aec62xx: Fix kernel oops in driver's probe function
[linux-2.6] / drivers / ieee1394 / sbp2.c
1 /*
2  * sbp2.c - SBP-2 protocol driver for IEEE-1394
3  *
4  * Copyright (C) 2000 James Goodwin, Filanet Corporation (www.filanet.com)
5  * jamesg@filanet.com (JSG)
6  *
7  * Copyright (C) 2003 Ben Collins <bcollins@debian.org>
8  *
9  * This program is free software; you can redistribute it and/or modify
10  * it under the terms of the GNU General Public License as published by
11  * the Free Software Foundation; either version 2 of the License, or
12  * (at your option) any later version.
13  *
14  * This program is distributed in the hope that it will be useful,
15  * but WITHOUT ANY WARRANTY; without even the implied warranty of
16  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
17  * GNU General Public License for more details.
18  *
19  * You should have received a copy of the GNU General Public License
20  * along with this program; if not, write to the Free Software Foundation,
21  * Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
22  */
23
24 /*
25  * Brief Description:
26  *
27  * This driver implements the Serial Bus Protocol 2 (SBP-2) over IEEE-1394
28  * under Linux. The SBP-2 driver is implemented as an IEEE-1394 high-level
29  * driver. It also registers as a SCSI lower-level driver in order to accept
30  * SCSI commands for transport using SBP-2.
31  *
32  * You may access any attached SBP-2 (usually storage devices) as regular
33  * SCSI devices. E.g. mount /dev/sda1, fdisk, mkfs, etc..
34  *
35  * See http://www.t10.org/drafts.htm#sbp2 for the final draft of the SBP-2
36  * specification and for where to purchase the official standard.
37  *
38  * TODO:
39  *   - look into possible improvements of the SCSI error handlers
40  *   - handle Unit_Characteristics.mgt_ORB_timeout and .ORB_size
41  *   - handle Logical_Unit_Number.ordered
42  *   - handle src == 1 in status blocks
43  *   - reimplement the DMA mapping in absence of physical DMA so that
44  *     bus_to_virt is no longer required
45  *   - debug the handling of absent physical DMA
46  *   - replace CONFIG_IEEE1394_SBP2_PHYS_DMA by automatic detection
47  *     (this is easy but depends on the previous two TODO items)
48  *   - make the parameter serialize_io configurable per device
49  *   - move all requests to fetch agent registers into non-atomic context,
50  *     replace all usages of sbp2util_node_write_no_wait by true transactions
51  * Grep for inline FIXME comments below.
52  */
53
54 #include <linux/compiler.h>
55 #include <linux/delay.h>
56 #include <linux/device.h>
57 #include <linux/dma-mapping.h>
58 #include <linux/gfp.h>
59 #include <linux/init.h>
60 #include <linux/kernel.h>
61 #include <linux/list.h>
62 #include <linux/mm.h>
63 #include <linux/module.h>
64 #include <linux/moduleparam.h>
65 #include <linux/sched.h>
66 #include <linux/slab.h>
67 #include <linux/spinlock.h>
68 #include <linux/stat.h>
69 #include <linux/string.h>
70 #include <linux/stringify.h>
71 #include <linux/types.h>
72 #include <linux/wait.h>
73 #include <linux/workqueue.h>
74 #include <linux/scatterlist.h>
75
76 #include <asm/byteorder.h>
77 #include <asm/errno.h>
78 #include <asm/param.h>
79 #include <asm/system.h>
80 #include <asm/types.h>
81
82 #ifdef CONFIG_IEEE1394_SBP2_PHYS_DMA
83 #include <asm/io.h> /* for bus_to_virt */
84 #endif
85
86 #include <scsi/scsi.h>
87 #include <scsi/scsi_cmnd.h>
88 #include <scsi/scsi_dbg.h>
89 #include <scsi/scsi_device.h>
90 #include <scsi/scsi_host.h>
91
92 #include "csr1212.h"
93 #include "highlevel.h"
94 #include "hosts.h"
95 #include "ieee1394.h"
96 #include "ieee1394_core.h"
97 #include "ieee1394_hotplug.h"
98 #include "ieee1394_transactions.h"
99 #include "ieee1394_types.h"
100 #include "nodemgr.h"
101 #include "sbp2.h"
102
103 /*
104  * Module load parameter definitions
105  */
106
107 /*
108  * Change max_speed on module load if you have a bad IEEE-1394
109  * controller that has trouble running 2KB packets at 400mb.
110  *
111  * NOTE: On certain OHCI parts I have seen short packets on async transmit
112  * (probably due to PCI latency/throughput issues with the part). You can
113  * bump down the speed if you are running into problems.
114  */
115 static int sbp2_max_speed = IEEE1394_SPEED_MAX;
116 module_param_named(max_speed, sbp2_max_speed, int, 0644);
117 MODULE_PARM_DESC(max_speed, "Force max speed "
118                  "(3 = 800Mb/s, 2 = 400Mb/s, 1 = 200Mb/s, 0 = 100Mb/s)");
119
120 /*
121  * Set serialize_io to 0 or N to use dynamically appended lists of command ORBs.
122  * This is and always has been buggy in multiple subtle ways. See above TODOs.
123  */
124 static int sbp2_serialize_io = 1;
125 module_param_named(serialize_io, sbp2_serialize_io, bool, 0444);
126 MODULE_PARM_DESC(serialize_io, "Serialize requests coming from SCSI drivers "
127                  "(default = Y, faster but buggy = N)");
128
129 /*
130  * Bump up max_sectors if you'd like to support very large sized
131  * transfers. Please note that some older sbp2 bridge chips are broken for
132  * transfers greater or equal to 128KB.  Default is a value of 255
133  * sectors, or just under 128KB (at 512 byte sector size). I can note that
134  * the Oxsemi sbp2 chipsets have no problems supporting very large
135  * transfer sizes.
136  */
137 static int sbp2_max_sectors = SBP2_MAX_SECTORS;
138 module_param_named(max_sectors, sbp2_max_sectors, int, 0444);
139 MODULE_PARM_DESC(max_sectors, "Change max sectors per I/O supported "
140                  "(default = " __stringify(SBP2_MAX_SECTORS) ")");
141
142 /*
143  * Exclusive login to sbp2 device? In most cases, the sbp2 driver should
144  * do an exclusive login, as it's generally unsafe to have two hosts
145  * talking to a single sbp2 device at the same time (filesystem coherency,
146  * etc.). If you're running an sbp2 device that supports multiple logins,
147  * and you're either running read-only filesystems or some sort of special
148  * filesystem supporting multiple hosts, e.g. OpenGFS, Oracle Cluster
149  * File System, or Lustre, then set exclusive_login to zero.
150  *
151  * So far only bridges from Oxford Semiconductor are known to support
152  * concurrent logins. Depending on firmware, four or two concurrent logins
153  * are possible on OXFW911 and newer Oxsemi bridges.
154  */
155 static int sbp2_exclusive_login = 1;
156 module_param_named(exclusive_login, sbp2_exclusive_login, bool, 0644);
157 MODULE_PARM_DESC(exclusive_login, "Exclusive login to sbp2 device "
158                  "(default = Y, use N for concurrent initiators)");
159
160 /*
161  * If any of the following workarounds is required for your device to work,
162  * please submit the kernel messages logged by sbp2 to the linux1394-devel
163  * mailing list.
164  *
165  * - 128kB max transfer
166  *   Limit transfer size. Necessary for some old bridges.
167  *
168  * - 36 byte inquiry
169  *   When scsi_mod probes the device, let the inquiry command look like that
170  *   from MS Windows.
171  *
172  * - skip mode page 8
173  *   Suppress sending of mode_sense for mode page 8 if the device pretends to
174  *   support the SCSI Primary Block commands instead of Reduced Block Commands.
175  *
176  * - fix capacity
177  *   Tell sd_mod to correct the last sector number reported by read_capacity.
178  *   Avoids access beyond actual disk limits on devices with an off-by-one bug.
179  *   Don't use this with devices which don't have this bug.
180  *
181  * - override internal blacklist
182  *   Instead of adding to the built-in blacklist, use only the workarounds
183  *   specified in the module load parameter.
184  *   Useful if a blacklist entry interfered with a non-broken device.
185  */
186 static int sbp2_default_workarounds;
187 module_param_named(workarounds, sbp2_default_workarounds, int, 0644);
188 MODULE_PARM_DESC(workarounds, "Work around device bugs (default = 0"
189         ", 128kB max transfer = " __stringify(SBP2_WORKAROUND_128K_MAX_TRANS)
190         ", 36 byte inquiry = "    __stringify(SBP2_WORKAROUND_INQUIRY_36)
191         ", skip mode page 8 = "   __stringify(SBP2_WORKAROUND_MODE_SENSE_8)
192         ", fix capacity = "       __stringify(SBP2_WORKAROUND_FIX_CAPACITY)
193         ", override internal blacklist = " __stringify(SBP2_WORKAROUND_OVERRIDE)
194         ", or a combination)");
195
196 /*
197  * This influences the format of the sysfs attribute
198  * /sys/bus/scsi/devices/.../ieee1394_id.
199  *
200  * The default format is like in older kernels:  %016Lx:%d:%d
201  * It contains the target's EUI-64, a number given to the logical unit by
202  * the ieee1394 driver's nodemgr (starting at 0), and the LUN.
203  *
204  * The long format is:  %016Lx:%06x:%04x
205  * It contains the target's EUI-64, the unit directory's directory_ID as per
206  * IEEE 1212 clause 7.7.19, and the LUN.  This format comes closest to the
207  * format of SBP(-3) target port and logical unit identifier as per SAM (SCSI
208  * Architecture Model) rev.2 to 4 annex A.  Therefore and because it is
209  * independent of the implementation of the ieee1394 nodemgr, the longer format
210  * is recommended for future use.
