cmd640: fix deadlock on error handling
[linux-2.6] / drivers / ide / ide-taskfile.c
1 /*
2  * linux/drivers/ide/ide-taskfile.c     Version 0.38    March 05, 2003
3  *
4  *  Copyright (C) 2000-2002     Michael Cornwell <cornwell@acm.org>
5  *  Copyright (C) 2000-2002     Andre Hedrick <andre@linux-ide.org>
6  *  Copyright (C) 2001-2002     Klaus Smolin
7  *                                      IBM Storage Technology Division
8  *  Copyright (C) 2003-2004     Bartlomiej Zolnierkiewicz
9  *
10  *  The big the bad and the ugly.
11  *
12  *  Problems to be fixed because of BH interface or the lack therefore.
13  *
14  *  Fill me in stupid !!!
15  *
16  *  HOST:
17  *      General refers to the Controller and Driver "pair".
18  *  DATA HANDLER:
19  *      Under the context of Linux it generally refers to an interrupt handler.
20  *      However, it correctly describes the 'HOST'
21  *  DATA BLOCK:
22  *      The amount of data needed to be transfered as predefined in the
23  *      setup of the device.
24  *  STORAGE ATOMIC:
25  *      The 'DATA BLOCK' associated to the 'DATA HANDLER', and can be as
26  *      small as a single sector or as large as the entire command block
27  *      request.
28  */
29
30 #include <linux/module.h>
31 #include <linux/types.h>
32 #include <linux/string.h>
33 #include <linux/kernel.h>
34 #include <linux/timer.h>
35 #include <linux/mm.h>
36 #include <linux/sched.h>
37 #include <linux/interrupt.h>
38 #include <linux/major.h>
39 #include <linux/errno.h>
40 #include <linux/genhd.h>
41 #include <linux/blkpg.h>
42 #include <linux/slab.h>
43 #include <linux/pci.h>
44 #include <linux/delay.h>
45 #include <linux/hdreg.h>
46 #include <linux/ide.h>
47 #include <linux/bitops.h>
48 #include <linux/scatterlist.h>
49
50 #include <asm/byteorder.h>
51 #include <asm/irq.h>
52 #include <asm/uaccess.h>
53 #include <asm/io.h>
54
55 static void ata_bswap_data (void *buffer, int wcount)
56 {
57         u16 *p = buffer;
58
59         while (wcount--) {
60                 *p = *p << 8 | *p >> 8; p++;
61                 *p = *p << 8 | *p >> 8; p++;
62         }
63 }
64
65 static void taskfile_input_data(ide_drive_t *drive, void *buffer, u32 wcount)
66 {
67         HWIF(drive)->ata_input_data(drive, buffer, wcount);
68         if (drive->bswap)
69                 ata_bswap_data(buffer, wcount);
70 }
71
72 static void taskfile_output_data(ide_drive_t *drive, void *buffer, u32 wcount)
73 {
74         if (drive->bswap) {
75                 ata_bswap_data(buffer, wcount);
76                 HWIF(drive)->ata_output_data(drive, buffer, wcount);
77                 ata_bswap_data(buffer, wcount);
78         } else {
79                 HWIF(drive)->ata_output_data(drive, buffer, wcount);
80         }
81 }
82
83 int taskfile_lib_get_identify (ide_drive_t *drive, u8 *buf)
84 {
85         ide_task_t args;
86         memset(&args, 0, sizeof(ide_task_t));
87         args.tfRegister[IDE_NSECTOR_OFFSET]     = 0x01;
88         if (drive->media == ide_disk)
89                 args.tfRegister[IDE_COMMAND_OFFSET]     = WIN_IDENTIFY;
90         else
91                 args.tfRegister[IDE_COMMAND_OFFSET]     = WIN_PIDENTIFY;
92         args.command_type = IDE_DRIVE_TASK_IN;
93         args.data_phase   = TASKFILE_IN;
94         args.handler      = &task_in_intr;
95         return ide_raw_taskfile(drive, &args, buf);
96 }
97
98 ide_startstop_t do_rw_taskfile (ide_drive_t *drive, ide_task_t *task)
99 {
100         ide_hwif_t *hwif        = HWIF(drive);
101         task_struct_t *taskfile = (task_struct_t *) task->tfRegister;
102         hob_struct_t *hobfile   = (hob_struct_t *) task->hobRegister;
103         u8 HIHI                 = (drive->addressing == 1) ? 0xE0 : 0xEF;
104
105         /* ALL Command Block Executions SHALL clear nIEN, unless otherwise */
106         if (IDE_CONTROL_REG) {
