1 /* 2 * libata-scsi.c - helper library for ATA 3 * 4 * Maintained by: Tejun Heo <tj@kernel.org> 5 * Please ALWAYS copy linux-ide@vger.kernel.org 6 * on emails. 7 * 8 * Copyright 2003-2004 Red Hat, Inc. All rights reserved. 9 * Copyright 2003-2004 Jeff Garzik 10 * 11 * 12 * This program is free software; you can redistribute it and/or modify 13 * it under the terms of the GNU General Public License as published by 14 * the Free Software Foundation; either version 2, or (at your option) 15 * any later version. 16 * 17 * This program is distributed in the hope that it will be useful, 18 * but WITHOUT ANY WARRANTY; without even the implied warranty of 19 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 20 * GNU General Public License for more details. 21 * 22 * You should have received a copy of the GNU General Public License 23 * along with this program; see the file COPYING. If not, write to 24 * the Free Software Foundation, 675 Mass Ave, Cambridge, MA 02139, USA. 25 * 26 * 27 * libata documentation is available via 'make {ps|pdf}docs', 28 * as Documentation/driver-api/libata.rst 29 * 30 * Hardware documentation available from 31 * - http://www.t10.org/ 32 * - http://www.t13.org/ 33 * 34 */ 35 36 #include <linux/slab.h> 37 #include <linux/kernel.h> 38 #include <linux/blkdev.h> 39 #include <linux/spinlock.h> 40 #include <linux/export.h> 41 #include <scsi/scsi.h> 42 #include <scsi/scsi_host.h> 43 #include <scsi/scsi_cmnd.h> 44 #include <scsi/scsi_eh.h> 45 #include <scsi/scsi_device.h> 46 #include <scsi/scsi_tcq.h> 47 #include <scsi/scsi_transport.h> 48 #include <linux/libata.h> 49 #include <linux/hdreg.h> 50 #include <linux/uaccess.h> 51 #include <linux/suspend.h> 52 #include <asm/unaligned.h> 53 #include <linux/ioprio.h> 54 55 #include "libata.h" 56 #include "libata-transport.h" 57 58 #define ATA_SCSI_RBUF_SIZE 4096 59 60 static DEFINE_SPINLOCK(ata_scsi_rbuf_lock); 61 static u8 ata_scsi_rbuf[ATA_SCSI_RBUF_SIZE]; 62 63 typedef unsigned int (*ata_xlat_func_t)(struct ata_queued_cmd *qc); 64 65 static struct ata_device *__ata_scsi_find_dev(struct ata_port *ap, 66 const struct scsi_device *scsidev); 67 static struct ata_device *ata_scsi_find_dev(struct ata_port *ap, 68 const struct scsi_device *scsidev); 69 70 #define RW_RECOVERY_MPAGE 0x1 71 #define RW_RECOVERY_MPAGE_LEN 12 72 #define CACHE_MPAGE 0x8 73 #define CACHE_MPAGE_LEN 20 74 #define CONTROL_MPAGE 0xa 75 #define CONTROL_MPAGE_LEN 12 76 #define ALL_MPAGES 0x3f 77 #define ALL_SUB_MPAGES 0xff 78 79 80 static const u8 def_rw_recovery_mpage[RW_RECOVERY_MPAGE_LEN] = { 81 RW_RECOVERY_MPAGE, 82 RW_RECOVERY_MPAGE_LEN - 2, 83 (1 << 7), /* AWRE */ 84 0, /* read retry count */ 85 0, 0, 0, 0, 86 0, /* write retry count */ 87 0, 0, 0 88 }; 89 90 static const u8 def_cache_mpage[CACHE_MPAGE_LEN] = { 91 CACHE_MPAGE, 92 CACHE_MPAGE_LEN - 2, 93 0, /* contains WCE, needs to be 0 for logic */ 94 0, 0, 0, 0, 0, 0, 0, 0, 0, 95 0, /* contains DRA, needs to be 0 for logic */ 96 0, 0, 0, 0, 0, 0, 0 97 }; 98 99 static const u8 def_control_mpage[CONTROL_MPAGE_LEN] = { 100 CONTROL_MPAGE, 101 CONTROL_MPAGE_LEN - 2, 102 2, /* DSENSE=0, GLTSD=1 */ 103 0, /* [QAM+QERR may be 1, see 05-359r1] */ 104 0, 0, 0, 0, 0xff, 0xff, 105 0, 30 /* extended self test time, see 05-359r1 */ 106 }; 107 108 static const char *ata_lpm_policy_names[] = { 109 [ATA_LPM_UNKNOWN] = "max_performance", 110 [ATA_LPM_MAX_POWER] = "max_performance", 111 [ATA_LPM_MED_POWER] = "medium_power", 112 [ATA_LPM_MIN_POWER] = "min_power", 113 }; 114 115 static ssize_t ata_scsi_lpm_store(struct device *device, 116 struct device_attribute *attr, 117 const char *buf, size_t count) 118 { 119 struct Scsi_Host *shost = class_to_shost(device); 120 struct ata_port *ap = ata_shost_to_port(shost); 121 struct ata_link *link; 122 struct ata_device *dev; 123 enum ata_lpm_policy policy; 124 unsigned long flags; 125 126 /* UNKNOWN is internal state, iterate from MAX_POWER */ 127 for (policy = ATA_LPM_MAX_POWER; 128 policy < ARRAY_SIZE(ata_lpm_policy_names); policy++) { 129 const char *name = ata_lpm_policy_names[policy]; 130 131 if (strncmp(name, buf, strlen(name)) == 0) 132 break; 133 } 134 if (policy == ARRAY_SIZE(ata_lpm_policy_names)) 135 return -EINVAL; 136 137 spin_lock_irqsave(ap->lock, flags); 138 139 ata_for_each_link(link, ap, EDGE) { 140 ata_for_each_dev(dev, &ap->link, ENABLED) { 141 if (dev->horkage & ATA_HORKAGE_NOLPM) { 142 count = -EOPNOTSUPP; 143 goto out_unlock; 144 } 145 } 146 } 147 148 ap->target_lpm_policy = policy; 149 ata_port_schedule_eh(ap); 150 out_unlock: 151 spin_unlock_irqrestore(ap->lock, flags); 152 return count; 153 } 154 155 static ssize_t ata_scsi_lpm_show(struct device *dev, 156 struct device_attribute *attr, char *buf) 157 { 158 struct Scsi_Host *shost = class_to_shost(dev); 159 struct ata_port *ap = ata_shost_to_port(shost); 160 161 if (ap->target_lpm_policy >= ARRAY_SIZE(ata_lpm_policy_names)) 162 return -EINVAL; 163 164 return snprintf(buf, PAGE_SIZE, "%s\n", 165 ata_lpm_policy_names[ap->target_lpm_policy]); 166 } 167 DEVICE_ATTR(link_power_management_policy, S_IRUGO | S_IWUSR, 168 ata_scsi_lpm_show, ata_scsi_lpm_store); 169 EXPORT_SYMBOL_GPL(dev_attr_link_power_management_policy); 170 171 static ssize_t ata_scsi_park_show(struct device *device, 172 struct device_attribute *attr, char *buf) 173 { 174 struct scsi_device *sdev = to_scsi_device(device); 175 struct ata_port *ap; 176 struct ata_link *link; 177 struct ata_device *dev; 178 unsigned long now; 179 unsigned int uninitialized_var(msecs); 180 int rc = 0; 181 182 ap = ata_shost_to_port(sdev->host); 183 184 spin_lock_irq(ap->lock); 185 dev = ata_scsi_find_dev(ap, sdev); 186 if (!dev) { 187 rc = -ENODEV; 188 goto unlock; 189 } 190 if (dev->flags & ATA_DFLAG_NO_UNLOAD) { 191 rc = -EOPNOTSUPP; 192 goto unlock; 193 } 194 195 link = dev->link; 196 now = jiffies; 197 if (ap->pflags & ATA_PFLAG_EH_IN_PROGRESS && 198 link->eh_context.unloaded_mask & (1 << dev->devno) && 199 time_after(dev->unpark_deadline, now)) 200 msecs = jiffies_to_msecs(dev->unpark_deadline - now); 201 else 202 msecs = 0; 203 204 unlock: 205 spin_unlock_irq(ap->lock); 206 207 return rc ? rc : snprintf(buf, 20, "%u\n", msecs); 208 } 209 210 static ssize_t ata_scsi_park_store(struct device *device, 211 struct device_attribute *attr, 212 const char *buf, size_t len) 213 { 214 struct scsi_device *sdev = to_scsi_device(device); 215 struct ata_port *ap; 216 struct ata_device *dev; 217 long int input; 218 unsigned long flags; 219 int rc; 220 221 rc = kstrtol(buf, 10, &input); 222 if (rc) 223 return rc; 224 if (input < -2) 225 return -EINVAL; 226 if (input > ATA_TMOUT_MAX_PARK) { 227 rc = -EOVERFLOW; 228 input = ATA_TMOUT_MAX_PARK; 229 } 230 231 ap = ata_shost_to_port(sdev->host); 232 233 spin_lock_irqsave(ap->lock, flags); 234 dev = ata_scsi_find_dev(ap, sdev); 235 if (unlikely(!dev)) { 236 rc = -ENODEV; 237 goto unlock; 238 } 239 if (dev->class != ATA_DEV_ATA && 240 dev->class != ATA_DEV_ZAC) { 241 rc = -EOPNOTSUPP; 242 goto unlock; 243 } 244 245 if (input >= 0) { 246 if (dev->flags & ATA_DFLAG_NO_UNLOAD) { 247 rc = -EOPNOTSUPP; 248 goto unlock; 249 } 250 251 dev->unpark_deadline = ata_deadline(jiffies, input); 252 dev->link->eh_info.dev_action[dev->devno] |= ATA_EH_PARK; 253 ata_port_schedule_eh(ap); 254 complete(&ap->park_req_pending); 255 } else { 256 switch (input) { 257 case -1: 258 dev->flags &= ~ATA_DFLAG_NO_UNLOAD; 259 break; 260 case -2: 261 dev->flags |= ATA_DFLAG_NO_UNLOAD; 262 break; 263 } 264 } 265 unlock: 266 spin_unlock_irqrestore(ap->lock, flags); 267 268 return rc ? rc : len; 269 } 270 DEVICE_ATTR(unload_heads, S_IRUGO | S_IWUSR, 271 ata_scsi_park_show, ata_scsi_park_store); 272 EXPORT_SYMBOL_GPL(dev_attr_unload_heads); 273 274 static ssize_t ata_ncq_prio_enable_show(struct device *device, 275 struct device_attribute *attr, 276 char *buf) 277 { 278 struct scsi_device *sdev = to_scsi_device(device); 279 struct ata_port *ap; 280 struct ata_device *dev; 281 bool ncq_prio_enable; 282 int rc = 0; 283 284 ap = ata_shost_to_port(sdev->host); 285 286 spin_lock_irq(ap->lock); 287 dev = ata_scsi_find_dev(ap, sdev); 288 if (!dev) { 289 rc = -ENODEV; 290 goto unlock; 291 } 292 293 ncq_prio_enable = dev->flags & ATA_DFLAG_NCQ_PRIO_ENABLE; 294 295 unlock: 296 spin_unlock_irq(ap->lock); 297 298 return rc ? rc : snprintf(buf, 20, "%u\n", ncq_prio_enable); 299 } 300 301 static ssize_t ata_ncq_prio_enable_store(struct device *device, 302 struct device_attribute *attr, 303 const char *buf, size_t len) 304 { 305 struct scsi_device *sdev = to_scsi_device(device); 306 struct ata_port *ap; 307 struct ata_device *dev; 308 long int input; 309 int rc; 310 311 rc = kstrtol(buf, 10, &input); 312 if (rc) 313 return rc; 314 if ((input < 0) || (input > 1)) 315 return -EINVAL; 316 317 ap = ata_shost_to_port(sdev->host); 318 dev = ata_scsi_find_dev(ap, sdev); 319 if (unlikely(!dev)) 320 return -ENODEV; 321 322 spin_lock_irq(ap->lock); 323 if (input) 324 dev->flags |= ATA_DFLAG_NCQ_PRIO_ENABLE; 325 else 326 dev->flags &= ~ATA_DFLAG_NCQ_PRIO_ENABLE; 327 328 dev->link->eh_info.action |= ATA_EH_REVALIDATE; 329 dev->link->eh_info.flags |= ATA_EHI_QUIET; 330 ata_port_schedule_eh(ap); 331 spin_unlock_irq(ap->lock); 332 333 ata_port_wait_eh(ap); 334 335 if (input) { 336 spin_lock_irq(ap->lock); 337 if (!(dev->flags & ATA_DFLAG_NCQ_PRIO)) { 338 dev->flags &= ~ATA_DFLAG_NCQ_PRIO_ENABLE; 339 rc = -EIO; 340 } 341 spin_unlock_irq(ap->lock); 342 } 343 344 return rc ? rc : len; 345 } 346 347 DEVICE_ATTR(ncq_prio_enable, S_IRUGO | S_IWUSR, 348 ata_ncq_prio_enable_show, ata_ncq_prio_enable_store); 349 EXPORT_SYMBOL_GPL(dev_attr_ncq_prio_enable); 350 351 void ata_scsi_set_sense(struct ata_device *dev, struct scsi_cmnd *cmd, 352 u8 sk, u8 asc, u8 ascq) 353 { 354 bool d_sense = (dev->flags & ATA_DFLAG_D_SENSE); 355 356 if (!cmd) 357 return; 358 359 cmd->result = (DRIVER_SENSE << 24) | SAM_STAT_CHECK_CONDITION; 360 361 scsi_build_sense_buffer(d_sense, cmd->sense_buffer, sk, asc, ascq); 362 } 363 364 void ata_scsi_set_sense_information(struct ata_device *dev, 365 struct scsi_cmnd *cmd, 366 const struct ata_taskfile *tf) 367 { 368 u64 information; 369 370 if (!cmd) 371 return; 372 373 information = ata_tf_read_block(tf, dev); 374 if (information == U64_MAX) 375 return; 376 377 scsi_set_sense_information(cmd->sense_buffer, 378 SCSI_SENSE_BUFFERSIZE, information); 379 } 380 381 static void ata_scsi_set_invalid_field(struct ata_device *dev, 382 struct scsi_cmnd *cmd, u16 field, u8 bit) 383 { 384 ata_scsi_set_sense(dev, cmd, ILLEGAL_REQUEST, 0x24, 0x0); 385 /* "Invalid field in CDB" */ 386 scsi_set_sense_field_pointer(cmd->sense_buffer, SCSI_SENSE_BUFFERSIZE, 387 field, bit, 1); 388 } 389 390 static void ata_scsi_set_invalid_parameter(struct ata_device *dev, 391 struct scsi_cmnd *cmd, u16 field) 392 { 393 /* "Invalid field in parameter list" */ 394 ata_scsi_set_sense(dev, cmd, ILLEGAL_REQUEST, 0x26, 0x0); 395 scsi_set_sense_field_pointer(cmd->sense_buffer, SCSI_SENSE_BUFFERSIZE, 396 field, 0xff, 0); 397 } 398 399 static ssize_t 400 ata_scsi_em_message_store(struct device *dev, struct device_attribute *attr, 401 const char *buf, size_t count) 402 { 403 struct Scsi_Host *shost = class_to_shost(dev); 404 struct ata_port *ap = ata_shost_to_port(shost); 405 if (ap->ops->em_store && (ap->flags & ATA_FLAG_EM)) 406 return ap->ops->em_store(ap, buf, count); 407 return -EINVAL; 408 } 409 410 static ssize_t 411 ata_scsi_em_message_show(struct device *dev, struct device_attribute *attr, 412 char *buf) 413 { 414 struct Scsi_Host *shost = class_to_shost(dev); 415 struct ata_port *ap = ata_shost_to_port(shost); 416 417 if (ap->ops->em_show && (ap->flags & ATA_FLAG_EM)) 418 return ap->ops->em_show(ap, buf); 419 return -EINVAL; 420 } 421 DEVICE_ATTR(em_message, S_IRUGO | S_IWUSR, 422 ata_scsi_em_message_show, ata_scsi_em_message_store); 423 EXPORT_SYMBOL_GPL(dev_attr_em_message); 424 425 static ssize_t 426 ata_scsi_em_message_type_show(struct device *dev, struct device_attribute *attr, 427 char *buf) 428 { 429 struct Scsi_Host *shost = class_to_shost(dev); 430 struct ata_port *ap = ata_shost_to_port(shost); 431 432 return snprintf(buf, 23, "%d\n", ap->em_message_type); 433 } 434 DEVICE_ATTR(em_message_type, S_IRUGO, 435 ata_scsi_em_message_type_show, NULL); 436 EXPORT_SYMBOL_GPL(dev_attr_em_message_type); 437 438 static ssize_t 439 ata_scsi_activity_show(struct device *dev, struct device_attribute *attr, 440 char *buf) 441 { 442 struct scsi_device *sdev = to_scsi_device(dev); 443 struct ata_port *ap = ata_shost_to_port(sdev->host); 444 struct ata_device *atadev = ata_scsi_find_dev(ap, sdev); 445 446 if (atadev && ap->ops->sw_activity_show && 447 (ap->flags & ATA_FLAG_SW_ACTIVITY)) 448 return ap->ops->sw_activity_show(atadev, buf); 449 return -EINVAL; 450 } 451 452 static ssize_t 453 ata_scsi_activity_store(struct device *dev, struct device_attribute *attr, 454 const char *buf, size_t count) 455 { 456 struct scsi_device *sdev = to_scsi_device(dev); 457 struct ata_port *ap = ata_shost_to_port(sdev->host); 458 struct ata_device *atadev = ata_scsi_find_dev(ap, sdev); 459 enum sw_activity val; 460 int rc; 461 462 if (atadev && ap->ops->sw_activity_store && 463 (ap->flags & ATA_FLAG_SW_ACTIVITY)) { 464 val = simple_strtoul(buf, NULL, 0); 465 switch (val) { 466 case OFF: case BLINK_ON: case BLINK_OFF: 467 rc = ap->ops->sw_activity_store(atadev, val); 468 if (!rc) 469 return count; 470 else 471 return rc; 472 } 473 } 474 return -EINVAL; 475 } 476 DEVICE_ATTR(sw_activity, S_IWUSR | S_IRUGO, ata_scsi_activity_show, 477 ata_scsi_activity_store); 478 EXPORT_SYMBOL_GPL(dev_attr_sw_activity); 479 480 struct device_attribute *ata_common_sdev_attrs[] = { 481 &dev_attr_unload_heads, 482 &dev_attr_ncq_prio_enable, 483 NULL 484 }; 485 EXPORT_SYMBOL_GPL(ata_common_sdev_attrs); 486 487 /** 488 * ata_std_bios_param - generic bios head/sector/cylinder calculator used by sd. 489 * @sdev: SCSI device for which BIOS geometry is to be determined 490 * @bdev: block device associated with @sdev 491 * @capacity: capacity of SCSI device 492 * @geom: location to which geometry will be output 493 * 494 * Generic bios head/sector/cylinder calculator 495 * used by sd. Most BIOSes nowadays expect a XXX/255/16 (CHS) 496 * mapping. Some situations may arise where the disk is not 497 * bootable if this is not used. 498 * 499 * LOCKING: 500 * Defined by the SCSI layer. We don't really care. 501 * 502 * RETURNS: 503 * Zero. 504 */ 505 int ata_std_bios_param(struct scsi_device *sdev, struct block_device *bdev, 506 sector_t capacity, int geom[]) 507 { 508 geom[0] = 255; 509 geom[1] = 63; 510 sector_div(capacity, 255*63); 511 geom[2] = capacity; 512 513 return 0; 514 } 515 516 /** 517 * ata_scsi_unlock_native_capacity - unlock native capacity 518 * @sdev: SCSI device to adjust device capacity for 519 * 520 * This function is called if a partition on @sdev extends beyond 521 * the end of the device. It requests EH to unlock HPA. 522 * 523 * LOCKING: 524 * Defined by the SCSI layer. Might sleep. 525 */ 526 void ata_scsi_unlock_native_capacity(struct scsi_device *sdev) 527 { 528 struct ata_port *ap = ata_shost_to_port(sdev->host); 529 struct ata_device *dev; 530 unsigned long flags; 531 532 spin_lock_irqsave(ap->lock, flags); 533 534 dev = ata_scsi_find_dev(ap, sdev); 535 if (dev && dev->n_sectors < dev->n_native_sectors) { 536 dev->flags |= ATA_DFLAG_UNLOCK_HPA; 537 dev->link->eh_info.action |= ATA_EH_RESET; 538 ata_port_schedule_eh(ap); 539 } 540 541 spin_unlock_irqrestore(ap->lock, flags); 542 ata_port_wait_eh(ap); 543 } 544 545 /** 546 * ata_get_identity - Handler for HDIO_GET_IDENTITY ioctl 547 * @ap: target port 548 * @sdev: SCSI device to get identify data for 549 * @arg: User buffer area for identify data 550 * 551 * LOCKING: 552 * Defined by the SCSI layer. We don't really care. 553 * 554 * RETURNS: 555 * Zero on success, negative errno on error. 556 */ 557 static int ata_get_identity(struct ata_port *ap, struct scsi_device *sdev, 558 void __user *arg) 559 { 560 struct ata_device *dev = ata_scsi_find_dev(ap, sdev); 561 u16 __user *dst = arg; 562 char buf[40]; 563 564 if (!dev) 565 return -ENOMSG; 566 567 if (copy_to_user(dst, dev->id, ATA_ID_WORDS * sizeof(u16))) 568 return -EFAULT; 569 570 ata_id_string(dev->id, buf, ATA_ID_PROD, ATA_ID_PROD_LEN); 571 if (copy_to_user(dst + ATA_ID_PROD, buf, ATA_ID_PROD_LEN)) 572 return -EFAULT; 573 574 ata_id_string(dev->id, buf, ATA_ID_FW_REV, ATA_ID_FW_REV_LEN); 575 if (copy_to_user(dst + ATA_ID_FW_REV, buf, ATA_ID_FW_REV_LEN)) 576 return -EFAULT; 577 578 ata_id_string(dev->id, buf, ATA_ID_SERNO, ATA_ID_SERNO_LEN); 579 if (copy_to_user(dst + ATA_ID_SERNO, buf, ATA_ID_SERNO_LEN)) 580 return -EFAULT; 581 582 return 0; 583 } 584 585 /** 586 * ata_cmd_ioctl - Handler for HDIO_DRIVE_CMD ioctl 587 * @scsidev: Device to which we are issuing command 588 * @arg: User provided data for issuing command 589 * 590 * LOCKING: 591 * Defined by the SCSI layer. We don't really care. 592 * 593 * RETURNS: 594 * Zero on success, negative errno on error. 