V4L/DVB (11140): usbvision: fix oops on ARM platform when allocating transfer buffers
[linux-2.6] / drivers / block / cciss_scsi.c
1 /*
2  *    Disk Array driver for HP Smart Array controllers, SCSI Tape module.
3  *    (C) Copyright 2001, 2007 Hewlett-Packard Development Company, L.P.
4  *
5  *    This program is free software; you can redistribute it and/or modify
6  *    it under the terms of the GNU General Public License as published by
7  *    the Free Software Foundation; version 2 of the License.
8  *
9  *    This program is distributed in the hope that it will be useful,
10  *    but WITHOUT ANY WARRANTY; without even the implied warranty of
11  *    MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. See the GNU
12  *    General Public License for more details.
13  *
14  *    You should have received a copy of the GNU General Public License
15  *    along with this program; if not, write to the Free Software
16  *    Foundation, Inc., 59 Temple Place, Suite 300, Boston, MA
17  *    02111-1307, USA.
18  *
19  *    Questions/Comments/Bugfixes to iss_storagedev@hp.com
20  *    
21  *    Author: Stephen M. Cameron
22  */
23 #ifdef CONFIG_CISS_SCSI_TAPE
24
25 /* Here we have code to present the driver as a scsi driver 
26    as it is simultaneously presented as a block driver.  The 
27    reason for doing this is to allow access to SCSI tape drives
28    through the array controller.  Note in particular, neither 
29    physical nor logical disks are presented through the scsi layer. */
30
31 #include <linux/timer.h>
32 #include <linux/completion.h>
33 #include <linux/slab.h>
34 #include <linux/string.h>
35
36 #include <asm/atomic.h>
37
38 #include <scsi/scsi_cmnd.h>
39 #include <scsi/scsi_device.h>
40 #include <scsi/scsi_host.h> 
41
42 #include "cciss_scsi.h"
43
44 #define CCISS_ABORT_MSG 0x00
45 #define CCISS_RESET_MSG 0x01
46
47 /* some prototypes... */ 
48 static int sendcmd(
49         __u8    cmd,
50         int     ctlr,
51         void    *buff,
52         size_t  size,
53         unsigned int use_unit_num, /* 0: address the controller,
54                                       1: address logical volume log_unit, 
55                                       2: address is in scsi3addr */
56         unsigned int log_unit,
57         __u8    page_code,
58         unsigned char *scsi3addr,
59         int cmd_type);
60
61
62 static int cciss_scsi_proc_info(
63                 struct Scsi_Host *sh,
64                 char *buffer, /* data buffer */
65                 char **start,      /* where data in buffer starts */
66                 off_t offset,      /* offset from start of imaginary file */
67                 int length,        /* length of data in buffer */
68                 int func);         /* 0 == read, 1 == write */
69
70 static int cciss_scsi_queue_command (struct scsi_cmnd *cmd,
71                 void (* done)(struct scsi_cmnd *));
72 static int cciss_eh_device_reset_handler(struct scsi_cmnd *);
73 static int cciss_eh_abort_handler(struct scsi_cmnd *);
74
75 static struct cciss_scsi_hba_t ccissscsi[MAX_CTLR] = {
76         { .name = "cciss0", .ndevices = 0 },
77         { .name = "cciss1", .ndevices = 0 },
78         { .name = "cciss2", .ndevices = 0 },
79         { .name = "cciss3", .ndevices = 0 },
80         { .name = "cciss4", .ndevices = 0 },
81         { .name = "cciss5", .ndevices = 0 },
82         { .name = "cciss6", .ndevices = 0 },
83         { .name = "cciss7", .ndevices = 0 },
84 };
85
86 static struct scsi_host_template cciss_driver_template = {
87         .module                 = THIS_MODULE,
88         .name                   = "cciss",
89         .proc_name              = "cciss",
90         .proc_info              = cciss_scsi_proc_info,
91         .queuecommand           = cciss_scsi_queue_command,
92         .can_queue              = SCSI_CCISS_CAN_QUEUE,
93         .this_id                = 7,
94         .sg_tablesize           = MAXSGENTRIES,
95         .cmd_per_lun            = 1,
96         .use_clustering         = DISABLE_CLUSTERING,
97         /* Can't have eh_bus_reset_handler or eh_host_reset_handler for cciss */
98         .eh_device_reset_handler= cciss_eh_device_reset_handler,
99         .eh_abort_handler       = cciss_eh_abort_handler,
100 };
101
102 #pragma pack(1)
103 struct cciss_scsi_cmd_stack_elem_t {
104         CommandList_struct cmd;
105         ErrorInfo_struct Err;
106         __u32 busaddr;
107         __u32 pad;
108 };
109
110 #pragma pack()
111
112 #define CMD_STACK_SIZE (SCSI_CCISS_CAN_QUEUE * \
113                 CCISS_MAX_SCSI_DEVS_PER_HBA + 2)
114                         // plus two for init time usage
115
116 #pragma pack(1)
117 struct cciss_scsi_cmd_stack_t {
118         struct cciss_scsi_cmd_stack_elem_t *pool;
119         struct cciss_scsi_cmd_stack_elem_t *elem[CMD_STACK_SIZE];
120         dma_addr_t cmd_pool_handle;
121         int top;
122 };
123 #pragma pack()
124
125 struct cciss_scsi_adapter_data_t {
126         struct Scsi_Host *scsi_host;
127         struct cciss_scsi_cmd_stack_t cmd_stack;
128         int registered;
129         spinlock_t lock; // to protect ccissscsi[ctlr]; 
130 };
131
132 #define CPQ_TAPE_LOCK(ctlr, flags) spin_lock_irqsave( \
133         &(((struct cciss_scsi_adapter_data_t *) \
134         hba[ctlr]->scsi_ctlr)->lock), flags);
135 #define CPQ_TAPE_UNLOCK(ctlr, flags) spin_unlock_irqrestore( \
136         &(((struct cciss_scsi_adapter_data_t *) \
137         hba[ctlr]->scsi_ctlr)->lock), flags);
138
139 static CommandList_struct *
140 scsi_cmd_alloc(ctlr_info_t *h)
141 {
142         /* assume only one process in here at a time, locking done by caller. */
143         /* use CCISS_LOCK(ctlr) */
144         /* might be better to rewrite how we allocate scsi commands in a way that */
145         /* needs no locking at all. */
146
147         /* take the top memory chunk off the stack and return it, if any. */
148         struct cciss_scsi_cmd_stack_elem_t *c;
149         struct cciss_scsi_adapter_data_t *sa;
150         struct cciss_scsi_cmd_stack_t *stk;
151         u64bit temp64;
152
153         sa = (struct cciss_scsi_adapter_data_t *) h->scsi_ctlr;
154         stk = &sa->cmd_stack; 
155
156         if (stk->top < 0) 
157                 return NULL;
158         c = stk->elem[stk->top];        
159         /* memset(c, 0, sizeof(*c)); */
160         memset(&c->cmd, 0, sizeof(c->cmd));
161         memset(&c->Err, 0, sizeof(c->Err));
162         /* set physical addr of cmd and addr of scsi parameters */
163         c->cmd.busaddr = c->busaddr; 
164         /* (__u32) (stk->cmd_pool_handle + 
165                 (sizeof(struct cciss_scsi_cmd_stack_elem_t)*stk->top)); */
166
167         temp64.val = (__u64) (c->busaddr + sizeof(CommandList_struct));
168         /* (__u64) (stk->cmd_pool_handle + 
169                 (sizeof(struct cciss_scsi_cmd_stack_elem_t)*stk->top) +
170                  sizeof(CommandList_struct)); */
171         stk->top--;
172         c->cmd.ErrDesc.Addr.lower = temp64.val32.lower;
173         c->cmd.ErrDesc.Addr.upper = temp64.val32.upper;
174         c->cmd.ErrDesc.Len = sizeof(ErrorInfo_struct);
175         
176         c->cmd.ctlr = h->ctlr;
177         c->cmd.err_info = &c->Err;
178
179         return (CommandList_struct *) c;
180 }
181
182 static void 
183 scsi_cmd_free(ctlr_info_t *h, CommandList_struct *cmd)
184 {
185         /* assume only one process in here at a time, locking done by caller. */
186         /* use CCISS_LOCK(ctlr) */
187         /* drop the free memory chunk on top of the stack. */
188
189         struct cciss_scsi_adapter_data_t *sa;
190         struct cciss_scsi_cmd_stack_t *stk;
191
192         sa = (struct cciss_scsi_adapter_data_t *) h->scsi_ctlr;
193         stk = &sa->cmd_stack; 
194         if (stk->top >= CMD_STACK_SIZE) {
195                 printk("cciss: scsi_cmd_free called too many times.\n");
196                 BUG();
197         }
198         stk->top++;
199         stk->elem[stk->top] = (struct cciss_scsi_cmd_stack_elem_t *) cmd;
200 }
201
202 static int
203 scsi_cmd_stack_setup(int ctlr, struct cciss_scsi_adapter_data_t *sa)
204 {
205         int i;
206         struct cciss_scsi_cmd_stack_t *stk;
207         size_t size;
208
209         stk = &sa->cmd_stack; 
210         size = sizeof(struct cciss_scsi_cmd_stack_elem_t) * CMD_STACK_SIZE;
211
212         // pci_alloc_consistent guarantees 32-bit DMA address will
213         // be used
214
215         stk->pool = (struct cciss_scsi_cmd_stack_elem_t *)
216                 pci_alloc_consistent(hba[ctlr]->pdev, size, &stk->cmd_pool_handle);
217
218         if (stk->pool == NULL) {
219                 printk("stk->pool is null\n");
220                 return -1;
221         }
222
223         for (i=0; i<CMD_STACK_SIZE; i++) {
224                 stk->elem[i] = &stk->pool[i];
225                 stk->elem[i]->busaddr = (__u32) (stk->cmd_pool_handle + 
226                         (sizeof(struct cciss_scsi_cmd_stack_elem_t) * i));
227         }
228         stk->top = CMD_STACK_SIZE-1;
229         return 0;
230 }
231
232 static void
233 scsi_cmd_stack_free(int ctlr)
234 {
235         struct cciss_scsi_adapter_data_t *sa;
