Merge commit 'v2.6.30-rc6' into x86/mm
[linux-2.6] / drivers / ieee1394 / sbp2.c
1 /*
2  * sbp2.c - SBP-2 protocol driver for IEEE-1394
3  *
4  * Copyright (C) 2000 James Goodwin, Filanet Corporation (www.filanet.com)
5  * jamesg@filanet.com (JSG)
6  *
7  * Copyright (C) 2003 Ben Collins <bcollins@debian.org>
8  *
9  * This program is free software; you can redistribute it and/or modify
10  * it under the terms of the GNU General Public License as published by
11  * the Free Software Foundation; either version 2 of the License, or
12  * (at your option) any later version.
13  *
14  * This program is distributed in the hope that it will be useful,
15  * but WITHOUT ANY WARRANTY; without even the implied warranty of
16  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
17  * GNU General Public License for more details.
18  *
19  * You should have received a copy of the GNU General Public License
20  * along with this program; if not, write to the Free Software Foundation,
21  * Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
22  */
23
24 /*
25  * Brief Description:
26  *
27  * This driver implements the Serial Bus Protocol 2 (SBP-2) over IEEE-1394
28  * under Linux. The SBP-2 driver is implemented as an IEEE-1394 high-level
29  * driver. It also registers as a SCSI lower-level driver in order to accept
30  * SCSI commands for transport using SBP-2.
31  *
32  * You may access any attached SBP-2 (usually storage devices) as regular
33  * SCSI devices. E.g. mount /dev/sda1, fdisk, mkfs, etc..
34  *
35  * See http://www.t10.org/drafts.htm#sbp2 for the final draft of the SBP-2
36  * specification and for where to purchase the official standard.
37  *
38  * TODO:
39  *   - look into possible improvements of the SCSI error handlers
40  *   - handle Unit_Characteristics.mgt_ORB_timeout and .ORB_size
41  *   - handle Logical_Unit_Number.ordered
42  *   - handle src == 1 in status blocks
43  *   - reimplement the DMA mapping in absence of physical DMA so that
44  *     bus_to_virt is no longer required
45  *   - debug the handling of absent physical DMA
46  *   - replace CONFIG_IEEE1394_SBP2_PHYS_DMA by automatic detection
47  *     (this is easy but depends on the previous two TODO items)
48  *   - make the parameter serialize_io configurable per device
49  *   - move all requests to fetch agent registers into non-atomic context,
50  *     replace all usages of sbp2util_node_write_no_wait by true transactions
51  * Grep for inline FIXME comments below.
52  */
53
54 #include <linux/blkdev.h>
55 #include <linux/compiler.h>
56 #include <linux/delay.h>
57 #include <linux/device.h>
58 #include <linux/dma-mapping.h>
59 #include <linux/gfp.h>
60 #include <linux/init.h>
61 #include <linux/kernel.h>
62 #include <linux/list.h>
63 #include <linux/mm.h>
64 #include <linux/module.h>
65 #include <linux/moduleparam.h>
66 #include <linux/sched.h>
67 #include <linux/slab.h>
68 #include <linux/spinlock.h>
69 #include <linux/stat.h>
70 #include <linux/string.h>
71 #include <linux/stringify.h>
72 #include <linux/types.h>
73 #include <linux/wait.h>
74 #include <linux/workqueue.h>
75 #include <linux/scatterlist.h>
76
77 #include <asm/byteorder.h>
78 #include <asm/errno.h>
79 #include <asm/param.h>
80 #include <asm/system.h>
81 #include <asm/types.h>
82
83 #ifdef CONFIG_IEEE1394_SBP2_PHYS_DMA
84 #include <asm/io.h> /* for bus_to_virt */
85 #endif
86
87 #include <scsi/scsi.h>
88 #include <scsi/scsi_cmnd.h>
89 #include <scsi/scsi_dbg.h>
90 #include <scsi/scsi_device.h>
91 #include <scsi/scsi_host.h>
92
93 #include "csr1212.h"
94 #include "highlevel.h"
95 #include "hosts.h"
96 #include "ieee1394.h"
97 #include "ieee1394_core.h"
98 #include "ieee1394_hotplug.h"
99 #include "ieee1394_transactions.h"
100 #include "ieee1394_types.h"
101 #include "nodemgr.h"
102 #include "sbp2.h"
103
104 /*
105  * Module load parameter definitions
106  */
107
108 /*
109  * Change max_speed on module load if you have a bad IEEE-1394
110  * controller that has trouble running 2KB packets at 400mb.
111  *
112  * NOTE: On certain OHCI parts I have seen short packets on async transmit
113  * (probably due to PCI latency/throughput issues with the part). You can
114  * bump down the speed if you are running into problems.
115  */
116 static int sbp2_max_speed = IEEE1394_SPEED_MAX;
117 module_param_named(max_speed, sbp2_max_speed, int, 0644);
118 MODULE_PARM_DESC(max_speed, "Limit data transfer speed (5 <= 3200, "
119                  "4 <= 1600, 3 <= 800, 2 <= 400, 1 <= 200, 0 = 100 Mb/s)");
120
121 /*
122  * Set serialize_io to 0 or N to use dynamically appended lists of command ORBs.
123  * This is and always has been buggy in multiple subtle ways. See above TODOs.
124  */
125 static int sbp2_serialize_io = 1;
126 module_param_named(serialize_io, sbp2_serialize_io, bool, 0444);
127 MODULE_PARM_DESC(serialize_io, "Serialize requests coming from SCSI drivers "
128                  "(default = Y, faster but buggy = N)");
129
130 /*
131  * Adjust max_sectors if you'd like to influence how many sectors each SCSI
132  * command can transfer at most. Please note that some older SBP-2 bridge
133  * chips are broken for transfers greater or equal to 128KB, therefore
134  * max_sectors used to be a safe 255 sectors for many years. We now have a
135  * default of 0 here which means that we let the SCSI stack choose a limit.
136  *
137  * The SBP2_WORKAROUND_128K_MAX_TRANS flag, if set either in the workarounds
138  * module parameter or in the sbp2_workarounds_table[], will override the
139  * value of max_sectors. We should use sbp2_workarounds_table[] to cover any
140  * bridge chip which becomes known to need the 255 sectors limit.
141  */
142 static int sbp2_max_sectors;
143 module_param_named(max_sectors, sbp2_max_sectors, int, 0444);
144 MODULE_PARM_DESC(max_sectors, "Change max sectors per I/O supported "
145                  "(default = 0 = use SCSI stack's default)");
146
147 /*
148  * Exclusive login to sbp2 device? In most cases, the sbp2 driver should
149  * do an exclusive login, as it's generally unsafe to have two hosts
150  * talking to a single sbp2 device at the same time (filesystem coherency,
151  * etc.). If you're running an sbp2 device that supports multiple logins,
152  * and you're either running read-only filesystems or some sort of special
153  * filesystem supporting multiple hosts, e.g. OpenGFS, Oracle Cluster
154  * File System, or Lustre, then set exclusive_login to zero.
155  *
156  * So far only bridges from Oxford Semiconductor are known to support
157  * concurrent logins. Depending on firmware, four or two concurrent logins
158  * are possible on OXFW911 and newer Oxsemi bridges.
159  */
160 static int sbp2_exclusive_login = 1;
161 module_param_named(exclusive_login, sbp2_exclusive_login, bool, 0644);
162 MODULE_PARM_DESC(exclusive_login, "Exclusive login to sbp2 device "
163                  "(default = Y, use N for concurrent initiators)");
164
165 /*
166  * If any of the following workarounds is required for your device to work,
167  * please submit the kernel messages logged by sbp2 to the linux1394-devel
168  * mailing list.
169  *
170  * - 128kB max transfer
171  *   Limit transfer size. Necessary for some old bridges.
172  *
173  * - 36 byte inquiry
174  *   When scsi_mod probes the device, let the inquiry command look like that
175  *   from MS Windows.
176  *
177  * - skip mode page 8
178  *   Suppress sending of mode_sense for mode page 8 if the device pretends to
179  *   support the SCSI Primary Block commands instead of Reduced Block Commands.
180  *
181  * - fix capacity
182  *   Tell sd_mod to correct the last sector number reported by read_capacity.
183  *   Avoids access beyond actual disk limits on devices with an off-by-one bug.
184  *   Don't use this with devices which don't have this bug.
185  *
186  * - delay inquiry
187  *   Wait extra SBP2_INQUIRY_DELAY seconds after login before SCSI inquiry.
188  *
189  * - power condition
190  *   Set the power condition field in the START STOP UNIT commands sent by
191  *   sd_mod on suspend, resume, and shutdown (if manage_start_stop is on).
192  *   Some disks need this to spin down or to resume properly.
193  *
194  * - override internal blacklist
195  *   Instead of adding to the built-in blacklist, use only the workarounds
196  *   specified in the module load parameter.
197  *   Useful if a blacklist entry interfered with a non-broken device.
198  */
199 static int sbp2_default_workarounds;
200 module_param_named(workarounds, sbp2_default_workarounds, int, 0644);
201 MODULE_PARM_DESC(workarounds, "Work around device bugs (default = 0"
202         ", 128kB max transfer = " __stringify(SBP2_WORKAROUND_128K_MAX_TRANS)
203         ", 36 byte inquiry = "    __stringify(SBP2_WORKAROUND_INQUIRY_36)
204         ", skip mode page 8 = "   __stringify(SBP2_WORKAROUND_MODE_SENSE_8)
205         ", fix capacity = "       __stringify(SBP2_WORKAROUND_FIX_CAPACITY)
206         ", delay inquiry = "      __stringify(SBP2_WORKAROUND_DELAY_INQUIRY)
207         ", set power condition in start stop unit = "
208                                   __stringify(SBP2_WORKAROUND_POWER_CONDITION)
209         ", override internal blacklist = " __stringify(SBP2_WORKAROUND_OVERRIDE)
210         ", or a combination)");
211
212 /*
213  * This influences the format of the sysfs attribute
214  * /sys/bus/scsi/devices/.../ieee1394_id.
215  *
216  * The default format is like in older kernels:  %016Lx:%d:%d
217  * It contains the target's EUI-64, a number given to the logical unit by
218  * the ieee1394 driver's nodemgr (starting at 0), and the LUN.
219  *
220  * The long format is:  %016Lx:%06x:%04x
221  * It contains the target's EUI-64, the unit directory's directory_ID as per
222  * IEEE 1212 clause 7.7.19, and the LUN.  This format comes closest to the
223  * format of SBP(-3) target port and logical unit identifier as per SAM (SCSI
224  * Architecture Model) rev.2 to 4 annex A.  Therefore and because it is
225  * independent of the implementation of the ieee1394 nodemgr, the longer format
226  * is recommended for future use.
