FMT
2084                         "\tTaskType=0x%x MsgFlags=0x%x "
2085                         "TaskMsgContext=0x%x id=%d channel=%d\n",
2086                         ioc->name, pScsiTm->TaskType, le32_to_cpu
2087                         (pScsiTm->TaskMsgContext), pScsiTm->MsgFlags,
2088                         pScsiTm->TargetID, pScsiTm->Bus));
2089                 break;
2090         }
2091
2092         case MPI_FUNCTION_IOC_INIT:
2093                 {
2094                         IOCInit_t       *pInit = (IOCInit_t *) mf;
2095                         u32             high_addr, sense_high;
2096
2097                         /* Verify that all entries in the IOC INIT match
2098                          * existing setup (and in LE format).
2099                          */
2100                         if (sizeof(dma_addr_t) == sizeof(u64)) {
2101                                 high_addr = cpu_to_le32((u32)((u64)ioc->req_frames_dma >> 32));
2102                                 sense_high= cpu_to_le32((u32)((u64)ioc->sense_buf_pool_dma >> 32));
2103                         } else {
2104                                 high_addr = 0;
2105                                 sense_high= 0;
2106                         }
2107
2108                         if ((pInit->Flags != 0) || (pInit->MaxDevices != ioc->facts.MaxDevices) ||
2109                                 (pInit->MaxBuses != ioc->facts.MaxBuses) ||
2110                                 (pInit->ReplyFrameSize != cpu_to_le16(ioc->reply_sz)) ||
2111                                 (pInit->HostMfaHighAddr != high_addr) ||
2112                                 (pInit->SenseBufferHighAddr != sense_high)) {
2113                                 printk(MYIOC_s_ERR_FMT "%s@%d::mptctl_do_mpt_command - "
2114                                         "IOC_INIT issued with 1 or more incorrect parameters. Rejected.\n",
2115                                         ioc->name, __FILE__, __LINE__);
2116                                 rc = -EFAULT;
2117                                 goto done_free_mem;
2118                         }
2119                 }
2120                 break;
2121         default:
2122                 /*
2123                  * MPI_FUNCTION_PORT_ENABLE
2124                  * MPI_FUNCTION_TARGET_CMD_BUFFER_POST
2125                  * MPI_FUNCTION_TARGET_ASSIST
2126                  * MPI_FUNCTION_TARGET_STATUS_SEND
2127                  * MPI_FUNCTION_TARGET_MODE_ABORT
2128                  * MPI_FUNCTION_IOC_MESSAGE_UNIT_RESET
2129                  * MPI_FUNCTION_IO_UNIT_RESET
2130                  * MPI_FUNCTION_HANDSHAKE
2131                  * MPI_FUNCTION_REPLY_FRAME_REMOVAL
2132                  * MPI_FUNCTION_EVENT_NOTIFICATION
2133                  *  (driver handles event notification)
2134                  * MPI_FUNCTION_EVENT_ACK
2135                  */
2136
2137                 /*  What to do with these???  CHECK ME!!!
2138                         MPI_FUNCTION_FC_LINK_SRVC_BUF_POST
2139                         MPI_FUNCTION_FC_LINK_SRVC_RSP
2140                         MPI_FUNCTION_FC_ABORT
2141                         MPI_FUNCTION_LAN_SEND
2142                         MPI_FUNCTION_LAN_RECEIVE
2143                         MPI_FUNCTION_LAN_RESET
2144                 */
2145
2146                 printk(MYIOC_s_ERR_FMT "%s@%d::mptctl_do_mpt_command - "
2147                         "Illegal request (function 0x%x) \n",
2148                         ioc->name, __FILE__, __LINE__, hdr->Function);
2149                 rc = -EFAULT;
2150                 goto done_free_mem;
2151         }
2152
2153         /* Add the SGL ( at most one data in SGE and one data out SGE )
2154          * In the case of two SGE's - the data out (write) will always
2155          * preceede the data in (read) SGE. psgList is used to free the
2156          * allocated memory.
2157          */
2158         psge = (char *) (((int *) mf) + karg.dataSgeOffset);
2159         flagsLength = 0;
2160
2161         if (karg.dataOutSize > 0)
2162                 sgSize ++;
2163
2164         if (karg.dataInSize > 0)
2165                 sgSize ++;
2166
2167         if (sgSize > 0) {
2168
2169                 /* Set up the dataOut memory allocation */
2170                 if (karg.dataOutSize > 0) {
2171                         if (karg.dataInSize > 0) {
2172                                 flagsLength = ( MPI_SGE_FLAGS_SIMPLE_ELEMENT |
2173                                                 MPI_SGE_FLAGS_END_OF_BUFFER |
2174                                                 MPI_SGE_FLAGS_DIRECTION)
2175                                                 << MPI_SGE_FLAGS_SHIFT;
2176                         } else {
2177                                 flagsLength = MPT_SGE_FLAGS_SSIMPLE_WRITE;
2178                         }
2179                         flagsLength |= karg.dataOutSize;
2180                         bufOut.len = karg.dataOutSize;
2181                         bufOut.kptr = pci_alloc_consistent(
2182                                         ioc->pcidev, bufOut.len, &dma_addr_out);
2183
2184                         if (bufOut.kptr == NULL) {
2185                                 rc = -ENOMEM;
2186                                 goto done_free_mem;
2187                         } else {
2188                                 /* Set up this SGE.
2189                                  * Copy to MF and to sglbuf
2190                                  */
2191                                 ioc->add_sge(psge, flagsLength, dma_addr_out);
2192                                 psge += ioc->SGE_size;
2193
2194                                 /* Copy user data to kernel space.
