[XFS] Fix double free of log tickets
[linux-2.6] / drivers / scsi / libsas / sas_expander.c
1 /*
2  * Serial Attached SCSI (SAS) Expander discovery and configuration
3  *
4  * Copyright (C) 2005 Adaptec, Inc.  All rights reserved.
5  * Copyright (C) 2005 Luben Tuikov <luben_tuikov@adaptec.com>
6  *
7  * This file is licensed under GPLv2.
8  *
9  * This program is free software; you can redistribute it and/or
10  * modify it under the terms of the GNU General Public License as
11  * published by the Free Software Foundation; either version 2 of the
12  * License, or (at your option) any later version.
13  *
14  * This program is distributed in the hope that it will be useful, but
15  * WITHOUT ANY WARRANTY; without even the implied warranty of
16  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
17  * General Public License for more details.
18  *
19  * You should have received a copy of the GNU General Public License
20  * along with this program; if not, write to the Free Software
21  * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA  02110-1301  USA
22  *
23  */
24
25 #include <linux/scatterlist.h>
26 #include <linux/blkdev.h>
27
28 #include "sas_internal.h"
29
30 #include <scsi/scsi_transport.h>
31 #include <scsi/scsi_transport_sas.h>
32 #include "../scsi_sas_internal.h"
33
34 static int sas_discover_expander(struct domain_device *dev);
35 static int sas_configure_routing(struct domain_device *dev, u8 *sas_addr);
36 static int sas_configure_phy(struct domain_device *dev, int phy_id,
37                              u8 *sas_addr, int include);
38 static int sas_disable_routing(struct domain_device *dev,  u8 *sas_addr);
39
40 /* ---------- SMP task management ---------- */
41
42 static void smp_task_timedout(unsigned long _task)
43 {
44         struct sas_task *task = (void *) _task;
45         unsigned long flags;
46
47         spin_lock_irqsave(&task->task_state_lock, flags);
48         if (!(task->task_state_flags & SAS_TASK_STATE_DONE))
49                 task->task_state_flags |= SAS_TASK_STATE_ABORTED;
50         spin_unlock_irqrestore(&task->task_state_lock, flags);
51
52         complete(&task->completion);
53 }
54
55 static void smp_task_done(struct sas_task *task)
56 {
57         if (!del_timer(&task->timer))
58                 return;
59         complete(&task->completion);
60 }
61
62 /* Give it some long enough timeout. In seconds. */
63 #define SMP_TIMEOUT 10
64
65 static int smp_execute_task(struct domain_device *dev, void *req, int req_size,
66                             void *resp, int resp_size)
67 {
68         int res, retry;
69         struct sas_task *task = NULL;
70         struct sas_internal *i =
71                 to_sas_internal(dev->port->ha->core.shost->transportt);
72
73         for (retry = 0; retry < 3; retry++) {
74                 task = sas_alloc_task(GFP_KERNEL);
75                 if (!task)
76                         return -ENOMEM;
77
78                 task->dev = dev;
79                 task->task_proto = dev->tproto;
80                 sg_init_one(&task->smp_task.smp_req, req, req_size);
81                 sg_init_one(&task->smp_task.smp_resp, resp, resp_size);
82
83                 task->task_done = smp_task_done;
84
85                 task->timer.data = (unsigned long) task;
86                 task->timer.function = smp_task_timedout;
87                 task->timer.expires = jiffies + SMP_TIMEOUT*HZ;
88                 add_timer(&task->timer);
89
90                 res = i->dft->lldd_execute_task(task, 1, GFP_KERNEL);
91
92                 if (res) {
93                         del_timer(&task->timer);
94                         SAS_DPRINTK("executing SMP task failed:%d\n", res);
95                         goto ex_err;
96                 }
97
98                 wait_for_completion(&task->completion);
99                 res = -ECOMM;
100                 if ((task->task_state_flags & SAS_TASK_STATE_ABORTED)) {
101                         SAS_DPRINTK("smp task timed out or aborted\n");
102                         i->dft->lldd_abort_task(task);
103                         if (!(task->task_state_flags & SAS_TASK_STATE_DONE)) {
104                                 SAS_DPRINTK("SMP task aborted and not done\n");
105                                 goto ex_err;
106                         }
107                 }
108                 if (task->task_status.resp == SAS_TASK_COMPLETE &&
109                     task->task_status.stat == SAM_GOOD) {
110                         res = 0;
111                         break;
112                 } if (task->task_status.resp == SAS_TASK_COMPLETE &&
113                       task->task_status.stat == SAS_DATA_UNDERRUN) {
114                         /* no error, but return the number of bytes of
115                          * underrun */
116                         res = task->task_status.residual;
117                         break;
118                 } if (task->task_status.resp == SAS_TASK_COMPLETE &&
119                       task->task_status.stat == SAS_DATA_OVERRUN) {
120                         res = -EMSGSIZE;
121                         break;
122                 } else {
123                         SAS_DPRINTK("%s: task to dev %016llx response: 0x%x "
124                                     "status 0x%x\n", __func__,
125                                     SAS_ADDR(dev->sas_addr),
126                                     task->task_status.resp,
127                                     task->task_status.stat);
128                         sas_free_task(task);
129                         task = NULL;
130                 }
131         }
132 ex_err:
133         BUG_ON(retry == 3 && task != NULL);
134         if (task != NULL) {
135                 sas_free_task(task);
136         }
137         return res;
138 }
139
140 /* ---------- Allocations ---------- */
141
142 static inline void *alloc_smp_req(int size)
143 {
144         u8 *p = kzalloc(size, GFP_KERNEL);
145         if (p)
146                 p[0] = SMP_REQUEST;
147         return p;
148 }
149
150 static inline void *alloc_smp_resp(int size)
151 {
152         return kzalloc(size, GFP_KERNEL);
153 }
154
155 /* ---------- Expander configuration ---------- */
156
157 static void sas_set_ex_phy(struct domain_device *dev, int phy_id,
158                            void *disc_resp)
159 {
160         struct expander_device *ex = &dev->ex_dev;
161         struct ex_phy *phy = &ex->ex_phy[phy_id];
162         struct smp_resp *resp = disc_resp;
163         struct discover_resp *dr = &resp->disc;
164         struct sas_rphy *rphy = dev->rphy;
165         int rediscover = (phy->phy != NULL);
166
167         if (!rediscover) {
168                 phy->phy = sas_phy_alloc(&rphy->dev, phy_id);
169
170                 /* FIXME: error_handling */
171                 BUG_ON(!phy->phy);
172         }
173
174         switch (resp->result) {
175         case SMP_RESP_PHY_VACANT:
176                 phy->phy_state = PHY_VACANT;
177                 return;
178         default:
179                 phy->phy_state = PHY_NOT_PRESENT;
180                 return;
181         case SMP_RESP_FUNC_ACC:
182                 phy->phy_state = PHY_EMPTY; /* do not know yet */
183                 break;
184         }
185
186         phy->phy_id = phy_id;
187         phy->attached_dev_type = dr->attached_dev_type;
188         phy->linkrate = dr->linkrate;
189         phy->attached_sata_host = dr->attached_sata_host;
190         phy->attached_sata_dev  = dr->attached_sata_dev;
191         phy->attached_sata_ps   = dr->attached_sata_ps;
192         phy->attached_iproto = dr->iproto << 1;
193         phy->attached_tproto = dr->tproto << 1;
194         memcpy(phy->attached_sas_addr, dr->attached_sas_addr, SAS_ADDR_SIZE);
195         phy->attached_phy_id = dr->attached_phy_id;
196         phy->phy_change_count = dr->change_count;
197         phy->routing_attr = dr->routing_attr;
198         phy->virtual = dr->virtual;
199         phy->last_da_index = -1;
200
201         phy->phy->identify.initiator_port_protocols = phy->attached_iproto;
202         phy->phy->identify.target_port_protocols = phy->attached_tproto;
203         phy->phy->identify.phy_identifier = phy_id;
204         phy->phy->minimum_linkrate_hw = dr->hmin_linkrate;
205         phy->phy->maximum_linkrate_hw = dr->hmax_linkrate;
206         phy->phy->minimum_linkrate = dr->pmin_linkrate;
207         phy->phy->maximum_linkrate = dr->pmax_linkrate;
208         phy->phy->negotiated_linkrate = phy->linkrate;
209
210         if (!rediscover)
211                 sas_phy_add(phy->phy);
212
213         SAS_DPRINTK("ex %016llx phy%02d:%c attached: %016llx\n",
214                     SAS_ADDR(dev->sas_addr), phy->phy_id,
215                     phy->routing_attr == TABLE_ROUTING ? 'T' :
216                     phy->routing_attr == DIRECT_ROUTING ? 'D' :
217                     phy->routing_attr == SUBTRACTIVE_ROUTING ? 'S' : '?',
218                     SAS_ADDR(phy->attached_sas_addr));
219
220         return;
221 }
222
223 #define DISCOVER_REQ_SIZE  16
224 #define DISCOVER_RESP_SIZE 56
225
226 static int sas_ex_phy_discover_helper(struct domain_device *dev, u8 *disc_req,
227                                       u8 *disc_resp, int single)
228 {
229         int i, res;
230
231         disc_req[9] = single;
232         for (i = 1 ; i < 3; i++) {
233                 struct discover_resp *dr;
234
235                 res = smp_execute_task(dev, disc_req, DISCOVER_REQ_SIZE,
236                                        disc_resp, DISCOVER_RESP_SIZE);
237                 if (res)
238                         return res;
239                 /* This is detecting a failure to transmit inital
240                  * dev to host FIS as described in section G.5 of
241                  * sas-2 r 04b */
242                 dr = &((struct smp_resp *)disc_resp)->disc;
243                 if (!(dr->attached_dev_type == 0 &&
244                       dr->attached_sata_dev))