107                 /* clear nIEN */
108                 hwif->OUTB(drive->ctl, IDE_CONTROL_REG);
109         }
110         SELECT_MASK(drive, 0);
111
112         if (drive->addressing == 1) {
113                 hwif->OUTB(hobfile->feature, IDE_FEATURE_REG);
114                 hwif->OUTB(hobfile->sector_count, IDE_NSECTOR_REG);
115                 hwif->OUTB(hobfile->sector_number, IDE_SECTOR_REG);
116                 hwif->OUTB(hobfile->low_cylinder, IDE_LCYL_REG);
117                 hwif->OUTB(hobfile->high_cylinder, IDE_HCYL_REG);
118         }
119
120         hwif->OUTB(taskfile->feature, IDE_FEATURE_REG);
121         hwif->OUTB(taskfile->sector_count, IDE_NSECTOR_REG);
122         hwif->OUTB(taskfile->sector_number, IDE_SECTOR_REG);
123         hwif->OUTB(taskfile->low_cylinder, IDE_LCYL_REG);
124         hwif->OUTB(taskfile->high_cylinder, IDE_HCYL_REG);
125
126         hwif->OUTB((taskfile->device_head & HIHI) | drive->select.all, IDE_SELECT_REG);
127
128         if (task->handler != NULL) {
129                 if (task->prehandler != NULL) {
130                         hwif->OUTBSYNC(drive, taskfile->command, IDE_COMMAND_REG);
131                         ndelay(400);    /* FIXME */
132                         return task->prehandler(drive, task->rq);
133                 }
134                 ide_execute_command(drive, taskfile->command, task->handler, WAIT_WORSTCASE, NULL);
135                 return ide_started;
136         }
137
138         if (!drive->using_dma)
139                 return ide_stopped;
140
141         switch (taskfile->command) {
142                 case WIN_WRITEDMA_ONCE:
143                 case WIN_WRITEDMA:
144                 case WIN_WRITEDMA_EXT:
145                 case WIN_READDMA_ONCE:
146                 case WIN_READDMA:
147                 case WIN_READDMA_EXT:
148                 case WIN_IDENTIFY_DMA:
149                         if (!hwif->dma_setup(drive)) {
150                                 hwif->dma_exec_cmd(drive, taskfile->command);
151                                 hwif->dma_start(drive);
152                                 return ide_started;
153                         }
154                         break;
155                 default:
156                         if (task->handler == NULL)
157                                 return ide_stopped;
158         }
159
160         return ide_stopped;
161 }
162
163 /*
164  * set_multmode_intr() is invoked on completion of a WIN_SETMULT cmd.
165  */
166 ide_startstop_t set_multmode_intr (ide_drive_t *drive)
167 {
168         ide_hwif_t *hwif = HWIF(drive);
169         u8 stat;
170
171         if (OK_STAT(stat = hwif->INB(IDE_STATUS_REG),READY_STAT,BAD_STAT)) {
172                 drive->mult_count = drive->mult_req;
173         } else {
174                 drive->mult_req = drive->mult_count = 0;
175                 drive->special.b.recalibrate = 1;
176                 (void) ide_dump_status(drive, "set_multmode", stat);
177         }
178         return ide_stopped;
179 }
180
181 /*
182  * set_geometry_intr() is invoked on completion of a WIN_SPECIFY cmd.
183  */
184 ide_startstop_t set_geometry_intr (ide_drive_t *drive)
185 {
186         ide_hwif_t *hwif = HWIF(drive);
187         int retries = 5;
188         u8 stat;
189
190         while (((stat = hwif->INB(IDE_STATUS_REG)) & BUSY_STAT) && retries--)
191                 udelay(10);
192
193         if (OK_STAT(stat, READY_STAT, BAD_STAT))
194                 return ide_stopped;
195
196         if (stat & (ERR_STAT|DRQ_STAT))
197                 return ide_error(drive, "set_geometry_intr", stat);
198
199         BUG_ON(HWGROUP(drive)->handler != NULL);
200         ide_set_handler(drive, &set_geometry_intr, WAIT_WORSTCASE, NULL);
201         return ide_started;
202 }
203
204 /*
205  * recal_intr() is invoked on completion of a WIN_RESTORE (recalibrate) cmd.