227  */
228 static int sbp2_long_sysfs_ieee1394_id;
229 module_param_named(long_ieee1394_id, sbp2_long_sysfs_ieee1394_id, bool, 0644);
230 MODULE_PARM_DESC(long_ieee1394_id, "8+3+2 bytes format of ieee1394_id in sysfs "
231                  "(default = backwards-compatible = N, SAM-conforming = Y)");
232
233
234 #define SBP2_INFO(fmt, args...) HPSB_INFO("sbp2: "fmt, ## args)
235 #define SBP2_ERR(fmt, args...)  HPSB_ERR("sbp2: "fmt, ## args)
236
237 /*
238  * Globals
239  */
240 static void sbp2scsi_complete_all_commands(struct sbp2_lu *, u32);
241 static void sbp2scsi_complete_command(struct sbp2_lu *, u32, struct scsi_cmnd *,
242                                       void (*)(struct scsi_cmnd *));
243 static struct sbp2_lu *sbp2_alloc_device(struct unit_directory *);
244 static int sbp2_start_device(struct sbp2_lu *);
245 static void sbp2_remove_device(struct sbp2_lu *);
246 static int sbp2_login_device(struct sbp2_lu *);
247 static int sbp2_reconnect_device(struct sbp2_lu *);
248 static int sbp2_logout_device(struct sbp2_lu *);
249 static void sbp2_host_reset(struct hpsb_host *);
250 static int sbp2_handle_status_write(struct hpsb_host *, int, int, quadlet_t *,
251                                     u64, size_t, u16);
252 static int sbp2_agent_reset(struct sbp2_lu *, int);
253 static void sbp2_parse_unit_directory(struct sbp2_lu *,
254                                       struct unit_directory *);
255 static int sbp2_set_busy_timeout(struct sbp2_lu *);
256 static int sbp2_max_speed_and_size(struct sbp2_lu *);
257
258
259 static const u8 sbp2_speedto_max_payload[] = { 0x7, 0x8, 0x9, 0xa, 0xa, 0xa };
260
261 static DEFINE_RWLOCK(sbp2_hi_logical_units_lock);
262
263 static struct hpsb_highlevel sbp2_highlevel = {
264         .name           = SBP2_DEVICE_NAME,
265         .host_reset     = sbp2_host_reset,
266 };
267
268 static const struct hpsb_address_ops sbp2_ops = {
269         .write          = sbp2_handle_status_write
270 };
271
272 #ifdef CONFIG_IEEE1394_SBP2_PHYS_DMA
273 static int sbp2_handle_physdma_write(struct hpsb_host *, int, int, quadlet_t *,
274                                      u64, size_t, u16);
275 static int sbp2_handle_physdma_read(struct hpsb_host *, int, quadlet_t *, u64,
276                                     size_t, u16);
277
278 static const struct hpsb_address_ops sbp2_physdma_ops = {
279         .read           = sbp2_handle_physdma_read,
280         .write          = sbp2_handle_physdma_write,
281 };
282 #endif
283
284
285 /*
286  * Interface to driver core and IEEE 1394 core
287  */
288 static const struct ieee1394_device_id sbp2_id_table[] = {
289         {
290          .match_flags   = IEEE1394_MATCH_SPECIFIER_ID | IEEE1394_MATCH_VERSION,
291          .specifier_id  = SBP2_UNIT_SPEC_ID_ENTRY & 0xffffff,
292          .version       = SBP2_SW_VERSION_ENTRY & 0xffffff},
293         {}
294 };
295 MODULE_DEVICE_TABLE(ieee1394, sbp2_id_table);
296
297 static int sbp2_probe(struct device *);
298 static int sbp2_remove(struct device *);
299 static int sbp2_update(struct unit_directory *);
300
301 static struct hpsb_protocol_driver sbp2_driver = {
302         .name           = SBP2_DEVICE_NAME,
303         .id_table       = sbp2_id_table,
304         .update         = sbp2_update,
305         .driver         = {
306                 .probe          = sbp2_probe,
307                 .remove         = sbp2_remove,
308         },
309 };
310
311
312 /*
313  * Interface to SCSI core
314  */
315 static int sbp2scsi_queuecommand(struct scsi_cmnd *,
316                                  void (*)(struct scsi_cmnd *));
317 static int sbp2scsi_abort(struct scsi_cmnd *);
318 static int sbp2scsi_reset(struct scsi_cmnd *);
319 static int sbp2scsi_slave_alloc(struct scsi_device *);
320 static int sbp2scsi_slave_configure(struct scsi_device *);
321 static void sbp2scsi_slave_destroy(struct scsi_device *);
322 static ssize_t sbp2_sysfs_ieee1394_id_show(struct device *,
323                                            struct device_attribute *, char *);
324
325 static DEVICE_ATTR(ieee1394_id, S_IRUGO, sbp2_sysfs_ieee1394_id_show, NULL);
326
327 static struct device_attribute *sbp2_sysfs_sdev_attrs[] = {
328         &dev_attr_ieee1394_id,
329         NULL
330 };
331
332 static struct scsi_host_template sbp2_shost_template = {
333         .module                  = THIS_MODULE,
334         .name                    = "SBP-2 IEEE-1394",
335         .proc_name               = SBP2_DEVICE_NAME,
336         .queuecommand            = sbp2scsi_queuecommand,
337         .eh_abort_handler        = sbp2scsi_abort,
338         .eh_device_reset_handler = sbp2scsi_reset,
339         .slave_alloc             = sbp2scsi_slave_alloc,
340         .slave_configure         = sbp2scsi_slave_configure,
341         .slave_destroy           = sbp2scsi_slave_destroy,
342         .this_id                 = -1,
343         .sg_tablesize            = SG_ALL,
344         .use_clustering          = ENABLE_CLUSTERING,
345         .cmd_per_lun             = SBP2_MAX_CMDS,
346         .can_queue               = SBP2_MAX_CMDS,
347         .sdev_attrs              = sbp2_sysfs_sdev_attrs,
348 };
349
350 #define SBP2_ROM_VALUE_WILDCARD ~0         /* match all */
351 #define SBP2_ROM_VALUE_MISSING  0xff000000 /* not present in the unit dir. */
352
353 /*
354  * List of devices with known bugs.
355  *
356  * The firmware_revision field, masked with 0xffff00, is the best indicator
357  * for the type of bridge chip of a device.  It yields a few false positives
358  * but this did not break correctly behaving devices so far.
359  */
360 static const struct {
361         u32 firmware_revision;
362         u32 model;
363         unsigned workarounds;
364 } sbp2_workarounds_table[] = {
365         /* DViCO Momobay CX-1 with TSB42AA9 bridge */ {
366                 .firmware_revision      = 0x002800,
367                 .model                  = 0x001010,
368                 .workarounds            = SBP2_WORKAROUND_INQUIRY_36 |
369                                           SBP2_WORKAROUND_MODE_SENSE_8 |
370                                           SBP2_WORKAROUND_POWER_CONDITION,
371         },
372         /* DViCO Momobay FX-3A with TSB42AA9A bridge */ {
373                 .firmware_revision      = 0x002800,
374                 .model                  = 0x000000,
375                 .workarounds            = SBP2_WORKAROUND_DELAY_INQUIRY |
376                                           SBP2_WORKAROUND_POWER_CONDITION,
377         },
378         /* Initio bridges, actually only needed for some older ones */ {
379                 .firmware_revision      = 0x000200,
380                 .model                  = SBP2_ROM_VALUE_WILDCARD,
381                 .workarounds            = SBP2_WORKAROUND_INQUIRY_36,
382         },
383         /* PL-3507 bridge with Prolific firmware */ {
384                 .firmware_revision      = 0x012800,
385                 .model                  = SBP2_ROM_VALUE_WILDCARD,
386                 .workarounds            = SBP2_WORKAROUND_POWER_CONDITION,
387         },
388         /* Symbios bridge */ {
389                 .firmware_revision      = 0xa0b800,
390                 .model                  = SBP2_ROM_VALUE_WILDCARD,
391                 .workarounds            = SBP2_WORKAROUND_128K_MAX_TRANS,
392         },
393         /* Datafab MD2-FW2 with Symbios/LSILogic SYM13FW500 bridge */ {
394                 .firmware_revision      = 0x002600,
395                 .model                  = SBP2_ROM_VALUE_WILDCARD,
396                 .workarounds            = SBP2_WORKAROUND_128K_MAX_TRANS,
397         },
398         /*
399          * iPod 2nd generation: needs 128k max transfer size workaround
400          * iPod 3rd generation: needs fix capacity workaround
401          */
402         {
403                 .firmware_revision      = 0x0a2700,
404                 .model                  = 0x000000,
405                 .workarounds            = SBP2_WORKAROUND_128K_MAX_TRANS |
406                                           SBP2_WORKAROUND_FIX_CAPACITY,
407         },
408         /* iPod 4th generation */ {
409                 .firmware_revision      = 0x0a2700,
410                 .model                  = 0x000021,
411                 .workarounds            = SBP2_WORKAROUND_FIX_CAPACITY,
412         },
413         /* iPod mini */ {
414                 .firmware_revision      = 0x0a2700,
415                 .model                  = 0x000022,
416                 .workarounds            = SBP2_WORKAROUND_FIX_CAPACITY,
417         },
418         /* iPod mini */ {
419                 .firmware_revision      = 0x0a2700,
420                 .model                  = 0x000023,
421                 .workarounds            = SBP2_WORKAROUND_FIX_CAPACITY,
422         },
423         /* iPod Photo */ {
424                 .firmware_revision      = 0x0a2700,
425                 .model                  = 0x00007e,
426                 .workarounds            = SBP2_WORKAROUND_FIX_CAPACITY,
427         }
428 };
429
430 /**************************************
431  * General utility functions
432  **************************************/
433
434 #ifndef __BIG_ENDIAN
435 /*
436  * Converts a buffer from be32 to cpu byte ordering. Length is in bytes.
437  */
438 static inline void sbp2util_be32_to_cpu_buffer(void *buffer, int length)
439 {
440         u32 *temp = buffer;
441
442         for (length = (length >> 2); length--; )
443                 temp[length] = be32_to_cpu(temp[length]);
444 }
445
446 /*
447  * Converts a buffer from cpu to be32 byte ordering. Length is in bytes.
448  */
449 static inline void sbp2util_cpu_to_be32_buffer(void *buffer, int length)
450 {
451         u32 *temp = buffer;
452
453         for (length = (length >> 2); length--; )
454                 temp[length] = cpu_to_be32(temp[length]);
455 }
456 #else /* BIG_ENDIAN */
457 /* Why waste the cpu cycles? */
458 #define sbp2util_be32_to_cpu_buffer(x,y) do {} while (0)
459 #define sbp2util_cpu_to_be32_buffer(x,y) do {} while (0)
460 #endif
461
462 static DECLARE_WAIT_QUEUE_HEAD(sbp2_access_wq);
463
464 /*
465  * Waits for completion of an SBP-2 access request.
466  * Returns nonzero if timed out or prematurely interrupted.
467  */
468 static int sbp2util_access_timeout(struct sbp2_lu *lu, int timeout)
469 {
470         long leftover;
471
472         leftover = wait_event_interruptible_timeout(
473                         sbp2_access_wq, lu->access_complete, timeout);
474         lu->access_complete = 0;
475         return leftover <= 0;
476 }
477
478 static void sbp2_free_packet(void *packet)
479 {
480         hpsb_free_tlabel(packet);
481         hpsb_free_packet(packet);
482 }
483
484 /*
485  * This is much like hpsb_node_write(), except it ignores the response
486  * subaction and returns immediately. Can be used from atomic context.