245                         break;
246                 /* In order to generate the dev to host FIS, we
247                  * send a link reset to the expander port */
248                 sas_smp_phy_control(dev, single, PHY_FUNC_LINK_RESET, NULL);
249                 /* Wait for the reset to trigger the negotiation */
250                 msleep(500);
251         }
252         sas_set_ex_phy(dev, single, disc_resp);
253         return 0;
254 }
255
256 static int sas_ex_phy_discover(struct domain_device *dev, int single)
257 {
258         struct expander_device *ex = &dev->ex_dev;
259         int  res = 0;
260         u8   *disc_req;
261         u8   *disc_resp;
262
263         disc_req = alloc_smp_req(DISCOVER_REQ_SIZE);
264         if (!disc_req)
265                 return -ENOMEM;
266
267         disc_resp = alloc_smp_req(DISCOVER_RESP_SIZE);
268         if (!disc_resp) {
269                 kfree(disc_req);
270                 return -ENOMEM;
271         }
272
273         disc_req[1] = SMP_DISCOVER;
274
275         if (0 <= single && single < ex->num_phys) {
276                 res = sas_ex_phy_discover_helper(dev, disc_req, disc_resp, single);
277         } else {
278                 int i;
279
280                 for (i = 0; i < ex->num_phys; i++) {
281                         res = sas_ex_phy_discover_helper(dev, disc_req,
282                                                          disc_resp, i);
283                         if (res)
284                                 goto out_err;
285                 }
286         }
287 out_err:
288         kfree(disc_resp);
289         kfree(disc_req);
290         return res;
291 }
292
293 static int sas_expander_discover(struct domain_device *dev)
294 {
295         struct expander_device *ex = &dev->ex_dev;
296         int res = -ENOMEM;
297
298         ex->ex_phy = kzalloc(sizeof(*ex->ex_phy)*ex->num_phys, GFP_KERNEL);
299         if (!ex->ex_phy)
300                 return -ENOMEM;
301
302         res = sas_ex_phy_discover(dev, -1);
303         if (res)
304                 goto out_err;
305
306         return 0;
307  out_err:
308         kfree(ex->ex_phy);
309         ex->ex_phy = NULL;
310         return res;
311 }
312
313 #define MAX_EXPANDER_PHYS 128
314
315 static void ex_assign_report_general(struct domain_device *dev,
316                                             struct smp_resp *resp)
317 {
318         struct report_general_resp *rg = &resp->rg;
319
320         dev->ex_dev.ex_change_count = be16_to_cpu(rg->change_count);
321         dev->ex_dev.max_route_indexes = be16_to_cpu(rg->route_indexes);
322         dev->ex_dev.num_phys = min(rg->num_phys, (u8)MAX_EXPANDER_PHYS);
323         dev->ex_dev.conf_route_table = rg->conf_route_table;
324         dev->ex_dev.configuring = rg->configuring;
325         memcpy(dev->ex_dev.enclosure_logical_id, rg->enclosure_logical_id, 8);
326 }
327
328 #define RG_REQ_SIZE   8
329 #define RG_RESP_SIZE 32
330
331 static int sas_ex_general(struct domain_device *dev)
332 {
333         u8 *rg_req;
334         struct smp_resp *rg_resp;
335         int res;
336         int i;
337
338         rg_req = alloc_smp_req(RG_REQ_SIZE);
339         if (!rg_req)
340                 return -ENOMEM;
341
342         rg_resp = alloc_smp_resp(RG_RESP_SIZE);
343         if (!rg_resp) {
344                 kfree(rg_req);
345                 return -ENOMEM;
346         }
347
348         rg_req[1] = SMP_REPORT_GENERAL;
349
350         for (i = 0; i < 5; i++) {
351                 res = smp_execute_task(dev, rg_req, RG_REQ_SIZE, rg_resp,
352                                        RG_RESP_SIZE);
353
354                 if (res) {
355                         SAS_DPRINTK("RG to ex %016llx failed:0x%x\n",
356                                     SAS_ADDR(dev->sas_addr), res);
357                         goto out;
358                 } else if (rg_resp->result != SMP_RESP_FUNC_ACC) {
359                         SAS_DPRINTK("RG:ex %016llx returned SMP result:0x%x\n",
360                                     SAS_ADDR(dev->sas_addr), rg_resp->result);
361                         res = rg_resp->result;
362                         goto out;
363                 }
364
365                 ex_assign_report_general(dev, rg_resp);
366
367                 if (dev->ex_dev.configuring) {
368                         SAS_DPRINTK("RG: ex %llx self-configuring...\n",
369                                     SAS_ADDR(dev->sas_addr));
370                         schedule_timeout_interruptible(5*HZ);
371                 } else
372                         break;
373         }
374 out:
375         kfree(rg_req);
376         kfree(rg_resp);
377         return res;
378 }
379
380 static void ex_assign_manuf_info(struct domain_device *dev, void
381                                         *_mi_resp)
382 {
383         u8 *mi_resp = _mi_resp;
384         struct sas_rphy *rphy = dev->rphy;
385         struct sas_expander_device *edev = rphy_to_expander_device(rphy);
386
387         memcpy(edev->vendor_id, mi_resp + 12, SAS_EXPANDER_VENDOR_ID_LEN);
388         memcpy(edev->product_id, mi_resp + 20, SAS_EXPANDER_PRODUCT_ID_LEN);
389         memcpy(edev->product_rev, mi_resp + 36,
390                SAS_EXPANDER_PRODUCT_REV_LEN);
391
392         if (mi_resp[8] & 1) {
393                 memcpy(edev->component_vendor_id, mi_resp + 40,
394                        SAS_EXPANDER_COMPONENT_VENDOR_ID_LEN);
395                 edev->component_id = mi_resp[48] << 8 | mi_resp[49];
396                 edev->component_revision_id = mi_resp[50];
397         }
398 }
399
400 #define MI_REQ_SIZE   8
401 #define MI_RESP_SIZE 64
402
403 static int sas_ex_manuf_info(struct domain_device *dev)
404 {
405         u8 *mi_req;
406         u8 *mi_resp;
407         int res;
408
409         mi_req = alloc_smp_req(MI_REQ_SIZE);
410         if (!mi_req)
411                 return -ENOMEM;
412
413         mi_resp = alloc_smp_resp(MI_RESP_SIZE);
414         if (!mi_resp) {
415                 kfree(mi_req);
416                 return -ENOMEM;
417         }
418
419         mi_req[1] = SMP_REPORT_MANUF_INFO;
420
421         res = smp_execute_task(dev, mi_req, MI_REQ_SIZE, mi_resp,MI_RESP_SIZE);
422         if (res) {
423                 SAS_DPRINTK("MI: ex %016llx failed:0x%x\n",
424                             SAS_ADDR(dev->sas_addr), res);
425                 goto out;
426         } else if (mi_resp[2] != SMP_RESP_FUNC_ACC) {
427                 SAS_DPRINTK("MI ex %016llx returned SMP result:0x%x\n",
428                             SAS_ADDR(dev->sas_addr), mi_resp[2]);
429                 goto out;
430         }
431
432         ex_assign_manuf_info(dev, mi_resp);
433 out:
434         kfree(mi_req);
435         kfree(mi_resp);
436         return res;
437 }
438
439 #define PC_REQ_SIZE  44
440 #define PC_RESP_SIZE 8
441
442 int sas_smp_phy_control(struct domain_device *dev, int phy_id,
443                         enum phy_func phy_func,
444                         struct sas_phy_linkrates *rates)
445 {
446         u8 *pc_req;
447         u8 *pc_resp;
448         int res;
449
450         pc_req = alloc_smp_req(PC_REQ_SIZE);
451         if (!pc_req)
452                 return -ENOMEM;
453
454         pc_resp = alloc_smp_resp(PC_RESP_SIZE);
455         if (!pc_resp) {
456                 kfree(pc_req);
457                 return -ENOMEM;
458         }
459
460         pc_req[1] = SMP_PHY_CONTROL;
461         pc_req[9] = phy_id;
462         pc_req[10]= phy_func;
463         if (rates) {
464                 pc_req[32] = rates->minimum_linkrate << 4;
465                 pc_req[33] = rates->maximum_linkrate << 4;
466         }
467
468         res = smp_execute_task(dev, pc_req, PC_REQ_SIZE, pc_resp,PC_RESP_SIZE);
469
470         kfree(pc_resp);
471         kfree(pc_req);
472         return res;
473 }
474
475 static void sas_ex_disable_phy(struct domain_device *dev, int phy_id)
476 {
477         struct expander_device *ex = &dev->ex_dev;
478         struct ex_phy *phy = &ex->ex_phy[phy_id];
479
480         sas_smp_phy_control(dev, phy_id, PHY_FUNC_DISABLE, NULL);
481         phy->linkrate = SAS_PHY_DISABLED;
482 }
483
484 static void sas_ex_disable_port(struct domain_device *dev, u8 *sas_addr)
485 {
486         struct expander_device *ex = &dev->ex_dev;
487         int i;
488
489         for (i = 0; i < ex->num_phys; i++) {
490                 struct ex_phy *phy = &ex->ex_phy[i];
491
492                 if (phy->phy_state == PHY_VACANT ||
493                     phy->phy_state == PHY_NOT_PRESENT)
494                         continue;
495
496                 if (SAS_ADDR(phy->attached_sas_addr) == SAS_ADDR(sas_addr))
497                         sas_ex_disable_phy(dev, i);
498         }
499 }
500
501 static int sas_dev_present_in_domain(struct asd_sas_port *port,
502                                             u8 *sas_addr)
503 {
504         struct domain_device *dev;
505
506         if (SAS_ADDR(port->sas_addr) == SAS_ADDR(sas_addr))
507                 return 1;
508         list_for_each_entry(dev, &port->dev_list, dev_list_node) {
509                 if (SAS_ADDR(dev->sas_addr) == SAS_ADDR(sas_addr))
510                         return 1;
511         }
512         return 0;
513 }
514
515 #define RPEL_REQ_SIZE   16
516 #define RPEL_RESP_SIZE  32
517 int sas_smp_get_phy_events(struct sas_phy *phy)
518 {
519         int res;
520         u8 *req;
521         u8 *resp;
522         struct sas_rphy *rphy = dev_to_rphy(phy->dev.parent);
523         struct domain_device *dev = sas_find_dev_by_rphy(rphy);
524
525         req = alloc_smp_req(RPEL_REQ_SIZE);
526         if (!req)
527                 return -ENOMEM;
528
529         resp = alloc_smp_resp(RPEL_RESP_SIZE);
530         if (!resp) {
531                 kfree(req);
532                 return -ENOMEM;
533         }
534
535         req[1] = SMP_REPORT_PHY_ERR_LOG;
536         req[9] = phy->number;
537
538         res = smp_execute_task(dev, req, RPEL_REQ_SIZE,