211  */
212 static int sbp2_long_sysfs_ieee1394_id;
213 module_param_named(long_ieee1394_id, sbp2_long_sysfs_ieee1394_id, bool, 0644);
214 MODULE_PARM_DESC(long_ieee1394_id, "8+3+2 bytes format of ieee1394_id in sysfs "
215                  "(default = backwards-compatible = N, SAM-conforming = Y)");
216
217
218 #define SBP2_INFO(fmt, args...) HPSB_INFO("sbp2: "fmt, ## args)
219 #define SBP2_ERR(fmt, args...)  HPSB_ERR("sbp2: "fmt, ## args)
220
221 /*
222  * Globals
223  */
224 static void sbp2scsi_complete_all_commands(struct sbp2_lu *, u32);
225 static void sbp2scsi_complete_command(struct sbp2_lu *, u32, struct scsi_cmnd *,
226                                       void (*)(struct scsi_cmnd *));
227 static struct sbp2_lu *sbp2_alloc_device(struct unit_directory *);
228 static int sbp2_start_device(struct sbp2_lu *);
229 static void sbp2_remove_device(struct sbp2_lu *);
230 static int sbp2_login_device(struct sbp2_lu *);
231 static int sbp2_reconnect_device(struct sbp2_lu *);
232 static int sbp2_logout_device(struct sbp2_lu *);
233 static void sbp2_host_reset(struct hpsb_host *);
234 static int sbp2_handle_status_write(struct hpsb_host *, int, int, quadlet_t *,
235                                     u64, size_t, u16);
236 static int sbp2_agent_reset(struct sbp2_lu *, int);
237 static void sbp2_parse_unit_directory(struct sbp2_lu *,
238                                       struct unit_directory *);
239 static int sbp2_set_busy_timeout(struct sbp2_lu *);
240 static int sbp2_max_speed_and_size(struct sbp2_lu *);
241
242
243 static const u8 sbp2_speedto_max_payload[] = { 0x7, 0x8, 0x9, 0xA, 0xB, 0xC };
244
245 static DEFINE_RWLOCK(sbp2_hi_logical_units_lock);
246
247 static struct hpsb_highlevel sbp2_highlevel = {
248         .name           = SBP2_DEVICE_NAME,
249         .host_reset     = sbp2_host_reset,
250 };
251
252 static struct hpsb_address_ops sbp2_ops = {
253         .write          = sbp2_handle_status_write
254 };
255
256 #ifdef CONFIG_IEEE1394_SBP2_PHYS_DMA
257 static int sbp2_handle_physdma_write(struct hpsb_host *, int, int, quadlet_t *,
258                                      u64, size_t, u16);
259 static int sbp2_handle_physdma_read(struct hpsb_host *, int, quadlet_t *, u64,
260                                     size_t, u16);
261
262 static struct hpsb_address_ops sbp2_physdma_ops = {
263         .read           = sbp2_handle_physdma_read,
264         .write          = sbp2_handle_physdma_write,
265 };
266 #endif
267
268
269 /*
270  * Interface to driver core and IEEE 1394 core
271  */
272 static struct ieee1394_device_id sbp2_id_table[] = {
273         {
274          .match_flags   = IEEE1394_MATCH_SPECIFIER_ID | IEEE1394_MATCH_VERSION,
275          .specifier_id  = SBP2_UNIT_SPEC_ID_ENTRY & 0xffffff,
276          .version       = SBP2_SW_VERSION_ENTRY & 0xffffff},
277         {}
278 };
279 MODULE_DEVICE_TABLE(ieee1394, sbp2_id_table);
280
281 static int sbp2_probe(struct device *);
282 static int sbp2_remove(struct device *);
283 static int sbp2_update(struct unit_directory *);
284
285 static struct hpsb_protocol_driver sbp2_driver = {
286         .name           = SBP2_DEVICE_NAME,
287         .id_table       = sbp2_id_table,
288         .update         = sbp2_update,
289         .driver         = {
290                 .probe          = sbp2_probe,
291                 .remove         = sbp2_remove,
292         },
293 };
294
295
296 /*
297  * Interface to SCSI core
298  */
299 static int sbp2scsi_queuecommand(struct scsi_cmnd *,
300                                  void (*)(struct scsi_cmnd *));
301 static int sbp2scsi_abort(struct scsi_cmnd *);
302 static int sbp2scsi_reset(struct scsi_cmnd *);
303 static int sbp2scsi_slave_alloc(struct scsi_device *);
304 static int sbp2scsi_slave_configure(struct scsi_device *);
305 static void sbp2scsi_slave_destroy(struct scsi_device *);
306 static ssize_t sbp2_sysfs_ieee1394_id_show(struct device *,
307                                            struct device_attribute *, char *);
308
309 static DEVICE_ATTR(ieee1394_id, S_IRUGO, sbp2_sysfs_ieee1394_id_show, NULL);
310
311 static struct device_attribute *sbp2_sysfs_sdev_attrs[] = {
312         &dev_attr_ieee1394_id,
313         NULL
314 };
315
316 static struct scsi_host_template sbp2_shost_template = {
317         .module                  = THIS_MODULE,
318         .name                    = "SBP-2 IEEE-1394",
319         .proc_name               = SBP2_DEVICE_NAME,
320         .queuecommand            = sbp2scsi_queuecommand,
321         .eh_abort_handler        = sbp2scsi_abort,
322         .eh_device_reset_handler = sbp2scsi_reset,
323         .slave_alloc             = sbp2scsi_slave_alloc,
324         .slave_configure         = sbp2scsi_slave_configure,
325         .slave_destroy           = sbp2scsi_slave_destroy,
326         .this_id                 = -1,
327         .sg_tablesize            = SG_ALL,
328         .use_clustering          = ENABLE_CLUSTERING,
329         .cmd_per_lun             = SBP2_MAX_CMDS,
330         .can_queue               = SBP2_MAX_CMDS,
331         .sdev_attrs              = sbp2_sysfs_sdev_attrs,
332 };
333
334 /* for match-all entries in sbp2_workarounds_table */
335 #define SBP2_ROM_VALUE_WILDCARD 0x1000000
336
337 /*
338  * List of devices with known bugs.
339  *
340  * The firmware_revision field, masked with 0xffff00, is the best indicator
341  * for the type of bridge chip of a device.  It yields a few false positives
342  * but this did not break correctly behaving devices so far.
343  */
344 static const struct {
345         u32 firmware_revision;
346         u32 model_id;
347         unsigned workarounds;
348 } sbp2_workarounds_table[] = {
349         /* DViCO Momobay CX-1 with TSB42AA9 bridge */ {
350                 .firmware_revision      = 0x002800,
351                 .model_id               = 0x001010,
352                 .workarounds            = SBP2_WORKAROUND_INQUIRY_36 |
353                                           SBP2_WORKAROUND_MODE_SENSE_8,
354         },
355         /* Initio bridges, actually only needed for some older ones */ {
356                 .firmware_revision      = 0x000200,
357                 .model_id               = SBP2_ROM_VALUE_WILDCARD,
358                 .workarounds            = SBP2_WORKAROUND_INQUIRY_36,
359         },
360         /* Symbios bridge */ {
361                 .firmware_revision      = 0xa0b800,
362                 .model_id               = SBP2_ROM_VALUE_WILDCARD,
363                 .workarounds            = SBP2_WORKAROUND_128K_MAX_TRANS,
364         },
365         /* iPod 4th generation */ {
366                 .firmware_revision      = 0x0a2700,
367                 .model_id               = 0x000021,
368                 .workarounds            = SBP2_WORKAROUND_FIX_CAPACITY,
369         },
370         /* iPod mini */ {
371                 .firmware_revision      = 0x0a2700,
372                 .model_id               = 0x000023,
373                 .workarounds            = SBP2_WORKAROUND_FIX_CAPACITY,
374         },
375         /* iPod Photo */ {
376                 .firmware_revision      = 0x0a2700,
377                 .model_id               = 0x00007e,
378                 .workarounds            = SBP2_WORKAROUND_FIX_CAPACITY,
379         }
380 };
381
382 /**************************************
383  * General utility functions
384  **************************************/
385
386 #ifndef __BIG_ENDIAN
387 /*
388  * Converts a buffer from be32 to cpu byte ordering. Length is in bytes.
389  */
390 static inline void sbp2util_be32_to_cpu_buffer(void *buffer, int length)
391 {
392         u32 *temp = buffer;
393
394         for (length = (length >> 2); length--; )
395                 temp[length] = be32_to_cpu(temp[length]);
396 }
397
398 /*
399  * Converts a buffer from cpu to be32 byte ordering. Length is in bytes.
400  */
401 static inline void sbp2util_cpu_to_be32_buffer(void *buffer, int length)
402 {
403         u32 *temp = buffer;
404
405         for (length = (length >> 2); length--; )
406                 temp[length] = cpu_to_be32(temp[length]);
407 }
408 #else /* BIG_ENDIAN */
409 /* Why waste the cpu cycles? */
410 #define sbp2util_be32_to_cpu_buffer(x,y) do {} while (0)
411 #define sbp2util_cpu_to_be32_buffer(x,y) do {} while (0)
412 #endif
413
414 static DECLARE_WAIT_QUEUE_HEAD(sbp2_access_wq);
415
416 /*
417  * Waits for completion of an SBP-2 access request.
418  * Returns nonzero if timed out or prematurely interrupted.
419  */
420 static int sbp2util_access_timeout(struct sbp2_lu *lu, int timeout)
421 {
422         long leftover;
423
424         leftover = wait_event_interruptible_timeout(
425                         sbp2_access_wq, lu->access_complete, timeout);
426         lu->access_complete = 0;
427         return leftover <= 0;
428 }
429
430 static void sbp2_free_packet(void *packet)
431 {
432         hpsb_free_tlabel(packet);
433         hpsb_free_packet(packet);
434 }
435
436 /*
437  * This is much like hpsb_node_write(), except it ignores the response
438  * subaction and returns immediately. Can be used from atomic context.
439  */
440 static int sbp2util_node_write_no_wait(struct node_entry *ne, u64 addr,
441                                        quadlet_t *buf, size_t len)
442 {
443         struct hpsb_packet *packet;
444
445         packet = hpsb_make_writepacket(ne->host, ne->nodeid, addr, buf, len);
446         if (!packet)
447                 return -ENOMEM;
448
449         hpsb_set_packet_complete_task(packet, sbp2_free_packet, packet);
450         hpsb_node_fill_packet(ne, packet);
451         if (hpsb_send_packet(packet) < 0) {
452                 sbp2_free_packet(packet);
453                 return -EIO;
454         }
455         return 0;
456 }
457
458 static void sbp2util_notify_fetch_agent(struct sbp2_lu *lu, u64 offset,
459                                         quadlet_t *data, size_t len)
460 {
461         /* There is a small window after a bus reset within which the node
462          * entry's generation is current but the reconnect wasn't completed. */
463         if (unlikely(atomic_read(&lu->state) == SBP2LU_STATE_IN_RESET))
464                 return;
465
466         if (hpsb_node_write(lu->ne, lu->command_block_agent_addr + offset,
467                             data, len))
468                 SBP2_ERR("sbp2util_notify_fetch_agent failed.");
469
470         /* Now accept new SCSI commands, unless a bus reset happended during
471          * hpsb_node_write. */
472         if (likely(atomic_read(&lu->state) != SBP2LU_STATE_IN_RESET))
473                 scsi_unblock_requests(lu->shost);
474 }
475
476 static void sbp2util_write_orb_pointer(struct work_struct *work)
477 {
478         struct sbp2_lu *lu = container_of(work, struct sbp2_lu, protocol_work);
479         quadlet_t data[2];
480
481         data[0] = ORB_SET_NODE_ID(lu->hi->host->node_id);
482         data[1] = lu->last_orb_dma;
483         sbp2util_cpu_to_be32_buffer(data, 8);
484         sbp2util_notify_fetch_agent(lu, SBP2_ORB_POINTER_OFFSET, data, 8);
485 }
486
487 static void sbp2util_write_doorbell(struct work_struct *work)
488 {
489         struct sbp2_lu *lu = container_of(work, struct sbp2_lu, protocol_work);
490
491         sbp2util_notify_fetch_agent(lu, SBP2_DOORBELL_OFFSET, NULL, 4);
492 }
493
494 static int sbp2util_create_command_orb_pool(struct sbp2_lu *lu)
495 {
496         struct sbp2_fwhost_info *hi = lu->hi;
497         struct sbp2_command_info *cmd;
498         int i, orbs = sbp2_serialize_io ? 2 : SBP2_MAX_CMDS;
499
500         for (i = 0; i < orbs; i++) {
501                 cmd = kzalloc(sizeof(*cmd), GFP_KERNEL);
502                 if (!cmd)
503                         return -ENOMEM;
504                 cmd->command_orb_dma = dma_map_single(hi->host->device.parent,
505                                                 &cmd->command_orb,
506                                                 sizeof(struct sbp2_command_orb),
507                                                 DMA_TO_DEVICE);
508                 cmd->sge_dma = dma_map_single(hi->host->device.parent,
509                                         &cmd->scatter_gather_element,
510                                         sizeof(cmd->scatter_gather_element),
511                                         DMA_TO_DEVICE);
512                 INIT_LIST_HEAD(&cmd->list);
513                 list_add_tail(&cmd->list, &lu->cmd_orb_completed);
514         }
515         return 0;
516 }
517
518 static void sbp2util_remove_command_orb_pool(struct sbp2_lu *lu,
519                                              struct hpsb_host *host)
520 {
521         struct list_head *lh, *next;
522         struct sbp2_command_info *cmd;
523         unsigned long flags;
524
525         spin_lock_irqsave(&lu->cmd_orb_lock, flags);
526         if (!list_empty(&lu->cmd_orb_completed))
527                 list_for_each_safe(lh, next, &lu->cmd_orb_completed) {
528                         cmd = list_entry(lh, struct sbp2_command_info, list);
529                         dma_unmap_single(host->device.parent,
530                                          cmd->command_orb_dma,
531                                          sizeof(struct sbp2_command_orb),
532                                          DMA_TO_DEVICE);
533                         dma_unmap_single(host->device.parent, cmd->sge_dma,
534                                          sizeof(cmd->scatter_gather_element),
535                                          DMA_TO_DEVICE);
536                         kfree(cmd);
537                 }
538         spin_unlock_irqrestore(&lu->cmd_orb_lock, flags);
539         return;
540 }
541
542 /*
543  * Finds the sbp2_command for a given outstanding command ORB.
