[WAN]: lmc_ioctl: don't return with locks held
[linux-2.6] / drivers / ide / ide-io.c
1 /*
2  *      IDE I/O functions
3  *
4  *      Basic PIO and command management functionality.
5  *
6  * This code was split off from ide.c. See ide.c for history and original
7  * copyrights.
8  *
9  * This program is free software; you can redistribute it and/or modify it
10  * under the terms of the GNU General Public License as published by the
11  * Free Software Foundation; either version 2, or (at your option) any
12  * later version.
13  *
14  * This program is distributed in the hope that it will be useful, but
15  * WITHOUT ANY WARRANTY; without even the implied warranty of
16  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
17  * General Public License for more details.
18  *
19  * For the avoidance of doubt the "preferred form" of this code is one which
20  * is in an open non patent encumbered format. Where cryptographic key signing
21  * forms part of the process of creating an executable the information
22  * including keys needed to generate an equivalently functional executable
23  * are deemed to be part of the source code.
24  */
25  
26  
27 #include <linux/module.h>
28 #include <linux/types.h>
29 #include <linux/string.h>
30 #include <linux/kernel.h>
31 #include <linux/timer.h>
32 #include <linux/mm.h>
33 #include <linux/interrupt.h>
34 #include <linux/major.h>
35 #include <linux/errno.h>
36 #include <linux/genhd.h>
37 #include <linux/blkpg.h>
38 #include <linux/slab.h>
39 #include <linux/init.h>
40 #include <linux/pci.h>
41 #include <linux/delay.h>
42 #include <linux/ide.h>
43 #include <linux/completion.h>
44 #include <linux/reboot.h>
45 #include <linux/cdrom.h>
46 #include <linux/seq_file.h>
47 #include <linux/device.h>
48 #include <linux/kmod.h>
49 #include <linux/scatterlist.h>
50 #include <linux/bitops.h>
51
52 #include <asm/byteorder.h>
53 #include <asm/irq.h>
54 #include <asm/uaccess.h>
55 #include <asm/io.h>
56
57 static int __ide_end_request(ide_drive_t *drive, struct request *rq,
58                              int uptodate, unsigned int nr_bytes, int dequeue)
59 {
60         int ret = 1;
61
62         /*
63          * if failfast is set on a request, override number of sectors and
64          * complete the whole request right now
65          */
66         if (blk_noretry_request(rq) && end_io_error(uptodate))
67                 nr_bytes = rq->hard_nr_sectors << 9;
68
69         if (!blk_fs_request(rq) && end_io_error(uptodate) && !rq->errors)
70                 rq->errors = -EIO;
71
72         /*
73          * decide whether to reenable DMA -- 3 is a random magic for now,
74          * if we DMA timeout more than 3 times, just stay in PIO
75          */
76         if (drive->state == DMA_PIO_RETRY && drive->retry_pio <= 3) {
77                 drive->state = 0;
78                 HWGROUP(drive)->hwif->ide_dma_on(drive);
79         }
80
81         if (!end_that_request_chunk(rq, uptodate, nr_bytes)) {
82                 add_disk_randomness(rq->rq_disk);
83                 if (dequeue) {
84                         if (!list_empty(&rq->queuelist))
85                                 blkdev_dequeue_request(rq);
86                         HWGROUP(drive)->rq = NULL;
87                 }
88                 end_that_request_last(rq, uptodate);
89                 ret = 0;
90         }
91
92         return ret;
93 }
94
95 /**
96  *      ide_end_request         -       complete an IDE I/O
97  *      @drive: IDE device for the I/O
98  *      @uptodate:
99  *      @nr_sectors: number of sectors completed
100  *
101  *      This is our end_request wrapper function. We complete the I/O
102  *      update random number input and dequeue the request, which if
103  *      it was tagged may be out of order.
104  */
105
106 int ide_end_request (ide_drive_t *drive, int uptodate, int nr_sectors)
107 {
108         unsigned int nr_bytes = nr_sectors << 9;
109         struct request *rq;
110         unsigned long flags;
111         int ret = 1;
112
113         /*
114          * room for locking improvements here, the calls below don't
115          * need the queue lock held at all
116          */
117         spin_lock_irqsave(&ide_lock, flags);
118         rq = HWGROUP(drive)->rq;
119
120         if (!nr_bytes) {
121                 if (blk_pc_request(rq))
122                         nr_bytes = rq->data_len;
123                 else
124                         nr_bytes = rq->hard_cur_sectors << 9;
125         }
126
127         ret = __ide_end_request(drive, rq, uptodate, nr_bytes, 1);
128
129         spin_unlock_irqrestore(&ide_lock, flags);
130         return ret;
131 }
132 EXPORT_SYMBOL(ide_end_request);
133
134 /*
135  * Power Management state machine. This one is rather trivial for now,
136  * we should probably add more, like switching back to PIO on suspend
137  * to help some BIOSes, re-do the door locking on resume, etc...
138  */
139
140 enum {
141         ide_pm_flush_cache      = ide_pm_state_start_suspend,
142         idedisk_pm_standby,
143
144         idedisk_pm_restore_pio  = ide_pm_state_start_resume,
145         idedisk_pm_idle,
146         ide_pm_restore_dma,
147 };
148
149 static void ide_complete_power_step(ide_drive_t *drive, struct request *rq, u8 stat, u8 error)
150 {
151         struct request_pm_state *pm = rq->data;
152
153         if (drive->media != ide_disk)
154                 return;
155
156         switch (pm->pm_step) {
157         case ide_pm_flush_cache:        /* Suspend step 1 (flush cache) complete */
158                 if (pm->pm_state == PM_EVENT_FREEZE)
159                         pm->pm_step = ide_pm_state_completed;
160                 else
161                         pm->pm_step = idedisk_pm_standby;
162                 break;
163         case idedisk_pm_standby:        /* Suspend step 2 (standby) complete */
164                 pm->pm_step = ide_pm_state_completed;
165                 break;
166         case idedisk_pm_restore_pio:    /* Resume step 1 complete */
167                 pm->pm_step = idedisk_pm_idle;
168                 break;
169         case idedisk_pm_idle:           /* Resume step 2 (idle) complete */
170                 pm->pm_step = ide_pm_restore_dma;
171                 break;
172         }
173 }
174
175 static ide_startstop_t ide_start_power_step(ide_drive_t *drive, struct request *rq)
176 {
177         struct request_pm_state *pm = rq->data;
178         ide_task_t *args = rq->special;
179
180         memset(args, 0, sizeof(*args));
181
182         switch (pm->pm_step) {
183         case ide_pm_flush_cache:        /* Suspend step 1 (flush cache) */
184                 if (drive->media != ide_disk)
185                         break;
186                 /* Not supported? Switch to next step now. */
187                 if (!drive->wcache || !ide_id_has_flush_cache(drive->id)) {
188                         ide_complete_power_step(drive, rq, 0, 0);
189                         return ide_stopped;
190                 }
191                 if (ide_id_has_flush_cache_ext(drive->id))
192                         args->tfRegister[IDE_COMMAND_OFFSET] = WIN_FLUSH_CACHE_EXT;
193                 else
194                         args->tfRegister[IDE_COMMAND_OFFSET] = WIN_FLUSH_CACHE;
195                 args->command_type = IDE_DRIVE_TASK_NO_DATA;
196                 args->handler      = &task_no_data_intr;
197                 return do_rw_taskfile(drive, args);
198
199         case idedisk_pm_standby:        /* Suspend step 2 (standby) */
200                 args->tfRegister[IDE_COMMAND_OFFSET] = WIN_STANDBYNOW1;
201                 args->command_type = IDE_DRIVE_TASK_NO_DATA;
202                 args->handler      = &task_no_data_intr;
203                 return do_rw_taskfile(drive, args);
204
205         case idedisk_pm_restore_pio:    /* Resume step 1 (restore PIO) */
206                 ide_set_max_pio(drive);
207                 /*
208                  * skip idedisk_pm_idle for ATAPI devices
209                  */
210                 if (drive->media != ide_disk)
211                         pm->pm_step = ide_pm_restore_dma;
212                 else
213                         ide_complete_power_step(drive, rq, 0, 0);
214                 return ide_stopped;
215
216         case idedisk_pm_idle:           /* Resume step 2 (idle) */
217                 args->tfRegister[IDE_COMMAND_OFFSET] = WIN_IDLEIMMEDIATE;
218                 args->command_type = IDE_DRIVE_TASK_NO_DATA;
219                 args->handler = task_no_data_intr;
220                 return do_rw_taskfile(drive, args);
221
222         case ide_pm_restore_dma:        /* Resume step 3 (restore DMA) */
223                 /*
224                  * Right now, all we do is call ide_set_dma(drive),
225                  * we could be smarter and check for current xfer_speed
226                  * in struct drive etc...
227                  */
228                 if (drive->hwif->ide_dma_on == NULL)
229                         break;
230                 drive->hwif->dma_off_quietly(drive);
231                 /*
232                  * TODO: respect ->using_dma setting
233                  */
234                 ide_set_dma(drive);
235                 break;
236         }
237         pm->pm_step = ide_pm_state_completed;
238         return ide_stopped;
239 }
240
241 /**
242  *      ide_end_dequeued_request        -       complete an IDE I/O
243  *      @drive: IDE device for the I/O
244  *      @uptodate:
245  *      @nr_sectors: number of sectors completed
246  *
247  *      Complete an I/O that is no longer on the request queue. This
248  *      typically occurs when we pull the request and issue a REQUEST_SENSE.
