Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-2.6
[linux-2.6] / drivers / ieee1394 / sbp2.c
1 /*
2  * sbp2.c - SBP-2 protocol driver for IEEE-1394
3  *
4  * Copyright (C) 2000 James Goodwin, Filanet Corporation (www.filanet.com)
5  * jamesg@filanet.com (JSG)
6  *
7  * Copyright (C) 2003 Ben Collins <bcollins@debian.org>
8  *
9  * This program is free software; you can redistribute it and/or modify
10  * it under the terms of the GNU General Public License as published by
11  * the Free Software Foundation; either version 2 of the License, or
12  * (at your option) any later version.
13  *
14  * This program is distributed in the hope that it will be useful,
15  * but WITHOUT ANY WARRANTY; without even the implied warranty of
16  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
17  * GNU General Public License for more details.
18  *
19  * You should have received a copy of the GNU General Public License
20  * along with this program; if not, write to the Free Software Foundation,
21  * Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
22  */
23
24 /*
25  * Brief Description:
26  *
27  * This driver implements the Serial Bus Protocol 2 (SBP-2) over IEEE-1394
28  * under Linux. The SBP-2 driver is implemented as an IEEE-1394 high-level
29  * driver. It also registers as a SCSI lower-level driver in order to accept
30  * SCSI commands for transport using SBP-2.
31  *
32  * You may access any attached SBP-2 (usually storage devices) as regular
33  * SCSI devices. E.g. mount /dev/sda1, fdisk, mkfs, etc..
34  *
35  * See http://www.t10.org/drafts.htm#sbp2 for the final draft of the SBP-2
36  * specification and for where to purchase the official standard.
37  *
38  * TODO:
39  *   - look into possible improvements of the SCSI error handlers
40  *   - handle Unit_Characteristics.mgt_ORB_timeout and .ORB_size
41  *   - handle Logical_Unit_Number.ordered
42  *   - handle src == 1 in status blocks
43  *   - reimplement the DMA mapping in absence of physical DMA so that
44  *     bus_to_virt is no longer required
45  *   - debug the handling of absent physical DMA
46  *   - replace CONFIG_IEEE1394_SBP2_PHYS_DMA by automatic detection
47  *     (this is easy but depends on the previous two TODO items)
48  *   - make the parameter serialize_io configurable per device
49  *   - move all requests to fetch agent registers into non-atomic context,
50  *     replace all usages of sbp2util_node_write_no_wait by true transactions
51  * Grep for inline FIXME comments below.
52  */
53
54 #include <linux/blkdev.h>
55 #include <linux/compiler.h>
56 #include <linux/delay.h>
57 #include <linux/device.h>
58 #include <linux/dma-mapping.h>
59 #include <linux/gfp.h>
60 #include <linux/init.h>
61 #include <linux/kernel.h>
62 #include <linux/list.h>
63 #include <linux/mm.h>
64 #include <linux/module.h>
65 #include <linux/moduleparam.h>
66 #include <linux/sched.h>
67 #include <linux/slab.h>
68 #include <linux/spinlock.h>
69 #include <linux/stat.h>
70 #include <linux/string.h>
71 #include <linux/stringify.h>
72 #include <linux/types.h>
73 #include <linux/wait.h>
74 #include <linux/workqueue.h>
75 #include <linux/scatterlist.h>
76
77 #include <asm/byteorder.h>
78 #include <asm/errno.h>
79 #include <asm/param.h>
80 #include <asm/system.h>
81 #include <asm/types.h>
82
83 #ifdef CONFIG_IEEE1394_SBP2_PHYS_DMA
84 #include <asm/io.h> /* for bus_to_virt */
85 #endif
86
87 #include <scsi/scsi.h>
88 #include <scsi/scsi_cmnd.h>
89 #include <scsi/scsi_dbg.h>
90 #include <scsi/scsi_device.h>
91 #include <scsi/scsi_host.h>
92
93 #include "csr1212.h"
94 #include "highlevel.h"
95 #include "hosts.h"
96 #include "ieee1394.h"
97 #include "ieee1394_core.h"
98 #include "ieee1394_hotplug.h"
99 #include "ieee1394_transactions.h"
100 #include "ieee1394_types.h"
101 #include "nodemgr.h"
102 #include "sbp2.h"
103
104 /*
105  * Module load parameter definitions
106  */
107
108 /*
109  * Change max_speed on module load if you have a bad IEEE-1394
110  * controller that has trouble running 2KB packets at 400mb.
111  *
112  * NOTE: On certain OHCI parts I have seen short packets on async transmit
113  * (probably due to PCI latency/throughput issues with the part). You can
114  * bump down the speed if you are running into problems.
115  */
116 static int sbp2_max_speed = IEEE1394_SPEED_MAX;
117 module_param_named(max_speed, sbp2_max_speed, int, 0644);
118 MODULE_PARM_DESC(max_speed, "Limit data transfer speed (5 <= 3200, "
119                  "4 <= 1600, 3 <= 800, 2 <= 400, 1 <= 200, 0 = 100 Mb/s)");
120
121 /*
122  * Set serialize_io to 0 or N to use dynamically appended lists of command ORBs.
123  * This is and always has been buggy in multiple subtle ways. See above TODOs.
124  */
125 static int sbp2_serialize_io = 1;
126 module_param_named(serialize_io, sbp2_serialize_io, bool, 0444);
127 MODULE_PARM_DESC(serialize_io, "Serialize requests coming from SCSI drivers "
128                  "(default = Y, faster but buggy = N)");
129
130 /*
131  * Adjust max_sectors if you'd like to influence how many sectors each SCSI
132  * command can transfer at most. Please note that some older SBP-2 bridge
133  * chips are broken for transfers greater or equal to 128KB, therefore
134  * max_sectors used to be a safe 255 sectors for many years. We now have a
135  * default of 0 here which means that we let the SCSI stack choose a limit.
136  *
137  * The SBP2_WORKAROUND_128K_MAX_TRANS flag, if set either in the workarounds
138  * module parameter or in the sbp2_workarounds_table[], will override the
139  * value of max_sectors. We should use sbp2_workarounds_table[] to cover any
140  * bridge chip which becomes known to need the 255 sectors limit.
141  */
142 static int sbp2_max_sectors;
143 module_param_named(max_sectors, sbp2_max_sectors, int, 0444);
144 MODULE_PARM_DESC(max_sectors, "Change max sectors per I/O supported "
145                  "(default = 0 = use SCSI stack's default)");
146
147 /*
148  * Exclusive login to sbp2 device? In most cases, the sbp2 driver should
149  * do an exclusive login, as it's generally unsafe to have two hosts
150  * talking to a single sbp2 device at the same time (filesystem coherency,
151  * etc.). If you're running an sbp2 device that supports multiple logins,
152  * and you're either running read-only filesystems or some sort of special
153  * filesystem supporting multiple hosts, e.g. OpenGFS, Oracle Cluster
154  * File System, or Lustre, then set exclusive_login to zero.
155  *
156  * So far only bridges from Oxford Semiconductor are known to support
157  * concurrent logins. Depending on firmware, four or two concurrent logins
158  * are possible on OXFW911 and newer Oxsemi bridges.
159  */
160 static int sbp2_exclusive_login = 1;
161 module_param_named(exclusive_login, sbp2_exclusive_login, bool, 0644);
162 MODULE_PARM_DESC(exclusive_login, "Exclusive login to sbp2 device "
163                  "(default = Y, use N for concurrent initiators)");
164
165 /*
166  * If any of the following workarounds is required for your device to work,
167  * please submit the kernel messages logged by sbp2 to the linux1394-devel
168  * mailing list.
169  *
170  * - 128kB max transfer
171  *   Limit transfer size. Necessary for some old bridges.
172  *
173  * - 36 byte inquiry
174  *   When scsi_mod probes the device, let the inquiry command look like that
175  *   from MS Windows.
176  *
177  * - skip mode page 8
178  *   Suppress sending of mode_sense for mode page 8 if the device pretends to
179  *   support the SCSI Primary Block commands instead of Reduced Block Commands.
180  *
181  * - fix capacity
182  *   Tell sd_mod to correct the last sector number reported by read_capacity.
183  *   Avoids access beyond actual disk limits on devices with an off-by-one bug.
184  *   Don't use this with devices which don't have this bug.
185  *
186  * - delay inquiry
187  *   Wait extra SBP2_INQUIRY_DELAY seconds after login before SCSI inquiry.
188  *
189  * - power condition
190  *   Set the power condition field in the START STOP UNIT commands sent by
191  *   sd_mod on suspend, resume, and shutdown (if manage_start_stop is on).
192  *   Some disks need this to spin down or to resume properly.
193  *
194  * - override internal blacklist
195  *   Instead of adding to the built-in blacklist, use only the workarounds
196  *   specified in the module load parameter.
197  *   Useful if a blacklist entry interfered with a non-broken device.
198  */
199 static int sbp2_default_workarounds;
200 module_param_named(workarounds, sbp2_default_workarounds, int, 0644);
201 MODULE_PARM_DESC(workarounds, "Work around device bugs (default = 0"
202         ", 128kB max transfer = " __stringify(SBP2_WORKAROUND_128K_MAX_TRANS)
203         ", 36 byte inquiry = "    __stringify(SBP2_WORKAROUND_INQUIRY_36)
204         ", skip mode page 8 = "   __stringify(SBP2_WORKAROUND_MODE_SENSE_8)
205         ", fix capacity = "       __stringify(SBP2_WORKAROUND_FIX_CAPACITY)
206         ", delay inquiry = "      __stringify(SBP2_WORKAROUND_DELAY_INQUIRY)
207         ", set power condition in start stop unit = "
208                                   __stringify(SBP2_WORKAROUND_POWER_CONDITION)
209         ", override internal blacklist = " __stringify(SBP2_WORKAROUND_OVERRIDE)
210         ", or a combination)");
211
212 /*
213  * This influences the format of the sysfs attribute
214  * /sys/bus/scsi/devices/.../ieee1394_id.
215  *
216  * The default format is like in older kernels:  %016Lx:%d:%d
217  * It contains the target's EUI-64, a number given to the logical unit by
218  * the ieee1394 driver's nodemgr (starting at 0), and the LUN.
219  *
220  * The long format is:  %016Lx:%06x:%04x
221  * It contains the target's EUI-64, the unit directory's directory_ID as per
222  * IEEE 1212 clause 7.7.19, and the LUN.  This format comes closest to the
223  * format of SBP(-3) target port and logical unit identifier as per SAM (SCSI
224  * Architecture Model) rev.2 to 4 annex A.  Therefore and because it is
225  * independent of the implementation of the ieee1394 nodemgr, the longer format
226  * is recommended for future use.