539                                     resp, RPEL_RESP_SIZE);
540
541         if (!res)
542                 goto out;
543
544         phy->invalid_dword_count = scsi_to_u32(&resp[12]);
545         phy->running_disparity_error_count = scsi_to_u32(&resp[16]);
546         phy->loss_of_dword_sync_count = scsi_to_u32(&resp[20]);
547         phy->phy_reset_problem_count = scsi_to_u32(&resp[24]);
548
549  out:
550         kfree(resp);
551         return res;
552
553 }
554
555 #ifdef CONFIG_SCSI_SAS_ATA
556
557 #define RPS_REQ_SIZE  16
558 #define RPS_RESP_SIZE 60
559
560 static int sas_get_report_phy_sata(struct domain_device *dev,
561                                           int phy_id,
562                                           struct smp_resp *rps_resp)
563 {
564         int res;
565         u8 *rps_req = alloc_smp_req(RPS_REQ_SIZE);
566         u8 *resp = (u8 *)rps_resp;
567
568         if (!rps_req)
569                 return -ENOMEM;
570
571         rps_req[1] = SMP_REPORT_PHY_SATA;
572         rps_req[9] = phy_id;
573
574         res = smp_execute_task(dev, rps_req, RPS_REQ_SIZE,
575                                     rps_resp, RPS_RESP_SIZE);
576
577         /* 0x34 is the FIS type for the D2H fis.  There's a potential
578          * standards cockup here.  sas-2 explicitly specifies the FIS
579          * should be encoded so that FIS type is in resp[24].
580          * However, some expanders endian reverse this.  Undo the
581          * reversal here */
582         if (!res && resp[27] == 0x34 && resp[24] != 0x34) {
583                 int i;
584
585                 for (i = 0; i < 5; i++) {
586                         int j = 24 + (i*4);
587                         u8 a, b;
588                         a = resp[j + 0];
589                         b = resp[j + 1];
590                         resp[j + 0] = resp[j + 3];
591                         resp[j + 1] = resp[j + 2];
592                         resp[j + 2] = b;
593                         resp[j + 3] = a;
594                 }
595         }
596
597         kfree(rps_req);
598         return res;
599 }
600 #endif
601
602 static void sas_ex_get_linkrate(struct domain_device *parent,
603                                        struct domain_device *child,
604                                        struct ex_phy *parent_phy)
605 {
606         struct expander_device *parent_ex = &parent->ex_dev;
607         struct sas_port *port;
608         int i;
609
610         child->pathways = 0;
611
612         port = parent_phy->port;
613
614         for (i = 0; i < parent_ex->num_phys; i++) {
615                 struct ex_phy *phy = &parent_ex->ex_phy[i];
616
617                 if (phy->phy_state == PHY_VACANT ||
618                     phy->phy_state == PHY_NOT_PRESENT)
619                         continue;
620
621                 if (SAS_ADDR(phy->attached_sas_addr) ==
622                     SAS_ADDR(child->sas_addr)) {
623
624                         child->min_linkrate = min(parent->min_linkrate,
625                                                   phy->linkrate);
626                         child->max_linkrate = max(parent->max_linkrate,
627                                                   phy->linkrate);
628                         child->pathways++;
629                         sas_port_add_phy(port, phy->phy);
630                 }
631         }
632         child->linkrate = min(parent_phy->linkrate, child->max_linkrate);
633         child->pathways = min(child->pathways, parent->pathways);
634 }
635
636 static struct domain_device *sas_ex_discover_end_dev(
637         struct domain_device *parent, int phy_id)
638 {
639         struct expander_device *parent_ex = &parent->ex_dev;
640         struct ex_phy *phy = &parent_ex->ex_phy[phy_id];
641         struct domain_device *child = NULL;
642         struct sas_rphy *rphy;
643         int res;
644
645         if (phy->attached_sata_host || phy->attached_sata_ps)
646                 return NULL;
647
648         child = kzalloc(sizeof(*child), GFP_KERNEL);
649         if (!child)
650                 return NULL;
651
652         child->parent = parent;
653         child->port   = parent->port;
654         child->iproto = phy->attached_iproto;
655         memcpy(child->sas_addr, phy->attached_sas_addr, SAS_ADDR_SIZE);
656         sas_hash_addr(child->hashed_sas_addr, child->sas_addr);
657         if (!phy->port) {
658                 phy->port = sas_port_alloc(&parent->rphy->dev, phy_id);
659                 if (unlikely(!phy->port))
660                         goto out_err;
661                 if (unlikely(sas_port_add(phy->port) != 0)) {
662                         sas_port_free(phy->port);
663                         goto out_err;
664                 }
665         }
666         sas_ex_get_linkrate(parent, child, phy);
667
668 #ifdef CONFIG_SCSI_SAS_ATA
669         if ((phy->attached_tproto & SAS_PROTOCOL_STP) || phy->attached_sata_dev) {
670                 child->dev_type = SATA_DEV;
671                 if (phy->attached_tproto & SAS_PROTOCOL_STP)
672                         child->tproto = phy->attached_tproto;
673                 if (phy->attached_sata_dev)
674                         child->tproto |= SATA_DEV;
675                 res = sas_get_report_phy_sata(parent, phy_id,
676                                               &child->sata_dev.rps_resp);
677                 if (res) {
678                         SAS_DPRINTK("report phy sata to %016llx:0x%x returned "
679                                     "0x%x\n", SAS_ADDR(parent->sas_addr),
680                                     phy_id, res);
681                         goto out_free;
682                 }
683                 memcpy(child->frame_rcvd, &child->sata_dev.rps_resp.rps.fis,
684                        sizeof(struct dev_to_host_fis));
685
686                 rphy = sas_end_device_alloc(phy->port);
687                 if (unlikely(!rphy))
688                         goto out_free;
689
690                 sas_init_dev(child);
691
692                 child->rphy = rphy;
693
694                 spin_lock_irq(&parent->port->dev_list_lock);
695                 list_add_tail(&child->dev_list_node, &parent->port->dev_list);
696                 spin_unlock_irq(&parent->port->dev_list_lock);
697
698                 res = sas_discover_sata(child);
699                 if (res) {
700                         SAS_DPRINTK("sas_discover_sata() for device %16llx at "
701                                     "%016llx:0x%x returned 0x%x\n",
702                                     SAS_ADDR(child->sas_addr),
703                                     SAS_ADDR(parent->sas_addr), phy_id, res);
704                         goto out_list_del;
705                 }
706         } else
707 #endif
708           if (phy->attached_tproto & SAS_PROTOCOL_SSP) {
709                 child->dev_type = SAS_END_DEV;
710                 rphy = sas_end_device_alloc(phy->port);
711                 /* FIXME: error handling */
712                 if (unlikely(!rphy))
713                         goto out_free;
714                 child->tproto = phy->attached_tproto;
715                 sas_init_dev(child);
716
717                 child->rphy = rphy;
718                 sas_fill_in_rphy(child, rphy);
719
720                 spin_lock_irq(&parent->port->dev_list_lock);
721                 list_add_tail(&child->dev_list_node, &parent->port->dev_list);
722                 spin_unlock_irq(&parent->port->dev_list_lock);
723
724                 res = sas_discover_end_dev(child);
725                 if (res) {
726                         SAS_DPRINTK("sas_discover_end_dev() for device %16llx "
727                                     "at %016llx:0x%x returned 0x%x\n",
728                                     SAS_ADDR(child->sas_addr),
729                                     SAS_ADDR(parent->sas_addr), phy_id, res);
730                         goto out_list_del;
731                 }
732         } else {
733                 SAS_DPRINTK("target proto 0x%x at %016llx:0x%x not handled\n",
734                             phy->attached_tproto, SAS_ADDR(parent->sas_addr),
735                             phy_id);
736                 goto out_free;
737         }
738
739         list_add_tail(&child->siblings, &parent_ex->children);
740         return child;
741
742  out_list_del:
743         sas_rphy_free(child->rphy);
744         child->rphy = NULL;
745         list_del(&child->dev_list_node);
746  out_free:
747         sas_port_delete(phy->port);
748  out_err:
749         phy->port = NULL;
750         kfree(child);
751         return NULL;
752 }
753
754 /* See if this phy is part of a wide port */
755 static int sas_ex_join_wide_port(struct domain_device *parent, int phy_id)
756 {
757         struct ex_phy *phy = &parent->ex_dev.ex_phy[phy_id];
758         int i;
759
760         for (i = 0; i < parent->ex_dev.num_phys; i++) {
761                 struct ex_phy *ephy = &parent->ex_dev.ex_phy[i];
762
763                 if (ephy == phy)
764                         continue;
765
766                 if (!memcmp(phy->attached_sas_addr, ephy->attached_sas_addr,
767                             SAS_ADDR_SIZE) && ephy->port) {
768                         sas_port_add_phy(ephy->port, phy->phy);
769                         phy->phy_state = PHY_DEVICE_DISCOVERED;
770                         return 0;
771                 }
772         }
773
774         return -ENODEV;
775 }
776
777 static struct domain_device *sas_ex_discover_expander(
778         struct domain_device *parent, int phy_id)
779 {
780         struct sas_expander_device *parent_ex = rphy_to_expander_device(parent->rphy);
781         struct ex_phy *phy = &parent->ex_dev.ex_phy[phy_id];
782         struct domain_device *child = NULL;
783         struct sas_rphy *rphy;
784         struct sas_expander_device *edev;
785         struct asd_sas_port *port;
786         int res;
787