249  *      We must still finish the old request but we must not tamper with the
250  *      queue in the meantime.
251  *
252  *      NOTE: This path does not handle barrier, but barrier is not supported
253  *      on ide-cd anyway.
254  */
255
256 int ide_end_dequeued_request(ide_drive_t *drive, struct request *rq,
257                              int uptodate, int nr_sectors)
258 {
259         unsigned long flags;
260         int ret;
261
262         spin_lock_irqsave(&ide_lock, flags);
263         BUG_ON(!blk_rq_started(rq));
264         ret = __ide_end_request(drive, rq, uptodate, nr_sectors << 9, 0);
265         spin_unlock_irqrestore(&ide_lock, flags);
266
267         return ret;
268 }
269 EXPORT_SYMBOL_GPL(ide_end_dequeued_request);
270
271
272 /**
273  *      ide_complete_pm_request - end the current Power Management request
274  *      @drive: target drive
275  *      @rq: request
276  *
277  *      This function cleans up the current PM request and stops the queue
278  *      if necessary.
279  */
280 static void ide_complete_pm_request (ide_drive_t *drive, struct request *rq)
281 {
282         unsigned long flags;
283
284 #ifdef DEBUG_PM
285         printk("%s: completing PM request, %s\n", drive->name,
286                blk_pm_suspend_request(rq) ? "suspend" : "resume");
287 #endif
288         spin_lock_irqsave(&ide_lock, flags);
289         if (blk_pm_suspend_request(rq)) {
290                 blk_stop_queue(drive->queue);
291         } else {
292                 drive->blocked = 0;
293                 blk_start_queue(drive->queue);
294         }
295         blkdev_dequeue_request(rq);
296         HWGROUP(drive)->rq = NULL;
297         end_that_request_last(rq, 1);
298         spin_unlock_irqrestore(&ide_lock, flags);
299 }
300
301 /**
302  *      ide_end_drive_cmd       -       end an explicit drive command
303  *      @drive: command 
304  *      @stat: status bits
305  *      @err: error bits
306  *
307  *      Clean up after success/failure of an explicit drive command.
308  *      These get thrown onto the queue so they are synchronized with
309  *      real I/O operations on the drive.
310  *
311  *      In LBA48 mode we have to read the register set twice to get
312  *      all the extra information out.
313  */
314  
315 void ide_end_drive_cmd (ide_drive_t *drive, u8 stat, u8 err)
316 {
317         ide_hwif_t *hwif = HWIF(drive);
318         unsigned long flags;
319         struct request *rq;
320
321         spin_lock_irqsave(&ide_lock, flags);
322         rq = HWGROUP(drive)->rq;
323         spin_unlock_irqrestore(&ide_lock, flags);
324
325         if (rq->cmd_type == REQ_TYPE_ATA_CMD) {
326                 u8 *args = (u8 *) rq->buffer;
327                 if (rq->errors == 0)
328                         rq->errors = !OK_STAT(stat,READY_STAT,BAD_STAT);
329
330                 if (args) {
331                         args[0] = stat;
332                         args[1] = err;
333                         args[2] = hwif->INB(IDE_NSECTOR_REG);
334                 }
335         } else if (rq->cmd_type == REQ_TYPE_ATA_TASK) {
336                 u8 *args = (u8 *) rq->buffer;
337                 if (rq->errors == 0)
338                         rq->errors = !OK_STAT(stat,READY_STAT,BAD_STAT);
339
340                 if (args) {
341                         args[0] = stat;
342                         args[1] = err;
343                         args[2] = hwif->INB(IDE_NSECTOR_REG);
344                         args[3] = hwif->INB(IDE_SECTOR_REG);
345                         args[4] = hwif->INB(IDE_LCYL_REG);
346                         args[5] = hwif->INB(IDE_HCYL_REG);
347                         args[6] = hwif->INB(IDE_SELECT_REG);
348                 }
349         } else if (rq->cmd_type == REQ_TYPE_ATA_TASKFILE) {
350                 ide_task_t *args = (ide_task_t *) rq->special;
351                 if (rq->errors == 0)
352                         rq->errors = !OK_STAT(stat,READY_STAT,BAD_STAT);
353                         
354                 if (args) {
355                         if (args->tf_in_flags.b.data) {
356                                 u16 data                                = hwif->INW(IDE_DATA_REG);
357                                 args->tfRegister[IDE_DATA_OFFSET]       = (data) & 0xFF;
358                                 args->hobRegister[IDE_DATA_OFFSET]      = (data >> 8) & 0xFF;
359                         }
360                         args->tfRegister[IDE_ERROR_OFFSET]   = err;
361                         /* be sure we're looking at the low order bits */
362                         hwif->OUTB(drive->ctl & ~0x80, IDE_CONTROL_REG);
363                         args->tfRegister[IDE_NSECTOR_OFFSET] = hwif->INB(IDE_NSECTOR_REG);
364                         args->tfRegister[IDE_SECTOR_OFFSET]  = hwif->INB(IDE_SECTOR_REG);
365                         args->tfRegister[IDE_LCYL_OFFSET]    = hwif->INB(IDE_LCYL_REG);
366                         args->tfRegister[IDE_HCYL_OFFSET]    = hwif->INB(IDE_HCYL_REG);
367                         args->tfRegister[IDE_SELECT_OFFSET]  = hwif->INB(IDE_SELECT_REG);
368                         args->tfRegister[IDE_STATUS_OFFSET]  = stat;
369
370                         if (drive->addressing == 1) {
371                                 hwif->OUTB(drive->ctl|0x80, IDE_CONTROL_REG);
372                                 args->hobRegister[IDE_FEATURE_OFFSET]   = hwif->INB(IDE_FEATURE_REG);
373                                 args->hobRegister[IDE_NSECTOR_OFFSET]   = hwif->INB(IDE_NSECTOR_REG);
374                                 args->hobRegister[IDE_SECTOR_OFFSET]    = hwif->INB(IDE_SECTOR_REG);
375                                 args->hobRegister[IDE_LCYL_OFFSET]      = hwif->INB(IDE_LCYL_REG);
376                                 args->hobRegister[IDE_HCYL_OFFSET]      = hwif->INB(IDE_HCYL_REG);
377                         }
378                 }
379         } else if (blk_pm_request(rq)) {
380                 struct request_pm_state *pm = rq->data;
381 #ifdef DEBUG_PM
382                 printk("%s: complete_power_step(step: %d, stat: %x, err: %x)\n",
383                         drive->name, rq->pm->pm_step, stat, err);
384 #endif
385                 ide_complete_power_step(drive, rq, stat, err);
386                 if (pm->pm_step == ide_pm_state_completed)
387                         ide_complete_pm_request(drive, rq);
388                 return;
389         }
390
391         spin_lock_irqsave(&ide_lock, flags);
392         blkdev_dequeue_request(rq);
393         HWGROUP(drive)->rq = NULL;
394         rq->errors = err;
395         end_that_request_last(rq, !rq->errors);
396         spin_unlock_irqrestore(&ide_lock, flags);
397 }
398
399 EXPORT_SYMBOL(ide_end_drive_cmd);
400
401 /**
402  *      try_to_flush_leftover_data      -       flush junk
403  *      @drive: drive to flush
404  *
405  *      try_to_flush_leftover_data() is invoked in response to a drive
406  *      unexpectedly having its DRQ_STAT bit set.  As an alternative to
407  *      resetting the drive, this routine tries to clear the condition
408  *      by read a sector's worth of data from the drive.  Of course,
409  *      this may not help if the drive is *waiting* for data from *us*.