487  */
488 static int sbp2util_node_write_no_wait(struct node_entry *ne, u64 addr,
489                                        quadlet_t *buf, size_t len)
490 {
491         struct hpsb_packet *packet;
492
493         packet = hpsb_make_writepacket(ne->host, ne->nodeid, addr, buf, len);
494         if (!packet)
495                 return -ENOMEM;
496
497         hpsb_set_packet_complete_task(packet, sbp2_free_packet, packet);
498         hpsb_node_fill_packet(ne, packet);
499         if (hpsb_send_packet(packet) < 0) {
500                 sbp2_free_packet(packet);
501                 return -EIO;
502         }
503         return 0;
504 }
505
506 static void sbp2util_notify_fetch_agent(struct sbp2_lu *lu, u64 offset,
507                                         quadlet_t *data, size_t len)
508 {
509         /* There is a small window after a bus reset within which the node
510          * entry's generation is current but the reconnect wasn't completed. */
511         if (unlikely(atomic_read(&lu->state) == SBP2LU_STATE_IN_RESET))
512                 return;
513
514         if (hpsb_node_write(lu->ne, lu->command_block_agent_addr + offset,
515                             data, len))
516                 SBP2_ERR("sbp2util_notify_fetch_agent failed.");
517
518         /* Now accept new SCSI commands, unless a bus reset happended during
519          * hpsb_node_write. */
520         if (likely(atomic_read(&lu->state) != SBP2LU_STATE_IN_RESET))
521                 scsi_unblock_requests(lu->shost);
522 }
523
524 static void sbp2util_write_orb_pointer(struct work_struct *work)
525 {
526         struct sbp2_lu *lu = container_of(work, struct sbp2_lu, protocol_work);
527         quadlet_t data[2];
528
529         data[0] = ORB_SET_NODE_ID(lu->hi->host->node_id);
530         data[1] = lu->last_orb_dma;
531         sbp2util_cpu_to_be32_buffer(data, 8);
532         sbp2util_notify_fetch_agent(lu, SBP2_ORB_POINTER_OFFSET, data, 8);
533 }
534
535 static void sbp2util_write_doorbell(struct work_struct *work)
536 {
537         struct sbp2_lu *lu = container_of(work, struct sbp2_lu, protocol_work);
538
539         sbp2util_notify_fetch_agent(lu, SBP2_DOORBELL_OFFSET, NULL, 4);
540 }
541
542 static int sbp2util_create_command_orb_pool(struct sbp2_lu *lu)
543 {
544         struct sbp2_command_info *cmd;
545         struct device *dmadev = lu->hi->host->device.parent;
546         int i, orbs = sbp2_serialize_io ? 2 : SBP2_MAX_CMDS;
547
548         for (i = 0; i < orbs; i++) {
549                 cmd = kzalloc(sizeof(*cmd), GFP_KERNEL);
550                 if (!cmd)
551                         goto failed_alloc;
552
553                 cmd->command_orb_dma =
554                     dma_map_single(dmadev, &cmd->command_orb,
555                                    sizeof(struct sbp2_command_orb),
556                                    DMA_TO_DEVICE);
557                 if (dma_mapping_error(dmadev, cmd->command_orb_dma))
558                         goto failed_orb;
559
560                 cmd->sge_dma =
561                     dma_map_single(dmadev, &cmd->scatter_gather_element,
562                                    sizeof(cmd->scatter_gather_element),
563                                    DMA_TO_DEVICE);
564                 if (dma_mapping_error(dmadev, cmd->sge_dma))
565                         goto failed_sge;
566
567                 INIT_LIST_HEAD(&cmd->list);
568                 list_add_tail(&cmd->list, &lu->cmd_orb_completed);
569         }
570         return 0;
571
572 failed_sge:
573         dma_unmap_single(dmadev, cmd->command_orb_dma,
574                          sizeof(struct sbp2_command_orb), DMA_TO_DEVICE);
575 failed_orb:
576         kfree(cmd);
577 failed_alloc:
578         return -ENOMEM;
579 }
580
581 static void sbp2util_remove_command_orb_pool(struct sbp2_lu *lu,
582                                              struct hpsb_host *host)
583 {
584         struct list_head *lh, *next;
585         struct sbp2_command_info *cmd;
586         unsigned long flags;
587
588         spin_lock_irqsave(&lu->cmd_orb_lock, flags);
589         if (!list_empty(&lu->cmd_orb_completed))
590                 list_for_each_safe(lh, next, &lu->cmd_orb_completed) {
591                         cmd = list_entry(lh, struct sbp2_command_info, list);
592                         dma_unmap_single(host->device.parent,
593                                          cmd->command_orb_dma,
594                                          sizeof(struct sbp2_command_orb),
595                                          DMA_TO_DEVICE);
596                         dma_unmap_single(host->device.parent, cmd->sge_dma,
597                                          sizeof(cmd->scatter_gather_element),
598                                          DMA_TO_DEVICE);
599                         kfree(cmd);
600                 }
601         spin_unlock_irqrestore(&lu->cmd_orb_lock, flags);
602         return;
603 }
604
605 /*
606  * Finds the sbp2_command for a given outstanding command ORB.
607  * Only looks at the in-use list.
608  */
609 static struct sbp2_command_info *sbp2util_find_command_for_orb(
610                                 struct sbp2_lu *lu, dma_addr_t orb)
611 {
612         struct sbp2_command_info *cmd;
613         unsigned long flags;
614
615         spin_lock_irqsave(&lu->cmd_orb_lock, flags);
616         if (!list_empty(&lu->cmd_orb_inuse))
617                 list_for_each_entry(cmd, &lu->cmd_orb_inuse, list)
618                         if (cmd->command_orb_dma == orb) {
619                                 spin_unlock_irqrestore(
620                                                 &lu->cmd_orb_lock, flags);
621                                 return cmd;
622                         }
623         spin_unlock_irqrestore(&lu->cmd_orb_lock, flags);
624         return NULL;
625 }
626
627 /*
628  * Finds the sbp2_command for a given outstanding SCpnt.
629  * Only looks at the in-use list.
630  * Must be called with lu->cmd_orb_lock held.
631  */
632 static struct sbp2_command_info *sbp2util_find_command_for_SCpnt(
633                                 struct sbp2_lu *lu, void *SCpnt)
634 {
635         struct sbp2_command_info *cmd;
636
637         if (!list_empty(&lu->cmd_orb_inuse))
638                 list_for_each_entry(cmd, &lu->cmd_orb_inuse, list)
639                         if (cmd->Current_SCpnt == SCpnt)
640                                 return cmd;
641         return NULL;
642 }
643
644 static struct sbp2_command_info *sbp2util_allocate_command_orb(
645                                 struct sbp2_lu *lu,
646                                 struct scsi_cmnd *Current_SCpnt,
647                                 void (*Current_done)(struct scsi_cmnd *))
648 {
649         struct list_head *lh;
650         struct sbp2_command_info *cmd = NULL;
651         unsigned long flags;
652
653         spin_lock_irqsave(&lu->cmd_orb_lock, flags);
654         if (!list_empty(&lu->cmd_orb_completed)) {
655                 lh = lu->cmd_orb_completed.next;
656                 list_del(lh);
657                 cmd = list_entry(lh, struct sbp2_command_info, list);
658                 cmd->Current_done = Current_done;
659                 cmd->Current_SCpnt = Current_SCpnt;
660                 list_add_tail(&cmd->list, &lu->cmd_orb_inuse);
661         } else
662                 SBP2_ERR("%s: no orbs available", __func__);
663         spin_unlock_irqrestore(&lu->cmd_orb_lock, flags);
664         return cmd;
665 }
666
667 /*
668  * Unmaps the DMAs of a command and moves the command to the completed ORB list.
669  * Must be called with lu->cmd_orb_lock held.
670  */
671 static void sbp2util_mark_command_completed(struct sbp2_lu *lu,
672                                             struct sbp2_command_info *cmd)
673 {
674         if (scsi_sg_count(cmd->Current_SCpnt))
675                 dma_unmap_sg(lu->ud->ne->host->device.parent,
676                              scsi_sglist(cmd->Current_SCpnt),
677                              scsi_sg_count(cmd->Current_SCpnt),
678                              cmd->Current_SCpnt->sc_data_direction);
679         list_move_tail(&cmd->list, &lu->cmd_orb_completed);
680 }
681
682 /*
683  * Is lu valid? Is the 1394 node still present?
684  */
685 static inline int sbp2util_node_is_available(struct sbp2_lu *lu)
686 {
687         return lu && lu->ne && !lu->ne->in_limbo;
688 }
689
690 /*********************************************
691  * IEEE-1394 core driver stack related section
692  *********************************************/
693
694 static int sbp2_probe(struct device *dev)
695 {
696         struct unit_directory *ud;
697         struct sbp2_lu *lu;
698
699         ud = container_of(dev, struct unit_directory, device);
700
701         /* Don't probe UD's that have the LUN flag. We'll probe the LUN(s)
702          * instead. */
703         if (ud->flags & UNIT_DIRECTORY_HAS_LUN_DIRECTORY)
704                 return -ENODEV;
705
706         lu = sbp2_alloc_device(ud);
707         if (!lu)
708                 return -ENOMEM;
709
710         sbp2_parse_unit_directory(lu, ud);
711         return sbp2_start_device(lu);
712 }
713
714 static int sbp2_remove(struct device *dev)
715 {
716         struct unit_directory *ud;
717         struct sbp2_lu *lu;
718         struct scsi_device *sdev;
719
720         ud = container_of(dev, struct unit_directory, device);
721         lu = ud->device.driver_data;
722         if (!lu)
723                 return 0;
724
725         if (lu->shost) {
726                 /* Get rid of enqueued commands if there is no chance to
727                  * send them. */
728                 if (!sbp2util_node_is_available(lu))
729                         sbp2scsi_complete_all_commands(lu, DID_NO_CONNECT);
730                 /* scsi_remove_device() may trigger shutdown functions of SCSI
731                  * highlevel drivers which would deadlock if blocked. */
732                 atomic_set(&lu->state, SBP2LU_STATE_IN_SHUTDOWN);
733                 scsi_unblock_requests(lu->shost);
734         }
735         sdev = lu->sdev;
736         if (sdev) {
737                 lu->sdev = NULL;
738                 scsi_remove_device(sdev);
739         }
740
741         sbp2_logout_device(lu);
742         sbp2_remove_device(lu);
743
744         return 0;
745 }
746
747 static int sbp2_update(struct unit_directory *ud)
748 {
749         struct sbp2_lu *lu = ud->device.driver_data;
750
751         if (sbp2_reconnect_device(lu) != 0) {
752                 /*
753                  * Reconnect failed.  If another bus reset happened,
754                  * let nodemgr proceed and call sbp2_update again later
755                  * (or sbp2_remove if this node went away).
756                  */
757                 if (!hpsb_node_entry_valid(lu->ne))
758                         return 0;
759                 /*
760                  * Or the target rejected the reconnect because we weren't
761                  * fast enough.  Try a regular login, but first log out
762                  * just in case of any weirdness.
763                  */
764                 sbp2_logout_device(lu);
765
766                 if (sbp2_login_device(lu) != 0) {
767                         if (!hpsb_node_entry_valid(lu->ne))
768                                 return 0;
769
770                         /* Maybe another initiator won the login. */
771                         SBP2_ERR("Failed to reconnect to sbp2 device!");
772                         return -EBUSY;
773                 }
774         }
775
776         sbp2_set_busy_timeout(lu);
777         sbp2_agent_reset(lu, 1);
778         sbp2_max_speed_and_size(lu);
779
780         /* Complete any pending commands with busy (so they get retried)
781          * and remove them from our queue. */
782         sbp2scsi_complete_all_commands(lu, DID_BUS_BUSY);
783
784         /* Accept new commands unless there was another bus reset in the
785          * meantime. */
786         if (hpsb_node_entry_valid(lu->ne)) {
787                 atomic_set(&lu->state, SBP2LU_STATE_RUNNING);
788                 scsi_unblock_requests(lu->shost);
789         }
790         return 0;
791 }
792
793 static struct sbp2_lu *sbp2_alloc_device(struct unit_directory *ud)
794 {
795         struct sbp2_fwhost_info *hi;
796         struct Scsi_Host *shost = NULL;
797         struct sbp2_lu *lu = NULL;
798         unsigned long flags;
799
800         lu = kzalloc(sizeof(*lu), GFP_KERNEL);
801         if (!lu) {
802                 SBP2_ERR("failed to create lu");
803                 goto failed_alloc;
804         }
805
806         lu->ne = ud->ne;
807         lu->ud = ud;
808         lu->speed_code = IEEE1394_SPEED_100;
809         lu->max_payload_size = sbp2_speedto_max_payload[IEEE1394_SPEED_100];
810         lu->status_fifo_addr = CSR1212_INVALID_ADDR_SPACE;
811         INIT_LIST_HEAD(&lu->cmd_orb_inuse);
812         INIT_LIST_HEAD(&lu->cmd_orb_completed);
813         INIT_LIST_HEAD(&lu->lu_list);
814         spin_lock_init(&lu->cmd_orb_lock);
815         atomic_set(&lu->state, SBP2LU_STATE_RUNNING);
816         INIT_WORK(&lu->protocol_work, NULL);
817
818         ud->device.driver_data = lu;
819
820         hi = hpsb_get_hostinfo(&sbp2_highlevel, ud->ne->host);
821         if (!hi) {
822                 hi = hpsb_create_hostinfo(&sbp2_highlevel, ud->ne->host,
823                                           sizeof(*hi));
824                 if (!hi) {
825                         SBP2_ERR("failed to allocate hostinfo");
826                         goto failed_alloc;
827                 }
828                 hi->host = ud->ne->host;
829                 INIT_LIST_HEAD(&hi->logical_units);
830
831 #ifdef CONFIG_IEEE1394_SBP2_PHYS_DMA
832                 /* Handle data movement if physical dma is not
833                  * enabled or not supported on host controller */
834                 if (!hpsb_register_addrspace(&sbp2_highlevel, ud->ne->host,
835                                              &sbp2_physdma_ops,
836                                              0x0ULL, 0xfffffffcULL)) {
837                         SBP2_ERR("failed to register lower 4GB address range");
838                         goto failed_alloc;
839                 }
840 #endif
841         }
842
843         if (dma_get_max_seg_size(hi->host->device.parent) > SBP2_MAX_SEG_SIZE)
844                 BUG_ON(dma_set_max_seg_size(hi->host->device.parent,
845                                             SBP2_MAX_SEG_SIZE));
846
847         /* Prevent unloading of the 1394 host */
848         if (!try_module_get(hi->host->driver->owner)) {
849                 SBP2_ERR("failed to get a reference on 1394 host driver");
850                 goto failed_alloc;
851         }
852
853         lu->hi = hi;
854
855         write_lock_irqsave(&sbp2_hi_logical_units_lock, flags);
856         list_add_tail(&lu->lu_list, &hi->logical_units);
857         write_unlock_irqrestore(&sbp2_hi_logical_units_lock, flags);
858
859         /* Register the status FIFO address range. We could use the same FIFO
860          * for targets at different nodes. However we need different FIFOs per
861          * target in order to support multi-unit devices.