788         if (phy->routing_attr == DIRECT_ROUTING) {
789                 SAS_DPRINTK("ex %016llx:0x%x:D <--> ex %016llx:0x%x is not "
790                             "allowed\n",
791                             SAS_ADDR(parent->sas_addr), phy_id,
792                             SAS_ADDR(phy->attached_sas_addr),
793                             phy->attached_phy_id);
794                 return NULL;
795         }
796         child = kzalloc(sizeof(*child), GFP_KERNEL);
797         if (!child)
798                 return NULL;
799
800         phy->port = sas_port_alloc(&parent->rphy->dev, phy_id);
801         /* FIXME: better error handling */
802         BUG_ON(sas_port_add(phy->port) != 0);
803
804
805         switch (phy->attached_dev_type) {
806         case EDGE_DEV:
807                 rphy = sas_expander_alloc(phy->port,
808                                           SAS_EDGE_EXPANDER_DEVICE);
809                 break;
810         case FANOUT_DEV:
811                 rphy = sas_expander_alloc(phy->port,
812                                           SAS_FANOUT_EXPANDER_DEVICE);
813                 break;
814         default:
815                 rphy = NULL;    /* shut gcc up */
816                 BUG();
817         }
818         port = parent->port;
819         child->rphy = rphy;
820         edev = rphy_to_expander_device(rphy);
821         child->dev_type = phy->attached_dev_type;
822         child->parent = parent;
823         child->port = port;
824         child->iproto = phy->attached_iproto;
825         child->tproto = phy->attached_tproto;
826         memcpy(child->sas_addr, phy->attached_sas_addr, SAS_ADDR_SIZE);
827         sas_hash_addr(child->hashed_sas_addr, child->sas_addr);
828         sas_ex_get_linkrate(parent, child, phy);
829         edev->level = parent_ex->level + 1;
830         parent->port->disc.max_level = max(parent->port->disc.max_level,
831                                            edev->level);
832         sas_init_dev(child);
833         sas_fill_in_rphy(child, rphy);
834         sas_rphy_add(rphy);
835
836         spin_lock_irq(&parent->port->dev_list_lock);
837         list_add_tail(&child->dev_list_node, &parent->port->dev_list);
838         spin_unlock_irq(&parent->port->dev_list_lock);
839
840         res = sas_discover_expander(child);
841         if (res) {
842                 kfree(child);
843                 return NULL;
844         }
845         list_add_tail(&child->siblings, &parent->ex_dev.children);
846         return child;
847 }
848
849 static int sas_ex_discover_dev(struct domain_device *dev, int phy_id)
850 {
851         struct expander_device *ex = &dev->ex_dev;
852         struct ex_phy *ex_phy = &ex->ex_phy[phy_id];
853         struct domain_device *child = NULL;
854         int res = 0;
855
856         /* Phy state */
857         if (ex_phy->linkrate == SAS_SATA_SPINUP_HOLD) {
858                 if (!sas_smp_phy_control(dev, phy_id, PHY_FUNC_LINK_RESET, NULL))
859                         res = sas_ex_phy_discover(dev, phy_id);
860                 if (res)
861                         return res;
862         }
863
864         /* Parent and domain coherency */
865         if (!dev->parent && (SAS_ADDR(ex_phy->attached_sas_addr) ==
866                              SAS_ADDR(dev->port->sas_addr))) {
867                 sas_add_parent_port(dev, phy_id);
868                 return 0;
869         }
870         if (dev->parent && (SAS_ADDR(ex_phy->attached_sas_addr) ==
871                             SAS_ADDR(dev->parent->sas_addr))) {
872                 sas_add_parent_port(dev, phy_id);
873                 if (ex_phy->routing_attr == TABLE_ROUTING)
874                         sas_configure_phy(dev, phy_id, dev->port->sas_addr, 1);
875                 return 0;
876         }
877
878         if (sas_dev_present_in_domain(dev->port, ex_phy->attached_sas_addr))
879                 sas_ex_disable_port(dev, ex_phy->attached_sas_addr);
880
881         if (ex_phy->attached_dev_type == NO_DEVICE) {
882                 if (ex_phy->routing_attr == DIRECT_ROUTING) {
883                         memset(ex_phy->attached_sas_addr, 0, SAS_ADDR_SIZE);
884                         sas_configure_routing(dev, ex_phy->attached_sas_addr);
885                 }
886                 return 0;
887         } else if (ex_phy->linkrate == SAS_LINK_RATE_UNKNOWN)
888                 return 0;
889
890         if (ex_phy->attached_dev_type != SAS_END_DEV &&
891             ex_phy->attached_dev_type != FANOUT_DEV &&
892             ex_phy->attached_dev_type != EDGE_DEV) {
893                 SAS_DPRINTK("unknown device type(0x%x) attached to ex %016llx "
894                             "phy 0x%x\n", ex_phy->attached_dev_type,
895                             SAS_ADDR(dev->sas_addr),
896                             phy_id);
897                 return 0;
898         }
899
900         res = sas_configure_routing(dev, ex_phy->attached_sas_addr);
901         if (res) {
902                 SAS_DPRINTK("configure routing for dev %016llx "
903                             "reported 0x%x. Forgotten\n",
904                             SAS_ADDR(ex_phy->attached_sas_addr), res);
905                 sas_disable_routing(dev, ex_phy->attached_sas_addr);
906                 return res;
907         }
908
909         res = sas_ex_join_wide_port(dev, phy_id);
910         if (!res) {
911                 SAS_DPRINTK("Attaching ex phy%d to wide port %016llx\n",
912                             phy_id, SAS_ADDR(ex_phy->attached_sas_addr));
913                 return res;
914         }
915
916         switch (ex_phy->attached_dev_type) {
917         case SAS_END_DEV:
918                 child = sas_ex_discover_end_dev(dev, phy_id);
919                 break;
920         case FANOUT_DEV:
921                 if (SAS_ADDR(dev->port->disc.fanout_sas_addr)) {
922                         SAS_DPRINTK("second fanout expander %016llx phy 0x%x "
923                                     "attached to ex %016llx phy 0x%x\n",
924                                     SAS_ADDR(ex_phy->attached_sas_addr),
925                                     ex_phy->attached_phy_id,
926                                     SAS_ADDR(dev->sas_addr),
927                                     phy_id);
928                         sas_ex_disable_phy(dev, phy_id);
929                         break;
930                 } else
931                         memcpy(dev->port->disc.fanout_sas_addr,
932                                ex_phy->attached_sas_addr, SAS_ADDR_SIZE);
933                 /* fallthrough */
934         case EDGE_DEV:
935                 child = sas_ex_discover_expander(dev, phy_id);
936                 break;
937         default:
938                 break;
939         }
940
941         if (child) {
942                 int i;
943
944                 for (i = 0; i < ex->num_phys; i++) {
945                         if (ex->ex_phy[i].phy_state == PHY_VACANT ||
946                             ex->ex_phy[i].phy_state == PHY_NOT_PRESENT)
947                                 continue;
948
949                         if (SAS_ADDR(ex->ex_phy[i].attached_sas_addr) ==
950                             SAS_ADDR(child->sas_addr))
951                                 ex->ex_phy[i].phy_state= PHY_DEVICE_DISCOVERED;
952                 }
953         }
954
955         return res;
956 }
957
958 static int sas_find_sub_addr(struct domain_device *dev, u8 *sub_addr)
959 {
960         struct expander_device *ex = &dev->ex_dev;
961         int i;
962
963         for (i = 0; i < ex->num_phys; i++) {
964                 struct ex_phy *phy = &ex->ex_phy[i];
965
966                 if (phy->phy_state == PHY_VACANT ||
967                     phy->phy_state == PHY_NOT_PRESENT)
968                         continue;
969
970                 if ((phy->attached_dev_type == EDGE_DEV ||
971                      phy->attached_dev_type == FANOUT_DEV) &&
972                     phy->routing_attr == SUBTRACTIVE_ROUTING) {
973
974                         memcpy(sub_addr, phy->attached_sas_addr,SAS_ADDR_SIZE);
975
976                         return 1;
977                 }
978         }
979         return 0;
980 }
981
982 static int sas_check_level_subtractive_boundary(struct domain_device *dev)
983 {
984         struct expander_device *ex = &dev->ex_dev;
985         struct domain_device *child;
986         u8 sub_addr[8] = {0, };
987
988         list_for_each_entry(child, &ex->children, siblings) {
989                 if (child->dev_type != EDGE_DEV &&
990                     child->dev_type != FANOUT_DEV)
991                         continue;
992                 if (sub_addr[0] == 0) {
993                         sas_find_sub_addr(child, sub_addr);
994                         continue;
995                 } else {
996                         u8 s2[8];
997
998                         if (sas_find_sub_addr(child, s2) &&
999                             (SAS_ADDR(sub_addr) != SAS_ADDR(s2))) {
1000
1001                                 SAS_DPRINTK("ex %016llx->%016llx-?->%016llx "
1002                                             "diverges from subtractive "
1003                                             "boundary %016llx\n",
1004                                             SAS_ADDR(dev->sas_addr),
1005                                             SAS_ADDR(child->sas_addr),
1006                                             SAS_ADDR(s2),
1007                                             SAS_ADDR(sub_addr));
1008
1009                                 sas_ex_disable_port(child, s2);
1010                         }
1011                 }
1012         }
1013         return 0;
1014 }
1015 /**
1016  * sas_ex_discover_devices -- discover devices attached to this expander
1017  * dev: pointer to the expander domain device
1018  * single: if you want to do a single phy, else set to -1;
1019  *
1020  * Configure this expander for use with its devices and register the
1021  * devices of this expander.