236         struct cciss_scsi_cmd_stack_t *stk;
237         size_t size;
238
239         sa = (struct cciss_scsi_adapter_data_t *) hba[ctlr]->scsi_ctlr;
240         stk = &sa->cmd_stack; 
241         if (stk->top != CMD_STACK_SIZE-1) {
242                 printk( "cciss: %d scsi commands are still outstanding.\n",
243                         CMD_STACK_SIZE - stk->top);
244                 // BUG();
245                 printk("WE HAVE A BUG HERE!!! stk=0x%p\n", stk);
246         }
247         size = sizeof(struct cciss_scsi_cmd_stack_elem_t) * CMD_STACK_SIZE;
248
249         pci_free_consistent(hba[ctlr]->pdev, size, stk->pool, stk->cmd_pool_handle);
250         stk->pool = NULL;
251 }
252
253 #if 0
254 static int xmargin=8;
255 static int amargin=60;
256
257 static void
258 print_bytes (unsigned char *c, int len, int hex, int ascii)
259 {
260
261         int i;
262         unsigned char *x;
263
264         if (hex)
265         {
266                 x = c;
267                 for (i=0;i<len;i++)
268                 {
269                         if ((i % xmargin) == 0 && i>0) printk("\n");
270                         if ((i % xmargin) == 0) printk("0x%04x:", i);
271                         printk(" %02x", *x);
272                         x++;
273                 }
274                 printk("\n");
275         }
276         if (ascii)
277         {
278                 x = c;
279                 for (i=0;i<len;i++)
280                 {
281                         if ((i % amargin) == 0 && i>0) printk("\n");
282                         if ((i % amargin) == 0) printk("0x%04x:", i);
283                         if (*x > 26 && *x < 128) printk("%c", *x);
284                         else printk(".");
285                         x++;
286                 }
287                 printk("\n");
288         }
289 }
290
291 static void
292 print_cmd(CommandList_struct *cp)
293 {
294         printk("queue:%d\n", cp->Header.ReplyQueue);
295         printk("sglist:%d\n", cp->Header.SGList);
296         printk("sgtot:%d\n", cp->Header.SGTotal);
297         printk("Tag:0x%08x/0x%08x\n", cp->Header.Tag.upper, 
298                         cp->Header.Tag.lower);
299         printk("LUN:0x%02x%02x%02x%02x%02x%02x%02x%02x\n",
300                 cp->Header.LUN.LunAddrBytes[0],
301                 cp->Header.LUN.LunAddrBytes[1],
302                 cp->Header.LUN.LunAddrBytes[2],
303                 cp->Header.LUN.LunAddrBytes[3],
304                 cp->Header.LUN.LunAddrBytes[4],
305                 cp->Header.LUN.LunAddrBytes[5],
306                 cp->Header.LUN.LunAddrBytes[6],
307                 cp->Header.LUN.LunAddrBytes[7]);
308         printk("CDBLen:%d\n", cp->Request.CDBLen);
309         printk("Type:%d\n",cp->Request.Type.Type);
310         printk("Attr:%d\n",cp->Request.Type.Attribute);
311         printk(" Dir:%d\n",cp->Request.Type.Direction);
312         printk("Timeout:%d\n",cp->Request.Timeout);
313         printk( "CDB: %02x %02x %02x %02x %02x %02x %02x %02x"
314                 " %02x %02x %02x %02x %02x %02x %02x %02x\n",
315                 cp->Request.CDB[0], cp->Request.CDB[1],
316                 cp->Request.CDB[2], cp->Request.CDB[3],
317                 cp->Request.CDB[4], cp->Request.CDB[5],
318                 cp->Request.CDB[6], cp->Request.CDB[7],
319                 cp->Request.CDB[8], cp->Request.CDB[9],
320                 cp->Request.CDB[10], cp->Request.CDB[11],
321                 cp->Request.CDB[12], cp->Request.CDB[13],
322                 cp->Request.CDB[14], cp->Request.CDB[15]),
323         printk("edesc.Addr: 0x%08x/0%08x, Len  = %d\n", 
324                 cp->ErrDesc.Addr.upper, cp->ErrDesc.Addr.lower, 
325                         cp->ErrDesc.Len);
326         printk("sgs..........Errorinfo:\n");
327         printk("scsistatus:%d\n", cp->err_info->ScsiStatus);
328         printk("senselen:%d\n", cp->err_info->SenseLen);
329         printk("cmd status:%d\n", cp->err_info->CommandStatus);
330         printk("resid cnt:%d\n", cp->err_info->ResidualCnt);
331         printk("offense size:%d\n", cp->err_info->MoreErrInfo.Invalid_Cmd.offense_size);
332         printk("offense byte:%d\n", cp->err_info->MoreErrInfo.Invalid_Cmd.offense_num);
333         printk("offense value:%d\n", cp->err_info->MoreErrInfo.Invalid_Cmd.offense_value);
334                         
335 }
336
337 #endif
338
339 static int 
340 find_bus_target_lun(int ctlr, int *bus, int *target, int *lun)
341 {
342         /* finds an unused bus, target, lun for a new device */
343         /* assumes hba[ctlr]->scsi_ctlr->lock is held */ 
344         int i, found=0;
345         unsigned char target_taken[CCISS_MAX_SCSI_DEVS_PER_HBA];
346
347         memset(&target_taken[0], 0, CCISS_MAX_SCSI_DEVS_PER_HBA);
348
349         target_taken[SELF_SCSI_ID] = 1; 
350         for (i=0;i<ccissscsi[ctlr].ndevices;i++)
351                 target_taken[ccissscsi[ctlr].dev[i].target] = 1;
352         
353         for (i=0;i<CCISS_MAX_SCSI_DEVS_PER_HBA;i++) {
354                 if (!target_taken[i]) {
355                         *bus = 0; *target=i; *lun = 0; found=1;
356                         break;
357                 }
358         }
359         return (!found);        
360 }
361 struct scsi2map {
362         char scsi3addr[8];
363         int bus, target, lun;
364 };
365
366 static int 
367 cciss_scsi_add_entry(int ctlr, int hostno, 
368                 struct cciss_scsi_dev_t *device,
369                 struct scsi2map *added, int *nadded)
370 {
371         /* assumes hba[ctlr]->scsi_ctlr->lock is held */ 
372         int n = ccissscsi[ctlr].ndevices;
373         struct cciss_scsi_dev_t *sd;
374         int i, bus, target, lun;
375         unsigned char addr1[8], addr2[8];
376
377         if (n >= CCISS_MAX_SCSI_DEVS_PER_HBA) {
378                 printk("cciss%d: Too many devices, "
379                         "some will be inaccessible.\n", ctlr);
380                 return -1;
381         }
382
383         bus = target = -1;
384         lun = 0;
385         /* Is this device a non-zero lun of a multi-lun device */
386         /* byte 4 of the 8-byte LUN addr will contain the logical unit no. */
387         if (device->scsi3addr[4] != 0) {
388                 /* Search through our list and find the device which */
389                 /* has the same 8 byte LUN address, excepting byte 4. */
390                 /* Assign the same bus and target for this new LUN. */
391                 /* Use the logical unit number from the firmware. */
392                 memcpy(addr1, device->scsi3addr, 8);
393                 addr1[4] = 0;
394                 for (i = 0; i < n; i++) {
395                         sd = &ccissscsi[ctlr].dev[i];
396                         memcpy(addr2, sd->scsi3addr, 8);
397                         addr2[4] = 0;
398                         /* differ only in byte 4? */
399                         if (memcmp(addr1, addr2, 8) == 0) {
400                                 bus = sd->bus;
401                                 target = sd->target;
402                                 lun = device->scsi3addr[4];
403                                 break;
404                         }
405                 }
406         }
407
408         sd = &ccissscsi[ctlr].dev[n];
409         if (lun == 0) {
410                 if (find_bus_target_lun(ctlr,
411                         &sd->bus, &sd->target, &sd->lun) != 0)
412                         return -1;
413         } else {
414                 sd->bus = bus;
415                 sd->target = target;
416                 sd->lun = lun;
417         }
418         added[*nadded].bus = sd->bus;
419         added[*nadded].target = sd->target;
420         added[*nadded].lun = sd->lun;
421         (*nadded)++;
422
423         memcpy(sd->scsi3addr, device->scsi3addr, 8);
424         memcpy(sd->vendor, device->vendor, sizeof(sd->vendor));
425         memcpy(sd->revision, device->revision, sizeof(sd->revision));
426         memcpy(sd->device_id, device->device_id, sizeof(sd->device_id));
427         sd->devtype = device->devtype;
428
429         ccissscsi[ctlr].ndevices++;
430
431         /* initially, (before registering with scsi layer) we don't 
432            know our hostno and we don't want to print anything first 
433            time anyway (the scsi layer's inquiries will show that info) */
434         if (hostno != -1)
435                 printk("cciss%d: %s device c%db%dt%dl%d added.\n", 
436                         ctlr, scsi_device_type(sd->devtype), hostno,
437                         sd->bus, sd->target, sd->lun);
438         return 0;
439 }
440
441 static void
442 cciss_scsi_remove_entry(int ctlr, int hostno, int entry,
443         struct scsi2map *removed, int *nremoved)
444 {
445         /* assumes hba[ctlr]->scsi_ctlr->lock is held */ 
446         int i;
447         struct cciss_scsi_dev_t sd;
448
449         if (entry < 0 || entry >= CCISS_MAX_SCSI_DEVS_PER_HBA) return;
450         sd = ccissscsi[ctlr].dev[entry];
451         removed[*nremoved].bus    = sd.bus;
452         removed[*nremoved].target = sd.target;
453         removed[*nremoved].lun    = sd.lun;
454         (*nremoved)++;
455         for (i=entry;i<ccissscsi[ctlr].ndevices-1;i++)