227  */
228 static int sbp2_long_sysfs_ieee1394_id;
229 module_param_named(long_ieee1394_id, sbp2_long_sysfs_ieee1394_id, bool, 0644);
230 MODULE_PARM_DESC(long_ieee1394_id, "8+3+2 bytes format of ieee1394_id in sysfs "
231                  "(default = backwards-compatible = N, SAM-conforming = Y)");
232
233
234 #define SBP2_INFO(fmt, args...) HPSB_INFO("sbp2: "fmt, ## args)
235 #define SBP2_ERR(fmt, args...)  HPSB_ERR("sbp2: "fmt, ## args)
236
237 /*
238  * Globals
239  */
240 static void sbp2scsi_complete_all_commands(struct sbp2_lu *, u32);
241 static void sbp2scsi_complete_command(struct sbp2_lu *, u32, struct scsi_cmnd *,
242                                       void (*)(struct scsi_cmnd *));
243 static struct sbp2_lu *sbp2_alloc_device(struct unit_directory *);
244 static int sbp2_start_device(struct sbp2_lu *);
245 static void sbp2_remove_device(struct sbp2_lu *);
246 static int sbp2_login_device(struct sbp2_lu *);
247 static int sbp2_reconnect_device(struct sbp2_lu *);
248 static int sbp2_logout_device(struct sbp2_lu *);
249 static void sbp2_host_reset(struct hpsb_host *);
250 static int sbp2_handle_status_write(struct hpsb_host *, int, int, quadlet_t *,
251                                     u64, size_t, u16);
252 static int sbp2_agent_reset(struct sbp2_lu *, int);
253 static void sbp2_parse_unit_directory(struct sbp2_lu *,
254                                       struct unit_directory *);
255 static int sbp2_set_busy_timeout(struct sbp2_lu *);
256 static int sbp2_max_speed_and_size(struct sbp2_lu *);
257
258
259 static const u8 sbp2_speedto_max_payload[] = { 0x7, 0x8, 0x9, 0xa, 0xa, 0xa };
260
261 static DEFINE_RWLOCK(sbp2_hi_logical_units_lock);
262
263 static struct hpsb_highlevel sbp2_highlevel = {
264         .name           = SBP2_DEVICE_NAME,
265         .host_reset     = sbp2_host_reset,
266 };
267
268 static const struct hpsb_address_ops sbp2_ops = {
269         .write          = sbp2_handle_status_write
270 };
271
272 #ifdef CONFIG_IEEE1394_SBP2_PHYS_DMA
273 static int sbp2_handle_physdma_write(struct hpsb_host *, int, int, quadlet_t *,
274                                      u64, size_t, u16);
275 static int sbp2_handle_physdma_read(struct hpsb_host *, int, quadlet_t *, u64,
276                                     size_t, u16);
277
278 static const struct hpsb_address_ops sbp2_physdma_ops = {
279         .read           = sbp2_handle_physdma_read,
280         .write          = sbp2_handle_physdma_write,
281 };
282 #endif
283
284
285 /*
286  * Interface to driver core and IEEE 1394 core
287  */
288 static const struct ieee1394_device_id sbp2_id_table[] = {
289         {
290          .match_flags   = IEEE1394_MATCH_SPECIFIER_ID | IEEE1394_MATCH_VERSION,
291          .specifier_id  = SBP2_UNIT_SPEC_ID_ENTRY & 0xffffff,
292          .version       = SBP2_SW_VERSION_ENTRY & 0xffffff},
293         {}
294 };
295 MODULE_DEVICE_TABLE(ieee1394, sbp2_id_table);
296
297 static int sbp2_probe(struct device *);
298 static int sbp2_remove(struct device *);
299 static int sbp2_update(struct unit_directory *);
300
301 static struct hpsb_protocol_driver sbp2_driver = {
302         .name           = SBP2_DEVICE_NAME,
303         .id_table       = sbp2_id_table,
304         .update         = sbp2_update,
305         .driver         = {
306                 .probe          = sbp2_probe,
307                 .remove         = sbp2_remove,
308         },
309 };
310
311
312 /*
313  * Interface to SCSI core
314  */
315 static int sbp2scsi_queuecommand(struct scsi_cmnd *,
316                                  void (*)(struct scsi_cmnd *));
317 static int sbp2scsi_abort(struct scsi_cmnd *);
318 static int sbp2scsi_reset(struct scsi_cmnd *);
319 static int sbp2scsi_slave_alloc(struct scsi_device *);
320 static int sbp2scsi_slave_configure(struct scsi_device *);
321 static void sbp2scsi_slave_destroy(struct scsi_device *);
322 static ssize_t sbp2_sysfs_ieee1394_id_show(struct device *,
323                                            struct device_attribute *, char *);
324
325 static DEVICE_ATTR(ieee1394_id, S_IRUGO, sbp2_sysfs_ieee1394_id_show, NULL);
326
327 static struct device_attribute *sbp2_sysfs_sdev_attrs[] = {
328         &dev_attr_ieee1394_id,
329         NULL
330 };
331
332 static struct scsi_host_template sbp2_shost_template = {
333         .module                  = THIS_MODULE,
334         .name                    = "SBP-2 IEEE-1394",
335         .proc_name               = SBP2_DEVICE_NAME,
336         .queuecommand            = sbp2scsi_queuecommand,
337         .eh_abort_handler        = sbp2scsi_abort,
338         .eh_device_reset_handler = sbp2scsi_reset,
339         .slave_alloc             = sbp2scsi_slave_alloc,
340         .slave_configure         = sbp2scsi_slave_configure,
341         .slave_destroy           = sbp2scsi_slave_destroy,
342         .this_id                 = -1,
343         .sg_tablesize            = SG_ALL,
344         .use_clustering          = ENABLE_CLUSTERING,
345         .cmd_per_lun             = SBP2_MAX_CMDS,
346         .can_queue               = SBP2_MAX_CMDS,
347         .sdev_attrs              = sbp2_sysfs_sdev_attrs,
348 };
349
350 #define SBP2_ROM_VALUE_WILDCARD ~0         /* match all */
351 #define SBP2_ROM_VALUE_MISSING  0xff000000 /* not present in the unit dir. */
352
353 /*
354  * List of devices with known bugs.
355  *
356  * The firmware_revision field, masked with 0xffff00, is the best indicator
357  * for the type of bridge chip of a device.  It yields a few false positives
358  * but this did not break correctly behaving devices so far.
359  */
360 static const struct {
361         u32 firmware_revision;
362         u32 model;
363         unsigned workarounds;
364 } sbp2_workarounds_table[] = {
365         /* DViCO Momobay CX-1 with TSB42AA9 bridge */ {
366                 .firmware_revision      = 0x002800,
367                 .model                  = 0x001010,
368                 .workarounds            = SBP2_WORKAROUND_INQUIRY_36 |
369                                           SBP2_WORKAROUND_MODE_SENSE_8 |
370                                           SBP2_WORKAROUND_POWER_CONDITION,
371         },
372         /* DViCO Momobay FX-3A with TSB42AA9A bridge */ {
373                 .firmware_revision      = 0x002800,
374                 .model                  = 0x000000,
375                 .workarounds            = SBP2_WORKAROUND_DELAY_INQUIRY |
376                                           SBP2_WORKAROUND_POWER_CONDITION,
377         },
378         /* Initio bridges, actually only needed for some older ones */ {
379                 .firmware_revision      = 0x000200,
380                 .model                  = SBP2_ROM_VALUE_WILDCARD,
381                 .workarounds            = SBP2_WORKAROUND_INQUIRY_36,
382         },
383         /* PL-3507 bridge with Prolific firmware */ {
384                 .firmware_revision      = 0x012800,
385                 .model                  = SBP2_ROM_VALUE_WILDCARD,
386                 .workarounds            = SBP2_WORKAROUND_POWER_CONDITION,
387         },
388         /* Symbios bridge */ {
389                 .firmware_revision      = 0xa0b800,
390                 .model                  = SBP2_ROM_VALUE_WILDCARD,
391                 .workarounds            = SBP2_WORKAROUND_128K_MAX_TRANS,
392         },
393         /* Datafab MD2-FW2 with Symbios/LSILogic SYM13FW500 bridge */ {
394                 .firmware_revision      = 0x002600,
395                 .model                  = SBP2_ROM_VALUE_WILDCARD,
396                 .workarounds            = SBP2_WORKAROUND_128K_MAX_TRANS,
397         },
398         /*
399          * iPod 2nd generation: needs 128k max transfer size workaround
400          * iPod 3rd generation: needs fix capacity workaround
401          */
402         {
403                 .firmware_revision      = 0x0a2700,
404                 .model                  = 0x000000,
405                 .workarounds            = SBP2_WORKAROUND_128K_MAX_TRANS |
406                                           SBP2_WORKAROUND_FIX_CAPACITY,
407         },
408         /* iPod 4th generation */ {
409                 .firmware_revision      = 0x0a2700,
410                 .model                  = 0x000021,
411                 .workarounds            = SBP2_WORKAROUND_FIX_CAPACITY,
412         },
413         /* iPod mini */ {
414                 .firmware_revision      = 0x0a2700,
415                 .model                  = 0x000022,
416                 .workarounds            = SBP2_WORKAROUND_FIX_CAPACITY,
417         },
418         /* iPod mini */ {
419                 .firmware_revision      = 0x0a2700,
420                 .model                  = 0x000023,
421                 .workarounds            = SBP2_WORKAROUND_FIX_CAPACITY,
422         },
423         /* iPod Photo */ {
424                 .firmware_revision      = 0x0a2700,
425                 .model                  = 0x00007e,
426                 .workarounds            = SBP2_WORKAROUND_FIX_CAPACITY,
427         }
428 };
429
430 /**************************************
431  * General utility functions
432  **************************************/
433
434 #ifndef __BIG_ENDIAN
435 /*
436  * Converts a buffer from be32 to cpu byte ordering. Length is in bytes.
437  */
438 static inline void sbp2util_be32_to_cpu_buffer(void *buffer, int length)
439 {
440         u32 *temp = buffer;
441
442         for (length = (length >> 2); length--; )
443                 temp[length] = be32_to_cpu(temp[length]);
444 }
445
446 /*
447  * Converts a buffer from cpu to be32 byte ordering. Length is in bytes.
448  */
449 static inline void sbp2util_cpu_to_be32_buffer(void *buffer, int length)
450 {
451         u32 *temp = buffer;
452
453         for (length = (length >> 2); length--; )
454                 temp[length] = cpu_to_be32(temp[length]);
455 }
456 #else /* BIG_ENDIAN */
457 /* Why waste the cpu cycles? */
458 #define sbp2util_be32_to_cpu_buffer(x,y) do {} while (0)
459 #define sbp2util_cpu_to_be32_buffer(x,y) do {} while (0)
460 #endif
461
462 static DECLARE_WAIT_QUEUE_HEAD(sbp2_access_wq);
463
464 /*
465  * Waits for completion of an SBP-2 access request.
466  * Returns nonzero if timed out or prematurely interrupted.
467  */
468 static int sbp2util_access_timeout(struct sbp2_lu *lu, int timeout)
469 {
470         long leftover;
471
472         leftover = wait_event_interruptible_timeout(
473                         sbp2_access_wq, lu->access_complete, timeout);
474         lu->access_complete = 0;
475         return leftover <= 0;
476 }
477
478 static void sbp2_free_packet(void *packet)
479 {
480         hpsb_free_tlabel(packet);
481         hpsb_free_packet(packet);
482 }
483
484 /*
485  * This is much like hpsb_node_write(), except it ignores the response
486  * subaction and returns immediately. Can be used from atomic context.