410  */
411 static void try_to_flush_leftover_data (ide_drive_t *drive)
412 {
413         int i = (drive->mult_count ? drive->mult_count : 1) * SECTOR_WORDS;
414
415         if (drive->media != ide_disk)
416                 return;
417         while (i > 0) {
418                 u32 buffer[16];
419                 u32 wcount = (i > 16) ? 16 : i;
420
421                 i -= wcount;
422                 HWIF(drive)->ata_input_data(drive, buffer, wcount);
423         }
424 }
425
426 static void ide_kill_rq(ide_drive_t *drive, struct request *rq)
427 {
428         if (rq->rq_disk) {
429                 ide_driver_t *drv;
430
431                 drv = *(ide_driver_t **)rq->rq_disk->private_data;
432                 drv->end_request(drive, 0, 0);
433         } else
434                 ide_end_request(drive, 0, 0);
435 }
436
437 static ide_startstop_t ide_ata_error(ide_drive_t *drive, struct request *rq, u8 stat, u8 err)
438 {
439         ide_hwif_t *hwif = drive->hwif;
440
441         if (stat & BUSY_STAT || ((stat & WRERR_STAT) && !drive->nowerr)) {
442                 /* other bits are useless when BUSY */
443                 rq->errors |= ERROR_RESET;
444         } else if (stat & ERR_STAT) {
445                 /* err has different meaning on cdrom and tape */
446                 if (err == ABRT_ERR) {
447                         if (drive->select.b.lba &&
448                             /* some newer drives don't support WIN_SPECIFY */
449                             hwif->INB(IDE_COMMAND_REG) == WIN_SPECIFY)
450                                 return ide_stopped;
451                 } else if ((err & BAD_CRC) == BAD_CRC) {
452                         /* UDMA crc error, just retry the operation */
453                         drive->crc_count++;
454                 } else if (err & (BBD_ERR | ECC_ERR)) {
455                         /* retries won't help these */
456                         rq->errors = ERROR_MAX;
457                 } else if (err & TRK0_ERR) {
458                         /* help it find track zero */
459                         rq->errors |= ERROR_RECAL;
460                 }
461         }
462
463         if ((stat & DRQ_STAT) && rq_data_dir(rq) == READ &&
464             (hwif->host_flags & IDE_HFLAG_ERROR_STOPS_FIFO) == 0)
465                 try_to_flush_leftover_data(drive);
466
467         if (rq->errors >= ERROR_MAX || blk_noretry_request(rq)) {
468                 ide_kill_rq(drive, rq);
469                 return ide_stopped;
470         }
471
472         if (hwif->INB(IDE_STATUS_REG) & (BUSY_STAT|DRQ_STAT))
473                 rq->errors |= ERROR_RESET;
474
475         if ((rq->errors & ERROR_RESET) == ERROR_RESET) {
476                 ++rq->errors;
477                 return ide_do_reset(drive);
478         }
479
480         if ((rq->errors & ERROR_RECAL) == ERROR_RECAL)
481                 drive->special.b.recalibrate = 1;
482
483         ++rq->errors;
484
485         return ide_stopped;
486 }
487
488 static ide_startstop_t ide_atapi_error(ide_drive_t *drive, struct request *rq, u8 stat, u8 err)
489 {
490         ide_hwif_t *hwif = drive->hwif;
491
492         if (stat & BUSY_STAT || ((stat & WRERR_STAT) && !drive->nowerr)) {
493                 /* other bits are useless when BUSY */
494                 rq->errors |= ERROR_RESET;
495         } else {
496                 /* add decoding error stuff */
497         }
498
499         if (hwif->INB(IDE_STATUS_REG) & (BUSY_STAT|DRQ_STAT))
500                 /* force an abort */
501                 hwif->OUTB(WIN_IDLEIMMEDIATE, IDE_COMMAND_REG);
502
503         if (rq->errors >= ERROR_MAX) {
504                 ide_kill_rq(drive, rq);
505         } else {
506                 if ((rq->errors & ERROR_RESET) == ERROR_RESET) {
507                         ++rq->errors;
508                         return ide_do_reset(drive);
509                 }
510                 ++rq->errors;
511         }
512
513         return ide_stopped;
514 }
515
516 ide_startstop_t
517 __ide_error(ide_drive_t *drive, struct request *rq, u8 stat, u8 err)
518 {
519         if (drive->media == ide_disk)
520                 return ide_ata_error(drive, rq, stat, err);
521         return ide_atapi_error(drive, rq, stat, err);
522 }
523
524 EXPORT_SYMBOL_GPL(__ide_error);
525
526 /**
527  *      ide_error       -       handle an error on the IDE
528  *      @drive: drive the error occurred on
529  *      @msg: message to report
530  *      @stat: status bits
531  *
532  *      ide_error() takes action based on the error returned by the drive.
533  *      For normal I/O that may well include retries. We deal with
534  *      both new-style (taskfile) and old style command handling here.
535  *      In the case of taskfile command handling there is work left to
536  *      do
537  */
538  
539 ide_startstop_t ide_error (ide_drive_t *drive, const char *msg, u8 stat)
540 {
541         struct request *rq;
542         u8 err;
543
544         err = ide_dump_status(drive, msg, stat);
545
546         if ((rq = HWGROUP(drive)->rq) == NULL)
547                 return ide_stopped;
548
549         /* retry only "normal" I/O: */
550         if (!blk_fs_request(rq)) {
551                 rq->errors = 1;
552                 ide_end_drive_cmd(drive, stat, err);
553                 return ide_stopped;
554         }
555
556         if (rq->rq_disk) {
557                 ide_driver_t *drv;
558
559                 drv = *(ide_driver_t **)rq->rq_disk->private_data;
560                 return drv->error(drive, rq, stat, err);
561         } else
562                 return __ide_error(drive, rq, stat, err);
563 }
564
565 EXPORT_SYMBOL_GPL(ide_error);
566
567 ide_startstop_t __ide_abort(ide_drive_t *drive, struct request *rq)
568 {
569         if (drive->media != ide_disk)
570                 rq->errors |= ERROR_RESET;
571
572         ide_kill_rq(drive, rq);
573
574         return ide_stopped;
575 }
576
577 EXPORT_SYMBOL_GPL(__ide_abort);
578
579 /**
580  *      ide_abort       -       abort pending IDE operations
581  *      @drive: drive the error occurred on
582  *      @msg: message to report
583  *
584  *      ide_abort kills and cleans up when we are about to do a 
585  *      host initiated reset on active commands. Longer term we
586  *      want handlers to have sensible abort handling themselves
587  *
588  *      This differs fundamentally from ide_error because in 
589  *      this case the command is doing just fine when we
590  *      blow it away.
591  */
592  
593 ide_startstop_t ide_abort(ide_drive_t *drive, const char *msg)
594 {
595         struct request *rq;
596
597         if (drive == NULL || (rq = HWGROUP(drive)->rq) == NULL)
598                 return ide_stopped;
599
600         /* retry only "normal" I/O: */
601         if (!blk_fs_request(rq)) {
602                 rq->errors = 1;
603                 ide_end_drive_cmd(drive, BUSY_STAT, 0);
604                 return ide_stopped;
605         }
606
607         if (rq->rq_disk) {
608                 ide_driver_t *drv;
609
610                 drv = *(ide_driver_t **)rq->rq_disk->private_data;
611                 return drv->abort(drive, rq);
612         } else
613                 return __ide_abort(drive, rq);
614 }
615
616 /**
617  *      ide_cmd         -       issue a simple drive command
618  *      @drive: drive the command is for
619  *      @cmd: command byte
620  *      @nsect: sector byte
621  *      @handler: handler for the command completion
622  *
623  *      Issue a simple drive command with interrupts.
624  *      The drive must be selected beforehand.
625  */
626
627 static void ide_cmd (ide_drive_t *drive, u8 cmd, u8 nsect,
628                 ide_handler_t *handler)
629 {
630         ide_hwif_t *hwif = HWIF(drive);
631         if (IDE_CONTROL_REG)
632                 hwif->OUTB(drive->ctl,IDE_CONTROL_REG); /* clear nIEN */
633         SELECT_MASK(drive,0);
634         hwif->OUTB(nsect,IDE_NSECTOR_REG);
635         ide_execute_command(drive, cmd, handler, WAIT_CMD, NULL);
636 }
637
638 /**
639  *      drive_cmd_intr          -       drive command completion interrupt
640  *      @drive: drive the completion interrupt occurred on
641  *
642  *      drive_cmd_intr() is invoked on completion of a special DRIVE_CMD.