456                 ccissscsi[ctlr].dev[i] = ccissscsi[ctlr].dev[i+1];
457         ccissscsi[ctlr].ndevices--;
458         printk("cciss%d: %s device c%db%dt%dl%d removed.\n",
459                 ctlr, scsi_device_type(sd.devtype), hostno,
460                         sd.bus, sd.target, sd.lun);
461 }
462
463
464 #define SCSI3ADDR_EQ(a,b) ( \
465         (a)[7] == (b)[7] && \
466         (a)[6] == (b)[6] && \
467         (a)[5] == (b)[5] && \
468         (a)[4] == (b)[4] && \
469         (a)[3] == (b)[3] && \
470         (a)[2] == (b)[2] && \
471         (a)[1] == (b)[1] && \
472         (a)[0] == (b)[0])
473
474 static void fixup_botched_add(int ctlr, char *scsi3addr)
475 {
476         /* called when scsi_add_device fails in order to re-adjust */
477         /* ccissscsi[] to match the mid layer's view. */
478         unsigned long flags;
479         int i, j;
480         CPQ_TAPE_LOCK(ctlr, flags);
481         for (i = 0; i < ccissscsi[ctlr].ndevices; i++) {
482                 if (memcmp(scsi3addr,
483                                 ccissscsi[ctlr].dev[i].scsi3addr, 8) == 0) {
484                         for (j = i; j < ccissscsi[ctlr].ndevices-1; j++)
485                                 ccissscsi[ctlr].dev[j] =
486                                         ccissscsi[ctlr].dev[j+1];
487                         ccissscsi[ctlr].ndevices--;
488                         break;
489                 }
490         }
491         CPQ_TAPE_UNLOCK(ctlr, flags);
492 }
493
494 static int device_is_the_same(struct cciss_scsi_dev_t *dev1,
495         struct cciss_scsi_dev_t *dev2)
496 {
497         return dev1->devtype == dev2->devtype &&
498                 memcmp(dev1->scsi3addr, dev2->scsi3addr,
499                         sizeof(dev1->scsi3addr)) == 0 &&
500                 memcmp(dev1->device_id, dev2->device_id,
501                         sizeof(dev1->device_id)) == 0 &&
502                 memcmp(dev1->vendor, dev2->vendor,
503                         sizeof(dev1->vendor)) == 0 &&
504                 memcmp(dev1->model, dev2->model,
505                         sizeof(dev1->model)) == 0 &&
506                 memcmp(dev1->revision, dev2->revision,
507                         sizeof(dev1->revision)) == 0;
508 }
509
510 static int
511 adjust_cciss_scsi_table(int ctlr, int hostno,
512         struct cciss_scsi_dev_t sd[], int nsds)
513 {
514         /* sd contains scsi3 addresses and devtypes, but
515            bus target and lun are not filled in.  This funciton
516            takes what's in sd to be the current and adjusts
517            ccissscsi[] to be in line with what's in sd. */ 
518
519         int i,j, found, changes=0;
520         struct cciss_scsi_dev_t *csd;
521         unsigned long flags;
522         struct scsi2map *added, *removed;
523         int nadded, nremoved;
524         struct Scsi_Host *sh = NULL;
525
526         added = kzalloc(sizeof(*added) * CCISS_MAX_SCSI_DEVS_PER_HBA,
527                         GFP_KERNEL);
528         removed = kzalloc(sizeof(*removed) * CCISS_MAX_SCSI_DEVS_PER_HBA,
529                         GFP_KERNEL);
530
531         if (!added || !removed) {
532                 printk(KERN_WARNING "cciss%d: Out of memory in "
533                         "adjust_cciss_scsi_table\n", ctlr);
534                 goto free_and_out;
535         }
536
537         CPQ_TAPE_LOCK(ctlr, flags);
538
539         if (hostno != -1)  /* if it's not the first time... */
540                 sh = ((struct cciss_scsi_adapter_data_t *)
541                         hba[ctlr]->scsi_ctlr)->scsi_host;
542
543         /* find any devices in ccissscsi[] that are not in 
544            sd[] and remove them from ccissscsi[] */
545
546         i = 0;
547         nremoved = 0;
548         nadded = 0;
549         while(i<ccissscsi[ctlr].ndevices) {
550                 csd = &ccissscsi[ctlr].dev[i];
551                 found=0;
552                 for (j=0;j<nsds;j++) {
553                         if (SCSI3ADDR_EQ(sd[j].scsi3addr,
554                                 csd->scsi3addr)) {
555                                 if (device_is_the_same(&sd[j], csd))
556                                         found=2;
557                                 else
558                                         found=1;
559                                 break;
560                         }
561                 }
562
563                 if (found == 0) { /* device no longer present. */ 
564                         changes++;
565                         /* printk("cciss%d: %s device c%db%dt%dl%d removed.\n",
566                                 ctlr, scsi_device_type(csd->devtype), hostno,
567                                         csd->bus, csd->target, csd->lun); */
568                         cciss_scsi_remove_entry(ctlr, hostno, i,
569                                 removed, &nremoved);
570                         /* remove ^^^, hence i not incremented */
571                 } else if (found == 1) { /* device is different in some way */
572                         changes++;
573                         printk("cciss%d: device c%db%dt%dl%d has changed.\n",
574                                 ctlr, hostno, csd->bus, csd->target, csd->lun);
575                         cciss_scsi_remove_entry(ctlr, hostno, i,
576                                 removed, &nremoved);
577                         /* remove ^^^, hence i not incremented */
578                         if (cciss_scsi_add_entry(ctlr, hostno, &sd[j],
579                                 added, &nadded) != 0)
580                                 /* we just removed one, so add can't fail. */
581                                         BUG();
582                         csd->devtype = sd[j].devtype;
583                         memcpy(csd->device_id, sd[j].device_id,
584                                 sizeof(csd->device_id));
585                         memcpy(csd->vendor, sd[j].vendor,
586                                 sizeof(csd->vendor));
587                         memcpy(csd->model, sd[j].model,
588                                 sizeof(csd->model));
589                         memcpy(csd->revision, sd[j].revision,
590                                 sizeof(csd->revision));
591                 } else          /* device is same as it ever was, */
592                         i++;    /* so just move along. */
593         }
594
595         /* Now, make sure every device listed in sd[] is also
596            listed in ccissscsi[], adding them if they aren't found */
597
598         for (i=0;i<nsds;i++) {
599                 found=0;
600                 for (j=0;j<ccissscsi[ctlr].ndevices;j++) {
601                         csd = &ccissscsi[ctlr].dev[j];
602                         if (SCSI3ADDR_EQ(sd[i].scsi3addr,
603                                 csd->scsi3addr)) {
604                                 if (device_is_the_same(&sd[i], csd))
605                                         found=2;        /* found device */
606                                 else
607                                         found=1;        /* found a bug. */
608                                 break;
609                         }
610                 }
611                 if (!found) {
612                         changes++;
613                         if (cciss_scsi_add_entry(ctlr, hostno, &sd[i],
614                                 added, &nadded) != 0)
615                                 break;
616                 } else if (found == 1) {
617                         /* should never happen... */
618                         changes++;
619                         printk(KERN_WARNING "cciss%d: device "
620                                 "unexpectedly changed\n", ctlr);
621                         /* but if it does happen, we just ignore that device */
622                 }
623         }
624         CPQ_TAPE_UNLOCK(ctlr, flags);
625
626         /* Don't notify scsi mid layer of any changes the first time through */
627         /* (or if there are no changes) scsi_scan_host will do it later the */
628         /* first time through. */
629         if (hostno == -1 || !changes)
630                 goto free_and_out;
631
632         /* Notify scsi mid layer of any removed devices */
633         for (i = 0; i < nremoved; i++) {
634                 struct scsi_device *sdev =
635                         scsi_device_lookup(sh, removed[i].bus,
636                                 removed[i].target, removed[i].lun);
637                 if (sdev != NULL) {
638                         scsi_remove_device(sdev);
639                         scsi_device_put(sdev);
640                 } else {
641                         /* We don't expect to get here. */
642                         /* future cmds to this device will get selection */
643                         /* timeout as if the device was gone. */
644                         printk(KERN_WARNING "cciss%d: didn't find "
645                                 "c%db%dt%dl%d\n for removal.",
646                                 ctlr, hostno, removed[i].bus,
647                                 removed[i].target, removed[i].lun);
648                 }
649         }
650
651         /* Notify scsi mid layer of any added devices */