487  */
488 static int sbp2util_node_write_no_wait(struct node_entry *ne, u64 addr,
489                                        quadlet_t *buf, size_t len)
490 {
491         struct hpsb_packet *packet;
492
493         packet = hpsb_make_writepacket(ne->host, ne->nodeid, addr, buf, len);
494         if (!packet)
495                 return -ENOMEM;
496
497         hpsb_set_packet_complete_task(packet, sbp2_free_packet, packet);
498         hpsb_node_fill_packet(ne, packet);
499         if (hpsb_send_packet(packet) < 0) {
500                 sbp2_free_packet(packet);
501                 return -EIO;
502         }
503         return 0;
504 }
505
506 static void sbp2util_notify_fetch_agent(struct sbp2_lu *lu, u64 offset,
507                                         quadlet_t *data, size_t len)
508 {
509         /* There is a small window after a bus reset within which the node
510          * entry's generation is current but the reconnect wasn't completed. */
511         if (unlikely(atomic_read(&lu->state) == SBP2LU_STATE_IN_RESET))
512                 return;
513
514         if (hpsb_node_write(lu->ne, lu->command_block_agent_addr + offset,
515                             data, len))
516                 SBP2_ERR("sbp2util_notify_fetch_agent failed.");
517
518         /* Now accept new SCSI commands, unless a bus reset happended during
519          * hpsb_node_write. */
520         if (likely(atomic_read(&lu->state) != SBP2LU_STATE_IN_RESET))
521                 scsi_unblock_requests(lu->shost);
522 }
523
524 static void sbp2util_write_orb_pointer(struct work_struct *work)
525 {
526         struct sbp2_lu *lu = container_of(work, struct sbp2_lu, protocol_work);
527         quadlet_t data[2];
528
529         data[0] = ORB_SET_NODE_ID(lu->hi->host->node_id);
530         data[1] = lu->last_orb_dma;
531         sbp2util_cpu_to_be32_buffer(data, 8);
532         sbp2util_notify_fetch_agent(lu, SBP2_ORB_POINTER_OFFSET, data, 8);
533 }
534
535 static void sbp2util_write_doorbell(struct work_struct *work)
536 {
537         struct sbp2_lu *lu = container_of(work, struct sbp2_lu, protocol_work);
538
539         sbp2util_notify_fetch_agent(lu, SBP2_DOORBELL_OFFSET, NULL, 4);
540 }
541
542 static int sbp2util_create_command_orb_pool(struct sbp2_lu *lu)
543 {
544         struct sbp2_command_info *cmd;
545         struct device *dmadev = lu->hi->host->device.parent;
546         int i, orbs = sbp2_serialize_io ? 2 : SBP2_MAX_CMDS;
547
548         for (i = 0; i < orbs; i++) {
549                 cmd = kzalloc(sizeof(*cmd), GFP_KERNEL);
550                 if (!cmd)
551                         goto failed_alloc;
552
553                 cmd->command_orb_dma =
554                     dma_map_single(dmadev, &cmd->command_orb,
555                                    sizeof(struct sbp2_command_orb),
556                                    DMA_TO_DEVICE);
557                 if (dma_mapping_error(dmadev, cmd->command_orb_dma))
558                         goto failed_orb;
559
560                 cmd->sge_dma =
561                     dma_map_single(dmadev, &cmd->scatter_gather_element,
562                                    sizeof(cmd->scatter_gather_element),
563                                    DMA_TO_DEVICE);
564                 if (dma_mapping_error(dmadev, cmd->sge_dma))
565                         goto failed_sge;
566
567                 INIT_LIST_HEAD(&cmd->list);
568                 list_add_tail(&cmd->list, &lu->cmd_orb_completed);
569         }
570         return 0;
571
572 failed_sge:
573         dma_unmap_single(dmadev, cmd->command_orb_dma,
574                          sizeof(struct sbp2_command_orb), DMA_TO_DEVICE);
575 failed_orb:
576         kfree(cmd);
577 failed_alloc:
578         return -ENOMEM;
579 }
580
581 static void sbp2util_remove_command_orb_pool(struct sbp2_lu *lu,
582                                              struct hpsb_host *host)
583 {
584         struct list_head *lh, *next;
585         struct sbp2_command_info *cmd;
586         unsigned long flags;
587
588         spin_lock_irqsave(&lu->cmd_orb_lock, flags);
589         if (!list_empty(&lu->cmd_orb_completed))
590                 list_for_each_safe(lh, next, &lu->cmd_orb_completed) {
591                         cmd = list_entry(lh, struct sbp2_command_info, list);
592                         dma_unmap_single(host->device.parent,
593                                          cmd->command_orb_dma,
594                                          sizeof(struct sbp2_command_orb),
595                                          DMA_TO_DEVICE);
596                         dma_unmap_single(host->device.parent, cmd->sge_dma,
597                                          sizeof(cmd->scatter_gather_element),
598                                          DMA_TO_DEVICE);
599                         kfree(cmd);
600                 }
601         spin_unlock_irqrestore(&lu->cmd_orb_lock, flags);
602         return;
603 }
604
605 /*
606  * Finds the sbp2_command for a given outstanding command ORB.
607  * Only looks at the in-use list.
608  */
609 static struct sbp2_command_info *sbp2util_find_command_for_orb(
610                                 struct sbp2_lu *lu, dma_addr_t orb)
611 {
612         struct sbp2_command_info *cmd;
613         unsigned long flags;
614
615         spin_lock_irqsave(&lu->cmd_orb_lock, flags);
616         if (!list_empty(&lu->cmd_orb_inuse))
617                 list_for_each_entry(cmd, &lu->cmd_orb_inuse, list)
618                         if (cmd->command_orb_dma == orb) {
619                                 spin_unlock_irqrestore(
620                                                 &lu->cmd_orb_lock, flags);
621                                 return cmd;
622                         }
623         spin_unlock_irqrestore(&lu->cmd_orb_lock, flags);
624         return NULL;
625 }
626
627 /*
628  * Finds the sbp2_command for a given outstanding SCpnt.
629  * Only looks at the in-use list.
630  * Must be called with lu->cmd_orb_lock held.
631  */
632 static struct sbp2_command_info *sbp2util_find_command_for_SCpnt(
633                                 struct sbp2_lu *lu, void *SCpnt)
634 {
635         struct sbp2_command_info *cmd;
636
637         if (!list_empty(&lu->cmd_orb_inuse))
638                 list_for_each_entry(cmd, &lu->cmd_orb_inuse, list)
639                         if (cmd->Current_SCpnt == SCpnt)
640                                 return cmd;
641         return NULL;
642 }
643
644 static struct sbp2_command_info *sbp2util_allocate_command_orb(
645                                 struct sbp2_lu *lu,
646                                 struct scsi_cmnd *Current_SCpnt,
647                                 void (*Current_done)(struct scsi_cmnd *))
648 {
649         struct list_head *lh;
650         struct sbp2_command_info *cmd = NULL;
651         unsigned long flags;
652
653         spin_lock_irqsave(&lu->cmd_orb_lock, flags);
654         if (!list_empty(&lu->cmd_orb_completed)) {
655                 lh = lu->cmd_orb_completed.next;
656                 list_del(lh);
657                 cmd = list_entry(lh, struct sbp2_command_info, list);
658                 cmd->Current_done = Current_done;
659                 cmd->Current_SCpnt = Current_SCpnt;
660                 list_add_tail(&cmd->list, &lu->cmd_orb_inuse);
661         } else
662                 SBP2_ERR("%s: no orbs available", __func__);
663         spin_unlock_irqrestore(&lu->cmd_orb_lock, flags);
664         return cmd;
665 }
666
667 /*
668  * Unmaps the DMAs of a command and moves the command to the completed ORB list.
669  * Must be called with lu->cmd_orb_lock held.
670  */
671 static void sbp2util_mark_command_completed(struct sbp2_lu *lu,
672                                             struct sbp2_command_info *cmd)
673 {
674         if (scsi_sg_count(cmd->Current_SCpnt))
675                 dma_unmap_sg(lu->ud->ne->host->device.parent,
676                              scsi_sglist(cmd->Current_SCpnt),
677                              scsi_sg_count(cmd->Current_SCpnt),
678                              cmd->Current_SCpnt->sc_data_direction);
679         list_move_tail(&cmd->list, &lu->cmd_orb_completed);
680 }
681
682 /*
683  * Is lu valid? Is the 1394 node still present?
684  */
685 static inline int sbp2util_node_is_available(struct sbp2_lu *lu)
686 {
687         return lu && lu->ne && !lu->ne->in_limbo;
688 }
689
690 /*********************************************
691  * IEEE-1394 core driver stack related section
692  *********************************************/
693
694 static int sbp2_probe(struct device *dev)
695 {
696         struct unit_directory *ud;
697         struct sbp2_lu *lu;
698
699         ud = container_of(dev, struct unit_directory, device);
700
701         /* Don't probe UD's that have the LUN flag. We'll probe the LUN(s)
702          * instead. */
703         if (ud->flags & UNIT_DIRECTORY_HAS_LUN_DIRECTORY)
704                 return -ENODEV;
705
706         lu = sbp2_alloc_device(ud);
707         if (!lu)
708                 return -ENOMEM;
709
710         sbp2_parse_unit_directory(lu, ud);
711         return sbp2_start_device(lu);
712 }
713
714 static int sbp2_remove(struct device *dev)
715 {
716         struct unit_directory *ud;
717         struct sbp2_lu *lu;
718         struct scsi_device *sdev;
719
720         ud = container_of(dev, struct unit_directory, device);
721         lu = dev_get_drvdata(&ud->device);
722         if (!lu)
723                 return 0;
724
725         if (lu->shost) {
726                 /* Get rid of enqueued commands if there is no chance to
727                  * send them. */
728                 if (!sbp2util_node_is_available(lu))
729                         sbp2scsi_complete_all_commands(lu, DID_NO_CONNECT);
730                 /* scsi_remove_device() may trigger shutdown functions of SCSI
731                  * highlevel drivers which would deadlock if blocked. */
732                 atomic_set(&lu->state, SBP2LU_STATE_IN_SHUTDOWN);
733                 scsi_unblock_requests(lu->shost);
734         }
735         sdev = lu->sdev;
736         if (sdev) {
737                 lu->sdev = NULL;
738                 scsi_remove_device(sdev);
739         }
740
741         sbp2_logout_device(lu);
742         sbp2_remove_device(lu);
743
744         return 0;
745 }
746
747 static int sbp2_update(struct unit_directory *ud)
748 {
749         struct sbp2_lu *lu = dev_get_drvdata(&ud->device);
750
751         if (sbp2_reconnect_device(lu) != 0) {
752                 /*
753                  * Reconnect failed.  If another bus reset happened,
754                  * let nodemgr proceed and call sbp2_update again later
755                  * (or sbp2_remove if this node went away).
756                  */
757                 if (!hpsb_node_entry_valid(lu->ne))
758                         return 0;
759                 /*
760                  * Or the target rejected the reconnect because we weren't
761                  * fast enough.  Try a regular login, but first log out
762                  * just in case of any weirdness.
763                  */
764                 sbp2_logout_device(lu);
765
766                 if (sbp2_login_device(lu) != 0) {
767                         if (!hpsb_node_entry_valid(lu->ne))
768                                 return 0;
769
770                         /* Maybe another initiator won the login. */
771                         SBP2_ERR("Failed to reconnect to sbp2 device!");
772                         return -EBUSY;
773                 }
774         }
775
776         sbp2_set_busy_timeout(lu);
777         sbp2_agent_reset(lu, 1);
778         sbp2_max_speed_and_size(lu);
779
780         /* Complete any pending commands with busy (so they get retried)
781          * and remove them from our queue. */
782         sbp2scsi_complete_all_commands(lu, DID_BUS_BUSY);
783
784         /* Accept new commands unless there was another bus reset in the
785          * meantime. */
786         if (hpsb_node_entry_valid(lu->ne)) {
787                 atomic_set(&lu->state, SBP2LU_STATE_RUNNING);
788                 scsi_unblock_requests(lu->shost);
789         }
790         return 0;
791 }
792
793 static struct sbp2_lu *sbp2_alloc_device(struct unit_directory *ud)
794 {
795         struct sbp2_fwhost_info *hi;
796         struct Scsi_Host *shost = NULL;
797         struct sbp2_lu *lu = NULL;
798         unsigned long flags;
799
800         lu = kzalloc(sizeof(*lu), GFP_KERNEL);
801         if (!lu) {
802                 SBP2_ERR("failed to create lu");
803                 goto failed_alloc;
804         }
805
806         lu->ne = ud->ne;
807         lu->ud = ud;
808         lu->speed_code = IEEE1394_SPEED_100;
809         lu->max_payload_size = sbp2_speedto_max_payload[IEEE1394_SPEED_100];
810         lu->status_fifo_addr = CSR1212_INVALID_ADDR_SPACE;
811         INIT_LIST_HEAD(&lu->cmd_orb_inuse);
812         INIT_LIST_HEAD(&lu->cmd_orb_completed);
813         INIT_LIST_HEAD(&lu->lu_list);
814         spin_lock_init(&lu->cmd_orb_lock);
815         atomic_set(&lu->state, SBP2LU_STATE_RUNNING);
816         INIT_WORK(&lu->protocol_work, NULL);
817
818         dev_set_drvdata(&ud->device, lu);
819
820         hi = hpsb_get_hostinfo(&sbp2_highlevel, ud->ne->host);
821         if (!hi) {
822                 hi = hpsb_create_hostinfo(&sbp2_highlevel, ud->ne->host,
823                                           sizeof(*hi));
824                 if (!hi) {
825                         SBP2_ERR("failed to allocate hostinfo");
826                         goto failed_alloc;
827                 }
828                 hi->host = ud->ne->host;
829                 INIT_LIST_HEAD(&hi->logical_units);
830
831 #ifdef CONFIG_IEEE1394_SBP2_PHYS_DMA
832                 /* Handle data movement if physical dma is not
833                  * enabled or not supported on host controller */
834                 if (!hpsb_register_addrspace(&sbp2_highlevel, ud->ne->host,
835                                              &sbp2_physdma_ops,
836                                              0x0ULL, 0xfffffffcULL)) {
837                         SBP2_ERR("failed to register lower 4GB address range");
838                         goto failed_alloc;
839                 }
840 #endif
841         }
842
843         if (dma_get_max_seg_size(hi->host->device.parent) > SBP2_MAX_SEG_SIZE)
844                 BUG_ON(dma_set_max_seg_size(hi->host->device.parent,
845                                             SBP2_MAX_SEG_SIZE));
846
847         /* Prevent unloading of the 1394 host */
848         if (!try_module_get(hi->host->driver->owner)) {
849                 SBP2_ERR("failed to get a reference on 1394 host driver");
850                 goto failed_alloc;
851         }
852
853         lu->hi = hi;
854
855         write_lock_irqsave(&sbp2_hi_logical_units_lock, flags);
856         list_add_tail(&lu->lu_list, &hi->logical_units);
857         write_unlock_irqrestore(&sbp2_hi_logical_units_lock, flags);
858
859         /* Register the status FIFO address range. We could use the same FIFO
860          * for targets at different nodes. However we need different FIFOs per
861          * target in order to support multi-unit devices.