862          * The FIFO is located out of the local host controller's physical range
863          * but, if possible, within the posted write area. Status writes will
864          * then be performed as unified transactions. This slightly reduces
865          * bandwidth usage, and some Prolific based devices seem to require it.
866          */
867         lu->status_fifo_addr = hpsb_allocate_and_register_addrspace(
868                         &sbp2_highlevel, ud->ne->host, &sbp2_ops,
869                         sizeof(struct sbp2_status_block), sizeof(quadlet_t),
870                         ud->ne->host->low_addr_space, CSR1212_ALL_SPACE_END);
871         if (lu->status_fifo_addr == CSR1212_INVALID_ADDR_SPACE) {
872                 SBP2_ERR("failed to allocate status FIFO address range");
873                 goto failed_alloc;
874         }
875
876         shost = scsi_host_alloc(&sbp2_shost_template, sizeof(unsigned long));
877         if (!shost) {
878                 SBP2_ERR("failed to register scsi host");
879                 goto failed_alloc;
880         }
881
882         shost->hostdata[0] = (unsigned long)lu;
883
884         if (!scsi_add_host(shost, &ud->device)) {
885                 lu->shost = shost;
886                 return lu;
887         }
888
889         SBP2_ERR("failed to add scsi host");
890         scsi_host_put(shost);
891
892 failed_alloc:
893         sbp2_remove_device(lu);
894         return NULL;
895 }
896
897 static void sbp2_host_reset(struct hpsb_host *host)
898 {
899         struct sbp2_fwhost_info *hi;
900         struct sbp2_lu *lu;
901         unsigned long flags;
902
903         hi = hpsb_get_hostinfo(&sbp2_highlevel, host);
904         if (!hi)
905                 return;
906
907         read_lock_irqsave(&sbp2_hi_logical_units_lock, flags);
908
909         list_for_each_entry(lu, &hi->logical_units, lu_list)
910                 if (atomic_cmpxchg(&lu->state,
911                                    SBP2LU_STATE_RUNNING, SBP2LU_STATE_IN_RESET)
912                     == SBP2LU_STATE_RUNNING)
913                         scsi_block_requests(lu->shost);
914
915         read_unlock_irqrestore(&sbp2_hi_logical_units_lock, flags);
916 }
917
918 static int sbp2_start_device(struct sbp2_lu *lu)
919 {
920         struct sbp2_fwhost_info *hi = lu->hi;
921         int error;
922
923         lu->login_response = dma_alloc_coherent(hi->host->device.parent,
924                                      sizeof(struct sbp2_login_response),
925                                      &lu->login_response_dma, GFP_KERNEL);
926         if (!lu->login_response)
927                 goto alloc_fail;
928
929         lu->query_logins_orb = dma_alloc_coherent(hi->host->device.parent,
930                                      sizeof(struct sbp2_query_logins_orb),
931                                      &lu->query_logins_orb_dma, GFP_KERNEL);
932         if (!lu->query_logins_orb)
933                 goto alloc_fail;
934
935         lu->query_logins_response = dma_alloc_coherent(hi->host->device.parent,
936                                      sizeof(struct sbp2_query_logins_response),
937                                      &lu->query_logins_response_dma, GFP_KERNEL);
938         if (!lu->query_logins_response)
939                 goto alloc_fail;
940
941         lu->reconnect_orb = dma_alloc_coherent(hi->host->device.parent,
942                                      sizeof(struct sbp2_reconnect_orb),
943                                      &lu->reconnect_orb_dma, GFP_KERNEL);
944         if (!lu->reconnect_orb)
945                 goto alloc_fail;
946
947         lu->logout_orb = dma_alloc_coherent(hi->host->device.parent,
948                                      sizeof(struct sbp2_logout_orb),
949                                      &lu->logout_orb_dma, GFP_KERNEL);
950         if (!lu->logout_orb)
951                 goto alloc_fail;
952
953         lu->login_orb = dma_alloc_coherent(hi->host->device.parent,
954                                      sizeof(struct sbp2_login_orb),
955                                      &lu->login_orb_dma, GFP_KERNEL);
956         if (!lu->login_orb)
957                 goto alloc_fail;
958
959         if (sbp2util_create_command_orb_pool(lu))
960                 goto alloc_fail;
961
962         /* Wait a second before trying to log in. Previously logged in
963          * initiators need a chance to reconnect. */
964         if (msleep_interruptible(1000)) {
965                 sbp2_remove_device(lu);
966                 return -EINTR;
967         }
968
969         if (sbp2_login_device(lu)) {
970                 sbp2_remove_device(lu);
971                 return -EBUSY;
972         }
973
974         sbp2_set_busy_timeout(lu);
975         sbp2_agent_reset(lu, 1);
976         sbp2_max_speed_and_size(lu);
977
978         if (lu->workarounds & SBP2_WORKAROUND_DELAY_INQUIRY)
979                 ssleep(SBP2_INQUIRY_DELAY);
980
981         error = scsi_add_device(lu->shost, 0, lu->ud->id, 0);
982         if (error) {
983                 SBP2_ERR("scsi_add_device failed");
984                 sbp2_logout_device(lu);
985                 sbp2_remove_device(lu);
986                 return error;
987         }
988
989         return 0;
990
991 alloc_fail:
992         SBP2_ERR("Could not allocate memory for lu");
993         sbp2_remove_device(lu);
994         return -ENOMEM;
995 }
996
997 static void sbp2_remove_device(struct sbp2_lu *lu)
998 {
999         struct sbp2_fwhost_info *hi;
1000         unsigned long flags;
1001
1002         if (!lu)
1003                 return;
1004         hi = lu->hi;
1005         if (!hi)
1006                 goto no_hi;
1007
1008         if (lu->shost) {
1009                 scsi_remove_host(lu->shost);
1010                 scsi_host_put(lu->shost);
1011         }
1012         flush_scheduled_work();
1013         sbp2util_remove_command_orb_pool(lu, hi->host);
1014
1015         write_lock_irqsave(&sbp2_hi_logical_units_lock, flags);
1016         list_del(&lu->lu_list);
1017         write_unlock_irqrestore(&sbp2_hi_logical_units_lock, flags);
1018
1019         if (lu->login_response)
1020                 dma_free_coherent(hi->host->device.parent,
1021                                     sizeof(struct sbp2_login_response),
1022                                     lu->login_response,
1023                                     lu->login_response_dma);
1024         if (lu->login_orb)
1025                 dma_free_coherent(hi->host->device.parent,
1026                                     sizeof(struct sbp2_login_orb),
1027                                     lu->login_orb,
1028                                     lu->login_orb_dma);
1029         if (lu->reconnect_orb)
1030                 dma_free_coherent(hi->host->device.parent,
1031                                     sizeof(struct sbp2_reconnect_orb),
1032                                     lu->reconnect_orb,
1033                                     lu->reconnect_orb_dma);
1034         if (lu->logout_orb)
1035                 dma_free_coherent(hi->host->device.parent,
1036                                     sizeof(struct sbp2_logout_orb),
1037                                     lu->logout_orb,
1038                                     lu->logout_orb_dma);
1039         if (lu->query_logins_orb)
1040                 dma_free_coherent(hi->host->device.parent,
1041                                     sizeof(struct sbp2_query_logins_orb),
1042                                     lu->query_logins_orb,
1043                                     lu->query_logins_orb_dma);
1044         if (lu->query_logins_response)
1045                 dma_free_coherent(hi->host->device.parent,
1046                                     sizeof(struct sbp2_query_logins_response),
1047                                     lu->query_logins_response,
1048                                     lu->query_logins_response_dma);
1049
1050         if (lu->status_fifo_addr != CSR1212_INVALID_ADDR_SPACE)
1051                 hpsb_unregister_addrspace(&sbp2_highlevel, hi->host,
1052                                           lu->status_fifo_addr);
1053
1054         lu->ud->device.driver_data = NULL;
1055
1056         module_put(hi->host->driver->owner);
1057 no_hi:
1058         kfree(lu);
1059 }
1060
1061 #ifdef CONFIG_IEEE1394_SBP2_PHYS_DMA
1062 /*
1063  * Deal with write requests on adapters which do not support physical DMA or
1064  * have it switched off.
1065  */
1066 static int sbp2_handle_physdma_write(struct hpsb_host *host, int nodeid,
1067                                      int destid, quadlet_t *data, u64 addr,
1068                                      size_t length, u16 flags)
1069 {
1070         memcpy(bus_to_virt((u32) addr), data, length);
1071         return RCODE_COMPLETE;
1072 }
1073
1074 /*
1075  * Deal with read requests on adapters which do not support physical DMA or
1076  * have it switched off.