206  */
207 ide_startstop_t recal_intr (ide_drive_t *drive)
208 {
209         ide_hwif_t *hwif = HWIF(drive);
210         u8 stat;
211
212         if (!OK_STAT(stat = hwif->INB(IDE_STATUS_REG), READY_STAT, BAD_STAT))
213                 return ide_error(drive, "recal_intr", stat);
214         return ide_stopped;
215 }
216
217 /*
218  * Handler for commands without a data phase
219  */
220 ide_startstop_t task_no_data_intr (ide_drive_t *drive)
221 {
222         ide_task_t *args        = HWGROUP(drive)->rq->special;
223         ide_hwif_t *hwif        = HWIF(drive);
224         u8 stat;
225
226         local_irq_enable_in_hardirq();
227         if (!OK_STAT(stat = hwif->INB(IDE_STATUS_REG),READY_STAT,BAD_STAT)) {
228                 return ide_error(drive, "task_no_data_intr", stat);
229                 /* calls ide_end_drive_cmd */
230         }
231         if (args)
232                 ide_end_drive_cmd(drive, stat, hwif->INB(IDE_ERROR_REG));
233
234         return ide_stopped;
235 }
236
237 EXPORT_SYMBOL(task_no_data_intr);
238
239 static u8 wait_drive_not_busy(ide_drive_t *drive)
240 {
241         ide_hwif_t *hwif = HWIF(drive);
242         int retries;
243         u8 stat;
244
245         /*
246          * Last sector was transfered, wait until drive is ready.
247          * This can take up to 10 usec, but we will wait max 1 ms
248          * (drive_cmd_intr() waits that long).
249          */
250         for (retries = 0; retries < 100; retries++) {
251                 if ((stat = hwif->INB(IDE_STATUS_REG)) & BUSY_STAT)
252                         udelay(10);
253                 else
254                         break;
255         }
256
257         if (stat & BUSY_STAT)
258                 printk(KERN_ERR "%s: drive still BUSY!\n", drive->name);
259
260         return stat;
261 }
262
263 static void ide_pio_sector(ide_drive_t *drive, unsigned int write)
264 {
265         ide_hwif_t *hwif = drive->hwif;
266         struct scatterlist *sg = hwif->sg_table;
267         struct scatterlist *cursg = hwif->cursg;
268         struct page *page;
269 #ifdef CONFIG_HIGHMEM
270         unsigned long flags;
271 #endif
272         unsigned int offset;
273         u8 *buf;
274
275         cursg = hwif->cursg;
276         if (!cursg) {
277                 cursg = sg;
278                 hwif->cursg = sg;
279         }
280
281         page = cursg->page;
282         offset = cursg->offset + hwif->cursg_ofs * SECTOR_SIZE;
283
284         /* get the current page and offset */
285         page = nth_page(page, (offset >> PAGE_SHIFT));
286         offset %= PAGE_SIZE;
287
288 #ifdef CONFIG_HIGHMEM
289         local_irq_save(flags);
290 #endif
291         buf = kmap_atomic(page, KM_BIO_SRC_IRQ) + offset;
292
293         hwif->nleft--;
294         hwif->cursg_ofs++;
295
296         if ((hwif->cursg_ofs * SECTOR_SIZE) == cursg->length) {
297                 hwif->cursg = sg_next(hwif->cursg);
298                 hwif->cursg_ofs = 0;
299         }
300
301         /* do the actual data transfer */
302         if (write)
303                 taskfile_output_data(drive, buf, SECTOR_WORDS);
304         else
305                 taskfile_input_data(drive, buf, SECTOR_WORDS);
306
307         kunmap_atomic(buf, KM_BIO_SRC_IRQ);
308 #ifdef CONFIG_HIGHMEM
309         local_irq_restore(flags);
310 #endif
311 }
312
313 static void ide_pio_multi(ide_drive_t *drive, unsigned int write)
314 {
315         unsigned int nsect;
316
317         nsect = min_t(unsigned int, drive->hwif->nleft, drive->mult_count);
318         while (nsect--)
319                 ide_pio_sector(drive, write);
320 }
321
322 static void ide_pio_datablock(ide_drive_t *drive, struct request *rq,
323                                      unsigned int write)
324 {
325         if (rq->bio)    /* fs request */
326                 rq->errors = 0;
327
328         touch_softlockup_watchdog();
329
330         switch (drive->hwif->data_phase) {