544  * Only looks at the in-use list.
545  */
546 static struct sbp2_command_info *sbp2util_find_command_for_orb(
547                                 struct sbp2_lu *lu, dma_addr_t orb)
548 {
549         struct sbp2_command_info *cmd;
550         unsigned long flags;
551
552         spin_lock_irqsave(&lu->cmd_orb_lock, flags);
553         if (!list_empty(&lu->cmd_orb_inuse))
554                 list_for_each_entry(cmd, &lu->cmd_orb_inuse, list)
555                         if (cmd->command_orb_dma == orb) {
556                                 spin_unlock_irqrestore(
557                                                 &lu->cmd_orb_lock, flags);
558                                 return cmd;
559                         }
560         spin_unlock_irqrestore(&lu->cmd_orb_lock, flags);
561         return NULL;
562 }
563
564 /*
565  * Finds the sbp2_command for a given outstanding SCpnt.
566  * Only looks at the in-use list.
567  * Must be called with lu->cmd_orb_lock held.
568  */
569 static struct sbp2_command_info *sbp2util_find_command_for_SCpnt(
570                                 struct sbp2_lu *lu, void *SCpnt)
571 {
572         struct sbp2_command_info *cmd;
573
574         if (!list_empty(&lu->cmd_orb_inuse))
575                 list_for_each_entry(cmd, &lu->cmd_orb_inuse, list)
576                         if (cmd->Current_SCpnt == SCpnt)
577                                 return cmd;
578         return NULL;
579 }
580
581 static struct sbp2_command_info *sbp2util_allocate_command_orb(
582                                 struct sbp2_lu *lu,
583                                 struct scsi_cmnd *Current_SCpnt,
584                                 void (*Current_done)(struct scsi_cmnd *))
585 {
586         struct list_head *lh;
587         struct sbp2_command_info *cmd = NULL;
588         unsigned long flags;
589
590         spin_lock_irqsave(&lu->cmd_orb_lock, flags);
591         if (!list_empty(&lu->cmd_orb_completed)) {
592                 lh = lu->cmd_orb_completed.next;
593                 list_del(lh);
594                 cmd = list_entry(lh, struct sbp2_command_info, list);
595                 cmd->Current_done = Current_done;
596                 cmd->Current_SCpnt = Current_SCpnt;
597                 list_add_tail(&cmd->list, &lu->cmd_orb_inuse);
598         } else
599                 SBP2_ERR("%s: no orbs available", __FUNCTION__);
600         spin_unlock_irqrestore(&lu->cmd_orb_lock, flags);
601         return cmd;
602 }
603
604 /*
605  * Unmaps the DMAs of a command and moves the command to the completed ORB list.
606  * Must be called with lu->cmd_orb_lock held.
607  */
608 static void sbp2util_mark_command_completed(struct sbp2_lu *lu,
609                                             struct sbp2_command_info *cmd)
610 {
611         struct hpsb_host *host = lu->ud->ne->host;
612
613         if (cmd->cmd_dma) {
614                 if (cmd->dma_type == CMD_DMA_SINGLE)
615                         dma_unmap_single(host->device.parent, cmd->cmd_dma,
616                                          cmd->dma_size, cmd->dma_dir);
617                 else if (cmd->dma_type == CMD_DMA_PAGE)
618                         dma_unmap_page(host->device.parent, cmd->cmd_dma,
619                                        cmd->dma_size, cmd->dma_dir);
620                 /* XXX: Check for CMD_DMA_NONE bug */
621                 cmd->dma_type = CMD_DMA_NONE;
622                 cmd->cmd_dma = 0;
623         }
624         if (cmd->sge_buffer) {
625                 dma_unmap_sg(host->device.parent, cmd->sge_buffer,
626                              cmd->dma_size, cmd->dma_dir);
627                 cmd->sge_buffer = NULL;
628         }
629         list_move_tail(&cmd->list, &lu->cmd_orb_completed);
630 }
631
632 /*
633  * Is lu valid? Is the 1394 node still present?
634  */
635 static inline int sbp2util_node_is_available(struct sbp2_lu *lu)
636 {
637         return lu && lu->ne && !lu->ne->in_limbo;
638 }
639
640 /*********************************************
641  * IEEE-1394 core driver stack related section
642  *********************************************/
643
644 static int sbp2_probe(struct device *dev)
645 {
646         struct unit_directory *ud;
647         struct sbp2_lu *lu;
648
649         ud = container_of(dev, struct unit_directory, device);
650
651         /* Don't probe UD's that have the LUN flag. We'll probe the LUN(s)
652          * instead. */
653         if (ud->flags & UNIT_DIRECTORY_HAS_LUN_DIRECTORY)
654                 return -ENODEV;
655
656         lu = sbp2_alloc_device(ud);
657         if (!lu)
658                 return -ENOMEM;
659
660         sbp2_parse_unit_directory(lu, ud);
661         return sbp2_start_device(lu);
662 }
663
664 static int sbp2_remove(struct device *dev)
665 {
666         struct unit_directory *ud;
667         struct sbp2_lu *lu;
668         struct scsi_device *sdev;
669
670         ud = container_of(dev, struct unit_directory, device);
671         lu = ud->device.driver_data;
672         if (!lu)
673                 return 0;
674
675         if (lu->shost) {
676                 /* Get rid of enqueued commands if there is no chance to
677                  * send them. */
678                 if (!sbp2util_node_is_available(lu))
679                         sbp2scsi_complete_all_commands(lu, DID_NO_CONNECT);
680                 /* scsi_remove_device() may trigger shutdown functions of SCSI
681                  * highlevel drivers which would deadlock if blocked. */
682                 atomic_set(&lu->state, SBP2LU_STATE_IN_SHUTDOWN);
683                 scsi_unblock_requests(lu->shost);
684         }
685         sdev = lu->sdev;
686         if (sdev) {
687                 lu->sdev = NULL;
688                 scsi_remove_device(sdev);
689         }
690
691         sbp2_logout_device(lu);
692         sbp2_remove_device(lu);
693
694         return 0;
695 }
696
697 static int sbp2_update(struct unit_directory *ud)
698 {
699         struct sbp2_lu *lu = ud->device.driver_data;
700
701         if (sbp2_reconnect_device(lu)) {
702                 /* Reconnect has failed. Perhaps we didn't reconnect fast
703                  * enough. Try a regular login, but first log out just in
704                  * case of any weirdness. */
705                 sbp2_logout_device(lu);
706
707                 if (sbp2_login_device(lu)) {
708                         /* Login failed too, just fail, and the backend
709                          * will call our sbp2_remove for us */
710                         SBP2_ERR("Failed to reconnect to sbp2 device!");
711                         return -EBUSY;
712                 }
713         }
714
715         sbp2_set_busy_timeout(lu);
716         sbp2_agent_reset(lu, 1);
717         sbp2_max_speed_and_size(lu);
718
719         /* Complete any pending commands with busy (so they get retried)
720          * and remove them from our queue. */
721         sbp2scsi_complete_all_commands(lu, DID_BUS_BUSY);
722
723         /* Accept new commands unless there was another bus reset in the
724          * meantime. */
725         if (hpsb_node_entry_valid(lu->ne)) {
726                 atomic_set(&lu->state, SBP2LU_STATE_RUNNING);
727                 scsi_unblock_requests(lu->shost);
728         }
729         return 0;
730 }
731
732 static struct sbp2_lu *sbp2_alloc_device(struct unit_directory *ud)
733 {
734         struct sbp2_fwhost_info *hi;
735         struct Scsi_Host *shost = NULL;
736         struct sbp2_lu *lu = NULL;
737         unsigned long flags;
738
739         lu = kzalloc(sizeof(*lu), GFP_KERNEL);
740         if (!lu) {
741                 SBP2_ERR("failed to create lu");
742                 goto failed_alloc;
743         }
744
745         lu->ne = ud->ne;
746         lu->ud = ud;
747         lu->speed_code = IEEE1394_SPEED_100;
748         lu->max_payload_size = sbp2_speedto_max_payload[IEEE1394_SPEED_100];
749         lu->status_fifo_addr = CSR1212_INVALID_ADDR_SPACE;
750         INIT_LIST_HEAD(&lu->cmd_orb_inuse);
751         INIT_LIST_HEAD(&lu->cmd_orb_completed);
752         INIT_LIST_HEAD(&lu->lu_list);
753         spin_lock_init(&lu->cmd_orb_lock);
754         atomic_set(&lu->state, SBP2LU_STATE_RUNNING);
755         INIT_WORK(&lu->protocol_work, NULL);
756
757         ud->device.driver_data = lu;
758
759         hi = hpsb_get_hostinfo(&sbp2_highlevel, ud->ne->host);
760         if (!hi) {
761                 hi = hpsb_create_hostinfo(&sbp2_highlevel, ud->ne->host,
762                                           sizeof(*hi));
763                 if (!hi) {
764                         SBP2_ERR("failed to allocate hostinfo");
765                         goto failed_alloc;
766                 }
767                 hi->host = ud->ne->host;
768                 INIT_LIST_HEAD(&hi->logical_units);
769
770 #ifdef CONFIG_IEEE1394_SBP2_PHYS_DMA
771                 /* Handle data movement if physical dma is not
772                  * enabled or not supported on host controller */
773                 if (!hpsb_register_addrspace(&sbp2_highlevel, ud->ne->host,
774                                              &sbp2_physdma_ops,
775                                              0x0ULL, 0xfffffffcULL)) {
776                         SBP2_ERR("failed to register lower 4GB address range");
777                         goto failed_alloc;
778                 }
779 #endif
780         }
781
782         /* Prevent unloading of the 1394 host */
783         if (!try_module_get(hi->host->driver->owner)) {
784                 SBP2_ERR("failed to get a reference on 1394 host driver");
785                 goto failed_alloc;
786         }
787
788         lu->hi = hi;
789
790         write_lock_irqsave(&sbp2_hi_logical_units_lock, flags);
791         list_add_tail(&lu->lu_list, &hi->logical_units);
792         write_unlock_irqrestore(&sbp2_hi_logical_units_lock, flags);
793
794         /* Register the status FIFO address range. We could use the same FIFO
795          * for targets at different nodes. However we need different FIFOs per
796          * target in order to support multi-unit devices.
797          * The FIFO is located out of the local host controller's physical range
798          * but, if possible, within the posted write area. Status writes will
799          * then be performed as unified transactions. This slightly reduces
800          * bandwidth usage, and some Prolific based devices seem to require it.