595 */ 596 int ata_cmd_ioctl(struct scsi_device *scsidev, void __user *arg) 597 { 598 int rc = 0; 599 u8 scsi_cmd[MAX_COMMAND_SIZE]; 600 u8 args[4], *argbuf = NULL, *sensebuf = NULL; 601 int argsize = 0; 602 enum dma_data_direction data_dir; 603 struct scsi_sense_hdr sshdr; 604 int cmd_result; 605 606 if (arg == NULL) 607 return -EINVAL; 608 609 if (copy_from_user(args, arg, sizeof(args))) 610 return -EFAULT; 611 612 sensebuf = kzalloc(SCSI_SENSE_BUFFERSIZE, GFP_NOIO); 613 if (!sensebuf) 614 return -ENOMEM; 615 616 memset(scsi_cmd, 0, sizeof(scsi_cmd)); 617 618 if (args[3]) { 619 argsize = ATA_SECT_SIZE * args[3]; 620 argbuf = kmalloc(argsize, GFP_KERNEL); 621 if (argbuf == NULL) { 622 rc = -ENOMEM; 623 goto error; 624 } 625 626 scsi_cmd[1] = (4 << 1); /* PIO Data-in */ 627 scsi_cmd[2] = 0x0e; /* no off.line or cc, read from dev, 628 block count in sector count field */ 629 data_dir = DMA_FROM_DEVICE; 630 } else { 631 scsi_cmd[1] = (3 << 1); /* Non-data */ 632 scsi_cmd[2] = 0x20; /* cc but no off.line or data xfer */ 633 data_dir = DMA_NONE; 634 } 635 636 scsi_cmd[0] = ATA_16; 637 638 scsi_cmd[4] = args[2]; 639 if (args[0] == ATA_CMD_SMART) { /* hack -- ide driver does this too */ 640 scsi_cmd[6] = args[3]; 641 scsi_cmd[8] = args[1]; 642 scsi_cmd[10] = 0x4f; 643 scsi_cmd[12] = 0xc2; 644 } else { 645 scsi_cmd[6] = args[1]; 646 } 647 scsi_cmd[14] = args[0]; 648 649 /* Good values for timeout and retries? Values below 650 from scsi_ioctl_send_command() for default case... */ 651 cmd_result = scsi_execute(scsidev, scsi_cmd, data_dir, argbuf, argsize, 652 sensebuf, &sshdr, (10*HZ), 5, 0, 0, NULL); 653 654 if (driver_byte(cmd_result) == DRIVER_SENSE) {/* sense data available */ 655 u8 *desc = sensebuf + 8; 656 cmd_result &= ~(0xFF<<24); /* DRIVER_SENSE is not an error */ 657 658 /* If we set cc then ATA pass-through will cause a 659 * check condition even if no error. Filter that. */ 660 if (cmd_result & SAM_STAT_CHECK_CONDITION) { 661 if (sshdr.sense_key == RECOVERED_ERROR && 662 sshdr.asc == 0 && sshdr.ascq == 0x1d) 663 cmd_result &= ~SAM_STAT_CHECK_CONDITION; 664 } 665 666 /* Send userspace a few ATA registers (same as drivers/ide) */ 667 if (sensebuf[0] == 0x72 && /* format is "descriptor" */ 668 desc[0] == 0x09) { /* code is "ATA Descriptor" */ 669 args[0] = desc[13]; /* status */ 670 args[1] = desc[3]; /* error */ 671 args[2] = desc[5]; /* sector count (0:7) */ 672 if (copy_to_user(arg, args, sizeof(args))) 673 rc = -EFAULT; 674 } 675 } 676 677 678 if (cmd_result) { 679 rc = -EIO; 680 goto error; 681 } 682 683 if ((argbuf) 684 && copy_to_user(arg + sizeof(args), argbuf, argsize)) 685 rc = -EFAULT; 686 error: 687 kfree(sensebuf); 688 kfree(argbuf); 689 return rc; 690 } 691 692 /** 693 * ata_task_ioctl - Handler for HDIO_DRIVE_TASK ioctl 694 * @scsidev: Device to which we are issuing command 695 * @arg: User provided data for issuing command 696 * 697 * LOCKING: 698 * Defined by the SCSI layer. We don't really care. 699 * 700 * RETURNS: 701 * Zero on success, negative errno on error. 702 */ 703 int ata_task_ioctl(struct scsi_device *scsidev, void __user *arg) 704 { 705 int rc = 0; 706 u8 scsi_cmd[MAX_COMMAND_SIZE]; 707 u8 args[7], *sensebuf = NULL; 708 struct scsi_sense_hdr sshdr; 709 int cmd_result; 710 711 if (arg == NULL) 712 return -EINVAL; 713 714 if (copy_from_user(args, arg, sizeof(args))) 715 return -EFAULT; 716 717 sensebuf = kzalloc(SCSI_SENSE_BUFFERSIZE, GFP_NOIO); 718 if (!sensebuf) 719 return -ENOMEM; 720 721 memset(scsi_cmd, 0, sizeof(scsi_cmd)); 722 scsi_cmd[0] = ATA_16; 723 scsi_cmd[1] = (3 << 1); /* Non-data */ 724 scsi_cmd[2] = 0x20; /* cc but no off.line or data xfer */ 725 scsi_cmd[4] = args[1]; 726 scsi_cmd[6] = args[2]; 727 scsi_cmd[8] = args[3]; 728 scsi_cmd[10] = args[4]; 729 scsi_cmd[12] = args[5]; 730 scsi_cmd[13] = args[6] & 0x4f; 731 scsi_cmd[14] = args[0]; 732 733 /* Good values for timeout and retries? Values below 734 from scsi_ioctl_send_command() for default case... */ 735 cmd_result = scsi_execute(scsidev, scsi_cmd, DMA_NONE, NULL, 0, 736 sensebuf, &sshdr, (10*HZ), 5, 0, 0, NULL); 737 738 if (driver_byte(cmd_result) == DRIVER_SENSE) {/* sense data available */ 739 u8 *desc = sensebuf + 8; 740 cmd_result &= ~(0xFF<<24); /* DRIVER_SENSE is not an error */ 741 742 /* If we set cc then ATA pass-through will cause a 743 * check condition even if no error. Filter that. */ 744 if (cmd_result & SAM_STAT_CHECK_CONDITION) { 745 if (sshdr.sense_key == RECOVERED_ERROR && 746 sshdr.asc == 0 && sshdr.ascq == 0x1d) 747 cmd_result &= ~SAM_STAT_CHECK_CONDITION; 748 } 749 750 /* Send userspace ATA registers */ 751 if (sensebuf[0] == 0x72 && /* format is "descriptor" */ 752 desc[0] == 0x09) {/* code is "ATA Descriptor" */ 753 args[0] = desc[13]; /* status */ 754 args[1] = desc[3]; /* error */ 755 args[2] = desc[5]; /* sector count (0:7) */ 756 args[3] = desc[7]; /* lbal */ 757 args[4] = desc[9]; /* lbam */ 758 args[5] = desc[11]; /* lbah */ 759 args[6] = desc[12]; /* select */ 760 if (copy_to_user(arg, args, sizeof(args))) 761 rc = -EFAULT; 762 } 763 } 764 765 if (cmd_result) { 766 rc = -EIO; 767 goto error; 768 } 769 770 error: 771 kfree(sensebuf); 772 return rc; 773 } 774 775 static int ata_ioc32(struct ata_port *ap) 776 { 777 if (ap->flags & ATA_FLAG_PIO_DMA) 778 return 1; 779 if (ap->pflags & ATA_PFLAG_PIO32) 780 return 1; 781 return 0; 782 } 783 784 int ata_sas_scsi_ioctl(struct ata_port *ap, struct scsi_device *scsidev, 785 int cmd, void __user *arg) 786 { 787 unsigned long val; 788 int rc = -EINVAL; 789 unsigned long flags; 790 791 switch (cmd) { 792 case HDIO_GET_32BIT: 793 spin_lock_irqsave(ap->lock, flags); 794 val = ata_ioc32(ap); 795 spin_unlock_irqrestore(ap->lock, flags); 796 return put_user(val, (unsigned long __user *)arg); 797 798 case HDIO_SET_32BIT: 799 val = (unsigned long) arg; 800 rc = 0; 801 spin_lock_irqsave(ap->lock, flags); 802 if (ap->pflags & ATA_PFLAG_PIO32CHANGE) { 803 if (val) 804 ap->pflags |= ATA_PFLAG_PIO32; 805 else 806 ap->pflags &= ~ATA_PFLAG_PIO32; 807 } else { 808 if (val != ata_ioc32(ap)) 809 rc = -EINVAL; 810 } 811 spin_unlock_irqrestore(ap->lock, flags); 812 return rc; 813 814 case HDIO_GET_IDENTITY: 815 return ata_get_identity(ap, scsidev, arg); 816 817 case HDIO_DRIVE_CMD: 818 if (!capable(CAP_SYS_ADMIN) || !capable(CAP_SYS_RAWIO)) 819 return -EACCES; 820 return ata_cmd_ioctl(scsidev, arg); 821 822 case HDIO_DRIVE_TASK: 823 if (!capable(CAP_SYS_ADMIN) || !capable(CAP_SYS_RAWIO)) 824 return -EACCES; 825 return ata_task_ioctl(scsidev, arg); 826 827 default: 828 rc = -ENOTTY; 829 break; 830 } 831 832 return rc; 833 } 834 EXPORT_SYMBOL_GPL(ata_sas_scsi_ioctl); 835 836 int ata_scsi_ioctl(struct scsi_device *scsidev, int cmd, void __user *arg) 837 { 838 return ata_sas_scsi_ioctl(ata_shost_to_port(scsidev->host), 839 scsidev, cmd, arg); 840 } 841 EXPORT_SYMBOL_GPL(ata_scsi_ioctl); 842 843 /** 844 * ata_scsi_qc_new - acquire new ata_queued_cmd reference 845 * @dev: ATA device to which the new command is attached 846 * @cmd: SCSI command that originated this ATA command 847 * 848 * Obtain a reference to an unused ata_queued_cmd structure, 849 * which is the basic libata structure representing a single 850 * ATA command sent to the hardware. 851 * 852 * If a command was available, fill in the SCSI-specific 853 * portions of the structure with information on the 854 * current command. 855 * 856 * LOCKING: 857 * spin_lock_irqsave(host lock) 858 * 859 * RETURNS: 860 * Command allocated, or %NULL if none available. 861 */ 862 static struct ata_queued_cmd *ata_scsi_qc_new(struct ata_device *dev, 863 struct scsi_cmnd *cmd) 864 { 865 struct ata_queued_cmd *qc; 866 867 qc = ata_qc_new_init(dev, cmd->request->tag); 868 if (qc) { 869 qc->scsicmd = cmd; 870 qc->scsidone = cmd->scsi_done; 871 872 qc->sg = scsi_sglist(cmd); 873 qc->n_elem = scsi_sg_count(cmd); 874 } else { 875 cmd->result = (DID_OK << 16) | (QUEUE_FULL << 1); 876 cmd->scsi_done(cmd); 877 } 878 879 return qc; 880 } 881 882 static void ata_qc_set_pc_nbytes(struct ata_queued_cmd *qc) 883 { 884 struct scsi_cmnd *scmd = qc->scsicmd; 885 886 qc->extrabytes = scmd->request->extra_len; 887 qc->nbytes = scsi_bufflen(scmd) + qc->extrabytes; 888 } 889 890 /** 891 * ata_dump_status - user friendly display of error info 892 * @id: id of the port in question 893 * @tf: ptr to filled out taskfile 894 * 895 * Decode and dump the ATA error/status registers for the user so 896 * that they have some idea what really happened at the non 897 * make-believe layer. 898 * 899 * LOCKING: 900 * inherited from caller 901 */ 902 static void ata_dump_status(unsigned id, struct ata_taskfile *tf) 903 { 904 u8 stat = tf->command, err = tf->feature; 905 906 pr_warn("ata%u: status=0x%02x { ", id, stat); 907 if (stat & ATA_BUSY) { 908 pr_cont("Busy }\n"); /* Data is not valid in this case */ 909 } else { 910 if (stat & ATA_DRDY) pr_cont("DriveReady "); 911 if (stat & ATA_DF) pr_cont("DeviceFault "); 912 if (stat & ATA_DSC) pr_cont("SeekComplete "); 913 if (stat & ATA_DRQ) pr_cont("DataRequest "); 914 if (stat & ATA_CORR) pr_cont("CorrectedError "); 915 if (stat & ATA_SENSE) pr_cont("Sense "); 916 if (stat & ATA_ERR) pr_cont("Error "); 917 pr_cont("}\n"); 918 919 if (err) { 920 pr_warn("ata%u: error=0x%02x { ", id, err); 921 if (err & ATA_ABORTED) pr_cont("DriveStatusError "); 922 if (err & ATA_ICRC) { 923 if (err & ATA_ABORTED) 924 pr_cont("BadCRC "); 925 else pr_cont("Sector "); 926 } 927 if (err & ATA_UNC) pr_cont("UncorrectableError "); 928 if (err & ATA_IDNF) pr_cont("SectorIdNotFound "); 929 if (err & ATA_TRK0NF) pr_cont("TrackZeroNotFound "); 930 if (err & ATA_AMNF) pr_cont("AddrMarkNotFound "); 931 pr_cont("}\n"); 932 } 933 } 934 } 935 936 /** 937 * ata_to_sense_error - convert ATA error to SCSI error 938 * @id: ATA device number 939 * @drv_stat: value contained in ATA status register 940 * @drv_err: value contained in ATA error register 941 * @sk: the sense key we'll fill out 942 * @asc: the additional sense code we'll fill out 943 * @ascq: the additional sense code qualifier we'll fill out 944 * @verbose: be verbose 945 * 946 * Converts an ATA error into a SCSI error. Fill out pointers to 947 * SK, ASC, and ASCQ bytes for later use in fixed or descriptor 948 * format sense blocks. 949 * 950 * LOCKING: 951 * spin_lock_irqsave(host lock) 952 */ 953 static void ata_to_sense_error(unsigned id, u8 drv_stat, u8 drv_err, u8 *sk, 954 u8 *asc, u8 *ascq, int verbose) 955 { 956 int i; 957 958 /* Based on the 3ware driver translation table */ 959 static const unsigned char sense_table[][4] = { 960 /* BBD|ECC|ID|MAR */ 961 {0xd1, ABORTED_COMMAND, 0x00, 0x00}, 962 // Device busy Aborted command 963 /* BBD|ECC|ID */ 964 {0xd0, ABORTED_COMMAND, 0x00, 0x00}, 965 // Device busy Aborted command 966 /* ECC|MC|MARK */ 967 {0x61, HARDWARE_ERROR, 0x00, 0x00}, 968 // Device fault Hardware error 969 /* ICRC|ABRT */ /* NB: ICRC & !ABRT is BBD */ 970 {0x84, ABORTED_COMMAND, 0x47, 0x00}, 971 // Data CRC error SCSI parity error 972 /* MC|ID|ABRT|TRK0|MARK */ 973 {0x37, NOT_READY, 0x04, 0x00}, 974 // Unit offline Not ready 975 /* MCR|MARK */ 976 {0x09, NOT_READY, 0x04, 0x00}, 977 // Unrecovered disk error Not ready 978 /* Bad address mark */ 979 {0x01, MEDIUM_ERROR, 0x13, 0x00}, 980 // Address mark not found for data field 981 /* TRK0 - Track 0 not found */ 982 {0x02, HARDWARE_ERROR, 0x00, 0x00}, 983 // Hardware error 984 /* Abort: 0x04 is not translated here, see below */ 985 /* Media change request */ 986 {0x08, NOT_READY, 0x04, 0x00}, 987 // FIXME: faking offline 988 /* SRV/IDNF - ID not found */ 989 {0x10, ILLEGAL_REQUEST, 0x21, 0x00}, 990 // Logical address out of range 991 /* MC - Media Changed */ 992 {0x20, UNIT_ATTENTION, 0x28, 0x00}, 993 // Not ready to ready change, medium may have changed 994 /* ECC - Uncorrectable ECC error */ 995 {0x40, MEDIUM_ERROR, 0x11, 0x04}, 996 // Unrecovered read error 997 /* BBD - block marked bad */ 998 {0x80, MEDIUM_ERROR, 0x11, 0x04}, 999 // Block marked bad Medium error, unrecovered read error 1000 {0xFF, 0xFF, 0xFF, 0xFF}, // END mark 1001 }; 1002 static const unsigned char stat_table[][4] = { 1003 /* Must be first because BUSY means no other bits valid */ 1004 {0x80, ABORTED_COMMAND, 0x47, 0x00}, 1005 // Busy, fake parity for now 1006 {0x40, ILLEGAL_REQUEST, 0x21, 0x04}, 1007 // Device ready, unaligned write command 1008 {0x20, HARDWARE_ERROR, 0x44, 0x00}, 1009 // Device fault, internal target failure 1010 {0x08, ABORTED_COMMAND, 0x47, 0x00}, 1011 // Timed out in xfer, fake parity for now 1012 {0x04, RECOVERED_ERROR, 0x11, 0x00}, 1013 // Recovered ECC error Medium error, recovered 1014 {0xFF, 0xFF, 0xFF, 0xFF}, // END mark 1015 }; 1016 1017 /* 1018 * Is this an error we can process/parse 1019 */ 1020 if (drv_stat & ATA_BUSY) { 1021 drv_err = 0; /* Ignore the err bits, they're invalid */ 1022 } 1023 1024 if (drv_err) { 1025 /* Look for drv_err */ 1026 for (i = 0; sense_table[i][0] != 0xFF; i++) { 1027 /* Look for best matches first */ 1028 if ((sense_table[i][0] & drv_err) == 1029 sense_table[i][0]) { 1030 *sk = sense_table[i][1]; 1031 *asc = sense_table[i][2]; 1032 *ascq = sense_table[i][3]; 1033 goto translate_done; 1034 } 1035 } 1036 } 1037 1038 /* 1039 * Fall back to interpreting status bits. Note that if the drv_err 1040 * has only the ABRT bit set, we decode drv_stat. ABRT by itself 1041 * is not descriptive enough. 1042 */ 1043 for (i = 0; stat_table[i][0] != 0xFF; i++) { 1044 if (stat_table[i][0] & drv_stat) { 1045 *sk = stat_table[i][1]; 1046 *asc = stat_table[i][2]; 1047 *ascq = stat_table[i][3]; 1048 goto translate_done; 1049 } 1050 } 1051 1052 /* 1053 * We need a sensible error return here, which is tricky, and one 1054 * that won't cause people to do things like return a disk wrongly. 1055 */ 1056 *sk = ABORTED_COMMAND; 1057 *asc = 0x00; 1058 *ascq = 0x00; 1059 1060 translate_done: 1061 if (verbose) 1062 pr_err("ata%u: translated ATA stat/err 0x%02x/%02x to SCSI SK/ASC/ASCQ 0x%x/%02x/%02x\n", 1063 id, drv_stat, drv_err, *sk, *asc, *ascq); 1064 return; 1065 } 1066 1067 /* 1068 * ata_gen_passthru_sense - Generate check condition sense block. 1069 * @qc: Command that completed. 1070 * 1071 * This function is specific to the ATA descriptor format sense 1072 * block specified for the ATA pass through commands. Regardless 1073 * of whether the command errored or not, return a sense 1074 * block. Copy all controller registers into the sense 1075 * block. If there was no error, we get the request from an ATA 1076 * passthrough command, so we use the following sense data: 1077 * sk = RECOVERED ERROR 1078 * asc,ascq = ATA PASS-THROUGH INFORMATION AVAILABLE 1079 * 1080 * 1081 * LOCKING: 1082 * None. 1083 */ 1084 static void ata_gen_passthru_sense(struct ata_queued_cmd *qc) 1085 { 1086 struct scsi_cmnd *cmd = qc->scsicmd; 1087 struct ata_taskfile *tf = &qc->result_tf; 1088 unsigned char *sb = cmd->sense_buffer; 1089 unsigned char *desc = sb + 8; 1090 int verbose = qc->ap->ops->error_handler == NULL; 1091 u8 sense_key, asc, ascq; 1092 1093 memset(sb, 0, SCSI_SENSE_BUFFERSIZE); 1094 1095 cmd->result = (DRIVER_SENSE << 24) | SAM_STAT_CHECK_CONDITION; 1096 1097 /* 1098 * Use ata_to_sense_error() to map status register bits 1099 * onto sense key, asc & ascq. 1100 */ 1101 if (qc->err_mask || 1102 tf->command & (ATA_BUSY | ATA_DF | ATA_ERR | ATA_DRQ)) { 1103 ata_to_sense_error(qc->ap->print_id, tf->command, tf->feature, 1104 &sense_key, &asc, &ascq, verbose); 1105 ata_scsi_set_sense(qc->dev, cmd, sense_key, asc, ascq); 1106 } else { 1107 /* 1108 * ATA PASS-THROUGH INFORMATION AVAILABLE 1109 * Always in descriptor format sense. 1110 */ 1111 scsi_build_sense_buffer(1, cmd->sense_buffer, 1112 RECOVERED_ERROR, 0, 0x1D); 1113 } 1114 1115 if ((cmd->sense_buffer[0] & 0x7f) >= 0x72) { 1116 u8 len; 1117 1118 /* descriptor format */ 1119 len = sb[7]; 1120 desc = (char *)scsi_sense_desc_find(sb, len + 8, 9); 1121 if (!desc) { 1122 if (SCSI_SENSE_BUFFERSIZE < len + 14) 1123 return; 1124 sb[7] = len + 14; 1125 desc = sb + 8 + len; 1126 } 1127 desc[0] = 9; 1128 desc[1] = 12; 1129 /* 1130 * Copy registers into sense buffer. 1131 */ 1132 desc[2] = 0x00; 1133 desc[3] = tf->feature; /* == error reg */ 1134 desc[5] = tf->nsect; 1135 desc[7] = tf->lbal; 1136 desc[9] = tf->lbam; 1137 desc[11] = tf->lbah; 1138 desc[12] = tf->device; 1139 desc[13] = tf->command; /* == status reg */ 1140 1141 /* 1142 * Fill in Extend bit, and the high order bytes 1143 * if applicable. 1144 */ 1145 if (tf->flags & ATA_TFLAG_LBA48) { 1146 desc[2] |= 0x01; 1147 desc[4] = tf->hob_nsect; 1148 desc[6] = tf->hob_lbal; 1149 desc[8] = tf->hob_lbam; 1150 desc[10] = tf->hob_lbah; 1151 } 1152 } else { 1153 /* Fixed sense format */ 1154 desc[0] = tf->feature; 1155 desc[1] = tf->command; /* status */ 1156 desc[2] = tf->device; 1157 desc[3] = tf->nsect; 1158 desc[7] = 0; 1159 if (tf->flags & ATA_TFLAG_LBA48) { 1160 desc[8] |= 0x80; 1161 if (tf->hob_nsect) 1162 desc[8] |= 0x40; 1163 if (tf->hob_lbal || tf->hob_lbam || tf->hob_lbah) 1164 desc[8] |= 0x20; 1165 } 1166 desc[9] = tf->lbal; 1167 desc[10] = tf->lbam; 1168 desc[11] = tf->lbah; 1169 } 1170 } 1171 1172 /** 1173 * ata_gen_ata_sense - generate a SCSI fixed sense block 1174 * @qc: Command that we are erroring out 1175 * 1176 * Generate sense block for a failed ATA command @qc. Descriptor 1177 * format is used to accommodate LBA48 block address. 1178 * 1179 * LOCKING: 1180 * None. 1181 */ 1182 static void ata_gen_ata_sense(struct ata_queued_cmd *qc) 1183 { 1184 struct ata_device *dev = qc->dev; 1185 struct scsi_cmnd *cmd = qc->scsicmd; 1186 struct ata_taskfile *tf = &qc->result_tf; 1187 unsigned char *sb = cmd->sense_buffer; 1188 int verbose = qc->ap->ops->error_handler == NULL; 1189 u64 block; 1190 u8 sense_key, asc, ascq; 1191 1192 memset(sb, 0, SCSI_SENSE_BUFFERSIZE); 1193 1194 cmd->result = (DRIVER_SENSE << 24) | SAM_STAT_CHECK_CONDITION; 1195 1196 if (ata_dev_disabled(dev)) { 1197 /* Device disabled after error recovery */ 1198 /* LOGICAL UNIT NOT READY, HARD RESET REQUIRED */ 1199 ata_scsi_set_sense(dev, cmd, NOT_READY, 0x04, 0x21); 1200 return; 1201 } 1202 /* Use ata_to_sense_error() to map status register bits 1203 * onto sense key, asc & ascq. 1204 */ 1205 if (qc->err_mask || 1206 tf->command & (ATA_BUSY | ATA_DF | ATA_ERR | ATA_DRQ)) { 1207 ata_to_sense_error(qc->ap->print_id, tf->command, tf->feature, 1208 &sense_key, &asc, &ascq, verbose); 1209 ata_scsi_set_sense(dev, cmd, sense_key, asc, ascq); 1210 } else { 1211 /* Could not decode error */ 1212 ata_dev_warn(dev, "could not decode error status 0x%x err_mask 0x%x\n", 1213 tf->command, qc->err_mask); 1214 ata_scsi_set_sense(dev, cmd, ABORTED_COMMAND, 0, 0); 1215 return; 1216 } 1217 1218 block = ata_tf_read_block(&qc->result_tf, dev); 1219 if (block == U64_MAX) 1220 return; 1221 1222 scsi_set_sense_information(sb, SCSI_SENSE_BUFFERSIZE, block); 1223 } 1224 1225 static void ata_scsi_sdev_config(struct scsi_device *sdev) 1226 { 1227 sdev->use_10_for_rw = 1; 1228 sdev->use_10_for_ms = 1; 1229 sdev->no_write_same = 1; 1230 1231 /* Schedule policy is determined by ->qc_defer() callback and 1232 * it needs to see every deferred qc. Set dev_blocked to 1 to 1233 * prevent SCSI midlayer from automatically deferring 1234 * requests. 1235 */ 1236 sdev->max_device_blocked = 1; 1237 } 1238 1239 /** 1240 * atapi_drain_needed - Check whether data transfer may overflow 1241 * @rq: request to be checked 1242 * 1243 * ATAPI commands which transfer variable length data to host 1244 * might overflow due to application error or hardware bug. This 1245 * function checks whether overflow should be drained and ignored 1246 * for @request. 