652         for (i = 0; i < nadded; i++) {
653                 int rc;
654                 rc = scsi_add_device(sh, added[i].bus,
655                         added[i].target, added[i].lun);
656                 if (rc == 0)
657                         continue;
658                 printk(KERN_WARNING "cciss%d: scsi_add_device "
659                         "c%db%dt%dl%d failed, device not added.\n",
660                         ctlr, hostno,
661                         added[i].bus, added[i].target, added[i].lun);
662                 /* now we have to remove it from ccissscsi, */
663                 /* since it didn't get added to scsi mid layer */
664                 fixup_botched_add(ctlr, added[i].scsi3addr);
665         }
666
667 free_and_out:
668         kfree(added);
669         kfree(removed);
670         return 0;
671 }
672
673 static int
674 lookup_scsi3addr(int ctlr, int bus, int target, int lun, char *scsi3addr)
675 {
676         int i;
677         struct cciss_scsi_dev_t *sd;
678         unsigned long flags;
679
680         CPQ_TAPE_LOCK(ctlr, flags);
681         for (i=0;i<ccissscsi[ctlr].ndevices;i++) {
682                 sd = &ccissscsi[ctlr].dev[i];
683                 if (sd->bus == bus &&
684                     sd->target == target &&
685                     sd->lun == lun) {
686                         memcpy(scsi3addr, &sd->scsi3addr[0], 8);
687                         CPQ_TAPE_UNLOCK(ctlr, flags);
688                         return 0;
689                 }
690         }
691         CPQ_TAPE_UNLOCK(ctlr, flags);
692         return -1;
693 }
694
695 static void 
696 cciss_scsi_setup(int cntl_num)
697 {
698         struct cciss_scsi_adapter_data_t * shba;
699
700         ccissscsi[cntl_num].ndevices = 0;
701         shba = (struct cciss_scsi_adapter_data_t *)
702                 kmalloc(sizeof(*shba), GFP_KERNEL);     
703         if (shba == NULL)
704                 return;
705         shba->scsi_host = NULL;
706         spin_lock_init(&shba->lock);
707         shba->registered = 0;
708         if (scsi_cmd_stack_setup(cntl_num, shba) != 0) {
709                 kfree(shba);
710                 shba = NULL;
711         }
712         hba[cntl_num]->scsi_ctlr = (void *) shba;
713         return;
714 }
715
716 static void
717 complete_scsi_command( CommandList_struct *cp, int timeout, __u32 tag)
718 {
719         struct scsi_cmnd *cmd;
720         ctlr_info_t *ctlr;
721         ErrorInfo_struct *ei;
722
723         ei = cp->err_info;
724
725         /* First, see if it was a message rather than a command */
726         if (cp->Request.Type.Type == TYPE_MSG)  {
727                 cp->cmd_type = CMD_MSG_DONE;
728                 return;
729         }
730
731         cmd = (struct scsi_cmnd *) cp->scsi_cmd;        
732         ctlr = hba[cp->ctlr];
733
734         scsi_dma_unmap(cmd);
735
736         cmd->result = (DID_OK << 16);           /* host byte */
737         cmd->result |= (COMMAND_COMPLETE << 8); /* msg byte */
738         /* cmd->result |= (GOOD < 1); */                /* status byte */
739
740         cmd->result |= (ei->ScsiStatus);
741         /* printk("Scsistatus is 0x%02x\n", ei->ScsiStatus);  */
742
743         /* copy the sense data whether we need to or not. */
744
745         memcpy(cmd->sense_buffer, ei->SenseInfo, 
746                 ei->SenseLen > SCSI_SENSE_BUFFERSIZE ?
747                         SCSI_SENSE_BUFFERSIZE : 
748                         ei->SenseLen);
749         scsi_set_resid(cmd, ei->ResidualCnt);
750
751         if(ei->CommandStatus != 0) 
752         { /* an error has occurred */ 
753                 switch(ei->CommandStatus)
754                 {
755                         case CMD_TARGET_STATUS:
756                                 /* Pass it up to the upper layers... */
757                                 if( ei->ScsiStatus)
758                                 {
759 #if 0
760                                         printk(KERN_WARNING "cciss: cmd %p "
761                                         "has SCSI Status = %x\n",
762                                                 cp,  
763                                                 ei->ScsiStatus); 
764 #endif
765                                         cmd->result |= (ei->ScsiStatus < 1);
766                                 }
767                                 else {  /* scsi status is zero??? How??? */
768                                         
769         /* Ordinarily, this case should never happen, but there is a bug
770            in some released firmware revisions that allows it to happen
771            if, for example, a 4100 backplane loses power and the tape
772            drive is in it.  We assume that it's a fatal error of some
773            kind because we can't show that it wasn't. We will make it
774            look like selection timeout since that is the most common
775            reason for this to occur, and it's severe enough. */
776
777                                         cmd->result = DID_NO_CONNECT << 16;
778                                 }
779                         break;
780                         case CMD_DATA_UNDERRUN: /* let mid layer handle it. */
781                         break;
782                         case CMD_DATA_OVERRUN:
783                                 printk(KERN_WARNING "cciss: cp %p has"
784                                         " completed with data overrun "
785                                         "reported\n", cp);
786                         break;
787                         case CMD_INVALID: {
788                                 /* print_bytes(cp, sizeof(*cp), 1, 0);
789                                 print_cmd(cp); */
790      /* We get CMD_INVALID if you address a non-existent tape drive instead
791         of a selection timeout (no response).  You will see this if you yank 
792         out a tape drive, then try to access it. This is kind of a shame
793         because it means that any other CMD_INVALID (e.g. driver bug) will
794         get interpreted as a missing target. */
795                                 cmd->result = DID_NO_CONNECT << 16;
796                                 }
797                         break;
798                         case CMD_PROTOCOL_ERR:
799                                 printk(KERN_WARNING "cciss: cp %p has "
800                                         "protocol error \n", cp);
801                         break;
802                         case CMD_HARDWARE_ERR:
803                                 cmd->result = DID_ERROR << 16;
804                                 printk(KERN_WARNING "cciss: cp %p had " 
805                                         " hardware error\n", cp);
806                         break;
807                         case CMD_CONNECTION_LOST:
808                                 cmd->result = DID_ERROR << 16;
809                                 printk(KERN_WARNING "cciss: cp %p had "
810                                         "connection lost\n", cp);
811                         break;
812                         case CMD_ABORTED:
813                                 cmd->result = DID_ABORT << 16;
814                                 printk(KERN_WARNING "cciss: cp %p was "
815                                         "aborted\n", cp);
816                         break;
817                         case CMD_ABORT_FAILED:
818                                 cmd->result = DID_ERROR << 16;
819                                 printk(KERN_WARNING "cciss: cp %p reports "
820                                         "abort failed\n", cp);
821                         break;
822                         case CMD_UNSOLICITED_ABORT:
823                                 cmd->result = DID_ABORT << 16;
824                                 printk(KERN_WARNING "cciss: cp %p aborted "
825                                         "do to an unsolicited abort\n", cp);
826                         break;
827                         case CMD_TIMEOUT:
828                                 cmd->result = DID_TIME_OUT << 16;
829                                 printk(KERN_WARNING "cciss: cp %p timedout\n",
830                                         cp);
831                         break;
832                         default:
833                                 cmd->result = DID_ERROR << 16;
834                                 printk(KERN_WARNING "cciss: cp %p returned "
835                                         "unknown status %x\n", cp, 
836                                                 ei->CommandStatus); 
837                 }
838         }
839         // printk("c:%p:c%db%dt%dl%d ", cmd, ctlr->ctlr, cmd->channel, 
840         //      cmd->target, cmd->lun);
841         cmd->scsi_done(cmd);
842         scsi_cmd_free(ctlr, cp);
843 }
844
845 static int
846 cciss_scsi_detect(int ctlr)
847 {
848         struct Scsi_Host *sh;
849         int error;
850
851         sh = scsi_host_alloc(&cciss_driver_template, sizeof(struct ctlr_info *));
852         if (sh == NULL)
853                 goto fail;
854         sh->io_port = 0;        // good enough?  FIXME, 
855         sh->n_io_port = 0;      // I don't think we use these two...