862          * The FIFO is located out of the local host controller's physical range
863          * but, if possible, within the posted write area. Status writes will
864          * then be performed as unified transactions. This slightly reduces
865          * bandwidth usage, and some Prolific based devices seem to require it.
866          */
867         lu->status_fifo_addr = hpsb_allocate_and_register_addrspace(
868                         &sbp2_highlevel, ud->ne->host, &sbp2_ops,
869                         sizeof(struct sbp2_status_block), sizeof(quadlet_t),
870                         ud->ne->host->low_addr_space, CSR1212_ALL_SPACE_END);
871         if (lu->status_fifo_addr == CSR1212_INVALID_ADDR_SPACE) {
872                 SBP2_ERR("failed to allocate status FIFO address range");
873                 goto failed_alloc;
874         }
875
876         shost = scsi_host_alloc(&sbp2_shost_template, sizeof(unsigned long));
877         if (!shost) {
878                 SBP2_ERR("failed to register scsi host");
879                 goto failed_alloc;
880         }
881
882         shost->hostdata[0] = (unsigned long)lu;
883         shost->max_cmd_len = SBP2_MAX_CDB_SIZE;
884
885         if (!scsi_add_host(shost, &ud->device)) {
886                 lu->shost = shost;
887                 return lu;
888         }
889
890         SBP2_ERR("failed to add scsi host");
891         scsi_host_put(shost);
892
893 failed_alloc:
894         sbp2_remove_device(lu);
895         return NULL;
896 }
897
898 static void sbp2_host_reset(struct hpsb_host *host)
899 {
900         struct sbp2_fwhost_info *hi;
901         struct sbp2_lu *lu;
902         unsigned long flags;
903
904         hi = hpsb_get_hostinfo(&sbp2_highlevel, host);
905         if (!hi)
906                 return;
907
908         read_lock_irqsave(&sbp2_hi_logical_units_lock, flags);
909
910         list_for_each_entry(lu, &hi->logical_units, lu_list)
911                 if (atomic_cmpxchg(&lu->state,
912                                    SBP2LU_STATE_RUNNING, SBP2LU_STATE_IN_RESET)
913                     == SBP2LU_STATE_RUNNING)
914                         scsi_block_requests(lu->shost);
915
916         read_unlock_irqrestore(&sbp2_hi_logical_units_lock, flags);
917 }
918
919 static int sbp2_start_device(struct sbp2_lu *lu)
920 {
921         struct sbp2_fwhost_info *hi = lu->hi;
922         int error;
923
924         lu->login_response = dma_alloc_coherent(hi->host->device.parent,
925                                      sizeof(struct sbp2_login_response),
926                                      &lu->login_response_dma, GFP_KERNEL);
927         if (!lu->login_response)
928                 goto alloc_fail;
929
930         lu->query_logins_orb = dma_alloc_coherent(hi->host->device.parent,
931                                      sizeof(struct sbp2_query_logins_orb),
932                                      &lu->query_logins_orb_dma, GFP_KERNEL);
933         if (!lu->query_logins_orb)
934                 goto alloc_fail;
935
936         lu->query_logins_response = dma_alloc_coherent(hi->host->device.parent,
937                                      sizeof(struct sbp2_query_logins_response),
938                                      &lu->query_logins_response_dma, GFP_KERNEL);
939         if (!lu->query_logins_response)
940                 goto alloc_fail;
941
942         lu->reconnect_orb = dma_alloc_coherent(hi->host->device.parent,
943                                      sizeof(struct sbp2_reconnect_orb),
944                                      &lu->reconnect_orb_dma, GFP_KERNEL);
945         if (!lu->reconnect_orb)
946                 goto alloc_fail;
947
948         lu->logout_orb = dma_alloc_coherent(hi->host->device.parent,
949                                      sizeof(struct sbp2_logout_orb),
950                                      &lu->logout_orb_dma, GFP_KERNEL);
951         if (!lu->logout_orb)
952                 goto alloc_fail;
953
954         lu->login_orb = dma_alloc_coherent(hi->host->device.parent,
955                                      sizeof(struct sbp2_login_orb),
956                                      &lu->login_orb_dma, GFP_KERNEL);
957         if (!lu->login_orb)
958                 goto alloc_fail;
959
960         if (sbp2util_create_command_orb_pool(lu))
961                 goto alloc_fail;
962
963         /* Wait a second before trying to log in. Previously logged in
964          * initiators need a chance to reconnect. */
965         if (msleep_interruptible(1000)) {
966                 sbp2_remove_device(lu);
967                 return -EINTR;
968         }
969
970         if (sbp2_login_device(lu)) {
971                 sbp2_remove_device(lu);
972                 return -EBUSY;
973         }
974
975         sbp2_set_busy_timeout(lu);
976         sbp2_agent_reset(lu, 1);
977         sbp2_max_speed_and_size(lu);
978
979         if (lu->workarounds & SBP2_WORKAROUND_DELAY_INQUIRY)
980                 ssleep(SBP2_INQUIRY_DELAY);
981
982         error = scsi_add_device(lu->shost, 0, lu->ud->id, 0);
983         if (error) {
984                 SBP2_ERR("scsi_add_device failed");
985                 sbp2_logout_device(lu);
986                 sbp2_remove_device(lu);
987                 return error;
988         }
989
990         return 0;
991
992 alloc_fail:
993         SBP2_ERR("Could not allocate memory for lu");
994         sbp2_remove_device(lu);
995         return -ENOMEM;
996 }
997
998 static void sbp2_remove_device(struct sbp2_lu *lu)
999 {
1000         struct sbp2_fwhost_info *hi;
1001         unsigned long flags;
1002
1003         if (!lu)
1004                 return;
1005         hi = lu->hi;
1006         if (!hi)
1007                 goto no_hi;
1008
1009         if (lu->shost) {
1010                 scsi_remove_host(lu->shost);
1011                 scsi_host_put(lu->shost);
1012         }
1013         flush_scheduled_work();
1014         sbp2util_remove_command_orb_pool(lu, hi->host);
1015
1016         write_lock_irqsave(&sbp2_hi_logical_units_lock, flags);
1017         list_del(&lu->lu_list);
1018         write_unlock_irqrestore(&sbp2_hi_logical_units_lock, flags);
1019
1020         if (lu->login_response)
1021                 dma_free_coherent(hi->host->device.parent,
1022                                     sizeof(struct sbp2_login_response),
1023                                     lu->login_response,
1024                                     lu->login_response_dma);
1025         if (lu->login_orb)
1026                 dma_free_coherent(hi->host->device.parent,
1027                                     sizeof(struct sbp2_login_orb),
1028                                     lu->login_orb,
1029                                     lu->login_orb_dma);
1030         if (lu->reconnect_orb)
1031                 dma_free_coherent(hi->host->device.parent,
1032                                     sizeof(struct sbp2_reconnect_orb),
1033                                     lu->reconnect_orb,
1034                                     lu->reconnect_orb_dma);
1035         if (lu->logout_orb)
1036                 dma_free_coherent(hi->host->device.parent,
1037                                     sizeof(struct sbp2_logout_orb),
1038                                     lu->logout_orb,
1039                                     lu->logout_orb_dma);
1040         if (lu->query_logins_orb)
1041                 dma_free_coherent(hi->host->device.parent,
1042                                     sizeof(struct sbp2_query_logins_orb),
1043                                     lu->query_logins_orb,
1044                                     lu->query_logins_orb_dma);
1045         if (lu->query_logins_response)
1046                 dma_free_coherent(hi->host->device.parent,
1047                                     sizeof(struct sbp2_query_logins_response),
1048                                     lu->query_logins_response,
1049                                     lu->query_logins_response_dma);
1050
1051         if (lu->status_fifo_addr != CSR1212_INVALID_ADDR_SPACE)
1052                 hpsb_unregister_addrspace(&sbp2_highlevel, hi->host,
1053                                           lu->status_fifo_addr);
1054
1055         dev_set_drvdata(&lu->ud->device, NULL);
1056
1057         module_put(hi->host->driver->owner);
1058 no_hi:
1059         kfree(lu);
1060 }
1061
1062 #ifdef CONFIG_IEEE1394_SBP2_PHYS_DMA
1063 /*
1064  * Deal with write requests on adapters which do not support physical DMA or
1065  * have it switched off.
1066  */
1067 static int sbp2_handle_physdma_write(struct hpsb_host *host, int nodeid,
1068                                      int destid, quadlet_t *data, u64 addr,
1069                                      size_t length, u16 flags)
1070 {
1071         memcpy(bus_to_virt((u32) addr), data, length);
1072         return RCODE_COMPLETE;
1073 }
1074
1075 /*
1076  * Deal with read requests on adapters which do not support physical DMA or
1077  * have it switched off.