1247 * 1248 * LOCKING: 1249 * None. 1250 * 1251 * RETURNS: 1252 * 1 if ; otherwise, 0. 1253 */ 1254 static int atapi_drain_needed(struct request *rq) 1255 { 1256 if (likely(!blk_rq_is_passthrough(rq))) 1257 return 0; 1258 1259 if (!blk_rq_bytes(rq) || op_is_write(req_op(rq))) 1260 return 0; 1261 1262 return atapi_cmd_type(scsi_req(rq)->cmd[0]) == ATAPI_MISC; 1263 } 1264 1265 static int ata_scsi_dev_config(struct scsi_device *sdev, 1266 struct ata_device *dev) 1267 { 1268 struct request_queue *q = sdev->request_queue; 1269 1270 if (!ata_id_has_unload(dev->id)) 1271 dev->flags |= ATA_DFLAG_NO_UNLOAD; 1272 1273 /* configure max sectors */ 1274 blk_queue_max_hw_sectors(q, dev->max_sectors); 1275 1276 if (dev->class == ATA_DEV_ATAPI) { 1277 void *buf; 1278 1279 sdev->sector_size = ATA_SECT_SIZE; 1280 1281 /* set DMA padding */ 1282 blk_queue_update_dma_pad(q, ATA_DMA_PAD_SZ - 1); 1283 1284 /* configure draining */ 1285 buf = kmalloc(ATAPI_MAX_DRAIN, q->bounce_gfp | GFP_KERNEL); 1286 if (!buf) { 1287 ata_dev_err(dev, "drain buffer allocation failed\n"); 1288 return -ENOMEM; 1289 } 1290 1291 blk_queue_dma_drain(q, atapi_drain_needed, buf, ATAPI_MAX_DRAIN); 1292 } else { 1293 sdev->sector_size = ata_id_logical_sector_size(dev->id); 1294 sdev->manage_start_stop = 1; 1295 } 1296 1297 /* 1298 * ata_pio_sectors() expects buffer for each sector to not cross 1299 * page boundary. Enforce it by requiring buffers to be sector 1300 * aligned, which works iff sector_size is not larger than 1301 * PAGE_SIZE. ATAPI devices also need the alignment as 1302 * IDENTIFY_PACKET is executed as ATA_PROT_PIO. 1303 */ 1304 if (sdev->sector_size > PAGE_SIZE) 1305 ata_dev_warn(dev, 1306 "sector_size=%u > PAGE_SIZE, PIO may malfunction\n", 1307 sdev->sector_size); 1308 1309 blk_queue_update_dma_alignment(q, sdev->sector_size - 1); 1310 1311 if (dev->flags & ATA_DFLAG_AN) 1312 set_bit(SDEV_EVT_MEDIA_CHANGE, sdev->supported_events); 1313 1314 if (dev->flags & ATA_DFLAG_NCQ) { 1315 int depth; 1316 1317 depth = min(sdev->host->can_queue, ata_id_queue_depth(dev->id)); 1318 depth = min(ATA_MAX_QUEUE - 1, depth); 1319 scsi_change_queue_depth(sdev, depth); 1320 } 1321 1322 blk_queue_flush_queueable(q, false); 1323 1324 if (dev->flags & ATA_DFLAG_TRUSTED) 1325 sdev->security_supported = 1; 1326 1327 dev->sdev = sdev; 1328 return 0; 1329 } 1330 1331 /** 1332 * ata_scsi_slave_config - Set SCSI device attributes 1333 * @sdev: SCSI device to examine 1334 * 1335 * This is called before we actually start reading 1336 * and writing to the device, to configure certain 1337 * SCSI mid-layer behaviors. 1338 * 1339 * LOCKING: 1340 * Defined by SCSI layer. We don't really care. 1341 */ 1342 1343 int ata_scsi_slave_config(struct scsi_device *sdev) 1344 { 1345 struct ata_port *ap = ata_shost_to_port(sdev->host); 1346 struct ata_device *dev = __ata_scsi_find_dev(ap, sdev); 1347 int rc = 0; 1348 1349 ata_scsi_sdev_config(sdev); 1350 1351 if (dev) 1352 rc = ata_scsi_dev_config(sdev, dev); 1353 1354 return rc; 1355 } 1356 1357 /** 1358 * ata_scsi_slave_destroy - SCSI device is about to be destroyed 1359 * @sdev: SCSI device to be destroyed 1360 * 1361 * @sdev is about to be destroyed for hot/warm unplugging. If 1362 * this unplugging was initiated by libata as indicated by NULL 1363 * dev->sdev, this function doesn't have to do anything. 1364 * Otherwise, SCSI layer initiated warm-unplug is in progress. 1365 * Clear dev->sdev, schedule the device for ATA detach and invoke 1366 * EH. 1367 * 1368 * LOCKING: 1369 * Defined by SCSI layer. We don't really care. 1370 */ 1371 void ata_scsi_slave_destroy(struct scsi_device *sdev) 1372 { 1373 struct ata_port *ap = ata_shost_to_port(sdev->host); 1374 struct request_queue *q = sdev->request_queue; 1375 unsigned long flags; 1376 struct ata_device *dev; 1377 1378 if (!ap->ops->error_handler) 1379 return; 1380 1381 spin_lock_irqsave(ap->lock, flags); 1382 dev = __ata_scsi_find_dev(ap, sdev); 1383 if (dev && dev->sdev) { 1384 /* SCSI device already in CANCEL state, no need to offline it */ 1385 dev->sdev = NULL; 1386 dev->flags |= ATA_DFLAG_DETACH; 1387 ata_port_schedule_eh(ap); 1388 } 1389 spin_unlock_irqrestore(ap->lock, flags); 1390 1391 kfree(q->dma_drain_buffer); 1392 q->dma_drain_buffer = NULL; 1393 q->dma_drain_size = 0; 1394 } 1395 1396 /** 1397 * __ata_change_queue_depth - helper for ata_scsi_change_queue_depth 1398 * @ap: ATA port to which the device change the queue depth 1399 * @sdev: SCSI device to configure queue depth for 1400 * @queue_depth: new queue depth 1401 * 1402 * libsas and libata have different approaches for associating a sdev to 1403 * its ata_port. 1404 * 1405 */ 1406 int __ata_change_queue_depth(struct ata_port *ap, struct scsi_device *sdev, 1407 int queue_depth) 1408 { 1409 struct ata_device *dev; 1410 unsigned long flags; 1411 1412 if (queue_depth < 1 || queue_depth == sdev->queue_depth) 1413 return sdev->queue_depth; 1414 1415 dev = ata_scsi_find_dev(ap, sdev); 1416 if (!dev || !ata_dev_enabled(dev)) 1417 return sdev->queue_depth; 1418 1419 /* NCQ enabled? */ 1420 spin_lock_irqsave(ap->lock, flags); 1421 dev->flags &= ~ATA_DFLAG_NCQ_OFF; 1422 if (queue_depth == 1 || !ata_ncq_enabled(dev)) { 1423 dev->flags |= ATA_DFLAG_NCQ_OFF; 1424 queue_depth = 1; 1425 } 1426 spin_unlock_irqrestore(ap->lock, flags); 1427 1428 /* limit and apply queue depth */ 1429 queue_depth = min(queue_depth, sdev->host->can_queue); 1430 queue_depth = min(queue_depth, ata_id_queue_depth(dev->id)); 1431 queue_depth = min(queue_depth, ATA_MAX_QUEUE - 1); 1432 1433 if (sdev->queue_depth == queue_depth) 1434 return -EINVAL; 1435 1436 return scsi_change_queue_depth(sdev, queue_depth); 1437 } 1438 1439 /** 1440 * ata_scsi_change_queue_depth - SCSI callback for queue depth config 1441 * @sdev: SCSI device to configure queue depth for 1442 * @queue_depth: new queue depth 1443 * 1444 * This is libata standard hostt->change_queue_depth callback. 1445 * SCSI will call into this callback when user tries to set queue 1446 * depth via sysfs. 1447 * 1448 * LOCKING: 1449 * SCSI layer (we don't care) 1450 * 1451 * RETURNS: 1452 * Newly configured queue depth. 1453 */ 1454 int ata_scsi_change_queue_depth(struct scsi_device *sdev, int queue_depth) 1455 { 1456 struct ata_port *ap = ata_shost_to_port(sdev->host); 1457 1458 return __ata_change_queue_depth(ap, sdev, queue_depth); 1459 } 1460 1461 /** 1462 * ata_scsi_start_stop_xlat - Translate SCSI START STOP UNIT command 1463 * @qc: Storage for translated ATA taskfile 1464 * 1465 * Sets up an ATA taskfile to issue STANDBY (to stop) or READ VERIFY 1466 * (to start). Perhaps these commands should be preceded by 1467 * CHECK POWER MODE to see what power mode the device is already in. 1468 * [See SAT revision 5 at www.t10.org] 1469 * 1470 * LOCKING: 1471 * spin_lock_irqsave(host lock) 1472 * 1473 * RETURNS: 1474 * Zero on success, non-zero on error. 1475 */ 1476 static unsigned int ata_scsi_start_stop_xlat(struct ata_queued_cmd *qc) 1477 { 1478 struct scsi_cmnd *scmd = qc->scsicmd; 1479 struct ata_taskfile *tf = &qc->tf; 1480 const u8 *cdb = scmd->cmnd; 1481 u16 fp; 1482 u8 bp = 0xff; 1483 1484 if (scmd->cmd_len < 5) { 1485 fp = 4; 1486 goto invalid_fld; 1487 } 1488 1489 tf->flags |= ATA_TFLAG_DEVICE | ATA_TFLAG_ISADDR; 1490 tf->protocol = ATA_PROT_NODATA; 1491 if (cdb[1] & 0x1) { 1492 ; /* ignore IMMED bit, violates sat-r05 */ 1493 } 1494 if (cdb[4] & 0x2) { 1495 fp = 4; 1496 bp = 1; 1497 goto invalid_fld; /* LOEJ bit set not supported */ 1498 } 1499 if (((cdb[4] >> 4) & 0xf) != 0) { 1500 fp = 4; 1501 bp = 3; 1502 goto invalid_fld; /* power conditions not supported */ 1503 } 1504 1505 if (cdb[4] & 0x1) { 1506 tf->nsect = 1; /* 1 sector, lba=0 */ 1507 1508 if (qc->dev->flags & ATA_DFLAG_LBA) { 1509 tf->flags |= ATA_TFLAG_LBA; 1510 1511 tf->lbah = 0x0; 1512 tf->lbam = 0x0; 1513 tf->lbal = 0x0; 1514 tf->device |= ATA_LBA; 1515 } else { 1516 /* CHS */ 1517 tf->lbal = 0x1; /* sect */ 1518 tf->lbam = 0x0; /* cyl low */ 1519 tf->lbah = 0x0; /* cyl high */ 1520 } 1521 1522 tf->command = ATA_CMD_VERIFY; /* READ VERIFY */ 1523 } else { 1524 /* Some odd clown BIOSen issue spindown on power off (ACPI S4 1525 * or S5) causing some drives to spin up and down again. 1526 */ 1527 if ((qc->ap->flags & ATA_FLAG_NO_POWEROFF_SPINDOWN) && 1528 system_state == SYSTEM_POWER_OFF) 1529 goto skip; 1530 1531 if ((qc->ap->flags & ATA_FLAG_NO_HIBERNATE_SPINDOWN) && 1532 system_entering_hibernation()) 1533 goto skip; 1534 1535 /* Issue ATA STANDBY IMMEDIATE command */ 1536 tf->command = ATA_CMD_STANDBYNOW1; 1537 } 1538 1539 /* 1540 * Standby and Idle condition timers could be implemented but that 1541 * would require libata to implement the Power condition mode page 1542 * and allow the user to change it. Changing mode pages requires 1543 * MODE SELECT to be implemented. 1544 */ 1545 1546 return 0; 1547 1548 invalid_fld: 1549 ata_scsi_set_invalid_field(qc->dev, scmd, fp, bp); 1550 return 1; 1551 skip: 1552 scmd->result = SAM_STAT_GOOD; 1553 return 1; 1554 } 1555 1556 1557 /** 1558 * ata_scsi_flush_xlat - Translate SCSI SYNCHRONIZE CACHE command 1559 * @qc: Storage for translated ATA taskfile 1560 * 1561 * Sets up an ATA taskfile to issue FLUSH CACHE or 1562 * FLUSH CACHE EXT. 1563 * 1564 * LOCKING: 1565 * spin_lock_irqsave(host lock) 1566 * 1567 * RETURNS: 1568 * Zero on success, non-zero on error. 1569 */ 1570 static unsigned int ata_scsi_flush_xlat(struct ata_queued_cmd *qc) 1571 { 1572 struct ata_taskfile *tf = &qc->tf; 1573 1574 tf->flags |= ATA_TFLAG_DEVICE; 1575 tf->protocol = ATA_PROT_NODATA; 1576 1577 if (qc->dev->flags & ATA_DFLAG_FLUSH_EXT) 1578 tf->command = ATA_CMD_FLUSH_EXT; 1579 else 1580 tf->command = ATA_CMD_FLUSH; 1581 1582 /* flush is critical for IO integrity, consider it an IO command */ 1583 qc->flags |= ATA_QCFLAG_IO; 1584 1585 return 0; 1586 } 1587 1588 /** 1589 * scsi_6_lba_len - Get LBA and transfer length 1590 * @cdb: SCSI command to translate 1591 * 1592 * Calculate LBA and transfer length for 6-byte commands. 1593 * 1594 * RETURNS: 1595 * @plba: the LBA 1596 * @plen: the transfer length 1597 */ 1598 static void scsi_6_lba_len(const u8 *cdb, u64 *plba, u32 *plen) 1599 { 1600 u64 lba = 0; 1601 u32 len; 1602 1603 VPRINTK("six-byte command\n"); 1604 1605 lba |= ((u64)(cdb[1] & 0x1f)) << 16; 1606 lba |= ((u64)cdb[2]) << 8; 1607 lba |= ((u64)cdb[3]); 1608 1609 len = cdb[4]; 1610 1611 *plba = lba; 1612 *plen = len; 1613 } 1614 1615 /** 1616 * scsi_10_lba_len - Get LBA and transfer length 1617 * @cdb: SCSI command to translate 1618 * 1619 * Calculate LBA and transfer length for 10-byte commands. 1620 * 1621 * RETURNS: 1622 * @plba: the LBA 1623 * @plen: the transfer length 1624 */ 1625 static void scsi_10_lba_len(const u8 *cdb, u64 *plba, u32 *plen) 1626 { 1627 u64 lba = 0; 1628 u32 len = 0; 1629 1630 VPRINTK("ten-byte command\n"); 1631 1632 lba |= ((u64)cdb[2]) << 24; 1633 lba |= ((u64)cdb[3]) << 16; 1634 lba |= ((u64)cdb[4]) << 8; 1635 lba |= ((u64)cdb[5]); 1636 1637 len |= ((u32)cdb[7]) << 8; 1638 len |= ((u32)cdb[8]); 1639 1640 *plba = lba; 1641 *plen = len; 1642 } 1643 1644 /** 1645 * scsi_16_lba_len - Get LBA and transfer length 1646 * @cdb: SCSI command to translate 1647 * 1648 * Calculate LBA and transfer length for 16-byte commands. 1649 * 1650 * RETURNS: 1651 * @plba: the LBA 1652 * @plen: the transfer length 1653 */ 1654 static void scsi_16_lba_len(const u8 *cdb, u64 *plba, u32 *plen) 1655 { 1656 u64 lba = 0; 1657 u32 len = 0; 1658 1659 VPRINTK("sixteen-byte command\n"); 1660 1661 lba |= ((u64)cdb[2]) << 56; 1662 lba |= ((u64)cdb[3]) << 48; 1663 lba |= ((u64)cdb[4]) << 40; 1664 lba |= ((u64)cdb[5]) << 32; 1665 lba |= ((u64)cdb[6]) << 24; 1666 lba |= ((u64)cdb[7]) << 16; 1667 lba |= ((u64)cdb[8]) << 8; 1668 lba |= ((u64)cdb[9]); 1669 1670 len |= ((u32)cdb[10]) << 24; 1671 len |= ((u32)cdb[11]) << 16; 1672 len |= ((u32)cdb[12]) << 8; 1673 len |= ((u32)cdb[13]); 1674 1675 *plba = lba; 1676 *plen = len; 1677 } 1678 1679 /** 1680 * ata_scsi_verify_xlat - Translate SCSI VERIFY command into an ATA one 1681 * @qc: Storage for translated ATA taskfile 1682 * 1683 * Converts SCSI VERIFY command to an ATA READ VERIFY command. 1684 * 1685 * LOCKING: 1686 * spin_lock_irqsave(host lock) 1687 * 1688 * RETURNS: 1689 * Zero on success, non-zero on error. 1690 */ 1691 static unsigned int ata_scsi_verify_xlat(struct ata_queued_cmd *qc) 1692 { 1693 struct scsi_cmnd *scmd = qc->scsicmd; 1694 struct ata_taskfile *tf = &qc->tf; 1695 struct ata_device *dev = qc->dev; 1696 u64 dev_sectors = qc->dev->n_sectors; 1697 const u8 *cdb = scmd->cmnd; 1698 u64 block; 1699 u32 n_block; 1700 u16 fp; 1701 1702 tf->flags |= ATA_TFLAG_ISADDR | ATA_TFLAG_DEVICE; 1703 tf->protocol = ATA_PROT_NODATA; 1704 1705 if (cdb[0] == VERIFY) { 1706 if (scmd->cmd_len < 10) { 1707 fp = 9; 1708 goto invalid_fld; 1709 } 1710 scsi_10_lba_len(cdb, &block, &n_block); 1711 } else if (cdb[0] == VERIFY_16) { 1712 if (scmd->cmd_len < 16) { 1713 fp = 15; 1714 goto invalid_fld; 1715 } 1716 scsi_16_lba_len(cdb, &block, &n_block); 1717 } else { 1718 fp = 0; 1719 goto invalid_fld; 1720 } 1721 1722 if (!n_block) 1723 goto nothing_to_do; 1724 if (block >= dev_sectors) 1725 goto out_of_range; 1726 if ((block + n_block) > dev_sectors) 1727 goto out_of_range; 1728 1729 if (dev->flags & ATA_DFLAG_LBA) { 1730 tf->flags |= ATA_TFLAG_LBA; 1731 1732 if (lba_28_ok(block, n_block)) { 1733 /* use LBA28 */ 1734 tf->command = ATA_CMD_VERIFY; 1735 tf->device |= (block >> 24) & 0xf; 1736 } else if (lba_48_ok(block, n_block)) { 1737 if (!(dev->flags & ATA_DFLAG_LBA48)) 1738 goto out_of_range; 1739 1740 /* use LBA48 */ 1741 tf->flags |= ATA_TFLAG_LBA48; 1742 tf->command = ATA_CMD_VERIFY_EXT; 1743 1744 tf->hob_nsect = (n_block >> 8) & 0xff; 1745 1746 tf->hob_lbah = (block >> 40) & 0xff; 1747 tf->hob_lbam = (block >> 32) & 0xff; 1748 tf->hob_lbal = (block >> 24) & 0xff; 1749 } else 1750 /* request too large even for LBA48 */ 1751 goto out_of_range; 1752 1753 tf->nsect = n_block & 0xff; 1754 1755 tf->lbah = (block >> 16) & 0xff; 1756 tf->lbam = (block >> 8) & 0xff; 1757 tf->lbal = block & 0xff; 1758 1759 tf->device |= ATA_LBA; 1760 } else { 1761 /* CHS */ 1762 u32 sect, head, cyl, track; 1763 1764 if (!lba_28_ok(block, n_block)) 1765 goto out_of_range; 1766 1767 /* Convert LBA to CHS */ 1768 track = (u32)block / dev->sectors; 1769 cyl = track / dev->heads; 1770 head = track % dev->heads; 1771 sect = (u32)block % dev->sectors + 1; 1772 1773 DPRINTK("block %u track %u cyl %u head %u sect %u\n", 1774 (u32)block, track, cyl, head, sect); 1775 1776 /* Check whether the converted CHS can fit. 1777 Cylinder: 0-65535 1778 Head: 0-15 1779 Sector: 1-255*/ 1780 if ((cyl >> 16) || (head >> 4) || (sect >> 8) || (!sect)) 1781 goto out_of_range; 1782 1783 tf->command = ATA_CMD_VERIFY; 1784 tf->nsect = n_block & 0xff; /* Sector count 0 means 256 sectors */ 1785 tf->lbal = sect; 1786 tf->lbam = cyl; 1787 tf->lbah = cyl >> 8; 1788 tf->device |= head; 1789 } 1790 1791 return 0; 1792 1793 invalid_fld: 1794 ata_scsi_set_invalid_field(qc->dev, scmd, fp, 0xff); 1795 return 1; 1796 1797 out_of_range: 1798 ata_scsi_set_sense(qc->dev, scmd, ILLEGAL_REQUEST, 0x21, 0x0); 1799 /* "Logical Block Address out of range" */ 1800 return 1; 1801 1802 nothing_to_do: 1803 scmd->result = SAM_STAT_GOOD; 1804 return 1; 1805 } 1806 1807 /** 1808 * ata_scsi_rw_xlat - Translate SCSI r/w command into an ATA one 1809 * @qc: Storage for translated ATA taskfile 1810 * 1811 * Converts any of six SCSI read/write commands into the 1812 * ATA counterpart, including starting sector (LBA), 1813 * sector count, and taking into account the device's LBA48 1814 * support. 1815 * 1816 * Commands %READ_6, %READ_10, %READ_16, %WRITE_6, %WRITE_10, and 1817 * %WRITE_16 are currently supported. 1818 * 1819 * LOCKING: 1820 * spin_lock_irqsave(host lock) 1821 * 1822 * RETURNS: 1823 * Zero on success, non-zero on error. 1824 */ 1825 static unsigned int ata_scsi_rw_xlat(struct ata_queued_cmd *qc) 1826 { 1827 struct scsi_cmnd *scmd = qc->scsicmd; 1828 const u8 *cdb = scmd->cmnd; 1829 struct request *rq = scmd->request; 1830 int class = IOPRIO_PRIO_CLASS(req_get_ioprio(rq)); 1831 unsigned int tf_flags = 0; 1832 u64 block; 1833 u32 n_block; 1834 int rc; 1835 u16 fp = 0; 1836 1837 if (cdb[0] == WRITE_10 || cdb[0] == WRITE_6 || cdb[0] == WRITE_16) 1838 tf_flags |= ATA_TFLAG_WRITE; 1839 1840 /* Calculate the SCSI LBA, transfer length and FUA. */ 1841 switch (cdb[0]) { 1842 case READ_10: 1843 case WRITE_10: 1844 if (unlikely(scmd->cmd_len < 10)) { 1845 fp = 9; 1846 goto invalid_fld; 1847 } 1848 scsi_10_lba_len(cdb, &block, &n_block); 1849 if (cdb[1] & (1 << 3)) 1850 tf_flags |= ATA_TFLAG_FUA; 1851 break; 1852 case READ_6: 1853 case WRITE_6: 1854 if (unlikely(scmd->cmd_len < 6)) { 1855 fp = 5; 1856 goto invalid_fld; 1857 } 1858 scsi_6_lba_len(cdb, &block, &n_block); 1859 1860 /* for 6-byte r/w commands, transfer length 0 1861 * means 256 blocks of data, not 0 block. 1862 */ 1863 if (!n_block) 1864 n_block = 256; 1865 break; 1866 case READ_16: 1867 case WRITE_16: 1868 if (unlikely(scmd->cmd_len < 16)) { 1869 fp = 15; 1870 goto invalid_fld; 1871 } 1872 scsi_16_lba_len(cdb, &block, &n_block); 1873 if (cdb[1] & (1 << 3)) 1874 tf_flags |= ATA_TFLAG_FUA; 1875 break; 1876 default: 1877 DPRINTK("no-byte command\n"); 1878 fp = 0; 1879 goto invalid_fld; 1880 } 1881 1882 /* Check and compose ATA command */ 1883 if (!n_block) 1884 /* For 10-byte and 16-byte SCSI R/W commands, transfer 1885 * length 0 means transfer 0 block of data. 1886 * However, for ATA R/W commands, sector count 0 means 1887 * 256 or 65536 sectors, not 0 sectors as in SCSI. 1888 * 1889 * WARNING: one or two older ATA drives treat 0 as 0... 