643  *      We do any necessary data reading and then wait for the drive to
644  *      go non busy. At that point we may read the error data and complete
645  *      the request
646  */
647  
648 static ide_startstop_t drive_cmd_intr (ide_drive_t *drive)
649 {
650         struct request *rq = HWGROUP(drive)->rq;
651         ide_hwif_t *hwif = HWIF(drive);
652         u8 *args = (u8 *) rq->buffer;
653         u8 stat = hwif->INB(IDE_STATUS_REG);
654         int retries = 10;
655
656         local_irq_enable_in_hardirq();
657         if ((stat & DRQ_STAT) && args && args[3]) {
658                 u8 io_32bit = drive->io_32bit;
659                 drive->io_32bit = 0;
660                 hwif->ata_input_data(drive, &args[4], args[3] * SECTOR_WORDS);
661                 drive->io_32bit = io_32bit;
662                 while (((stat = hwif->INB(IDE_STATUS_REG)) & BUSY_STAT) && retries--)
663                         udelay(100);
664         }
665
666         if (!OK_STAT(stat, READY_STAT, BAD_STAT))
667                 return ide_error(drive, "drive_cmd", stat);
668                 /* calls ide_end_drive_cmd */
669         ide_end_drive_cmd(drive, stat, hwif->INB(IDE_ERROR_REG));
670         return ide_stopped;
671 }
672
673 static void ide_init_specify_cmd(ide_drive_t *drive, ide_task_t *task)
674 {
675         task->tfRegister[IDE_NSECTOR_OFFSET] = drive->sect;
676         task->tfRegister[IDE_SECTOR_OFFSET]  = drive->sect;
677         task->tfRegister[IDE_LCYL_OFFSET]    = drive->cyl;
678         task->tfRegister[IDE_HCYL_OFFSET]    = drive->cyl>>8;
679         task->tfRegister[IDE_SELECT_OFFSET]  = ((drive->head-1)|drive->select.all)&0xBF;
680         task->tfRegister[IDE_COMMAND_OFFSET] = WIN_SPECIFY;
681
682         task->handler = &set_geometry_intr;
683 }
684
685 static void ide_init_restore_cmd(ide_drive_t *drive, ide_task_t *task)
686 {
687         task->tfRegister[IDE_NSECTOR_OFFSET] = drive->sect;
688         task->tfRegister[IDE_COMMAND_OFFSET] = WIN_RESTORE;
689
690         task->handler = &recal_intr;
691 }
692
693 static void ide_init_setmult_cmd(ide_drive_t *drive, ide_task_t *task)
694 {
695         task->tfRegister[IDE_NSECTOR_OFFSET] = drive->mult_req;
696         task->tfRegister[IDE_COMMAND_OFFSET] = WIN_SETMULT;
697
698         task->handler = &set_multmode_intr;
699 }
700
701 static ide_startstop_t ide_disk_special(ide_drive_t *drive)
702 {
703         special_t *s = &drive->special;
704         ide_task_t args;
705
706         memset(&args, 0, sizeof(ide_task_t));
707         args.command_type = IDE_DRIVE_TASK_NO_DATA;
708
709         if (s->b.set_geometry) {
710                 s->b.set_geometry = 0;
711                 ide_init_specify_cmd(drive, &args);
712         } else if (s->b.recalibrate) {
713                 s->b.recalibrate = 0;
714                 ide_init_restore_cmd(drive, &args);
715         } else if (s->b.set_multmode) {
716                 s->b.set_multmode = 0;
717                 if (drive->mult_req > drive->id->max_multsect)
718                         drive->mult_req = drive->id->max_multsect;
719                 ide_init_setmult_cmd(drive, &args);
720         } else if (s->all) {
721                 int special = s->all;
722                 s->all = 0;
723                 printk(KERN_ERR "%s: bad special flag: 0x%02x\n", drive->name, special);
724                 return ide_stopped;
725         }
726
727         do_rw_taskfile(drive, &args);
728
729         return ide_started;
730 }
731
732 /*
733  * handle HDIO_SET_PIO_MODE ioctl abusers here, eventually it will go away
734  */
735 static int set_pio_mode_abuse(ide_hwif_t *hwif, u8 req_pio)
736 {
737         switch (req_pio) {
738         case 202:
739         case 201:
740         case 200:
741         case 102:
742         case 101:
743         case 100:
744                 return (hwif->host_flags & IDE_HFLAG_ABUSE_DMA_MODES) ? 1 : 0;
745         case 9:
746         case 8:
747                 return (hwif->host_flags & IDE_HFLAG_ABUSE_PREFETCH) ? 1 : 0;
748         case 7:
749         case 6:
750                 return (hwif->host_flags & IDE_HFLAG_ABUSE_FAST_DEVSEL) ? 1 : 0;
751         default:
752                 return 0;
753         }
754 }
755
756 /**
757  *      do_special              -       issue some special commands
758  *      @drive: drive the command is for
759  *
760  *      do_special() is used to issue WIN_SPECIFY, WIN_RESTORE, and WIN_SETMULT
761  *      commands to a drive.  It used to do much more, but has been scaled
762  *      back.
763  */
764
765 static ide_startstop_t do_special (ide_drive_t *drive)
766 {
767         special_t *s = &drive->special;
768
769 #ifdef DEBUG
770         printk("%s: do_special: 0x%02x\n", drive->name, s->all);
771 #endif
772         if (s->b.set_tune) {
773                 ide_hwif_t *hwif = drive->hwif;
774                 u8 req_pio = drive->tune_req;
775
776                 s->b.set_tune = 0;
777
778                 if (set_pio_mode_abuse(drive->hwif, req_pio)) {
779
780                         if (hwif->set_pio_mode == NULL)
781                                 return ide_stopped;
782
783                         /*
784                          * take ide_lock for drive->[no_]unmask/[no_]io_32bit
785                          */
786                         if (req_pio == 8 || req_pio == 9) {
787                                 unsigned long flags;
788
789                                 spin_lock_irqsave(&ide_lock, flags);
790                                 hwif->set_pio_mode(drive, req_pio);
791                                 spin_unlock_irqrestore(&ide_lock, flags);
792                         } else
793                                 hwif->set_pio_mode(drive, req_pio);
794                 } else {
795                         int keep_dma = drive->using_dma;
796
797                         ide_set_pio(drive, req_pio);
798
799                         if (hwif->host_flags & IDE_HFLAG_SET_PIO_MODE_KEEP_DMA) {
800                                 if (keep_dma)
801                                         hwif->ide_dma_on(drive);
802                         }
803                 }
804
805                 return ide_stopped;
806         } else {
807                 if (drive->media == ide_disk)
808                         return ide_disk_special(drive);
809
810                 s->all = 0;
811                 drive->mult_req = 0;
812                 return ide_stopped;
813         }
814 }
815
816 void ide_map_sg(ide_drive_t *drive, struct request *rq)
817 {
818         ide_hwif_t *hwif = drive->hwif;
819         struct scatterlist *sg = hwif->sg_table;
820
821         if (hwif->sg_mapped)    /* needed by ide-scsi */
822                 return;
823
824         if (rq->cmd_type != REQ_TYPE_ATA_TASKFILE) {
825                 hwif->sg_nents = blk_rq_map_sg(drive->queue, rq, sg);
826         } else {
827                 sg_init_one(sg, rq->buffer, rq->nr_sectors * SECTOR_SIZE);
828                 hwif->sg_nents = 1;
829         }
830 }
831
832 EXPORT_SYMBOL_GPL(ide_map_sg);
833
834 void ide_init_sg_cmd(ide_drive_t *drive, struct request *rq)
835 {
836         ide_hwif_t *hwif = drive->hwif;
837
838         hwif->nsect = hwif->nleft = rq->nr_sectors;
839         hwif->cursg_ofs = 0;
840         hwif->cursg = NULL;
841 }
842
843 EXPORT_SYMBOL_GPL(ide_init_sg_cmd);
844
845 /**
846  *      execute_drive_command   -       issue special drive command
847  *      @drive: the drive to issue the command on
848  *      @rq: the request structure holding the command
849  *
850  *      execute_drive_cmd() issues a special drive command,  usually 
851  *      initiated by ioctl() from the external hdparm program. The
852  *      command can be a drive command, drive task or taskfile 
853  *      operation. Weirdly you can call it with NULL to wait for
854  *      all commands to finish. Don't do this as that is due to change
855  */
856
857 static ide_startstop_t execute_drive_cmd (ide_drive_t *drive,
858                 struct request *rq)
859 {
860         ide_hwif_t *hwif = HWIF(drive);
861         if (rq->cmd_type == REQ_TYPE_ATA_TASKFILE) {
862                 ide_task_t *args = rq->special;
863  
864                 if (!args)
865                         goto done;
866
867                 hwif->data_phase = args->data_phase;
868
869                 switch (hwif->data_phase) {
870                 case TASKFILE_MULTI_OUT:
871                 case TASKFILE_OUT:
872                 case TASKFILE_MULTI_IN:
873                 case TASKFILE_IN:
874                         ide_init_sg_cmd(drive, rq);
875                         ide_map_sg(drive, rq);
876                 default:
877                         break;
878                 }
879
880                 if (args->tf_out_flags.all != 0) 
881                         return flagged_taskfile(drive, args);
882                 return do_rw_taskfile(drive, args);
883         } else if (rq->cmd_type == REQ_TYPE_ATA_TASK) {
884                 u8 *args = rq->buffer;
885                 u8 sel;
886  
887                 if (!args)
888                         goto done;
889 #ifdef DEBUG
890                 printk("%s: DRIVE_TASK_CMD ", drive->name);
891                 printk("cmd=0x%02x ", args[0]);
892                 printk("fr=0x%02x ", args[1]);
893                 printk("ns=0x%02x ", args[2]);
894                 printk("sc=0x%02x ", args[3]);
895                 printk("lcyl=0x%02x ", args[4]);
896                 printk("hcyl=0x%02x ", args[5]);
897                 printk("sel=0x%02x\n", args[6]);
898 #endif
899                 hwif->OUTB(args[1], IDE_FEATURE_REG);
900                 hwif->OUTB(args[3], IDE_SECTOR_REG);
901                 hwif->OUTB(args[4], IDE_LCYL_REG);
902                 hwif->OUTB(args[5], IDE_HCYL_REG);
903                 sel = (args[6] & ~0x10);
904                 if (drive->select.b.unit)
905                         sel |= 0x10;
906                 hwif->OUTB(sel, IDE_SELECT_REG);
907                 ide_cmd(drive, args[0], args[2], &drive_cmd_intr);
908                 return ide_started;
909         } else if (rq->cmd_type == REQ_TYPE_ATA_CMD) {
910                 u8 *args = rq->buffer;
911
912                 if (!args)
913                         goto done;
914 #ifdef DEBUG
915                 printk("%s: DRIVE_CMD ", drive->name);
916                 printk("cmd=0x%02x ", args[0]);
917                 printk("sc=0x%02x ", args[1]);
918                 printk("fr=0x%02x ", args[2]);
919                 printk("xx=0x%02x\n", args[3]);
920 #endif
921                 if (args[0] == WIN_SMART) {
922                         hwif->OUTB(0x4f, IDE_LCYL_REG);
923                         hwif->OUTB(0xc2, IDE_HCYL_REG);
924                         hwif->OUTB(args[2],IDE_FEATURE_REG);
925                         hwif->OUTB(args[1],IDE_SECTOR_REG);
926                         ide_cmd(drive, args[0], args[3], &drive_cmd_intr);
927                         return ide_started;
928                 }
929                 hwif->OUTB(args[2],IDE_FEATURE_REG);
930                 ide_cmd(drive, args[0], args[1], &drive_cmd_intr);
931                 return ide_started;
932         }
933
934 done:
935         /*
936          * NULL is actually a valid way of waiting for
937          * all current requests to be flushed from the queue.