1077  */
1078 static int sbp2_handle_physdma_read(struct hpsb_host *host, int nodeid,
1079                                     quadlet_t *data, u64 addr, size_t length,
1080                                     u16 flags)
1081 {
1082         memcpy(data, bus_to_virt((u32) addr), length);
1083         return RCODE_COMPLETE;
1084 }
1085 #endif
1086
1087 /**************************************
1088  * SBP-2 protocol related section
1089  **************************************/
1090
1091 static int sbp2_query_logins(struct sbp2_lu *lu)
1092 {
1093         struct sbp2_fwhost_info *hi = lu->hi;
1094         quadlet_t data[2];
1095         int max_logins;
1096         int active_logins;
1097
1098         lu->query_logins_orb->reserved1 = 0x0;
1099         lu->query_logins_orb->reserved2 = 0x0;
1100
1101         lu->query_logins_orb->query_response_lo = lu->query_logins_response_dma;
1102         lu->query_logins_orb->query_response_hi =
1103                         ORB_SET_NODE_ID(hi->host->node_id);
1104         lu->query_logins_orb->lun_misc =
1105                         ORB_SET_FUNCTION(SBP2_QUERY_LOGINS_REQUEST);
1106         lu->query_logins_orb->lun_misc |= ORB_SET_NOTIFY(1);
1107         lu->query_logins_orb->lun_misc |= ORB_SET_LUN(lu->lun);
1108
1109         lu->query_logins_orb->reserved_resp_length =
1110                 ORB_SET_QUERY_LOGINS_RESP_LENGTH(
1111                         sizeof(struct sbp2_query_logins_response));
1112
1113         lu->query_logins_orb->status_fifo_hi =
1114                 ORB_SET_STATUS_FIFO_HI(lu->status_fifo_addr, hi->host->node_id);
1115         lu->query_logins_orb->status_fifo_lo =
1116                 ORB_SET_STATUS_FIFO_LO(lu->status_fifo_addr);
1117
1118         sbp2util_cpu_to_be32_buffer(lu->query_logins_orb,
1119                                     sizeof(struct sbp2_query_logins_orb));
1120
1121         memset(lu->query_logins_response, 0,
1122                sizeof(struct sbp2_query_logins_response));
1123
1124         data[0] = ORB_SET_NODE_ID(hi->host->node_id);
1125         data[1] = lu->query_logins_orb_dma;
1126         sbp2util_cpu_to_be32_buffer(data, 8);
1127
1128         hpsb_node_write(lu->ne, lu->management_agent_addr, data, 8);
1129
1130         if (sbp2util_access_timeout(lu, 2*HZ)) {
1131                 SBP2_INFO("Error querying logins to SBP-2 device - timed out");
1132                 return -EIO;
1133         }
1134
1135         if (lu->status_block.ORB_offset_lo != lu->query_logins_orb_dma) {
1136                 SBP2_INFO("Error querying logins to SBP-2 device - timed out");
1137                 return -EIO;
1138         }
1139
1140         if (STATUS_TEST_RDS(lu->status_block.ORB_offset_hi_misc)) {
1141                 SBP2_INFO("Error querying logins to SBP-2 device - failed");
1142                 return -EIO;
1143         }
1144
1145         sbp2util_cpu_to_be32_buffer(lu->query_logins_response,
1146                                     sizeof(struct sbp2_query_logins_response));
1147
1148         max_logins = RESPONSE_GET_MAX_LOGINS(
1149                         lu->query_logins_response->length_max_logins);
1150         SBP2_INFO("Maximum concurrent logins supported: %d", max_logins);
1151
1152         active_logins = RESPONSE_GET_ACTIVE_LOGINS(
1153                         lu->query_logins_response->length_max_logins);
1154         SBP2_INFO("Number of active logins: %d", active_logins);
1155
1156         if (active_logins >= max_logins) {
1157                 return -EIO;
1158         }
1159
1160         return 0;
1161 }
1162
1163 static int sbp2_login_device(struct sbp2_lu *lu)
1164 {
1165         struct sbp2_fwhost_info *hi = lu->hi;
1166         quadlet_t data[2];
1167
1168         if (!lu->login_orb)
1169                 return -EIO;
1170
1171         if (!sbp2_exclusive_login && sbp2_query_logins(lu)) {
1172                 SBP2_INFO("Device does not support any more concurrent logins");
1173                 return -EIO;
1174         }
1175
1176         /* assume no password */
1177         lu->login_orb->password_hi = 0;
1178         lu->login_orb->password_lo = 0;
1179
1180         lu->login_orb->login_response_lo = lu->login_response_dma;
1181         lu->login_orb->login_response_hi = ORB_SET_NODE_ID(hi->host->node_id);
1182         lu->login_orb->lun_misc = ORB_SET_FUNCTION(SBP2_LOGIN_REQUEST);
1183
1184         /* one second reconnect time */
1185         lu->login_orb->lun_misc |= ORB_SET_RECONNECT(0);
1186         lu->login_orb->lun_misc |= ORB_SET_EXCLUSIVE(sbp2_exclusive_login);
1187         lu->login_orb->lun_misc |= ORB_SET_NOTIFY(1);
1188         lu->login_orb->lun_misc |= ORB_SET_LUN(lu->lun);
1189
1190         lu->login_orb->passwd_resp_lengths =
1191                 ORB_SET_LOGIN_RESP_LENGTH(sizeof(struct sbp2_login_response));
1192
1193         lu->login_orb->status_fifo_hi =
1194                 ORB_SET_STATUS_FIFO_HI(lu->status_fifo_addr, hi->host->node_id);
1195         lu->login_orb->status_fifo_lo =
1196                 ORB_SET_STATUS_FIFO_LO(lu->status_fifo_addr);
1197
1198         sbp2util_cpu_to_be32_buffer(lu->login_orb,
1199                                     sizeof(struct sbp2_login_orb));
1200
1201         memset(lu->login_response, 0, sizeof(struct sbp2_login_response));
1202
1203         data[0] = ORB_SET_NODE_ID(hi->host->node_id);
1204         data[1] = lu->login_orb_dma;
1205         sbp2util_cpu_to_be32_buffer(data, 8);
1206
1207         hpsb_node_write(lu->ne, lu->management_agent_addr, data, 8);
1208
1209         /* wait up to 20 seconds for login status */
1210         if (sbp2util_access_timeout(lu, 20*HZ)) {
1211                 SBP2_ERR("Error logging into SBP-2 device - timed out");
1212                 return -EIO;
1213         }
1214
1215         /* make sure that the returned status matches the login ORB */
1216         if (lu->status_block.ORB_offset_lo != lu->login_orb_dma) {
1217                 SBP2_ERR("Error logging into SBP-2 device - timed out");
1218                 return -EIO;
1219         }
1220
1221         if (STATUS_TEST_RDS(lu->status_block.ORB_offset_hi_misc)) {
1222                 SBP2_ERR("Error logging into SBP-2 device - failed");
1223                 return -EIO;
1224         }
1225
1226         sbp2util_cpu_to_be32_buffer(lu->login_response,
1227                                     sizeof(struct sbp2_login_response));
1228         lu->command_block_agent_addr =
1229                         ((u64)lu->login_response->command_block_agent_hi) << 32;
1230         lu->command_block_agent_addr |=
1231                         ((u64)lu->login_response->command_block_agent_lo);
1232         lu->command_block_agent_addr &= 0x0000ffffffffffffULL;
1233
1234         SBP2_INFO("Logged into SBP-2 device");
1235         return 0;
1236 }
1237
1238 static int sbp2_logout_device(struct sbp2_lu *lu)
1239 {
1240         struct sbp2_fwhost_info *hi = lu->hi;
1241         quadlet_t data[2];
1242         int error;
1243
1244         lu->logout_orb->reserved1 = 0x0;
1245         lu->logout_orb->reserved2 = 0x0;
1246         lu->logout_orb->reserved3 = 0x0;
1247         lu->logout_orb->reserved4 = 0x0;
1248
1249         lu->logout_orb->login_ID_misc = ORB_SET_FUNCTION(SBP2_LOGOUT_REQUEST);
1250         lu->logout_orb->login_ID_misc |=
1251                         ORB_SET_LOGIN_ID(lu->login_response->length_login_ID);
1252         lu->logout_orb->login_ID_misc |= ORB_SET_NOTIFY(1);
1253
1254         lu->logout_orb->reserved5 = 0x0;
1255         lu->logout_orb->status_fifo_hi =
1256                 ORB_SET_STATUS_FIFO_HI(lu->status_fifo_addr, hi->host->node_id);
1257         lu->logout_orb->status_fifo_lo =
1258                 ORB_SET_STATUS_FIFO_LO(lu->status_fifo_addr);
1259
1260         sbp2util_cpu_to_be32_buffer(lu->logout_orb,
1261                                     sizeof(struct sbp2_logout_orb));
1262
1263         data[0] = ORB_SET_NODE_ID(hi->host->node_id);
1264         data[1] = lu->logout_orb_dma;
1265         sbp2util_cpu_to_be32_buffer(data, 8);
1266
1267         error = hpsb_node_write(lu->ne, lu->management_agent_addr, data, 8);
1268         if (error)
1269                 return error;
1270
1271         /* wait up to 1 second for the device to complete logout */
1272         if (sbp2util_access_timeout(lu, HZ))
1273                 return -EIO;
1274
1275         SBP2_INFO("Logged out of SBP-2 device");
1276         return 0;
1277 }
1278
1279 static int sbp2_reconnect_device(struct sbp2_lu *lu)
1280 {
1281         struct sbp2_fwhost_info *hi = lu->hi;
1282         quadlet_t data[2];
1283         int error;
1284
1285         lu->reconnect_orb->reserved1 = 0x0;
1286         lu->reconnect_orb->reserved2 = 0x0;
1287         lu->reconnect_orb->reserved3 = 0x0;
1288         lu->reconnect_orb->reserved4 = 0x0;
1289
1290         lu->reconnect_orb->login_ID_misc =
1291                         ORB_SET_FUNCTION(SBP2_RECONNECT_REQUEST);
1292         lu->reconnect_orb->login_ID_misc |=
1293                         ORB_SET_LOGIN_ID(lu->login_response->length_login_ID);
1294         lu->reconnect_orb->login_ID_misc |= ORB_SET_NOTIFY(1);
1295
1296         lu->reconnect_orb->reserved5 = 0x0;
1297         lu->reconnect_orb->status_fifo_hi =
1298                 ORB_SET_STATUS_FIFO_HI(lu->status_fifo_addr, hi->host->node_id);
1299         lu->reconnect_orb->status_fifo_lo =
1300                 ORB_SET_STATUS_FIFO_LO(lu->status_fifo_addr);
1301
1302         sbp2util_cpu_to_be32_buffer(lu->reconnect_orb,
1303                                     sizeof(struct sbp2_reconnect_orb));
1304
1305         data[0] = ORB_SET_NODE_ID(hi->host->node_id);
1306         data[1] = lu->reconnect_orb_dma;
1307         sbp2util_cpu_to_be32_buffer(data, 8);
1308
1309         error = hpsb_node_write(lu->ne, lu->management_agent_addr, data, 8);
1310         if (error)
1311                 return error;
1312
1313         /* wait up to 1 second for reconnect status */
1314         if (sbp2util_access_timeout(lu, HZ)) {
1315                 SBP2_ERR("Error reconnecting to SBP-2 device - timed out");
1316                 return -EIO;
1317         }
1318
1319         /* make sure that the returned status matches the reconnect ORB */
1320         if (lu->status_block.ORB_offset_lo != lu->reconnect_orb_dma) {
1321                 SBP2_ERR("Error reconnecting to SBP-2 device - timed out");
1322                 return -EIO;
1323         }
1324
1325         if (STATUS_TEST_RDS(lu->status_block.ORB_offset_hi_misc)) {
1326                 SBP2_ERR("Error reconnecting to SBP-2 device - failed");
1327                 return -EIO;
1328         }
1329
1330         SBP2_INFO("Reconnected to SBP-2 device");
1331         return 0;
1332 }
1333
1334 /*
1335  * Set the target node's Single Phase Retry limit. Affects the target's retry
1336  * behaviour if our node is too busy to accept requests.
1337  */
1338 static int sbp2_set_busy_timeout(struct sbp2_lu *lu)
1339 {
1340         quadlet_t data;
1341
1342         data = cpu_to_be32(SBP2_BUSY_TIMEOUT_VALUE);
1343         if (hpsb_node_write(lu->ne, SBP2_BUSY_TIMEOUT_ADDRESS, &data, 4))
1344                 SBP2_ERR("%s error", __func__);
1345         return 0;
1346 }
1347
1348 static void sbp2_parse_unit_directory(struct sbp2_lu *lu,
1349                                       struct unit_directory *ud)
1350 {
1351         struct csr1212_keyval *kv;
1352         struct csr1212_dentry *dentry;
1353         u64 management_agent_addr;
1354         u32 unit_characteristics, firmware_revision, model;
1355         unsigned workarounds;
1356         int i;
1357
1358         management_agent_addr = 0;
1359         unit_characteristics = 0;
1360         firmware_revision = SBP2_ROM_VALUE_MISSING;
1361         model = ud->flags & UNIT_DIRECTORY_MODEL_ID ?