1890 */ 1891 goto nothing_to_do; 1892 1893 qc->flags |= ATA_QCFLAG_IO; 1894 qc->nbytes = n_block * scmd->device->sector_size; 1895 1896 rc = ata_build_rw_tf(&qc->tf, qc->dev, block, n_block, tf_flags, 1897 qc->tag, class); 1898 1899 if (likely(rc == 0)) 1900 return 0; 1901 1902 if (rc == -ERANGE) 1903 goto out_of_range; 1904 /* treat all other errors as -EINVAL, fall through */ 1905 invalid_fld: 1906 ata_scsi_set_invalid_field(qc->dev, scmd, fp, 0xff); 1907 return 1; 1908 1909 out_of_range: 1910 ata_scsi_set_sense(qc->dev, scmd, ILLEGAL_REQUEST, 0x21, 0x0); 1911 /* "Logical Block Address out of range" */ 1912 return 1; 1913 1914 nothing_to_do: 1915 scmd->result = SAM_STAT_GOOD; 1916 return 1; 1917 } 1918 1919 static void ata_qc_done(struct ata_queued_cmd *qc) 1920 { 1921 struct scsi_cmnd *cmd = qc->scsicmd; 1922 void (*done)(struct scsi_cmnd *) = qc->scsidone; 1923 1924 ata_qc_free(qc); 1925 done(cmd); 1926 } 1927 1928 static void ata_scsi_qc_complete(struct ata_queued_cmd *qc) 1929 { 1930 struct ata_port *ap = qc->ap; 1931 struct scsi_cmnd *cmd = qc->scsicmd; 1932 u8 *cdb = cmd->cmnd; 1933 int need_sense = (qc->err_mask != 0); 1934 1935 /* For ATA pass thru (SAT) commands, generate a sense block if 1936 * user mandated it or if there's an error. Note that if we 1937 * generate because the user forced us to [CK_COND =1], a check 1938 * condition is generated and the ATA register values are returned 1939 * whether the command completed successfully or not. If there 1940 * was no error, we use the following sense data: 1941 * sk = RECOVERED ERROR 1942 * asc,ascq = ATA PASS-THROUGH INFORMATION AVAILABLE 1943 */ 1944 if (((cdb[0] == ATA_16) || (cdb[0] == ATA_12)) && 1945 ((cdb[2] & 0x20) || need_sense)) 1946 ata_gen_passthru_sense(qc); 1947 else if (qc->flags & ATA_QCFLAG_SENSE_VALID) 1948 cmd->result = SAM_STAT_CHECK_CONDITION; 1949 else if (need_sense) 1950 ata_gen_ata_sense(qc); 1951 else 1952 cmd->result = SAM_STAT_GOOD; 1953 1954 if (need_sense && !ap->ops->error_handler) 1955 ata_dump_status(ap->print_id, &qc->result_tf); 1956 1957 ata_qc_done(qc); 1958 } 1959 1960 /** 1961 * ata_scsi_translate - Translate then issue SCSI command to ATA device 1962 * @dev: ATA device to which the command is addressed 1963 * @cmd: SCSI command to execute 1964 * @xlat_func: Actor which translates @cmd to an ATA taskfile 1965 * 1966 * Our ->queuecommand() function has decided that the SCSI 1967 * command issued can be directly translated into an ATA 1968 * command, rather than handled internally. 1969 * 1970 * This function sets up an ata_queued_cmd structure for the 1971 * SCSI command, and sends that ata_queued_cmd to the hardware. 1972 * 1973 * The xlat_func argument (actor) returns 0 if ready to execute 1974 * ATA command, else 1 to finish translation. If 1 is returned 1975 * then cmd->result (and possibly cmd->sense_buffer) are assumed 1976 * to be set reflecting an error condition or clean (early) 1977 * termination. 1978 * 1979 * LOCKING: 1980 * spin_lock_irqsave(host lock) 1981 * 1982 * RETURNS: 1983 * 0 on success, SCSI_ML_QUEUE_DEVICE_BUSY if the command 1984 * needs to be deferred. 1985 */ 1986 static int ata_scsi_translate(struct ata_device *dev, struct scsi_cmnd *cmd, 1987 ata_xlat_func_t xlat_func) 1988 { 1989 struct ata_port *ap = dev->link->ap; 1990 struct ata_queued_cmd *qc; 1991 int rc; 1992 1993 VPRINTK("ENTER\n"); 1994 1995 qc = ata_scsi_qc_new(dev, cmd); 1996 if (!qc) 1997 goto err_mem; 1998 1999 /* data is present; dma-map it */ 2000 if (cmd->sc_data_direction == DMA_FROM_DEVICE || 2001 cmd->sc_data_direction == DMA_TO_DEVICE) { 2002 if (unlikely(scsi_bufflen(cmd) < 1)) { 2003 ata_dev_warn(dev, "WARNING: zero len r/w req\n"); 2004 goto err_did; 2005 } 2006 2007 ata_sg_init(qc, scsi_sglist(cmd), scsi_sg_count(cmd)); 2008 2009 qc->dma_dir = cmd->sc_data_direction; 2010 } 2011 2012 qc->complete_fn = ata_scsi_qc_complete; 2013 2014 if (xlat_func(qc)) 2015 goto early_finish; 2016 2017 if (ap->ops->qc_defer) { 2018 if ((rc = ap->ops->qc_defer(qc))) 2019 goto defer; 2020 } 2021 2022 /* select device, send command to hardware */ 2023 ata_qc_issue(qc); 2024 2025 VPRINTK("EXIT\n"); 2026 return 0; 2027 2028 early_finish: 2029 ata_qc_free(qc); 2030 cmd->scsi_done(cmd); 2031 DPRINTK("EXIT - early finish (good or error)\n"); 2032 return 0; 2033 2034 err_did: 2035 ata_qc_free(qc); 2036 cmd->result = (DID_ERROR << 16); 2037 cmd->scsi_done(cmd); 2038 err_mem: 2039 DPRINTK("EXIT - internal\n"); 2040 return 0; 2041 2042 defer: 2043 ata_qc_free(qc); 2044 DPRINTK("EXIT - defer\n"); 2045 if (rc == ATA_DEFER_LINK) 2046 return SCSI_MLQUEUE_DEVICE_BUSY; 2047 else 2048 return SCSI_MLQUEUE_HOST_BUSY; 2049 } 2050 2051 struct ata_scsi_args { 2052 struct ata_device *dev; 2053 u16 *id; 2054 struct scsi_cmnd *cmd; 2055 }; 2056 2057 /** 2058 * ata_scsi_rbuf_get - Map response buffer. 2059 * @cmd: SCSI command containing buffer to be mapped. 2060 * @flags: unsigned long variable to store irq enable status 2061 * @copy_in: copy in from user buffer 2062 * 2063 * Prepare buffer for simulated SCSI commands. 2064 * 2065 * LOCKING: 2066 * spin_lock_irqsave(ata_scsi_rbuf_lock) on success 2067 * 2068 * RETURNS: 2069 * Pointer to response buffer. 2070 */ 2071 static void *ata_scsi_rbuf_get(struct scsi_cmnd *cmd, bool copy_in, 2072 unsigned long *flags) 2073 { 2074 spin_lock_irqsave(&ata_scsi_rbuf_lock, *flags); 2075 2076 memset(ata_scsi_rbuf, 0, ATA_SCSI_RBUF_SIZE); 2077 if (copy_in) 2078 sg_copy_to_buffer(scsi_sglist(cmd), scsi_sg_count(cmd), 2079 ata_scsi_rbuf, ATA_SCSI_RBUF_SIZE); 2080 return ata_scsi_rbuf; 2081 } 2082 2083 /** 2084 * ata_scsi_rbuf_put - Unmap response buffer. 2085 * @cmd: SCSI command containing buffer to be unmapped. 2086 * @copy_out: copy out result 2087 * @flags: @flags passed to ata_scsi_rbuf_get() 2088 * 2089 * Returns rbuf buffer. The result is copied to @cmd's buffer if 2090 * @copy_back is true. 2091 * 2092 * LOCKING: 2093 * Unlocks ata_scsi_rbuf_lock. 2094 */ 2095 static inline void ata_scsi_rbuf_put(struct scsi_cmnd *cmd, bool copy_out, 2096 unsigned long *flags) 2097 { 2098 if (copy_out) 2099 sg_copy_from_buffer(scsi_sglist(cmd), scsi_sg_count(cmd), 2100 ata_scsi_rbuf, ATA_SCSI_RBUF_SIZE); 2101 spin_unlock_irqrestore(&ata_scsi_rbuf_lock, *flags); 2102 } 2103 2104 /** 2105 * ata_scsi_rbuf_fill - wrapper for SCSI command simulators 2106 * @args: device IDENTIFY data / SCSI command of interest. 2107 * @actor: Callback hook for desired SCSI command simulator 2108 * 2109 * Takes care of the hard work of simulating a SCSI command... 2110 * Mapping the response buffer, calling the command's handler, 2111 * and handling the handler's return value. This return value 2112 * indicates whether the handler wishes the SCSI command to be 2113 * completed successfully (0), or not (in which case cmd->result 2114 * and sense buffer are assumed to be set). 2115 * 2116 * LOCKING: 2117 * spin_lock_irqsave(host lock) 2118 */ 2119 static void ata_scsi_rbuf_fill(struct ata_scsi_args *args, 2120 unsigned int (*actor)(struct ata_scsi_args *args, u8 *rbuf)) 2121 { 2122 u8 *rbuf; 2123 unsigned int rc; 2124 struct scsi_cmnd *cmd = args->cmd; 2125 unsigned long flags; 2126 2127 rbuf = ata_scsi_rbuf_get(cmd, false, &flags); 2128 rc = actor(args, rbuf); 2129 ata_scsi_rbuf_put(cmd, rc == 0, &flags); 2130 2131 if (rc == 0) 2132 cmd->result = SAM_STAT_GOOD; 2133 } 2134 2135 /** 2136 * ata_scsiop_inq_std - Simulate INQUIRY command 2137 * @args: device IDENTIFY data / SCSI command of interest. 2138 * @rbuf: Response buffer, to which simulated SCSI cmd output is sent. 2139 * 2140 * Returns standard device identification data associated 2141 * with non-VPD INQUIRY command output. 2142 * 2143 * LOCKING: 2144 * spin_lock_irqsave(host lock) 2145 */ 2146 static unsigned int ata_scsiop_inq_std(struct ata_scsi_args *args, u8 *rbuf) 2147 { 2148 const u8 versions[] = { 2149 0x00, 2150 0x60, /* SAM-3 (no version claimed) */ 2151 2152 0x03, 2153 0x20, /* SBC-2 (no version claimed) */ 2154 2155 0x03, 2156 0x00 /* SPC-3 (no version claimed) */ 2157 }; 2158 const u8 versions_zbc[] = { 2159 0x00, 2160 0xA0, /* SAM-5 (no version claimed) */ 2161 2162 0x06, 2163 0x00, /* SBC-4 (no version claimed) */ 2164 2165 0x05, 2166 0xC0, /* SPC-5 (no version claimed) */ 2167 2168 0x60, 2169 0x24, /* ZBC r05 */ 2170 }; 2171 2172 u8 hdr[] = { 2173 TYPE_DISK, 2174 0, 2175 0x5, /* claim SPC-3 version compatibility */ 2176 2, 2177 95 - 4, 2178 0, 2179 0, 2180 2 2181 }; 2182 2183 VPRINTK("ENTER\n"); 2184 2185 /* set scsi removable (RMB) bit per ata bit, or if the 2186 * AHCI port says it's external (Hotplug-capable, eSATA). 2187 */ 2188 if (ata_id_removable(args->id) || 2189 (args->dev->link->ap->pflags & ATA_PFLAG_EXTERNAL)) 2190 hdr[1] |= (1 << 7); 2191 2192 if (args->dev->class == ATA_DEV_ZAC) { 2193 hdr[0] = TYPE_ZBC; 2194 hdr[2] = 0x7; /* claim SPC-5 version compatibility */ 2195 } 2196 2197 memcpy(rbuf, hdr, sizeof(hdr)); 2198 memcpy(&rbuf[8], "ATA ", 8); 2199 ata_id_string(args->id, &rbuf[16], ATA_ID_PROD, 16); 2200 2201 /* From SAT, use last 2 words from fw rev unless they are spaces */ 2202 ata_id_string(args->id, &rbuf[32], ATA_ID_FW_REV + 2, 4); 2203 if (strncmp(&rbuf[32], " ", 4) == 0) 2204 ata_id_string(args->id, &rbuf[32], ATA_ID_FW_REV, 4); 2205 2206 if (rbuf[32] == 0 || rbuf[32] == ' ') 2207 memcpy(&rbuf[32], "n/a ", 4); 2208 2209 if (ata_id_zoned_cap(args->id) || args->dev->class == ATA_DEV_ZAC) 2210 memcpy(rbuf + 58, versions_zbc, sizeof(versions_zbc)); 2211 else 2212 memcpy(rbuf + 58, versions, sizeof(versions)); 2213 2214 return 0; 2215 } 2216 2217 /** 2218 * ata_scsiop_inq_00 - Simulate INQUIRY VPD page 0, list of pages 2219 * @args: device IDENTIFY data / SCSI command of interest. 2220 * @rbuf: Response buffer, to which simulated SCSI cmd output is sent. 2221 * 2222 * Returns list of inquiry VPD pages available. 2223 * 2224 * LOCKING: 2225 * spin_lock_irqsave(host lock) 2226 */ 2227 static unsigned int ata_scsiop_inq_00(struct ata_scsi_args *args, u8 *rbuf) 2228 { 2229 int num_pages; 2230 const u8 pages[] = { 2231 0x00, /* page 0x00, this page */ 2232 0x80, /* page 0x80, unit serial no page */ 2233 0x83, /* page 0x83, device ident page */ 2234 0x89, /* page 0x89, ata info page */ 2235 0xb0, /* page 0xb0, block limits page */ 2236 0xb1, /* page 0xb1, block device characteristics page */ 2237 0xb2, /* page 0xb2, thin provisioning page */ 2238 0xb6, /* page 0xb6, zoned block device characteristics */ 2239 }; 2240 2241 num_pages = sizeof(pages); 2242 if (!(args->dev->flags & ATA_DFLAG_ZAC)) 2243 num_pages--; 2244 rbuf[3] = num_pages; /* number of supported VPD pages */ 2245 memcpy(rbuf + 4, pages, num_pages); 2246 return 0; 2247 } 2248 2249 /** 2250 * ata_scsiop_inq_80 - Simulate INQUIRY VPD page 80, device serial number 2251 * @args: device IDENTIFY data / SCSI command of interest. 2252 * @rbuf: Response buffer, to which simulated SCSI cmd output is sent. 2253 * 2254 * Returns ATA device serial number. 2255 * 2256 * LOCKING: 2257 * spin_lock_irqsave(host lock) 2258 */ 2259 static unsigned int ata_scsiop_inq_80(struct ata_scsi_args *args, u8 *rbuf) 2260 { 2261 const u8 hdr[] = { 2262 0, 2263 0x80, /* this page code */ 2264 0, 2265 ATA_ID_SERNO_LEN, /* page len */ 2266 }; 2267 2268 memcpy(rbuf, hdr, sizeof(hdr)); 2269 ata_id_string(args->id, (unsigned char *) &rbuf[4], 2270 ATA_ID_SERNO, ATA_ID_SERNO_LEN); 2271 return 0; 2272 } 2273 2274 /** 2275 * ata_scsiop_inq_83 - Simulate INQUIRY VPD page 83, device identity 2276 * @args: device IDENTIFY data / SCSI command of interest. 2277 * @rbuf: Response buffer, to which simulated SCSI cmd output is sent. 2278 * 2279 * Yields two logical unit device identification designators: 2280 * - vendor specific ASCII containing the ATA serial number 2281 * - SAT defined "t10 vendor id based" containing ASCII vendor 2282 * name ("ATA "), model and serial numbers. 2283 * 2284 * LOCKING: 2285 * spin_lock_irqsave(host lock) 2286 */ 2287 static unsigned int ata_scsiop_inq_83(struct ata_scsi_args *args, u8 *rbuf) 2288 { 2289 const int sat_model_serial_desc_len = 68; 2290 int num; 2291 2292 rbuf[1] = 0x83; /* this page code */ 2293 num = 4; 2294 2295 /* piv=0, assoc=lu, code_set=ACSII, designator=vendor */ 2296 rbuf[num + 0] = 2; 2297 rbuf[num + 3] = ATA_ID_SERNO_LEN; 2298 num += 4; 2299 ata_id_string(args->id, (unsigned char *) rbuf + num, 2300 ATA_ID_SERNO, ATA_ID_SERNO_LEN); 2301 num += ATA_ID_SERNO_LEN; 2302 2303 /* SAT defined lu model and serial numbers descriptor */ 2304 /* piv=0, assoc=lu, code_set=ACSII, designator=t10 vendor id */ 2305 rbuf[num + 0] = 2; 2306 rbuf[num + 1] = 1; 2307 rbuf[num + 3] = sat_model_serial_desc_len; 2308 num += 4; 2309 memcpy(rbuf + num, "ATA ", 8); 2310 num += 8; 2311 ata_id_string(args->id, (unsigned char *) rbuf + num, ATA_ID_PROD, 2312 ATA_ID_PROD_LEN); 2313 num += ATA_ID_PROD_LEN; 2314 ata_id_string(args->id, (unsigned char *) rbuf + num, ATA_ID_SERNO, 2315 ATA_ID_SERNO_LEN); 2316 num += ATA_ID_SERNO_LEN; 2317 2318 if (ata_id_has_wwn(args->id)) { 2319 /* SAT defined lu world wide name */ 2320 /* piv=0, assoc=lu, code_set=binary, designator=NAA */ 2321 rbuf[num + 0] = 1; 2322 rbuf[num + 1] = 3; 2323 rbuf[num + 3] = ATA_ID_WWN_LEN; 2324 num += 4; 2325 ata_id_string(args->id, (unsigned char *) rbuf + num, 2326 ATA_ID_WWN, ATA_ID_WWN_LEN); 2327 num += ATA_ID_WWN_LEN; 2328 } 2329 rbuf[3] = num - 4; /* page len (assume less than 256 bytes) */ 2330 return 0; 2331 } 2332 2333 /** 2334 * ata_scsiop_inq_89 - Simulate INQUIRY VPD page 89, ATA info 2335 * @args: device IDENTIFY data / SCSI command of interest. 2336 * @rbuf: Response buffer, to which simulated SCSI cmd output is sent. 2337 * 2338 * Yields SAT-specified ATA VPD page. 2339 * 2340 * LOCKING: 2341 * spin_lock_irqsave(host lock) 2342 */ 2343 static unsigned int ata_scsiop_inq_89(struct ata_scsi_args *args, u8 *rbuf) 2344 { 2345 struct ata_taskfile tf; 2346 2347 memset(&tf, 0, sizeof(tf)); 2348 2349 rbuf[1] = 0x89; /* our page code */ 2350 rbuf[2] = (0x238 >> 8); /* page size fixed at 238h */ 2351 rbuf[3] = (0x238 & 0xff); 2352 2353 memcpy(&rbuf[8], "linux ", 8); 2354 memcpy(&rbuf[16], "libata ", 16); 2355 memcpy(&rbuf[32], DRV_VERSION, 4); 2356 2357 /* we don't store the ATA device signature, so we fake it */ 2358 2359 tf.command = ATA_DRDY; /* really, this is Status reg */ 2360 tf.lbal = 0x1; 2361 tf.nsect = 0x1; 2362 2363 ata_tf_to_fis(&tf, 0, 1, &rbuf[36]); /* TODO: PMP? */ 2364 rbuf[36] = 0x34; /* force D2H Reg FIS (34h) */ 2365 2366 rbuf[56] = ATA_CMD_ID_ATA; 2367 2368 memcpy(&rbuf[60], &args->id[0], 512); 2369 return 0; 2370 } 2371 2372 static unsigned int ata_scsiop_inq_b0(struct ata_scsi_args *args, u8 *rbuf) 2373 { 2374 u16 min_io_sectors; 2375 2376 rbuf[1] = 0xb0; 2377 rbuf[3] = 0x3c; /* required VPD size with unmap support */ 2378 2379 /* 2380 * Optimal transfer length granularity. 2381 * 2382 * This is always one physical block, but for disks with a smaller 2383 * logical than physical sector size we need to figure out what the 2384 * latter is. 2385 */ 2386 min_io_sectors = 1 << ata_id_log2_per_physical_sector(args->id); 2387 put_unaligned_be16(min_io_sectors, &rbuf[6]); 2388 2389 /* 2390 * Optimal unmap granularity. 2391 * 2392 * The ATA spec doesn't even know about a granularity or alignment 2393 * for the TRIM command. We can leave away most of the unmap related 2394 * VPD page entries, but we have specifify a granularity to signal 2395 * that we support some form of unmap - in thise case via WRITE SAME 2396 * with the unmap bit set. 2397 */ 2398 if (ata_id_has_trim(args->id)) { 2399 put_unaligned_be64(65535 * ATA_MAX_TRIM_RNUM, &rbuf[36]); 2400 put_unaligned_be32(1, &rbuf[28]); 2401 } 2402 2403 return 0; 2404 } 2405 2406 static unsigned int ata_scsiop_inq_b1(struct ata_scsi_args *args, u8 *rbuf) 2407 { 2408 int form_factor = ata_id_form_factor(args->id); 2409 int media_rotation_rate = ata_id_rotation_rate(args->id); 2410 u8 zoned = ata_id_zoned_cap(args->id); 2411 2412 rbuf[1] = 0xb1; 2413 rbuf[3] = 0x3c; 2414 rbuf[4] = media_rotation_rate >> 8; 2415 rbuf[5] = media_rotation_rate; 2416 rbuf[7] = form_factor; 2417 if (zoned) 2418 rbuf[8] = (zoned << 4); 2419 2420 return 0; 2421 } 2422 2423 static unsigned int ata_scsiop_inq_b2(struct ata_scsi_args *args, u8 *rbuf) 2424 { 2425 /* SCSI Thin Provisioning VPD page: SBC-3 rev 22 or later */ 2426 rbuf[1] = 0xb2; 2427 rbuf[3] = 0x4; 2428 rbuf[5] = 1 << 6; /* TPWS */ 2429 2430 return 0; 2431 } 2432 2433 static unsigned int ata_scsiop_inq_b6(struct ata_scsi_args *args, u8 *rbuf) 2434 { 2435 /* 2436 * zbc-r05 SCSI Zoned Block device characteristics VPD page 2437 */ 2438 rbuf[1] = 0xb6; 2439 rbuf[3] = 0x3C; 2440 2441 /* 2442 * URSWRZ bit is only meaningful for host-managed ZAC drives 2443 */ 2444 if (args->dev->zac_zoned_cap & 1) 2445 rbuf[4] |= 1; 2446 put_unaligned_be32(args->dev->zac_zones_optimal_open, &rbuf[8]); 2447 put_unaligned_be32(args->dev->zac_zones_optimal_nonseq, &rbuf[12]); 2448 put_unaligned_be32(args->dev->zac_zones_max_open, &rbuf[16]); 2449 2450 return 0; 2451 } 2452 2453 /** 2454 * modecpy - Prepare response for MODE SENSE 2455 * @dest: output buffer 2456 * @src: data being copied 2457 * @n: length of mode page 2458 * @changeable: whether changeable parameters are requested 2459 * 2460 * Generate a generic MODE SENSE page for either current or changeable 2461 * parameters. 2462 * 2463 * LOCKING: 2464 * None. 2465 */ 2466 static void modecpy(u8 *dest, const u8 *src, int n, bool changeable) 2467 { 2468 if (changeable) { 2469 memcpy(dest, src, 2); 2470 memset(dest + 2, 0, n - 2); 2471 } else { 2472 memcpy(dest, src, n); 2473 } 2474 } 2475 2476 /** 2477 * ata_msense_caching - Simulate MODE SENSE caching info page 2478 * @id: device IDENTIFY data 2479 * @buf: output buffer 2480 * @changeable: whether changeable parameters are requested 2481 * 2482 * Generate a caching info page, which conditionally indicates 2483 * write caching to the SCSI layer, depending on device 2484 * capabilities. 