856         sh->this_id = SELF_SCSI_ID;  
857
858         ((struct cciss_scsi_adapter_data_t *) 
859                 hba[ctlr]->scsi_ctlr)->scsi_host = (void *) sh;
860         sh->hostdata[0] = (unsigned long) hba[ctlr];
861         sh->irq = hba[ctlr]->intr[SIMPLE_MODE_INT];
862         sh->unique_id = sh->irq;
863         error = scsi_add_host(sh, &hba[ctlr]->pdev->dev);
864         if (error)
865                 goto fail_host_put;
866         scsi_scan_host(sh);
867         return 1;
868
869  fail_host_put:
870         scsi_host_put(sh);
871  fail:
872         return 0;
873 }
874
875 static void
876 cciss_unmap_one(struct pci_dev *pdev,
877                 CommandList_struct *cp,
878                 size_t buflen,
879                 int data_direction)
880 {
881         u64bit addr64;
882
883         addr64.val32.lower = cp->SG[0].Addr.lower;
884         addr64.val32.upper = cp->SG[0].Addr.upper;
885         pci_unmap_single(pdev, (dma_addr_t) addr64.val, buflen, data_direction);
886 }
887
888 static void
889 cciss_map_one(struct pci_dev *pdev,
890                 CommandList_struct *cp,
891                 unsigned char *buf,
892                 size_t buflen,
893                 int data_direction)
894 {
895         __u64 addr64;
896
897         addr64 = (__u64) pci_map_single(pdev, buf, buflen, data_direction);
898         cp->SG[0].Addr.lower = 
899           (__u32) (addr64 & (__u64) 0x00000000FFFFFFFF);
900         cp->SG[0].Addr.upper =
901           (__u32) ((addr64 >> 32) & (__u64) 0x00000000FFFFFFFF);
902         cp->SG[0].Len = buflen;
903         cp->Header.SGList = (__u8) 1;   /* no. SGs contig in this cmd */
904         cp->Header.SGTotal = (__u16) 1; /* total sgs in this cmd list */
905 }
906
907 static int
908 cciss_scsi_do_simple_cmd(ctlr_info_t *c,
909                         CommandList_struct *cp,
910                         unsigned char *scsi3addr, 
911                         unsigned char *cdb,
912                         unsigned char cdblen,
913                         unsigned char *buf, int bufsize,
914                         int direction)
915 {
916         unsigned long flags;
917         DECLARE_COMPLETION_ONSTACK(wait);
918
919         cp->cmd_type = CMD_IOCTL_PEND;          // treat this like an ioctl 
920         cp->scsi_cmd = NULL;
921         cp->Header.ReplyQueue = 0;  // unused in simple mode
922         memcpy(&cp->Header.LUN, scsi3addr, sizeof(cp->Header.LUN));
923         cp->Header.Tag.lower = cp->busaddr;  // Use k. address of cmd as tag
924         // Fill in the request block...
925
926         /* printk("Using scsi3addr 0x%02x%0x2%0x2%0x2%0x2%0x2%0x2%0x2\n", 
927                 scsi3addr[0], scsi3addr[1], scsi3addr[2], scsi3addr[3],
928                 scsi3addr[4], scsi3addr[5], scsi3addr[6], scsi3addr[7]); */
929
930         memset(cp->Request.CDB, 0, sizeof(cp->Request.CDB));
931         memcpy(cp->Request.CDB, cdb, cdblen);
932         cp->Request.Timeout = 0;
933         cp->Request.CDBLen = cdblen;
934         cp->Request.Type.Type = TYPE_CMD;
935         cp->Request.Type.Attribute = ATTR_SIMPLE;
936         cp->Request.Type.Direction = direction;
937
938         /* Fill in the SG list and do dma mapping */
939         cciss_map_one(c->pdev, cp, (unsigned char *) buf,
940                         bufsize, DMA_FROM_DEVICE); 
941
942         cp->waiting = &wait;
943
944         /* Put the request on the tail of the request queue */
945         spin_lock_irqsave(CCISS_LOCK(c->ctlr), flags);
946         addQ(&c->reqQ, cp);
947         c->Qdepth++;
948         start_io(c);
949         spin_unlock_irqrestore(CCISS_LOCK(c->ctlr), flags);
950
951         wait_for_completion(&wait);
952
953         /* undo the dma mapping */
954         cciss_unmap_one(c->pdev, cp, bufsize, DMA_FROM_DEVICE);
955         return(0);
956 }
957
958 static void 
959 cciss_scsi_interpret_error(CommandList_struct *cp)
960 {
961         ErrorInfo_struct *ei;
962
963         ei = cp->err_info; 
964         switch(ei->CommandStatus)
965         {
966                 case CMD_TARGET_STATUS:
967                         printk(KERN_WARNING "cciss: cmd %p has "
968                                 "completed with errors\n", cp);
969                         printk(KERN_WARNING "cciss: cmd %p "
970                                 "has SCSI Status = %x\n",
971                                         cp,  
972                                         ei->ScsiStatus);
973                         if (ei->ScsiStatus == 0)
974                                 printk(KERN_WARNING 
975                                 "cciss:SCSI status is abnormally zero.  "
976                                 "(probably indicates selection timeout "
977                                 "reported incorrectly due to a known "
978                                 "firmware bug, circa July, 2001.)\n");
979                 break;
980                 case CMD_DATA_UNDERRUN: /* let mid layer handle it. */
981                         printk("UNDERRUN\n");
982                 break;
983                 case CMD_DATA_OVERRUN:
984                         printk(KERN_WARNING "cciss: cp %p has"
985                                 " completed with data overrun "
986                                 "reported\n", cp);
987                 break;
988                 case CMD_INVALID: {
989                         /* controller unfortunately reports SCSI passthru's */
990                         /* to non-existent targets as invalid commands. */
991                         printk(KERN_WARNING "cciss: cp %p is "
992                                 "reported invalid (probably means "
993                                 "target device no longer present)\n", 
994                                 cp); 
995                         /* print_bytes((unsigned char *) cp, sizeof(*cp), 1, 0);
996                         print_cmd(cp);  */
997                         }
998                 break;
999                 case CMD_PROTOCOL_ERR:
1000                         printk(KERN_WARNING "cciss: cp %p has "
1001                                 "protocol error \n", cp);
1002                 break;
1003                 case CMD_HARDWARE_ERR:
1004                         /* cmd->result = DID_ERROR << 16; */
1005                         printk(KERN_WARNING "cciss: cp %p had " 
1006                                 " hardware error\n", cp);
1007                 break;
1008                 case CMD_CONNECTION_LOST:
1009                         printk(KERN_WARNING "cciss: cp %p had "
1010                                 "connection lost\n", cp);
1011                 break;
1012                 case CMD_ABORTED:
1013                         printk(KERN_WARNING "cciss: cp %p was "
1014                                 "aborted\n", cp);
1015                 break;
1016                 case CMD_ABORT_FAILED:
1017                         printk(KERN_WARNING "cciss: cp %p reports "
1018                                 "abort failed\n", cp);
1019                 break;
1020                 case CMD_UNSOLICITED_ABORT:
1021                         printk(KERN_WARNING "cciss: cp %p aborted "
1022                                 "do to an unsolicited abort\n", cp);
1023                 break;
1024                 case CMD_TIMEOUT:
1025                         printk(KERN_WARNING "cciss: cp %p timedout\n",
1026                                 cp);
1027                 break;
1028                 default:
1029                         printk(KERN_WARNING "cciss: cp %p returned "
1030                                 "unknown status %x\n", cp, 
1031                                         ei->CommandStatus); 
1032         }
1033 }
1034
1035 static int
1036 cciss_scsi_do_inquiry(ctlr_info_t *c, unsigned char *scsi3addr, 
1037         unsigned char page, unsigned char *buf,
1038         unsigned char bufsize)
1039 {
1040         int rc;
1041         CommandList_struct *cp;
1042         char cdb[6];
1043         ErrorInfo_struct *ei;
1044         unsigned long flags;
1045
1046         spin_lock_irqsave(CCISS_LOCK(c->ctlr), flags);
1047         cp = scsi_cmd_alloc(c);
1048         spin_unlock_irqrestore(CCISS_LOCK(c->ctlr), flags);
1049
1050         if (cp == NULL) {                       /* trouble... */
1051                 printk("cmd_alloc returned NULL!\n");
1052                 return -1;
1053         }
1054
1055         ei = cp->err_info; 
1056
1057         cdb[0] = CISS_INQUIRY;
1058         cdb[1] = (page != 0);
1059         cdb[2] = page;
1060         cdb[3] = 0;
1061         cdb[4] = bufsize;