801          */
802         lu->status_fifo_addr = hpsb_allocate_and_register_addrspace(
803                         &sbp2_highlevel, ud->ne->host, &sbp2_ops,
804                         sizeof(struct sbp2_status_block), sizeof(quadlet_t),
805                         ud->ne->host->low_addr_space, CSR1212_ALL_SPACE_END);
806         if (lu->status_fifo_addr == CSR1212_INVALID_ADDR_SPACE) {
807                 SBP2_ERR("failed to allocate status FIFO address range");
808                 goto failed_alloc;
809         }
810
811         shost = scsi_host_alloc(&sbp2_shost_template, sizeof(unsigned long));
812         if (!shost) {
813                 SBP2_ERR("failed to register scsi host");
814                 goto failed_alloc;
815         }
816
817         shost->hostdata[0] = (unsigned long)lu;
818
819         if (!scsi_add_host(shost, &ud->device)) {
820                 lu->shost = shost;
821                 return lu;
822         }
823
824         SBP2_ERR("failed to add scsi host");
825         scsi_host_put(shost);
826
827 failed_alloc:
828         sbp2_remove_device(lu);
829         return NULL;
830 }
831
832 static void sbp2_host_reset(struct hpsb_host *host)
833 {
834         struct sbp2_fwhost_info *hi;
835         struct sbp2_lu *lu;
836         unsigned long flags;
837
838         hi = hpsb_get_hostinfo(&sbp2_highlevel, host);
839         if (!hi)
840                 return;
841
842         read_lock_irqsave(&sbp2_hi_logical_units_lock, flags);
843         list_for_each_entry(lu, &hi->logical_units, lu_list)
844                 if (likely(atomic_read(&lu->state) !=
845                            SBP2LU_STATE_IN_SHUTDOWN)) {
846                         atomic_set(&lu->state, SBP2LU_STATE_IN_RESET);
847                         scsi_block_requests(lu->shost);
848                 }
849         read_unlock_irqrestore(&sbp2_hi_logical_units_lock, flags);
850 }
851
852 static int sbp2_start_device(struct sbp2_lu *lu)
853 {
854         struct sbp2_fwhost_info *hi = lu->hi;
855         int error;
856
857         lu->login_response = dma_alloc_coherent(hi->host->device.parent,
858                                      sizeof(struct sbp2_login_response),
859                                      &lu->login_response_dma, GFP_KERNEL);
860         if (!lu->login_response)
861                 goto alloc_fail;
862
863         lu->query_logins_orb = dma_alloc_coherent(hi->host->device.parent,
864                                      sizeof(struct sbp2_query_logins_orb),
865                                      &lu->query_logins_orb_dma, GFP_KERNEL);
866         if (!lu->query_logins_orb)
867                 goto alloc_fail;
868
869         lu->query_logins_response = dma_alloc_coherent(hi->host->device.parent,
870                                      sizeof(struct sbp2_query_logins_response),
871                                      &lu->query_logins_response_dma, GFP_KERNEL);
872         if (!lu->query_logins_response)
873                 goto alloc_fail;
874
875         lu->reconnect_orb = dma_alloc_coherent(hi->host->device.parent,
876                                      sizeof(struct sbp2_reconnect_orb),
877                                      &lu->reconnect_orb_dma, GFP_KERNEL);
878         if (!lu->reconnect_orb)
879                 goto alloc_fail;
880
881         lu->logout_orb = dma_alloc_coherent(hi->host->device.parent,
882                                      sizeof(struct sbp2_logout_orb),
883                                      &lu->logout_orb_dma, GFP_KERNEL);
884         if (!lu->logout_orb)
885                 goto alloc_fail;
886
887         lu->login_orb = dma_alloc_coherent(hi->host->device.parent,
888                                      sizeof(struct sbp2_login_orb),
889                                      &lu->login_orb_dma, GFP_KERNEL);
890         if (!lu->login_orb)
891                 goto alloc_fail;
892
893         if (sbp2util_create_command_orb_pool(lu))
894                 goto alloc_fail;
895
896         /* Wait a second before trying to log in. Previously logged in
897          * initiators need a chance to reconnect. */
898         if (msleep_interruptible(1000)) {
899                 sbp2_remove_device(lu);
900                 return -EINTR;
901         }
902
903         if (sbp2_login_device(lu)) {
904                 sbp2_remove_device(lu);
905                 return -EBUSY;
906         }
907
908         sbp2_set_busy_timeout(lu);
909         sbp2_agent_reset(lu, 1);
910         sbp2_max_speed_and_size(lu);
911
912         error = scsi_add_device(lu->shost, 0, lu->ud->id, 0);
913         if (error) {
914                 SBP2_ERR("scsi_add_device failed");
915                 sbp2_logout_device(lu);
916                 sbp2_remove_device(lu);
917                 return error;
918         }
919
920         return 0;
921
922 alloc_fail:
923         SBP2_ERR("Could not allocate memory for lu");
924         sbp2_remove_device(lu);
925         return -ENOMEM;
926 }
927
928 static void sbp2_remove_device(struct sbp2_lu *lu)
929 {
930         struct sbp2_fwhost_info *hi;
931         unsigned long flags;
932
933         if (!lu)
934                 return;
935         hi = lu->hi;
936         if (!hi)
937                 goto no_hi;
938
939         if (lu->shost) {
940                 scsi_remove_host(lu->shost);
941                 scsi_host_put(lu->shost);
942         }
943         flush_scheduled_work();
944         sbp2util_remove_command_orb_pool(lu, hi->host);
945
946         write_lock_irqsave(&sbp2_hi_logical_units_lock, flags);
947         list_del(&lu->lu_list);
948         write_unlock_irqrestore(&sbp2_hi_logical_units_lock, flags);
949
950         if (lu->login_response)
951                 dma_free_coherent(hi->host->device.parent,
952                                     sizeof(struct sbp2_login_response),
953                                     lu->login_response,
954                                     lu->login_response_dma);
955         if (lu->login_orb)
956                 dma_free_coherent(hi->host->device.parent,
957                                     sizeof(struct sbp2_login_orb),
958                                     lu->login_orb,
959                                     lu->login_orb_dma);
960         if (lu->reconnect_orb)
961                 dma_free_coherent(hi->host->device.parent,
962                                     sizeof(struct sbp2_reconnect_orb),
963                                     lu->reconnect_orb,
964                                     lu->reconnect_orb_dma);
965         if (lu->logout_orb)
966                 dma_free_coherent(hi->host->device.parent,
967                                     sizeof(struct sbp2_logout_orb),
968                                     lu->logout_orb,
969                                     lu->logout_orb_dma);
970         if (lu->query_logins_orb)
971                 dma_free_coherent(hi->host->device.parent,
972                                     sizeof(struct sbp2_query_logins_orb),
973                                     lu->query_logins_orb,
974                                     lu->query_logins_orb_dma);
975         if (lu->query_logins_response)
976                 dma_free_coherent(hi->host->device.parent,
977                                     sizeof(struct sbp2_query_logins_response),
978                                     lu->query_logins_response,
979                                     lu->query_logins_response_dma);
980
981         if (lu->status_fifo_addr != CSR1212_INVALID_ADDR_SPACE)
982                 hpsb_unregister_addrspace(&sbp2_highlevel, hi->host,
983                                           lu->status_fifo_addr);
984
985         lu->ud->device.driver_data = NULL;
986
987         module_put(hi->host->driver->owner);
988 no_hi:
989         kfree(lu);
990 }
991
992 #ifdef CONFIG_IEEE1394_SBP2_PHYS_DMA
993 /*
994  * Deal with write requests on adapters which do not support physical DMA or
995  * have it switched off.
996  */
997 static int sbp2_handle_physdma_write(struct hpsb_host *host, int nodeid,
998                                      int destid, quadlet_t *data, u64 addr,
999                                      size_t length, u16 flags)
1000 {
1001         memcpy(bus_to_virt((u32) addr), data, length);
1002         return RCODE_COMPLETE;
1003 }
1004
1005 /*
1006  * Deal with read requests on adapters which do not support physical DMA or
1007  * have it switched off.
1008  */
1009 static int sbp2_handle_physdma_read(struct hpsb_host *host, int nodeid,
1010                                     quadlet_t *data, u64 addr, size_t length,
1011                                     u16 flags)
1012 {
1013         memcpy(data, bus_to_virt((u32) addr), length);
1014         return RCODE_COMPLETE;
1015 }
1016 #endif
1017
1018 /**************************************
1019  * SBP-2 protocol related section
1020  **************************************/
1021
1022 static int sbp2_query_logins(struct sbp2_lu *lu)
1023 {
1024         struct sbp2_fwhost_info *hi = lu->hi;
1025         quadlet_t data[2];
1026         int max_logins;
1027         int active_logins;
1028
1029         lu->query_logins_orb->reserved1 = 0x0;
1030         lu->query_logins_orb->reserved2 = 0x0;
1031
1032         lu->query_logins_orb->query_response_lo = lu->query_logins_response_dma;
1033         lu->query_logins_orb->query_response_hi =
1034                         ORB_SET_NODE_ID(hi->host->node_id);
1035         lu->query_logins_orb->lun_misc =
1036                         ORB_SET_FUNCTION(SBP2_QUERY_LOGINS_REQUEST);
1037         lu->query_logins_orb->lun_misc |= ORB_SET_NOTIFY(1);
1038         lu->query_logins_orb->lun_misc |= ORB_SET_LUN(lu->lun);
1039
1040         lu->query_logins_orb->reserved_resp_length =
1041                 ORB_SET_QUERY_LOGINS_RESP_LENGTH(
1042                         sizeof(struct sbp2_query_logins_response));
1043
1044         lu->query_logins_orb->status_fifo_hi =
1045                 ORB_SET_STATUS_FIFO_HI(lu->status_fifo_addr, hi->host->node_id);
1046         lu->query_logins_orb->status_fifo_lo =
1047                 ORB_SET_STATUS_FIFO_LO(lu->status_fifo_addr);
1048
1049         sbp2util_cpu_to_be32_buffer(lu->query_logins_orb,
1050                                     sizeof(struct sbp2_query_logins_orb));
1051
1052         memset(lu->query_logins_response, 0,
1053                sizeof(struct sbp2_query_logins_response));
1054
1055         data[0] = ORB_SET_NODE_ID(hi->host->node_id);
1056         data[1] = lu->query_logins_orb_dma;
1057         sbp2util_cpu_to_be32_buffer(data, 8);
1058
1059         hpsb_node_write(lu->ne, lu->management_agent_addr, data, 8);
1060