331         case TASKFILE_MULTI_IN:
332         case TASKFILE_MULTI_OUT:
333                 ide_pio_multi(drive, write);
334                 break;
335         default:
336                 ide_pio_sector(drive, write);
337                 break;
338         }
339 }
340
341 static ide_startstop_t task_error(ide_drive_t *drive, struct request *rq,
342                                   const char *s, u8 stat)
343 {
344         if (rq->bio) {
345                 ide_hwif_t *hwif = drive->hwif;
346                 int sectors = hwif->nsect - hwif->nleft;
347
348                 switch (hwif->data_phase) {
349                 case TASKFILE_IN:
350                         if (hwif->nleft)
351                                 break;
352                         /* fall through */
353                 case TASKFILE_OUT:
354                         sectors--;
355                         break;
356                 case TASKFILE_MULTI_IN:
357                         if (hwif->nleft)
358                                 break;
359                         /* fall through */
360                 case TASKFILE_MULTI_OUT:
361                         sectors -= drive->mult_count;
362                 default:
363                         break;
364                 }
365
366                 if (sectors > 0) {
367                         ide_driver_t *drv;
368
369                         drv = *(ide_driver_t **)rq->rq_disk->private_data;
370                         drv->end_request(drive, 1, sectors);
371                 }
372         }
373         return ide_error(drive, s, stat);
374 }
375
376 static void task_end_request(ide_drive_t *drive, struct request *rq, u8 stat)
377 {
378         HWIF(drive)->cursg = NULL;
379
380         if (rq->cmd_type == REQ_TYPE_ATA_TASKFILE) {
381                 ide_task_t *task = rq->special;
382
383                 if (task->tf_out_flags.all) {
384                         u8 err = drive->hwif->INB(IDE_ERROR_REG);
385                         ide_end_drive_cmd(drive, stat, err);
386                         return;
387                 }
388         }
389
390         if (rq->rq_disk) {
391                 ide_driver_t *drv;
392
393                 drv = *(ide_driver_t **)rq->rq_disk->private_data;;
394                 drv->end_request(drive, 1, rq->hard_nr_sectors);
395         } else
396                 ide_end_request(drive, 1, rq->hard_nr_sectors);
397 }
398
399 /*
400  * Handler for command with PIO data-in phase (Read/Read Multiple).
401  */
402 ide_startstop_t task_in_intr (ide_drive_t *drive)
403 {
404         ide_hwif_t *hwif = drive->hwif;
405         struct request *rq = HWGROUP(drive)->rq;
406         u8 stat = hwif->INB(IDE_STATUS_REG);
407
408         /* new way for dealing with premature shared PCI interrupts */
409         if (!OK_STAT(stat, DATA_READY, BAD_R_STAT)) {
410                 if (stat & (ERR_STAT | DRQ_STAT))
411                         return task_error(drive, rq, __FUNCTION__, stat);
412                 /* No data yet, so wait for another IRQ. */
413                 ide_set_handler(drive, &task_in_intr, WAIT_WORSTCASE, NULL);
414                 return ide_started;
415         }
416
417         ide_pio_datablock(drive, rq, 0);
418
419         /* If it was the last datablock check status and finish transfer. */
420         if (!hwif->nleft) {
421                 stat = wait_drive_not_busy(drive);
422                 if (!OK_STAT(stat, 0, BAD_R_STAT))
423                         return task_error(drive, rq, __FUNCTION__, stat);
424                 task_end_request(drive, rq, stat);
425                 return ide_stopped;
426         }
427
428         /* Still data left to transfer. */
429         ide_set_handler(drive, &task_in_intr, WAIT_WORSTCASE, NULL);
430
431         return ide_started;
432 }
433 EXPORT_SYMBOL(task_in_intr);
434
435 /*
436  * Handler for command with PIO data-out phase (Write/Write Multiple).