938          */
939 #ifdef DEBUG
940         printk("%s: DRIVE_CMD (null)\n", drive->name);
941 #endif
942         ide_end_drive_cmd(drive,
943                         hwif->INB(IDE_STATUS_REG),
944                         hwif->INB(IDE_ERROR_REG));
945         return ide_stopped;
946 }
947
948 static void ide_check_pm_state(ide_drive_t *drive, struct request *rq)
949 {
950         struct request_pm_state *pm = rq->data;
951
952         if (blk_pm_suspend_request(rq) &&
953             pm->pm_step == ide_pm_state_start_suspend)
954                 /* Mark drive blocked when starting the suspend sequence. */
955                 drive->blocked = 1;
956         else if (blk_pm_resume_request(rq) &&
957                  pm->pm_step == ide_pm_state_start_resume) {
958                 /* 
959                  * The first thing we do on wakeup is to wait for BSY bit to
960                  * go away (with a looong timeout) as a drive on this hwif may
961                  * just be POSTing itself.
962                  * We do that before even selecting as the "other" device on
963                  * the bus may be broken enough to walk on our toes at this
964                  * point.
965                  */
966                 int rc;
967 #ifdef DEBUG_PM
968                 printk("%s: Wakeup request inited, waiting for !BSY...\n", drive->name);
969 #endif
970                 rc = ide_wait_not_busy(HWIF(drive), 35000);
971                 if (rc)
972                         printk(KERN_WARNING "%s: bus not ready on wakeup\n", drive->name);
973                 SELECT_DRIVE(drive);
974                 HWIF(drive)->OUTB(8, HWIF(drive)->io_ports[IDE_CONTROL_OFFSET]);
975                 rc = ide_wait_not_busy(HWIF(drive), 100000);
976                 if (rc)
977                         printk(KERN_WARNING "%s: drive not ready on wakeup\n", drive->name);
978         }
979 }
980
981 /**
982  *      start_request   -       start of I/O and command issuing for IDE
983  *
984  *      start_request() initiates handling of a new I/O request. It
985  *      accepts commands and I/O (read/write) requests. It also does
986  *      the final remapping for weird stuff like EZDrive. Once 
987  *      device mapper can work sector level the EZDrive stuff can go away
988  *
989  *      FIXME: this function needs a rename
990  */
991  
992 static ide_startstop_t start_request (ide_drive_t *drive, struct request *rq)
993 {
994         ide_startstop_t startstop;
995         sector_t block;
996
997         BUG_ON(!blk_rq_started(rq));
998
999 #ifdef DEBUG
1000         printk("%s: start_request: current=0x%08lx\n",
1001                 HWIF(drive)->name, (unsigned long) rq);
1002 #endif
1003
1004         /* bail early if we've exceeded max_failures */
1005         if (drive->max_failures && (drive->failures > drive->max_failures)) {
1006                 goto kill_rq;
1007         }
1008
1009         block    = rq->sector;
1010         if (blk_fs_request(rq) &&
1011             (drive->media == ide_disk || drive->media == ide_floppy)) {
1012                 block += drive->sect0;
1013         }
1014         /* Yecch - this will shift the entire interval,
1015            possibly killing some innocent following sector */
1016         if (block == 0 && drive->remap_0_to_1 == 1)
1017                 block = 1;  /* redirect MBR access to EZ-Drive partn table */
1018
1019         if (blk_pm_request(rq))
1020                 ide_check_pm_state(drive, rq);
1021
1022         SELECT_DRIVE(drive);
1023         if (ide_wait_stat(&startstop, drive, drive->ready_stat, BUSY_STAT|DRQ_STAT, WAIT_READY)) {
1024                 printk(KERN_ERR "%s: drive not ready for command\n", drive->name);
1025                 return startstop;
1026         }
1027         if (!drive->special.all) {
1028                 ide_driver_t *drv;
1029
1030                 /*
1031                  * We reset the drive so we need to issue a SETFEATURES.
1032                  * Do it _after_ do_special() restored device parameters.
1033                  */
1034                 if (drive->current_speed == 0xff)
1035                         ide_config_drive_speed(drive, drive->desired_speed);
1036
1037                 if (rq->cmd_type == REQ_TYPE_ATA_CMD ||
1038                     rq->cmd_type == REQ_TYPE_ATA_TASK ||
1039                     rq->cmd_type == REQ_TYPE_ATA_TASKFILE)
1040                         return execute_drive_cmd(drive, rq);
1041                 else if (blk_pm_request(rq)) {
1042                         struct request_pm_state *pm = rq->data;
1043 #ifdef DEBUG_PM
1044                         printk("%s: start_power_step(step: %d)\n",
1045                                 drive->name, rq->pm->pm_step);
1046 #endif
1047                         startstop = ide_start_power_step(drive, rq);
1048                         if (startstop == ide_stopped &&
1049                             pm->pm_step == ide_pm_state_completed)
1050                                 ide_complete_pm_request(drive, rq);
1051                         return startstop;
1052                 }
1053
1054                 drv = *(ide_driver_t **)rq->rq_disk->private_data;
1055                 return drv->do_request(drive, rq, block);
1056         }
1057         return do_special(drive);
1058 kill_rq:
1059         ide_kill_rq(drive, rq);
1060         return ide_stopped;
1061 }
1062
1063 /**
1064  *      ide_stall_queue         -       pause an IDE device
1065  *      @drive: drive to stall
1066  *      @timeout: time to stall for (jiffies)
1067  *
1068  *      ide_stall_queue() can be used by a drive to give excess bandwidth back
1069  *      to the hwgroup by sleeping for timeout jiffies.
1070  */
1071  
1072 void ide_stall_queue (ide_drive_t *drive, unsigned long timeout)
1073 {
1074         if (timeout > WAIT_WORSTCASE)
1075                 timeout = WAIT_WORSTCASE;
1076         drive->sleep = timeout + jiffies;
1077         drive->sleeping = 1;
1078 }
1079
1080 EXPORT_SYMBOL(ide_stall_queue);
1081
1082 #define WAKEUP(drive)   ((drive)->service_start + 2 * (drive)->service_time)
1083
1084 /**
1085  *      choose_drive            -       select a drive to service
1086  *      @hwgroup: hardware group to select on
1087  *
1088  *      choose_drive() selects the next drive which will be serviced.
1089  *      This is necessary because the IDE layer can't issue commands
1090  *      to both drives on the same cable, unlike SCSI.
1091  */
1092  
1093 static inline ide_drive_t *choose_drive (ide_hwgroup_t *hwgroup)
1094 {
1095         ide_drive_t *drive, *best;
1096
1097 repeat: 
1098         best = NULL;
1099         drive = hwgroup->drive;
1100
1101         /*
1102          * drive is doing pre-flush, ordered write, post-flush sequence. even
1103          * though that is 3 requests, it must be seen as a single transaction.
1104          * we must not preempt this drive until that is complete
1105          */
1106         if (blk_queue_flushing(drive->queue)) {
1107                 /*
1108                  * small race where queue could get replugged during
1109                  * the 3-request flush cycle, just yank the plug since
1110                  * we want it to finish asap
1111                  */
1112                 blk_remove_plug(drive->queue);
1113                 return drive;
1114         }
1115
1116         do {
1117                 if ((!drive->sleeping || time_after_eq(jiffies, drive->sleep))
1118                     && !elv_queue_empty(drive->queue)) {
1119                         if (!best
1120                          || (drive->sleeping && (!best->sleeping || time_before(drive->sleep, best->sleep)))
1121                          || (!best->sleeping && time_before(WAKEUP(drive), WAKEUP(best))))
1122                         {
1123                                 if (!blk_queue_plugged(drive->queue))
1124                                         best = drive;
1125                         }
1126                 }
1127         } while ((drive = drive->next) != hwgroup->drive);
1128         if (best && best->nice1 && !best->sleeping && best != hwgroup->drive && best->service_time > WAIT_MIN_SLEEP) {
1129                 long t = (signed long)(WAKEUP(best) - jiffies);
1130                 if (t >= WAIT_MIN_SLEEP) {
1131                 /*
1132                  * We *may* have some time to spare, but first let's see if
1133                  * someone can potentially benefit from our nice mood today..