1061         if (sbp2util_access_timeout(lu, 2*HZ)) {
1062                 SBP2_INFO("Error querying logins to SBP-2 device - timed out");
1063                 return -EIO;
1064         }
1065
1066         if (lu->status_block.ORB_offset_lo != lu->query_logins_orb_dma) {
1067                 SBP2_INFO("Error querying logins to SBP-2 device - timed out");
1068                 return -EIO;
1069         }
1070
1071         if (STATUS_TEST_RDS(lu->status_block.ORB_offset_hi_misc)) {
1072                 SBP2_INFO("Error querying logins to SBP-2 device - failed");
1073                 return -EIO;
1074         }
1075
1076         sbp2util_cpu_to_be32_buffer(lu->query_logins_response,
1077                                     sizeof(struct sbp2_query_logins_response));
1078
1079         max_logins = RESPONSE_GET_MAX_LOGINS(
1080                         lu->query_logins_response->length_max_logins);
1081         SBP2_INFO("Maximum concurrent logins supported: %d", max_logins);
1082
1083         active_logins = RESPONSE_GET_ACTIVE_LOGINS(
1084                         lu->query_logins_response->length_max_logins);
1085         SBP2_INFO("Number of active logins: %d", active_logins);
1086
1087         if (active_logins >= max_logins) {
1088                 return -EIO;
1089         }
1090
1091         return 0;
1092 }
1093
1094 static int sbp2_login_device(struct sbp2_lu *lu)
1095 {
1096         struct sbp2_fwhost_info *hi = lu->hi;
1097         quadlet_t data[2];
1098
1099         if (!lu->login_orb)
1100                 return -EIO;
1101
1102         if (!sbp2_exclusive_login && sbp2_query_logins(lu)) {
1103                 SBP2_INFO("Device does not support any more concurrent logins");
1104                 return -EIO;
1105         }
1106
1107         /* assume no password */
1108         lu->login_orb->password_hi = 0;
1109         lu->login_orb->password_lo = 0;
1110
1111         lu->login_orb->login_response_lo = lu->login_response_dma;
1112         lu->login_orb->login_response_hi = ORB_SET_NODE_ID(hi->host->node_id);
1113         lu->login_orb->lun_misc = ORB_SET_FUNCTION(SBP2_LOGIN_REQUEST);
1114
1115         /* one second reconnect time */
1116         lu->login_orb->lun_misc |= ORB_SET_RECONNECT(0);
1117         lu->login_orb->lun_misc |= ORB_SET_EXCLUSIVE(sbp2_exclusive_login);
1118         lu->login_orb->lun_misc |= ORB_SET_NOTIFY(1);
1119         lu->login_orb->lun_misc |= ORB_SET_LUN(lu->lun);
1120
1121         lu->login_orb->passwd_resp_lengths =
1122                 ORB_SET_LOGIN_RESP_LENGTH(sizeof(struct sbp2_login_response));
1123
1124         lu->login_orb->status_fifo_hi =
1125                 ORB_SET_STATUS_FIFO_HI(lu->status_fifo_addr, hi->host->node_id);
1126         lu->login_orb->status_fifo_lo =
1127                 ORB_SET_STATUS_FIFO_LO(lu->status_fifo_addr);
1128
1129         sbp2util_cpu_to_be32_buffer(lu->login_orb,
1130                                     sizeof(struct sbp2_login_orb));
1131
1132         memset(lu->login_response, 0, sizeof(struct sbp2_login_response));
1133
1134         data[0] = ORB_SET_NODE_ID(hi->host->node_id);
1135         data[1] = lu->login_orb_dma;
1136         sbp2util_cpu_to_be32_buffer(data, 8);
1137
1138         hpsb_node_write(lu->ne, lu->management_agent_addr, data, 8);
1139
1140         /* wait up to 20 seconds for login status */
1141         if (sbp2util_access_timeout(lu, 20*HZ)) {
1142                 SBP2_ERR("Error logging into SBP-2 device - timed out");
1143                 return -EIO;
1144         }
1145
1146         /* make sure that the returned status matches the login ORB */
1147         if (lu->status_block.ORB_offset_lo != lu->login_orb_dma) {
1148                 SBP2_ERR("Error logging into SBP-2 device - timed out");
1149                 return -EIO;
1150         }
1151
1152         if (STATUS_TEST_RDS(lu->status_block.ORB_offset_hi_misc)) {
1153                 SBP2_ERR("Error logging into SBP-2 device - failed");
1154                 return -EIO;
1155         }
1156
1157         sbp2util_cpu_to_be32_buffer(lu->login_response,
1158                                     sizeof(struct sbp2_login_response));
1159         lu->command_block_agent_addr =
1160                         ((u64)lu->login_response->command_block_agent_hi) << 32;
1161         lu->command_block_agent_addr |=
1162                         ((u64)lu->login_response->command_block_agent_lo);
1163         lu->command_block_agent_addr &= 0x0000ffffffffffffULL;
1164
1165         SBP2_INFO("Logged into SBP-2 device");
1166         return 0;
1167 }
1168
1169 static int sbp2_logout_device(struct sbp2_lu *lu)
1170 {
1171         struct sbp2_fwhost_info *hi = lu->hi;
1172         quadlet_t data[2];
1173         int error;
1174
1175         lu->logout_orb->reserved1 = 0x0;
1176         lu->logout_orb->reserved2 = 0x0;
1177         lu->logout_orb->reserved3 = 0x0;
1178         lu->logout_orb->reserved4 = 0x0;
1179
1180         lu->logout_orb->login_ID_misc = ORB_SET_FUNCTION(SBP2_LOGOUT_REQUEST);
1181         lu->logout_orb->login_ID_misc |=
1182                         ORB_SET_LOGIN_ID(lu->login_response->length_login_ID);
1183         lu->logout_orb->login_ID_misc |= ORB_SET_NOTIFY(1);
1184
1185         lu->logout_orb->reserved5 = 0x0;
1186         lu->logout_orb->status_fifo_hi =
1187                 ORB_SET_STATUS_FIFO_HI(lu->status_fifo_addr, hi->host->node_id);
1188         lu->logout_orb->status_fifo_lo =
1189                 ORB_SET_STATUS_FIFO_LO(lu->status_fifo_addr);
1190
1191         sbp2util_cpu_to_be32_buffer(lu->logout_orb,
1192                                     sizeof(struct sbp2_logout_orb));
1193
1194         data[0] = ORB_SET_NODE_ID(hi->host->node_id);
1195         data[1] = lu->logout_orb_dma;
1196         sbp2util_cpu_to_be32_buffer(data, 8);
1197
1198         error = hpsb_node_write(lu->ne, lu->management_agent_addr, data, 8);
1199         if (error)
1200                 return error;
1201
1202         /* wait up to 1 second for the device to complete logout */
1203         if (sbp2util_access_timeout(lu, HZ))
1204                 return -EIO;
1205
1206         SBP2_INFO("Logged out of SBP-2 device");
1207         return 0;
1208 }
1209
1210 static int sbp2_reconnect_device(struct sbp2_lu *lu)
1211 {
1212         struct sbp2_fwhost_info *hi = lu->hi;
1213         quadlet_t data[2];
1214         int error;
1215
1216         lu->reconnect_orb->reserved1 = 0x0;
1217         lu->reconnect_orb->reserved2 = 0x0;
1218         lu->reconnect_orb->reserved3 = 0x0;
1219         lu->reconnect_orb->reserved4 = 0x0;
1220
1221         lu->reconnect_orb->login_ID_misc =
1222                         ORB_SET_FUNCTION(SBP2_RECONNECT_REQUEST);
1223         lu->reconnect_orb->login_ID_misc |=
1224                         ORB_SET_LOGIN_ID(lu->login_response->length_login_ID);
1225         lu->reconnect_orb->login_ID_misc |= ORB_SET_NOTIFY(1);
1226
1227         lu->reconnect_orb->reserved5 = 0x0;
1228         lu->reconnect_orb->status_fifo_hi =
1229                 ORB_SET_STATUS_FIFO_HI(lu->status_fifo_addr, hi->host->node_id);
1230         lu->reconnect_orb->status_fifo_lo =
1231                 ORB_SET_STATUS_FIFO_LO(lu->status_fifo_addr);
1232
1233         sbp2util_cpu_to_be32_buffer(lu->reconnect_orb,
1234                                     sizeof(struct sbp2_reconnect_orb));
1235
1236         data[0] = ORB_SET_NODE_ID(hi->host->node_id);
1237         data[1] = lu->reconnect_orb_dma;
1238         sbp2util_cpu_to_be32_buffer(data, 8);
1239
1240         error = hpsb_node_write(lu->ne, lu->management_agent_addr, data, 8);
1241         if (error)
1242                 return error;
1243
1244         /* wait up to 1 second for reconnect status */
1245         if (sbp2util_access_timeout(lu, HZ)) {
1246                 SBP2_ERR("Error reconnecting to SBP-2 device - timed out");
1247                 return -EIO;
1248         }
1249
1250         /* make sure that the returned status matches the reconnect ORB */
1251         if (lu->status_block.ORB_offset_lo != lu->reconnect_orb_dma) {
1252                 SBP2_ERR("Error reconnecting to SBP-2 device - timed out");
1253                 return -EIO;
1254         }
1255
1256         if (STATUS_TEST_RDS(lu->status_block.ORB_offset_hi_misc)) {
1257                 SBP2_ERR("Error reconnecting to SBP-2 device - failed");
1258                 return -EIO;
1259         }
1260
1261         SBP2_INFO("Reconnected to SBP-2 device");
1262         return 0;
1263 }
1264
1265 /*
1266  * Set the target node's Single Phase Retry limit. Affects the target's retry
1267  * behaviour if our node is too busy to accept requests.
1268  */
1269 static int sbp2_set_busy_timeout(struct sbp2_lu *lu)
1270 {
1271         quadlet_t data;
1272
1273         data = cpu_to_be32(SBP2_BUSY_TIMEOUT_VALUE);
1274         if (hpsb_node_write(lu->ne, SBP2_BUSY_TIMEOUT_ADDRESS, &data, 4))
1275                 SBP2_ERR("%s error", __FUNCTION__);
1276         return 0;
1277 }
1278
1279 static void sbp2_parse_unit_directory(struct sbp2_lu *lu,
1280                                       struct unit_directory *ud)
1281 {
1282         struct csr1212_keyval *kv;
1283         struct csr1212_dentry *dentry;
1284         u64 management_agent_addr;
1285         u32 unit_characteristics, firmware_revision;
1286         unsigned workarounds;
1287         int i;
1288
1289         management_agent_addr = 0;
1290         unit_characteristics = 0;
1291         firmware_revision = 0;
1292
1293         csr1212_for_each_dir_entry(ud->ne->csr, kv, ud->ud_kv, dentry) {
1294                 switch (kv->key.id) {
1295                 case CSR1212_KV_ID_DEPENDENT_INFO:
1296                         if (kv->key.type == CSR1212_KV_TYPE_CSR_OFFSET)
1297                                 management_agent_addr =
1298                                     CSR1212_REGISTER_SPACE_BASE +
1299                                     (kv->value.csr_offset << 2);
1300
1301                         else if (kv->key.type == CSR1212_KV_TYPE_IMMEDIATE)
1302                                 lu->lun = ORB_SET_LUN(kv->value.immediate);
1303                         break;
1304
1305                 case SBP2_UNIT_CHARACTERISTICS_KEY:
1306                         /* FIXME: This is ignored so far.
1307                          * See SBP-2 clause 7.4.8. */
1308                         unit_characteristics = kv->value.immediate;
1309                         break;
1310
1311                 case SBP2_FIRMWARE_REVISION_KEY:
1312                         firmware_revision = kv->value.immediate;
1313                         break;
1314
1315                 default:
1316                         /* FIXME: Check for SBP2_DEVICE_TYPE_AND_LUN_KEY.