1062         cdb[5] = 0;
1063         rc = cciss_scsi_do_simple_cmd(c, cp, scsi3addr, cdb, 
1064                                 6, buf, bufsize, XFER_READ);
1065
1066         if (rc != 0) return rc; /* something went wrong */
1067
1068         if (ei->CommandStatus != 0 && 
1069             ei->CommandStatus != CMD_DATA_UNDERRUN) {
1070                 cciss_scsi_interpret_error(cp);
1071                 rc = -1;
1072         }
1073         spin_lock_irqsave(CCISS_LOCK(c->ctlr), flags);
1074         scsi_cmd_free(c, cp);
1075         spin_unlock_irqrestore(CCISS_LOCK(c->ctlr), flags);
1076         return rc;      
1077 }
1078
1079 /* Get the device id from inquiry page 0x83 */
1080 static int cciss_scsi_get_device_id(ctlr_info_t *c, unsigned char *scsi3addr,
1081         unsigned char *device_id, int buflen)
1082 {
1083         int rc;
1084         unsigned char *buf;
1085
1086         if (buflen > 16)
1087                 buflen = 16;
1088         buf = kzalloc(64, GFP_KERNEL);
1089         if (!buf)
1090                 return -1;
1091         rc = cciss_scsi_do_inquiry(c, scsi3addr, 0x83, buf, 64);
1092         if (rc == 0)
1093                 memcpy(device_id, &buf[8], buflen);
1094         kfree(buf);
1095         return rc != 0;
1096 }
1097
1098 static int
1099 cciss_scsi_do_report_phys_luns(ctlr_info_t *c, 
1100                 ReportLunData_struct *buf, int bufsize)
1101 {
1102         int rc;
1103         CommandList_struct *cp;
1104         unsigned char cdb[12];
1105         unsigned char scsi3addr[8]; 
1106         ErrorInfo_struct *ei;
1107         unsigned long flags;
1108
1109         spin_lock_irqsave(CCISS_LOCK(c->ctlr), flags);
1110         cp = scsi_cmd_alloc(c);
1111         spin_unlock_irqrestore(CCISS_LOCK(c->ctlr), flags);
1112         if (cp == NULL) {                       /* trouble... */
1113                 printk("cmd_alloc returned NULL!\n");
1114                 return -1;
1115         }
1116
1117         memset(&scsi3addr[0], 0, 8); /* address the controller */
1118         cdb[0] = CISS_REPORT_PHYS;
1119         cdb[1] = 0;
1120         cdb[2] = 0;
1121         cdb[3] = 0;
1122         cdb[4] = 0;
1123         cdb[5] = 0;
1124         cdb[6] = (bufsize >> 24) & 0xFF;  //MSB
1125         cdb[7] = (bufsize >> 16) & 0xFF;
1126         cdb[8] = (bufsize >> 8) & 0xFF;
1127         cdb[9] = bufsize & 0xFF;
1128         cdb[10] = 0;
1129         cdb[11] = 0;
1130
1131         rc = cciss_scsi_do_simple_cmd(c, cp, scsi3addr, 
1132                                 cdb, 12, 
1133                                 (unsigned char *) buf, 
1134                                 bufsize, XFER_READ);
1135
1136         if (rc != 0) return rc; /* something went wrong */
1137
1138         ei = cp->err_info; 
1139         if (ei->CommandStatus != 0 && 
1140             ei->CommandStatus != CMD_DATA_UNDERRUN) {
1141                 cciss_scsi_interpret_error(cp);
1142                 rc = -1;
1143         }
1144         spin_lock_irqsave(CCISS_LOCK(c->ctlr), flags);
1145         scsi_cmd_free(c, cp);
1146         spin_unlock_irqrestore(CCISS_LOCK(c->ctlr), flags);
1147         return rc;      
1148 }
1149
1150 static void
1151 cciss_update_non_disk_devices(int cntl_num, int hostno)
1152 {
1153         /* the idea here is we could get notified from /proc
1154            that some devices have changed, so we do a report 
1155            physical luns cmd, and adjust our list of devices 
1156            accordingly.  (We can't rely on the scsi-mid layer just
1157            doing inquiries, because the "busses" that the scsi 
1158            mid-layer probes are totally fabricated by this driver,
1159            so new devices wouldn't show up.
1160
1161            the scsi3addr's of devices won't change so long as the 
1162            adapter is not reset.  That means we can rescan and 
1163            tell which devices we already know about, vs. new 
1164            devices, vs.  disappearing devices.
1165
1166            Also, if you yank out a tape drive, then put in a disk
1167            in it's place, (say, a configured volume from another 
1168            array controller for instance)  _don't_ poke this driver 
1169            (so it thinks it's still a tape, but _do_ poke the scsi 
1170            mid layer, so it does an inquiry... the scsi mid layer 
1171            will see the physical disk.  This would be bad.  Need to
1172            think about how to prevent that.  One idea would be to 
1173            snoop all scsi responses and if an inquiry repsonse comes
1174            back that reports a disk, chuck it an return selection
1175            timeout instead and adjust our table...  Not sure i like
1176            that though.  
1177
1178          */
1179 #define OBDR_TAPE_INQ_SIZE 49
1180 #define OBDR_TAPE_SIG "$DR-10"
1181         ReportLunData_struct *ld_buff;
1182         unsigned char *inq_buff;
1183         unsigned char scsi3addr[8];
1184         ctlr_info_t *c;
1185         __u32 num_luns=0;
1186         unsigned char *ch;
1187         struct cciss_scsi_dev_t *currentsd, *this_device;
1188         int ncurrent=0;
1189         int reportlunsize = sizeof(*ld_buff) + CISS_MAX_PHYS_LUN * 8;
1190         int i;
1191
1192         c = (ctlr_info_t *) hba[cntl_num];      
1193         ld_buff = kzalloc(reportlunsize, GFP_KERNEL);
1194         inq_buff = kmalloc(OBDR_TAPE_INQ_SIZE, GFP_KERNEL);
1195         currentsd = kzalloc(sizeof(*currentsd) *
1196                         (CCISS_MAX_SCSI_DEVS_PER_HBA+1), GFP_KERNEL);
1197         if (ld_buff == NULL || inq_buff == NULL || currentsd == NULL) {
1198                 printk(KERN_ERR "cciss: out of memory\n");
1199                 goto out;
1200         }
1201         this_device = &currentsd[CCISS_MAX_SCSI_DEVS_PER_HBA];
1202         if (cciss_scsi_do_report_phys_luns(c, ld_buff, reportlunsize) == 0) {
1203                 ch = &ld_buff->LUNListLength[0];
1204                 num_luns = ((ch[0]<<24) | (ch[1]<<16) | (ch[2]<<8) | ch[3]) / 8;
1205                 if (num_luns > CISS_MAX_PHYS_LUN) {
1206                         printk(KERN_WARNING 
1207                                 "cciss: Maximum physical LUNs (%d) exceeded.  "
1208                                 "%d LUNs ignored.\n", CISS_MAX_PHYS_LUN, 
1209                                 num_luns - CISS_MAX_PHYS_LUN);
1210                         num_luns = CISS_MAX_PHYS_LUN;
1211                 }
1212         }
1213         else {
1214                 printk(KERN_ERR  "cciss: Report physical LUNs failed.\n");
1215                 goto out;
1216         }
1217
1218
1219         /* adjust our table of devices */       
1220         for (i = 0; i < num_luns; i++) {
1221                 /* for each physical lun, do an inquiry */
1222                 if (ld_buff->LUN[i][3] & 0xC0) continue;
1223                 memset(inq_buff, 0, OBDR_TAPE_INQ_SIZE);
1224                 memcpy(&scsi3addr[0], &ld_buff->LUN[i][0], 8);
1225
1226                 if (cciss_scsi_do_inquiry(hba[cntl_num], scsi3addr, 0, inq_buff,
1227                         (unsigned char) OBDR_TAPE_INQ_SIZE) != 0)
1228                         /* Inquiry failed (msg printed already) */
1229                         continue; /* so we will skip this device. */
1230
1231                 this_device->devtype = (inq_buff[0] & 0x1f);
1232                 this_device->bus = -1;
1233                 this_device->target = -1;
1234                 this_device->lun = -1;
1235                 memcpy(this_device->scsi3addr, scsi3addr, 8);
1236                 memcpy(this_device->vendor, &inq_buff[8],
1237                         sizeof(this_device->vendor));
1238                 memcpy(this_device->model, &inq_buff[16],
1239                         sizeof(this_device->model));
1240                 memcpy(this_device->revision, &inq_buff[32],
1241                         sizeof(this_device->revision));
1242                 memset(this_device->device_id, 0,
1243                         sizeof(this_device->device_id));
1244                 cciss_scsi_get_device_id(hba[cntl_num], scsi3addr,
1245                         this_device->device_id, sizeof(this_device->device_id));
1246
1247                 switch (this_device->devtype)
1248                 {
1249                   case 0x05: /* CD-ROM */ {
1250
1251                         /* We don't *really* support actual CD-ROM devices,
1252                          * just this "One Button Disaster Recovery" tape drive
1253                          * which temporarily pretends to be a CD-ROM drive.