437  */
438 static ide_startstop_t task_out_intr (ide_drive_t *drive)
439 {
440         ide_hwif_t *hwif = drive->hwif;
441         struct request *rq = HWGROUP(drive)->rq;
442         u8 stat = hwif->INB(IDE_STATUS_REG);
443
444         if (!OK_STAT(stat, DRIVE_READY, drive->bad_wstat))
445                 return task_error(drive, rq, __FUNCTION__, stat);
446
447         /* Deal with unexpected ATA data phase. */
448         if (((stat & DRQ_STAT) == 0) ^ !hwif->nleft)
449                 return task_error(drive, rq, __FUNCTION__, stat);
450
451         if (!hwif->nleft) {
452                 task_end_request(drive, rq, stat);
453                 return ide_stopped;
454         }
455
456         /* Still data left to transfer. */
457         ide_pio_datablock(drive, rq, 1);
458         ide_set_handler(drive, &task_out_intr, WAIT_WORSTCASE, NULL);
459
460         return ide_started;
461 }
462
463 ide_startstop_t pre_task_out_intr (ide_drive_t *drive, struct request *rq)
464 {
465         ide_startstop_t startstop;
466
467         if (ide_wait_stat(&startstop, drive, DATA_READY,
468                           drive->bad_wstat, WAIT_DRQ)) {
469                 printk(KERN_ERR "%s: no DRQ after issuing %sWRITE%s\n",
470                                 drive->name,
471                                 drive->hwif->data_phase ? "MULT" : "",
472                                 drive->addressing ? "_EXT" : "");
473                 return startstop;
474         }
475
476         if (!drive->unmask)
477                 local_irq_disable();
478
479         ide_set_handler(drive, &task_out_intr, WAIT_WORSTCASE, NULL);
480         ide_pio_datablock(drive, rq, 1);
481
482         return ide_started;
483 }
484 EXPORT_SYMBOL(pre_task_out_intr);
485
486 static int ide_diag_taskfile(ide_drive_t *drive, ide_task_t *args, unsigned long data_size, u8 *buf)
487 {
488         struct request rq;
489
490         memset(&rq, 0, sizeof(rq));
491         rq.cmd_type = REQ_TYPE_ATA_TASKFILE;
492         rq.buffer = buf;
493
494         /*
495          * (ks) We transfer currently only whole sectors.
496          * This is suffient for now.  But, it would be great,
497          * if we would find a solution to transfer any size.
498          * To support special commands like READ LONG.
499          */
500         if (args->command_type != IDE_DRIVE_TASK_NO_DATA) {
501                 if (data_size == 0)
502                         rq.nr_sectors = (args->hobRegister[IDE_NSECTOR_OFFSET] << 8) | args->tfRegister[IDE_NSECTOR_OFFSET];
503                 else
504                         rq.nr_sectors = data_size / SECTOR_SIZE;
505
506                 if (!rq.nr_sectors) {
507                         printk(KERN_ERR "%s: in/out command without data\n",
508                                         drive->name);
509                         return -EFAULT;
510                 }
511
512                 rq.hard_nr_sectors = rq.nr_sectors;
513                 rq.hard_cur_sectors = rq.current_nr_sectors = rq.nr_sectors;
514
515                 if (args->command_type == IDE_DRIVE_TASK_RAW_WRITE)
516                         rq.cmd_flags |= REQ_RW;
517         }
518
519         rq.special = args;
520         args->rq = &rq;
521         return ide_do_drive_cmd(drive, &rq, ide_wait);
522 }
523
524 int ide_raw_taskfile (ide_drive_t *drive, ide_task_t *args, u8 *buf)
525 {
526         return ide_diag_taskfile(drive, args, 0, buf);
527 }
528
529 EXPORT_SYMBOL(ide_raw_taskfile);
530
531 int ide_taskfile_ioctl (ide_drive_t *drive, unsigned int cmd, unsigned long arg)
532 {
533         ide_task_request_t      *req_task;
534         ide_task_t              args;
535         u8 *outbuf              = NULL;
536         u8 *inbuf               = NULL;
537         task_ioreg_t *argsptr   = args.tfRegister;
538         task_ioreg_t *hobsptr   = args.hobRegister;
539         int err                 = 0;
540         int tasksize            = sizeof(struct ide_task_request_s);
541         unsigned int taskin     = 0;
542         unsigned int taskout    = 0;
543         u8 io_32bit             = drive->io_32bit;
544         char __user *buf = (char __user *)arg;
545
546 //      printk("IDE Taskfile ...\n");
547
548         req_task = kzalloc(tasksize, GFP_KERNEL);
549         if (req_task == NULL) return -ENOMEM;
550         if (copy_from_user(req_task, buf, tasksize)) {
551                 kfree(req_task);
552                 return -EFAULT;
553         }
554