1022  */
1023 static int sas_ex_discover_devices(struct domain_device *dev, int single)
1024 {
1025         struct expander_device *ex = &dev->ex_dev;
1026         int i = 0, end = ex->num_phys;
1027         int res = 0;
1028
1029         if (0 <= single && single < end) {
1030                 i = single;
1031                 end = i+1;
1032         }
1033
1034         for ( ; i < end; i++) {
1035                 struct ex_phy *ex_phy = &ex->ex_phy[i];
1036
1037                 if (ex_phy->phy_state == PHY_VACANT ||
1038                     ex_phy->phy_state == PHY_NOT_PRESENT ||
1039                     ex_phy->phy_state == PHY_DEVICE_DISCOVERED)
1040                         continue;
1041
1042                 switch (ex_phy->linkrate) {
1043                 case SAS_PHY_DISABLED:
1044                 case SAS_PHY_RESET_PROBLEM:
1045                 case SAS_SATA_PORT_SELECTOR:
1046                         continue;
1047                 default:
1048                         res = sas_ex_discover_dev(dev, i);
1049                         if (res)
1050                                 break;
1051                         continue;
1052                 }
1053         }
1054
1055         if (!res)
1056                 sas_check_level_subtractive_boundary(dev);
1057
1058         return res;
1059 }
1060
1061 static int sas_check_ex_subtractive_boundary(struct domain_device *dev)
1062 {
1063         struct expander_device *ex = &dev->ex_dev;
1064         int i;
1065         u8  *sub_sas_addr = NULL;
1066
1067         if (dev->dev_type != EDGE_DEV)
1068                 return 0;
1069
1070         for (i = 0; i < ex->num_phys; i++) {
1071                 struct ex_phy *phy = &ex->ex_phy[i];
1072
1073                 if (phy->phy_state == PHY_VACANT ||
1074                     phy->phy_state == PHY_NOT_PRESENT)
1075                         continue;
1076
1077                 if ((phy->attached_dev_type == FANOUT_DEV ||
1078                      phy->attached_dev_type == EDGE_DEV) &&
1079                     phy->routing_attr == SUBTRACTIVE_ROUTING) {
1080
1081                         if (!sub_sas_addr)
1082                                 sub_sas_addr = &phy->attached_sas_addr[0];
1083                         else if (SAS_ADDR(sub_sas_addr) !=
1084                                  SAS_ADDR(phy->attached_sas_addr)) {
1085
1086                                 SAS_DPRINTK("ex %016llx phy 0x%x "
1087                                             "diverges(%016llx) on subtractive "
1088                                             "boundary(%016llx). Disabled\n",
1089                                             SAS_ADDR(dev->sas_addr), i,
1090                                             SAS_ADDR(phy->attached_sas_addr),
1091                                             SAS_ADDR(sub_sas_addr));
1092                                 sas_ex_disable_phy(dev, i);
1093                         }
1094                 }
1095         }
1096         return 0;
1097 }
1098
1099 static void sas_print_parent_topology_bug(struct domain_device *child,
1100                                                  struct ex_phy *parent_phy,
1101                                                  struct ex_phy *child_phy)
1102 {
1103         static const char ra_char[] = {
1104                 [DIRECT_ROUTING] = 'D',
1105                 [SUBTRACTIVE_ROUTING] = 'S',
1106                 [TABLE_ROUTING] = 'T',
1107         };
1108         static const char *ex_type[] = {
1109                 [EDGE_DEV] = "edge",
1110                 [FANOUT_DEV] = "fanout",
1111         };
1112         struct domain_device *parent = child->parent;
1113
1114         sas_printk("%s ex %016llx phy 0x%x <--> %s ex %016llx phy 0x%x "
1115                    "has %c:%c routing link!\n",
1116
1117                    ex_type[parent->dev_type],
1118                    SAS_ADDR(parent->sas_addr),
1119                    parent_phy->phy_id,
1120
1121                    ex_type[child->dev_type],
1122                    SAS_ADDR(child->sas_addr),
1123                    child_phy->phy_id,
1124
1125                    ra_char[parent_phy->routing_attr],
1126                    ra_char[child_phy->routing_attr]);
1127 }
1128
1129 static int sas_check_eeds(struct domain_device *child,
1130                                  struct ex_phy *parent_phy,
1131                                  struct ex_phy *child_phy)
1132 {
1133         int res = 0;
1134         struct domain_device *parent = child->parent;
1135
1136         if (SAS_ADDR(parent->port->disc.fanout_sas_addr) != 0) {
1137                 res = -ENODEV;
1138                 SAS_DPRINTK("edge ex %016llx phy S:0x%x <--> edge ex %016llx "
1139                             "phy S:0x%x, while there is a fanout ex %016llx\n",
1140                             SAS_ADDR(parent->sas_addr),
1141                             parent_phy->phy_id,
1142                             SAS_ADDR(child->sas_addr),
1143                             child_phy->phy_id,
1144                             SAS_ADDR(parent->port->disc.fanout_sas_addr));
1145         } else if (SAS_ADDR(parent->port->disc.eeds_a) == 0) {
1146                 memcpy(parent->port->disc.eeds_a, parent->sas_addr,
1147                        SAS_ADDR_SIZE);
1148                 memcpy(parent->port->disc.eeds_b, child->sas_addr,
1149                        SAS_ADDR_SIZE);
1150         } else if (((SAS_ADDR(parent->port->disc.eeds_a) ==
1151                     SAS_ADDR(parent->sas_addr)) ||
1152                    (SAS_ADDR(parent->port->disc.eeds_a) ==
1153                     SAS_ADDR(child->sas_addr)))
1154                    &&
1155                    ((SAS_ADDR(parent->port->disc.eeds_b) ==
1156                      SAS_ADDR(parent->sas_addr)) ||
1157                     (SAS_ADDR(parent->port->disc.eeds_b) ==
1158                      SAS_ADDR(child->sas_addr))))
1159                 ;
1160         else {
1161                 res = -ENODEV;
1162                 SAS_DPRINTK("edge ex %016llx phy 0x%x <--> edge ex %016llx "
1163                             "phy 0x%x link forms a third EEDS!\n",
1164                             SAS_ADDR(parent->sas_addr),
1165                             parent_phy->phy_id,
1166                             SAS_ADDR(child->sas_addr),
1167                             child_phy->phy_id);
1168         }
1169
1170         return res;
1171 }
1172
1173 /* Here we spill over 80 columns.  It is intentional.