2195                                  */
2196                                 if (copy_from_user(bufOut.kptr,
2197                                                 karg.dataOutBufPtr,
2198                                                 bufOut.len)) {
2199                                         printk(MYIOC_s_ERR_FMT
2200                                                 "%s@%d::mptctl_do_mpt_command - Unable "
2201                                                 "to read user data "
2202                                                 "struct @ %p\n",
2203                                                 ioc->name, __FILE__, __LINE__,karg.dataOutBufPtr);
2204                                         rc =  -EFAULT;
2205                                         goto done_free_mem;
2206                                 }
2207                         }
2208                 }
2209
2210                 if (karg.dataInSize > 0) {
2211                         flagsLength = MPT_SGE_FLAGS_SSIMPLE_READ;
2212                         flagsLength |= karg.dataInSize;
2213
2214                         bufIn.len = karg.dataInSize;
2215                         bufIn.kptr = pci_alloc_consistent(ioc->pcidev,
2216                                         bufIn.len, &dma_addr_in);
2217
2218                         if (bufIn.kptr == NULL) {
2219                                 rc = -ENOMEM;
2220                                 goto done_free_mem;
2221                         } else {
2222                                 /* Set up this SGE
2223                                  * Copy to MF and to sglbuf
2224                                  */
2225                                 ioc->add_sge(psge, flagsLength, dma_addr_in);
2226                         }
2227                 }
2228         } else  {
2229                 /* Add a NULL SGE
2230                  */
2231                 ioc->add_sge(psge, flagsLength, (dma_addr_t) -1);
2232         }
2233
2234         SET_MGMT_MSG_CONTEXT(ioc->ioctl_cmds.msg_context, hdr->MsgContext);
2235         INITIALIZE_MGMT_STATUS(ioc->ioctl_cmds.status)
2236         if (hdr->Function == MPI_FUNCTION_SCSI_TASK_MGMT) {
2237
2238                 mutex_lock(&ioc->taskmgmt_cmds.mutex);
2239                 if (mpt_set_taskmgmt_in_progress_flag(ioc) != 0) {
2240                         mutex_unlock(&ioc->taskmgmt_cmds.mutex);
2241                         goto done_free_mem;
2242                 }
2243
2244                 DBG_DUMP_TM_REQUEST_FRAME(ioc, (u32 *)mf);
2245
2246                 if ((ioc->facts.IOCCapabilities & MPI_IOCFACTS_CAPABILITY_HIGH_PRI_Q) &&
2247                     (ioc->facts.MsgVersion >= MPI_VERSION_01_05))
2248                         mpt_put_msg_frame_hi_pri(mptctl_id, ioc, mf);
2249                 else {
2250                         rc =mpt_send_handshake_request(mptctl_id, ioc,
2251                                 sizeof(SCSITaskMgmt_t), (u32*)mf, CAN_SLEEP);
2252                         if (rc != 0) {
2253                                 dfailprintk(ioc, printk(MYIOC_s_ERR_FMT
2254                                     "send_handshake FAILED! (ioc %p, mf %p)\n",
2255                                     ioc->name, ioc, mf));
2256                                 mpt_clear_taskmgmt_in_progress_flag(ioc);
2257                                 rc = -ENODATA;
2258                                 mutex_unlock(&ioc->taskmgmt_cmds.mutex);
2259                                 goto done_free_mem;
2260                         }
2261                 }
2262
2263         } else
2264                 mpt_put_msg_frame(mptctl_id, ioc, mf);
2265
2266         /* Now wait for the command to complete */
2267         timeout = (karg.timeout > 0) ? karg.timeout : MPT_IOCTL_DEFAULT_TIMEOUT;
2268 retry_wait:
2269         timeleft = wait_for_completion_timeout(&ioc->ioctl_cmds.done,
2270                                 HZ*timeout);
2271         if (!(ioc->ioctl_cmds.status & MPT_MGMT_STATUS_COMMAND_GOOD)) {
2272                 rc = -ETIME;
2273                 dfailprintk(ioc, printk(MYIOC_s_ERR_FMT "%s: TIMED OUT!\n",
2274                     ioc->name, __func__));
2275                 if (ioc->ioctl_cmds.status & MPT_MGMT_STATUS_DID_IOCRESET) {
2276                         if (function == MPI_FUNCTION_SCSI_TASK_MGMT)
2277                                 mutex_unlock(&ioc->taskmgmt_cmds.mutex);
2278                         goto done_free_mem;
2279                 }
2280                 if (!timeleft) {
2281                         if (function == MPI_FUNCTION_SCSI_TASK_MGMT)
2282                                 mutex_unlock(&ioc->taskmgmt_cmds.mutex);
2283                         mptctl_timeout_expired(ioc, mf);
2284                         mf = NULL;
2285                 } else
2286                         goto retry_wait;
2287                 goto done_free_mem;
2288         }
2289
2290         if (function == MPI_FUNCTION_SCSI_TASK_MGMT)
2291                 mutex_unlock(&ioc->taskmgmt_cmds.mutex);
2292
2293
2294         mf = NULL;
2295
2296         /* If a valid reply frame, copy to the user.