1254                          * So we check that the device is really an OBDR tape
1255                          * device by checking for "$DR-10" in bytes 43-48 of
1256                          * the inquiry data.
1257                          */
1258                                 char obdr_sig[7];
1259
1260                                 strncpy(obdr_sig, &inq_buff[43], 6);
1261                                 obdr_sig[6] = '\0';
1262                                 if (strncmp(obdr_sig, OBDR_TAPE_SIG, 6) != 0)
1263                                         /* Not OBDR device, ignore it. */
1264                                         break;
1265                         }
1266                         /* fall through . . . */
1267                   case 0x01: /* sequential access, (tape) */
1268                   case 0x08: /* medium changer */
1269                         if (ncurrent >= CCISS_MAX_SCSI_DEVS_PER_HBA) {
1270                                 printk(KERN_INFO "cciss%d: %s ignored, "
1271                                         "too many devices.\n", cntl_num,
1272                                         scsi_device_type(this_device->devtype));
1273                                 break;
1274                         }
1275                         currentsd[ncurrent] = *this_device;
1276                         ncurrent++;
1277                         break;
1278                   default: 
1279                         break;
1280                 }
1281         }
1282
1283         adjust_cciss_scsi_table(cntl_num, hostno, currentsd, ncurrent);
1284 out:
1285         kfree(inq_buff);
1286         kfree(ld_buff);
1287         kfree(currentsd);
1288         return;
1289 }
1290
1291 static int
1292 is_keyword(char *ptr, int len, char *verb)  // Thanks to ncr53c8xx.c
1293 {
1294         int verb_len = strlen(verb);
1295         if (len >= verb_len && !memcmp(verb,ptr,verb_len))
1296                 return verb_len;
1297         else
1298                 return 0;
1299 }
1300
1301 static int
1302 cciss_scsi_user_command(int ctlr, int hostno, char *buffer, int length)
1303 {
1304         int arg_len;
1305
1306         if ((arg_len = is_keyword(buffer, length, "rescan")) != 0)
1307                 cciss_update_non_disk_devices(ctlr, hostno);
1308         else
1309                 return -EINVAL;
1310         return length;
1311 }
1312
1313
1314 static int
1315 cciss_scsi_proc_info(struct Scsi_Host *sh,
1316                 char *buffer, /* data buffer */
1317                 char **start,      /* where data in buffer starts */
1318                 off_t offset,      /* offset from start of imaginary file */
1319                 int length,        /* length of data in buffer */
1320                 int func)          /* 0 == read, 1 == write */
1321 {
1322
1323         int buflen, datalen;
1324         ctlr_info_t *ci;
1325         int i;
1326         int cntl_num;
1327
1328
1329         ci = (ctlr_info_t *) sh->hostdata[0];
1330         if (ci == NULL)  /* This really shouldn't ever happen. */
1331                 return -EINVAL;
1332
1333         cntl_num = ci->ctlr;    /* Get our index into the hba[] array */
1334
1335         if (func == 0) {        /* User is reading from /proc/scsi/ciss*?/?*  */
1336                 buflen = sprintf(buffer, "cciss%d: SCSI host: %d\n",
1337                                 cntl_num, sh->host_no);
1338
1339                 /* this information is needed by apps to know which cciss
1340                    device corresponds to which scsi host number without
1341                    having to open a scsi target device node.  The device
1342                    information is not a duplicate of /proc/scsi/scsi because
1343                    the two may be out of sync due to scsi hotplug, rather
1344                    this info is for an app to be able to use to know how to
1345                    get them back in sync. */
1346
1347                 for (i=0;i<ccissscsi[cntl_num].ndevices;i++) {
1348                         struct cciss_scsi_dev_t *sd = &ccissscsi[cntl_num].dev[i];
1349                         buflen += sprintf(&buffer[buflen], "c%db%dt%dl%d %02d "
1350                                 "0x%02x%02x%02x%02x%02x%02x%02x%02x\n",
1351                                 sh->host_no, sd->bus, sd->target, sd->lun,
1352                                 sd->devtype,
1353                                 sd->scsi3addr[0], sd->scsi3addr[1],
1354                                 sd->scsi3addr[2], sd->scsi3addr[3],
1355                                 sd->scsi3addr[4], sd->scsi3addr[5],
1356                                 sd->scsi3addr[6], sd->scsi3addr[7]);
1357                 }
1358                 datalen = buflen - offset;
1359                 if (datalen < 0) {      /* they're reading past EOF. */
1360                         datalen = 0;
1361                         *start = buffer+buflen; 
1362                 } else
1363                         *start = buffer + offset;
1364                 return(datalen);
1365         } else  /* User is writing to /proc/scsi/cciss*?/?*  ... */
1366                 return cciss_scsi_user_command(cntl_num, sh->host_no,
1367                         buffer, length);        
1368
1369
1370 /* cciss_scatter_gather takes a struct scsi_cmnd, (cmd), and does the pci 
1371    dma mapping  and fills in the scatter gather entries of the 
1372    cciss command, cp. */
1373
1374 static void
1375 cciss_scatter_gather(struct pci_dev *pdev, 
1376                 CommandList_struct *cp, 
1377                 struct scsi_cmnd *cmd)
1378 {
1379         unsigned int len;
1380         struct scatterlist *sg;
1381         __u64 addr64;
1382         int use_sg, i;
1383
1384         BUG_ON(scsi_sg_count(cmd) > MAXSGENTRIES);
1385
1386         use_sg = scsi_dma_map(cmd);
1387         if (use_sg) {   /* not too many addrs? */
1388                 scsi_for_each_sg(cmd, sg, use_sg, i) {
1389                         addr64 = (__u64) sg_dma_address(sg);
1390                         len  = sg_dma_len(sg);
1391                         cp->SG[i].Addr.lower =
1392                                 (__u32) (addr64 & (__u64) 0x00000000FFFFFFFF);
1393                         cp->SG[i].Addr.upper =
1394                                 (__u32) ((addr64 >> 32) & (__u64) 0x00000000FFFFFFFF);
1395                         cp->SG[i].Len = len;
1396                         cp->SG[i].Ext = 0;  // we are not chaining
1397                 }
1398         }
1399
1400         cp->Header.SGList = (__u8) use_sg;   /* no. SGs contig in this cmd */
1401         cp->Header.SGTotal = (__u16) use_sg; /* total sgs in this cmd list */
1402         return;
1403 }
1404
1405
1406 static int
1407 cciss_scsi_queue_command (struct scsi_cmnd *cmd, void (* done)(struct scsi_cmnd *))
1408 {
1409         ctlr_info_t **c;
1410         int ctlr, rc;
1411         unsigned char scsi3addr[8];
1412         CommandList_struct *cp;
1413         unsigned long flags;
1414
1415         // Get the ptr to our adapter structure (hba[i]) out of cmd->host.
1416         // We violate cmd->host privacy here.  (Is there another way?)
1417         c = (ctlr_info_t **) &cmd->device->host->hostdata[0];   
1418         ctlr = (*c)->ctlr;
1419
1420         rc = lookup_scsi3addr(ctlr, cmd->device->channel, cmd->device->id, 
1421                         cmd->device->lun, scsi3addr);
1422         if (rc != 0) {
1423                 /* the scsi nexus does not match any that we presented... */
1424                 /* pretend to mid layer that we got selection timeout */
1425                 cmd->result = DID_NO_CONNECT << 16;
1426                 done(cmd);
1427                 /* we might want to think about registering controller itself
1428                    as a processor device on the bus so sg binds to it. */
1429                 return 0;
1430         }
1431
1432         /* printk("cciss_queue_command, p=%p, cmd=0x%02x, c%db%dt%dl%d\n", 
1433                 cmd, cmd->cmnd[0], ctlr, cmd->channel, cmd->target, cmd->lun);*/
1434         // printk("q:%p:c%db%dt%dl%d ", cmd, ctlr, cmd->channel, 
1435         //      cmd->target, cmd->lun);
1436
1437         /* Ok, we have a reasonable scsi nexus, so send the cmd down, and
1438            see what the device thinks of it. */
1439
1440         spin_lock_irqsave(CCISS_LOCK(ctlr), flags);
1441         cp = scsi_cmd_alloc(*c);
1442         spin_unlock_irqrestore(CCISS_LOCK(ctlr), flags);
1443         if (cp == NULL) {                       /* trouble... */
1444                 printk("scsi_cmd_alloc returned NULL!\n");
1445                 /* FIXME: next 3 lines are -> BAD! <- */
1446                 cmd->result = DID_NO_CONNECT << 16;
1447                 done(cmd);
1448                 return 0;
1449         }
1450
1451         // Fill in the command list header
1452
1453         cmd->scsi_done = done;    // save this for use by completion code 
1454
1455         // save cp in case we have to abort it 
1456         cmd->host_scribble = (unsigned char *) cp; 
1457
1458         cp->cmd_type = CMD_SCSI;
1459         cp->scsi_cmd = cmd;
1460         cp->Header.ReplyQueue = 0;  // unused in simple mode
1461         memcpy(&cp->Header.LUN.LunAddrBytes[0], &scsi3addr[0], 8);
1462         cp->Header.Tag.lower = cp->busaddr;  // Use k. address of cmd as tag
1463         
1464         // Fill in the request block...