1317                          * Its "ordered" bit has consequences for command ORB
1318                          * list handling. See SBP-2 clauses 4.6, 7.4.11, 10.2 */
1319                         break;
1320                 }
1321         }
1322
1323         workarounds = sbp2_default_workarounds;
1324
1325         if (!(workarounds & SBP2_WORKAROUND_OVERRIDE))
1326                 for (i = 0; i < ARRAY_SIZE(sbp2_workarounds_table); i++) {
1327                         if (sbp2_workarounds_table[i].firmware_revision !=
1328                             SBP2_ROM_VALUE_WILDCARD &&
1329                             sbp2_workarounds_table[i].firmware_revision !=
1330                             (firmware_revision & 0xffff00))
1331                                 continue;
1332                         if (sbp2_workarounds_table[i].model_id !=
1333                             SBP2_ROM_VALUE_WILDCARD &&
1334                             sbp2_workarounds_table[i].model_id != ud->model_id)
1335                                 continue;
1336                         workarounds |= sbp2_workarounds_table[i].workarounds;
1337                         break;
1338                 }
1339
1340         if (workarounds)
1341                 SBP2_INFO("Workarounds for node " NODE_BUS_FMT ": 0x%x "
1342                           "(firmware_revision 0x%06x, vendor_id 0x%06x,"
1343                           " model_id 0x%06x)",
1344                           NODE_BUS_ARGS(ud->ne->host, ud->ne->nodeid),
1345                           workarounds, firmware_revision,
1346                           ud->vendor_id ? ud->vendor_id : ud->ne->vendor_id,
1347                           ud->model_id);
1348
1349         /* We would need one SCSI host template for each target to adjust
1350          * max_sectors on the fly, therefore warn only. */
1351         if (workarounds & SBP2_WORKAROUND_128K_MAX_TRANS &&
1352             (sbp2_max_sectors * 512) > (128 * 1024))
1353                 SBP2_INFO("Node " NODE_BUS_FMT ": Bridge only supports 128KB "
1354                           "max transfer size. WARNING: Current max_sectors "
1355                           "setting is larger than 128KB (%d sectors)",
1356                           NODE_BUS_ARGS(ud->ne->host, ud->ne->nodeid),
1357                           sbp2_max_sectors);
1358
1359         /* If this is a logical unit directory entry, process the parent
1360          * to get the values. */
1361         if (ud->flags & UNIT_DIRECTORY_LUN_DIRECTORY) {
1362                 struct unit_directory *parent_ud = container_of(
1363                         ud->device.parent, struct unit_directory, device);
1364                 sbp2_parse_unit_directory(lu, parent_ud);
1365         } else {
1366                 lu->management_agent_addr = management_agent_addr;
1367                 lu->workarounds = workarounds;
1368                 if (ud->flags & UNIT_DIRECTORY_HAS_LUN)
1369                         lu->lun = ORB_SET_LUN(ud->lun);
1370         }
1371 }
1372
1373 #define SBP2_PAYLOAD_TO_BYTES(p) (1 << ((p) + 2))
1374
1375 /*
1376  * This function is called in order to determine the max speed and packet
1377  * size we can use in our ORBs. Note, that we (the driver and host) only
1378  * initiate the transaction. The SBP-2 device actually transfers the data
1379  * (by reading from the DMA area we tell it). This means that the SBP-2
1380  * device decides the actual maximum data it can transfer. We just tell it
1381  * the speed that it needs to use, and the max_rec the host supports, and
1382  * it takes care of the rest.
1383  */
1384 static int sbp2_max_speed_and_size(struct sbp2_lu *lu)
1385 {
1386         struct sbp2_fwhost_info *hi = lu->hi;
1387         u8 payload;
1388
1389         lu->speed_code = hi->host->speed[NODEID_TO_NODE(lu->ne->nodeid)];
1390
1391         if (lu->speed_code > sbp2_max_speed) {
1392                 lu->speed_code = sbp2_max_speed;
1393                 SBP2_INFO("Reducing speed to %s",
1394                           hpsb_speedto_str[sbp2_max_speed]);
1395         }
1396
1397         /* Payload size is the lesser of what our speed supports and what
1398          * our host supports.  */
1399         payload = min(sbp2_speedto_max_payload[lu->speed_code],
1400                       (u8) (hi->host->csr.max_rec - 1));
1401
1402         /* If physical DMA is off, work around limitation in ohci1394:
1403          * packet size must not exceed PAGE_SIZE */
1404         if (lu->ne->host->low_addr_space < (1ULL << 32))
1405                 while (SBP2_PAYLOAD_TO_BYTES(payload) + 24 > PAGE_SIZE &&
1406                        payload)
1407                         payload--;
1408
1409         SBP2_INFO("Node " NODE_BUS_FMT ": Max speed [%s] - Max payload [%u]",
1410                   NODE_BUS_ARGS(hi->host, lu->ne->nodeid),
1411                   hpsb_speedto_str[lu->speed_code],
1412                   SBP2_PAYLOAD_TO_BYTES(payload));
1413
1414         lu->max_payload_size = payload;
1415         return 0;
1416 }
1417
1418 static int sbp2_agent_reset(struct sbp2_lu *lu, int wait)
1419 {
1420         quadlet_t data;
1421         u64 addr;
1422         int retval;
1423         unsigned long flags;
1424
1425         /* flush lu->protocol_work */
1426         if (wait)
1427                 flush_scheduled_work();
1428
1429         data = ntohl(SBP2_AGENT_RESET_DATA);
1430         addr = lu->command_block_agent_addr + SBP2_AGENT_RESET_OFFSET;
1431
1432         if (wait)
1433                 retval = hpsb_node_write(lu->ne, addr, &data, 4);
1434         else
1435                 retval = sbp2util_node_write_no_wait(lu->ne, addr, &data, 4);
1436
1437         if (retval < 0) {
1438                 SBP2_ERR("hpsb_node_write failed.\n");
1439                 return -EIO;
1440         }
1441
1442         /* make sure that the ORB_POINTER is written on next command */
1443         spin_lock_irqsave(&lu->cmd_orb_lock, flags);
1444         lu->last_orb = NULL;
1445         spin_unlock_irqrestore(&lu->cmd_orb_lock, flags);
1446
1447         return 0;
1448 }
1449
1450 static void sbp2_prep_command_orb_sg(struct sbp2_command_orb *orb,
1451                                      struct sbp2_fwhost_info *hi,
1452                                      struct sbp2_command_info *cmd,
1453                                      unsigned int scsi_use_sg,
1454                                      struct scatterlist *sgpnt,
1455                                      u32 orb_direction,
1456                                      enum dma_data_direction dma_dir)
1457 {
1458         cmd->dma_dir = dma_dir;
1459         orb->data_descriptor_hi = ORB_SET_NODE_ID(hi->host->node_id);
1460         orb->misc |= ORB_SET_DIRECTION(orb_direction);
1461
1462         /* special case if only one element (and less than 64KB in size) */
1463         if ((scsi_use_sg == 1) &&
1464             (sgpnt[0].length <= SBP2_MAX_SG_ELEMENT_LENGTH)) {
1465
1466                 cmd->dma_size = sgpnt[0].length;
1467                 cmd->dma_type = CMD_DMA_PAGE;
1468                 cmd->cmd_dma = dma_map_page(hi->host->device.parent,
1469                                             sg_page(&sgpnt[0]), sgpnt[0].offset,
1470                                             cmd->dma_size, cmd->dma_dir);
1471
1472                 orb->data_descriptor_lo = cmd->cmd_dma;
1473                 orb->misc |= ORB_SET_DATA_SIZE(cmd->dma_size);
1474
1475         } else {
1476                 struct sbp2_unrestricted_page_table *sg_element =
1477                                                 &cmd->scatter_gather_element[0];
1478                 u32 sg_count, sg_len;
1479                 dma_addr_t sg_addr;
1480                 int i, count = dma_map_sg(hi->host->device.parent, sgpnt,
1481                                           scsi_use_sg, dma_dir);
1482
1483                 cmd->dma_size = scsi_use_sg;
1484                 cmd->sge_buffer = sgpnt;
1485
1486                 /* use page tables (s/g) */
1487                 orb->misc |= ORB_SET_PAGE_TABLE_PRESENT(0x1);
1488                 orb->data_descriptor_lo = cmd->sge_dma;
1489
1490                 /* loop through and fill out our SBP-2 page tables
1491                  * (and split up anything too large) */
1492                 for (i = 0, sg_count = 0 ; i < count; i++, sgpnt++) {
1493                         sg_len = sg_dma_len(sgpnt);
1494                         sg_addr = sg_dma_address(sgpnt);
1495                         while (sg_len) {
1496                                 sg_element[sg_count].segment_base_lo = sg_addr;
1497                                 if (sg_len > SBP2_MAX_SG_ELEMENT_LENGTH) {
1498                                         sg_element[sg_count].length_segment_base_hi =
1499                                                 PAGE_TABLE_SET_SEGMENT_LENGTH(SBP2_MAX_SG_ELEMENT_LENGTH);
1500                                         sg_addr += SBP2_MAX_SG_ELEMENT_LENGTH;
1501                                         sg_len -= SBP2_MAX_SG_ELEMENT_LENGTH;
1502                                 } else {
1503                                         sg_element[sg_count].length_segment_base_hi =
1504                                                 PAGE_TABLE_SET_SEGMENT_LENGTH(sg_len);
1505                                         sg_len = 0;
1506                                 }
1507                                 sg_count++;
1508                         }
1509                 }
1510
1511                 orb->misc |= ORB_SET_DATA_SIZE(sg_count);
1512
1513                 sbp2util_cpu_to_be32_buffer(sg_element,
1514                                 (sizeof(struct sbp2_unrestricted_page_table)) *
1515                                 sg_count);
1516         }
1517 }
1518
1519 static void sbp2_create_command_orb(struct sbp2_lu *lu,
1520                                     struct sbp2_command_info *cmd,
1521                                     unchar *scsi_cmd,
1522                                     unsigned int scsi_use_sg,
1523                                     unsigned int scsi_request_bufflen,
1524                                     void *scsi_request_buffer,
1525                                     enum dma_data_direction dma_dir)
1526 {
1527         struct sbp2_fwhost_info *hi = lu->hi;
1528         struct scatterlist *sgpnt = (struct scatterlist *)scsi_request_buffer;
1529         struct sbp2_command_orb *orb = &cmd->command_orb;
1530         u32 orb_direction;
1531
1532         /*
1533          * Set-up our command ORB.
1534          *
1535          * NOTE: We're doing unrestricted page tables (s/g), as this is
1536          * best performance (at least with the devices I have). This means
1537          * that data_size becomes the number of s/g elements, and
1538          * page_size should be zero (for unrestricted).
1539          */
1540         orb->next_ORB_hi = ORB_SET_NULL_PTR(1);
1541         orb->next_ORB_lo = 0x0;
1542         orb->misc = ORB_SET_MAX_PAYLOAD(lu->max_payload_size);
1543         orb->misc |= ORB_SET_SPEED(lu->speed_code);
1544         orb->misc |= ORB_SET_NOTIFY(1);
1545
1546         if (dma_dir == DMA_NONE)
1547                 orb_direction = ORB_DIRECTION_NO_DATA_TRANSFER;
1548         else if (dma_dir == DMA_TO_DEVICE && scsi_request_bufflen)
1549                 orb_direction = ORB_DIRECTION_WRITE_TO_MEDIA;
1550         else if (dma_dir == DMA_FROM_DEVICE && scsi_request_bufflen)
1551                 orb_direction = ORB_DIRECTION_READ_FROM_MEDIA;
1552         else {
1553                 SBP2_INFO("Falling back to DMA_NONE");
1554                 orb_direction = ORB_DIRECTION_NO_DATA_TRANSFER;
1555         }
1556
1557         /* set up our page table stuff */
1558         if (orb_direction == ORB_DIRECTION_NO_DATA_TRANSFER) {
1559                 orb->data_descriptor_hi = 0x0;
1560                 orb->data_descriptor_lo = 0x0;
1561                 orb->misc |= ORB_SET_DIRECTION(1);
1562         } else
1563                 sbp2_prep_command_orb_sg(orb, hi, cmd, scsi_use_sg, sgpnt,
1564                                          orb_direction, dma_dir);
1565
1566         sbp2util_cpu_to_be32_buffer(orb, sizeof(*orb));
1567
1568         memset(orb->cdb, 0, 12);
1569         memcpy(orb->cdb, scsi_cmd, COMMAND_SIZE(*scsi_cmd));
1570 }
1571
1572 static void sbp2_link_orb_command(struct sbp2_lu *lu,
1573                                   struct sbp2_command_info *cmd)
1574 {
1575         struct sbp2_fwhost_info *hi = lu->hi;
1576         struct sbp2_command_orb *last_orb;
1577         dma_addr_t last_orb_dma;
1578         u64 addr = lu->command_block_agent_addr;
1579         quadlet_t data[2];
1580         size_t length;
1581         unsigned long flags;
1582
1583         dma_sync_single_for_device(hi->host->device.parent,
1584                                    cmd->command_orb_dma,
1585                                    sizeof(struct sbp2_command_orb),
1586                                    DMA_TO_DEVICE);
1587         dma_sync_single_for_device(hi->host->device.parent, cmd->sge_dma,
1588                                    sizeof(cmd->scatter_gather_element),
1589                                    DMA_TO_DEVICE);
1590
1591         /* check to see if there are any previous orbs to use */
1592         spin_lock_irqsave(&lu->cmd_orb_lock, flags);
1593         last_orb = lu->last_orb;
1594         last_orb_dma = lu->last_orb_dma;
1595         if (!last_orb) {
1596                 /*
1597                  * last_orb == NULL means: We know that the target's fetch agent
1598                  * is not active right now.