2485 * 2486 * LOCKING: 2487 * None. 2488 */ 2489 static unsigned int ata_msense_caching(u16 *id, u8 *buf, bool changeable) 2490 { 2491 modecpy(buf, def_cache_mpage, sizeof(def_cache_mpage), changeable); 2492 if (changeable) { 2493 buf[2] |= (1 << 2); /* ata_mselect_caching() */ 2494 } else { 2495 buf[2] |= (ata_id_wcache_enabled(id) << 2); /* write cache enable */ 2496 buf[12] |= (!ata_id_rahead_enabled(id) << 5); /* disable read ahead */ 2497 } 2498 return sizeof(def_cache_mpage); 2499 } 2500 2501 /** 2502 * ata_msense_control - Simulate MODE SENSE control mode page 2503 * @dev: ATA device of interest 2504 * @buf: output buffer 2505 * @changeable: whether changeable parameters are requested 2506 * 2507 * Generate a generic MODE SENSE control mode page. 2508 * 2509 * LOCKING: 2510 * None. 2511 */ 2512 static unsigned int ata_msense_control(struct ata_device *dev, u8 *buf, 2513 bool changeable) 2514 { 2515 modecpy(buf, def_control_mpage, sizeof(def_control_mpage), changeable); 2516 if (changeable) { 2517 buf[2] |= (1 << 2); /* ata_mselect_control() */ 2518 } else { 2519 bool d_sense = (dev->flags & ATA_DFLAG_D_SENSE); 2520 2521 buf[2] |= (d_sense << 2); /* descriptor format sense data */ 2522 } 2523 return sizeof(def_control_mpage); 2524 } 2525 2526 /** 2527 * ata_msense_rw_recovery - Simulate MODE SENSE r/w error recovery page 2528 * @buf: output buffer 2529 * @changeable: whether changeable parameters are requested 2530 * 2531 * Generate a generic MODE SENSE r/w error recovery page. 2532 * 2533 * LOCKING: 2534 * None. 2535 */ 2536 static unsigned int ata_msense_rw_recovery(u8 *buf, bool changeable) 2537 { 2538 modecpy(buf, def_rw_recovery_mpage, sizeof(def_rw_recovery_mpage), 2539 changeable); 2540 return sizeof(def_rw_recovery_mpage); 2541 } 2542 2543 /* 2544 * We can turn this into a real blacklist if it's needed, for now just 2545 * blacklist any Maxtor BANC1G10 revision firmware 2546 */ 2547 static int ata_dev_supports_fua(u16 *id) 2548 { 2549 unsigned char model[ATA_ID_PROD_LEN + 1], fw[ATA_ID_FW_REV_LEN + 1]; 2550 2551 if (!libata_fua) 2552 return 0; 2553 if (!ata_id_has_fua(id)) 2554 return 0; 2555 2556 ata_id_c_string(id, model, ATA_ID_PROD, sizeof(model)); 2557 ata_id_c_string(id, fw, ATA_ID_FW_REV, sizeof(fw)); 2558 2559 if (strcmp(model, "Maxtor")) 2560 return 1; 2561 if (strcmp(fw, "BANC1G10")) 2562 return 1; 2563 2564 return 0; /* blacklisted */ 2565 } 2566 2567 /** 2568 * ata_scsiop_mode_sense - Simulate MODE SENSE 6, 10 commands 2569 * @args: device IDENTIFY data / SCSI command of interest. 2570 * @rbuf: Response buffer, to which simulated SCSI cmd output is sent. 2571 * 2572 * Simulate MODE SENSE commands. Assume this is invoked for direct 2573 * access devices (e.g. disks) only. There should be no block 2574 * descriptor for other device types. 2575 * 2576 * LOCKING: 2577 * spin_lock_irqsave(host lock) 2578 */ 2579 static unsigned int ata_scsiop_mode_sense(struct ata_scsi_args *args, u8 *rbuf) 2580 { 2581 struct ata_device *dev = args->dev; 2582 u8 *scsicmd = args->cmd->cmnd, *p = rbuf; 2583 const u8 sat_blk_desc[] = { 2584 0, 0, 0, 0, /* number of blocks: sat unspecified */ 2585 0, 2586 0, 0x2, 0x0 /* block length: 512 bytes */ 2587 }; 2588 u8 pg, spg; 2589 unsigned int ebd, page_control, six_byte; 2590 u8 dpofua, bp = 0xff; 2591 u16 fp; 2592 2593 VPRINTK("ENTER\n"); 2594 2595 six_byte = (scsicmd[0] == MODE_SENSE); 2596 ebd = !(scsicmd[1] & 0x8); /* dbd bit inverted == edb */ 2597 /* 2598 * LLBA bit in msense(10) ignored (compliant) 2599 */ 2600 2601 page_control = scsicmd[2] >> 6; 2602 switch (page_control) { 2603 case 0: /* current */ 2604 case 1: /* changeable */ 2605 case 2: /* defaults */ 2606 break; /* supported */ 2607 case 3: /* saved */ 2608 goto saving_not_supp; 2609 default: 2610 fp = 2; 2611 bp = 6; 2612 goto invalid_fld; 2613 } 2614 2615 if (six_byte) 2616 p += 4 + (ebd ? 8 : 0); 2617 else 2618 p += 8 + (ebd ? 8 : 0); 2619 2620 pg = scsicmd[2] & 0x3f; 2621 spg = scsicmd[3]; 2622 /* 2623 * No mode subpages supported (yet) but asking for _all_ 2624 * subpages may be valid 2625 */ 2626 if (spg && (spg != ALL_SUB_MPAGES)) { 2627 fp = 3; 2628 goto invalid_fld; 2629 } 2630 2631 switch(pg) { 2632 case RW_RECOVERY_MPAGE: 2633 p += ata_msense_rw_recovery(p, page_control == 1); 2634 break; 2635 2636 case CACHE_MPAGE: 2637 p += ata_msense_caching(args->id, p, page_control == 1); 2638 break; 2639 2640 case CONTROL_MPAGE: 2641 p += ata_msense_control(args->dev, p, page_control == 1); 2642 break; 2643 2644 case ALL_MPAGES: 2645 p += ata_msense_rw_recovery(p, page_control == 1); 2646 p += ata_msense_caching(args->id, p, page_control == 1); 2647 p += ata_msense_control(args->dev, p, page_control == 1); 2648 break; 2649 2650 default: /* invalid page code */ 2651 fp = 2; 2652 goto invalid_fld; 2653 } 2654 2655 dpofua = 0; 2656 if (ata_dev_supports_fua(args->id) && (dev->flags & ATA_DFLAG_LBA48) && 2657 (!(dev->flags & ATA_DFLAG_PIO) || dev->multi_count)) 2658 dpofua = 1 << 4; 2659 2660 if (six_byte) { 2661 rbuf[0] = p - rbuf - 1; 2662 rbuf[2] |= dpofua; 2663 if (ebd) { 2664 rbuf[3] = sizeof(sat_blk_desc); 2665 memcpy(rbuf + 4, sat_blk_desc, sizeof(sat_blk_desc)); 2666 } 2667 } else { 2668 unsigned int output_len = p - rbuf - 2; 2669 2670 rbuf[0] = output_len >> 8; 2671 rbuf[1] = output_len; 2672 rbuf[3] |= dpofua; 2673 if (ebd) { 2674 rbuf[7] = sizeof(sat_blk_desc); 2675 memcpy(rbuf + 8, sat_blk_desc, sizeof(sat_blk_desc)); 2676 } 2677 } 2678 return 0; 2679 2680 invalid_fld: 2681 ata_scsi_set_invalid_field(dev, args->cmd, fp, bp); 2682 return 1; 2683 2684 saving_not_supp: 2685 ata_scsi_set_sense(dev, args->cmd, ILLEGAL_REQUEST, 0x39, 0x0); 2686 /* "Saving parameters not supported" */ 2687 return 1; 2688 } 2689 2690 /** 2691 * ata_scsiop_read_cap - Simulate READ CAPACITY[ 16] commands 2692 * @args: device IDENTIFY data / SCSI command of interest. 2693 * @rbuf: Response buffer, to which simulated SCSI cmd output is sent. 2694 * 2695 * Simulate READ CAPACITY commands. 2696 * 2697 * LOCKING: 2698 * None. 2699 */ 2700 static unsigned int ata_scsiop_read_cap(struct ata_scsi_args *args, u8 *rbuf) 2701 { 2702 struct ata_device *dev = args->dev; 2703 u64 last_lba = dev->n_sectors - 1; /* LBA of the last block */ 2704 u32 sector_size; /* physical sector size in bytes */ 2705 u8 log2_per_phys; 2706 u16 lowest_aligned; 2707 2708 sector_size = ata_id_logical_sector_size(dev->id); 2709 log2_per_phys = ata_id_log2_per_physical_sector(dev->id); 2710 lowest_aligned = ata_id_logical_sector_offset(dev->id, log2_per_phys); 2711 2712 VPRINTK("ENTER\n"); 2713 2714 if (args->cmd->cmnd[0] == READ_CAPACITY) { 2715 if (last_lba >= 0xffffffffULL) 2716 last_lba = 0xffffffff; 2717 2718 /* sector count, 32-bit */ 2719 rbuf[0] = last_lba >> (8 * 3); 2720 rbuf[1] = last_lba >> (8 * 2); 2721 rbuf[2] = last_lba >> (8 * 1); 2722 rbuf[3] = last_lba; 2723 2724 /* sector size */ 2725 rbuf[4] = sector_size >> (8 * 3); 2726 rbuf[5] = sector_size >> (8 * 2); 2727 rbuf[6] = sector_size >> (8 * 1); 2728 rbuf[7] = sector_size; 2729 } else { 2730 /* sector count, 64-bit */ 2731 rbuf[0] = last_lba >> (8 * 7); 2732 rbuf[1] = last_lba >> (8 * 6); 2733 rbuf[2] = last_lba >> (8 * 5); 2734 rbuf[3] = last_lba >> (8 * 4); 2735 rbuf[4] = last_lba >> (8 * 3); 2736 rbuf[5] = last_lba >> (8 * 2); 2737 rbuf[6] = last_lba >> (8 * 1); 2738 rbuf[7] = last_lba; 2739 2740 /* sector size */ 2741 rbuf[ 8] = sector_size >> (8 * 3); 2742 rbuf[ 9] = sector_size >> (8 * 2); 2743 rbuf[10] = sector_size >> (8 * 1); 2744 rbuf[11] = sector_size; 2745 2746 rbuf[12] = 0; 2747 rbuf[13] = log2_per_phys; 2748 rbuf[14] = (lowest_aligned >> 8) & 0x3f; 2749 rbuf[15] = lowest_aligned; 2750 2751 if (ata_id_has_trim(args->id) && 2752 !(dev->horkage & ATA_HORKAGE_NOTRIM)) { 2753 rbuf[14] |= 0x80; /* LBPME */ 2754 2755 if (ata_id_has_zero_after_trim(args->id) && 2756 dev->horkage & ATA_HORKAGE_ZERO_AFTER_TRIM) { 2757 ata_dev_info(dev, "Enabling discard_zeroes_data\n"); 2758 rbuf[14] |= 0x40; /* LBPRZ */ 2759 } 2760 } 2761 if (ata_id_zoned_cap(args->id) || 2762 args->dev->class == ATA_DEV_ZAC) 2763 rbuf[12] = (1 << 4); /* RC_BASIS */ 2764 } 2765 return 0; 2766 } 2767 2768 /** 2769 * ata_scsiop_report_luns - Simulate REPORT LUNS command 2770 * @args: device IDENTIFY data / SCSI command of interest. 2771 * @rbuf: Response buffer, to which simulated SCSI cmd output is sent. 2772 * 2773 * Simulate REPORT LUNS command. 2774 * 2775 * LOCKING: 2776 * spin_lock_irqsave(host lock) 2777 */ 2778 static unsigned int ata_scsiop_report_luns(struct ata_scsi_args *args, u8 *rbuf) 2779 { 2780 VPRINTK("ENTER\n"); 2781 rbuf[3] = 8; /* just one lun, LUN 0, size 8 bytes */ 2782 2783 return 0; 2784 } 2785 2786 static void atapi_sense_complete(struct ata_queued_cmd *qc) 2787 { 2788 if (qc->err_mask && ((qc->err_mask & AC_ERR_DEV) == 0)) { 2789 /* FIXME: not quite right; we don't want the 2790 * translation of taskfile registers into 2791 * a sense descriptors, since that's only 2792 * correct for ATA, not ATAPI 2793 */ 2794 ata_gen_passthru_sense(qc); 2795 } 2796 2797 ata_qc_done(qc); 2798 } 2799 2800 /* is it pointless to prefer PIO for "safety reasons"? */ 2801 static inline int ata_pio_use_silly(struct ata_port *ap) 2802 { 2803 return (ap->flags & ATA_FLAG_PIO_DMA); 2804 } 2805 2806 static void atapi_request_sense(struct ata_queued_cmd *qc) 2807 { 2808 struct ata_port *ap = qc->ap; 2809 struct scsi_cmnd *cmd = qc->scsicmd; 2810 2811 DPRINTK("ATAPI request sense\n"); 2812 2813 memset(cmd->sense_buffer, 0, SCSI_SENSE_BUFFERSIZE); 2814 2815 #ifdef CONFIG_ATA_SFF 2816 if (ap->ops->sff_tf_read) 2817 ap->ops->sff_tf_read(ap, &qc->tf); 2818 #endif 2819 2820 /* fill these in, for the case where they are -not- overwritten */ 2821 cmd->sense_buffer[0] = 0x70; 2822 cmd->sense_buffer[2] = qc->tf.feature >> 4; 2823 2824 ata_qc_reinit(qc); 2825 2826 /* setup sg table and init transfer direction */ 2827 sg_init_one(&qc->sgent, cmd->sense_buffer, SCSI_SENSE_BUFFERSIZE); 2828 ata_sg_init(qc, &qc->sgent, 1); 2829 qc->dma_dir = DMA_FROM_DEVICE; 2830 2831 memset(&qc->cdb, 0, qc->dev->cdb_len); 2832 qc->cdb[0] = REQUEST_SENSE; 2833 qc->cdb[4] = SCSI_SENSE_BUFFERSIZE; 2834 2835 qc->tf.flags |= ATA_TFLAG_ISADDR | ATA_TFLAG_DEVICE; 2836 qc->tf.command = ATA_CMD_PACKET; 2837 2838 if (ata_pio_use_silly(ap)) { 2839 qc->tf.protocol = ATAPI_PROT_DMA; 2840 qc->tf.feature |= ATAPI_PKT_DMA; 2841 } else { 2842 qc->tf.protocol = ATAPI_PROT_PIO; 2843 qc->tf.lbam = SCSI_SENSE_BUFFERSIZE; 2844 qc->tf.lbah = 0; 2845 } 2846 qc->nbytes = SCSI_SENSE_BUFFERSIZE; 2847 2848 qc->complete_fn = atapi_sense_complete; 2849 2850 ata_qc_issue(qc); 2851 2852 DPRINTK("EXIT\n"); 2853 } 2854 2855 /* 2856 * ATAPI devices typically report zero for their SCSI version, and sometimes 2857 * deviate from the spec WRT response data format. If SCSI version is 2858 * reported as zero like normal, then we make the following fixups: 2859 * 1) Fake MMC-5 version, to indicate to the Linux scsi midlayer this is a 2860 * modern device. 2861 * 2) Ensure response data format / ATAPI information are always correct. 2862 */ 2863 static void atapi_fixup_inquiry(struct scsi_cmnd *cmd) 2864 { 2865 u8 buf[4]; 2866 2867 sg_copy_to_buffer(scsi_sglist(cmd), scsi_sg_count(cmd), buf, 4); 2868 if (buf[2] == 0) { 2869 buf[2] = 0x5; 2870 buf[3] = 0x32; 2871 } 2872 sg_copy_from_buffer(scsi_sglist(cmd), scsi_sg_count(cmd), buf, 4); 2873 } 2874 2875 static void atapi_qc_complete(struct ata_queued_cmd *qc) 2876 { 2877 struct scsi_cmnd *cmd = qc->scsicmd; 2878 unsigned int err_mask = qc->err_mask; 2879 2880 VPRINTK("ENTER, err_mask 0x%X\n", err_mask); 2881 2882 /* handle completion from new EH */ 2883 if (unlikely(qc->ap->ops->error_handler && 2884 (err_mask || qc->flags & ATA_QCFLAG_SENSE_VALID))) { 2885 2886 if (!(qc->flags & ATA_QCFLAG_SENSE_VALID)) { 2887 /* FIXME: not quite right; we don't want the 2888 * translation of taskfile registers into a 2889 * sense descriptors, since that's only 2890 * correct for ATA, not ATAPI 2891 */ 2892 ata_gen_passthru_sense(qc); 2893 } 2894 2895 /* SCSI EH automatically locks door if sdev->locked is 2896 * set. Sometimes door lock request continues to 2897 * fail, for example, when no media is present. This 2898 * creates a loop - SCSI EH issues door lock which 2899 * fails and gets invoked again to acquire sense data 2900 * for the failed command. 2901 * 2902 * If door lock fails, always clear sdev->locked to 2903 * avoid this infinite loop. 2904 * 2905 * This may happen before SCSI scan is complete. Make 2906 * sure qc->dev->sdev isn't NULL before dereferencing. 2907 */ 2908 if (qc->cdb[0] == ALLOW_MEDIUM_REMOVAL && qc->dev->sdev) 2909 qc->dev->sdev->locked = 0; 2910 2911 qc->scsicmd->result = SAM_STAT_CHECK_CONDITION; 2912 ata_qc_done(qc); 2913 return; 2914 } 2915 2916 /* successful completion or old EH failure path */ 2917 if (unlikely(err_mask & AC_ERR_DEV)) { 2918 cmd->result = SAM_STAT_CHECK_CONDITION; 2919 atapi_request_sense(qc); 2920 return; 2921 } else if (unlikely(err_mask)) { 2922 /* FIXME: not quite right; we don't want the 2923 * translation of taskfile registers into 2924 * a sense descriptors, since that's only 2925 * correct for ATA, not ATAPI 2926 */ 2927 ata_gen_passthru_sense(qc); 2928 } else { 2929 if (cmd->cmnd[0] == INQUIRY && (cmd->cmnd[1] & 0x03) == 0) 2930 atapi_fixup_inquiry(cmd); 2931 cmd->result = SAM_STAT_GOOD; 2932 } 2933 2934 ata_qc_done(qc); 2935 } 2936 /** 2937 * atapi_xlat - Initialize PACKET taskfile 2938 * @qc: command structure to be initialized 2939 * 2940 * LOCKING: 2941 * spin_lock_irqsave(host lock) 2942 * 2943 * RETURNS: 2944 * Zero on success, non-zero on failure. 2945 */ 2946 static unsigned int atapi_xlat(struct ata_queued_cmd *qc) 2947 { 2948 struct scsi_cmnd *scmd = qc->scsicmd; 2949 struct ata_device *dev = qc->dev; 2950 int nodata = (scmd->sc_data_direction == DMA_NONE); 2951 int using_pio = !nodata && (dev->flags & ATA_DFLAG_PIO); 2952 unsigned int nbytes; 2953 2954 memset(qc->cdb, 0, dev->cdb_len); 2955 memcpy(qc->cdb, scmd->cmnd, scmd->cmd_len); 2956 2957 qc->complete_fn = atapi_qc_complete; 2958 2959 qc->tf.flags |= ATA_TFLAG_ISADDR | ATA_TFLAG_DEVICE; 2960 if (scmd->sc_data_direction == DMA_TO_DEVICE) { 2961 qc->tf.flags |= ATA_TFLAG_WRITE; 2962 DPRINTK("direction: write\n"); 2963 } 2964 2965 qc->tf.command = ATA_CMD_PACKET; 2966 ata_qc_set_pc_nbytes(qc); 2967 2968 /* check whether ATAPI DMA is safe */ 2969 if (!nodata && !using_pio && atapi_check_dma(qc)) 2970 using_pio = 1; 2971 2972 /* Some controller variants snoop this value for Packet 2973 * transfers to do state machine and FIFO management. Thus we 2974 * want to set it properly, and for DMA where it is 2975 * effectively meaningless. 2976 */ 2977 nbytes = min(ata_qc_raw_nbytes(qc), (unsigned int)63 * 1024); 2978 2979 /* Most ATAPI devices which honor transfer chunk size don't 2980 * behave according to the spec when odd chunk size which 2981 * matches the transfer length is specified. If the number of 2982 * bytes to transfer is 2n+1. According to the spec, what 2983 * should happen is to indicate that 2n+1 is going to be 2984 * transferred and transfer 2n+2 bytes where the last byte is 2985 * padding. 2986 * 2987 * In practice, this doesn't happen. ATAPI devices first 2988 * indicate and transfer 2n bytes and then indicate and 2989 * transfer 2 bytes where the last byte is padding. 2990 * 2991 * This inconsistency confuses several controllers which 2992 * perform PIO using DMA such as Intel AHCIs and sil3124/32. 2993 * These controllers use actual number of transferred bytes to 2994 * update DMA poitner and transfer of 4n+2 bytes make those 2995 * controller push DMA pointer by 4n+4 bytes because SATA data 2996 * FISes are aligned to 4 bytes. This causes data corruption 2997 * and buffer overrun. 2998 * 2999 * Always setting nbytes to even number solves this problem 3000 * because then ATAPI devices don't have to split data at 2n 3001 * boundaries. 3002 */ 3003 if (nbytes & 0x1) 3004 nbytes++; 3005 3006 qc->tf.lbam = (nbytes & 0xFF); 3007 qc->tf.lbah = (nbytes >> 8); 3008 3009 if (nodata) 3010 qc->tf.protocol = ATAPI_PROT_NODATA; 3011 else if (using_pio) 3012 qc->tf.protocol = ATAPI_PROT_PIO; 3013 else { 3014 /* DMA data xfer */ 3015 qc->tf.protocol = ATAPI_PROT_DMA; 3016 qc->tf.feature |= ATAPI_PKT_DMA; 3017 3018 if ((dev->flags & ATA_DFLAG_DMADIR) && 3019 (scmd->sc_data_direction != DMA_TO_DEVICE)) 3020 /* some SATA bridges need us to indicate data xfer direction */ 3021 qc->tf.feature |= ATAPI_DMADIR; 3022 } 3023 3024 3025 /* FIXME: We need to translate 0x05 READ_BLOCK_LIMITS to a MODE_SENSE 3026 as ATAPI tape drives don't get this right otherwise */ 3027 return 0; 3028 } 3029 3030 static struct ata_device *ata_find_dev(struct ata_port *ap, int devno) 3031 { 3032 if (!sata_pmp_attached(ap)) { 3033 if (likely(devno >= 0 && 3034 devno < ata_link_max_devices(&ap->link))) 3035 return &ap->link.device[devno]; 3036 } else { 3037 if (likely(devno >= 0 && 3038 devno < ap->nr_pmp_links)) 3039 return &ap->pmp_link[devno].device[0]; 3040 } 3041 3042 return NULL; 3043 } 3044 3045 static struct ata_device *__ata_scsi_find_dev(struct ata_port *ap, 3046 const struct scsi_device *scsidev) 3047 { 3048 int devno; 3049 3050 /* skip commands not addressed to targets we simulate */ 3051 if (!sata_pmp_attached(ap)) { 3052 if (unlikely(scsidev->channel || scsidev->lun)) 3053 return NULL; 3054 devno = scsidev->id; 3055 } else { 3056 if (unlikely(scsidev->id || scsidev->lun)) 3057 return NULL; 3058 devno = scsidev->channel; 3059 } 3060 3061 return ata_find_dev(ap, devno); 3062 } 3063 3064 /** 3065 * ata_scsi_find_dev - lookup ata_device from scsi_cmnd 3066 * @ap: ATA port to which the device is attached 3067 * @scsidev: SCSI device from which we derive the ATA device 3068 * 3069 * Given various information provided in struct scsi_cmnd, 3070 * map that onto an ATA bus, and using that mapping 3071 * determine which ata_device is associated with the 3072 * SCSI command to be sent. 3073 * 3074 * LOCKING: 3075 * spin_lock_irqsave(host lock) 3076 * 3077 * RETURNS: 3078 * Associated ATA device, or %NULL if not found. 3079 */ 3080 static struct ata_device * 3081 ata_scsi_find_dev(struct ata_port *ap, const struct scsi_device *scsidev) 3082 { 3083 struct ata_device *dev = __ata_scsi_find_dev(ap, scsidev); 3084 3085 if (unlikely(!dev || !ata_dev_enabled(dev))) 3086 return NULL; 3087 3088 return dev; 3089 } 3090 3091 /* 3092 * ata_scsi_map_proto - Map pass-thru protocol value to taskfile value. 3093 * @byte1: Byte 1 from pass-thru CDB. 3094 * 3095 * RETURNS: 3096 * ATA_PROT_UNKNOWN if mapping failed/unimplemented, protocol otherwise. 3097 */ 3098 static u8 3099 ata_scsi_map_proto(u8 byte1) 3100 { 3101 switch((byte1 & 0x1e) >> 1) { 3102 case 3: /* Non-data */ 3103 return ATA_PROT_NODATA; 3104 3105 case 6: /* DMA */ 3106 case 10: /* UDMA Data-in */ 3107 case 11: /* UDMA Data-Out */ 3108 return ATA_PROT_DMA; 3109 3110 case 4: /* PIO Data-in */ 3111 case 5: /* PIO Data-out */ 3112 return ATA_PROT_PIO; 3113 3114 case 12: /* FPDMA */ 3115 return ATA_PROT_NCQ; 3116 3117 case 0: /* Hard Reset */ 3118 case 1: /* SRST */ 3119 case 8: /* Device Diagnostic */ 3120 case 9: /* Device Reset */ 3121 case 7: /* DMA Queued */ 3122 case 15: /* Return Response Info */ 3123 default: /* Reserved */ 3124 break; 3125 } 3126 3127 return ATA_PROT_UNKNOWN; 3128 } 3129 3130 /** 3131 * ata_scsi_pass_thru - convert ATA pass-thru CDB to taskfile 3132 * @qc: command structure to be initialized 3133 * 3134 * Handles either 12, 16, or 32-byte versions of the CDB. 3135 * 3136 * RETURNS: 3137 * Zero on success, non-zero on failure. 