1362                                 ud->model_id : SBP2_ROM_VALUE_MISSING;
1363
1364         csr1212_for_each_dir_entry(ud->ne->csr, kv, ud->ud_kv, dentry) {
1365                 switch (kv->key.id) {
1366                 case CSR1212_KV_ID_DEPENDENT_INFO:
1367                         if (kv->key.type == CSR1212_KV_TYPE_CSR_OFFSET)
1368                                 management_agent_addr =
1369                                     CSR1212_REGISTER_SPACE_BASE +
1370                                     (kv->value.csr_offset << 2);
1371
1372                         else if (kv->key.type == CSR1212_KV_TYPE_IMMEDIATE)
1373                                 lu->lun = ORB_SET_LUN(kv->value.immediate);
1374                         break;
1375
1376                 case SBP2_UNIT_CHARACTERISTICS_KEY:
1377                         /* FIXME: This is ignored so far.
1378                          * See SBP-2 clause 7.4.8. */
1379                         unit_characteristics = kv->value.immediate;
1380                         break;
1381
1382                 case SBP2_FIRMWARE_REVISION_KEY:
1383                         firmware_revision = kv->value.immediate;
1384                         break;
1385
1386                 default:
1387                         /* FIXME: Check for SBP2_DEVICE_TYPE_AND_LUN_KEY.
1388                          * Its "ordered" bit has consequences for command ORB
1389                          * list handling. See SBP-2 clauses 4.6, 7.4.11, 10.2 */
1390                         break;
1391                 }
1392         }
1393
1394         workarounds = sbp2_default_workarounds;
1395
1396         if (!(workarounds & SBP2_WORKAROUND_OVERRIDE))
1397                 for (i = 0; i < ARRAY_SIZE(sbp2_workarounds_table); i++) {
1398                         if (sbp2_workarounds_table[i].firmware_revision !=
1399                             SBP2_ROM_VALUE_WILDCARD &&
1400                             sbp2_workarounds_table[i].firmware_revision !=
1401                             (firmware_revision & 0xffff00))
1402                                 continue;
1403                         if (sbp2_workarounds_table[i].model !=
1404                             SBP2_ROM_VALUE_WILDCARD &&
1405                             sbp2_workarounds_table[i].model != model)
1406                                 continue;
1407                         workarounds |= sbp2_workarounds_table[i].workarounds;
1408                         break;
1409                 }
1410
1411         if (workarounds)
1412                 SBP2_INFO("Workarounds for node " NODE_BUS_FMT ": 0x%x "
1413                           "(firmware_revision 0x%06x, vendor_id 0x%06x,"
1414                           " model_id 0x%06x)",
1415                           NODE_BUS_ARGS(ud->ne->host, ud->ne->nodeid),
1416                           workarounds, firmware_revision, ud->vendor_id,
1417                           model);
1418
1419         /* We would need one SCSI host template for each target to adjust
1420          * max_sectors on the fly, therefore warn only. */
1421         if (workarounds & SBP2_WORKAROUND_128K_MAX_TRANS &&
1422             (sbp2_max_sectors * 512) > (128 * 1024))
1423                 SBP2_INFO("Node " NODE_BUS_FMT ": Bridge only supports 128KB "
1424                           "max transfer size. WARNING: Current max_sectors "
1425                           "setting is larger than 128KB (%d sectors)",
1426                           NODE_BUS_ARGS(ud->ne->host, ud->ne->nodeid),
1427                           sbp2_max_sectors);
1428
1429         /* If this is a logical unit directory entry, process the parent
1430          * to get the values. */
1431         if (ud->flags & UNIT_DIRECTORY_LUN_DIRECTORY) {
1432                 struct unit_directory *parent_ud = container_of(
1433                         ud->device.parent, struct unit_directory, device);
1434                 sbp2_parse_unit_directory(lu, parent_ud);
1435         } else {
1436                 lu->management_agent_addr = management_agent_addr;
1437                 lu->workarounds = workarounds;
1438                 if (ud->flags & UNIT_DIRECTORY_HAS_LUN)
1439                         lu->lun = ORB_SET_LUN(ud->lun);
1440         }
1441 }
1442
1443 #define SBP2_PAYLOAD_TO_BYTES(p) (1 << ((p) + 2))
1444
1445 /*
1446  * This function is called in order to determine the max speed and packet
1447  * size we can use in our ORBs. Note, that we (the driver and host) only
1448  * initiate the transaction. The SBP-2 device actually transfers the data
1449  * (by reading from the DMA area we tell it). This means that the SBP-2
1450  * device decides the actual maximum data it can transfer. We just tell it
1451  * the speed that it needs to use, and the max_rec the host supports, and
1452  * it takes care of the rest.
1453  */
1454 static int sbp2_max_speed_and_size(struct sbp2_lu *lu)
1455 {
1456         struct sbp2_fwhost_info *hi = lu->hi;
1457         u8 payload;
1458
1459         lu->speed_code = hi->host->speed[NODEID_TO_NODE(lu->ne->nodeid)];
1460
1461         if (lu->speed_code > sbp2_max_speed) {
1462                 lu->speed_code = sbp2_max_speed;
1463                 SBP2_INFO("Reducing speed to %s",
1464                           hpsb_speedto_str[sbp2_max_speed]);
1465         }
1466
1467         /* Payload size is the lesser of what our speed supports and what
1468          * our host supports.  */
1469         payload = min(sbp2_speedto_max_payload[lu->speed_code],
1470                       (u8) (hi->host->csr.max_rec - 1));
1471
1472         /* If physical DMA is off, work around limitation in ohci1394:
1473          * packet size must not exceed PAGE_SIZE */
1474         if (lu->ne->host->low_addr_space < (1ULL << 32))
1475                 while (SBP2_PAYLOAD_TO_BYTES(payload) + 24 > PAGE_SIZE &&
1476                        payload)
1477                         payload--;
1478
1479         SBP2_INFO("Node " NODE_BUS_FMT ": Max speed [%s] - Max payload [%u]",
1480                   NODE_BUS_ARGS(hi->host, lu->ne->nodeid),
1481                   hpsb_speedto_str[lu->speed_code],
1482                   SBP2_PAYLOAD_TO_BYTES(payload));
1483
1484         lu->max_payload_size = payload;
1485         return 0;
1486 }
1487
1488 static int sbp2_agent_reset(struct sbp2_lu *lu, int wait)
1489 {
1490         quadlet_t data;
1491         u64 addr;
1492         int retval;
1493         unsigned long flags;
1494
1495         /* flush lu->protocol_work */
1496         if (wait)
1497                 flush_scheduled_work();
1498
1499         data = ntohl(SBP2_AGENT_RESET_DATA);
1500         addr = lu->command_block_agent_addr + SBP2_AGENT_RESET_OFFSET;
1501
1502         if (wait)
1503                 retval = hpsb_node_write(lu->ne, addr, &data, 4);
1504         else
1505                 retval = sbp2util_node_write_no_wait(lu->ne, addr, &data, 4);
1506
1507         if (retval < 0) {
1508                 SBP2_ERR("hpsb_node_write failed.\n");
1509                 return -EIO;
1510         }
1511
1512         /* make sure that the ORB_POINTER is written on next command */
1513         spin_lock_irqsave(&lu->cmd_orb_lock, flags);
1514         lu->last_orb = NULL;
1515         spin_unlock_irqrestore(&lu->cmd_orb_lock, flags);
1516
1517         return 0;
1518 }
1519
1520 static int sbp2_prep_command_orb_sg(struct sbp2_command_orb *orb,
1521                                     struct sbp2_fwhost_info *hi,
1522                                     struct sbp2_command_info *cmd,
1523                                     unsigned int sg_count,
1524                                     struct scatterlist *sg,
1525                                     u32 orb_direction,
1526                                     enum dma_data_direction dma_dir)
1527 {
1528         struct device *dmadev = hi->host->device.parent;
1529         struct sbp2_unrestricted_page_table *pt;
1530         int i, n;
1531
1532         n = dma_map_sg(dmadev, sg, sg_count, dma_dir);
1533         if (n == 0)
1534                 return -ENOMEM;
1535
1536         orb->data_descriptor_hi = ORB_SET_NODE_ID(hi->host->node_id);
1537         orb->misc |= ORB_SET_DIRECTION(orb_direction);
1538
1539         /* special case if only one element (and less than 64KB in size) */
1540         if (n == 1) {
1541                 orb->misc |= ORB_SET_DATA_SIZE(sg_dma_len(sg));
1542                 orb->data_descriptor_lo = sg_dma_address(sg);
1543         } else {
1544                 pt = &cmd->scatter_gather_element[0];
1545
1546                 dma_sync_single_for_cpu(dmadev, cmd->sge_dma,
1547                                         sizeof(cmd->scatter_gather_element),
1548                                         DMA_TO_DEVICE);
1549
1550                 for_each_sg(sg, sg, n, i) {
1551                         pt[i].high = cpu_to_be32(sg_dma_len(sg) << 16);
1552                         pt[i].low = cpu_to_be32(sg_dma_address(sg));
1553                 }
1554
1555                 orb->misc |= ORB_SET_PAGE_TABLE_PRESENT(0x1) |
1556                              ORB_SET_DATA_SIZE(n);
1557                 orb->data_descriptor_lo = cmd->sge_dma;
1558
1559                 dma_sync_single_for_device(dmadev, cmd->sge_dma,
1560                                            sizeof(cmd->scatter_gather_element),
1561                                            DMA_TO_DEVICE);
1562         }
1563         return 0;
1564 }
1565
1566 static int sbp2_create_command_orb(struct sbp2_lu *lu,
1567                                    struct sbp2_command_info *cmd,
1568                                    struct scsi_cmnd *SCpnt)
1569 {
1570         struct device *dmadev = lu->hi->host->device.parent;
1571         struct sbp2_command_orb *orb = &cmd->command_orb;
1572         unsigned int scsi_request_bufflen = scsi_bufflen(SCpnt);
1573         enum dma_data_direction dma_dir = SCpnt->sc_data_direction;
1574         u32 orb_direction;
1575         int ret;
1576
1577         dma_sync_single_for_cpu(dmadev, cmd->command_orb_dma,
1578                                 sizeof(struct sbp2_command_orb), DMA_TO_DEVICE);
1579         /*
1580          * Set-up our command ORB.
1581          *
1582          * NOTE: We're doing unrestricted page tables (s/g), as this is
1583          * best performance (at least with the devices I have). This means
1584          * that data_size becomes the number of s/g elements, and
1585          * page_size should be zero (for unrestricted).