1134                  */
1135                         drive = best->next;
1136                         do {
1137                                 if (!drive->sleeping
1138                                  && time_before(jiffies - best->service_time, WAKEUP(drive))
1139                                  && time_before(WAKEUP(drive), jiffies + t))
1140                                 {
1141                                         ide_stall_queue(best, min_t(long, t, 10 * WAIT_MIN_SLEEP));
1142                                         goto repeat;
1143                                 }
1144                         } while ((drive = drive->next) != best);
1145                 }
1146         }
1147         return best;
1148 }
1149
1150 /*
1151  * Issue a new request to a drive from hwgroup
1152  * Caller must have already done spin_lock_irqsave(&ide_lock, ..);
1153  *
1154  * A hwgroup is a serialized group of IDE interfaces.  Usually there is
1155  * exactly one hwif (interface) per hwgroup, but buggy controllers (eg. CMD640)
1156  * may have both interfaces in a single hwgroup to "serialize" access.
1157  * Or possibly multiple ISA interfaces can share a common IRQ by being grouped
1158  * together into one hwgroup for serialized access.
1159  *
1160  * Note also that several hwgroups can end up sharing a single IRQ,
1161  * possibly along with many other devices.  This is especially common in
1162  * PCI-based systems with off-board IDE controller cards.
1163  *
1164  * The IDE driver uses the single global ide_lock spinlock to protect
1165  * access to the request queues, and to protect the hwgroup->busy flag.
1166  *
1167  * The first thread into the driver for a particular hwgroup sets the
1168  * hwgroup->busy flag to indicate that this hwgroup is now active,
1169  * and then initiates processing of the top request from the request queue.
1170  *
1171  * Other threads attempting entry notice the busy setting, and will simply
1172  * queue their new requests and exit immediately.  Note that hwgroup->busy
1173  * remains set even when the driver is merely awaiting the next interrupt.
1174  * Thus, the meaning is "this hwgroup is busy processing a request".
1175  *
1176  * When processing of a request completes, the completing thread or IRQ-handler
1177  * will start the next request from the queue.  If no more work remains,
1178  * the driver will clear the hwgroup->busy flag and exit.
1179  *
1180  * The ide_lock (spinlock) is used to protect all access to the
1181  * hwgroup->busy flag, but is otherwise not needed for most processing in
1182  * the driver.  This makes the driver much more friendlier to shared IRQs
1183  * than previous designs, while remaining 100% (?) SMP safe and capable.
1184  */
1185 static void ide_do_request (ide_hwgroup_t *hwgroup, int masked_irq)
1186 {
1187         ide_drive_t     *drive;
1188         ide_hwif_t      *hwif;
1189         struct request  *rq;
1190         ide_startstop_t startstop;
1191         int             loops = 0;
1192
1193         /* for atari only: POSSIBLY BROKEN HERE(?) */
1194         ide_get_lock(ide_intr, hwgroup);
1195
1196         /* caller must own ide_lock */
1197         BUG_ON(!irqs_disabled());
1198
1199         while (!hwgroup->busy) {
1200                 hwgroup->busy = 1;
1201                 drive = choose_drive(hwgroup);
1202                 if (drive == NULL) {
1203                         int sleeping = 0;
1204                         unsigned long sleep = 0; /* shut up, gcc */
1205                         hwgroup->rq = NULL;
1206                         drive = hwgroup->drive;
1207                         do {
1208                                 if (drive->sleeping && (!sleeping || time_before(drive->sleep, sleep))) {
1209                                         sleeping = 1;
1210                                         sleep = drive->sleep;
1211                                 }
1212                         } while ((drive = drive->next) != hwgroup->drive);
1213                         if (sleeping) {
1214                 /*
1215                  * Take a short snooze, and then wake up this hwgroup again.
1216                  * This gives other hwgroups on the same a chance to
1217                  * play fairly with us, just in case there are big differences
1218                  * in relative throughputs.. don't want to hog the cpu too much.
1219                  */
1220                                 if (time_before(sleep, jiffies + WAIT_MIN_SLEEP))
1221                                         sleep = jiffies + WAIT_MIN_SLEEP;
1222 #if 1
1223                                 if (timer_pending(&hwgroup->timer))
1224                                         printk(KERN_CRIT "ide_set_handler: timer already active\n");
1225 #endif
1226                                 /* so that ide_timer_expiry knows what to do */
1227                                 hwgroup->sleeping = 1;
1228                                 hwgroup->req_gen_timer = hwgroup->req_gen;
1229                                 mod_timer(&hwgroup->timer, sleep);
1230                                 /* we purposely leave hwgroup->busy==1
1231                                  * while sleeping */
1232                         } else {
1233                                 /* Ugly, but how can we sleep for the lock
1234                                  * otherwise? perhaps from tq_disk?
1235                                  */
1236
1237                                 /* for atari only */
1238                                 ide_release_lock();
1239                                 hwgroup->busy = 0;
1240                         }
1241
1242                         /* no more work for this hwgroup (for now) */
1243                         return;
1244                 }
1245         again:
1246                 hwif = HWIF(drive);
1247                 if (hwgroup->hwif->sharing_irq &&
1248                     hwif != hwgroup->hwif &&
1249                     hwif->io_ports[IDE_CONTROL_OFFSET]) {
1250                         /* set nIEN for previous hwif */
1251                         SELECT_INTERRUPT(drive);
1252                 }
1253                 hwgroup->hwif = hwif;
1254                 hwgroup->drive = drive;
1255                 drive->sleeping = 0;
1256                 drive->service_start = jiffies;
1257
1258                 if (blk_queue_plugged(drive->queue)) {
1259                         printk(KERN_ERR "ide: huh? queue was plugged!\n");
1260                         break;
1261                 }
1262
1263                 /*
1264                  * we know that the queue isn't empty, but this can happen
1265                  * if the q->prep_rq_fn() decides to kill a request
1266                  */
1267                 rq = elv_next_request(drive->queue);
1268                 if (!rq) {
1269                         hwgroup->busy = 0;
1270                         break;
1271                 }
1272
1273                 /*
1274                  * Sanity: don't accept a request that isn't a PM request
1275                  * if we are currently power managed. This is very important as
1276                  * blk_stop_queue() doesn't prevent the elv_next_request()
1277                  * above to return us whatever is in the queue. Since we call
1278                  * ide_do_request() ourselves, we end up taking requests while
1279                  * the queue is blocked...
1280                  * 
1281                  * We let requests forced at head of queue with ide-preempt
1282                  * though. I hope that doesn't happen too much, hopefully not
1283                  * unless the subdriver triggers such a thing in its own PM
1284                  * state machine.
1285                  *
1286                  * We count how many times we loop here to make sure we service
1287                  * all drives in the hwgroup without looping for ever
1288                  */
1289                 if (drive->blocked && !blk_pm_request(rq) && !(rq->cmd_flags & REQ_PREEMPT)) {
1290                         drive = drive->next ? drive->next : hwgroup->drive;
1291                         if (loops++ < 4 && !blk_queue_plugged(drive->queue))
1292                                 goto again;
1293                         /* We clear busy, there should be no pending ATA command at this point. */
1294                         hwgroup->busy = 0;
1295                         break;
1296                 }
1297
1298                 hwgroup->rq = rq;
1299
1300                 /*
1301                  * Some systems have trouble with IDE IRQs arriving while
1302                  * the driver is still setting things up.  So, here we disable
1303                  * the IRQ used by this interface while the request is being started.
1304                  * This may look bad at first, but pretty much the same thing
1305                  * happens anyway when any interrupt comes in, IDE or otherwise
1306                  *  -- the kernel masks the IRQ while it is being handled.
1307                  */
1308                 if (masked_irq != IDE_NO_IRQ && hwif->irq != masked_irq)
1309                         disable_irq_nosync(hwif->irq);
1310                 spin_unlock(&ide_lock);
1311                 local_irq_enable_in_hardirq();
1312                         /* allow other IRQs while we start this request */
1313                 startstop = start_request(drive, rq);
1314                 spin_lock_irq(&ide_lock);
1315                 if (masked_irq != IDE_NO_IRQ && hwif->irq != masked_irq)
1316                         enable_irq(hwif->irq);
1317                 if (startstop == ide_stopped)
1318                         hwgroup->busy = 0;
1319         }
1320 }
1321
1322 /*
1323  * Passes the stuff to ide_do_request
1324  */
1325 void do_ide_request(struct request_queue *q)
1326 {
1327         ide_drive_t *drive = q->queuedata;
1328
1329         ide_do_request(HWGROUP(drive), IDE_NO_IRQ);
1330 }
1331
1332 /*
1333  * un-busy the hwgroup etc, and clear any pending DMA status. we want to
1334  * retry the current request in pio mode instead of risking tossing it
1335  * all away
1336  */
1337 static ide_startstop_t ide_dma_timeout_retry(ide_drive_t *drive, int error)
1338 {
1339         ide_hwif_t *hwif = HWIF(drive);
1340         struct request *rq;
1341         ide_startstop_t ret = ide_stopped;
1342
1343         /*
1344          * end current dma transaction
1345          */
1346
1347         if (error < 0) {
1348                 printk(KERN_WARNING "%s: DMA timeout error\n", drive->name);
1349                 (void)HWIF(drive)->ide_dma_end(drive);
1350                 ret = ide_error(drive, "dma timeout error",
1351                                                 hwif->INB(IDE_STATUS_REG));
1352         } else {
1353                 printk(KERN_WARNING "%s: DMA timeout retry\n", drive->name);
1354                 hwif->dma_timeout(drive);
1355         }
1356
1357         /*
1358          * disable dma for now, but remember that we did so because of
1359          * a timeout -- we'll reenable after we finish this next request
1360          * (or rather the first chunk of it) in pio.