3138 */ 3139 static unsigned int ata_scsi_pass_thru(struct ata_queued_cmd *qc) 3140 { 3141 struct ata_taskfile *tf = &(qc->tf); 3142 struct scsi_cmnd *scmd = qc->scsicmd; 3143 struct ata_device *dev = qc->dev; 3144 const u8 *cdb = scmd->cmnd; 3145 u16 fp; 3146 u16 cdb_offset = 0; 3147 3148 /* 7Fh variable length cmd means a ata pass-thru(32) */ 3149 if (cdb[0] == VARIABLE_LENGTH_CMD) 3150 cdb_offset = 9; 3151 3152 tf->protocol = ata_scsi_map_proto(cdb[1 + cdb_offset]); 3153 if (tf->protocol == ATA_PROT_UNKNOWN) { 3154 fp = 1; 3155 goto invalid_fld; 3156 } 3157 3158 if (ata_is_ncq(tf->protocol) && (cdb[2 + cdb_offset] & 0x3) == 0) 3159 tf->protocol = ATA_PROT_NCQ_NODATA; 3160 3161 /* enable LBA */ 3162 tf->flags |= ATA_TFLAG_LBA; 3163 3164 /* 3165 * 12 and 16 byte CDBs use different offsets to 3166 * provide the various register values. 3167 */ 3168 if (cdb[0] == ATA_16) { 3169 /* 3170 * 16-byte CDB - may contain extended commands. 3171 * 3172 * If that is the case, copy the upper byte register values. 3173 */ 3174 if (cdb[1] & 0x01) { 3175 tf->hob_feature = cdb[3]; 3176 tf->hob_nsect = cdb[5]; 3177 tf->hob_lbal = cdb[7]; 3178 tf->hob_lbam = cdb[9]; 3179 tf->hob_lbah = cdb[11]; 3180 tf->flags |= ATA_TFLAG_LBA48; 3181 } else 3182 tf->flags &= ~ATA_TFLAG_LBA48; 3183 3184 /* 3185 * Always copy low byte, device and command registers. 3186 */ 3187 tf->feature = cdb[4]; 3188 tf->nsect = cdb[6]; 3189 tf->lbal = cdb[8]; 3190 tf->lbam = cdb[10]; 3191 tf->lbah = cdb[12]; 3192 tf->device = cdb[13]; 3193 tf->command = cdb[14]; 3194 } else if (cdb[0] == ATA_12) { 3195 /* 3196 * 12-byte CDB - incapable of extended commands. 3197 */ 3198 tf->flags &= ~ATA_TFLAG_LBA48; 3199 3200 tf->feature = cdb[3]; 3201 tf->nsect = cdb[4]; 3202 tf->lbal = cdb[5]; 3203 tf->lbam = cdb[6]; 3204 tf->lbah = cdb[7]; 3205 tf->device = cdb[8]; 3206 tf->command = cdb[9]; 3207 } else { 3208 /* 3209 * 32-byte CDB - may contain extended command fields. 3210 * 3211 * If that is the case, copy the upper byte register values. 3212 */ 3213 if (cdb[10] & 0x01) { 3214 tf->hob_feature = cdb[20]; 3215 tf->hob_nsect = cdb[22]; 3216 tf->hob_lbal = cdb[16]; 3217 tf->hob_lbam = cdb[15]; 3218 tf->hob_lbah = cdb[14]; 3219 tf->flags |= ATA_TFLAG_LBA48; 3220 } else 3221 tf->flags &= ~ATA_TFLAG_LBA48; 3222 3223 tf->feature = cdb[21]; 3224 tf->nsect = cdb[23]; 3225 tf->lbal = cdb[19]; 3226 tf->lbam = cdb[18]; 3227 tf->lbah = cdb[17]; 3228 tf->device = cdb[24]; 3229 tf->command = cdb[25]; 3230 tf->auxiliary = get_unaligned_be32(&cdb[28]); 3231 } 3232 3233 /* For NCQ commands copy the tag value */ 3234 if (ata_is_ncq(tf->protocol)) 3235 tf->nsect = qc->tag << 3; 3236 3237 /* enforce correct master/slave bit */ 3238 tf->device = dev->devno ? 3239 tf->device | ATA_DEV1 : tf->device & ~ATA_DEV1; 3240 3241 switch (tf->command) { 3242 /* READ/WRITE LONG use a non-standard sect_size */ 3243 case ATA_CMD_READ_LONG: 3244 case ATA_CMD_READ_LONG_ONCE: 3245 case ATA_CMD_WRITE_LONG: 3246 case ATA_CMD_WRITE_LONG_ONCE: 3247 if (tf->protocol != ATA_PROT_PIO || tf->nsect != 1) { 3248 fp = 1; 3249 goto invalid_fld; 3250 } 3251 qc->sect_size = scsi_bufflen(scmd); 3252 break; 3253 3254 /* commands using reported Logical Block size (e.g. 512 or 4K) */ 3255 case ATA_CMD_CFA_WRITE_NE: 3256 case ATA_CMD_CFA_TRANS_SECT: 3257 case ATA_CMD_CFA_WRITE_MULT_NE: 3258 /* XXX: case ATA_CMD_CFA_WRITE_SECTORS_WITHOUT_ERASE: */ 3259 case ATA_CMD_READ: 3260 case ATA_CMD_READ_EXT: 3261 case ATA_CMD_READ_QUEUED: 3262 /* XXX: case ATA_CMD_READ_QUEUED_EXT: */ 3263 case ATA_CMD_FPDMA_READ: 3264 case ATA_CMD_READ_MULTI: 3265 case ATA_CMD_READ_MULTI_EXT: 3266 case ATA_CMD_PIO_READ: 3267 case ATA_CMD_PIO_READ_EXT: 3268 case ATA_CMD_READ_STREAM_DMA_EXT: 3269 case ATA_CMD_READ_STREAM_EXT: 3270 case ATA_CMD_VERIFY: 3271 case ATA_CMD_VERIFY_EXT: 3272 case ATA_CMD_WRITE: 3273 case ATA_CMD_WRITE_EXT: 3274 case ATA_CMD_WRITE_FUA_EXT: 3275 case ATA_CMD_WRITE_QUEUED: 3276 case ATA_CMD_WRITE_QUEUED_FUA_EXT: 3277 case ATA_CMD_FPDMA_WRITE: 3278 case ATA_CMD_WRITE_MULTI: 3279 case ATA_CMD_WRITE_MULTI_EXT: 3280 case ATA_CMD_WRITE_MULTI_FUA_EXT: 3281 case ATA_CMD_PIO_WRITE: 3282 case ATA_CMD_PIO_WRITE_EXT: 3283 case ATA_CMD_WRITE_STREAM_DMA_EXT: 3284 case ATA_CMD_WRITE_STREAM_EXT: 3285 qc->sect_size = scmd->device->sector_size; 3286 break; 3287 3288 /* Everything else uses 512 byte "sectors" */ 3289 default: 3290 qc->sect_size = ATA_SECT_SIZE; 3291 } 3292 3293 /* 3294 * Set flags so that all registers will be written, pass on 3295 * write indication (used for PIO/DMA setup), result TF is 3296 * copied back and we don't whine too much about its failure. 3297 */ 3298 tf->flags |= ATA_TFLAG_ISADDR | ATA_TFLAG_DEVICE; 3299 if (scmd->sc_data_direction == DMA_TO_DEVICE) 3300 tf->flags |= ATA_TFLAG_WRITE; 3301 3302 qc->flags |= ATA_QCFLAG_RESULT_TF | ATA_QCFLAG_QUIET; 3303 3304 /* 3305 * Set transfer length. 3306 * 3307 * TODO: find out if we need to do more here to 3308 * cover scatter/gather case. 3309 */ 3310 ata_qc_set_pc_nbytes(qc); 3311 3312 /* We may not issue DMA commands if no DMA mode is set */ 3313 if (tf->protocol == ATA_PROT_DMA && dev->dma_mode == 0) { 3314 fp = 1; 3315 goto invalid_fld; 3316 } 3317 3318 /* sanity check for pio multi commands */ 3319 if ((cdb[1] & 0xe0) && !is_multi_taskfile(tf)) { 3320 fp = 1; 3321 goto invalid_fld; 3322 } 3323 3324 if (is_multi_taskfile(tf)) { 3325 unsigned int multi_count = 1 << (cdb[1] >> 5); 3326 3327 /* compare the passed through multi_count 3328 * with the cached multi_count of libata 3329 */ 3330 if (multi_count != dev->multi_count) 3331 ata_dev_warn(dev, "invalid multi_count %u ignored\n", 3332 multi_count); 3333 } 3334 3335 /* 3336 * Filter SET_FEATURES - XFER MODE command -- otherwise, 3337 * SET_FEATURES - XFER MODE must be preceded/succeeded 3338 * by an update to hardware-specific registers for each 3339 * controller (i.e. the reason for ->set_piomode(), 3340 * ->set_dmamode(), and ->post_set_mode() hooks). 3341 */ 3342 if (tf->command == ATA_CMD_SET_FEATURES && 3343 tf->feature == SETFEATURES_XFER) { 3344 fp = (cdb[0] == ATA_16) ? 4 : 3; 3345 goto invalid_fld; 3346 } 3347 3348 /* 3349 * Filter TPM commands by default. These provide an 3350 * essentially uncontrolled encrypted "back door" between 3351 * applications and the disk. Set libata.allow_tpm=1 if you 3352 * have a real reason for wanting to use them. This ensures 3353 * that installed software cannot easily mess stuff up without 3354 * user intent. DVR type users will probably ship with this enabled 3355 * for movie content management. 3356 * 3357 * Note that for ATA8 we can issue a DCS change and DCS freeze lock 3358 * for this and should do in future but that it is not sufficient as 3359 * DCS is an optional feature set. Thus we also do the software filter 3360 * so that we comply with the TC consortium stated goal that the user 3361 * can turn off TC features of their system. 3362 */ 3363 if (tf->command >= 0x5C && tf->command <= 0x5F && !libata_allow_tpm) { 3364 fp = (cdb[0] == ATA_16) ? 14 : 9; 3365 goto invalid_fld; 3366 } 3367 3368 return 0; 3369 3370 invalid_fld: 3371 ata_scsi_set_invalid_field(dev, scmd, fp, 0xff); 3372 return 1; 3373 } 3374 3375 /** 3376 * ata_format_dsm_trim_descr() - SATL Write Same to DSM Trim 3377 * @cmd: SCSI command being translated 3378 * @trmax: Maximum number of entries that will fit in sector_size bytes. 3379 * @sector: Starting sector 3380 * @count: Total Range of request in logical sectors 3381 * 3382 * Rewrite the WRITE SAME descriptor to be a DSM TRIM little-endian formatted 3383 * descriptor. 3384 * 3385 * Upto 64 entries of the format: 3386 * 63:48 Range Length 3387 * 47:0 LBA 3388 * 3389 * Range Length of 0 is ignored. 3390 * LBA's should be sorted order and not overlap. 3391 * 3392 * NOTE: this is the same format as ADD LBA(S) TO NV CACHE PINNED SET 3393 * 3394 * Return: Number of bytes copied into sglist. 3395 */ 3396 static size_t ata_format_dsm_trim_descr(struct scsi_cmnd *cmd, u32 trmax, 3397 u64 sector, u32 count) 3398 { 3399 struct scsi_device *sdp = cmd->device; 3400 size_t len = sdp->sector_size; 3401 size_t r; 3402 __le64 *buf; 3403 u32 i = 0; 3404 unsigned long flags; 3405 3406 WARN_ON(len > ATA_SCSI_RBUF_SIZE); 3407 3408 if (len > ATA_SCSI_RBUF_SIZE) 3409 len = ATA_SCSI_RBUF_SIZE; 3410 3411 spin_lock_irqsave(&ata_scsi_rbuf_lock, flags); 3412 buf = ((void *)ata_scsi_rbuf); 3413 memset(buf, 0, len); 3414 while (i < trmax) { 3415 u64 entry = sector | 3416 ((u64)(count > 0xffff ? 0xffff : count) << 48); 3417 buf[i++] = __cpu_to_le64(entry); 3418 if (count <= 0xffff) 3419 break; 3420 count -= 0xffff; 3421 sector += 0xffff; 3422 } 3423 r = sg_copy_from_buffer(scsi_sglist(cmd), scsi_sg_count(cmd), buf, len); 3424 spin_unlock_irqrestore(&ata_scsi_rbuf_lock, flags); 3425 3426 return r; 3427 } 3428 3429 /** 3430 * ata_scsi_write_same_xlat() - SATL Write Same to ATA SCT Write Same 3431 * @qc: Command to be translated 3432 * 3433 * Translate a SCSI WRITE SAME command to be either a DSM TRIM command or 3434 * an SCT Write Same command. 3435 * Based on WRITE SAME has the UNMAP flag: 3436 * 3437 * - When set translate to DSM TRIM 3438 * - When clear translate to SCT Write Same 3439 */ 3440 static unsigned int ata_scsi_write_same_xlat(struct ata_queued_cmd *qc) 3441 { 3442 struct ata_taskfile *tf = &qc->tf; 3443 struct scsi_cmnd *scmd = qc->scsicmd; 3444 struct scsi_device *sdp = scmd->device; 3445 size_t len = sdp->sector_size; 3446 struct ata_device *dev = qc->dev; 3447 const u8 *cdb = scmd->cmnd; 3448 u64 block; 3449 u32 n_block; 3450 const u32 trmax = len >> 3; 3451 u32 size; 3452 u16 fp; 3453 u8 bp = 0xff; 3454 u8 unmap = cdb[1] & 0x8; 3455 3456 /* we may not issue DMA commands if no DMA mode is set */ 3457 if (unlikely(!dev->dma_mode)) 3458 goto invalid_opcode; 3459 3460 /* 3461 * We only allow sending this command through the block layer, 3462 * as it modifies the DATA OUT buffer, which would corrupt user 3463 * memory for SG_IO commands. 3464 */ 3465 if (unlikely(blk_rq_is_passthrough(scmd->request))) 3466 goto invalid_opcode; 3467 3468 if (unlikely(scmd->cmd_len < 16)) { 3469 fp = 15; 3470 goto invalid_fld; 3471 } 3472 scsi_16_lba_len(cdb, &block, &n_block); 3473 3474 if (!unmap || 3475 (dev->horkage & ATA_HORKAGE_NOTRIM) || 3476 !ata_id_has_trim(dev->id)) { 3477 fp = 1; 3478 bp = 3; 3479 goto invalid_fld; 3480 } 3481 /* If the request is too large the cmd is invalid */ 3482 if (n_block > 0xffff * trmax) { 3483 fp = 2; 3484 goto invalid_fld; 3485 } 3486 3487 /* 3488 * WRITE SAME always has a sector sized buffer as payload, this 3489 * should never be a multiple entry S/G list. 3490 */ 3491 if (!scsi_sg_count(scmd)) 3492 goto invalid_param_len; 3493 3494 /* 3495 * size must match sector size in bytes 3496 * For DATA SET MANAGEMENT TRIM in ACS-2 nsect (aka count) 3497 * is defined as number of 512 byte blocks to be transferred. 3498 */ 3499 3500 size = ata_format_dsm_trim_descr(scmd, trmax, block, n_block); 3501 if (size != len) 3502 goto invalid_param_len; 3503 3504 if (ata_ncq_enabled(dev) && ata_fpdma_dsm_supported(dev)) { 3505 /* Newer devices support queued TRIM commands */ 3506 tf->protocol = ATA_PROT_NCQ; 3507 tf->command = ATA_CMD_FPDMA_SEND; 3508 tf->hob_nsect = ATA_SUBCMD_FPDMA_SEND_DSM & 0x1f; 3509 tf->nsect = qc->tag << 3; 3510 tf->hob_feature = (size / 512) >> 8; 3511 tf->feature = size / 512; 3512 3513 tf->auxiliary = 1; 3514 } else { 3515 tf->protocol = ATA_PROT_DMA; 3516 tf->hob_feature = 0; 3517 tf->feature = ATA_DSM_TRIM; 3518 tf->hob_nsect = (size / 512) >> 8; 3519 tf->nsect = size / 512; 3520 tf->command = ATA_CMD_DSM; 3521 } 3522 3523 tf->flags |= ATA_TFLAG_ISADDR | ATA_TFLAG_DEVICE | ATA_TFLAG_LBA48 | 3524 ATA_TFLAG_WRITE; 3525 3526 ata_qc_set_pc_nbytes(qc); 3527 3528 return 0; 3529 3530 invalid_fld: 3531 ata_scsi_set_invalid_field(dev, scmd, fp, bp); 3532 return 1; 3533 invalid_param_len: 3534 /* "Parameter list length error" */ 3535 ata_scsi_set_sense(dev, scmd, ILLEGAL_REQUEST, 0x1a, 0x0); 3536 return 1; 3537 invalid_opcode: 3538 /* "Invalid command operation code" */ 3539 ata_scsi_set_sense(dev, scmd, ILLEGAL_REQUEST, 0x20, 0x0); 3540 return 1; 3541 } 3542 3543 /** 3544 * ata_scsiop_maint_in - Simulate a subset of MAINTENANCE_IN 3545 * @args: device MAINTENANCE_IN data / SCSI command of interest. 3546 * @rbuf: Response buffer, to which simulated SCSI cmd output is sent. 3547 * 3548 * Yields a subset to satisfy scsi_report_opcode() 3549 * 3550 * LOCKING: 3551 * spin_lock_irqsave(host lock) 3552 */ 3553 static unsigned int ata_scsiop_maint_in(struct ata_scsi_args *args, u8 *rbuf) 3554 { 3555 struct ata_device *dev = args->dev; 3556 u8 *cdb = args->cmd->cmnd; 3557 u8 supported = 0; 3558 unsigned int err = 0; 3559 3560 if (cdb[2] != 1) { 3561 ata_dev_warn(dev, "invalid command format %d\n", cdb[2]); 3562 err = 2; 3563 goto out; 3564 } 3565 switch (cdb[3]) { 3566 case INQUIRY: 3567 case MODE_SENSE: 3568 case MODE_SENSE_10: 3569 case READ_CAPACITY: 3570 case SERVICE_ACTION_IN_16: 3571 case REPORT_LUNS: 3572 case REQUEST_SENSE: 3573 case SYNCHRONIZE_CACHE: 3574 case REZERO_UNIT: 3575 case SEEK_6: 3576 case SEEK_10: 3577 case TEST_UNIT_READY: 3578 case SEND_DIAGNOSTIC: 3579 case MAINTENANCE_IN: 3580 case READ_6: 3581 case READ_10: 3582 case READ_16: 3583 case WRITE_6: 3584 case WRITE_10: 3585 case WRITE_16: 3586 case ATA_12: 3587 case ATA_16: 3588 case VERIFY: 3589 case VERIFY_16: 3590 case MODE_SELECT: 3591 case MODE_SELECT_10: 3592 case START_STOP: 3593 supported = 3; 3594 break; 3595 case ZBC_IN: 3596 case ZBC_OUT: 3597 if (ata_id_zoned_cap(dev->id) || 3598 dev->class == ATA_DEV_ZAC) 3599 supported = 3; 3600 break; 3601 case SECURITY_PROTOCOL_IN: 3602 case SECURITY_PROTOCOL_OUT: 3603 if (dev->flags & ATA_DFLAG_TRUSTED) 3604 supported = 3; 3605 break; 3606 default: 3607 break; 3608 } 3609 out: 3610 rbuf[1] = supported; /* supported */ 3611 return err; 3612 } 3613 3614 /** 3615 * ata_scsi_report_zones_complete - convert ATA output 3616 * @qc: command structure returning the data 3617 * 3618 * Convert T-13 little-endian field representation into 3619 * T-10 big-endian field representation. 3620 * What a mess. 3621 */ 3622 static void ata_scsi_report_zones_complete(struct ata_queued_cmd *qc) 3623 { 3624 struct scsi_cmnd *scmd = qc->scsicmd; 3625 struct sg_mapping_iter miter; 3626 unsigned long flags; 3627 unsigned int bytes = 0; 3628 3629 sg_miter_start(&miter, scsi_sglist(scmd), scsi_sg_count(scmd), 3630 SG_MITER_TO_SG | SG_MITER_ATOMIC); 3631 3632 local_irq_save(flags); 3633 while (sg_miter_next(&miter)) { 3634 unsigned int offset = 0; 3635 3636 if (bytes == 0) { 3637 char *hdr; 3638 u32 list_length; 3639 u64 max_lba, opt_lba; 3640 u16 same; 3641 3642 /* Swizzle header */ 3643 hdr = miter.addr; 3644 list_length = get_unaligned_le32(&hdr[0]); 3645 same = get_unaligned_le16(&hdr[4]); 3646 max_lba = get_unaligned_le64(&hdr[8]); 3647 opt_lba = get_unaligned_le64(&hdr[16]); 3648 put_unaligned_be32(list_length, &hdr[0]); 3649 hdr[4] = same & 0xf; 3650 put_unaligned_be64(max_lba, &hdr[8]); 3651 put_unaligned_be64(opt_lba, &hdr[16]); 3652 offset += 64; 3653 bytes += 64; 3654 } 3655 while (offset < miter.length) { 3656 char *rec; 3657 u8 cond, type, non_seq, reset; 3658 u64 size, start, wp; 3659 3660 /* Swizzle zone descriptor */ 3661 rec = miter.addr + offset; 3662 type = rec[0] & 0xf; 3663 cond = (rec[1] >> 4) & 0xf; 3664 non_seq = (rec[1] & 2); 3665 reset = (rec[1] & 1); 3666 size = get_unaligned_le64(&rec[8]); 3667 start = get_unaligned_le64(&rec[16]); 3668 wp = get_unaligned_le64(&rec[24]); 3669 rec[0] = type; 3670 rec[1] = (cond << 4) | non_seq | reset; 3671 put_unaligned_be64(size, &rec[8]); 3672 put_unaligned_be64(start, &rec[16]); 3673 put_unaligned_be64(wp, &rec[24]); 3674 WARN_ON(offset + 64 > miter.length); 3675 offset += 64; 3676 bytes += 64; 3677 } 3678 } 3679 sg_miter_stop(&miter); 3680 local_irq_restore(flags); 3681 3682 ata_scsi_qc_complete(qc); 3683 } 3684 3685 static unsigned int ata_scsi_zbc_in_xlat(struct ata_queued_cmd *qc) 3686 { 3687 struct ata_taskfile *tf = &qc->tf; 3688 struct scsi_cmnd *scmd = qc->scsicmd; 3689 const u8 *cdb = scmd->cmnd; 3690 u16 sect, fp = (u16)-1; 3691 u8 sa, options, bp = 0xff; 3692 u64 block; 3693 u32 n_block; 3694 3695 if (unlikely(scmd->cmd_len < 16)) { 3696 ata_dev_warn(qc->dev, "invalid cdb length %d\n", 3697 scmd->cmd_len); 3698 fp = 15; 3699 goto invalid_fld; 3700 } 3701 scsi_16_lba_len(cdb, &block, &n_block); 3702 if (n_block != scsi_bufflen(scmd)) { 3703 ata_dev_warn(qc->dev, "non-matching transfer count (%d/%d)\n", 3704 n_block, scsi_bufflen(scmd)); 3705 goto invalid_param_len; 3706 } 3707 sa = cdb[1] & 0x1f; 3708 if (sa != ZI_REPORT_ZONES) { 3709 ata_dev_warn(qc->dev, "invalid service action %d\n", sa); 3710 fp = 1; 3711 goto invalid_fld; 3712 } 3713 /* 3714 * ZAC allows only for transfers in 512 byte blocks, 3715 * and uses a 16 bit value for the transfer count. 