1586          */
1587         orb->next_ORB_hi = ORB_SET_NULL_PTR(1);
1588         orb->next_ORB_lo = 0x0;
1589         orb->misc = ORB_SET_MAX_PAYLOAD(lu->max_payload_size);
1590         orb->misc |= ORB_SET_SPEED(lu->speed_code);
1591         orb->misc |= ORB_SET_NOTIFY(1);
1592
1593         if (dma_dir == DMA_NONE)
1594                 orb_direction = ORB_DIRECTION_NO_DATA_TRANSFER;
1595         else if (dma_dir == DMA_TO_DEVICE && scsi_request_bufflen)
1596                 orb_direction = ORB_DIRECTION_WRITE_TO_MEDIA;
1597         else if (dma_dir == DMA_FROM_DEVICE && scsi_request_bufflen)
1598                 orb_direction = ORB_DIRECTION_READ_FROM_MEDIA;
1599         else {
1600                 SBP2_INFO("Falling back to DMA_NONE");
1601                 orb_direction = ORB_DIRECTION_NO_DATA_TRANSFER;
1602         }
1603
1604         /* set up our page table stuff */
1605         if (orb_direction == ORB_DIRECTION_NO_DATA_TRANSFER) {
1606                 orb->data_descriptor_hi = 0x0;
1607                 orb->data_descriptor_lo = 0x0;
1608                 orb->misc |= ORB_SET_DIRECTION(1);
1609                 ret = 0;
1610         } else {
1611                 ret = sbp2_prep_command_orb_sg(orb, lu->hi, cmd,
1612                                                scsi_sg_count(SCpnt),
1613                                                scsi_sglist(SCpnt),
1614                                                orb_direction, dma_dir);
1615         }
1616         sbp2util_cpu_to_be32_buffer(orb, sizeof(*orb));
1617
1618         memset(orb->cdb, 0, sizeof(orb->cdb));
1619         memcpy(orb->cdb, SCpnt->cmnd, SCpnt->cmd_len);
1620
1621         dma_sync_single_for_device(dmadev, cmd->command_orb_dma,
1622                         sizeof(struct sbp2_command_orb), DMA_TO_DEVICE);
1623         return ret;
1624 }
1625
1626 static void sbp2_link_orb_command(struct sbp2_lu *lu,
1627                                   struct sbp2_command_info *cmd)
1628 {
1629         struct sbp2_fwhost_info *hi = lu->hi;
1630         struct sbp2_command_orb *last_orb;
1631         dma_addr_t last_orb_dma;
1632         u64 addr = lu->command_block_agent_addr;
1633         quadlet_t data[2];
1634         size_t length;
1635         unsigned long flags;
1636
1637         /* check to see if there are any previous orbs to use */
1638         spin_lock_irqsave(&lu->cmd_orb_lock, flags);
1639         last_orb = lu->last_orb;
1640         last_orb_dma = lu->last_orb_dma;
1641         if (!last_orb) {
1642                 /*
1643                  * last_orb == NULL means: We know that the target's fetch agent
1644                  * is not active right now.
1645                  */
1646                 addr += SBP2_ORB_POINTER_OFFSET;
1647                 data[0] = ORB_SET_NODE_ID(hi->host->node_id);
1648                 data[1] = cmd->command_orb_dma;
1649                 sbp2util_cpu_to_be32_buffer(data, 8);
1650                 length = 8;
1651         } else {
1652                 /*
1653                  * last_orb != NULL means: We know that the target's fetch agent
1654                  * is (very probably) not dead or in reset state right now.
1655                  * We have an ORB already sent that we can append a new one to.
1656                  * The target's fetch agent may or may not have read this
1657                  * previous ORB yet.
1658                  */
1659                 dma_sync_single_for_cpu(hi->host->device.parent, last_orb_dma,
1660                                         sizeof(struct sbp2_command_orb),
1661                                         DMA_TO_DEVICE);
1662                 last_orb->next_ORB_lo = cpu_to_be32(cmd->command_orb_dma);
1663                 wmb();
1664                 /* Tells hardware that this pointer is valid */
1665                 last_orb->next_ORB_hi = 0;
1666                 dma_sync_single_for_device(hi->host->device.parent,
1667                                            last_orb_dma,
1668                                            sizeof(struct sbp2_command_orb),
1669                                            DMA_TO_DEVICE);
1670                 addr += SBP2_DOORBELL_OFFSET;
1671                 data[0] = 0;
1672                 length = 4;
1673         }
1674         lu->last_orb = &cmd->command_orb;
1675         lu->last_orb_dma = cmd->command_orb_dma;
1676         spin_unlock_irqrestore(&lu->cmd_orb_lock, flags);
1677
1678         if (sbp2util_node_write_no_wait(lu->ne, addr, data, length)) {
1679                 /*
1680                  * sbp2util_node_write_no_wait failed. We certainly ran out
1681                  * of transaction labels, perhaps just because there were no
1682                  * context switches which gave khpsbpkt a chance to collect
1683                  * free tlabels. Try again in non-atomic context. If necessary,
1684                  * the workqueue job will sleep to guaranteedly get a tlabel.
1685                  * We do not accept new commands until the job is over.
1686                  */
1687                 scsi_block_requests(lu->shost);
1688                 PREPARE_WORK(&lu->protocol_work,
1689                              last_orb ? sbp2util_write_doorbell:
1690                                         sbp2util_write_orb_pointer);
1691                 schedule_work(&lu->protocol_work);
1692         }
1693 }
1694
1695 static int sbp2_send_command(struct sbp2_lu *lu, struct scsi_cmnd *SCpnt,
1696                              void (*done)(struct scsi_cmnd *))
1697 {
1698         struct sbp2_command_info *cmd;
1699
1700         cmd = sbp2util_allocate_command_orb(lu, SCpnt, done);
1701         if (!cmd)
1702                 return -EIO;
1703
1704         if (sbp2_create_command_orb(lu, cmd, SCpnt))
1705                 return -ENOMEM;
1706
1707         sbp2_link_orb_command(lu, cmd);
1708         return 0;
1709 }
1710
1711 /*
1712  * Translates SBP-2 status into SCSI sense data for check conditions
1713  */
1714 static unsigned int sbp2_status_to_sense_data(unchar *sbp2_status,
1715                                               unchar *sense_data)
1716 {
1717         /* OK, it's pretty ugly... ;-) */
1718         sense_data[0] = 0x70;
1719         sense_data[1] = 0x0;
1720         sense_data[2] = sbp2_status[9];
1721         sense_data[3] = sbp2_status[12];
1722         sense_data[4] = sbp2_status[13];
1723         sense_data[5] = sbp2_status[14];
1724         sense_data[6] = sbp2_status[15];
1725         sense_data[7] = 10;
1726         sense_data[8] = sbp2_status[16];
1727         sense_data[9] = sbp2_status[17];
1728         sense_data[10] = sbp2_status[18];
1729         sense_data[11] = sbp2_status[19];
1730         sense_data[12] = sbp2_status[10];
1731         sense_data[13] = sbp2_status[11];
1732         sense_data[14] = sbp2_status[20];
1733         sense_data[15] = sbp2_status[21];
1734
1735         return sbp2_status[8] & 0x3f;
1736 }
1737
1738 static int sbp2_handle_status_write(struct hpsb_host *host, int nodeid,
1739                                     int destid, quadlet_t *data, u64 addr,
1740                                     size_t length, u16 fl)
1741 {
1742         struct sbp2_fwhost_info *hi;
1743         struct sbp2_lu *lu = NULL, *lu_tmp;
1744         struct scsi_cmnd *SCpnt = NULL;
1745         struct sbp2_status_block *sb;
1746         u32 scsi_status = SBP2_SCSI_STATUS_GOOD;
1747         struct sbp2_command_info *cmd;
1748         unsigned long flags;
1749
1750         if (unlikely(length < 8 || length > sizeof(struct sbp2_status_block))) {
1751                 SBP2_ERR("Wrong size of status block");
1752                 return RCODE_ADDRESS_ERROR;
1753         }
1754         if (unlikely(!host)) {
1755                 SBP2_ERR("host is NULL - this is bad!");
1756                 return RCODE_ADDRESS_ERROR;
1757         }
1758         hi = hpsb_get_hostinfo(&sbp2_highlevel, host);
1759         if (unlikely(!hi)) {
1760                 SBP2_ERR("host info is NULL - this is bad!");
1761                 return RCODE_ADDRESS_ERROR;
1762         }
1763
1764         /* Find the unit which wrote the status. */
1765         read_lock_irqsave(&sbp2_hi_logical_units_lock, flags);
1766         list_for_each_entry(lu_tmp, &hi->logical_units, lu_list) {
1767                 if (lu_tmp->ne->nodeid == nodeid &&
1768                     lu_tmp->status_fifo_addr == addr) {
1769                         lu = lu_tmp;
1770                         break;
1771                 }
1772         }
1773         read_unlock_irqrestore(&sbp2_hi_logical_units_lock, flags);
1774
1775         if (unlikely(!lu)) {
1776                 SBP2_ERR("lu is NULL - device is gone?");
1777                 return RCODE_ADDRESS_ERROR;
1778         }
1779
1780         /* Put response into lu status fifo buffer. The first two bytes
1781          * come in big endian bit order. Often the target writes only a
1782          * truncated status block, minimally the first two quadlets. The rest
1783          * is implied to be zeros. */
1784         sb = &lu->status_block;
1785         memset(sb->command_set_dependent, 0, sizeof(sb->command_set_dependent));
1786         memcpy(sb, data, length);
1787         sbp2util_be32_to_cpu_buffer(sb, 8);
1788
1789         /* Ignore unsolicited status. Handle command ORB status. */
1790         if (unlikely(STATUS_GET_SRC(sb->ORB_offset_hi_misc) == 2))
1791                 cmd = NULL;
1792         else
1793                 cmd = sbp2util_find_command_for_orb(lu, sb->ORB_offset_lo);
1794         if (cmd) {
1795                 /* Grab SCSI command pointers and check status. */
1796                 /*
1797                  * FIXME: If the src field in the status is 1, the ORB DMA must
1798                  * not be reused until status for a subsequent ORB is received.
1799                  */
1800                 SCpnt = cmd->Current_SCpnt;
1801                 spin_lock_irqsave(&lu->cmd_orb_lock, flags);
1802                 sbp2util_mark_command_completed(lu, cmd);
1803                 spin_unlock_irqrestore(&lu->cmd_orb_lock, flags);
1804
1805                 if (SCpnt) {
1806                         u32 h = sb->ORB_offset_hi_misc;
1807                         u32 r = STATUS_GET_RESP(h);
1808
1809                         if (r != RESP_STATUS_REQUEST_COMPLETE) {
1810                                 SBP2_INFO("resp 0x%x, sbp_status 0x%x",
1811                                           r, STATUS_GET_SBP_STATUS(h));
1812                                 scsi_status =
1813                                         r == RESP_STATUS_TRANSPORT_FAILURE ?