1465
1466         cp->Request.Timeout = 0;
1467         memset(cp->Request.CDB, 0, sizeof(cp->Request.CDB));
1468         BUG_ON(cmd->cmd_len > sizeof(cp->Request.CDB));
1469         cp->Request.CDBLen = cmd->cmd_len;
1470         memcpy(cp->Request.CDB, cmd->cmnd, cmd->cmd_len);
1471         cp->Request.Type.Type = TYPE_CMD;
1472         cp->Request.Type.Attribute = ATTR_SIMPLE;
1473         switch(cmd->sc_data_direction)
1474         {
1475           case DMA_TO_DEVICE: cp->Request.Type.Direction = XFER_WRITE; break;
1476           case DMA_FROM_DEVICE: cp->Request.Type.Direction = XFER_READ; break;
1477           case DMA_NONE: cp->Request.Type.Direction = XFER_NONE; break;
1478           case DMA_BIDIRECTIONAL:
1479                 // This can happen if a buggy application does a scsi passthru
1480                 // and sets both inlen and outlen to non-zero. ( see
1481                 // ../scsi/scsi_ioctl.c:scsi_ioctl_send_command() )
1482
1483                 cp->Request.Type.Direction = XFER_RSVD;
1484                 // This is technically wrong, and cciss controllers should
1485                 // reject it with CMD_INVALID, which is the most correct 
1486                 // response, but non-fibre backends appear to let it 
1487                 // slide by, and give the same results as if this field
1488                 // were set correctly.  Either way is acceptable for
1489                 // our purposes here.
1490
1491                 break;
1492
1493           default: 
1494                 printk("cciss: unknown data direction: %d\n", 
1495                         cmd->sc_data_direction);
1496                 BUG();
1497                 break;
1498         }
1499
1500         cciss_scatter_gather((*c)->pdev, cp, cmd); // Fill the SG list
1501
1502         /* Put the request on the tail of the request queue */
1503
1504         spin_lock_irqsave(CCISS_LOCK(ctlr), flags);
1505         addQ(&(*c)->reqQ, cp);
1506         (*c)->Qdepth++;
1507         start_io(*c);
1508         spin_unlock_irqrestore(CCISS_LOCK(ctlr), flags);
1509
1510         /* the cmd'll come back via intr handler in complete_scsi_command()  */
1511         return 0;
1512 }
1513
1514 static void 
1515 cciss_unregister_scsi(int ctlr)
1516 {
1517         struct cciss_scsi_adapter_data_t *sa;
1518         struct cciss_scsi_cmd_stack_t *stk;
1519         unsigned long flags;
1520
1521         /* we are being forcibly unloaded, and may not refuse. */
1522
1523         spin_lock_irqsave(CCISS_LOCK(ctlr), flags);
1524         sa = (struct cciss_scsi_adapter_data_t *) hba[ctlr]->scsi_ctlr;
1525         stk = &sa->cmd_stack; 
1526
1527         /* if we weren't ever actually registered, don't unregister */ 
1528         if (sa->registered) {
1529                 spin_unlock_irqrestore(CCISS_LOCK(ctlr), flags);
1530                 scsi_remove_host(sa->scsi_host);
1531                 scsi_host_put(sa->scsi_host);
1532                 spin_lock_irqsave(CCISS_LOCK(ctlr), flags);
1533         }
1534
1535         /* set scsi_host to NULL so our detect routine will 
1536            find us on register */
1537         sa->scsi_host = NULL;
1538         spin_unlock_irqrestore(CCISS_LOCK(ctlr), flags);
1539         scsi_cmd_stack_free(ctlr);
1540         kfree(sa);
1541 }
1542
1543 static int 
1544 cciss_engage_scsi(int ctlr)
1545 {
1546         struct cciss_scsi_adapter_data_t *sa;
1547         struct cciss_scsi_cmd_stack_t *stk;
1548         unsigned long flags;
1549
1550         spin_lock_irqsave(CCISS_LOCK(ctlr), flags);
1551         sa = (struct cciss_scsi_adapter_data_t *) hba[ctlr]->scsi_ctlr;
1552         stk = &sa->cmd_stack; 
1553
1554         if (sa->registered) {
1555                 printk("cciss%d: SCSI subsystem already engaged.\n", ctlr);
1556                 spin_unlock_irqrestore(CCISS_LOCK(ctlr), flags);
1557                 return ENXIO;
1558         }
1559         sa->registered = 1;
1560         spin_unlock_irqrestore(CCISS_LOCK(ctlr), flags);
1561         cciss_update_non_disk_devices(ctlr, -1);
1562         cciss_scsi_detect(ctlr);
1563         return 0;
1564 }
1565
1566 static void
1567 cciss_seq_tape_report(struct seq_file *seq, int ctlr)
1568 {
1569         unsigned long flags;
1570
1571         CPQ_TAPE_LOCK(ctlr, flags);
1572         seq_printf(seq,
1573                 "Sequential access devices: %d\n\n",
1574                         ccissscsi[ctlr].ndevices);
1575         CPQ_TAPE_UNLOCK(ctlr, flags);
1576 }
1577
1578
1579 /* Need at least one of these error handlers to keep ../scsi/hosts.c from 
1580  * complaining.  Doing a host- or bus-reset can't do anything good here. 
1581  * Despite what it might say in scsi_error.c, there may well be commands
1582  * on the controller, as the cciss driver registers twice, once as a block
1583  * device for the logical drives, and once as a scsi device, for any tape
1584  * drives.  So we know there are no commands out on the tape drives, but we
1585  * don't know there are no commands on the controller, and it is likely 
1586  * that there probably are, as the cciss block device is most commonly used
1587  * as a boot device (embedded controller on HP/Compaq systems.)
1588 */
1589
1590 static int cciss_eh_device_reset_handler(struct scsi_cmnd *scsicmd)
1591 {
1592         int rc;
1593         CommandList_struct *cmd_in_trouble;
1594         ctlr_info_t **c;
1595         int ctlr;
1596
1597         /* find the controller to which the command to be aborted was sent */
1598         c = (ctlr_info_t **) &scsicmd->device->host->hostdata[0];       
1599         if (c == NULL) /* paranoia */
1600                 return FAILED;
1601         ctlr = (*c)->ctlr;
1602         printk(KERN_WARNING "cciss%d: resetting tape drive or medium changer.\n", ctlr);
1603
1604         /* find the command that's giving us trouble */
1605         cmd_in_trouble = (CommandList_struct *) scsicmd->host_scribble;
1606         if (cmd_in_trouble == NULL) { /* paranoia */
1607                 return FAILED;
1608         }
1609         /* send a reset to the SCSI LUN which the command was sent to */
1610         rc = sendcmd(CCISS_RESET_MSG, ctlr, NULL, 0, 2, 0, 0, 
1611                 (unsigned char *) &cmd_in_trouble->Header.LUN.LunAddrBytes[0], 
1612                 TYPE_MSG);
1613         /* sendcmd turned off interrupts on the board, turn 'em back on. */
1614         (*c)->access.set_intr_mask(*c, CCISS_INTR_ON);
1615         if (rc == 0)
1616                 return SUCCESS;
1617         printk(KERN_WARNING "cciss%d: resetting device failed.\n", ctlr);
1618         return FAILED;
1619 }
1620
1621 static int  cciss_eh_abort_handler(struct scsi_cmnd *scsicmd)
1622 {
1623         int rc;
1624         CommandList_struct *cmd_to_abort;
1625         ctlr_info_t **c;
1626         int ctlr;
1627
1628         /* find the controller to which the command to be aborted was sent */
1629         c = (ctlr_info_t **) &scsicmd->device->host->hostdata[0];       
1630         if (c == NULL) /* paranoia */
1631                 return FAILED;
1632         ctlr = (*c)->ctlr;
1633         printk(KERN_WARNING "cciss%d: aborting tardy SCSI cmd\n", ctlr);
1634
1635         /* find the command to be aborted */
1636         cmd_to_abort = (CommandList_struct *) scsicmd->host_scribble;
1637         if (cmd_to_abort == NULL) /* paranoia */
1638                 return FAILED;
1639         rc = sendcmd(CCISS_ABORT_MSG, ctlr, &cmd_to_abort->Header.Tag, 
1640                 0, 2, 0, 0, 
1641                 (unsigned char *) &cmd_to_abort->Header.LUN.LunAddrBytes[0], 
1642                 TYPE_MSG);
1643         /* sendcmd turned off interrupts on the board, turn 'em back on. */
1644         (*c)->access.set_intr_mask(*c, CCISS_INTR_ON);
1645         if (rc == 0)
1646                 return SUCCESS;
1647         return FAILED;
1648
1649 }
1650
1651 #else /* no CONFIG_CISS_SCSI_TAPE */
1652
1653 /* If no tape support, then these become defined out of existence */
1654
1655 #define cciss_scsi_setup(cntl_num)
1656
1657 #endif /* CONFIG_CISS_SCSI_TAPE */