555         taskout = req_task->out_size;
556         taskin  = req_task->in_size;
557         
558         if (taskin > 65536 || taskout > 65536) {
559                 err = -EINVAL;
560                 goto abort;
561         }
562
563         if (taskout) {
564                 int outtotal = tasksize;
565                 outbuf = kzalloc(taskout, GFP_KERNEL);
566                 if (outbuf == NULL) {
567                         err = -ENOMEM;
568                         goto abort;
569                 }
570                 if (copy_from_user(outbuf, buf + outtotal, taskout)) {
571                         err = -EFAULT;
572                         goto abort;
573                 }
574         }
575
576         if (taskin) {
577                 int intotal = tasksize + taskout;
578                 inbuf = kzalloc(taskin, GFP_KERNEL);
579                 if (inbuf == NULL) {
580                         err = -ENOMEM;
581                         goto abort;
582                 }
583                 if (copy_from_user(inbuf, buf + intotal, taskin)) {
584                         err = -EFAULT;
585                         goto abort;
586                 }
587         }
588
589         memset(&args, 0, sizeof(ide_task_t));
590         memcpy(argsptr, req_task->io_ports, HDIO_DRIVE_TASK_HDR_SIZE);
591         memcpy(hobsptr, req_task->hob_ports, HDIO_DRIVE_HOB_HDR_SIZE);
592
593         args.tf_in_flags  = req_task->in_flags;
594         args.tf_out_flags = req_task->out_flags;
595         args.data_phase   = req_task->data_phase;
596         args.command_type = req_task->req_cmd;
597
598         drive->io_32bit = 0;
599         switch(req_task->data_phase) {
600                 case TASKFILE_OUT_DMAQ:
601                 case TASKFILE_OUT_DMA:
602                         err = ide_diag_taskfile(drive, &args, taskout, outbuf);
603                         break;
604                 case TASKFILE_IN_DMAQ:
605                 case TASKFILE_IN_DMA:
606                         err = ide_diag_taskfile(drive, &args, taskin, inbuf);
607                         break;
608                 case TASKFILE_MULTI_OUT:
609                         if (!drive->mult_count) {
610                                 /* (hs): give up if multcount is not set */
611                                 printk(KERN_ERR "%s: %s Multimode Write " \
612                                         "multcount is not set\n",
613                                         drive->name, __FUNCTION__);
614                                 err = -EPERM;
615                                 goto abort;
616                         }
617                         /* fall through */
618                 case TASKFILE_OUT:
619                         args.prehandler = &pre_task_out_intr;
620                         args.handler = &task_out_intr;
621                         err = ide_diag_taskfile(drive, &args, taskout, outbuf);
622                         break;
623                 case TASKFILE_MULTI_IN:
624                         if (!drive->mult_count) {
625                                 /* (hs): give up if multcount is not set */
626                                 printk(KERN_ERR "%s: %s Multimode Read failure " \
627                                         "multcount is not set\n",
628                                         drive->name, __FUNCTION__);
629                                 err = -EPERM;
630                                 goto abort;
631                         }
632                         /* fall through */
633                 case TASKFILE_IN:
634                         args.handler = &task_in_intr;
635                         err = ide_diag_taskfile(drive, &args, taskin, inbuf);
636                         break;
637                 case TASKFILE_NO_DATA:
638                         args.handler = &task_no_data_intr;
639                         err = ide_diag_taskfile(drive, &args, 0, NULL);
640                         break;
641                 default:
642                         err = -EFAULT;
643                         goto abort;
644         }
645
646         memcpy(req_task->io_ports, &(args.tfRegister), HDIO_DRIVE_TASK_HDR_SIZE);
647         memcpy(req_task->hob_ports, &(args.hobRegister), HDIO_DRIVE_HOB_HDR_SIZE);
648         req_task->in_flags  = args.tf_in_flags;
649         req_task->out_flags = args.tf_out_flags;
650
651         if (copy_to_user(buf, req_task, tasksize)) {
652                 err = -EFAULT;
653                 goto abort;