1814                                         SBP2_SCSI_STATUS_BUSY :
1815                                         SBP2_SCSI_STATUS_COMMAND_TERMINATED;
1816                         }
1817
1818                         if (STATUS_GET_LEN(h) > 1)
1819                                 scsi_status = sbp2_status_to_sense_data(
1820                                         (unchar *)sb, SCpnt->sense_buffer);
1821
1822                         if (STATUS_TEST_DEAD(h))
1823                                 sbp2_agent_reset(lu, 0);
1824                 }
1825
1826                 /* Check here to see if there are no commands in-use. If there
1827                  * are none, we know that the fetch agent left the active state
1828                  * _and_ that we did not reactivate it yet. Therefore clear
1829                  * last_orb so that next time we write directly to the
1830                  * ORB_POINTER register. That way the fetch agent does not need
1831                  * to refetch the next_ORB. */
1832                 spin_lock_irqsave(&lu->cmd_orb_lock, flags);
1833                 if (list_empty(&lu->cmd_orb_inuse))
1834                         lu->last_orb = NULL;
1835                 spin_unlock_irqrestore(&lu->cmd_orb_lock, flags);
1836
1837         } else {
1838                 /* It's probably status after a management request. */
1839                 if ((sb->ORB_offset_lo == lu->reconnect_orb_dma) ||
1840                     (sb->ORB_offset_lo == lu->login_orb_dma) ||
1841                     (sb->ORB_offset_lo == lu->query_logins_orb_dma) ||
1842                     (sb->ORB_offset_lo == lu->logout_orb_dma)) {
1843                         lu->access_complete = 1;
1844                         wake_up_interruptible(&sbp2_access_wq);
1845                 }
1846         }
1847
1848         if (SCpnt)
1849                 sbp2scsi_complete_command(lu, scsi_status, SCpnt,
1850                                           cmd->Current_done);
1851         return RCODE_COMPLETE;
1852 }
1853
1854 /**************************************
1855  * SCSI interface related section
1856  **************************************/
1857
1858 static int sbp2scsi_queuecommand(struct scsi_cmnd *SCpnt,
1859                                  void (*done)(struct scsi_cmnd *))
1860 {
1861         struct sbp2_lu *lu = (struct sbp2_lu *)SCpnt->device->host->hostdata[0];
1862         struct sbp2_fwhost_info *hi;
1863         int result = DID_NO_CONNECT << 16;
1864
1865         if (unlikely(!sbp2util_node_is_available(lu)))
1866                 goto done;
1867
1868         hi = lu->hi;
1869
1870         if (unlikely(!hi)) {
1871                 SBP2_ERR("sbp2_fwhost_info is NULL - this is bad!");
1872                 goto done;
1873         }
1874
1875         /* Multiple units are currently represented to the SCSI core as separate
1876          * targets, not as one target with multiple LUs. Therefore return
1877          * selection time-out to any IO directed at non-zero LUNs. */
1878         if (unlikely(SCpnt->device->lun))
1879                 goto done;
1880
1881         if (unlikely(!hpsb_node_entry_valid(lu->ne))) {
1882                 SBP2_ERR("Bus reset in progress - rejecting command");
1883                 result = DID_BUS_BUSY << 16;
1884                 goto done;
1885         }
1886
1887         /* Bidirectional commands are not yet implemented,
1888          * and unknown transfer direction not handled. */
1889         if (unlikely(SCpnt->sc_data_direction == DMA_BIDIRECTIONAL)) {
1890                 SBP2_ERR("Cannot handle DMA_BIDIRECTIONAL - rejecting command");
1891                 result = DID_ERROR << 16;
1892                 goto done;
1893         }
1894
1895         if (sbp2_send_command(lu, SCpnt, done)) {
1896                 SBP2_ERR("Error sending SCSI command");
1897                 sbp2scsi_complete_command(lu,
1898                                           SBP2_SCSI_STATUS_SELECTION_TIMEOUT,
1899                                           SCpnt, done);
1900         }
1901         return 0;
1902
1903 done:
1904         SCpnt->result = result;
1905         done(SCpnt);
1906         return 0;
1907 }
1908
1909 static void sbp2scsi_complete_all_commands(struct sbp2_lu *lu, u32 status)
1910 {
1911         struct list_head *lh;
1912         struct sbp2_command_info *cmd;
1913         unsigned long flags;
1914
1915         spin_lock_irqsave(&lu->cmd_orb_lock, flags);
1916         while (!list_empty(&lu->cmd_orb_inuse)) {
1917                 lh = lu->cmd_orb_inuse.next;
1918                 cmd = list_entry(lh, struct sbp2_command_info, list);
1919                 sbp2util_mark_command_completed(lu, cmd);
1920                 if (cmd->Current_SCpnt) {
1921                         cmd->Current_SCpnt->result = status << 16;
1922                         cmd->Current_done(cmd->Current_SCpnt);
1923                 }
1924         }
1925         spin_unlock_irqrestore(&lu->cmd_orb_lock, flags);
1926
1927         return;
1928 }
1929
1930 /*
1931  * Complete a regular SCSI command. Can be called in atomic context.
1932  */
1933 static void sbp2scsi_complete_command(struct sbp2_lu *lu, u32 scsi_status,
1934                                       struct scsi_cmnd *SCpnt,
1935                                       void (*done)(struct scsi_cmnd *))
1936 {
1937         if (!SCpnt) {
1938                 SBP2_ERR("SCpnt is NULL");
1939                 return;
1940         }
1941
1942         switch (scsi_status) {
1943         case SBP2_SCSI_STATUS_GOOD:
1944                 SCpnt->result = DID_OK << 16;
1945                 break;
1946
1947         case SBP2_SCSI_STATUS_BUSY:
1948                 SBP2_ERR("SBP2_SCSI_STATUS_BUSY");
1949                 SCpnt->result = DID_BUS_BUSY << 16;
1950                 break;
1951
1952         case SBP2_SCSI_STATUS_CHECK_CONDITION:
1953                 SCpnt->result = CHECK_CONDITION << 1 | DID_OK << 16;
1954                 break;
1955
1956         case SBP2_SCSI_STATUS_SELECTION_TIMEOUT:
1957                 SBP2_ERR("SBP2_SCSI_STATUS_SELECTION_TIMEOUT");
1958                 SCpnt->result = DID_NO_CONNECT << 16;
1959                 scsi_print_command(SCpnt);
1960                 break;
1961
1962         case SBP2_SCSI_STATUS_CONDITION_MET:
1963         case SBP2_SCSI_STATUS_RESERVATION_CONFLICT:
1964         case SBP2_SCSI_STATUS_COMMAND_TERMINATED:
1965                 SBP2_ERR("Bad SCSI status = %x", scsi_status);
1966                 SCpnt->result = DID_ERROR << 16;
1967                 scsi_print_command(SCpnt);
1968                 break;
1969
1970         default:
1971                 SBP2_ERR("Unsupported SCSI status = %x", scsi_status);
1972                 SCpnt->result = DID_ERROR << 16;
1973         }
1974
1975         /* If a bus reset is in progress and there was an error, complete
1976          * the command as busy so that it will get retried. */
1977         if (!hpsb_node_entry_valid(lu->ne)
1978             && (scsi_status != SBP2_SCSI_STATUS_GOOD)) {
1979                 SBP2_ERR("Completing command with busy (bus reset)");
1980                 SCpnt->result = DID_BUS_BUSY << 16;
1981         }
1982
1983         /* Tell the SCSI stack that we're done with this command. */
1984         done(SCpnt);
1985 }
1986
1987 static int sbp2scsi_slave_alloc(struct scsi_device *sdev)
1988 {
1989         struct sbp2_lu *lu = (struct sbp2_lu *)sdev->host->hostdata[0];
1990
1991         if (sdev->lun != 0 || sdev->id != lu->ud->id || sdev->channel != 0)
1992                 return -ENODEV;
1993
1994         lu->sdev = sdev;
1995         sdev->allow_restart = 1;
1996
1997         /* SBP-2 requires quadlet alignment of the data buffers. */
1998         blk_queue_update_dma_alignment(sdev->request_queue, 4 - 1);
1999
2000         if (lu->workarounds & SBP2_WORKAROUND_INQUIRY_36)
2001                 sdev->inquiry_len = 36;
2002         return 0;
2003 }
2004
2005 static int sbp2scsi_slave_configure(struct scsi_device *sdev)
2006 {
2007         struct sbp2_lu *lu = (struct sbp2_lu *)sdev->host->hostdata[0];
2008
2009         sdev->use_10_for_rw = 1;
2010
2011         if (sbp2_exclusive_login)
2012                 sdev->manage_start_stop = 1;
2013         if (sdev->type == TYPE_ROM)
2014                 sdev->use_10_for_ms = 1;
2015         if (sdev->type == TYPE_DISK &&
2016             lu->workarounds & SBP2_WORKAROUND_MODE_SENSE_8)
2017                 sdev->skip_ms_page_8 = 1;
2018         if (lu->workarounds & SBP2_WORKAROUND_FIX_CAPACITY)
2019                 sdev->fix_capacity = 1;
2020         if (lu->workarounds & SBP2_WORKAROUND_POWER_CONDITION)
2021                 sdev->start_stop_pwr_cond = 1;
2022         if (lu->workarounds & SBP2_WORKAROUND_128K_MAX_TRANS)
2023                 blk_queue_max_sectors(sdev->request_queue, 128 * 1024 / 512);
2024
2025         blk_queue_max_segment_size(sdev->request_queue, SBP2_MAX_SEG_SIZE);
2026         return 0;
2027 }
2028
2029 static void sbp2scsi_slave_destroy(struct scsi_device *sdev)
2030 {
2031         ((struct sbp2_lu *)sdev->host->hostdata[0])->sdev = NULL;
2032         return;
2033 }
2034
2035 /*
2036  * Called by scsi stack when something has really gone wrong.
2037  * Usually called when a command has timed-out for some reason.
2038  */
2039 static int sbp2scsi_abort(struct scsi_cmnd *SCpnt)
2040 {
2041         struct sbp2_lu *lu = (struct sbp2_lu *)SCpnt->device->host->hostdata[0];
2042         struct sbp2_command_info *cmd;
2043         unsigned long flags;
2044
2045         SBP2_INFO("aborting sbp2 command");
2046         scsi_print_command(SCpnt);
2047
2048         if (sbp2util_node_is_available(lu)) {
2049                 sbp2_agent_reset(lu, 1);
2050
2051                 /* Return a matching command structure to the free pool. */
2052                 spin_lock_irqsave(&lu->cmd_orb_lock, flags);
2053                 cmd = sbp2util_find_command_for_SCpnt(lu, SCpnt);
2054                 if (cmd) {
2055                         sbp2util_mark_command_completed(lu, cmd);
2056                         if (cmd->Current_SCpnt) {
2057                                 cmd->Current_SCpnt->result = DID_ABORT << 16;
2058                                 cmd->Current_done(cmd->Current_SCpnt);
2059                         }
2060                 }
2061                 spin_unlock_irqrestore(&lu->cmd_orb_lock, flags);
2062
2063                 sbp2scsi_complete_all_commands(lu, DID_BUS_BUSY);
2064         }
2065
2066         return SUCCESS;
2067 }
2068
2069 /*
2070  * Called by scsi stack when something has really gone wrong.
2071  */
2072 static int sbp2scsi_reset(struct scsi_cmnd *SCpnt)
2073 {
2074         struct sbp2_lu *lu = (struct sbp2_lu *)SCpnt->device->host->hostdata[0];
2075
2076         SBP2_INFO("reset requested");
2077
2078         if (sbp2util_node_is_available(lu)) {
2079                 SBP2_INFO("generating sbp2 fetch agent reset");
2080                 sbp2_agent_reset(lu, 1);
2081         }
2082
2083         return SUCCESS;
2084 }
2085
2086 static ssize_t sbp2_sysfs_ieee1394_id_show(struct device *dev,
2087                                            struct device_attribute *attr,
2088                                            char *buf)
2089 {
2090         struct scsi_device *sdev;
2091         struct sbp2_lu *lu;
2092
2093         if (!(sdev = to_scsi_device(dev)))
2094                 return 0;
2095
2096         if (!(lu = (struct sbp2_lu *)sdev->host->hostdata[0]))
2097                 return 0;
2098
2099         if (sbp2_long_sysfs_ieee1394_id)
2100                 return sprintf(buf, "%016Lx:%06x:%04x\n",
2101                                 (unsigned long long)lu->ne->guid,
2102                                 lu->ud->directory_id, ORB_SET_LUN(lu->lun));
2103         else
2104                 return sprintf(buf, "%016Lx:%d:%d\n",
2105                                 (unsigned long long)lu->ne->guid,
2106                                 lu->ud->id, ORB_SET_LUN(lu->lun));
2107 }
2108
2109 MODULE_AUTHOR("Ben Collins <bcollins@debian.org>");
2110 MODULE_DESCRIPTION("IEEE-1394 SBP-2 protocol driver");
2111 MODULE_SUPPORTED_DEVICE(SBP2_DEVICE_NAME);
2112 MODULE_LICENSE("GPL");
2113
2114 static int sbp2_module_init(void)
2115 {
2116         int ret;
2117
2118         if (sbp2_serialize_io) {
2119                 sbp2_shost_template.can_queue = 1;
2120                 sbp2_shost_template.cmd_per_lun = 1;
2121         }
2122
2123         sbp2_shost_template.max_sectors = sbp2_max_sectors;
2124
2125         hpsb_register_highlevel(&sbp2_highlevel);
2126         ret = hpsb_register_protocol(&sbp2_driver);
2127         if (ret) {
2128                 SBP2_ERR("Failed to register protocol");
2129                 hpsb_unregister_highlevel(&sbp2_highlevel);
2130                 return ret;
2131         }
2132         return 0;
2133 }
2134
2135 static void __exit sbp2_module_exit(void)
2136 {
2137         hpsb_unregister_protocol(&sbp2_driver);
2138         hpsb_unregister_highlevel(&sbp2_highlevel);
2139 }
2140
2141 module_init(sbp2_module_init);
2142 module_exit(sbp2_module_exit);