1078  */
1079 static int sbp2_handle_physdma_read(struct hpsb_host *host, int nodeid,
1080                                     quadlet_t *data, u64 addr, size_t length,
1081                                     u16 flags)
1082 {
1083         memcpy(data, bus_to_virt((u32) addr), length);
1084         return RCODE_COMPLETE;
1085 }
1086 #endif
1087
1088 /**************************************
1089  * SBP-2 protocol related section
1090  **************************************/
1091
1092 static int sbp2_query_logins(struct sbp2_lu *lu)
1093 {
1094         struct sbp2_fwhost_info *hi = lu->hi;
1095         quadlet_t data[2];
1096         int max_logins;
1097         int active_logins;
1098
1099         lu->query_logins_orb->reserved1 = 0x0;
1100         lu->query_logins_orb->reserved2 = 0x0;
1101
1102         lu->query_logins_orb->query_response_lo = lu->query_logins_response_dma;
1103         lu->query_logins_orb->query_response_hi =
1104                         ORB_SET_NODE_ID(hi->host->node_id);
1105         lu->query_logins_orb->lun_misc =
1106                         ORB_SET_FUNCTION(SBP2_QUERY_LOGINS_REQUEST);
1107         lu->query_logins_orb->lun_misc |= ORB_SET_NOTIFY(1);
1108         lu->query_logins_orb->lun_misc |= ORB_SET_LUN(lu->lun);
1109
1110         lu->query_logins_orb->reserved_resp_length =
1111                 ORB_SET_QUERY_LOGINS_RESP_LENGTH(
1112                         sizeof(struct sbp2_query_logins_response));
1113
1114         lu->query_logins_orb->status_fifo_hi =
1115                 ORB_SET_STATUS_FIFO_HI(lu->status_fifo_addr, hi->host->node_id);
1116         lu->query_logins_orb->status_fifo_lo =
1117                 ORB_SET_STATUS_FIFO_LO(lu->status_fifo_addr);
1118
1119         sbp2util_cpu_to_be32_buffer(lu->query_logins_orb,
1120                                     sizeof(struct sbp2_query_logins_orb));
1121
1122         memset(lu->query_logins_response, 0,
1123                sizeof(struct sbp2_query_logins_response));
1124
1125         data[0] = ORB_SET_NODE_ID(hi->host->node_id);
1126         data[1] = lu->query_logins_orb_dma;
1127         sbp2util_cpu_to_be32_buffer(data, 8);
1128
1129         hpsb_node_write(lu->ne, lu->management_agent_addr, data, 8);
1130
1131         if (sbp2util_access_timeout(lu, 2*HZ)) {
1132                 SBP2_INFO("Error querying logins to SBP-2 device - timed out");
1133                 return -EIO;
1134         }
1135
1136         if (lu->status_block.ORB_offset_lo != lu->query_logins_orb_dma) {
1137                 SBP2_INFO("Error querying logins to SBP-2 device - timed out");
1138                 return -EIO;
1139         }
1140
1141         if (STATUS_TEST_RDS(lu->status_block.ORB_offset_hi_misc)) {
1142                 SBP2_INFO("Error querying logins to SBP-2 device - failed");
1143                 return -EIO;
1144         }
1145
1146         sbp2util_cpu_to_be32_buffer(lu->query_logins_response,
1147                                     sizeof(struct sbp2_query_logins_response));
1148
1149         max_logins = RESPONSE_GET_MAX_LOGINS(
1150                         lu->query_logins_response->length_max_logins);
1151         SBP2_INFO("Maximum concurrent logins supported: %d", max_logins);
1152
1153         active_logins = RESPONSE_GET_ACTIVE_LOGINS(
1154                         lu->query_logins_response->length_max_logins);
1155         SBP2_INFO("Number of active logins: %d", active_logins);
1156
1157         if (active_logins >= max_logins) {
1158                 return -EIO;
1159         }
1160
1161         return 0;
1162 }
1163
1164 static int sbp2_login_device(struct sbp2_lu *lu)
1165 {
1166         struct sbp2_fwhost_info *hi = lu->hi;
1167         quadlet_t data[2];
1168
1169         if (!lu->login_orb)
1170                 return -EIO;
1171
1172         if (!sbp2_exclusive_login && sbp2_query_logins(lu)) {
1173                 SBP2_INFO("Device does not support any more concurrent logins");
1174                 return -EIO;
1175         }
1176
1177         /* assume no password */
1178         lu->login_orb->password_hi = 0;
1179         lu->login_orb->password_lo = 0;
1180
1181         lu->login_orb->login_response_lo = lu->login_response_dma;
1182         lu->login_orb->login_response_hi = ORB_SET_NODE_ID(hi->host->node_id);
1183         lu->login_orb->lun_misc = ORB_SET_FUNCTION(SBP2_LOGIN_REQUEST);
1184
1185         /* one second reconnect time */
1186         lu->login_orb->lun_misc |= ORB_SET_RECONNECT(0);
1187         lu->login_orb->lun_misc |= ORB_SET_EXCLUSIVE(sbp2_exclusive_login);
1188         lu->login_orb->lun_misc |= ORB_SET_NOTIFY(1);
1189         lu->login_orb->lun_misc |= ORB_SET_LUN(lu->lun);
1190
1191         lu->login_orb->passwd_resp_lengths =
1192                 ORB_SET_LOGIN_RESP_LENGTH(sizeof(struct sbp2_login_response));
1193
1194         lu->login_orb->status_fifo_hi =
1195                 ORB_SET_STATUS_FIFO_HI(lu->status_fifo_addr, hi->host->node_id);
1196         lu->login_orb->status_fifo_lo =
1197                 ORB_SET_STATUS_FIFO_LO(lu->status_fifo_addr);
1198
1199         sbp2util_cpu_to_be32_buffer(lu->login_orb,
1200                                     sizeof(struct sbp2_login_orb));
1201
1202         memset(lu->login_response, 0, sizeof(struct sbp2_login_response));
1203
1204         data[0] = ORB_SET_NODE_ID(hi->host->node_id);
1205         data[1] = lu->login_orb_dma;
1206         sbp2util_cpu_to_be32_buffer(data, 8);
1207
1208         hpsb_node_write(lu->ne, lu->management_agent_addr, data, 8);
1209
1210         /* wait up to 20 seconds for login status */
1211         if (sbp2util_access_timeout(lu, 20*HZ)) {
1212                 SBP2_ERR("Error logging into SBP-2 device - timed out");
1213                 return -EIO;
1214         }
1215
1216         /* make sure that the returned status matches the login ORB */
1217         if (lu->status_block.ORB_offset_lo != lu->login_orb_dma) {
1218                 SBP2_ERR("Error logging into SBP-2 device - timed out");
1219                 return -EIO;
1220         }
1221
1222         if (STATUS_TEST_RDS(lu->status_block.ORB_offset_hi_misc)) {
1223                 SBP2_ERR("Error logging into SBP-2 device - failed");
1224                 return -EIO;
1225         }
1226
1227         sbp2util_cpu_to_be32_buffer(lu->login_response,
1228                                     sizeof(struct sbp2_login_response));
1229         lu->command_block_agent_addr =
1230                         ((u64)lu->login_response->command_block_agent_hi) << 32;
1231         lu->command_block_agent_addr |=
1232                         ((u64)lu->login_response->command_block_agent_lo);
1233         lu->command_block_agent_addr &= 0x0000ffffffffffffULL;
1234
1235         SBP2_INFO("Logged into SBP-2 device");
1236         return 0;
1237 }
1238
1239 static int sbp2_logout_device(struct sbp2_lu *lu)
1240 {
1241         struct sbp2_fwhost_info *hi = lu->hi;
1242         quadlet_t data[2];
1243         int error;
1244
1245         lu->logout_orb->reserved1 = 0x0;
1246         lu->logout_orb->reserved2 = 0x0;
1247         lu->logout_orb->reserved3 = 0x0;
1248         lu->logout_orb->reserved4 = 0x0;
1249
1250         lu->logout_orb->login_ID_misc = ORB_SET_FUNCTION(SBP2_LOGOUT_REQUEST);
1251         lu->logout_orb->login_ID_misc |=
1252                         ORB_SET_LOGIN_ID(lu->login_response->length_login_ID);
1253         lu->logout_orb->login_ID_misc |= ORB_SET_NOTIFY(1);
1254
1255         lu->logout_orb->reserved5 = 0x0;
1256         lu->logout_orb->status_fifo_hi =
1257                 ORB_SET_STATUS_FIFO_HI(lu->status_fifo_addr, hi->host->node_id);
1258         lu->logout_orb->status_fifo_lo =
1259                 ORB_SET_STATUS_FIFO_LO(lu->status_fifo_addr);
1260
1261         sbp2util_cpu_to_be32_buffer(lu->logout_orb,
1262                                     sizeof(struct sbp2_logout_orb));
1263
1264         data[0] = ORB_SET_NODE_ID(hi->host->node_id);
1265         data[1] = lu->logout_orb_dma;
1266         sbp2util_cpu_to_be32_buffer(data, 8);
1267
1268         error = hpsb_node_write(lu->ne, lu->management_agent_addr, data, 8);
1269         if (error)
1270                 return error;
1271
1272         /* wait up to 1 second for the device to complete logout */
1273         if (sbp2util_access_timeout(lu, HZ))
1274                 return -EIO;
1275
1276         SBP2_INFO("Logged out of SBP-2 device");
1277         return 0;
1278 }
1279
1280 static int sbp2_reconnect_device(struct sbp2_lu *lu)
1281 {
1282         struct sbp2_fwhost_info *hi = lu->hi;
1283         quadlet_t data[2];
1284         int error;
1285
1286         lu->reconnect_orb->reserved1 = 0x0;
1287         lu->reconnect_orb->reserved2 = 0x0;
1288         lu->reconnect_orb->reserved3 = 0x0;
1289         lu->reconnect_orb->reserved4 = 0x0;
1290
1291         lu->reconnect_orb->login_ID_misc =
1292                         ORB_SET_FUNCTION(SBP2_RECONNECT_REQUEST);
1293         lu->reconnect_orb->login_ID_misc |=
1294                         ORB_SET_LOGIN_ID(lu->login_response->length_login_ID);
1295         lu->reconnect_orb->login_ID_misc |= ORB_SET_NOTIFY(1);
1296
1297         lu->reconnect_orb->reserved5 = 0x0;
1298         lu->reconnect_orb->status_fifo_hi =
1299                 ORB_SET_STATUS_FIFO_HI(lu->status_fifo_addr, hi->host->node_id);
1300         lu->reconnect_orb->status_fifo_lo =
1301                 ORB_SET_STATUS_FIFO_LO(lu->status_fifo_addr);
1302
1303         sbp2util_cpu_to_be32_buffer(lu->reconnect_orb,
1304                                     sizeof(struct sbp2_reconnect_orb));
1305
1306         data[0] = ORB_SET_NODE_ID(hi->host->node_id);
1307         data[1] = lu->reconnect_orb_dma;
1308         sbp2util_cpu_to_be32_buffer(data, 8);
1309
1310         error = hpsb_node_write(lu->ne, lu->management_agent_addr, data, 8);
1311         if (error)
1312                 return error;
1313
1314         /* wait up to 1 second for reconnect status */
1315         if (sbp2util_access_timeout(lu, HZ)) {
1316                 SBP2_ERR("Error reconnecting to SBP-2 device - timed out");
1317                 return -EIO;
1318         }
1319
1320         /* make sure that the returned status matches the reconnect ORB */
1321         if (lu->status_block.ORB_offset_lo != lu->reconnect_orb_dma) {
1322                 SBP2_ERR("Error reconnecting to SBP-2 device - timed out");
1323                 return -EIO;
1324         }
1325
1326         if (STATUS_TEST_RDS(lu->status_block.ORB_offset_hi_misc)) {
1327                 SBP2_ERR("Error reconnecting to SBP-2 device - failed");
1328                 return -EIO;
1329         }
1330
1331         SBP2_INFO("Reconnected to SBP-2 device");
1332         return 0;
1333 }
1334
1335 /*
1336  * Set the target node's Single Phase Retry limit. Affects the target's retry
1337  * behaviour if our node is too busy to accept requests.
1338  */
1339 static int sbp2_set_busy_timeout(struct sbp2_lu *lu)
1340 {
1341         quadlet_t data;
1342
1343         data = cpu_to_be32(SBP2_BUSY_TIMEOUT_VALUE);
1344         if (hpsb_node_write(lu->ne, SBP2_BUSY_TIMEOUT_ADDRESS, &data, 4))
1345                 SBP2_ERR("%s error", __func__);
1346         return 0;
1347 }
1348
1349 static void sbp2_parse_unit_directory(struct sbp2_lu *lu,
1350                                       struct unit_directory *ud)
1351 {
1352         struct csr1212_keyval *kv;
1353         struct csr1212_dentry *dentry;
1354         u64 management_agent_addr;
1355         u32 unit_characteristics, firmware_revision, model;
1356         unsigned workarounds;
1357         int i;
1358
1359         management_agent_addr = 0;
1360         unit_characteristics = 0;
1361         firmware_revision = SBP2_ROM_VALUE_MISSING;
1362         model = ud->flags & UNIT_DIRECTORY_MODEL_ID ?