1599                  */
1600                 addr += SBP2_ORB_POINTER_OFFSET;
1601                 data[0] = ORB_SET_NODE_ID(hi->host->node_id);
1602                 data[1] = cmd->command_orb_dma;
1603                 sbp2util_cpu_to_be32_buffer(data, 8);
1604                 length = 8;
1605         } else {
1606                 /*
1607                  * last_orb != NULL means: We know that the target's fetch agent
1608                  * is (very probably) not dead or in reset state right now.
1609                  * We have an ORB already sent that we can append a new one to.
1610                  * The target's fetch agent may or may not have read this
1611                  * previous ORB yet.
1612                  */
1613                 dma_sync_single_for_cpu(hi->host->device.parent, last_orb_dma,
1614                                         sizeof(struct sbp2_command_orb),
1615                                         DMA_TO_DEVICE);
1616                 last_orb->next_ORB_lo = cpu_to_be32(cmd->command_orb_dma);
1617                 wmb();
1618                 /* Tells hardware that this pointer is valid */
1619                 last_orb->next_ORB_hi = 0;
1620                 dma_sync_single_for_device(hi->host->device.parent,
1621                                            last_orb_dma,
1622                                            sizeof(struct sbp2_command_orb),
1623                                            DMA_TO_DEVICE);
1624                 addr += SBP2_DOORBELL_OFFSET;
1625                 data[0] = 0;
1626                 length = 4;
1627         }
1628         lu->last_orb = &cmd->command_orb;
1629         lu->last_orb_dma = cmd->command_orb_dma;
1630         spin_unlock_irqrestore(&lu->cmd_orb_lock, flags);
1631
1632         if (sbp2util_node_write_no_wait(lu->ne, addr, data, length)) {
1633                 /*
1634                  * sbp2util_node_write_no_wait failed. We certainly ran out
1635                  * of transaction labels, perhaps just because there were no
1636                  * context switches which gave khpsbpkt a chance to collect
1637                  * free tlabels. Try again in non-atomic context. If necessary,
1638                  * the workqueue job will sleep to guaranteedly get a tlabel.
1639                  * We do not accept new commands until the job is over.
1640                  */
1641                 scsi_block_requests(lu->shost);
1642                 PREPARE_WORK(&lu->protocol_work,
1643                              last_orb ? sbp2util_write_doorbell:
1644                                         sbp2util_write_orb_pointer);
1645                 schedule_work(&lu->protocol_work);
1646         }
1647 }
1648
1649 static int sbp2_send_command(struct sbp2_lu *lu, struct scsi_cmnd *SCpnt,
1650                              void (*done)(struct scsi_cmnd *))
1651 {
1652         unchar *scsi_cmd = (unchar *)SCpnt->cmnd;
1653         unsigned int request_bufflen = scsi_bufflen(SCpnt);
1654         struct sbp2_command_info *cmd;
1655
1656         cmd = sbp2util_allocate_command_orb(lu, SCpnt, done);
1657         if (!cmd)
1658                 return -EIO;
1659
1660         sbp2_create_command_orb(lu, cmd, scsi_cmd, scsi_sg_count(SCpnt),
1661                                 request_bufflen, scsi_sglist(SCpnt),
1662                                 SCpnt->sc_data_direction);
1663         sbp2_link_orb_command(lu, cmd);
1664
1665         return 0;
1666 }
1667
1668 /*
1669  * Translates SBP-2 status into SCSI sense data for check conditions
1670  */
1671 static unsigned int sbp2_status_to_sense_data(unchar *sbp2_status,
1672                                               unchar *sense_data)
1673 {
1674         /* OK, it's pretty ugly... ;-) */
1675         sense_data[0] = 0x70;
1676         sense_data[1] = 0x0;
1677         sense_data[2] = sbp2_status[9];
1678         sense_data[3] = sbp2_status[12];
1679         sense_data[4] = sbp2_status[13];
1680         sense_data[5] = sbp2_status[14];
1681         sense_data[6] = sbp2_status[15];
1682         sense_data[7] = 10;
1683         sense_data[8] = sbp2_status[16];
1684         sense_data[9] = sbp2_status[17];
1685         sense_data[10] = sbp2_status[18];
1686         sense_data[11] = sbp2_status[19];
1687         sense_data[12] = sbp2_status[10];
1688         sense_data[13] = sbp2_status[11];
1689         sense_data[14] = sbp2_status[20];
1690         sense_data[15] = sbp2_status[21];
1691
1692         return sbp2_status[8] & 0x3f;
1693 }
1694
1695 static int sbp2_handle_status_write(struct hpsb_host *host, int nodeid,
1696                                     int destid, quadlet_t *data, u64 addr,
1697                                     size_t length, u16 fl)
1698 {
1699         struct sbp2_fwhost_info *hi;
1700         struct sbp2_lu *lu = NULL, *lu_tmp;
1701         struct scsi_cmnd *SCpnt = NULL;
1702         struct sbp2_status_block *sb;
1703         u32 scsi_status = SBP2_SCSI_STATUS_GOOD;
1704         struct sbp2_command_info *cmd;
1705         unsigned long flags;
1706
1707         if (unlikely(length < 8 || length > sizeof(struct sbp2_status_block))) {
1708                 SBP2_ERR("Wrong size of status block");
1709                 return RCODE_ADDRESS_ERROR;
1710         }
1711         if (unlikely(!host)) {
1712                 SBP2_ERR("host is NULL - this is bad!");
1713                 return RCODE_ADDRESS_ERROR;
1714         }
1715         hi = hpsb_get_hostinfo(&sbp2_highlevel, host);
1716         if (unlikely(!hi)) {
1717                 SBP2_ERR("host info is NULL - this is bad!");
1718                 return RCODE_ADDRESS_ERROR;
1719         }
1720
1721         /* Find the unit which wrote the status. */
1722         read_lock_irqsave(&sbp2_hi_logical_units_lock, flags);
1723         list_for_each_entry(lu_tmp, &hi->logical_units, lu_list) {
1724                 if (lu_tmp->ne->nodeid == nodeid &&
1725                     lu_tmp->status_fifo_addr == addr) {
1726                         lu = lu_tmp;
1727                         break;
1728                 }
1729         }
1730         read_unlock_irqrestore(&sbp2_hi_logical_units_lock, flags);
1731
1732         if (unlikely(!lu)) {
1733                 SBP2_ERR("lu is NULL - device is gone?");
1734                 return RCODE_ADDRESS_ERROR;
1735         }
1736
1737         /* Put response into lu status fifo buffer. The first two bytes
1738          * come in big endian bit order. Often the target writes only a
1739          * truncated status block, minimally the first two quadlets. The rest
1740          * is implied to be zeros. */
1741         sb = &lu->status_block;
1742         memset(sb->command_set_dependent, 0, sizeof(sb->command_set_dependent));
1743         memcpy(sb, data, length);
1744         sbp2util_be32_to_cpu_buffer(sb, 8);
1745
1746         /* Ignore unsolicited status. Handle command ORB status. */
1747         if (unlikely(STATUS_GET_SRC(sb->ORB_offset_hi_misc) == 2))
1748                 cmd = NULL;
1749         else
1750                 cmd = sbp2util_find_command_for_orb(lu, sb->ORB_offset_lo);
1751         if (cmd) {
1752                 dma_sync_single_for_cpu(hi->host->device.parent,
1753                                         cmd->command_orb_dma,
1754                                         sizeof(struct sbp2_command_orb),
1755                                         DMA_TO_DEVICE);
1756                 dma_sync_single_for_cpu(hi->host->device.parent, cmd->sge_dma,
1757                                         sizeof(cmd->scatter_gather_element),
1758                                         DMA_TO_DEVICE);
1759                 /* Grab SCSI command pointers and check status. */
1760                 /*
1761                  * FIXME: If the src field in the status is 1, the ORB DMA must
1762                  * not be reused until status for a subsequent ORB is received.
1763                  */
1764                 SCpnt = cmd->Current_SCpnt;
1765                 spin_lock_irqsave(&lu->cmd_orb_lock, flags);
1766                 sbp2util_mark_command_completed(lu, cmd);
1767                 spin_unlock_irqrestore(&lu->cmd_orb_lock, flags);
1768
1769                 if (SCpnt) {
1770                         u32 h = sb->ORB_offset_hi_misc;
1771                         u32 r = STATUS_GET_RESP(h);
1772
1773                         if (r != RESP_STATUS_REQUEST_COMPLETE) {
1774                                 SBP2_INFO("resp 0x%x, sbp_status 0x%x",
1775                                           r, STATUS_GET_SBP_STATUS(h));
1776                                 scsi_status =
1777                                         r == RESP_STATUS_TRANSPORT_FAILURE ?
1778                                         SBP2_SCSI_STATUS_BUSY :
1779                                         SBP2_SCSI_STATUS_COMMAND_TERMINATED;
1780                         }
1781
1782                         if (STATUS_GET_LEN(h) > 1)
1783                                 scsi_status = sbp2_status_to_sense_data(
1784                                         (unchar *)sb, SCpnt->sense_buffer);
1785
1786                         if (STATUS_TEST_DEAD(h))
1787                                 sbp2_agent_reset(lu, 0);
1788                 }
1789
1790                 /* Check here to see if there are no commands in-use. If there
1791                  * are none, we know that the fetch agent left the active state
1792                  * _and_ that we did not reactivate it yet. Therefore clear
1793                  * last_orb so that next time we write directly to the
1794                  * ORB_POINTER register. That way the fetch agent does not need
1795                  * to refetch the next_ORB. */
1796                 spin_lock_irqsave(&lu->cmd_orb_lock, flags);
1797                 if (list_empty(&lu->cmd_orb_inuse))
1798                         lu->last_orb = NULL;
1799                 spin_unlock_irqrestore(&lu->cmd_orb_lock, flags);
1800
1801         } else {
1802                 /* It's probably status after a management request. */
1803                 if ((sb->ORB_offset_lo == lu->reconnect_orb_dma) ||
1804                     (sb->ORB_offset_lo == lu->login_orb_dma) ||
1805                     (sb->ORB_offset_lo == lu->query_logins_orb_dma) ||
1806                     (sb->ORB_offset_lo == lu->logout_orb_dma)) {
1807                         lu->access_complete = 1;
1808                         wake_up_interruptible(&sbp2_access_wq);
1809                 }
1810         }
1811
1812         if (SCpnt)
1813                 sbp2scsi_complete_command(lu, scsi_status, SCpnt,
1814                                           cmd->Current_done);
1815         return RCODE_COMPLETE;
1816 }
1817
1818 /**************************************
1819  * SCSI interface related section
1820  **************************************/
1821
1822 static int sbp2scsi_queuecommand(struct scsi_cmnd *SCpnt,
1823                                  void (*done)(struct scsi_cmnd *))
1824 {
1825         struct sbp2_lu *lu = (struct sbp2_lu *)SCpnt->device->host->hostdata[0];
1826         struct sbp2_fwhost_info *hi;
1827         int result = DID_NO_CONNECT << 16;
1828
1829         if (unlikely(!sbp2util_node_is_available(lu)))
1830                 goto done;
1831
1832         hi = lu->hi;
1833
1834         if (unlikely(!hi)) {
1835                 SBP2_ERR("sbp2_fwhost_info is NULL - this is bad!");
1836                 goto done;
1837         }
1838
1839         /* Multiple units are currently represented to the SCSI core as separate
1840          * targets, not as one target with multiple LUs. Therefore return
1841          * selection time-out to any IO directed at non-zero LUNs. */
1842         if (unlikely(SCpnt->device->lun))
1843                 goto done;
1844
1845         if (unlikely(!hpsb_node_entry_valid(lu->ne))) {
1846                 SBP2_ERR("Bus reset in progress - rejecting command");
1847                 result = DID_BUS_BUSY << 16;
1848                 goto done;
1849         }
1850
1851         /* Bidirectional commands are not yet implemented,
1852          * and unknown transfer direction not handled. */
1853         if (unlikely(SCpnt->sc_data_direction == DMA_BIDIRECTIONAL)) {
1854                 SBP2_ERR("Cannot handle DMA_BIDIRECTIONAL - rejecting command");
1855                 result = DID_ERROR << 16;
1856                 goto done;
1857         }
1858
1859         if (sbp2_send_command(lu, SCpnt, done)) {
1860                 SBP2_ERR("Error sending SCSI command");
1861                 sbp2scsi_complete_command(lu,
1862                                           SBP2_SCSI_STATUS_SELECTION_TIMEOUT,
1863                                           SCpnt, done);
1864         }
1865         return 0;
1866
1867 done:
1868         SCpnt->result = result;
1869         done(SCpnt);
1870         return 0;
1871 }
1872
1873 static void sbp2scsi_complete_all_commands(struct sbp2_lu *lu, u32 status)
1874 {
1875         struct sbp2_fwhost_info *hi = lu->hi;
1876         struct list_head *lh;
1877         struct sbp2_command_info *cmd;
1878         unsigned long flags;
1879
1880         spin_lock_irqsave(&lu->cmd_orb_lock, flags);
1881         while (!list_empty(&lu->cmd_orb_inuse)) {
1882                 lh = lu->cmd_orb_inuse.next;
1883                 cmd = list_entry(lh, struct sbp2_command_info, list);
1884                 dma_sync_single_for_cpu(hi->host->device.parent,
1885                                         cmd->command_orb_dma,
1886                                         sizeof(struct sbp2_command_orb),
1887                                         DMA_TO_DEVICE);
1888                 dma_sync_single_for_cpu(hi->host->device.parent, cmd->sge_dma,
1889                                         sizeof(cmd->scatter_gather_element),
1890                                         DMA_TO_DEVICE);
1891                 sbp2util_mark_command_completed(lu, cmd);
1892                 if (cmd->Current_SCpnt) {
1893                         cmd->Current_SCpnt->result = status << 16;
1894                         cmd->Current_done(cmd->Current_SCpnt);
1895                 }
1896         }
1897         spin_unlock_irqrestore(&lu->cmd_orb_lock, flags);
1898
1899         return;
1900 }
1901
1902 /*
1903  * Complete a regular SCSI command. Can be called in atomic context.