1361          */
1362         drive->retry_pio++;
1363         drive->state = DMA_PIO_RETRY;
1364         hwif->dma_off_quietly(drive);
1365
1366         /*
1367          * un-busy drive etc (hwgroup->busy is cleared on return) and
1368          * make sure request is sane
1369          */
1370         rq = HWGROUP(drive)->rq;
1371
1372         if (!rq)
1373                 goto out;
1374
1375         HWGROUP(drive)->rq = NULL;
1376
1377         rq->errors = 0;
1378
1379         if (!rq->bio)
1380                 goto out;
1381
1382         rq->sector = rq->bio->bi_sector;
1383         rq->current_nr_sectors = bio_iovec(rq->bio)->bv_len >> 9;
1384         rq->hard_cur_sectors = rq->current_nr_sectors;
1385         rq->buffer = bio_data(rq->bio);
1386 out:
1387         return ret;
1388 }
1389
1390 /**
1391  *      ide_timer_expiry        -       handle lack of an IDE interrupt
1392  *      @data: timer callback magic (hwgroup)
1393  *
1394  *      An IDE command has timed out before the expected drive return
1395  *      occurred. At this point we attempt to clean up the current
1396  *      mess. If the current handler includes an expiry handler then
1397  *      we invoke the expiry handler, and providing it is happy the
1398  *      work is done. If that fails we apply generic recovery rules
1399  *      invoking the handler and checking the drive DMA status. We
1400  *      have an excessively incestuous relationship with the DMA
1401  *      logic that wants cleaning up.
1402  */
1403  
1404 void ide_timer_expiry (unsigned long data)
1405 {
1406         ide_hwgroup_t   *hwgroup = (ide_hwgroup_t *) data;
1407         ide_handler_t   *handler;
1408         ide_expiry_t    *expiry;
1409         unsigned long   flags;
1410         unsigned long   wait = -1;
1411
1412         spin_lock_irqsave(&ide_lock, flags);
1413
1414         if (((handler = hwgroup->handler) == NULL) ||
1415             (hwgroup->req_gen != hwgroup->req_gen_timer)) {
1416                 /*
1417                  * Either a marginal timeout occurred
1418                  * (got the interrupt just as timer expired),
1419                  * or we were "sleeping" to give other devices a chance.
1420                  * Either way, we don't really want to complain about anything.
1421                  */
1422                 if (hwgroup->sleeping) {
1423                         hwgroup->sleeping = 0;
1424                         hwgroup->busy = 0;
1425                 }
1426         } else {
1427                 ide_drive_t *drive = hwgroup->drive;
1428                 if (!drive) {
1429                         printk(KERN_ERR "ide_timer_expiry: hwgroup->drive was NULL\n");
1430                         hwgroup->handler = NULL;
1431                 } else {
1432                         ide_hwif_t *hwif;
1433                         ide_startstop_t startstop = ide_stopped;
1434                         if (!hwgroup->busy) {
1435                                 hwgroup->busy = 1;      /* paranoia */
1436                                 printk(KERN_ERR "%s: ide_timer_expiry: hwgroup->busy was 0 ??\n", drive->name);
1437                         }
1438                         if ((expiry = hwgroup->expiry) != NULL) {
1439                                 /* continue */
1440                                 if ((wait = expiry(drive)) > 0) {
1441                                         /* reset timer */
1442                                         hwgroup->timer.expires  = jiffies + wait;
1443                                         hwgroup->req_gen_timer = hwgroup->req_gen;
1444                                         add_timer(&hwgroup->timer);
1445                                         spin_unlock_irqrestore(&ide_lock, flags);
1446                                         return;
1447                                 }
1448                         }
1449                         hwgroup->handler = NULL;
1450                         /*
1451                          * We need to simulate a real interrupt when invoking
1452                          * the handler() function, which means we need to
1453                          * globally mask the specific IRQ:
1454                          */
1455                         spin_unlock(&ide_lock);
1456                         hwif  = HWIF(drive);
1457 #if DISABLE_IRQ_NOSYNC
1458                         disable_irq_nosync(hwif->irq);
1459 #else
1460                         /* disable_irq_nosync ?? */
1461                         disable_irq(hwif->irq);
1462 #endif /* DISABLE_IRQ_NOSYNC */
1463                         /* local CPU only,
1464                          * as if we were handling an interrupt */
1465                         local_irq_disable();
1466                         if (hwgroup->polling) {
1467                                 startstop = handler(drive);
1468                         } else if (drive_is_ready(drive)) {
1469                                 if (drive->waiting_for_dma)
1470                                         hwgroup->hwif->dma_lost_irq(drive);
1471                                 (void)ide_ack_intr(hwif);
1472                                 printk(KERN_WARNING "%s: lost interrupt\n", drive->name);
1473                                 startstop = handler(drive);
1474                         } else {
1475                                 if (drive->waiting_for_dma) {
1476                                         startstop = ide_dma_timeout_retry(drive, wait);
1477                                 } else
1478                                         startstop =
1479                                         ide_error(drive, "irq timeout", hwif->INB(IDE_STATUS_REG));
1480                         }
1481                         drive->service_time = jiffies - drive->service_start;
1482                         spin_lock_irq(&ide_lock);
1483                         enable_irq(hwif->irq);
1484                         if (startstop == ide_stopped)
1485                                 hwgroup->busy = 0;
1486                 }
1487         }
1488         ide_do_request(hwgroup, IDE_NO_IRQ);
1489         spin_unlock_irqrestore(&ide_lock, flags);
1490 }
1491
1492 /**
1493  *      unexpected_intr         -       handle an unexpected IDE interrupt
1494  *      @irq: interrupt line
1495  *      @hwgroup: hwgroup being processed
1496  *
1497  *      There's nothing really useful we can do with an unexpected interrupt,
1498  *      other than reading the status register (to clear it), and logging it.
1499  *      There should be no way that an irq can happen before we're ready for it,
1500  *      so we needn't worry much about losing an "important" interrupt here.
1501  *
1502  *      On laptops (and "green" PCs), an unexpected interrupt occurs whenever
1503  *      the drive enters "idle", "standby", or "sleep" mode, so if the status
1504  *      looks "good", we just ignore the interrupt completely.
1505  *
1506  *      This routine assumes __cli() is in effect when called.
1507  *
1508  *      If an unexpected interrupt happens on irq15 while we are handling irq14
1509  *      and if the two interfaces are "serialized" (CMD640), then it looks like
1510  *      we could screw up by interfering with a new request being set up for 
1511  *      irq15.
1512  *
1513  *      In reality, this is a non-issue.  The new command is not sent unless 
1514  *      the drive is ready to accept one, in which case we know the drive is
1515  *      not trying to interrupt us.  And ide_set_handler() is always invoked
1516  *      before completing the issuance of any new drive command, so we will not
1517  *      be accidentally invoked as a result of any valid command completion
1518  *      interrupt.
1519  *
1520  *      Note that we must walk the entire hwgroup here. We know which hwif
1521  *      is doing the current command, but we don't know which hwif burped
1522  *      mysteriously.
1523  */
1524  
1525 static void unexpected_intr (int irq, ide_hwgroup_t *hwgroup)
1526 {
1527         u8 stat;
1528         ide_hwif_t *hwif = hwgroup->hwif;
1529
1530         /*
1531          * handle the unexpected interrupt
1532          */
1533         do {
1534                 if (hwif->irq == irq) {
1535                         stat = hwif->INB(hwif->io_ports[IDE_STATUS_OFFSET]);
1536                         if (!OK_STAT(stat, READY_STAT, BAD_STAT)) {
1537                                 /* Try to not flood the console with msgs */
1538                                 static unsigned long last_msgtime, count;
1539                                 ++count;
1540                                 if (time_after(jiffies, last_msgtime + HZ)) {
1541                                         last_msgtime = jiffies;
1542                                         printk(KERN_ERR "%s%s: unexpected interrupt, "
1543                                                 "status=0x%02x, count=%ld\n",
1544                                                 hwif->name,
1545                                                 (hwif->next==hwgroup->hwif) ? "" : "(?)", stat, count);
1546                                 }
1547                         }
1548                 }
1549         } while ((hwif = hwif->next) != hwgroup->hwif);
1550 }
1551
1552 /**
1553  *      ide_intr        -       default IDE interrupt handler
1554  *      @irq: interrupt number
1555  *      @dev_id: hwif group
1556  *      @regs: unused weirdness from the kernel irq layer
1557  *
1558  *      This is the default IRQ handler for the IDE layer. You should
1559  *      not need to override it. If you do be aware it is subtle in
1560  *      places
1561  *
1562  *      hwgroup->hwif is the interface in the group currently performing
1563  *      a command. hwgroup->drive is the drive and hwgroup->handler is
1564  *      the IRQ handler to call. As we issue a command the handlers
1565  *      step through multiple states, reassigning the handler to the
1566  *      next step in the process. Unlike a smart SCSI controller IDE
1567  *      expects the main processor to sequence the various transfer
1568  *      stages. We also manage a poll timer to catch up with most
1569  *      timeout situations. There are still a few where the handlers
1570  *      don't ever decide to give up.