1363                                 ud->model_id : SBP2_ROM_VALUE_MISSING;
1364
1365         csr1212_for_each_dir_entry(ud->ne->csr, kv, ud->ud_kv, dentry) {
1366                 switch (kv->key.id) {
1367                 case CSR1212_KV_ID_DEPENDENT_INFO:
1368                         if (kv->key.type == CSR1212_KV_TYPE_CSR_OFFSET)
1369                                 management_agent_addr =
1370                                     CSR1212_REGISTER_SPACE_BASE +
1371                                     (kv->value.csr_offset << 2);
1372
1373                         else if (kv->key.type == CSR1212_KV_TYPE_IMMEDIATE)
1374                                 lu->lun = ORB_SET_LUN(kv->value.immediate);
1375                         break;
1376
1377                 case SBP2_UNIT_CHARACTERISTICS_KEY:
1378                         /* FIXME: This is ignored so far.
1379                          * See SBP-2 clause 7.4.8. */
1380                         unit_characteristics = kv->value.immediate;
1381                         break;
1382
1383                 case SBP2_FIRMWARE_REVISION_KEY:
1384                         firmware_revision = kv->value.immediate;
1385                         break;
1386
1387                 default:
1388                         /* FIXME: Check for SBP2_DEVICE_TYPE_AND_LUN_KEY.
1389                          * Its "ordered" bit has consequences for command ORB
1390                          * list handling. See SBP-2 clauses 4.6, 7.4.11, 10.2 */
1391                         break;
1392                 }
1393         }
1394
1395         workarounds = sbp2_default_workarounds;
1396
1397         if (!(workarounds & SBP2_WORKAROUND_OVERRIDE))
1398                 for (i = 0; i < ARRAY_SIZE(sbp2_workarounds_table); i++) {
1399                         if (sbp2_workarounds_table[i].firmware_revision !=
1400                             SBP2_ROM_VALUE_WILDCARD &&
1401                             sbp2_workarounds_table[i].firmware_revision !=
1402                             (firmware_revision & 0xffff00))
1403                                 continue;
1404                         if (sbp2_workarounds_table[i].model !=
1405                             SBP2_ROM_VALUE_WILDCARD &&
1406                             sbp2_workarounds_table[i].model != model)
1407                                 continue;
1408                         workarounds |= sbp2_workarounds_table[i].workarounds;
1409                         break;
1410                 }
1411
1412         if (workarounds)
1413                 SBP2_INFO("Workarounds for node " NODE_BUS_FMT ": 0x%x "
1414                           "(firmware_revision 0x%06x, vendor_id 0x%06x,"
1415                           " model_id 0x%06x)",
1416                           NODE_BUS_ARGS(ud->ne->host, ud->ne->nodeid),
1417                           workarounds, firmware_revision, ud->vendor_id,
1418                           model);
1419
1420         /* We would need one SCSI host template for each target to adjust
1421          * max_sectors on the fly, therefore warn only. */
1422         if (workarounds & SBP2_WORKAROUND_128K_MAX_TRANS &&
1423             (sbp2_max_sectors * 512) > (128 * 1024))
1424                 SBP2_INFO("Node " NODE_BUS_FMT ": Bridge only supports 128KB "
1425                           "max transfer size. WARNING: Current max_sectors "
1426                           "setting is larger than 128KB (%d sectors)",
1427                           NODE_BUS_ARGS(ud->ne->host, ud->ne->nodeid),
1428                           sbp2_max_sectors);
1429
1430         /* If this is a logical unit directory entry, process the parent
1431          * to get the values. */
1432         if (ud->flags & UNIT_DIRECTORY_LUN_DIRECTORY) {
1433                 struct unit_directory *parent_ud = container_of(
1434                         ud->device.parent, struct unit_directory, device);
1435                 sbp2_parse_unit_directory(lu, parent_ud);
1436         } else {
1437                 lu->management_agent_addr = management_agent_addr;
1438                 lu->workarounds = workarounds;
1439                 if (ud->flags & UNIT_DIRECTORY_HAS_LUN)
1440                         lu->lun = ORB_SET_LUN(ud->lun);
1441         }
1442 }
1443
1444 #define SBP2_PAYLOAD_TO_BYTES(p) (1 << ((p) + 2))
1445
1446 /*
1447  * This function is called in order to determine the max speed and packet
1448  * size we can use in our ORBs. Note, that we (the driver and host) only
1449  * initiate the transaction. The SBP-2 device actually transfers the data
1450  * (by reading from the DMA area we tell it). This means that the SBP-2
1451  * device decides the actual maximum data it can transfer. We just tell it
1452  * the speed that it needs to use, and the max_rec the host supports, and
1453  * it takes care of the rest.
1454  */
1455 static int sbp2_max_speed_and_size(struct sbp2_lu *lu)
1456 {
1457         struct sbp2_fwhost_info *hi = lu->hi;
1458         u8 payload;
1459
1460         lu->speed_code = hi->host->speed[NODEID_TO_NODE(lu->ne->nodeid)];
1461
1462         if (lu->speed_code > sbp2_max_speed) {
1463                 lu->speed_code = sbp2_max_speed;
1464                 SBP2_INFO("Reducing speed to %s",
1465                           hpsb_speedto_str[sbp2_max_speed]);
1466         }
1467
1468         /* Payload size is the lesser of what our speed supports and what
1469          * our host supports.  */
1470         payload = min(sbp2_speedto_max_payload[lu->speed_code],
1471                       (u8) (hi->host->csr.max_rec - 1));
1472
1473         /* If physical DMA is off, work around limitation in ohci1394:
1474          * packet size must not exceed PAGE_SIZE */
1475         if (lu->ne->host->low_addr_space < (1ULL << 32))
1476                 while (SBP2_PAYLOAD_TO_BYTES(payload) + 24 > PAGE_SIZE &&
1477                        payload)
1478                         payload--;
1479
1480         SBP2_INFO("Node " NODE_BUS_FMT ": Max speed [%s] - Max payload [%u]",
1481                   NODE_BUS_ARGS(hi->host, lu->ne->nodeid),
1482                   hpsb_speedto_str[lu->speed_code],
1483                   SBP2_PAYLOAD_TO_BYTES(payload));
1484
1485         lu->max_payload_size = payload;
1486         return 0;
1487 }
1488
1489 static int sbp2_agent_reset(struct sbp2_lu *lu, int wait)
1490 {
1491         quadlet_t data;
1492         u64 addr;
1493         int retval;
1494         unsigned long flags;
1495
1496         /* flush lu->protocol_work */
1497         if (wait)
1498                 flush_scheduled_work();
1499
1500         data = ntohl(SBP2_AGENT_RESET_DATA);
1501         addr = lu->command_block_agent_addr + SBP2_AGENT_RESET_OFFSET;
1502
1503         if (wait)
1504                 retval = hpsb_node_write(lu->ne, addr, &data, 4);
1505         else
1506                 retval = sbp2util_node_write_no_wait(lu->ne, addr, &data, 4);
1507
1508         if (retval < 0) {
1509                 SBP2_ERR("hpsb_node_write failed.\n");
1510                 return -EIO;
1511         }
1512
1513         /* make sure that the ORB_POINTER is written on next command */
1514         spin_lock_irqsave(&lu->cmd_orb_lock, flags);
1515         lu->last_orb = NULL;
1516         spin_unlock_irqrestore(&lu->cmd_orb_lock, flags);
1517
1518         return 0;
1519 }
1520
1521 static int sbp2_prep_command_orb_sg(struct sbp2_command_orb *orb,
1522                                     struct sbp2_fwhost_info *hi,
1523                                     struct sbp2_command_info *cmd,
1524                                     unsigned int sg_count,
1525                                     struct scatterlist *sg,
1526                                     u32 orb_direction,
1527                                     enum dma_data_direction dma_dir)
1528 {
1529         struct device *dmadev = hi->host->device.parent;
1530         struct sbp2_unrestricted_page_table *pt;
1531         int i, n;
1532
1533         n = dma_map_sg(dmadev, sg, sg_count, dma_dir);
1534         if (n == 0)
1535                 return -ENOMEM;
1536
1537         orb->data_descriptor_hi = ORB_SET_NODE_ID(hi->host->node_id);
1538         orb->misc |= ORB_SET_DIRECTION(orb_direction);
1539
1540         /* special case if only one element (and less than 64KB in size) */
1541         if (n == 1) {
1542                 orb->misc |= ORB_SET_DATA_SIZE(sg_dma_len(sg));
1543                 orb->data_descriptor_lo = sg_dma_address(sg);
1544         } else {
1545                 pt = &cmd->scatter_gather_element[0];
1546
1547                 dma_sync_single_for_cpu(dmadev, cmd->sge_dma,
1548                                         sizeof(cmd->scatter_gather_element),
1549                                         DMA_TO_DEVICE);
1550
1551                 for_each_sg(sg, sg, n, i) {
1552                         pt[i].high = cpu_to_be32(sg_dma_len(sg) << 16);
1553                         pt[i].low = cpu_to_be32(sg_dma_address(sg));
1554                 }
1555
1556                 orb->misc |= ORB_SET_PAGE_TABLE_PRESENT(0x1) |
1557                              ORB_SET_DATA_SIZE(n);
1558                 orb->data_descriptor_lo = cmd->sge_dma;
1559
1560                 dma_sync_single_for_device(dmadev, cmd->sge_dma,
1561                                            sizeof(cmd->scatter_gather_element),
1562                                            DMA_TO_DEVICE);
1563         }
1564         return 0;
1565 }
1566
1567 static int sbp2_create_command_orb(struct sbp2_lu *lu,
1568                                    struct sbp2_command_info *cmd,
1569                                    struct scsi_cmnd *SCpnt)
1570 {
1571         struct device *dmadev = lu->hi->host->device.parent;
1572         struct sbp2_command_orb *orb = &cmd->command_orb;
1573         unsigned int scsi_request_bufflen = scsi_bufflen(SCpnt);
1574         enum dma_data_direction dma_dir = SCpnt->sc_data_direction;
1575         u32 orb_direction;
1576         int ret;
1577
1578         dma_sync_single_for_cpu(dmadev, cmd->command_orb_dma,
1579                                 sizeof(struct sbp2_command_orb), DMA_TO_DEVICE);
1580         /*
1581          * Set-up our command ORB.
1582          *
1583          * NOTE: We're doing unrestricted page tables (s/g), as this is
1584          * best performance (at least with the devices I have). This means
1585          * that data_size becomes the number of s/g elements, and
1586          * page_size should be zero (for unrestricted).