2297          * Offset 2: reply length in U32's
2298          */
2299         if (ioc->ioctl_cmds.status & MPT_MGMT_STATUS_RF_VALID) {
2300                 if (karg.maxReplyBytes < ioc->reply_sz) {
2301                         sz = min(karg.maxReplyBytes,
2302                                 4*ioc->ioctl_cmds.reply[2]);
2303                 } else {
2304                          sz = min(ioc->reply_sz, 4*ioc->ioctl_cmds.reply[2]);
2305                 }
2306                 if (sz > 0) {
2307                         if (copy_to_user(karg.replyFrameBufPtr,
2308                                  ioc->ioctl_cmds.reply, sz)){
2309                                  printk(MYIOC_s_ERR_FMT
2310                                      "%s@%d::mptctl_do_mpt_command - "
2311                                  "Unable to write out reply frame %p\n",
2312                                  ioc->name, __FILE__, __LINE__, karg.replyFrameBufPtr);
2313                                  rc =  -ENODATA;
2314                                  goto done_free_mem;
2315                         }
2316                 }
2317         }
2318
2319         /* If valid sense data, copy to user.
2320          */
2321         if (ioc->ioctl_cmds.status & MPT_MGMT_STATUS_SENSE_VALID) {
2322                 sz = min(karg.maxSenseBytes, MPT_SENSE_BUFFER_SIZE);
2323                 if (sz > 0) {
2324                         if (copy_to_user(karg.senseDataPtr,
2325                                 ioc->ioctl_cmds.sense, sz)) {
2326                                 printk(MYIOC_s_ERR_FMT "%s@%d::mptctl_do_mpt_command - "
2327                                 "Unable to write sense data to user %p\n",
2328                                 ioc->name, __FILE__, __LINE__,
2329                                 karg.senseDataPtr);
2330                                 rc =  -ENODATA;
2331                                 goto done_free_mem;
2332                         }
2333                 }
2334         }
2335
2336         /* If the overall status is _GOOD and data in, copy data
2337          * to user.
2338          */
2339         if ((ioc->ioctl_cmds.status & MPT_MGMT_STATUS_COMMAND_GOOD) &&
2340                                 (karg.dataInSize > 0) && (bufIn.kptr)) {
2341
2342                 if (copy_to_user(karg.dataInBufPtr,
2343                                  bufIn.kptr, karg.dataInSize)) {
2344                         printk(MYIOC_s_ERR_FMT "%s@%d::mptctl_do_mpt_command - "
2345                                 "Unable to write data to user %p\n",
2346                                 ioc->name, __FILE__, __LINE__,
2347                                 karg.dataInBufPtr);
2348                         rc =  -ENODATA;
2349                 }
2350         }
2351
2352 done_free_mem:
2353
2354         CLEAR_MGMT_STATUS(ioc->ioctl_cmds.status)
2355         SET_MGMT_MSG_CONTEXT(ioc->ioctl_cmds.msg_context, 0);
2356
2357         /* Free the allocated memory.
2358          */
2359         if (bufOut.kptr != NULL) {
2360                 pci_free_consistent(ioc->pcidev,
2361                         bufOut.len, (void *) bufOut.kptr, dma_addr_out);
2362         }
2363
2364         if (bufIn.kptr != NULL) {
2365                 pci_free_consistent(ioc->pcidev,
2366                         bufIn.len, (void *) bufIn.kptr, dma_addr_in);
2367         }
2368
2369         /* mf is null if command issued successfully
2370          * otherwise, failure occured after mf acquired.
2371          */
2372         if (mf)
2373                 mpt_free_msg_frame(ioc, mf);
2374
2375         return rc;
2376 }
2377
2378 /*=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=*/
2379 /* Prototype Routine for the HOST INFO command.
2380  *
2381  * Outputs:     None.
2382  * Return:      0 if successful
2383  *              -EFAULT if data unavailable
2384  *              -EBUSY  if previous command timeout and IOC reset is not complete.
2385  *              -ENODEV if no such device/adapter
2386  *              -ETIME  if timer expires
2387  *              -ENOMEM if memory allocation error
2388  */
2389 static int
2390 mptctl_hp_hostinfo(unsigned long arg, unsigned int data_size)
2391 {
2392         hp_host_info_t  __user *uarg = (void __user *) arg;
2393         MPT_ADAPTER             *ioc;
2394         struct pci_dev          *pdev;
2395         char                    *pbuf=NULL;
2396         dma_addr_t              buf_dma;
2397         hp_host_info_t          karg;
2398         CONFIGPARMS             cfg;
2399         ConfigPageHeader_t      hdr;
2400         int                     iocnum;
2401         int                     rc, cim_rev;
2402         ToolboxIstwiReadWriteRequest_t  *IstwiRWRequest;
2403         MPT_FRAME_HDR           *mf = NULL;
2404         MPIHeader_t             *mpi_hdr;
2405         unsigned long           timeleft;
2406         int                     retval;
2407
2408         /* Reset long to int. Should affect IA64 and SPARC only
2409          */
2410         if (data_size == sizeof(hp_host_info_t))
2411                 cim_rev = 1;
2412         else if (data_size == sizeof(hp_host_info_rev0_t))
2413                 cim_rev = 0;    /* obsolete */
2414         else
2415                 return -EFAULT;
2416
2417         if (copy_from_user(&karg, uarg, sizeof(hp_host_info_t))) {
2418                 printk(KERN_ERR MYNAM "%s@%d::mptctl_hp_host_info - "
2419                         "Unable to read in hp_host_info struct @ %p\n",
2420                                 __FILE__, __LINE__, uarg);
2421                 return -EFAULT;
2422         }
2423
2424         if (((iocnum = mpt_verify_adapter(karg.hdr.iocnum, &ioc)) < 0) ||
2425             (ioc == NULL)) {
2426                 printk(KERN_DEBUG MYNAM "%s::mptctl_hp_hostinfo() @%d - ioc%d not found!\n",
2427                                 __FILE__, __LINE__, iocnum);
2428                 return -ENODEV;
2429         }
2430         dctlprintk(ioc, printk(MYIOC_s_DEBUG_FMT ": mptctl_hp_hostinfo called.\n",
2431             ioc->name));
2432
2433         /* Fill in the data and return the structure to the calling
2434          * program
2435          */
2436         pdev = (struct pci_dev *) ioc->pcidev;
2437
2438         karg.vendor = pdev->vendor;
2439         karg.device = pdev->device;
2440         karg.subsystem_id = pdev->subsystem_device;
2441         karg.subsystem_vendor = pdev->subsystem_vendor;
2442         karg.devfn = pdev->devfn;
2443         karg.bus = pdev->bus->number;
2444
2445         /* Save the SCSI host no. if
2446          * SCSI driver loaded
2447          */
2448         if (ioc->sh != NULL)
2449                 karg.host_no = ioc->sh->host_no;
2450         else
2451                 karg.host_no =  -1;
2452
2453         /* Reformat the fw_version into a string
2454          */
2455         karg.fw_version[0] = ioc->facts.FWVersion.Struct.Major >= 10 ?