1174  */
1175 static int sas_check_parent_topology(struct domain_device *child)
1176 {
1177         struct expander_device *child_ex = &child->ex_dev;
1178         struct expander_device *parent_ex;
1179         int i;
1180         int res = 0;
1181
1182         if (!child->parent)
1183                 return 0;
1184
1185         if (child->parent->dev_type != EDGE_DEV &&
1186             child->parent->dev_type != FANOUT_DEV)
1187                 return 0;
1188
1189         parent_ex = &child->parent->ex_dev;
1190
1191         for (i = 0; i < parent_ex->num_phys; i++) {
1192                 struct ex_phy *parent_phy = &parent_ex->ex_phy[i];
1193                 struct ex_phy *child_phy;
1194
1195                 if (parent_phy->phy_state == PHY_VACANT ||
1196                     parent_phy->phy_state == PHY_NOT_PRESENT)
1197                         continue;
1198
1199                 if (SAS_ADDR(parent_phy->attached_sas_addr) != SAS_ADDR(child->sas_addr))
1200                         continue;
1201
1202                 child_phy = &child_ex->ex_phy[parent_phy->attached_phy_id];
1203
1204                 switch (child->parent->dev_type) {
1205                 case EDGE_DEV:
1206                         if (child->dev_type == FANOUT_DEV) {
1207                                 if (parent_phy->routing_attr != SUBTRACTIVE_ROUTING ||
1208                                     child_phy->routing_attr != TABLE_ROUTING) {
1209                                         sas_print_parent_topology_bug(child, parent_phy, child_phy);
1210                                         res = -ENODEV;
1211                                 }
1212                         } else if (parent_phy->routing_attr == SUBTRACTIVE_ROUTING) {
1213                                 if (child_phy->routing_attr == SUBTRACTIVE_ROUTING) {
1214                                         res = sas_check_eeds(child, parent_phy, child_phy);
1215                                 } else if (child_phy->routing_attr != TABLE_ROUTING) {
1216                                         sas_print_parent_topology_bug(child, parent_phy, child_phy);
1217                                         res = -ENODEV;
1218                                 }
1219                         } else if (parent_phy->routing_attr == TABLE_ROUTING &&
1220                                    child_phy->routing_attr != SUBTRACTIVE_ROUTING) {
1221                                 sas_print_parent_topology_bug(child, parent_phy, child_phy);
1222                                 res = -ENODEV;
1223                         }
1224                         break;
1225                 case FANOUT_DEV:
1226                         if (parent_phy->routing_attr != TABLE_ROUTING ||
1227                             child_phy->routing_attr != SUBTRACTIVE_ROUTING) {
1228                                 sas_print_parent_topology_bug(child, parent_phy, child_phy);
1229                                 res = -ENODEV;
1230                         }
1231                         break;
1232                 default:
1233                         break;
1234                 }
1235         }
1236
1237         return res;
1238 }
1239
1240 #define RRI_REQ_SIZE  16
1241 #define RRI_RESP_SIZE 44
1242
1243 static int sas_configure_present(struct domain_device *dev, int phy_id,
1244                                  u8 *sas_addr, int *index, int *present)
1245 {
1246         int i, res = 0;
1247         struct expander_device *ex = &dev->ex_dev;
1248         struct ex_phy *phy = &ex->ex_phy[phy_id];
1249         u8 *rri_req;
1250         u8 *rri_resp;
1251
1252         *present = 0;
1253         *index = 0;
1254
1255         rri_req = alloc_smp_req(RRI_REQ_SIZE);
1256         if (!rri_req)
1257                 return -ENOMEM;
1258
1259         rri_resp = alloc_smp_resp(RRI_RESP_SIZE);
1260         if (!rri_resp) {
1261                 kfree(rri_req);
1262                 return -ENOMEM;
1263         }
1264
1265         rri_req[1] = SMP_REPORT_ROUTE_INFO;
1266         rri_req[9] = phy_id;
1267
1268         for (i = 0; i < ex->max_route_indexes ; i++) {
1269                 *(__be16 *)(rri_req+6) = cpu_to_be16(i);
1270                 res = smp_execute_task(dev, rri_req, RRI_REQ_SIZE, rri_resp,
1271                                        RRI_RESP_SIZE);
1272                 if (res)
1273                         goto out;
1274                 res = rri_resp[2];
1275                 if (res == SMP_RESP_NO_INDEX) {
1276                         SAS_DPRINTK("overflow of indexes: dev %016llx "
1277                                     "phy 0x%x index 0x%x\n",
1278                                     SAS_ADDR(dev->sas_addr), phy_id, i);
1279                         goto out;
1280                 } else if (res != SMP_RESP_FUNC_ACC) {
1281                         SAS_DPRINTK("%s: dev %016llx phy 0x%x index 0x%x "
1282                                     "result 0x%x\n", __func__,
1283                                     SAS_ADDR(dev->sas_addr), phy_id, i, res);
1284                         goto out;
1285                 }
1286                 if (SAS_ADDR(sas_addr) != 0) {
1287                         if (SAS_ADDR(rri_resp+16) == SAS_ADDR(sas_addr)) {
1288                                 *index = i;
1289                                 if ((rri_resp[12] & 0x80) == 0x80)
1290                                         *present = 0;
1291                                 else
1292                                         *present = 1;
1293                                 goto out;
1294                         } else if (SAS_ADDR(rri_resp+16) == 0) {
1295                                 *index = i;
1296                                 *present = 0;
1297                                 goto out;
1298                         }
1299                 } else if (SAS_ADDR(rri_resp+16) == 0 &&
1300                            phy->last_da_index < i) {
1301                         phy->last_da_index = i;
1302                         *index = i;
1303                         *present = 0;
1304                         goto out;
1305                 }
1306         }
1307         res = -1;
1308 out:
1309         kfree(rri_req);
1310         kfree(rri_resp);
1311         return res;
1312 }
1313
1314 #define CRI_REQ_SIZE  44
1315 #define CRI_RESP_SIZE  8
1316
1317 static int sas_configure_set(struct domain_device *dev, int phy_id,
1318                              u8 *sas_addr, int index, int include)
1319 {
1320         int res;
1321         u8 *cri_req;
1322         u8 *cri_resp;
1323
1324         cri_req = alloc_smp_req(CRI_REQ_SIZE);
1325         if (!cri_req)
1326                 return -ENOMEM;
1327
1328         cri_resp = alloc_smp_resp(CRI_RESP_SIZE);
1329         if (!cri_resp) {
1330                 kfree(cri_req);
1331                 return -ENOMEM;
1332         }
1333
1334         cri_req[1] = SMP_CONF_ROUTE_INFO;
1335         *(__be16 *)(cri_req+6) = cpu_to_be16(index);
1336         cri_req[9] = phy_id;
1337         if (SAS_ADDR(sas_addr) == 0 || !include)
1338                 cri_req[12] |= 0x80;
1339         memcpy(cri_req+16, sas_addr, SAS_ADDR_SIZE);
1340
1341         res = smp_execute_task(dev, cri_req, CRI_REQ_SIZE, cri_resp,
1342                                CRI_RESP_SIZE);
1343         if (res)
1344                 goto out;
1345         res = cri_resp[2];
1346         if (res == SMP_RESP_NO_INDEX) {
1347                 SAS_DPRINTK("overflow of indexes: dev %016llx phy 0x%x "
1348                             "index 0x%x\n",
1349                             SAS_ADDR(dev->sas_addr), phy_id, index);
1350         }
1351 out:
1352         kfree(cri_req);
1353         kfree(cri_resp);
1354         return res;
1355 }
1356
1357 static int sas_configure_phy(struct domain_device *dev, int phy_id,
1358                                     u8 *sas_addr, int include)
1359 {
1360         int index;
1361         int present;
1362         int res;
1363
1364         res = sas_configure_present(dev, phy_id, sas_addr, &index, &present);
1365         if (res)
1366                 return res;
1367         if (include ^ present)
1368                 return sas_configure_set(dev, phy_id, sas_addr, index,include);
1369
1370         return res;
1371 }
1372
1373 /**
1374  * sas_configure_parent -- configure routing table of parent
1375  * parent: parent expander
1376  * child: child expander
1377  * sas_addr: SAS port identifier of device directly attached to child
1378  */
1379 static int sas_configure_parent(struct domain_device *parent,
1380                                 struct domain_device *child,
1381                                 u8 *sas_addr, int include)
1382 {
1383         struct expander_device *ex_parent = &parent->ex_dev;
1384         int res = 0;
1385         int i;
1386
1387         if (parent->parent) {
1388                 res = sas_configure_parent(parent->parent, parent, sas_addr,
1389                                            include);
1390                 if (res)
1391                         return res;
1392         }
1393
1394         if (ex_parent->conf_route_table == 0) {
1395                 SAS_DPRINTK("ex %016llx has self-configuring routing table\n",
1396                             SAS_ADDR(parent->sas_addr));
1397                 return 0;
1398         }
1399
1400         for (i = 0; i < ex_parent->num_phys; i++) {
1401                 struct ex_phy *phy = &ex_parent->ex_phy[i];
1402
1403                 if ((phy->routing_attr == TABLE_ROUTING) &&
1404                     (SAS_ADDR(phy->attached_sas_addr) ==
1405                      SAS_ADDR(child->sas_addr))) {
1406                         res = sas_configure_phy(parent, i, sas_addr, include);
1407                         if (res)
1408                                 return res;
1409                 }
1410         }
1411
1412         return res;
1413 }
1414
1415 /**
1416  * sas_configure_routing -- configure routing
1417  * dev: expander device
1418  * sas_addr: port identifier of device directly attached to the expander device
1419  */
1420 static int sas_configure_routing(struct domain_device *dev, u8 *sas_addr)
1421 {
1422         if (dev->parent)
1423                 return sas_configure_parent(dev->parent, dev, sas_addr, 1);
1424         return 0;
1425 }
1426
1427 static int sas_disable_routing(struct domain_device *dev,  u8 *sas_addr)
1428 {
1429         if (dev->parent)
1430                 return sas_configure_parent(dev->parent, dev, sas_addr, 0);
1431         return 0;
1432 }
1433
1434 /**
1435  * sas_discover_expander -- expander discovery
1436  * @ex: pointer to expander domain device
1437  *
1438  * See comment in sas_discover_sata().