1587          */
1588         orb->next_ORB_hi = ORB_SET_NULL_PTR(1);
1589         orb->next_ORB_lo = 0x0;
1590         orb->misc = ORB_SET_MAX_PAYLOAD(lu->max_payload_size);
1591         orb->misc |= ORB_SET_SPEED(lu->speed_code);
1592         orb->misc |= ORB_SET_NOTIFY(1);
1593
1594         if (dma_dir == DMA_NONE)
1595                 orb_direction = ORB_DIRECTION_NO_DATA_TRANSFER;
1596         else if (dma_dir == DMA_TO_DEVICE && scsi_request_bufflen)
1597                 orb_direction = ORB_DIRECTION_WRITE_TO_MEDIA;
1598         else if (dma_dir == DMA_FROM_DEVICE && scsi_request_bufflen)
1599                 orb_direction = ORB_DIRECTION_READ_FROM_MEDIA;
1600         else {
1601                 SBP2_INFO("Falling back to DMA_NONE");
1602                 orb_direction = ORB_DIRECTION_NO_DATA_TRANSFER;
1603         }
1604
1605         /* set up our page table stuff */
1606         if (orb_direction == ORB_DIRECTION_NO_DATA_TRANSFER) {
1607                 orb->data_descriptor_hi = 0x0;
1608                 orb->data_descriptor_lo = 0x0;
1609                 orb->misc |= ORB_SET_DIRECTION(1);
1610                 ret = 0;
1611         } else {
1612                 ret = sbp2_prep_command_orb_sg(orb, lu->hi, cmd,
1613                                                scsi_sg_count(SCpnt),
1614                                                scsi_sglist(SCpnt),
1615                                                orb_direction, dma_dir);
1616         }
1617         sbp2util_cpu_to_be32_buffer(orb, sizeof(*orb));
1618
1619         memset(orb->cdb, 0, sizeof(orb->cdb));
1620         memcpy(orb->cdb, SCpnt->cmnd, SCpnt->cmd_len);
1621
1622         dma_sync_single_for_device(dmadev, cmd->command_orb_dma,
1623                         sizeof(struct sbp2_command_orb), DMA_TO_DEVICE);
1624         return ret;
1625 }
1626
1627 static void sbp2_link_orb_command(struct sbp2_lu *lu,
1628                                   struct sbp2_command_info *cmd)
1629 {
1630         struct sbp2_fwhost_info *hi = lu->hi;
1631         struct sbp2_command_orb *last_orb;
1632         dma_addr_t last_orb_dma;
1633         u64 addr = lu->command_block_agent_addr;
1634         quadlet_t data[2];
1635         size_t length;
1636         unsigned long flags;
1637
1638         /* check to see if there are any previous orbs to use */
1639         spin_lock_irqsave(&lu->cmd_orb_lock, flags);
1640         last_orb = lu->last_orb;
1641         last_orb_dma = lu->last_orb_dma;
1642         if (!last_orb) {
1643                 /*
1644                  * last_orb == NULL means: We know that the target's fetch agent
1645                  * is not active right now.
1646                  */
1647                 addr += SBP2_ORB_POINTER_OFFSET;
1648                 data[0] = ORB_SET_NODE_ID(hi->host->node_id);
1649                 data[1] = cmd->command_orb_dma;
1650                 sbp2util_cpu_to_be32_buffer(data, 8);
1651                 length = 8;
1652         } else {
1653                 /*
1654                  * last_orb != NULL means: We know that the target's fetch agent
1655                  * is (very probably) not dead or in reset state right now.
1656                  * We have an ORB already sent that we can append a new one to.
1657                  * The target's fetch agent may or may not have read this
1658                  * previous ORB yet.
1659                  */
1660                 dma_sync_single_for_cpu(hi->host->device.parent, last_orb_dma,
1661                                         sizeof(struct sbp2_command_orb),
1662                                         DMA_TO_DEVICE);
1663                 last_orb->next_ORB_lo = cpu_to_be32(cmd->command_orb_dma);
1664                 wmb();
1665                 /* Tells hardware that this pointer is valid */
1666                 last_orb->next_ORB_hi = 0;
1667                 dma_sync_single_for_device(hi->host->device.parent,
1668                                            last_orb_dma,
1669                                            sizeof(struct sbp2_command_orb),
1670                                            DMA_TO_DEVICE);
1671                 addr += SBP2_DOORBELL_OFFSET;
1672                 data[0] = 0;
1673                 length = 4;
1674         }
1675         lu->last_orb = &cmd->command_orb;
1676         lu->last_orb_dma = cmd->command_orb_dma;
1677         spin_unlock_irqrestore(&lu->cmd_orb_lock, flags);
1678
1679         if (sbp2util_node_write_no_wait(lu->ne, addr, data, length)) {
1680                 /*
1681                  * sbp2util_node_write_no_wait failed. We certainly ran out
1682                  * of transaction labels, perhaps just because there were no
1683                  * context switches which gave khpsbpkt a chance to collect
1684                  * free tlabels. Try again in non-atomic context. If necessary,
1685                  * the workqueue job will sleep to guaranteedly get a tlabel.
1686                  * We do not accept new commands until the job is over.
1687                  */
1688                 scsi_block_requests(lu->shost);
1689                 PREPARE_WORK(&lu->protocol_work,
1690                              last_orb ? sbp2util_write_doorbell:
1691                                         sbp2util_write_orb_pointer);
1692                 schedule_work(&lu->protocol_work);
1693         }
1694 }
1695
1696 static int sbp2_send_command(struct sbp2_lu *lu, struct scsi_cmnd *SCpnt,
1697                              void (*done)(struct scsi_cmnd *))
1698 {
1699         struct sbp2_command_info *cmd;
1700
1701         cmd = sbp2util_allocate_command_orb(lu, SCpnt, done);
1702         if (!cmd)
1703                 return -EIO;
1704
1705         if (sbp2_create_command_orb(lu, cmd, SCpnt))
1706                 return -ENOMEM;
1707
1708         sbp2_link_orb_command(lu, cmd);
1709         return 0;
1710 }
1711
1712 /*
1713  * Translates SBP-2 status into SCSI sense data for check conditions
1714  */
1715 static unsigned int sbp2_status_to_sense_data(unchar *sbp2_status,
1716                                               unchar *sense_data)
1717 {
1718         /* OK, it's pretty ugly... ;-) */
1719         sense_data[0] = 0x70;
1720         sense_data[1] = 0x0;
1721         sense_data[2] = sbp2_status[9];
1722         sense_data[3] = sbp2_status[12];
1723         sense_data[4] = sbp2_status[13];
1724         sense_data[5] = sbp2_status[14];
1725         sense_data[6] = sbp2_status[15];
1726         sense_data[7] = 10;
1727         sense_data[8] = sbp2_status[16];
1728         sense_data[9] = sbp2_status[17];
1729         sense_data[10] = sbp2_status[18];
1730         sense_data[11] = sbp2_status[19];
1731         sense_data[12] = sbp2_status[10];
1732         sense_data[13] = sbp2_status[11];
1733         sense_data[14] = sbp2_status[20];
1734         sense_data[15] = sbp2_status[21];
1735
1736         return sbp2_status[8] & 0x3f;
1737 }
1738
1739 static int sbp2_handle_status_write(struct hpsb_host *host, int nodeid,
1740                                     int destid, quadlet_t *data, u64 addr,
1741                                     size_t length, u16 fl)
1742 {
1743         struct sbp2_fwhost_info *hi;
1744         struct sbp2_lu *lu = NULL, *lu_tmp;
1745         struct scsi_cmnd *SCpnt = NULL;
1746         struct sbp2_status_block *sb;
1747         u32 scsi_status = SBP2_SCSI_STATUS_GOOD;
1748         struct sbp2_command_info *cmd;
1749         unsigned long flags;
1750
1751         if (unlikely(length < 8 || length > sizeof(struct sbp2_status_block))) {
1752                 SBP2_ERR("Wrong size of status block");
1753                 return RCODE_ADDRESS_ERROR;
1754         }
1755         if (unlikely(!host)) {
1756                 SBP2_ERR("host is NULL - this is bad!");
1757                 return RCODE_ADDRESS_ERROR;
1758         }
1759         hi = hpsb_get_hostinfo(&sbp2_highlevel, host);
1760         if (unlikely(!hi)) {
1761                 SBP2_ERR("host info is NULL - this is bad!");
1762                 return RCODE_ADDRESS_ERROR;
1763         }
1764
1765         /* Find the unit which wrote the status. */
1766         read_lock_irqsave(&sbp2_hi_logical_units_lock, flags);
1767         list_for_each_entry(lu_tmp, &hi->logical_units, lu_list) {
1768                 if (lu_tmp->ne->nodeid == nodeid &&
1769                     lu_tmp->status_fifo_addr == addr) {
1770                         lu = lu_tmp;
1771                         break;
1772                 }
1773         }
1774         read_unlock_irqrestore(&sbp2_hi_logical_units_lock, flags);
1775
1776         if (unlikely(!lu)) {
1777                 SBP2_ERR("lu is NULL - device is gone?");
1778                 return RCODE_ADDRESS_ERROR;
1779         }
1780
1781         /* Put response into lu status fifo buffer. The first two bytes
1782          * come in big endian bit order. Often the target writes only a
1783          * truncated status block, minimally the first two quadlets. The rest
1784          * is implied to be zeros. */
1785         sb = &lu->status_block;
1786         memset(sb->command_set_dependent, 0, sizeof(sb->command_set_dependent));
1787         memcpy(sb, data, length);
1788         sbp2util_be32_to_cpu_buffer(sb, 8);
1789
1790         /* Ignore unsolicited status. Handle command ORB status. */
1791         if (unlikely(STATUS_GET_SRC(sb->ORB_offset_hi_misc) == 2))
1792                 cmd = NULL;
1793         else
1794                 cmd = sbp2util_find_command_for_orb(lu, sb->ORB_offset_lo);
1795         if (cmd) {
1796                 /* Grab SCSI command pointers and check status. */
1797                 /*
1798                  * FIXME: If the src field in the status is 1, the ORB DMA must
1799                  * not be reused until status for a subsequent ORB is received.
1800                  */
1801                 SCpnt = cmd->Current_SCpnt;
1802                 spin_lock_irqsave(&lu->cmd_orb_lock, flags);
1803                 sbp2util_mark_command_completed(lu, cmd);
1804                 spin_unlock_irqrestore(&lu->cmd_orb_lock, flags);
1805
1806                 if (SCpnt) {
1807                         u32 h = sb->ORB_offset_hi_misc;
1808                         u32 r = STATUS_GET_RESP(h);
1809
1810                         if (r != RESP_STATUS_REQUEST_COMPLETE) {
1811                                 SBP2_INFO("resp 0x%x, sbp_status 0x%x",
1812                                           r, STATUS_GET_SBP_STATUS(h));
1813                                 scsi_status =
1814                                         r == RESP_STATUS_TRANSPORT_FAILURE ?