2456                 ((ioc->facts.FWVersion.Struct.Major / 10) + '0') : '0';
2457         karg.fw_version[1] = (ioc->facts.FWVersion.Struct.Major % 10 ) + '0';
2458         karg.fw_version[2] = '.';
2459         karg.fw_version[3] = ioc->facts.FWVersion.Struct.Minor >= 10 ?
2460                 ((ioc->facts.FWVersion.Struct.Minor / 10) + '0') : '0';
2461         karg.fw_version[4] = (ioc->facts.FWVersion.Struct.Minor % 10 ) + '0';
2462         karg.fw_version[5] = '.';
2463         karg.fw_version[6] = ioc->facts.FWVersion.Struct.Unit >= 10 ?
2464                 ((ioc->facts.FWVersion.Struct.Unit / 10) + '0') : '0';
2465         karg.fw_version[7] = (ioc->facts.FWVersion.Struct.Unit % 10 ) + '0';
2466         karg.fw_version[8] = '.';
2467         karg.fw_version[9] = ioc->facts.FWVersion.Struct.Dev >= 10 ?
2468                 ((ioc->facts.FWVersion.Struct.Dev / 10) + '0') : '0';
2469         karg.fw_version[10] = (ioc->facts.FWVersion.Struct.Dev % 10 ) + '0';
2470         karg.fw_version[11] = '\0';
2471
2472         /* Issue a config request to get the device serial number
2473          */
2474         hdr.PageVersion = 0;
2475         hdr.PageLength = 0;
2476         hdr.PageNumber = 0;
2477         hdr.PageType = MPI_CONFIG_PAGETYPE_MANUFACTURING;
2478         cfg.cfghdr.hdr = &hdr;
2479         cfg.physAddr = -1;
2480         cfg.pageAddr = 0;
2481         cfg.action = MPI_CONFIG_ACTION_PAGE_HEADER;
2482         cfg.dir = 0;    /* read */
2483         cfg.timeout = 10;
2484
2485         strncpy(karg.serial_number, " ", 24);
2486         if (mpt_config(ioc, &cfg) == 0) {
2487                 if (cfg.cfghdr.hdr->PageLength > 0) {
2488                         /* Issue the second config page request */
2489                         cfg.action = MPI_CONFIG_ACTION_PAGE_READ_CURRENT;
2490
2491                         pbuf = pci_alloc_consistent(ioc->pcidev, hdr.PageLength * 4, &buf_dma);
2492                         if (pbuf) {
2493                                 cfg.physAddr = buf_dma;
2494                                 if (mpt_config(ioc, &cfg) == 0) {
2495                                         ManufacturingPage0_t *pdata = (ManufacturingPage0_t *) pbuf;
2496                                         if (strlen(pdata->BoardTracerNumber) > 1) {
2497                                                 strncpy(karg.serial_number,                                                                         pdata->BoardTracerNumber, 24);
2498                                                 karg.serial_number[24-1]='\0';
2499                                         }
2500                                 }
2501                                 pci_free_consistent(ioc->pcidev, hdr.PageLength * 4, pbuf, buf_dma);
2502                                 pbuf = NULL;
2503                         }
2504                 }
2505         }
2506         rc = mpt_GetIocState(ioc, 1);
2507         switch (rc) {
2508         case MPI_IOC_STATE_OPERATIONAL:
2509                 karg.ioc_status =  HP_STATUS_OK;
2510                 break;
2511
2512         case MPI_IOC_STATE_FAULT:
2513                 karg.ioc_status =  HP_STATUS_FAILED;
2514                 break;
2515
2516         case MPI_IOC_STATE_RESET:
2517         case MPI_IOC_STATE_READY:
2518         default:
2519                 karg.ioc_status =  HP_STATUS_OTHER;
2520                 break;
2521         }
2522
2523         karg.base_io_addr = pci_resource_start(pdev, 0);
2524
2525         if ((ioc->bus_type == SAS) || (ioc->bus_type == FC))
2526                 karg.bus_phys_width = HP_BUS_WIDTH_UNK;
2527         else
2528                 karg.bus_phys_width = HP_BUS_WIDTH_16;
2529
2530         karg.hard_resets = 0;
2531         karg.soft_resets = 0;
2532         karg.timeouts = 0;
2533         if (ioc->sh != NULL) {
2534                 MPT_SCSI_HOST *hd =  shost_priv(ioc->sh);
2535
2536                 if (hd && (cim_rev == 1)) {
2537                         karg.hard_resets = ioc->hard_resets;
2538                         karg.soft_resets = ioc->soft_resets;
2539                         karg.timeouts = ioc->timeouts;
2540                 }
2541         }
2542
2543         /* 
2544          * Gather ISTWI(Industry Standard Two Wire Interface) Data
2545          */
2546         if ((mf = mpt_get_msg_frame(mptctl_id, ioc)) == NULL) {
2547                 dfailprintk(ioc, printk(MYIOC_s_WARN_FMT
2548                         "%s, no msg frames!!\n", ioc->name, __func__));
2549                 goto out;
2550         }
2551
2552         IstwiRWRequest = (ToolboxIstwiReadWriteRequest_t *)mf;
2553         mpi_hdr = (MPIHeader_t *) mf;
2554         memset(IstwiRWRequest,0,sizeof(ToolboxIstwiReadWriteRequest_t));
2555         IstwiRWRequest->Function = MPI_FUNCTION_TOOLBOX;
2556         IstwiRWRequest->Tool = MPI_TOOLBOX_ISTWI_READ_WRITE_TOOL;
2557         IstwiRWRequest->MsgContext = mpi_hdr->MsgContext;