654         }
655         if (taskout) {
656                 int outtotal = tasksize;
657                 if (copy_to_user(buf + outtotal, outbuf, taskout)) {
658                         err = -EFAULT;
659                         goto abort;
660                 }
661         }
662         if (taskin) {
663                 int intotal = tasksize + taskout;
664                 if (copy_to_user(buf + intotal, inbuf, taskin)) {
665                         err = -EFAULT;
666                         goto abort;
667                 }
668         }
669 abort:
670         kfree(req_task);
671         kfree(outbuf);
672         kfree(inbuf);
673
674 //      printk("IDE Taskfile ioctl ended. rc = %i\n", err);
675
676         drive->io_32bit = io_32bit;
677
678         return err;
679 }
680
681 int ide_wait_cmd (ide_drive_t *drive, u8 cmd, u8 nsect, u8 feature, u8 sectors, u8 *buf)
682 {
683         struct request rq;
684         u8 buffer[4];
685
686         if (!buf)
687                 buf = buffer;
688         memset(buf, 0, 4 + SECTOR_WORDS * 4 * sectors);
689         ide_init_drive_cmd(&rq);
690         rq.buffer = buf;
691         *buf++ = cmd;
692         *buf++ = nsect;
693         *buf++ = feature;
694         *buf++ = sectors;
695         return ide_do_drive_cmd(drive, &rq, ide_wait);
696 }
697
698 /*
699  * FIXME : this needs to map into at taskfile. <andre@linux-ide.org>
700  */
701 int ide_cmd_ioctl (ide_drive_t *drive, unsigned int cmd, unsigned long arg)
702 {
703         int err = 0;
704         u8 args[4], *argbuf = args;
705         u8 xfer_rate = 0;
706         int argsize = 4;
707         ide_task_t tfargs;
708
709         if (NULL == (void *) arg) {
710                 struct request rq;
711                 ide_init_drive_cmd(&rq);
712                 return ide_do_drive_cmd(drive, &rq, ide_wait);
713         }
714
715         if (copy_from_user(args, (void __user *)arg, 4))
716                 return -EFAULT;
717
718         memset(&tfargs, 0, sizeof(ide_task_t));
719         tfargs.tfRegister[IDE_FEATURE_OFFSET] = args[2];
720         tfargs.tfRegister[IDE_NSECTOR_OFFSET] = args[3];
721         tfargs.tfRegister[IDE_SECTOR_OFFSET]  = args[1];
722         tfargs.tfRegister[IDE_LCYL_OFFSET]    = 0x00;
723         tfargs.tfRegister[IDE_HCYL_OFFSET]    = 0x00;
724         tfargs.tfRegister[IDE_SELECT_OFFSET]  = 0x00;
725         tfargs.tfRegister[IDE_COMMAND_OFFSET] = args[0];
726
727         if (args[3]) {
728                 argsize = 4 + (SECTOR_WORDS * 4 * args[3]);
729                 argbuf = kzalloc(argsize, GFP_KERNEL);
730                 if (argbuf == NULL)
731                         return -ENOMEM;
732         }
733         if (set_transfer(drive, &tfargs)) {
734                 xfer_rate = args[1];
735                 if (ide_ata66_check(drive, &tfargs))
736                         goto abort;
737         }
738
739         err = ide_wait_cmd(drive, args[0], args[1], args[2], args[3], argbuf);
740
741         if (!err && xfer_rate) {
742                 /* active-retuning-calls future */
743                 ide_set_xfer_rate(drive, xfer_rate);
744                 ide_driveid_update(drive);
745         }
746 abort:
747         if (copy_to_user((void __user *)arg, argbuf, argsize))
748                 err = -EFAULT;
749         if (argsize > 4)
750                 kfree(argbuf);
751         return err;
752 }
753
754 static int ide_wait_cmd_task(ide_drive_t *drive, u8 *buf)
755 {
756         struct request rq;
757
758         ide_init_drive_cmd(&rq);
759         rq.cmd_type = REQ_TYPE_ATA_TASK;
760         rq.buffer = buf;
761         return ide_do_drive_cmd(drive, &rq, ide_wait);
762 }
763
764 /*
765  * FIXME : this needs to map into at taskfile. <andre@linux-ide.org>
766  */
767 int ide_task_ioctl (ide_drive_t *drive, unsigned int cmd, unsigned long arg)
768 {
769         void __user *p = (void __user *)arg;
770         int err = 0;
771         u8 args[7], *argbuf = args;
772         int argsize = 7;
773
774         if (copy_from_user(args, p, 7))
775                 return -EFAULT;
776         err = ide_wait_cmd_task(drive, argbuf);
777         if (copy_to_user(p, argbuf, argsize))
778                 err = -EFAULT;
779         return err;
780 }
781
782 /*
783  * NOTICE: This is additions from IBM to provide a discrete interface,
784  * for selective taskregister access operations.  Nice JOB Klaus!!!
785  * Glad to be able to work and co-develop this with you and IBM.