1815                                         SBP2_SCSI_STATUS_BUSY :
1816                                         SBP2_SCSI_STATUS_COMMAND_TERMINATED;
1817                         }
1818
1819                         if (STATUS_GET_LEN(h) > 1)
1820                                 scsi_status = sbp2_status_to_sense_data(
1821                                         (unchar *)sb, SCpnt->sense_buffer);
1822
1823                         if (STATUS_TEST_DEAD(h))
1824                                 sbp2_agent_reset(lu, 0);
1825                 }
1826
1827                 /* Check here to see if there are no commands in-use. If there
1828                  * are none, we know that the fetch agent left the active state
1829                  * _and_ that we did not reactivate it yet. Therefore clear
1830                  * last_orb so that next time we write directly to the
1831                  * ORB_POINTER register. That way the fetch agent does not need
1832                  * to refetch the next_ORB. */
1833                 spin_lock_irqsave(&lu->cmd_orb_lock, flags);
1834                 if (list_empty(&lu->cmd_orb_inuse))
1835                         lu->last_orb = NULL;
1836                 spin_unlock_irqrestore(&lu->cmd_orb_lock, flags);
1837
1838         } else {
1839                 /* It's probably status after a management request. */
1840                 if ((sb->ORB_offset_lo == lu->reconnect_orb_dma) ||
1841                     (sb->ORB_offset_lo == lu->login_orb_dma) ||
1842                     (sb->ORB_offset_lo == lu->query_logins_orb_dma) ||
1843                     (sb->ORB_offset_lo == lu->logout_orb_dma)) {
1844                         lu->access_complete = 1;
1845                         wake_up_interruptible(&sbp2_access_wq);
1846                 }
1847         }
1848
1849         if (SCpnt)
1850                 sbp2scsi_complete_command(lu, scsi_status, SCpnt,
1851                                           cmd->Current_done);
1852         return RCODE_COMPLETE;
1853 }
1854
1855 /**************************************
1856  * SCSI interface related section
1857  **************************************/
1858
1859 static int sbp2scsi_queuecommand(struct scsi_cmnd *SCpnt,
1860                                  void (*done)(struct scsi_cmnd *))
1861 {
1862         struct sbp2_lu *lu = (struct sbp2_lu *)SCpnt->device->host->hostdata[0];
1863         struct sbp2_fwhost_info *hi;
1864         int result = DID_NO_CONNECT << 16;
1865
1866         if (unlikely(!sbp2util_node_is_available(lu)))
1867                 goto done;
1868
1869         hi = lu->hi;
1870
1871         if (unlikely(!hi)) {
1872                 SBP2_ERR("sbp2_fwhost_info is NULL - this is bad!");
1873                 goto done;
1874         }
1875
1876         /* Multiple units are currently represented to the SCSI core as separate
1877          * targets, not as one target with multiple LUs. Therefore return
1878          * selection time-out to any IO directed at non-zero LUNs. */
1879         if (unlikely(SCpnt->device->lun))
1880                 goto done;
1881
1882         if (unlikely(!hpsb_node_entry_valid(lu->ne))) {
1883                 SBP2_ERR("Bus reset in progress - rejecting command");
1884                 result = DID_BUS_BUSY << 16;
1885                 goto done;
1886         }
1887
1888         /* Bidirectional commands are not yet implemented,
1889          * and unknown transfer direction not handled. */
1890         if (unlikely(SCpnt->sc_data_direction == DMA_BIDIRECTIONAL)) {
1891                 SBP2_ERR("Cannot handle DMA_BIDIRECTIONAL - rejecting command");
1892                 result = DID_ERROR << 16;
1893                 goto done;
1894         }
1895
1896         if (sbp2_send_command(lu, SCpnt, done)) {
1897                 SBP2_ERR("Error sending SCSI command");
1898                 sbp2scsi_complete_command(lu,
1899                                           SBP2_SCSI_STATUS_SELECTION_TIMEOUT,
1900                                           SCpnt, done);
1901         }
1902         return 0;
1903
1904 done:
1905         SCpnt->result = result;
1906         done(SCpnt);
1907         return 0;
1908 }
1909
1910 static void sbp2scsi_complete_all_commands(struct sbp2_lu *lu, u32 status)
1911 {
1912         struct list_head *lh;
1913         struct sbp2_command_info *cmd;
1914         unsigned long flags;
1915
1916         spin_lock_irqsave(&lu->cmd_orb_lock, flags);
1917         while (!list_empty(&lu->cmd_orb_inuse)) {
1918                 lh = lu->cmd_orb_inuse.next;
1919                 cmd = list_entry(lh, struct sbp2_command_info, list);
1920                 sbp2util_mark_command_completed(lu, cmd);
1921                 if (cmd->Current_SCpnt) {
1922                         cmd->Current_SCpnt->result = status << 16;
1923                         cmd->Current_done(cmd->Current_SCpnt);
1924                 }
1925         }
1926         spin_unlock_irqrestore(&lu->cmd_orb_lock, flags);
1927
1928         return;
1929 }
1930
1931 /*
1932  * Complete a regular SCSI command. Can be called in atomic context.
1933  */
1934 static void sbp2scsi_complete_command(struct sbp2_lu *lu, u32 scsi_status,
1935                                       struct scsi_cmnd *SCpnt,
1936                                       void (*done)(struct scsi_cmnd *))
1937 {
1938         if (!SCpnt) {
1939                 SBP2_ERR("SCpnt is NULL");
1940                 return;
1941         }
1942
1943         switch (scsi_status) {
1944         case SBP2_SCSI_STATUS_GOOD:
1945                 SCpnt->result = DID_OK << 16;
1946                 break;
1947
1948         case SBP2_SCSI_STATUS_BUSY:
1949                 SBP2_ERR("SBP2_SCSI_STATUS_BUSY");
1950                 SCpnt->result = DID_BUS_BUSY << 16;
1951                 break;
1952
1953         case SBP2_SCSI_STATUS_CHECK_CONDITION:
1954                 SCpnt->result = CHECK_CONDITION << 1 | DID_OK << 16;
1955                 break;
1956
1957         case SBP2_SCSI_STATUS_SELECTION_TIMEOUT:
1958                 SBP2_ERR("SBP2_SCSI_STATUS_SELECTION_TIMEOUT");
1959                 SCpnt->result = DID_NO_CONNECT << 16;
1960                 scsi_print_command(SCpnt);
1961                 break;
1962
1963         case SBP2_SCSI_STATUS_CONDITION_MET:
1964         case SBP2_SCSI_STATUS_RESERVATION_CONFLICT:
1965         case SBP2_SCSI_STATUS_COMMAND_TERMINATED:
1966                 SBP2_ERR("Bad SCSI status = %x", scsi_status);
1967                 SCpnt->result = DID_ERROR << 16;
1968                 scsi_print_command(SCpnt);
1969                 break;
1970
1971         default:
1972                 SBP2_ERR("Unsupported SCSI status = %x", scsi_status);
1973                 SCpnt->result = DID_ERROR << 16;
1974         }
1975
1976         /* If a bus reset is in progress and there was an error, complete
1977          * the command as busy so that it will get retried. */
1978         if (!hpsb_node_entry_valid(lu->ne)
1979             && (scsi_status != SBP2_SCSI_STATUS_GOOD)) {
1980                 SBP2_ERR("Completing command with busy (bus reset)");
1981                 SCpnt->result = DID_BUS_BUSY << 16;
1982         }
1983
1984         /* Tell the SCSI stack that we're done with this command. */
1985         done(SCpnt);
1986 }
1987
1988 static int sbp2scsi_slave_alloc(struct scsi_device *sdev)
1989 {
1990         struct sbp2_lu *lu = (struct sbp2_lu *)sdev->host->hostdata[0];
1991
1992         if (sdev->lun != 0 || sdev->id != lu->ud->id || sdev->channel != 0)
1993                 return -ENODEV;
1994
1995         lu->sdev = sdev;
1996         sdev->allow_restart = 1;
1997
1998         /* SBP-2 requires quadlet alignment of the data buffers. */
1999         blk_queue_update_dma_alignment(sdev->request_queue, 4 - 1);
2000
2001         if (lu->workarounds & SBP2_WORKAROUND_INQUIRY_36)
2002                 sdev->inquiry_len = 36;
2003         return 0;
2004 }
2005
2006 static int sbp2scsi_slave_configure(struct scsi_device *sdev)
2007 {
2008         struct sbp2_lu *lu = (struct sbp2_lu *)sdev->host->hostdata[0];
2009
2010         sdev->use_10_for_rw = 1;
2011
2012         if (sbp2_exclusive_login)
2013                 sdev->manage_start_stop = 1;
2014         if (sdev->type == TYPE_ROM)
2015                 sdev->use_10_for_ms = 1;
2016         if (sdev->type == TYPE_DISK &&
2017             lu->workarounds & SBP2_WORKAROUND_MODE_SENSE_8)
2018                 sdev->skip_ms_page_8 = 1;
2019         if (lu->workarounds & SBP2_WORKAROUND_FIX_CAPACITY)
2020                 sdev->fix_capacity = 1;
2021         if (lu->workarounds & SBP2_WORKAROUND_POWER_CONDITION)
2022                 sdev->start_stop_pwr_cond = 1;
2023         if (lu->workarounds & SBP2_WORKAROUND_128K_MAX_TRANS)
2024                 blk_queue_max_sectors(sdev->request_queue, 128 * 1024 / 512);
2025
2026         blk_queue_max_segment_size(sdev->request_queue, SBP2_MAX_SEG_SIZE);
2027         return 0;
2028 }
2029
2030 static void sbp2scsi_slave_destroy(struct scsi_device *sdev)
2031 {
2032         ((struct sbp2_lu *)sdev->host->hostdata[0])->sdev = NULL;
2033         return;
2034 }
2035
2036 /*
2037  * Called by scsi stack when something has really gone wrong.
2038  * Usually called when a command has timed-out for some reason.
2039  */
2040 static int sbp2scsi_abort(struct scsi_cmnd *SCpnt)
2041 {
2042         struct sbp2_lu *lu = (struct sbp2_lu *)SCpnt->device->host->hostdata[0];
2043         struct sbp2_command_info *cmd;
2044         unsigned long flags;
2045
2046         SBP2_INFO("aborting sbp2 command");
2047         scsi_print_command(SCpnt);
2048
2049         if (sbp2util_node_is_available(lu)) {
2050                 sbp2_agent_reset(lu, 1);
2051
2052                 /* Return a matching command structure to the free pool. */
2053                 spin_lock_irqsave(&lu->cmd_orb_lock, flags);
2054                 cmd = sbp2util_find_command_for_SCpnt(lu, SCpnt);
2055                 if (cmd) {
2056                         sbp2util_mark_command_completed(lu, cmd);
2057                         if (cmd->Current_SCpnt) {
2058                                 cmd->Current_SCpnt->result = DID_ABORT << 16;
2059                                 cmd->Current_done(cmd->Current_SCpnt);
2060                         }
2061                 }
2062                 spin_unlock_irqrestore(&lu->cmd_orb_lock, flags);
2063
2064                 sbp2scsi_complete_all_commands(lu, DID_BUS_BUSY);
2065         }
2066
2067         return SUCCESS;
2068 }
2069
2070 /*
2071  * Called by scsi stack when something has really gone wrong.
2072  */
2073 static int sbp2scsi_reset(struct scsi_cmnd *SCpnt)
2074 {
2075         struct sbp2_lu *lu = (struct sbp2_lu *)SCpnt->device->host->hostdata[0];
2076
2077         SBP2_INFO("reset requested");
2078
2079         if (sbp2util_node_is_available(lu)) {
2080                 SBP2_INFO("generating sbp2 fetch agent reset");
2081                 sbp2_agent_reset(lu, 1);
2082         }
2083
2084         return SUCCESS;
2085 }
2086
2087 static ssize_t sbp2_sysfs_ieee1394_id_show(struct device *dev,
2088                                            struct device_attribute *attr,
2089                                            char *buf)
2090 {
2091         struct scsi_device *sdev;
2092         struct sbp2_lu *lu;
2093
2094         if (!(sdev = to_scsi_device(dev)))
2095                 return 0;
2096
2097         if (!(lu = (struct sbp2_lu *)sdev->host->hostdata[0]))
2098                 return 0;
2099
2100         if (sbp2_long_sysfs_ieee1394_id)
2101                 return sprintf(buf, "%016Lx:%06x:%04x\n",
2102                                 (unsigned long long)lu->ne->guid,
2103                                 lu->ud->directory_id, ORB_SET_LUN(lu->lun));
2104         else
2105                 return sprintf(buf, "%016Lx:%d:%d\n",
2106                                 (unsigned long long)lu->ne->guid,
2107                                 lu->ud->id, ORB_SET_LUN(lu->lun));
2108 }
2109
2110 MODULE_AUTHOR("Ben Collins <bcollins@debian.org>");
2111 MODULE_DESCRIPTION("IEEE-1394 SBP-2 protocol driver");
2112 MODULE_SUPPORTED_DEVICE(SBP2_DEVICE_NAME);
2113 MODULE_LICENSE("GPL");
2114
2115 static int sbp2_module_init(void)
2116 {
2117         int ret;
2118
2119         if (sbp2_serialize_io) {
2120                 sbp2_shost_template.can_queue = 1;
2121                 sbp2_shost_template.cmd_per_lun = 1;
2122         }
2123
2124         sbp2_shost_template.max_sectors = sbp2_max_sectors;
2125
2126         hpsb_register_highlevel(&sbp2_highlevel);
2127         ret = hpsb_register_protocol(&sbp2_driver);
2128         if (ret) {
2129                 SBP2_ERR("Failed to register protocol");
2130                 hpsb_unregister_highlevel(&sbp2_highlevel);
2131                 return ret;
2132         }
2133         return 0;
2134 }
2135
2136 static void __exit sbp2_module_exit(void)
2137 {
2138         hpsb_unregister_protocol(&sbp2_driver);
2139         hpsb_unregister_highlevel(&sbp2_highlevel);
2140 }
2141
2142 module_init(sbp2_module_init);
2143 module_exit(sbp2_module_exit);