2558         IstwiRWRequest->Flags = MPI_TB_ISTWI_FLAGS_READ;
2559         IstwiRWRequest->NumAddressBytes = 0x01;
2560         IstwiRWRequest->DataLength = cpu_to_le16(0x04);
2561         if (pdev->devfn & 1)
2562                 IstwiRWRequest->DeviceAddr = 0xB2;
2563         else
2564                 IstwiRWRequest->DeviceAddr = 0xB0;
2565
2566         pbuf = pci_alloc_consistent(ioc->pcidev, 4, &buf_dma);
2567         if (!pbuf)
2568                 goto out;
2569         ioc->add_sge((char *)&IstwiRWRequest->SGL,
2570             (MPT_SGE_FLAGS_SSIMPLE_READ|4), buf_dma);
2571
2572         retval = 0;
2573         SET_MGMT_MSG_CONTEXT(ioc->ioctl_cmds.msg_context,
2574                                 IstwiRWRequest->MsgContext);
2575         INITIALIZE_MGMT_STATUS(ioc->ioctl_cmds.status)
2576         mpt_put_msg_frame(mptctl_id, ioc, mf);
2577
2578 retry_wait:
2579         timeleft = wait_for_completion_timeout(&ioc->ioctl_cmds.done,
2580                         HZ*MPT_IOCTL_DEFAULT_TIMEOUT);
2581         if (!(ioc->ioctl_cmds.status & MPT_MGMT_STATUS_COMMAND_GOOD)) {
2582                 retval = -ETIME;
2583                 printk(MYIOC_s_WARN_FMT "%s: failed\n", ioc->name, __func__);
2584                 if (ioc->ioctl_cmds.status & MPT_MGMT_STATUS_DID_IOCRESET) {
2585                         mpt_free_msg_frame(ioc, mf);
2586                         goto out;
2587                 }
2588                 if (!timeleft)
2589                         mptctl_timeout_expired(ioc, mf);
2590                 else
2591                         goto retry_wait;
2592                 goto out;
2593         }
2594
2595         /*
2596          *ISTWI Data Definition
2597          * pbuf[0] = FW_VERSION = 0x4
2598          * pbuf[1] = Bay Count = 6 or 4 or 2, depending on
2599          *  the config, you should be seeing one out of these three values
2600          * pbuf[2] = Drive Installed Map = bit pattern depend on which
2601          *   bays have drives in them
2602          * pbuf[3] = Checksum (0x100 = (byte0 + byte2 + byte3)
2603          */
2604         if (ioc->ioctl_cmds.status & MPT_MGMT_STATUS_RF_VALID)
2605                 karg.rsvd = *(u32 *)pbuf;
2606
2607  out:
2608         CLEAR_MGMT_STATUS(ioc->ioctl_cmds.status)
2609         SET_MGMT_MSG_CONTEXT(ioc->ioctl_cmds.msg_context, 0);
2610
2611         if (pbuf)
2612                 pci_free_consistent(ioc->pcidev, 4, pbuf, buf_dma);
2613
2614         /* Copy the data from kernel memory to user memory
2615          */
2616         if (copy_to_user((char __user *)arg, &karg, sizeof(hp_host_info_t))) {
2617                 printk(MYIOC_s_ERR_FMT "%s@%d::mptctl_hpgethostinfo - "
2618                         "Unable to write out hp_host_info @ %p\n",
2619                         ioc->name, __FILE__, __LINE__, uarg);
2620                 return -EFAULT;
2621         }
2622
2623         return 0;
2624
2625 }
2626
2627 /*=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=*/
2628 /* Prototype Routine for the TARGET INFO command.
2629  *
2630  * Outputs:     None.
2631  * Return:      0 if successful
2632  *              -EFAULT if data unavailable
2633  *              -EBUSY  if previous command timeout and IOC reset is not complete.
2634  *              -ENODEV if no such device/adapter
2635  *              -ETIME  if timer expires
2636  *              -ENOMEM if memory allocation error
2637  */
2638 static int
2639 mptctl_hp_targetinfo(unsigned long arg)
2640 {
2641         hp_target_info_t __user *uarg = (void __user *) arg;
2642         SCSIDevicePage0_t       *pg0_alloc;
2643         SCSIDevicePage3_t       *pg3_alloc;
2644         MPT_ADAPTER             *ioc;
2645         MPT_SCSI_HOST           *hd = NULL;
2646         hp_target_info_t        karg;
2647         int                     iocnum;
2648         int                     data_sz;
2649         dma_addr_t              page_dma;
2650         CONFIGPARMS             cfg;
2651         ConfigPageHeader_t      hdr;
2652         int                     tmp, np, rc = 0;
2653
2654         if (copy_from_user(&karg, uarg, sizeof(hp_target_info_t))) {
2655                 printk(KERN_ERR MYNAM "%s@%d::mptctl_hp_targetinfo - "
2656                         "Unable to read in hp_host_targetinfo struct @ %p\n",
2657                                 __FILE__, __LINE__, uarg);
2658                 return -EFAULT;
2659         }
2660
2661         if (((iocnum = mpt_verify_adapter(karg.hdr.iocnum, &ioc)) < 0) ||
2662                 (ioc == NULL)) {
2663                 printk(KERN_DEBUG MYNAM "%s::mptctl_hp_targetinfo() @%d - ioc%d not found!\n",
2664                                 __FILE__, __LINE__, iocnum);
2665                 return -ENODEV;
2666         }
2667         dctlprintk(ioc, printk(MYIOC_s_DEBUG_FMT "mptctl_hp_targetinfo called.\n",
2668             ioc->name));
2669
2670         /*  There is nothing to do for FCP parts.