1571  *
1572  *      The handler eventually returns ide_stopped to indicate the
1573  *      request completed. At this point we issue the next request
1574  *      on the hwgroup and the process begins again.
1575  */
1576  
1577 irqreturn_t ide_intr (int irq, void *dev_id)
1578 {
1579         unsigned long flags;
1580         ide_hwgroup_t *hwgroup = (ide_hwgroup_t *)dev_id;
1581         ide_hwif_t *hwif;
1582         ide_drive_t *drive;
1583         ide_handler_t *handler;
1584         ide_startstop_t startstop;
1585
1586         spin_lock_irqsave(&ide_lock, flags);
1587         hwif = hwgroup->hwif;
1588
1589         if (!ide_ack_intr(hwif)) {
1590                 spin_unlock_irqrestore(&ide_lock, flags);
1591                 return IRQ_NONE;
1592         }
1593
1594         if ((handler = hwgroup->handler) == NULL || hwgroup->polling) {
1595                 /*
1596                  * Not expecting an interrupt from this drive.
1597                  * That means this could be:
1598                  *      (1) an interrupt from another PCI device
1599                  *      sharing the same PCI INT# as us.
1600                  * or   (2) a drive just entered sleep or standby mode,
1601                  *      and is interrupting to let us know.
1602                  * or   (3) a spurious interrupt of unknown origin.
1603                  *
1604                  * For PCI, we cannot tell the difference,
1605                  * so in that case we just ignore it and hope it goes away.
1606                  *
1607                  * FIXME: unexpected_intr should be hwif-> then we can
1608                  * remove all the ifdef PCI crap
1609                  */
1610 #ifdef CONFIG_BLK_DEV_IDEPCI
1611                 if (hwif->pci_dev && !hwif->pci_dev->vendor)
1612 #endif  /* CONFIG_BLK_DEV_IDEPCI */
1613                 {
1614                         /*
1615                          * Probably not a shared PCI interrupt,
1616                          * so we can safely try to do something about it:
1617                          */
1618                         unexpected_intr(irq, hwgroup);
1619 #ifdef CONFIG_BLK_DEV_IDEPCI
1620                 } else {
1621                         /*
1622                          * Whack the status register, just in case
1623                          * we have a leftover pending IRQ.
1624                          */
1625                         (void) hwif->INB(hwif->io_ports[IDE_STATUS_OFFSET]);
1626 #endif /* CONFIG_BLK_DEV_IDEPCI */
1627                 }
1628                 spin_unlock_irqrestore(&ide_lock, flags);
1629                 return IRQ_NONE;
1630         }
1631         drive = hwgroup->drive;
1632         if (!drive) {
1633                 /*
1634                  * This should NEVER happen, and there isn't much
1635                  * we could do about it here.
1636                  *
1637                  * [Note - this can occur if the drive is hot unplugged]
1638                  */
1639                 spin_unlock_irqrestore(&ide_lock, flags);
1640                 return IRQ_HANDLED;
1641         }
1642         if (!drive_is_ready(drive)) {
1643                 /*
1644                  * This happens regularly when we share a PCI IRQ with
1645                  * another device.  Unfortunately, it can also happen
1646                  * with some buggy drives that trigger the IRQ before
1647                  * their status register is up to date.  Hopefully we have
1648                  * enough advance overhead that the latter isn't a problem.
1649                  */
1650                 spin_unlock_irqrestore(&ide_lock, flags);
1651                 return IRQ_NONE;
1652         }
1653         if (!hwgroup->busy) {
1654                 hwgroup->busy = 1;      /* paranoia */
1655                 printk(KERN_ERR "%s: ide_intr: hwgroup->busy was 0 ??\n", drive->name);
1656         }
1657         hwgroup->handler = NULL;
1658         hwgroup->req_gen++;
1659         del_timer(&hwgroup->timer);
1660         spin_unlock(&ide_lock);
1661
1662         /* Some controllers might set DMA INTR no matter DMA or PIO;
1663          * bmdma status might need to be cleared even for
1664          * PIO interrupts to prevent spurious/lost irq.
1665          */
1666         if (hwif->ide_dma_clear_irq && !(drive->waiting_for_dma))
1667                 /* ide_dma_end() needs bmdma status for error checking.
1668                  * So, skip clearing bmdma status here and leave it
1669                  * to ide_dma_end() if this is dma interrupt.
1670                  */
1671                 hwif->ide_dma_clear_irq(drive);
1672
1673         if (drive->unmask)
1674                 local_irq_enable_in_hardirq();
1675         /* service this interrupt, may set handler for next interrupt */
1676         startstop = handler(drive);
1677         spin_lock_irq(&ide_lock);
1678
1679         /*
1680          * Note that handler() may have set things up for another
1681          * interrupt to occur soon, but it cannot happen until
1682          * we exit from this routine, because it will be the
1683          * same irq as is currently being serviced here, and Linux
1684          * won't allow another of the same (on any CPU) until we return.
1685          */
1686         drive->service_time = jiffies - drive->service_start;
1687         if (startstop == ide_stopped) {
1688                 if (hwgroup->handler == NULL) { /* paranoia */
1689                         hwgroup->busy = 0;
1690                         ide_do_request(hwgroup, hwif->irq);
1691                 } else {
1692                         printk(KERN_ERR "%s: ide_intr: huh? expected NULL handler "
1693                                 "on exit\n", drive->name);
1694                 }
1695         }
1696         spin_unlock_irqrestore(&ide_lock, flags);
1697         return IRQ_HANDLED;
1698 }
1699
1700 /**
1701  *      ide_init_drive_cmd      -       initialize a drive command request
1702  *      @rq: request object
1703  *
1704  *      Initialize a request before we fill it in and send it down to
1705  *      ide_do_drive_cmd. Commands must be set up by this function. Right
1706  *      now it doesn't do a lot, but if that changes abusers will have a
1707  *      nasty surprise.
1708  */
1709
1710 void ide_init_drive_cmd (struct request *rq)
1711 {
1712         memset(rq, 0, sizeof(*rq));
1713         rq->cmd_type = REQ_TYPE_ATA_CMD;
1714         rq->ref_count = 1;
1715 }
1716
1717 EXPORT_SYMBOL(ide_init_drive_cmd);
1718
1719 /**
1720  *      ide_do_drive_cmd        -       issue IDE special command
1721  *      @drive: device to issue command
1722  *      @rq: request to issue
1723  *      @action: action for processing
1724  *
1725  *      This function issues a special IDE device request
1726  *      onto the request queue.
1727  *
1728  *      If action is ide_wait, then the rq is queued at the end of the
1729  *      request queue, and the function sleeps until it has been processed.
1730  *      This is for use when invoked from an ioctl handler.
1731  *
1732  *      If action is ide_preempt, then the rq is queued at the head of
1733  *      the request queue, displacing the currently-being-processed
1734  *      request and this function returns immediately without waiting
1735  *      for the new rq to be completed.  This is VERY DANGEROUS, and is
1736  *      intended for careful use by the ATAPI tape/cdrom driver code.
1737  *
1738  *      If action is ide_end, then the rq is queued at the end of the
1739  *      request queue, and the function returns immediately without waiting
1740  *      for the new rq to be completed. This is again intended for careful
1741  *      use by the ATAPI tape/cdrom driver code.
1742  */
1743  
1744 int ide_do_drive_cmd (ide_drive_t *drive, struct request *rq, ide_action_t action)
1745 {
1746         unsigned long flags;
1747         ide_hwgroup_t *hwgroup = HWGROUP(drive);
1748         DECLARE_COMPLETION_ONSTACK(wait);
1749         int where = ELEVATOR_INSERT_BACK, err;
1750         int must_wait = (action == ide_wait || action == ide_head_wait);
1751
1752         rq->errors = 0;
1753
1754         /*
1755          * we need to hold an extra reference to request for safe inspection
1756          * after completion
1757          */
1758         if (must_wait) {
1759                 rq->ref_count++;
1760                 rq->end_io_data = &wait;
1761                 rq->end_io = blk_end_sync_rq;
1762         }
1763
1764         spin_lock_irqsave(&ide_lock, flags);
1765         if (action == ide_preempt)
1766                 hwgroup->rq = NULL;
1767         if (action == ide_preempt || action == ide_head_wait) {
1768                 where = ELEVATOR_INSERT_FRONT;
1769                 rq->cmd_flags |= REQ_PREEMPT;
1770         }
1771         __elv_add_request(drive->queue, rq, where, 0);
1772         ide_do_request(hwgroup, IDE_NO_IRQ);
1773         spin_unlock_irqrestore(&ide_lock, flags);
1774
1775         err = 0;
1776         if (must_wait) {
1777                 wait_for_completion(&wait);
1778                 if (rq->errors)
1779                         err = -EIO;
1780
1781                 blk_put_request(rq);
1782         }
1783
1784         return err;
1785 }
1786
1787 EXPORT_SYMBOL(ide_do_drive_cmd);