3716 */ 3717 if ((n_block / 512) > 0xffff || n_block < 512 || (n_block % 512)) { 3718 ata_dev_warn(qc->dev, "invalid transfer count %d\n", n_block); 3719 goto invalid_param_len; 3720 } 3721 sect = n_block / 512; 3722 options = cdb[14] & 0xbf; 3723 3724 if (ata_ncq_enabled(qc->dev) && 3725 ata_fpdma_zac_mgmt_in_supported(qc->dev)) { 3726 tf->protocol = ATA_PROT_NCQ; 3727 tf->command = ATA_CMD_FPDMA_RECV; 3728 tf->hob_nsect = ATA_SUBCMD_FPDMA_RECV_ZAC_MGMT_IN & 0x1f; 3729 tf->nsect = qc->tag << 3; 3730 tf->feature = sect & 0xff; 3731 tf->hob_feature = (sect >> 8) & 0xff; 3732 tf->auxiliary = ATA_SUBCMD_ZAC_MGMT_IN_REPORT_ZONES | (options << 8); 3733 } else { 3734 tf->command = ATA_CMD_ZAC_MGMT_IN; 3735 tf->feature = ATA_SUBCMD_ZAC_MGMT_IN_REPORT_ZONES; 3736 tf->protocol = ATA_PROT_DMA; 3737 tf->hob_feature = options; 3738 tf->hob_nsect = (sect >> 8) & 0xff; 3739 tf->nsect = sect & 0xff; 3740 } 3741 tf->device = ATA_LBA; 3742 tf->lbah = (block >> 16) & 0xff; 3743 tf->lbam = (block >> 8) & 0xff; 3744 tf->lbal = block & 0xff; 3745 tf->hob_lbah = (block >> 40) & 0xff; 3746 tf->hob_lbam = (block >> 32) & 0xff; 3747 tf->hob_lbal = (block >> 24) & 0xff; 3748 3749 tf->flags |= ATA_TFLAG_ISADDR | ATA_TFLAG_DEVICE | ATA_TFLAG_LBA48; 3750 qc->flags |= ATA_QCFLAG_RESULT_TF; 3751 3752 ata_qc_set_pc_nbytes(qc); 3753 3754 qc->complete_fn = ata_scsi_report_zones_complete; 3755 3756 return 0; 3757 3758 invalid_fld: 3759 ata_scsi_set_invalid_field(qc->dev, scmd, fp, bp); 3760 return 1; 3761 3762 invalid_param_len: 3763 /* "Parameter list length error" */ 3764 ata_scsi_set_sense(qc->dev, scmd, ILLEGAL_REQUEST, 0x1a, 0x0); 3765 return 1; 3766 } 3767 3768 static unsigned int ata_scsi_zbc_out_xlat(struct ata_queued_cmd *qc) 3769 { 3770 struct ata_taskfile *tf = &qc->tf; 3771 struct scsi_cmnd *scmd = qc->scsicmd; 3772 struct ata_device *dev = qc->dev; 3773 const u8 *cdb = scmd->cmnd; 3774 u8 all, sa; 3775 u64 block; 3776 u32 n_block; 3777 u16 fp = (u16)-1; 3778 3779 if (unlikely(scmd->cmd_len < 16)) { 3780 fp = 15; 3781 goto invalid_fld; 3782 } 3783 3784 sa = cdb[1] & 0x1f; 3785 if ((sa != ZO_CLOSE_ZONE) && (sa != ZO_FINISH_ZONE) && 3786 (sa != ZO_OPEN_ZONE) && (sa != ZO_RESET_WRITE_POINTER)) { 3787 fp = 1; 3788 goto invalid_fld; 3789 } 3790 3791 scsi_16_lba_len(cdb, &block, &n_block); 3792 if (n_block) { 3793 /* 3794 * ZAC MANAGEMENT OUT doesn't define any length 3795 */ 3796 goto invalid_param_len; 3797 } 3798 if (block > dev->n_sectors) 3799 goto out_of_range; 3800 3801 all = cdb[14] & 0x1; 3802 3803 if (ata_ncq_enabled(qc->dev) && 3804 ata_fpdma_zac_mgmt_out_supported(qc->dev)) { 3805 tf->protocol = ATA_PROT_NCQ_NODATA; 3806 tf->command = ATA_CMD_NCQ_NON_DATA; 3807 tf->feature = ATA_SUBCMD_NCQ_NON_DATA_ZAC_MGMT_OUT; 3808 tf->nsect = qc->tag << 3; 3809 tf->auxiliary = sa | ((u16)all << 8); 3810 } else { 3811 tf->protocol = ATA_PROT_NODATA; 3812 tf->command = ATA_CMD_ZAC_MGMT_OUT; 3813 tf->feature = sa; 3814 tf->hob_feature = all; 3815 } 3816 tf->lbah = (block >> 16) & 0xff; 3817 tf->lbam = (block >> 8) & 0xff; 3818 tf->lbal = block & 0xff; 3819 tf->hob_lbah = (block >> 40) & 0xff; 3820 tf->hob_lbam = (block >> 32) & 0xff; 3821 tf->hob_lbal = (block >> 24) & 0xff; 3822 tf->device = ATA_LBA; 3823 tf->flags |= ATA_TFLAG_ISADDR | ATA_TFLAG_DEVICE | ATA_TFLAG_LBA48; 3824 3825 return 0; 3826 3827 invalid_fld: 3828 ata_scsi_set_invalid_field(qc->dev, scmd, fp, 0xff); 3829 return 1; 3830 out_of_range: 3831 /* "Logical Block Address out of range" */ 3832 ata_scsi_set_sense(qc->dev, scmd, ILLEGAL_REQUEST, 0x21, 0x00); 3833 return 1; 3834 invalid_param_len: 3835 /* "Parameter list length error" */ 3836 ata_scsi_set_sense(qc->dev, scmd, ILLEGAL_REQUEST, 0x1a, 0x0); 3837 return 1; 3838 } 3839 3840 /** 3841 * ata_mselect_caching - Simulate MODE SELECT for caching info page 3842 * @qc: Storage for translated ATA taskfile 3843 * @buf: input buffer 3844 * @len: number of valid bytes in the input buffer 3845 * @fp: out parameter for the failed field on error 3846 * 3847 * Prepare a taskfile to modify caching information for the device. 3848 * 3849 * LOCKING: 3850 * None. 3851 */ 3852 static int ata_mselect_caching(struct ata_queued_cmd *qc, 3853 const u8 *buf, int len, u16 *fp) 3854 { 3855 struct ata_taskfile *tf = &qc->tf; 3856 struct ata_device *dev = qc->dev; 3857 u8 mpage[CACHE_MPAGE_LEN]; 3858 u8 wce; 3859 int i; 3860 3861 /* 3862 * The first two bytes of def_cache_mpage are a header, so offsets 3863 * in mpage are off by 2 compared to buf. Same for len. 3864 */ 3865 3866 if (len != CACHE_MPAGE_LEN - 2) { 3867 if (len < CACHE_MPAGE_LEN - 2) 3868 *fp = len; 3869 else 3870 *fp = CACHE_MPAGE_LEN - 2; 3871 return -EINVAL; 3872 } 3873 3874 wce = buf[0] & (1 << 2); 3875 3876 /* 3877 * Check that read-only bits are not modified. 3878 */ 3879 ata_msense_caching(dev->id, mpage, false); 3880 for (i = 0; i < CACHE_MPAGE_LEN - 2; i++) { 3881 if (i == 0) 3882 continue; 3883 if (mpage[i + 2] != buf[i]) { 3884 *fp = i; 3885 return -EINVAL; 3886 } 3887 } 3888 3889 tf->flags |= ATA_TFLAG_DEVICE | ATA_TFLAG_ISADDR; 3890 tf->protocol = ATA_PROT_NODATA; 3891 tf->nsect = 0; 3892 tf->command = ATA_CMD_SET_FEATURES; 3893 tf->feature = wce ? SETFEATURES_WC_ON : SETFEATURES_WC_OFF; 3894 return 0; 3895 } 3896 3897 /** 3898 * ata_mselect_control - Simulate MODE SELECT for control page 3899 * @qc: Storage for translated ATA taskfile 3900 * @buf: input buffer 3901 * @len: number of valid bytes in the input buffer 3902 * @fp: out parameter for the failed field on error 3903 * 3904 * Prepare a taskfile to modify caching information for the device. 3905 * 3906 * LOCKING: 3907 * None. 3908 */ 3909 static int ata_mselect_control(struct ata_queued_cmd *qc, 3910 const u8 *buf, int len, u16 *fp) 3911 { 3912 struct ata_device *dev = qc->dev; 3913 u8 mpage[CONTROL_MPAGE_LEN]; 3914 u8 d_sense; 3915 int i; 3916 3917 /* 3918 * The first two bytes of def_control_mpage are a header, so offsets 3919 * in mpage are off by 2 compared to buf. Same for len. 3920 */ 3921 3922 if (len != CONTROL_MPAGE_LEN - 2) { 3923 if (len < CONTROL_MPAGE_LEN - 2) 3924 *fp = len; 3925 else 3926 *fp = CONTROL_MPAGE_LEN - 2; 3927 return -EINVAL; 3928 } 3929 3930 d_sense = buf[0] & (1 << 2); 3931 3932 /* 3933 * Check that read-only bits are not modified. 3934 */ 3935 ata_msense_control(dev, mpage, false); 3936 for (i = 0; i < CONTROL_MPAGE_LEN - 2; i++) { 3937 if (i == 0) 3938 continue; 3939 if (mpage[2 + i] != buf[i]) { 3940 *fp = i; 3941 return -EINVAL; 3942 } 3943 } 3944 if (d_sense & (1 << 2)) 3945 dev->flags |= ATA_DFLAG_D_SENSE; 3946 else 3947 dev->flags &= ~ATA_DFLAG_D_SENSE; 3948 return 0; 3949 } 3950 3951 /** 3952 * ata_scsi_mode_select_xlat - Simulate MODE SELECT 6, 10 commands 3953 * @qc: Storage for translated ATA taskfile 3954 * 3955 * Converts a MODE SELECT command to an ATA SET FEATURES taskfile. 3956 * Assume this is invoked for direct access devices (e.g. disks) only. 3957 * There should be no block descriptor for other device types. 3958 * 3959 * LOCKING: 3960 * spin_lock_irqsave(host lock) 3961 */ 3962 static unsigned int ata_scsi_mode_select_xlat(struct ata_queued_cmd *qc) 3963 { 3964 struct scsi_cmnd *scmd = qc->scsicmd; 3965 const u8 *cdb = scmd->cmnd; 3966 const u8 *p; 3967 u8 pg, spg; 3968 unsigned six_byte, pg_len, hdr_len, bd_len; 3969 int len; 3970 u16 fp = (u16)-1; 3971 u8 bp = 0xff; 3972 3973 VPRINTK("ENTER\n"); 3974 3975 six_byte = (cdb[0] == MODE_SELECT); 3976 if (six_byte) { 3977 if (scmd->cmd_len < 5) { 3978 fp = 4; 3979 goto invalid_fld; 3980 } 3981 3982 len = cdb[4]; 3983 hdr_len = 4; 3984 } else { 3985 if (scmd->cmd_len < 9) { 3986 fp = 8; 3987 goto invalid_fld; 3988 } 3989 3990 len = (cdb[7] << 8) + cdb[8]; 3991 hdr_len = 8; 3992 } 3993 3994 /* We only support PF=1, SP=0. */ 3995 if ((cdb[1] & 0x11) != 0x10) { 3996 fp = 1; 3997 bp = (cdb[1] & 0x01) ? 1 : 5; 3998 goto invalid_fld; 3999 } 4000 4001 /* Test early for possible overrun. */ 4002 if (!scsi_sg_count(scmd) || scsi_sglist(scmd)->length < len) 4003 goto invalid_param_len; 4004 4005 p = page_address(sg_page(scsi_sglist(scmd))); 4006 4007 /* Move past header and block descriptors. */ 4008 if (len < hdr_len) 4009 goto invalid_param_len; 4010 4011 if (six_byte) 4012 bd_len = p[3]; 4013 else 4014 bd_len = (p[6] << 8) + p[7]; 4015 4016 len -= hdr_len; 4017 p += hdr_len; 4018 if (len < bd_len) 4019 goto invalid_param_len; 4020 if (bd_len != 0 && bd_len != 8) { 4021 fp = (six_byte) ? 3 : 6; 4022 fp += bd_len + hdr_len; 4023 goto invalid_param; 4024 } 4025 4026 len -= bd_len; 4027 p += bd_len; 4028 if (len == 0) 4029 goto skip; 4030 4031 /* Parse both possible formats for the mode page headers. */ 4032 pg = p[0] & 0x3f; 4033 if (p[0] & 0x40) { 4034 if (len < 4) 4035 goto invalid_param_len; 4036 4037 spg = p[1]; 4038 pg_len = (p[2] << 8) | p[3]; 4039 p += 4; 4040 len -= 4; 4041 } else { 4042 if (len < 2) 4043 goto invalid_param_len; 4044 4045 spg = 0; 4046 pg_len = p[1]; 4047 p += 2; 4048 len -= 2; 4049 } 4050 4051 /* 4052 * No mode subpages supported (yet) but asking for _all_ 4053 * subpages may be valid 4054 */ 4055 if (spg && (spg != ALL_SUB_MPAGES)) { 4056 fp = (p[0] & 0x40) ? 1 : 0; 4057 fp += hdr_len + bd_len; 4058 goto invalid_param; 4059 } 4060 if (pg_len > len) 4061 goto invalid_param_len; 4062 4063 switch (pg) { 4064 case CACHE_MPAGE: 4065 if (ata_mselect_caching(qc, p, pg_len, &fp) < 0) { 4066 fp += hdr_len + bd_len; 4067 goto invalid_param; 4068 } 4069 break; 4070 case CONTROL_MPAGE: 4071 if (ata_mselect_control(qc, p, pg_len, &fp) < 0) { 4072 fp += hdr_len + bd_len; 4073 goto invalid_param; 4074 } else { 4075 goto skip; /* No ATA command to send */ 4076 } 4077 break; 4078 default: /* invalid page code */ 4079 fp = bd_len + hdr_len; 4080 goto invalid_param; 4081 } 4082 4083 /* 4084 * Only one page has changeable data, so we only support setting one 4085 * page at a time. 4086 */ 4087 if (len > pg_len) 4088 goto invalid_param; 4089 4090 return 0; 4091 4092 invalid_fld: 4093 ata_scsi_set_invalid_field(qc->dev, scmd, fp, bp); 4094 return 1; 4095 4096 invalid_param: 4097 ata_scsi_set_invalid_parameter(qc->dev, scmd, fp); 4098 return 1; 4099 4100 invalid_param_len: 4101 /* "Parameter list length error" */ 4102 ata_scsi_set_sense(qc->dev, scmd, ILLEGAL_REQUEST, 0x1a, 0x0); 4103 return 1; 4104 4105 skip: 4106 scmd->result = SAM_STAT_GOOD; 4107 return 1; 4108 } 4109 4110 static u8 ata_scsi_trusted_op(u32 len, bool send, bool dma) 4111 { 4112 if (len == 0) 4113 return ATA_CMD_TRUSTED_NONDATA; 4114 else if (send) 4115 return dma ? ATA_CMD_TRUSTED_SND_DMA : ATA_CMD_TRUSTED_SND; 4116 else 4117 return dma ? ATA_CMD_TRUSTED_RCV_DMA : ATA_CMD_TRUSTED_RCV; 4118 } 4119 4120 static unsigned int ata_scsi_security_inout_xlat(struct ata_queued_cmd *qc) 4121 { 4122 struct scsi_cmnd *scmd = qc->scsicmd; 4123 const u8 *cdb = scmd->cmnd; 4124 struct ata_taskfile *tf = &qc->tf; 4125 u8 secp = cdb[1]; 4126 bool send = (cdb[0] == SECURITY_PROTOCOL_OUT); 4127 u16 spsp = get_unaligned_be16(&cdb[2]); 4128 u32 len = get_unaligned_be32(&cdb[6]); 4129 bool dma = !(qc->dev->flags & ATA_DFLAG_PIO); 4130 4131 /* 4132 * We don't support the ATA "security" protocol. 4133 */ 4134 if (secp == 0xef) { 4135 ata_scsi_set_invalid_field(qc->dev, scmd, 1, 0); 4136 return 1; 4137 } 4138 4139 if (cdb[4] & 7) { /* INC_512 */ 4140 if (len > 0xffff) { 4141 ata_scsi_set_invalid_field(qc->dev, scmd, 6, 0); 4142 return 1; 4143 } 4144 } else { 4145 if (len > 0x01fffe00) { 4146 ata_scsi_set_invalid_field(qc->dev, scmd, 6, 0); 4147 return 1; 4148 } 4149 4150 /* convert to the sector-based ATA addressing */ 4151 len = (len + 511) / 512; 4152 } 4153 4154 tf->protocol = dma ? ATA_PROT_DMA : ATA_PROT_PIO; 4155 tf->flags |= ATA_TFLAG_DEVICE | ATA_TFLAG_ISADDR | ATA_TFLAG_LBA; 4156 if (send) 4157 tf->flags |= ATA_TFLAG_WRITE; 4158 tf->command = ata_scsi_trusted_op(len, send, dma); 4159 tf->feature = secp; 4160 tf->lbam = spsp & 0xff; 4161 tf->lbah = spsp >> 8; 4162 4163 if (len) { 4164 tf->nsect = len & 0xff; 4165 tf->lbal = len >> 8; 4166 } else { 4167 if (!send) 4168 tf->lbah = (1 << 7); 4169 } 4170 4171 ata_qc_set_pc_nbytes(qc); 4172 return 0; 4173 } 4174 4175 /** 4176 * ata_scsi_var_len_cdb_xlat - SATL variable length CDB to Handler 4177 * @qc: Command to be translated 4178 * 4179 * Translate a SCSI variable length CDB to specified commands. 4180 * It checks a service action value in CDB to call corresponding handler. 4181 * 4182 * RETURNS: 4183 * Zero on success, non-zero on failure 4184 * 4185 */ 4186 static unsigned int ata_scsi_var_len_cdb_xlat(struct ata_queued_cmd *qc) 4187 { 4188 struct scsi_cmnd *scmd = qc->scsicmd; 4189 const u8 *cdb = scmd->cmnd; 4190 const u16 sa = get_unaligned_be16(&cdb[8]); 4191 4192 /* 4193 * if service action represents a ata pass-thru(32) command, 4194 * then pass it to ata_scsi_pass_thru handler. 4195 */ 4196 if (sa == ATA_32) 4197 return ata_scsi_pass_thru(qc); 4198 4199 /* unsupported service action */ 4200 return 1; 4201 } 4202 4203 /** 4204 * ata_get_xlat_func - check if SCSI to ATA translation is possible 4205 * @dev: ATA device 4206 * @cmd: SCSI command opcode to consider 4207 * 4208 * Look up the SCSI command given, and determine whether the 4209 * SCSI command is to be translated or simulated. 4210 * 4211 * RETURNS: 4212 * Pointer to translation function if possible, %NULL if not. 4213 */ 4214 4215 static inline ata_xlat_func_t ata_get_xlat_func(struct ata_device *dev, u8 cmd) 4216 { 4217 switch (cmd) { 4218 case READ_6: 4219 case READ_10: 4220 case READ_16: 4221 4222 case WRITE_6: 4223 case WRITE_10: 4224 case WRITE_16: 4225 return ata_scsi_rw_xlat; 4226 4227 case WRITE_SAME_16: 4228 return ata_scsi_write_same_xlat; 4229 4230 case SYNCHRONIZE_CACHE: 4231 if (ata_try_flush_cache(dev)) 4232 return ata_scsi_flush_xlat; 4233 break; 4234 4235 case VERIFY: 4236 case VERIFY_16: 4237 return ata_scsi_verify_xlat; 4238 4239 case ATA_12: 4240 case ATA_16: 4241 return ata_scsi_pass_thru; 4242 4243 case VARIABLE_LENGTH_CMD: 4244 return ata_scsi_var_len_cdb_xlat; 4245 4246 case MODE_SELECT: 4247 case MODE_SELECT_10: 4248 return ata_scsi_mode_select_xlat; 4249 break; 4250 4251 case ZBC_IN: 4252 return ata_scsi_zbc_in_xlat; 4253 4254 case ZBC_OUT: 4255 return ata_scsi_zbc_out_xlat; 4256 4257 case SECURITY_PROTOCOL_IN: 4258 case SECURITY_PROTOCOL_OUT: 4259 if (!(dev->flags & ATA_DFLAG_TRUSTED)) 4260 break; 4261 return ata_scsi_security_inout_xlat; 4262 4263 case START_STOP: 4264 return ata_scsi_start_stop_xlat; 4265 } 4266 4267 return NULL; 4268 } 4269 4270 /** 4271 * ata_scsi_dump_cdb - dump SCSI command contents to dmesg 4272 * @ap: ATA port to which the command was being sent 4273 * @cmd: SCSI command to dump 4274 * 4275 * Prints the contents of a SCSI command via printk(). 4276 */ 4277 4278 static inline void ata_scsi_dump_cdb(struct ata_port *ap, 4279 struct scsi_cmnd *cmd) 4280 { 4281 #ifdef ATA_DEBUG 4282 struct scsi_device *scsidev = cmd->device; 4283 4284 DPRINTK("CDB (%u:%d,%d,%d) %9ph\n", 4285 ap->print_id, 4286 scsidev->channel, scsidev->id, scsidev->lun, 4287 cmd->cmnd); 4288 #endif 4289 } 4290 4291 static inline int __ata_scsi_queuecmd(struct scsi_cmnd *scmd, 4292 struct ata_device *dev) 4293 { 4294 u8 scsi_op = scmd->cmnd[0]; 4295 ata_xlat_func_t xlat_func; 4296 int rc = 0; 4297 4298 if (dev->class == ATA_DEV_ATA || dev->class == ATA_DEV_ZAC) { 4299 if (unlikely(!scmd->cmd_len || scmd->cmd_len > dev->cdb_len)) 4300 goto bad_cdb_len; 4301 4302 xlat_func = ata_get_xlat_func(dev, scsi_op); 4303 } else { 4304 if (unlikely(!scmd->cmd_len)) 4305 goto bad_cdb_len; 4306 4307 xlat_func = NULL; 4308 if (likely((scsi_op != ATA_16) || !atapi_passthru16)) { 4309 /* relay SCSI command to ATAPI device */ 4310 int len = COMMAND_SIZE(scsi_op); 4311 if (unlikely(len > scmd->cmd_len || len > dev->cdb_len)) 4312 goto bad_cdb_len; 4313 4314 xlat_func = atapi_xlat; 4315 } else { 4316 /* ATA_16 passthru, treat as an ATA command */ 4317 if (unlikely(scmd->cmd_len > 16)) 4318 goto bad_cdb_len; 4319 4320 xlat_func = ata_get_xlat_func(dev, scsi_op); 4321 } 4322 } 4323 4324 if (xlat_func) 4325 rc = ata_scsi_translate(dev, scmd, xlat_func); 4326 else 4327 ata_scsi_simulate(dev, scmd); 4328 4329 return rc; 4330 4331 bad_cdb_len: 4332 DPRINTK("bad CDB len=%u, scsi_op=0x%02x, max=%u\n", 4333 scmd->cmd_len, scsi_op, dev->cdb_len); 4334 scmd->result = DID_ERROR << 16; 4335 scmd->scsi_done(scmd); 4336 return 0; 4337 } 4338 4339 /** 4340 * ata_scsi_queuecmd - Issue SCSI cdb to libata-managed device 4341 * @shost: SCSI host of command to be sent 4342 * @cmd: SCSI command to be sent 4343 * 4344 * In some cases, this function translates SCSI commands into 4345 * ATA taskfiles, and queues the taskfiles to be sent to 4346 * hardware. In other cases, this function simulates a 4347 * SCSI device by evaluating and responding to certain 4348 * SCSI commands. This creates the overall effect of 4349 * ATA and ATAPI devices appearing as SCSI devices. 4350 * 4351 * LOCKING: 4352 * ATA host lock 4353 * 4354 * RETURNS: 4355 * Return value from __ata_scsi_queuecmd() if @cmd can be queued, 4356 * 0 otherwise. 4357 */ 4358 int ata_scsi_queuecmd(struct Scsi_Host *shost, struct scsi_cmnd *cmd) 4359 { 4360 struct ata_port *ap; 4361 struct ata_device *dev; 4362 struct scsi_device *scsidev = cmd->device; 4363 int rc = 0; 4364 unsigned long irq_flags; 4365 4366 ap = ata_shost_to_port(shost); 4367 4368 spin_lock_irqsave(ap->lock, irq_flags); 4369 4370 ata_scsi_dump_cdb(ap, cmd); 4371 4372 dev = ata_scsi_find_dev(ap, scsidev); 4373 if (likely(dev)) 4374 rc = __ata_scsi_queuecmd(cmd, dev); 4375 else { 4376 cmd->result = (DID_BAD_TARGET << 16); 4377 cmd->scsi_done(cmd); 4378 } 4379 4380 spin_unlock_irqrestore(ap->lock, irq_flags); 4381 4382 return rc; 4383 } 4384 4385 /** 4386 * ata_scsi_simulate - simulate SCSI command on ATA device 4387 * @dev: the target device 4388 * @cmd: SCSI command being sent to device. 4389 * 4390 * Interprets and directly executes a select list of SCSI commands 4391 * that can be handled internally. 