2671          */
2672         if ((ioc->bus_type == SAS) || (ioc->bus_type == FC))
2673                 return 0;
2674
2675         if ((ioc->spi_data.sdp0length == 0) || (ioc->sh == NULL))
2676                 return 0;
2677
2678         if (ioc->sh->host_no != karg.hdr.host)
2679                 return -ENODEV;
2680
2681        /* Get the data transfer speeds
2682         */
2683         data_sz = ioc->spi_data.sdp0length * 4;
2684         pg0_alloc = (SCSIDevicePage0_t *) pci_alloc_consistent(ioc->pcidev, data_sz, &page_dma);
2685         if (pg0_alloc) {
2686                 hdr.PageVersion = ioc->spi_data.sdp0version;
2687                 hdr.PageLength = data_sz;
2688                 hdr.PageNumber = 0;
2689                 hdr.PageType = MPI_CONFIG_PAGETYPE_SCSI_DEVICE;
2690
2691                 cfg.cfghdr.hdr = &hdr;
2692                 cfg.action = MPI_CONFIG_ACTION_PAGE_READ_CURRENT;
2693                 cfg.dir = 0;
2694                 cfg.timeout = 0;
2695                 cfg.physAddr = page_dma;
2696
2697                 cfg.pageAddr = (karg.hdr.channel << 8) | karg.hdr.id;
2698
2699                 if ((rc = mpt_config(ioc, &cfg)) == 0) {
2700                         np = le32_to_cpu(pg0_alloc->NegotiatedParameters);
2701                         karg.negotiated_width = np & MPI_SCSIDEVPAGE0_NP_WIDE ?
2702                                         HP_BUS_WIDTH_16 : HP_BUS_WIDTH_8;
2703
2704                         if (np & MPI_SCSIDEVPAGE0_NP_NEG_SYNC_OFFSET_MASK) {
2705                                 tmp = (np & MPI_SCSIDEVPAGE0_NP_NEG_SYNC_PERIOD_MASK) >> 8;
2706                                 if (tmp < 0x09)
2707                                         karg.negotiated_speed = HP_DEV_SPEED_ULTRA320;
2708                                 else if (tmp <= 0x09)
2709                                         karg.negotiated_speed = HP_DEV_SPEED_ULTRA160;
2710                                 else if (tmp <= 0x0A)
2711                                         karg.negotiated_speed = HP_DEV_SPEED_ULTRA2;
2712                                 else if (tmp <= 0x0C)
2713                                         karg.negotiated_speed = HP_DEV_SPEED_ULTRA;
2714                                 else if (tmp <= 0x25)
2715                                         karg.negotiated_speed = HP_DEV_SPEED_FAST;
2716                                 else
2717                                         karg.negotiated_speed = HP_DEV_SPEED_ASYNC;
2718                         } else
2719                                 karg.negotiated_speed = HP_DEV_SPEED_ASYNC;
2720                 }
2721
2722                 pci_free_consistent(ioc->pcidev, data_sz, (u8 *) pg0_alloc, page_dma);
2723         }
2724
2725         /* Set defaults
2726          */
2727         karg.message_rejects = -1;
2728         karg.phase_errors = -1;
2729         karg.parity_errors = -1;
2730         karg.select_timeouts = -1;
2731
2732         /* Get the target error parameters
2733          */
2734         hdr.PageVersion = 0;
2735         hdr.PageLength = 0;
2736         hdr.PageNumber = 3;
2737         hdr.PageType = MPI_CONFIG_PAGETYPE_SCSI_DEVICE;
2738
2739         cfg.cfghdr.hdr = &hdr;
2740         cfg.action = MPI_CONFIG_ACTION_PAGE_HEADER;
2741         cfg.dir = 0;
2742         cfg.timeout = 0;
2743         cfg.physAddr = -1;
2744         if ((mpt_config(ioc, &cfg) == 0) && (cfg.cfghdr.hdr->PageLength > 0)) {
2745                 /* Issue the second config page request */
2746                 cfg.action = MPI_CONFIG_ACTION_PAGE_READ_CURRENT;
2747                 data_sz = (int) cfg.cfghdr.hdr->PageLength * 4;
2748                 pg3_alloc = (SCSIDevicePage3_t *) pci_alloc_consistent(
2749                                                         ioc->pcidev, data_sz, &page_dma);
2750                 if (pg3_alloc) {
2751                         cfg.physAddr = page_dma;
2752                         cfg.pageAddr = (karg.hdr.channel << 8) | karg.hdr.id;
2753                         if ((rc = mpt_config(ioc, &cfg)) == 0) {
2754                                 karg.message_rejects = (u32) le16_to_cpu(pg3_alloc->MsgRejectCount);
2755                                 karg.phase_errors = (u32) le16_to_cpu(pg3_alloc->PhaseErrorCount);
2756                                 karg.parity_errors = (u32) le16_to_cpu(pg3_alloc->ParityErrorCount);
2757                         }
2758                         pci_free_consistent(ioc->pcidev, data_sz, (u8 *) pg3_alloc, page_dma);
2759                 }
2760         }
2761         hd = shost_priv(ioc->sh);
2762         if (hd != NULL)
2763                 karg.select_timeouts = hd->sel_timeout[karg.hdr.id];