786  */
787 ide_startstop_t flagged_taskfile (ide_drive_t *drive, ide_task_t *task)
788 {
789         ide_hwif_t *hwif        = HWIF(drive);
790         task_struct_t *taskfile = (task_struct_t *) task->tfRegister;
791         hob_struct_t *hobfile   = (hob_struct_t *) task->hobRegister;
792
793         if (task->data_phase == TASKFILE_MULTI_IN ||
794             task->data_phase == TASKFILE_MULTI_OUT) {
795                 if (!drive->mult_count) {
796                         printk(KERN_ERR "%s: multimode not set!\n", drive->name);
797                         return ide_stopped;
798                 }
799         }
800
801         /*
802          * (ks) Check taskfile in flags.
803          * If set, then execute as it is defined.
804          * If not set, then define default settings.
805          * The default values are:
806          *      read all taskfile registers (except data)
807          *      read the hob registers (sector, nsector, lcyl, hcyl)
808          */
809         if (task->tf_in_flags.all == 0) {
810                 task->tf_in_flags.all = IDE_TASKFILE_STD_IN_FLAGS;
811                 if (drive->addressing == 1)
812                         task->tf_in_flags.all |= (IDE_HOB_STD_IN_FLAGS  << 8);
813         }
814
815         /* ALL Command Block Executions SHALL clear nIEN, unless otherwise */
816         if (IDE_CONTROL_REG)
817                 /* clear nIEN */
818                 hwif->OUTB(drive->ctl, IDE_CONTROL_REG);
819         SELECT_MASK(drive, 0);
820
821         if (task->tf_out_flags.b.data) {
822                 u16 data =  taskfile->data + (hobfile->data << 8);
823                 hwif->OUTW(data, IDE_DATA_REG);
824         }
825
826         /* (ks) send hob registers first */
827         if (task->tf_out_flags.b.nsector_hob)
828                 hwif->OUTB(hobfile->sector_count, IDE_NSECTOR_REG);
829         if (task->tf_out_flags.b.sector_hob)
830                 hwif->OUTB(hobfile->sector_number, IDE_SECTOR_REG);
831         if (task->tf_out_flags.b.lcyl_hob)
832                 hwif->OUTB(hobfile->low_cylinder, IDE_LCYL_REG);
833         if (task->tf_out_flags.b.hcyl_hob)
834                 hwif->OUTB(hobfile->high_cylinder, IDE_HCYL_REG);
835
836         /* (ks) Send now the standard registers */
837         if (task->tf_out_flags.b.error_feature)
838                 hwif->OUTB(taskfile->feature, IDE_FEATURE_REG);
839         /* refers to number of sectors to transfer */
840         if (task->tf_out_flags.b.nsector)
841                 hwif->OUTB(taskfile->sector_count, IDE_NSECTOR_REG);
842         /* refers to sector offset or start sector */
843         if (task->tf_out_flags.b.sector)
844                 hwif->OUTB(taskfile->sector_number, IDE_SECTOR_REG);
845         if (task->tf_out_flags.b.lcyl)
846                 hwif->OUTB(taskfile->low_cylinder, IDE_LCYL_REG);
847         if (task->tf_out_flags.b.hcyl)
848                 hwif->OUTB(taskfile->high_cylinder, IDE_HCYL_REG);
849
850         /*
851          * (ks) In the flagged taskfile approch, we will use all specified
852          * registers and the register value will not be changed, except the
853          * select bit (master/slave) in the drive_head register. We must make
854          * sure that the desired drive is selected.
855          */
856         hwif->OUTB(taskfile->device_head | drive->select.all, IDE_SELECT_REG);
857         switch(task->data_phase) {
858
859                 case TASKFILE_OUT_DMAQ:
860                 case TASKFILE_OUT_DMA:
861                 case TASKFILE_IN_DMAQ:
862                 case TASKFILE_IN_DMA:
863                         hwif->dma_setup(drive);
864                         hwif->dma_exec_cmd(drive, taskfile->command);
865                         hwif->dma_start(drive);
866                         break;
867
868                 default:
869                         if (task->handler == NULL)
870                                 return ide_stopped;
871
872                         /* Issue the command */
873                         if (task->prehandler) {
874                                 hwif->OUTBSYNC(drive, taskfile->command, IDE_COMMAND_REG);
875                                 ndelay(400);    /* FIXME */
876                                 return task->prehandler(drive, task->rq);
877                         }
878                         ide_execute_command(drive, taskfile->command, task->handler, WAIT_WORSTCASE, NULL);
879         }
880
881         return ide_started;
882 }