4392 * 4393 * LOCKING: 4394 * spin_lock_irqsave(host lock) 4395 */ 4396 4397 void ata_scsi_simulate(struct ata_device *dev, struct scsi_cmnd *cmd) 4398 { 4399 struct ata_scsi_args args; 4400 const u8 *scsicmd = cmd->cmnd; 4401 u8 tmp8; 4402 4403 args.dev = dev; 4404 args.id = dev->id; 4405 args.cmd = cmd; 4406 4407 switch(scsicmd[0]) { 4408 case INQUIRY: 4409 if (scsicmd[1] & 2) /* is CmdDt set? */ 4410 ata_scsi_set_invalid_field(dev, cmd, 1, 0xff); 4411 else if ((scsicmd[1] & 1) == 0) /* is EVPD clear? */ 4412 ata_scsi_rbuf_fill(&args, ata_scsiop_inq_std); 4413 else switch (scsicmd[2]) { 4414 case 0x00: 4415 ata_scsi_rbuf_fill(&args, ata_scsiop_inq_00); 4416 break; 4417 case 0x80: 4418 ata_scsi_rbuf_fill(&args, ata_scsiop_inq_80); 4419 break; 4420 case 0x83: 4421 ata_scsi_rbuf_fill(&args, ata_scsiop_inq_83); 4422 break; 4423 case 0x89: 4424 ata_scsi_rbuf_fill(&args, ata_scsiop_inq_89); 4425 break; 4426 case 0xb0: 4427 ata_scsi_rbuf_fill(&args, ata_scsiop_inq_b0); 4428 break; 4429 case 0xb1: 4430 ata_scsi_rbuf_fill(&args, ata_scsiop_inq_b1); 4431 break; 4432 case 0xb2: 4433 ata_scsi_rbuf_fill(&args, ata_scsiop_inq_b2); 4434 break; 4435 case 0xb6: 4436 if (dev->flags & ATA_DFLAG_ZAC) { 4437 ata_scsi_rbuf_fill(&args, ata_scsiop_inq_b6); 4438 break; 4439 } 4440 /* Fallthrough */ 4441 default: 4442 ata_scsi_set_invalid_field(dev, cmd, 2, 0xff); 4443 break; 4444 } 4445 break; 4446 4447 case MODE_SENSE: 4448 case MODE_SENSE_10: 4449 ata_scsi_rbuf_fill(&args, ata_scsiop_mode_sense); 4450 break; 4451 4452 case READ_CAPACITY: 4453 ata_scsi_rbuf_fill(&args, ata_scsiop_read_cap); 4454 break; 4455 4456 case SERVICE_ACTION_IN_16: 4457 if ((scsicmd[1] & 0x1f) == SAI_READ_CAPACITY_16) 4458 ata_scsi_rbuf_fill(&args, ata_scsiop_read_cap); 4459 else 4460 ata_scsi_set_invalid_field(dev, cmd, 1, 0xff); 4461 break; 4462 4463 case REPORT_LUNS: 4464 ata_scsi_rbuf_fill(&args, ata_scsiop_report_luns); 4465 break; 4466 4467 case REQUEST_SENSE: 4468 ata_scsi_set_sense(dev, cmd, 0, 0, 0); 4469 cmd->result = (DRIVER_SENSE << 24); 4470 break; 4471 4472 /* if we reach this, then writeback caching is disabled, 4473 * turning this into a no-op. 4474 */ 4475 case SYNCHRONIZE_CACHE: 4476 /* fall through */ 4477 4478 /* no-op's, complete with success */ 4479 case REZERO_UNIT: 4480 case SEEK_6: 4481 case SEEK_10: 4482 case TEST_UNIT_READY: 4483 break; 4484 4485 case SEND_DIAGNOSTIC: 4486 tmp8 = scsicmd[1] & ~(1 << 3); 4487 if (tmp8 != 0x4 || scsicmd[3] || scsicmd[4]) 4488 ata_scsi_set_invalid_field(dev, cmd, 1, 0xff); 4489 break; 4490 4491 case MAINTENANCE_IN: 4492 if (scsicmd[1] == MI_REPORT_SUPPORTED_OPERATION_CODES) 4493 ata_scsi_rbuf_fill(&args, ata_scsiop_maint_in); 4494 else 4495 ata_scsi_set_invalid_field(dev, cmd, 1, 0xff); 4496 break; 4497 4498 /* all other commands */ 4499 default: 4500 ata_scsi_set_sense(dev, cmd, ILLEGAL_REQUEST, 0x20, 0x0); 4501 /* "Invalid command operation code" */ 4502 break; 4503 } 4504 4505 cmd->scsi_done(cmd); 4506 } 4507 4508 int ata_scsi_add_hosts(struct ata_host *host, struct scsi_host_template *sht) 4509 { 4510 int i, rc; 4511 4512 for (i = 0; i < host->n_ports; i++) { 4513 struct ata_port *ap = host->ports[i]; 4514 struct Scsi_Host *shost; 4515 4516 rc = -ENOMEM; 4517 shost = scsi_host_alloc(sht, sizeof(struct ata_port *)); 4518 if (!shost) 4519 goto err_alloc; 4520 4521 shost->eh_noresume = 1; 4522 *(struct ata_port **)&shost->hostdata[0] = ap; 4523 ap->scsi_host = shost; 4524 4525 shost->transportt = ata_scsi_transport_template; 4526 shost->unique_id = ap->print_id; 4527 shost->max_id = 16; 4528 shost->max_lun = 1; 4529 shost->max_channel = 1; 4530 shost->max_cmd_len = 32; 4531 4532 /* Schedule policy is determined by ->qc_defer() 4533 * callback and it needs to see every deferred qc. 4534 * Set host_blocked to 1 to prevent SCSI midlayer from 4535 * automatically deferring requests. 4536 */ 4537 shost->max_host_blocked = 1; 4538 4539 rc = scsi_add_host_with_dma(ap->scsi_host, 4540 &ap->tdev, ap->host->dev); 4541 if (rc) 4542 goto err_add; 4543 } 4544 4545 return 0; 4546 4547 err_add: 4548 scsi_host_put(host->ports[i]->scsi_host); 4549 err_alloc: 4550 while (--i >= 0) { 4551 struct Scsi_Host *shost = host->ports[i]->scsi_host; 4552 4553 scsi_remove_host(shost); 4554 scsi_host_put(shost); 4555 } 4556 return rc; 4557 } 4558 4559 void ata_scsi_scan_host(struct ata_port *ap, int sync) 4560 { 4561 int tries = 5; 4562 struct ata_device *last_failed_dev = NULL; 4563 struct ata_link *link; 4564 struct ata_device *dev; 4565 4566 repeat: 4567 ata_for_each_link(link, ap, EDGE) { 4568 ata_for_each_dev(dev, link, ENABLED) { 4569 struct scsi_device *sdev; 4570 int channel = 0, id = 0; 4571 4572 if (dev->sdev) 4573 continue; 4574 4575 if (ata_is_host_link(link)) 4576 id = dev->devno; 4577 else 4578 channel = link->pmp; 4579 4580 sdev = __scsi_add_device(ap->scsi_host, channel, id, 0, 4581 NULL); 4582 if (!IS_ERR(sdev)) { 4583 dev->sdev = sdev; 4584 scsi_device_put(sdev); 4585 } else { 4586 dev->sdev = NULL; 4587 } 4588 } 4589 } 4590 4591 /* If we scanned while EH was in progress or allocation 4592 * failure occurred, scan would have failed silently. Check 4593 * whether all devices are attached. 4594 */ 4595 ata_for_each_link(link, ap, EDGE) { 4596 ata_for_each_dev(dev, link, ENABLED) { 4597 if (!dev->sdev) 4598 goto exit_loop; 4599 } 4600 } 4601 exit_loop: 4602 if (!link) 4603 return; 4604 4605 /* we're missing some SCSI devices */ 4606 if (sync) { 4607 /* If caller requested synchrnous scan && we've made 4608 * any progress, sleep briefly and repeat. 4609 */ 4610 if (dev != last_failed_dev) { 4611 msleep(100); 4612 last_failed_dev = dev; 4613 goto repeat; 4614 } 4615 4616 /* We might be failing to detect boot device, give it 4617 * a few more chances. 4618 */ 4619 if (--tries) { 4620 msleep(100); 4621 goto repeat; 4622 } 4623 4624 ata_port_err(ap, 4625 "WARNING: synchronous SCSI scan failed without making any progress, switching to async\n"); 4626 } 4627 4628 queue_delayed_work(system_long_wq, &ap->hotplug_task, 4629 round_jiffies_relative(HZ)); 4630 } 4631 4632 /** 4633 * ata_scsi_offline_dev - offline attached SCSI device 4634 * @dev: ATA device to offline attached SCSI device for 4635 * 4636 * This function is called from ata_eh_hotplug() and responsible 4637 * for taking the SCSI device attached to @dev offline. This 4638 * function is called with host lock which protects dev->sdev 4639 * against clearing. 4640 * 4641 * LOCKING: 4642 * spin_lock_irqsave(host lock) 4643 * 4644 * RETURNS: 4645 * 1 if attached SCSI device exists, 0 otherwise. 4646 */ 4647 int ata_scsi_offline_dev(struct ata_device *dev) 4648 { 4649 if (dev->sdev) { 4650 scsi_device_set_state(dev->sdev, SDEV_OFFLINE); 4651 return 1; 4652 } 4653 return 0; 4654 } 4655 4656 /** 4657 * ata_scsi_remove_dev - remove attached SCSI device 4658 * @dev: ATA device to remove attached SCSI device for 4659 * 4660 * This function is called from ata_eh_scsi_hotplug() and 4661 * responsible for removing the SCSI device attached to @dev. 4662 * 4663 * LOCKING: 4664 * Kernel thread context (may sleep). 4665 */ 4666 static void ata_scsi_remove_dev(struct ata_device *dev) 4667 { 4668 struct ata_port *ap = dev->link->ap; 4669 struct scsi_device *sdev; 4670 unsigned long flags; 4671 4672 /* Alas, we need to grab scan_mutex to ensure SCSI device 4673 * state doesn't change underneath us and thus 4674 * scsi_device_get() always succeeds. The mutex locking can 4675 * be removed if there is __scsi_device_get() interface which 4676 * increments reference counts regardless of device state. 4677 */ 4678 mutex_lock(&ap->scsi_host->scan_mutex); 4679 spin_lock_irqsave(ap->lock, flags); 4680 4681 /* clearing dev->sdev is protected by host lock */ 4682 sdev = dev->sdev; 4683 dev->sdev = NULL; 4684 4685 if (sdev) { 4686 /* If user initiated unplug races with us, sdev can go 4687 * away underneath us after the host lock and 4688 * scan_mutex are released. Hold onto it. 4689 */ 4690 if (scsi_device_get(sdev) == 0) { 4691 /* The following ensures the attached sdev is 4692 * offline on return from ata_scsi_offline_dev() 4693 * regardless it wins or loses the race 4694 * against this function. 4695 */ 4696 scsi_device_set_state(sdev, SDEV_OFFLINE); 4697 } else { 4698 WARN_ON(1); 4699 sdev = NULL; 4700 } 4701 } 4702 4703 spin_unlock_irqrestore(ap->lock, flags); 4704 mutex_unlock(&ap->scsi_host->scan_mutex); 4705 4706 if (sdev) { 4707 ata_dev_info(dev, "detaching (SCSI %s)\n", 4708 dev_name(&sdev->sdev_gendev)); 4709 4710 scsi_remove_device(sdev); 4711 scsi_device_put(sdev); 4712 } 4713 } 4714 4715 static void ata_scsi_handle_link_detach(struct ata_link *link) 4716 { 4717 struct ata_port *ap = link->ap; 4718 struct ata_device *dev; 4719 4720 ata_for_each_dev(dev, link, ALL) { 4721 unsigned long flags; 4722 4723 if (!(dev->flags & ATA_DFLAG_DETACHED)) 4724 continue; 4725 4726 spin_lock_irqsave(ap->lock, flags); 4727 dev->flags &= ~ATA_DFLAG_DETACHED; 4728 spin_unlock_irqrestore(ap->lock, flags); 4729 4730 if (zpodd_dev_enabled(dev)) 4731 zpodd_exit(dev); 4732 4733 ata_scsi_remove_dev(dev); 4734 } 4735 } 4736 4737 /** 4738 * ata_scsi_media_change_notify - send media change event 4739 * @dev: Pointer to the disk device with media change event 4740 * 4741 * Tell the block layer to send a media change notification 4742 * event. 4743 * 4744 * LOCKING: 4745 * spin_lock_irqsave(host lock) 4746 */ 4747 void ata_scsi_media_change_notify(struct ata_device *dev) 4748 { 4749 if (dev->sdev) 4750 sdev_evt_send_simple(dev->sdev, SDEV_EVT_MEDIA_CHANGE, 4751 GFP_ATOMIC); 4752 } 4753 4754 /** 4755 * ata_scsi_hotplug - SCSI part of hotplug 4756 * @work: Pointer to ATA port to perform SCSI hotplug on 4757 * 4758 * Perform SCSI part of hotplug. It's executed from a separate 4759 * workqueue after EH completes. This is necessary because SCSI 4760 * hot plugging requires working EH and hot unplugging is 4761 * synchronized with hot plugging with a mutex. 4762 * 4763 * LOCKING: 4764 * Kernel thread context (may sleep). 4765 */ 4766 void ata_scsi_hotplug(struct work_struct *work) 4767 { 4768 struct ata_port *ap = 4769 container_of(work, struct ata_port, hotplug_task.work); 4770 int i; 4771 4772 if (ap->pflags & ATA_PFLAG_UNLOADING) { 4773 DPRINTK("ENTER/EXIT - unloading\n"); 4774 return; 4775 } 4776 4777 /* 4778 * XXX - UGLY HACK 4779 * 4780 * The block layer suspend/resume path is fundamentally broken due 4781 * to freezable kthreads and workqueue and may deadlock if a block 4782 * device gets removed while resume is in progress. I don't know 4783 * what the solution is short of removing freezable kthreads and 4784 * workqueues altogether. 4785 * 4786 * The following is an ugly hack to avoid kicking off device 4787 * removal while freezer is active. This is a joke but does avoid 4788 * this particular deadlock scenario. 4789 * 4790 * https://bugzilla.kernel.org/show_bug.cgi?id=62801 4791 * http://marc.info/?l=linux-kernel&m=138695698516487 4792 */ 4793 #ifdef CONFIG_FREEZER 4794 while (pm_freezing) 4795 msleep(10); 4796 #endif 4797 4798 DPRINTK("ENTER\n"); 4799 mutex_lock(&ap->scsi_scan_mutex); 4800 4801 /* Unplug detached devices. We cannot use link iterator here 4802 * because PMP links have to be scanned even if PMP is 4803 * currently not attached. Iterate manually. 4804 */ 4805 ata_scsi_handle_link_detach(&ap->link); 4806 if (ap->pmp_link) 4807 for (i = 0; i < SATA_PMP_MAX_PORTS; i++) 4808 ata_scsi_handle_link_detach(&ap->pmp_link[i]); 4809 4810 /* scan for new ones */ 4811 ata_scsi_scan_host(ap, 0); 4812 4813 mutex_unlock(&ap->scsi_scan_mutex); 4814 DPRINTK("EXIT\n"); 4815 } 4816 4817 /** 4818 * ata_scsi_user_scan - indication for user-initiated bus scan 4819 * @shost: SCSI host to scan 4820 * @channel: Channel to scan 4821 * @id: ID to scan 4822 * @lun: LUN to scan 4823 * 4824 * This function is called when user explicitly requests bus 4825 * scan. Set probe pending flag and invoke EH. 4826 * 4827 * LOCKING: 4828 * SCSI layer (we don't care) 4829 * 4830 * RETURNS: 4831 * Zero. 4832 */ 4833 int ata_scsi_user_scan(struct Scsi_Host *shost, unsigned int channel, 4834 unsigned int id, u64 lun) 4835 { 4836 struct ata_port *ap = ata_shost_to_port(shost); 4837 unsigned long flags; 4838 int devno, rc = 0; 4839 4840 if (!ap->ops->error_handler) 4841 return -EOPNOTSUPP; 4842 4843 if (lun != SCAN_WILD_CARD && lun) 4844 return -EINVAL; 4845 4846 if (!sata_pmp_attached(ap)) { 4847 if (channel != SCAN_WILD_CARD && channel) 4848 return -EINVAL; 4849 devno = id; 4850 } else { 4851 if (id != SCAN_WILD_CARD && id) 4852 return -EINVAL; 4853 devno = channel; 4854 } 4855 4856 spin_lock_irqsave(ap->lock, flags); 4857 4858 if (devno == SCAN_WILD_CARD) { 4859 struct ata_link *link; 4860 4861 ata_for_each_link(link, ap, EDGE) { 4862 struct ata_eh_info *ehi = &link->eh_info; 4863 ehi->probe_mask |= ATA_ALL_DEVICES; 4864 ehi->action |= ATA_EH_RESET; 4865 } 4866 } else { 4867 struct ata_device *dev = ata_find_dev(ap, devno); 4868 4869 if (dev) { 4870 struct ata_eh_info *ehi = &dev->link->eh_info; 4871 ehi->probe_mask |= 1 << dev->devno; 4872 ehi->action |= ATA_EH_RESET; 4873 } else 4874 rc = -EINVAL; 4875 } 4876 4877 if (rc == 0) { 4878 ata_port_schedule_eh(ap); 4879 spin_unlock_irqrestore(ap->lock, flags); 4880 ata_port_wait_eh(ap); 4881 } else 4882 spin_unlock_irqrestore(ap->lock, flags); 4883 4884 return rc; 4885 } 4886 4887 /** 4888 * ata_scsi_dev_rescan - initiate scsi_rescan_device() 4889 * @work: Pointer to ATA port to perform scsi_rescan_device() 4890 * 4891 * After ATA pass thru (SAT) commands are executed successfully, 4892 * libata need to propagate the changes to SCSI layer. 4893 * 4894 * LOCKING: 4895 * Kernel thread context (may sleep). 4896 */ 4897 void ata_scsi_dev_rescan(struct work_struct *work) 4898 { 4899 struct ata_port *ap = 4900 container_of(work, struct ata_port, scsi_rescan_task); 4901 struct ata_link *link; 4902 struct ata_device *dev; 4903 unsigned long flags; 4904 4905 mutex_lock(&ap->scsi_scan_mutex); 4906 spin_lock_irqsave(ap->lock, flags); 4907 4908 ata_for_each_link(link, ap, EDGE) { 4909 ata_for_each_dev(dev, link, ENABLED) { 4910 struct scsi_device *sdev = dev->sdev; 4911 4912 if (!sdev) 4913 continue; 4914 if (scsi_device_get(sdev)) 4915 continue; 4916 4917 spin_unlock_irqrestore(ap->lock, flags); 4918 scsi_rescan_device(&(sdev->sdev_gendev)); 4919 scsi_device_put(sdev); 4920 spin_lock_irqsave(ap->lock, flags); 4921 } 4922 } 4923 4924 spin_unlock_irqrestore(ap->lock, flags); 4925 mutex_unlock(&ap->scsi_scan_mutex); 4926 } 4927 4928 /** 4929 * ata_sas_port_alloc - Allocate port for a SAS attached SATA device 4930 * @host: ATA host container for all SAS ports 4931 * @port_info: Information from low-level host driver 4932 * @shost: SCSI host that the scsi device is attached to 4933 * 4934 * LOCKING: 4935 * PCI/etc. bus probe sem. 4936 * 4937 * RETURNS: 4938 * ata_port pointer on success / NULL on failure. 4939 */ 4940 4941 struct ata_port *ata_sas_port_alloc(struct ata_host *host, 4942 struct ata_port_info *port_info, 4943 struct Scsi_Host *shost) 4944 { 4945 struct ata_port *ap; 4946 4947 ap = ata_port_alloc(host); 4948 if (!ap) 4949 return NULL; 4950 4951 ap->port_no = 0; 4952 ap->lock = &host->lock; 4953 ap->pio_mask = port_info->pio_mask; 4954 ap->mwdma_mask = port_info->mwdma_mask; 4955 ap->udma_mask = port_info->udma_mask; 4956 ap->flags |= port_info->flags; 4957 ap->ops = port_info->port_ops; 4958 ap->cbl = ATA_CBL_SATA; 4959 4960 return ap; 4961 } 4962 EXPORT_SYMBOL_GPL(ata_sas_port_alloc); 4963 4964 /** 4965 * ata_sas_port_start - Set port up for dma. 4966 * @ap: Port to initialize 4967 * 4968 * Called just after data structures for each port are 4969 * initialized. 4970 * 4971 * May be used as the port_start() entry in ata_port_operations. 4972 * 4973 * LOCKING: 4974 * Inherited from caller. 4975 */ 4976 int ata_sas_port_start(struct ata_port *ap) 4977 { 4978 /* 4979 * the port is marked as frozen at allocation time, but if we don't 4980 * have new eh, we won't thaw it 4981 */ 4982 if (!ap->ops->error_handler) 4983 ap->pflags &= ~ATA_PFLAG_FROZEN; 4984 return 0; 4985 } 4986 EXPORT_SYMBOL_GPL(ata_sas_port_start); 4987 4988 /** 4989 * ata_port_stop - Undo ata_sas_port_start() 4990 * @ap: Port to shut down 4991 * 4992 * May be used as the port_stop() entry in ata_port_operations. 4993 * 4994 * LOCKING: 4995 * Inherited from caller. 4996 */ 4997 4998 void ata_sas_port_stop(struct ata_port *ap) 4999 { 5000 } 5001 EXPORT_SYMBOL_GPL(ata_sas_port_stop); 5002 5003 /** 5004 * ata_sas_async_probe - simply schedule probing and return 5005 * @ap: Port to probe 5006 * 5007 * For batch scheduling of probe for sas attached ata devices, assumes 5008 * the port has already been through ata_sas_port_init() 5009 */ 5010 void ata_sas_async_probe(struct ata_port *ap) 5011 { 5012 __ata_port_probe(ap); 5013 } 5014 EXPORT_SYMBOL_GPL(ata_sas_async_probe); 5015 5016 int ata_sas_sync_probe(struct ata_port *ap) 5017 { 5018 return ata_port_probe(ap); 5019 } 5020 EXPORT_SYMBOL_GPL(ata_sas_sync_probe); 5021 5022 5023 /** 5024 * ata_sas_port_init - Initialize a SATA device 5025 * @ap: SATA port to initialize 5026 * 5027 * LOCKING: 5028 * PCI/etc. bus probe sem. 5029 * 5030 * RETURNS: 5031 * Zero on success, non-zero on error. 5032 */ 5033 5034 int ata_sas_port_init(struct ata_port *ap) 5035 { 5036 int rc = ap->ops->port_start(ap); 5037 5038 if (rc) 5039 return rc; 5040 ap->print_id = atomic_inc_return(&ata_print_id); 5041 return 0; 5042 } 5043 EXPORT_SYMBOL_GPL(ata_sas_port_init); 5044 5045 /** 5046 * ata_sas_port_destroy - Destroy a SATA port allocated by ata_sas_port_alloc 5047 * @ap: SATA port to destroy 5048 * 5049 */ 5050 5051 void ata_sas_port_destroy(struct ata_port *ap) 5052 { 5053 if (ap->ops->port_stop) 5054 ap->ops->port_stop(ap); 5055 kfree(ap); 5056 } 5057 EXPORT_SYMBOL_GPL(ata_sas_port_destroy); 5058 5059 /** 5060 * ata_sas_slave_configure - Default slave_config routine for libata devices 5061 * @sdev: SCSI device to configure 5062 * @ap: ATA port to which SCSI device is attached 5063 * 5064 * RETURNS: 5065 * Zero. 5066 */ 5067 5068 int ata_sas_slave_configure(struct scsi_device *sdev, struct ata_port *ap) 5069 { 5070 ata_scsi_sdev_config(sdev); 5071 ata_scsi_dev_config(sdev, ap->link.device); 5072 return 0; 5073 } 5074 EXPORT_SYMBOL_GPL(ata_sas_slave_configure); 5075 5076 /** 5077 * ata_sas_queuecmd - Issue SCSI cdb to libata-managed device 5078 * @cmd: SCSI command to be sent 5079 * @ap: ATA port to which the command is being sent 5080 * 5081 * RETURNS: 5082 * Return value from __ata_scsi_queuecmd() if @cmd can be queued, 5083 * 0 otherwise. 5084 */ 5085 5086 int ata_sas_queuecmd(struct scsi_cmnd *cmd, struct ata_port *ap) 5087 { 5088 int rc = 0; 5089 5090 ata_scsi_dump_cdb(ap, cmd); 5091 5092 if (likely(ata_dev_enabled(ap->link.device))) 5093 rc = __ata_scsi_queuecmd(cmd, ap->link.device); 5094 else { 5095 cmd->result = (DID_BAD_TARGET << 16); 5096 cmd->scsi_done(cmd); 5097 } 5098 return rc; 5099 } 5100 EXPORT_SYMBOL_GPL(ata_sas_queuecmd); 5101 5102 int ata_sas_allocate_tag(struct ata_port *ap) 5103 { 5104 unsigned int max_queue = ap->host->n_tags; 5105 unsigned int i, tag; 5106 5107 for (i = 0, tag = ap->sas_last_tag + 1; i < max_queue; i++, tag++) { 5108 tag = tag < max_queue ? tag : 0; 5109 5110 /* the last tag is reserved for internal command. */ 5111 if (tag == ATA_TAG_INTERNAL) 5112 continue; 5113 5114 if (!test_and_set_bit(tag, &ap->sas_tag_allocated)) { 5115 ap->sas_last_tag = tag; 5116 return tag; 5117 } 5118 } 5119 return -1; 5120 } 5121 5122 void ata_sas_free_tag(unsigned int tag, struct ata_port *ap) 5123 { 5124 clear_bit(tag, &ap->sas_tag_allocated); 5125 } 5126