2764
2765         /* Copy the data from kernel memory to user memory
2766          */
2767         if (copy_to_user((char __user *)arg, &karg, sizeof(hp_target_info_t))) {
2768                 printk(MYIOC_s_ERR_FMT "%s@%d::mptctl_hp_target_info - "
2769                         "Unable to write out mpt_ioctl_targetinfo struct @ %p\n",
2770                         ioc->name, __FILE__, __LINE__, uarg);
2771                 return -EFAULT;
2772         }
2773
2774         return 0;
2775 }
2776
2777 /*=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=*/
2778
2779 static const struct file_operations mptctl_fops = {
2780         .owner =        THIS_MODULE,
2781         .llseek =       no_llseek,
2782         .fasync =       mptctl_fasync,
2783         .unlocked_ioctl = mptctl_ioctl,
2784 #ifdef CONFIG_COMPAT
2785         .compat_ioctl = compat_mpctl_ioctl,
2786 #endif
2787 };
2788
2789 static struct miscdevice mptctl_miscdev = {
2790         MPT_MINOR,
2791         MYNAM,
2792         &mptctl_fops
2793 };
2794
2795 /*=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=*/
2796
2797 #ifdef CONFIG_COMPAT
2798
2799 static int
2800 compat_mptfwxfer_ioctl(struct file *filp, unsigned int cmd,
2801                         unsigned long arg)
2802 {
2803         struct mpt_fw_xfer32 kfw32;
2804         struct mpt_fw_xfer kfw;
2805         MPT_ADAPTER *iocp = NULL;
2806         int iocnum, iocnumX;
2807         int nonblock = (filp->f_flags & O_NONBLOCK);
2808         int ret;
2809
2810
2811         if (copy_from_user(&kfw32, (char __user *)arg, sizeof(kfw32)))
2812                 return -EFAULT;
2813
2814         /* Verify intended MPT adapter */
2815         iocnumX = kfw32.iocnum & 0xFF;
2816         if (((iocnum = mpt_verify_adapter(iocnumX, &iocp)) < 0) ||
2817             (iocp == NULL)) {
2818                 printk(KERN_DEBUG MYNAM "::compat_mptfwxfer_ioctl @%d - ioc%d not found!\n",
2819                         __LINE__, iocnumX);
2820                 return -ENODEV;
2821         }
2822
2823         if ((ret = mptctl_syscall_down(iocp, nonblock)) != 0)
2824                 return ret;
2825
2826         dctlprintk(iocp, printk(MYIOC_s_DEBUG_FMT "compat_mptfwxfer_ioctl() called\n",
2827             iocp->name));
2828         kfw.iocnum = iocnum;
2829         kfw.fwlen = kfw32.fwlen;
2830         kfw.bufp = compat_ptr(kfw32.bufp);
2831
2832         ret = mptctl_do_fw_download(kfw.iocnum, kfw.bufp, kfw.fwlen);
2833
2834         mutex_unlock(&iocp->ioctl_cmds.mutex);
2835
2836         return ret;
2837 }
2838
2839 static int
2840 compat_mpt_command(struct file *filp, unsigned int cmd,
2841                         unsigned long arg)
2842 {
2843         struct mpt_ioctl_command32 karg32;
2844         struct mpt_ioctl_command32 __user *uarg = (struct mpt_ioctl_command32 __user *) arg;
2845         struct mpt_ioctl_command karg;
2846         MPT_ADAPTER *iocp = NULL;
2847         int iocnum, iocnumX;
2848         int nonblock = (filp->f_flags & O_NONBLOCK);
2849         int ret;
2850
2851         if (copy_from_user(&karg32, (char __user *)arg, sizeof(karg32)))
2852                 return -EFAULT;
2853
2854         /* Verify intended MPT adapter */
2855         iocnumX = karg32.hdr.iocnum & 0xFF;
2856         if (((iocnum = mpt_verify_adapter(iocnumX, &iocp)) < 0) ||
2857             (iocp == NULL)) {
2858                 printk(KERN_DEBUG MYNAM "::compat_mpt_command @%d - ioc%d not found!\n",
2859                         __LINE__, iocnumX);
2860                 return -ENODEV;
2861         }
2862
2863         if ((ret = mptctl_syscall_down(iocp, nonblock)) != 0)
2864                 return ret;
2865
2866         dctlprintk(iocp, printk(MYIOC_s_DEBUG_FMT "compat_mpt_command() called\n",
2867             iocp->name));
2868         /* Copy data to karg */
2869         karg.hdr.iocnum = karg32.hdr.iocnum;
2870         karg.hdr.port = karg32.hdr.port;
2871         karg.timeout = karg32.timeout;
2872         karg.maxReplyBytes = karg32.maxReplyBytes;
2873
2874         karg.dataInSize = karg32.dataInSize;
2875         karg.dataOutSize = karg32.dataOutSize;
2876         karg.maxSenseBytes = karg32.maxSenseBytes;
2877         karg.dataSgeOffset = karg32.dataSgeOffset;
2878
2879         karg.replyFrameBufPtr = (char __user *)(unsigned long)karg32.replyFrameBufPtr;
2880         karg.dataInBufPtr = (char __user *)(unsigned long)karg32.dataInBufPtr;
2881         karg.dataOutBufPtr = (char __user *)(unsigned long)karg32.dataOutBufPtr;
2882         karg.senseDataPtr = (char __user *)(unsigned long)karg32.senseDataPtr;
2883
2884         /* Pass new structure to do_mpt_command
2885          */