1904  */
1905 static void sbp2scsi_complete_command(struct sbp2_lu *lu, u32 scsi_status,
1906                                       struct scsi_cmnd *SCpnt,
1907                                       void (*done)(struct scsi_cmnd *))
1908 {
1909         if (!SCpnt) {
1910                 SBP2_ERR("SCpnt is NULL");
1911                 return;
1912         }
1913
1914         switch (scsi_status) {
1915         case SBP2_SCSI_STATUS_GOOD:
1916                 SCpnt->result = DID_OK << 16;
1917                 break;
1918
1919         case SBP2_SCSI_STATUS_BUSY:
1920                 SBP2_ERR("SBP2_SCSI_STATUS_BUSY");
1921                 SCpnt->result = DID_BUS_BUSY << 16;
1922                 break;
1923
1924         case SBP2_SCSI_STATUS_CHECK_CONDITION:
1925                 SCpnt->result = CHECK_CONDITION << 1 | DID_OK << 16;
1926                 break;
1927
1928         case SBP2_SCSI_STATUS_SELECTION_TIMEOUT:
1929                 SBP2_ERR("SBP2_SCSI_STATUS_SELECTION_TIMEOUT");
1930                 SCpnt->result = DID_NO_CONNECT << 16;
1931                 scsi_print_command(SCpnt);
1932                 break;
1933
1934         case SBP2_SCSI_STATUS_CONDITION_MET:
1935         case SBP2_SCSI_STATUS_RESERVATION_CONFLICT:
1936         case SBP2_SCSI_STATUS_COMMAND_TERMINATED:
1937                 SBP2_ERR("Bad SCSI status = %x", scsi_status);
1938                 SCpnt->result = DID_ERROR << 16;
1939                 scsi_print_command(SCpnt);
1940                 break;
1941
1942         default:
1943                 SBP2_ERR("Unsupported SCSI status = %x", scsi_status);
1944                 SCpnt->result = DID_ERROR << 16;
1945         }
1946
1947         /* If a bus reset is in progress and there was an error, complete
1948          * the command as busy so that it will get retried. */
1949         if (!hpsb_node_entry_valid(lu->ne)
1950             && (scsi_status != SBP2_SCSI_STATUS_GOOD)) {
1951                 SBP2_ERR("Completing command with busy (bus reset)");
1952                 SCpnt->result = DID_BUS_BUSY << 16;
1953         }
1954
1955         /* Tell the SCSI stack that we're done with this command. */
1956         done(SCpnt);
1957 }
1958
1959 static int sbp2scsi_slave_alloc(struct scsi_device *sdev)
1960 {
1961         struct sbp2_lu *lu = (struct sbp2_lu *)sdev->host->hostdata[0];
1962
1963         lu->sdev = sdev;
1964         sdev->allow_restart = 1;
1965
1966         if (lu->workarounds & SBP2_WORKAROUND_INQUIRY_36)
1967                 sdev->inquiry_len = 36;
1968         return 0;
1969 }
1970
1971 static int sbp2scsi_slave_configure(struct scsi_device *sdev)
1972 {
1973         struct sbp2_lu *lu = (struct sbp2_lu *)sdev->host->hostdata[0];
1974
1975         sdev->use_10_for_rw = 1;
1976
1977         if (sdev->type == TYPE_ROM)
1978                 sdev->use_10_for_ms = 1;
1979         if (sdev->type == TYPE_DISK &&
1980             lu->workarounds & SBP2_WORKAROUND_MODE_SENSE_8)
1981                 sdev->skip_ms_page_8 = 1;
1982         if (lu->workarounds & SBP2_WORKAROUND_FIX_CAPACITY)
1983                 sdev->fix_capacity = 1;
1984         return 0;
1985 }
1986
1987 static void sbp2scsi_slave_destroy(struct scsi_device *sdev)
1988 {
1989         ((struct sbp2_lu *)sdev->host->hostdata[0])->sdev = NULL;
1990         return;
1991 }
1992
1993 /*
1994  * Called by scsi stack when something has really gone wrong.
1995  * Usually called when a command has timed-out for some reason.
1996  */
1997 static int sbp2scsi_abort(struct scsi_cmnd *SCpnt)
1998 {
1999         struct sbp2_lu *lu = (struct sbp2_lu *)SCpnt->device->host->hostdata[0];
2000         struct sbp2_fwhost_info *hi = lu->hi;
2001         struct sbp2_command_info *cmd;
2002         unsigned long flags;
2003
2004         SBP2_INFO("aborting sbp2 command");
2005         scsi_print_command(SCpnt);
2006
2007         if (sbp2util_node_is_available(lu)) {
2008                 sbp2_agent_reset(lu, 1);
2009
2010                 /* Return a matching command structure to the free pool. */
2011                 spin_lock_irqsave(&lu->cmd_orb_lock, flags);
2012                 cmd = sbp2util_find_command_for_SCpnt(lu, SCpnt);
2013                 if (cmd) {
2014                         dma_sync_single_for_cpu(hi->host->device.parent,
2015                                         cmd->command_orb_dma,
2016                                         sizeof(struct sbp2_command_orb),
2017                                         DMA_TO_DEVICE);
2018                         dma_sync_single_for_cpu(hi->host->device.parent,
2019                                         cmd->sge_dma,
2020                                         sizeof(cmd->scatter_gather_element),
2021                                         DMA_TO_DEVICE);
2022                         sbp2util_mark_command_completed(lu, cmd);
2023                         if (cmd->Current_SCpnt) {
2024                                 cmd->Current_SCpnt->result = DID_ABORT << 16;
2025                                 cmd->Current_done(cmd->Current_SCpnt);
2026                         }
2027                 }
2028                 spin_unlock_irqrestore(&lu->cmd_orb_lock, flags);
2029
2030                 sbp2scsi_complete_all_commands(lu, DID_BUS_BUSY);
2031         }
2032
2033         return SUCCESS;
2034 }
2035
2036 /*
2037  * Called by scsi stack when something has really gone wrong.
2038  */
2039 static int sbp2scsi_reset(struct scsi_cmnd *SCpnt)
2040 {
2041         struct sbp2_lu *lu = (struct sbp2_lu *)SCpnt->device->host->hostdata[0];
2042
2043         SBP2_INFO("reset requested");
2044
2045         if (sbp2util_node_is_available(lu)) {
2046                 SBP2_INFO("generating sbp2 fetch agent reset");
2047                 sbp2_agent_reset(lu, 1);
2048         }
2049
2050         return SUCCESS;
2051 }
2052
2053 static ssize_t sbp2_sysfs_ieee1394_id_show(struct device *dev,
2054                                            struct device_attribute *attr,
2055                                            char *buf)
2056 {
2057         struct scsi_device *sdev;
2058         struct sbp2_lu *lu;
2059
2060         if (!(sdev = to_scsi_device(dev)))
2061                 return 0;
2062
2063         if (!(lu = (struct sbp2_lu *)sdev->host->hostdata[0]))
2064                 return 0;
2065
2066         if (sbp2_long_sysfs_ieee1394_id)
2067                 return sprintf(buf, "%016Lx:%06x:%04x\n",
2068                                 (unsigned long long)lu->ne->guid,
2069                                 lu->ud->directory_id, ORB_SET_LUN(lu->lun));
2070         else
2071                 return sprintf(buf, "%016Lx:%d:%d\n",
2072                                 (unsigned long long)lu->ne->guid,
2073                                 lu->ud->id, ORB_SET_LUN(lu->lun));
2074 }
2075
2076 MODULE_AUTHOR("Ben Collins <bcollins@debian.org>");
2077 MODULE_DESCRIPTION("IEEE-1394 SBP-2 protocol driver");
2078 MODULE_SUPPORTED_DEVICE(SBP2_DEVICE_NAME);
2079 MODULE_LICENSE("GPL");
2080
2081 static int sbp2_module_init(void)
2082 {
2083         int ret;
2084
2085         if (sbp2_serialize_io) {
2086                 sbp2_shost_template.can_queue = 1;
2087                 sbp2_shost_template.cmd_per_lun = 1;
2088         }
2089
2090         if (sbp2_default_workarounds & SBP2_WORKAROUND_128K_MAX_TRANS &&
2091             (sbp2_max_sectors * 512) > (128 * 1024))
2092                 sbp2_max_sectors = 128 * 1024 / 512;
2093         sbp2_shost_template.max_sectors = sbp2_max_sectors;
2094
2095         hpsb_register_highlevel(&sbp2_highlevel);
2096         ret = hpsb_register_protocol(&sbp2_driver);
2097         if (ret) {
2098                 SBP2_ERR("Failed to register protocol");
2099                 hpsb_unregister_highlevel(&sbp2_highlevel);
2100                 return ret;
2101         }
2102         return 0;
2103 }
2104
2105 static void __exit sbp2_module_exit(void)
2106 {
2107         hpsb_unregister_protocol(&sbp2_driver);
2108         hpsb_unregister_highlevel(&sbp2_highlevel);
2109 }
2110
2111 module_init(sbp2_module_init);
2112 module_exit(sbp2_module_exit);