1439  */
1440 static int sas_discover_expander(struct domain_device *dev)
1441 {
1442         int res;
1443
1444         res = sas_notify_lldd_dev_found(dev);
1445         if (res)
1446                 return res;
1447
1448         res = sas_ex_general(dev);
1449         if (res)
1450                 goto out_err;
1451         res = sas_ex_manuf_info(dev);
1452         if (res)
1453                 goto out_err;
1454
1455         res = sas_expander_discover(dev);
1456         if (res) {
1457                 SAS_DPRINTK("expander %016llx discovery failed(0x%x)\n",
1458                             SAS_ADDR(dev->sas_addr), res);
1459                 goto out_err;
1460         }
1461
1462         sas_check_ex_subtractive_boundary(dev);
1463         res = sas_check_parent_topology(dev);
1464         if (res)
1465                 goto out_err;
1466         return 0;
1467 out_err:
1468         sas_notify_lldd_dev_gone(dev);
1469         return res;
1470 }
1471
1472 static int sas_ex_level_discovery(struct asd_sas_port *port, const int level)
1473 {
1474         int res = 0;
1475         struct domain_device *dev;
1476
1477         list_for_each_entry(dev, &port->dev_list, dev_list_node) {
1478                 if (dev->dev_type == EDGE_DEV ||
1479                     dev->dev_type == FANOUT_DEV) {
1480                         struct sas_expander_device *ex =
1481                                 rphy_to_expander_device(dev->rphy);
1482
1483                         if (level == ex->level)
1484                                 res = sas_ex_discover_devices(dev, -1);
1485                         else if (level > 0)
1486                                 res = sas_ex_discover_devices(port->port_dev, -1);
1487
1488                 }
1489         }
1490
1491         return res;
1492 }
1493
1494 static int sas_ex_bfs_disc(struct asd_sas_port *port)
1495 {
1496         int res;
1497         int level;
1498
1499         do {
1500                 level = port->disc.max_level;
1501                 res = sas_ex_level_discovery(port, level);
1502                 mb();
1503         } while (level < port->disc.max_level);
1504
1505         return res;
1506 }
1507
1508 int sas_discover_root_expander(struct domain_device *dev)
1509 {
1510         int res;
1511         struct sas_expander_device *ex = rphy_to_expander_device(dev->rphy);
1512
1513         res = sas_rphy_add(dev->rphy);
1514         if (res)
1515                 goto out_err;
1516
1517         ex->level = dev->port->disc.max_level; /* 0 */
1518         res = sas_discover_expander(dev);
1519         if (res)
1520                 goto out_err2;
1521
1522         sas_ex_bfs_disc(dev->port);
1523
1524         return res;
1525
1526 out_err2:
1527         sas_rphy_remove(dev->rphy);
1528 out_err:
1529         return res;
1530 }
1531
1532 /* ---------- Domain revalidation ---------- */
1533
1534 static int sas_get_phy_discover(struct domain_device *dev,
1535                                 int phy_id, struct smp_resp *disc_resp)
1536 {
1537         int res;
1538         u8 *disc_req;
1539
1540         disc_req = alloc_smp_req(DISCOVER_REQ_SIZE);
1541         if (!disc_req)
1542                 return -ENOMEM;
1543
1544         disc_req[1] = SMP_DISCOVER;
1545         disc_req[9] = phy_id;
1546
1547         res = smp_execute_task(dev, disc_req, DISCOVER_REQ_SIZE,
1548                                disc_resp, DISCOVER_RESP_SIZE);
1549         if (res)
1550                 goto out;
1551         else if (disc_resp->result != SMP_RESP_FUNC_ACC) {
1552                 res = disc_resp->result;
1553                 goto out;
1554         }
1555 out:
1556         kfree(disc_req);
1557         return res;
1558 }
1559
1560 static int sas_get_phy_change_count(struct domain_device *dev,
1561                                     int phy_id, int *pcc)
1562 {
1563         int res;
1564         struct smp_resp *disc_resp;
1565
1566         disc_resp = alloc_smp_resp(DISCOVER_RESP_SIZE);
1567         if (!disc_resp)
1568                 return -ENOMEM;
1569
1570         res = sas_get_phy_discover(dev, phy_id, disc_resp);
1571         if (!res)
1572                 *pcc = disc_resp->disc.change_count;
1573
1574         kfree(disc_resp);
1575         return res;
1576 }
1577
1578 static int sas_get_phy_attached_sas_addr(struct domain_device *dev,
1579                                          int phy_id, u8 *attached_sas_addr)
1580 {
1581         int res;
1582         struct smp_resp *disc_resp;
1583         struct discover_resp *dr;
1584
1585         disc_resp = alloc_smp_resp(DISCOVER_RESP_SIZE);
1586         if (!disc_resp)
1587                 return -ENOMEM;
1588         dr = &disc_resp->disc;
1589
1590         res = sas_get_phy_discover(dev, phy_id, disc_resp);
1591         if (!res) {
1592                 memcpy(attached_sas_addr,disc_resp->disc.attached_sas_addr,8);
1593                 if (dr->attached_dev_type == 0)
1594                         memset(attached_sas_addr, 0, 8);
1595         }
1596         kfree(disc_resp);
1597         return res;
1598 }
1599
1600 static int sas_find_bcast_phy(struct domain_device *dev, int *phy_id,
1601                               int from_phy)
1602 {
1603         struct expander_device *ex = &dev->ex_dev;
1604         int res = 0;
1605         int i;
1606
1607         for (i = from_phy; i < ex->num_phys; i++) {
1608                 int phy_change_count = 0;
1609
1610                 res = sas_get_phy_change_count(dev, i, &phy_change_count);
1611                 if (res)
1612                         goto out;
1613                 else if (phy_change_count != ex->ex_phy[i].phy_change_count) {
1614                         ex->ex_phy[i].phy_change_count = phy_change_count;
1615                         *phy_id = i;
1616                         return 0;
1617                 }
1618         }
1619 out:
1620         return res;
1621 }
1622
1623 static int sas_get_ex_change_count(struct domain_device *dev, int *ecc)
1624 {
1625         int res;
1626         u8  *rg_req;
1627         struct smp_resp  *rg_resp;
1628
1629         rg_req = alloc_smp_req(RG_REQ_SIZE);
1630         if (!rg_req)
1631                 return -ENOMEM;
1632
1633         rg_resp = alloc_smp_resp(RG_RESP_SIZE);
1634         if (!rg_resp) {
1635                 kfree(rg_req);
1636                 return -ENOMEM;
1637         }
1638
1639         rg_req[1] = SMP_REPORT_GENERAL;
1640
1641         res = smp_execute_task(dev, rg_req, RG_REQ_SIZE, rg_resp,
1642                                RG_RESP_SIZE);
1643         if (res)
1644                 goto out;
1645         if (rg_resp->result != SMP_RESP_FUNC_ACC) {
1646                 res = rg_resp->result;
1647                 goto out;
1648         }
1649
1650         *ecc = be16_to_cpu(rg_resp->rg.change_count);
1651 out:
1652         kfree(rg_resp);
1653         kfree(rg_req);
1654         return res;
1655 }
1656
1657 static int sas_find_bcast_dev(struct domain_device *dev,
1658                               struct domain_device **src_dev)
1659 {
1660         struct expander_device *ex = &dev->ex_dev;
1661         int ex_change_count = -1;
1662         int res;
1663
1664         res = sas_get_ex_change_count(dev, &ex_change_count);
1665         if (res)
1666                 goto out;
1667         if (ex_change_count != -1 &&
1668             ex_change_count != ex->ex_change_count) {
1669                 *src_dev = dev;
1670                 ex->ex_change_count = ex_change_count;
1671         } else {
1672                 struct domain_device *ch;
1673
1674                 list_for_each_entry(ch, &ex->children, siblings) {
1675                         if (ch->dev_type == EDGE_DEV ||
1676                             ch->dev_type == FANOUT_DEV) {
1677                                 res = sas_find_bcast_dev(ch, src_dev);
1678                                 if (src_dev)
1679                                         return res;
1680                         }
1681                 }
1682         }
1683 out:
1684         return res;
1685 }
1686
1687 static void sas_unregister_ex_tree(struct domain_device *dev)
1688 {
1689         struct expander_device *ex = &dev->ex_dev;
1690         struct domain_device *child, *n;
1691
1692         list_for_each_entry_safe(child, n, &ex->children, siblings) {
1693                 if (child->dev_type == EDGE_DEV ||
1694                     child->dev_type == FANOUT_DEV)
1695                         sas_unregister_ex_tree(child);
1696                 else
1697                         sas_unregister_dev(child);
1698         }
1699         sas_unregister_dev(dev);
1700 }
1701
1702 static void sas_unregister_devs_sas_addr(struct domain_device *parent,
1703                                          int phy_id)
1704 {
1705         struct expander_device *ex_dev = &parent->ex_dev;
1706         struct ex_phy *phy = &ex_dev->ex_phy[phy_id];
1707         struct domain_device *child, *n;
1708
1709         list_for_each_entry_safe(child, n, &ex_dev->children, siblings) {
1710                 if (SAS_ADDR(child->sas_addr) ==
1711                     SAS_ADDR(phy->attached_sas_addr)) {
1712                         if (child->dev_type == EDGE_DEV ||
1713                             child->dev_type == FANOUT_DEV)