2886         ret = mptctl_do_mpt_command (karg, &uarg->MF);
2887
2888         mutex_unlock(&iocp->ioctl_cmds.mutex);
2889
2890         return ret;
2891 }
2892
2893 static long compat_mpctl_ioctl(struct file *f, unsigned int cmd, unsigned long arg)
2894 {
2895         long ret;
2896         lock_kernel();
2897         switch (cmd) {
2898         case MPTIOCINFO:
2899         case MPTIOCINFO1:
2900         case MPTIOCINFO2:
2901         case MPTTARGETINFO:
2902         case MPTEVENTQUERY:
2903         case MPTEVENTENABLE:
2904         case MPTEVENTREPORT:
2905         case MPTHARDRESET:
2906         case HP_GETHOSTINFO:
2907         case HP_GETTARGETINFO:
2908         case MPTTEST:
2909                 ret = __mptctl_ioctl(f, cmd, arg);
2910                 break;
2911         case MPTCOMMAND32:
2912                 ret = compat_mpt_command(f, cmd, arg);
2913                 break;
2914         case MPTFWDOWNLOAD32:
2915                 ret = compat_mptfwxfer_ioctl(f, cmd, arg);
2916                 break;
2917         default:
2918                 ret = -ENOIOCTLCMD;
2919                 break;
2920         }
2921         unlock_kernel();
2922         return ret;
2923 }
2924
2925 #endif
2926
2927
2928 /*=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=*/
2929 /*
2930  *      mptctl_probe - Installs ioctl devices per bus.
2931  *      @pdev: Pointer to pci_dev structure
2932  *
2933  *      Returns 0 for success, non-zero for failure.
2934  *
2935  */
2936
2937 static int
2938 mptctl_probe(struct pci_dev *pdev, const struct pci_device_id *id)
2939 {
2940         MPT_ADAPTER *ioc = pci_get_drvdata(pdev);
2941
2942         mutex_init(&ioc->ioctl_cmds.mutex);
2943         init_completion(&ioc->ioctl_cmds.done);
2944         return 0;
2945 }
2946
2947 /*=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=*/
2948 /*
2949  *      mptctl_remove - Removed ioctl devices
2950  *      @pdev: Pointer to pci_dev structure
2951  *
2952  *
2953  */
2954 static void
2955 mptctl_remove(struct pci_dev *pdev)
2956 {
2957 }
2958
2959 static struct mpt_pci_driver mptctl_driver = {
2960   .probe                = mptctl_probe,
2961   .remove               = mptctl_remove,
2962 };
2963
2964 /*=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=*/
2965 static int __init mptctl_init(void)
2966 {
2967         int err;
2968         int where = 1;
2969
2970         show_mptmod_ver(my_NAME, my_VERSION);
2971
2972         mpt_device_driver_register(&mptctl_driver, MPTCTL_DRIVER);
2973
2974         /* Register this device */
2975         err = misc_register(&mptctl_miscdev);
2976         if (err < 0) {
2977                 printk(KERN_ERR MYNAM ": Can't register misc device [minor=%d].\n", MPT_MINOR);
2978                 goto out_fail;
2979         }
2980         printk(KERN_INFO MYNAM ": Registered with Fusion MPT base driver\n");
2981         printk(KERN_INFO MYNAM ": /dev/%s @ (major,minor=%d,%d)\n",
2982                          mptctl_miscdev.name, MISC_MAJOR, mptctl_miscdev.minor);
2983
2984         /*
2985          *  Install our handler
2986          */
2987         ++where;
2988         mptctl_id = mpt_register(mptctl_reply, MPTCTL_DRIVER);
2989         if (!mptctl_id || mptctl_id >= MPT_MAX_PROTOCOL_DRIVERS) {
2990                 printk(KERN_ERR MYNAM ": ERROR: Failed to register with Fusion MPT base driver\n");
2991                 misc_deregister(&mptctl_miscdev);
2992                 err = -EBUSY;
2993                 goto out_fail;
2994         }
2995
2996         mptctl_taskmgmt_id = mpt_register(mptctl_taskmgmt_reply, MPTCTL_DRIVER);
2997         mpt_reset_register(mptctl_id, mptctl_ioc_reset);
2998         mpt_event_register(mptctl_id, mptctl_event_process);
2999
3000         return 0;
3001
3002 out_fail:
3003
3004         mpt_device_driver_deregister(MPTCTL_DRIVER);
3005
3006         return err;
3007 }
3008
3009 /*=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=*/
3010 static void mptctl_exit(void)
3011 {
3012         misc_deregister(&mptctl_miscdev);
3013         printk(KERN_INFO MYNAM ": Deregistered /dev/%s @ (major,minor=%d,%d)\n",
3014                          mptctl_miscdev.name, MISC_MAJOR, mptctl_miscdev.minor);
3015
3016         /* De-register reset handler from base module */
3017         mpt_reset_deregister(mptctl_id);
3018
3019         /* De-register callback handler from base module */
3020         mpt_deregister(mptctl_id);
3021         mpt_reset_deregister(mptctl_taskmgmt_id);
3022
3023         mpt_device_driver_deregister(MPTCTL_DRIVER);
3024
3025 }
3026
3027 /*=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=*/
3028
3029 module_init(mptctl_init);
3030 module_exit(mptctl_exit);