1714                                 sas_unregister_ex_tree(child);
1715                         else
1716                                 sas_unregister_dev(child);
1717                         break;
1718                 }
1719         }
1720         sas_disable_routing(parent, phy->attached_sas_addr);
1721         memset(phy->attached_sas_addr, 0, SAS_ADDR_SIZE);
1722         sas_port_delete_phy(phy->port, phy->phy);
1723         if (phy->port->num_phys == 0)
1724                 sas_port_delete(phy->port);
1725         phy->port = NULL;
1726 }
1727
1728 static int sas_discover_bfs_by_root_level(struct domain_device *root,
1729                                           const int level)
1730 {
1731         struct expander_device *ex_root = &root->ex_dev;
1732         struct domain_device *child;
1733         int res = 0;
1734
1735         list_for_each_entry(child, &ex_root->children, siblings) {
1736                 if (child->dev_type == EDGE_DEV ||
1737                     child->dev_type == FANOUT_DEV) {
1738                         struct sas_expander_device *ex =
1739                                 rphy_to_expander_device(child->rphy);
1740
1741                         if (level > ex->level)
1742                                 res = sas_discover_bfs_by_root_level(child,
1743                                                                      level);
1744                         else if (level == ex->level)
1745                                 res = sas_ex_discover_devices(child, -1);
1746                 }
1747         }
1748         return res;
1749 }
1750
1751 static int sas_discover_bfs_by_root(struct domain_device *dev)
1752 {
1753         int res;
1754         struct sas_expander_device *ex = rphy_to_expander_device(dev->rphy);
1755         int level = ex->level+1;
1756
1757         res = sas_ex_discover_devices(dev, -1);
1758         if (res)
1759                 goto out;
1760         do {
1761                 res = sas_discover_bfs_by_root_level(dev, level);
1762                 mb();
1763                 level += 1;
1764         } while (level <= dev->port->disc.max_level);
1765 out:
1766         return res;
1767 }
1768
1769 static int sas_discover_new(struct domain_device *dev, int phy_id)
1770 {
1771         struct ex_phy *ex_phy = &dev->ex_dev.ex_phy[phy_id];
1772         struct domain_device *child;
1773         int res;
1774
1775         SAS_DPRINTK("ex %016llx phy%d new device attached\n",
1776                     SAS_ADDR(dev->sas_addr), phy_id);
1777         res = sas_ex_phy_discover(dev, phy_id);
1778         if (res)
1779                 goto out;
1780         res = sas_ex_discover_devices(dev, phy_id);
1781         if (res)
1782                 goto out;
1783         list_for_each_entry(child, &dev->ex_dev.children, siblings) {
1784                 if (SAS_ADDR(child->sas_addr) ==
1785                     SAS_ADDR(ex_phy->attached_sas_addr)) {
1786                         if (child->dev_type == EDGE_DEV ||
1787                             child->dev_type == FANOUT_DEV)
1788                                 res = sas_discover_bfs_by_root(child);
1789                         break;
1790                 }
1791         }
1792 out:
1793         return res;
1794 }
1795
1796 static int sas_rediscover_dev(struct domain_device *dev, int phy_id)
1797 {
1798         struct expander_device *ex = &dev->ex_dev;
1799         struct ex_phy *phy = &ex->ex_phy[phy_id];
1800         u8 attached_sas_addr[8];
1801         int res;
1802
1803         res = sas_get_phy_attached_sas_addr(dev, phy_id, attached_sas_addr);
1804         switch (res) {
1805         case SMP_RESP_NO_PHY:
1806                 phy->phy_state = PHY_NOT_PRESENT;
1807                 sas_unregister_devs_sas_addr(dev, phy_id);
1808                 goto out; break;
1809         case SMP_RESP_PHY_VACANT:
1810                 phy->phy_state = PHY_VACANT;
1811                 sas_unregister_devs_sas_addr(dev, phy_id);
1812                 goto out; break;
1813         case SMP_RESP_FUNC_ACC:
1814                 break;
1815         }
1816
1817         if (SAS_ADDR(attached_sas_addr) == 0) {
1818                 phy->phy_state = PHY_EMPTY;
1819                 sas_unregister_devs_sas_addr(dev, phy_id);
1820         } else if (SAS_ADDR(attached_sas_addr) ==
1821                    SAS_ADDR(phy->attached_sas_addr)) {
1822                 SAS_DPRINTK("ex %016llx phy 0x%x broadcast flutter\n",
1823                             SAS_ADDR(dev->sas_addr), phy_id);
1824                 sas_ex_phy_discover(dev, phy_id);
1825         } else
1826                 res = sas_discover_new(dev, phy_id);
1827 out:
1828         return res;
1829 }
1830
1831 static int sas_rediscover(struct domain_device *dev, const int phy_id)
1832 {
1833         struct expander_device *ex = &dev->ex_dev;
1834         struct ex_phy *changed_phy = &ex->ex_phy[phy_id];
1835         int res = 0;
1836         int i;
1837
1838         SAS_DPRINTK("ex %016llx phy%d originated BROADCAST(CHANGE)\n",
1839                     SAS_ADDR(dev->sas_addr), phy_id);
1840
1841         if (SAS_ADDR(changed_phy->attached_sas_addr) != 0) {
1842                 for (i = 0; i < ex->num_phys; i++) {
1843                         struct ex_phy *phy = &ex->ex_phy[i];
1844
1845                         if (i == phy_id)
1846                                 continue;
1847                         if (SAS_ADDR(phy->attached_sas_addr) ==
1848                             SAS_ADDR(changed_phy->attached_sas_addr)) {
1849                                 SAS_DPRINTK("phy%d part of wide port with "
1850                                             "phy%d\n", phy_id, i);
1851                                 goto out;
1852                         }
1853                 }
1854                 res = sas_rediscover_dev(dev, phy_id);
1855         } else
1856                 res = sas_discover_new(dev, phy_id);
1857 out:
1858         return res;
1859 }
1860
1861 /**
1862  * sas_revalidate_domain -- revalidate the domain
1863  * @port: port to the domain of interest
1864  *
1865  * NOTE: this process _must_ quit (return) as soon as any connection
1866  * errors are encountered.  Connection recovery is done elsewhere.
1867  * Discover process only interrogates devices in order to discover the
1868  * domain.
1869  */
1870 int sas_ex_revalidate_domain(struct domain_device *port_dev)
1871 {
1872         int res;
1873         struct domain_device *dev = NULL;
1874
1875         res = sas_find_bcast_dev(port_dev, &dev);
1876         if (res)
1877                 goto out;
1878         if (dev) {
1879                 struct expander_device *ex = &dev->ex_dev;
1880                 int i = 0, phy_id;
1881
1882                 do {
1883                         phy_id = -1;
1884                         res = sas_find_bcast_phy(dev, &phy_id, i);
1885                         if (phy_id == -1)
1886                                 break;
1887                         res = sas_rediscover(dev, phy_id);
1888                         i = phy_id + 1;
1889                 } while (i < ex->num_phys);
1890         }
1891 out:
1892         return res;
1893 }
1894
1895 int sas_smp_handler(struct Scsi_Host *shost, struct sas_rphy *rphy,
1896                     struct request *req)
1897 {
1898         struct domain_device *dev;
1899         int ret, type;
1900         struct request *rsp = req->next_rq;
1901
1902         if (!rsp) {
1903                 printk("%s: space for a smp response is missing\n",
1904                        __func__);
1905                 return -EINVAL;
1906         }
1907
1908         /* no rphy means no smp target support (ie aic94xx host) */
1909         if (!rphy)
1910                 return sas_smp_host_handler(shost, req, rsp);
1911
1912         type = rphy->identify.device_type;
1913
1914         if (type != SAS_EDGE_EXPANDER_DEVICE &&
1915             type != SAS_FANOUT_EXPANDER_DEVICE) {
1916                 printk("%s: can we send a smp request to a device?\n",
1917                        __func__);
1918                 return -EINVAL;
1919         }
1920
1921         dev = sas_find_dev_by_rphy(rphy);
1922         if (!dev) {
1923                 printk("%s: fail to find a domain_device?\n", __func__);
1924                 return -EINVAL;
1925         }
1926
1927         /* do we need to support multiple segments? */
1928         if (req->bio->bi_vcnt > 1 || rsp->bio->bi_vcnt > 1) {
1929                 printk("%s: multiple segments req %u %u, rsp %u %u\n",
1930                        __func__, req->bio->bi_vcnt, req->data_len,
1931                        rsp->bio->bi_vcnt, rsp->data_len);
1932                 return -EINVAL;
1933         }
1934
1935         ret = smp_execute_task(dev, bio_data(req->bio), req->data_len,
1936                                bio_data(rsp->bio), rsp->data_len);
1937         if (ret > 0) {
1938                 /* positive number is the untransferred residual */
1939                 rsp->data_len = ret;
1940                 req->data_len = 0;
1941                 ret = 0;
1942         } else if (ret == 0) {
1943                 rsp->data_len = 0;
1944                 req->data_len = 0;
1945         }
1946
1947         return ret;
1948 }